keepalived icon indicating copy to clipboard operation
keepalived copied to clipboard

Published 20 hours ago verified publisher icon acassen

Algebric operation with variable substitution

Open m3rlinux opened this issue 5 years ago • 7 comments

The request provide enhanced functionality Into a sequence and/or variable substitution section it would be nice can change variable value by algebric operations.

The solution... $IP2=${IP1}+1

Keepalived version Keepalived v2.0.10 (11/12,2018)

Copyright(C) 2001-2018 Alexandre Cassen, [email protected]

Built with kernel headers for Linux 4.18.0 Running on Linux 4.18.0-147.5.1.el8_1.x86_64 #1 SMP Wed Feb 5 02:00:39 UTC 2020

configure options: --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --program-prefix= --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/us r/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info --enable-snmp --enable-snmp-rfc --enable-sha1 --with-init=systemd build_alias=x86_64-redhat-linux-gnu h ost_alias=x86_64-redhat-linux-gnu PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig CFLAGS=-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -sp ecs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection LDFLAGS=-Wl,-z,relro -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-l d

Config options: LIBIPSET_DYNAMIC LVS VRRP VRRP_AUTH OLD_CHKSUM_COMPAT FIB_ROUTING SNMP_V3_FOR_V2 SNMP_VRRP SNMP_CHECKER SNMP_RFCV2 SNMP_RFCV3

System options: PIPE2 SIGNALFD INOTIFY_INIT1 VSYSLOG EPOLL_CREATE1 IPV4_DEVCONF LIBNL3 RTA_ENCAP RTA_EXPIRES RTA_NEWDST RTA_PREF FRA_SUPPRESS_PREFIXLEN FRA_SUPPRESS_IFGROUP FRA_TUN_ID RTAX_CC_ALGO RTAX_QUICKACK RTEXT_FILTER_SKIP_STATS FRA_L3MDEV FRA_UID_R ANGE RTAX_FASTOPEN_NO_COOKIE RTA_VIA FRA_OIFNAME FRA_PROTOCOL FRA_IP_PROTO FRA_SPORT_RANGE FRA_DPORT_RANGE RTA_TTL_PROPAGATE IFA_FLAGS IP_MULTICAST_ALL LWTUNNEL_ENCAP_MPLS LWTUNNEL_ENCAP_ILA LIBIPTC LIBIPSET_PRE_V7 LIBIPVS_NETLINK IPVS_DEST_ATTR_ADDR_FAMIL Y IPVS_SYNCD_ATTRIBUTES IPVS_64BIT_STATS VRRP_VMAC SOCK_NONBLOCK SOCK_CLOEXEC O_PATH GLOB_BRACE INET6_ADDR_GEN_MODE VRF SO_MARK SCHED_RT SCHED_RESET_ON_FORK

m3rlinux avatar Feb 18 '20 10:02 m3rlinux

@m3rlinux I have thought about this idea before, but what has stopped me doing anything in the past is how far do we go with arithmetic operators?

If we have +, should we have -, *, /? and then what about ++, --, %, <<, >>, and what about bitwise logical operators, if conditions, and compound conditions?

If there is a demand for this from a number of users, and a relatively small subset of all the operators can be agreed on, then I would look at implementing that, but I think it would need to be functionality that quite a few users would want to use.

With regard to your specific suggestion, if $IP1 is an IP address, then I don't think it makes sense to increase it by one - 192.168.124.1 + 1 doesn't look right to me. On the other hand:

$IP_LAST=10
$IP1=192.168.124.${IP++}
$IP2=192.168.124.${IP++}

looks more sensible to me.

If has just occurred to me that the equivalent to the above for IPv6 addresses won't be very sensible, since the formatting of the output of ${IP}, where ${IP} is the variable of a ~SEQ() block is decimal, whereas IPv6 addresses would want it to be hex.

Is there any way you can use a ~SEQ() block to achieve what you want?

If you could provide a full configuration file showing what you would like to achieve, then we might be able to suggest alternatives, or it might give an idea for a simple implementation.

pqarmitage avatar Feb 18 '20 17:02 pqarmitage

Yeah! I'm trying to use ~SEQ() block. It would be nice to insert variable into ~SEQ() block like this

$RS= \
real_server 10.10.10.$RSHOST 443 { \
  weight 10 \
  SSL_GET { \
    enable_sni \
    url { \
      path /Diagnostic.svc/KeepAlive?check=db \
      status_code 200 \
    } \
    connect_timeout 10 \
    retry 3 \
    delay_before_retry 3 \
  } \
}

$VS= \
virtual_server 1.1.1.${HOST} 443 { \
  delay_loop 10 \
  lb_algo wlc \
  lb_kind NAT \
  protocol TCP \
  persistence_timeout 1200 \
  ~SEQ(RSHOST,$RSTART,$RSEND) $RS \
}
$RSTART=211
$RSEND=213
$HOST=202
$VS
$RSTART=214
$RSEND=216
$HOST=203
$VS
$RSTART=131
$RSEND=132
$HOST=204
$VS

Is there another way to achieve something like this

Any suggestions would be greatly appreciated.

m3rlinux avatar Mar 05 '20 17:03 m3rlinux

I agree that being able to use a variable for the limits of a ~SEQ block would be sensible; I don't know why I hadn't thought of that before.

I will have a look to see if that is achievable.

pqarmitage avatar Mar 05 '20 18:03 pqarmitage

Commit 938211c adds the ability to use variables in a ~SEQ block. I have also added ~SEQx so that the variable can be formatted in hex - useful for IPv6 addresses.

pqarmitage avatar Mar 06 '20 15:03 pqarmitage

Great! I'm exited to hear it! Many, many thanks! What about this configuration error?

$RS= \
  real_server xxx.xxx.xxx.$RSHOST 443 { \
    weight 10 \
    SSL_GET { \
      enable_sni \
      url { \
        path "/Diagnostic.svc/KeepAlive" \
      } \
      connect_timeout 10 \
      retry 3 \
      delay_before_retry 3 \
    } \
}

$VS= \
virtual_server xxx.xxx.xxx.${HOST} 443 { \
  delay_loop 10 \
  lb_algo wlc \
  lb_kind NAT \
  protocol TCP \
  persistence_timeout 1200 \
  virtualhost $VHOST \
  $ASEQ $RS \
}

# foo
$VHOST="foo.tld"
$ASEQ=~SEQ(RSHOST,211,213)
$HOST=202
$VS

The error is:

(Line 135) Unknown keyword 'real_server'
(Line 135) Unexpected '{' - ignoring
(Line 135) Unknown keyword 'weight'
(Line 135) Unknown keyword 'SSL_GET'
(Line 135) Unexpected '{' - ignoring
...
...

The same error changing $ASEQ $RS \ with ~SEQ(RSHOST,211,213) $RS \

m3rlinux avatar Mar 06 '20 16:03 m3rlinux

@pqarmitage meantime I found an alternative like belowe (just in case...)

$RS= \
  real_server xxx.xxx.xxx.$RSHOST 443 { \
    weight 10 \
    SSL_GET { \
      enable_sni \
      url { \
        path "/Diagnostic.svc/KeepAlive" \
      } \
      connect_timeout 10 \
      retry 3 \
      delay_before_retry 3 \
    } \
}

$VS= \
virtual_server xxx.xxx.xxx.${HOST} 443 { \
  delay_loop 10 \
  lb_algo wlc \
  lb_kind NAT \
  protocol TCP \
  persistence_timeout 1200 \
  virtualhost $VHOST \
  $RS \
}

# foo
$VHOST="foo.tld"
~SEQ(HOST,202,202) ~SEQ(RSHOST,211,213) $VS

m3rlinux avatar Mar 06 '20 17:03 m3rlinux

Yes, ~SEQ(HOST,202,202) ~SEQ(RSHOST,211,213) $VS is the way to do it, and is similar to an example given in the keepalived.conf(5) man page.

I think $ASEQ=~SEQ(RSHOST,211,213) is probably trying to push it too far.

pqarmitage avatar Mar 06 '20 17:03 pqarmitage