4 SCRIPTDIR="$(readlink -f $(dirname ${BASH_SOURCE[0]}))"
5 LIBDIR="$(dirname $(dirname ${SCRIPTDIR}))/env/lib"
7 source $LIBDIR/logging.sh
8 source $LIBDIR/common.sh
11 ENABLE_DHCP="${IRONIC_ENABLE_DHCP:-yes}"
15 kubectl get all -n ${NAMEPREFIX}-system
18 function check_interface_ip {
22 ip addr show dev ${interface}
23 if [[ $? -ne 0 ]]; then
27 local -r ipv4address=$(ip addr show dev ${interface} | awk '$1 == "inet" { sub("/.*", "", $2); print $2 }')
28 if [[ "$ipv4address" != "$ipaddr" ]]; then
33 function configure_ironic_bridge {
34 if [[ ! $(ip link show dev provisioning) ]]; then
35 ip link add dev provisioning type bridge
37 ip link set provisioning up
38 ip link set dev ${IRONIC_INTERFACE} master provisioning
39 if [[ ! $(ip addr show dev provisioning to 172.22.0.1) ]]; then
40 ip addr add dev provisioning 172.22.0.1/24
44 function configure_ironic_interfaces {
45 # Add firewall rules to ensure the IPA ramdisk can reach httpd,
46 # Ironic and the Inspector API on the host
47 if [ "${IRONIC_PROVISIONING_INTERFACE}" ]; then
48 check_interface_ip ${IRONIC_PROVISIONING_INTERFACE} ${IRONIC_PROVISIONING_INTERFACE_IP}
53 for port in 80 5050 6385 ; do
54 if ! sudo iptables -C INPUT -i ${IRONIC_PROVISIONING_INTERFACE} -p tcp -m tcp --dport ${port} -j ACCEPT > /dev/null 2>&1; then
55 sudo iptables -I INPUT -i ${IRONIC_PROVISIONING_INTERFACE} -p tcp -m tcp --dport ${port} -j ACCEPT
59 # Allow access to dhcp and tftp server for pxeboot
60 for port in 67 69 ; do
61 if ! sudo iptables -C INPUT -i ${IRONIC_PROVISIONING_INTERFACE} -p udp --dport ${port} -j ACCEPT 2>/dev/null ; then
62 sudo iptables -I INPUT -i ${IRONIC_PROVISIONING_INTERFACE} -p udp --dport ${port} -j ACCEPT
67 function deploy_bridge {
68 configure_ironic_bridge
69 configure_ironic_interfaces
72 function clean_bridge {
73 ip link set provisioning down || true
74 ip link del provisioning type bridge || true
77 # This may be used to update the in-place Ironic YAML files from the
78 # upstream project. We cannot use the upstream sources directly as
79 # they require an envsubst step before kustomize build.
80 function build_source {
81 clone_baremetal_operator_repository
83 KUSTOMIZATION_FILES=$(find ${BMOPATH}/ironic-deployment/{default,ironic} -type f)
84 for src in ${KUSTOMIZATION_FILES}; do
85 dst=${src/${BMOPATH}\/ironic-deployment/${SCRIPTDIR}\/base}
86 mkdir -p $(dirname ${dst})
87 envsubst <${src} >${dst}
89 sed -i -e '/name: quay.io\/metal3-io\/ironic/{n;s/newTag:.*/newTag: '"${BMO_VERSION}"'/;}' ${SCRIPTDIR}/icn/kustomization.yaml
94 local layer="${SCRIPTDIR}/icn"
95 if [[ ${ENABLE_DHCP} != "yes" ]]; then
96 layer="${SCRIPTDIR}/icn-no-dhcp"
98 kustomize build ${layer} | kubectl apply -f -
99 kubectl wait --for=condition=Available --timeout=600s deployment/${NAMEPREFIX}-ironic -n ${NAMEPREFIX}-system
103 kustomize build ${SCRIPTDIR}/icn | kubectl delete -f -
104 rm -rf ${IRONIC_DATA_DIR}
108 "build-source") build_source ;;
110 "clean-bridge") clean_bridge ;;
112 "deploy-bridge") deploy_bridge ;;
114 Usage: $(basename $0) COMMAND
117 build-source - Rebuild the in-tree Ironic YAML files
118 clean - Remove Ironic
119 clean-bridge - Uninstall provisioning network bridge
120 deploy - Deploy Ironic
121 deploy-bridge - Install provisioning network bridge