add network ops

Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-02-16 21:25:39 -06:00 · 2018-02-16 21:25:39 -06:00 · 2758cbfc6a
parent 4e28ef6127
commit 2758cbfc6a
5 changed files with 33 additions and 11 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -14,8 +14,12 @@
 # limitations under the License.
 nspawn_networks:
  nspawn_address:
-    # The name of the interface, by default this is the interface with the default route
-    bridge: "{{ ansible_default_ipv4.interface }}"
+    # The name of the interface, by default this is a dummy device on a private
+    # network however it could be a bridge or any other interface.
+    bridge: "nspawn0"
+    # Optional | Set bool to enable a private device. This will create a bridge
+    #            not connecting to the underlying L2.
+    private_device: true
    # Optional | Enable or disable dhcp on this network
    enable_dhcp: true
    # Optional | When dhcp is enabled set the IP address range
@ -24,8 +28,11 @@ nspawn_networks:
    address: 10.0.4.1
    # Optional | Set the netmask for the macvlan network
    netmask: 255.255.255.0
+    # Optional | Set the macvlan mode
+    macvlan_mode: bridge

-# See all available options here:
+# Used to define the default macvlan mode when not specifically defined within
+# container_networks or nspawn_networks. See all available options here:
 # https://www.freedesktop.org/software/systemd/man/systemd.netdev.html#%5BMACVLAN%5D%20Section%20Options
 nspawn_macvlan_mode: bridge

--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -52,14 +52,14 @@
 - name: Enable macvlan service
  systemd:
    name: "nspawn-macvlan.service"
-    state: "started"
+    state: "restarted"
    enabled: true
    daemon_reload: true

 - name: Enable network dnsmasq service
  systemd:
    name: "dnsmasq-{{ 'mv-' + item.value.bridge.split('br-')[-1] }}.service"
-    state: "started"
+    state: "restarted"
    enabled: true
    daemon_reload: true
  when:
@ -74,8 +74,7 @@

 - name: Create tmpfiles structure in journald
  command: "systemd-tmpfiles --create --prefix /var/log/journal"
-  tags:
-    - skip_ansible_lint
+  changed_when: false

 - name: Restart systemd-journald
  service:
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -86,6 +86,18 @@
  notify:
    - Create tmpfiles structure in journald

+- name: Create journald directories
+  file:
+    path: "{{ item }}"
+    state: directory
+    owner: root
+    group: systemd-journal
+    mode: "2755"
+  with_items:
+    - /var/log/journal
+  notify:
+    - Create tmpfiles structure in journald
+
 - name: Create journald tempfiles
  template:
    src: "systemd-journald-tmpfiles.j2"
--- a/templates/dnsmasq-config.conf.j2
+++ b/templates/dnsmasq-config.conf.j2
@ -2,7 +2,7 @@

 user=systemd-network
 listen-address={{ item.value.address }}
-dhcp-range={{ item.value.dhcp_range }}
+dhcp-range={{ item.key }},{{ item.value.dhcp_range }},24h
 dhcp-lease-max=128
 except-interface=lo
 interface={{ 'mv-' + item.value.bridge.split('br-')[-1] }}
--- a/templates/nspawn-macvlan-systemd-init.j2
+++ b/templates/nspawn-macvlan-systemd-init.j2
@ -15,8 +15,12 @@ RemainAfterExit=yes
 {%   set interface = value.bridge.split('br-')[-1] %}
 {%   set mv_interface = 'mv-' + interface %}
 {%   if value.bridge not in seen_start_interfaces %}
+{%     if value.private_device | default(false) | bool %}
+ExecStart=-/sbin/ip link add dev "{{ value.bridge }}" type dummy
+ExecStart=-/sbin/ip link set dev "{{ value.bridge }}" up
+{%     endif %}
 {%     set interface_from_ansible = 'ansible_' + value.bridge | replace('-', '_') %}
-{%     set interface_data = hostvars[inventory_hostname][interface_from_ansible] %}
+{%     set interface_data = hostvars[inventory_hostname][interface_from_ansible] | default({'type': none}) %}
 {%     if interface_data['type'] == 'bridge' %}
 ExecStart=-/sbin/ip link add dev "veth-{{ interface }}1" type veth peer name "veth-{{ interface }}2"
 ExecStart=-/sbin/ip link set dev "veth-{{ interface }}1" up
@ -24,9 +28,9 @@ ExecStart=-/sbin/ip link set dev "veth-{{ interface }}1" mtu {{ interface_data['
 ExecStart=-/sbin/ip link set dev "veth-{{ interface }}2" up
 ExecStart=-/sbin/ip link set dev "veth-{{ interface }}2" mtu {{ interface_data['mtu'] | default(1500) }}
 ExecStart=-/sbin/ip link set "veth-{{ interface }}1" master "{{ value.bridge }}"
-ExecStart=-/sbin/ip link add "{{ mv_interface }}" link "veth-{{ interface }}2" type macvlan mode {{ nspawn_macvlan_mode }}
+ExecStart=-/sbin/ip link add "{{ mv_interface }}" link "veth-{{ interface }}2" type macvlan mode {{ value.macvlan_mode | default(nspawn_macvlan_mode) }}
 {%     else %}
-ExecStart=-/sbin/ip link add "{{ mv_interface }}" link "{{ value.bridge }}" type macvlan mode {{ nspawn_macvlan_mode }}
+ExecStart=-/sbin/ip link add "{{ mv_interface }}" link "{{ value.bridge }}" type macvlan mode {{ value.macvlan_mode | default(nspawn_macvlan_mode) }}
 {%     endif %}
 {%     set _ = seen_start_interfaces.append(value.bridge) %}
 {%   endif %}