4 LIBDIR="$(dirname "$PWD")"
6 source $LIBDIR/lib/logging.sh
7 source $LIBDIR/lib/common.sh
9 if [[ $EUID -ne 0 ]]; then
10 echo "confgiure script must be run as root"
14 function check_interface_ip {
18 ip addr show dev $interface
23 local ipv4address=$(ip addr show dev $interface | awk '$1 == "inet" { sub("/.*", "", $2); print $2 }')
24 if [ "$ipv4address" != "$ipaddr" ]; then
29 function configure_dhcp_bridge {
32 brctl addif dhcp0 $BS_DHCP_INTERFACE
33 ip addr add dev dhcp0 $BS_DHCP_INTERFACE_IP
36 function configure_ironic_bridge {
37 brctl addbr provisioning
38 ip link set provisioning up
39 brctl addif provisioning $IRONIC_INTERFACE
40 ip addr add dev provisioning 172.22.0.1/24
43 function configure_kubelet {
45 #Todo addition kubelet configuration
48 function configure_kubeadm {
50 if [ "$1" == "offline" ]; then
51 for images in kube-apiserver kube-controller-manager kube-scheduler kube-proxy; do
52 docker load --input $CONTAINER_IMAGES_DIR/$images.tar;
55 docker load --input $CONTAINER_IMAGES_DIR/pause.tar
56 docker load --input $CONTAINER_IMAGES_DIR/etcd.tar
57 docker load --input $CONTAINER_IMAGES_DIR/coredns.tar
60 kubeadm config images pull --kubernetes-version=$KUBE_VERSION
63 function configure_ironic_interfaces {
64 #Todo later to change the CNI networking for podman networking
65 # Add firewall rules to ensure the IPA ramdisk can reach httpd, Ironic and the Inspector API on the host
66 if [ "$IRONIC_PROVISIONING_INTERFACE" ]; then
67 check_interface_ip $IRONIC_PROVISIONING_INTERFACE $IRONIC_PROVISIONING_INTERFACE_IP
72 if [ "$IRONIC_IPMI_INTERFACE" ]; then
73 check_interface_ip $IRONIC_IPMI_INTERFACE $IRONIC_IPMI_INTERFACE_IP
78 for port in 80 5050 6385 ; do
79 if ! sudo iptables -C INPUT -i $IRONIC_PROVISIONING_INTERFACE -p tcp -m tcp --dport $port -j ACCEPT > /dev/null 2>&1; then
80 sudo iptables -I INPUT -i $IRONIC_PROVISIONING_INTERFACE -p tcp -m tcp --dport $port -j ACCEPT
84 # Allow ipmi to the bmc processes
85 if ! sudo iptables -C INPUT -i $IRONIC_IPMI_INTERFACE -p udp -m udp --dport 6230:6235 -j ACCEPT 2>/dev/null ; then
86 sudo iptables -I INPUT -i $IRONIC_IPMI_INTERFACE -p udp -m udp --dport 6230:6235 -j ACCEPT
89 #Allow access to dhcp and tftp server for pxeboot
90 for port in 67 69 ; do
91 if ! sudo iptables -C INPUT -i $IRONIC_PROVISIONING_INTERFACE -p udp --dport $port -j ACCEPT 2>/dev/null ; then
92 sudo iptables -I INPUT -i $IRONIC_PROVISIONING_INTERFACE -p udp --dport $port -j ACCEPT
97 function configure_ironic_offline {
98 if [ ! -d $CONTAINER_IMAGES_DIR ] && [ ! -d $BUILD_DIR ]; then
102 for image in ironic-inspector-image ironic-image podman-pause \
103 baremetal-operator socat; do
104 if [ ! -f "$CONTAINER_IMAGES_DIR/$image" ]; then
109 if [ ! -f "$BUILD_DIR/ironic-python-agent.initramfs"] && [ ! -f \
110 "$BUILD_DIR/ironic-python-agent.kernel" ] && [ ! -f
111 "$BUILD_DIR/$BM_IMAGE" ]; then
115 podman load --input $CONTAINER_IMAGES_DIR/ironic-inspector-image.tar
116 podman load --input $CONTAINER_IMAGES_DIR/ironic-image.tar
117 podman load --input $CONTAINER_IMAGES_DIR/podman-pause.tar
119 docker load --input $CONTAINER_IMAGES_DIR/baremetal-operator.tar
120 docker load --input $CONTAINER_IMAGES_DIR/socat.tar
122 mkdir -p "$IRONIC_DATA_DIR/html/images"
124 cp $BUILD_DIR/ironic-python-agent.initramfs $IRONIC_DATA_DIR/html/images/
125 cp $BUILD_DIR/ironic-python-agent.kernel $IRONIC_DATA_DIR/html/images/
126 cp $BUILD_DIR/$BM_IMAGE $IRONIC_DATA_DIR/html/images/
127 md5sum $BUILD_DIR/$BM_IMAGE | awk '{print $1}' > $BUILD_DIR/${BM_IMAGE}.md5sum
130 function configure_ironic {
131 if [ "$1" == "offline" ]; then
132 configure_ironic_offline
136 for name in ironic ironic-inspector dnsmasq httpd mariadb ipa-downloader; do
138 grep -w "$name$" && sudo docker kill "$name"
139 sudo docker ps --all | \
140 grep -w "$name$" && sudo docker rm "$name" -f
142 rm -rf "$IRONIC_DATA_DIR"
144 docker pull $IRONIC_IMAGE
145 docker pull $IRONIC_INSPECTOR_IMAGE
146 docker pull $IPA_DOWNLOADER_IMAGE
148 mkdir -p "$IRONIC_DATA_DIR/html/images"
149 pushd $IRONIC_DATA_DIR/html/images
151 if [[ "$BM_IMAGE_URL" && "$BM_IMAGE" ]]; then
152 curl -o ${BM_IMAGE} --insecure --compressed -O -L ${BM_IMAGE_URL}
153 md5sum ${BM_IMAGE} | awk '{print $1}' > ${BM_IMAGE}.md5sum
159 #Kubeadm usage deprecated for v1.0.0 release
160 #configure_kubeadm $1
163 configure_dhcp_bridge
164 configure_ironic_bridge
165 configure_ironic_interfaces
168 if [ "$#" -eq 0 ]; then
170 elif [ "$1" == "-o" ]; then