LB_ID=foo-lb01-prod
 
AMPHORA_ID=$(openstack loadbalancer amphora list --loadbalancer ${LB_ID} --role MASTER -c id -f value)
AMPHORA_COMPUTE_ID=$(openstack loadbalancer amphora show ${AMPHORA_ID} -c compute_id -f value)
LB_NETWORK_IP=$(openstack loadbalancer amphora show ${AMPHORA_ID} -c lb_network_ip -f value)
SECURITY_GROUP_ID=$(openstack port list --server ${AMPHORA_COMPUTE_ID} --fixed-ip "ip-address=${LB_NETWORK_IP}" -c security_group_ids -f value)
 
# DEBUG: show ingress tcp rules
openstack security group rule list --ingress --protocol tcp ${SECURITY_GROUP_ID}
openstack security group rule create --protocol tcp --dst-port 22:22 --remote-ip 172.16.0.0/12  ${SECURITY_GROUP_ID}
openstack loadbalancer amphora list --loadbalancer ${LB_ID} -c  lb_network_ip -c role -f value
openstack loadbalancer amphora list --loadbalancer ${LB_ID} -c  lb_network_ip --role MASTER -f value
 
# login to amphora VM from OpenStack control node
ssh local@ctl1-dev.dev.i.example.com
ssh -i ~/.ssh/id_rsa_octavia ubuntu@${AMPHORA_VM_IP}

wget https://netix.dl.sourceforge.net/project/opengapps/arm/20200429/open_gapps-arm-9.0-nano-20200429.zip -P /tmp

sudo apt-get install -y build-essential cmake zlib1g-dev qt5-default libusb-1.0-0-dev libgl1-mesa-glx libgl1-mesa-dev
 
git clone https://gitlab.com/BenjaminDobell/Heimdall.git /tmp/Heimdall
cd /tmp/Heimdall
mkdir build
cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make
 
# test
cd bin/
./heimdall version

wget https://dl.twrp.me/hlte/twrp-3.3.1-0-hlte.img -P /tmp

# create bridge
ovs-vsctl add-br mybridge
# ifconfig mybridge up
ip link set mybridge up
ovs-vsctl show
 
# connect ovs bridge to external network
ovs-vsctl add-port mybridge eno1
ifconfig eno1 0
dhclient mybridge -v
ip a show mybridge
route -n
 
# create LXD container
lxc profile create disk-only
lxc storage create pool1 dir
lxc profile device add disk-only root disk path=/ pool=pool1
lxc profile show disk-only
lxc launch ubuntu:18.04 ovs1 -p disk-only
lxc config device add ovs1 eth0 nic nictype=bridged parent=mybridge host_name=vport11
lxc launch ubuntu:18.04 ovs2 -p disk-only
lxc config device add ovs2 eth0 nic nictype=bridged parent=mybridge host_name=vport12
lxc network list

lxc network create lxdbr0
lxc network create lxdbr0 ipv4.address=10.0.33.1/24 ipv4.nat=true ipv6.address=none
lxc profile device add default eth0 nic nictype=bridged parent=lxdbr0 name=eth0
 
# disable IPv6 inside of container
lxc network set lxdbr0 ipv6.address none

lxc stop c1
lxc network attach lxdbr0 c1 eth0 eth0
lxc config device set c1 eth0 ipv4.address 10.0.0.12
lxc start c1
 
# add NICs
lxc config device add vm-dhcp1-dev dev-mgmt-new nic name=dev-mgmt nictype=macvlan parent=dev-mgmt

lxc network set lxdbr0 ipv6.dhcp.stateful true

lxc profile create disk-only
lxc storage create pool1 dir
lxc profile device add disk-only root disk path=/ pool=pool1
lxc profile show disk-only
lxc launch ubuntu:18.04 ovs1 -p disk-only
lxc config device add ovs1 eth0 nic nictype=bridged parent=ovsbridge host_name=vport11
lxc network list

# test static ip
lxc launch redis r
lxc config device override r
lxc config device set r eth0 ipv4.address 10.100.0.100

helm repo add gitea-charts https://dl.gitea.com/charts/
helm install gitea gitea-charts/gitea

# search server by port ID
openstack port show -c device_id -f value ${PORT_ID}
openstack show show ${PORT_ID}
openstack router show ${PORT_ID}

sudo apt-get install -y tinyproxy
 
sed -i 's|#Allow 192.168.0.0/16|Allow 192.168.0.0/16|g' /etc/tinyproxy.conf
sed -i 's|Port 8888|Port 8080|g' /etc/tinyproxy.conf
 
Port 80
Allow 10.0.0.0/8
 
FilterExtended On
FilterURLs On
FilterDefaultDeny Yes
Filter "/etc/tinyproxy/whitelist"
#Filter "/etc/tinyproxy/filter"
 
 
service tinyproxy restart