Network updates.

This commit is contained in:
Derek Smith 2022-08-15 09:35:01 -04:00
parent 9a4f90d27b
commit 1ecbfe4442
Signed by: farscapian
GPG Key ID: 8F1CD799CCA516CC
3 changed files with 36 additions and 30 deletions

View File

@ -151,15 +151,17 @@ EOL
exit 1 exit 1
fi fi
if ! command -v lxc >/dev/null 2>&1; then
if lxc profile list --format csv | grep -q sovereign-stack; then if lxc profile list --format csv | grep -q sovereign-stack; then
lxc profile delete sovereign-stack lxc profile delete sovereign-stack
sleep 1 sleep 1
fi fi
if lxc network list --format csv | grep -q lxdfanSS; then if lxc network list --format csv | grep -q lxdbr0; then
lxc network delete lxdfanSS lxc network delete lxdbr0
sleep 1 sleep 1
fi fi
fi
ssh -t "ubuntu@$FQDN" " ssh -t "ubuntu@$FQDN" "
# set host firewall policy. # set host firewall policy.
@ -192,26 +194,16 @@ config:
images.auto_update_interval: 15 images.auto_update_interval: 15
networks: networks:
- config: - name: lxdbr0
bridge.mode: fan type: bridge
fan.underlay_subnet: auto config:
ipv4.nat: "true"
ipv6.nat: "true"
managed: true
description: ss-config,${DATA_PLANE_MACVLAN_INTERFACE:-},${DISK_TO_USE:-} description: ss-config,${DATA_PLANE_MACVLAN_INTERFACE:-},${DISK_TO_USE:-}
name: lxdfanSS
type: ""
project: default
storage_pools: [] storage_pools: []
profiles:
- config: {}
description: "inter-vm communication across lxd hosts."
devices:
eth0:
name: eth0
network: lxdfanSS
type: nic
name: sovereign-stack
projects: [] projects: []
cluster: cluster:
server_name: ${CLUSTER_NAME} server_name: ${CLUSTER_NAME}

View File

@ -3,6 +3,7 @@
set -eu set -eu
export DEPLOY_WWW_SERVER=false export DEPLOY_WWW_SERVER=false
export WWW_SERVER_MAC_ADDRESS=
export DEPLOY_BTCPPAY_SERVER=false export DEPLOY_BTCPPAY_SERVER=false
export DEPLOY_GHOST=true export DEPLOY_GHOST=true
@ -115,9 +116,9 @@ export NEXTCLOUD_DB_IMAGE="$DEFAULT_DB_IMAGE"
export GITEA_IMAGE="gitea/gitea:latest" export GITEA_IMAGE="gitea/gitea:latest"
export GITEA_DB_IMAGE="$DEFAULT_DB_IMAGE" export GITEA_DB_IMAGE="$DEFAULT_DB_IMAGE"
export SOVEREIGN_STACK_MAC_ADDRESS="aa:bb:cc:00:00:03" export SOVEREIGN_STACK_MAC_ADDRESS=
export WWW_MAC_ADDRESS="aa:bb:cc:00:00:00" export WWW_MAC_ADDRESS=
export BTCPAY_MAC_ADDRESS="aa:bb:cc:00:00:01" export BTCPAY_MAC_ADDRESS=
export CLUSTERS_DIR="$HOME/ss-clusters" export CLUSTERS_DIR="$HOME/ss-clusters"
export SITES_PATH="$HOME/ss-sites" export SITES_PATH="$HOME/ss-sites"

View File

@ -199,6 +199,10 @@ devices:
type: disk type: disk
EOF EOF
# TODO get the sovereign-stack lxc profile OFF the lxdbr0 bridge network.
echo "DATA_PLANE_MACVLAN_INTERFACE: $DATA_PLANE_MACVLAN_INTERFACE"
if [ "$VIRTUAL_MACHINE" = sovereign-stack ] ; then
# If we are deploying the www, we attach the vm to the underlay via macvlan. # If we are deploying the www, we attach the vm to the underlay via macvlan.
cat >> "$YAML_PATH" <<EOF cat >> "$YAML_PATH" <<EOF
@ -206,13 +210,22 @@ cat >> "$YAML_PATH" <<EOF
nictype: macvlan nictype: macvlan
parent: ${DATA_PLANE_MACVLAN_INTERFACE} parent: ${DATA_PLANE_MACVLAN_INTERFACE}
type: nic type: nic
enp6s0:
nictype: bridged
parent: lxdfanSS
type: nic
name: ${FILENAME} name: ${FILENAME}
EOF EOF
else
# If we are deploying the www, we attach the vm to the underlay via macvlan.
cat >> "$YAML_PATH" <<EOF
enp5s0:
nictype: macvlan
parent: ${DATA_PLANE_MACVLAN_INTERFACE}
type: nic
name: ${FILENAME}
EOF
fi
# let's create a profile for the BCM TYPE-1 VMs. This is per VM. # let's create a profile for the BCM TYPE-1 VMs. This is per VM.
if ! lxc profile list --format csv | grep -q "$VIRTUAL_MACHINE"; then if ! lxc profile list --format csv | grep -q "$VIRTUAL_MACHINE"; then
lxc profile create "$VIRTUAL_MACHINE" lxc profile create "$VIRTUAL_MACHINE"