From e9fdfde4174da27e36081379d76a4e73e04cd53e Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Mon, 20 Apr 2020 18:56:42 +0200 Subject: [PATCH 01/27] [interfaces] Deploy /etc/network/interfaces for adm --- interfaces.yml | 12 ++++++++++++ roles/interfaces/tasks/main.yml | 7 +++++++ .../templates/network/interfaces.d/02-adm.j2 | 17 +++++++++++++++++ 3 files changed, 36 insertions(+) create mode 100755 interfaces.yml create mode 100644 roles/interfaces/tasks/main.yml create mode 100644 roles/interfaces/templates/network/interfaces.d/02-adm.j2 diff --git a/interfaces.yml b/interfaces.yml new file mode 100755 index 00000000..0d028edc --- /dev/null +++ b/interfaces.yml @@ -0,0 +1,12 @@ +#!/usr/bin/env ansible-playbook +--- +# Set variable adm_iface for all servers +- hosts: server + tasks: + - shell: grep adm /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" + register: adm_iface + check_mode: no + +- hosts: boeing.adm.crans.org + roles: + - interfaces diff --git a/roles/interfaces/tasks/main.yml b/roles/interfaces/tasks/main.yml new file mode 100644 index 00000000..095878e4 --- /dev/null +++ b/roles/interfaces/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: Deploy adm interface config + template: + src: network/interfaces.d/02-adm.j2 + dest: /etc/network/interfaces.d/02-adm + mode: 0644 + when: adm_iface.stdout diff --git a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 new file mode 100644 index 00000000..79cbe5fa --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 @@ -0,0 +1,17 @@ +{{ ansible_header | comment }} + +allow-hotplug {{ adm_iface.stdout }} +iface {{ adm_iface.stdout }} inet static + address {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.address }} + network {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.network }} + netmask {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.netmask }} + broadcast {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.broadcast }} + dns-nameservers 10.231.136.152 10.231.136.4 + dns-search adm.crans.org + up /sbin/ip link set $IFACE alias adm + +iface {{ adm_iface.stdout }} inet6 static + address {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].prefix }} + autoconf 1 + accept_ra 2 + up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 From 4b5c16e68373ac18936c113d89524f66be9abb22 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Mon, 20 Apr 2020 19:46:47 +0200 Subject: [PATCH 02/27] [interfaces] Deploy /etc/network/interfaces for srv and ens --- interfaces.yml | 12 +++++++++++ roles/interfaces/tasks/main.yml | 20 +++++++++++++++++++ .../templates/network/interfaces.d/00-srv.j2 | 19 ++++++++++++++++++ .../templates/network/interfaces.d/01-ens.j2 | 19 ++++++++++++++++++ .../templates/network/interfaces.d/02-adm.j2 | 6 ++---- .../templates/network/interfaces.j2 | 10 ++++++++++ 6 files changed, 82 insertions(+), 4 deletions(-) create mode 100644 roles/interfaces/templates/network/interfaces.d/00-srv.j2 create mode 100644 roles/interfaces/templates/network/interfaces.d/01-ens.j2 create mode 100644 roles/interfaces/templates/network/interfaces.j2 diff --git a/interfaces.yml b/interfaces.yml index 0d028edc..872d81ee 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -6,7 +6,19 @@ - shell: grep adm /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" register: adm_iface check_mode: no + - shell: grep srv /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" + register: srv_iface + check_mode: no + - shell: grep ens /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" + register: ens_iface + check_mode: no - hosts: boeing.adm.crans.org + vars: + - adm_dns: 10.231.136.152 10.231.136.4 + - srv_gateway: 185.230.79.254 + - srv_dns: 185.230.79.152 185.230.79.4 + - ens_gateway: 138.231.136.254 + - ens_dns: 138.231.136.152 138.231.136.4 roles: - interfaces diff --git a/roles/interfaces/tasks/main.yml b/roles/interfaces/tasks/main.yml index 095878e4..336a267d 100644 --- a/roles/interfaces/tasks/main.yml +++ b/roles/interfaces/tasks/main.yml @@ -1,4 +1,24 @@ --- +- name: Deploy default interfaces config + template: + src: network/interfaces.j2 + dest: /etc/network/interfaces + mode: 0644 + +- name: Deploy srv interface config + template: + src: network/interfaces.d/00-srv.j2 + dest: /etc/network/interfaces.d/00-srv + mode: 0644 + when: srv_iface.stdout + +- name: Deploy ens interface config + template: + src: network/interfaces.d/01-ens.j2 + dest: /etc/network/interfaces.d/01-ens + mode: 0644 + when: ens_iface.stdout + - name: Deploy adm interface config template: src: network/interfaces.d/02-adm.j2 diff --git a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 new file mode 100644 index 00000000..4c7468a1 --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 @@ -0,0 +1,19 @@ +{{ ansible_header | comment }} + +allow-hotplug {{ srv_iface.stdout }} +iface {{ srv_iface.stdout }} inet static + address {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.address }} + network {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.network }} + netmask {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.netmask }} + broadcast {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.broadcast }} + gateway {{ srv_gateway }} + mtu 1496 + dns-nameservers {{ srv_dns }} + dns-search crans.org + up /sbin/ip link set $IFACE alias srv + +iface {{ srv_iface.stdout }} inet6 static + address {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv6[0].prefix }} + autoconf 1 + accept_ra 2 + up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 diff --git a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 new file mode 100644 index 00000000..d168be5d --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 @@ -0,0 +1,19 @@ +{{ ansible_header | comment }} + +allow-hotplug {{ ens_iface.stdout }} +iface {{ ens_iface.stdout }} inet static + address {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.address }} + network {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.network }} + netmask {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.netmask }} + broadcast {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.broadcast }} + gateway {{ ens_gateway }} + mtu 1496 + dns-nameservers {{ ens_dns }} + dns-search crans.org + up /sbin/ip link set $IFACE alias ens + +iface {{ ens_iface.stdout }} inet6 static + address {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv6[0].prefix }} + autoconf 1 + accept_ra 2 + up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 diff --git a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 index 79cbe5fa..d0b5b833 100644 --- a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 +++ b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 @@ -6,12 +6,10 @@ iface {{ adm_iface.stdout }} inet static network {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.network }} netmask {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.netmask }} broadcast {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.broadcast }} - dns-nameservers 10.231.136.152 10.231.136.4 + mtu 1496 + dns-nameservers {{ adm_dns }} dns-search adm.crans.org up /sbin/ip link set $IFACE alias adm iface {{ adm_iface.stdout }} inet6 static address {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].prefix }} - autoconf 1 - accept_ra 2 - up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 diff --git a/roles/interfaces/templates/network/interfaces.j2 b/roles/interfaces/templates/network/interfaces.j2 new file mode 100644 index 00000000..0c339966 --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.j2 @@ -0,0 +1,10 @@ +{{ ansible_header | comment }} + +# This file describes the network interfaces available on your system +# and how to activate them. For more information, see interfaces(5). + +source /etc/network/interfaces.d/* + +# The loopback network interface +auto lo +iface lo inet loopback From a6392502b9fce9ed7de7acac9a483703c5827c81 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Mon, 20 Apr 2020 20:45:00 +0200 Subject: [PATCH 03/27] [interfaces] Add supplementary lines from local facts --- .../interfaces/templates/network/interfaces.d/01-ens.j2 | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 index d168be5d..c7a34671 100644 --- a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 +++ b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 @@ -11,6 +11,15 @@ iface {{ ens_iface.stdout }} inet static dns-nameservers {{ ens_dns }} dns-search crans.org up /sbin/ip link set $IFACE alias ens +{% if 'interfaces' in ansible_local %} +{% if ens_iface.stdout in ansible_local.interfaces %} +{% if 'sup_if_4' in ansible_local.interfaces[ens_iface.stdout] %} +{% for line in ansible_local.interfaces[ens_iface.stdout].sup_if_4 %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} iface {{ ens_iface.stdout }} inet6 static address {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv6[0].prefix }} From 2667c3d696652bad1fad81d79badf768ed3697b1 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Mon, 20 Apr 2020 22:27:17 +0200 Subject: [PATCH 04/27] [interfaces] Add supplementary lines from local facts to all interfaces --- .../templates/network/interfaces.d/00-srv.j2 | 18 ++++++++++++++++++ .../templates/network/interfaces.d/01-ens.j2 | 9 +++++++++ .../templates/network/interfaces.d/02-adm.j2 | 18 ++++++++++++++++++ 3 files changed, 45 insertions(+) diff --git a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 index 4c7468a1..7fc0390f 100644 --- a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 +++ b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 @@ -11,9 +11,27 @@ iface {{ srv_iface.stdout }} inet static dns-nameservers {{ srv_dns }} dns-search crans.org up /sbin/ip link set $IFACE alias srv +{% if 'interfaces' in ansible_local %} +{% if srv_iface.stdout in ansible_local.interfaces %} +{% if 'sup_if_4' in ansible_local.interfaces[srv_iface.stdout] %} +{% for line in ansible_local.interfaces[srv_iface.stdout].sup_if_4 %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} iface {{ srv_iface.stdout }} inet6 static address {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv6[0].prefix }} autoconf 1 accept_ra 2 up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 +{% if 'interfaces' in ansible_local %} +{% if srv_iface.stdout in ansible_local.interfaces %} +{% if 'sup_if_6' in ansible_local.interfaces[srv_iface.stdout] %} +{% for line in ansible_local.interfaces[srv_iface.stdout].sup_if_6 %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 index c7a34671..e94243b1 100644 --- a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 +++ b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 @@ -26,3 +26,12 @@ iface {{ ens_iface.stdout }} inet6 static autoconf 1 accept_ra 2 up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 +{% if 'interfaces' in ansible_local %} +{% if ens_iface.stdout in ansible_local.interfaces %} +{% if 'sup_if_6' in ansible_local.interfaces[ens_iface.stdout] %} +{% for line in ansible_local.interfaces[ens_iface.stdout].sup_if_6 %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 index d0b5b833..bd928eae 100644 --- a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 +++ b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 @@ -10,6 +10,24 @@ iface {{ adm_iface.stdout }} inet static dns-nameservers {{ adm_dns }} dns-search adm.crans.org up /sbin/ip link set $IFACE alias adm +{% if 'interfaces' in ansible_local %} +{% if adm_iface.stdout in ansible_local.interfaces %} +{% if 'sup_if_4' in ansible_local.interfaces[adm_iface.stdout] %} +{% for line in ansible_local.interfaces[adm_iface.stdout].sup_if_4 %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} iface {{ adm_iface.stdout }} inet6 static address {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].prefix }} +{% if 'interfaces' in ansible_local %} +{% if adm_iface.stdout in ansible_local.interfaces %} +{% if 'sup_if_6' in ansible_local.interfaces[adm_iface.stdout] %} +{% for line in ansible_local.interfaces[adm_iface.stdout].sup_if_6 %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} From 81de24e5bd0a72be7d88fb5980a354be5d8e2d4c Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 08:50:46 +0200 Subject: [PATCH 05/27] [interfaces] Configure fil interface --- interfaces.yml | 15 +++++--- roles/interfaces/tasks/main.yml | 7 ++++ .../templates/network/interfaces.d/00-srv.j2 | 2 +- .../templates/network/interfaces.d/21-fil.j2 | 34 +++++++++++++++++++ 4 files changed, 52 insertions(+), 6 deletions(-) create mode 100644 roles/interfaces/templates/network/interfaces.d/21-fil.j2 diff --git a/interfaces.yml b/interfaces.yml index 872d81ee..e637a5cc 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -3,22 +3,27 @@ # Set variable adm_iface for all servers - hosts: server tasks: - - shell: grep adm /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" - register: adm_iface - check_mode: no - shell: grep srv /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" register: srv_iface check_mode: no - shell: grep ens /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" register: ens_iface check_mode: no + - shell: grep adm /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" + register: adm_iface + check_mode: no + - shell: grep fil /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" + register: fil_iface + check_mode: no -- hosts: boeing.adm.crans.org +- hosts: boeing.adm.crans.org,cochon.adm.crans.org vars: - - adm_dns: 10.231.136.152 10.231.136.4 - srv_gateway: 185.230.79.254 - srv_dns: 185.230.79.152 185.230.79.4 - ens_gateway: 138.231.136.254 - ens_dns: 138.231.136.152 138.231.136.4 + - adm_dns: 10.231.136.152 10.231.136.4 + - fil_gateway: 10.54.0.254 + - fil_dns: 10.54.0.152 10.54.0.4 roles: - interfaces diff --git a/roles/interfaces/tasks/main.yml b/roles/interfaces/tasks/main.yml index 336a267d..d9751a36 100644 --- a/roles/interfaces/tasks/main.yml +++ b/roles/interfaces/tasks/main.yml @@ -25,3 +25,10 @@ dest: /etc/network/interfaces.d/02-adm mode: 0644 when: adm_iface.stdout + +- name: Deploy fil interface config + template: + src: network/interfaces.d/21-fil.j2 + dest: /etc/network/interfaces.d/21-fil + mode: 0644 + when: fil_iface.stdout diff --git a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 index 7fc0390f..1367d156 100644 --- a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 +++ b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 @@ -15,7 +15,7 @@ iface {{ srv_iface.stdout }} inet static {% if srv_iface.stdout in ansible_local.interfaces %} {% if 'sup_if_4' in ansible_local.interfaces[srv_iface.stdout] %} {% for line in ansible_local.interfaces[srv_iface.stdout].sup_if_4 %} - {{ line }} + {{ line }} {% endfor %} {% endif %} {% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 new file mode 100644 index 00000000..469f0531 --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 @@ -0,0 +1,34 @@ +{{ ansible_header | comment }} + +allow-hotplug {{ fil_iface.stdout }} +iface {{ fil_iface.stdout }} inet static + address {{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv4.address }} + network {{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv4.network }} + netmask {{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv4.netmask }} + broadcast {{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv4.broadcast }} + gateway {{ fil_gateway }} + mtu 1496 + dns-nameservers {{ fil_dns }} + dns-search fil.crans.org + up /sbin/ip link set $IFACE alias fil +{% if 'interfaces' in ansible_local %} +{% if fil_iface.stdout in ansible_local.interfaces %} +{% if 'sup_if_4' in ansible_local.interfaces[fil_iface.stdout] %} +{% for line in ansible_local.interfaces[fil_iface.stdout].sup_if_4 %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} + +iface {{ fil_iface.stdout }} inet6 static + address {{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv6[0].prefix }} +{% if 'interfaces' in ansible_local %} +{% if fil_iface.stdout in ansible_local.interfaces %} +{% if 'sup_if_6' in ansible_local.interfaces[fil_iface.stdout] %} +{% for line in ansible_local.interfaces[fil_iface.stdout].sup_if_6 %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} From 11b90f8b51702b9f109514d4e19d914bb4ccc125 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 09:57:02 +0200 Subject: [PATCH 06/27] [interfaces] Change interfaces.fact format --- .../templates/network/interfaces.d/00-srv.j2 | 12 ++++++------ .../templates/network/interfaces.d/01-ens.j2 | 12 ++++++------ .../templates/network/interfaces.d/02-adm.j2 | 12 ++++++------ .../templates/network/interfaces.d/21-fil.j2 | 12 ++++++------ 4 files changed, 24 insertions(+), 24 deletions(-) diff --git a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 index 1367d156..9e934d98 100644 --- a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 +++ b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 @@ -12,9 +12,9 @@ iface {{ srv_iface.stdout }} inet static dns-search crans.org up /sbin/ip link set $IFACE alias srv {% if 'interfaces' in ansible_local %} -{% if srv_iface.stdout in ansible_local.interfaces %} -{% if 'sup_if_4' in ansible_local.interfaces[srv_iface.stdout] %} -{% for line in ansible_local.interfaces[srv_iface.stdout].sup_if_4 %} +{% if 'sup_if_4' in ansible_local.interfaces %} +{% if srv_iface.stdout in ansible_local.interfaces.sup_if_4 %} +{% for line in ansible_local.interfaces.sup_if_4[srv_iface.stdout] %} {{ line }} {% endfor %} {% endif %} @@ -27,9 +27,9 @@ iface {{ srv_iface.stdout }} inet6 static accept_ra 2 up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 {% if 'interfaces' in ansible_local %} -{% if srv_iface.stdout in ansible_local.interfaces %} -{% if 'sup_if_6' in ansible_local.interfaces[srv_iface.stdout] %} -{% for line in ansible_local.interfaces[srv_iface.stdout].sup_if_6 %} +{% if 'sup_if_6' in ansible_local.interfaces %} +{% if srv_iface.stdout in ansible_local.interfaces.sup_if_6 %} +{% for line in ansible_local.interfaces.sup_if_6[srv_iface.stdout] %} {{ line }} {% endfor %} {% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 index e94243b1..ac2bed20 100644 --- a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 +++ b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 @@ -12,9 +12,9 @@ iface {{ ens_iface.stdout }} inet static dns-search crans.org up /sbin/ip link set $IFACE alias ens {% if 'interfaces' in ansible_local %} -{% if ens_iface.stdout in ansible_local.interfaces %} -{% if 'sup_if_4' in ansible_local.interfaces[ens_iface.stdout] %} -{% for line in ansible_local.interfaces[ens_iface.stdout].sup_if_4 %} +{% if 'sup_if_4' in ansible_local.interfaces %} +{% if ens_iface.stdout in ansible_local.interfaces.sup_if_4 %} +{% for line in ansible_local.interfaces.sup_if_4[ens_iface.stdout] %} {{ line }} {% endfor %} {% endif %} @@ -27,9 +27,9 @@ iface {{ ens_iface.stdout }} inet6 static accept_ra 2 up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 {% if 'interfaces' in ansible_local %} -{% if ens_iface.stdout in ansible_local.interfaces %} -{% if 'sup_if_6' in ansible_local.interfaces[ens_iface.stdout] %} -{% for line in ansible_local.interfaces[ens_iface.stdout].sup_if_6 %} +{% if 'sup_if_6' in ansible_local.interfaces %} +{% if ens_iface.stdout in ansible_local.interfaces.sup_if_6 %} +{% for line in ansible_local.interfaces.sup_if_6[ens_iface.stdout] %} {{ line }} {% endfor %} {% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 index bd928eae..dce7c3e4 100644 --- a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 +++ b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 @@ -11,9 +11,9 @@ iface {{ adm_iface.stdout }} inet static dns-search adm.crans.org up /sbin/ip link set $IFACE alias adm {% if 'interfaces' in ansible_local %} -{% if adm_iface.stdout in ansible_local.interfaces %} -{% if 'sup_if_4' in ansible_local.interfaces[adm_iface.stdout] %} -{% for line in ansible_local.interfaces[adm_iface.stdout].sup_if_4 %} +{% if 'sup_if_4' in ansible_local.interfaces %} +{% if adm_iface.stdout in ansible_local.interfaces.sup_if_4 %} +{% for line in ansible_local.interfaces.sup_if_4[adm_iface.stdout] %} {{ line }} {% endfor %} {% endif %} @@ -23,9 +23,9 @@ iface {{ adm_iface.stdout }} inet static iface {{ adm_iface.stdout }} inet6 static address {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].prefix }} {% if 'interfaces' in ansible_local %} -{% if adm_iface.stdout in ansible_local.interfaces %} -{% if 'sup_if_6' in ansible_local.interfaces[adm_iface.stdout] %} -{% for line in ansible_local.interfaces[adm_iface.stdout].sup_if_6 %} +{% if 'sup_if_6' in ansible_local.interfaces %} +{% if adm_iface.stdout in ansible_local.interfaces.sup_if_6 %} +{% for line in ansible_local.interfaces.sup_if_6[adm_iface.stdout] %} {{ line }} {% endfor %} {% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 index 469f0531..f9453e0f 100644 --- a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 +++ b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 @@ -12,9 +12,9 @@ iface {{ fil_iface.stdout }} inet static dns-search fil.crans.org up /sbin/ip link set $IFACE alias fil {% if 'interfaces' in ansible_local %} -{% if fil_iface.stdout in ansible_local.interfaces %} -{% if 'sup_if_4' in ansible_local.interfaces[fil_iface.stdout] %} -{% for line in ansible_local.interfaces[fil_iface.stdout].sup_if_4 %} +{% if 'sup_if_4' in ansible_local.interfaces %} +{% if fil_iface.stdout in ansible_local.interfaces.sup_if_4 %} +{% for line in ansible_local.interfaces.sup_if_4[fil_iface.stdout] %} {{ line }} {% endfor %} {% endif %} @@ -24,9 +24,9 @@ iface {{ fil_iface.stdout }} inet static iface {{ fil_iface.stdout }} inet6 static address {{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv6[0].prefix }} {% if 'interfaces' in ansible_local %} -{% if fil_iface.stdout in ansible_local.interfaces %} -{% if 'sup_if_6' in ansible_local.interfaces[fil_iface.stdout] %} -{% for line in ansible_local.interfaces[fil_iface.stdout].sup_if_6 %} +{% if 'sup_if_6' in ansible_local.interfaces %} +{% if fil_iface.stdout in ansible_local.interfaces.sup_if_6 %} +{% for line in ansible_local.interfaces.sup_if_6[fil_iface.stdout] %} {{ line }} {% endfor %} {% endif %} From 7b99fb22bd5d1d3a90367b7a1f9875e09d007719 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 12:06:26 +0200 Subject: [PATCH 07/27] [interfaces] Alias ansible facts --- .../templates/network/interfaces.d/00-srv.j2 | 11 ++++++----- .../templates/network/interfaces.d/01-ens.j2 | 11 ++++++----- .../templates/network/interfaces.d/02-adm.j2 | 11 ++++++----- .../templates/network/interfaces.d/21-fil.j2 | 11 ++++++----- 4 files changed, 24 insertions(+), 20 deletions(-) diff --git a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 index 9e934d98..53151878 100644 --- a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 +++ b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 @@ -1,11 +1,12 @@ {{ ansible_header | comment }} +{% set srv = hostvars[inventory_hostname]['ansible_' + srv_iface.stdout] %} allow-hotplug {{ srv_iface.stdout }} iface {{ srv_iface.stdout }} inet static - address {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.address }} - network {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.network }} - netmask {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.netmask }} - broadcast {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.broadcast }} + address {{ srv.ipv4.address }} + network {{ srv.ipv4.network }} + netmask {{ srv.ipv4.netmask }} + broadcast {{ srv.ipv4.broadcast }} gateway {{ srv_gateway }} mtu 1496 dns-nameservers {{ srv_dns }} @@ -22,7 +23,7 @@ iface {{ srv_iface.stdout }} inet static {% endif %} iface {{ srv_iface.stdout }} inet6 static - address {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv6[0].prefix }} + address {{ srv.ipv6[0].address }}/{{ srv.ipv6[0].prefix }} autoconf 1 accept_ra 2 up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 diff --git a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 index ac2bed20..62cb77fc 100644 --- a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 +++ b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 @@ -1,11 +1,12 @@ {{ ansible_header | comment }} +{% set ens = hostvars[inventory_hostname]['ansible_' + ens_iface.stdout] %} allow-hotplug {{ ens_iface.stdout }} iface {{ ens_iface.stdout }} inet static - address {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.address }} - network {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.network }} - netmask {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.netmask }} - broadcast {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.broadcast }} + address {{ ens.ipv4.address }} + network {{ ens.ipv4.network }} + netmask {{ ens.ipv4.netmask }} + broadcast {{ ens.ipv4.broadcast }} gateway {{ ens_gateway }} mtu 1496 dns-nameservers {{ ens_dns }} @@ -22,7 +23,7 @@ iface {{ ens_iface.stdout }} inet static {% endif %} iface {{ ens_iface.stdout }} inet6 static - address {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv6[0].prefix }} + address {{ ens.ipv6[0].address }}/{{ ens.ipv6[0].prefix }} autoconf 1 accept_ra 2 up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 diff --git a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 index dce7c3e4..95991513 100644 --- a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 +++ b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 @@ -1,11 +1,12 @@ {{ ansible_header | comment }} +{% set adm = hostvars[inventory_hostname]['ansible_' + adm_iface.stdout] %} allow-hotplug {{ adm_iface.stdout }} iface {{ adm_iface.stdout }} inet static - address {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.address }} - network {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.network }} - netmask {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.netmask }} - broadcast {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.broadcast }} + address {{ adm.ipv4.address }} + network {{ adm.ipv4.network }} + netmask {{ adm.ipv4.netmask }} + broadcast {{ adm.ipv4.broadcast }} mtu 1496 dns-nameservers {{ adm_dns }} dns-search adm.crans.org @@ -21,7 +22,7 @@ iface {{ adm_iface.stdout }} inet static {% endif %} iface {{ adm_iface.stdout }} inet6 static - address {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].prefix }} + address {{ adm.ipv6[0].address }}/{{ adm.ipv6[0].prefix }} {% if 'interfaces' in ansible_local %} {% if 'sup_if_6' in ansible_local.interfaces %} {% if adm_iface.stdout in ansible_local.interfaces.sup_if_6 %} diff --git a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 index f9453e0f..0e08910a 100644 --- a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 +++ b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 @@ -1,11 +1,12 @@ {{ ansible_header | comment }} +{% set fil = hostvars[inventory_hostname]['ansible_' + fil_iface.stdout] %} allow-hotplug {{ fil_iface.stdout }} iface {{ fil_iface.stdout }} inet static - address {{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv4.address }} - network {{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv4.network }} - netmask {{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv4.netmask }} - broadcast {{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv4.broadcast }} + address {{ fil.ipv4.address }} + network {{ fil.ipv4.network }} + netmask {{ fil.ipv4.netmask }} + broadcast {{ fil.ipv4.broadcast }} gateway {{ fil_gateway }} mtu 1496 dns-nameservers {{ fil_dns }} @@ -22,7 +23,7 @@ iface {{ fil_iface.stdout }} inet static {% endif %} iface {{ fil_iface.stdout }} inet6 static - address {{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + fil_iface.stdout].ipv6[0].prefix }} + address {{ fil.ipv6[0].address }}/{{ fil.ipv6[0].prefix }} {% if 'interfaces' in ansible_local %} {% if 'sup_if_6' in ansible_local.interfaces %} {% if fil_iface.stdout in ansible_local.interfaces.sup_if_6 %} From 28706a622fe2d41b15450d378ab492f66f05603d Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 12:07:38 +0200 Subject: [PATCH 08/27] [interfaces] Deploy interfaces on tracker --- interfaces.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces.yml b/interfaces.yml index e637a5cc..84c59ca2 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -16,7 +16,7 @@ register: fil_iface check_mode: no -- hosts: boeing.adm.crans.org,cochon.adm.crans.org +- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org vars: - srv_gateway: 185.230.79.254 - srv_dns: 185.230.79.152 185.230.79.4 From d97384c314821c0c13a6a920264e61827b1e892b Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 12:20:58 +0200 Subject: [PATCH 09/27] [interfaces] Deploy interfaces on voyager --- interfaces.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces.yml b/interfaces.yml index 84c59ca2..839423b8 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -16,7 +16,7 @@ register: fil_iface check_mode: no -- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org +- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org vars: - srv_gateway: 185.230.79.254 - srv_dns: 185.230.79.152 185.230.79.4 From fdaa69a312fcfbfd368dc0da9881d2a2d9f5cd88 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 13:24:34 +0200 Subject: [PATCH 10/27] [interfaces] Configure adh interface --- roles/interfaces/tasks/main.yml | 7 ++++ .../templates/network/interfaces.d/23-adh.j2 | 38 +++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 roles/interfaces/templates/network/interfaces.d/23-adh.j2 diff --git a/roles/interfaces/tasks/main.yml b/roles/interfaces/tasks/main.yml index d9751a36..4bf0fc42 100644 --- a/roles/interfaces/tasks/main.yml +++ b/roles/interfaces/tasks/main.yml @@ -32,3 +32,10 @@ dest: /etc/network/interfaces.d/21-fil mode: 0644 when: fil_iface.stdout + +- name: Deploy adh interface config + template: + src: network/interfaces.d/23-adh.j2 + dest: /etc/network/interfaces.d/23-adh + mode: 0644 + when: adh_iface.stdout diff --git a/roles/interfaces/templates/network/interfaces.d/23-adh.j2 b/roles/interfaces/templates/network/interfaces.d/23-adh.j2 new file mode 100644 index 00000000..bc03ccc1 --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.d/23-adh.j2 @@ -0,0 +1,38 @@ +{{ ansible_header | comment }} + +{% set adh = hostvars[inventory_hostname]['ansible_' + adh_iface.stdout] %} +allow-hotplug {{ adh_iface.stdout }} +iface {{ adh_iface.stdout }} inet static + address {{ adh.ipv4.address }} + network {{ adh.ipv4.network }} + netmask {{ adh.ipv4.netmask }} + broadcast {{ adh.ipv4.broadcast }} + gateway {{ adh_gateway }} + mtu 1496 + dns-nameservers {{ adh_dns }} + dns-search crans.org + up /sbin/ip link set $IFACE alias adh +{% if 'interfaces' in ansible_local %} +{% if 'sup_if_4' in ansible_local.interfaces %} +{% if adh_iface.stdout in ansible_local.interfaces.sup_if_4 %} +{% for line in ansible_local.interfaces.sup_if_4[adh_iface.stdout] %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} + +iface {{ adh_iface.stdout }} inet6 static + address {{ adh.ipv6[0].address }}/{{ adh.ipv6[0].prefix }} + autoconf 1 + accept_ra 2 + up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 +{% if 'interfaces' in ansible_local %} +{% if 'sup_if_6' in ansible_local.interfaces %} +{% if adh_iface.stdout in ansible_local.interfaces.sup_if_6 %} +{% for line in ansible_local.interfaces.sup_if_6[adh_iface.stdout] %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} From c95aee10043a66b238f4a9c0d53fcb337462121c Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 13:25:24 +0200 Subject: [PATCH 11/27] [interfaces] Configure adh interface --- interfaces.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/interfaces.yml b/interfaces.yml index 839423b8..057a71e2 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -15,6 +15,9 @@ - shell: grep fil /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" register: fil_iface check_mode: no + - shell: grep adh /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" + register: adh_iface + check_mode: no - hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org vars: @@ -25,5 +28,7 @@ - adm_dns: 10.231.136.152 10.231.136.4 - fil_gateway: 10.54.0.254 - fil_dns: 10.54.0.152 10.54.0.4 + - adh_gateway: 185.230.78.254 + - adh_dns: 185.230.78.152 185.230.78.4 roles: - interfaces From 2b9cef3f82b69723084493792e397164d37f43de Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 13:26:47 +0200 Subject: [PATCH 12/27] [interfaces] Deploy interfaces on lutim --- interfaces.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces.yml b/interfaces.yml index 057a71e2..2474e3bb 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -19,7 +19,7 @@ register: adh_iface check_mode: no -- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org +- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org vars: - srv_gateway: 185.230.79.254 - srv_dns: 185.230.79.152 185.230.79.4 From 8d1dc216873cf97d4167b5d28bbc2c22ce9f5bbe Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 14:23:42 +0200 Subject: [PATCH 13/27] [interfaces] Deploy interfaces on gateau --- interfaces.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces.yml b/interfaces.yml index 2474e3bb..1196a291 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -19,7 +19,7 @@ register: adh_iface check_mode: no -- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org +- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org vars: - srv_gateway: 185.230.79.254 - srv_dns: 185.230.79.152 185.230.79.4 From a251e3071a1e0b83836b2c21027c8e17ba01cbba Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 14:26:59 +0200 Subject: [PATCH 14/27] [interfaces] Deploy interfaces on owncloud-srv --- interfaces.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces.yml b/interfaces.yml index 1196a291..f0a87578 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -19,7 +19,7 @@ register: adh_iface check_mode: no -- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org +- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org vars: - srv_gateway: 185.230.79.254 - srv_dns: 185.230.79.152 185.230.79.4 From d38b3a48b7bb2f4754b86abf7eba5d0feeeb280d Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 14:40:53 +0200 Subject: [PATCH 15/27] [interfaces] Deploy interfaces on charybde --- interfaces.yml | 4 +++ roles/interfaces/tasks/main.yml | 7 ++++ .../network/interfaces.d/03-borne.j2 | 34 +++++++++++++++++++ 3 files changed, 45 insertions(+) create mode 100644 roles/interfaces/templates/network/interfaces.d/03-borne.j2 diff --git a/interfaces.yml b/interfaces.yml index f0a87578..f83070ac 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -12,6 +12,9 @@ - shell: grep adm /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" register: adm_iface check_mode: no + - shell: grep borne /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" + register: borne_iface + check_mode: no - shell: grep fil /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" register: fil_iface check_mode: no @@ -26,6 +29,7 @@ - ens_gateway: 138.231.136.254 - ens_dns: 138.231.136.152 138.231.136.4 - adm_dns: 10.231.136.152 10.231.136.4 + - borne_dns: 10.231.148.4 - fil_gateway: 10.54.0.254 - fil_dns: 10.54.0.152 10.54.0.4 - adh_gateway: 185.230.78.254 diff --git a/roles/interfaces/tasks/main.yml b/roles/interfaces/tasks/main.yml index 4bf0fc42..91fe4164 100644 --- a/roles/interfaces/tasks/main.yml +++ b/roles/interfaces/tasks/main.yml @@ -26,6 +26,13 @@ mode: 0644 when: adm_iface.stdout +- name: Deploy adm interface config + template: + src: network/interfaces.d/03-borne.j2 + dest: /etc/network/interfaces.d/03-borne + mode: 0644 + when: borne_iface.stdout + - name: Deploy fil interface config template: src: network/interfaces.d/21-fil.j2 diff --git a/roles/interfaces/templates/network/interfaces.d/03-borne.j2 b/roles/interfaces/templates/network/interfaces.d/03-borne.j2 new file mode 100644 index 00000000..0eb3ecb2 --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.d/03-borne.j2 @@ -0,0 +1,34 @@ +{{ ansible_header | comment }} + +{% set borne = hostvars[inventory_hostname]['ansible_' + borne_iface.stdout] %} +allow-hotplug {{ borne_iface.stdout }} +iface {{ borne_iface.stdout }} inet static + address {{ borne.ipv4.address }} + network {{ borne.ipv4.network }} + netmask {{ borne.ipv4.netmask }} + broadcast {{ borne.ipv4.broadcast }} + mtu 1496 + dns-nameservers {{ borne_dns }} + dns-search borne.crans.org + up /sbin/ip link set $IFACE alias borne +{% if 'interfaces' in ansible_local %} +{% if 'sup_if_4' in ansible_local.interfaces %} +{% if borne_iface.stdout in ansible_local.interfaces.sup_if_4 %} +{% for line in ansible_local.interfaces.sup_if_4[borne_iface.stdout] %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} + +iface {{ borne_iface.stdout }} inet6 static + address {{ borne.ipv6[0].address }}/{{ borne.ipv6[0].prefix }} +{% if 'interfaces' in ansible_local %} +{% if 'sup_if_6' in ansible_local.interfaces %} +{% if borne_iface.stdout in ansible_local.interfaces.sup_if_6 %} +{% for line in ansible_local.interfaces.sup_if_6[borne_iface.stdout] %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} From 521ff1d2681736818e59f4ffae3f2bb137e0f82c Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 14:42:58 +0200 Subject: [PATCH 16/27] [interfaces] Deploy interfaces on charybde --- interfaces.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces.yml b/interfaces.yml index f83070ac..b6115cc5 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -22,7 +22,7 @@ register: adh_iface check_mode: no -- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org +- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org,charybde.adm.crans.org vars: - srv_gateway: 185.230.79.254 - srv_dns: 185.230.79.152 185.230.79.4 From a0a5d0964dba6fd4c21e5b852c81e7d3eb6383ef Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 14:55:37 +0200 Subject: [PATCH 17/27] [interfaces] Fix task description --- roles/interfaces/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/interfaces/tasks/main.yml b/roles/interfaces/tasks/main.yml index 91fe4164..5b41c028 100644 --- a/roles/interfaces/tasks/main.yml +++ b/roles/interfaces/tasks/main.yml @@ -26,7 +26,7 @@ mode: 0644 when: adm_iface.stdout -- name: Deploy adm interface config +- name: Deploy borne interface config template: src: network/interfaces.d/03-borne.j2 dest: /etc/network/interfaces.d/03-borne From 3a56fd406ba98b60809e45e463b49f131079b631 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 14:56:01 +0200 Subject: [PATCH 18/27] [interfaces] Deploy interfaces on cas-srv --- interfaces.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces.yml b/interfaces.yml index b6115cc5..52b9a667 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -22,7 +22,7 @@ register: adh_iface check_mode: no -- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org,charybde.adm.crans.org +- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org,charybde.adm.crans.org,cas-srv.adm.crans.org vars: - srv_gateway: 185.230.79.254 - srv_dns: 185.230.79.152 185.230.79.4 From 05d2349f6214d8955d70c5fcedcfc3dfc7bf87c3 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 16:50:16 +0200 Subject: [PATCH 19/27] [interfaces] Configure switch interface --- interfaces.yml | 6 +++- roles/interfaces/tasks/main.yml | 7 ++++ .../network/interfaces.d/04-switch.j2 | 34 +++++++++++++++++++ 3 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 roles/interfaces/templates/network/interfaces.d/04-switch.j2 diff --git a/interfaces.yml b/interfaces.yml index 52b9a667..1feb86ca 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -15,6 +15,9 @@ - shell: grep borne /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" register: borne_iface check_mode: no + - shell: grep switch /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" + register: switch_iface + check_mode: no - shell: grep fil /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" register: fil_iface check_mode: no @@ -29,7 +32,8 @@ - ens_gateway: 138.231.136.254 - ens_dns: 138.231.136.152 138.231.136.4 - adm_dns: 10.231.136.152 10.231.136.4 - - borne_dns: 10.231.148.4 + - borne_dns: 10.231.148.52 10.231.148.4 + - switch_dns: 10.231.100.152 10.231.100.4 - fil_gateway: 10.54.0.254 - fil_dns: 10.54.0.152 10.54.0.4 - adh_gateway: 185.230.78.254 diff --git a/roles/interfaces/tasks/main.yml b/roles/interfaces/tasks/main.yml index 5b41c028..210e3142 100644 --- a/roles/interfaces/tasks/main.yml +++ b/roles/interfaces/tasks/main.yml @@ -33,6 +33,13 @@ mode: 0644 when: borne_iface.stdout +- name: Deploy switch interface config + template: + src: network/interfaces.d/04-switch.j2 + dest: /etc/network/interfaces.d/04-switch + mode: 0644 + when: switch_iface.stdout + - name: Deploy fil interface config template: src: network/interfaces.d/21-fil.j2 diff --git a/roles/interfaces/templates/network/interfaces.d/04-switch.j2 b/roles/interfaces/templates/network/interfaces.d/04-switch.j2 new file mode 100644 index 00000000..d8cfeb8b --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.d/04-switch.j2 @@ -0,0 +1,34 @@ +{{ ansible_header | comment }} + +{% set switch = hostvars[inventory_hostname]['ansible_' + switch_iface.stdout] %} +allow-hotplug {{ switch_iface.stdout }} +iface {{ switch_iface.stdout }} inet static + address {{ switch.ipv4.address }} + network {{ switch.ipv4.network }} + netmask {{ switch.ipv4.netmask }} + broadcast {{ switch.ipv4.broadcast }} + mtu 1496 + dns-nameservers {{ switch_dns }} + dns-search switch.crans.org + up /sbin/ip link set $IFACE alias switch +{% if 'interfaces' in ansible_local %} +{% if 'sup_if_4' in ansible_local.interfaces %} +{% if switch_iface.stdout in ansible_local.interfaces.sup_if_4 %} +{% for line in ansible_local.interfaces.sup_if_4[switch_iface.stdout] %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} + +iface {{ switch_iface.stdout }} inet6 static + address {{ switch.ipv6[0].address }}/{{ switch.ipv6[0].prefix }} +{% if 'interfaces' in ansible_local %} +{% if 'sup_if_6' in ansible_local.interfaces %} +{% if switch_iface.stdout in ansible_local.interfaces.sup_if_6 %} +{% for line in ansible_local.interfaces.sup_if_6[switch_iface.stdout] %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} +{% endif %} From d1cad85bfab4861db5863611e0ff5141eddfe305 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 21 Apr 2020 16:55:34 +0200 Subject: [PATCH 20/27] [interfaces] Deploy interfaces on fyre --- interfaces.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces.yml b/interfaces.yml index 1feb86ca..a17fd7f0 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -25,7 +25,7 @@ register: adh_iface check_mode: no -- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org,charybde.adm.crans.org,cas-srv.adm.crans.org +- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org,charybde.adm.crans.org,cas-srv.adm.crans.org,fyre.adm.crans.org vars: - srv_gateway: 185.230.79.254 - srv_dns: 185.230.79.152 185.230.79.4 From 51f49eb461defe1c8e0c6fec1d4d8c661904b8a6 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Mon, 27 Apr 2020 21:28:43 +0200 Subject: [PATCH 21/27] [interfaces] allow-hotplug to auto --- roles/interfaces/templates/network/interfaces.d/00-srv.j2 | 2 +- roles/interfaces/templates/network/interfaces.d/01-ens.j2 | 2 +- roles/interfaces/templates/network/interfaces.d/02-adm.j2 | 2 +- roles/interfaces/templates/network/interfaces.d/03-borne.j2 | 2 +- roles/interfaces/templates/network/interfaces.d/04-switch.j2 | 2 +- roles/interfaces/templates/network/interfaces.d/21-fil.j2 | 2 +- roles/interfaces/templates/network/interfaces.d/23-adh.j2 | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 index 53151878..a1426f64 100644 --- a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 +++ b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 @@ -1,7 +1,7 @@ {{ ansible_header | comment }} {% set srv = hostvars[inventory_hostname]['ansible_' + srv_iface.stdout] %} -allow-hotplug {{ srv_iface.stdout }} +auto {{ srv_iface.stdout }} iface {{ srv_iface.stdout }} inet static address {{ srv.ipv4.address }} network {{ srv.ipv4.network }} diff --git a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 index 62cb77fc..4da6da89 100644 --- a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 +++ b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 @@ -1,7 +1,7 @@ {{ ansible_header | comment }} {% set ens = hostvars[inventory_hostname]['ansible_' + ens_iface.stdout] %} -allow-hotplug {{ ens_iface.stdout }} +auto {{ ens_iface.stdout }} iface {{ ens_iface.stdout }} inet static address {{ ens.ipv4.address }} network {{ ens.ipv4.network }} diff --git a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 index 95991513..1708e777 100644 --- a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 +++ b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 @@ -1,7 +1,7 @@ {{ ansible_header | comment }} {% set adm = hostvars[inventory_hostname]['ansible_' + adm_iface.stdout] %} -allow-hotplug {{ adm_iface.stdout }} +auto {{ adm_iface.stdout }} iface {{ adm_iface.stdout }} inet static address {{ adm.ipv4.address }} network {{ adm.ipv4.network }} diff --git a/roles/interfaces/templates/network/interfaces.d/03-borne.j2 b/roles/interfaces/templates/network/interfaces.d/03-borne.j2 index 0eb3ecb2..749f144e 100644 --- a/roles/interfaces/templates/network/interfaces.d/03-borne.j2 +++ b/roles/interfaces/templates/network/interfaces.d/03-borne.j2 @@ -1,7 +1,7 @@ {{ ansible_header | comment }} {% set borne = hostvars[inventory_hostname]['ansible_' + borne_iface.stdout] %} -allow-hotplug {{ borne_iface.stdout }} +auto {{ borne_iface.stdout }} iface {{ borne_iface.stdout }} inet static address {{ borne.ipv4.address }} network {{ borne.ipv4.network }} diff --git a/roles/interfaces/templates/network/interfaces.d/04-switch.j2 b/roles/interfaces/templates/network/interfaces.d/04-switch.j2 index d8cfeb8b..fb007a7b 100644 --- a/roles/interfaces/templates/network/interfaces.d/04-switch.j2 +++ b/roles/interfaces/templates/network/interfaces.d/04-switch.j2 @@ -1,7 +1,7 @@ {{ ansible_header | comment }} {% set switch = hostvars[inventory_hostname]['ansible_' + switch_iface.stdout] %} -allow-hotplug {{ switch_iface.stdout }} +auto {{ switch_iface.stdout }} iface {{ switch_iface.stdout }} inet static address {{ switch.ipv4.address }} network {{ switch.ipv4.network }} diff --git a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 index 0e08910a..a77e747f 100644 --- a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 +++ b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 @@ -1,7 +1,7 @@ {{ ansible_header | comment }} {% set fil = hostvars[inventory_hostname]['ansible_' + fil_iface.stdout] %} -allow-hotplug {{ fil_iface.stdout }} +auto {{ fil_iface.stdout }} iface {{ fil_iface.stdout }} inet static address {{ fil.ipv4.address }} network {{ fil.ipv4.network }} diff --git a/roles/interfaces/templates/network/interfaces.d/23-adh.j2 b/roles/interfaces/templates/network/interfaces.d/23-adh.j2 index bc03ccc1..ee1578d6 100644 --- a/roles/interfaces/templates/network/interfaces.d/23-adh.j2 +++ b/roles/interfaces/templates/network/interfaces.d/23-adh.j2 @@ -1,7 +1,7 @@ {{ ansible_header | comment }} {% set adh = hostvars[inventory_hostname]['ansible_' + adh_iface.stdout] %} -allow-hotplug {{ adh_iface.stdout }} +auto {{ adh_iface.stdout }} iface {{ adh_iface.stdout }} inet static address {{ adh.ipv4.address }} network {{ adh.ipv4.network }} From 28ffd68a147995a93289f6dfb1b7516a157de411 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Mon, 27 Apr 2020 21:34:41 +0200 Subject: [PATCH 22/27] [interfaces] Install vlan --- roles/interfaces/tasks/main.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/roles/interfaces/tasks/main.yml b/roles/interfaces/tasks/main.yml index 210e3142..c155fc1b 100644 --- a/roles/interfaces/tasks/main.yml +++ b/roles/interfaces/tasks/main.yml @@ -1,4 +1,13 @@ --- +- name: Install vlan support + apt: + update_cache: true + name: vlan + state: present + register: apt_result + retries: 3 + until: apt_result is succeeded + - name: Deploy default interfaces config template: src: network/interfaces.j2 From c651b608f838fa92797913a1d892299ea6d72302 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Tue, 28 Apr 2020 18:06:07 +0200 Subject: [PATCH 23/27] [interfaces] Deploy interfaces on silice --- interfaces.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces.yml b/interfaces.yml index a17fd7f0..5c35aa32 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -25,7 +25,7 @@ register: adh_iface check_mode: no -- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org,charybde.adm.crans.org,cas-srv.adm.crans.org,fyre.adm.crans.org +- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org,charybde.adm.crans.org,cas-srv.adm.crans.org,fyre.adm.crans.org,silice.adm.crans.org vars: - srv_gateway: 185.230.79.254 - srv_dns: 185.230.79.152 185.230.79.4 From b1120e76378e44437c58dfcb7316a1c85a51b442 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Tue, 28 Apr 2020 18:26:59 +0200 Subject: [PATCH 24/27] [interfaces] use is defined --- roles/interfaces/templates/network/interfaces.d/00-srv.j2 | 8 ++------ roles/interfaces/templates/network/interfaces.d/01-ens.j2 | 8 ++------ roles/interfaces/templates/network/interfaces.d/02-adm.j2 | 8 ++------ .../interfaces/templates/network/interfaces.d/03-borne.j2 | 8 ++------ .../templates/network/interfaces.d/04-switch.j2 | 8 ++------ roles/interfaces/templates/network/interfaces.d/21-fil.j2 | 8 ++------ roles/interfaces/templates/network/interfaces.d/23-adh.j2 | 8 ++------ 7 files changed, 14 insertions(+), 42 deletions(-) diff --git a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 index a1426f64..ba4f486c 100644 --- a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 +++ b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 @@ -12,27 +12,23 @@ iface {{ srv_iface.stdout }} inet static dns-nameservers {{ srv_dns }} dns-search crans.org up /sbin/ip link set $IFACE alias srv -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_4' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_4 is defined %} {% if srv_iface.stdout in ansible_local.interfaces.sup_if_4 %} {% for line in ansible_local.interfaces.sup_if_4[srv_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} iface {{ srv_iface.stdout }} inet6 static address {{ srv.ipv6[0].address }}/{{ srv.ipv6[0].prefix }} autoconf 1 accept_ra 2 up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_6' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_6 is defined %} {% if srv_iface.stdout in ansible_local.interfaces.sup_if_6 %} {% for line in ansible_local.interfaces.sup_if_6[srv_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 index 4da6da89..36e6d154 100644 --- a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 +++ b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 @@ -12,27 +12,23 @@ iface {{ ens_iface.stdout }} inet static dns-nameservers {{ ens_dns }} dns-search crans.org up /sbin/ip link set $IFACE alias ens -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_4' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_4 is defined %} {% if ens_iface.stdout in ansible_local.interfaces.sup_if_4 %} {% for line in ansible_local.interfaces.sup_if_4[ens_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} iface {{ ens_iface.stdout }} inet6 static address {{ ens.ipv6[0].address }}/{{ ens.ipv6[0].prefix }} autoconf 1 accept_ra 2 up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_6' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_6 is defined %} {% if ens_iface.stdout in ansible_local.interfaces.sup_if_6 %} {% for line in ansible_local.interfaces.sup_if_6[ens_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 index 1708e777..a78a660a 100644 --- a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 +++ b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 @@ -11,24 +11,20 @@ iface {{ adm_iface.stdout }} inet static dns-nameservers {{ adm_dns }} dns-search adm.crans.org up /sbin/ip link set $IFACE alias adm -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_4' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_4 is defined %} {% if adm_iface.stdout in ansible_local.interfaces.sup_if_4 %} {% for line in ansible_local.interfaces.sup_if_4[adm_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} iface {{ adm_iface.stdout }} inet6 static address {{ adm.ipv6[0].address }}/{{ adm.ipv6[0].prefix }} -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_6' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_6 is defined %} {% if adm_iface.stdout in ansible_local.interfaces.sup_if_6 %} {% for line in ansible_local.interfaces.sup_if_6[adm_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/03-borne.j2 b/roles/interfaces/templates/network/interfaces.d/03-borne.j2 index 749f144e..f9996740 100644 --- a/roles/interfaces/templates/network/interfaces.d/03-borne.j2 +++ b/roles/interfaces/templates/network/interfaces.d/03-borne.j2 @@ -11,24 +11,20 @@ iface {{ borne_iface.stdout }} inet static dns-nameservers {{ borne_dns }} dns-search borne.crans.org up /sbin/ip link set $IFACE alias borne -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_4' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_4 is defined %} {% if borne_iface.stdout in ansible_local.interfaces.sup_if_4 %} {% for line in ansible_local.interfaces.sup_if_4[borne_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} iface {{ borne_iface.stdout }} inet6 static address {{ borne.ipv6[0].address }}/{{ borne.ipv6[0].prefix }} -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_6' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_6 is defined %} {% if borne_iface.stdout in ansible_local.interfaces.sup_if_6 %} {% for line in ansible_local.interfaces.sup_if_6[borne_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/04-switch.j2 b/roles/interfaces/templates/network/interfaces.d/04-switch.j2 index fb007a7b..57e6630f 100644 --- a/roles/interfaces/templates/network/interfaces.d/04-switch.j2 +++ b/roles/interfaces/templates/network/interfaces.d/04-switch.j2 @@ -11,24 +11,20 @@ iface {{ switch_iface.stdout }} inet static dns-nameservers {{ switch_dns }} dns-search switch.crans.org up /sbin/ip link set $IFACE alias switch -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_4' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_4 is defined %} {% if switch_iface.stdout in ansible_local.interfaces.sup_if_4 %} {% for line in ansible_local.interfaces.sup_if_4[switch_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} iface {{ switch_iface.stdout }} inet6 static address {{ switch.ipv6[0].address }}/{{ switch.ipv6[0].prefix }} -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_6' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_6 is defined %} {% if switch_iface.stdout in ansible_local.interfaces.sup_if_6 %} {% for line in ansible_local.interfaces.sup_if_6[switch_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 index a77e747f..198f2ca0 100644 --- a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 +++ b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 @@ -12,24 +12,20 @@ iface {{ fil_iface.stdout }} inet static dns-nameservers {{ fil_dns }} dns-search fil.crans.org up /sbin/ip link set $IFACE alias fil -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_4' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_4 is defined %} {% if fil_iface.stdout in ansible_local.interfaces.sup_if_4 %} {% for line in ansible_local.interfaces.sup_if_4[fil_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} iface {{ fil_iface.stdout }} inet6 static address {{ fil.ipv6[0].address }}/{{ fil.ipv6[0].prefix }} -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_6' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_6 is defined %} {% if fil_iface.stdout in ansible_local.interfaces.sup_if_6 %} {% for line in ansible_local.interfaces.sup_if_6[fil_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/23-adh.j2 b/roles/interfaces/templates/network/interfaces.d/23-adh.j2 index ee1578d6..df9a47ad 100644 --- a/roles/interfaces/templates/network/interfaces.d/23-adh.j2 +++ b/roles/interfaces/templates/network/interfaces.d/23-adh.j2 @@ -12,27 +12,23 @@ iface {{ adh_iface.stdout }} inet static dns-nameservers {{ adh_dns }} dns-search crans.org up /sbin/ip link set $IFACE alias adh -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_4' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_4 is defined %} {% if adh_iface.stdout in ansible_local.interfaces.sup_if_4 %} {% for line in ansible_local.interfaces.sup_if_4[adh_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} iface {{ adh_iface.stdout }} inet6 static address {{ adh.ipv6[0].address }}/{{ adh.ipv6[0].prefix }} autoconf 1 accept_ra 2 up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 -{% if 'interfaces' in ansible_local %} -{% if 'sup_if_6' in ansible_local.interfaces %} +{% if ansible_local.interfaces.sup_if_6 is defined %} {% if adh_iface.stdout in ansible_local.interfaces.sup_if_6 %} {% for line in ansible_local.interfaces.sup_if_6[adh_iface.stdout] %} {{ line }} {% endfor %} {% endif %} {% endif %} -{% endif %} From cfe9140a0bf4358dadf6cf719ecb2c59e9d5f932 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Tue, 28 Apr 2020 18:46:38 +0200 Subject: [PATCH 25/27] [interfaces] Do not force autoconf --- roles/interfaces/templates/network/interfaces.d/00-srv.j2 | 3 --- roles/interfaces/templates/network/interfaces.d/01-ens.j2 | 3 --- roles/interfaces/templates/network/interfaces.d/23-adh.j2 | 3 --- 3 files changed, 9 deletions(-) diff --git a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 index ba4f486c..2bf4b97b 100644 --- a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 +++ b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 @@ -22,9 +22,6 @@ iface {{ srv_iface.stdout }} inet static iface {{ srv_iface.stdout }} inet6 static address {{ srv.ipv6[0].address }}/{{ srv.ipv6[0].prefix }} - autoconf 1 - accept_ra 2 - up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 {% if ansible_local.interfaces.sup_if_6 is defined %} {% if srv_iface.stdout in ansible_local.interfaces.sup_if_6 %} {% for line in ansible_local.interfaces.sup_if_6[srv_iface.stdout] %} diff --git a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 index 36e6d154..e1f101e2 100644 --- a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 +++ b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 @@ -22,9 +22,6 @@ iface {{ ens_iface.stdout }} inet static iface {{ ens_iface.stdout }} inet6 static address {{ ens.ipv6[0].address }}/{{ ens.ipv6[0].prefix }} - autoconf 1 - accept_ra 2 - up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 {% if ansible_local.interfaces.sup_if_6 is defined %} {% if ens_iface.stdout in ansible_local.interfaces.sup_if_6 %} {% for line in ansible_local.interfaces.sup_if_6[ens_iface.stdout] %} diff --git a/roles/interfaces/templates/network/interfaces.d/23-adh.j2 b/roles/interfaces/templates/network/interfaces.d/23-adh.j2 index df9a47ad..45241e6b 100644 --- a/roles/interfaces/templates/network/interfaces.d/23-adh.j2 +++ b/roles/interfaces/templates/network/interfaces.d/23-adh.j2 @@ -22,9 +22,6 @@ iface {{ adh_iface.stdout }} inet static iface {{ adh_iface.stdout }} inet6 static address {{ adh.ipv6[0].address }}/{{ adh.ipv6[0].prefix }} - autoconf 1 - accept_ra 2 - up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 {% if ansible_local.interfaces.sup_if_6 is defined %} {% if adh_iface.stdout in ansible_local.interfaces.sup_if_6 %} {% for line in ansible_local.interfaces.sup_if_6[adh_iface.stdout] %} From 459d9cc55e246d2a4be9591d56f7ced61643fe09 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Tue, 28 Apr 2020 18:59:35 +0200 Subject: [PATCH 26/27] [interfaces] Add metrics --- interfaces.yml | 34 +++++++++++++------ .../templates/network/interfaces.d/00-srv.j2 | 5 +-- .../templates/network/interfaces.d/01-ens.j2 | 5 +-- .../templates/network/interfaces.d/02-adm.j2 | 2 +- .../network/interfaces.d/03-borne.j2 | 2 +- .../network/interfaces.d/04-switch.j2 | 2 +- .../templates/network/interfaces.d/21-fil.j2 | 5 +-- .../templates/network/interfaces.d/23-adh.j2 | 5 +-- 8 files changed, 38 insertions(+), 22 deletions(-) diff --git a/interfaces.yml b/interfaces.yml index 5c35aa32..431b69bc 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -27,16 +27,28 @@ - hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org,charybde.adm.crans.org,cas-srv.adm.crans.org,fyre.adm.crans.org,silice.adm.crans.org vars: - - srv_gateway: 185.230.79.254 - - srv_dns: 185.230.79.152 185.230.79.4 - - ens_gateway: 138.231.136.254 - - ens_dns: 138.231.136.152 138.231.136.4 - - adm_dns: 10.231.136.152 10.231.136.4 - - borne_dns: 10.231.148.52 10.231.148.4 - - switch_dns: 10.231.100.152 10.231.100.4 - - fil_gateway: 10.54.0.254 - - fil_dns: 10.54.0.152 10.54.0.4 - - adh_gateway: 185.230.78.254 - - adh_dns: 185.230.78.152 185.230.78.4 + vlan: + srv: + metric: 100 + gateway: 185.230.79.254 + dns: 185.230.79.152 185.230.79.4 + ens: + metric: 300 + gateway: 138.231.136.254 + dns: 138.231.136.152 138.231.136.4 + adm: + dns: 10.231.136.152 10.231.136.4 + borne: + dns: 10.231.148.52 10.231.148.4 + switch: + dns: 10.231.100.152 10.231.100.4 + fil: + metric: 400 + gateway: 10.54.0.254 + dns: 10.54.0.152 10.54.0.4 + adh: + metric: 200 + gateway: 185.230.78.254 + dns: 185.230.78.152 185.230.78.4 roles: - interfaces diff --git a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 index 2bf4b97b..8ac4b8a5 100644 --- a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 +++ b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 @@ -7,9 +7,10 @@ iface {{ srv_iface.stdout }} inet static network {{ srv.ipv4.network }} netmask {{ srv.ipv4.netmask }} broadcast {{ srv.ipv4.broadcast }} - gateway {{ srv_gateway }} + gateway {{ vlan.srv.gateway }} + metric {{ vlan.srv.metric }} mtu 1496 - dns-nameservers {{ srv_dns }} + dns-nameservers {{ vlan.srv.dns }} dns-search crans.org up /sbin/ip link set $IFACE alias srv {% if ansible_local.interfaces.sup_if_4 is defined %} diff --git a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 index e1f101e2..6c308f23 100644 --- a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 +++ b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 @@ -7,9 +7,10 @@ iface {{ ens_iface.stdout }} inet static network {{ ens.ipv4.network }} netmask {{ ens.ipv4.netmask }} broadcast {{ ens.ipv4.broadcast }} - gateway {{ ens_gateway }} + gateway {{ vlan.ens.gateway }} + metric {{ vlan.ens.metric }} mtu 1496 - dns-nameservers {{ ens_dns }} + dns-nameservers {{ vlan.ens.dns }} dns-search crans.org up /sbin/ip link set $IFACE alias ens {% if ansible_local.interfaces.sup_if_4 is defined %} diff --git a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 index a78a660a..62fb1f1e 100644 --- a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 +++ b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 @@ -8,7 +8,7 @@ iface {{ adm_iface.stdout }} inet static netmask {{ adm.ipv4.netmask }} broadcast {{ adm.ipv4.broadcast }} mtu 1496 - dns-nameservers {{ adm_dns }} + dns-nameservers {{ vlan.adm.dns }} dns-search adm.crans.org up /sbin/ip link set $IFACE alias adm {% if ansible_local.interfaces.sup_if_4 is defined %} diff --git a/roles/interfaces/templates/network/interfaces.d/03-borne.j2 b/roles/interfaces/templates/network/interfaces.d/03-borne.j2 index f9996740..7db48f6a 100644 --- a/roles/interfaces/templates/network/interfaces.d/03-borne.j2 +++ b/roles/interfaces/templates/network/interfaces.d/03-borne.j2 @@ -8,7 +8,7 @@ iface {{ borne_iface.stdout }} inet static netmask {{ borne.ipv4.netmask }} broadcast {{ borne.ipv4.broadcast }} mtu 1496 - dns-nameservers {{ borne_dns }} + dns-nameservers {{ vlan.borne.dns }} dns-search borne.crans.org up /sbin/ip link set $IFACE alias borne {% if ansible_local.interfaces.sup_if_4 is defined %} diff --git a/roles/interfaces/templates/network/interfaces.d/04-switch.j2 b/roles/interfaces/templates/network/interfaces.d/04-switch.j2 index 57e6630f..586adef9 100644 --- a/roles/interfaces/templates/network/interfaces.d/04-switch.j2 +++ b/roles/interfaces/templates/network/interfaces.d/04-switch.j2 @@ -8,7 +8,7 @@ iface {{ switch_iface.stdout }} inet static netmask {{ switch.ipv4.netmask }} broadcast {{ switch.ipv4.broadcast }} mtu 1496 - dns-nameservers {{ switch_dns }} + dns-nameservers {{ vlan.switch.dns }} dns-search switch.crans.org up /sbin/ip link set $IFACE alias switch {% if ansible_local.interfaces.sup_if_4 is defined %} diff --git a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 index 198f2ca0..c5bb9508 100644 --- a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 +++ b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 @@ -7,9 +7,10 @@ iface {{ fil_iface.stdout }} inet static network {{ fil.ipv4.network }} netmask {{ fil.ipv4.netmask }} broadcast {{ fil.ipv4.broadcast }} - gateway {{ fil_gateway }} + gateway {{ vlan.fil.gateway }} + metric {{ vlan.fil.metric }} mtu 1496 - dns-nameservers {{ fil_dns }} + dns-nameservers {{ vlan.fil.dns }} dns-search fil.crans.org up /sbin/ip link set $IFACE alias fil {% if ansible_local.interfaces.sup_if_4 is defined %} diff --git a/roles/interfaces/templates/network/interfaces.d/23-adh.j2 b/roles/interfaces/templates/network/interfaces.d/23-adh.j2 index 45241e6b..de2b21b7 100644 --- a/roles/interfaces/templates/network/interfaces.d/23-adh.j2 +++ b/roles/interfaces/templates/network/interfaces.d/23-adh.j2 @@ -7,9 +7,10 @@ iface {{ adh_iface.stdout }} inet static network {{ adh.ipv4.network }} netmask {{ adh.ipv4.netmask }} broadcast {{ adh.ipv4.broadcast }} - gateway {{ adh_gateway }} + gateway {{ vlan.adh.gateway }} + metric {{ vlan.adh.metric }} mtu 1496 - dns-nameservers {{ adh_dns }} + dns-nameservers {{ vlan.adh.dns }} dns-search crans.org up /sbin/ip link set $IFACE alias adh {% if ansible_local.interfaces.sup_if_4 is defined %} From a3e3532644bd38cc1c17b0d79e21ef0dd2745cc0 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Tue, 28 Apr 2020 20:27:58 +0200 Subject: [PATCH 27/27] [interface] Factorize --- interfaces.yml | 72 +++++++++++-------- roles/interfaces/tasks/main.yml | 51 ++----------- .../templates/network/interfaces.d/00-srv.j2 | 32 --------- .../templates/network/interfaces.d/01-ens.j2 | 32 --------- .../templates/network/interfaces.d/02-adm.j2 | 30 -------- .../network/interfaces.d/03-borne.j2 | 30 -------- .../network/interfaces.d/04-switch.j2 | 30 -------- .../templates/network/interfaces.d/21-fil.j2 | 32 --------- .../templates/network/interfaces.d/23-adh.j2 | 32 --------- .../templates/network/interfaces.d/ifalias.j2 | 36 ++++++++++ 10 files changed, 85 insertions(+), 292 deletions(-) delete mode 100644 roles/interfaces/templates/network/interfaces.d/00-srv.j2 delete mode 100644 roles/interfaces/templates/network/interfaces.d/01-ens.j2 delete mode 100644 roles/interfaces/templates/network/interfaces.d/02-adm.j2 delete mode 100644 roles/interfaces/templates/network/interfaces.d/03-borne.j2 delete mode 100644 roles/interfaces/templates/network/interfaces.d/04-switch.j2 delete mode 100644 roles/interfaces/templates/network/interfaces.d/21-fil.j2 delete mode 100644 roles/interfaces/templates/network/interfaces.d/23-adh.j2 create mode 100644 roles/interfaces/templates/network/interfaces.d/ifalias.j2 diff --git a/interfaces.yml b/interfaces.yml index 431b69bc..5c7107a7 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -1,54 +1,70 @@ #!/usr/bin/env ansible-playbook --- -# Set variable adm_iface for all servers +# Get ifname of configured vlan for all servers - hosts: server tasks: - - shell: grep srv /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" - register: srv_iface - check_mode: no - - shell: grep ens /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" - register: ens_iface - check_mode: no - - shell: grep adm /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" - register: adm_iface - check_mode: no - - shell: grep borne /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" - register: borne_iface - check_mode: no - - shell: grep switch /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" - register: switch_iface - check_mode: no - - shell: grep fil /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" - register: fil_iface - check_mode: no - - shell: grep adh /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" - register: adh_iface + - shell: "grep {{ item }} /sys/class/net/*/ifalias | sed \"s|/sys/class/net/||\" | sed \"s|/ifalias:.*||\"" check_mode: no + register: ifaces + loop: + - srv + - ens + - adm + - borne + - switch + - fil - hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org,charybde.adm.crans.org,cas-srv.adm.crans.org,fyre.adm.crans.org,silice.adm.crans.org vars: vlan: - srv: + - name: srv + id: 0 metric: 100 gateway: 185.230.79.254 dns: 185.230.79.152 185.230.79.4 - ens: + dns_search: crans.org + ifnames: "{{ ifaces | json_query('results[?item==`srv`].stdout') }}" + + - name: ens + id: 1 metric: 300 gateway: 138.231.136.254 dns: 138.231.136.152 138.231.136.4 - adm: + dns_search: crans.org + ifnames: "{{ ifaces | json_query('results[?item==`ens`].stdout') }}" + + - name: adm + id: 2 dns: 10.231.136.152 10.231.136.4 - borne: + dns_search: adm.crans.org + ifnames: "{{ ifaces | json_query('results[?item==`adm`].stdout') }}" + + - name: borne + id: 3 dns: 10.231.148.52 10.231.148.4 - switch: + dns_search: borne.crans.org + ifnames: "{{ ifaces | json_query('results[?item==`borne`].stdout') }}" + + - name: switch + id: 4 dns: 10.231.100.152 10.231.100.4 - fil: + dns_search: switch.crans.org + ifnames: "{{ ifaces | json_query('results[?item==`switch`].stdout') }}" + + - name: fil + id: 21 metric: 400 gateway: 10.54.0.254 dns: 10.54.0.152 10.54.0.4 - adh: + dns_search: fil.crans.org + ifnames: "{{ ifaces | json_query('results[?item==`fil`].stdout') }}" + + - name: adh + id: 23 metric: 200 gateway: 185.230.78.254 dns: 185.230.78.152 185.230.78.4 + dns_search: crans.org + ifnames: "{{ ifaces | json_query('results[?item==`adh`].stdout') }}" roles: - interfaces diff --git a/roles/interfaces/tasks/main.yml b/roles/interfaces/tasks/main.yml index c155fc1b..886b45d3 100644 --- a/roles/interfaces/tasks/main.yml +++ b/roles/interfaces/tasks/main.yml @@ -14,51 +14,10 @@ dest: /etc/network/interfaces mode: 0644 -- name: Deploy srv interface config +- name: Deploy interfaces config template: - src: network/interfaces.d/00-srv.j2 - dest: /etc/network/interfaces.d/00-srv + src: "network/interfaces.d/ifalias.j2" + dest: "/etc/network/interfaces.d/{{ '%02d' | format(item.id) }}-{{ item.name }}" mode: 0644 - when: srv_iface.stdout - -- name: Deploy ens interface config - template: - src: network/interfaces.d/01-ens.j2 - dest: /etc/network/interfaces.d/01-ens - mode: 0644 - when: ens_iface.stdout - -- name: Deploy adm interface config - template: - src: network/interfaces.d/02-adm.j2 - dest: /etc/network/interfaces.d/02-adm - mode: 0644 - when: adm_iface.stdout - -- name: Deploy borne interface config - template: - src: network/interfaces.d/03-borne.j2 - dest: /etc/network/interfaces.d/03-borne - mode: 0644 - when: borne_iface.stdout - -- name: Deploy switch interface config - template: - src: network/interfaces.d/04-switch.j2 - dest: /etc/network/interfaces.d/04-switch - mode: 0644 - when: switch_iface.stdout - -- name: Deploy fil interface config - template: - src: network/interfaces.d/21-fil.j2 - dest: /etc/network/interfaces.d/21-fil - mode: 0644 - when: fil_iface.stdout - -- name: Deploy adh interface config - template: - src: network/interfaces.d/23-adh.j2 - dest: /etc/network/interfaces.d/23-adh - mode: 0644 - when: adh_iface.stdout + when: (item.ifnames | length > 0) and item.ifnames[0] != '' + loop: "{{ vlan }}" diff --git a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 deleted file mode 100644 index 8ac4b8a5..00000000 --- a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 +++ /dev/null @@ -1,32 +0,0 @@ -{{ ansible_header | comment }} - -{% set srv = hostvars[inventory_hostname]['ansible_' + srv_iface.stdout] %} -auto {{ srv_iface.stdout }} -iface {{ srv_iface.stdout }} inet static - address {{ srv.ipv4.address }} - network {{ srv.ipv4.network }} - netmask {{ srv.ipv4.netmask }} - broadcast {{ srv.ipv4.broadcast }} - gateway {{ vlan.srv.gateway }} - metric {{ vlan.srv.metric }} - mtu 1496 - dns-nameservers {{ vlan.srv.dns }} - dns-search crans.org - up /sbin/ip link set $IFACE alias srv -{% if ansible_local.interfaces.sup_if_4 is defined %} -{% if srv_iface.stdout in ansible_local.interfaces.sup_if_4 %} -{% for line in ansible_local.interfaces.sup_if_4[srv_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} - -iface {{ srv_iface.stdout }} inet6 static - address {{ srv.ipv6[0].address }}/{{ srv.ipv6[0].prefix }} -{% if ansible_local.interfaces.sup_if_6 is defined %} -{% if srv_iface.stdout in ansible_local.interfaces.sup_if_6 %} -{% for line in ansible_local.interfaces.sup_if_6[srv_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 deleted file mode 100644 index 6c308f23..00000000 --- a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 +++ /dev/null @@ -1,32 +0,0 @@ -{{ ansible_header | comment }} - -{% set ens = hostvars[inventory_hostname]['ansible_' + ens_iface.stdout] %} -auto {{ ens_iface.stdout }} -iface {{ ens_iface.stdout }} inet static - address {{ ens.ipv4.address }} - network {{ ens.ipv4.network }} - netmask {{ ens.ipv4.netmask }} - broadcast {{ ens.ipv4.broadcast }} - gateway {{ vlan.ens.gateway }} - metric {{ vlan.ens.metric }} - mtu 1496 - dns-nameservers {{ vlan.ens.dns }} - dns-search crans.org - up /sbin/ip link set $IFACE alias ens -{% if ansible_local.interfaces.sup_if_4 is defined %} -{% if ens_iface.stdout in ansible_local.interfaces.sup_if_4 %} -{% for line in ansible_local.interfaces.sup_if_4[ens_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} - -iface {{ ens_iface.stdout }} inet6 static - address {{ ens.ipv6[0].address }}/{{ ens.ipv6[0].prefix }} -{% if ansible_local.interfaces.sup_if_6 is defined %} -{% if ens_iface.stdout in ansible_local.interfaces.sup_if_6 %} -{% for line in ansible_local.interfaces.sup_if_6[ens_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 deleted file mode 100644 index 62fb1f1e..00000000 --- a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 +++ /dev/null @@ -1,30 +0,0 @@ -{{ ansible_header | comment }} - -{% set adm = hostvars[inventory_hostname]['ansible_' + adm_iface.stdout] %} -auto {{ adm_iface.stdout }} -iface {{ adm_iface.stdout }} inet static - address {{ adm.ipv4.address }} - network {{ adm.ipv4.network }} - netmask {{ adm.ipv4.netmask }} - broadcast {{ adm.ipv4.broadcast }} - mtu 1496 - dns-nameservers {{ vlan.adm.dns }} - dns-search adm.crans.org - up /sbin/ip link set $IFACE alias adm -{% if ansible_local.interfaces.sup_if_4 is defined %} -{% if adm_iface.stdout in ansible_local.interfaces.sup_if_4 %} -{% for line in ansible_local.interfaces.sup_if_4[adm_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} - -iface {{ adm_iface.stdout }} inet6 static - address {{ adm.ipv6[0].address }}/{{ adm.ipv6[0].prefix }} -{% if ansible_local.interfaces.sup_if_6 is defined %} -{% if adm_iface.stdout in ansible_local.interfaces.sup_if_6 %} -{% for line in ansible_local.interfaces.sup_if_6[adm_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/03-borne.j2 b/roles/interfaces/templates/network/interfaces.d/03-borne.j2 deleted file mode 100644 index 7db48f6a..00000000 --- a/roles/interfaces/templates/network/interfaces.d/03-borne.j2 +++ /dev/null @@ -1,30 +0,0 @@ -{{ ansible_header | comment }} - -{% set borne = hostvars[inventory_hostname]['ansible_' + borne_iface.stdout] %} -auto {{ borne_iface.stdout }} -iface {{ borne_iface.stdout }} inet static - address {{ borne.ipv4.address }} - network {{ borne.ipv4.network }} - netmask {{ borne.ipv4.netmask }} - broadcast {{ borne.ipv4.broadcast }} - mtu 1496 - dns-nameservers {{ vlan.borne.dns }} - dns-search borne.crans.org - up /sbin/ip link set $IFACE alias borne -{% if ansible_local.interfaces.sup_if_4 is defined %} -{% if borne_iface.stdout in ansible_local.interfaces.sup_if_4 %} -{% for line in ansible_local.interfaces.sup_if_4[borne_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} - -iface {{ borne_iface.stdout }} inet6 static - address {{ borne.ipv6[0].address }}/{{ borne.ipv6[0].prefix }} -{% if ansible_local.interfaces.sup_if_6 is defined %} -{% if borne_iface.stdout in ansible_local.interfaces.sup_if_6 %} -{% for line in ansible_local.interfaces.sup_if_6[borne_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/04-switch.j2 b/roles/interfaces/templates/network/interfaces.d/04-switch.j2 deleted file mode 100644 index 586adef9..00000000 --- a/roles/interfaces/templates/network/interfaces.d/04-switch.j2 +++ /dev/null @@ -1,30 +0,0 @@ -{{ ansible_header | comment }} - -{% set switch = hostvars[inventory_hostname]['ansible_' + switch_iface.stdout] %} -auto {{ switch_iface.stdout }} -iface {{ switch_iface.stdout }} inet static - address {{ switch.ipv4.address }} - network {{ switch.ipv4.network }} - netmask {{ switch.ipv4.netmask }} - broadcast {{ switch.ipv4.broadcast }} - mtu 1496 - dns-nameservers {{ vlan.switch.dns }} - dns-search switch.crans.org - up /sbin/ip link set $IFACE alias switch -{% if ansible_local.interfaces.sup_if_4 is defined %} -{% if switch_iface.stdout in ansible_local.interfaces.sup_if_4 %} -{% for line in ansible_local.interfaces.sup_if_4[switch_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} - -iface {{ switch_iface.stdout }} inet6 static - address {{ switch.ipv6[0].address }}/{{ switch.ipv6[0].prefix }} -{% if ansible_local.interfaces.sup_if_6 is defined %} -{% if switch_iface.stdout in ansible_local.interfaces.sup_if_6 %} -{% for line in ansible_local.interfaces.sup_if_6[switch_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 b/roles/interfaces/templates/network/interfaces.d/21-fil.j2 deleted file mode 100644 index c5bb9508..00000000 --- a/roles/interfaces/templates/network/interfaces.d/21-fil.j2 +++ /dev/null @@ -1,32 +0,0 @@ -{{ ansible_header | comment }} - -{% set fil = hostvars[inventory_hostname]['ansible_' + fil_iface.stdout] %} -auto {{ fil_iface.stdout }} -iface {{ fil_iface.stdout }} inet static - address {{ fil.ipv4.address }} - network {{ fil.ipv4.network }} - netmask {{ fil.ipv4.netmask }} - broadcast {{ fil.ipv4.broadcast }} - gateway {{ vlan.fil.gateway }} - metric {{ vlan.fil.metric }} - mtu 1496 - dns-nameservers {{ vlan.fil.dns }} - dns-search fil.crans.org - up /sbin/ip link set $IFACE alias fil -{% if ansible_local.interfaces.sup_if_4 is defined %} -{% if fil_iface.stdout in ansible_local.interfaces.sup_if_4 %} -{% for line in ansible_local.interfaces.sup_if_4[fil_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} - -iface {{ fil_iface.stdout }} inet6 static - address {{ fil.ipv6[0].address }}/{{ fil.ipv6[0].prefix }} -{% if ansible_local.interfaces.sup_if_6 is defined %} -{% if fil_iface.stdout in ansible_local.interfaces.sup_if_6 %} -{% for line in ansible_local.interfaces.sup_if_6[fil_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/23-adh.j2 b/roles/interfaces/templates/network/interfaces.d/23-adh.j2 deleted file mode 100644 index de2b21b7..00000000 --- a/roles/interfaces/templates/network/interfaces.d/23-adh.j2 +++ /dev/null @@ -1,32 +0,0 @@ -{{ ansible_header | comment }} - -{% set adh = hostvars[inventory_hostname]['ansible_' + adh_iface.stdout] %} -auto {{ adh_iface.stdout }} -iface {{ adh_iface.stdout }} inet static - address {{ adh.ipv4.address }} - network {{ adh.ipv4.network }} - netmask {{ adh.ipv4.netmask }} - broadcast {{ adh.ipv4.broadcast }} - gateway {{ vlan.adh.gateway }} - metric {{ vlan.adh.metric }} - mtu 1496 - dns-nameservers {{ vlan.adh.dns }} - dns-search crans.org - up /sbin/ip link set $IFACE alias adh -{% if ansible_local.interfaces.sup_if_4 is defined %} -{% if adh_iface.stdout in ansible_local.interfaces.sup_if_4 %} -{% for line in ansible_local.interfaces.sup_if_4[adh_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} - -iface {{ adh_iface.stdout }} inet6 static - address {{ adh.ipv6[0].address }}/{{ adh.ipv6[0].prefix }} -{% if ansible_local.interfaces.sup_if_6 is defined %} -{% if adh_iface.stdout in ansible_local.interfaces.sup_if_6 %} -{% for line in ansible_local.interfaces.sup_if_6[adh_iface.stdout] %} - {{ line }} -{% endfor %} -{% endif %} -{% endif %} diff --git a/roles/interfaces/templates/network/interfaces.d/ifalias.j2 b/roles/interfaces/templates/network/interfaces.d/ifalias.j2 new file mode 100644 index 00000000..daf6a938 --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.d/ifalias.j2 @@ -0,0 +1,36 @@ +{{ ansible_header | comment }} + +{% set ifconfig = hostvars[inventory_hostname]['ansible_' + item.ifnames[0]] %} +auto {{ item.ifnames[0] }} +iface {{ item.ifnames[0] }} inet static + address {{ ifconfig.ipv4.address }} + network {{ ifconfig.ipv4.network }} + netmask {{ ifconfig.ipv4.netmask }} + broadcast {{ ifconfig.ipv4.broadcast }} +{% if item.gateway is defined %} + gateway {{ item.gateway }} +{% endif %} +{% if item.metric is defined %} + metric {{ item.metric }} +{% endif %} + mtu 1496 + dns-nameservers {{ item.dns }} + dns-search {{ item.dns_search }} + up /sbin/ip link set $IFACE alias {{ item.name }} +{% if ansible_local.interfaces.sup_if_4 is defined %} +{% if item.ifnames[0] in ansible_local.interfaces.sup_if_4 %} +{% for line in ansible_local.interfaces.sup_if_4[item.ifnames[0]] %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %} + +iface {{ item.ifnames[0] }} inet6 static + address {{ ifconfig.ipv6[0].address }}/{{ ifconfig.ipv6[0].prefix }} +{% if ansible_local.interfaces.sup_if_6 is defined %} +{% if item.ifnames[0] in ansible_local.interfaces.sup_if_6 %} +{% for line in ansible_local.interfaces.sup_if_6[item.ifnames[0]] %} + {{ line }} +{% endfor %} +{% endif %} +{% endif %}