Route private floating and storage frontend network through router
In case with manila we need access from vms floating networks
to storage frontend network. To simplify networks setup it was decided
to remove floating network ips from nodes and route floating network
through neutron router.
In case of tungstenfabric private floating interface is not added
to router, and extra routes are used as before.
Also added restart for systemd-resolved in frr (looks like
bug not related to this patch)
Change-Id: I6b7750be221bf6e8ab681fff57b150405881331b
Related-Prod: https://mirantis.jira.com/browse/PRODX-47207
diff --git a/de/heat-templates/scripts/functions.sh b/de/heat-templates/scripts/functions.sh
index f3d5e39..4073b15 100644
--- a/de/heat-templates/scripts/functions.sh
+++ b/de/heat-templates/scripts/functions.sh
@@ -18,7 +18,6 @@
TUNNEL_INTERFACE=$(ip -o addr show |grep -w ${TUNNEL_INTERFACE_IP}/${TUNNEL_INTERFACE_NETWORK_NETMASK} | awk '{print $2}')
IRONIC_BAREMETAL_NETWORK_PREFIX=$(sed 's/[0-9]*\/[0-9]*$//' <<< $IRONIC_BAREMETAL_NETWORK)
IRONIC_BAREMETAL_TUNNEL_NETWORK_PREFIX=$(sed 's/[0-9]*\/[0-9]*$//' <<< $IRONIC_BAREMETAL_TUNNEL_NETWORK)
-STORAGE_FRONTEND_NETWORK_NETMASK=$(echo ${STORAGE_FRONTEND_NETWORK} | cut -d'/' -f2)
DOCKER_DEFAULT_ADDRESS_POOL=${DOCKER_DEFAULT_ADDRESS_POOL:-10.10.1.0/16}
# DOCKER_DEFAULT_ADDRESS_SIZE have to be less then netmask in DOCKER_DEFAULT_ADDRESS_POOL because
# to the fact that actual netmask for docker_gwbridge is given from it
@@ -56,7 +55,6 @@
OS_CODENAME=$(lsb_release -c -s)
NODE_DEPLOYMENT_RETRIES=${NODE_DEPLOYMENT_RETRIES:-15}
FLOATING_NETWORK_PREFIXES=${FLOATING_NETWORK_PREFIXES:-10.11.12.0/24}
-PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-ens4}
UCP_MASTER_HOST=${UCP_MASTER_HOST:-${CONTROL_IP_ADDRESS}}
UCP_IP_ADDRESS=${UCP_IP_ADDRESS:-$CONTROL_IP_ADDRESS}
UCP_AUDIT_LOG_LEVEL=${UCP_AUDIT_LOG_LEVEL:-''}
@@ -729,10 +727,10 @@
fi
fi
- public_address_match_ip_line=$(grep -nm1 "${PUBLIC_NODE_IP_ADDRESS}/${PUBLIC_NODE_IP_NETMASK}" ${cloud_netplan_cfg} | cut -d: -f1)
- if [ -n "${public_address_match_ip_line}" ] ; then
- sed -i "$((${public_address_match_ip_line}-1)),$((${public_address_match_ip_line}))d" ${cloud_netplan_cfg}
- fi
+public_address_match_ip_line=$(grep -nm1 "${PUBLIC_NODE_IP_ADDRESS}/${PUBLIC_NODE_IP_NETMASK}" ${cloud_netplan_cfg} | cut -d: -f1)
+if [ -n "${public_address_match_ip_line}" ] ; then
+ sed -i "$((${public_address_match_ip_line}-1)),$((${public_address_match_ip_line}))d" ${cloud_netplan_cfg}
+fi
cat << EOF >> ${cloud_netplan_cfg}
bridges:
@@ -741,11 +739,13 @@
interfaces:
- ${PUBLIC_INTERFACE}
- veth-br
+EOF
+if [[ ${NODE_METADATA} == *"tempest"* ]]; then
+cat << EOF >> ${cloud_netplan_cfg}
addresses:
- ${PUBLIC_NODE_IP_ADDRESS}/${PUBLIC_NODE_IP_NETMASK}
EOF
# Assign more ips for neutron dynamic routing PRODX-31417
-if [[ ${NODE_METADATA} == *"tempest"* ]]; then
for i in {71..76}; do
cat << EOF >> ${cloud_netplan_cfg}
- ${PUBLIC_NODE_IP_ADDRESS%.*}.${i}/${PUBLIC_NODE_IP_NETMASK}
@@ -973,6 +973,8 @@
netplan --debug apply
# NOTE(vsaienko): give some time to apply changes
sleep 15
+ # workaround for https://github.com/systemd/systemd/issues/13432
+ systemctl restart systemd-resolved
}
function install_frr {
diff --git a/de/heat-templates/scripts/launch.sh b/de/heat-templates/scripts/launch.sh
index 21bd205..0b859c9 100644
--- a/de/heat-templates/scripts/launch.sh
+++ b/de/heat-templates/scripts/launch.sh
@@ -140,7 +140,6 @@
install_kubectl
configure_ntp
configure_atop
- workaround_default_forward_policy
if [[ "${KUBERNETES_INSTALLER}" == "ucp" ]]; then
install_docker
swarm_init
@@ -187,7 +186,6 @@
install_kubectl
configure_ntp
configure_atop
- workaround_default_forward_policy
if [[ "${KUBERNETES_INSTALLER}" == "ucp" ]]; then
install_docker
cache_images
@@ -227,7 +225,6 @@
enable_iscsi
configure_ntp
configure_atop
- workaround_default_forward_policy
if [[ "${KUBERNETES_INSTALLER}" == "ucp" ]]; then
install_docker
cache_images
@@ -269,7 +266,6 @@
cache_images
download_bundles
fi
- workaround_default_forward_policy
configure_contrack
disable_iptables_for_bridges
install_frr