diff options
| -rw-r--r-- | inventory/host_vars/sk-2019vm.yml | 2 | ||||
| -rw-r--r-- | inventory/host_vars/sk-testvm.yml | 1 | ||||
| -rw-r--r-- | roles/vm/host/tasks/network.yml | 14 | ||||
| -rw-r--r-- | roles/vm/network/templates/interfaces.j2 | 11 |
4 files changed, 17 insertions, 11 deletions
diff --git a/inventory/host_vars/sk-2019vm.yml b/inventory/host_vars/sk-2019vm.yml index bea257aa..fcbf638c 100644 --- a/inventory/host_vars/sk-2019vm.yml +++ b/inventory/host_vars/sk-2019vm.yml @@ -23,7 +23,7 @@ vm_host: # public: # prefix: 1.2.3.0/29 # mappings: - # sk-testvm: [ 0 ] + # sk-testvm: 0 ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" diff --git a/inventory/host_vars/sk-testvm.yml b/inventory/host_vars/sk-testvm.yml index 88fa4de1..49e5f8e8 100644 --- a/inventory/host_vars/sk-testvm.yml +++ b/inventory/host_vars/sk-testvm.yml @@ -28,3 +28,4 @@ network: ip: "{{ hostvars[vm_host].vm_host.network.prefix | ipaddr(hostvars[vm_host].vm_host.network.offsets[inventory_hostname]) | ipaddr('address') }}" mask: "{{ hostvars[vm_host].vm_host.network.prefix | ipaddr('netmask') }}" gateway: "{{ hostvars[vm_host].vm_host.network.prefix | ipaddr('address') }}" +# public: "{{ (hostvars[vm_host].vm_host.network.public.prefix | ipaddr(hostvars[vm_host].vm_host.network.public.mappings[inventory_hostname])).split('/')[0] }}" diff --git a/roles/vm/host/tasks/network.yml b/roles/vm/host/tasks/network.yml index a6eb7333..0c7e36f9 100644 --- a/roles/vm/host/tasks/network.yml +++ b/roles/vm/host/tasks/network.yml @@ -20,19 +20,17 @@ {% if 'nat' in vm_host.network and vm_host.network.nat %} up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding - up /usr/sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} + up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} {% endif %} {% if 'public' in vm_host.network %} {% for dest in vm_host.network.public.mappings %} - {% for idx in vm_host.network.public.mappings[dest] %} - up /usr/sbin/ip route add {{ (vm_host.network.public.prefix | ipaddr(idx)).split('/')[0] }}/32 via {{ (vm_host.network.prefix | ipaddr(vm_host.network.offsets[dest])).split('/')[0] }} # {{ dest }} - {% endfor %} + up /bin/ip route add {{ (vm_host.network.public.prefix | ipaddr(vm_host.network.public.mappings[dest])).split('/')[0] }}/32 via {{ (vm_host.network.prefix | ipaddr(vm_host.network.offsets[dest])).split('/')[0] }} # {{ dest }} {% endfor %} - up /usr/sbin/ip route add unreachable {{ vm_host.network.public.prefix }} - down /usr/sbin/ip route del {{ vm_host.network.public.prefix }} + up /bin/ip route add unreachable {{ vm_host.network.public.prefix }} + down /sbin/ip route del {{ vm_host.network.public.prefix }} {% endif %} {% if 'nat' in vm_host.network and vm_host.network.nat %} - down /usr/sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} + down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} {% endif %} register: vmhost_interface_config @@ -40,4 +38,4 @@ ## if there are VMs running they would end up with a broken network - name: bring vm-host interface up when: vmhost_interface_config is changed - command: "/usr/sbin/ifup {{ vm_host.network.interface }}" + command: "/sbin/ifup {{ vm_host.network.interface }}" diff --git a/roles/vm/network/templates/interfaces.j2 b/roles/vm/network/templates/interfaces.j2 index d59d53e1..aa94440e 100644 --- a/roles/vm/network/templates/interfaces.j2 +++ b/roles/vm/network/templates/interfaces.j2 @@ -10,11 +10,18 @@ iface lo inet loopback # The primary network interface auto {{ network.primary.interface }} iface {{ network.primary.interface }} inet static + pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra + pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf address {{ network.primary.ip }} netmask {{ network.primary.mask }} +{% if 'public' in network.primary %} + up /bin/ip addr add dev $IFACE {{ network.primary.public }}/32 + up /bin/ip route add default via {{ network.primary.gateway }} src {{ network.primary.public }} + down /bin/ip route del default via {{ network.primary.gateway }} src {{ network.primary.public }} + down /bin/ip addr del dev $IFACE {{ network.primary.public }}/32 +{% else %} gateway {{ network.primary.gateway }} - pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra - pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf +{% endif %} {% if 'prefix6' in network.primary %} iface {{ network.primary.interface }} inet6 static |