1
1

Network updates.

This commit is contained in:
Derek Smith 2022-08-15 09:35:01 -04:00
parent 9a4f90d27b
commit 1ecbfe4442
Signed by: farscapian
GPG Key ID: 8F1CD799CCA516CC
3 changed files with 36 additions and 30 deletions

View File

@ -151,15 +151,17 @@ EOL
exit 1
fi
if ! command -v lxc >/dev/null 2>&1; then
if lxc profile list --format csv | grep -q sovereign-stack; then
lxc profile delete sovereign-stack
sleep 1
fi
if lxc network list --format csv | grep -q lxdfanSS; then
lxc network delete lxdfanSS
if lxc network list --format csv | grep -q lxdbr0; then
lxc network delete lxdbr0
sleep 1
fi
fi
ssh -t "ubuntu@$FQDN" "
# set host firewall policy.
@ -192,26 +194,16 @@ config:
images.auto_update_interval: 15
networks:
- config:
bridge.mode: fan
fan.underlay_subnet: auto
- name: lxdbr0
type: bridge
config:
ipv4.nat: "true"
ipv6.nat: "true"
managed: true
description: ss-config,${DATA_PLANE_MACVLAN_INTERFACE:-},${DISK_TO_USE:-}
name: lxdfanSS
type: ""
project: default
storage_pools: []
profiles:
- config: {}
description: "inter-vm communication across lxd hosts."
devices:
eth0:
name: eth0
network: lxdfanSS
type: nic
name: sovereign-stack
projects: []
cluster:
server_name: ${CLUSTER_NAME}

View File

@ -3,6 +3,7 @@
set -eu
export DEPLOY_WWW_SERVER=false
export WWW_SERVER_MAC_ADDRESS=
export DEPLOY_BTCPPAY_SERVER=false
export DEPLOY_GHOST=true
@ -115,9 +116,9 @@ export NEXTCLOUD_DB_IMAGE="$DEFAULT_DB_IMAGE"
export GITEA_IMAGE="gitea/gitea:latest"
export GITEA_DB_IMAGE="$DEFAULT_DB_IMAGE"
export SOVEREIGN_STACK_MAC_ADDRESS="aa:bb:cc:00:00:03"
export WWW_MAC_ADDRESS="aa:bb:cc:00:00:00"
export BTCPAY_MAC_ADDRESS="aa:bb:cc:00:00:01"
export SOVEREIGN_STACK_MAC_ADDRESS=
export WWW_MAC_ADDRESS=
export BTCPAY_MAC_ADDRESS=
export CLUSTERS_DIR="$HOME/ss-clusters"
export SITES_PATH="$HOME/ss-sites"

View File

@ -199,6 +199,10 @@ devices:
type: disk
EOF
# TODO get the sovereign-stack lxc profile OFF the lxdbr0 bridge network.
echo "DATA_PLANE_MACVLAN_INTERFACE: $DATA_PLANE_MACVLAN_INTERFACE"
if [ "$VIRTUAL_MACHINE" = sovereign-stack ] ; then
# If we are deploying the www, we attach the vm to the underlay via macvlan.
cat >> "$YAML_PATH" <<EOF
@ -206,13 +210,22 @@ cat >> "$YAML_PATH" <<EOF
nictype: macvlan
parent: ${DATA_PLANE_MACVLAN_INTERFACE}
type: nic
enp6s0:
nictype: bridged
parent: lxdfanSS
type: nic
name: ${FILENAME}
EOF
else
# If we are deploying the www, we attach the vm to the underlay via macvlan.
cat >> "$YAML_PATH" <<EOF
enp5s0:
nictype: macvlan
parent: ${DATA_PLANE_MACVLAN_INTERFACE}
type: nic
name: ${FILENAME}
EOF
fi
# let's create a profile for the BCM TYPE-1 VMs. This is per VM.
if ! lxc profile list --format csv | grep -q "$VIRTUAL_MACHINE"; then
lxc profile create "$VIRTUAL_MACHINE"