Allow to apply only overrides to the network interface

In case system is managed through netplan, but deployer want to extend configuration with extra data, like define extra vlan for existing bonding interface, they may use override files to extend configuration and to avoid potential conflicts. Change-Id: Iaeec0c5a5b1901207e09751bb424df1326cbfc06
2025-01-28 19:01:25 +01:00 · 2025-01-28 19:01:25 +01:00 · 1a7de3340b
commit 1a7de3340b
parent 511ed4e8f9
5 changed files with 94 additions and 4 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -132,7 +132,14 @@ systemd_netdevs: []
 #     config_overrides:
 #       Network:
 #         ConfigureWithoutCarrier: true
-
+#   - interface: "bond1"
+#     network_overrides_only: True
+#     config_overrides:
+#       Network:
+#         VLAN:
+#           ? 100
+#           ? 200
+#     filename: 10-netplan-bond1
 systemd_networks: []

 # The systemd resolved service can be setup using th following configuration.
--- a/releasenotes/notes/network_overrides_only-f54364a799bb20a1.yaml
+++ b/releasenotes/notes/network_overrides_only-f54364a799bb20a1.yaml
@ -0,0 +1,9 @@
+---
+features:
+  - |
+    Implemented flag ``network_overrides_only`` which is applicable to
+    ``systemd_networks``. When this flag is used no .network or .link
+    defenition is created - only ``{{ filename }}.network.d/overrides.conf``
+    configuration file, which contains arbitrary data from ``config_overrides``
+    This can be used to extend existing interface configuration, which is not
+    managed by the role directly (ie managed through ``netplan``).
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -166,7 +166,11 @@
    mode: "0644"
    config_overrides: "{{ item.1.link_config_overrides | default(systemd_link_config_overrides) }}"
    config_type: "ini"
-  with_indexed_items: "{{ _systemd_networks_named }}"
+  with_indexed_items: >-
+    {{
+      _systemd_networks_named | rejectattr('network_overrides_only', 'defined') +
+      _systemd_networks_named | selectattr('network_overrides_only', 'defined') | selectattr('network_overrides_only', 'false')
+    }}
  notify:
    - Update initramfs
    - Restart systemd-networkd
@ -182,7 +186,11 @@
    mode: "0644"
    config_overrides: "{{ item.1.config_overrides | default({}) }}"
    config_type: "ini"
-  with_indexed_items: "{{ _systemd_networks_named }}"
+  with_indexed_items: >-
+    {{
+      _systemd_networks_named | rejectattr('network_overrides_only', 'defined') +
+      _systemd_networks_named | selectattr('network_overrides_only', 'defined') | selectattr('network_overrides_only', 'false')
+    }}
  notify:
    - Restart systemd-networkd
  tags:
@ -195,7 +203,28 @@
    group: "root"
    mode: "0755"
    state: directory
-  loop: "{{ _systemd_networks_named | selectattr('static_routes', 'defined') | map(attribute='filename') }}"
+  loop: >-
+    {{
+      (
+        _systemd_networks_named | selectattr('static_routes', 'defined') +
+        _systemd_networks_named | selectattr('network_overrides_only', 'defined') | selectattr('network_overrides_only', 'true')
+      ) | map(attribute='filename')
+    }}
+
+- name: Create overrides files for network_overrides_only networks
+  openstack.config_template.config_template:
+    dest: "/etc/systemd/network/{{ item.1.filename }}.network.d/overrides.conf"
+    owner: "root"
+    group: "root"
+    mode: "0644"
+    config_overrides: "{{ item.1.config_overrides | default({}) }}"
+    config_type: "ini"
+  with_indexed_items: >-
+    {{ _systemd_networks_named | selectattr('network_overrides_only', 'defined') | selectattr('network_overrides_only', 'true') }}
+  notify:
+    - Restart systemd-networkd
+  tags:
+    - systemd-networkd

 - name: Place systemd-networkd routing policy rules
  ansible.builtin.template:
--- a/tests/test.yml
+++ b/tests/test.yml
@ -49,12 +49,25 @@
      - NetDev:
          Name: dummy2
          Kind: dummy
+      - NetDev:
+          Name: dummy3
+          Kind: dummy
      - NetDev:
          Name: br-test
          Kind: bridge
      - NetDev:
          Name: br-test2
          Kind: bridge
+      - NetDev:
+          Name: vlan-100
+          Kind: vlan
+        VLAN:
+          Id: 100
+      - NetDev:
+          Name: vlan-200
+          Kind: vlan
+        VLAN:
+          Id: 200
    systemd_networks:
      - interface: "dummy0"
        bond: "bond0"
@ -88,6 +101,8 @@
            Alias: "dummy-bridge0"
      - interface: "dummy2"
        bridge: "br-test"
+      - interface: "dummy3"
+        bridge: "br-test2"
      - interface: "br-test"
        address: "10.1.0.1"
        netmask: "255.255.255.0"
@ -95,3 +110,19 @@
        address: 10.2.0.1
        netmask: "255.255.255.0"
        ipforward: true
+        vlan:
+          - vlan-100
+        filename: 6-general-br-test2
+      - interface: "br-test2"
+        filename: 6-general-br-test2
+        network_overrides_only: true
+        config_overrides:
+          Network:
+            VLAN:
+              ? vlan-200
+      - interface: "vlan-100"
+        address: 10.3.0.1
+        netmask: "255.255.255.0"
+      - interface: "vlan-200"
+        address: 10.4.0.1
+        netmask: "255.255.255.0"
--- a/tests/verify.yml
+++ b/tests/verify.yml
@ -47,6 +47,20 @@
          - ansible_facts['br_test']['type'] == 'bridge'
          - ansible_facts['br_test']['ipv4']['address'] == '10.1.0.1'
          - ansible_facts['br_test']['ipv4']['netmask'] == '255.255.255.0'
+    - name: Vlan 100 check
+      assert:
+        that:
+          - ansible_facts['vlan_100']['active']
+          - ansible_facts['vlan_100']['type'] == 'ether'
+          - ansible_facts['vlan_100']['ipv4']['address'] == '10.3.0.1'
+          - ansible_facts['vlan_100']['ipv4']['netmask'] == '255.255.255.0'
+    - name: Vlan 200 check
+      assert:
+        that:
+          - ansible_facts['vlan_200']['active']
+          - ansible_facts['vlan_200']['type'] == 'ether'
+          - ansible_facts['vlan_200']['ipv4']['address'] == '10.4.0.1'
+          - ansible_facts['vlan_200']['ipv4']['netmask'] == '255.255.255.0'
    - name: Check link config overrides
      shell: 'grep -wo "Alias" /etc/systemd/network/*br-dummy.link'
      changed_when: false