diff --git a/resources/bin/rb_checkping.sh b/resources/bin/rb_checkping.sh
new file mode 100644
index 0000000..f139553
--- /dev/null
+++ b/resources/bin/rb_checkping.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+#######################################################################
+# Copyright (c) 2014 ENEO Tecnología S.L.
+# This file is part of redBorder.
+# redBorder is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+# redBorder is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License License for more details.
+# You should have received a copy of the GNU Affero General Public License License
+# along with redBorder. If not, see .
+#######################################################################
+
+HOST="$1"
+RET=1
+
+if [ "x$HOST" != "x" ]; then
+ RET=0
+ ping -c 1 $HOST &>/dev/null
+ if [ $? -ne 0 ]; then
+ sleep 1
+ ping -c 1 $HOST &>/dev/null
+ if [ $? -ne 0 ]; then
+ RET=1
+ fi
+ fi
+else
+ echo "Usage: $0 host port"
+fi
+
+exit $RET
diff --git a/resources/bin/rb_checkudp.sh b/resources/bin/rb_checkudp.sh
new file mode 100644
index 0000000..bfe297a
--- /dev/null
+++ b/resources/bin/rb_checkudp.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+#######################################################################
+# Copyright (c) 2014 ENEO Tecnología S.L.
+# This file is part of redBorder.
+# redBorder is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+# redBorder is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License License for more details.
+# You should have received a copy of the GNU Affero General Public License License
+# along with redBorder. If not, see .
+#######################################################################
+
+HOST="$1"
+PORT="$2"
+RET=1
+
+if [ "x$HOST" != "x" -a "x$PORT" != "x" ]; then
+ RET=0
+ ping -c 1 $HOST &>/dev/null
+ if [ $? -ne 0 ]; then
+ sleep 1
+ ping -c 1 $HOST &>/dev/null
+ if [ $? -ne 0 ]; then
+ RET=1
+ fi
+ fi
+
+ if [ $RET -eq 0 ]; then
+ nc -znu -w 3 $HOST $PORT &>/dev/null
+ RET=$?
+ fi
+else
+ echo "Usage: $0 host port"
+fi
+
+exit $RET
diff --git a/resources/bin/rb_configure_leader.sh b/resources/bin/rb_configure_leader.sh
index c10d0b8..682151e 100755
--- a/resources/bin/rb_configure_leader.sh
+++ b/resources/bin/rb_configure_leader.sh
@@ -273,6 +273,35 @@ _RBEOF_
"id": "cluster",
"uuid": "$(cat /proc/sys/kernel/random/uuid)"
}
+_RBEOF_
+
+ ## Generating external virtual ip
+ mkdir -p /var/chef/data/data_bag/rBglobal
+ cat > /var/chef/data/data_bag/rBglobal/ipvirtual-external-webui.json <<-_RBEOF_
+{
+ "id": "ipvirtual-external-webui"
+}
+_RBEOF_
+
+ mkdir -p /var/chef/data/data_bag/rBglobal
+ cat > /var/chef/data/data_bag/rBglobal/ipvirtual-external-f2k.json <<-_RBEOF_
+{
+ "id": "ipvirtual-external-f2k"
+}
+_RBEOF_
+
+ mkdir -p /var/chef/data/data_bag/rBglobal
+ cat > /var/chef/data/data_bag/rBglobal/ipvirtual-external-sfacctd.json <<-_RBEOF_
+{
+ "id": "ipvirtual-external-sfacctd"
+}
+_RBEOF_
+
+ mkdir -p /var/chef/data/data_bag/rBglobal
+ cat > /var/chef/data/data_bag/rBglobal/ipvirtual-external-kafka.json <<-_RBEOF_
+{
+ "id": "ipvirtual-external-kafka"
+}
_RBEOF_
LICMODE=$(head -n 1 /etc/licmode 2>/dev/null)
@@ -349,7 +378,7 @@ function configure_leader(){
hadoop samza nginx geoip webui snmp mongodb rbmonitor rbscanner
f2k logstash pmacct minio postgresql rbdswatcher rbevents-counter
rsyslog freeradius rbnmsp n2klocd rbale rbcep k2http rblogstatter rb-arubacentral rbcgroup rb-exporter rb-proxy rb-postfix
- snort barnyard2 rb-ips rbaioutliers rb-manager" # The order matters!
+ keepalived snort barnyard2 rb-ips rbaioutliers rb-manager" # The order matters!
for n in $listCookbooks; do # cookbooks
# rsync -a /var/chef/cookbooks/${n}/ /var/chef/cache/cookbooks/$n
diff --git a/resources/bin/rb_create_lo.sh b/resources/bin/rb_create_lo.sh
new file mode 100644
index 0000000..f8f873c
--- /dev/null
+++ b/resources/bin/rb_create_lo.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+
+#######################################################################
+# Copyright (c) 2014 ENEO Tecnología S.L.
+# This file is part of redBorder.
+# redBorder is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+# redBorder is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License License for more details.
+# You should have received a copy of the GNU Affero General Public License License
+# along with redBorder. If not, see .
+#######################################################################
+
+function read_from_ip() {
+ # check from ips readed from interface
+ while read line; do
+ IP=$(echo $line | awk '{print $2}' | tr '/' ' ' | awk '{print $1}')
+ n=$(echo $line | sed 's/.*lo//')
+
+ if [ "x$n" == "x" ]; then
+ ip a del ${IP}/32 dev lo
+ else
+ n=$(echo $line | sed 's/.*lo://')
+ if [ -f /etc/sysconfig/network-scripts/ifcfg-lo\:$n ]; then
+ source /etc/sysconfig/network-scripts/ifcfg-lo\:$n
+ [ "x$IPADDR" != "x$IP" ] && ip a del ${IP}/32 dev lo:$n
+ else
+ ip a del ${IP}/32 dev lo:$n
+ fi
+ fi
+ done <<< "$(ip a s lo|grep "lo"|grep inet | grep global)"
+
+}
+
+read_from_ip
+
+for n in $(ls /etc/sysconfig/network-scripts/ifcfg-lo\:* | sed 's|/etc/sysconfig/network-scripts/ifcfg-lo:||'); do
+ if [ -f /etc/sysconfig/network-scripts/ifcfg-lo\:$n ]; then
+ source /etc/sysconfig/network-scripts/ifcfg-lo\:$n
+
+ if [ "x$IPADDR" != "x" ]; then
+ CURRENT=$(ip a s lo |grep "lo:$n$" |grep inet|grep -v "127.0.0.1/8"|grep "global"| awk '{print $2}' | tr '/' ' ' | awk '{print $1}' | head -n 1)
+ if [ "x$CURRENT" != "x$IPADDR" ]; then
+ ifdown lo:$n
+ [ "x$CURRENT" != "x" ] && ip a del ${CURRENT}/32 dev lo:$n
+ ifup lo:$n
+ fi
+ fi
+ fi
+done
\ No newline at end of file
diff --git a/resources/scripts/rb_init_conf.rb b/resources/scripts/rb_init_conf.rb
index 2325d90..2479957 100755
--- a/resources/scripts/rb_init_conf.rb
+++ b/resources/scripts/rb_init_conf.rb
@@ -329,6 +329,10 @@
system("firewall-cmd --permanent --zone=home --add-port=162/udp &>/dev/null")
system("firewall-cmd --permanent --zone=public --add-port=162/udp &>/dev/null")
+ #keepalived
+ system("firewall-cmd --add-protocol=112 --permanent")
+ system("firewall-cmd --add-rich-rule='rule family=\"ipv4\" source address=\"224.0.0.18\" accept' --permanent")
+
#webui
system("firewall-cmd --permanent --zone=home --add-port=8001/tcp &>/dev/null")