{%- from "linux/map.jinja" import network with context %} {%- from "linux/map.jinja" import system with context %} {%- if network.enabled %} {%- set dpdk_enabled = network.get('dpdk', {}).get('enabled', False) %} {%- if dpdk_enabled %} include: - linux.network.dpdk {%- endif %} {%- macro set_param(param_name, param_dict) -%} {%- if param_dict.get(param_name, False) -%} - {{ param_name }}: {{ param_dict[param_name] }} {%- endif -%} {%- endmacro -%} {%- if network.bridge != 'none' %} linux_network_bridge_pkgs: pkg.installed: {%- if network.bridge == 'openvswitch' %} - pkgs: {{ network.ovs_pkgs | json }} {%- else %} - pkgs: {{ network.bridge_pkgs | json }} {%- endif %} {%- endif %} {%- for f in network.get('concat_iface_files', []) %} {%- if salt['file.file_exists'](f.src) %} append_{{ f.src }}_{{ f.dst }}: file.append: - name: {{ f.dst }} - source: {{ f.src }} remove_appended_{{ f.src }}: file.absent: - name: {{ f.src }} {%- endif %} {%- endfor %} {%- for f in network.get('remove_iface_files', []) %} remove_iface_file_{{ f }}: file.absent: - name: {{ f }} {%- endfor %} {%- if network.interface is defined %} remove_cloud_init_file: file.absent: - name: /etc/network/interfaces.d/50-cloud-init.cfg {%- endif %} {%- for interface_name, interface in network.interface.items() %} {%- set interface_name = interface.get('name', interface_name) %} {# add linux network interface into OVS dpdk bridge #} {%- if interface.type == 'dpdk_ovs_bridge' %} {%- for int_name, int in network.interface.items() %} {%- set int_name = int.get('name', int_name) %} {%- if int.ovs_bridge is defined and interface_name == int.ovs_bridge %} add_int_{{ int_name }}_to_ovs_dpdk_bridge_{{ interface_name }}: cmd.run: - unless: ovs-vsctl show | grep -w {{ int_name }} - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} add-port {{ interface_name }} {{ int_name }} {%- endif %} {%- endfor %} linux_interfaces_include_{{ interface_name }}: file.prepend: - name: /etc/network/interfaces - text: | source /etc/network/interfaces.d/* # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262 source /etc/network/interfaces.u/* {# create override for openvswitch dependency for dpdk br-prv #} /etc/systemd/system/ifup@{{ interface_name }}.service.d/override.conf: file.managed: - makedirs: true - require: - cmd: linux_network_dpdk_bridge_interface_{{ interface_name }} - contents: | [Unit] Requires=openvswitch-switch.service After=openvswitch-switch.service dpdk_ovs_bridge_{{ interface_name }}: file.managed: - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }} - makedirs: True - source: salt://linux/files/ovs_bridge - defaults: bridge: {{ interface|yaml }} bridge_name: {{ interface_name }} - template: jinja dpdk_ovs_bridge_up_{{ interface_name }}: cmd.run: - name: ifup {{ interface_name }} - require: - file: dpdk_ovs_bridge_{{ interface_name }} - file: linux_interfaces_final_include {%- endif %} {# it is not used for any interface with type preffix dpdk,eg. dpdk_ovs_port #} {%- if interface.get('managed', True) and not 'dpdk' in interface.type %} {%- if grains.os_family in ['RedHat', 'Debian'] %} {%- if interface.type == 'ovs_bridge' %} ovs_bridge_{{ interface_name }}_present: openvswitch_bridge.present: - name: {{ interface_name }} {# add linux network interface into OVS bridge #} {%- for int_name, int in network.interface.items() %} {%- set int_name = int.get('name', int_name) %} {%- if int.ovs_bridge is defined and interface_name == int.ovs_bridge %} add_int_{{ int_name }}_to_ovs_bridge_{{ interface_name }}: cmd.run: - unless: ovs-vsctl show | grep {{ int_name }} - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} add-port {{ interface_name }} {{ int_name }} {%- endif %} {%- endfor %} linux_interfaces_include_{{ interface_name }}: file.prepend: - name: /etc/network/interfaces - text: | source /etc/network/interfaces.d/* # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262 source /etc/network/interfaces.u/* ovs_bridge_{{ interface_name }}: file.managed: - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }} - makedirs: True - source: salt://linux/files/ovs_bridge - defaults: bridge: {{ interface|yaml }} bridge_name: {{ interface_name }} - template: jinja ovs_bridge_up_{{ interface_name }}: cmd.run: - name: ifup {{ interface_name }} - require: - file: ovs_bridge_{{ interface_name }} - file: linux_interfaces_final_include {%- elif interface.type == 'ovs_bond' %} ovs_bond_{{ interface_name }}: cmd.run: - name: ovs-vsctl add-bond {{ interface.bridge }} {{ interface_name }} {{ interface.slaves }} bond_mode={{ interface.mode }} - unless: ovs-vsctl show | grep -A 2 'Port.*{{ interface_name }}.' - require: - ovs_bridge_{{ interface.bridge }}_present {%- elif interface.type == 'ovs_port' %} {%- if interface.get('port_type','internal') == 'patch' %} ovs_port_{{ interface_name }}_present: openvswitch_port.present: - name: {{ interface_name }} - bridge: {{ interface.bridge }} - require: {%- if dpdk_enabled and network.interface.get(interface.bridge, {}).get('type', 'ovs_bridge') == 'dpdk_ovs_bridge' %} - cmd: linux_network_dpdk_bridge_interface_{{ interface.bridge }} {%- else %} - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}_present {%- endif %} ovs_port_set_type_{{ interface_name }}: cmd.run: - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} set interface {{ interface_name }} type=patch - unless: ovs-vsctl show | grep -A 1 'Interface {{ interface_name }}' | grep patch ovs_port_set_peer_{{ interface_name }}: cmd.run: - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} set interface {{ interface_name }} options:peer={{ interface.peer }} - unless: ovs-vsctl show | grep -A 2 'Interface {{ interface_name }}' | grep {{ interface.peer }} {% if interface.tag is defined %} ovs_port_set_tag_{{ interface_name }}: cmd.run: - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} set port {{ interface_name }} tag={{ interface.tag }} - unless: ovs-vsctl get Port {{ interface_name }} tag | grep -Fx {{ interface.tag }} {%- endif %} {%- else %} linux_interfaces_include_{{ interface_name }}: file.prepend: - name: /etc/network/interfaces - text: | source /etc/network/interfaces.d/* # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262 source /etc/network/interfaces.u/* ovs_port_{{ interface_name }}: file.managed: - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }} - makedirs: True - source: salt://linux/files/ovs_port - defaults: port: {{ interface|yaml }} port_name: {{ interface_name }} auto: "" iface_inet: "" - template: jinja ovs_port_up_{{ interface_name }}: cmd.run: - name: ifup {{ interface_name }} - require: - file: ovs_port_{{ interface_name }} - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}_present - file: linux_interfaces_final_include {%- endif %} {%- else %} linux_interface_{{ interface_name }}: network.managed: - enabled: {{ interface.enabled }} - name: {{ interface_name }} - type: {{ interface.type }} {%- if interface.address is defined %} {%- if grains.os_family == 'Debian' %} - proto: {{ interface.get('proto', 'static') }} {% endif %} {%- if grains.os_family == 'RedHat' %} {%- if interface.get('proto', 'none') == 'manual' %} - proto: 'none' {%- else %} - proto: {{ interface.get('proto', 'none') }} {%- endif %} {% endif %} - ipaddr: {{ interface.address }} - netmask: {{ interface.netmask }} {%- else %} - proto: {{ interface.get('proto', 'dhcp') }} {%- endif %} # IPv6 {%- if interface.enable_ipv6 is defined %} - enable_ipv6: {{ interface.enable_ipv6 }} {%- if interface.ipv6ipaddr is defined %} {%- if grains.os_family == 'Debian' %} - ipv6proto: {{ interface.get('ipv6proto', 'static') }} {%- endif %} - ipv6ipaddr: {{ interface.ipv6ipaddr }} - ipv6gateway: {{ interface.ipv6gateway }} - ipv6netmask: {{ interface.ipv6netmask }} {%- endif %} {%- endif %} {%- if interface.type == 'slave' %} - master: {{ interface.master }} {%- endif %} {%- if interface.name_servers is defined %} - dns: {{ interface.name_servers }} {%- endif %} {%- if interface.metric is defined and grains.os_family == 'Debian' %} - metric: {{ interface.metric }} {%- endif %} {%- if interface.wireless is defined and grains.os_family == 'Debian' %} {%- if interface.wireless.security == "wpa" %} - wpa-ssid: {{ interface.wireless.essid }} - wpa-psk: {{ interface.wireless.key }} {%- else %} - wireless-ssid: {{ interface.wireless.essid }} - wireless-psk: {{ interface.wireless.key }} {%- endif %} {%- endif %} {%- if pillar.linux.network.noifupdown is defined %} - noifupdown: {{ pillar.linux.network.noifupdown }} {%- endif %} {%- for param in network.interface_params %} {{ set_param(param, interface) }} {%- endfor %} {%- if interface.require_interfaces is defined %} - require: {%- for netif in interface.get('require_interfaces', []) %} - network: linux_interface_{{ netif }} {%- endfor %} {%- for network in interface.get('use_ovs_ports', []) %} - cmd: ovs_port_up_{{ network }} {%- endfor %} {%- endif %} {%- if interface.type == 'bridge' %} - bridge: {{ interface_name }} - delay: 0 - bypassfirewall: True - use: {%- for network in interface.use_interfaces %} - network: linux_interface_{{ network }} {%- endfor %} - ports: {% for network in interface.get('use_interfaces', []) %}{{ network }} {% endfor %}{% for network in interface.get('use_ovs_ports', []) %}{{ network }} {% endfor %} - require: {%- for network in interface.get('use_interfaces', []) %} - network: linux_interface_{{ network }} {%- endfor %} {%- for network in interface.get('use_ovs_ports', []) %} - cmd: ovs_port_up_{{ network }} {%- endfor %} {%- endif %} {%- if interface.type == 'bond' %} - slaves: {{ interface.slaves }} - mode: {{ interface.mode }} {%- endif %} {%- if salt['grains.get']('saltversion') < '2017.7' %} # TODO(ddmitriev): Remove this 'if .. endif' block completely when # switched to salt version 2017.7 that has the same functionality. {%- if interface.type == 'bond' and interface.enabled == True %} linux_bond_interface_{{ interface_name }}: cmd.run: - name: ifenslave {{ interface_name }} {{ interface.slaves }} - require: - network: linux_interface_{{ interface_name }} - onchanges: - network: linux_interface_{{ interface_name }} {%- for network in interface.slaves.split() %} - network: linux_interface_{{ network }} {%- endfor %} {%- endif %} {%- endif %} {%- for network in interface.get('use_ovs_ports', []) %} remove_interface_{{ network }}_line1: file.replace: - name: /etc/network/interfaces - pattern: auto {{ network }}$ - repl: "" remove_interface_{{ network }}_line2: file.replace: - name: /etc/network/interfaces - pattern: iface {{ network }} inet manual - repl: "" {%- endfor %} {%- if interface.gateway is defined and network.resolv is not defined %} linux_system_network: network.system: - enabled: {{ interface.enabled }} - hostname: {{ network.fqdn }} {%- if interface.gateway is defined %} - gateway: {{ interface.gateway }} - gatewaydev: {{ interface_name }} {%- endif %} - nozeroconf: True - nisdomain: {{ system.domain }} - require_reboot: True {%- endif %} {%- endif %} {%- endif %} {%- if interface.wireless is defined %} {%- if grains.os_family == 'Arch' %} linux_network_packages: pkg.installed: - pkgs: {{ network.pkgs | json }} /etc/netctl/network_{{ interface.wireless.essid }}: file.managed: - source: salt://linux/files/wireless - mode: 755 - template: jinja - require: - pkg: linux_network_packages - defaults: interface_name: {{ interface_name }} switch_profile_{{ interface.wireless.essid }}: cmd.run: - name: netctl switch-to network_{{ interface.wireless.essid }} - cwd: /root - unless: "iwconfig {{ interface_name }} | grep -e 'ESSID:\"{{ interface.wireless.essid }}\"'" - require: - file: /etc/netctl/network_{{ interface.wireless.essid }} enable_profile_{{ interface.wireless.essid }}: cmd.run: - name: netctl enable network_{{ interface.wireless.essid }} - cwd: /root - unless: test -e /etc/systemd/system/multi-user.target.wants/netctl@network_{{ interface.wireless.essid }}.service - require: - file: /etc/netctl/network_{{ interface.wireless.essid }} {%- endif %} {%- endif %} {%- endif %} {%- if interface.route is defined %} linux_network_{{ interface_name }}_routes: network.routes: - name: {{ interface_name }} - routes: {%- for route_name, route in interface.route.items() %} - name: {{ route_name }} ipaddr: {{ route.address }} netmask: {{ route.netmask }} {%- if route.gateway is defined %} gateway: {{ route.gateway }} {%- endif %} {%- endfor %} {%- if interface.noifupdown is defined %} - require_reboot: {{ interface.noifupdown }} {%- endif %} {%- endif %} {%- if interface.type in ('eth','ovs_port') %} {%- if interface.get('ipflush_onchange', False) %} linux_interface_ipflush_onchange_{{ interface_name }}: cmd.run: - name: "/sbin/ip address flush dev {{ interface_name }}" {%- if interface.type == 'eth' %} - onchanges: - network: linux_interface_{{ interface_name }} {%- elif interface.type == 'ovs_port' %} - onchanges: - file: ovs_port_{{ interface_name }} {%- endif %} {%- if interface.get('restart_on_ipflush', False) %} linux_interface_restart_on_ipflush_{{ interface_name }}: cmd.run: - name: "ifdown {{ interface_name }}; ifup {{ interface_name }};" - onchanges: - cmd: linux_interface_ipflush_onchange_{{ interface_name }} {%- endif %} {%- endif %} {%- endif %} {%- endfor %} {%- if network.bridge != 'none' %} linux_interfaces_final_include: file.prepend: - name: /etc/network/interfaces - text: | source /etc/network/interfaces.d/* # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262 source /etc/network/interfaces.u/* linux_interfaces_final_include_no_requisite: file.prepend: - name: /etc/network/interfaces - text: | source /etc/network/interfaces.d/* # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262 source /etc/network/interfaces.u/* {%- endif %} {%- endif %} {%- if network.network_manager.disable is defined and network.network_manager.disable == True %} NetworkManager: service.dead: - enable: false {%- endif %} {%- if network.tap_custom_txqueuelen is defined %} /etc/udev/rules.d/60-net-txqueue.rules: file.managed: - source: salt://linux/files/60-net-txqueue.rules - mode: 755 - template: jinja - defaults: tap_custom_txqueuelen: {{ network.tap_custom_txqueuelen }} udev_reload_rules: cmd.run: - name: "/bin/udevadm control --reload-rules" - onchanges: - file: /etc/udev/rules.d/60-net-txqueue.rules udev_retrigger: cmd.run: - name: "/bin/udevadm trigger --attr-match=subsystem=net" - onchanges: - udev_reload_rules {%- endif %}