Browse Source

Merge "Document primary interfaces and add mv addresses"

Zuul 8 months ago
parent
commit
5c902eed9a
2 changed files with 49 additions and 10 deletions
  1. 44
    0
      defaults/main.yml
  2. 5
    10
      tasks/nspawn_networking.yml

+ 44
- 0
defaults/main.yml View File

@@ -34,6 +34,50 @@ nspawn_networks:
34 34
     # Optional | Set the macvlan mode
35 35
     macvlan_mode: bridge
36 36
 
37
+# Primary interface used for host to container communications. In the event that
38
+# the underlying system is running a condensed network stack a route will be
39
+# created for all networks that have a defined `cidr` using the primary
40
+# interface. In the event that an address is defined for a given network Ansible
41
+# facts will be used to determine if an address needs to be assigned to the
42
+# macvlan interface.
43
+#
44
+# + simple example:
45
+#   management_cidr: "172.29.236.0/24"
46
+#   container_networks:
47
+#     management_address:
48
+#       bridge: eth0
49
+#
50
+# In this example the `managemen_cidr` corresponds to the `management_address`
51
+# network and because there's no IP address within the address block a route is
52
+# used allowing the host to communicate with the containers. For the route to be
53
+# added using any network, the network must have a corresponding CIDR with no
54
+# defined address.
55
+#
56
+# Multiple macvlans can be spawned from a single host interface.
57
+# + simple example:
58
+#   management_cidr: "172.29.236.0/24"
59
+#   storage_cidr: "10.0.0.0/24"
60
+#   container_networks:
61
+#     management_address:
62
+#       bridge: eth0
63
+#     storage_address:
64
+#       bridge: eth0
65
+#       address: 10.0.0.100
66
+#       netmask: 255.255.255.0
67
+#     tunnel_address:
68
+#       bridge: eth0.10
69
+#
70
+# In this example management storage and tunnel networks will be created and
71
+# attached to the containers.
72
+#  + The management network will have a route created for its corresponding CIDR
73
+#  + The storage network will have the defined address added to the macvlan
74
+#    interface with `scope` set to `host`, assuming the address is not already
75
+#    assigned to the underlying interface, "eth0".
76
+#  + The tunnel network will be attached to the container and isolated from the
77
+#    host with no access to without first attaching to the container.
78
+#
79
+nspawn_primary_interface: "{{ nspawn_networks['nspawn_address']['bridge'] }}"
80
+
37 81
 # Used to define the default macvlan mode when not specifically defined within
38 82
 # container_networks or nspawn_networks. See all available options here:
39 83
 # https://www.freedesktop.org/software/systemd/man/systemd.netdev.html#%5BMACVLAN%5D%20Section%20Options

+ 5
- 10
tasks/nspawn_networking.yml View File

@@ -95,16 +95,11 @@
95 95
           {%-     else %}
96 96
           {%-       set _ = start_commands.append('-/sbin/ip link add ' + mv_interface + ' link ' + value.bridge + ' mtu ' ~ (interface_data["mtu"] | default(1500)) ~ ' type macvlan mode ' + value.macvlan_mode | default(nspawn_macvlan_mode)) %}
97 97
           {%-       set _ = start_commands.append('-/sbin/ip link set dev ' + mv_interface + ' up') %}
98
-          {%        if not (value.enable_dhcp | default(false)) | bool %}
99
-          {%          if hostvars[inventory_hostname][key.split('_')[0] + '_cidr'] is defined %}
100
-          {%            set net_cidr = hostvars[inventory_hostname]['container_cidr'] %}
101
-          {%-           set _ = start_commands.append('-/sbin/ip route add local ' + net_cidr + ' dev ' + mv_interface + ' metric 100 proto kernel scope host table local') %}
102
-          {%          elif (value.address is defined) and (value.netmask is defined) %}
103
-          {%            set prefix = (value.address ~ '/' ~ value.netmask) | ipaddr('prefix') %}
104
-          {%            set _network = (value.address ~ '/' ~ prefix) | ipaddr('network') %}
105
-          {%            set _net_addr_network = (_network ~ '/' ~ prefix) %}
106
-          {%-           set _ = start_commands.append('-/sbin/ip route add local ' + _net_addr_network + ' dev ' + mv_interface + ' metric 100 proto kernel scope host table local') %}
107
-          {%-         endif %}
98
+          {%        if hostvars[inventory_hostname][key.split('_')[0] + '_cidr'] is defined and (value.address is undefined) %}
99
+          {%          set net_cidr = hostvars[inventory_hostname][key.split('_')[0] + '_cidr'] %}
100
+          {%          set _ = start_commands.append('-/sbin/ip route add ' + net_cidr + ' dev ' + nspawn_primary_interface + ' metric 100 proto kernel scope link table local') %}
101
+          {%        elif (value.address is defined) and ((interface_data['ipv4'] | default({'address': none}))['address'] != value.address) %}
102
+          {%          set _ = start_commands.append('-/sbin/ip address add ' + value.address + '/' + (value.netmask | default('32')) + ' dev ' + mv_interface + ' scope host') %}
108 103
           {%-       endif %}
109 104
           {%-     endif %}
110 105
           {%-   endif %}

Loading…
Cancel
Save