diff options
author | Christian Pointner <equinox@spreadspace.org> | 2020-07-11 02:58:28 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2020-07-11 02:58:28 +0200 |
commit | 49c58d575f420165f7d8341bccb8b4ba4629e735 (patch) | |
tree | dfbfe6a937ec04fa7d48de8c1d08a1596ba837b2 /roles/vm/host/tasks/network.yml | |
parent | Merge branch 'topic/debian-installer-verification' (diff) | |
parent | ch-gnocchi: remove temporary interface config (diff) |
Merge branch 'topic/vm-host-network'
Diffstat (limited to 'roles/vm/host/tasks/network.yml')
-rw-r--r-- | roles/vm/host/tasks/network.yml | 75 |
1 files changed, 0 insertions, 75 deletions
diff --git a/roles/vm/host/tasks/network.yml b/roles/vm/host/tasks/network.yml deleted file mode 100644 index 802ffd8b..00000000 --- a/roles/vm/host/tasks/network.yml +++ /dev/null @@ -1,75 +0,0 @@ ---- -- name: create network bridges - when: "'bridges' in vm_host.network" - block: - - name: generate bridge interface config - loop: "{{ vm_host.network.bridges | default({}) | dict2items }}" - loop_control: - label: "{{ item.key }}" - copy: - dest: "/etc/network/interfaces.d/br-{{ item.key }}" - content: | - {% set bridge_name = 'br-'+item.key %} - {% set bridge = item.value %} - {% set interface = (network.interfaces | selectattr('name', 'eq', bridge_name) | first | default({})) %} - auto {{ bridge_name }} - {% if 'address' in interface %} - iface {{ bridge_name }} inet static - address {{ interface.address | ipaddr('address') }} - netmask {{ interface.address | ipaddr('netmask') }} - {% if 'gateway' in interface %} - gateway {{ interface.gateway }} - {% endif %} - {% else %} - iface {{ bridge_name }} inet manual - {% endif %} - {% if 'interfaces' in bridge and (bridge.interfaces | length) > 0 %} - bridge_ports {{ bridge.interfaces | join(' ') }} - {% else %} - bridge_ports none - {% endif %} - bridge_stp off - bridge_waitport 0 - bridge_fd 0 - up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra - up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf - up modprobe br_netfilter - up /sbin/sysctl net.bridge.bridge-nf-call-iptables=0 - up /sbin/sysctl net.bridge.bridge-nf-call-ip6tables=0 - up /sbin/sysctl net.bridge.bridge-nf-call-arptables=0 - {% if 'address' in interface and 'prefix' in bridge %} - {% if 'nat' in bridge and bridge.nat %} - up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding - up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding - up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }} - {% endif %} - {% if 'overlay' in bridge %} - {% for dest, offset in (bridge.overlay.offsets | dictsort(by='value')) %} - up /bin/ip route add {{ (bridge.overlay.prefix | ipaddr(offset)).split('/')[0] }}/32 via {{ (bridge.prefix | ipaddr(bridge.offsets[dest])).split('/')[0] }} # {{ dest }} - {% endfor %} - up /bin/ip route add unreachable {{ bridge.overlay.prefix }} - down /sbin/ip route del {{ bridge.overlay.prefix }} - {% endif %} - {% if 'nat' in bridge and bridge.nat %} - down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }} - {% endif %} - {% endif %} - {% if 'address6' in interface %} - - iface {{ bridge_name }} inet6 static - address {{ interface.address6 }} - {% if 'gateway6' in interface %} - gateway {{ interface.gateway6 }} - {% endif %} - {% endif %} - register: vmhost_bridge_config - - ## We don't try to be to clever here: aka don't call ifdown before ifup because - ## if there are VMs running they would end up with a broken network - - name: bring up bridge interfaces - loop: "{{ vmhost_bridge_config.results }}" - loop_control: - label: "br-{{ item.item.key }}" - when: item is changed - command: "/sbin/ifup br-{{ item.item.key }}" - failed_when: false |