1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
#!/bin/bash
#
# ConVirt - Copyright (c) 2008 Convirture Corp.
# ======
#
# ConVirt is a Virtualization management tool with a graphical user
# interface that allows for performing the standard set of VM operations
# (start, stop, pause, kill, shutdown, reboot, snapshot, etc...). It
# also attempts to simplify various aspects of VM lifecycle management.
#
#
# This software is subject to the GNU General Public License, Version 2 (GPLv2)
# and for details, please consult it at:
#
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
#
#
# author : Jd <jd_jedi@users.sourceforge.net>
#
# Distribution and version specific code can go here.
# Assume that common functions are included
# Assme the DIST and the VER to be set here.
# open firewall port and make the change persistent.
open_ports()
{
ports="$*"
ret=0
for p in $ports
do
iptables -D INPUT -m state --state NEW -p tcp --dport $p -j ACCEPT 2> /dev/null
iptables -I INPUT -m state --state NEW -p tcp --dport $p -j ACCEPT
if [ "$?" == "0" ]; then
echo "Opened firewall port $p"
else
echo "Error opening firewall for port $p"
ret=1
fi
done
save_output=`service iptables save`
if [ "$?" != "0" ]; then
echo "Error saving firwall rules. ($save_output)"
ret=1
else
echo "$save_output"
echo "Firewall rules saved successfully."
fi
restart_output=`service iptables restart`
if [ "$?" != "0" ]; then
echo "Error restarting firwall. ($restart_output)"
ret=1
else
echo "$restart_output"
echo "Firewall restarted successfully."
fi
return $ret
}
# update the network service
setup_nw_svc()
{
chkconfig --add convirt-nw
chkconfig convirt-nw on
return 0
}
# setup bridge for KVM on Fedor/RHEL/CentOS flavors
setup_public_bridge_for_kvm() {
# Iterate through interfaces
PHY_IFACES=`get_physical_interfaces`
for iface in $PHY_IFACES
do
index=`echo $iface | sed 's/^[^0-9]*//'`
bridgeName=br$index
CHANGED="F"
# create a backup file so people can restore easily
NW_FILE="/etc/sysconfig/network-scripts/ifcfg-$iface"
BACKUP_FILE="/etc/sysconfig/network-scripts/saved.ifcfg-${iface}.`date +"%Y%m%d.%H%M%S"`"
# check if the interface is not already part of some other
# bridge
grep "^BRIDGE=" $NW_FILE >/dev/null 2>/dev/null
if [ $? == 0 ]; then
echo "interface $iface already part of bridge. skiping it"
continue
fi
BRIDGE_FILE=/etc/sysconfig/network-scripts/ifcfg-$bridgeName
if [ ! -e $BRIDGE_FILE ]; then
CHANGED="T"
# make backup of the network file
cp $NW_FILE $BACKUP_FILE
sed -e "s/$iface/$bridgeName/" $NW_FILE | grep -v "TYPE=" | grep -v "^DHCP" | grep -v "HWADDR" > $BRIDGE_FILE
echo "TYPE=Bridge" >> $BRIDGE_FILE
sed -i "
s/^BOOTPROTO/#BOOTPROTO/
s/^BROADCAST/#BROADCAST/
s/^IPADDR=/#IPADDR/
s/^NETMASK=/#NETMASK/
s/^NETWORK=/#NETWORK/
" $NW_FILE
echo "BRIDGE=$bridgeName" >> $NW_FILE
mkdir -p /etc/kvm
sed "{s/SWITCH_NAME/$bridgeName/} " < ${common_scripts}/qemubridge-ifup > /etc/kvm/qemu-ifup-${bridgeName}
chmod 744 /etc/kvm/qemu-ifup-${bridgeName}
fi
done
if [ "$CHANGED" == "T" ]; then
enable_ip_forward
restart_network
fi
}
|
