* [gentoo-dev] parser/generator for /etc/conf.d/net*
@ 2014-06-30 19:46 C.J. Adams-Collier KF7BMP
2014-06-30 20:11 ` William Hubbs
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: C.J. Adams-Collier KF7BMP @ 2014-06-30 19:46 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 814 bytes --]
Hello folks,
I've got a project on my plate to automate and reduce the human error in
adding new VLANs, subnets, addresses, etc. to our production firewall
fleet. Today, we manually make modifications to the following on both
members of the VRRP pair:
* /etc/conf.d/net.ext
* /etc/conf.d/net.int
* /etc/keepalived/keepalived.conf
* quagga OSPF running-config
This leaves a lot of room for error. And occasionally, we let a thing
or two slip by us. This causes us enough headache to put some time and
energy in to improving the process.
Which brings me to the question, does there exist a parser/generator for
the /etc/conf.d/net.* files? If not, would Gentoo like me to contribute
my work on the generator, and would one of you point me to the parser?
Thanks for your time,
C.J.
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] parser/generator for /etc/conf.d/net*
2014-06-30 19:46 [gentoo-dev] parser/generator for /etc/conf.d/net* C.J. Adams-Collier KF7BMP
@ 2014-06-30 20:11 ` William Hubbs
2014-06-30 22:09 ` Robin H. Johnson
2014-07-01 1:58 ` Tim Boudreau
2014-07-01 11:05 ` Andrew Savchenko
2 siblings, 1 reply; 6+ messages in thread
From: William Hubbs @ 2014-06-30 20:11 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 600 bytes --]
On Mon, Jun 30, 2014 at 12:46:38PM -0700, C.J. Adams-Collier KF7BMP wrote:
> Which brings me to the question, does there exist a parser/generator for
> the /etc/conf.d/net.* files? If not, would Gentoo like me to contribute
> my work on the generator, and would one of you point me to the parser?
The files in /etc/conf.d are just posix shell code; they are sourced in
/lib*/rc/runscript.sh. The actions taken depend on the service script
that reads the files.
I'll let the netifrc maintainers speak up wrt whether they would be
interested in a generator for /etc/conf.d/net.*.
Thanks,
William
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] parser/generator for /etc/conf.d/net*
2014-06-30 20:11 ` William Hubbs
@ 2014-06-30 22:09 ` Robin H. Johnson
2014-06-30 22:24 ` C.J. Adams-Collier KF7BMP
0 siblings, 1 reply; 6+ messages in thread
From: Robin H. Johnson @ 2014-06-30 22:09 UTC (permalink / raw
To: gentoo-dev
On Mon, Jun 30, 2014 at 03:11:57PM -0500, William Hubbs wrote:
> On Mon, Jun 30, 2014 at 12:46:38PM -0700, C.J. Adams-Collier KF7BMP wrote:
> > Which brings me to the question, does there exist a parser/generator for
> > the /etc/conf.d/net.* files? If not, would Gentoo like me to contribute
> > my work on the generator, and would one of you point me to the parser?
>
> The files in /etc/conf.d are just posix shell code; they are sourced in
> /lib*/rc/runscript.sh. The actions taken depend on the service script
> that reads the files.
>
> I'll let the netifrc maintainers speak up wrt whether they would be
> interested in a generator for /etc/conf.d/net.*.
I'm certainly interested in a generator for the simple versions, but
it's going to remain shell code, because there are some really complex
configs out there, that sanely use variables to abstract & reduce
complexity.
As such, a parser should probably just source it, and be prepared to say
'this is too complex, do it yourself'.
--
Robin Hugh Johnson
Gentoo Linux: Developer, Infrastructure Lead
E-Mail : robbat2@gentoo.org
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] parser/generator for /etc/conf.d/net*
2014-06-30 22:09 ` Robin H. Johnson
@ 2014-06-30 22:24 ` C.J. Adams-Collier KF7BMP
0 siblings, 0 replies; 6+ messages in thread
From: C.J. Adams-Collier KF7BMP @ 2014-06-30 22:24 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 1340 bytes --]
On Mon, 2014-06-30 at 22:09 +0000, Robin H. Johnson wrote:
> On Mon, Jun 30, 2014 at 03:11:57PM -0500, William Hubbs wrote:
> > On Mon, Jun 30, 2014 at 12:46:38PM -0700, C.J. Adams-Collier KF7BMP wrote:
> > > Which brings me to the question, does there exist a parser/generator for
> > > the /etc/conf.d/net.* files? If not, would Gentoo like me to contribute
> > > my work on the generator, and would one of you point me to the parser?
> >
> > The files in /etc/conf.d are just posix shell code; they are sourced in
> > /lib*/rc/runscript.sh. The actions taken depend on the service script
> > that reads the files.
> >
> > I'll let the netifrc maintainers speak up wrt whether they would be
> > interested in a generator for /etc/conf.d/net.*.
> I'm certainly interested in a generator for the simple versions, but
> it's going to remain shell code, because there are some really complex
> configs out there, that sanely use variables to abstract & reduce
> complexity.
>
> As such, a parser should probably just source it, and be prepared to say
> 'this is too complex, do it yourself'.
Thanks Robin. I'll keep that in mind as I work on this. Good to know
there's interest in the work. I've got a basic package started and have
most of the functionality stubbed out. Next step is to write some
tests.
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] parser/generator for /etc/conf.d/net*
2014-06-30 19:46 [gentoo-dev] parser/generator for /etc/conf.d/net* C.J. Adams-Collier KF7BMP
2014-06-30 20:11 ` William Hubbs
@ 2014-07-01 1:58 ` Tim Boudreau
2014-07-01 11:05 ` Andrew Savchenko
2 siblings, 0 replies; 6+ messages in thread
From: Tim Boudreau @ 2014-07-01 1:58 UTC (permalink / raw
To: Gentoo Developers
[-- Attachment #1: Type: text/plain, Size: 1002 bytes --]
On Mon, Jun 30, 2014 at 3:46 PM, C.J. Adams-Collier KF7BMP <
cjac@colliertech.org> wrote:
> I've got a project on my plate to automate and reduce the human error in
> adding new VLANs, subnets, addresses, etc. to our production firewall
> fleet. Today, we manually make modifications to the following on both
> members of the VRRP pair:
>
It sounds like the default init script isn't great for you.
Rather than write a generator for a static configuration file that is
consumed by a script, would it make more sense to modify the /etc/init.d
script to compute whatever you need on the fly? I would think that would
make deployment more flexible and (depending on what you're trying to do)
perhaps eliminate the need for a manual configuration step.
I did that once for a Gentoo VM that needed to figure out a working network
configuration under a variety of hypervisors (the thing being distributed
to customers was the VM, and final setup was web-based, so it had to work
no matter what).
-Tim
[-- Attachment #2: Type: text/html, Size: 1431 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-dev] parser/generator for /etc/conf.d/net*
2014-06-30 19:46 [gentoo-dev] parser/generator for /etc/conf.d/net* C.J. Adams-Collier KF7BMP
2014-06-30 20:11 ` William Hubbs
2014-07-01 1:58 ` Tim Boudreau
@ 2014-07-01 11:05 ` Andrew Savchenko
2 siblings, 0 replies; 6+ messages in thread
From: Andrew Savchenko @ 2014-07-01 11:05 UTC (permalink / raw
To: gentoo-dev; +Cc: C.J. Adams-Collier KF7BMP
[-- Attachment #1: Type: text/plain, Size: 1409 bytes --]
On Mon, 30 Jun 2014 12:46:38 -0700 C.J. Adams-Collier KF7BMP wrote:
> Hello folks,
>
> I've got a project on my plate to automate and reduce the human error in
> adding new VLANs, subnets, addresses, etc. to our production firewall
> fleet. Today, we manually make modifications to the following on both
> members of the VRRP pair:
>
> * /etc/conf.d/net.ext
> * /etc/conf.d/net.int
> * /etc/keepalived/keepalived.conf
> * quagga OSPF running-config
>
> This leaves a lot of room for error. And occasionally, we let a thing
> or two slip by us. This causes us enough headache to put some time and
> energy in to improving the process.
>
> Which brings me to the question, does there exist a parser/generator for
> the /etc/conf.d/net.* files? If not, would Gentoo like me to contribute
> my work on the generator, and would one of you point me to the parser?
If you're interested, we have developed a network init tool for
mass control of vlans, bridges and so on. It is used on hosts with
hundreds of production containers, where usual net.iface approach
is too slow and cumbersome. It is based on plane ip (from iproute2)
and called ipw (ip wrapper), bridges are managed via /sys/
interfare, so there are very litte dependencies:
https://gitlab.ut.mephi.ru/ut/ipw/tree/master
It looks like tuning it for your needs should be simple.
Best regards,
Andrew Savchenko
[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2014-07-01 11:06 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-06-30 19:46 [gentoo-dev] parser/generator for /etc/conf.d/net* C.J. Adams-Collier KF7BMP
2014-06-30 20:11 ` William Hubbs
2014-06-30 22:09 ` Robin H. Johnson
2014-06-30 22:24 ` C.J. Adams-Collier KF7BMP
2014-07-01 1:58 ` Tim Boudreau
2014-07-01 11:05 ` Andrew Savchenko
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox