From d21a2116af4a1e24fd84df93ec1b056671915834 Mon Sep 17 00:00:00 2001 From: Benjamin Graillot Date: Mon, 20 Apr 2020 19:46:47 +0200 Subject: [PATCH] [interfaces] Deploy /etc/network/interfaces for srv and ens --- interfaces.yml | 12 +++++++++++ roles/interfaces/tasks/main.yml | 20 +++++++++++++++++++ .../templates/network/interfaces.d/00-srv.j2 | 19 ++++++++++++++++++ .../templates/network/interfaces.d/01-ens.j2 | 19 ++++++++++++++++++ .../templates/network/interfaces.d/02-adm.j2 | 6 ++---- .../templates/network/interfaces.j2 | 10 ++++++++++ 6 files changed, 82 insertions(+), 4 deletions(-) create mode 100644 roles/interfaces/templates/network/interfaces.d/00-srv.j2 create mode 100644 roles/interfaces/templates/network/interfaces.d/01-ens.j2 create mode 100644 roles/interfaces/templates/network/interfaces.j2 diff --git a/interfaces.yml b/interfaces.yml index 0d028edc..872d81ee 100755 --- a/interfaces.yml +++ b/interfaces.yml @@ -6,7 +6,19 @@ - shell: grep adm /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" register: adm_iface check_mode: no + - shell: grep srv /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" + register: srv_iface + check_mode: no + - shell: grep ens /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||" + register: ens_iface + check_mode: no - hosts: boeing.adm.crans.org + vars: + - adm_dns: 10.231.136.152 10.231.136.4 + - srv_gateway: 185.230.79.254 + - srv_dns: 185.230.79.152 185.230.79.4 + - ens_gateway: 138.231.136.254 + - ens_dns: 138.231.136.152 138.231.136.4 roles: - interfaces diff --git a/roles/interfaces/tasks/main.yml b/roles/interfaces/tasks/main.yml index 095878e4..336a267d 100644 --- a/roles/interfaces/tasks/main.yml +++ b/roles/interfaces/tasks/main.yml @@ -1,4 +1,24 @@ --- +- name: Deploy default interfaces config + template: + src: network/interfaces.j2 + dest: /etc/network/interfaces + mode: 0644 + +- name: Deploy srv interface config + template: + src: network/interfaces.d/00-srv.j2 + dest: /etc/network/interfaces.d/00-srv + mode: 0644 + when: srv_iface.stdout + +- name: Deploy ens interface config + template: + src: network/interfaces.d/01-ens.j2 + dest: /etc/network/interfaces.d/01-ens + mode: 0644 + when: ens_iface.stdout + - name: Deploy adm interface config template: src: network/interfaces.d/02-adm.j2 diff --git a/roles/interfaces/templates/network/interfaces.d/00-srv.j2 b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 new file mode 100644 index 00000000..4c7468a1 --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.d/00-srv.j2 @@ -0,0 +1,19 @@ +{{ ansible_header | comment }} + +allow-hotplug {{ srv_iface.stdout }} +iface {{ srv_iface.stdout }} inet static + address {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.address }} + network {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.network }} + netmask {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.netmask }} + broadcast {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.broadcast }} + gateway {{ srv_gateway }} + mtu 1496 + dns-nameservers {{ srv_dns }} + dns-search crans.org + up /sbin/ip link set $IFACE alias srv + +iface {{ srv_iface.stdout }} inet6 static + address {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv6[0].prefix }} + autoconf 1 + accept_ra 2 + up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 diff --git a/roles/interfaces/templates/network/interfaces.d/01-ens.j2 b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 new file mode 100644 index 00000000..d168be5d --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.d/01-ens.j2 @@ -0,0 +1,19 @@ +{{ ansible_header | comment }} + +allow-hotplug {{ ens_iface.stdout }} +iface {{ ens_iface.stdout }} inet static + address {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.address }} + network {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.network }} + netmask {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.netmask }} + broadcast {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.broadcast }} + gateway {{ ens_gateway }} + mtu 1496 + dns-nameservers {{ ens_dns }} + dns-search crans.org + up /sbin/ip link set $IFACE alias ens + +iface {{ ens_iface.stdout }} inet6 static + address {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv6[0].prefix }} + autoconf 1 + accept_ra 2 + up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 diff --git a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 index 79cbe5fa..d0b5b833 100644 --- a/roles/interfaces/templates/network/interfaces.d/02-adm.j2 +++ b/roles/interfaces/templates/network/interfaces.d/02-adm.j2 @@ -6,12 +6,10 @@ iface {{ adm_iface.stdout }} inet static network {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.network }} netmask {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.netmask }} broadcast {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.broadcast }} - dns-nameservers 10.231.136.152 10.231.136.4 + mtu 1496 + dns-nameservers {{ adm_dns }} dns-search adm.crans.org up /sbin/ip link set $IFACE alias adm iface {{ adm_iface.stdout }} inet6 static address {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].prefix }} - autoconf 1 - accept_ra 2 - up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1 diff --git a/roles/interfaces/templates/network/interfaces.j2 b/roles/interfaces/templates/network/interfaces.j2 new file mode 100644 index 00000000..0c339966 --- /dev/null +++ b/roles/interfaces/templates/network/interfaces.j2 @@ -0,0 +1,10 @@ +{{ ansible_header | comment }} + +# This file describes the network interfaces available on your system +# and how to activate them. For more information, see interfaces(5). + +source /etc/network/interfaces.d/* + +# The loopback network interface +auto lo +iface lo inet loopback