Re: [Xen-devel] [PATCH v6 COLO 12/15] COLO nic: implement COLO nic subkind
On 06/12/2015 10:35 PM, Wei Liu wrote: On Mon, Jun 08, 2015 at 11:45:56AM +0800, Yang Hongyang wrote: implement COLO nic subkind. Signed-off-by: Yang Hongyang yan...@cn.fujitsu.com Signed-off-by: Wen Congyang we...@cn.fujitsu.com --- tools/hotplug/Linux/Makefile | 1 + tools/hotplug/Linux/colo-proxy-setup | 131 +++ There are hardcoded paths in this script. Please avoid that. For one Debian has iptables under /sbin, not /usr/local/sbin. We are using a modified iptables here. But hardcode is not a good thing, will avoid this in the next version. Wei. . -- Thanks, Yang. ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH v6 COLO 12/15] COLO nic: implement COLO nic subkind
On Mon, Jun 08, 2015 at 11:45:56AM +0800, Yang Hongyang wrote: implement COLO nic subkind. Signed-off-by: Yang Hongyang yan...@cn.fujitsu.com Signed-off-by: Wen Congyang we...@cn.fujitsu.com --- tools/hotplug/Linux/Makefile | 1 + tools/hotplug/Linux/colo-proxy-setup | 131 +++ There are hardcoded paths in this script. Please avoid that. For one Debian has iptables under /sbin, not /usr/local/sbin. Wei. ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
[Xen-devel] [PATCH v6 COLO 12/15] COLO nic: implement COLO nic subkind
implement COLO nic subkind.
Signed-off-by: Yang Hongyang yan...@cn.fujitsu.com
Signed-off-by: Wen Congyang we...@cn.fujitsu.com
---
tools/hotplug/Linux/Makefile | 1 +
tools/hotplug/Linux/colo-proxy-setup | 131 +++
tools/libxl/Makefile | 1 +
tools/libxl/libxl_colo_nic.c | 317 +++
tools/libxl/libxl_internal.h | 5 +
tools/libxl/libxl_types.idl | 1 +
6 files changed, 456 insertions(+)
create mode 100755 tools/hotplug/Linux/colo-proxy-setup
create mode 100644 tools/libxl/libxl_colo_nic.c
diff --git a/tools/hotplug/Linux/Makefile b/tools/hotplug/Linux/Makefile
index d94a9cb..1c28bea 100644
--- a/tools/hotplug/Linux/Makefile
+++ b/tools/hotplug/Linux/Makefile
@@ -25,6 +25,7 @@ XEN_SCRIPTS += vscsi
XEN_SCRIPTS += block-iscsi
XEN_SCRIPTS += block-drbd-probe
XEN_SCRIPTS += $(XEN_SCRIPTS-y)
+XEN_SCRIPTS += colo-proxy-setup
SUBDIRS-$(CONFIG_SYSTEMD) += systemd
diff --git a/tools/hotplug/Linux/colo-proxy-setup
b/tools/hotplug/Linux/colo-proxy-setup
new file mode 100755
index 000..08a93de
--- /dev/null
+++ b/tools/hotplug/Linux/colo-proxy-setup
@@ -0,0 +1,131 @@
+#! /bin/bash
+
+dir=$(dirname $0)
+. $dir/xen-hotplug-common.sh
+. $dir/hotplugpath.sh
+. $dir/xen-network-ft.sh
+
+findCommand $@
+
+if [ $command != setup -a $command != teardown ]
+then
+echo Invalid command: $command
+log err Invalid command: $command
+exit 1
+fi
+
+evalVariables $@
+
+: ${vifname:?}
+: ${forwarddev:?}
+: ${mode:?}
+: ${index:?}
+: ${bridge:?}
+
+forwardbr=colobr0
+
+if [ $mode != primary -a $mode != secondary ]
+then
+echo Invalid mode: $mode
+log err Invalid mode: $mode
+exit 1
+fi
+
+if [ $index -lt 0 ] || [ $index -gt 100 ]; then
+echo index overflow
+exit 1
+fi
+
+function setup_primary()
+{
+do_without_error tc qdisc add dev $vifname root handle 1: prio
+do_without_error tc filter add dev $vifname parent 1: protocol ip prio 10 \
+u32 match u32 0 0 flowid 1:2 action mirred egress mirror dev
$forwarddev
+do_without_error tc filter add dev $vifname parent 1: protocol arp prio 11
\
+u32 match u32 0 0 flowid 1:2 action mirred egress mirror dev
$forwarddev
+do_without_error tc filter add dev $vifname parent 1: protocol ipv6 prio \
+12 u32 match u32 0 0 flowid 1:2 action mirred egress mirror \
+dev $forwarddev
+
+do_without_error modprobe nf_conntrack_ipv4
+do_without_error modprobe xt_PMYCOLO sec_dev=$forwarddev
+
+do_without_error /usr/local/sbin/iptables -t mangle -I PREROUTING -m
physdev --physdev-in \
+$vifname -j PMYCOLO --index $index
+do_without_error /usr/local/sbin/ip6tables -t mangle -I PREROUTING -m
physdev --physdev-in \
+$vifname -j PMYCOLO --index $index
+do_without_error /usr/local/sbin/arptables -I INPUT -i $forwarddev -j MARK
--set-mark $index
+}
+
+function teardown_primary()
+{
+do_without_error tc filter del dev $vifname parent 1: protocol ip prio 10
u32 match u32 \
+0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
+do_without_error tc filter del dev $vifname parent 1: protocol arp prio 11
u32 match u32 \
+0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
+do_without_error tc filter del dev $vifname parent 1: protocol ipv6 prio
12 u32 match u32 \
+0 0 flowid 1:2 action mirred egress mirror dev $forwarddev
+do_without_error tc qdisc del dev $vifname root handle 1: prio
+
+do_without_error /usr/local/sbin/iptables -t mangle -F
+do_without_error /usr/local/sbin/ip6tables -t mangle -F
+do_without_error /usr/local/sbin/arptables -F
+do_without_error rmmod xt_PMYCOLO
+}
+
+function setup_secondary()
+{
+do_without_error brctl delif $bridge $vifname
+do_without_error brctl addbr $forwardbr
+do_without_error brctl addif $forwardbr $vifname
+do_without_error brctl addif $forwardbr $forwarddev
+do_without_error modprobe xt_SECCOLO
+
+do_without_error /usr/local/sbin/iptables -t mangle -I PREROUTING -m
physdev --physdev-in \
+$vifname -j SECCOLO --index $index
+do_without_error /usr/local/sbin/ip6tables -t mangle -I PREROUTING -m
physdev --physdev-in \
+$vifname -j SECCOLO --index $index
+}
+
+function teardown_secondary()
+{
+do_without_error brctl delif $forwardbr $forwarddev
+do_without_error brctl delif $forwardbr $vifname
+do_without_error brctl delbr $forwardbr
+do_without_error brctl addif $bridge $vifname
+
+do_without_error /usr/local/sbin/iptables -t mangle -F
+do_without_error /usr/local/sbin/ip6tables -t mangle -F
+do_without_error rmmod xt_SECCOLO
+}
+
+case $command in
+setup)
+if [ $mode = primary ]
+then
+setup_primary
+else
+setup_secondary
+fi
+
+success
+;;
+teardown)
+if [ $mode = primary ]
+then
+
