diff --git a/Bundler/isc-dhcp-server.xml b/Bundler/isc-dhcp-server.xml
index 14885d1..bccd793 100644
--- a/Bundler/isc-dhcp-server.xml
+++ b/Bundler/isc-dhcp-server.xml
@@ -5,7 +5,8 @@
-
+
+
diff --git a/Cfg/etc/dhcp3/dhcpd.conf/dhcpd.conf b/Cfg/etc/dhcp3/dhcpd.conf/dhcpd.conf
index 6505d06..c6f257c 100644
--- a/Cfg/etc/dhcp3/dhcpd.conf/dhcpd.conf
+++ b/Cfg/etc/dhcp3/dhcpd.conf/dhcpd.conf
@@ -34,24 +34,29 @@ option interface-mtu 1496;
# have to hack syslog.conf to complete the redirection).
log-facility local7;
+
+include "/etc/dhcp3/dhcp-failover.conf";
+
# VLan gratuit
subnet 10.42.0.0 netmask 255.255.0.0 {
interface eth3;
- range 10.42.1.1 10.42.255.200;
option domain-name-servers 10.42.0.10;
option routers 10.42.0.10;
authoritative;
default-lease-time 86400;
- deny unknown-clients;
- option root-path "/";
- next-server 138.231.136.98;
- filename "pxelinux.0";
+ deny unknown-clients;
+ option root-path "/";
+ next-server 138.231.136.98;
+ filename "pxelinux.0";
+ pool {
+ range 10.42.1.1 10.42.255.200;
+ failover peer "dhcp-failover";
+ }
}
# VLan accueil
subnet 10.51.0.0 netmask 255.255.0.0 {
interface eth4;
- range 10.51.1.1 10.51.255.200;
default-lease-time 600;
max-lease-time 7200;
# On met sable en router pour pouvoir accéder à l'intranet et au wiki
@@ -59,25 +64,32 @@ subnet 10.51.0.0 netmask 255.255.0.0 {
# On n'a besoin que du dns ici (pour le portail captif)
option domain-name-servers 10.51.0.10;
authoritative;
- option root-path "/";
- next-server 138.231.136.98;
- filename "pxelinux.0";
- option time-servers 10.51.0.10;
- option ntp-servers 10.51.0.10;
+ option root-path "/";
+ next-server 138.231.136.98;
+ filename "pxelinux.0";
+ option time-servers 10.51.0.10;
+ option ntp-servers 10.51.0.10;
+ pool {
+ failover peer "dhcp-failover";
+ range 10.51.1.1 10.51.255.200;
+ }
}
# VLan isolement
subnet 10.52.0.0 netmask 255.255.0.0 {
interface eth5;
- range 10.52.1.1 10.52.255.200;
default-lease-time 600;
max-lease-time 7200;
option domain-name-servers 10.52.0.10;
option routers 10.52.0.10;
authoritative;
- option root-path "/";
- next-server 138.231.136.98;
- filename "pxelinux.0";
+ option root-path "/";
+ next-server 138.231.136.98;
+ filename "pxelinux.0";
+ pool {
+ failover peer "dhcp-failover";
+ range 10.52.1.1 10.52.255.200;
+ }
}
diff --git a/Cfg/etc/dhcp3/omapi.conf/info.xml b/Cfg/etc/dhcp3/omapi.conf/info.xml
deleted file mode 100644
index df5c536..0000000
--- a/Cfg/etc/dhcp3/omapi.conf/info.xml
+++ /dev/null
@@ -1,3 +0,0 @@
-
-
-
diff --git a/Cfg/etc/dhcp3/omapi.conf/omapi.conf b/Cfg/etc/dhcp3/omapi.conf/omapi.conf
deleted file mode 100644
index f96cb4e..0000000
--- a/Cfg/etc/dhcp3/omapi.conf/omapi.conf
+++ /dev/null
@@ -1,7 +0,0 @@
-omapi-port 9991;
-key omapi_key {
- algorithm HMAC-MD5;
- secret "";
-};
-
-omapi-key omapi_key;
diff --git a/Cfg/etc/dhcp3/omapi_generate/omapi_generate b/Cfg/etc/dhcp3/omapi_generate/omapi_generate
index e9c7986..4004bad 100644
--- a/Cfg/etc/dhcp3/omapi_generate/omapi_generate
+++ b/Cfg/etc/dhcp3/omapi_generate/omapi_generate
@@ -1,8 +1,10 @@
#!/bin/bash
+# Fichier gere par BCfg2
+# A ne modifier que sur le serveur de configuration !
PWD="/etc/dhcp3/"
if [ ! -f /etc/dhcp3/omapi_key_generated ]; then
dnssec-keygen -r /dev/urandom -a HMAC-MD5 -b 512 -n HOST omapi_key
- echo 'Clef omapi generee, pensez a executer la commande sudo cat /etc/dhcp3/Komapi_key*.private|grep "^Key"|cut -d ' ' -f2-`, et a en mettre le resultat dans omapi.conf.'
+ echo 'Clef omapi generee, pensez a executer la commande sudo cat /etc/dhcp3/Komapi_key*.private|grep "^Key"|cut -d ' ' -f2-`, et a en mettre le resultat dans secrets.py et refaire un run de bcfg2.'
touch /etc/dhcp3/omapi_key_generated
fi
diff --git a/Metadata/groups.xml b/Metadata/groups.xml
index f459258..be6e968 100644
--- a/Metadata/groups.xml
+++ b/Metadata/groups.xml
@@ -371,7 +371,7 @@
-
+
-
+
-
+
+
+
+
+
diff --git a/Python/etc/dhcp3/dhcp-failover.conf b/Python/etc/dhcp3/dhcp-failover.conf
new file mode 100644
index 0000000..e62b0e1
--- /dev/null
+++ b/Python/etc/dhcp3/dhcp-failover.conf
@@ -0,0 +1,37 @@
+# -*- mode: python; encoding: utf-8 -*-
+
+info["owner"] = "root"
+info["group"] = "root"
+info["perms"] = 0600
+
+comment_start = "#"
+
+header("Configuration pour le cluster dhcp pour %s" % admhostname)
+
+include("ip")
+import config
+
+if len(config.dhcp_servers) > 2:
+ print "####################################################################"
+ print "## ATTENTION LA CONFIGURATION NE PEUT PAS GÉRER PLUS DE DEUX DHCP ##"
+ print "####################################################################"
+
+myip = admip()
+herip = admipof([name for name in config.dhcp_servers if name != admhostname][0].split('.',1)[0])
+
+print 'failover peer "dhcp-failover" {'
+if has("dhcp-server-primary"):
+ print """ primary;
+ split 128;
+ mclt 3600;"""
+elif has("dhcp-server-secondary"):
+ print " secondary;"
+print """ address %s;
+ port 647;
+ peer address %s;
+ peer port 647;
+ max-response-delay 30;
+ max-unacked-updates 10;
+ load balance max seconds 3;
+}
+""" % (myip, herip)
diff --git a/Python/etc/dhcp3/omapi.conf b/Python/etc/dhcp3/omapi.conf
new file mode 100644
index 0000000..b82537a
--- /dev/null
+++ b/Python/etc/dhcp3/omapi.conf
@@ -0,0 +1,21 @@
+# -*- mode: python; encoding: utf-8 -*-
+
+info["owner"] = "root"
+info["group"] = "root"
+info["perms"] = 0600
+
+comment_start = "#"
+
+header("Configuration pour omapi pour %s" % admhostname)
+
+include("secrets")
+
+print """
+omapi-port 9991;
+key omapi_key {
+ algorithm HMAC-MD5;
+ secret "%s";
+};
+
+omapi-key omapi_key;
+""" % secrets.dhcp_omapi_keys.get(admhostname, '')