Rework networking setup for external routers
External routers (vmx/vsrx) are now connected with accessible router
by 2 networks:
- external control network needed to provide access to
external router via floating ip address.
- external data network is used for mpls/gre tunnels and other
traffic.
Also added separate network for MetalLb, and is routed via infra
router.
Related-Prod: https://mirantis.jira.com/browse/PRODX-48892
Change-Id: I53d922b3a37f55453b0fc7031f835f50ca2a1a12
diff --git a/de/heat-templates/scripts/functions.sh b/de/heat-templates/scripts/functions.sh
index 18e4eaf..104a442 100644
--- a/de/heat-templates/scripts/functions.sh
+++ b/de/heat-templates/scripts/functions.sh
@@ -9,6 +9,7 @@
declare -r -g _FUNCTIONS_SCRIPT=1
PUBLIC_INTERFACE_NETMASK=$(echo ${PUBLIC_INTERFACE_CIDR} | cut -d'/' -f2)
+EXTERNAL_SERVICES_INTERFACE_NETMASK=$(echo ${EXTERNAL_SEVICES_INTERFACE_CIDR} | cut -d'/' -f2)
STORAGE_BACKEND_NETWORK_NETMASK=$(echo ${STORAGE_BACKEND_NETWORK} | cut -d'/' -f2)
STORAGE_FRONTEND_NETWORK_NETMASK=$(echo ${STORAGE_FRONTEND_NETWORK} | cut -d'/' -f2)
IRONIC_BAREMETAL_INTERFACE_IP=${IRONIC_BAREMETAL_INTERFACE_IP:-$ironic_baremetal_interface_ip}
@@ -741,6 +742,11 @@
sed -i "$((${public_address_match_ip_line}-1)),$((${public_address_match_ip_line}))d" ${cloud_netplan_cfg}
fi
+external_services_address_match_ip_line=$(grep -nm1 "${EXTERNAL_SEVICES_INTERFACE_IP}/${EXTERNAL_SEVICES_INTERFACE_NETMASK}" ${cloud_netplan_cfg} | cut -d: -f1)
+if [ -n "${external_services_address_match_ip_line}" ] ; then
+ sed -i "$((${external_services_address_match_ip_line}-1)),$((${external_services_address_match_ip_line}))d" ${cloud_netplan_cfg}
+fi
+
cat << EOF >> ${cloud_netplan_cfg}
bridges:
br-public:
@@ -749,19 +755,19 @@
- ${PUBLIC_INTERFACE}
- veth-br
EOF
-if [[ ${NODE_METADATA} == *"tempest"* ]] || [[ "${TUNGSTENFABRIC_ENABLED,,}" == true ]]; then
+if [[ "${TUNGSTENFABRIC_ENABLED,,}" != true ]]; then
+ if [[ ${NODE_METADATA} == *"tempest"* ]]; then
cat << EOF >> ${cloud_netplan_cfg}
addresses:
- ${PUBLIC_NODE_IP_ADDRESS}/${PUBLIC_NODE_IP_NETMASK}
EOF
-fi
-if [[ ${NODE_METADATA} == *"tempest"* ]]; then
# Assign more ips for neutron dynamic routing PRODX-31417
- for i in {71..76}; do
+ for i in {71..76}; do
cat << EOF >> ${cloud_netplan_cfg}
- ${PUBLIC_NODE_IP_ADDRESS%.*}.${i}/${PUBLIC_NODE_IP_NETMASK}
EOF
- done
+ done
+ fi
fi
# Remove Tunnel interface from netplan
diff --git a/de/heat-templates/scripts/launch.sh b/de/heat-templates/scripts/launch.sh
index 21bd205..ef03877 100644
--- a/de/heat-templates/scripts/launch.sh
+++ b/de/heat-templates/scripts/launch.sh
@@ -15,6 +15,8 @@
PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-$private_floating_interface}
PUBLIC_INTERFACE_IP=${PUBLIC_INTERFACE_IP:-$private_floating_interface_ip}
PUBLIC_INTERFACE_CIDR=${PUBLIC_INTERFACE_CIDR:-$private_floating_network_cidr}
+EXTERNAL_SEVICES_INTERFACE_IP=${EXTERNAL_SEVICES_INTERFACE_IP:-$external_services_interface_ip}
+EXTERNAL_SEVICES_INTERFACE_CIDR=${EXTERNAL_SEVICES_INTERFACE_CIDR:-$external_services_network_cidr}
DEFAULT_INTERFACE=${DEFAULT_INTERFACE:-$default_interface}
STORAGE_BACKEND_INTERFACE=${STORAGE_BACKEND_INTERFACE:-$storage_backend_interface}
STORAGE_BACKEND_INTERFACE_IP=${STORAGE_BACKEND_INTERFACE_IP:-$storage_backend_network_interface_ip}