| #!/bin/bash |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| |
| . /opt/cloud/bin/setup/common.sh |
| |
| check_reboot_vmware() { |
| if [ "$HYPERVISOR" != "vmware" ]; then |
| return |
| fi |
| |
| if [ -n "$MGMTNET" ]; then |
| MGMT_GW=$(echo $MGMTNET | awk -F "." '{print $1"."$2"."$3".1"}') |
| if ping -n -c 1 -W 3 $MGMT_GW &> /dev/null; then |
| log_it "Management gateway pingable, skipping VR reboot" |
| return |
| fi |
| fi |
| |
| log_it "Management gateway not pingable, rebooting VR" |
| sync |
| reboot |
| } |
| |
| setup_router() { |
| # To save router public interface and gw ip information |
| touch /var/cache/cloud/ifaceGwIp |
| |
| oldmd5= |
| [ -f "/etc/udev/rules.d/70-persistent-net.rules" ] && oldmd5=$(md5sum "/etc/udev/rules.d/70-persistent-net.rules" | awk '{print $1}') |
| |
| log_it "Checking udev NIC assignment order changes" |
| if [ "$NIC_MACS" != "" ] |
| then |
| init_interfaces_orderby_macs "$NIC_MACS" "/tmp/interfaces" "/tmp/udev-rules" |
| newmd5=$(md5sum "/tmp/udev-rules" | awk '{print $1}') |
| rm /tmp/interfaces |
| rm /tmp/udev-rules |
| |
| if [ "$oldmd5" != "$newmd5" ] |
| then |
| log_it "Reloading udev for new udev NIC assignment" |
| udevadm control --reload-rules && udevadm trigger |
| check_reboot_vmware |
| fi |
| fi |
| |
| setup_aesni |
| setup_dnsmasq |
| setup_apache2 $ETH0_IP |
| |
| sed -i /$NAME/d /etc/hosts |
| echo "$ETH0_IP $NAME" >> /etc/hosts |
| |
| enable_irqbalance 1 |
| disable_rpfilter_domR |
| enable_fwding 1 |
| enable_rpsrfs 1 |
| enable_passive_ftp 1 |
| restore_ipv6 |
| |
| # Only allow DNS service for current network |
| sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4 |
| sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4 |
| |
| # Setup hourly logrotate |
| if [ -f /etc/cron.daily/logrotate ]; then |
| mv -n /etc/cron.daily/logrotate /etc/cron.hourly 2>&1 |
| fi |
| |
| # As ACS is changing the file, the description will also change to make it clear that ACS is handling this. |
| sed -i "s#^Description=.*#Description=Cloudstack configuration time for rotation of log files#g" /usr/lib/systemd/system/logrotate.timer |
| sed -i "s#^OnCalendar=.*#OnCalendar=$LOGROTATE_FREQUENCY#g" /usr/lib/systemd/system/logrotate.timer |
| sed -i 's#^AccuracySec=.*#AccuracySec=5m#g' /usr/lib/systemd/system/logrotate.timer |
| |
| # reload daemon |
| /usr/bin/systemctl daemon-reload |
| |
| # Load modules to support NAT traversal in VR |
| modprobe nf_nat_pptp |
| } |
| |
| routing_svcs |
| if [ $? -gt 0 ] |
| then |
| log_it "Failed to execute routing_svcs" |
| exit 1 |
| fi |
| setup_router |
| . /opt/cloud/bin/setup/patch.sh && patch_router |