X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=deploy%2Fironic%2Fironic.sh;h=88fb4cd4cbf634a190fb3610d1e9d3b87bafa546;hb=50b3ce56a980a97e69762fc2b4341f6fffe4df73;hp=8f46c8ce11e872cb4ad4c5ea48234a831d7be568;hpb=e8e841bbb47563c12591580b743a9738b740fc81;p=icn.git diff --git a/deploy/ironic/ironic.sh b/deploy/ironic/ironic.sh index 8f46c8c..88fb4cd 100755 --- a/deploy/ironic/ironic.sh +++ b/deploy/ironic/ironic.sh @@ -14,6 +14,65 @@ function err_exit { kubectl get all -n ${NAMEPREFIX}-system } +function check_interface_ip { + local -r interface=$1 + local -r ipaddr=$2 + + ip addr show dev ${interface} + if [[ $? -ne 0 ]]; then + exit 1 + fi + + local -r ipv4address=$(ip addr show dev ${interface} | awk '$1 == "inet" { sub("/.*", "", $2); print $2 }') + if [[ "$ipv4address" != "$ipaddr" ]]; then + exit 1 + fi +} + +function configure_ironic_bridge { + if [[ ! $(ip link show dev provisioning) ]]; then + ip link add dev provisioning type bridge + fi + ip link set provisioning up + ip link set dev ${IRONIC_INTERFACE} master provisioning + if [[ ! $(ip addr show dev provisioning to 172.22.0.1) ]]; then + ip addr add dev provisioning 172.22.0.1/24 + fi +} + +function configure_ironic_interfaces { + # Add firewall rules to ensure the IPA ramdisk can reach httpd, + # Ironic and the Inspector API on the host + if [ "${IRONIC_PROVISIONING_INTERFACE}" ]; then + check_interface_ip ${IRONIC_PROVISIONING_INTERFACE} ${IRONIC_PROVISIONING_INTERFACE_IP} + else + exit 1 + fi + + for port in 80 5050 6385 ; do + if ! sudo iptables -C INPUT -i ${IRONIC_PROVISIONING_INTERFACE} -p tcp -m tcp --dport ${port} -j ACCEPT > /dev/null 2>&1; then + sudo iptables -I INPUT -i ${IRONIC_PROVISIONING_INTERFACE} -p tcp -m tcp --dport ${port} -j ACCEPT + fi + done + + # Allow access to dhcp and tftp server for pxeboot + for port in 67 69 ; do + if ! sudo iptables -C INPUT -i ${IRONIC_PROVISIONING_INTERFACE} -p udp --dport ${port} -j ACCEPT 2>/dev/null ; then + sudo iptables -I INPUT -i ${IRONIC_PROVISIONING_INTERFACE} -p udp --dport ${port} -j ACCEPT + fi + done +} + +function deploy_bridge { + configure_ironic_bridge + configure_ironic_interfaces +} + +function clean_bridge { + ip link set provisioning down || true + ip link del provisioning type bridge || true +} + # This may be used to update the in-place Ironic YAML files from the # upstream project. We cannot use the upstream sources directly as # they require an envsubst step before kustomize build. @@ -26,6 +85,7 @@ function build_source { mkdir -p $(dirname ${dst}) envsubst <${src} >${dst} done + sed -i -e '/name: quay.io\/metal3-io\/ironic/{n;s/newTag:.*/newTag: '"${BMO_VERSION}"'/;}' ${SCRIPTDIR}/icn/kustomization.yaml } function deploy { @@ -36,19 +96,24 @@ function deploy { function clean { kustomize build ${SCRIPTDIR}/icn | kubectl delete -f - + rm -rf ${IRONIC_DATA_DIR} } case $1 in "build-source") build_source ;; "clean") clean ;; + "clean-bridge") clean_bridge ;; "deploy") deploy ;; + "deploy-bridge") deploy_bridge ;; *) cat <