diff options
author | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2017-08-01 22:18:41 +0200 |
---|---|---|
committer | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2017-08-17 02:59:30 +0200 |
commit | 5039d069265df15ed3d8e41f7a1c7f9457a9d58a (patch) | |
tree | 18a9160f72be9a01ef0008e3aa9912e18262057d /mcp/salt-formulas/maas | |
parent | 9720ddf955b76d678a08dc7ea53684400c659ce3 (diff) |
Bring in baremetal support
- ci/deploy.sh: fail if default scenario file is missing;
- start by copying reclass/classes/cluster/virtual-mcp-ocata-ovs as
classes/cluster/baremetal-mcp-ocata-ovs;
- add new state (maas) that will handle MaaS configuration;
- Split PXE network in two for baremetal:
* rename old "pxe" virtual network to "mcpcontrol", make it
non-configurable and identical for baremetal/virtual deploys;
* new "pxebr" bridge is dedicated for MaaS fabric network, which
comes with its own DHCP, TFTP etc.;
- Drop hardcoded PXE gateway & static IP for MaaS node, since
"mcpcontrol" remains a NAT-ed virtual network, with its own DHCP;
- Keep internet access available on first interfaces for cfg01/mas01;
- Align MaaS IP addrs (all x.y.z.3), add public IP for easy debug
via MaaS dashboard;
- Add static IP in new network segment (192.168.11.3/24) on MaaS
node's PXE interface;
- Set MaaS PXE interface MTU 1500 (weird network errors with jumbo);
- MaaS node: Add NAT iptables traffic forward from "mcpcontrol" to
"pxebr" interfaces;
- MaaS: Add harcoded lf-pod2 machine info (fixed identation in v6);
- Switch our targeted scenario to HA;
* scenario: s/os-nosdn-nofeature-noha/os-nosdn-nofeature-ha/
- maas region: Use mcp.rsa.pub from ~ubuntu/.ssh/authorized_keys;
- add route for 192.168.11.0/24 via mas01 on cfg01;
- fix race condition on kvm nodes network setup:
* add "noifupdown" support in salt formula for linux.network;
* keep primary eth/br-mgmt unconfigured till reboot;
TODO:
- Read all this info from PDF (Pod Descriptor File) later;
- investigate leftover references to eno2, eth3;
- add public network interfaces config, IPs;
- improve wait conditions for MaaS commision/deploy;
- report upstream breakage in system.single;
Change-Id: Ie8dd584b140991d2bd992acdfe47f5644bf51409
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Signed-off-by: Guillermo Herrero <Guillermo.Herrero@enea.com>
Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com>
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Diffstat (limited to 'mcp/salt-formulas/maas')
-rw-r--r-- | mcp/salt-formulas/maas/pxe_nat.sls | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/mcp/salt-formulas/maas/pxe_nat.sls b/mcp/salt-formulas/maas/pxe_nat.sls new file mode 100644 index 000000000..e70efaf9d --- /dev/null +++ b/mcp/salt-formulas/maas/pxe_nat.sls @@ -0,0 +1,30 @@ +net.ipv4.ip_forward: + sysctl.present: + - value: 1 + +iptables_pxe_nat: + iptables.append: + - table: nat + - chain: POSTROUTING + - jump: MASQUERADE + - destination: 0/0 + - source: {{ salt['pillar.get']('_param:single_address') }}/24 + - save: True + +iptables_pxe_source: + iptables.append: + - table: filter + - chain: INPUT + - jump: ACCEPT + - destination: 0/0 + - source: {{ salt['pillar.get']('_param:single_address') }}/24 + - save: True + +iptables_pxe_destination: + iptables.append: + - table: filter + - chain: INPUT + - jump: ACCEPT + - destination: {{ salt['pillar.get']('_param:single_address') }}/24 + - source: 0/0 + - save: True |