diff options
author | bob <bob.zh@huawei.com> | 2016-01-14 17:42:49 +0800 |
---|---|---|
committer | Tim Rozet <trozet@redhat.com> | 2016-01-16 13:54:33 +0000 |
commit | 2a937932642f3e8288d338c6fa4a2b6a7a5defc2 (patch) | |
tree | 282315deee2f3c6e4281c95cdbf7375fa7b46873 /lib/common-functions.sh | |
parent | 8ef0ef042523f16c169dbd63a3a5f24d10f836f3 (diff) |
add step to execute gw_mac_update.sh after apex deployed
Change-Id: I47c316e26ff8e597c781562645397335e8c5bd70
Signed-off-by: bob zhou <bob.zh@huawei.com>
Signed-off-by: Tim Rozet <trozet@redhat.com>
Diffstat (limited to 'lib/common-functions.sh')
-rw-r--r-- | lib/common-functions.sh | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/lib/common-functions.sh b/lib/common-functions.sh index edf06cff..1e55aa18 100644 --- a/lib/common-functions.sh +++ b/lib/common-functions.sh @@ -504,3 +504,23 @@ PEERDNS=no" > ${net_path}/ifcfg-${line} sudo systemctl restart network } + +# Update iptables rule for external network reach internet +# for virtual deployments +# params: external_cidr +function configure_undercloud_nat { + local external_cidr + if [[ -z "$1" ]]; then + return 1 + else + external_cidr=$1 + fi + + ssh -T ${SSH_OPTIONS[@]} "root@$UNDERCLOUD" <<EOI +iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE +iptables -t nat -A POSTROUTING -s ${external_cidr} -o eth0 -j MASQUERADE +iptables -A FORWARD -i eth2 -j ACCEPT +iptables -A FORWARD -s ${external_cidr} -m state --state ESTABLISHED,RELATED -j ACCEPT +service iptables save +EOI +} |