fickit: Fix IP and ifaces

fickit-backend.yml

@@ -41,20 +41,21 @@ onboot:
 #    image: linuxkit/openntpd:d6c36ac367ed26a6eeffd8db78334d9f8041b038
   - name: synchro-ip-setup
     image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
-    command: ["/bin/sh", "-c", "ip a add 10.10.10.1/29 dev eth0; ip link set eth0 up;" ]
+    command: ["/bin/sh", "-c", "ip a add 10.10.10.1/29 dev eth2; ip link set eth2 up;" ]
     net: new
     runtime:
       interfaces:
-        - name: eth0
+        - name: eth2
       bindNS:
         net: /run/netns/synchro
   - name: admin-ip-setup
     image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
-    command: ["/bin/sh", "-c", "ip link add link eth1 name adminiface type vlan id 99; ip a add 172.16.99.219/24 dev adminiface; ip link set eth1 up; ip link set adminiface up; ip r add default via 172.16.99.1; ip a add 172.17.0.2/24 dev vethin-admin; ip link set vethin-admin up; ping -W 10 -c 1 172.16.99.1;" ]
+    #command: ["/bin/sh", "-c", "ip link add link eth3 name adminiface type vlan id 99; ip a add 172.16.99.219/24 dev adminiface; ip link set eth3 up; ip link set adminiface up; ip r add default via 172.16.99.1; ip a add 172.17.0.2/24 dev vethin-admin; ip link set vethin-admin up; ping -W 10 -c 1 172.16.99.1;" ]
+    command: ["/bin/sh", "-c", "ip a add 192.168.49.10/24 dev eth3; ip link set eth3 up; ip r add default via 192.168.49.1; ip a add 172.17.0.2/24 dev vethin-admin; ip link set vethin-admin up; ping -W 10 -c 1 192.168.49.1;" ]
     net: new
     runtime:
       interfaces:
-        - name: eth1
+        - name: eth3
         - name: vethin-admin
           add: veth
           peer: veth-admin
@@ -388,7 +389,7 @@ files:
       [0:0] -A OUTPUT -p icmp --icmp-type 0 -j ACCEPT
       [0:0] -A OUTPUT -p icmp --icmp-type 8 -j ACCEPT
       [0:0] -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-      [0:0] -A OUTPUT -o eth0 -d 10.10.10.2 -p tcp -m conntrack --ctstate NEW -m tcp --dport ssh -j ACCEPT
+      [0:0] -A OUTPUT -o eth2 -d 10.10.10.2 -p tcp -m conntrack --ctstate NEW -m tcp --dport ssh -j ACCEPT
       [0:0] -A OUTPUT -j LOG
       [0:0] -A OUTPUT -j REJECT
       COMMIT

fickit-frontend.yml

@@ -48,17 +48,17 @@ onboot:
         net: /run/netns/nginx
   - name: frontal-ip-setup # without bonding
     image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
-    command: ["/bin/sh", "-c", "ip link set eth1 up; ip a add 172.23.42.1/24 dev eth1; ip a add 172.23.42.254/24 dev eth1; ip a add 91.243.117.240/32 dev eth1; ip link add link eth1 name internet type vlan id 2; ip link set internet up;" ]
+    command: ["/bin/sh", "-c", "ip link set name bond-frontal eth3; ip link set bond-frontal up; ip a add 192.168.50.10/24 dev bond-frontal; ip a add 91.243.117.240/32 dev bond-frontal; ip link add link bond-frontal name internet type vlan id 4; ip link set internet up;" ]
     net: /run/netns/nginx
     runtime:
       interfaces:
-        - name: eth1
+#        - name: eth1
 #        - name: eth2
-#        - name: eth3
+        - name: eth3
 #        - name: eth4
 #  - name: frontal-ip-setup # with bonding
 #    image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
-#    command: ["/bin/sh", "-c", "ip link set dev bond-frontal type bond mode balance-alb; ip link set bond-frontal up; ifenslave bond-frontal eth1 eth2 eth3 eth4; ip a add 172.23.42.254/24 dev bond-frontal; ip a add 172.23.42.1/24 dev bond-frontal; ip a add 91.243.117.240/32 dev bond-frontal; ip link add link bond-frontal name internet type vlan id 2; ip link set internet up; sysctl -w net.ipv4.ip_forward=1;" ]
+#    command: ["/bin/sh", "-c", "ip link set dev bond-frontal type bond mode balance-alb; ip link set bond-frontal up; ifenslave bond-frontal eth1 eth2 eth3 eth4; ip a add 172.23.42.254/24 dev bond-frontal; ip a add 172.23.42.1/24 dev bond-frontal; ip a add 91.243.117.240/32 dev bond-frontal; ip link add link bond-frontal name internet type vlan id 4; ip link set internet up; sysctl -w net.ipv4.ip_forward=1;" ]
 #    net: /run/netns/nginx
 #    runtime:
 #      interfaces:
@@ -81,11 +81,11 @@ onboot:
         net: /run/netns/fic-frontend
   - name: sshd-ip-setup
     image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
-    command: ["/bin/sh", "-c", "ip a add 10.10.10.2/29 dev eth0; ip link set eth0 up;" ]
+    command: ["/bin/sh", "-c", "ip a add 10.10.10.2/29 dev eth2; ip link set eth2 up;" ]
     net: new
     runtime:
       interfaces:
-        - name: eth0
+        - name: eth2
       bindNS:
         net: /run/netns/sshd
   - name: auth-ip-setup
@@ -420,7 +420,7 @@ files:
       [0:0] -A INPUT -m conntrack --ctstate INVALID -j DROP
       [0:0] -A INPUT -p icmp -j ACCEPT
       [0:0] -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-      [0:0] -A INPUT -i eth0 -s 10.10.10.0/29 -p tcp -m conntrack --ctstate NEW -m tcp --dport ssh -j ACCEPT
+      [0:0] -A INPUT -i eth2 -s 10.10.10.0/29 -p tcp -m conntrack --ctstate NEW -m tcp --dport ssh -j ACCEPT
       [0:0] -A INPUT -j LOG
       [0:0] -A FORWARD -j LOG
       [0:0] -A OUTPUT -o lo -j ACCEPT