diff options
author | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-01-06 18:30:52 +0100 |
---|---|---|
committer | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-01-06 18:33:45 +0100 |
commit | f2a036df813ea9b428a64dc67a924955c9958f2a (patch) | |
tree | e81278fc915036616d94d29f433a637322111112 /mcp | |
parent | d3ab66fbc12a16b6d8dc4bf666b25f6b7eaca1d1 (diff) |
Revert "[baremetal] Retire mas01 NAT"
Although deploy works now without direct internet access on
the cluster nodes, testing suites seem to require it.
This reverts commit ed209426e895c7c323d253afd6276bb74df64da0.
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Change-Id: I35489e18fdd6a4ee6a270e42a3542e5a370bf819
Diffstat (limited to 'mcp')
-rwxr-xr-x | mcp/config/states/maas | 1 | ||||
-rw-r--r-- | mcp/salt-formulas/maas/pxe_nat.sls | 37 |
2 files changed, 38 insertions, 0 deletions
diff --git a/mcp/config/states/maas b/mcp/config/states/maas index 02afd2c6a..2062cbabb 100755 --- a/mcp/config/states/maas +++ b/mcp/config/states/maas @@ -68,6 +68,7 @@ fi # MaaS rack/region controller, node commissioning salt -C 'mas01*' state.apply linux,salt,openssh,ntp +salt -C 'mas01*' state.apply maas.pxe_nat salt -C 'mas01*' state.apply maas.cluster wait_for 10 "salt -C 'mas01*' state.apply maas.region" diff --git a/mcp/salt-formulas/maas/pxe_nat.sls b/mcp/salt-formulas/maas/pxe_nat.sls new file mode 100644 index 000000000..701bae07a --- /dev/null +++ b/mcp/salt-formulas/maas/pxe_nat.sls @@ -0,0 +1,37 @@ +############################################################################## +# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +net.ipv4.ip_forward: + sysctl.present: + - value: 1 + +iptables_pxe_nat: + iptables.append: + - table: nat + - chain: POSTROUTING + - jump: MASQUERADE + - destination: 0/0 + - source: {{ salt['pillar.get']('_param:single_address') }}/24 + - save: True + +iptables_pxe_source: + iptables.append: + - table: filter + - chain: INPUT + - jump: ACCEPT + - destination: 0/0 + - source: {{ salt['pillar.get']('_param:single_address') }}/24 + - save: True + +iptables_pxe_destination: + iptables.append: + - table: filter + - chain: INPUT + - jump: ACCEPT + - destination: {{ salt['pillar.get']('_param:single_address') }}/24 + - source: 0/0 + - save: True |