Compare commits

...

4 commits

8 changed files with 107 additions and 2 deletions

View file

@ -11,6 +11,7 @@
# TODO: netbox
ifupdown2__hosts:
ntp-1.int.infra.auro.re:
lo: auto
ens18:
gateways:
- 2a09:6840:128::254
@ -19,6 +20,7 @@
- 2a09:6840:128::203/56
- 10.128.0.203/16
dns-1.int.infra.auro.re:
lo: auto
ens18:
gateways:
- 2a09:6840:128::254
@ -27,6 +29,7 @@
- 2a09:6840:128::127/56
- 10.128.0.127/16
dhcp-1.isp.auro.re:
lo: auto
ens18:
gateways:
- 2a09:6840:128::254
@ -67,6 +70,7 @@
vlan_id: 1004
vlan_raw_device: clients
dhcp-2.isp.auro.re:
lo: auto
ens18:
gateways:
- 2a09:6840:128::254
@ -107,6 +111,7 @@
vlan_id: 1004
vlan_raw_device: clients
isp-1.rtr.infra.auro.re:
lo: auto
ens18:
gateways:
- 2a09:6840:128::254
@ -115,10 +120,25 @@
- 2a09:6840:128::255/56
- 10.128.0.255/16
ens19: null
ens20:
addresses:
- 2a09:6840:136:0:1::/56
- 10.136.0.1/16
vxlan:
mtu: 1450
vxlan_learning: true
vxlan_physdev: ens20
vxlan_port: 4789
#vxlan_mcastgrp: ff02::15c
bridge_vlan_vni_map: 1000-1004=1000-1004
bridge_vids:
- 1000-1004
bridge_learning: false
clients:
bridge_vlan_aware: true
bridge_ports:
- ens19
- vxlan
bridge_vids:
- 1000-1004
bridge_disable_pvid: true
@ -150,6 +170,7 @@
vlan_raw_device: clients
ipv6_addrgen: false
isp-2.rtr.infra.auro.re:
lo: auto
ens18:
gateways:
- 2a09:6840:128::254
@ -158,12 +179,30 @@
- 2a09:6840:128::158/56
- 10.128.0.158/16
ens19: null
ens20:
addresses:
- 2a09:6840:136:0:2::/56
- 10.136.0.2/16
vxlan:
mtu: 1450
vxlan_learning: true
vxlan_physdev: ens20
vxlan_port: 4789
#vxlan_mcastgrp: ff02::15c
bridge_vlan_vni_map: 1000-1004=1000-1004
bridge_vids:
- 1000-1004
bridge_learning: false
clients:
bridge_vlan_aware: true
bridge_ports:
- ens19
- vxlan
bridge_vids:
- 1000-1004
bridge_disable_pvid: true
forward: true
ipv6_addrgen: false
client-0:
forward: true
vlan_id: 1000
@ -189,7 +228,11 @@
vlan_id: 1004
vlan_raw_device: clients
ipv6_addrgen: false
ifupdown2__need_upstream_version_hosts:
- isp-1.rtr.infra.auro.re
- isp-2.rtr.infra.auro.re
ifupdown2__interfaces: "{{ ifupdown2__hosts[inventory_hostname] }}"
ifupdown2__need_upstream_version: "{{ inventory_hostname in ifupdown2__need_upstream_version_hosts }}"
roles:
- ifupdown2

View file

@ -0,0 +1,7 @@
---
- hosts: camelot.adm.auro.re
roles:
- sssd
vars:
xxx
...

16
playbooks/radvd.yml Executable file
View file

@ -0,0 +1,16 @@
#!/usr/bin/env ansible-playbook
---
- hosts:
- dhcp-1.isp.auro.re
- dhcp-2.isp.auro.re
vars:
radvd__interfaces:
ens19:
routes:
- network: 2a09:6841:1::/56
ens20:
routes:
- network: 2a09:6841:2::/56
roles:
- radvd
...

View file

@ -1,3 +1,4 @@
---
ifupdown2__interfaces: {}
ifupdown2__need_upstream_version: False
...

Binary file not shown.

View file

@ -5,5 +5,5 @@
state: restarted
- name: Bring all interfaces up
shell: /usr/sbin/ifup -a
command: /usr/sbin/ifup -a
...

View file

@ -13,9 +13,24 @@
masked: true
when: must_mask
- name: Install ifupdown2
- name: Install ifupdown2 (debian version)
apt:
name: ifupdown2
when: "not ifupdown2__need_upstream_version"
# FIXME: ifupdown2 3.1.0-1 is not yet available, but is needed for its
# better VxLAN support
# See https://github.com/CumulusNetworks/ifupdown2/issues/211
- name: Install upstream version of ifupdown2
block:
- name: Upload .deb file
copy:
src: ifupdown2_3.1.0-1_all.deb
dest: /tmp/ifupdown2_3.1.0-1_all.deb
- name: Install .deb file
apt:
deb: /tmp/ifupdown2_3.1.0-1_all.deb
when: "ifupdown2__need_upstream_version"
- name: Unmask networking now that ifupdown2 is installed
systemd:

View file

@ -37,5 +37,28 @@ iface {{ name }}
ipv6-addrgen {{ iface.ipv6_addrgen
| ternary("yes", "no") }}
{% endif %}
{% if iface.mtu is defined %}
mtu {{ iface.mtu | int }}
{% endif %}
{% if iface.vxlan_learning is defined %}
vxlan-learning {{ iface.vxlan_learning
| ternary("yes", "no") }}
{% endif %}
{% if iface.vxlan_physdev is defined %}
vxlan-physdev {{ iface.vxlan_physdev }}
{% endif %}
{% if iface.vxlan_port is defined %}
vxlan-port {{ iface.vxlan_port | int }}
{% endif %}
{% if iface.vxlan_mcastgrp is defined %}
vxlan-mcastgrp {{ iface.vxlan_mcastgrp }}
{% endif %}
{% if iface.bridge_vlan_vni_map is defined %}
bridge-vlan-vni-map {{ iface.bridge_vlan_vni_map }}
{% endif %}
{% if iface.bridge_learning is defined %}
bridge-learning {{ iface.bridge_learning
| ternary("yes", "no") }}
{% endif %}
{% endfor %}