Saltstack Official Linux Formula

344 行
9.0KB

  1. {%- from "linux/map.jinja" import network with context %}
  2. {%- from "linux/map.jinja" import system with context %}
  3. {%- if network.enabled %}
  4. {%- macro set_param(param_name, param_dict) -%}
  5. {%- if param_dict.get(param_name, False) -%}
  6. - {{ param_name }}: {{ param_dict[param_name] }}
  7. {%- endif -%}
  8. {%- endmacro -%}
  9. {%- if network.bridge != 'none' %}
  10. linux_network_bridge_pkgs:
  11. pkg.installed:
  12. {%- if network.bridge == 'openvswitch' %}
  13. - pkgs: {{ network.ovs_pkgs }}
  14. {%- else %}
  15. - pkgs: {{ network.bridge_pkgs }}
  16. {%- endif %}
  17. {%- endif %}
  18. {%- for f in network.get('concat_iface_files', []) %}
  19. {%- if salt['file.file_exists'](f.src) %}
  20. append_{{ f.src }}_{{ f.dst }}:
  21. file.append:
  22. - name: {{ f.dst }}
  23. - source: {{ f.src }}
  24. remove_appended_{{ f.src }}:
  25. file.absent:
  26. - name: {{ f.src }}
  27. {%- endif %}
  28. {%- endfor %}
  29. {%- for f in network.get('remove_iface_files', []) %}
  30. remove_iface_file_{{ f }}:
  31. file.absent:
  32. - name: {{ f }}
  33. {%- endfor %}
  34. {%- for interface_name, interface in network.interface.iteritems() %}
  35. {%- set interface_name = interface.get('name', interface_name) %}
  36. {# it is not used for any interface with type preffix dpdk,eg. dpdk_ovs_port #}
  37. {%- if interface.get('managed', True) and not 'dpdk' in interface.type %}
  38. {%- if grains.os_family in ['RedHat', 'Debian'] %}
  39. {%- if interface.type == 'ovs_bridge' %}
  40. ovs_bridge_{{ interface_name }}:
  41. openvswitch_bridge.present:
  42. - name: {{ interface_name }}
  43. {# add linux network interface into OVS bridge #}
  44. {%- for int_name, int in network.interface.iteritems() %}
  45. {%- set int_name = int.get('name', int_name) %}
  46. {%- if int.ovs_bridge is defined and interface_name == int.ovs_bridge %}
  47. add_int_{{ int_name }}_to_ovs_bridge_{{ interface_name }}:
  48. cmd.run:
  49. - unless: ovs-vsctl show | grep {{ int_name }}
  50. - name: ovs-vsctl add-port {{ interface_name }} {{ int_name }}
  51. {%- endif %}
  52. {%- endfor %}
  53. {%- elif interface.type == 'ovs_port' %}
  54. {%- if interface.get('port_type','internal') == 'patch' %}
  55. ovs_port_{{ interface_name }}:
  56. openvswitch_port.present:
  57. - name: {{ interface_name }}
  58. - bridge: {{ interface.bridge }}
  59. - require:
  60. - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}
  61. ovs_port_set_type_{{ interface_name }}:
  62. cmd.run:
  63. - name: ovs-vsctl set interface {{ interface_name }} type=patch
  64. - unless: ovs-vsctl show | grep -A 1 'Interface {{ interface_name }}' | grep patch
  65. ovs_port_set_peer_{{ interface_name }}:
  66. cmd.run:
  67. - name: ovs-vsctl set interface {{ interface_name }} options:peer={{ interface.peer }}
  68. - unless: ovs-vsctl show | grep -A 2 'Interface {{ interface_name }}' | grep {{ interface.peer }}
  69. {%- else %}
  70. linux_interfaces_include_{{ interface_name }}:
  71. file.prepend:
  72. - name: /etc/network/interfaces
  73. - text: |
  74. source /etc/network/interfaces.d/*
  75. # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262
  76. source /etc/network/interfaces.u/*
  77. ovs_port_{{ interface_name }}:
  78. file.managed:
  79. - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }}
  80. - makedirs: True
  81. - source: salt://linux/files/ovs_port
  82. - defaults:
  83. port: {{ interface|yaml }}
  84. port_name: {{ interface_name }}
  85. - template: jinja
  86. ovs_port_{{ interface_name }}_line1:
  87. file.replace:
  88. - name: /etc/network/interfaces
  89. - pattern: auto {{ interface_name }}
  90. - repl: ""
  91. ovs_port_{{ interface_name }}_line2:
  92. file.replace:
  93. - name: /etc/network/interfaces
  94. - pattern: 'iface {{ interface_name }} inet .*'
  95. - repl: ""
  96. ovs_port_up_{{ interface_name }}:
  97. cmd.run:
  98. - name: ifup {{ interface_name }}
  99. - require:
  100. - file: ovs_port_{{ interface_name }}
  101. - file: ovs_port_{{ interface_name }}_line1
  102. - file: ovs_port_{{ interface_name }}_line2
  103. - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}
  104. - file: linux_interfaces_final_include
  105. {%- endif %}
  106. {%- else %}
  107. linux_interface_{{ interface_name }}:
  108. network.managed:
  109. - enabled: {{ interface.enabled }}
  110. - name: {{ interface_name }}
  111. - type: {{ interface.type }}
  112. {%- if interface.address is defined %}
  113. {%- if grains.os_family == 'Debian' %}
  114. - proto: {{ interface.get('proto', 'static') }}
  115. {% endif %}
  116. {%- if grains.os_family == 'RedHat' %}
  117. {%- if interface.get('proto', 'none') == 'manual' %}
  118. - proto: 'none'
  119. {%- else %}
  120. - proto: {{ interface.get('proto', 'none') }}
  121. {%- endif %}
  122. {% endif %}
  123. - ipaddr: {{ interface.address }}
  124. - netmask: {{ interface.netmask }}
  125. {%- else %}
  126. - proto: {{ interface.get('proto', 'dhcp') }}
  127. {%- endif %}
  128. {%- if interface.type == 'slave' %}
  129. - master: {{ interface.master }}
  130. {%- endif %}
  131. {%- if interface.name_servers is defined %}
  132. - dns: {{ interface.name_servers }}
  133. {%- endif %}
  134. {%- if interface.wireless is defined and grains.os_family == 'Debian' %}
  135. {%- if interface.wireless.security == "wpa" %}
  136. - wpa-ssid: {{ interface.wireless.essid }}
  137. - wpa-psk: {{ interface.wireless.key }}
  138. {%- else %}
  139. - wireless-ssid: {{ interface.wireless.essid }}
  140. - wireless-psk: {{ interface.wireless.key }}
  141. {%- endif %}
  142. {%- endif %}
  143. {%- for param in network.interface_params %}
  144. {{ set_param(param, interface) }}
  145. {%- endfor %}
  146. {%- if interface.type == 'bridge' %}
  147. - bridge: {{ interface_name }}
  148. - delay: 0
  149. - bypassfirewall: True
  150. - use:
  151. {%- for network in interface.use_interfaces %}
  152. - network: linux_interface_{{ network }}
  153. {%- endfor %}
  154. - ports: {% for network in interface.get('use_interfaces', []) %}{{ network }} {% endfor %}{% for network in interface.get('use_ovs_ports', []) %}{{ network }} {% endfor %}
  155. - require:
  156. {%- for network in interface.get('use_interfaces', []) %}
  157. - network: linux_interface_{{ network }}
  158. {%- endfor %}
  159. {%- for network in interface.get('use_ovs_ports', []) %}
  160. - cmd: ovs_port_up_{{ network }}
  161. {%- endfor %}
  162. {%- endif %}
  163. {%- if interface.type == 'bond' %}
  164. - slaves: {{ interface.slaves }}
  165. - mode: {{ interface.mode }}
  166. {%- endif %}
  167. {%- if interface.get('ipflush_onchange', False) %}
  168. linux_interface_ipflush_onchange_{{ interface_name }}:
  169. cmd.run:
  170. - name: "/sbin/ip address flush dev {{ interface_name }}"
  171. - onchanges:
  172. - network: linux_interface_{{ interface_name }}
  173. {%- endif %}
  174. {%- for network in interface.get('use_ovs_ports', []) %}
  175. remove_interface_{{ network }}_line1:
  176. file.replace:
  177. - name: /etc/network/interfaces
  178. - pattern: auto {{ network }}
  179. - repl: ""
  180. remove_interface_{{ network }}_line2:
  181. file.replace:
  182. - name: /etc/network/interfaces
  183. - pattern: iface {{ network }} inet manual
  184. - repl: ""
  185. {%- endfor %}
  186. {%- if interface.gateway is defined %}
  187. linux_system_network:
  188. network.system:
  189. - enabled: {{ interface.enabled }}
  190. - hostname: {{ network.fqdn }}
  191. {%- if interface.gateway is defined %}
  192. - gateway: {{ interface.gateway }}
  193. - gatewaydev: {{ interface_name }}
  194. {%- endif %}
  195. - nozeroconf: True
  196. - nisdomain: {{ system.domain }}
  197. - require_reboot: True
  198. {%- endif %}
  199. {%- endif %}
  200. {%- endif %}
  201. {%- if interface.wireless is defined %}
  202. {%- if grains.os_family == 'Arch' %}
  203. linux_network_packages:
  204. pkg.installed:
  205. - pkgs: {{ network.pkgs }}
  206. /etc/netctl/network_{{ interface.wireless.essid }}:
  207. file.managed:
  208. - source: salt://linux/files/wireless
  209. - mode: 755
  210. - template: jinja
  211. - require:
  212. - pkg: linux_network_packages
  213. - defaults:
  214. interface_name: {{ interface_name }}
  215. switch_profile_{{ interface.wireless.essid }}:
  216. cmd.run:
  217. - name: netctl switch-to network_{{ interface.wireless.essid }}
  218. - cwd: /root
  219. - unless: "iwconfig {{ interface_name }} | grep -e 'ESSID:\"{{ interface.wireless.essid }}\"'"
  220. - require:
  221. - file: /etc/netctl/network_{{ interface.wireless.essid }}
  222. enable_profile_{{ interface.wireless.essid }}:
  223. cmd.run:
  224. - name: netctl enable network_{{ interface.wireless.essid }}
  225. - cwd: /root
  226. - unless: test -e /etc/systemd/system/multi-user.target.wants/netctl@network_{{ interface.wireless.essid }}.service
  227. - require:
  228. - file: /etc/netctl/network_{{ interface.wireless.essid }}
  229. {%- endif %}
  230. {%- endif %}
  231. {%- endif %}
  232. {%- if interface.route is defined %}
  233. linux_network_{{ interface_name }}_routes:
  234. network.routes:
  235. - name: {{ interface_name }}
  236. - routes:
  237. {%- for route_name, route in interface.route.iteritems() %}
  238. - name: {{ route_name }}
  239. ipaddr: {{ route.address }}
  240. netmask: {{ route.netmask }}
  241. {%- if route.gateway is defined %}
  242. gateway: {{ route.gateway }}
  243. {%- endif %}
  244. {%- endfor %}
  245. {%- endif %}
  246. {%- endfor %}
  247. {%- if network.bridge != 'none' %}
  248. linux_interfaces_final_include:
  249. file.prepend:
  250. - name: /etc/network/interfaces
  251. - text: |
  252. source /etc/network/interfaces.d/*
  253. # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262
  254. source /etc/network/interfaces.u/*
  255. {%- endif %}
  256. {%- endif %}
  257. {%- if network.network_manager.disable is defined and network.network_manager.disable == True %}
  258. NetworkManager:
  259. service.dead:
  260. - enable: false
  261. {%- endif %}
  262. {%- if network.tap_custom_txqueuelen is defined %}
  263. /etc/udev/rules.d/60-net-txqueue.rules:
  264. file.managed:
  265. - source: salt://linux/files/60-net-txqueue.rules
  266. - mode: 755
  267. - template: jinja
  268. {%- endif %}