c36a031f3d
This change added ipsec-auth client invocation in controller_config, worker_config and storage_config init scripts that will run during first reboot after installation, to configure and enable IPsec for the node. Note that IPsec for the first controller is configured and enabled by bootstrap ansible playbook. So the invocation of ipsec-client is skipped in controller_config. Test Plan: PASS: DX system, install controller-0, bootstrap and unlock, verify IPsec is configured and enabled. PASS: Install controller-1, verify IPsec is configured and enabled after first reboot, SAs are established, and controller-1 is online. PASS: Install a worker node, verify IPsec is configured and enabled after first reboot, SAs are establishe, and the worker node is online. PASS: After controller-1 and worker hosts are unlocked, verify SAs are established among all hosts, and all nodes are in unlocked, enabled and available states. PASS: DC system with SX subcloud, verify System Controller and subcloud are deployed successfully. In central cloud, SAs are established among all hosts, all nodes are in unlocked, enabled and available states. Verify subcloud are online, managed, and all resource are in in-sync states. Verfiy user can ssh to subcloud. Story: 2010940 Task: 50021 Depends-On: https://review.opendev.org/c/starlingx/ansible-playbooks/+/917868 Signed-off-by: Andy Ning <andy.ning@windriver.com> Change-Id: I5572b4b50238c0c5e76cc04cabd24078e9defa5b |
||
---|---|---|
.. | ||
debian | ||
workerconfig | ||
.gitignore | ||
PKG-INFO |