1
1

Improve cluster init script.

This commit is contained in:
Derek Smith 2022-11-05 19:51:58 -04:00
parent 3883cb4d66
commit 57b7985009
Signed by: farscapian
GPG Key ID: 8F1CD799CCA516CC
2 changed files with 24 additions and 18 deletions

View File

@ -110,15 +110,15 @@ else
exit 1 exit 1
fi fi
# # if the disk is loop-based, then we assume the / path exists. # if the disk is loop-based, then we assume the / path exists.
# if [ "$DISK_TO_USE" != loop ]; then if [ "$DISK_TO_USE" != loop ]; then
# # ensure we actually have that disk/partition on the system. # ensure we actually have that disk/partition on the system.
# if ssh "ubuntu@$FQDN" lsblk | grep -q "$DISK_TO_USE"; then if ssh "ubuntu@$FQDN" lsblk | grep -q "$DISK_TO_USE"; then
# echo "ERROR: We could not the disk you specified. Please run this command again and supply a different disk." echo "ERROR: We could not the disk you specified. Please run this command again and supply a different disk."
# echo "NOTE: You can always specify on the command line by adding the '--disk=/dev/sdd', for example." echo "NOTE: You can always specify on the command line by adding the '--disk=/dev/sdd', for example."
# exit 1 exit 1
# fi fi
# fi fi
# The MGMT Plane IP is the IP address that the LXD API binds to, which happens # The MGMT Plane IP is the IP address that the LXD API binds to, which happens
# to be the same as whichever SSH connection you're coming in on. # to be the same as whichever SSH connection you're coming in on.
@ -146,21 +146,27 @@ if ! command -v lxc >/dev/null 2>&1; then
fi fi
ssh -t "ubuntu@$FQDN" " ssh -t "ubuntu@$FQDN" "
# set host firewall policy. set -ex
# allow LXD API from management network.
# sudo ufw allow from ${IP_OF_MGMT_MACHINE}/32 proto tcp to $MGMT_PLANE_IP port 8443
# enable it. # install ufw and allow SSH.
# if sudo ufw status | grep -q 'Status: inactive'; then sudo apt update
# sudo ufw enable sudo apt upgrade -y
# fi sudo apt install ufw htop dnsutils nano -y
sudo ufw allow ssh
sudo ufw allow 8443/tcp comment 'allow LXD management'
# install lxd as a snap if it's not installed. We only really use the LXC part of this package. # enable the host firewall
if sudo ufw status | grep -q 'Status: inactive'; then
sudo ufw enable
fi
# install lxd as a snap if it's not installed.
if ! snap list | grep -q lxd; then if ! snap list | grep -q lxd; then
sudo snap install lxd --candidate sudo snap install lxd --candidate
sleep 4 sleep 4
fi fi
" "
# if the DATA_PLANE_MACVLAN_INTERFACE is not specified, then we 'll # if the DATA_PLANE_MACVLAN_INTERFACE is not specified, then we 'll
# just attach VMs to the network interface used for for the default route. # just attach VMs to the network interface used for for the default route.
if [ -z "$DATA_PLANE_MACVLAN_INTERFACE" ]; then if [ -z "$DATA_PLANE_MACVLAN_INTERFACE" ]; then

View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
set -e set -eu
cd "$(dirname "$0")" cd "$(dirname "$0")"
# let's check to ensure the management machine is on the Baseline ubuntu 21.04 # let's check to ensure the management machine is on the Baseline ubuntu 21.04