Commit bd420275 authored by Dimitris Aragiorgis's avatar Dimitris Aragiorgis

deploy: Fix interfaces and ferm

Do not use a dummy interface. Instead, if in --autoconf
use bridge_ports none in interfaces.synnefo and do
MAC MASQ on the public interface (which gets autodetected).
Signed-off-by: default avatarDimitris Aragiorgis <dimara@grnet.gr>
parent 337d5f6d
......@@ -27,9 +27,9 @@ password =
# The interface with internet access
public_iface = eth0
# The interface for the instances' public traffic
vm_public_iface = eth1
vm_public_iface =
# The interface for the instances' private traffic
vm_private_iface = eth2
vm_private_iface =
# The extra disk for the Ganeti VG needed for plain and drbd disk templates
extra_disk = /dev/vdb
......@@ -42,5 +42,3 @@ extra_disk = /dev/vdb
name = node
ip = 192.0.2.1
extra_disk =
vm_public_iface = dummy
vm_private_iface = dummy
......@@ -27,9 +27,9 @@ password =
# The interface with internet access
public_iface = eth0
# The interface for the instances' public traffic
vm_public_iface = eth1
vm_public_iface =
# The interface for the instances' private traffic
vm_private_iface = eth2
vm_private_iface =
# The extra disk for the Ganeti VG needed for plain and drbd disk templates
extra_disk = /dev/vdb
......
......@@ -2,9 +2,9 @@
@hook flush "echo 0 > /proc/sys/net/ipv4/ip_forward";
@def $PUBLIC_IFACE = %PUBLIC_IFACE%;
@def $IFACE = %IFACE%;
@def $VM_PUBLIC_IFACE = %VM_PUBLIC_IFACE%;
@def $SUBNET = %SUBNET%;
@def $MAC = `cat /sys/class/net/%IFACE%/address`;
@def $MAC = `cat /sys/class/net/%VM_PUBLIC_IFACE%/address`;
@def $ROUTER = %ROUTER%;
......@@ -21,7 +21,7 @@ domain eb {
table nat {
chain POSTROUTING {
# MAC SNAT for networks
outerface $IFACE snat to-source $MAC;
outerface $VM_PUBLIC_IFACE snat to-source $MAC;
}
}
}
......
# interface and bridge used for VMs' public network
auto %VM_PUBLIC_IFACE%
iface %VM_PUBLIC_IFACE% inet manual
# bridge used for VMs' public network
auto %VM_PUBLIC_BRIDGE%
iface %VM_PUBLIC_BRIDGE% inet static
bridge_ports %VM_PUBLIC_IFACE%
......@@ -11,10 +8,7 @@ iface %VM_PUBLIC_BRIDGE% inet static
bridge_waitport 0
bridge_fd 0
# interface and bridge used for VMs' private networks (MAC_FILTERED)
auto %VM_PRIVATE_IFACE%
iface %VM_PRIVATE_IFACE% inet manual
# bridge used for VMs' private networks (MAC_FILTERED)
auto %VM_PRIVATE_BRIDGE%
iface %VM_PRIVATE_BRIDGE% inet manual
bridge_ports %VM_PRIVATE_IFACE%
......
......@@ -876,17 +876,20 @@ class Network(base.Component):
"subnet": config.synnefo_public_network_subnet,
"gateway": config.synnefo_public_network_gateway,
"router": 1 if is_router else 0,
"iface": self.node.vm_public_iface,
"vm_public_iface": self.node.vm_public_iface
if self.node.vm_public_iface else self.node.public_iface,
}
r5 = {
"vm_public_bridge": config.vm_public_bridge,
"vm_public_iface": self.node.vm_public_iface,
"vm_public_iface": self.node.vm_public_iface
if self.node.vm_public_iface else "none",
"address": config.synnefo_public_network_gateway \
if is_router else "0.0.0.0",
"netmask": config.synnefo_public_network_netmask \
if is_router else "255.255.255.255",
"vm_private_bridge": config.vm_private_bridge,
"vm_private_iface": self.node.vm_private_iface,
"vm_private_iface": self.node.vm_private_iface
if self.node.vm_private_iface else "none",
}
return [
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment