diff --git a/core/src/main/java/com/cloud/agent/api/routing/NetworkElementCommand.java b/core/src/main/java/com/cloud/agent/api/routing/NetworkElementCommand.java index de3843e2b837..9b70bed0cf6b 100644 --- a/core/src/main/java/com/cloud/agent/api/routing/NetworkElementCommand.java +++ b/core/src/main/java/com/cloud/agent/api/routing/NetworkElementCommand.java @@ -39,6 +39,7 @@ public abstract class NetworkElementCommand extends Command { public static final String VPC_PRIVATE_GATEWAY = "vpc.gateway.private"; public static final String FIREWALL_EGRESS_DEFAULT = "firewall.egress.default"; public static final String NETWORK_PUB_LAST_IP = "network.public.last.ip"; + public static final String IS_VPC = "is.vpc"; private String routerAccessIp; diff --git a/core/src/main/java/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java b/core/src/main/java/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java index 839f34ac658d..e02abedaa20c 100644 --- a/core/src/main/java/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java +++ b/core/src/main/java/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java @@ -312,6 +312,7 @@ private GetRouterMonitorResultsAnswer parseLinesForHealthChecks(GetRouterMonitor private GetRouterMonitorResultsAnswer execute(GetRouterMonitorResultsCommand cmd) { String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP); String args = cmd.shouldPerformFreshChecks() ? "true" : "false"; + args = args + (" " + cmd.getAccessDetail(NetworkElementCommand.IS_VPC)); s_logger.info("Fetching health check result for " + routerIp + " and executing fresh checks: " + args); ExecutionResult result = _vrDeployer.executeInVR(routerIp, VRScripts.ROUTER_MONITOR_RESULTS, args); diff --git a/server/src/main/java/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/main/java/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java index 65d6b85d66d4..38b77c5c8dad 100644 --- a/server/src/main/java/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java +++ b/server/src/main/java/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java @@ -1540,11 +1540,13 @@ private GetRouterMonitorResultsAnswer fetchAndUpdateRouterHealthChecks(DomainRou return null; } + Long vpcId = router.getVpcId(); String controlIP = getRouterControlIP(router); if (StringUtils.isNotBlank(controlIP) && !controlIP.equals("0.0.0.0")) { final GetRouterMonitorResultsCommand command = new GetRouterMonitorResultsCommand(performFreshChecks); command.setAccessDetail(NetworkElementCommand.ROUTER_IP, controlIP); command.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName()); + command.setAccessDetail(NetworkElementCommand.IS_VPC, ( vpcId != null ? "true" : "false")); try { final Answer answer = _agentMgr.easySend(router.getHostId(), command); diff --git a/systemvm/debian/opt/cloud/bin/cs/CsMonitor.py b/systemvm/debian/opt/cloud/bin/cs/CsMonitor.py index 5a0ff5b114c4..68e3a770f54c 100755 --- a/systemvm/debian/opt/cloud/bin/cs/CsMonitor.py +++ b/systemvm/debian/opt/cloud/bin/cs/CsMonitor.py @@ -16,6 +16,7 @@ # under the License. import logging from cs.CsDatabag import CsDataBag +from cs.CsConfig import CsConfig from CsFile import CsFile import json @@ -45,6 +46,8 @@ def setupMonitorConfigFile(self): file.commit() def setupHealthCheckCronJobs(self): + config = CsConfig() + is_vpc = str(config.is_vpc()).lower() cron_rep_basic = self.get_basic_check_interval() cron_rep_advanced = self.get_advanced_check_interval() cron = CsFile("/etc/cron.d/process") @@ -52,9 +55,9 @@ def setupHealthCheckCronJobs(self): cron.add("SHELL=/bin/bash", 0) cron.add("PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) if cron_rep_basic > 0: - cron.add("*/" + str(cron_rep_basic) + " * * * * root /usr/bin/python /root/monitorServices.py basic", -1) + cron.add("*/" + str(cron_rep_basic) + " * * * * root /usr/bin/python /root/monitorServices.py " + is_vpc + " basic", -1) if cron_rep_advanced > 0: - cron.add("*/" + str(cron_rep_advanced) + " * * * * root /usr/bin/python /root/monitorServices.py advanced", -1) + cron.add("*/" + str(cron_rep_advanced) + " * * * * root /usr/bin/python /root/monitorServices.py " + is_vpc + " advanced", -1) cron.commit() def setupHealthChecksConfigFile(self): diff --git a/systemvm/debian/opt/cloud/bin/getRouterMonitorResults.sh b/systemvm/debian/opt/cloud/bin/getRouterMonitorResults.sh index bdc709d265f4..20987b04d44a 100755 --- a/systemvm/debian/opt/cloud/bin/getRouterMonitorResults.sh +++ b/systemvm/debian/opt/cloud/bin/getRouterMonitorResults.sh @@ -20,7 +20,7 @@ if [ "$1" == "true" ] then - python /root/monitorServices.py > /dev/null + python /root/monitorServices.py $2 > /dev/null fi printf "FAILING CHECKS:\n" diff --git a/systemvm/debian/root/health_checks/iptables_check.py b/systemvm/debian/root/health_checks/iptables_check.py index 2f3dc5026723..c785128aa852 100644 --- a/systemvm/debian/root/health_checks/iptables_check.py +++ b/systemvm/debian/root/health_checks/iptables_check.py @@ -21,13 +21,17 @@ from utility import getHealthChecksData, formatPort -def main(): +def main(isVpcRouter): portForwards = getHealthChecksData("portForwarding") if portForwards is None or len(portForwards) == 0: print "No portforwarding rules provided to check, skipping" exit(0) failedCheck = False + algorithms = [["PREROUTING", "--to-destination"], + ["OUTPUT", "--to-destination"]] + if isVpcRouter == 'true': + algorithms.extend([["POSTROUTING", "--to-source"]]) failureMessage = "Missing port forwarding rules in Iptables-\n " for portForward in portForwards: entriesExpected = [] @@ -35,9 +39,7 @@ def main(): srcIpText = "-d " + portForward["sourceIp"] srcPortText = "--dport " + formatPort(portForward["sourcePortStart"], portForward["sourcePortEnd"], ":") dstText = destIp + ":" + formatPort(portForward["destPortStart"], portForward["destPortEnd"], "-") - for algo in [["PREROUTING", "--to-destination"], - ["OUTPUT", "--to-destination"], - ["POSTROUTING", "--to-source"]]: + for algo in algorithms: entriesExpected.append([algo[0], srcIpText, srcPortText, algo[1] + " " + dstText]) fetchIpTableEntriesCmd = "iptables-save | grep " + destIp @@ -77,5 +79,5 @@ def main(): if __name__ == "__main__": - if len(sys.argv) == 2 and sys.argv[1] == "advanced": - main() + if len(sys.argv) == 3 and sys.argv[1] == "advanced": + main(sys.argv[2]) diff --git a/systemvm/debian/root/monitorServices.py b/systemvm/debian/root/monitorServices.py index 909e419c1801..5b0bc4d1f402 100755 --- a/systemvm/debian/root/monitorServices.py +++ b/systemvm/debian/root/monitorServices.py @@ -289,9 +289,11 @@ def monitProcess( processes_info ): return service_status, failing_services -def execute(script, checkType = "basic"): +def execute(script, isVpcRouter, checkType = "basic"): checkStartTime = time.time() cmd = "./" + script + " " + checkType + if script == Config.HEALTH_CHECKS_DIR+"/iptables_check.py": + cmd += " "+isVpcRouter printd ("Executing health check script command: " + cmd) pout = Popen(cmd, shell=True, stdout=PIPE) @@ -318,7 +320,7 @@ def execute(script, checkType = "basic"): "message": output } -def main(checkType = "basic"): +def main(isVpcRouter, checkType = "basic"): startTime = time.time() ''' Step1 : Get Services Config @@ -346,7 +348,7 @@ def main(checkType = "basic"): continue fpath = path.join(Config.HEALTH_CHECKS_DIR, f) if path.isfile(fpath) and os.access(fpath, os.X_OK): - ret = execute(fpath, checkType) + ret = execute(fpath, isVpcRouter, checkType) if len(ret) == 0: continue if "success" in ret and ret["success"].lower() == "false": @@ -380,13 +382,14 @@ def main(checkType = "basic"): if __name__ == "__main__": checkType = "basic" - if len(sys.argv) == 2: - if sys.argv[1] == "advanced": - main("advanced") - elif sys.argv[1] == "basic": - main("basic") + isVpcRouter = sys.argv[1] + if len(sys.argv) == 3: + if sys.argv[2] == "advanced": + main(isVpcRouter, "advanced") + elif sys.argv[2] == "basic": + main(isVpcRouter, "basic") else: - printd("Error: Unknown type of test: " + sys.argv) + printd("Error: Unknown type of test: " + ' '.join(map(str, sys.argv))) else: - main("basic") - main("advanced") + main(isVpcRouter, "basic") + main(isVpcRouter, "advanced")