salt
/
linux-formula
派生自 ExternalMirrors/linux-formula
关注 1
点赞 0
派生 0
代码 版本发布 8 动态
Saltstack Official Linux Formula
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
556 提交
26 分支
目录树: c7be65af8b
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 'c7be65af8b'
${ noResults }
linux-formula/linux/network/interface.sls

418 行
11KB
原始文件 Blame 文件历史 

  1. {%- from "linux/map.jinja" import network with context %}

  2. {%- from "linux/map.jinja" import system with context %}

  3. {%- if network.enabled %}

  4. 

  5. {%- if network.get('dpdk', {}).get('enabled', False) %}

  6. include:

  7. - linux.network.dpdk

  8. {%- endif %}

  9. 

  10. {%- macro set_param(param_name, param_dict) -%}

  11. {%- if param_dict.get(param_name, False) -%}

  12. - {{ param_name }}: {{ param_dict[param_name] }}

  13. {%- endif -%}

  14. {%- endmacro -%}

  15. 

  16. {%- if network.bridge != 'none' %}

  17. 

  18. linux_network_bridge_pkgs:

  19.   pkg.installed:

  20.   {%- if network.bridge == 'openvswitch' %}

  21.   - pkgs: {{ network.ovs_pkgs }}

  22.   {%- else %}

  23.   - pkgs: {{ network.bridge_pkgs }}

  24.   {%- endif %}

  25. 

  26. {%- endif %}

  27. 

  28. {%- for f in network.get('concat_iface_files', []) %}

  29. 

  30. {%- if salt['file.file_exists'](f.src) %}

  31. 

  32. append_{{ f.src }}_{{ f.dst }}:

  33.   file.append:

  34.     - name: {{ f.dst }}

  35.     - source: {{ f.src }}

  36. 

  37. remove_appended_{{ f.src }}:

  38.   file.absent:

  39.     - name: {{ f.src }}

  40. 

  41. {%- endif %}

  42. 

  43. {%- endfor %}

  44. 

  45. {%- for f in network.get('remove_iface_files', []) %}

  46. 

  47. remove_iface_file_{{ f }}:

  48.   file.absent:

  49.     - name: {{ f }}

  50. 

  51. {%- endfor %}

  52. 

  53. {%- if network.interface is defined %}

  54. 

  55. remove_cloud_init_file:

  56.   file.absent:

  57.   - name: /etc/network/interfaces.d/50-cloud-init.cfg

  58. 

  59. {%- endif %}

  60. 

  61. {%- for interface_name, interface in network.interface.items() %}

  62. 

  63. {%- set interface_name = interface.get('name', interface_name) %}

  64. 

  65. {# it is not used for any interface with type preffix dpdk,eg. dpdk_ovs_port #}

  66. {%- if interface.get('managed', True) and not 'dpdk' in interface.type %}

  67. 

  68. {%- if grains.os_family in ['RedHat', 'Debian'] %}

  69. 

  70. {%- if interface.type == 'ovs_bridge' %}

  71. 

  72. ovs_bridge_{{ interface_name }}:

  73.   openvswitch_bridge.present:

  74.   - name: {{ interface_name }}

  75. 

  76. {# add linux network interface into OVS bridge #}

  77. {%- for int_name, int in network.interface.items() %}

  78. 

  79. {%- set int_name = int.get('name', int_name) %}

  80. 

  81. {%- if int.ovs_bridge is defined and interface_name == int.ovs_bridge %}

  82. 

  83. add_int_{{ int_name }}_to_ovs_bridge_{{ interface_name }}:

  84.   cmd.run:

  85.     - unless: ovs-vsctl show | grep {{ int_name }}

  86.     - name: ovs-vsctl add-port {{ interface_name }} {{ int_name }}

  87. 

  88. {%- endif %}

  89. 

  90. {%- endfor %}

  91. 

  92. {%- elif interface.type == 'ovs_port' %}

  93. 

  94. {%- if interface.get('port_type','internal') == 'patch' %}

  95. 

  96. ovs_port_{{ interface_name }}:

  97.   openvswitch_port.present:

  98.   - name: {{ interface_name }}

  99.   - bridge: {{ interface.bridge }}

  100.   - require:

  101.     {%- if network.interface.get(interface.bridge, {}).get('type', 'ovs_bridge') == 'dpdk_ovs_bridge' %}

  102.     - cmd: linux_network_dpdk_bridge_interface_{{ interface.bridge }}

  103.     {%- else %}

  104.     - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}

  105.     {%- endif %}

  106. 

  107. ovs_port_set_type_{{ interface_name }}:

  108.   cmd.run:

  109.   - name: ovs-vsctl set interface {{ interface_name }} type=patch

  110.   - unless: ovs-vsctl show | grep -A 1 'Interface {{ interface_name }}' | grep patch

  111. 

  112. ovs_port_set_peer_{{ interface_name }}:

  113.   cmd.run:

  114.   - name: ovs-vsctl set interface {{ interface_name }} options:peer={{ interface.peer }}

  115.   - unless: ovs-vsctl show | grep -A 2 'Interface {{ interface_name }}' | grep {{ interface.peer }}

  116. 

  117. {%- else %}

  118. 

  119. linux_interfaces_include_{{ interface_name }}:

  120.   file.prepend:

  121.   - name: /etc/network/interfaces

  122.   - text: |

  123.       source /etc/network/interfaces.d/*

  124.       # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262

  125.       source /etc/network/interfaces.u/*

  126. 

  127. ovs_port_{{ interface_name }}:

  128.   file.managed:

  129.   - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }}

  130.   - makedirs: True

  131.   - source: salt://linux/files/ovs_port

  132.   - defaults:

  133.       port: {{ interface|yaml }}

  134.       port_name: {{ interface_name }}

  135.   - template: jinja

  136. 

  137. ovs_port_{{ interface_name }}_line1:

  138.   file.replace:

  139.   - name: /etc/network/interfaces

  140.   - pattern: auto {{ interface_name }}$

  141.   - repl: ""

  142. 

  143. ovs_port_{{ interface_name }}_line2:

  144.   file.replace:

  145.   - name: /etc/network/interfaces

  146.   - pattern: 'iface {{ interface_name }} inet .*'

  147.   - repl: ""

  148. 

  149. ovs_port_up_{{ interface_name }}:

  150.   cmd.run:

  151.   - name: ifup {{ interface_name }}

  152.   - require:

  153.     - file: ovs_port_{{ interface_name }}

  154.     - file: ovs_port_{{ interface_name }}_line1

  155.     - file: ovs_port_{{ interface_name }}_line2

  156.     - openvswitch_bridge: ovs_bridge_{{ interface.bridge }}

  157.     - file: linux_interfaces_final_include

  158. 

  159. {%- endif %}

  160. 

  161. {%- else %}

  162. 

  163. linux_interface_{{ interface_name }}:

  164.   network.managed:

  165.   - enabled: {{ interface.enabled }}

  166.   - name: {{ interface_name }}

  167.   - type: {{ interface.type }}

  168.   {%- if interface.address is defined %}

  169.   {%- if grains.os_family == 'Debian' %}

  170.   - proto: {{ interface.get('proto', 'static') }}

  171.   {% endif %}

  172.   {%- if grains.os_family == 'RedHat' %}

  173.   {%- if interface.get('proto', 'none') == 'manual' %}

  174.   - proto: 'none'

  175.   {%- else %}

  176.   - proto: {{ interface.get('proto', 'none') }}

  177.   {%- endif %}

  178.   {% endif %}

  179.   - ipaddr: {{ interface.address }}

  180.   - netmask: {{ interface.netmask }}

  181.   {%- else %}

  182.   - proto: {{ interface.get('proto', 'dhcp') }}

  183.   {%- endif %}

  184.   {%- if interface.type == 'slave' %}

  185.   - master: {{ interface.master }}

  186.   {%- endif %}

  187.   {%- if interface.name_servers is defined %}

  188.   - dns: {{ interface.name_servers }}

  189.   {%- endif %}

  190.   {%- if interface.wireless is defined and grains.os_family == 'Debian' %}

  191.   {%- if interface.wireless.security == "wpa" %}

  192.   - wpa-ssid: {{ interface.wireless.essid }}

  193.   - wpa-psk: {{ interface.wireless.key }}

  194.   {%- else %}

  195.   - wireless-ssid: {{ interface.wireless.essid }}

  196.   - wireless-psk: {{ interface.wireless.key }}

  197.   {%- endif %}

  198.   {%- endif %}

  199.   {%- for param in network.interface_params %}

  200.   {{ set_param(param, interface) }}

  201.   {%- endfor %}

  202.   {%- if interface.require_interfaces is defined %}

  203.   - require:

  204.     {%- for netif in interface.get('require_interfaces', []) %}

  205.     - network: linux_interface_{{ netif }}

  206.     {%- endfor %}

  207.     {%- for network in interface.get('use_ovs_ports', []) %}

  208.     - cmd: ovs_port_up_{{ network }}

  209.     {%- endfor %}

  210.   {%- endif %}

  211.   {%- if interface.type == 'bridge' %}

  212.   - bridge: {{ interface_name }}

  213.   - delay: 0

  214.   - bypassfirewall: True

  215.   - use:

  216.     {%- for network in interface.use_interfaces %}

  217.     - network: linux_interface_{{ network }}

  218.     {%- endfor %}

  219.   - ports: {% for network in interface.get('use_interfaces', []) %}{{ network }} {% endfor %}{% for network in interface.get('use_ovs_ports', []) %}{{ network }} {% endfor %}

  220.   - require:

  221.     {%- for network in interface.get('use_interfaces', []) %}

  222.     - network: linux_interface_{{ network }}

  223.     {%- endfor %}

  224.     {%- for network in interface.get('use_ovs_ports', []) %}

  225.     - cmd: ovs_port_up_{{ network }}

  226.     {%- endfor %}

  227.   {%- endif %}

  228.   {%- if interface.type == 'bond' %}

  229.   - slaves: {{ interface.slaves }}

  230.   - mode: {{ interface.mode }}

  231.   {%- endif %}

  232. 

  233. {%- if interface.get('ipflush_onchange', False) %}

  234. 

  235. linux_interface_ipflush_onchange_{{ interface_name }}:

  236.   cmd.run:

  237.   - name: "/sbin/ip address flush dev {{ interface_name }}"

  238.   - onchanges:

  239.     - network: linux_interface_{{ interface_name }}

  240. 

  241. {%- if interface.get('restart_on_ipflush', False) %}

  242. 

  243. linux_interface_restart_on_ipflush_{{ interface_name }}:

  244.   cmd.run:

  245.   - name: "ifdown {{ interface_name }}; ifup {{ interface_name }};"

  246.   - onchanges:

  247.     - cmd: linux_interface_ipflush_onchange_{{ interface_name }}

  248. 

  249. {%- endif %}

  250. 

  251. {%- endif %}

  252. 

  253. {%- if salt['grains.get']('saltversion') < '2017.7' %}

  254. # TODO(ddmitriev): Remove this 'if .. endif' block completely when

  255. # switched to salt version 2017.7 that has the same functionality.

  256. {%- if interface.type == 'bond' and interface.enabled == True %}

  257. linux_bond_interface_{{ interface_name }}:

  258.   cmd.run:

  259.   - name: ifenslave {{ interface_name }} {{ interface.slaves }}

  260.   - require:

  261.     - network: linux_interface_{{ interface_name }}

  262.   - onchanges:

  263.     - network: linux_interface_{{ interface_name }}

  264.     {%- for network in  interface.slaves.split() %}

  265.     - network: linux_interface_{{ network }}

  266.     {%- endfor %}

  267. {%- endif %}

  268. {%- endif %}

  269. 

  270. {%- for network in interface.get('use_ovs_ports', []) %}

  271. 

  272. remove_interface_{{ network }}_line1:

  273.   file.replace:

  274.   - name: /etc/network/interfaces

  275.   - pattern: auto {{ network }}$

  276.   - repl: ""

  277. 

  278. remove_interface_{{ network }}_line2:

  279.   file.replace:

  280.   - name: /etc/network/interfaces

  281.   - pattern: iface {{ network }} inet manual

  282.   - repl: ""

  283. 

  284. {%- endfor %}

  285. 

  286. {%- if interface.gateway is defined %}

  287. 

  288. linux_system_network:

  289.   network.system:

  290.   - enabled: {{ interface.enabled }}

  291.   - hostname: {{ network.fqdn }}

  292.   {%- if interface.gateway is defined %}

  293.   - gateway: {{ interface.gateway }}

  294.   - gatewaydev: {{ interface_name }}

  295.   {%- endif %}

  296.   - nozeroconf: True

  297.   - nisdomain: {{ system.domain }}

  298.   - require_reboot: True

  299. 

  300. {%- endif %}

  301. 

  302. {%- endif %}

  303. 

  304. {%- endif %}

  305. 

  306. {%- if interface.wireless is defined %}

  307. 

  308. {%- if grains.os_family == 'Arch' %}

  309. 

  310. linux_network_packages:

  311.   pkg.installed:

  312.   - pkgs: {{ network.pkgs }}

  313. 

  314. /etc/netctl/network_{{ interface.wireless.essid }}:

  315.   file.managed:

  316.   - source: salt://linux/files/wireless

  317.   - mode: 755

  318.   - template: jinja

  319.   - require:

  320.     - pkg: linux_network_packages

  321.   - defaults:

  322.       interface_name: {{ interface_name }}

  323. 

  324. switch_profile_{{ interface.wireless.essid }}:

  325.   cmd.run:

  326.     - name: netctl switch-to network_{{ interface.wireless.essid }}

  327.     - cwd: /root

  328.     - unless: "iwconfig {{ interface_name }} | grep -e 'ESSID:\"{{ interface.wireless.essid }}\"'"

  329.     - require:

  330.       - file: /etc/netctl/network_{{ interface.wireless.essid }}

  331. 

  332. enable_profile_{{ interface.wireless.essid }}:

  333.   cmd.run:

  334.     - name: netctl enable network_{{ interface.wireless.essid }}

  335.     - cwd: /root

  336.     - unless: test -e /etc/systemd/system/multi-user.target.wants/netctl@network_{{ interface.wireless.essid }}.service

  337.     - require:

  338.       - file: /etc/netctl/network_{{ interface.wireless.essid }}

  339. 

  340. {%- endif %}

  341. 

  342. {%- endif %}

  343. 

  344. {%- endif %}

  345. 

  346. {%- if interface.route is defined %}

  347. 

  348. linux_network_{{ interface_name }}_routes:

  349.   network.routes:

  350.   - name: {{ interface_name }}

  351.   - routes:

  352.     {%- for route_name, route in interface.route.items() %}

  353.     - name: {{ route_name }}

  354.       ipaddr: {{ route.address }}

  355.       netmask: {{ route.netmask }}

  356.       {%- if route.gateway is defined %}

  357.       gateway: {{ route.gateway }}

  358.       {%- endif %}

  359.     {%- endfor %}

  360. 

  361. {%- endif %}

  362. 

  363. {%- endfor %}

  364. 

  365. {%- if network.bridge != 'none' %}

  366. 

  367. linux_interfaces_final_include:

  368.   file.prepend:

  369.   - name: /etc/network/interfaces

  370.   - text: |

  371.       source /etc/network/interfaces.d/*

  372.       # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262

  373.       source /etc/network/interfaces.u/*

  374. 

  375. linux_interfaces_final_include_no_requisite:

  376.   file.prepend:

  377.   - name: /etc/network/interfaces

  378.   - text: |

  379.       source /etc/network/interfaces.d/*

  380.       # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262

  381.       source /etc/network/interfaces.u/*

  382. 

  383. {%- endif %}

  384. 

  385. {%- endif %}

  386. 

  387. {%- if network.network_manager.disable is defined and network.network_manager.disable == True %}

  388. 

  389. NetworkManager:

  390.   service.dead:

  391.   - enable: false

  392. 

  393. {%- endif %}

  394. 

  395. {%- if network.tap_custom_txqueuelen is defined %}

  396. 

  397. /etc/udev/rules.d/60-net-txqueue.rules:

  398.   file.managed:

  399.   - source: salt://linux/files/60-net-txqueue.rules

  400.   - mode: 755

  401.   - template: jinja

  402.   - defaults:

  403.     tap_custom_txqueuelen: {{ network.tap_custom_txqueuelen }}

  404. 

  405. udev_reload_rules:

  406.   cmd.run:

  407.   - name: "/bin/udevadm control --reload-rules"

  408.   - onchanges:

  409.     - file: /etc/udev/rules.d/60-net-txqueue.rules

  410. 

  411. udev_retrigger:

  412.   cmd.run:

  413.   - name: "/bin/udevadm trigger --attr-match=subsystem=net"

  414.   - onchanges:

  415.     - udev_reload_rules

  416. 

  417. {%- endif %}