mirror of
https://gitea.0xace.cc/ansible-galaxy/network.git
synced 2024-11-24 22:36:38 +00:00
update
This commit is contained in:
parent
8ba560a810
commit
8aa06f4399
29
README.md
29
README.md
@ -1,9 +1,18 @@
|
|||||||
Configure interfaces and pbr for RHEL and its derivatives
|
Configure interfaces and pbr for RedHat and Debian based distros
|
||||||
|
|
||||||
|
Supported OS with Network Manager:
|
||||||
|
- Rocky Linux 8/9
|
||||||
|
- AlmaLinux 8/9
|
||||||
|
- CentOS 7
|
||||||
|
- Debian 11/12
|
||||||
|
- Ubuntu 20.04/22.04
|
||||||
|
|
||||||
|
Limited support for network-scripts available for CentOS 7.
|
||||||
Supported iterface types for network-scripts:
|
Supported iterface types for network-scripts:
|
||||||
- ethernet (default)
|
- ethernet (default)
|
||||||
- loopback
|
- loopback
|
||||||
|
|
||||||
For RHEL8 use:
|
Example with Network Manager:
|
||||||
|
|
||||||
network:
|
network:
|
||||||
network_manager:
|
network_manager:
|
||||||
@ -20,8 +29,20 @@ For RHEL8 use:
|
|||||||
- "18.12.3.1/32"
|
- "18.12.3.1/32"
|
||||||
routing_rules4:
|
routing_rules4:
|
||||||
- priority 5 from 18.12.3.1 table 200
|
- priority 5 from 18.12.3.1 table 200
|
||||||
|
|
||||||
For RHEL7 use:
|
Example for simple policy base routing with Network Manager:
|
||||||
|
|
||||||
|
network:
|
||||||
|
network_manager:
|
||||||
|
iface:
|
||||||
|
- conn_name: 'System eth1'
|
||||||
|
routes4:
|
||||||
|
- 0.0.0.0/0 192.168.78.1 table=400
|
||||||
|
routing_rules4:
|
||||||
|
- priority 10 from {{ ansible_eth1.ipv4.address }} table 400
|
||||||
|
- priority 10 from 192.168.78.251 table 400
|
||||||
|
|
||||||
|
Example with network-scripts:
|
||||||
|
|
||||||
network:
|
network:
|
||||||
network_scripts:
|
network_scripts:
|
||||||
|
@ -5,5 +5,5 @@
|
|||||||
loop: "{{ reload_interfaces | unique }}"
|
loop: "{{ reload_interfaces | unique }}"
|
||||||
|
|
||||||
- name: Reload interface with nmcli
|
- name: Reload interface with nmcli
|
||||||
command: nmcli conn up {{ item }}
|
command: nmcli conn up "{{ item }}"
|
||||||
loop: "{{ reload_interfaces | unique }}"
|
loop: "{{ reload_interfaces | unique }}"
|
||||||
|
9
tasks/Debian/main.yaml
Normal file
9
tasks/Debian/main.yaml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
---
|
||||||
|
- name: Configure network with network-manager
|
||||||
|
block:
|
||||||
|
- name: Configure interfaces and routes with nmcli
|
||||||
|
vars:
|
||||||
|
iface: "{{ item }}"
|
||||||
|
include_tasks: network_manager.yaml
|
||||||
|
loop: "{{ network.network_manager.iface }}"
|
||||||
|
when: network.network_manager is defined
|
79
tasks/Debian/network_manager.yaml
Normal file
79
tasks/Debian/network_manager.yaml
Normal file
@ -0,0 +1,79 @@
|
|||||||
|
---
|
||||||
|
- block:
|
||||||
|
- name: "{{ iface.conn_name }} | Configure interface with nmcli"
|
||||||
|
community.general.nmcli:
|
||||||
|
conn_name: "{{ iface.conn_name }}"
|
||||||
|
type: "{{ iface.type | default('ethernet') }}"
|
||||||
|
ip4: "{{ omit if iface.ip4 is not defined else (iface.ip4|join(', ')) }}"
|
||||||
|
ip6: "{{ omit if iface.ip6 is not defined else (iface.ip6|join(', ')) }}"
|
||||||
|
gw4: "{{ iface.gw4 | default(omit) }}"
|
||||||
|
gw6: "{{ iface.gw6 | default(omit) }}"
|
||||||
|
dns4: "{{ iface.dns4 | default(omit) }}"
|
||||||
|
dns6: "{{ iface.dns6 | default(omit) }}"
|
||||||
|
never_default4: "{{ iface.never_default4 | default(omit) }}"
|
||||||
|
vlanid: "{{ iface.vlanid | default(omit) }}"
|
||||||
|
mtu: "{{ iface.mtu | default(0) }}"
|
||||||
|
zone: "{{ iface.zone | default(omit) }}"
|
||||||
|
state: present
|
||||||
|
notify:
|
||||||
|
- Reload interface with nmcli
|
||||||
|
register: configure_interface
|
||||||
|
|
||||||
|
- name: "{{ iface.conn_name }} | Add interface to reload list"
|
||||||
|
set_fact:
|
||||||
|
reload_interfaces: "{{ reload_interfaces + [ iface.conn_name ] }}"
|
||||||
|
when: configure_interface.changed
|
||||||
|
|
||||||
|
- name: "{{ iface.conn_name }} | Get existing ipv4 routes"
|
||||||
|
shell: nmcli -g ipv4.routes connection show "{{ iface.conn_name }}"
|
||||||
|
register: existing_routes4_res
|
||||||
|
changed_when: False
|
||||||
|
|
||||||
|
- name: "{{ iface.conn_name }} | Get existing ipv6 routes"
|
||||||
|
shell: nmcli -g ipv6.routes connection show "{{ iface.conn_name }}"
|
||||||
|
register: existing_routes6_res
|
||||||
|
changed_when: False
|
||||||
|
|
||||||
|
- name: "{{ iface.conn_name }} | Set fact about existing and new ipv4/ipv6 routes"
|
||||||
|
set_fact:
|
||||||
|
existing_routes4: "{{ existing_routes4_res.stdout | hash('sha256') }}"
|
||||||
|
new_routes4: "{{ (echo.stdout | hash('sha256')) if iface.routes4 is not defined else (iface.routes4|join(', ') | hash('sha256')) }}"
|
||||||
|
existing_routes6: "{{ existing_routes6_res.stdout | hash('sha256') }}"
|
||||||
|
new_routes6: "{{ (echo.stdout | hash('sha256')) if iface.routes6 is not defined else (iface.routes6|join(', ') | hash('sha256')) }}"
|
||||||
|
|
||||||
|
#- debug:
|
||||||
|
# msg: "{{ existing_routes4_res.stdout | hash('sha256') }}"
|
||||||
|
|
||||||
|
#- debug:
|
||||||
|
# msg: "{{ '' if iface.routes4 is not defined else (iface.routes4|join(', ') | hash('sha256')) }}"
|
||||||
|
|
||||||
|
- name: "{{ iface.conn_name }} | Update routes and rules with nmcli"
|
||||||
|
community.general.nmcli:
|
||||||
|
conn_name: "{{ iface.conn_name }}"
|
||||||
|
type: "{{ iface.type | default('ethernet') }}"
|
||||||
|
ip4: "{{ omit if iface.ip4 is not defined else (iface.ip4|join(', ')) }}"
|
||||||
|
ip6: "{{ omit if iface.ip6 is not defined else (iface.ip6|join(', ')) }}"
|
||||||
|
gw4: "{{ iface.gw4 | default(omit) }}"
|
||||||
|
gw6: "{{ iface.gw6 | default(omit) }}"
|
||||||
|
dns4: "{{ iface.dns4 | default(omit) }}"
|
||||||
|
dns6: "{{ iface.dns6 | default(omit) }}"
|
||||||
|
never_default4: "{{ iface.never_default4 | default(omit) }}"
|
||||||
|
vlanid: "{{ iface.vlanid | default(omit) }}"
|
||||||
|
routes4: "{{ iface.routes4 if (existing_routes4 != new_routes4) else omit }}"
|
||||||
|
routing_rules4: "{{ iface.routing_rules4 | default(omit) }}"
|
||||||
|
routes6: "{{ iface.routes6 if (existing_routes6 != new_routes6) else omit }}"
|
||||||
|
routing_rules6: "{{ iface.routing_rules6 | default(omit) }}"
|
||||||
|
mtu: "{{ iface.mtu | default(0) }}"
|
||||||
|
zone: "{{ iface.zone | default(omit) }}"
|
||||||
|
state: present
|
||||||
|
notify:
|
||||||
|
- Reload interface with nmcli
|
||||||
|
register: update_routes_and_rules
|
||||||
|
|
||||||
|
- name: "{{ iface.conn_name }} | Add interface to reload list"
|
||||||
|
set_fact:
|
||||||
|
reload_interfaces: "{{ reload_interfaces + [ iface.conn_name ] }}"
|
||||||
|
when: update_routes_and_rules.changed
|
||||||
|
|
||||||
|
#- debug:
|
||||||
|
# msg: "{{ reload_interfaces }}"
|
@ -1,22 +0,0 @@
|
|||||||
---
|
|
||||||
- block:
|
|
||||||
- name: Install network scripts
|
|
||||||
package:
|
|
||||||
name: network-scripts
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Create routing table in rt_tables
|
|
||||||
template:
|
|
||||||
src: rt_tables.j2
|
|
||||||
dest: /etc/iproute2/rt_tables
|
|
||||||
|
|
||||||
- name: Configure interfaces and routes with network-scripts
|
|
||||||
include: network_scripts.yaml iface={{ item }}
|
|
||||||
loop: "{{ network.network_scripts.iface }}"
|
|
||||||
|
|
||||||
when: network.network_scripts is defined
|
|
||||||
|
|
||||||
- name: Configure interfaces and routes with nmcli
|
|
||||||
include: network_manager.yaml iface={{ item }}
|
|
||||||
when: network.network_manager is defined
|
|
||||||
loop: "{{ network.network_manager.iface }}"
|
|
@ -1,27 +1,37 @@
|
|||||||
---
|
---
|
||||||
- block:
|
- name: Configure network with network-scripts
|
||||||
|
when: network.network_scripts is defined
|
||||||
|
block:
|
||||||
|
- name: Install network scripts
|
||||||
|
package:
|
||||||
|
name: network-scripts
|
||||||
|
state: present
|
||||||
|
|
||||||
- name: Create routing table in rt_tables
|
- name: Create routing table in rt_tables
|
||||||
template:
|
template:
|
||||||
src: rt_tables.j2
|
src: rt_tables.j2
|
||||||
dest: /etc/iproute2/rt_tables
|
dest: /etc/iproute2/rt_tables
|
||||||
|
|
||||||
- name: Configure interfaces and routes with network-scripts
|
- name: Configure interfaces and routes with network-scripts
|
||||||
include: network_scripts.yaml iface={{ item }}
|
vars:
|
||||||
|
iface: "{{ item }}"
|
||||||
|
include_tasks: network_scripts.yaml
|
||||||
loop: "{{ network.network_scripts.iface }}"
|
loop: "{{ network.network_scripts.iface }}"
|
||||||
|
|
||||||
when: network.network_scripts is defined
|
|
||||||
|
|
||||||
- block:
|
- name: Configure network with Network Manager
|
||||||
|
when: network.network_manager is defined
|
||||||
|
block:
|
||||||
- name: Install NetworkManager-dispatcher-routing-rules
|
- name: Install NetworkManager-dispatcher-routing-rules
|
||||||
package:
|
package:
|
||||||
name:
|
name:
|
||||||
- NetworkManager-dispatcher-routing-rules
|
- NetworkManager-dispatcher-routing-rules
|
||||||
state: present
|
state: present
|
||||||
|
when: ansible_distribution_major_version == '7'
|
||||||
|
|
||||||
- name: Configure interfaces and routes with nmcli
|
- name: Configure interfaces and routes with nmcli
|
||||||
include: network_manager.yaml iface={{ item }}
|
vars:
|
||||||
|
iface: "{{ item }}"
|
||||||
|
include_tasks: network_manager.yaml
|
||||||
loop: "{{ network.network_manager.iface }}"
|
loop: "{{ network.network_manager.iface }}"
|
||||||
|
|
||||||
when: network.network_manager is defined
|
|
||||||
|
|
||||||
|
|
@ -25,12 +25,12 @@
|
|||||||
when: configure_interface.changed
|
when: configure_interface.changed
|
||||||
|
|
||||||
- name: "{{ iface.conn_name }} | Get existing ipv4 routes"
|
- name: "{{ iface.conn_name }} | Get existing ipv4 routes"
|
||||||
shell: nmcli -g ipv4.routes connection show {{ iface.conn_name }}
|
shell: nmcli -g ipv4.routes connection show "{{ iface.conn_name }}"
|
||||||
register: existing_routes4_res
|
register: existing_routes4_res
|
||||||
changed_when: False
|
changed_when: False
|
||||||
|
|
||||||
- name: "{{ iface.conn_name }} | Get existing ipv6 routes"
|
- name: "{{ iface.conn_name }} | Get existing ipv6 routes"
|
||||||
shell: nmcli -g ipv6.routes connection show {{ iface.conn_name }}
|
shell: nmcli -g ipv6.routes connection show "{{ iface.conn_name }}"
|
||||||
register: existing_routes6_res
|
register: existing_routes6_res
|
||||||
changed_when: False
|
changed_when: False
|
||||||
|
|
||||||
|
@ -9,5 +9,5 @@
|
|||||||
reload_interfaces: []
|
reload_interfaces: []
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
|
||||||
- name: Include interfaces configuration tasks
|
- name: Include interfaces configuration tasks for {{ ansible_os_family }}
|
||||||
include_tasks: "{{ ansible_facts['os_family'] }}/{{ ansible_facts['distribution_major_version'] }}.yaml"
|
include_tasks: "{{ ansible_facts['os_family'] }}/main.yaml"
|
||||||
|
Loading…
Reference in New Issue
Block a user