rpm/keepalived
SHA256
1
0
Fork 0
forked from pool/keepalived
Code Pull Requests Activity

Accepting request 563827 from home:lrupp:branches:network

Browse Source 
- update to 1.4.0
  * Add Linux build and runtime versions to -v output.
  * Log kernel version and build kernel version to log at startup.
  * Don't sleep for 1 send when exiting vrrp process if no vrrp instances.
  * With large configurations the syslog can get flooded and drop output.
    This commit adds options to not log to syslog, and also to log all
    output to files.
  * Add option to only flush log files before forking.
  * Don't poll netlink for all interfaces each time add a VMAC.
    We can poll for the individual interface details which significantly
    reduces what we have to process.
  * Print interface details in keepalived.data output.
  * Add high performace child finder code.
    The code to find the relevant thread to execute afer a child process
    (either a vrrp track script or a misc_check healthchecker) was doing
    a linear search for the matching pid, which if there are a large number
    of child processes running could become time consuming.
    The code now will enable high performance child finding, based on using
    mlists hashed by the pid, if there are 32 or more vrrp track scripts or
    misc check healthcheckers. The size of the mlist is based on the number
    of scripts, with a limit of 256.
  * Improve high performance child termination timeout code.
  * Preserve filename in script path name resolution.
    Some executables change their behaviour depending on the name by
    which they are invoked (e.g. /usr/sbin/pidof when it is a link to
    /usr/sbin/killall5). Using realpath() changes the file name part
    if it is a symbolic link. This commit resolves all symbolic links
    to directories, but leaves the file name part unaltered. It then
    checks the security of both the path to the link and the path to
    the real file.

OBS-URL: https://build.opensuse.org/request/show/563827
OBS-URL: https://build.opensuse.org/package/show/network/keepalived?expand=0&rev=38
This commit is contained in:
Dirk Mueller 2018-01-15 15:17:04 +00:00 committed by Git OBS Bridge
parent c9e3f60abb
commit 7302425093
6 changed files with 108 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
keepalive-init.patch
View File

@ -1,10 +1,10 @@
Index: keepalived/etc/init.d/keepalived.suse.init.in Index: keepalived-1.4.0/keepalived/etc/init.d/keepalived.suse.init.in
=================================================================== ===================================================================
--- keepalived/etc/init.d/keepalived.suse.init.in --- keepalived-1.4.0.orig/keepalived/etc/init.d/keepalived.suse.init.in
+++ keepalived/etc/init.d/keepalived.suse.init.in +++ keepalived-1.4.0/keepalived/etc/init.d/keepalived.suse.init.in
@@ -1,23 +1,23 @@ @@ -1,23 +1,23 @@
#! /bin/sh #! /bin/sh
### BEGIN INIT INFO ### BEGIN INIT INFO
-# Provides: keepalived -# Provides: keepalived
+# Provides: keepalived +# Provides: keepalived
@ -20,8 +20,8 @@ Index: keepalived/etc/init.d/keepalived.suse.init.in
+# Short-Description: Start keepalived to manage IPVS & LVS +# Short-Description: Start keepalived to manage IPVS & LVS
+# Description: Start keepalived to manage IPVS & LVS +# Description: Start keepalived to manage IPVS & LVS
### END INIT INFO ### END INIT INFO
-DAEMON="Keepalived daemon" -DAEMON="Keepalived daemon"
-DAEMON_BIN="@sbindir@/keepalived" -DAEMON_BIN="@sbindir@/keepalived"
-DAEMON_CONF="@sysconfdir@/keepalived/keepalived.conf" -DAEMON_CONF="@sysconfdir@/keepalived/keepalived.conf"
@ -37,10 +37,10 @@ Index: keepalived/etc/init.d/keepalived.suse.init.in
+SUPPORTS_HUP='yes' +SUPPORTS_HUP='yes'
# PidFile @localstatedir@/run/keepalived.pid # PidFile @localstatedir@/run/keepalived.pid
# DatabaseOwner root # DatabaseOwner root
@@ -25,6 +25,18 @@ pid_par=${DAEMON_PIDFILE:+"-p $DAEMON_PIDFILE"} @@ -25,6 +25,18 @@ pid_par=${DAEMON_PIDFILE:+"-p $DAEMON_PI
usr_par=${DAEMON_USER:+"-u $DAEMON_USER"} usr_par=${DAEMON_USER:+"-u $DAEMON_USER"}
test -x $DAEMON_BIN || exit 5 test -x $DAEMON_BIN || exit 5
+test -x $DAEMON_BIN || { echo "$DAEMON_BIN not installed or executable"; +test -x $DAEMON_BIN || { echo "$DAEMON_BIN not installed or executable";
+ if [ "$1" = "stop" ]; then exit 0; + if [ "$1" = "stop" ]; then exit 0;
@ -54,12 +54,12 @@ Index: keepalived/etc/init.d/keepalived.suse.init.in
+if [ -r "$DAEMON_SYSCONF" ]; then +if [ -r "$DAEMON_SYSCONF" ]; then
+ . "$DAEMON_SYSCONF" + . "$DAEMON_SYSCONF"
+fi +fi
# Shell functions sourced from /etc/rc.status: # Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status # rc_check check and set local and overall rc status
@@ -60,71 +72,70 @@ rc_reset @@ -60,71 +72,70 @@ rc_reset
test -e $DAEMON_PIDFILE && ! test -s $DAEMON_PIDFILE && rm $DAEMON_PIDFILE test -e $DAEMON_PIDFILE && ! test -s $DAEMON_PIDFILE && rm $DAEMON_PIDFILE
case "$1" in case "$1" in
- start) - start)
- echo -n "Starting $DAEMON " - echo -n "Starting $DAEMON "

3
keepalived-1.3.9.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d5bdd25530acf60989222fd92fbfd596e06ecc356a820f4c1015708b76a8d4f3
size 719886

3
keepalived-1.4.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:463b26c134101c57c05a65ac2853a757b922878876b2a9539118de1697c98a01
size 731936

55
keepalived.changes
View File

@ -1,3 +1,58 @@
-------------------------------------------------------------------
Fri Jan 12 08:53:51 UTC 2018 - lars@linux-schulserver.de
- update to 1.4.0
* Add Linux build and runtime versions to -v output.
* Log kernel version and build kernel version to log at startup.
* Don't sleep for 1 send when exiting vrrp process if no vrrp instances.
* With large configurations the syslog can get flooded and drop output.
This commit adds options to not log to syslog, and also to log all
output to files.
* Add option to only flush log files before forking.
* Don't poll netlink for all interfaces each time add a VMAC.
We can poll for the individual interface details which significantly
reduces what we have to process.
* Print interface details in keepalived.data output.
* Add high performace child finder code.
The code to find the relevant thread to execute afer a child process
(either a vrrp track script or a misc_check healthchecker) was doing
a linear search for the matching pid, which if there are a large number
of child processes running could become time consuming.
The code now will enable high performance child finding, based on using
mlists hashed by the pid, if there are 32 or more vrrp track scripts or
misc check healthcheckers. The size of the mlist is based on the number
of scripts, with a limit of 256.
* Improve high performance child termination timeout code.
* Preserve filename in script path name resolution.
Some executables change their behaviour depending on the name by
which they are invoked (e.g. /usr/sbin/pidof when it is a link to
/usr/sbin/killall5). Using realpath() changes the file name part
if it is a symbolic link. This commit resolves all symbolic links
to directories, but leaves the file name part unaltered. It then
checks the security of both the path to the link and the path to
the real file.
* Handle scripts names that are symbolic links properly.
* Fix some RFC SNMP issues.
* Fix removing left-over addresses if keepalived aborts.
* Update openssl use to stop using deprecated functions
openssl from version 1.1 deprecated certain functions that keepalived
was using. This commit ceases using those functions if the version
of openssl is >= 1.1.
* Allow sync groups with only 1 member, but issue a warning.
* Add replaceable parameters in configuration files.
* Add multiline configuration definitions.
* Fix keepalived.conf(5) man page.
* Suppress error message when removing leftover addresses at startup.
=> find more changes at /usr/share/doc/packages/keepalived/
- rebase keepalive-init.patch
- use upstream systemd service file instead providing an own one
=> removed keepalived.service
- remove executable bit from samples in docdir
- check that LVS support is enabled
- optionally enable dump configuration and stats as JSON (via bcond)
=> BuildRequire libjson-c-devel
- restrict /etc/keepalived permissions to root
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Nov 27 11:26:58 UTC 2017 - jengelh@inai.de Mon Nov 27 11:26:58 UTC 2017 - jengelh@inai.de

13
keepalived.service
View File

@ -1,13 +0,0 @@
[Unit]
Description=LVS and VRRP High Availability Monitor
After=syslog.target network.target
[Service]
Type=forking
KillMode=process
EnvironmentFile=-/etc/sysconfig/keepalived
ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target

60
keepalived.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package keepalived # spec file for package keepalived
# #
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -27,19 +27,22 @@
%bcond_with systemd %bcond_with systemd
%endif %endif
%bcond_with dbus %bcond_with dbus
%bcond_with json
Name: keepalived Name: keepalived
Version: 1.3.9 Version: 1.4.0
Release: 0 Release: 0
Summary: A keepalive facility for Linux Summary: A keepalive facility for Linux
License: GPL-2.0+ License: GPL-2.0+
Group: Productivity/Networking/Routing Group: Productivity/Networking/Routing
Url: http://www.keepalived.org/ Url: http://www.keepalived.org/
Source: http://www.keepalived.org/software/keepalived-%{version}.tar.gz Source: %{name}-%{version}.tar.gz
Source1: keepalived.service
Source2: keepalive-rpmlintrc Source2: keepalive-rpmlintrc
Patch1: keepalive-init.patch Patch1: keepalive-init.patch
BuildRequires: libnfnetlink-devel BuildRequires: libnfnetlink-devel
%if %{with json}
BuildRequires: libjson-c-devel
%endif
BuildRequires: net-snmp-devel BuildRequires: net-snmp-devel
BuildRequires: openssl-devel BuildRequires: openssl-devel
BuildRequires: pkgconfig BuildRequires: pkgconfig
@ -76,11 +79,11 @@ Requires: systemd
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description %description
This project provides facilities for load balancing and high-availability to Linux system and Linux-based This project provides facilities for load balancing and high-availability to
infrastructures. The load-balancing framework relies on the Linux system and Linux-based infrastructures. The load-balancing framework
Linux Virtual Server (IPVS) kernel module providing Layer4 load balancing. relies on the Linux Virtual Server (IPVS) kernel module providing Layer4 load
Keepalived implements a set of checkers to dynamically and adaptively maintain balancing. Keepalived implements a set of checkers to dynamically and
and manage loadbalanced server pool according their health. adaptively maintain and manage loadbalanced server pool according their health.
High-availability is achieved by the VRRP protocol, a fundamental brick for High-availability is achieved by the VRRP protocol, a fundamental brick for
router failover. In addition, Keepalived implements a set of hooks to the VRRP router failover. In addition, Keepalived implements a set of hooks to the VRRP
finite state machine, providing low-level and high-speed protocol interactions. finite state machine, providing low-level and high-speed protocol interactions.
@ -89,7 +92,8 @@ resilient infrastructures.
%prep %prep
%setup -q %setup -q
%patch1 -p0 %patch1 -p1
chmod 644 doc/samples/*
%build %build
export STRIP=true export STRIP=true
@ -97,12 +101,19 @@ export CPPFLAGS="$(pkg-config --cflags libnfnetlink libiptc libipset xtables)"
export CFLAGS="%optflags -DOPENSSL_NO_SSL_INTERN" export CFLAGS="%optflags -DOPENSSL_NO_SSL_INTERN"
%configure \ %configure \
--disable-silent-rules \ --disable-silent-rules \
%if %{with json}
--enable-json \
%endif
--enable-snmp \ --enable-snmp \
--enable-snmp-vrrp \ --enable-snmp-vrrp \
%if %{with dbus} %if %{with dbus}
--enable-dbus \ --enable-dbus \
--enable-dbus-create-instance \ --enable-dbus-create-instance \
%endif %endif
%if %{with systemd}
--with-init=systemd \
--with-systemdsystemunitdir="%{_unitdir}" \
%endif
--enable-snmp-checker \ --enable-snmp-checker \
--enable-snmp-rfc \ --enable-snmp-rfc \
--enable-snmp-rfcv2 \ --enable-snmp-rfcv2 \
@ -119,7 +130,6 @@ install -dD -m 0750 %{buildroot}%{_var}/lib/%{name}
install -D -m 0644 %{buildroot}/etc/sysconfig/keepalived %{buildroot}%{_fillupdir}/sysconfig.%{name} install -D -m 0644 %{buildroot}/etc/sysconfig/keepalived %{buildroot}%{_fillupdir}/sysconfig.%{name}
%if %{with systemd} %if %{with systemd}
install -D -m0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
ln -s /sbin/service %{buildroot}%{_sbindir}/rckeepalived ln -s /sbin/service %{buildroot}%{_sbindir}/rckeepalived
%else %else
install -D -m 0750 keepalived/etc/init.d/keepalived.suse.init %{buildroot}/etc/init.d/keepalived install -D -m 0750 keepalived/etc/init.d/keepalived.suse.init %{buildroot}/etc/init.d/keepalived
@ -129,6 +139,14 @@ ln -s /etc/init.d/keepalived %{buildroot}%{_sbindir}/rckeepalived
chmod -R o= %{buildroot}/etc/keepalived chmod -R o= %{buildroot}/etc/keepalived
rm -rv %{buildroot}/etc/keepalived/samples/ %{buildroot}/etc/sysconfig/keepalived rm -rv %{buildroot}/etc/keepalived/samples/ %{buildroot}/etc/sysconfig/keepalived
%check
# A build could silently have LVS support disabled if the kernel includes can't
# be properly found, we need to avoid that.
if ! grep -q "#define _WITH_LVS_ *1" lib/config.h; then
%{__echo} "ERROR: We do not want keepalived lacking LVS support." >&2
exit 1
fi
%pre %pre
getent group %{name} >/dev/null || /usr/sbin/groupadd -r %{name} getent group %{name} >/dev/null || /usr/sbin/groupadd -r %{name}
getent passwd %{name} >/dev/null || \ getent passwd %{name} >/dev/null || \
@ -159,15 +177,20 @@ getent passwd %{name} >/dev/null || \
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%doc README COPYING ChangeLog %doc AUTHOR ChangeLog CONTRIBUTORS COPYING README
%doc %{_datadir}/doc/keepalived/ %doc %{_datadir}/doc/keepalived/
%config(noreplace) %attr(-,root,keepalived) /etc/keepalived/ %doc doc/samples/
%doc doc/keepalived.conf.SYNOPSIS doc/NOTE_vrrp_vmac.txt
%dir %{_sysconfdir}/keepalived
%dir %attr(-,keepalived,keepalived) %{_var}/lib/%{name}
%{_fillupdir}/sysconfig.%{name}
%config(noreplace) %{_sysconfdir}/keepalived/*conf
%{_bindir}/genhash %{_bindir}/genhash
%{_sbindir}/rckeepalived %{_sbindir}/rckeepalived
%{_sbindir}/keepalived %{_sbindir}/keepalived
%{_mandir}/man1/genhash.1.gz %{_mandir}/man1/genhash.1*
%{_mandir}/man5/keepalived.conf.5.gz %{_mandir}/man5/keepalived.conf.5*
%{_mandir}/man8/keepalived.8.gz %{_mandir}/man8/keepalived.8*
%{_datadir}/snmp/mibs/KEEPALIVED-MIB.txt %{_datadir}/snmp/mibs/KEEPALIVED-MIB.txt
%{_datadir}/snmp/mibs/VRRP-MIB.txt %{_datadir}/snmp/mibs/VRRP-MIB.txt
%{_datadir}/snmp/mibs/VRRPv3-MIB.txt %{_datadir}/snmp/mibs/VRRPv3-MIB.txt
@ -183,10 +206,5 @@ getent passwd %{name} >/dev/null || \
%else %else
/etc/init.d/keepalived /etc/init.d/keepalived
%endif %endif
%dir %attr(-,keepalived,keepalived) %{_var}/lib/%{name}
%{_fillupdir}/sysconfig.%{name}
%doc AUTHOR ChangeLog CONTRIBUTORS COPYING README
%doc doc/samples/
%doc doc/keepalived.conf.SYNOPSIS doc/NOTE_vrrp_vmac.txt
%changelog %changelog