From b2ebcd65ca4125b960bac2a02f5bbd0bcdcfac76 Mon Sep 17 00:00:00 2001
From: Martin Kulhavy <martin.kulhavy@nokia.com>
Date: Mon, 28 Aug 2017 12:53:17 +0300
Subject: Add Nokia pod 1 deployment config and details

Change-Id: Iafc0172dea008611a3251ee8adfe56218e4c32b1
Signed-off-by: Martin Kulhavy <martin.kulhavy@nokia.com>
---
 .../installation/installation_baremetal.rst        |   6 +
 labconfig/nokia/pod1/diagram.png                   | Bin 0 -> 174065 bytes
 labconfig/nokia/pod1/jumphost_interfaces           |  43 ++++
 labconfig/nokia/pod1/labconfig.yaml                | 228 +++++++++++++++++++++
 labconfig/nokia/pod1/setup_ip_forwarding.sh        |  56 +++++
 5 files changed, 333 insertions(+)
 create mode 100644 labconfig/nokia/pod1/diagram.png
 create mode 100644 labconfig/nokia/pod1/jumphost_interfaces
 create mode 100644 labconfig/nokia/pod1/labconfig.yaml
 create mode 100644 labconfig/nokia/pod1/setup_ip_forwarding.sh

diff --git a/docs/release/installation/installation_baremetal.rst b/docs/release/installation/installation_baremetal.rst
index ff4e6e53..3b7d0ccc 100644
--- a/docs/release/installation/installation_baremetal.rst
+++ b/docs/release/installation/installation_baremetal.rst
@@ -87,6 +87,12 @@ Jumphost installation and configuration
         of VLAN tags, use the appropriate network on Jumphost depending on the
         VLAN ID on the interface.
 
+    .. note::
+        Both of the networks need to have Internet connectivity. If only one
+        of your interfaces has Internet access, you can setup IP forwarding.
+        For an example how to accomplish that, see the script in Nokia pod 1
+        deployment (``labconfig/nokia/pod1/setup_ip_forwarding.sh``).
+
 
 Configure JOID for your lab
 ---------------------------
diff --git a/labconfig/nokia/pod1/diagram.png b/labconfig/nokia/pod1/diagram.png
new file mode 100644
index 00000000..3365f9d6
Binary files /dev/null and b/labconfig/nokia/pod1/diagram.png differ
diff --git a/labconfig/nokia/pod1/jumphost_interfaces b/labconfig/nokia/pod1/jumphost_interfaces
new file mode 100644
index 00000000..347b31bf
--- /dev/null
+++ b/labconfig/nokia/pod1/jumphost_interfaces
@@ -0,0 +1,43 @@
+# jumphost:/etc/network/interfaces
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# Port P6 - access vlan 93
+iface ens255f0 inet manual
+auto brExt
+iface brExt inet static
+        bridge_ports ens255f0
+        address   10.21.19.100
+        gateway   10.21.19.97
+        network   10.21.19.96
+        broadcast 10.21.19.127
+        netmask   255.255.255.224
+        dns-nameservers 8.8.8.8
+
+# Port P5 - access vlan 92
+iface ens255f1 inet manual
+auto brAdmin
+iface brAdmin inet static
+        bridge_ports ens255f1
+        address   192.168.50.5
+        netmask   255.255.255.0
+
+# Port P4 - access vlan 1704
+iface ens4f0 inet manual
+auto brData
+iface brData inet static
+        bridge_ports ens4f0
+        address   192.168.40.5
+        netmask   255.255.255.0
+
+# Port P3 - access vlan 1703
+iface ens4f1 inet manual
+auto brStorage
+iface brStorage inet static
+        bridge_ports ens4f1
+        address   192.168.30.5
+        netmask   255.255.255.0
diff --git a/labconfig/nokia/pod1/labconfig.yaml b/labconfig/nokia/pod1/labconfig.yaml
new file mode 100644
index 00000000..32980be7
--- /dev/null
+++ b/labconfig/nokia/pod1/labconfig.yaml
@@ -0,0 +1,228 @@
+lab:
+  location: nokia
+  racks:
+  - rack: pod1
+    nodes:
+    - name: sedna-node00
+      architecture: x86_64
+      roles: [control,network]
+      nics:
+      - ifname: intf105
+        spaces: [admin]
+        mac: ['A8:1E:84:3A:6A:F9']
+      - ifname: intf106
+        spaces: [floating]
+        mac: ['A8:1E:84:3A:6A:F8']
+      - ifname: intf103
+        spaces: [storage]
+        mac: ['A8:1E:84:40:C3:23']
+      - ifname: intf104
+        spaces: [data]
+        mac: ['A8:1E:84:40:C3:22']
+      power: {type: ipmi, address: 10.21.19.69, user: admin, pass: admin}
+    - name: sedna-node01
+      architecture: x86_64
+      roles: [control,compute,storage]
+      nics:
+      - ifname: intf105
+        spaces: [admin]
+        mac: ['A8:1E:84:3A:6E:E3']
+      - ifname: intf106
+        spaces: [floating]
+        mac: ['A8:1E:84:3A:6E:E2']
+      - ifname: intf108
+        spaces: [storage]
+        mac: ['24:8A:07:A4:F8:2C']
+      - ifname: intf109
+        spaces: [data]
+        mac: ['24:8A:07:A4:F8:2D']
+      power: {type: ipmi, address: 10.21.19.70, user: admin, pass: admin}
+    - name: sedna-node02
+      architecture: x86_64
+      roles: [control,compute,storage]
+      nics:
+      - ifname: intf105
+        spaces: [admin]
+        mac: ['A8:1E:84:3A:70:03']
+      - ifname: intf106
+        spaces: [floating]
+        mac: ['A8:1E:84:3A:70:02']
+      - ifname: intf108
+        spaces: [storage]
+        mac: ['24:8A:07:A3:72:1C']
+      - ifname: intf109
+        spaces: [data]
+        mac: ['24:8A:07:A3:72:1D']
+      power: {type: ipmi, address: 10.21.19.71, user: admin, pass: admin}
+    - name: sedna-node03
+      roles: [storage,compute]
+      architecture: x86_64
+      nics:
+      - ifname: intf105
+        spaces: [admin]
+        mac: ['A8:1E:84:3A:6C:55']
+      - ifname: intf106
+        spaces: [floating]
+        mac: ['A8:1E:84:3A:6C:54']
+      - ifname: intf108
+        spaces: [storage]
+        mac: ['24:8A:07:A3:71:6C']
+      - ifname: intf109
+        spaces: [data]
+        mac: ['24:8A:07:A3:71:6D']
+      power: {type: ipmi, address: 10.21.19.72, user: admin, pass: admin}
+    - name: sedna-node04
+      roles: [storage,compute]
+      architecture: x86_64
+      nics:
+      - ifname: intf105
+        spaces: [admin]
+        mac: ['A8:1E:84:3A:6E:3B']
+      - ifname: intf106
+        spaces: [floating]
+        mac: ['A8:1E:84:3A:6E:3A']
+      - ifname: intf108
+        spaces: [storage]
+        mac: ['24:8A:07:A3:71:78']
+      - ifname: intf109
+        spaces: [data]
+        mac: ['24:8A:07:A3:71:79']
+      power: {type: ipmi, address: 10.21.19.73, user: admin, pass: admin}
+    - name: sedna-node05
+      roles: [storage,compute]
+      architecture: x86_64
+      nics:
+      - ifname: intf105
+        spaces: [admin]
+        mac: ['A8:1E:84:3A:71:B6']
+      - ifname: intf106
+        spaces: [floating]
+        mac: ['A8:1E:84:3A:71:B5']
+      - ifname: intf108
+        spaces: [storage]
+        mac: ['24:8A:07:A3:71:60']
+      - ifname: intf109
+        spaces: [data]
+        mac: ['24:8A:07:A3:71:61']
+      power: {type: ipmi, address: 10.21.19.74, user: admin, pass: admin}
+    - name: sedna-node06
+      roles: [storage,compute]
+      architecture: x86_64
+      nics:
+      - ifname: intf105
+        spaces: [admin]
+        mac: ['A8:1E:84:3A:6F:64']
+      - ifname: intf106
+        spaces: [floating]
+        mac: ['A8:1E:84:3A:6F:63']
+      - ifname: intf108
+        spaces: [storage]
+        mac: ['24:8A:07:A3:72:08']
+      - ifname: intf109
+        spaces: [data]
+        mac: ['24:8A:07:A3:72:09']
+      power: {type: ipmi, address: 10.21.19.75, user: admin, pass: admin}
+    - name: sedna-node07
+      roles: [storage,compute]
+      architecture: x86_64
+      nics:
+      - ifname: intf105
+        spaces: [admin]
+        mac: ['A8:1E:84:3A:6E:A7']
+      - ifname: intf106
+        spaces: [floating]
+        mac: ['A8:1E:84:3A:6E:A6']
+      - ifname: intf108
+        spaces: [storage]
+        mac: ['24:8A:07:A3:71:70']
+      - ifname: intf109
+        spaces: [data]
+        mac: ['24:8A:07:A3:71:71']
+      power: {type: ipmi, address: 10.21.19.76, user: admin, pass: admin}
+    - name: sedna-node08
+      roles: [storage,compute]
+      architecture: x86_64
+      nics:
+      - ifname: intf105
+        spaces: [admin]
+        mac: ['A8:1E:84:3A:6F:C1']
+      - ifname: intf106
+        spaces: [floating]
+        mac: ['A8:1E:84:3A:6F:C0']
+      - ifname: intf108
+        spaces: [storage]
+        mac: ['24:8A:07:A3:72:14']
+      - ifname: intf109
+        spaces: [data]
+        mac: ['24:8A:07:A3:72:15']
+      power: {type: ipmi, address: 10.21.19.77, user: admin, pass: admin}
+    - name: sedna-node09
+      roles: [storage,compute]
+      architecture: x86_64
+      nics:
+      - ifname: intf105
+        spaces: [admin]
+        mac: ['A8:1E:84:3A:71:B3']
+      - ifname: intf106
+        spaces: [floating]
+        mac: ['A8:1E:84:3A:71:B2']
+      - ifname: intf108
+        spaces: [storage]
+        mac: ['24:8A:07:A3:72:0C']
+      - ifname: intf109
+        spaces: [data]
+        mac: ['24:8A:07:A3:72:0D']
+      power: {type: ipmi, address: 10.21.19.78, user: admin, pass: admin}
+    - name: sedna-node10
+      roles: [storage,compute]
+      architecture: x86_64
+      nics:
+      - ifname: intf105
+        spaces: [admin]
+        mac: ['A8:1E:84:3A:6D:8D']
+      - ifname: intf106
+        spaces: [floating]
+        mac: ['A8:1E:84:3A:6D:8C']
+      - ifname: intf108
+        spaces: [storage]
+        mac: ['24:8A:07:A3:71:5C']
+      - ifname: intf109
+        spaces: [data]
+        mac: ['24:8A:07:A3:71:5D']
+      power: {type: ipmi, address: 10.21.19.79, user: admin, pass: admin}
+    floating-ip-range: 10.21.19.101,10.21.19.120,10.21.19.97,10.21.19.96/27
+    ext-port: intf106
+    dns: 8.8.8.8
+    osdomainname:
+opnfv:
+  release: d
+  distro: xenial
+  type: noha
+  openstack: ocata
+  sdncontroller:
+  - type: nosdn
+  storage:
+  - type: ceph
+    disk: /dev/sdb
+  feature: odl_l2
+  spaces:
+  - type: admin
+    bridge: brAdmin
+    cidr: 192.168.50.0/24
+    gateway: 192.168.50.5
+    vlan:
+  - type: floating
+    bridge: brExt
+    cidr: 10.21.19.96/27
+    gateway:
+    vlan:
+  - type: storage
+    bridge: brStorage
+    cidr: 192.168.30.0/24
+    gateway:
+    vlan:
+  - type: data
+    bridge: brData
+    cidr: 192.168.40.0/24
+    gateway:
+    vlan:
diff --git a/labconfig/nokia/pod1/setup_ip_forwarding.sh b/labconfig/nokia/pod1/setup_ip_forwarding.sh
new file mode 100644
index 00000000..1c703ece
--- /dev/null
+++ b/labconfig/nokia/pod1/setup_ip_forwarding.sh
@@ -0,0 +1,56 @@
+#!/bin/bash
+##############################################################################
+# Copyright (c) 2017 Nokia and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+#
+# Small tool to setup IP forwarding if you need Internet connectivity on both
+# bridges but only one of the interfaces actually has the outside connectivity.
+# Based on a script provided by Canonical
+#
+
+# Internal bridge
+internal="brAdmin"
+# External bridge with Internet connectivity
+external="brExt"
+
+set -ex
+
+if [ "$(id -u)" != "0" ]; then
+    echo "Must be run with sudo or by root"
+    exit 77
+fi
+
+# Enable IP forwarding and save for next boot
+echo 1 > /proc/sys/net/ipv4/ip_forward
+echo "net.ipv4.ip_forward=1" > /etc/sysctl.d/10-maas-ip-forward.conf
+sysctl --system
+
+# Note that this script assumes no existing iptables rules.
+# If you do have any, they will be deleted.
+iptables -v --flush
+iptables -v --table nat --flush
+iptables -v --delete-chain
+iptables -v --table nat --delete-chain
+
+# Some things use the MAAS proxy - some things don't. So turn on NAT.
+echo "Setting up ip forwarding"
+iptables -v -t nat -A POSTROUTING -o $external -j MASQUERADE
+iptables -v -A FORWARD -i $external -o $internal -m state --state RELATED,ESTABLISHED -j ACCEPT
+iptables -v -A FORWARD -i $internal -o $external -j ACCEPT
+
+# Make the rules persistent (otherwise it's reset after next boot)
+apt-get install netfilter-persistent
+
+# sudo is needed here even when the script is called with sudo,
+# otherwise the output is empty
+mkdir -p /etc/iptables
+sudo iptables-save > /etc/iptables/rules.v4
+echo "Saved iptables rules:"
+cat /etc/iptables/rules.v4
+
+service netfilter-persistent restart
-- 
cgit 1.2.3-korg