diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2019-10-06 22:33:31 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2019-10-06 22:33:31 +0200 |
| commit | d3e6cce667930b6a9e9ce9296622f43bec5bf267 (patch) | |
| tree | 050807adaec05f3f5ccf372e6e1a6ffd5bbdc7e4 /roles/vm/host | |
| parent | added support for public address mappings in vm host network (diff) | |
vm/network: add support for public
Diffstat (limited to 'roles/vm/host')
| -rw-r--r-- | roles/vm/host/tasks/network.yml | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/roles/vm/host/tasks/network.yml b/roles/vm/host/tasks/network.yml index a6eb7333..0c7e36f9 100644 --- a/roles/vm/host/tasks/network.yml +++ b/roles/vm/host/tasks/network.yml @@ -20,19 +20,17 @@ {% if 'nat' in vm_host.network and vm_host.network.nat %} up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding - up /usr/sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} + up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} {% endif %} {% if 'public' in vm_host.network %} {% for dest in vm_host.network.public.mappings %} - {% for idx in vm_host.network.public.mappings[dest] %} - up /usr/sbin/ip route add {{ (vm_host.network.public.prefix | ipaddr(idx)).split('/')[0] }}/32 via {{ (vm_host.network.prefix | ipaddr(vm_host.network.offsets[dest])).split('/')[0] }} # {{ dest }} - {% endfor %} + up /bin/ip route add {{ (vm_host.network.public.prefix | ipaddr(vm_host.network.public.mappings[dest])).split('/')[0] }}/32 via {{ (vm_host.network.prefix | ipaddr(vm_host.network.offsets[dest])).split('/')[0] }} # {{ dest }} {% endfor %} - up /usr/sbin/ip route add unreachable {{ vm_host.network.public.prefix }} - down /usr/sbin/ip route del {{ vm_host.network.public.prefix }} + up /bin/ip route add unreachable {{ vm_host.network.public.prefix }} + down /sbin/ip route del {{ vm_host.network.public.prefix }} {% endif %} {% if 'nat' in vm_host.network and vm_host.network.nat %} - down /usr/sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} + down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} {% endif %} register: vmhost_interface_config @@ -40,4 +38,4 @@ ## if there are VMs running they would end up with a broken network - name: bring vm-host interface up when: vmhost_interface_config is changed - command: "/usr/sbin/ifup {{ vm_host.network.interface }}" + command: "/sbin/ifup {{ vm_host.network.interface }}" |