Skip to content
Snippets Groups Projects
Commit 10d42a6c authored by Lars Beckers's avatar Lars Beckers
Browse files

networkd: more flexible config, allows multiple/routed networks

parent 9de9e14c
No related branches found
No related tags found
No related merge requests found
--- ---
networkd_type: 'dhcp' # or: 'static', 'bond' # networkd:
# - type: 'dhcp'
# - type: 'static'
# address: '10.10.10.10/24'
# gateway: '10.10.10.1'
# - type: 'routed'
# interfaces:
# - 'eth0'
# addresses:
# - '10.10.10.10/24'
# nameservers:
# - '8.8.8.8'
# routes:
# - gateway: '10.10.10.1'
# destination: '10.12.0.0/24'
# source: '10.10.10.10'
# metric: '100'
# - type: 'vlan'
# interface: 'eth0'
# vlans:
# - id: 23
# name: storage
# bridge: false
# address: 10.10.10.10/24
# - type: 'bond'
# bond: 'bond1'
# interfaces:
# - eth0
# - eth1
# vlans:
# - id: 23
# name: storage
# bridge: false
# address: 10.10.10.10/24
# - id: 42
# name: public
# bridge: true
# address: 10.10.12.22/24
# gateway: 10.10.12.1
# - id: 69
# name: transport
# bridge: true
networkd_type: 'dhcp' # if networkd not defined
networkd_ipfwd: false # works only globally anyway
### old style config follows, still supported
# for static type only # for static type only
networkd_address: 10.10.10.10/24 networkd_address: 10.10.10.10/24
......
---
- name: ensure the network packages are installed
apt:
name:
- vlan
- bridge-utils
state: present
- name: ensure bond module is loaded
modprobe:
name: 8021q
state: present
- name: ensure bond module is loaded after a reboot
copy:
content: "8021q"
dest: /etc/modules-load.d/bond.conf
- name: ensure bond netdev is configured
template:
src: bond.netdev.j2
dest: /etc/systemd/network/{{ bond.bond|default(networkd_bond) }}.netdev
owner: root
group: root
mode: '0644'
notify:
- restart networkd
- name: ensure bond network is configured
template:
src: bond.network.j2
dest: /etc/systemd/network/{{ bond.bond|default(networkd_bond) }}.network
owner: root
group: root
mode: '0644'
notify:
- restart networkd
- name: ensure vlan netdevs are configured
template:
src: vlan.netdev.j2
dest: /etc/systemd/network/vl-{{ item.name }}.netdev
owner: root
group: root
mode: '0644'
with_items: "{{ bond.vlans|default(networkd_bond_vlans) }}"
notify:
- restart networkd
- name: ensure vlan networks are configured
template:
src: vlan.network.j2
dest: /etc/systemd/network/vl-{{ item.name }}.network
owner: root
group: root
mode: '0644'
with_items: "{{ bond.vlans|default(networkd_bond_vlans) }}"
notify:
- restart networkd
- name: ensure bridge netdevs are configured
template:
src: bridge.netdev.j2
dest: /etc/systemd/network/vmbr-{{ item.name }}.netdev
owner: root
group: root
mode: '0644'
with_items: "{{ bond.vlans|default(networkd_bond_vlans) }}"
when: item.bridge == True
notify:
- restart networkd
- name: ensure bridge networks are configured
template:
src: bridge.network.j2
dest: /etc/systemd/network/vmbr-{{ item.name }}.network
owner: root
group: root
mode: '0644'
with_items: "{{ bond.vlans|default(networkd_bond_vlans) }}"
when: item.bridge == True
notify:
- restart networkd
...@@ -2,102 +2,38 @@ ...@@ -2,102 +2,38 @@
- name: ensure networkd has a valid configuration - name: ensure networkd has a valid configuration
template: template:
src: "20-wired-{{ networkd_type }}.network.j2" src: "20-wired-{{ item.1.type }}.network.j2"
dest: /etc/systemd/network/20-wired.network dest: /etc/systemd/network/{{ item.0 }}-wired.network
owner: root owner: root
group: root group: root
mode: '0644' mode: '0644'
with_indexed_items: "{{ networkd|default([{'type': networkd_type}]) }}"
notify: notify:
- restart networkd - restart networkd
- name: ensure networkd has an additional valid configuration - name: ensure networkd has no stale configuration
template: file:
src: "20-wired-{{ networkd_additional_type }}.network.j2" path: "/etc/systemd/network/{{ item }}"
dest: /etc/systemd/network/30-wired.network state: absent
owner: root with_items:
group: root - 20-wired.network
mode: 0644 - 30-wired.network
when: networkd_additional_type is defined
notify: notify:
- restart networkd - restart networkd
- name: ensure bonding works correctly - name: ensure bonding works correctly
block: include_tasks: bond.yml
- name: ensure the network packages are installed loop: "{{ networkd|default([{'type': networkd_type}])|flatten(levels=1) }}"
apt: loop_control:
name: loop_var: bond
- vlan when: bond.type == 'bond'
- bridge-utils
state: present - name: ensure vlaning works correctly
- name: ensure bond module is loaded include_tasks: vlan.yml
modprobe: loop: "{{ networkd|default([{'type': networkd_type}])|flatten(levels=1) }}"
name: 8021q loop_control:
state: present loop_var: vlan
- name: ensure bond module is loaded after a reboot when: vlan.type == 'vlan'
copy:
content: "8021q"
dest: /etc/modules-load.d/bond.conf
- name: ensure bond netdev is configured
template:
src: bond.netdev.j2
dest: /etc/systemd/network/{{ networkd_bond }}.netdev
owner: root
group: root
mode: '0644'
notify:
- restart networkd
- name: ensure bond network is configured
template:
src: bond.network.j2
dest: /etc/systemd/network/{{ networkd_bond }}.network
owner: root
group: root
mode: '0644'
notify:
- restart networkd
- name: ensure vlan netdevs are configured
template:
src: vlan.netdev.j2
dest: /etc/systemd/network/vl-{{ item.name }}.netdev
owner: root
group: root
mode: '0644'
with_items: "{{ networkd_bond_vlans }}"
notify:
- restart networkd
- name: ensure vlan networks are configured
template:
src: vlan.network.j2
dest: /etc/systemd/network/vl-{{ item.name }}.network
owner: root
group: root
mode: '0644'
with_items: "{{ networkd_bond_vlans }}"
notify:
- restart networkd
- name: ensure bridge netdevs are configured
template:
src: bridge.netdev.j2
dest: /etc/systemd/network/vmbr-{{ item.name }}.netdev
owner: root
group: root
mode: '0644'
with_items: "{{ networkd_bond_vlans }}"
when: item.bridge == True
notify:
- restart networkd
- name: ensure bridge networks are configured
template:
src: bridge.network.j2
dest: /etc/systemd/network/vmbr-{{ item.name }}.network
owner: root
group: root
mode: '0644'
with_items: "{{ networkd_bond_vlans }}"
when: item.bridge == True
notify:
- restart networkd
when: networkd_type == 'bond'
- name: ensure networkd is enabled and running - name: ensure networkd is enabled and running
service: service:
......
---
- name: ensure the network packages are installed
apt:
name:
- vlan
- bridge-utils
state: present
- name: ensure vlan netdevs are configured
template:
src: vlan.netdev.j2
dest: /etc/systemd/network/vl-{{ item.name }}.netdev
owner: root
group: root
mode: '0644'
with_items: "{{ vlan.vlans }}"
notify:
- restart networkd
- name: ensure vlan networks are configured
template:
src: vlan.network.j2
dest: /etc/systemd/network/vl-{{ item.name }}.network
owner: root
group: root
mode: '0644'
with_items: "{{ vlan.vlans }}"
notify:
- restart networkd
- name: ensure bridge netdevs are configured
template:
src: bridge.netdev.j2
dest: /etc/systemd/network/vmbr-{{ item.name }}.netdev
owner: root
group: root
mode: '0644'
with_items: "{{ vlan.vlans }}"
when: item.bridge == True
notify:
- restart networkd
- name: ensure bridge networks are configured
template:
src: bridge.network.j2
dest: /etc/systemd/network/vmbr-{{ item.name }}.network
owner: root
group: root
mode: '0644'
with_items: "{{ vlan.vlans }}"
when: item.bridge == True
notify:
- restart networkd
[Match] [Match]
Name={{ networkd_bond_devices|join(' ') }} Name={{ item.1.interfaces|default(networkd_bond_devices)|join(' ') }}
[Network] [Network]
Bond={{ networkd_bond }} Bond={{ item.1.bond|default(networkd_bond) }}
{% if networkd_ipfwd %}
IPForward=yes
{% endif %}
[Match] [Match]
Name={{ ansible_default_ipv4.interface }} Name={{ item.1.interface|default(ansible_default_ipv4.interface) }}
[Network] [Network]
DHCP=ipv4 DHCP=ipv4
{% if networkd_ipfwd %}
IPForward=yes
{% endif %}
{% if not network is defined %}
{% set network = item.1 %}
{% endif %}
[Match]
Name={{ network.interfaces|default([network.interface])|join(' ') }}
[Network]
{% if network.addresses is defined or network.address is defined %}
{% for addr in network.addresses|default([network.address]) %}
Address={{ addr }}
{% endfor %}
{% for server in network.nameservers|default(nameservers) %}
DNS={{ server }}
{% endfor %}
{% if networkd_ipfwd %}
IPForward=yes
{% endif %}
{% endif %}
{% for route in network.routes|default([{'gateway': network.gateway}]) %}
[Route]
Gateway={{ route.gateway }}
{% if route.destination is defined %}
Destination={{ route.destination }}
{% endif %}
{% if route.source is defined %}
PreferredSource={{ route.source }}
{% endif %}
{% if route.metric is defined %}
Metric={{ route.metric }}
{% endif %}
{% endfor %}
[Match] {% set network = {
Name={{ ansible_default_ipv4.interface }} 'interface': item.1.interface|default(ansible_default_ipv4.interface),
'addresses': item.1.addresses|default([item.1.adress|default(networkd_address)]),
[Network] 'gateway': item.1.gateway|default(networkd_gateway),
Address={{ networkd_address }} } %}
Gateway={{ networkd_gateway }} {% include "20-wired-routed.network.j2" %}
{% for server in nameservers %}
DNS={{ server }}
{% endfor %}
[Match]
Name={{ item.1.interface }}
[Network]
{% for vlan in item.1.vlans %}
VLAN=vl-{{ vlan.name }}
{% endfor %}
BindCarrier={{ item.1.interface }}
{% if networkd_ipfwd %}
IPForward=yes
{% endif %}
[NetDev] [NetDev]
Name={{ networkd_bond }} Name={{ bond.bond|default(networkd_bond) }}
Kind=bond Kind=bond
[Bond] [Bond]
......
[Match] [Match]
Name={{ networkd_bond }} Name={{ bond.bond|default(networkd_bond) }}
[Network] [Network]
{% for vlan in networkd_bond_vlans %} {% for vlan in bond.vlans|default(networkd_bond_vlans) %}
VLAN=vl-{{ vlan.name }} VLAN=vl-{{ vlan.name }}
{% endfor %} {% endfor %}
BindCarrier={{ networkd_bond_devices|join(' ') }} BindCarrier={{ bond.interfaces|default(networkd_bond_devices)|join(' ') }}
[Match] {% set network = {
Name=vmbr-{{ item.name }} 'interface': 'vmbr-' + item.name,
'addresses': [item.address] if item.address is defined else [],
[Network] 'nameservers': [],
{% if 'address' in item %} 'routes': [{'gateway': item.gateway}] if item.gateway is defined else []
Address={{ item.address }} } %}
{% if 'gateway' in item %} {% include "20-wired-routed.network.j2" %}
Gateway={{ item.gateway }}
{% endif %}
{% endif %}
{% if item.bridge %}
[Match] [Match]
Name=vl-{{ item.name }} Name=vl-{{ item.name }}
[Network] [Network]
{% if item.bridge %}
Bridge=vmbr-{{ item.name }} Bridge=vmbr-{{ item.name }}
{% else %} {% else %}
{% if 'address' in item %} {% set network = {
Address={{ item.address }} 'interface': 'vl-' + item.name,
{% if 'gateway' in item %} 'addresses': item.addresses|default([item.address] if item.address is defined else []),
Gateway={{ item.gateway }} 'nameservers': item.nameservers|default([]),
{% endif %} 'routes': item.routes|default([{'gateway': item.gateway}] if item.gateway is defined else [])
{% endif %} } %}
{% include "20-wired-routed.network.j2" %}
{% endif %} {% endif %}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment