113 lines
3.6 KiB
YAML
113 lines
3.6 KiB
YAML
- name: Include OS-specific variables
|
|
include_vars: "{{ item }}"
|
|
with_first_found:
|
|
- "{{ ansible_distribution }}.yaml"
|
|
- "{{ ansible_os_family }}.yaml"
|
|
- "default.yaml"
|
|
|
|
# openvswitch for CentOS is available from the RDO repositories.
|
|
# We're setting it up manually to prevent centos-release-openstack or rdo-release
|
|
# from installing repositories we don't need.
|
|
- when:
|
|
- ansible_os_family == "RedHat"
|
|
- ansible_distribution != "Fedora"
|
|
become: yes
|
|
block:
|
|
- name: Set up RDO GPG key
|
|
copy:
|
|
src: RPM-GPG-KEY-CentOS-SIG-Cloud
|
|
dest: /tmp/RPM-GPG-KEY-CentOS-SIG-Cloud
|
|
|
|
- name: Set up RDO repository
|
|
template:
|
|
src: zuul-multi-node-bridge-ovs.repo.j2
|
|
dest: /etc/yum.repos.d/zuul-multi-node-bridge-ovs.repo
|
|
|
|
- name: Set package.use values for OVS on Gentoo
|
|
become: yes
|
|
lineinfile:
|
|
path: /etc/portage/package.use/ovs
|
|
line: "{{ item.line }}"
|
|
create: yes
|
|
with_items:
|
|
- { line: 'dev-python/twisted conch # for openvswitch' }
|
|
- { line: 'net-misc/openvswitch -modules # ovs/gre are staticly built' }
|
|
when:
|
|
- ansible_distribution == 'Gentoo'
|
|
|
|
- name: Install openvswitch
|
|
become: yes
|
|
package:
|
|
name: "{{ ovs_package }}"
|
|
state: installed
|
|
|
|
- name: Ensure openvswitch is started
|
|
become: yes
|
|
service:
|
|
name: "{{ ovs_service }}"
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: Remove RDO repository files
|
|
become: yes
|
|
file:
|
|
path: "{{ item }}"
|
|
state: absent
|
|
with_items:
|
|
- /tmp/RPM-GPG-KEY-CentOS-SIG-Cloud
|
|
- /etc/yum.repos.d/zuul-multi-node-bridge-ovs.repo
|
|
when:
|
|
- ansible_os_family == "RedHat"
|
|
- ansible_distribution != "Fedora"
|
|
|
|
- name: Authorize the multi-node-bridge network
|
|
become: yes
|
|
iptables:
|
|
state: present
|
|
action: insert
|
|
chain: INPUT
|
|
ip_version: ipv4
|
|
source: "{{ bridge_address_prefix }}.0/{{ bridge_address_subnet }}"
|
|
destination: "{{ bridge_address_prefix }}.0/{{ bridge_address_subnet }}"
|
|
jump: ACCEPT
|
|
when:
|
|
- bridge_configure_address | bool
|
|
- bridge_authorize_internal_traffic | bool
|
|
|
|
- when: bridge_mtu is not defined
|
|
block:
|
|
- name: Determine bridge mtu
|
|
shell: |
|
|
# Find all interfaces with a permanent mac address type.
|
|
# Permanent mac addrs imply "real" hardware and not interfaces we have
|
|
# created through this system. This makes our MTU determination mostly
|
|
# idempotent allowing us to create multiple overlays without
|
|
# perpetually smaller MTUs.
|
|
# find is used instead of ls as we can select the 'link' type with find
|
|
# only the link type is needed because files do not have interface
|
|
# properties and directories are not used for this area of /sys
|
|
SMALLEST_MTU=""
|
|
for X in $(find /sys/class/net/ -maxdepth 1 -type l -exec basename {} ';') ; do
|
|
MAC_TYPE=$(cat "/sys/class/net/${X}/addr_assign_type")
|
|
if [ "$MAC_TYPE" -ne "0" ] ; then
|
|
# Type 0 is a permanent address implying a "real"
|
|
# interface. We ignore other interfaces as that is what we
|
|
# create here
|
|
continue
|
|
fi
|
|
MTU=$(cat "/sys/class/net/${X}/mtu")
|
|
if [ -z "$SMALLEST_MTU" ] || [ "$SMALLEST_MTU" -gt "$MTU" ] ; then
|
|
SMALLEST_MTU=$MTU
|
|
fi
|
|
done
|
|
# 50 byte overhead for vxlan
|
|
echo $(( SMALLEST_MTU - 50 ))
|
|
args:
|
|
executable: /bin/bash
|
|
environment:
|
|
PATH: '{{ ansible_env.PATH }}:/bin:/sbin:/usr/sbin'
|
|
register: mtu_output
|
|
- name: Set bridge_mtu
|
|
set_fact:
|
|
bridge_mtu: "{{ mtu_output.stdout }}"
|