ExternalMirrors
/
linux-formula
mirror of https://github.com/salt-formulas/salt-formula-linux
Watch 1
Star 0
Fork 1
Code Issues 0 Releases 8 Wiki Activity
Saltstack Official Linux Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
621 Commits
26 Branches
Tree: 697ce4bf04
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '697ce4bf04'
${ noResults }
linux-formula/linux/network/interface.sls

456 lines
13KB
Raw Blame History 

  1. {%- from "linux/map.jinja" import network with context %}

  2. {%- from "linux/map.jinja" import system with context %}

  3. {%- if network.enabled %}

  4. 

  5. {%- if network.get('dpdk', {}).get('enabled', False) %}

  6. include:

  7. - linux.network.dpdk

  8. {%- endif %}

  9. 

  10. {%- macro set_param(param_name, param_dict) -%}

  11. {%- if param_dict.get(param_name, False) -%}

  12. - {{ param_name }}: {{ param_dict[param_name] }}

  13. {%- endif -%}

  14. {%- endmacro -%}

  15. 

  16. {%- if network.bridge != 'none' %}

  17. 

  18. linux_network_bridge_pkgs:

  19.   pkg.installed:

  20.   {%- if network.bridge == 'openvswitch' %}

  21.   - pkgs: {{ network.ovs_pkgs }}

  22.   {%- else %}

  23.   - pkgs: {{ network.bridge_pkgs }}

  24.   {%- endif %}

  25. 

  26. {%- endif %}

  27. 

  28. {%- for f in network.get('concat_iface_files', []) %}

  29. 

  30. {%- if salt['file.file_exists'](f.src) %}

  31. 

  32. append_{{ f.src }}_{{ f.dst }}:

  33.   file.append:

  34.     - name: {{ f.dst }}

  35.     - source: {{ f.src }}

  36. 

  37. remove_appended_{{ f.src }}:

  38.   file.absent:

  39.     - name: {{ f.src }}

  40. 

  41. {%- endif %}

  42. 

  43. {%- endfor %}

  44. 

  45. {%- for f in network.get('remove_iface_files', []) %}

  46. 

  47. remove_iface_file_{{ f }}:

  48.   file.absent:

  49.     - name: {{ f }}

  50. 

  51. {%- endfor %}

  52. 

  53. {%- if network.interface is defined %}

  54. 

  55. remove_cloud_init_file:

  56.   file.absent:

  57.   - name: /etc/network/interfaces.d/50-cloud-init.cfg

  58. 

  59. {%- endif %}

  60. 

  61. {%- for interface_name, interface in network.interface.items() %}

  62. 

  63. {%- set interface_name = interface.get('name', interface_name) %}

  64. 

  65. {# add linux network interface into OVS dpdk bridge #}

  66. 

  67. {%- if interface.type == 'dpdk_ovs_bridge' %}

  68. 

  69. {%- for int_name, int in network.interface.items() %}

  70. 

  71. {%- set int_name = int.get('name', int_name) %}

  72. 

  73. {%- if int.ovs_bridge is defined and interface_name == int.ovs_bridge %}

  74. 

  75. add_int_{{ int_name }}_to_ovs_dpdk_bridge_{{ interface_name }}:

  76.   cmd.run:

  77.     - unless: ovs-vsctl show | grep -w {{ int_name }}

  78.     - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} add-port {{ interface_name }} {{ int_name }}

  79. 

  80. {%- endif %}

  81. {%- endfor %}

  82. {%- endif %}

  83. 

  84. {# it is not used for any interface with type preffix dpdk,eg. dpdk_ovs_port #}

  85. {%- if interface.get('managed', True) and not 'dpdk' in interface.type %}

  86. 

  87. {%- if grains.os_family in ['RedHat', 'Debian'] %}

  88. 

  89. {%- if interface.type == 'ovs_bridge' %}

  90. 

  91. ovs_bridge_{{ interface_name }}:

  92.   openvswitch_bridge.present:

  93.   - name: {{ interface_name }}

  94. 

  95. {# add linux network interface into OVS bridge #}

  96. {%- for int_name, int in network.interface.items() %}

  97. 

  98. {%- set int_name = int.get('name', int_name) %}

  99. 

  100. {%- if int.ovs_bridge is defined and interface_name == int.ovs_bridge %}

  101. 

  102. add_int_{{ int_name }}_to_ovs_bridge_{{ interface_name }}:

  103.   cmd.run:

  104.     - unless: ovs-vsctl show | grep {{ int_name }}

  105.     - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} add-port {{ interface_name }} {{ int_name }}

  106. 

  107. {%- endif %}

  108. 

  109. {%- endfor %}

  110. 

  111. {%- elif interface.type == 'ovs_port' %}

  112. 

  113. {%- if interface.get('port_type','internal') == 'patch' %}

  114. 

  115. ovs_port_{{ interface_name }}:

  116.   openvswitch_port.present:

  117.   - name: {{ interface_name }}

  118.   - bridge: {{ interface.bridge }}

  119.   - require:

  120.     {%- if network.interface.get(interface.bridge, {}).get('type', 'ovs_bridge') == 'dpdk_ovs_bridge' %}

  121.     - cmd: linux_network_dpdk_bridge_interface_{{ interface.bridge }}

  122.     {%- else %}

  123.     - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}

  124.     {%- endif %}

  125. 

  126. ovs_port_set_type_{{ interface_name }}:

  127.   cmd.run:

  128.   - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} set interface {{ interface_name }} type=patch

  129.   - unless: ovs-vsctl show | grep -A 1 'Interface {{ interface_name }}' | grep patch

  130. 

  131. ovs_port_set_peer_{{ interface_name }}:

  132.   cmd.run:

  133.   - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} set interface {{ interface_name }} options:peer={{ interface.peer }}

  134.   - unless: ovs-vsctl show | grep -A 2 'Interface {{ interface_name }}' | grep {{ interface.peer }}

  135. 

  136. {% if interface.tag is defined %}

  137. ovs_port_set_tag_{{ interface_name }}:

  138.   cmd.run:

  139.   - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} set port {{ interface_name }} tag={{ interface.tag }}

  140.   - unless: ovs-vsctl get Port {{ interface_name }} tag | grep -Fx {{ interface.tag }}

  141. {%- endif %}

  142. 

  143. {%- else %}

  144. 

  145. linux_interfaces_include_{{ interface_name }}:

  146.   file.prepend:

  147.   - name: /etc/network/interfaces

  148.   - text: |

  149.       source /etc/network/interfaces.d/*

  150.       # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262

  151.       source /etc/network/interfaces.u/*

  152. 

  153. ovs_port_{{ interface_name }}:

  154.   file.managed:

  155.   - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }}

  156.   - makedirs: True

  157.   - source: salt://linux/files/ovs_port

  158.   - defaults:

  159.       port: {{ interface|yaml }}

  160.       port_name: {{ interface_name }}

  161.   - template: jinja

  162. 

  163. ovs_port_{{ interface_name }}_line1:

  164.   file.replace:

  165.   - name: /etc/network/interfaces

  166.   - pattern: auto {{ interface_name }}$

  167.   - repl: ""

  168. 

  169. ovs_port_{{ interface_name }}_line2:

  170.   file.replace:

  171.   - name: /etc/network/interfaces

  172.   - pattern: 'iface {{ interface_name }} inet .*'

  173.   - repl: ""

  174. 

  175. ovs_port_up_{{ interface_name }}:

  176.   cmd.run:

  177.   - name: ifup {{ interface_name }}

  178.   - require:

  179.     - file: ovs_port_{{ interface_name }}

  180.     - file: ovs_port_{{ interface_name }}_line1

  181.     - file: ovs_port_{{ interface_name }}_line2

  182.     - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}

  183.     - file: linux_interfaces_final_include

  184. 

  185. {%- endif %}

  186. 

  187. {%- else %}

  188. 

  189. linux_interface_{{ interface_name }}:

  190.   network.managed:

  191.   - enabled: {{ interface.enabled }}

  192.   - name: {{ interface_name }}

  193.   - type: {{ interface.type }}

  194.   {%- if interface.address is defined %}

  195.   {%- if grains.os_family == 'Debian' %}

  196.   - proto: {{ interface.get('proto', 'static') }}

  197.   {% endif %}

  198.   {%- if grains.os_family == 'RedHat' %}

  199.   {%- if interface.get('proto', 'none') == 'manual' %}

  200.   - proto: 'none'

  201.   {%- else %}

  202.   - proto: {{ interface.get('proto', 'none') }}

  203.   {%- endif %}

  204.   {% endif %}

  205.   - ipaddr: {{ interface.address }}

  206.   - netmask: {{ interface.netmask }}

  207.   {%- else %}

  208.   - proto: {{ interface.get('proto', 'dhcp') }}

  209.   {%- endif %}

  210.   {%- if interface.type == 'slave' %}

  211.   - master: {{ interface.master }}

  212.   {%- endif %}

  213.   {%- if interface.name_servers is defined %}

  214.   - dns: {{ interface.name_servers }}

  215.   {%- endif %}

  216.   {%- if interface.wireless is defined and grains.os_family == 'Debian' %}

  217.   {%- if interface.wireless.security == "wpa" %}

  218.   - wpa-ssid: {{ interface.wireless.essid }}

  219.   - wpa-psk: {{ interface.wireless.key }}

  220.   {%- else %}

  221.   - wireless-ssid: {{ interface.wireless.essid }}

  222.   - wireless-psk: {{ interface.wireless.key }}

  223.   {%- endif %}

  224.   {%- endif %}

  225.   {%- for param in network.interface_params %}

  226.   {{ set_param(param, interface) }}

  227.   {%- endfor %}

  228.   {%- if interface.require_interfaces is defined %}

  229.   - require:

  230.     {%- for netif in interface.get('require_interfaces', []) %}

  231.     - network: linux_interface_{{ netif }}

  232.     {%- endfor %}

  233.     {%- for network in interface.get('use_ovs_ports', []) %}

  234.     - cmd: ovs_port_up_{{ network }}

  235.     {%- endfor %}

  236.   {%- endif %}

  237.   {%- if interface.type == 'bridge' %}

  238.   - bridge: {{ interface_name }}

  239.   - delay: 0

  240.   - bypassfirewall: True

  241.   - use:

  242.     {%- for network in interface.use_interfaces %}

  243.     - network: linux_interface_{{ network }}

  244.     {%- endfor %}

  245.   - ports: {% for network in interface.get('use_interfaces', []) %}{{ network }} {% endfor %}{% for network in interface.get('use_ovs_ports', []) %}{{ network }} {% endfor %}

  246.   - require:

  247.     {%- for network in interface.get('use_interfaces', []) %}

  248.     - network: linux_interface_{{ network }}

  249.     {%- endfor %}

  250.     {%- for network in interface.get('use_ovs_ports', []) %}

  251.     - cmd: ovs_port_up_{{ network }}

  252.     {%- endfor %}

  253.   {%- endif %}

  254.   {%- if interface.type == 'bond' %}

  255.   - slaves: {{ interface.slaves }}

  256.   - mode: {{ interface.mode }}

  257.   {%- endif %}

  258. 

  259. 

  260. {%- if salt['grains.get']('saltversion') < '2017.7' %}

  261. # TODO(ddmitriev): Remove this 'if .. endif' block completely when

  262. # switched to salt version 2017.7 that has the same functionality.

  263. {%- if interface.type == 'bond' and interface.enabled == True %}

  264. linux_bond_interface_{{ interface_name }}:

  265.   cmd.run:

  266.   - name: ifenslave {{ interface_name }} {{ interface.slaves }}

  267.   - require:

  268.     - network: linux_interface_{{ interface_name }}

  269.   - onchanges:

  270.     - network: linux_interface_{{ interface_name }}

  271.     {%- for network in  interface.slaves.split() %}

  272.     - network: linux_interface_{{ network }}

  273.     {%- endfor %}

  274. {%- endif %}

  275. {%- endif %}

  276. 

  277. {%- for network in interface.get('use_ovs_ports', []) %}

  278. 

  279. remove_interface_{{ network }}_line1:

  280.   file.replace:

  281.   - name: /etc/network/interfaces

  282.   - pattern: auto {{ network }}$

  283.   - repl: ""

  284. 

  285. remove_interface_{{ network }}_line2:

  286.   file.replace:

  287.   - name: /etc/network/interfaces

  288.   - pattern: iface {{ network }} inet manual

  289.   - repl: ""

  290. 

  291. {%- endfor %}

  292. 

  293. {%- if interface.gateway is defined %}

  294. 

  295. linux_system_network:

  296.   network.system:

  297.   - enabled: {{ interface.enabled }}

  298.   - hostname: {{ network.fqdn }}

  299.   {%- if interface.gateway is defined %}

  300.   - gateway: {{ interface.gateway }}

  301.   - gatewaydev: {{ interface_name }}

  302.   {%- endif %}

  303.   - nozeroconf: True

  304.   - nisdomain: {{ system.domain }}

  305.   - require_reboot: True

  306. 

  307. {%- endif %}

  308. 

  309. {%- endif %}

  310. 

  311. {%- endif %}

  312. 

  313. {%- if interface.wireless is defined %}

  314. 

  315. {%- if grains.os_family == 'Arch' %}

  316. 

  317. linux_network_packages:

  318.   pkg.installed:

  319.   - pkgs: {{ network.pkgs }}

  320. 

  321. /etc/netctl/network_{{ interface.wireless.essid }}:

  322.   file.managed:

  323.   - source: salt://linux/files/wireless

  324.   - mode: 755

  325.   - template: jinja

  326.   - require:

  327.     - pkg: linux_network_packages

  328.   - defaults:

  329.       interface_name: {{ interface_name }}

  330. 

  331. switch_profile_{{ interface.wireless.essid }}:

  332.   cmd.run:

  333.     - name: netctl switch-to network_{{ interface.wireless.essid }}

  334.     - cwd: /root

  335.     - unless: "iwconfig {{ interface_name }} | grep -e 'ESSID:\"{{ interface.wireless.essid }}\"'"

  336.     - require:

  337.       - file: /etc/netctl/network_{{ interface.wireless.essid }}

  338. 

  339. enable_profile_{{ interface.wireless.essid }}:

  340.   cmd.run:

  341.     - name: netctl enable network_{{ interface.wireless.essid }}

  342.     - cwd: /root

  343.     - unless: test -e /etc/systemd/system/multi-user.target.wants/netctl@network_{{ interface.wireless.essid }}.service

  344.     - require:

  345.       - file: /etc/netctl/network_{{ interface.wireless.essid }}

  346. 

  347. {%- endif %}

  348. 

  349. {%- endif %}

  350. 

  351. {%- endif %}

  352. 

  353. {%- if interface.route is defined %}

  354. 

  355. linux_network_{{ interface_name }}_routes:

  356.   network.routes:

  357.   - name: {{ interface_name }}

  358.   - routes:

  359.     {%- for route_name, route in interface.route.items() %}

  360.     - name: {{ route_name }}

  361.       ipaddr: {{ route.address }}

  362.       netmask: {{ route.netmask }}

  363.       {%- if route.gateway is defined %}

  364.       gateway: {{ route.gateway }}

  365.       {%- endif %}

  366.     {%- endfor %}

  367.   {%- if interface.noifupdown is defined %}

  368.   - require_reboot: {{ interface.noifupdown }}

  369.   {%- endif %}

  370. 

  371. {%- endif %}

  372. 

  373. {%- if interface.type in ('eth','ovs_port') %}

  374. {%- if interface.get('ipflush_onchange', False) %}

  375. 

  376. linux_interface_ipflush_onchange_{{ interface_name }}:

  377.   cmd.run:

  378.   - name: "/sbin/ip address flush dev {{ interface_name }}"

  379. {%- if interface.type == 'eth' %}

  380.   - onchanges:

  381.     - network: linux_interface_{{ interface_name }}

  382. {%- elif interface.type == 'ovs_port' %}

  383.   - onchanges:

  384.     - file: ovs_port_{{ interface_name }}

  385. {%- endif %}

  386. 

  387. {%- if interface.get('restart_on_ipflush', False) %}

  388. 

  389. linux_interface_restart_on_ipflush_{{ interface_name }}:

  390.   cmd.run:

  391.   - name: "ifdown {{ interface_name }}; ifup {{ interface_name }};"

  392.   - onchanges:

  393.     - cmd: linux_interface_ipflush_onchange_{{ interface_name }}

  394. 

  395. {%- endif %}

  396. 

  397. {%- endif %}

  398. 

  399. {%- endif %}

  400. 

  401. {%- endfor %}

  402. 

  403. {%- if network.bridge != 'none' %}

  404. 

  405. linux_interfaces_final_include:

  406.   file.prepend:

  407.   - name: /etc/network/interfaces

  408.   - text: |

  409.       source /etc/network/interfaces.d/*

  410.       # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262

  411.       source /etc/network/interfaces.u/*

  412. 

  413. linux_interfaces_final_include_no_requisite:

  414.   file.prepend:

  415.   - name: /etc/network/interfaces

  416.   - text: |

  417.       source /etc/network/interfaces.d/*

  418.       # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262

  419.       source /etc/network/interfaces.u/*

  420. 

  421. {%- endif %}

  422. 

  423. {%- endif %}

  424. 

  425. {%- if network.network_manager.disable is defined and network.network_manager.disable == True %}

  426. 

  427. NetworkManager:

  428.   service.dead:

  429.   - enable: false

  430. 

  431. {%- endif %}

  432. 

  433. {%- if network.tap_custom_txqueuelen is defined %}

  434. 

  435. /etc/udev/rules.d/60-net-txqueue.rules:

  436.   file.managed:

  437.   - source: salt://linux/files/60-net-txqueue.rules

  438.   - mode: 755

  439.   - template: jinja

  440.   - defaults:

  441.     tap_custom_txqueuelen: {{ network.tap_custom_txqueuelen }}

  442. 

  443. udev_reload_rules:

  444.   cmd.run:

  445.   - name: "/bin/udevadm control --reload-rules"

  446.   - onchanges:

  447.     - file: /etc/udev/rules.d/60-net-txqueue.rules

  448. 

  449. udev_retrigger:

  450.   cmd.run:

  451.   - name: "/bin/udevadm trigger --attr-match=subsystem=net"

  452.   - onchanges:

  453.     - udev_reload_rules

  454. 

  455. {%- endif %}