make public ip infra

Signed-off-by: GnomeZworc <nicolas.boufidjeline@g3e.fr>

lib/prime/init.sh

@@ -3,6 +3,18 @@
 . ./lib/metadata.sh
 
 function config_kvm {
+    apt-get install -y \
+        vim \
+        htop \
+        socat \
+        ebtables \
+        qemu-system qemu-utils qemu-kvm \
+        genisoimage \
+        curl \
+        whois \
+        tcpdump \
+        bridge-utils
+
     sysctl -w net.ipv4.ip_forward=1
     iptables -A OUTPUT -p icmp --icmp-type time-exceeded -j DROP
 
@@ -25,6 +37,10 @@ function config_kvm {
     iptables -A INPUT -j ACCEPT_BOGON
 
 
+    brctl addbr br-public
+    brctl stp   "br-public" off
+    ip link set up dev "br-public"
+
     metadata_service
     systemctl daemon-reload
 }

lib/public_ip.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+function add_public_ip {
+    local vpc_name="${1}"
+    local public_ip="${2}"
+    local private_ip="${3}"
+    local host_ip="${4}"
+    
+    ip -n "${vpc_name}" a add "${public_ip}/32" dev br-public
+    ip                  r add "${public_ip}" dev br-public scope link
+    ip -n "${vpc_name}" r add "${host_ip}" dev br-public scope link
+    ip -n "${vpc_name}" r add default via "${host_ip}"
+
+    ip netns exec "${vpc_name}" iptables -t nat -A PREROUTING -d "${public_ip}/32" -j DNAT --to-destination "${private_ip}"
+    ip netns exec "${vpc_name}" iptables -t nat -A POSTROUTING -s "${private_ip}/32" -o br-public --to-source "${public_ip}" -j SNAT
+}
+
+function delete_public_ip {
+    local vpc_name="${1}"
+    local public_ip="${2}"
+    local private_ip="${3}"
+
+    ip -n "${vpc_name}" a del "${public_ip}/32" dev br-public
+    ip                  r del "${public_ip}" dev br-public
+
+    ip netns exec "${vpc_name}" iptables -t nat -D PREROUTING -d "${public_ip}/32" -j DNAT --to-destination "${private_ip}"
+    ip netns exec "${vpc_name}" iptables -t nat -D POSTROUTING -s "${private_ip}/32" -o br-public --to-source "${public_ip}" -j SNAT
+}

lib/vpc.sh

@@ -27,6 +27,20 @@ function create_vpc {
     {
         add_in_db "vpc" "${vpc_name}"
         create_netns "${vpc_name}"
+
+        ip link add "${vpc_name}-ext" type veth peer name "veth-public-int" netns "${vpc_name}"
+        ip netns exec "${vpc_name}" brctl addbr "br-public"
+        ip netns exec "${vpc_name}" brctl stp   "br-public" off
+
+
+        brctl addif "br-public" "${vpc_name}-ext"
+        ip netns exec "${vpc_name}" brctl addif "br-public" "veth-public-int"
+
+
+        ip                  link set up dev "${vpc_name}-ext"
+        ip -n "${vpc_name}" link set up dev "veth-public-int"
+        ip -n "${vpc_name}" link set up dev "br-public"
+
         print_in_color "${COLOR_GREEN}" "Create ${vpc_name}"
     }