Saltstack Official Linux Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

409 lines
11KB

  1. {%- from "linux/map.jinja" import network with context %}
  2. {%- from "linux/map.jinja" import system with context %}
  3. {%- if network.enabled %}
  4. {%- macro set_param(param_name, param_dict) -%}
  5. {%- if param_dict.get(param_name, False) -%}
  6. - {{ param_name }}: {{ param_dict[param_name] }}
  7. {%- endif -%}
  8. {%- endmacro -%}
  9. {%- if network.bridge != 'none' %}
  10. linux_network_bridge_pkgs:
  11. pkg.installed:
  12. {%- if network.bridge == 'openvswitch' %}
  13. - pkgs: {{ network.ovs_pkgs }}
  14. {%- else %}
  15. - pkgs: {{ network.bridge_pkgs }}
  16. {%- endif %}
  17. {%- endif %}
  18. {%- for f in network.get('concat_iface_files', []) %}
  19. {%- if salt['file.file_exists'](f.src) %}
  20. append_{{ f.src }}_{{ f.dst }}:
  21. file.append:
  22. - name: {{ f.dst }}
  23. - source: {{ f.src }}
  24. remove_appended_{{ f.src }}:
  25. file.absent:
  26. - name: {{ f.src }}
  27. {%- endif %}
  28. {%- endfor %}
  29. {%- for f in network.get('remove_iface_files', []) %}
  30. remove_iface_file_{{ f }}:
  31. file.absent:
  32. - name: {{ f }}
  33. {%- endfor %}
  34. {%- if network.interface is defined %}
  35. remove_cloud_init_file:
  36. file.absent:
  37. - name: /etc/network/interfaces.d/50-cloud-init.cfg
  38. {%- endif %}
  39. {%- for interface_name, interface in network.interface.items() %}
  40. {%- set interface_name = interface.get('name', interface_name) %}
  41. {# it is not used for any interface with type preffix dpdk,eg. dpdk_ovs_port #}
  42. {%- if interface.get('managed', True) and not 'dpdk' in interface.type %}
  43. {%- if grains.os_family in ['RedHat', 'Debian'] %}
  44. {%- if interface.type == 'ovs_bridge' %}
  45. ovs_bridge_{{ interface_name }}:
  46. openvswitch_bridge.present:
  47. - name: {{ interface_name }}
  48. {# add linux network interface into OVS bridge #}
  49. {%- for int_name, int in network.interface.items() %}
  50. {%- set int_name = int.get('name', int_name) %}
  51. {%- if int.ovs_bridge is defined and interface_name == int.ovs_bridge %}
  52. add_int_{{ int_name }}_to_ovs_bridge_{{ interface_name }}:
  53. cmd.run:
  54. - unless: ovs-vsctl show | grep {{ int_name }}
  55. - name: ovs-vsctl add-port {{ interface_name }} {{ int_name }}
  56. {%- endif %}
  57. {%- endfor %}
  58. {%- elif interface.type == 'ovs_port' %}
  59. {%- if interface.get('port_type','internal') == 'patch' %}
  60. ovs_port_{{ interface_name }}:
  61. openvswitch_port.present:
  62. - name: {{ interface_name }}
  63. - bridge: {{ interface.bridge }}
  64. - require:
  65. - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}
  66. ovs_port_set_type_{{ interface_name }}:
  67. cmd.run:
  68. - name: ovs-vsctl set interface {{ interface_name }} type=patch
  69. - unless: ovs-vsctl show | grep -A 1 'Interface {{ interface_name }}' | grep patch
  70. ovs_port_set_peer_{{ interface_name }}:
  71. cmd.run:
  72. - name: ovs-vsctl set interface {{ interface_name }} options:peer={{ interface.peer }}
  73. - unless: ovs-vsctl show | grep -A 2 'Interface {{ interface_name }}' | grep {{ interface.peer }}
  74. {%- else %}
  75. linux_interfaces_include_{{ interface_name }}:
  76. file.prepend:
  77. - name: /etc/network/interfaces
  78. - text: |
  79. source /etc/network/interfaces.d/*
  80. # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262
  81. source /etc/network/interfaces.u/*
  82. ovs_port_{{ interface_name }}:
  83. file.managed:
  84. - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }}
  85. - makedirs: True
  86. - source: salt://linux/files/ovs_port
  87. - defaults:
  88. port: {{ interface|yaml }}
  89. port_name: {{ interface_name }}
  90. - template: jinja
  91. ovs_port_{{ interface_name }}_line1:
  92. file.replace:
  93. - name: /etc/network/interfaces
  94. - pattern: auto {{ interface_name }}$
  95. - repl: ""
  96. ovs_port_{{ interface_name }}_line2:
  97. file.replace:
  98. - name: /etc/network/interfaces
  99. - pattern: 'iface {{ interface_name }} inet .*'
  100. - repl: ""
  101. ovs_port_up_{{ interface_name }}:
  102. cmd.run:
  103. - name: ifup {{ interface_name }}
  104. - require:
  105. - file: ovs_port_{{ interface_name }}
  106. - file: ovs_port_{{ interface_name }}_line1
  107. - file: ovs_port_{{ interface_name }}_line2
  108. - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}
  109. - file: linux_interfaces_final_include
  110. {%- endif %}
  111. {%- else %}
  112. linux_interface_{{ interface_name }}:
  113. network.managed:
  114. - enabled: {{ interface.enabled }}
  115. - name: {{ interface_name }}
  116. - type: {{ interface.type }}
  117. {%- if interface.address is defined %}
  118. {%- if grains.os_family == 'Debian' %}
  119. - proto: {{ interface.get('proto', 'static') }}
  120. {% endif %}
  121. {%- if grains.os_family == 'RedHat' %}
  122. {%- if interface.get('proto', 'none') == 'manual' %}
  123. - proto: 'none'
  124. {%- else %}
  125. - proto: {{ interface.get('proto', 'none') }}
  126. {%- endif %}
  127. {% endif %}
  128. - ipaddr: {{ interface.address }}
  129. - netmask: {{ interface.netmask }}
  130. {%- else %}
  131. - proto: {{ interface.get('proto', 'dhcp') }}
  132. {%- endif %}
  133. {%- if interface.type == 'slave' %}
  134. - master: {{ interface.master }}
  135. {%- endif %}
  136. {%- if interface.name_servers is defined %}
  137. - dns: {{ interface.name_servers }}
  138. {%- endif %}
  139. {%- if interface.wireless is defined and grains.os_family == 'Debian' %}
  140. {%- if interface.wireless.security == "wpa" %}
  141. - wpa-ssid: {{ interface.wireless.essid }}
  142. - wpa-psk: {{ interface.wireless.key }}
  143. {%- else %}
  144. - wireless-ssid: {{ interface.wireless.essid }}
  145. - wireless-psk: {{ interface.wireless.key }}
  146. {%- endif %}
  147. {%- endif %}
  148. {%- for param in network.interface_params %}
  149. {{ set_param(param, interface) }}
  150. {%- endfor %}
  151. {%- if interface.require_interfaces is defined %}
  152. - require:
  153. {%- for netif in interface.get('require_interfaces', []) %}
  154. - network: linux_interface_{{ netif }}
  155. {%- endfor %}
  156. {%- for network in interface.get('use_ovs_ports', []) %}
  157. - cmd: ovs_port_up_{{ network }}
  158. {%- endfor %}
  159. {%- endif %}
  160. {%- if interface.type == 'bridge' %}
  161. - bridge: {{ interface_name }}
  162. - delay: 0
  163. - bypassfirewall: True
  164. - use:
  165. {%- for network in interface.use_interfaces %}
  166. - network: linux_interface_{{ network }}
  167. {%- endfor %}
  168. - ports: {% for network in interface.get('use_interfaces', []) %}{{ network }} {% endfor %}{% for network in interface.get('use_ovs_ports', []) %}{{ network }} {% endfor %}
  169. - require:
  170. {%- for network in interface.get('use_interfaces', []) %}
  171. - network: linux_interface_{{ network }}
  172. {%- endfor %}
  173. {%- for network in interface.get('use_ovs_ports', []) %}
  174. - cmd: ovs_port_up_{{ network }}
  175. {%- endfor %}
  176. {%- endif %}
  177. {%- if interface.type == 'bond' %}
  178. - slaves: {{ interface.slaves }}
  179. - mode: {{ interface.mode }}
  180. {%- endif %}
  181. {%- if interface.get('ipflush_onchange', False) %}
  182. linux_interface_ipflush_onchange_{{ interface_name }}:
  183. cmd.run:
  184. - name: "/sbin/ip address flush dev {{ interface_name }}"
  185. - onchanges:
  186. - network: linux_interface_{{ interface_name }}
  187. {%- if interface.get('restart_on_ipflush', False) %}
  188. linux_interface_restart_on_ipflush_{{ interface_name }}:
  189. cmd.run:
  190. - name: "ifdown {{ interface_name }}; ifup {{ interface_name }};"
  191. - onchanges:
  192. - cmd: linux_interface_ipflush_onchange_{{ interface_name }}
  193. {%- endif %}
  194. {%- endif %}
  195. {%- if salt['grains.get']('saltversion') < '2017.7' %}
  196. # TODO(ddmitriev): Remove this 'if .. endif' block completely when
  197. # switched to salt version 2017.7 that has the same functionality.
  198. {%- if interface.type == 'bond' and interface.enabled == True %}
  199. linux_bond_interface_{{ interface_name }}:
  200. cmd.run:
  201. - name: ifenslave {{ interface_name }} {{ interface.slaves }}
  202. - require:
  203. - network: linux_interface_{{ interface_name }}
  204. - onchanges:
  205. - network: linux_interface_{{ interface_name }}
  206. {%- for network in interface.slaves.split() %}
  207. - network: linux_interface_{{ network }}
  208. {%- endfor %}
  209. {%- endif %}
  210. {%- endif %}
  211. {%- for network in interface.get('use_ovs_ports', []) %}
  212. remove_interface_{{ network }}_line1:
  213. file.replace:
  214. - name: /etc/network/interfaces
  215. - pattern: auto {{ network }}$
  216. - repl: ""
  217. remove_interface_{{ network }}_line2:
  218. file.replace:
  219. - name: /etc/network/interfaces
  220. - pattern: iface {{ network }} inet manual
  221. - repl: ""
  222. {%- endfor %}
  223. {%- if interface.gateway is defined %}
  224. linux_system_network:
  225. network.system:
  226. - enabled: {{ interface.enabled }}
  227. - hostname: {{ network.fqdn }}
  228. {%- if interface.gateway is defined %}
  229. - gateway: {{ interface.gateway }}
  230. - gatewaydev: {{ interface_name }}
  231. {%- endif %}
  232. - nozeroconf: True
  233. - nisdomain: {{ system.domain }}
  234. - require_reboot: True
  235. {%- endif %}
  236. {%- endif %}
  237. {%- endif %}
  238. {%- if interface.wireless is defined %}
  239. {%- if grains.os_family == 'Arch' %}
  240. linux_network_packages:
  241. pkg.installed:
  242. - pkgs: {{ network.pkgs }}
  243. /etc/netctl/network_{{ interface.wireless.essid }}:
  244. file.managed:
  245. - source: salt://linux/files/wireless
  246. - mode: 755
  247. - template: jinja
  248. - require:
  249. - pkg: linux_network_packages
  250. - defaults:
  251. interface_name: {{ interface_name }}
  252. switch_profile_{{ interface.wireless.essid }}:
  253. cmd.run:
  254. - name: netctl switch-to network_{{ interface.wireless.essid }}
  255. - cwd: /root
  256. - unless: "iwconfig {{ interface_name }} | grep -e 'ESSID:\"{{ interface.wireless.essid }}\"'"
  257. - require:
  258. - file: /etc/netctl/network_{{ interface.wireless.essid }}
  259. enable_profile_{{ interface.wireless.essid }}:
  260. cmd.run:
  261. - name: netctl enable network_{{ interface.wireless.essid }}
  262. - cwd: /root
  263. - unless: test -e /etc/systemd/system/multi-user.target.wants/netctl@network_{{ interface.wireless.essid }}.service
  264. - require:
  265. - file: /etc/netctl/network_{{ interface.wireless.essid }}
  266. {%- endif %}
  267. {%- endif %}
  268. {%- endif %}
  269. {%- if interface.route is defined %}
  270. linux_network_{{ interface_name }}_routes:
  271. network.routes:
  272. - name: {{ interface_name }}
  273. - routes:
  274. {%- for route_name, route in interface.route.items() %}
  275. - name: {{ route_name }}
  276. ipaddr: {{ route.address }}
  277. netmask: {{ route.netmask }}
  278. {%- if route.gateway is defined %}
  279. gateway: {{ route.gateway }}
  280. {%- endif %}
  281. {%- endfor %}
  282. {%- endif %}
  283. {%- endfor %}
  284. {%- if network.bridge != 'none' %}
  285. linux_interfaces_final_include:
  286. file.prepend:
  287. - name: /etc/network/interfaces
  288. - text: |
  289. source /etc/network/interfaces.d/*
  290. # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262
  291. source /etc/network/interfaces.u/*
  292. linux_interfaces_final_include_no_requisite:
  293. file.prepend:
  294. - name: /etc/network/interfaces
  295. - text: |
  296. source /etc/network/interfaces.d/*
  297. # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262
  298. source /etc/network/interfaces.u/*
  299. {%- endif %}
  300. {%- endif %}
  301. {%- if network.network_manager.disable is defined and network.network_manager.disable == True %}
  302. NetworkManager:
  303. service.dead:
  304. - enable: false
  305. {%- endif %}
  306. {%- if network.tap_custom_txqueuelen is defined %}
  307. /etc/udev/rules.d/60-net-txqueue.rules:
  308. file.managed:
  309. - source: salt://linux/files/60-net-txqueue.rules
  310. - mode: 755
  311. - template: jinja
  312. - defaults:
  313. tap_custom_txqueuelen: {{ network.tap_custom_txqueuelen }}
  314. udev_reload_rules:
  315. cmd.run:
  316. - name: "/bin/udevadm control --reload-rules"
  317. - onchanges:
  318. - file: /etc/udev/rules.d/60-net-txqueue.rules
  319. udev_retrigger:
  320. cmd.run:
  321. - name: "/bin/udevadm trigger --attr-match=subsystem=net"
  322. - onchanges:
  323. - udev_reload_rules
  324. {%- endif %}