X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=site%2Fsite30%2Fbaremetal%2Fcalico-ip-rules.yaml;fp=site%2Fsite30%2Fbaremetal%2Fcalico-ip-rules.yaml;h=0000000000000000000000000000000000000000;hb=8e1d108f64f06572790ee4db71bc1d9dd32e82da;hp=1ad67ab2668ced6813c2abbbce4529fe40b513cd;hpb=d743ec6c91f97cc9f5b944a8d0a609883440b14e;p=yaml_builds.git diff --git a/site/site30/baremetal/calico-ip-rules.yaml b/site/site30/baremetal/calico-ip-rules.yaml deleted file mode 100644 index 1ad67ab..0000000 --- a/site/site30/baremetal/calico-ip-rules.yaml +++ /dev/null @@ -1,164 +0,0 @@ ---- -############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: calico-ip-rules - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: site - labels: - application: 'drydock' - substitutions: - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .assets[0].data - pattern: DH_SUB_POD_CIDR -data: - signaling: false - assets: - - path: /etc/systemd/system/configure-ip-rules.service - type: unit - permissions: '444' - data: |- - [Unit] - Description=IP Rules Initialization Service - After=network-online.target local-fs.target - - [Service] - Type=simple - #ExecStart=/opt/configure-ip-rules.sh -i bond1.2406 -c DH_SUB_POD_CIDR -o 10.34.0.0/15 -s 135.21.157.32/29 - #ExecStart=/opt/configure-ip-rules.sh -i bond0.44 -c DH_SUB_POD_CIDR -o 10.99.0.0/16 -s 172.29.1.0/24 - ExecStart=/opt/configure-ip-rules.sh -g 172.29.1.1 -c 10.99.0.0/16 -s 172.29.1.136/29 - - - - [Install] - WantedBy=multi-user.target - data_pipeline: - - utf8_decode - - path: /opt/configure-ip-rules.sh - type: file - permissions: '700' - data_pipeline: - - utf8_decode - data: |- - #!/bin/bash - set -ex - - function usage() { - cat <&2 - exit 1 - ;; - :) - echo "Missing argument for option: -${OPTARG}" >&2 - exit 1 - ;; - *) - echo "Unimplemented option: -${OPTARG}" >&2 - exit 1 - ;; - esac - done - shift $((OPTIND-1)) - - if [ "x$POD_CIDR" == "x" ]; then - echo "Missing pod CIDR, e.g -c 10.97.0.0/16" >&2 - usage - exit 1 - fi - - if [ "x$INTERFACE" == "x" ]; then - echo "Missing interface, e.g. -i bond1.2006" >&2 - usage - exit 1 - fi - - while ! ip route list dev "${INTERFACE}" > /dev/null; do - echo Waiting for device "${INTERFACE}" to be ready. >&2 - sleep 5 - done - - intra_vrrp_ip=$(ip route list dev "${INTERFACE}" | awk '($2~/via/){print $3}' | head -n 1) - - TABLE="1500" - - # Setup a routing table for traffic from service IPs - ip route flush table "${TABLE}" - ip route add default via "${intra_vrrp_ip}" table "${TABLE}" - - if [ "x$OVERLAP_CIDR" != "x" ]; then - # NOTE(mb874d): This is a work-around for nodes not receiving complete - # routes via BGP. It may also be required for brownfield large sites. - ip route add "${OVERLAP_CIDR}" via "${intra_vrrp_ip}" - fi - - if [ "x$SERVICE_CIDR" != "x" ]; then - # Traffic from the service IPs to pods should use the pod network. - ip rule add \ - from "${SERVICE_CIDR}" \ - to "${POD_CIDR}" \ - lookup main \ - pref 10000 - # Other traffic from service IPs should only use the VRRP IP - ip rule add \ - from "${SERVICE_CIDR}" \ - lookup "${TABLE}" \ - pref 10100 - fi -...