From 8c76a1b0c6e925b529b1cd03ded5b9d0b3d707c4 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Wed, 22 Jul 2020 23:42:03 +0200 Subject: yet another refactoring of the network config --- inventory/host_vars/ch-mimas.yml | 2 +- inventory/host_vars/ch-oulu-vm1.yml | 4 +- inventory/host_vars/ele-gwhetzner.yml | 2 +- inventory/host_vars/emc-master.yml | 2 +- inventory/host_vars/lw-master.yml | 2 +- inventory/host_vars/sk-testvm.yml | 2 +- inventory/host_vars/sk-tomnext-hp.yml | 2 +- inventory/host_vars/sk-tomnext-nc.yml | 2 +- inventory/host_vars/sk-torrent.yml | 2 +- inventory/hosts.ini | 2 +- roles/vm/guest/network/templates/interfaces.j2 | 14 +++++-- .../vm/host/network/templates/bridge-interfaces.j2 | 30 ++++++++------- roles/vm/host/network/templates/interfaces.j2 | 44 +++++++++++++++------- 13 files changed, 68 insertions(+), 42 deletions(-) diff --git a/inventory/host_vars/ch-mimas.yml b/inventory/host_vars/ch-mimas.yml index b8f49a4a..724983a3 100644 --- a/inventory/host_vars/ch-mimas.yml +++ b/inventory/host_vars/ch-mimas.yml @@ -24,7 +24,7 @@ network: name: eth0 address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - config: overlay + template: overlay overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}" interfaces: - *_network_primary_ diff --git a/inventory/host_vars/ch-oulu-vm1.yml b/inventory/host_vars/ch-oulu-vm1.yml index a02a1d77..b12f0034 100644 --- a/inventory/host_vars/ch-oulu-vm1.yml +++ b/inventory/host_vars/ch-oulu-vm1.yml @@ -26,12 +26,12 @@ network: name: lan0 address: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" gateway: "{{ network_zones.lan.gateway }}" - config: multihomed-base + template: multihomed-base interfaces: - *_network_primary_ - name: svc0 address: 192.168.3.1/24 - config: multihomed-overlay + template: multihomed-overlay overlays: - name: mur.at address: 1.2.3.4/28 diff --git a/inventory/host_vars/ele-gwhetzner.yml b/inventory/host_vars/ele-gwhetzner.yml index fe0dc028..2c970fda 100644 --- a/inventory/host_vars/ele-gwhetzner.yml +++ b/inventory/host_vars/ele-gwhetzner.yml @@ -24,7 +24,7 @@ network: name: primary0 address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - config: overlay + template: overlay overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}" interfaces: - *_network_primary_ diff --git a/inventory/host_vars/emc-master.yml b/inventory/host_vars/emc-master.yml index f7d3e5c9..533df8cb 100644 --- a/inventory/host_vars/emc-master.yml +++ b/inventory/host_vars/emc-master.yml @@ -27,7 +27,7 @@ network: name: primary0 address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - config: overlay + template: overlay overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}" interfaces: - *_network_primary_ diff --git a/inventory/host_vars/lw-master.yml b/inventory/host_vars/lw-master.yml index f7d3e5c9..533df8cb 100644 --- a/inventory/host_vars/lw-master.yml +++ b/inventory/host_vars/lw-master.yml @@ -27,7 +27,7 @@ network: name: primary0 address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - config: overlay + template: overlay overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}" interfaces: - *_network_primary_ diff --git a/inventory/host_vars/sk-testvm.yml b/inventory/host_vars/sk-testvm.yml index e0e86352..c9a27b92 100644 --- a/inventory/host_vars/sk-testvm.yml +++ b/inventory/host_vars/sk-testvm.yml @@ -24,7 +24,7 @@ network: name: primary0 address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - config: overlay + template: overlay overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}" interfaces: - *_network_primary_ diff --git a/inventory/host_vars/sk-tomnext-hp.yml b/inventory/host_vars/sk-tomnext-hp.yml index 5bf39fd8..7d748a9a 100644 --- a/inventory/host_vars/sk-tomnext-hp.yml +++ b/inventory/host_vars/sk-tomnext-hp.yml @@ -31,7 +31,7 @@ network: name: primary0 address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - config: overlay + template: overlay overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}" interfaces: - *_network_primary_ diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml index 652770d4..7fb2fb79 100644 --- a/inventory/host_vars/sk-tomnext-nc.yml +++ b/inventory/host_vars/sk-tomnext-nc.yml @@ -30,7 +30,7 @@ network: name: primary0 address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - config: overlay + template: overlay overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}" interfaces: - *_network_primary_ diff --git a/inventory/host_vars/sk-torrent.yml b/inventory/host_vars/sk-torrent.yml index a164b7b0..c7fc62b2 100644 --- a/inventory/host_vars/sk-torrent.yml +++ b/inventory/host_vars/sk-torrent.yml @@ -28,7 +28,7 @@ network: name: primary0 address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - config: overlay + template: overlay overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}" interfaces: - *_network_primary_ diff --git a/inventory/hosts.ini b/inventory/hosts.ini index 7e8051e0..c099ddd9 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -28,7 +28,7 @@ ch-gw-lan host_name=gw-lan ch-jump host_name=jump ansible_port=2342 ansible_host=ch-jump ch-nic host_name=nic ch-oulu host_name=oulu host_domain=helsinki.at -ch-oulu-vm1 host_name=testvm host_domain=helsinki.at +ch-oulu-vm1 host_name=oulu-vm1 host_domain=helsinki.at [chaos-at-home:children] mz-chaos-at-home diff --git a/roles/vm/guest/network/templates/interfaces.j2 b/roles/vm/guest/network/templates/interfaces.j2 index 8e2f324c..c8ff5b94 100644 --- a/roles/vm/guest/network/templates/interfaces.j2 +++ b/roles/vm/guest/network/templates/interfaces.j2 @@ -13,10 +13,18 @@ auto {{ interface.name }} iface {{ interface.name }} inet static pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf -{% include 'interfaces/' + (interface.config | default('simple')) + '.j2' %} -{% if 'address6' in interface %} +{% if 'content' in interface %} + {{ interface.content | indent(2) }} +{% else %} +{% include 'interfaces/' + (interface.template | default('simple')) + '.j2' %} +{% endif %} +{% if 'content6' in interface or 'address6' in interface %} iface {{ interface.name }} inet6 static -{% include 'interfaces/' + (interface.config | default('simple6')) + '.j2' %} +{% if 'content6' in interface %} + {{ interface.content6 | indent(2) }} +{% else %} +{% include 'interfaces/' + (interface.template6 | default('simple6')) + '.j2' %} +{% endif %} {% endif %} {% endfor %} diff --git a/roles/vm/host/network/templates/bridge-interfaces.j2 b/roles/vm/host/network/templates/bridge-interfaces.j2 index 4d80db4c..426f91f8 100644 --- a/roles/vm/host/network/templates/bridge-interfaces.j2 +++ b/roles/vm/host/network/templates/bridge-interfaces.j2 @@ -1,8 +1,8 @@ {% set bridge_name = 'br-'+item.key %} {% set bridge = item.value %} -{% set interface = (network.interfaces | selectattr('name', 'eq', bridge_name) | first | default({})) %} +{% set matched = (network.interfaces | selectattr('name', 'eq', bridge_name) | list) %} auto {{ bridge_name }} -iface {{ bridge_name }} inet {{ ('address' in interface) | ternary('static', 'manual') }} +iface {{ bridge_name }} inet {{ ((matched | length) == 0) | ternary('manual', 'static') }} up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf bridge_ports {{ bridge.interfaces | default(['none']) | join(' ') }} @@ -13,11 +13,12 @@ iface {{ bridge_name }} inet {{ ('address' in interface) | ternary('static', 'ma up /sbin/sysctl net.bridge.bridge-nf-call-iptables=0 up /sbin/sysctl net.bridge.bridge-nf-call-ip6tables=0 up /sbin/sysctl net.bridge.bridge-nf-call-arptables=0 -{% if 'address' in interface %} - address {{ interface.address | ipaddr('address') }} - netmask {{ interface.address | ipaddr('netmask') }} -{% if 'gateway' in interface %} - gateway {{ interface.gateway }} +{% if (matched | length) > 0 %} +{% set interface = matched | first %} +{% if 'content' in interface %} + {{ interface.content | indent(2) }} +{% else %} +{% include 'interfaces/' + (interface.template | default('simple')) + '.j2' %} {% endif %} {% if 'prefix' in bridge %} {% if 'nat' in bridge and bridge.nat %} @@ -26,7 +27,7 @@ iface {{ bridge_name }} inet {{ ('address' in interface) | ternary('static', 'ma up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }} {% endif %} {% for overlay_name in (bridge.overlays | default({}) | list | sort) %} -{% set overlay = bridge.overlays[overlay_name] %} +{% set overlay = bridge.overlays[overlay_name] %} {% for dest, offset in (overlay.offsets | dictsort(by='value')) %} up /bin/ip route add {{ (overlay.prefix | ipaddr(offset)).split('/')[0] }}/32 via {{ (bridge.prefix | ipaddr(bridge.offsets[dest])).split('/')[0] }} # {{ dest }} {% endfor %} @@ -37,12 +38,13 @@ iface {{ bridge_name }} inet {{ ('address' in interface) | ternary('static', 'ma down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }} {% endif %} {% endif %} -{% endif %} -{% if 'address6' in interface %} +{% if 'content6' in interface or 'address6' in interface %} -iface {{ bridge_name }} inet6 static - address {{ interface.address6 }} -{% if 'gateway6' in interface %} - gateway {{ interface.gateway6 }} +iface {{ interface.name }} inet6 static +{% if 'content6' in interface %} + {{ interface.content6 | indent(2) }} +{% else %} +{% include 'interfaces/' + (interface.template6 | default('simple6')) + '.j2' %} +{% endif %} {% endif %} {% endif %} diff --git a/roles/vm/host/network/templates/interfaces.j2 b/roles/vm/host/network/templates/interfaces.j2 index 6daa22bd..284c1cb6 100644 --- a/roles/vm/host/network/templates/interfaces.j2 +++ b/roles/vm/host/network/templates/interfaces.j2 @@ -19,9 +19,9 @@ iface {{ interface }} inet manual {% for bond in network.bonds | default([]) %} ## Bond: {{ bond.name }} -{% set tmp = network.interfaces | selectattr('name', 'eq', bond.name) | list %} +{% set matched = network.interfaces | selectattr('name', 'eq', bond.name) | list %} auto {{ bond.name }} -iface {{ bond.name }} inet {{ ((tmp | length) == 0) | ternary('manual', 'static') }} +iface {{ bond.name }} inet {{ ((matched | length) == 0) | ternary('manual', 'static') }} up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf bond-mode {{ bond.mode }} @@ -29,13 +29,21 @@ iface {{ bond.name }} inet {{ ((tmp | length) == 0) | ternary('manual', 'static' {% for option in (bond.options | default({}) | list | sort) %} bond-{{ option }} {{ bond.options[option] }} {% endfor %} -{% if (tmp | length) > 0 %} -{% set interface = tmp | first %} -{% include 'interfaces/' + (interface.config | default('simple')) + '.j2' %} -{% if 'address6' in interface %} +{% if (matched | length) > 0 %} +{% set interface = matched | first %} +{% if 'content' in interface %} + {{ interface.content | indent(2) }} +{% else %} +{% include 'interfaces/' + (interface.template | default('simple')) + '.j2' %} +{% endif %} +{% if 'content6' in interface or 'address6' in interface %} iface {{ interface.name }} inet6 static -{% include 'interfaces/' + (interface.config | default('simple6')) + '.j2' %} +{% if 'content6' in interface %} + {{ interface.content6 | indent(2) }} +{% else %} +{% include 'interfaces/' + (interface.template6 | default('simple6')) + '.j2' %} +{% endif %} {% endif %} {% endif %} @@ -46,18 +54,26 @@ iface {{ interface.name }} inet6 static {% for vlan in network.vlans[parent] %} {% set interface_name = parent+'.'+(vlan | string) %} -{% set tmp = network.interfaces | selectattr('name', 'eq', interface_name) | list %} +{% set matched = network.interfaces | selectattr('name', 'eq', interface_name) | list %} auto {{ interface_name }} -iface {{ interface_name }} inet {{ ((tmp | length) == 0) | ternary('manual', 'static') }} +iface {{ interface_name }} inet {{ ((matched | length) == 0) | ternary('manual', 'static') }} up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf -{% if (tmp | length) > 0 %} -{% set interface = tmp | first %} -{% include 'interfaces/' + (interface.config | default('simple')) + '.j2' %} -{% if 'address6' in interface %} +{% if (matched | length) > 0 %} +{% set interface = matched | first %} +{% if 'content' in interface %} + {{ interface.content | indent(2) }} +{% else %} +{% include 'interfaces/' + (interface.template | default('simple')) + '.j2' %} +{% endif %} +{% if 'content6' in interface or 'address6' in interface %} iface {{ interface.name }} inet6 static -{% include 'interfaces/' + (interface.config | default('simple6')) + '.j2' %} +{% if 'content6' in interface %} + {{ interface.content6 | indent(2) }} +{% else %} +{% include 'interfaces/' + (interface.template6 | default('simple6')) + '.j2' %} +{% endif %} {% endif %} {% endif %} -- cgit v1.2.3