From 5a1a2539145d42ec2cbe15ab6530148d021d18c8 Mon Sep 17 00:00:00 2001 From: PiBa-NL Date: Tue, 10 Feb 2015 00:15:40 +0100 Subject: haproxy-devel, fix carp check settings for pfSense 2.2 Conflicts: config/haproxy-devel/haproxy_global.php --- config/haproxy-devel/haproxy.inc | 20 ++++++++++++++++++-- config/haproxy-devel/haproxy_global.php | 26 ++++++-------------------- 2 files changed, 24 insertions(+), 22 deletions(-) diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc index fd4262a5..bc2b0ac8 100644 --- a/config/haproxy-devel/haproxy.inc +++ b/config/haproxy-devel/haproxy.inc @@ -1537,6 +1537,22 @@ function haproxy_plugin_certificates($pluginparams) { return $result; } +function haproxy_carpipismaster($ip) { + global $config; + foreach($config['virtualip']['vip'] as $carp) { + if ($carp['mode'] != "carp") + continue; + $ipaddress = $carp['subnet']; + if ($ipaddress != $ip) + continue; + + $carp_int = "{$carp['interface']}_vip{$carp['vhid']}"; + $status = get_carp_interface_status($carp_int); + return ($status == "MASTER"); + } + return null; +} + function haproxy_check_run($reload) { global $config, $g, $haproxy_run_message; @@ -1549,8 +1565,8 @@ function haproxy_check_run($reload) { if(isset($a_global['enable'])) { if (isset($a_global['carpdev'])) { - $status = get_carp_interface_status($a_global['carpdev']); - if ($status != "MASTER") { + $status = haproxy_carpipismaster($a_global['carpdev']); + if (!$status) { if (haproxy_is_running()) { log_error("Stopping haproxy on CARP backup."); //exec("/bin/pkill -F /var/run/haproxy.pid haproxy");//doesnt work for multiple pid's in a pidfile diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php index 60c2fd9d..978d778d 100755 --- a/config/haproxy-devel/haproxy_global.php +++ b/config/haproxy-devel/haproxy_global.php @@ -271,26 +271,12 @@ function enable_change(enable_change) { Carp monitor - + '', 'name' => 'Disabled'); + $vipinterfaces += haproxy_get_bindable_interfaces($ipv="ipv4,ipv6", $interfacetype="carp"); + echo_html_select('carpdev',$vipinterfaces, $pconfig['carpdev'],"No carp interfaces pressent"); + ?>
Monitor carp interface and only run haproxy on the firewall which is MASTER. -- cgit v1.2.3 From 5f8d58ffef12096558a0fb7a8b6a03f83a50bb06 Mon Sep 17 00:00:00 2001 From: PiBa-NL Date: Tue, 10 Feb 2015 01:16:37 +0100 Subject: haproxy-devel,bump 0.19, fixed carp monitoring and added conversion from old carp-monitor config --- config/haproxy-devel/haproxy.inc | 2 +- config/haproxy-devel/pkg/haproxy_upgrade_config.inc | 14 ++++++++++++++ pkg_config.10.xml | 2 +- pkg_config.8.xml | 2 +- pkg_config.8.xml.amd64 | 2 +- 5 files changed, 18 insertions(+), 4 deletions(-) diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc index bc2b0ac8..54cfb81b 100644 --- a/config/haproxy-devel/haproxy.inc +++ b/config/haproxy-devel/haproxy.inc @@ -472,7 +472,7 @@ function haproxy_install_cron($should_install) { $cron_item['month'] = "*"; $cron_item['wday'] = "*"; $cron_item['who'] = "root"; - $cron_item['command'] = "/usr/local/etc/rc.d/haproxy.sh check"; + $cron_item['command'] = "/usr/local/etc/rc.d/haproxy.sh onecheck"; $config['cron']['item'][] = $cron_item; parse_config(true); write_config("haproxy, install cron CARP job"); diff --git a/config/haproxy-devel/pkg/haproxy_upgrade_config.inc b/config/haproxy-devel/pkg/haproxy_upgrade_config.inc index 9c602457..c1c951df 100644 --- a/config/haproxy-devel/pkg/haproxy_upgrade_config.inc +++ b/config/haproxy-devel/pkg/haproxy_upgrade_config.inc @@ -179,6 +179,20 @@ function haproxy_upgrade_config() { } $configversion = "00.17"; } + if ($configversion < "00.19") { + update_output_window($static_output); + $carpint = $config['installedpackages']['haproxy']['carpdev']; + if (is_arrayset($config, 'virtualip', 'vip') && is_arrayset($config, 'installedpackages', 'haproxy')) { + foreach($config['virtualip']['vip'] as $carp) { + $carp_int = "{$carp['interface']}_vip{$carp['vhid']}"; + if ($carp_int == $carpint) { + $config['installedpackages']['haproxy']['carpdev'] = $carp['subnet']; + break; + } + } + } + $configversion = "00.19"; + } $writeconfigupdate = $config['installedpackages']['haproxy']['configversion'] <> $configversion; if ($writeconfigupdate) { diff --git a/pkg_config.10.xml b/pkg_config.10.xml index 3dcefea6..3d9ba67d 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -152,7 +152,7 @@ Supports ACLs for smart backend switching.]]> http://haproxy.1wt.eu/ Services - 1.5.9 pkg v 0.18 + 1.5.9 pkg v 0.19 Release 2.2 https://packages.pfsense.org/packages/config/haproxy-devel/haproxy.xml diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 9d574b48..7dbcec53 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -166,7 +166,7 @@ Supports ACLs for smart backend switching.]]> http://haproxy.1wt.eu/ Services - 1.5.3 pkg v 0.18 + 1.5.3 pkg v 0.19 Release 2.1 https://packages.pfsense.org/packages/config/haproxy-devel/haproxy.xml diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index e8f9f410..b1c00c26 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -153,7 +153,7 @@ Supports ACLs for smart backend switching.]]> http://haproxy.1wt.eu/ Services - 1.5.3 pkg v 0.18 + 1.5.3 pkg v 0.19 Release 2.1 https://packages.pfsense.org/packages/config/haproxy-devel/haproxy.xml -- cgit v1.2.3