blob: 343a1b00852ba036d37347224455ea6f4409a36c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
---
- name: create interface config
copy:
dest: "/etc/network/interfaces.d/{{ vm_host.network.interface }}"
content: |
auto {{ vm_host.network.interface }}
iface {{ vm_host.network.interface }} inet static
address {{ vm_host.network.prefix | ipaddr('address') }}
netmask {{ vm_host.network.prefix | ipaddr('netmask') }}
bridge_ports none
bridge_stp off
bridge_waitport 0
bridge_fd 0
up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra
up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf
up modprobe br_netfilter
up /sbin/sysctl net.bridge.bridge-nf-call-iptables=0
up /sbin/sysctl net.bridge.bridge-nf-call-ip6tables=0
up /sbin/sysctl net.bridge.bridge-nf-call-arptables=0
{% if 'nat' in vm_host.network and vm_host.network.nat %}
up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding
up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding
up /usr/sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
down /usr/sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
{% endif %}
register: vmhost_interface_config
## We don't try to be to clever here: aka don't call ifdown before ifup because
## if there are VMs running they would end up with a broken network
- name: bring vm-host interface up
when: vmhost_interface_config is changed
command: "/usr/sbin/ifup {{ vm_host.network.interface }}"
|
