ExternalMirrors
/
linux-formula
дзеркало https://github.com/salt-formulas/salt-formula-linux
Слідкувати 1
В обрані 0
Форк 1
Код Проблеми 0 Релізи 8 Вікі Активність
Saltstack Official Linux Formula
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
780 Коміти
26 Гілки
Дерево: 8b5e28de21
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з '8b5e28de21'
${ noResults }
linux-formula/linux/network/interface.sls

544 lines
16KB
Неформатований Blame Історія 

  1. {%- from "linux/map.jinja" import network with context %}

  2. {%- from "linux/map.jinja" import system with context %}

  3. {%- if network.enabled %}

  4. 

  5. {%- set dpdk_enabled = network.get('dpdk', {}).get('enabled', False) %}

  6. {%- if dpdk_enabled %}

  7. include:

  8. - linux.network.dpdk

  9. {%- endif %}

  10. 

  11. {%- macro set_param(param_name, param_dict) -%}

  12. {%- if param_dict.get(param_name, False) -%}

  13. - {{ param_name }}: {{ param_dict[param_name] }}

  14. {%- endif -%}

  15. {%- endmacro -%}

  16. 

  17. {%- if network.bridge != 'none' %}

  18. 

  19. linux_network_bridge_pkgs:

  20.   pkg.installed:

  21.   {%- if network.bridge == 'openvswitch' %}

  22.   - pkgs: {{ network.ovs_pkgs | json }}

  23.   {%- else %}

  24.   - pkgs: {{ network.bridge_pkgs | json }}

  25.   {%- endif %}

  26. 

  27. {%- endif %}

  28. 

  29. {%- for f in network.get('concat_iface_files', []) %}

  30. 

  31. {%- if salt['file.file_exists'](f.src) %}

  32. 

  33. append_{{ f.src }}_{{ f.dst }}:

  34.   file.append:

  35.     - name: {{ f.dst }}

  36.     - source: {{ f.src }}

  37. 

  38. remove_appended_{{ f.src }}:

  39.   file.absent:

  40.     - name: {{ f.src }}

  41. 

  42. {%- endif %}

  43. 

  44. {%- endfor %}

  45. 

  46. {%- for f in network.get('remove_iface_files', []) %}

  47. 

  48. remove_iface_file_{{ f }}:

  49.   file.absent:

  50.     - name: {{ f }}

  51. 

  52. {%- endfor %}

  53. 

  54. {%- if network.interface is defined %}

  55. 

  56. remove_cloud_init_file:

  57.   file.absent:

  58.   - name: /etc/network/interfaces.d/50-cloud-init.cfg

  59. 

  60. {%- endif %}

  61. 

  62. {%- for interface_name, interface in network.interface.items() %}

  63. 

  64. {%- set interface_name = interface.get('name', interface_name) %}

  65. 

  66. {# add linux network interface into OVS dpdk bridge #}

  67. 

  68. {%- if interface.type == 'dpdk_ovs_bridge' %}

  69. 

  70. {%- for int_name, int in network.interface.items() %}

  71. 

  72. {%- set int_name = int.get('name', int_name) %}

  73. 

  74. {%- if int.ovs_bridge is defined and interface_name == int.ovs_bridge %}

  75. 

  76. add_int_{{ int_name }}_to_ovs_dpdk_bridge_{{ interface_name }}:

  77.   cmd.run:

  78.     - unless: ovs-vsctl show | grep -w {{ int_name }}

  79.     - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} add-port {{ interface_name }} {{ int_name }}

  80. {%- endif %}

  81. {%- endfor %}

  82. 

  83. linux_interfaces_include_{{ interface_name }}:

  84.   file.prepend:

  85.   - name: /etc/network/interfaces

  86.   - text: |

  87.       source /etc/network/interfaces.d/*

  88.       # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262

  89.       source /etc/network/interfaces.u/*

  90. 

  91. {# create override for openvswitch dependency for dpdk br-prv #}

  92. /etc/systemd/system/ifup@{{ interface_name }}.service.d/override.conf:

  93.   file.managed:

  94.     - makedirs: true

  95.     - require:

  96.       - cmd: linux_network_dpdk_bridge_interface_{{ interface_name }}

  97.     - contents: |

  98.         [Unit]

  99.         Requires=openvswitch-switch.service

  100.         After=openvswitch-switch.service

  101. 

  102. dpdk_ovs_bridge_{{ interface_name }}:

  103.   file.managed:

  104.   - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }}

  105.   - makedirs: True

  106.   - source: salt://linux/files/ovs_bridge

  107.   - defaults:

  108.       bridge: {{ interface|yaml }}

  109.       bridge_name: {{ interface_name }}

  110.   - template: jinja

  111. 

  112. dpdk_ovs_bridge_up_{{ interface_name }}:

  113.   cmd.run:

  114.   - name: ifup {{ interface_name }}

  115.   - require:

  116.     - file: dpdk_ovs_bridge_{{ interface_name }}

  117.     - file: linux_interfaces_final_include

  118. 

  119. {%- endif %}

  120. 

  121. {# it is not used for any interface with type preffix dpdk,eg. dpdk_ovs_port #}

  122. {%- if interface.get('managed', True) and not 'dpdk' in interface.type %}

  123. 

  124. {%- if grains.os_family in ['RedHat', 'Debian'] %}

  125. 

  126. {%- if interface.type == 'ovs_bridge' %}

  127. 

  128. ovs_bridge_{{ interface_name }}_present:

  129.   openvswitch_bridge.present:

  130.   - name: {{ interface_name }}

  131. 

  132. {# add linux network interface into OVS bridge #}

  133. {%- for int_name, int in network.interface.items() %}

  134. 

  135. {%- set int_name = int.get('name', int_name) %}

  136. 

  137. {%- if int.ovs_bridge is defined and interface_name == int.ovs_bridge %}

  138. 

  139. add_int_{{ int_name }}_to_ovs_bridge_{{ interface_name }}:

  140.   cmd.run:

  141.     - unless: ovs-vsctl show | grep {{ int_name }}

  142.     - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} add-port {{ interface_name }} {{ int_name }}

  143. {%- endif %}

  144. {%- endfor %}

  145. 

  146. linux_interfaces_include_{{ interface_name }}:

  147.   file.prepend:

  148.   - name: /etc/network/interfaces

  149.   - text: |

  150.       source /etc/network/interfaces.d/*

  151.       # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262

  152.       source /etc/network/interfaces.u/*

  153. 

  154. ovs_bridge_{{ interface_name }}:

  155.   file.append:

  156.   - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }}

  157.   - makedirs: True

  158.   - source: salt://linux/files/ovs_bridge

  159.   - defaults:

  160.       bridge: {{ interface|yaml }}

  161.       bridge_name: {{ interface_name }}

  162.   - template: jinja

  163. 

  164. ovs_bridge_up_{{ interface_name }}:

  165.   cmd.run:

  166.   - name: ifup {{ interface_name }}

  167.   - require:

  168.     - file: ovs_bridge_{{ interface_name }}

  169.     - file: linux_interfaces_final_include

  170. 

  171. {%- elif interface.type == 'ovs_bond' %}

  172. ovs_bond_{{ interface_name }}:

  173.   cmd.run:

  174.     - name: ovs-vsctl add-bond {{ interface.bridge }} {{ interface_name }} {{ interface.slaves }} bond_mode={{ interface.mode }}

  175.     - unless: ovs-vsctl show | grep -A 2 'Port.*{{ interface_name }}.'

  176.     - require:

  177.       - ovs_bridge_{{ interface.bridge }}_present

  178. 

  179. ovs_bond_persistent_{{ interface_name }}:

  180.   file.append:

  181.     - name: /etc/network/interfaces.u/ifcfg-{{ interface.bridge }}

  182.     - makedirs: True

  183.     - source: salt://linux/files/ovs_port

  184.     - template: jinja

  185.     - context:

  186.         port_name: {{ interface_name }}

  187.         port: {{ interface|yaml }}

  188.     - require:

  189.       - ovs_bridge_{{ interface.bridge }}

  190. 

  191. {%- elif interface.type == 'ovs_port' %}

  192. 

  193. {%- if interface.get('port_type','internal') == 'patch' %}

  194. 

  195. ovs_port_{{ interface_name }}_present:

  196.   openvswitch_port.present:

  197.   - name: {{ interface_name }}

  198.   - bridge: {{ interface.bridge }}

  199.   - require:

  200.     {%- if dpdk_enabled and network.interface.get(interface.bridge, {}).get('type', 'ovs_bridge') == 'dpdk_ovs_bridge' %}

  201.     - cmd: linux_network_dpdk_bridge_interface_{{ interface.bridge }}

  202.     {%- else %}

  203.     - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}_present

  204.     {%- endif %}

  205. 

  206. ovs_port_set_type_{{ interface_name }}:

  207.   cmd.run:

  208.   - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} set interface {{ interface_name }} type=patch

  209.   - unless: ovs-vsctl show | grep -A 1 'Interface {{ interface_name }}' | grep patch

  210. 

  211. ovs_port_set_peer_{{ interface_name }}:

  212.   cmd.run:

  213.   - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} set interface {{ interface_name }} options:peer={{ interface.peer }}

  214.   - unless: ovs-vsctl show | grep -A 2 'Interface {{ interface_name }}' | grep {{ interface.peer }}

  215. 

  216. {% if interface.tag is defined %}

  217. ovs_port_set_tag_{{ interface_name }}:

  218.   cmd.run:

  219.   - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} set port {{ interface_name }} tag={{ interface.tag }}

  220.   - unless: ovs-vsctl get Port {{ interface_name }} tag | grep -Fx {{ interface.tag }}

  221. {%- endif %}

  222. 

  223. {%- else %}

  224. 

  225. linux_interfaces_include_{{ interface_name }}:

  226.   file.prepend:

  227.   - name: /etc/network/interfaces

  228.   - text: |

  229.       source /etc/network/interfaces.d/*

  230.       # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262

  231.       source /etc/network/interfaces.u/*

  232. 

  233. ovs_port_{{ interface_name }}:

  234.   file.managed:

  235.   - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }}

  236.   - makedirs: True

  237.   - source: salt://linux/files/ovs_port

  238.   - defaults:

  239.       port: {{ interface|yaml }}

  240.       port_name: {{ interface_name }}

  241.       auto: ""

  242.       iface_inet: ""

  243.   - template: jinja

  244. 

  245. ovs_port_up_{{ interface_name }}:

  246.   cmd.run:

  247.   - name: ifup {{ interface_name }}

  248.   - require:

  249.     - file: ovs_port_{{ interface_name }}

  250.     - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}_present

  251.     - file: linux_interfaces_final_include

  252. 

  253. {%- endif %}

  254. 

  255. {%- else %}

  256. 

  257. linux_interface_{{ interface_name }}:

  258.   network.managed:

  259.   - enabled: {{ interface.enabled }}

  260.   - name: {{ interface_name }}

  261.   - type: {{ interface.type }}

  262.   {%- if interface.address is defined %}

  263.   {%- if grains.os_family == 'Debian' %}

  264.   - proto: {{ interface.get('proto', 'static') }}

  265.   {% endif %}

  266.   {%- if grains.os_family == 'RedHat' %}

  267.   {%- if interface.get('proto', 'none') == 'manual' %}

  268.   - proto: 'none'

  269.   {%- else %}

  270.   - proto: {{ interface.get('proto', 'none') }}

  271.   {%- endif %}

  272.   {% endif %}

  273.   - ipaddr: {{ interface.address }}

  274.   - netmask: {{ interface.netmask }}

  275.   {%- else %}

  276.   - proto: {{ interface.get('proto', 'dhcp') }}

  277.   {%- endif %}

  278. 

  279.   # IPv6

  280.   {%- if interface.enable_ipv6 is defined %}

  281.   - enable_ipv6: {{ interface.enable_ipv6 }}

  282.   {%-   if interface.ipv6ipaddr is defined %}

  283.   {%-     if grains.os_family == 'Debian' %}

  284.   - ipv6proto: {{ interface.get('ipv6proto', 'static') }}

  285.   {%-     endif %}

  286.   - ipv6ipaddr: {{ interface.ipv6ipaddr }}

  287.   - ipv6gateway: {{ interface.ipv6gateway }}

  288.   - ipv6netmask: {{ interface.ipv6netmask }}

  289.   {%-   endif %}

  290.   {%- endif %}

  291. 

  292.   {%- if interface.type == 'slave' %}

  293.   - master: {{ interface.master }}

  294.   {%- endif %}

  295.   {%- if interface.name_servers is defined %}

  296.   - dns: {{ interface.name_servers }}

  297.   {%- endif %}

  298.   {%- if interface.metric is defined and grains.os_family == 'Debian' %}

  299.   - metric: {{ interface.metric }}

  300.   {%- endif %}

  301.   {%- if interface.wireless is defined and grains.os_family == 'Debian' %}

  302.   {%- if interface.wireless.security == "wpa" %}

  303.   - wpa-ssid: {{ interface.wireless.essid }}

  304.   - wpa-psk: {{ interface.wireless.key }}

  305.   {%- else %}

  306.   - wireless-ssid: {{ interface.wireless.essid }}

  307.   - wireless-psk: {{ interface.wireless.key }}

  308.   {%- endif %}

  309.   {%- endif %}

  310.   {%- if pillar.linux.network.noifupdown is defined %}

  311.   - noifupdown: {{ pillar.linux.network.noifupdown }}

  312.   {%- endif %}

  313.   {%- for param in network.interface_params %}

  314.   {{ set_param(param, interface) }}

  315.   {%- endfor %}

  316.   {%- if interface.require_interfaces is defined %}

  317.   - require:

  318.     {%- for netif in interface.get('require_interfaces', []) %}

  319.     - network: linux_interface_{{ netif }}

  320.     {%- endfor %}

  321.     {%- for network in interface.get('use_ovs_ports', []) %}

  322.     - cmd: ovs_port_up_{{ network }}

  323.     {%- endfor %}

  324.   {%- endif %}

  325.   {%- if interface.type == 'bridge' %}

  326.   - bridge: {{ interface_name }}

  327.   - delay: 0

  328.   - bypassfirewall: True

  329.   - use:

  330.     {%- for network in interface.use_interfaces %}

  331.     - network: linux_interface_{{ network }}

  332.     {%- endfor %}

  333.   - ports: {% for network in interface.get('use_interfaces', []) %}{{ network }} {% endfor %}{% for network in interface.get('use_ovs_ports', []) %}{{ network }} {% endfor %}

  334.   - require:

  335.     {%- for network in interface.get('use_interfaces', []) %}

  336.     - network: linux_interface_{{ network }}

  337.     {%- endfor %}

  338.     {%- for network in interface.get('use_ovs_ports', []) %}

  339.     - cmd: ovs_port_up_{{ network }}

  340.     {%- endfor %}

  341.   {%- endif %}

  342.   {%- if interface.type == 'bond' %}

  343.   - slaves: {{ interface.slaves }}

  344.   - mode: {{ interface.mode }}

  345.   {%- endif %}

  346. 

  347. 

  348. {%- if salt['grains.get']('saltversion') < '2017.7' %}

  349. # TODO(ddmitriev): Remove this 'if .. endif' block completely when

  350. # switched to salt version 2017.7 that has the same functionality.

  351. {%- if interface.type == 'bond' and interface.enabled == True %}

  352. linux_bond_interface_{{ interface_name }}:

  353.   cmd.run:

  354.   - name: ifenslave {{ interface_name }} {{ interface.slaves }}

  355.   - require:

  356.     - network: linux_interface_{{ interface_name }}

  357.   - onchanges:

  358.     - network: linux_interface_{{ interface_name }}

  359.     {%- for network in  interface.slaves.split() %}

  360.     - network: linux_interface_{{ network }}

  361.     {%- endfor %}

  362. {%- endif %}

  363. {%- endif %}

  364. 

  365. {%- for network in interface.get('use_ovs_ports', []) %}

  366. 

  367. remove_interface_{{ network }}_line1:

  368.   file.replace:

  369.   - name: /etc/network/interfaces

  370.   - pattern: auto {{ network }}$

  371.   - repl: ""

  372. 

  373. remove_interface_{{ network }}_line2:

  374.   file.replace:

  375.   - name: /etc/network/interfaces

  376.   - pattern: iface {{ network }} inet manual

  377.   - repl: ""

  378. 

  379. {%- endfor %}

  380. 

  381. {%- if interface.gateway is defined and network.resolv is not defined %}

  382. 

  383. linux_system_network:

  384.   network.system:

  385.   - enabled: {{ interface.enabled }}

  386.   - hostname: {{ network.fqdn }}

  387.   {%- if interface.gateway is defined %}

  388.   - gateway: {{ interface.gateway }}

  389.   - gatewaydev: {{ interface_name }}

  390.   {%- endif %}

  391.   - nozeroconf: True

  392.   - nisdomain: {{ system.domain }}

  393.   - require_reboot: True

  394. 

  395. {%- endif %}

  396. 

  397. {%- endif %}

  398. 

  399. {%- endif %}

  400. 

  401. {%- if interface.wireless is defined %}

  402. 

  403. {%- if grains.os_family == 'Arch' %}

  404. 

  405. linux_network_packages:

  406.   pkg.installed:

  407.   - pkgs: {{ network.pkgs | json }}

  408. 

  409. /etc/netctl/network_{{ interface.wireless.essid }}:

  410.   file.managed:

  411.   - source: salt://linux/files/wireless

  412.   - mode: 755

  413.   - template: jinja

  414.   - require:

  415.     - pkg: linux_network_packages

  416.   - defaults:

  417.       interface_name: {{ interface_name }}

  418. 

  419. switch_profile_{{ interface.wireless.essid }}:

  420.   cmd.run:

  421.     - name: netctl switch-to network_{{ interface.wireless.essid }}

  422.     - cwd: /root

  423.     - unless: "iwconfig {{ interface_name }} | grep -e 'ESSID:\"{{ interface.wireless.essid }}\"'"

  424.     - require:

  425.       - file: /etc/netctl/network_{{ interface.wireless.essid }}

  426. 

  427. enable_profile_{{ interface.wireless.essid }}:

  428.   cmd.run:

  429.     - name: netctl enable network_{{ interface.wireless.essid }}

  430.     - cwd: /root

  431.     - unless: test -e /etc/systemd/system/multi-user.target.wants/netctl@network_{{ interface.wireless.essid }}.service

  432.     - require:

  433.       - file: /etc/netctl/network_{{ interface.wireless.essid }}

  434. 

  435. {%- endif %}

  436. 

  437. {%- endif %}

  438. 

  439. {%- endif %}

  440. 

  441. {%- if interface.route is defined %}

  442. 

  443. linux_network_{{ interface_name }}_routes:

  444.   network.routes:

  445.   - name: {{ interface_name }}

  446.   - routes:

  447.     {%- for route_name, route in interface.route.items() %}

  448.     - name: {{ route_name }}

  449.       ipaddr: {{ route.address }}

  450.       netmask: {{ route.netmask }}

  451.       {%- if route.gateway is defined %}

  452.       gateway: {{ route.gateway }}

  453.       {%- endif %}

  454.     {%- endfor %}

  455.   {%- if interface.noifupdown is defined %}

  456.   - require_reboot: {{ interface.noifupdown }}

  457.   {%- endif %}

  458. 

  459. {%- endif %}

  460. 

  461. {%- if interface.type in ('eth','ovs_port') %}

  462. {%- if interface.get('ipflush_onchange', False) %}

  463. 

  464. linux_interface_ipflush_onchange_{{ interface_name }}:

  465.   cmd.run:

  466.   - name: "/sbin/ip address flush dev {{ interface_name }}"

  467. {%- if interface.type == 'eth' %}

  468.   - onchanges:

  469.     - network: linux_interface_{{ interface_name }}

  470. {%- elif interface.type == 'ovs_port' %}

  471.   - onchanges:

  472.     - file: ovs_port_{{ interface_name }}

  473. {%- endif %}

  474. 

  475. {%- if interface.get('restart_on_ipflush', False) %}

  476. 

  477. linux_interface_restart_on_ipflush_{{ interface_name }}:

  478.   cmd.run:

  479.   - name: "ifdown {{ interface_name }}; ifup {{ interface_name }};"

  480.   - onchanges:

  481.     - cmd: linux_interface_ipflush_onchange_{{ interface_name }}

  482. 

  483. {%- endif %}

  484. 

  485. {%- endif %}

  486. 

  487. {%- endif %}

  488. 

  489. {%- endfor %}

  490. 

  491. {%- if network.bridge != 'none' %}

  492. 

  493. linux_interfaces_final_include:

  494.   file.prepend:

  495.   - name: /etc/network/interfaces

  496.   - text: |

  497.       source /etc/network/interfaces.d/*

  498.       # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262

  499.       source /etc/network/interfaces.u/*

  500. 

  501. linux_interfaces_final_include_no_requisite:

  502.   file.prepend:

  503.   - name: /etc/network/interfaces

  504.   - text: |

  505.       source /etc/network/interfaces.d/*

  506.       # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262

  507.       source /etc/network/interfaces.u/*

  508. 

  509. {%- endif %}

  510. 

  511. {%- endif %}

  512. 

  513. {%- if network.network_manager.disable is defined and network.network_manager.disable == True %}

  514. 

  515. NetworkManager:

  516.   service.dead:

  517.   - enable: false

  518. 

  519. {%- endif %}

  520. 

  521. {%- if network.tap_custom_txqueuelen is defined %}

  522. 

  523. /etc/udev/rules.d/60-net-txqueue.rules:

  524.   file.managed:

  525.   - source: salt://linux/files/60-net-txqueue.rules

  526.   - mode: 755

  527.   - template: jinja

  528.   - defaults:

  529.     tap_custom_txqueuelen: {{ network.tap_custom_txqueuelen }}

  530. 

  531. udev_reload_rules:

  532.   cmd.run:

  533.   - name: "/bin/udevadm control --reload-rules"

  534.   - onchanges:

  535.     - file: /etc/udev/rules.d/60-net-txqueue.rules

  536. 

  537. udev_retrigger:

  538.   cmd.run:

  539.   - name: "/bin/udevadm trigger --attr-match=subsystem=net"

  540.   - onchanges:

  541.     - udev_reload_rules

  542. 

  543. {%- endif %}