From 9d674d6d3a55b34418da525b63872cae3aa5eaa6 Mon Sep 17 00:00:00 2001 From: William Wernert Date: Mon, 4 Jan 2021 13:35:14 -0500 Subject: [PATCH] [feat] Add so-monitor-add script --- salt/common/tools/sbin/so-common | 47 ++++++++++++++++++ salt/common/tools/sbin/so-monitor-add | 7 +++ setup/so-functions | 69 +++++++-------------------- setup/so-setup | 12 ++--- 4 files changed, 76 insertions(+), 59 deletions(-) create mode 100644 salt/common/tools/sbin/so-monitor-add diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common index c71e9150c..a012f2ed9 100755 --- a/salt/common/tools/sbin/so-common +++ b/salt/common/tools/sbin/so-common @@ -21,6 +21,53 @@ if [ "$(id -u)" -ne 0 ]; then exit 1 fi +add_interface_bond0() { + local BNIC=$1 + if [[ -z $MTU ]]; then + local MTU + MTU=$(lookup_pillar "mtu" "sensor") + fi + local nic_error=0 + + # Check if specific offload features are able to be disabled + for string in "generic-segmentation-offload" "generic-receive-offload" "tcp-segmentation-offload"; do + if ethtool -k "$BNIC" | grep $string | grep -q "on [fixed]"; then + echo "The hardware or driver for interface ${BNIC} is not supported, packet capture may not work as expected." + ((nic_error++)) + break + fi + done + + for i in rx tx sg tso ufo gso gro lro; do + ethtool -K "$BNIC" $i off + done + # Check if the bond slave connection has already been created + nmcli -f name,uuid -p con | grep -q "bond0-slave-$BNIC" + local found_int=$? + + if [[ $found_int != 0 ]]; then + # Create the slave interface and assign it to the bond + nmcli con add type ethernet ifname "$BNIC" con-name "bond0-slave-$BNIC" master bond0 -- \ + ethernet.mtu "$MTU" \ + connection.autoconnect "yes" + else + local int_uuid + int_uuid=$(nmcli -f name,uuid -p con | sed -n "s/bond0-slave-$BNIC //p" | tr -d ' ') + + nmcli con mod "$int_uuid" \ + ethernet.mtu "$MTU" \ + connection.autoconnect "yes" + fi + + ip link set dev "$BNIC" arp off multicast off allmulticast off promisc on + + nmcli con up "bond0-slave-$BNIC" # Bring the slave interface up + + if [ "$nic_error" != 0 ]; then + return "$nic_error" + fi +} + # Define a banner to separate sections banner="=========================================================================" diff --git a/salt/common/tools/sbin/so-monitor-add b/salt/common/tools/sbin/so-monitor-add new file mode 100644 index 000000000..7eb100ee8 --- /dev/null +++ b/salt/common/tools/sbin/so-monitor-add @@ -0,0 +1,7 @@ +#!/bin/bash + +. /usr/sbin/so-common + +set -e + +add_interface_bond0 "$1" diff --git a/setup/so-functions b/setup/so-functions index d0e502941..402afa298 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -572,31 +572,27 @@ compare_versions() { configure_network_sensor() { echo "Setting up sensor interface" >> "$setup_log" 2>&1 - local nic_error=0 - - # Set the MTU - if [[ $NSMSETUP != 'ADVANCED' ]]; then - if [[ $is_cloud ]]; then MTU=1575; else MTU=1500; fi - fi if [[ $is_cloud ]]; then INTERFACE=${BNICS[0]} - local nmcli_con_arg="type ethernet" + local nmcli_con_args=( "type" "ethernet" ) else INTERFACE='bond0' - local nmcli_con_arg="type bond mode 0" + local nmcli_con_args=( "type" "bond" "mode" "0" ) fi + local MTU + MTU=$(lookup_pillar "mtu" "sensor") + # Create the bond interface only if it doesn't already exist - nmcli -f name,uuid -p con | grep -q "$INTERFACE" >> "$setup_log" 2>&1 local found_int=$? if [[ $found_int != 0 ]]; then - nmcli con add ifname "$INTERFACE" con-name "$INTERFACE" $nmcli_con_arg -- \ + nmcli con add ifname "$INTERFACE" con-name "$INTERFACE" "${nmcli_con_args[@]}" -- \ ipv4.method disabled \ ipv6.method ignore \ - ethernet.mtu $MTU \ + ethernet.mtu "$MTU" \ connection.autoconnect "yes" >> "$setup_log" 2>&1 else local int_uuid @@ -605,53 +601,14 @@ configure_network_sensor() { nmcli con mod "$int_uuid" \ ipv4.method disabled \ ipv6.method ignore \ - ethernet.mtu $MTU \ + ethernet.mtu "$MTU" \ connection.autoconnect "yes" >> "$setup_log" 2>&1 fi for BNIC in "${BNICS[@]}"; do - # Check if specific offload features are able to be disabled - for string in "generic-segmentation-offload" "generic-receive-offload" "tcp-segmentation-offload"; do - if ethtool -k "$BNIC" | grep $string | grep -q "on [fixed]"; then - echo "The hardware or driver for interface ${BNIC} is not supported, packet capture may not work as expected." >> "$setup_log" 2>&1 - nic_error=1 - break - fi - done - - # Turn off various offloading settings for the interface - for i in rx tx sg tso ufo gso gro lro; do - ethtool -K "$BNIC" $i off >> "$setup_log" 2>&1 - done - - if [[ $is_cloud ]]; then - nmcli con up "$BNIC" >> "$setup_log" 2>&1 - else - # Check if the bond slave connection has already been created - nmcli -f name,uuid -p con | grep -q "bond0-slave-$BNIC" >> "$setup_log" 2>&1 - local found_int=$? - - if [[ $found_int != 0 ]]; then - # Create the slave interface and assign it to the bond - nmcli con add type ethernet ifname "$BNIC" con-name "bond0-slave-$BNIC" master bond0 -- \ - ethernet.mtu $MTU \ - connection.autoconnect "yes" >> "$setup_log" 2>&1 - else - local int_uuid - int_uuid=$(nmcli -f name,uuid -p con | sed -n "s/bond0-slave-$BNIC //p" | tr -d ' ') - - nmcli con mod "$int_uuid" \ - ethernet.mtu $MTU \ - connection.autoconnect "yes" >> "$setup_log" 2>&1 - fi - - nmcli con up "bond0-slave-$BNIC" >> "$setup_log" 2>&1 # Bring the slave interface up - fi + add_interface_bond0 "$BNIC" >> "$setup_log" 2>&1 + return $? done - - if [ $nic_error != 0 ]; then - return 1 - fi } copy_salt_master_config() { @@ -1980,6 +1937,11 @@ sensor_pillar() { local pillar_file=$temp_install_dir/pillar/minions/$MINION_ID.sls + # Set the MTU + if [[ $NSMSETUP != 'ADVANCED' ]]; then + if [[ $is_cloud ]]; then MTU=1575; else MTU=1500; fi + fi + # Create the sensor pillar printf '%s\n'\ "sensor:"\ @@ -2012,6 +1974,7 @@ sensor_pillar() { if [ "$HNSENSOR" != 'inherit' ]; then echo " hnsensor: $HNSENSOR" >> "$pillar_file" fi + } set_default_log_size() { diff --git a/setup/so-setup b/setup/so-setup index 686ae52e6..c792dbc55 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -559,19 +559,19 @@ set_redirect >> $setup_log 2>&1 set_progress_str 2 'Updating packages' update_packages >> $setup_log 2>&1 - if [[ $is_sensor || $is_helix ]]; then - set_progress_str 3 'Configuring sensor interface' - configure_network_sensor >> $setup_log 2>&1 - fi - if [[ $is_sensor || $is_helix || $is_import ]]; then - set_progress_str 4 'Generating sensor pillar' + set_progress_str 3 'Generating sensor pillar' sensor_pillar >> $setup_log 2>&1 if [[ $is_sensor || $is_helix ]]; then steno_pillar >> $setup_log fi fi + if [[ $is_sensor || $is_helix ]]; then + set_progress_str 4 'Configuring sensor interface' + configure_network_sensor >> $setup_log 2>&1 + fi + set_progress_str 5 'Installing Salt and dependencies' saltify 2>> $setup_log