openstack/openstack-ansible-lxc_hosts
Code Issues Proposed changes
openstack-ansible-lxc_hosts/tasks/lxc_net.yml
Markos Chandras 583337b69b Fix container bridge networking on SUSE 
The GATEWAY attribute does not exist on SUSE so we need to add the
default gateway to an ifroute file. Moreover, we drop the DEVICE
attribute which also doesn't exist on SUSE ifcfg files and we add
STARTMODE='auto' to instruct wicked to automatically configure the
interface on every boot. Finally we switch STP to 'off' since there
is only a single bridge accessible from containers.

Change-Id: I9c09e2882614f89cb944a623e7b97298d4bec541
2017-05-08 11:24:12 +01:00

129 lines
3.2 KiB
YAML
Raw Blame History

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Drop lxc net bridge
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "root"
group: "root"
mode: "0644"
with_items: "{{ lxc_cached_network_interfaces }}"
notify:
- Bring bridge up
tags:
- lxc-files
- lxc-net
- lxc-bridge
- lxc-interfaces
- name: Drop lxc net bridge routes (SUSE)
template:
src: "lxc-net-suse-routes.cfg.j2"
dest: "/etc/sysconfig/network/ifroute-{{ lxc_net_bridge }}"
owner: "root"
group: "root"
mode: "0644"
when:
- lxc_net_gateway is not none
- ansible_pkg_mgr == "zypper"
notify:
- Bring bridge up
tags:
- lxc-files
- lxc-net
- lxc-bridge
- lxc-interfaces
# All Debian installations of LXC use the lxc-net service. This service breaks our network
# model and needs to be disabled
- name: Disable and stop lxc-net
service:
name: lxc-net
enabled: no
state: stopped
when:
- ansible_os_family == "Debian"
tags:
- lxc-net
- name: Mask lxc-net systemd service
file:
src: /dev/null
path: /etc/systemd/system/lxc-net.service
state: link
when:
- ansible_service_mgr == 'systemd'
- ansible_os_family == "Debian"
tags:
- lxc-files
- lxc-net
# CentOS systems need the lxc-net service for LXC containers to boot with a
# network interface.
- name: Enable the lxc-net service upon reboot (CentOS)
service:
name: lxc-net
enabled: yes
when:
- ansible_os_family == 'RedHat'
tags:
- lxc-net
# All Debian based systems use the interfaces.d directory for extra network configs
# this check ensures the needed source line is in the base config file
- name: Ensure networking includes interfaces.d
lineinfile:
dest: "/etc/network/interfaces"
line: "source /etc/network/interfaces.d/*.cfg"
backup: "yes"
when:
- ansible_os_family == "Debian"
tags:
- lxc-net
- lxc-interfaces
- name: Drop lxc net bridge - Debian
template:
src: "lxc-net-bridge.cfg.j2"
dest: "/etc/network/interfaces.d/lxc-net-bridge.cfg"
owner: "root"
group: "root"
mode: "0644"
when:
- ansible_os_family == "Debian"
notify:
- Restart bridge
tags:
- lxc-files
- lxc-net
- lxc-bridge
# Check that the container bridge exists, if not bring it up
- name: Check Container Bridge exists
file:
state: "file"
path: "/sys/class/net/{{ lxc_net_bridge }}/bridge/bridge_id"
register: bridge_check
failed_when: false
changed_when: bridge_check.state == 'absent'
notify:
- Bring bridge up
tags:
- lxc-bridge
# Ensure lxc networks are running as they're supposed to
- meta: flush_handlers
View Git Blame Copy Permalink