diff options
Diffstat (limited to 'deployment/noheat/cluster-rke')
4 files changed, 57 insertions, 0 deletions
diff --git a/deployment/noheat/cluster-rke/ansible/create.yml b/deployment/noheat/cluster-rke/ansible/create.yml new file mode 100644 index 000000000..fa24fb1d6 --- /dev/null +++ b/deployment/noheat/cluster-rke/ansible/create.yml @@ -0,0 +1,17 @@ +--- +- name: Set up bastion node for ONAP Docker registry + hosts: "control0" + become: yes + roles: + - role: create_bastion + destination: "{{ nexus }}" +- name: Add bastion information to the cluster nodes + hosts: all + become: yes + tasks: + - name: Add cluster hostnames to /etc/hosts file + lineinfile: + path: /etc/hosts + line: "{{ hostvars['control0']['ansible_default_ipv4']['address'] }} {{ item }}" + loop: + - "nexus3.onap.org" diff --git a/deployment/noheat/cluster-rke/ansible/group_vars/all.yml b/deployment/noheat/cluster-rke/ansible/group_vars/all.yml new file mode 120000 index 000000000..d8e74e27a --- /dev/null +++ b/deployment/noheat/cluster-rke/ansible/group_vars/all.yml @@ -0,0 +1 @@ +all.yml.sm-onap
\ No newline at end of file diff --git a/deployment/noheat/cluster-rke/ansible/group_vars/all.yml.sm-onap b/deployment/noheat/cluster-rke/ansible/group_vars/all.yml.sm-onap new file mode 100644 index 000000000..2810d2d73 --- /dev/null +++ b/deployment/noheat/cluster-rke/ansible/group_vars/all.yml.sm-onap @@ -0,0 +1,4 @@ +--- +nexus: + address: 199.204.45.137 + port: 10001 diff --git a/deployment/noheat/cluster-rke/ansible/roles/create_bastion/tasks/main.yml b/deployment/noheat/cluster-rke/ansible/roles/create_bastion/tasks/main.yml new file mode 100644 index 000000000..8189968c4 --- /dev/null +++ b/deployment/noheat/cluster-rke/ansible/roles/create_bastion/tasks/main.yml @@ -0,0 +1,35 @@ +- name: Add cluster hostnames to /etc/hosts file + lineinfile: + path: /etc/hosts + line: "{{ ansible_default_ipv4.address + ' ' + ansible_hostname }}" + +- name: Enable IP forwarding + ansible.posix.sysctl: + name: net.ipv4.ip_forward + value: '1' + sysctl_set: yes + +- name: Create PREROUTING rule + ansible.builtin.iptables: + table: nat + chain: PREROUTING + protocol: tcp + destination_port: "{{ destination.port }}" + jump: DNAT + to_destination: "{{ destination.address }}:{{ destination.port }}" + +- name: Create OUTPUT rule + ansible.builtin.iptables: + table: nat + chain: OUTPUT + protocol: tcp + destination: "{{ ansible_default_ipv4.address }}" + destination_port: "{{ destination.port }}" + jump: DNAT + to_destination: "{{ destination.address }}" + +- name: Enable masquerading + ansible.builtin.iptables: + table: nat + chain: POSTROUTING + jump: MASQUERADE |