env/02_configure.sh

   1 #!/usr/bin/env bash
   2 set -xe
   3
   4 source lib/logging.sh
   5 source lib/common.sh
   6
   7 if [[ $EUID -ne 0 ]]; then
   8     echo "confgiure script must be run as root"
   9     exit 1
  10 fi
  11
  12 function check_inteface_ip() {
  13         local interface=$1
  14         local ipaddr=$2
  15
  16     if [ ! $(ip addr show dev $interface) ]; then
  17         exit 1
  18     fi
  19
  20     local ipv4address=$(ip addr show dev $interface | awk '$1 == "inet" { sub("/.*", "", $2); print $2 }')
  21     if [ "$ipv4address" != "$ipaddr" ]; then
  22         exit 1
  23     fi
  24 }
  25
  26 function configure_kubelet() {
  27         swapoff -a
  28         #Todo addition kubelet configuration
  29 }
  30
  31 function configure_kubeadm() {
  32         #Todo error handing
  33         if [ "$1" == "offline" ]; then
  34                 for images in kube-apiserver kube-controller-manager kube-scheduler kube-proxy; do
  35                 docker load --input $CONTAINER_IMAGES_DIR/$images.tar;
  36                 done
  37
  38                 docker load --input $CONTAINER_IMAGES_DIR/pause.tar
  39                 docker load --input $CONTAINER_IMAGES_DIR/etcd.tar
  40                 docker load --input $CONTAINER_IMAGES_DIR/coredns.tar
  41         return
  42     fi
  43         kubeadm config images pull --kubernetes-version=$KUBE_VERSION
  44 }
  45
  46 function configure_ironic_interfaces() {
  47         #Todo later to change the CNI networking for podman networking
  48         # Add firewall rules to ensure the IPA ramdisk can reach httpd, Ironic and the Inspector API on the host
  49         if [ "$IRONIC_PROVISIONING_INTERFACE" ]; then
  50                 check_inteface_ip $IRONIC_PROVISIONING_INTERFACE $IRONIC_PROVISIONING_INTERFACE_IP
  51         else
  52                 exit 1
  53
  54         fi
  55
  56         if [ "$IRONIC_IPMI_INTERFACE" ]; then
  57         check_inteface_ip $IRONIC_IPMI_INTERFACE $IRONIC_IPMI_INTERFACE_IP
  58     else
  59         exit 1
  60     fi
  61
  62         for port in 80 5050 6385 ; do
  63         if ! sudo iptables -C INPUT -i $IRONIC_PROVISIONING_INTERFACE -p tcp -m tcp --dport $port -j ACCEPT > /dev/null 2>&1; then
  64                 sudo iptables -I INPUT -i $IRONIC_PROVISIONING_INTERFACE -p tcp -m tcp --dport $port -j ACCEPT
  65         fi
  66         done
  67
  68         # Allow ipmi to the bmc processes
  69         if ! sudo iptables -C INPUT -i $IRONIC_IPMI_INTERFACE -p udp -m udp --dport 6230:6235 -j ACCEPT 2>/dev/null ; then
  70         sudo iptables -I INPUT -i $IRONIC_IPMI_INTERFACE -p udp -m udp --dport 6230:6235 -j ACCEPT
  71         fi
  72
  73         #Allow access to dhcp and tftp server for pxeboot
  74         for port in 67 69 ; do
  75         if ! sudo iptables -C INPUT -i $IRONIC_PROVISIONING_INTERFACE -p udp --dport $port -j ACCEPT 2>/dev/null ; then
  76                 sudo iptables -I INPUT -i $IRONIC_PROVISIONING_INTERFACE -p udp --dport $port -j ACCEPT
  77         fi
  78         done
  79 }
  80
  81 function configure_ironic_offline() {
  82         if [ ! -d $CONTAINER_IMAGES_DIR ] && [ ! -d $BUILD_DIR ]; then
  83                 exit 1
  84         fi
  85
  86         for image in ironic-inspector-image ironic-image podman-pause \
  87                 baremetal-operator socat; do
  88                 if [ ! -f "$CONTAINER_IMAGES_DIR/$image" ]; then
  89                         exit 1
  90                 fi
  91         done
  92
  93         if [ ! -f "$BUILD_DIR/ironic-python-agent.initramfs"] && [ ! -f \
  94                 "$BUILD_DIR/ironic-python-agent.kernel" ] && [ ! -f
  95                 "$BUILD_DIR/$BM_IMAGE" ]; then
  96                 exit 1
  97         fi
  98
  99         podman load --input $CONTAINER_IMAGES_DIR/ironic-inspector-image.tar
 100         podman load --input $CONTAINER_IMAGES_DIR/ironic-image.tar
 101         podman load --input $CONTAINER_IMAGES_DIR/podman-pause.tar
 102
 103         docker load --input $CONTAINER_IMAGES_DIR/baremetal-operator.tar
 104         docker load --input $CONTAINER_IMAGES_DIR/socat.tar
 105
 106         mkdir -p "$IRONIC_DATA_DIR/html/images"
 107
 108         cp $BUILD_DIR/ironic-python-agent.initramfs $IRONIC_DATA_DIR/html/images/
 109         cp $BUILD_DIR/ironic-python-agent.kernel $IRONIC_DATA_DIR/html/images/
 110         cp $BUILD_DIR/$BM_IMAGE $IRONIC_DATA_DIR/html/images/
 111         md5sum $BUILD_DIR/$BM_IMAGE | awk '{print $1}' > $BUILD_DIR/${BM_IMAGE}.md5sum
 112 }
 113
 114 function configure_ironic() {
 115         if [ "$1" == "offline" ]; then
 116                 configure_ironic_offline
 117                 return
 118         fi
 119
 120         podman pull $IRONIC_IMAGE
 121         podman pull $IRONIC_INSPECTOR_IMAGE
 122
 123         mkdir -p "$IRONIC_DATA_DIR/html/images"
 124         pushd $IRONIC_DATA_DIR/html/images
 125
 126         if [ ! -f ironic-python-agent.initramfs ]; then
 127                 curl --insecure --compressed -L https://images.rdoproject.org/master/rdo_trunk/current-tripleo-rdo/ironic-python-agent.tar | tar -xf -
 128         fi
 129
 130         if [[ "$BM_IMAGE_URL" && "$BM_IMAGE" ]]; then
 131         curl -o ${BM_IMAGE} --insecure --compressed -O -L ${BM_IMAGE_URL}
 132         md5sum ${BM_IMAGE} | awk '{print $1}' > ${BM_IMAGE}.md5sum
 133         fi
 134         popd
 135 }
 136
 137 function configure() {
 138         configure_kubeadm $1
 139         configure_kubelet
 140         configure_ironic_interfaces
 141         configure_ironic $1
 142 }
 143
 144 if [ "$1" == "-o" ]; then
 145     configure offline
 146     exit 0
 147 fi
 148
 149 configure