env/metal3/02_configure.sh

   1 #!/usr/bin/env bash
   2 set -xe
   3 LIBDIR="$(dirname "$PWD")"
   4
   5 source $LIBDIR/lib/logging.sh
   6 source $LIBDIR/lib/common.sh
   7
   8 if [[ $EUID -ne 0 ]]; then
   9     echo "confgiure script must be run as root"
  10     exit 1
  11 fi
  12
  13 function check_inteface_ip() {
  14         local interface=$1
  15         local ipaddr=$2
  16
  17     if [ ! $(ip addr show dev $interface) ]; then
  18         exit 1
  19     fi
  20
  21     local ipv4address=$(ip addr show dev $interface | awk '$1 == "inet" { sub("/.*", "", $2); print $2 }')
  22     if [ "$ipv4address" != "$ipaddr" ]; then
  23         exit 1
  24     fi
  25 }
  26
  27 function configure_kubelet() {
  28         swapoff -a
  29         #Todo addition kubelet configuration
  30 }
  31
  32 function configure_kubeadm() {
  33         #Todo error handing
  34         if [ "$1" == "offline" ]; then
  35                 for images in kube-apiserver kube-controller-manager kube-scheduler kube-proxy; do
  36                 docker load --input $CONTAINER_IMAGES_DIR/$images.tar;
  37                 done
  38
  39                 docker load --input $CONTAINER_IMAGES_DIR/pause.tar
  40                 docker load --input $CONTAINER_IMAGES_DIR/etcd.tar
  41                 docker load --input $CONTAINER_IMAGES_DIR/coredns.tar
  42         return
  43     fi
  44         kubeadm config images pull --kubernetes-version=$KUBE_VERSION
  45 }
  46
  47 function configure_ironic_interfaces() {
  48         #Todo later to change the CNI networking for podman networking
  49         # Add firewall rules to ensure the IPA ramdisk can reach httpd, Ironic and the Inspector API on the host
  50         if [ "$IRONIC_PROVISIONING_INTERFACE" ]; then
  51                 check_inteface_ip $IRONIC_PROVISIONING_INTERFACE $IRONIC_PROVISIONING_INTERFACE_IP
  52         else
  53                 exit 1
  54
  55         fi
  56
  57         if [ "$IRONIC_IPMI_INTERFACE" ]; then
  58         check_inteface_ip $IRONIC_IPMI_INTERFACE $IRONIC_IPMI_INTERFACE_IP
  59     else
  60         exit 1
  61     fi
  62
  63         for port in 80 5050 6385 ; do
  64         if ! sudo iptables -C INPUT -i $IRONIC_PROVISIONING_INTERFACE -p tcp -m tcp --dport $port -j ACCEPT > /dev/null 2>&1; then
  65                 sudo iptables -I INPUT -i $IRONIC_PROVISIONING_INTERFACE -p tcp -m tcp --dport $port -j ACCEPT
  66         fi
  67         done
  68
  69         # Allow ipmi to the bmc processes
  70         if ! sudo iptables -C INPUT -i $IRONIC_IPMI_INTERFACE -p udp -m udp --dport 6230:6235 -j ACCEPT 2>/dev/null ; then
  71         sudo iptables -I INPUT -i $IRONIC_IPMI_INTERFACE -p udp -m udp --dport 6230:6235 -j ACCEPT
  72         fi
  73
  74         #Allow access to dhcp and tftp server for pxeboot
  75         for port in 67 69 ; do
  76         if ! sudo iptables -C INPUT -i $IRONIC_PROVISIONING_INTERFACE -p udp --dport $port -j ACCEPT 2>/dev/null ; then
  77                 sudo iptables -I INPUT -i $IRONIC_PROVISIONING_INTERFACE -p udp --dport $port -j ACCEPT
  78         fi
  79         done
  80 }
  81
  82 function configure_ironic_offline() {
  83         if [ ! -d $CONTAINER_IMAGES_DIR ] && [ ! -d $BUILD_DIR ]; then
  84                 exit 1
  85         fi
  86
  87         for image in ironic-inspector-image ironic-image podman-pause \
  88                 baremetal-operator socat; do
  89                 if [ ! -f "$CONTAINER_IMAGES_DIR/$image" ]; then
  90                         exit 1
  91                 fi
  92         done
  93
  94         if [ ! -f "$BUILD_DIR/ironic-python-agent.initramfs"] && [ ! -f \
  95                 "$BUILD_DIR/ironic-python-agent.kernel" ] && [ ! -f
  96                 "$BUILD_DIR/$BM_IMAGE" ]; then
  97                 exit 1
  98         fi
  99
 100         podman load --input $CONTAINER_IMAGES_DIR/ironic-inspector-image.tar
 101         podman load --input $CONTAINER_IMAGES_DIR/ironic-image.tar
 102         podman load --input $CONTAINER_IMAGES_DIR/podman-pause.tar
 103
 104         docker load --input $CONTAINER_IMAGES_DIR/baremetal-operator.tar
 105         docker load --input $CONTAINER_IMAGES_DIR/socat.tar
 106
 107         mkdir -p "$IRONIC_DATA_DIR/html/images"
 108
 109         cp $BUILD_DIR/ironic-python-agent.initramfs $IRONIC_DATA_DIR/html/images/
 110         cp $BUILD_DIR/ironic-python-agent.kernel $IRONIC_DATA_DIR/html/images/
 111         cp $BUILD_DIR/$BM_IMAGE $IRONIC_DATA_DIR/html/images/
 112         md5sum $BUILD_DIR/$BM_IMAGE | awk '{print $1}' > $BUILD_DIR/${BM_IMAGE}.md5sum
 113 }
 114
 115 function configure_ironic() {
 116         if [ "$1" == "offline" ]; then
 117                 configure_ironic_offline
 118                 return
 119         fi
 120
 121         podman pull $IRONIC_IMAGE
 122         podman pull $IRONIC_INSPECTOR_IMAGE
 123
 124         mkdir -p "$IRONIC_DATA_DIR/html/images"
 125         pushd $IRONIC_DATA_DIR/html/images
 126
 127         if [ ! -f ironic-python-agent.initramfs ]; then
 128                 curl --insecure --compressed -L https://images.rdoproject.org/master/rdo_trunk/current-tripleo-rdo/ironic-python-agent.tar | tar -xf -
 129         fi
 130
 131         if [[ "$BM_IMAGE_URL" && "$BM_IMAGE" ]]; then
 132         curl -o ${BM_IMAGE} --insecure --compressed -O -L ${BM_IMAGE_URL}
 133         md5sum ${BM_IMAGE} | awk '{print $1}' > ${BM_IMAGE}.md5sum
 134         fi
 135         popd
 136 }
 137
 138 function configure() {
 139         configure_kubeadm $1
 140         configure_kubelet
 141         configure_ironic_interfaces
 142         configure_ironic $1
 143 }
 144
 145 if [ "$1" == "-o" ]; then
 146     configure offline
 147     exit 0
 148 fi
 149
 150 configure