On Mon, 30 Jun 2014 12:46:38 -0700 C.J. Adams-Collier KF7BMP wrote: > Hello folks, > > I've got a project on my plate to automate and reduce the human error in > adding new VLANs, subnets, addresses, etc. to our production firewall > fleet. Today, we manually make modifications to the following on both > members of the VRRP pair: > > * /etc/conf.d/net.ext > * /etc/conf.d/net.int > * /etc/keepalived/keepalived.conf > * quagga OSPF running-config > > This leaves a lot of room for error. And occasionally, we let a thing > or two slip by us. This causes us enough headache to put some time and > energy in to improving the process. > > Which brings me to the question, does there exist a parser/generator for > the /etc/conf.d/net.* files? If not, would Gentoo like me to contribute > my work on the generator, and would one of you point me to the parser?
If you're interested, we have developed a network init tool for mass control of vlans, bridges and so on. It is used on hosts with hundreds of production containers, where usual net.iface approach is too slow and cumbersome. It is based on plane ip (from iproute2) and called ipw (ip wrapper), bridges are managed via /sys/ interfare, so there are very litte dependencies: https://gitlab.ut.mephi.ru/ut/ipw/tree/master It looks like tuning it for your needs should be simple. Best regards, Andrew Savchenko
pgpBhasrK2Yog.pgp
Description: PGP signature
