openstack
/
tripleo-ansible
Code Issues Proposed changes
tripleo-ansible/tripleo_ansible/roles/tripleo_unbound/tasks/collocated_bind.yml

92 lines
3.8 KiB
YAML
Raw Blame History

---
# Copyright 2021 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Find the interface for the public API network
tripleo_findif_for_ip:
ip_address: "{{ lookup('vars', tripleo_unbound_bind_network + '_ip') }}"
register:
_public_api_interface
# Using ifup-local to ensure the IP address is always set follows a pattern used
# for resetting VF counts used in the SR-IOV support. The file shouldn't be
# wiped clean because it may be being used for other things (e.g. SR-IOV)
- name: create ifup-local if it doesn't exist
become: true
lineinfile:
create: true
path: "/sbin/ifup-local"
state: present
line: "#!/bin/bash"
insertbefore: BOF
mode: 0755
# The following two blocks set the IP on the interface and add a line to
# ifup-local to make sure the IP persists through reboots or ifup/ifdown
# cycles. The comment at the end of the line in ifup-local serves as an anchor
# to the regexp parameter to lineinfile. These will have to be modified when
# moving to NetworkManager only environments.
- name: If specified, have Unbound listen on a different IP (version 4)
when:
- tripleo_unbound_listen_interfaces[0]|ipv4
- (_public_api_interface.interface is defined) and (_public_api_interface.interface|length > 0)
become: true
block:
- name: Check if the address is already on the device.
shell: "ip -o addr show dev {{ _public_api_interface.interface }} | grep {{ tripleo_unbound_listen_interfaces[0] }}"
failed_when: false
register:
_current_addr_search
- name: Set the unbound additional IPv4 address on the required device.
command: "ip addr add {{ tripleo_unbound_listen_interfaces[0] }}/32 dev {{ _public_api_interface.interface }}"
when:
_current_addr_search.rc == 1
- name: Add line to ifup-local to make sure unbound's listen IPv4 address is set on restart
become: true
lineinfile:
path: "/sbin/ifup-local"
line: '[ "{{ _public_api_interface.interface }}" == "$1" ] && ip addr add {{ tripleo_unbound_listen_interfaces[0] }}/32 dev {{ _public_api_interface.interface }} # collocated_unbound_bind'
regexp: 'collocated_unbound_bind'
state: present
- name: If specified, have Unbound listen on a different IP (version 6)
when:
- tripleo_unbound_listen_interfaces[0]|ipv6
- (_public_api_interface.interface is defined) and (_public_api_interface.interface|length > 0)
become: true
block:
- name: Check if the address is already on the device.
shell: "ip -o addr show dev {{ _public_api_interface.interface }} | grep {{ tripleo_unbound_listen_interfaces[0] }}"
failed_when: false
register:
_current_addr_search
- name: Set the unbound additional IPv6 address on the required device.
command: "ip addr add {{ tripleo_unbound_listen_interfaces[0] }}/128 dev {{ _public_api_interface.interface }}"
when:
_current_addr_search.rc == 1
- name: Add line to ifup-local to make sure unbound's listen IPv6 address is set on restart
become: true
lineinfile:
path: "/sbin/ifup-local"
line: '[ "{{ _public_api_interface.interface }}" == "$1" ] && ip addr add {{ tripleo_unbound_listen_interfaces[0] }}/128 dev {{ _public_api_interface.interface }} # collocated_unbound_bind'
regexp: 'collocated_unbound_bind'
state: present
View Git Blame Copy Permalink