4 LIBDIR="$(dirname "$PWD")"
6 source $LIBDIR/lib/logging.sh
7 source $LIBDIR/lib/common.sh
9 if [[ $EUID -ne 0 ]]; then
10 echo "confgiure script must be run as root"
14 function check_interface_ip {
18 ip addr show dev $interface
23 local ipv4address=$(ip addr show dev $interface | awk '$1 == "inet" { sub("/.*", "", $2); print $2 }')
24 if [ "$ipv4address" != "$ipaddr" ]; then
29 function configure_ironic_bridge {
30 ip link add dev provisioning type bridge
31 ip link set provisioning up
32 ip link set dev $IRONIC_INTERFACE master provisioning
33 ip addr add dev provisioning 172.22.0.1/24
36 function configure_ironic_interfaces {
37 # Add firewall rules to ensure the IPA ramdisk can reach httpd, Ironic and the Inspector API on the host
38 if [ "$IRONIC_PROVISIONING_INTERFACE" ]; then
39 check_interface_ip $IRONIC_PROVISIONING_INTERFACE $IRONIC_PROVISIONING_INTERFACE_IP
44 if [ "$IRONIC_IPMI_INTERFACE" ]; then
45 check_interface_ip $IRONIC_IPMI_INTERFACE $IRONIC_IPMI_INTERFACE_IP
50 for port in 80 5050 6385 ; do
51 if ! sudo iptables -C INPUT -i $IRONIC_PROVISIONING_INTERFACE -p tcp -m tcp --dport $port -j ACCEPT > /dev/null 2>&1; then
52 sudo iptables -I INPUT -i $IRONIC_PROVISIONING_INTERFACE -p tcp -m tcp --dport $port -j ACCEPT
56 # Allow ipmi to the bmc processes
57 if ! sudo iptables -C INPUT -i $IRONIC_IPMI_INTERFACE -p udp -m udp --dport 6230:6235 -j ACCEPT 2>/dev/null ; then
58 sudo iptables -I INPUT -i $IRONIC_IPMI_INTERFACE -p udp -m udp --dport 6230:6235 -j ACCEPT
61 #Allow access to dhcp and tftp server for pxeboot
62 for port in 67 69 ; do
63 if ! sudo iptables -C INPUT -i $IRONIC_PROVISIONING_INTERFACE -p udp --dport $port -j ACCEPT 2>/dev/null ; then
64 sudo iptables -I INPUT -i $IRONIC_PROVISIONING_INTERFACE -p udp --dport $port -j ACCEPT
69 function configure_ironic {
70 for name in ironic ironic-inspector dnsmasq httpd mariadb ipa-downloader; do
72 grep -w "$name$" && sudo docker kill "$name"
73 sudo docker ps --all | \
74 grep -w "$name$" && sudo docker rm "$name" -f
76 rm -rf "$IRONIC_DATA_DIR"
78 docker pull $IRONIC_IMAGE
79 docker pull $IRONIC_INSPECTOR_IMAGE
80 docker pull $IPA_DOWNLOADER_IMAGE
82 mkdir -p "$IRONIC_DATA_DIR/html/images"
83 pushd $IRONIC_DATA_DIR/html/images
85 if [[ "$BM_IMAGE_URL" && "$BM_IMAGE" ]]; then
86 curl -o ${BM_IMAGE} --insecure --compressed -O -L ${BM_IMAGE_URL}
87 md5sum ${BM_IMAGE} | awk '{print $1}' > ${BM_IMAGE}.md5sum
94 configure_ironic_bridge
95 configure_ironic_interfaces