StarlingX System Configuration Management
Go to file
Andy Ning c36a031f3d Config and enable IPsec during first reboot
This change added ipsec-auth client invocation in controller_config,
worker_config and storage_config init scripts that will run during
first reboot after installation, to configure and enable IPsec for the
node.

Note that IPsec for the first controller is configured and enabled by
bootstrap ansible playbook. So the invocation of ipsec-client is
skipped in controller_config.

Test Plan:
PASS: DX system, install controller-0, bootstrap and unlock, verify
      IPsec is configured and enabled.
PASS: Install controller-1, verify IPsec is configured and enabled
      after first reboot, SAs are established, and controller-1 is
      online.
PASS: Install a worker node, verify IPsec is configured and enabled
      after first reboot, SAs are establishe, and the worker node is
      online.
PASS: After controller-1 and worker hosts are unlocked, verify SAs are
      established among all hosts, and all nodes are in unlocked,
      enabled and available states.
PASS: DC system with SX subcloud, verify System Controller and subcloud
      are deployed successfully. In central cloud, SAs are established
      among all hosts, all nodes are in unlocked, enabled and available
      states.
      Verify subcloud are online, managed, and all resource are in
      in-sync states.
      Verfiy user can ssh to subcloud.

Story: 2010940
Task: 50021

Depends-On: https://review.opendev.org/c/starlingx/ansible-playbooks/+/917868
Signed-off-by: Andy Ning <andy.ning@windriver.com>
Change-Id: I5572b4b50238c0c5e76cc04cabd24078e9defa5b
2024-05-15 17:23:50 -04:00
api-ref/source Add new sysinv unauthenticated region_id api 2024-04-17 14:21:28 -04:00
config-gate Remove CentOS/OpenSUSE build support 2024-04-26 13:45:07 -04:00
controllerconfig Config and enable IPsec during first reboot 2024-05-15 17:23:50 -04:00
devstack Deprecate old policy engine and restrict access 2022-08-10 11:18:38 -03:00
doc Fix tsconfig/root constraints file in tox.ini 2024-03-04 22:22:31 +00:00
releasenotes Remove host hardware sysinv profile 2021-10-18 18:01:40 -03:00
storageconfig Config and enable IPsec during first reboot 2024-05-15 17:23:50 -04:00
sysinv Merge "Enhance app updates during Kubernetes upgrades" 2024-04-30 15:58:21 +00:00
tmp/patch-scripts/EXAMPLE_SYSINV/scripts StarlingX open source release updates 2018-05-31 07:35:52 -07:00
tools/docker/images Enable kubernetes SCTPSupport feature 2019-09-03 19:23:05 +00:00
tsconfig Remove CentOS/OpenSUSE build support 2024-04-26 13:45:07 -04:00
workerconfig Config and enable IPsec during first reboot 2024-05-15 17:23:50 -04:00
.gitignore Minor zuul and tox file cleanup after manifest re-org 2019-09-06 15:40:37 -05:00
.gitreview OpenDev Migration Patch 2019-04-19 19:52:42 +00:00
.yamllint clear yamllint errors under stx-config 2018-09-12 21:11:57 +08:00
.zuul.yaml Update controllerconfig tox environment for debian 2023-05-31 15:25:25 +00:00
bindep.txt py3: Add py39 gate for sysinv 2021-08-27 08:39:06 -04:00
CONTRIBUTORS.wrs StarlingX open source release updates 2018-05-31 07:35:52 -07:00
debian_build_layer.cfg Add debian_build_layer.cfg file 2021-10-05 14:50:08 -04:00
debian_iso_image.inc Setup debian build directory and ipsec-auth package 2024-01-26 09:46:14 -03:00
debian_pkg_dirs Setup debian build directory and ipsec-auth package 2024-01-26 09:46:14 -03:00
debian_stable_wheels.inc debian: Add sysinv wheel to the build 2022-11-21 13:33:24 +00:00
LICENSE StarlingX open source release updates 2018-05-31 07:35:52 -07:00
README.rst starlingx/config README improvement 2023-07-19 12:18:04 -03:00
test-requirements.txt Calling an additional shell lint command from zuul 2021-06-03 17:35:50 -05:00
tox.ini Fix tsconfig/root constraints file in tox.ini 2024-03-04 22:22:31 +00:00

config

The starlingx/config repository handles the StarlingX configuration management services.

Its key component is the System Inventory Service (Sysinv), which provides the system command-line interface (CLI)1.

This repository is not intended to be developed standalone, but rather as part of the StarlingX Source System, which is defined by the StarlingX manifest2.

References


  1. https://docs.starlingx.io/cli_ref/system.html↩︎

  2. https://opendev.org/starlingx/manifest.git↩︎