diff options
Diffstat (limited to 'roles/vm')
-rw-r--r-- | roles/vm/guest/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/vm/host/tasks/network.yml | 53 | ||||
-rw-r--r-- | roles/vm/network/tasks/main.yml | 37 | ||||
-rw-r--r-- | roles/vm/network/templates/interfaces.j2 | 44 | ||||
-rw-r--r-- | roles/vm/network/templates/resolv.conf.j2 | 2 |
5 files changed, 75 insertions, 63 deletions
diff --git a/roles/vm/guest/tasks/main.yml b/roles/vm/guest/tasks/main.yml index 72ea3272..e68f04df 100644 --- a/roles/vm/guest/tasks/main.yml +++ b/roles/vm/guest/tasks/main.yml @@ -39,4 +39,4 @@ content: | [Service] ExecStart= - ExecStart=-/sbin/agetty --keep-baud 115200,38400,9600 --noclear --autologin root --login-pause --host {{ install_cooked.vm.host }} %I $TERM + ExecStart=-/sbin/agetty --keep-baud 115200,38400,9600 --noclear --autologin root --login-pause --host {{ vm_host_cooked.name }} %I $TERM diff --git a/roles/vm/host/tasks/network.yml b/roles/vm/host/tasks/network.yml index 0688ec42..802ffd8b 100644 --- a/roles/vm/host/tasks/network.yml +++ b/roles/vm/host/tasks/network.yml @@ -9,19 +9,22 @@ copy: dest: "/etc/network/interfaces.d/br-{{ item.key }}" content: | - auto br-{{ item.key }} - {% if 'prefix' in item.value %} - iface br-{{ item.key }} inet static - address {{ item.value.prefix | ipaddr('address') }} - netmask {{ item.value.prefix | ipaddr('netmask') }} - {% if 'gateway' in item.value %} - gateway {{ item.value.gateway }} + {% set bridge_name = 'br-'+item.key %} + {% set bridge = item.value %} + {% set interface = (network.interfaces | selectattr('name', 'eq', bridge_name) | first | default({})) %} + auto {{ bridge_name }} + {% if 'address' in interface %} + iface {{ bridge_name }} inet static + address {{ interface.address | ipaddr('address') }} + netmask {{ interface.address | ipaddr('netmask') }} + {% if 'gateway' in interface %} + gateway {{ interface.gateway }} {% endif %} {% else %} - iface br-{{ item.key }} inet manual + iface {{ bridge_name }} inet manual {% endif %} - {% if 'interfaces' in item.value and (item.value.interfaces | length) > 0 %} - bridge_ports {{ item.value.interfaces | join(' ') }} + {% if 'interfaces' in bridge and (bridge.interfaces | length) > 0 %} + bridge_ports {{ bridge.interfaces | join(' ') }} {% else %} bridge_ports none {% endif %} @@ -34,29 +37,29 @@ up /sbin/sysctl net.bridge.bridge-nf-call-iptables=0 up /sbin/sysctl net.bridge.bridge-nf-call-ip6tables=0 up /sbin/sysctl net.bridge.bridge-nf-call-arptables=0 - {% if 'prefix' in item.value %} - {% if 'nat' in item.value and item.value.nat %} + {% if 'address' in interface and 'prefix' in bridge %} + {% if 'nat' in bridge and bridge.nat %} up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding - up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ item.value.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} + up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }} {% endif %} - {% if 'overlay' in item.value %} - {% for dest, offset in (item.value.overlay.offsets | dictsort(by='value')) %} - up /bin/ip route add {{ (item.value.overlay.prefix | ipaddr(offset)).split('/')[0] }}/32 via {{ (item.value.prefix | ipaddr(item.value.offsets[dest])).split('/')[0] }} # {{ dest }} + {% if 'overlay' in bridge %} + {% for dest, offset in (bridge.overlay.offsets | dictsort(by='value')) %} + up /bin/ip route add {{ (bridge.overlay.prefix | ipaddr(offset)).split('/')[0] }}/32 via {{ (bridge.prefix | ipaddr(bridge.offsets[dest])).split('/')[0] }} # {{ dest }} {% endfor %} - up /bin/ip route add unreachable {{ item.value.overlay.prefix }} - down /sbin/ip route del {{ item.value.overlay.prefix }} + up /bin/ip route add unreachable {{ bridge.overlay.prefix }} + down /sbin/ip route del {{ bridge.overlay.prefix }} {% endif %} - {% if 'nat' in item.value and item.value.nat %} - down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ item.value.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} + {% if 'nat' in bridge and bridge.nat %} + down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }} {% endif %} {% endif %} - {% if 'prefix6' in item.value %} + {% if 'address6' in interface %} - iface br-{{ item.key }} inet6 static - address {{ item.value.prefix6 }} - {% if 'gateway6' in item.value %} - gateway {{ item.value.gateway6 }} + iface {{ bridge_name }} inet6 static + address {{ interface.address6 }} + {% if 'gateway6' in interface %} + gateway {{ interface.gateway6 }} {% endif %} {% endif %} register: vmhost_bridge_config diff --git a/roles/vm/network/tasks/main.yml b/roles/vm/network/tasks/main.yml index b17aba8b..27a7682a 100644 --- a/roles/vm/network/tasks/main.yml +++ b/roles/vm/network/tasks/main.yml @@ -1,24 +1,25 @@ --- -- block: - - name: remove legacy systemd.link units - loop: - - 50-virtio-kernel-names.link - - 99-default.link - file: - name: "/etc/systemd/network/{{ item }}" - state: absent +- name: configure systemd link units + when: network_cooked.systemd_link is defined + block: + - name: remove legacy systemd.link units + loop: + - 50-virtio-kernel-names.link + - 99-default.link + file: + name: "/etc/systemd/network/{{ item }}" + state: absent - - name: install systemd network link units - loop: "{{ network.systemd_link.interfaces }}" - loop_control: - label: "{{ item.name }}" - index_var: interface_index - template: - src: systemd.link.j2 - dest: "/etc/systemd/network/{{ '%02d' | format(interface_index + 11) }}-{{ item.name }}.link" - notify: rebuild initramfs + - name: install systemd network link units + loop: "{{ network_cooked.systemd_link.interfaces }}" + loop_control: + label: "{{ item.name }}" + index_var: interface_index + template: + src: systemd.link.j2 + dest: "/etc/systemd/network/{{ '%02d' | format(interface_index + 11) }}-{{ item.name }}.link" + notify: rebuild initramfs - when: network.systemd_link is defined - name: install basic interface config template: diff --git a/roles/vm/network/templates/interfaces.j2 b/roles/vm/network/templates/interfaces.j2 index db0e322f..d257a98a 100644 --- a/roles/vm/network/templates/interfaces.j2 +++ b/roles/vm/network/templates/interfaces.j2 @@ -6,25 +6,33 @@ source /etc/network/interfaces.d/* # The loopback network interface auto lo iface lo inet loopback +{% for interface in network_cooked.interfaces %} -# The primary network interface -auto {{ network.primary.interface }} -iface {{ network.primary.interface }} inet static + +auto {{ interface.name }} +iface {{ interface.name }} inet static pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf - address {{ network.primary.ip }} - netmask {{ network.primary.mask }} -{% if 'overlay' in network.primary %} - up /bin/ip addr add dev $IFACE {{ network.primary.overlay }}/32 - up /bin/ip route add default via {{ network.primary.gateway }} src {{ network.primary.overlay }} - down /bin/ip route del default via {{ network.primary.gateway }} src {{ network.primary.overlay }} - down /bin/ip addr del dev $IFACE {{ network.primary.overlay }}/32 -{% else %} - gateway {{ network.primary.gateway }} -{% endif %} -{% if 'prefix6' in network.primary %} + address {{ interface.address | ipaddr('address') }} + netmask {{ interface.address | ipaddr('netmask') }} +{% if 'overlay' in interface %} + up /bin/ip addr add dev $IFACE {{ interface.overlay }}/32 +{% if 'gateway' in interface %} + up /bin/ip route add default via {{ interface.gateway }} src {{ interface.overlay }} + down /bin/ip route del default via {{ interface.gateway }} src {{ interface.overlay }} +{% endif %} + down /bin/ip addr del dev $IFACE {{ interface.overlay }}/32 +{% else %} +{% if 'gateway' in interface %} + gateway {{ interface.gateway }} +{% endif %} +{% endif %} +{% if 'address6' in interface %} -iface {{ network.primary.interface }} inet6 static - address {{ network.primary.prefix6 }} - gateway {{ network.primary.gateway6 }} -{% endif %} +iface {{ interface.name }} inet6 static + address {{ interface.address6 }} +{% if 'gateway6' in interface %} + gateway {{ interface.gateway6 }} +{% endif %} +{% endif %} +{% endfor %} diff --git a/roles/vm/network/templates/resolv.conf.j2 b/roles/vm/network/templates/resolv.conf.j2 index a32ec181..f62b6ed7 100644 --- a/roles/vm/network/templates/resolv.conf.j2 +++ b/roles/vm/network/templates/resolv.conf.j2 @@ -1,4 +1,4 @@ -{% for nsrv in network.nameservers %} +{% for nsrv in network_cooked.nameservers %} nameserver {{ nsrv }} {% endfor %} search {{ network.domain }} |