diff --git a/README.md b/README.md index 0c2c846..7244942 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ _WARNING: This role can be dangerous to use. If you lose network connectivity to your target host by incorrectly configuring your networking, you may be unable to recover without physical access to the machine._ -This roles enables users to configure various network components on target +This role enables users to configure various network components on target machines. The role can be used to configure: - Ethernet interfaces @@ -16,9 +16,7 @@ machines. The role can be used to configure: ## Requirements - -This role requires Ansible 1.4 or higher, and platform requirements are listed -in the metadata file. +This role requires Ansible 2.5 or higher, and platform requirements are listed in the metadata file. ## Role Variables @@ -35,12 +33,154 @@ them are as follows: | `network_vlan_interfaces` | No | `[]` | The list of vlan interfaces to be added to the system. | | `network_check_packages` | No | `true` | Install packages listed in network_pkgs. | | `network_allow_service_restart` | No | `true` | Whether interfaces/networking should get reconfigured and restarted. | -| `network_modprobe_persist` | No | `true` | Persisting module loading. | +| `network_modprobe_persist` | No | `true` | Persistent module loading. | | `network_configured_interfaces_only` | No | `false` | Removes interfaces not configured over this role entirely when enabled. | | `network_interface_file_prefix` | No | `ifcfg-` | The prefix for interface configuration files. | -| `network_interface_file_postfix` | No | `` | The postfix for interface configuration files. | +| `network_interface_file_postfix` | No | `None` | The postfix for interface configuration files. | + + +## Defining Interfaces +The different types of interfaces can be configured with the following variables.(manual config currently only available for RedHat) + +Each of the `network_*_interfaces`role variables is a list of dictionaries describing the interface. These dictionaries are built out of the variables described in this section. + +#### Ethernet +_for use with `network_ether_interfaces`_ + +| Variable | OS | Required | Comments | +| ----------- | ------ | -------------- |----------------------- | +| device | * | Yes | Network interface name | +| type | RedHat | Optional | Config option `TYPE` | +| [_ADDR VARS_](#addr-vars) | * | - | + +#### Bond +_for use with `network_bond_interfaces`_ + +| Variable | OS | Required | Comments | +| ------------ | ------ | ----------------- | ---------------------------- | +| device | * | Yes | Network interface name | +| bond\_mode | * | Yes | Desired bonding mode | +| bond\_slaves | Debian | Yes | List of the slave interfaces | +| bond\_slaves | RedHat | For Auto Config | List of the slave interfaces | +| type | RedHat | For Manual Config | Config option `TYPE` | +| [_BOND VARS_](#bond-vars) | * | - | +| [_ADDR VARS_](#addr-vars) | * | - | + +#### Bond Slave (manual config) +| Variable | OS | Required | Comments | +| ----------- | ------ | -------- | ---------------------- | +| device | * | Yes | Network interface name | +| master | * | Yes | The bond interface | +| type | RedHat | Optional | Config option `TYPE` | + +#### Bridge +_for use with `network_bridge_interfaces`_ + +| Variable | OS | Required | Comments | +| ------------- | ------ | ----------------- | ----------------------------------------- | +| device | * | Yes | Network interface name | +| bridge\_ports | * | Optional | List of interfaces attached to the bridge | +| type | RedHat | For Manual Config | Config option `TYPE` | +| [_BRIDGE VARS_](#bridge-vars) | * | - | +| [_ADDR VARS_](#addr-vars) | * | - | + +#### Bridge Port (manual config) +| Variable | OS | Required | Comments | +| ----------- | ------ | ----------------- | ---------------------- | +| device | * | Yes | Network interface name | +| bridge | RedHat | For Manual Config | The bridge interface | +| type | RedHat | Optional | Config option `TYPE` | + +#### VLAN +_for use with `network_vlan_interfaces`_ + +| Variable | OS | Required | Comments | +| ------------- | ------ | -------- | ---------------------- | +| device | * | Yes | Network interface name | +| vlan | Redhat | Yes | boolean, set `True` | +| vlan\_physdev | RedHat | Optional | Device VLAN resides on, default value is extraced from device name | +| vlan\_id | RedHat | Optional | VLAN ID, default value is extraced from device name | +| reorder\_hdr | RedHat | Optional | +| [_ADDR VARS_](#addr-vars) | * | - | + + +#### _ADDR VARS_ +| Variable | OS | +| ---------------- | ------ | +| bootproto | * | +| address | * | +| netmask | * | +| gateway | * | +| cidr | Debian | +| network | Debian | +| broadcast | Debian | +| ipv6\_options | Debian | +| ipv6\_address | * | +| ipv6\_gateway | * | +| name | RedHat | +| nm\_controlled | RedHat | +| defroute | RedHat | +| stp | RedHat | +| mtu | RedHat | +| firewalld\_zone | RedHat | +| route | Debian | +| dns\_nameservers | Debian | +| dns\_search | Debian | +| dns\_domain | Debian | +| options | Debian | +| hwaddress | * | + +#### _BOND VARS_ +| Variable | OS | +| ------------------------ | ------ | +| bond\_miimon | * | +| bond\_lacp\_rate | Debian | +| bond\_xmit\_hash\_policy | * | +| bond\_downdelay | * | +| bond\_updelay | * | +| bond\_use\_carrier | * | +| bond\_primary | * | +| bond\_primary\_reselect | Debian | +| bond\_bond\_ad\_select | Debian | +| bond\_arp\_interval | Debian | +| bond\_arp\_ip\_target | Debian | +| bond\_arp\_validate | Debian | +| bond\_num\_grat\_arp | Debian | +| bond\_num\_unsol\_na | Debian | +| bond\_active\_slave | Debian | +| bond\_extra\_opts | RedHat | + +#### _BRIDGE VARS_ +| Variable | OS | +| -------------------| ------ | +| bridge\_ageing | Debian | +| bridge\_bridgeprio | Debian | +| bridge\_fd | Debian | +| bridge\_gcint | Debian | +| bridge\_hello | Debian | +| bridge\_maxage | Debian | +| bridge\_maxwait | Debian | +| bridge\_pathcost | Debian | +| bridge\_portprio | Debian | +| bridge\_stp | Debian | +| bridge\_waitport | Debian | + +## Combinations (RedHat Only) +(Currently only possible on RedHat systems) +Every type of interface can be configured using `network_ether_interfaces` by using the variables of the other interfaces types. There are some interfaces that can only be configured using a combination of the interface variables. Here is a list of the different interfaces and combinations thereof available to be configured using `network_ether_interfaces`: + +- [ethernet](#ethernet) +- [vlan](#vlan) +- [bond](#bond) +- [bond slave](#bond-slave-manual-config) +- [bond](#bond)+[vlan](#vlan) (VLAN on a Bond interface) +- [bridge](#bridge) +- [bridge port](#bridge-port-manual-config) +- [bond](#bond)+[bridge port](#bridge-port-manual-config) (Bond interface used as a bridge port. Exclude [_ADDR VARS_](#addr-vars)) +- [vlan](#vlan)+[bridge port](#bridge-port-manual-config) (VLAN interface used as a bridge port. Exclude [_ADDR VARS_](#addr-vars)) + + -Note: The values for the list are listed in the examples below. ## Examples @@ -64,7 +204,7 @@ If you want to use a different MAC Address for your Interface, you can simply ad ``` hwaddress: aa:bb:cc:dd:ee:ff ``` -On some rare occasion it might be good to set whatever option you like. Therefore it +On some rare occasion it might be good to set whatever options you like. Therefore(Debian systems only) it is possible to use ``` options: @@ -77,11 +217,9 @@ and the IPv6 version - "up /execute/my/command" - "down /execute/my/other/command" ``` - 1) Configure eth1 and eth2 on a host with a static IP and a dhcp IP. Also define static routes and a gateway. ``` - - hosts: myhost roles: - role: network @@ -103,8 +241,8 @@ define static routes and a gateway. Note: it is not required to add routes, default route will be added automatically. 2) Configure a bridge interface with multiple NICs added to the bridge. +(Note: these optional variables are only applicable for Debian systems) ``` - - hosts: myhost roles: - role: network @@ -127,13 +265,11 @@ Note: it is not required to add routes, default route will be added automaticall bridge_stp: "on" bridge_waitport: "5 eth1 eth2" ``` - Note: Routes can also be added for this interface in the same way routes are added for ethernet interfaces. 3) Configure a bond interface with an "active-backup" slave configuration. ``` - - hosts: myhost roles: - role: network @@ -153,7 +289,6 @@ added for ethernet interfaces. 4) Configure a bonded interface with "802.3ad" as the bonding mode and IP address obtained via DHCP. ``` - - hosts: myhost roles: - role: network @@ -168,7 +303,6 @@ address obtained via DHCP. 5) Configure a VLAN interface with the vlan tag 2 for an ethernet interface ``` - - hosts: myhost roles: - role: network @@ -183,7 +317,69 @@ address obtained via DHCP. cidr: 192.168.20.18/24 ``` -6) All the above examples show how to configure a single host, The below +6) It's also possible to configure all types of interfaces manually. +``` +network_ether_interfaces: + - device: eth0 + master: bond0 + - device: eth1 + master: bond0 + - device: bond0 + type: Bond + bond_mode: 802.3ad +``` +Configure a bridge on a bond interface. The bond must be configured. +``` +network_bond_interfaces: + - device: bond0 + bridge: br0 + bond_mode: 802.3ad + bond_miimon: 100 + bond_slaves: [eth0, eth1] + +network_bridge_interfaces: + - device: br0 + type: Bridge + address: 192.168.10.18 + netmask: 255.255.255.0 + gateway: 192.168.10.1 + bridge_ports: [bond0] +``` +The same as the above but completely manually.(Currently only possible on RedHat systems) +``` +network_ether_interfaces: + - device: eth0 + master: bond0 + - device: eth1 + master: bond0 + - device: bond0 + type: Bond + bridge: br0 + bond_mode: 802.3ad + bond_miimon: 100 + - device: br0 + type: Bridge + address: 192.168.10.18 + netmask: 255.255.255.0 + gateway: 192.168.10.1 +``` +Example of creating a vlan on a bond interface. +``` +network_ether_interfaces: + - device: bond0.201 + vlan: True + address: 192.168.100.78 + netmask: 255.255.255.0 + gateway: 192.168.100.1 + +network_bond_interfaces: + - device: bond0 + bond_mode: 802.3ad + bond_miimon: 100 + bond_slaves: [eth0, eth1] +``` + +7) All the above examples show how to configure a single host, The below example shows how to define your network configurations for all your machines. Assume your host inventory is as follows: @@ -198,41 +394,41 @@ Describe your network configuration for each host in host vars: ### host_vars/host1 ``` - network_ether_interfaces: - - device: eth1 - bootproto: static - address: 192.168.10.18 - netmask: 255.255.255.0 - gateway: 192.168.10.1 - route: - - network: 192.168.200.0 - netmask: 255.255.255.0 - gateway: 192.168.10.1 - network_bond_interfaces: - - device: bond0 - bootproto: dhcp - bond_mode: 802.3ad - bond_miimon: 100 - bond_slaves: [eth2, eth3] +network_ether_interfaces: + - device: eth1 + bootproto: static + address: 192.168.10.18 + netmask: 255.255.255.0 + gateway: 192.168.10.1 + route: + - network: 192.168.200.0 + netmask: 255.255.255.0 + gateway: 192.168.10.1 +network_bond_interfaces: + - device: bond0 + bootproto: dhcp + bond_mode: 802.3ad + bond_miimon: 100 + bond_slaves: [eth2, eth3] ``` ### host_vars/host2 ``` network_ether_interfaces: - - device: eth0 - bootproto: static - address: 192.168.10.18 - netmask: 255.255.255.0 - gateway: 192.168.10.1 + - device: eth0 + bootproto: static + address: 192.168.10.18 + netmask: 255.255.255.0 + gateway: 192.168.10.1 ``` -7) If resolvconf package should be used, it is possible to add some DNS configurations +8) If resolvconf package should be used, it is possible to add some DNS configurations ``` dns-nameserver: [ "8.8.8.8", "8.8.4.4" ] dns-search: "search.mydomain.tdl" dns-domain: "mydomain.tdl" ``` -8) You can add IPv6 static IP configuration on Ethernet, Bond or Bridge interfaces +9) You can add IPv6 static IP configuration on Ethernet, Bond or Bridge interfaces ``` ipv6_address: "aaaa:bbbb:cccc:dddd:dead:beef::1/64" ipv6_gateway: "aaaa:bbbb:cccc:dddd::1" @@ -240,16 +436,15 @@ ipv6_gateway: "aaaa:bbbb:cccc:dddd::1" Create a playbook which applies this role to all hosts as shown below, and run the playbook. All the servers should have their network interfaces configured -and routed updated. +and routes updated. ``` - - hosts: all roles: - role: network ``` -9) This role can also optionally add network interfaces to firewalld zones. The +10) This role can also optionally add network interfaces to firewalld zones. The core firewalld module (http://docs.ansible.com/ansible/latest/firewalld_module.html) can perform the same function, so if you make use of both modules then your playbooks may not be idempotent. Consider this case, where only the firewalld @@ -276,8 +471,8 @@ the eth0 interface to the public firewalld zone: Note: Ansible needs network connectivity throughout the playbook process, you may need to have a control interface that you do *not* modify using this method while changing IP Addresses so that Ansible has a stable connection -to configure the target systems. All network changes are done within a single -generated script and network connectivity is only lost for few seconds. +to configure the target systems. All network changes are activated within a single +generated script and network connectivity is only lost for a few seconds. ## Dependencies diff --git a/meta/main.yml b/meta/main.yml index bf62cf3..7c4a079 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -5,7 +5,7 @@ galaxy_info: author: "Benno Joy, Martin Verges, Luke Short, Eric Anderson" company: "AnsibleWorks, First Colo GmbH" license: BSD-2-Clause - min_ansible_version: 1.9 + min_ansible_version: 2.5 platforms: - name: Debian versions: diff --git a/tasks/Debian_initial.yml b/tasks/Debian_initial.yml index c76e662..b0d806d 100644 --- a/tasks/Debian_initial.yml +++ b/tasks/Debian_initial.yml @@ -1,9 +1,8 @@ --- - name: Install the required packages in Debian derivatives apt: - name: "{{ item }}" + name: "{{ network_pkgs }}" state: present - loop: "{{ network_pkgs }}" environment: "{{ env }}" when: network_check_packages diff --git a/tasks/RedHat_initial.yml b/tasks/RedHat_initial.yml index 522c44a..b702e61 100644 --- a/tasks/RedHat_initial.yml +++ b/tasks/RedHat_initial.yml @@ -1,9 +1,8 @@ --- -- name: Install the required packages in Redhat derivatives +- name: Install the required packages in Redhat derivatives yum: - name: "{{ item }}" - state: installed - loop: "{{ network_pkgs }}" + name: "{{ network_pkgs }}" + state: present when: network_check_packages - name: Write configuration files for rhel route configuration with vlan @@ -34,7 +33,7 @@ loop: "{{ network_bridge_interfaces }}" when: network_bridge_interfaces != [] and item.route is defined -- name: Cleanup gateway dev that does not set to the one we want +- name: Cleanup gateway dev that is not set to the one we want lineinfile: dest: /etc/sysconfig/network regexp: "^GATEWAYDEV=(?!{{ gateway_dev }})" diff --git a/tasks/RedHat_restart.yml b/tasks/RedHat_restart.yml index bda541b..319f313 100644 --- a/tasks/RedHat_restart.yml +++ b/tasks/RedHat_restart.yml @@ -35,24 +35,24 @@ state: restarted when: > (network_allow_service_restart - and network_service_enabled) - and (ether_result is changed - or bond_port_result is changed - or bond_result is changed - or vlan_result is changed - or bridge_result is changed - or bridge_port_result is changed) + and network_service_enabled) + and (ether_result is changed + or bond_port_result is changed + or bond_result is changed + or vlan_result is changed + or bridge_result is changed + or bridge_port_result is changed) - name: Restart the "NetworkManager" service on Red Hat systems service: - name: network + name: NetworkManager state: restarted when: > (network_allow_service_restart - and NetworkManager_service_enabled) and - (ether_result is changed or - bond_port_result is changed or - bond_result is changed or - vlan_result is changed or - bridge_result is changed or - bridge_port_result is changed) + and NetworkManager_service_enabled) + and (ether_result is changed + or bond_port_result is changed + or bond_result is changed + or vlan_result is changed + or bridge_result is changed + or bridge_port_result is changed) diff --git a/tasks/bond_interfaces.yml b/tasks/bond_interfaces.yml index 86cd103..7eb9bf9 100644 --- a/tasks/bond_interfaces.yml +++ b/tasks/bond_interfaces.yml @@ -1,15 +1,18 @@ --- -- name: Create the network configuration file for slave in the bond devices +- name: Create the network configuration files for slaves of the bond devices template: src: "bond_slave_{{ ansible_os_family }}.j2" dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.1 }}{{ network_interface_file_postfix }}" with_subelements: - "{{ network_bond_interfaces }}" - bond_slaves + when: not item.1 in network_ether_interfaces|map(attribute='device')|list and + not item.1 in network_bridge_interfaces|map(attribute='device')|list and + not item.1 in network_vlan_interfaces|map(attribute='device')|list register: bond_port_result notify: restart networking -- name: Create the network configuration file for bond devices +- name: Create the network configuration files for bond devices template: src: "bond_{{ ansible_os_family }}.j2" dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.device }}{{ network_interface_file_postfix }}" diff --git a/tasks/bridge_interfaces.yml b/tasks/bridge_interfaces.yml index 215fa98..ba5f9b6 100644 --- a/tasks/bridge_interfaces.yml +++ b/tasks/bridge_interfaces.yml @@ -1,5 +1,5 @@ --- -- name: Create the network configuration file for bridge devices +- name: Create the network configuration files for bridge devices template: src: "bridge_{{ ansible_os_family }}.j2" dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.device }}{{ network_interface_file_postfix }}" @@ -7,12 +7,16 @@ register: bridge_result notify: restart networking -- name: Create the network configuration file for port on the bridge devices +- name: Create the network configuration files for ports of the bridge devices template: src: "bridge_port_{{ ansible_os_family }}.j2" dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.1 }}{{ network_interface_file_postfix }}" with_subelements: - '{{ network_bridge_interfaces }}' - bridge_ports + - skip_missing: true + when: not item.1 in network_ether_interfaces|map(attribute='device')|list and + not item.1 in network_bond_interfaces|map(attribute='device')|list and + not item.1 in network_vlan_interfaces|map(attribute='device')|list register: bridge_port_result notify: restart networking diff --git a/tasks/ether_interfaces.yml b/tasks/ether_interfaces.yml index f08c43b..676dfca 100644 --- a/tasks/ether_interfaces.yml +++ b/tasks/ether_interfaces.yml @@ -1,5 +1,5 @@ --- -- name: Create the network configuration file for ethernet interfaces +- name: Create the network configuration files for ethernet interfaces template: src: "ethernet_{{ ansible_os_family }}.j2" dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.device }}{{ network_interface_file_postfix }}" diff --git a/tasks/vlan_interfaces.yml b/tasks/vlan_interfaces.yml index 88cc444..f0aff73 100644 --- a/tasks/vlan_interfaces.yml +++ b/tasks/vlan_interfaces.yml @@ -1,5 +1,5 @@ --- -- name: Create the network configuration file for vlan devices +- name: Create the network configuration files for vlan devices template: src: "ethernet_{{ ansible_os_family }}.j2" dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.device }}{{ network_interface_file_postfix }}" diff --git a/templates/Debian_bond_options.j2 b/templates/Debian_bond_options.j2 new file mode 100644 index 0000000..1739798 --- /dev/null +++ b/templates/Debian_bond_options.j2 @@ -0,0 +1,50 @@ + bond-mode {{ item.bond_mode }} + bond-miimon {{ item.bond_miimon | default(100) }} +{% if item.bond_mode == '802.3ad' or item.bond_mode == 4 %} + bond-lacp-rate {{ item.bond_lacp_rate | default('slow') }} +{% endif %} +{% if item.bond_mode == 2 or item.bond_mode == 'balance-xor' + or item.bond_mode == 4 or item.bond_mode == '802.3ad' + or item.bond_mode == 6 or item.bond_mode == 'balance-tlb' +%} + bond-xmit-hash-policy {{ item.bond_xmit_hash_policy | default('layer3+4') }} +{% endif %} +{% if item.bond_downdelay is defined %} + bond-downdelay {{ item.bond_downdelay }} +{% endif %} +{% if item.bond_updelay is defined %} + bond-updelay {{ item.bond_updelay }} +{% endif %} +{% if item.bond_ad_select is defined %} + bond-ad-select {{ item.bond_ad_select }} +{% endif %} +{% if item.bond_arp_interval is defined %} + bond-arp-interval {{ item.bond_arp_interval }} +{% endif %} +{% if item.bond_arp_ip_target is defined %} + bond-arp-ip-target {{ item.bond_arp_ip_target }} +{% endif %} +{% if item.bond_arp_validate is defined %} + bond-arp-validate {{ item.bond_arp_validate }} +{% endif %} +{% if item.bond_num_grat_arp is defined %} + bond-num-grat-arp {{ item.bond_num_grat_arp }} +{% endif %} +{% if item.bond_num_unsol_na is defined %} + bond-num-unsol-na {{ item.bond_num_unsol_na }} +{% endif %} +{% if item.bond_primary is defined %} + bond-primary {{ item.bond_primary }} +{% endif %} +{% if item.bond_primary_reselect is defined %} + bond-primary-reselect {{ item.bond_primary_reselect }} +{% endif %} +{% if item.bond_use_carrier is defined %} + bond-use-carrier {{ item.bond_use_carrier }} +{% endif %} +{% if item.bond_slaves is defined %} + bond-slaves {{ item.bond_slaves|join(' ') }} +{% endif %} +{% if item.bond_active_slave is defined %} + bond-active-slave {{ item.bond_active_slave }} +{% endif %} diff --git a/templates/Debian_bridge_options.j2 b/templates/Debian_bridge_options.j2 new file mode 100644 index 0000000..9a54212 --- /dev/null +++ b/templates/Debian_bridge_options.j2 @@ -0,0 +1,41 @@ +{% if item.bridge_ports is defined %} + bridge_ports {{ item.bridge_ports|join(' ') }} +{% else %} + bridge_ports none +{% endif %} +{% if item.bridge_ageing is defined %} + bridge_ageing {{ item.bridge_ageing }} +{% endif %} +{% if item.bridge_bridgeprio is defined %} + bridge_bridgeprio {{ item.bridge_bridgeprio }} +{% endif %} +{% if item.bridge_fd is defined %} + bridge_fd {{ item.bridge_fd }} +{% endif %} +{% if item.bridge_gcint is defined %} + bridge_gcint {{ item.bridge_gcint }} +{% endif %} +{% if item.bridge_hello is defined %} + bridge_hello {{ item.bridge_hello }} +{% endif %} +{% if item.hwaddress is defined %} + bridge_hw {{ item.hwaddress }} +{% endif %} +{% if item.bridge_maxage is defined %} + bridge_maxage {{ item.bridge_maxage }} +{% endif %} +{% if item.bridge_maxwait is defined %} + bridge_maxwait {{ item.bridge_maxwait }} +{% endif %} +{% if item.bridge_pathcost is defined %} + bridge_pathcost {{ item.bridge_pathcost }} +{% endif %} +{% if item.bridge_portprio is defined %} + bridge_portprio {{ item.bridge_portprio }} +{% endif %} +{% if item.bridge_stp is defined %} + bridge_stp {{ item.bridge_stp }} +{% endif %} +{% if item.bridge_waitport is defined %} + bridge_waitport {{ item.bridge_waitport }} +{% endif %} diff --git a/templates/RedHat_generic_options.j2 b/templates/RedHat_generic_options.j2 new file mode 100644 index 0000000..87f0145 --- /dev/null +++ b/templates/RedHat_generic_options.j2 @@ -0,0 +1,27 @@ +{% if item.dns_nameservers is defined %} + {% for dns_nameserver in item.dns_nameservers %} +DNS{{ loop.index }}={{ dns_nameserver }} + {% endfor %} +{% endif -%} + +{% if item.nm_controlled is defined %} +NM_CONTROLLED={{ item.nm_controlled | bool | ternary("yes", "no") }} +{% endif -%} + +{% if item.defroute is defined %} +DEFROUTE={{ item.defroute | bool | ternary("yes", "no") }} +{% endif -%} + +{% if item.stp is defined %} +STP={{ item.stp }} +{% endif -%} + +{% if item.mtu is defined %} +MTU={{ item.mtu }} +{% endif -%} + +{% if item.firewalld_zone is defined %} +ZONE={{ item.firewalld_zone }} +{% endif -%} + +ONBOOT={{ item.onboot|default("yes") }} diff --git a/templates/RedHat_ipv6_options.j2 b/templates/RedHat_ipv6_options.j2 new file mode 100644 index 0000000..f1d2616 --- /dev/null +++ b/templates/RedHat_ipv6_options.j2 @@ -0,0 +1,15 @@ +{% if item.ipv6_address is defined %} +IPV6INIT="yes" +IPV6_AUTOCONF="yes" +IPV6_DEFROUTE="yes" +IPV6_FAILURE_FATAL="no" +IPV6_FORWARDING="yes" +IPV6_PEERDNS="yes" +IPV6_PEERROUTES="yes" +IPV6_PRIVACY="no" +IPV6ADDR={{ item.ipv6_address }} +{% endif -%} + +{% if item.ipv6_gateway is defined %} +IPV6_DEFAULTGW="{{ item.ipv6_gateway }}" +{% endif -%} diff --git a/templates/ethernet_RedHat_vlan_options.j2 b/templates/RedHat_vlan_options.j2 similarity index 97% rename from templates/ethernet_RedHat_vlan_options.j2 rename to templates/RedHat_vlan_options.j2 index f2d7358..b1319a5 100644 --- a/templates/ethernet_RedHat_vlan_options.j2 +++ b/templates/RedHat_vlan_options.j2 @@ -1,5 +1,4 @@ VLAN=yes -TYPE=Vlan {% if item.vlan_physdev is defined %} PHYSDEV={{ item.vlan_physdev }} {% else %} diff --git a/templates/bond_Debian.j2 b/templates/bond_Debian.j2 index 571852e..aff0279 100644 --- a/templates/bond_Debian.j2 +++ b/templates/bond_Debian.j2 @@ -1,3 +1,4 @@ +# {{ ansible_managed }} auto {{ item.device }} iface {{ item.device }} inet {% if item.bootproto is defined %}{{ item.bootproto }}{% elif item.cidr is defined or item.address is defined %}static{% else %}dhcp{% endif %} @@ -6,60 +7,8 @@ iface {{ item.device }} inet {% if item.bootproto is defined %}{{ item.bootproto {% include 'Debian_resolvconf.j2' %} {% include 'route_Debian.j2' %} -{% if item.bond_mode is defined and item.bond_slaves is defined %} {% if item.bond_mode is defined %} - bond-mode {{ item.bond_mode }} - bond-miimon {{ item.bond_miimon | default(100) }} -{% if item.bond_mode == '802.3ad' or item.bond_mode == 4 %} - bond-lacp-rate {{ item.bond_lacp_rate | default('slow') }} -{% endif %} -{% if item.bond_mode == 2 or item.bond_mode == 'balance-xor' - or item.bond_mode == 4 or item.bond_mode == '802.3ad' - or item.bond_mode == 6 or item.bond_mode == 'balance-tlb' -%} - bond-xmit-hash-policy {{ item.bond_xmit_hash_policy | default('layer3+4') }} -{% endif %} - -{% if item.bond_downdelay is defined %} - bond-downdelay {{ item.bond_downdelay }} -{% endif %} -{% if item.bond_updelay is defined %} - bond-updelay {{ item.bond_updelay }} -{% endif %} -{% if item.bond_ad_select is defined %} - bond-ad-select {{ item.bond_ad_select }} -{% endif %} -{% if item.bond_arp_interval is defined %} - bond-arp-interval {{ item.bond_arp_interval }} -{% endif %} -{% if item.bond_arp_ip_target is defined %} - bond-arp-ip-target {{ item.bond_arp_ip_target }} -{% endif %} -{% if item.bond_arp_validate is defined %} - bond-arp-validate {{ item.bond_arp_validate }} -{% endif %} -{% if item.bond_num_grat_arp is defined %} - bond-num-grat-arp {{ item.bond_num_grat_arp }} -{% endif %} -{% if item.bond_num_unsol_na is defined %} - bond-num-unsol-na {{ item.bond_num_unsol_na }} -{% endif %} -{% if item.bond_primary is defined %} - bond-primary {{ item.bond_primary }} -{% endif %} -{% if item.bond_primary_reselect is defined %} - bond-primary-reselect {{ item.bond_primary_reselect }} -{% endif %} -{% if item.bond_use_carrier is defined %} - bond-use-carrier {{ item.bond_use_carrier }} -{% endif %} -{% if item.bond_slaves is defined %} - bond-slaves {{ item.bond_slaves|join(' ') }} -{% endif %} -{% if item.bond_active_slave is defined %} - bond-active-slave {{ item.bond_active_slave }} -{% endif %} -{% endif %} +{% include 'Debian_bond_options.j2' %} {% endif %} {% if item.hwaddress is defined %} diff --git a/templates/bond_RedHat.j2 b/templates/bond_RedHat.j2 index 7451476..f1a6ef8 100644 --- a/templates/bond_RedHat.j2 +++ b/templates/bond_RedHat.j2 @@ -1,10 +1,13 @@ #jinja2: lstrip_blocks: "True", trim_blocks: "True" -{% if item.bootproto != 'dhcp' %} +# {{ ansible_managed }} +NAME={{ item.name | default(item.device) }} DEVICE={{ item.device }} -USERCTL=no -BOOTPROTO={{ item.bootproto|default('static') }} -BONDING_MASTER=yes TYPE=Bond +USERCTL=no +{% if item.bootproto is defined and item.bootproto == 'dhcp' %} +BOOTPROTO=dhcp +{% else %} +BOOTPROTO={{ item.bootproto|default('none') }} {% if item.address is defined %} IPADDR={{ item.address }} {% endif -%} @@ -16,48 +19,15 @@ NETMASK={{ item.netmask }} {% if item.gateway is defined %} GATEWAY={{ item.gateway }} {% endif -%} - - {% include "RedHat_bond_options.j2" %} -{% endif -%} - -{% if item.dns_nameservers is defined %} - {% for dns_nameserver in item.dns_nameservers %} -DNS{{ loop.index }}={{ dns_nameserver }} - {% endfor %} {% endif -%} -{% if item.bootproto == 'dhcp' %} -DEVICE={{ item.device }} +BONDING_MASTER=yes {% include "RedHat_bond_options.j2" %} -USERCTL=no -BOOTPROTO=dhcp -TYPE=Bond -{% endif -%} - -{% if item.onboot is defined %} -ONBOOT={{ item.onboot | bool | ternary("yes", "no") }} -{% endif -%} - -{% if item.nm_controlled is defined %} -NM_CONTROLLED={{ item.nm_controlled }} -{% endif -%} - -{% if item.defroute is defined %} -DEFROUTE={{ item.defroute | bool | ternary("yes", "no") }} -{% endif -%} - -{% if item.mtu is defined %} -MTU={{ item.mtu }} -{% endif -%} - -{% if item.bonding_master is defined %} -BONDING_MASTER={{ item.bonding_master }} -{% endif -%} {% if item.bridge is defined %} BRIDGE={{ item.bridge }} {% endif -%} -{% if item.firewalld_zone is defined %} -ZONE={{ item.firewalld_zone }} -{% endif -%} +{% include "RedHat_ipv6_options.j2" -%} + +{% include "RedHat_generic_options.j2" %} diff --git a/templates/bond_slave_Debian.j2 b/templates/bond_slave_Debian.j2 index ebbc839..c2717a4 100644 --- a/templates/bond_slave_Debian.j2 +++ b/templates/bond_slave_Debian.j2 @@ -1,3 +1,4 @@ +# {{ ansible_managed }} auto {{ item.1 }} iface {{ item.1 }} inet manual bond-master {{ item.0.device }} diff --git a/templates/bond_slave_RedHat.j2 b/templates/bond_slave_RedHat.j2 index 3b9b37b..2359fbc 100644 --- a/templates/bond_slave_RedHat.j2 +++ b/templates/bond_slave_RedHat.j2 @@ -1,17 +1,8 @@ +# {{ ansible_managed }} +NAME={{ item.1 }} DEVICE={{ item.1 }} BOOTPROTO=none MASTER={{ item.0.device }} ONBOOT=yes SLAVE=yes USERCTL=no -{% if item.nm_controlled is defined %} -NM_CONTROLLED={{ item.nm_controlled }} -{% endif -%} - -{% if item.defroute is defined %} -DEFROUTE={{ item.defroute | bool | ternary("yes", "no") }} -{% endif -%} - -{% if item.0.mtu is defined %} -MTU={{ item.0.mtu }} -{% endif %} diff --git a/templates/bridge_Debian.j2 b/templates/bridge_Debian.j2 index 579ddea..8408181 100644 --- a/templates/bridge_Debian.j2 +++ b/templates/bridge_Debian.j2 @@ -1,3 +1,4 @@ +# {{ ansible_managed }} auto {{ item.device }} iface {{ item.device }} inet {% if item.bootproto is defined %}{{ item.bootproto }}{% elif item.cidr is defined or item.address is defined %}static{% else %}dhcp{% endif %} @@ -5,52 +6,7 @@ iface {{ item.device }} inet {% if item.bootproto is defined %}{{ item.bootproto {% include 'Debian_ipv4_config.j2' %} {% include 'Debian_resolvconf.j2' %} {% include 'route_Debian.j2' %} -{% if item.bridge_ports is defined %} - bridge_ports {{ item.bridge_ports|join(' ') }} -{% else %} - bridge_ports none -{% endif %} -{% if item.bridge_ageing is defined %} - bridge_ageing {{ item.bridge_ageing }} -{% endif %} -{% if item.bridge_bridgeprio is defined %} - bridge_bridgeprio {{ item.bridge_bridgeprio }} -{% endif %} -{% if item.bridge_fd is defined %} - bridge_fd {{ item.bridge_fd }} -{% endif %} -{% if item.bridge_gcint is defined %} - bridge_gcint {{ item.bridge_gcint }} -{% endif %} -{% if item.bridge_hello is defined %} - bridge_hello {{ item.bridge_hello }} -{% endif %} -{% if item.hwaddress is defined %} - bridge_hw {{ item.hwaddress }} -{% endif %} -{% if item.bridge_maxage is defined %} - bridge_maxage {{ item.bridge_maxage }} -{% endif %} -{% if item.bridge_maxwait is defined %} - bridge_maxwait {{ item.bridge_maxwait }} -{% endif %} -{% if item.bridge_pathcost is defined %} - bridge_pathcost {{ item.bridge_pathcost }} -{% endif %} -{% if item.bridge_portprio is defined %} - bridge_portprio {{ item.bridge_portprio }} -{% endif %} -{% if item.bridge_stp is defined %} - bridge_stp {{ item.bridge_stp }} -{% endif %} -{% if item.bridge_waitport is defined %} - bridge_waitport {{ item.bridge_waitport }} -{% endif %} -{% if item.options is defined %} -{% for option in item.options %} - {{ option }} -{% endfor %} -{% endif %} +{% include 'Debian_bridge_options.j2' %} {% if item.ipv6_address is defined %} iface {{ item.device }} inet6 static diff --git a/templates/bridge_RedHat.j2 b/templates/bridge_RedHat.j2 index eabaca9..4cc20d6 100644 --- a/templates/bridge_RedHat.j2 +++ b/templates/bridge_RedHat.j2 @@ -1,16 +1,12 @@ #jinja2: lstrip_blocks: "True", trim_blocks: "True" -{% if item.bootproto == 'static' %} +# {{ ansible_managed }} +NAME={{ item.name | default(item.device) }} DEVICE={{ item.device }} TYPE=Bridge -BOOTPROTO=none - {% if item.mtu is defined %} -MTU={{ item.mtu }} - {% endif -%} - - {% if item.stp is defined %} -STP={{ item.stp }} - {% endif -%} - +{% if item.bootproto is defined and item.bootproto == 'dhcp' %} +BOOTPROTO=dhcp +{% else %} +BOOTPROTO={{ item.bootproto|default("none") }} {% if item.address is defined %} IPADDR={{ item.address }} {% endif -%} @@ -22,60 +18,8 @@ NETMASK={{ item.netmask }} {% if item.gateway is defined %} GATEWAY={{ item.gateway }} {% endif -%} - {% endif -%} -{% if item.dns_nameservers is defined %} - {% for dns_nameserver in item.dns_nameservers %} -DNS{{ loop.index }}={{ dns_nameserver }} - {% endfor %} -{% endif -%} - -{% if item.bootproto == 'dhcp' %} -DEVICE={{ item.device }} -TYPE=bridge -BOOTPROTO=dhcp - {% if item.mtu is defined %} -MTU={{ item.mtu }} - {% endif -%} - - {% if item.stp is defined %} -STP={{ item.stp }} - {% endif %} -{% endif -%} - -{% if item.onboot is defined %} -ONBOOT={{ item.onboot | bool | ternary("yes", "no") }} -{% endif -%} - -{% if item.nm_controlled is defined %} -NM_CONTROLLED={{ item.nm_controlled }} -{% endif -%} - -{% if item.ipv6_address is defined %} -IPV6INIT="yes" -IPV6_AUTOCONF="yes" -IPV6_DEFROUTE="yes" -IPV6_FAILURE_FATAL="no" -IPV6_FORWARDING="yes" -IPV6_PEERDNS="yes" -IPV6_PEERROUTES="yes" -IPV6_PRIVACY="no" -IPV6ADDR={{ item.ipv6_address }} -{% endif -%} - -{% if item.ipv6_gateway is defined %} -IPV6_DEFAULTGW="{{ item.ipv6_gateway }}" -{% endif -%} - -{% if item.defroute is defined %} -DEFROUTE={{ item.defroute | bool | ternary("yes", "no") }} -{% endif -%} - -{% if item.mtu is defined %} -MTU={{ item.mtu }} -{% endif -%} +{% include "RedHat_ipv6_options.j2" -%} -{% if item.firewalld_zone is defined %} -ZONE={{ item.firewalld_zone }} -{% endif %} +{% include "RedHat_generic_options.j2" %} diff --git a/templates/bridge_port_Debian.j2 b/templates/bridge_port_Debian.j2 index 97d5ce5..1714a98 100644 --- a/templates/bridge_port_Debian.j2 +++ b/templates/bridge_port_Debian.j2 @@ -1,3 +1,4 @@ +# {{ ansible_managed }} auto {{ item.1 }} iface {{ item.1 }} inet manual {% if item.0.promisc is defined %} diff --git a/templates/bridge_port_RedHat.j2 b/templates/bridge_port_RedHat.j2 index 2575b62..376f0e4 100644 --- a/templates/bridge_port_RedHat.j2 +++ b/templates/bridge_port_RedHat.j2 @@ -1,6 +1,9 @@ +# {{ ansible_managed }} +NAME={{ item.1 }} DEVICE={{ item.1 }} TYPE=Ethernet BOOTPROTO=none +ONBOOT={{ item.onboot|default("yes") }} BRIDGE={{ item.0.device }} {% if item.mtu is defined %} MTU={{ item.mtu }} diff --git a/templates/ethernet_Debian.j2 b/templates/ethernet_Debian.j2 index 474486b..36a4eb2 100644 --- a/templates/ethernet_Debian.j2 +++ b/templates/ethernet_Debian.j2 @@ -1,3 +1,4 @@ +# {{ ansible_managed }} auto {{ item.device }} iface {{ item.device }} inet {% if item.bootproto is defined %}{{ item.bootproto }}{% elif item.cidr is defined or item.address is defined %}static{% else %}dhcp{% endif %} diff --git a/templates/ethernet_RedHat.j2 b/templates/ethernet_RedHat.j2 index c330401..5d072df 100644 --- a/templates/ethernet_RedHat.j2 +++ b/templates/ethernet_RedHat.j2 @@ -1,7 +1,11 @@ #jinja2: lstrip_blocks: "True", trim_blocks: "True" -{% if item.bootproto == 'static' %} +# {{ ansible_managed }} +NAME={{ item.name | default(item.device) }} DEVICE={{ item.device }} -BOOTPROTO=static +{% if item.bootproto is defined and item.bootproto == 'dhcp' %} +BOOTPROTO=dhcp +{% else %} +BOOTPROTO={{ item.bootproto|default("none") }} {% if item.address is defined %} IPADDR={{ item.address }} {% endif -%} @@ -13,63 +17,34 @@ NETMASK={{ item.netmask }} {% if item.gateway is defined %} GATEWAY={{ item.gateway }} {% endif -%} - - {% if item.vlan is defined and item.vlan | bool %} -{% include "ethernet_RedHat_vlan_options.j2" %} - {% endif -%} - -{% endif -%} - -{% if item.dns_nameservers is defined %} - {% for dns_nameserver in item.dns_nameservers %} -DNS{{ loop.index }}={{ dns_nameserver }} - {% endfor %} {% endif -%} -{% if item.hwaddress is defined%} +{% if item.hwaddress is defined %} HWADDR={{ item.hwaddress }} {% endif -%} -{% if item.bootproto == 'dhcp' %} -DEVICE={{ item.device }} -BOOTPROTO=dhcp - {% if item.vlan is defined and item.vlan | bool %} -{% include "ethernet_RedHat_vlan_options.j2" %} - {% endif %} -{% endif -%} - -{% if item.nm_controlled is defined %} -NM_CONTROLLED={{ item.nm_controlled }} +{% if item.vlan is defined and item.vlan | bool %} +TYPE=Vlan +{% include "RedHat_vlan_options.j2" %} +{% else %} +TYPE={{ item.type | default("Ethernet") }} {% endif -%} -{% if item.ipv6_address is defined %} -IPV6INIT="yes" -IPV6_AUTOCONF="yes" -IPV6_DEFROUTE="yes" -IPV6_FAILURE_FATAL="no" -IPV6_FORWARDING="yes" -IPV6_PEERDNS="yes" -IPV6_PEERROUTES="yes" -IPV6_PRIVACY="no" -IPV6ADDR={{ item.ipv6_address }} +{% if item.bridge is defined %} +BRIDGE={{ item.bridge }} {% endif -%} -{% if item.ipv6_gateway is defined %} -IPV6_DEFAULTGW="{{ item.ipv6_gateway }}" -{% endif -%} +{% if item.type is defined and item.type == "Bond" %} +BONDING_MASTER=yes +{% include "RedHat_bond_options.j2" %} -{% if item.onboot is defined %} -ONBOOT={{ item.onboot | bool | ternary("yes", "no") }} {% endif -%} -{% if item.defroute is defined %} -DEFROUTE={{ item.defroute | bool | ternary("yes", "no") }} +{% if item.master is defined %} +MASTER={{ item.master }} +SLAVE=yes {% endif -%} -{% if item.mtu is defined %} -MTU={{ item.mtu }} -{% endif -%} +{% include "RedHat_ipv6_options.j2" -%} -{% if item.firewalld_zone is defined %} -ZONE={{ item.firewalld_zone }} -{% endif %} +{% include "RedHat_generic_options.j2" %} diff --git a/templates/route_Debian.j2 b/templates/route_Debian.j2 index e9be6d7..4d1863a 100644 --- a/templates/route_Debian.j2 +++ b/templates/route_Debian.j2 @@ -1,3 +1,4 @@ +# {{ ansible_managed }} {% if item.route is defined %} {% for i in item.route %} {% if i.cidr is defined %} diff --git a/templates/route_RedHat.j2 b/templates/route_RedHat.j2 index 0a71ec7..5a02be4 100644 --- a/templates/route_RedHat.j2 +++ b/templates/route_RedHat.j2 @@ -1,8 +1,13 @@ #jinja2: lstrip_blocks: "True", trim_blocks: "True" +# {{ ansible_managed }} {% for i in item.route %} + {% if i is mapping %} ADDRESS{{ loop.index - 1 }}={{ i.network }} NETMASK{{ loop.index - 1 }}={{ i.netmask }} - {% if i.gateway is defined %} + {% if i.gateway is defined %} GATEWAY{{ loop.index - 1 }}={{ i.gateway }} + {% endif %} + {% else %} +{{ i }} {% endif %} {% endfor %}