crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity

[interface] Factorize

certbot_on_virtu
Alexandre Iooss 2020-04-28 20:27:58 +02:00 committed by Bombar Maxime
parent e4acc35c01
commit bb28a75b4e
10 changed files with 85 additions and 292 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
interfaces.yml
View File

@ -1,54 +1,70 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
--- ---
# Set variable adm_iface for all servers # Get ifname of configured vlan for all servers
- hosts: server - hosts: server
tasks: tasks:
- shell: grep srv /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" - shell: "grep {{ item }} /sys/class/net/*/ifalias | sed \"s|/sys/class/net/||\" | sed \"s|/ifalias:.*||\""
register: srv_iface
check_mode: no
- shell: grep ens /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||"
register: ens_iface
check_mode: no
- shell: grep adm /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||"
register: adm_iface
check_mode: no
- shell: grep borne /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||"
register: borne_iface
check_mode: no
- shell: grep switch /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||"
register: switch_iface
check_mode: no
- shell: grep fil /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||"
register: fil_iface
check_mode: no
- shell: grep adh /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||"
register: adh_iface
check_mode: no check_mode: no
register: ifaces
loop:
- srv
- ens
- adm
- borne
- switch
- fil
- hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org,charybde.adm.crans.org,cas-srv.adm.crans.org,fyre.adm.crans.org,silice.adm.crans.org - hosts: boeing.adm.crans.org,cochon.adm.crans.org,tracker.adm.crans.org,voyager.adm.crans.org,lutim.adm.crans.org,gateau.adm.crans.org,owncloud-srv.adm.crans.org,charybde.adm.crans.org,cas-srv.adm.crans.org,fyre.adm.crans.org,silice.adm.crans.org
vars: vars:
vlan: vlan:
srv: - name: srv
id: 0
metric: 100 metric: 100
gateway: 185.230.79.254 gateway: 185.230.79.254
dns: 185.230.79.152 185.230.79.4 dns: 185.230.79.152 185.230.79.4
ens: dns_search: crans.org
ifnames: "{{ ifaces | json_query('results[?item==`srv`].stdout') }}"
- name: ens
id: 1
metric: 300 metric: 300
gateway: 138.231.136.254 gateway: 138.231.136.254
dns: 138.231.136.152 138.231.136.4 dns: 138.231.136.152 138.231.136.4
adm: dns_search: crans.org
ifnames: "{{ ifaces | json_query('results[?item==`ens`].stdout') }}"
- name: adm
id: 2
dns: 10.231.136.152 10.231.136.4 dns: 10.231.136.152 10.231.136.4
borne: dns_search: adm.crans.org
ifnames: "{{ ifaces | json_query('results[?item==`adm`].stdout') }}"
- name: borne
id: 3
dns: 10.231.148.52 10.231.148.4 dns: 10.231.148.52 10.231.148.4
switch: dns_search: borne.crans.org
ifnames: "{{ ifaces | json_query('results[?item==`borne`].stdout') }}"
- name: switch
id: 4
dns: 10.231.100.152 10.231.100.4 dns: 10.231.100.152 10.231.100.4
fil: dns_search: switch.crans.org
ifnames: "{{ ifaces | json_query('results[?item==`switch`].stdout') }}"
- name: fil
id: 21
metric: 400 metric: 400
gateway: 10.54.0.254 gateway: 10.54.0.254
dns: 10.54.0.152 10.54.0.4 dns: 10.54.0.152 10.54.0.4
adh: dns_search: fil.crans.org
ifnames: "{{ ifaces | json_query('results[?item==`fil`].stdout') }}"
- name: adh
id: 23
metric: 200 metric: 200
gateway: 185.230.78.254 gateway: 185.230.78.254
dns: 185.230.78.152 185.230.78.4 dns: 185.230.78.152 185.230.78.4
dns_search: crans.org
ifnames: "{{ ifaces | json_query('results[?item==`adh`].stdout') }}"
roles: roles:
- interfaces - interfaces

51
roles/interfaces/tasks/main.yml
View File

@ -14,51 +14,10 @@
dest: /etc/network/interfaces dest: /etc/network/interfaces
mode: 0644 mode: 0644
- name: Deploy srv interface config - name: Deploy interfaces config
template: template:
src: network/interfaces.d/00-srv.j2 src: "network/interfaces.d/ifalias.j2"
dest: /etc/network/interfaces.d/00-srv dest: "/etc/network/interfaces.d/{{ '%02d' | format(item.id) }}-{{ item.name }}"
mode: 0644 mode: 0644
when: srv_iface.stdout when: (item.ifnames | length > 0) and item.ifnames[0] != ''
loop: "{{ vlan }}"
- name: Deploy ens interface config
template:
src: network/interfaces.d/01-ens.j2
dest: /etc/network/interfaces.d/01-ens
mode: 0644
when: ens_iface.stdout
- name: Deploy adm interface config
template:
src: network/interfaces.d/02-adm.j2
dest: /etc/network/interfaces.d/02-adm
mode: 0644
when: adm_iface.stdout
- name: Deploy borne interface config
template:
src: network/interfaces.d/03-borne.j2
dest: /etc/network/interfaces.d/03-borne
mode: 0644
when: borne_iface.stdout
- name: Deploy switch interface config
template:
src: network/interfaces.d/04-switch.j2
dest: /etc/network/interfaces.d/04-switch
mode: 0644
when: switch_iface.stdout
- name: Deploy fil interface config
template:
src: network/interfaces.d/21-fil.j2
dest: /etc/network/interfaces.d/21-fil
mode: 0644
when: fil_iface.stdout
- name: Deploy adh interface config
template:
src: network/interfaces.d/23-adh.j2
dest: /etc/network/interfaces.d/23-adh
mode: 0644
when: adh_iface.stdout

32
roles/interfaces/templates/network/interfaces.d/00-srv.j2
View File

@ -1,32 +0,0 @@
{{ ansible_header | comment }}
{% set srv = hostvars[inventory_hostname]['ansible_' + srv_iface.stdout] %}
auto {{ srv_iface.stdout }}
iface {{ srv_iface.stdout }} inet static
address {{ srv.ipv4.address }}
network {{ srv.ipv4.network }}
netmask {{ srv.ipv4.netmask }}
broadcast {{ srv.ipv4.broadcast }}
gateway {{ vlan.srv.gateway }}
metric {{ vlan.srv.metric }}
mtu 1496
dns-nameservers {{ vlan.srv.dns }}
dns-search crans.org
up /sbin/ip link set $IFACE alias srv
{% if ansible_local.interfaces.sup_if_4 is defined %}
{% if srv_iface.stdout in ansible_local.interfaces.sup_if_4 %}
{% for line in ansible_local.interfaces.sup_if_4[srv_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}
iface {{ srv_iface.stdout }} inet6 static
address {{ srv.ipv6[0].address }}/{{ srv.ipv6[0].prefix }}
{% if ansible_local.interfaces.sup_if_6 is defined %}
{% if srv_iface.stdout in ansible_local.interfaces.sup_if_6 %}
{% for line in ansible_local.interfaces.sup_if_6[srv_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}

32
roles/interfaces/templates/network/interfaces.d/01-ens.j2
View File

@ -1,32 +0,0 @@
{{ ansible_header | comment }}
{% set ens = hostvars[inventory_hostname]['ansible_' + ens_iface.stdout] %}
auto {{ ens_iface.stdout }}
iface {{ ens_iface.stdout }} inet static
address {{ ens.ipv4.address }}
network {{ ens.ipv4.network }}
netmask {{ ens.ipv4.netmask }}
broadcast {{ ens.ipv4.broadcast }}
gateway {{ vlan.ens.gateway }}
metric {{ vlan.ens.metric }}
mtu 1496
dns-nameservers {{ vlan.ens.dns }}
dns-search crans.org
up /sbin/ip link set $IFACE alias ens
{% if ansible_local.interfaces.sup_if_4 is defined %}
{% if ens_iface.stdout in ansible_local.interfaces.sup_if_4 %}
{% for line in ansible_local.interfaces.sup_if_4[ens_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}
iface {{ ens_iface.stdout }} inet6 static
address {{ ens.ipv6[0].address }}/{{ ens.ipv6[0].prefix }}
{% if ansible_local.interfaces.sup_if_6 is defined %}
{% if ens_iface.stdout in ansible_local.interfaces.sup_if_6 %}
{% for line in ansible_local.interfaces.sup_if_6[ens_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}

30
roles/interfaces/templates/network/interfaces.d/02-adm.j2
View File

@ -1,30 +0,0 @@
{{ ansible_header | comment }}
{% set adm = hostvars[inventory_hostname]['ansible_' + adm_iface.stdout] %}
auto {{ adm_iface.stdout }}
iface {{ adm_iface.stdout }} inet static
address {{ adm.ipv4.address }}
network {{ adm.ipv4.network }}
netmask {{ adm.ipv4.netmask }}
broadcast {{ adm.ipv4.broadcast }}
mtu 1496
dns-nameservers {{ vlan.adm.dns }}
dns-search adm.crans.org
up /sbin/ip link set $IFACE alias adm
{% if ansible_local.interfaces.sup_if_4 is defined %}
{% if adm_iface.stdout in ansible_local.interfaces.sup_if_4 %}
{% for line in ansible_local.interfaces.sup_if_4[adm_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}
iface {{ adm_iface.stdout }} inet6 static
address {{ adm.ipv6[0].address }}/{{ adm.ipv6[0].prefix }}
{% if ansible_local.interfaces.sup_if_6 is defined %}
{% if adm_iface.stdout in ansible_local.interfaces.sup_if_6 %}
{% for line in ansible_local.interfaces.sup_if_6[adm_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}

30
roles/interfaces/templates/network/interfaces.d/03-borne.j2
View File

@ -1,30 +0,0 @@
{{ ansible_header | comment }}
{% set borne = hostvars[inventory_hostname]['ansible_' + borne_iface.stdout] %}
auto {{ borne_iface.stdout }}
iface {{ borne_iface.stdout }} inet static
address {{ borne.ipv4.address }}
network {{ borne.ipv4.network }}
netmask {{ borne.ipv4.netmask }}
broadcast {{ borne.ipv4.broadcast }}
mtu 1496
dns-nameservers {{ vlan.borne.dns }}
dns-search borne.crans.org
up /sbin/ip link set $IFACE alias borne
{% if ansible_local.interfaces.sup_if_4 is defined %}
{% if borne_iface.stdout in ansible_local.interfaces.sup_if_4 %}
{% for line in ansible_local.interfaces.sup_if_4[borne_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}
iface {{ borne_iface.stdout }} inet6 static
address {{ borne.ipv6[0].address }}/{{ borne.ipv6[0].prefix }}
{% if ansible_local.interfaces.sup_if_6 is defined %}
{% if borne_iface.stdout in ansible_local.interfaces.sup_if_6 %}
{% for line in ansible_local.interfaces.sup_if_6[borne_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}

30
roles/interfaces/templates/network/interfaces.d/04-switch.j2
View File

@ -1,30 +0,0 @@
{{ ansible_header | comment }}
{% set switch = hostvars[inventory_hostname]['ansible_' + switch_iface.stdout] %}
auto {{ switch_iface.stdout }}
iface {{ switch_iface.stdout }} inet static
address {{ switch.ipv4.address }}
network {{ switch.ipv4.network }}
netmask {{ switch.ipv4.netmask }}
broadcast {{ switch.ipv4.broadcast }}
mtu 1496
dns-nameservers {{ vlan.switch.dns }}
dns-search switch.crans.org
up /sbin/ip link set $IFACE alias switch
{% if ansible_local.interfaces.sup_if_4 is defined %}
{% if switch_iface.stdout in ansible_local.interfaces.sup_if_4 %}
{% for line in ansible_local.interfaces.sup_if_4[switch_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}
iface {{ switch_iface.stdout }} inet6 static
address {{ switch.ipv6[0].address }}/{{ switch.ipv6[0].prefix }}
{% if ansible_local.interfaces.sup_if_6 is defined %}
{% if switch_iface.stdout in ansible_local.interfaces.sup_if_6 %}
{% for line in ansible_local.interfaces.sup_if_6[switch_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}

32
roles/interfaces/templates/network/interfaces.d/21-fil.j2
View File

@ -1,32 +0,0 @@
{{ ansible_header | comment }}
{% set fil = hostvars[inventory_hostname]['ansible_' + fil_iface.stdout] %}
auto {{ fil_iface.stdout }}
iface {{ fil_iface.stdout }} inet static
address {{ fil.ipv4.address }}
network {{ fil.ipv4.network }}
netmask {{ fil.ipv4.netmask }}
broadcast {{ fil.ipv4.broadcast }}
gateway {{ vlan.fil.gateway }}
metric {{ vlan.fil.metric }}
mtu 1496
dns-nameservers {{ vlan.fil.dns }}
dns-search fil.crans.org
up /sbin/ip link set $IFACE alias fil
{% if ansible_local.interfaces.sup_if_4 is defined %}
{% if fil_iface.stdout in ansible_local.interfaces.sup_if_4 %}
{% for line in ansible_local.interfaces.sup_if_4[fil_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}
iface {{ fil_iface.stdout }} inet6 static
address {{ fil.ipv6[0].address }}/{{ fil.ipv6[0].prefix }}
{% if ansible_local.interfaces.sup_if_6 is defined %}
{% if fil_iface.stdout in ansible_local.interfaces.sup_if_6 %}
{% for line in ansible_local.interfaces.sup_if_6[fil_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}

32
roles/interfaces/templates/network/interfaces.d/23-adh.j2
View File

@ -1,32 +0,0 @@
{{ ansible_header | comment }}
{% set adh = hostvars[inventory_hostname]['ansible_' + adh_iface.stdout] %}
auto {{ adh_iface.stdout }}
iface {{ adh_iface.stdout }} inet static
address {{ adh.ipv4.address }}
network {{ adh.ipv4.network }}
netmask {{ adh.ipv4.netmask }}
broadcast {{ adh.ipv4.broadcast }}
gateway {{ vlan.adh.gateway }}
metric {{ vlan.adh.metric }}
mtu 1496
dns-nameservers {{ vlan.adh.dns }}
dns-search crans.org
up /sbin/ip link set $IFACE alias adh
{% if ansible_local.interfaces.sup_if_4 is defined %}
{% if adh_iface.stdout in ansible_local.interfaces.sup_if_4 %}
{% for line in ansible_local.interfaces.sup_if_4[adh_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}
iface {{ adh_iface.stdout }} inet6 static
address {{ adh.ipv6[0].address }}/{{ adh.ipv6[0].prefix }}
{% if ansible_local.interfaces.sup_if_6 is defined %}
{% if adh_iface.stdout in ansible_local.interfaces.sup_if_6 %}
{% for line in ansible_local.interfaces.sup_if_6[adh_iface.stdout] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}

36
roles/interfaces/templates/network/interfaces.d/ifalias.j2 100644
View File

@ -0,0 +1,36 @@
{{ ansible_header | comment }}
{% set ifconfig = hostvars[inventory_hostname]['ansible_' + item.ifnames[0]] %}
auto {{ item.ifnames[0] }}
iface {{ item.ifnames[0] }} inet static
address {{ ifconfig.ipv4.address }}
network {{ ifconfig.ipv4.network }}
netmask {{ ifconfig.ipv4.netmask }}
broadcast {{ ifconfig.ipv4.broadcast }}
{% if item.gateway is defined %}
gateway {{ item.gateway }}
{% endif %}
{% if item.metric is defined %}
metric {{ item.metric }}
{% endif %}
mtu 1496
dns-nameservers {{ item.dns }}
dns-search {{ item.dns_search }}
up /sbin/ip link set $IFACE alias {{ item.name }}
{% if ansible_local.interfaces.sup_if_4 is defined %}
{% if item.ifnames[0] in ansible_local.interfaces.sup_if_4 %}
{% for line in ansible_local.interfaces.sup_if_4[item.ifnames[0]] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}
iface {{ item.ifnames[0] }} inet6 static
address {{ ifconfig.ipv6[0].address }}/{{ ifconfig.ipv6[0].prefix }}
{% if ansible_local.interfaces.sup_if_6 is defined %}
{% if item.ifnames[0] in ansible_local.interfaces.sup_if_6 %}
{% for line in ansible_local.interfaces.sup_if_6[item.ifnames[0]] %}
{{ line }}
{% endfor %}
{% endif %}
{% endif %}