khosrow / lvsm Goto Github PK
View Code? Open in Web Editor NEWLVS Manager - a shell to manage LVS (ipvs) and iptables on a Linux server
Home Page: http://code.khosrow.ca/lvsm
License: MIT License
LVS Manager - a shell to manage LVS (ipvs) and iptables on a Linux server
Home Page: http://code.khosrow.ca/lvsm
License: MIT License
Program assumes SVN even if files are not under version control. This leads to warnings when quitting.
Script should be run on first install to setup a git repo to manage various configs in one place. This should be an optional thing.
Probably easiest to keep all the config files under /etc/lvsm
or something. Then commit the whole repo to a local git.
Possible way to set it up:
git init /etc/lvsm
git add <files>
git commit
git clone node1:/etc/lvsm -o node1
Locally: git commit <file>
Remotely: ssh node2; git pull node1 master
easiest way is probably to use "svn status"
Fix requires matching the output of firewall with the given port.
snimpy
will allow these commands to be run using SNMP.
If a VIP is disabled, it should be disabled on all nodes of the cluster (if possible). Same for enabling.
The following methods currently only return pass
and should be fixed:
show_real_disabled
check_real
Maybe just reload
to reload both the director and firewall settings.
Needs to be looked into.
keepalived
may provide it with SNMPldirector
and generic
case will be more trickyif the result of svn status
is blank, we get an exception.
self.do_exit(line)
File "/usr/local/lib/python2.7/dist-packages/lvsm/lvsm.py", line 45, in do_exit
if result[0] == "M":
IndexError: string index out of range
This will enable users to hook into their own config management if they need to.
Requires an override of emptyline()
method
Code:
if hostport in f:
Example:
If we have host=192.168.1.10
port=80
giving hostport=192.168.1.10:80
, the following hosts will also be enabled: 192.168.1.10:8080
, 192.168.1.10:8000
The logic needs to be fixed.
Modify the show virtual
command to also display iptables rules related to the VIP - if it exists.
possilbe output:
lvsm(status)# show virtual tcp www.example.com http
TCP www.example.com:http rr
-> fe01.example.com:http Masq 1 0 0
-> fe02.example.com:http Masq 1 0 0
ACCEPT tcp -- anywhere www.example.com tcp dpt:http
In the configure
mode, add ability to open/close ports and add/remove nat rules using command line.
The function should only return the requested VIP and not other matches.
Feature existed in the 0.4 series. Available commands should be
show <real> <ip>
And maybe:
enable <real> <ip>
disable <real> <ip>
ex: enable real|virutal <host> [<port>]
Add new config items that clearly define the commands to restart firewall and director. The commands can be run from the top level mode or within status mode.
In Ubuntu 12.04 the following command will return a Memory allocation problem
error (where the address used is not configured in ipvsadm)
$ ipvsadm -L -t 192.168.1.202:80
Capture this error and show the user something meaningful.
Code needs to be reviewed.
In lvs.py
remove the imports from the top of the file, and only load the appropriate module when the type of director is decided.
maintenance_dir
When user runs enable
or disable
there should be a check to make sure the RIP is in the ipvs configured servers. If not, it should return an error.
If a user has created a $MAINTENANCE/hostname:port
by hand, and then lvsm is invoked to enalbe the RIP using
status enable real hostname port
It fails, since it will not translate the filename back to IP and make the match.
the current status show firewall
command only shows the FILTER table in iptables. Would be useful to also display the NAT table.
The ldirectord parser should see if maintenance_dir
is defined in ldirectord.conf and use it.
This function can be removed and it's code put in the modules directly. If not, after catching exceptions the calling function will proceed normally and cause other exceptions.
the following call fails (line 197)
ripportname = socket.getservbyport(int(ripport))
since socket will throw a socket.error
exception.
Might be good to check for similar instances as well.
using the --version
flag will display the version number but will also launch the application. Instead the application should just return.
Use available python libs to do colored text inside lvsm.
Because the new "show" function shows the disabled real servers, it breaks the ok/fail indicator when doing enable/disable.
This way user can have some feed back.
Look at genericdirector.py line 64
git_remote
will be used by the git code to do a git pull <remote> master
. Currently it's hardcoded.
If user enters
show virtual tcp foo http
but foo
actually resolves to foo.example.com
, firewall.show_virtual will not match it.
In lvsdirector.py
If port number is not provided all VIPs with the matching IP should be displayed.
In the case of ldirectord this comment can be store in the file in the maintenance_dir
and can be displayed using the show real
command.
Currently doing the naive parsing approach. This can be improved with pyparsing.
If host is disabled as host:port
and enable is issued with host
only, it fails.
These functions accept both hostnames and ip and numeric and named ports
All should be translated to numeric internally before doing the work.
Make the output more readable by adding colour to all the VIPs in the ipvsadm
output. Do the same for iptables
.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.