├── .ansible-lint ├── README.md ├── defaults └── main.yml ├── handlers └── main.yml ├── meta └── main.yml ├── tasks ├── Debian_initial.yml ├── Debian_restart.yml ├── RedHat_initial.yml ├── RedHat_restart.yml ├── bond_interfaces.yml ├── bridge_interfaces.yml ├── clean_interfaces.yml ├── ether_interfaces.yml ├── main.yml └── vlan_interfaces.yml ├── templates ├── Debian_ipv4_config.j2 ├── Debian_ipv6_config.j2 ├── Debian_resolvconf.j2 ├── RedHat_bond_options.j2 ├── bond_Debian.j2 ├── bond_RedHat.j2 ├── bond_slave_Debian.j2 ├── bond_slave_RedHat.j2 ├── bridge_Debian.j2 ├── bridge_RedHat.j2 ├── bridge_port_Debian.j2 ├── bridge_port_RedHat.j2 ├── ethernet_Debian.j2 ├── ethernet_RedHat.j2 ├── ethernet_RedHat_vlan_options.j2 ├── restartscript.j2 ├── route_Debian.j2 └── route_RedHat.j2 ├── tests ├── Dockerfile.centos-7 ├── Dockerfile.ubuntu-14.04 ├── Dockerfile.ubuntu-16.04 └── test.yml └── vars ├── Debian.yml ├── RedHat.yml └── main.yml /.ansible-lint: -------------------------------------------------------------------------------- 1 | skip_list: 2 | - '204' 3 | - '301' 4 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # network_interface 2 | 3 | 4 | _WARNING: This role can be dangerous to use. If you lose network connectivity 5 | to your target host by incorrectly configuring your networking, you may be 6 | unable to recover without physical access to the machine._ 7 | 8 | This roles enables users to configure various network components on target 9 | machines. The role can be used to configure: 10 | 11 | - Ethernet interfaces 12 | - Bridge interfaces 13 | - Bonded interfaces 14 | - VLAN tagged interfaces 15 | - Network routes 16 | 17 | ## Requirements 18 | 19 | 20 | This role requires Ansible 1.4 or higher, and platform requirements are listed 21 | in the metadata file. 22 | 23 | ## Role Variables 24 | 25 | 26 | The variables that can be passed to this role and a brief description about 27 | them are as follows: 28 | 29 | | Variable | Required | Default | Comments | 30 | |-------------------------------------|----------|-----------|---------| 31 | | `network_pkgs` | No | `[]` | Typically needed packages like selinux, bridge-utils, ifenslave and iproute | 32 | | `network_ether_interfaces` | No | `[]` | The list of ethernet interfaces to be added to the system. | 33 | | `network_bridge_interfaces` | No | `[]` | The list of bridge interfaces to be added to the system. | 34 | | `network_bond_interfaces` | No | `[]` | The list of bonded interfaces to be added to the system. | 35 | | `network_vlan_interfaces` | No | `[]` | The list of vlan interfaces to be added to the system. | 36 | | `network_check_packages` | No | `true` | Install packages listed in network_pkgs. | 37 | | `network_allow_service_restart` | No | `true` | Whether interfaces/networking should get reconfigured and restarted. | 38 | | `network_modprobe_persist` | No | `true` | Persisting module loading. | 39 | | `network_configured_interfaces_only` | No | `false` | Removes interfaces not configured over this role entirely when enabled. | 40 | | `network_interface_file_prefix` | No | `ifcfg-` | The prefix for interface configuration files. | 41 | | `network_interface_file_postfix` | No | `` | The postfix for interface configuration files. | 42 | 43 | Note: The values for the list are listed in the examples below. 44 | 45 | ## Examples 46 | 47 | Debian (not RedHat) network configurations can optionally use CIDR notation for IPv4 addresses instead of specifying the address and subnet mask separately. It is required to use CIDR notation for IPv6 addresses on Debian. 48 | 49 | IPv4 example with CIDR notation: 50 | ``` 51 | cidr: 192.168.10.18/24 52 | # OPTIONAL: specify a gateway for that network, or auto for network+1 53 | gateway: auto 54 | ``` 55 | IPv4 example with classic IPv4: 56 | ``` 57 | address: 192.168.10.18 58 | netmask: 255.255.255.0 59 | network: 192.168.10.0 60 | broadcast: 192.168.10.255 61 | gateway: 192.168.10.1 62 | ``` 63 | If you want to use a different MAC Address for your Interface, you can simply add it. 64 | ``` 65 | hwaddress: aa:bb:cc:dd:ee:ff 66 | ``` 67 | On some rare occasion it might be good to set whatever option you like. Therefore it 68 | is possible to use 69 | ``` 70 | options: 71 | - "up /execute/my/command" 72 | - "down /execute/my/other/command" 73 | ``` 74 | and the IPv6 version 75 | ``` 76 | ipv6_options: 77 | - "up /execute/my/command" 78 | - "down /execute/my/other/command" 79 | ``` 80 | 81 | 1) Configure eth1 and eth2 on a host with a static IP and a dhcp IP. Also 82 | define static routes and a gateway. 83 | ``` 84 | 85 | - hosts: myhost 86 | roles: 87 | - role: network 88 | network_ether_interfaces: 89 | - device: eth1 90 | bootproto: static 91 | cidr: 192.168.10.18/24 92 | gateway: auto 93 | route: 94 | - network: 192.168.200.0 95 | netmask: 255.255.255.0 96 | gateway: 192.168.10.1 97 | - network: 192.168.100.0 98 | netmask: 255.255.255.0 99 | gateway: 192.168.10.1 100 | - device: eth2 101 | bootproto: dhcp 102 | ``` 103 | Note: it is not required to add routes, default route will be added automatically. 104 | 105 | 2) Configure a bridge interface with multiple NICs added to the bridge. 106 | ``` 107 | 108 | - hosts: myhost 109 | roles: 110 | - role: network 111 | network_bridge_interfaces: 112 | - device: br1 113 | type: bridge 114 | cidr: 192.168.10.10/24 115 | bridge_ports: [eth1, eth2] 116 | 117 | # Optional values 118 | bridge_ageing: 300 119 | bridge_bridgeprio: 32768 120 | bridge_fd: 15 121 | bridge_gcint: 4 122 | bridge_hello: 2 123 | bridge_maxage: 20 124 | bridge_maxwait: 0 125 | bridge_pathcost: "eth1 100" 126 | bridge_portprio: "eth1 128" 127 | bridge_stp: "on" 128 | bridge_waitport: "5 eth1 eth2" 129 | ``` 130 | 131 | Note: Routes can also be added for this interface in the same way routes are 132 | added for ethernet interfaces. 133 | 134 | 3) Configure a bond interface with an "active-backup" slave configuration. 135 | ``` 136 | 137 | - hosts: myhost 138 | roles: 139 | - role: network 140 | network_bond_interfaces: 141 | - device: bond0 142 | address: 192.168.10.128 143 | netmask: 255.255.255.0 144 | bond_mode: active-backup 145 | bond_slaves: [eth1, eth2] 146 | 147 | # Optional values 148 | bond_miimon: 100 149 | bond_lacp_rate: slow 150 | bond_xmit_hash_policy: layer3+4 151 | ``` 152 | 153 | 4) Configure a bonded interface with "802.3ad" as the bonding mode and IP 154 | address obtained via DHCP. 155 | ``` 156 | 157 | - hosts: myhost 158 | roles: 159 | - role: network 160 | network_bond_interfaces: 161 | - device: bond0 162 | bootproto: dhcp 163 | bond_mode: 802.3ad 164 | bond_miimon: 100 165 | bond_slaves: [eth1, eth2] 166 | bond_ad_select: 2 167 | ``` 168 | 169 | 5) Configure a VLAN interface with the vlan tag 2 for an ethernet interface 170 | ``` 171 | 172 | - hosts: myhost 173 | roles: 174 | - role: network 175 | network_ether_interfaces: 176 | - device: eth1 177 | bootproto: static 178 | cidr: 192.168.10.18/24 179 | gateway: auto 180 | network_vlan_interfaces: 181 | - device: eth1.2 182 | bootproto: static 183 | cidr: 192.168.20.18/24 184 | ``` 185 | 186 | 6) All the above examples show how to configure a single host, The below 187 | example shows how to define your network configurations for all your machines. 188 | 189 | Assume your host inventory is as follows: 190 | 191 | ### /etc/ansible/hosts 192 | ``` 193 | [dc1] 194 | host1 195 | host2 196 | ``` 197 | Describe your network configuration for each host in host vars: 198 | 199 | ### host_vars/host1 200 | ``` 201 | network_ether_interfaces: 202 | - device: eth1 203 | bootproto: static 204 | address: 192.168.10.18 205 | netmask: 255.255.255.0 206 | gateway: 192.168.10.1 207 | route: 208 | - network: 192.168.200.0 209 | netmask: 255.255.255.0 210 | gateway: 192.168.10.1 211 | network_bond_interfaces: 212 | - device: bond0 213 | bootproto: dhcp 214 | bond_mode: 802.3ad 215 | bond_miimon: 100 216 | bond_slaves: [eth2, eth3] 217 | ``` 218 | ### host_vars/host2 219 | ``` 220 | network_ether_interfaces: 221 | - device: eth0 222 | bootproto: static 223 | address: 192.168.10.18 224 | netmask: 255.255.255.0 225 | gateway: 192.168.10.1 226 | ``` 227 | 228 | 7) If resolvconf package should be used, it is possible to add some DNS configurations 229 | ``` 230 | dns-nameserver: [ "8.8.8.8", "8.8.4.4" ] 231 | dns-search: "search.mydomain.tdl" 232 | dns-domain: "mydomain.tdl" 233 | ``` 234 | 235 | 8) You can add IPv6 static IP configuration on Ethernet, Bond or Bridge interfaces 236 | ``` 237 | ipv6_address: "aaaa:bbbb:cccc:dddd:dead:beef::1/64" 238 | ipv6_gateway: "aaaa:bbbb:cccc:dddd::1" 239 | ``` 240 | 241 | Create a playbook which applies this role to all hosts as shown below, and run 242 | the playbook. All the servers should have their network interfaces configured 243 | and routed updated. 244 | 245 | ``` 246 | 247 | - hosts: all 248 | roles: 249 | - role: network 250 | ``` 251 | 252 | 9) This role can also optionally add network interfaces to firewalld zones. The 253 | core firewalld module (http://docs.ansible.com/ansible/latest/firewalld_module.html) 254 | can perform the same function, so if you make use of both modules then your 255 | playbooks may not be idempotent. Consider this case, where only the firewalld 256 | module is used: 257 | 258 | * network_interface role runs; with no `firewalld_zone` host var set then any 259 | ZONE line will be removed from ifcfg-* 260 | * `firewalld` module runs; adds a `ZONE` line to ifcfg-* 261 | * On the next playbook run, the network_interface role runs and removes the 262 | ZONE line again, and so the cycle repeats. 263 | 264 | In order for this role to manage firewalld zones, the system must be running a 265 | RHEL based distribution, and using NetworkManager to manage the network 266 | interfaces. If those criteria are met, the following example shows how to add 267 | the eth0 interface to the public firewalld zone: 268 | ``` 269 | - device: eth0 270 | bootproto: static 271 | address: 192.168.10.18 272 | netmask: 255.255.255.0 273 | gateway: 192.168.10.1 274 | firewalld_zone: public 275 | ``` 276 | Note: Ansible needs network connectivity throughout the playbook process, you 277 | may need to have a control interface that you do *not* modify using this 278 | method while changing IP Addresses so that Ansible has a stable connection 279 | to configure the target systems. All network changes are done within a single 280 | generated script and network connectivity is only lost for few seconds. 281 | 282 | 283 | ## Dependencies 284 | 285 | `python-netaddr` 286 | 287 | ## License 288 | 289 | 290 | BSD 291 | 292 | ## Author Information 293 | 294 | This project was originally created by [Benno Joy](https://github.com/bennojoy/network_interface). 295 | 296 | Debian upgrades by: 297 | 298 | * Martin Verges (croit, GmbH) 299 | * Eric Anderson (Avi Networks, Inc.) 300 | 301 | RedHat upgrades by: 302 | 303 | * Eric Anderson (Avi Networks, Inc.) 304 | * Luke Short (Red Hat, Inc.) 305 | * Wei Tie, (Cisco Systems, Inc.) 306 | 307 | The full list of contributors can be found [here](https://github.com/MartinVerges/ansible.network_interface/graphs/contributors). 308 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | network_pkgs: [] 3 | network_ether_interfaces: [] 4 | network_bridge_interfaces: [] 5 | network_bond_interfaces: [] 6 | network_vlan_interfaces: [] 7 | network_check_packages: true 8 | network_allow_service_restart: true 9 | network_modprobe_persist: true 10 | network_configured_interfaces_only: false 11 | network_interface_file_prefix: "ifcfg-" 12 | network_interface_file_postfix: "" 13 | -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | #Restart Network Interfaces (deconfigurate & reconfigurate interfaces) 3 | - name: restart networking 4 | include_tasks: "{{ ansible_os_family }}_restart.yml" 5 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | description: This roles enables users to configure various network components on target machines. 4 | role_name: network_interface 5 | author: "Benno Joy, Martin Verges, Luke Short, Eric Anderson" 6 | company: "AnsibleWorks, First Colo GmbH" 7 | license: BSD-2-Clause 8 | min_ansible_version: 1.9 9 | platforms: 10 | - name: Debian 11 | versions: 12 | - wheezy 13 | - jessie 14 | - stretch 15 | - buster 16 | - name: Ubuntu 17 | versions: 18 | - precise 19 | - quantal 20 | - raring 21 | - saucy 22 | - trusty 23 | - utopic 24 | - vivid 25 | - wily 26 | - xenial 27 | - yakkety 28 | - zesty 29 | - artful 30 | - bionic 31 | - cosmic 32 | - disco 33 | - eoan 34 | - focal 35 | - name: EL 36 | versions: 37 | - 7 38 | galaxy_tags: 39 | - networking 40 | - system 41 | - interfaces 42 | - network 43 | dependencies: [] 44 | -------------------------------------------------------------------------------- /tasks/Debian_initial.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install the required packages in Debian derivatives 3 | apt: 4 | name: "{{ item }}" 5 | state: present 6 | loop: "{{ network_pkgs }}" 7 | environment: "{{ env }}" 8 | when: network_check_packages 9 | 10 | - name: Make sure the include line is the only line in interfaces file 11 | copy: 12 | content: | 13 | # 14 | # Managed by ansible 15 | # 16 | 17 | source {{ net_path }}/* 18 | dest: /etc/network/interfaces 19 | when: network_configured_interfaces_only 20 | notify: restart networking 21 | 22 | - name: Make sure the source include line is there in interfaces file 23 | lineinfile: 24 | regexp: '^source\s{{ net_path | regex_escape() }}/\*' 25 | line: "source {{ net_path }}/*" 26 | dest: /etc/network/interfaces 27 | state: present 28 | insertafter: EOF 29 | when: not network_configured_interfaces_only | bool 30 | 31 | - name: Make sure the source-directory include line is not there in interfaces file 32 | lineinfile: 33 | regexp: '^source-directory\s{{ net_path | regex_escape() }}/?' 34 | dest: /etc/network/interfaces 35 | state: absent 36 | when: not network_configured_interfaces_only | bool 37 | 38 | - name: Create the directory for interface cfg files 39 | file: 40 | path: "{{ net_path }}" 41 | state: directory 42 | -------------------------------------------------------------------------------- /tasks/Debian_restart.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Restart interfaces to load new configuration 3 | # 4 | # We had a lot of problems with lost connectivity, therefore we changed the 5 | # role to use a script for network reconfiguration. 6 | # Tested on Debian Jessie / Ubuntu 14.04 LTS and with Ethernet, Bonding Interfaces 7 | 8 | - name: Create a restart script 9 | template: 10 | src: restartscript.j2 11 | dest: /etc/network/restart.sh 12 | mode: 0755 13 | 14 | # Execute configuration change 15 | - name: Execute Network Restart 16 | shell: | 17 | set -o pipefail 18 | bash /etc/network/restart.sh 19 | failed_when: false 20 | 21 | - name: Cleanup Network Restart script 22 | file: 23 | path: /etc/network/restart.sh 24 | state: absent 25 | -------------------------------------------------------------------------------- /tasks/RedHat_initial.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install the required packages in Redhat derivatives 3 | yum: 4 | name: "{{ item }}" 5 | state: installed 6 | loop: "{{ network_pkgs }}" 7 | when: network_check_packages 8 | 9 | - name: Write configuration files for rhel route configuration with vlan 10 | template: 11 | src: "route_{{ ansible_os_family }}.j2" 12 | dest: "{{ net_path }}/route-{{ item.device }}" 13 | loop: "{{ network_vlan_interfaces }}" 14 | when: network_vlan_interfaces != [] and item.route is defined 15 | 16 | - name: Write configuration files for rhel route configuration 17 | template: 18 | src: "route_{{ ansible_os_family }}.j2" 19 | dest: "{{ net_path }}/route-{{ item.device }}" 20 | loop: "{{ network_ether_interfaces }}" 21 | when: network_ether_interfaces != [] and item.route is defined 22 | 23 | - name: Write configuration files for route configuration 24 | template: 25 | src: "route_{{ ansible_os_family }}.j2" 26 | dest: "{{ net_path }}/route-{{ item.device }}" 27 | loop: "{{ network_bond_interfaces }}" 28 | when: network_bond_interfaces != [] and item.route is defined 29 | 30 | - name: Write configuration files for rhel route configuration 31 | template: 32 | src: "route_{{ ansible_os_family }}.j2" 33 | dest: "{{ net_path }}/route-{{ item.device }}" 34 | loop: "{{ network_bridge_interfaces }}" 35 | when: network_bridge_interfaces != [] and item.route is defined 36 | 37 | - name: Cleanup gateway dev that does not set to the one we want 38 | lineinfile: 39 | dest: /etc/sysconfig/network 40 | regexp: "^GATEWAYDEV=(?!{{ gateway_dev }})" 41 | state: absent 42 | when: gateway_dev is defined 43 | 44 | - name: Explicitly set the gateway device 45 | lineinfile: 46 | dest: /etc/sysconfig/network 47 | line: "GATEWAYDEV={{ gateway_dev }}" 48 | when: gateway_dev is defined 49 | -------------------------------------------------------------------------------- /tasks/RedHat_restart.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Enable the "network" service 3 | service: 4 | name: network 5 | enabled: true 6 | check_mode: yes 7 | register: network_service 8 | ignore_errors: true 9 | when: network_allow_service_restart 10 | 11 | - name: Verify if the "network" service is enabled 12 | set_fact: 13 | network_service_enabled: "{{ not network_service.failed 14 | and not network_service.changed }}" 15 | when: network_allow_service_restart 16 | 17 | - name: Enable the "NetworkManager" service 18 | service: 19 | name: NetworkManager 20 | enabled: true 21 | check_mode: yes 22 | register: NetworkManager_service 23 | ignore_errors: true 24 | when: network_allow_service_restart 25 | 26 | - name: Verify if the "NetworkManager" service is enabled 27 | set_fact: 28 | NetworkManager_service_enabled: "{{ not NetworkManager_service.failed 29 | and not NetworkManager_service.changed }}" 30 | when: network_allow_service_restart 31 | 32 | - name: Restart the "network" service on Red Hat systems 33 | service: 34 | name: network 35 | state: restarted 36 | when: > 37 | (network_allow_service_restart 38 | and network_service_enabled) 39 | and (ether_result is changed 40 | or bond_port_result is changed 41 | or bond_result is changed 42 | or vlan_result is changed 43 | or bridge_result is changed 44 | or bridge_port_result is changed) 45 | 46 | - name: Restart the "NetworkManager" service on Red Hat systems 47 | service: 48 | name: network 49 | state: restarted 50 | when: > 51 | (network_allow_service_restart 52 | and NetworkManager_service_enabled) and 53 | (ether_result is changed or 54 | bond_port_result is changed or 55 | bond_result is changed or 56 | vlan_result is changed or 57 | bridge_result is changed or 58 | bridge_port_result is changed) 59 | -------------------------------------------------------------------------------- /tasks/bond_interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create the network configuration file for slave in the bond devices 3 | template: 4 | src: "bond_slave_{{ ansible_os_family }}.j2" 5 | dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.1 }}{{ network_interface_file_postfix }}" 6 | with_subelements: 7 | - "{{ network_bond_interfaces }}" 8 | - bond_slaves 9 | register: bond_port_result 10 | notify: restart networking 11 | 12 | - name: Create the network configuration file for bond devices 13 | template: 14 | src: "bond_{{ ansible_os_family }}.j2" 15 | dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.device }}{{ network_interface_file_postfix }}" 16 | loop: "{{ network_bond_interfaces }}" 17 | register: bond_result 18 | notify: restart networking 19 | 20 | - name: Make sure the bonding module is loaded 21 | modprobe: 22 | name: bonding 23 | state: present 24 | when: bond_result is changed 25 | notify: restart networking 26 | 27 | - name: Make the bonding module persistent 28 | become: true 29 | lineinfile: 30 | line: 'bonding' 31 | dest: /etc/modules 32 | insertafter: EOF 33 | when: 34 | - network_modprobe_persist 35 | notify: restart networking 36 | -------------------------------------------------------------------------------- /tasks/bridge_interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create the network configuration file for bridge devices 3 | template: 4 | src: "bridge_{{ ansible_os_family }}.j2" 5 | dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.device }}{{ network_interface_file_postfix }}" 6 | loop: "{{ network_bridge_interfaces }}" 7 | register: bridge_result 8 | notify: restart networking 9 | 10 | - name: Create the network configuration file for port on the bridge devices 11 | template: 12 | src: "bridge_port_{{ ansible_os_family }}.j2" 13 | dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.1 }}{{ network_interface_file_postfix }}" 14 | with_subelements: 15 | - '{{ network_bridge_interfaces }}' 16 | - bridge_ports 17 | register: bridge_port_result 18 | notify: restart networking 19 | -------------------------------------------------------------------------------- /tasks/clean_interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Get config files list 3 | set_fact: 4 | _config_files: "{{ [ _config_files, item ] | flatten | unique }}" 5 | loop: 6 | - "{{ network_ether_interfaces | json_query('[*].device') }}" 7 | - "{{ network_bond_interfaces | json_query('[*].device') }}" 8 | - "{{ network_vlan_interfaces | json_query('[*].device') }}" 9 | - "{{ network_bridge_interfaces | json_query('[*].device') }}" 10 | 11 | - name: Find interface config files to delete 12 | find: 13 | paths: "{{ net_path }}" 14 | excludes: "{{ [ network_interface_file_prefix ] | product(_config_files) | map('join', '') | list | product([ network_interface_file_postfix ]) | map('join', '') | list }}" 15 | register: config_files_to_delete 16 | 17 | - name: Remove all interfaces config files not matching the pattern 18 | file: 19 | path: "{{ item.path }}" 20 | state: absent 21 | with_items: "{{ config_files_to_delete.files }}" 22 | notify: restart networking 23 | -------------------------------------------------------------------------------- /tasks/ether_interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create the network configuration file for ethernet interfaces 3 | template: 4 | src: "ethernet_{{ ansible_os_family }}.j2" 5 | dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.device }}{{ network_interface_file_postfix }}" 6 | loop: "{{ network_ether_interfaces }}" 7 | register: ether_result 8 | notify: restart networking 9 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Add the OS specific varibles 3 | include_vars: "{{ ansible_os_family }}.yml" 4 | 5 | - name: Define network_pkgs. 6 | set_fact: 7 | network_pkgs: "{{ _network_pkgs }}" 8 | when: network_pkgs is not defined 9 | 10 | - name: Include specific tasks for the OS family 11 | include_tasks: "{{ ansible_os_family }}_initial.yml" 12 | 13 | - name: Cleanup interfaces configuration 14 | import_tasks: "clean_interfaces.yml" 15 | when: network_configured_interfaces_only 16 | 17 | - name: Configure Ethernet interfaces 18 | import_tasks: "ether_interfaces.yml" 19 | when: network_ether_interfaces | length > 0 20 | 21 | - name: Configure Bond interfaces 22 | import_tasks: "bond_interfaces.yml" 23 | when: network_bond_interfaces | length > 0 24 | 25 | - name: Configure VLAN interfaces 26 | import_tasks: "vlan_interfaces.yml" 27 | when: network_vlan_interfaces | length > 0 28 | 29 | - name: Configure Bridge interfaces 30 | import_tasks: "bridge_interfaces.yml" 31 | when: network_bridge_interfaces | length > 0 32 | -------------------------------------------------------------------------------- /tasks/vlan_interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create the network configuration file for vlan devices 3 | template: 4 | src: "ethernet_{{ ansible_os_family }}.j2" 5 | dest: "{{ net_path }}/{{ network_interface_file_prefix }}{{ item.device }}{{ network_interface_file_postfix }}" 6 | loop: "{{ network_vlan_interfaces }}" 7 | register: vlan_result 8 | notify: restart networking 9 | 10 | - name: Make sure the 8021q module is loaded 11 | modprobe: 12 | name: 8021q 13 | state: present 14 | when: vlan_result is changed 15 | notify: restart networking 16 | 17 | - name: Make the 8021q module persistent 18 | become: true 19 | lineinfile: 20 | line: '8021q' 21 | dest: /etc/modules 22 | insertafter: EOF 23 | when: 24 | - network_modprobe_persist 25 | notify: restart networking 26 | -------------------------------------------------------------------------------- /templates/Debian_ipv4_config.j2: -------------------------------------------------------------------------------- 1 | {% if item.cidr is defined %} 2 | address {{ item.cidr | ipaddr('address') }} 3 | network {{ item.cidr | ipaddr('network') }} 4 | netmask {{ item.cidr | ipaddr('netmask') }} 5 | broadcast {{ item.cidr | ipaddr('broadcast') }} 6 | {% elif item.address is defined and item.netmask is defined %} 7 | {% if item.address is defined %} 8 | address {{ item.address }} 9 | {% endif %} 10 | {% if item.netmask is defined %} 11 | netmask {{ item.netmask }} 12 | {% endif %} 13 | {% if item.network is defined %} 14 | network {{ item.network }} 15 | {% endif %} 16 | {% if item.broadcast is defined %} 17 | broadcast {{ item.broadcast }} 18 | {% endif %} 19 | {% endif %} 20 | {% if item.gateway is defined and item.gateway != 'auto' %} 21 | gateway {{ item.gateway }} 22 | {% elif item.cidr is defined and item.gateway is defined and item.gateway == 'auto' %} 23 | gateway {{ item.cidr | ipaddr('1') | ipaddr('address') }} 24 | {% endif %} 25 | 26 | -------------------------------------------------------------------------------- /templates/Debian_ipv6_config.j2: -------------------------------------------------------------------------------- 1 | {% if item.ipv6_address is defined %} 2 | address {{ item.ipv6_address | ipaddr('address') }} 3 | netmask {{ item.ipv6_address | ipaddr('prefix') }} 4 | {% if item.ipv6_gateway is defined and item.ipv6_gateway != 'auto' %} 5 | gateway {{ item.ipv6_gateway }} 6 | {% elif item.ipv6_gateway is defined and item.ipv6_gateway == 'auto' %} 7 | gateway {{ item.ipv6_address | ipaddr('1') | ipaddr('address') }} 8 | {% endif %} 9 | {% endif %} 10 | -------------------------------------------------------------------------------- /templates/Debian_resolvconf.j2: -------------------------------------------------------------------------------- 1 | {% if item.dns_nameservers is defined %} 2 | dns-nameservers {{ item.dns_nameservers|join(' ') }} 3 | {% endif %} 4 | {% if item.dns_search is defined %} 5 | dns-search {{ item.dns_search }} 6 | {% endif %} 7 | {% if item.dns_domain is defined %} 8 | dns-domain {{ item.dns_domain }} 9 | {% endif %} 10 | 11 | -------------------------------------------------------------------------------- /templates/RedHat_bond_options.j2: -------------------------------------------------------------------------------- 1 | BONDING_OPTS="mode={{ item.bond_mode }} miimon={{ item.bond_miimon|default(100) }} 2 | {%- if item.bond_mode == '802.3ad' or item.bond_mode == 4 %} 3 | bond-lacp-rate={{ item.bond_lacp_rate | default('slow') }} 4 | {% endif %} 5 | {%- if item.bond_xmit_hash_policy is defined %} 6 | xmit_hash_policy={{ item.bond_xmit_hash_policy }} 7 | {%- endif -%} 8 | {%- if item.bond_downdelay is defined %} 9 | downdelay={{ item.bond_downdelay }} 10 | {%- endif -%} 11 | {%- if item.bond_updelay is defined %} 12 | updelay={{ item.bond_updelay }} 13 | {%- endif -%} 14 | {%- if item.bond_primary is defined %} 15 | primary={{ item.bond_primary }} 16 | {%- endif -%} 17 | {%- if item.bond_use_carrier is defined %} 18 | use_carrier={{ item.bond_use_carrier }} 19 | {%- endif -%} 20 | {%- if item.bond_ad_select is defined %} 21 | ad_select={{ item.bond_ad_select }} 22 | {%- endif -%} 23 | {%- if item.bond_extra_opts is defined %} 24 | {{ item.bond_extra_opts }} 25 | {%- endif -%} 26 | " 27 | -------------------------------------------------------------------------------- /templates/bond_Debian.j2: -------------------------------------------------------------------------------- 1 | 2 | auto {{ item.device }} 3 | iface {{ item.device }} inet {% if item.bootproto is defined %}{{ item.bootproto }}{% elif item.cidr is defined or item.address is defined %}static{% else %}dhcp{% endif %} 4 | 5 | {% include 'Debian_ipv4_config.j2' %} 6 | {% include 'Debian_resolvconf.j2' %} 7 | {% include 'route_Debian.j2' %} 8 | 9 | {% if item.bond_mode is defined and item.bond_slaves is defined %} 10 | {% if item.bond_mode is defined %} 11 | bond-mode {{ item.bond_mode }} 12 | bond-miimon {{ item.bond_miimon | default(100) }} 13 | {% if item.bond_mode == '802.3ad' or item.bond_mode == 4 %} 14 | bond-lacp-rate {{ item.bond_lacp_rate | default('slow') }} 15 | {% endif %} 16 | {% if item.bond_mode == 2 or item.bond_mode == 'balance-xor' 17 | or item.bond_mode == 4 or item.bond_mode == '802.3ad' 18 | or item.bond_mode == 6 or item.bond_mode == 'balance-tlb' 19 | %} 20 | bond-xmit-hash-policy {{ item.bond_xmit_hash_policy | default('layer3+4') }} 21 | {% endif %} 22 | 23 | {% if item.bond_downdelay is defined %} 24 | bond-downdelay {{ item.bond_downdelay }} 25 | {% endif %} 26 | {% if item.bond_updelay is defined %} 27 | bond-updelay {{ item.bond_updelay }} 28 | {% endif %} 29 | {% if item.bond_ad_select is defined %} 30 | bond-ad-select {{ item.bond_ad_select }} 31 | {% endif %} 32 | {% if item.bond_arp_interval is defined %} 33 | bond-arp-interval {{ item.bond_arp_interval }} 34 | {% endif %} 35 | {% if item.bond_arp_ip_target is defined %} 36 | bond-arp-ip-target {{ item.bond_arp_ip_target }} 37 | {% endif %} 38 | {% if item.bond_arp_validate is defined %} 39 | bond-arp-validate {{ item.bond_arp_validate }} 40 | {% endif %} 41 | {% if item.bond_num_grat_arp is defined %} 42 | bond-num-grat-arp {{ item.bond_num_grat_arp }} 43 | {% endif %} 44 | {% if item.bond_num_unsol_na is defined %} 45 | bond-num-unsol-na {{ item.bond_num_unsol_na }} 46 | {% endif %} 47 | {% if item.bond_primary is defined %} 48 | bond-primary {{ item.bond_primary }} 49 | {% endif %} 50 | {% if item.bond_primary_reselect is defined %} 51 | bond-primary-reselect {{ item.bond_primary_reselect }} 52 | {% endif %} 53 | {% if item.bond_use_carrier is defined %} 54 | bond-use-carrier {{ item.bond_use_carrier }} 55 | {% endif %} 56 | {% if item.bond_slaves is defined %} 57 | bond-slaves {{ item.bond_slaves|join(' ') }} 58 | {% endif %} 59 | {% if item.bond_active_slave is defined %} 60 | bond-active-slave {{ item.bond_active_slave }} 61 | {% endif %} 62 | {% endif %} 63 | {% endif %} 64 | 65 | {% if item.hwaddress is defined %} 66 | hwaddress ether {{ item.hwaddress }} 67 | {% endif %} 68 | 69 | {% if item.options is defined %} 70 | {% for option in item.options %} 71 | {{ option }} 72 | {% endfor %} 73 | {% endif %} 74 | 75 | {% if item.ipv6_address is defined %} 76 | iface {{ item.device }} inet6 static 77 | {% include 'Debian_ipv6_config.j2' %} 78 | {% if item.ipv6_options is defined %} 79 | {% for option in item.ipv6_options %} 80 | {{ option }} 81 | {% endfor %} 82 | {% endif %} 83 | {% endif %} 84 | -------------------------------------------------------------------------------- /templates/bond_RedHat.j2: -------------------------------------------------------------------------------- 1 | #jinja2: lstrip_blocks: "True", trim_blocks: "True" 2 | {% if item.bootproto != 'dhcp' %} 3 | DEVICE={{ item.device }} 4 | USERCTL=no 5 | BOOTPROTO={{ item.bootproto|default('static') }} 6 | BONDING_MASTER=yes 7 | TYPE=Bond 8 | {% if item.address is defined %} 9 | IPADDR={{ item.address }} 10 | {% endif -%} 11 | 12 | {% if item.netmask is defined %} 13 | NETMASK={{ item.netmask }} 14 | {% endif -%} 15 | 16 | {% if item.gateway is defined %} 17 | GATEWAY={{ item.gateway }} 18 | {% endif -%} 19 | 20 | {% include "RedHat_bond_options.j2" %} 21 | {% endif -%} 22 | 23 | {% if item.dns_nameservers is defined %} 24 | {% for dns_nameserver in item.dns_nameservers %} 25 | DNS{{ loop.index }}={{ dns_nameserver }} 26 | {% endfor %} 27 | {% endif -%} 28 | 29 | {% if item.bootproto == 'dhcp' %} 30 | DEVICE={{ item.device }} 31 | {% include "RedHat_bond_options.j2" %} 32 | USERCTL=no 33 | BOOTPROTO=dhcp 34 | TYPE=Bond 35 | {% endif -%} 36 | 37 | {% if item.onboot is defined %} 38 | ONBOOT={{ item.onboot | bool | ternary("yes", "no") }} 39 | {% endif -%} 40 | 41 | {% if item.nm_controlled is defined %} 42 | NM_CONTROLLED={{ item.nm_controlled }} 43 | {% endif -%} 44 | 45 | {% if item.defroute is defined %} 46 | DEFROUTE={{ item.defroute | bool | ternary("yes", "no") }} 47 | {% endif -%} 48 | 49 | {% if item.mtu is defined %} 50 | MTU={{ item.mtu }} 51 | {% endif -%} 52 | 53 | {% if item.bonding_master is defined %} 54 | BONDING_MASTER={{ item.bonding_master }} 55 | {% endif -%} 56 | 57 | {% if item.bridge is defined %} 58 | BRIDGE={{ item.bridge }} 59 | {% endif -%} 60 | 61 | {% if item.firewalld_zone is defined %} 62 | ZONE={{ item.firewalld_zone }} 63 | {% endif -%} 64 | -------------------------------------------------------------------------------- /templates/bond_slave_Debian.j2: -------------------------------------------------------------------------------- 1 | auto {{ item.1 }} 2 | iface {{ item.1 }} inet manual 3 | bond-master {{ item.0.device }} 4 | {% if item.0.bond_primary is defined and item.1 == item.0.bond_primary %} 5 | bond-primary {{ item.0.bond_primary }} 6 | {% endif %} 7 | -------------------------------------------------------------------------------- /templates/bond_slave_RedHat.j2: -------------------------------------------------------------------------------- 1 | DEVICE={{ item.1 }} 2 | BOOTPROTO=none 3 | MASTER={{ item.0.device }} 4 | ONBOOT=yes 5 | SLAVE=yes 6 | USERCTL=no 7 | {% if item.nm_controlled is defined %} 8 | NM_CONTROLLED={{ item.nm_controlled }} 9 | {% endif -%} 10 | 11 | {% if item.defroute is defined %} 12 | DEFROUTE={{ item.defroute | bool | ternary("yes", "no") }} 13 | {% endif -%} 14 | 15 | {% if item.0.mtu is defined %} 16 | MTU={{ item.0.mtu }} 17 | {% endif %} 18 | -------------------------------------------------------------------------------- /templates/bridge_Debian.j2: -------------------------------------------------------------------------------- 1 | 2 | auto {{ item.device }} 3 | iface {{ item.device }} inet {% if item.bootproto is defined %}{{ item.bootproto }}{% elif item.cidr is defined or item.address is defined %}static{% else %}dhcp{% endif %} 4 | 5 | {% include 'Debian_ipv4_config.j2' %} 6 | {% include 'Debian_resolvconf.j2' %} 7 | {% include 'route_Debian.j2' %} 8 | {% if item.bridge_ports is defined %} 9 | bridge_ports {{ item.bridge_ports|join(' ') }} 10 | {% else %} 11 | bridge_ports none 12 | {% endif %} 13 | {% if item.bridge_ageing is defined %} 14 | bridge_ageing {{ item.bridge_ageing }} 15 | {% endif %} 16 | {% if item.bridge_bridgeprio is defined %} 17 | bridge_bridgeprio {{ item.bridge_bridgeprio }} 18 | {% endif %} 19 | {% if item.bridge_fd is defined %} 20 | bridge_fd {{ item.bridge_fd }} 21 | {% endif %} 22 | {% if item.bridge_gcint is defined %} 23 | bridge_gcint {{ item.bridge_gcint }} 24 | {% endif %} 25 | {% if item.bridge_hello is defined %} 26 | bridge_hello {{ item.bridge_hello }} 27 | {% endif %} 28 | {% if item.hwaddress is defined %} 29 | bridge_hw {{ item.hwaddress }} 30 | {% endif %} 31 | {% if item.bridge_maxage is defined %} 32 | bridge_maxage {{ item.bridge_maxage }} 33 | {% endif %} 34 | {% if item.bridge_maxwait is defined %} 35 | bridge_maxwait {{ item.bridge_maxwait }} 36 | {% endif %} 37 | {% if item.bridge_pathcost is defined %} 38 | bridge_pathcost {{ item.bridge_pathcost }} 39 | {% endif %} 40 | {% if item.bridge_portprio is defined %} 41 | bridge_portprio {{ item.bridge_portprio }} 42 | {% endif %} 43 | {% if item.bridge_stp is defined %} 44 | bridge_stp {{ item.bridge_stp }} 45 | {% endif %} 46 | {% if item.bridge_waitport is defined %} 47 | bridge_waitport {{ item.bridge_waitport }} 48 | {% endif %} 49 | {% if item.options is defined %} 50 | {% for option in item.options %} 51 | {{ option }} 52 | {% endfor %} 53 | {% endif %} 54 | 55 | {% if item.ipv6_address is defined %} 56 | iface {{ item.device }} inet6 static 57 | {% include 'Debian_ipv6_config.j2' %} 58 | {% if item.ipv6_options is defined %} 59 | {% for option in item.ipv6_options %} 60 | {{ option }} 61 | {% endfor %} 62 | {% endif %} 63 | {% endif %} 64 | 65 | -------------------------------------------------------------------------------- /templates/bridge_RedHat.j2: -------------------------------------------------------------------------------- 1 | #jinja2: lstrip_blocks: "True", trim_blocks: "True" 2 | {% if item.bootproto == 'static' %} 3 | DEVICE={{ item.device }} 4 | TYPE=Bridge 5 | BOOTPROTO=none 6 | {% if item.mtu is defined %} 7 | MTU={{ item.mtu }} 8 | {% endif -%} 9 | 10 | {% if item.stp is defined %} 11 | STP={{ item.stp }} 12 | {% endif -%} 13 | 14 | {% if item.address is defined %} 15 | IPADDR={{ item.address }} 16 | {% endif -%} 17 | 18 | {% if item.netmask is defined %} 19 | NETMASK={{ item.netmask }} 20 | {% endif -%} 21 | 22 | {% if item.gateway is defined %} 23 | GATEWAY={{ item.gateway }} 24 | {% endif -%} 25 | 26 | {% endif -%} 27 | 28 | {% if item.dns_nameservers is defined %} 29 | {% for dns_nameserver in item.dns_nameservers %} 30 | DNS{{ loop.index }}={{ dns_nameserver }} 31 | {% endfor %} 32 | {% endif -%} 33 | 34 | {% if item.bootproto == 'dhcp' %} 35 | DEVICE={{ item.device }} 36 | TYPE=bridge 37 | BOOTPROTO=dhcp 38 | {% if item.mtu is defined %} 39 | MTU={{ item.mtu }} 40 | {% endif -%} 41 | 42 | {% if item.stp is defined %} 43 | STP={{ item.stp }} 44 | {% endif %} 45 | {% endif -%} 46 | 47 | {% if item.onboot is defined %} 48 | ONBOOT={{ item.onboot | bool | ternary("yes", "no") }} 49 | {% endif -%} 50 | 51 | {% if item.nm_controlled is defined %} 52 | NM_CONTROLLED={{ item.nm_controlled }} 53 | {% endif -%} 54 | 55 | {% if item.ipv6_address is defined %} 56 | IPV6INIT="yes" 57 | IPV6_AUTOCONF="yes" 58 | IPV6_DEFROUTE="yes" 59 | IPV6_FAILURE_FATAL="no" 60 | IPV6_FORWARDING="yes" 61 | IPV6_PEERDNS="yes" 62 | IPV6_PEERROUTES="yes" 63 | IPV6_PRIVACY="no" 64 | IPV6ADDR={{ item.ipv6_address }} 65 | {% endif -%} 66 | 67 | {% if item.ipv6_gateway is defined %} 68 | IPV6_DEFAULTGW="{{ item.ipv6_gateway }}" 69 | {% endif -%} 70 | 71 | {% if item.defroute is defined %} 72 | DEFROUTE={{ item.defroute | bool | ternary("yes", "no") }} 73 | {% endif -%} 74 | 75 | {% if item.mtu is defined %} 76 | MTU={{ item.mtu }} 77 | {% endif -%} 78 | 79 | {% if item.firewalld_zone is defined %} 80 | ZONE={{ item.firewalld_zone }} 81 | {% endif %} 82 | -------------------------------------------------------------------------------- /templates/bridge_port_Debian.j2: -------------------------------------------------------------------------------- 1 | auto {{ item.1 }} 2 | iface {{ item.1 }} inet manual 3 | {% if item.0.promisc is defined %} 4 | up /sbin/ifconfig {{ item.1 }} promisc {{ item.0.promisc }} 5 | {% endif %} 6 | -------------------------------------------------------------------------------- /templates/bridge_port_RedHat.j2: -------------------------------------------------------------------------------- 1 | DEVICE={{ item.1 }} 2 | TYPE=Ethernet 3 | BOOTPROTO=none 4 | BRIDGE={{ item.0.device }} 5 | {% if item.mtu is defined %} 6 | MTU={{ item.mtu }} 7 | {% endif %} 8 | -------------------------------------------------------------------------------- /templates/ethernet_Debian.j2: -------------------------------------------------------------------------------- 1 | 2 | auto {{ item.device }} 3 | iface {{ item.device }} inet {% if item.bootproto is defined %}{{ item.bootproto }}{% elif item.cidr is defined or item.address is defined %}static{% else %}dhcp{% endif %} 4 | 5 | {% include 'Debian_ipv4_config.j2' %} 6 | {% include 'Debian_resolvconf.j2' %} 7 | {% include 'route_Debian.j2' %} 8 | {% if item.hwaddress is defined %} 9 | hwaddress ether {{ item.hwaddress }} 10 | {% endif %} 11 | {% if item.options is defined %} 12 | {% for option in item.options %} 13 | {{ option }} 14 | {% endfor %} 15 | {% endif %} 16 | 17 | {% if item.ipv6_address is defined %} 18 | iface {{ item.device }} inet6 static 19 | {% include 'Debian_ipv6_config.j2' %} 20 | {% if item.ipv6_options is defined %} 21 | {% for option in item.ipv6_options %} 22 | {{ option }} 23 | {% endfor %} 24 | {% endif %} 25 | {% endif %} 26 | 27 | -------------------------------------------------------------------------------- /templates/ethernet_RedHat.j2: -------------------------------------------------------------------------------- 1 | #jinja2: lstrip_blocks: "True", trim_blocks: "True" 2 | {% if item.bootproto == 'static' %} 3 | DEVICE={{ item.device }} 4 | BOOTPROTO=static 5 | {% if item.address is defined %} 6 | IPADDR={{ item.address }} 7 | {% endif -%} 8 | 9 | {% if item.netmask is defined %} 10 | NETMASK={{ item.netmask }} 11 | {% endif -%} 12 | 13 | {% if item.gateway is defined %} 14 | GATEWAY={{ item.gateway }} 15 | {% endif -%} 16 | 17 | {% if item.vlan is defined and item.vlan | bool %} 18 | {% include "ethernet_RedHat_vlan_options.j2" %} 19 | {% endif -%} 20 | 21 | {% endif -%} 22 | 23 | {% if item.dns_nameservers is defined %} 24 | {% for dns_nameserver in item.dns_nameservers %} 25 | DNS{{ loop.index }}={{ dns_nameserver }} 26 | {% endfor %} 27 | {% endif -%} 28 | 29 | {% if item.hwaddress is defined%} 30 | HWADDR={{ item.hwaddress }} 31 | {% endif -%} 32 | 33 | {% if item.bootproto == 'dhcp' %} 34 | DEVICE={{ item.device }} 35 | BOOTPROTO=dhcp 36 | {% if item.vlan is defined and item.vlan | bool %} 37 | {% include "ethernet_RedHat_vlan_options.j2" %} 38 | {% endif %} 39 | {% endif -%} 40 | 41 | {% if item.nm_controlled is defined %} 42 | NM_CONTROLLED={{ item.nm_controlled }} 43 | {% endif -%} 44 | 45 | {% if item.ipv6_address is defined %} 46 | IPV6INIT="yes" 47 | IPV6_AUTOCONF="yes" 48 | IPV6_DEFROUTE="yes" 49 | IPV6_FAILURE_FATAL="no" 50 | IPV6_FORWARDING="yes" 51 | IPV6_PEERDNS="yes" 52 | IPV6_PEERROUTES="yes" 53 | IPV6_PRIVACY="no" 54 | IPV6ADDR={{ item.ipv6_address }} 55 | {% endif -%} 56 | 57 | {% if item.ipv6_gateway is defined %} 58 | IPV6_DEFAULTGW="{{ item.ipv6_gateway }}" 59 | {% endif -%} 60 | 61 | {% if item.onboot is defined %} 62 | ONBOOT={{ item.onboot | bool | ternary("yes", "no") }} 63 | {% endif -%} 64 | 65 | {% if item.defroute is defined %} 66 | DEFROUTE={{ item.defroute | bool | ternary("yes", "no") }} 67 | {% endif -%} 68 | 69 | {% if item.mtu is defined %} 70 | MTU={{ item.mtu }} 71 | {% endif -%} 72 | 73 | {% if item.firewalld_zone is defined %} 74 | ZONE={{ item.firewalld_zone }} 75 | {% endif %} 76 | -------------------------------------------------------------------------------- /templates/ethernet_RedHat_vlan_options.j2: -------------------------------------------------------------------------------- 1 | VLAN=yes 2 | TYPE=Vlan 3 | {% if item.vlan_physdev is defined %} 4 | PHYSDEV={{ item.vlan_physdev }} 5 | {% else %} 6 | PHYSDEV={{ item.device.rpartition('.')[0] }} 7 | {% endif -%} 8 | 9 | {% if item.vlan_id is defined %} 10 | VLAN_ID={{ item.vlan_id }} 11 | {% else %} 12 | VLAN_ID={{ item.device.rpartition('.')[2] }} 13 | {% endif -%} 14 | 15 | {% if item.reorder_hdr is defined %} 16 | REORDER_HDR={{ item.reorder_hdr }} 17 | {% endif %} 18 | -------------------------------------------------------------------------------- /templates/restartscript.j2: -------------------------------------------------------------------------------- 1 | # Shutdown current network configuration 2 | # Ethernet 3 | {% if ether_result is defined and 'results' in ether_result %}{% for item in ether_result.results %} 4 | ifdown {{ item.item.device }} 5 | {% endfor %}{% endif %} 6 | # Bonding 7 | {% if bond_port_result is defined and 'results' in bond_port_result %}{% for item in bond_port_result.results %} 8 | ifdown {{ item.item.1 }} 9 | {% endfor %}{% endif %} 10 | {% if bond_result is defined and 'results' in bond_result %}{% for item in bond_result.results %} 11 | ifdown {{ item.item.device }} 12 | {% endfor %}{% endif %} 13 | # Vlan 14 | {% if vlan_result is defined %}{% for item in vlan_result.results %} 15 | ifdown {{ item.item.device }} 16 | {% endfor %}{% endif %} 17 | # Bridge 18 | {% if bridge_port_result is defined and 'results' in bridge_port_result %}{% for item in bridge_port_result.results %} 19 | ifdown {{ item.item.1 }} 20 | {% endfor %}{% endif %} 21 | {% if bridge_result is defined and 'results' in bridge_result %}{% for item in bridge_result.results %} 22 | ifdown {{ item.item.device }} 23 | {% endfor %}{% endif %} 24 | 25 | # Short delay to prevent issues 26 | sleep 1 27 | 28 | # Start new network configuration 29 | # Ethernet 30 | {% if ether_result is defined and 'results' in ether_result %}{% for item in ether_result.results %} 31 | ifup {{ item.item.device }} 32 | {% endfor %}{% endif %} 33 | # Bonding 34 | {% if bond_port_result is defined and 'results' in bond_port_result %}{% for item in bond_port_result.results %} 35 | ifup {{ item.item.1 }} 36 | {% endfor %}{% endif %} 37 | {% if bond_result is defined and 'results' in bond_result %}{% for item in bond_result.results %} 38 | ifup {{ item.item.device }} 39 | {% endfor %}{% endif %} 40 | # Vlan 41 | {% if vlan_result is defined %}{% for item in vlan_result.results %} 42 | ifup {{ item.item.device }} 43 | {% endfor %}{% endif %} 44 | # Bridge 45 | {% if bridge_port_result is defined and 'results' in bridge_port_result %}{% for item in bridge_port_result.results %} 46 | ifup {{ item.item.1 }} 47 | {% endfor %}{% endif %} 48 | {% if bridge_result is defined and 'results' in bridge_result %}{% for item in bridge_result.results %} 49 | ifup {{ item.item.device }} 50 | {% endfor %}{% endif %} 51 | 52 | 53 | -------------------------------------------------------------------------------- /templates/route_Debian.j2: -------------------------------------------------------------------------------- 1 | {% if item.route is defined %} 2 | {% for i in item.route %} 3 | {% if i.cidr is defined %} 4 | up ip route add {{ i.cidr }} via {{ i.gateway }} dev {{ item.device }} 5 | {% else %} 6 | up route add -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} {{ item.device }} 7 | {% endif %} 8 | {% endfor %} 9 | {% endif %} 10 | -------------------------------------------------------------------------------- /templates/route_RedHat.j2: -------------------------------------------------------------------------------- 1 | #jinja2: lstrip_blocks: "True", trim_blocks: "True" 2 | {% for i in item.route %} 3 | ADDRESS{{ loop.index - 1 }}={{ i.network }} 4 | NETMASK{{ loop.index - 1 }}={{ i.netmask }} 5 | {% if i.gateway is defined %} 6 | GATEWAY{{ loop.index - 1 }}={{ i.gateway }} 7 | {% endif %} 8 | {% endfor %} 9 | -------------------------------------------------------------------------------- /tests/Dockerfile.centos-7: -------------------------------------------------------------------------------- 1 | FROM centos:7 2 | 3 | # Install systemd -- See https://hub.docker.com/_/centos/ 4 | RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs 5 | RUN yum -y update; yum clean all; \ 6 | (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ 7 | rm -f /lib/systemd/system/multi-user.target.wants/*; \ 8 | rm -f /etc/systemd/system/*.wants/*; \ 9 | rm -f /lib/systemd/system/local-fs.target.wants/*; \ 10 | rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ 11 | rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ 12 | rm -f /lib/systemd/system/basic.target.wants/*; \ 13 | rm -f /lib/systemd/system/anaconda.target.wants/*; 14 | 15 | # Install Ansible 16 | RUN yum -y install epel-release 17 | RUN yum -y install git ansible sudo 18 | RUN yum clean all 19 | 20 | # Disable requiretty 21 | RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers 22 | 23 | # Install Ansible inventory file 24 | RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts 25 | 26 | VOLUME ["/sys/fs/cgroup"] 27 | CMD ["/usr/sbin/init"] 28 | -------------------------------------------------------------------------------- /tests/Dockerfile.ubuntu-14.04: -------------------------------------------------------------------------------- 1 | FROM ubuntu:14.04 2 | RUN apt-get update 3 | 4 | # Install Ansible 5 | RUN apt-get install -y software-properties-common git 6 | RUN apt-add-repository -y ppa:ansible/ansible 7 | RUN apt-get update 8 | RUN apt-get install -y ansible 9 | 10 | # Install Ansible inventory file 11 | RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts 12 | -------------------------------------------------------------------------------- /tests/Dockerfile.ubuntu-16.04: -------------------------------------------------------------------------------- 1 | FROM ubuntu:16.04 2 | RUN apt-get update 3 | 4 | # Install Ansible 5 | RUN apt-get install -y software-properties-common git 6 | RUN apt-add-repository -y ppa:ansible/ansible 7 | RUN apt-get update 8 | RUN apt-get install -y ansible 9 | 10 | # Install Ansible inventory file 11 | RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts 12 | -------------------------------------------------------------------------------- /tests/test.yml: -------------------------------------------------------------------------------- 1 | - hosts: all 2 | 3 | pre_tasks: 4 | - name: Ensure build dependencies are installed (RedHat). 5 | yum: 6 | name: "{{ item }}" 7 | state: present 8 | loop: 9 | - "@Development tools" 10 | - tar 11 | - unzip 12 | - sudo 13 | - which 14 | when: ansible_os_family == 'RedHat' 15 | 16 | - name: Ensure build dependencies are installed (Debian). 17 | apt: 18 | name: "{{ item }}" 19 | state: present 20 | loop: 21 | - build-essential 22 | - unzip 23 | - tar 24 | - sudo 25 | - python-jmespath 26 | when: ansible_os_family == 'Debian' 27 | 28 | roles: 29 | - role_under_test 30 | -------------------------------------------------------------------------------- /vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | _network_pkgs: 3 | - python-selinux 4 | - bridge-utils 5 | - ifenslave 6 | - iproute2 7 | 8 | net_path: "/etc/network/interfaces.d" 9 | -------------------------------------------------------------------------------- /vars/RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | _network_pkgs: 3 | - libselinux-python 4 | - bridge-utils 5 | - iputils 6 | 7 | net_path: "/etc/sysconfig/network-scripts" 8 | -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | env: 3 | RUNLEVEL: 1 4 | 5 | _config_files: [] 6 | --------------------------------------------------------------------------------