File: openstack-cluster-installer-poc.oci-poc-virtual-network.init

package info (click to toggle)
openstack-cluster-installer 21
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 1,212 kB
  • sloc: php: 9,235; sh: 2,936; makefile: 14
file content (132 lines) | stat: -rw-r--r-- 4,314 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
 
#!/bin/sh

### BEGIN INIT INFO
# Provides:          oci-poc-virtual-network
# Required-Start:    $network
# Required-Stop:     $network
# Should-Start:      $local_fs
# Should-Stop:       $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: A small script to initialise iptables to allow forwarding and masquerading.
# Description:       A small script to initialise iptables to allow forwarding and masquerading.
### END INIT INFO

. /lib/lsb/init-functions

MODPROBE=/sbin/modprobe
IPTABLES=/sbin/iptables
if ! [ -r /etc/oci-poc/oci-poc.conf ] ; then
	echo "Cannot find /etc/oci-poc/oci-poc.conf"
	exit 1
fi
. /etc/oci-poc/oci-poc.conf

GUEST_NUMBER_LIST=$(seq -s ' ' 1 $((${NUMBER_OF_GUESTS} * 2)))

fake_ifs () {
        echo 1 >/proc/sys/net/ipv4/ip_forward
        echo 1 >/proc/sys/net/ipv6/conf/all/forwarding

	$MODPROBE dummy

	# Create a dummy interface called mynic0
	ip link add ${HOST_DUMMYNET_IFNAME} type dummy

	# Set its MAC address
	ifconfig ${HOST_DUMMYNET_IFNAME} hw ether ${HOST_DUMMYNET_MAC}

	# Add a tap devices
	for i in 0 ${GUEST_NUMBER_LIST} ; do
		ip tuntap add dev ${GUEST_TAPIF_PREFIX}${i} mode tap user root
	done

	# Create a bridge, and bridge to it mynic0 and all taps
	brctl addbr ${HOST_BRIDGE_NAME}
	brctl addif ${HOST_BRIDGE_NAME} ${HOST_DUMMYNET_IFNAME}
	for i in 0 ${GUEST_NUMBER_LIST} ; do
		brctl addif ${HOST_BRIDGE_NAME} ${GUEST_TAPIF_PREFIX}${i}
	done

	# Set an IP addresses to the bridge
	ifconfig ${HOST_BRIDGE_NAME} ${HOST_BRIDGE_GW} netmask 255.255.255.0 up
	# also v6...
	ip addr add fd5d:12c9:2201:1::1/24 dev ${HOST_BRIDGE_NAME}

	# Add all cluster networks configured
	for network_cidr in ${CLUSTER_NETWORK_CIDRS} ; do
		IP_MIN=$(ipcalc ${network_cidr} | grep ^HostMin: | awk '{print $2}')
		CIDR=$(echo ${network_cidr} | cut -d/ -f2)
		IP_CIDR=${IP_MIN}/${CIDR}
		ip addr add ${IP_CIDR} dev ${HOST_BRIDGE_NAME}
	done

	# Make sure all interfaces are up
	ip link set ${HOST_BRIDGE_NAME} up
	for i in 0 ${GUEST_NUMBER_LIST} ; do
		ip link set ${GUEST_TAPIF_PREFIX}${i} up
	done

	# Set basic masquerading for both ipv4 and 6
	iptables -I FORWARD -s ${HOST_BRIDGE_NET} -j ACCEPT
	iptables -t nat -I POSTROUTING -s ${HOST_BRIDGE_NET} -j MASQUERADE
	# Add all cluster networks configured
	for network_cidr in ${CLUSTER_NETWORK_CIDRS} ; do
		iptables -I FORWARD -s ${network_cidr} -j ACCEPT
		iptables -t nat -I POSTROUTING -s ${network_cidr} -j MASQUERADE
	done
	ip6tables -I FORWARD -s ${HOST_BRIDGE_NET6} -j ACCEPT
	ip6tables -t nat -I POSTROUTING -s ${HOST_BRIDGE_NET6} -j MASQUERADE

	# Forward to OCI's web interface
	iptables -t nat -I PREROUTING -p tcp -i ${HOST_MGMT_INTERFACE} --dport 80 -j DNAT --to-destination ${OCI_VM_IP}:80
	iptables -t nat -I PREROUTING -p tcp -i ${HOST_MGMT_INTERFACE} --dport 443 -j DNAT --to-destination ${OCI_VM_IP}:443
	# Forward the radius ports 1812 and 1813
	iptables -t nat -I PREROUTING -p udp -i ${HOST_MGMT_INTERFACE} --dport 1812 -j DNAT --to-destination ${OCI_VM_IP}:1812
	iptables -t nat -I PREROUTING -p udp -i ${HOST_MGMT_INTERFACE} --dport 1813 -j DNAT --to-destination ${OCI_VM_IP}:1813
}

stop_fake_ifs () {
        iptables -F FORWARD
        ip6tables -F FORWARD
        iptables -t nat -F POSTROUTING
        ip6tables -t nat -F POSTROUTING
        ip addr del ${HOST_BRIDGE_NET6} dev ${HOST_BRIDGE_NAME} || true
        ifconfig ${HOST_BRIDGE_NAME} down || true
        brctl delif ${HOST_BRIDGE_NAME} ${HOST_DUMMYNET_IFNAME} || true
	for i in 0 ${GUEST_NUMBER_LIST} ; do
	        brctl delif ${HOST_BRIDGE_NAME} ${GUEST_TAPIF_PREFIX}${i} || true
	done
	# Add all cluster networks configured
	for network_cidr in ${CLUSTER_NETWORK_CIDRS} ; do
		IP_MIN=$(ipcalc ${network_cidr} | grep ^HostMin: | awk '{print $2}')
		CIDR=$(echo ${network_cidr} | cut -d/ -f2)
		IP_CIDR=${IP_MIN}/${CIDR}
		ip addr del ${IP_CIDR} dev ${HOST_BRIDGE_NAME}
	done
        brctl delbr ${HOST_BRIDGE_NAME} || true
        ip link delete ${HOST_DUMMYNET_IFNAME} || true
	for i in 0 ${GUEST_NUMBER_LIST} ; do
	        ip tuntap delete ${GUEST_TAPIF_PREFIX}${i} mod tap || true
	done
}

case "${1}" in
start|systemd-start)
        fake_ifs
;;
stop)
	stop_fake_ifs
;;
restart|reload|force-reload)
	$0 stop
	sleep 1
	$0 start
;;
*)
	echo "Usage: $0 {start|stop|restart|reload}"
	exit 1
;;
esac

exit 0