...
- Create the lab management "eno49" and OAM network "bond0.201" on the jump host. Below is an example of netplan cofniguration:
Code Block | ||||
---|---|---|---|---|
| ||||
network: version: 2 renderer: networkd ethernets: # Lab management network eno49: dhcp4: yes eno50: # PXE network addresseseno50: addresses: - 10.200.212.20/24 # gateway4:- 10.200.212.120/24 ens1f0: match: macaddress: 3c:fd:fe:ef:10:29 mtu: 9100 set-name: ens1f0 ens1f1: match: macaddress: 3c:fd:fe:ef:10:29 mtu: 9100 set-name: ens1f1 ens4f0: match: macaddress: 3c:fd:fe:ef:0e:b9 mtu: 9100 set-name: ens4f0 ens4f1: match: macaddress: 3c:fd:fe:ef:0e:b9 mtu: 9100 set-name: ens4f1 bonds: bond0: interfaces: - ens1f1 - ens4f0 mtu: 9214 parameters: lacp-rate: fast mode: 802.3ad transmit-hash-policy: layer3+4 vlans: # oam network bond0.201: addresses: - 10.200.201.1/24 id: 201 link: bond0 mtu: 9100 nameservers: addresses: - 8.8.8.8 - 8.8.4.4 |
...
3. Enable IP masquerading
Code Block | ||
---|---|---|
|
...
sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
sudo iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT |
To save settings to iptables either by installing iptables-persistent:
Code Block | ||
---|---|---|
| ||
sudo apt-get install iptables-persistent |
...
if it was already installed please update setting by running:
Code Block | ||
---|---|---|
| ||
sudo dpkg-reconfigure iptables-persistent |
...
or execute the following command:
Code Block | ||
---|---|---|
| ||
sudo iptables-save > /etc/iptables/rules.v4 |
Manifest
TBD
Airship is a declarative way of automating the deployment of a site. Therefore, all the deployment details are defined in the manifests.
...