5 files changed, 18 insertions, 18 deletions

diff --git a/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml b/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml
index 8c5f5065..37b5030d 100644
--- a/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml
+++ b/roles/kubernetes/kubeadm/base/tasks/net_kubeguard.yml
@@ -25,26 +25,26 @@
   #                        it must probably be brought down by the old version of the script
 
 - name: generate wireguard private key
-  shell: "umask 077; wg genkey > /var/lib/kubeguard/kube-wg0.privatekey"
+  shell: "umask 077; wg genkey > /var/lib/kubeguard/kubeguard-wg0.privatekey"
   args:
-    creates: /var/lib/kubeguard/kube-wg0.privatekey
+    creates: /var/lib/kubeguard/kubeguard-wg0.privatekey
 
 - name: fetch wireguard public key
-  shell: "wg pubkey < /var/lib/kubeguard/kube-wg0.privatekey"
+  shell: "wg pubkey < /var/lib/kubeguard/kubeguard-wg0.privatekey"
   register: kubeguard_wireguard_pubkey
   changed_when: false
   check_mode: no
 
-- name: install systemd service unit for network interfaces
+- name: install systemd service unit for network interface
   template:
-    src: net_kubeguard/kubeguard-interfaces.service.j2
-    dest: /etc/systemd/system/kubeguard-interfaces.service
+    src: net_kubeguard/interface.service.j2
+    dest: /etc/systemd/system/kubeguard-interface.service
   # TODO: notify: reload???
 
-- name: make sure kubeguard interfaces service is started and enabled
+- name: make sure kubeguard interface service is started and enabled
   systemd:
     daemon_reload: yes
-    name: kubeguard-interfaces.service
+    name: kubeguard-interface.service
     state: started
     enabled: yes
 
@@ -53,7 +53,7 @@
   loop_control:
     loop_var: peer
   template:
-    src: net_kubeguard/kubeguard-peer.service.j2
+    src: net_kubeguard/peer.service.j2
     dest: "/etc/systemd/system/kubeguard-peer-{{ peer }}.service"
   # TODO: notify restart for peers that change...
 
@@ -80,5 +80,5 @@
 
 - name: install cni config
   template:
-    src: net_kubeguard/k8s.json.j2
+    src: net_kubeguard/cni.json.j2
     dest: /etc/cni/net.d/kubeguard.json
diff --git a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/k8s.json.j2 b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/cni.json.j2
index 65b1357a..eb9e3d61 100644
--- a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/k8s.json.j2
+++ b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/cni.json.j2
@@ -1,8 +1,8 @@
 {
   "cniVersion": "0.3.1",
-  "name": "k8s",
+  "name": "kubeguard",
   "type": "bridge",
-  "bridge": "kube-br0",
+  "bridge": "kubeguard-br0",
   "isDefaultGateway": true,
   "hairpinMode": true,
   "ipam": {
diff --git a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/ifupdown.sh.j2 b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/ifupdown.sh.j2
index d8153102..f940d413 100644
--- a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/ifupdown.sh.j2
+++ b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/ifupdown.sh.j2
@@ -9,12 +9,12 @@ INET_IF="{{ ansible_default_ipv4.interface }}"
 POD_NET_CIDR="{{ kubernetes.pod_ip_range }}"
 
 {% set br_net = kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) -%}
-BR_IF="kube-br0"
+BR_IF="kubeguard-br0"
 BR_IP="{{ br_net | ipaddr(1) | ipaddr('address')  }}"
 BR_IP_CIDR="{{ br_net | ipaddr(1) }}"
 BR_NET_CIDR="{{ br_net }}"
 
-TUN_IF="kube-wg0"
+TUN_IF="kubeguard-wg0"
 TUN_IP_CIDR="{{ kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, 0) | ipaddr(kubeguard.node_index[inventory_hostname]) }}"
 
 
diff --git a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/kubeguard-interfaces.service.j2 b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/interface.service.j2
index 35fc8f90..35fc8f90 100644
--- a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/kubeguard-interfaces.service.j2
+++ b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/interface.service.j2
diff --git a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/kubeguard-peer.service.j2 b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/peer.service.j2
index 92300253..c9d96a5a 100644
--- a/roles/kubernetes/kubeadm/base/templates/net_kubeguard/kubeguard-peer.service.j2
+++ b/roles/kubernetes/kubeadm/base/templates/net_kubeguard/peer.service.j2
@@ -1,8 +1,8 @@
 [Unit]
 Description=Kubernetes Network Peer {{ peer }}
 After=network.target
-Requires=kubeguard-interfaces.service
-After=kubeguard-interfaces.service
+Requires=kubeguard-interface.service
+After=kubeguard-interface.service
 
 {% set pod_ip_self = kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) | ipaddr(1) | ipaddr('address') -%}
 {% set pod_net_peer = kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[peer]) -%}
@@ -28,8 +28,8 @@ ExecStop=/sbin/ip route del {{ pod_net_peer }}
 ExecStop=/sbin/ip link set down dev {{ direct_interface }}
 ExecStop=/sbin/ip addr del {{ direct_ip }} dev {{ direct_interface }}
 {% else %}
-ExecStart=/usr/bin/wg set kube-wg0 peer {{ wg_pubkey }} allowed-ips {{ wg_allowedips }} endpoint {{ wg_host }}:{{ wg_port }} persistent-keepalive 10
-ExecStop=/usr/bin/wg set kube-wg0 peer {{ wg_pubkey }} remove
+ExecStart=/usr/bin/wg set kubeguard-wg0 peer {{ wg_pubkey }} allowed-ips {{ wg_allowedips }} endpoint {{ wg_host }}:{{ wg_port }} persistent-keepalive 10
+ExecStop=/usr/bin/wg set kubeguard-wg0 peer {{ wg_pubkey }} remove
 {% endif %}
 RemainAfterExit=yes