From bd81d94f61d721e663927ecb4f0df1fd17cfc751 Mon Sep 17 00:00:00 2001 From: Andy McCrae Date: Thu, 25 Aug 2016 10:49:20 +0100 Subject: [PATCH] Use a templated network conf Using a set of "ifup/ifdown" commands doesn't allow us to define networks in a very fine-grained way. Some roles (nova/tempest) require more specific network settings in order to work properly. To avoid having to consistently change the test-prepare-host play it will be easier to allow each repo to specify it's own network configuration and simply template that out and restart networking. Change-Id: I03bf43e529fc3a2e279106f1dbb9302df7437c08 --- network_config.cfg.j2.sample | 24 ++++++++++++++++++++++ test-prepare-host.yml | 39 ++++++++++++------------------------ 2 files changed, 37 insertions(+), 26 deletions(-) create mode 100644 network_config.cfg.j2.sample diff --git a/network_config.cfg.j2.sample b/network_config.cfg.j2.sample new file mode 100644 index 00000000..f0375dc1 --- /dev/null +++ b/network_config.cfg.j2.sample @@ -0,0 +1,24 @@ +## Sample network configuration file. This file would go into the repo itself. +## Adjust the file as necessary and put the required network interfaces. +## Remember the "bridges" setting in your localhost hostvars would need to match the interfaces defined here. +## You would reference the file by adding "network_conf_filename: my_network_file.cfg.j2" + +auto br-mgmt +iface br-mgmt inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports none + address 10.100.101.1 + netmask 255.255.255.0 + offload-sg off + +auto br-storage +iface br-storage inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports none + address 10.100.102.1 + netmask 255.255.255.0 + offload-sg off diff --git a/test-prepare-host.yml b/test-prepare-host.yml index a7ab2b53..d482f6d9 100644 --- a/test-prepare-host.yml +++ b/test-prepare-host.yml @@ -61,11 +61,9 @@ - name: Copy network configuration template: - src: test-nova-interfaces.cfg.j2 - dest: /etc/network/interfaces.d/nova_interfaces.cfg - register: nova_interfaces - tags: - - networking-interfaces-file + src: "{{ network_conf_filename }}" + dest: /etc/network/interfaces.d/test_interfaces.cfg + register: network_interfaces - name: Ensure our interfaces.d configuration files are loaded automatically lineinfile: @@ -76,31 +74,14 @@ - name: Shut down the network interfaces command: "ifdown {{ item }}" - when: nova_interfaces | changed - with_items: - - br-mgmt - - br-vlan - - br-vxlan - tags: - - networking-interfaces-stop + when: network_interfaces | changed + with_items: bridges - name: Start the network interfaces command: "ifup {{ item }}" - when: nova_interfaces | changed - with_items: - - br-mgmt - - br-vlan - - br-vxlan - tags: - - networking-interfaces-start - - name: Create bridges - shell: /sbin/brctl addbr {{ item.name }} || true + when: network_interfaces | changed with_items: bridges - when: bridges is defined - - name: IP bridges - command: /sbin/ifconfig {{ item.name }} {{ item.ip_addr }} netmask 255.255.255.0 - with_items: bridges - when: bridges is defined + - name: Add iptables rule to ensure ssh checksum is correct command: /sbin/iptables -A POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill - name: Add iptables rules for lxc natting @@ -115,5 +96,11 @@ delay: 2 with_items: - lxc-python2 + + - name: Add iptables rules for lxc natting + command: /usr/local/bin/lxc-system-manage iptables-create + + roles: + - role: "lxc_hosts" vars_files: - test-vars.yml