[interfaces] Deploy /etc/network/interfaces for srv and ens

2020-04-20 19:46:47 +02:00 · 2020-04-20 19:46:47 +02:00 · d21a2116af
parent 8e1062459b
commit d21a2116af
6 changed files with 82 additions and 4 deletions
--- a/interfaces.yml
+++ b/interfaces.yml
@ -6,7 +6,19 @@
    - shell: grep adm /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||"
      register: adm_iface
      check_mode: no
+    - shell: grep srv /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||"
+      register: srv_iface
+      check_mode: no
+    - shell: grep ens /sys/class/net/*/ifalias | sed "s|/sys/class/net/||" | sed "s|/ifalias:.*||"
+      register: ens_iface
+      check_mode: no

 - hosts: boeing.adm.crans.org
+  vars:
+    - adm_dns: 10.231.136.152 10.231.136.4
+    - srv_gateway: 185.230.79.254
+    - srv_dns: 185.230.79.152 185.230.79.4
+    - ens_gateway: 138.231.136.254
+    - ens_dns: 138.231.136.152 138.231.136.4
  roles:
    - interfaces
--- a/roles/interfaces/tasks/main.yml
+++ b/roles/interfaces/tasks/main.yml
@ -1,4 +1,24 @@
 ---
+- name: Deploy default interfaces config
+  template:
+    src: network/interfaces.j2
+    dest: /etc/network/interfaces
+    mode: 0644
+
+- name: Deploy srv interface config
+  template:
+    src: network/interfaces.d/00-srv.j2
+    dest: /etc/network/interfaces.d/00-srv
+    mode: 0644
+  when: srv_iface.stdout
+
+- name: Deploy ens interface config
+  template:
+    src: network/interfaces.d/01-ens.j2
+    dest: /etc/network/interfaces.d/01-ens
+    mode: 0644
+  when: ens_iface.stdout
+
 - name: Deploy adm interface config
  template:
    src: network/interfaces.d/02-adm.j2
--- a/roles/interfaces/templates/network/interfaces.d/00-srv.j2
+++ b/roles/interfaces/templates/network/interfaces.d/00-srv.j2
@ -0,0 +1,19 @@
+{{ ansible_header | comment }}
+
+allow-hotplug {{ srv_iface.stdout }}
+iface {{ srv_iface.stdout }} inet static
+	address {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.address }}
+	network {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.network }}
+	netmask {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.netmask }}
+	broadcast {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv4.broadcast }}
+	gateway {{ srv_gateway }}
+	mtu 1496
+	dns-nameservers {{ srv_dns }}
+	dns-search crans.org
+	up /sbin/ip link set $IFACE alias srv
+
+iface {{ srv_iface.stdout }} inet6 static
+	address {{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + srv_iface.stdout].ipv6[0].prefix }}
+	autoconf 1
+	accept_ra 2
+	up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1
--- a/roles/interfaces/templates/network/interfaces.d/01-ens.j2
+++ b/roles/interfaces/templates/network/interfaces.d/01-ens.j2
@ -0,0 +1,19 @@
+{{ ansible_header | comment }}
+
+allow-hotplug {{ ens_iface.stdout }}
+iface {{ ens_iface.stdout }} inet static
+	address {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.address }}
+	network {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.network }}
+	netmask {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.netmask }}
+	broadcast {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv4.broadcast }}
+	gateway {{ ens_gateway }}
+	mtu 1496
+	dns-nameservers {{ ens_dns }}
+	dns-search crans.org
+	up /sbin/ip link set $IFACE alias ens
+
+iface {{ ens_iface.stdout }} inet6 static
+	address {{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + ens_iface.stdout].ipv6[0].prefix }}
+	autoconf 1
+	accept_ra 2
+	up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1
--- a/roles/interfaces/templates/network/interfaces.d/02-adm.j2
+++ b/roles/interfaces/templates/network/interfaces.d/02-adm.j2
@ -6,12 +6,10 @@ iface {{ adm_iface.stdout }} inet static
 	network {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.network }}
 	netmask {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.netmask }}
 	broadcast {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv4.broadcast }}
-	dns-nameservers 10.231.136.152 10.231.136.4
+	mtu 1496
+	dns-nameservers {{ adm_dns }}
 	dns-search adm.crans.org
 	up /sbin/ip link set $IFACE alias adm

 iface {{ adm_iface.stdout }} inet6 static
 	address {{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].address }}/{{ hostvars[inventory_hostname]['ansible_' + adm_iface.stdout].ipv6[0].prefix }}
-	autoconf 1
-	accept_ra 2
-	up /sbin/sysctl net/ipv6/conf/$IFACE/accept_ra_defrtr=1
--- a/roles/interfaces/templates/network/interfaces.j2
+++ b/roles/interfaces/templates/network/interfaces.j2
@ -0,0 +1,10 @@
+{{ ansible_header | comment }}
+
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback