summaryrefslogtreecommitdiff
path: root/roles/vm/host
diff options
context:
space:
mode:
Diffstat (limited to 'roles/vm/host')
-rw-r--r--roles/vm/host/tasks/network.yml53
1 files changed, 28 insertions, 25 deletions
diff --git a/roles/vm/host/tasks/network.yml b/roles/vm/host/tasks/network.yml
index 0688ec42..802ffd8b 100644
--- a/roles/vm/host/tasks/network.yml
+++ b/roles/vm/host/tasks/network.yml
@@ -9,19 +9,22 @@
copy:
dest: "/etc/network/interfaces.d/br-{{ item.key }}"
content: |
- auto br-{{ item.key }}
- {% if 'prefix' in item.value %}
- iface br-{{ item.key }} inet static
- address {{ item.value.prefix | ipaddr('address') }}
- netmask {{ item.value.prefix | ipaddr('netmask') }}
- {% if 'gateway' in item.value %}
- gateway {{ item.value.gateway }}
+ {% set bridge_name = 'br-'+item.key %}
+ {% set bridge = item.value %}
+ {% set interface = (network.interfaces | selectattr('name', 'eq', bridge_name) | first | default({})) %}
+ auto {{ bridge_name }}
+ {% if 'address' in interface %}
+ iface {{ bridge_name }} inet static
+ address {{ interface.address | ipaddr('address') }}
+ netmask {{ interface.address | ipaddr('netmask') }}
+ {% if 'gateway' in interface %}
+ gateway {{ interface.gateway }}
{% endif %}
{% else %}
- iface br-{{ item.key }} inet manual
+ iface {{ bridge_name }} inet manual
{% endif %}
- {% if 'interfaces' in item.value and (item.value.interfaces | length) > 0 %}
- bridge_ports {{ item.value.interfaces | join(' ') }}
+ {% if 'interfaces' in bridge and (bridge.interfaces | length) > 0 %}
+ bridge_ports {{ bridge.interfaces | join(' ') }}
{% else %}
bridge_ports none
{% endif %}
@@ -34,29 +37,29 @@
up /sbin/sysctl net.bridge.bridge-nf-call-iptables=0
up /sbin/sysctl net.bridge.bridge-nf-call-ip6tables=0
up /sbin/sysctl net.bridge.bridge-nf-call-arptables=0
- {% if 'prefix' in item.value %}
- {% if 'nat' in item.value and item.value.nat %}
+ {% if 'address' in interface and 'prefix' in bridge %}
+ {% if 'nat' in bridge and bridge.nat %}
up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding
up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding
- up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ item.value.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
+ up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }}
{% endif %}
- {% if 'overlay' in item.value %}
- {% for dest, offset in (item.value.overlay.offsets | dictsort(by='value')) %}
- up /bin/ip route add {{ (item.value.overlay.prefix | ipaddr(offset)).split('/')[0] }}/32 via {{ (item.value.prefix | ipaddr(item.value.offsets[dest])).split('/')[0] }} # {{ dest }}
+ {% if 'overlay' in bridge %}
+ {% for dest, offset in (bridge.overlay.offsets | dictsort(by='value')) %}
+ up /bin/ip route add {{ (bridge.overlay.prefix | ipaddr(offset)).split('/')[0] }}/32 via {{ (bridge.prefix | ipaddr(bridge.offsets[dest])).split('/')[0] }} # {{ dest }}
{% endfor %}
- up /bin/ip route add unreachable {{ item.value.overlay.prefix }}
- down /sbin/ip route del {{ item.value.overlay.prefix }}
+ up /bin/ip route add unreachable {{ bridge.overlay.prefix }}
+ down /sbin/ip route del {{ bridge.overlay.prefix }}
{% endif %}
- {% if 'nat' in item.value and item.value.nat %}
- down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ item.value.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
+ {% if 'nat' in bridge and bridge.nat %}
+ down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }}
{% endif %}
{% endif %}
- {% if 'prefix6' in item.value %}
+ {% if 'address6' in interface %}
- iface br-{{ item.key }} inet6 static
- address {{ item.value.prefix6 }}
- {% if 'gateway6' in item.value %}
- gateway {{ item.value.gateway6 }}
+ iface {{ bridge_name }} inet6 static
+ address {{ interface.address6 }}
+ {% if 'gateway6' in interface %}
+ gateway {{ interface.gateway6 }}
{% endif %}
{% endif %}
register: vmhost_bridge_config