X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=site%2Fdellgen10%2Fbaremetal%2Fcalico-ip-rules.yaml;fp=site%2Fdellgen10%2Fbaremetal%2Fcalico-ip-rules.yaml;h=0000000000000000000000000000000000000000;hb=f75a047e5d98eea7d43cfbe6ade55ce2e2e0f3a9;hp=022b17c9da81bb716f7c9794b8937f8edcda6d3a;hpb=0a2885e1506c60df0e39d1681657661bacd39670;p=yaml_builds.git diff --git a/site/dellgen10/baremetal/calico-ip-rules.yaml b/site/dellgen10/baremetal/calico-ip-rules.yaml deleted file mode 100644 index 022b17c..0000000 --- a/site/dellgen10/baremetal/calico-ip-rules.yaml +++ /dev/null @@ -1,160 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: calico-ip-rules - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: site - labels: - application: 'drydock' - substitutions: - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .assets[0].data - pattern: DH_SUB_POD_CIDR -data: - signaling: false - assets: - - path: /etc/systemd/system/configure-ip-rules.service - type: unit - permissions: '444' - data: |- - [Unit] - Description=IP Rules Initialization Service - After=network-online.target local-fs.target - - [Service] - Type=simple - ExecStart=/opt/configure-ip-rules.sh -g 172.29.1.1 -c 10.98.0.0/16 -s 172.29.1.128/29 - - [Install] - WantedBy=multi-user.target - data_pipeline: - - utf8_decode - - path: /opt/configure-ip-rules.sh - type: file - permissions: '700' - data_pipeline: - - utf8_decode - data: |- - #!/bin/bash - set -ex - - function usage() { - cat <&2 - exit 1 - ;; - :) - echo "Missing argument for option: -${OPTARG}" >&2 - exit 1 - ;; - *) - echo "Unimplemented option: -${OPTARG}" >&2 - exit 1 - ;; - esac - done - shift $((OPTIND-1)) - - if [ "x$POD_CIDR" == "x" ]; then - echo "Missing pod CIDR, e.g -c 10.98.0.0/16" >&2 - usage - exit 1 - fi - - if [ "x$INTERFACE" == "x" ]; then - echo "Missing interface, e.g. -i bond1.2006" >&2 - usage - exit 1 - fi - - while ! ip route list dev "${INTERFACE}" > /dev/null; do - echo Waiting for device "${INTERFACE}" to be ready. >&2 - sleep 5 - done - - intra_vrrp_ip=$(ip route list dev "${INTERFACE}" | awk '($2~/via/){print $3}' | head -n 1) - - TABLE="1500" - - # Setup a routing table for traffic from service IPs - ip route flush table "${TABLE}" - ip route add default via "${intra_vrrp_ip}" table "${TABLE}" - - if [ "x$OVERLAP_CIDR" != "x" ]; then - # NOTE(mb874d): This is a work-around for nodes not receiving complete - # routes via BGP. It may also be required for brownfield large sites. - ip route add "${OVERLAP_CIDR}" via "${intra_vrrp_ip}" - fi - - if [ "x$SERVICE_CIDR" != "x" ]; then - # Traffic from the service IPs to pods should use the pod network. - ip rule add \ - from "${SERVICE_CIDR}" \ - to "${POD_CIDR}" \ - lookup main \ - pref 10000 - # Other traffic from service IPs should only use the VRRP IP - ip rule add \ - from "${SERVICE_CIDR}" \ - lookup "${TABLE}" \ - pref 10100 - fi -...