# Utility script used to interact with a deployment
# @author Tim Rozet (trozet@redhat.com)
-CONFIG=${CONFIG:-'/var/opt/opnfv'}
-RESOURCES=${RESOURCES:-"$CONFIG/images"}
-LIB=${LIB:-"$CONFIG/lib"}
+# Backwards compat for old ENV Vars
+# Remove in E Release
+if [ -n "$CONFIG" ]; then
+ echo -e "${red}WARNING: ENV var CONFIG is Deprecated, please unset CONFIG and export BASE in its place${reset}"
+ echo -e "${red}WARNING: CONFIG will be removed in E${reset}"
+ BASE=$CONFIG
+fi
+if [ -n "$RESOURCES" ]; then
+ echo -e "${red}WARNING: ENV var RESOURCES is Deprecated, please unset RESOURCES and export IMAGES in its place${reset}"
+ echo -e "${red}WARNING: RESOURCES will be removed in E${reset}"
+ IMAGES=$RESOURCES
+fi
+
+BASE=${BASE:-'/var/opt/opnfv'}
+IMAGES=${IMAGES:-"$BASE/images"}
+LIB=${LIB:-"$BASE/lib"}
VALID_CMDS="undercloud overcloud opendaylight debug-stack mock-detached -h --help"
source $LIB/utility-functions.sh
display_usage() {
echo -e "Usage:\n$0 subcommand [ arguments ]\n"
echo -e "Arguments:\n"
- echo -e " undercloud [ user [ command ] ] Connect to Undercloud VM as user and optionally execute a command\n"
- echo -e " user Optional: Defaults to 'stack'\n"
- echo -e " command Optional: Defaults to none\n"
+ echo -e " undercloud [ user [ command ] ] Connect to Undercloud VM as user and optionally execute a command"
+ echo -e " user Optional: Defaults to 'stack'"
+ echo -e " command Optional: Defaults to none"
echo -e ""
- echo -e " opendaylight Connect to OpenDaylight Karaf console\n"
+ echo -e " opendaylight Connect to OpenDaylight Karaf console"
echo -e ""
- echo -e " overcloud [ node [ command ] ] Connect to an Overcloud node and optionally execute a command\n"
- echo -e " node Required: in format controller|compute<number>. Example: controller0\n"
- echo -e " command Optional: Defaults to none\n"
+ echo -e " overcloud [ node [ command ] ] Connect to an Overcloud node and optionally execute a command"
+ echo -e " node Required: in format controller|compute<number>. Example: controller0"
+ echo -e " command Optional: Defaults to none"
echo -e ""
- echo -e " debug-stack Print parsed deployment failures to stdout \n"
+ echo -e " debug-stack Print parsed deployment failures to stdout"
echo -e ""
- echo -e " mock-detached on | off Add firewall rules to the jump host to mock a detached deployment \n"
+ echo -e " mock-detached on | off Add firewall rules to the jump host to mock a detached deployment\n"
}
##translates the command line argument
;;
mock-detached)
if [ "$2" == "on" ]; then
- echo "Blocking output http and https traffic"
+ echo "Ensuring we can talk to gerrit.opnfv.org"
+ iptables -A OUTPUT -p tcp -d gerrit.opnfv.org --dport 443 -j ACCEPT
+ echo "Blocking output http (80) traffic"
iptables -A OUTPUT -p tcp --dport 80 -j REJECT
+ iptables -A FORWARD -p tcp --dport 80 -j REJECT
+ echo "Blocking output https (443) traffic"
iptables -A OUTPUT -p tcp --dport 443 -j REJECT
+ iptables -A FORWARD -p tcp --dport 443 -j REJECT
+ echo "Blocking output dns (53) traffic"
+ iptables -A FORWARD -p tcp --dport 53 -j REJECT
elif [ "$2" == "off" ]; then
- echo "Allowing output http and https traffic"
+ echo "Cleaning gerrit.opnfv.org specific rule"
+ iptables -D OUTPUT -p tcp -d gerrit.opnfv.org --dport 443 -j ACCEPT
+ echo "Allowing output http (80) traffic"
iptables -D OUTPUT -p tcp --dport 80 -j REJECT
+ iptables -D FORWARD -p tcp --dport 80 -j REJECT
+ echo "Allowing output https (443) traffic"
iptables -D OUTPUT -p tcp --dport 443 -j REJECT
+ iptables -D FORWARD -p tcp --dport 443 -j REJECT
+ echo "Allowing output dns (53) traffic"
+ iptables -D OUTPUT -p tcp --dport 53 -j REJECT
+ iptables -D FORWARD -p tcp --dport 53 -j REJECT
else
display_usage
fi