diff --git a/nodepool/scripts/configure_mirror.sh b/nodepool/scripts/configure_mirror.sh deleted file mode 100755 index c35c4bda9a..0000000000 --- a/nodepool/scripts/configure_mirror.sh +++ /dev/null @@ -1,417 +0,0 @@ -#!/bin/bash -xe - -# Copyright (C) 2014 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# -# See the License for the specific language governing permissions and -# limitations under the License. - -# We need to ensure that we can find utilities like ip and restorecon -# which at least on some distros live in /usr/sbin. -export PATH="$PATH:/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin" - -if [ -f /etc/dib-builddate.txt ]; then - echo "Image build date" - echo "================" - cat /etc/dib-builddate.txt -fi - -# Use only ipv6 resolvers if ipv6 is present and routable. This -# avoids traversing potential NAT when using ipv4 which can be unreliable. -# -# Similarly do not use ipv6 resolvers if there is no ipv6 available as this -# causes timeouts and failovers that are unnecesary. -export NODEPOOL_STATIC_NAMESERVER_V6='2620:0:ccc::2' -export NODEPOOL_STATIC_NAMESERVER_V4='208.67.222.222' -export NODEPOOL_STATIC_NAMESERVER_V6_FALLBACK='2001:4860:4860::8888' -export NODEPOOL_STATIC_NAMESERVER_V4_FALLBACK='8.8.8.8' -if ip -6 route | grep '^default' ; then - cat > /tmp/forwarding.conf << EOF -forward-zone: - name: "." - forward-addr: $NODEPOOL_STATIC_NAMESERVER_V6 - forward-addr: $NODEPOOL_STATIC_NAMESERVER_V6_FALLBACK -EOF -else - cat > /tmp/forwarding.conf << EOF -forward-zone: - name: "." - forward-addr: $NODEPOOL_STATIC_NAMESERVER_V4 - forward-addr: $NODEPOOL_STATIC_NAMESERVER_V4_FALLBACK -EOF -fi - -sudo mv /tmp/forwarding.conf /etc/unbound -sudo chown root:root /etc/unbound/forwarding.conf -sudo chmod 0644 /etc/unbound/forwarding.conf -if type -p restorecon ; then - # Fedora and centos need selinux contexts configured properly - sudo restorecon -v /etc/unbound/forwarding.conf -fi - -if type -p systemctl ; then - sudo systemctl restart unbound -else - sudo service unbound restart -fi - -source /etc/nodepool/provider - -NODEPOOL_MIRROR_HOST=${NODEPOOL_MIRROR_HOST:-mirror.$NODEPOOL_REGION.$NODEPOOL_CLOUD.openstack.org} -NODEPOOL_MIRROR_HOST=$(echo $NODEPOOL_MIRROR_HOST|tr '[:upper:]' '[:lower:]') - -# Write the default value for NODEPOOL_MIRROR_HOST into the mirror_info -# script first. This allows us to set a default while allowing consumers -# to override values if necessary. -echo "export NODEPOOL_MIRROR_HOST=\${NODEPOOL_MIRROR_HOST:-$NODEPOOL_MIRROR_HOST}" > /tmp/mirror_info.sh -# Copy AFS Slug generation details into mirror_info.sh so that consumers -# don't have to know about generating the wheel mirror's -# distro-release-processor tuple. -cat /usr/local/jenkins/slave_scripts/afs-slug.sh >> /tmp/mirror_info.sh -# We write this as a heredoc so that the same information used by this script -# is useable by others without double accounting. Note that the quoted EOF -# means we don't do variable expansion. -cat << "EOF" >> /tmp/mirror_info.sh -export NODEPOOL_DEBIAN_MIRROR=${NODEPOOL_DEBIAN_MIRROR:-http://$NODEPOOL_MIRROR_HOST/debian} -export NODEPOOL_PYPI_MIRROR=${NODEPOOL_PYPI_MIRROR:-http://$NODEPOOL_MIRROR_HOST/pypi/simple} -export NODEPOOL_WHEEL_MIRROR=${NODEPOOL_WHEEL_MIRROR:-http://$NODEPOOL_MIRROR_HOST/wheel/$AFS_SLUG} -export NODEPOOL_UBUNTU_MIRROR=${NODEPOOL_UBUNTU_MIRROR:-http://$NODEPOOL_MIRROR_HOST/ubuntu} -export NODEPOOL_CENTOS_MIRROR=${NODEPOOL_CENTOS_MIRROR:-http://$NODEPOOL_MIRROR_HOST/centos} -export NODEPOOL_DEBIAN_OPENSTACK_MIRROR=${NODEPOOL_DEBIAN_OPENSTACK_MIRROR:-http://$NODEPOOL_MIRROR_HOST/debian-openstack} -export NODEPOOL_EPEL_MIRROR=${NODEPOOL_EPEL_MIRROR:-http://$NODEPOOL_MIRROR_HOST/epel} -export NODEPOOL_FEDORA_MIRROR=${NODEPOOL_FEDORA_MIRROR:-http://$NODEPOOL_MIRROR_HOST/fedora} -export NODEPOOL_OPENSUSE_MIRROR=${NODEPOOL_OPENSUSE_MIRROR:-http://$NODEPOOL_MIRROR_HOST/opensuse} -export NODEPOOL_CEPH_MIRROR=${NODEPOOL_CEPH_MIRROR:-http://$NODEPOOL_MIRROR_HOST/ceph-deb-hammer} -export NODEPOOL_UCA_MIRROR=${NODEPOOL_UCA_MIRROR:-http://$NODEPOOL_MIRROR_HOST/ubuntu-cloud-archive} -export NODEPOOL_MARIADB_MIRROR=${NODEPOOL_MARIADB_MIRROR:-http://$NODEPOOL_MIRROR_HOST/ubuntu-mariadb} -# Reverse proxy servers -export NODEPOOL_BUILDLOGS_CENTOS_PROXY=${NODEPOOL_BUILDLOGS_CENTOS_PROXY:-http://$NODEPOOL_MIRROR_HOST:8080/buildlogs.centos} -export NODEPOOL_DOCKER_REGISTRY_PROXY=${NODEPOOL_DOCKER_REGISTRY_PROXY:-http://$NODEPOOL_MIRROR_HOST:8081/registry-1.docker/} -export NODEPOOL_RDO_PROXY=${NODEPOOL_RDO_PROXY:-http://$NODEPOOL_MIRROR_HOST:8080/rdo} -export NODEPOOL_RUGYGEMS_PROXY=${NODEPOOL_RUBYGEMS_PROXY:-http://$NODEPOOL_MIRROR_HOST:8080/rubygems/} -export NODEPOOL_NPM_REGISTRY_PROXY=${NODEPOOL_NPM_REGISTRY_PROXY:-http://$NODEPOOL_MIRROR_HOST:8080/registry.npmjs} -export NODEPOOL_TARBALLS_PROXY=${NODEPOOL_TARBALLS_PROXY:-http://$NODEPOOL_MIRROR_HOST:8080/tarballs} -export NODEPOOL_LXC_IMAGE_PROXY=${NODEPOOL_LXC_IMAGE_PROXY:-$NODEPOOL_MIRROR_HOST:8080/images.linuxcontainers} -EOF - -sudo mkdir -p /etc/ci -sudo mv /tmp/mirror_info.sh /etc/ci/mirror_info.sh -source /etc/ci/mirror_info.sh - -LSBDISTID=$(lsb_release -is) -LSBDISTCODENAME=$(lsb_release -cs) - -# Double check that when the node is made ready it is able -# to resolve names against DNS. -# NOTE(pabelanger): Because it is possible for nodepool to SSH into a node but -# DNS has not been fully started, we try up to 300 seconds (10 attempts) to -# resolve DNS once. -for COUNT in {1..10}; do - set +e - host -W 30 git.openstack.org - res=$? - set -e - if [ $res == 0 ]; then - break - elif [ $COUNT == 10 ]; then - exit 1 - fi -done -host $NODEPOOL_MIRROR_HOST - -PIP_CONF="\ -[global] -timeout = 60 -index-url = $NODEPOOL_PYPI_MIRROR -trusted-host = $NODEPOOL_MIRROR_HOST -extra-index-url = $NODEPOOL_WHEEL_MIRROR" - -PYDISTUTILS_CFG="\ -[easy_install] -index_url = $NODEPOOL_PYPI_MIRROR -allow_hosts = *.openstack.org" - -NPMRC="\ -registry = $NODEPOOL_NPM_REGISTRY_PROXY - -# Retry settings -fetch-retries=10 # The number of times to retry getting a package. -fetch-retry-mintimeout=60000 # Minimum fetch timeout: 1 minute (default 10 seconds) -fetch-retry-maxtimeout=300000 # Maximum fetch timeout: 5 minute (default 1 minute)" - -GEMRC="\ -:sources: -- $NODEPOOL_RUGYGEMS_PROXY" - -BUNDLE_CONFIG="\ -BUNDLE_MIRROR__HTTPS://RUBYGEMS__ORG/: \"$NODEPOOL_RUGYGEMS_PROXY\"" - -UBUNTU_SOURCES_LIST="\ -deb $NODEPOOL_UBUNTU_MIRROR $LSBDISTCODENAME main universe -deb $NODEPOOL_UBUNTU_MIRROR $LSBDISTCODENAME-updates main universe -deb $NODEPOOL_UBUNTU_MIRROR $LSBDISTCODENAME-backports main universe -deb $NODEPOOL_UBUNTU_MIRROR $LSBDISTCODENAME-security main universe" - -CEPH_SOURCES_LIST="deb $NODEPOOL_CEPH_MIRROR $LSBDISTCODENAME main" - -UCA_SOURCES_LIST_LIBERTY="deb $NODEPOOL_UCA_MIRROR trusty-updates/liberty main" -UCA_SOURCES_LIST_MITAKA="deb $NODEPOOL_UCA_MIRROR trusty-updates/mitaka main" -UCA_SOURCES_LIST_NEWTON="deb $NODEPOOL_UCA_MIRROR xenial-updates/newton main" -UCA_SOURCES_LIST_OCATA="deb $NODEPOOL_UCA_MIRROR xenial-updates/ocata main" -UCA_SOURCES_LIST_PIKE="deb $NODEPOOL_UCA_MIRROR xenial-updates/pike main" - -MARIADB_SOURCES_LIST_10_0="deb $NODEPOOL_MARIADB_MIRROR/10.0 $LSBDISTCODENAME main" -MARIADB_SOURCES_LIST_10_1="deb $NODEPOOL_MARIADB_MIRROR/10.1 $LSBDISTCODENAME main" - -APT_CONF_UNAUTHENTICATED="APT::Get::AllowUnauthenticated \"true\";" - -DEBIAN_DEFAULT_SOURCES_LIST="\ -deb $NODEPOOL_DEBIAN_MIRROR $LSBDISTCODENAME main -deb-src $NODEPOOL_DEBIAN_MIRROR $LSBDISTCODENAME main" - -DEBIAN_UPDATES_SOURCES_LIST="\ -deb $NODEPOOL_DEBIAN_MIRROR $LSBDISTCODENAME-updates main -deb-src $NODEPOOL_DEBIAN_MIRROR $LSBDISTCODENAME-updates main" - -DEBIAN_BACKPORTS_SOURCES_LIST="\ -deb $NODEPOOL_DEBIAN_MIRROR $LSBDISTCODENAME-backports main -deb-src $NODEPOOL_DEBIAN_MIRROR $LSBDISTCODENAME-backports main" - -DEBIAN_SECURITY_SOURCES_LIST="\ -deb $NODEPOOL_DEBIAN_MIRROR $LSBDISTCODENAME-security main -deb-src $NODEPOOL_DEBIAN_MIRROR $LSBDISTCODENAME-security main" - -DEBIAN_OPENSTACK_NEWTON_SOURCES_LIST="\ -deb $NODEPOOL_DEBIAN_OPENSTACK_MIRROR $LSBDISTCODENAME-newton main -deb $NODEPOOL_DEBIAN_OPENSTACK_MIRROR $LSBDISTCODENAME-newton-backports main" - -YUM_REPOS_FEDORA="\ -[fedora] -name=Fedora \$releasever - \$basearch -failovermethod=priority -baseurl=$NODEPOOL_FEDORA_MIRROR/releases/\$releasever/Everything/\$basearch/os/ -enabled=1 -metadata_expire=7d -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-\$releasever-\$basearch -skip_if_unavailable=False -deltarpm=False -deltarpm_percentage=0" - -YUM_REPOS_FEDORA_UPDATES="\ -[updates] -name=Fedora \$releasever - \$basearch - Updates -failovermethod=priority -baseurl=$NODEPOOL_FEDORA_MIRROR/updates/\$releasever/\$basearch/ -enabled=1 -gpgcheck=1 -metadata_expire=6h -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-\$releasever-\$basearch -skip_if_unavailable=False -deltarpm=False -deltarpm_percentage=0" - -YUM_REPOS_CENTOS_BASE="\ -[base] -name=CentOS-\$releasever - Base -baseurl=$NODEPOOL_CENTOS_MIRROR/\$releasever/os/\$basearch/ -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-\$releasever - -#released updates -[updates] -name=CentOS-\$releasever - Updates -baseurl=$NODEPOOL_CENTOS_MIRROR/\$releasever/updates/\$basearch/ -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-\$releasever - -#additional packages that may be useful -[extras] -name=CentOS-\$releasever - Extras -baseurl=$NODEPOOL_CENTOS_MIRROR/\$releasever/extras/\$basearch/ -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-\$releasever" - -YUM_REPOS_EPEL="\ -[epel] -name=Extra Packages for Enterprise Linux \$releasever - \$basearch -baseurl=$NODEPOOL_EPEL_MIRROR/\$releasever/\$basearch -failovermethod=priority -enabled=0 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-\$releasever" - -ZYPPER_REPOS_OPENSUSE_BASE="\ -[repo-oss] -name=repo-oss -enabled=1 -autorefresh=0 -baseurl=$NODEPOOL_OPENSUSE_MIRROR/distribution/leap/\$releasever/repo/oss/ -type=yast2 -keeppackages=0 -" - -ZYPPER_REPOS_OPENSUSE_UPDATE="\ -[repo-update] -name=repo-update -enabled=1 -autorefresh=0 -baseurl=$NODEPOOL_OPENSUSE_MIRROR/update/leap/\$releasever/oss/ -type=rpm-md -keeppackages=0 -" - -# Write global pip configuration -echo "$PIP_CONF" >/tmp/pip.conf -sudo mv /tmp/pip.conf /etc/ -sudo chown root:root /etc/pip.conf -sudo chmod 0644 /etc/pip.conf - -# NOTE(pabelanger): We can remove the jenkins user once we have migrated -# nl01.o.o to production -# Write jenkins user distutils/setuptools configuration used by easy_install -echo "$PYDISTUTILS_CFG" | sudo tee /home/jenkins/.pydistutils.cfg -sudo chown jenkins:jenkins /home/jenkins/.pydistutils.cfg -# Write jenkins user npm configuration -echo "$NPMRC" | sudo tee /home/jenkins/.npmrc -sudo chown jenkins:jenkins /home/jenkins/.npmrc -# Write jenkins user gem configuration -echo "$GEMRC" | sudo tee /home/jenkins/.gemrc -sudo chown jenkins:jenkins /home/jenkins/.gemrc -# Write jenkins user bundle configuration -sudo mkdir -p /home/jenkins/.bundle -echo "$BUNDLE_CONFIG" | sudo tee /home/jenkins/.bundle/config -sudo chown -R jenkins:jenkins /home/jenkins/.bundle - -# Write zuul user distutils/setuptools configuration used by easy_install -echo "$PYDISTUTILS_CFG" | sudo tee /home/zuul/.pydistutils.cfg -sudo chown zuul:zuul /home/zuul/.pydistutils.cfg -# Write zuul user npm configuration -echo "$NPMRC" | sudo tee /home/zuul/.npmrc -sudo chown zuul:zuul /home/zuul/.npmrc -# Write zuul user gem configuration -echo "$GEMRC" | sudo tee /home/zuul/.gemrc -sudo chown zuul:zuul /home/zuul/.gemrc -# Write zuul user bundle configuration -sudo mkdir -p /home/zuul/.bundle -echo "$BUNDLE_CONFIG" | sudo tee /home/zuul/.bundle/config -sudo chown -R zuul:zuul /home/zuul/.bundle - -if [ "$LSBDISTID" == "Ubuntu" ]; then - echo "$UBUNTU_SOURCES_LIST" >/tmp/sources.list - sudo mv /tmp/sources.list /etc/apt/ - sudo chown root:root /etc/apt/sources.list - sudo chmod 0644 /etc/apt/sources.list - - # Opt in repos. Jobs that want to take advantage of them can copy or - # symlink them into /etc/apt/sources.list.d/ - sudo mkdir -p /etc/apt/sources.list.available.d - - # Ceph - echo "$CEPH_SOURCES_LIST" >/tmp/ceph-deb-hammer.list - sudo mv /tmp/ceph-deb-hammer.list /etc/apt/sources.list.available.d/ - - # Ubuntu Cloud Archive - echo "$UCA_SOURCES_LIST_LIBERTY" >/tmp/ubuntu-cloud-archive-liberty.list - sudo mv /tmp/ubuntu-cloud-archive-liberty.list /etc/apt/sources.list.available.d/ - - echo "$UCA_SOURCES_LIST_MITAKA" >/tmp/ubuntu-cloud-archive-mitaka.list - sudo mv /tmp/ubuntu-cloud-archive-mitaka.list /etc/apt/sources.list.available.d/ - - echo "$UCA_SOURCES_LIST_NEWTON" >/tmp/ubuntu-cloud-archive-newton.list - sudo mv /tmp/ubuntu-cloud-archive-newton.list /etc/apt/sources.list.available.d/ - - echo "$UCA_SOURCES_LIST_OCATA" >/tmp/ubuntu-cloud-archive-ocata.list - sudo mv /tmp/ubuntu-cloud-archive-ocata.list /etc/apt/sources.list.available.d/ - - echo "$UCA_SOURCES_LIST_PIKE" >/tmp/ubuntu-cloud-archive-pike.list - sudo mv /tmp/ubuntu-cloud-archive-pike.list /etc/apt/sources.list.available.d/ - - # Ubuntu Mariadb - echo "$MARIADB_SOURCES_LIST_10_0" >/tmp/ubuntu-mariadb-10-0.list - sudo mv /tmp/ubuntu-mariadb-10-0.list /etc/apt/sources.list.available.d/ - - echo "$MARIADB_SOURCES_LIST_10_1" >/tmp/ubuntu-mariadb-10-1.list - sudo mv /tmp/ubuntu-mariadb-10-1.list /etc/apt/sources.list.available.d/ - - sudo chown root:root /etc/apt/sources.list.available.d/* - sudo chmod 0644 /etc/apt/sources.list.available.d/* - - # Turn off multi-arch - sudo dpkg --remove-architecture i386 - - # Turn off checking of GPG signatures - echo "$APT_CONF_UNAUTHENTICATED" >/tmp/99unauthenticated - sudo mv /tmp/99unauthenticated /etc/apt/apt.conf.d/ - sudo chown root:root /etc/apt/apt.conf.d/99unauthenticated - sudo chmod 0644 /etc/apt/apt.conf.d/99unauthenticated - -elif [ "$LSBDISTID" == "Debian" ] ; then - echo "$DEBIAN_DEFAULT_SOURCES_LIST" >/tmp/default.list - sudo mv /tmp/default.list /etc/apt/sources.list.d/ - echo "$DEBIAN_UPDATES_SOURCES_LIST" >/tmp/updates.list - sudo mv /tmp/updates.list /etc/apt/sources.list.d/ - echo "$DEBIAN_BACKPORTS_SOURCES_LIST" >/tmp/backports.list - sudo mv /tmp/backports.list /etc/apt/sources.list.d/ - echo "$DEBIAN_SECURITY_SOURCES_LIST" >/tmp/security.list - sudo mv /tmp/security.list /etc/apt/sources.list.d/ - - sudo chown root:root /etc/apt/sources.list.d/*.list - sudo chmod 0644 /etc/apt/sources.list.d/*.list - - # Opt in repos. Jobs that want to take advantage of them can copy or - # symlink them into /etc/apt/sources.list.d/ - sudo mkdir -p /etc/apt/sources.list.available.d - - # Debian OpenStack Newton - echo "$DEBIAN_OPENSTACK_NEWTON_SOURCES_LIST" >/tmp/debian-openstack-newton.list - sudo mv /tmp/debian-openstack-newton.list /etc/apt/sources.list.available.d/ - - sudo chown root:root /etc/apt/sources.list.available.d/* - sudo chmod 0644 /etc/apt/sources.list.available.d/* - - # Turn off checking of GPG signatures - echo "$APT_CONF_UNAUTHENTICATED" >/tmp/99unauthenticated - sudo mv /tmp/99unauthenticated /etc/apt/apt.conf.d/ - sudo chown root:root /etc/apt/apt.conf.d/99unauthenticated - sudo chmod 0644 /etc/apt/apt.conf.d/99unauthenticated - -elif [ "$LSBDISTID" == "CentOS" ]; then - echo "$YUM_REPOS_CENTOS_BASE" >/tmp/CentOS-Base.repo - sudo mv /tmp/CentOS-Base.repo /etc/yum.repos.d/ - echo "$YUM_REPOS_EPEL" >/tmp/epel.repo - sudo mv /tmp/epel.repo /etc/yum.repos.d/ - sudo chown root:root /etc/yum.repos.d/* - sudo chmod 0644 /etc/yum.repos.d/* - -elif [ "$LSBDISTID" == "Fedora" ]; then - echo "$YUM_REPOS_FEDORA" >/tmp/fedora.repo - sudo mv /tmp/fedora.repo /etc/yum.repos.d/ - echo "$YUM_REPOS_FEDORA_UPDATES" >/tmp/fedora-updates.repo - sudo mv /tmp/fedora-updates.repo /etc/yum.repos.d/ - sudo chown root:root /etc/yum.repos.d/* - sudo chmod 0644 /etc/yum.repos.d/* - -elif [ "$LSBDISTID" == "openSUSE project" ]; then - echo "$ZYPPER_REPOS_OPENSUSE_BASE" > /tmp/repo-oss.repo - sudo mv /tmp/repo-oss.repo /etc/zypp/repos.d/ - echo "$ZYPPER_REPOS_OPENSUSE_UPDATE" > /tmp/repo-update.repo - sudo mv /tmp/repo-update.repo /etc/zypp/repos.d/ - sudo chown root:root /etc/zypp/repos.d/* - sudo chmod 0644 /etc/zypp/repos.d/* -fi - -if [ "$LSBDISTID" == "Debian" ] || [ "$LSBDISTID" == "Ubuntu" ]; then - # Make sure our indexes are up to date. - sudo apt-get update -fi diff --git a/nodepool/scripts/multinode_setup.sh b/nodepool/scripts/multinode_setup.sh deleted file mode 100755 index 0678137acd..0000000000 --- a/nodepool/scripts/multinode_setup.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -xe - -# Copyright (C) 2014 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# -# See the License for the specific language governing permissions and -# limitations under the License. - -export PATH=$PATH:/usr/local/sbin:/usr/sbin - -for ip in $(cat /etc/nodepool/primary_node /etc/nodepool/sub_nodes /etc/nodepool/primary_node_private /etc/nodepool/sub_nodes_private | sort -u); do - # Check for ipv6 address. - if echo $ip | grep -q :; then - sudo ip6tables -I openstack-INPUT 1 -s $ip -j ACCEPT - else - sudo iptables -I openstack-INPUT 1 -s $ip -j ACCEPT - fi -done - -echo "" >> /home/jenkins/.ssh/authorized_keys -cat /etc/nodepool/id_rsa.pub >> /home/jenkins/.ssh/authorized_keys -echo "" >> /home/jenkins/.ssh/authorized_keys - -ROLE=$(cat /etc/nodepool/role) -if [ $ROLE == "primary" ]; then - cp /etc/nodepool/id_rsa /home/jenkins/.ssh/id_rsa - chmod 0600 /home/jenkins/.ssh/id_rsa -else - rm /etc/nodepool/id_rsa -fi - -sudo chown -R root:root /etc/nodepool -sudo chmod 0755 /etc/nodepool -sudo chmod 0444 /etc/nodepool/* - -/opt/nodepool-scripts/configure_mirror.sh