X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=site_type%2Fovsdpdk%2Ftemplates%2Fbaremetal%2Fcalico-ip-rules.j2;fp=site_type%2Fovsdpdk%2Ftemplates%2Fbaremetal%2Fcalico-ip-rules.j2;h=0000000000000000000000000000000000000000;hb=d0a8cc561d32ce83499a52d9893482124bfa2871;hp=328a1b6492ae6b22bfb64b9907b427fe6f2e7e2d;hpb=267230d53447c489d10905f260f503f2e71d414f;p=yaml_builds.git diff --git a/site_type/ovsdpdk/templates/baremetal/calico-ip-rules.j2 b/site_type/ovsdpdk/templates/baremetal/calico-ip-rules.j2 deleted file mode 100644 index 328a1b6..0000000 --- a/site_type/ovsdpdk/templates/baremetal/calico-ip-rules.j2 +++ /dev/null @@ -1,160 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: calico-ip-rules - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: site - labels: - application: 'drydock' - substitutions: - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .assets[0].data - pattern: DH_SUB_POD_CIDR -data: - signaling: false - assets: - - path: /etc/systemd/system/configure-ip-rules.service - type: unit - permissions: '444' - data: |- - [Unit] - Description=IP Rules Initialization Service - After=network-online.target local-fs.target - - [Service] - Type=simple - ExecStart=/opt/configure-ip-rules.sh -g {{yaml.networks.ksn.vrrp_ip}} -c {{yaml.kubernetes.pod_cidr}} -s {{yaml.networks.ksn.additional_cidrs | first}} - - [Install] - WantedBy=multi-user.target - data_pipeline: - - utf8_decode - - path: /opt/configure-ip-rules.sh - type: file - permissions: '700' - data_pipeline: - - utf8_decode - data: |- - #!/bin/bash - set -ex - - function usage() { - cat <&2 - exit 1 - ;; - :) - echo "Missing argument for option: -${OPTARG}" >&2 - exit 1 - ;; - *) - echo "Unimplemented option: -${OPTARG}" >&2 - exit 1 - ;; - esac - done - shift $((OPTIND-1)) - - if [ "x$POD_CIDR" == "x" ]; then - echo "Missing pod CIDR, e.g -c {{yaml.kubernetes.pod_cidr}}" >&2 - usage - exit 1 - fi - - if [ "x$INTERFACE" == "x" ]; then - echo "Missing interface, e.g. -i bond1.2006" >&2 - usage - exit 1 - fi - - while ! ip route list dev "${INTERFACE}" > /dev/null; do - echo Waiting for device "${INTERFACE}" to be ready. >&2 - sleep 5 - done - - intra_vrrp_ip=$(ip route list dev "${INTERFACE}" | awk '($2~/via/){print $3}' | head -n 1) - - TABLE="1500" - - # Setup a routing table for traffic from service IPs - ip route flush table "${TABLE}" - ip route add default via "${intra_vrrp_ip}" table "${TABLE}" - - if [ "x$OVERLAP_CIDR" != "x" ]; then - # NOTE(mb874d): This is a work-around for nodes not receiving complete - # routes via BGP. It may also be required for brownfield large sites. - ip route add "${OVERLAP_CIDR}" via "${intra_vrrp_ip}" - fi - - if [ "x$SERVICE_CIDR" != "x" ]; then - # Traffic from the service IPs to pods should use the pod network. - ip rule add \ - from "${SERVICE_CIDR}" \ - to "${POD_CIDR}" \ - lookup main \ - pref 10000 - # Other traffic from service IPs should only use the VRRP IP - ip rule add \ - from "${SERVICE_CIDR}" \ - lookup "${TABLE}" \ - pref 10100 - fi -...