--- # Copyright 2015, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: Check if firewalld is installed command: rpm -q firewalld register: firewalld_check changed_when: false failed_when: firewalld_check.rc > 1 when: ansible_facts['os_family'] == 'RedHat' - name: Disable firewalld become: True service: name: "{{ item }}" enabled: false state: stopped with_items: - firewalld when: - ansible_facts['os_family'] == 'RedHat' - firewalld_check.rc == 0 - name: Disable NetworkManager become: True service: name: NetworkManager state: stopped enabled: no masked: yes when: - ansible_facts['os_family'] == 'RedHat' - name: Run the systemd-networkd role include_role: name: systemd_networkd vars: systemd_networkd_prefix: "osa_testing" systemd_networkd_epel_mirror: "{{ (nodepool_vars is defined) | ternary(nodepool_vars.NODEPOOL_EPEL_MIRROR, 'http://download.fedoraproject.org/pub/epel') }}" systemd_interface_cleanup: true systemd_run_networkd: true systemd_netdevs: - NetDev: Name: dummy-mgmt Kind: dummy - NetDev: Name: dummy-vxlan Kind: dummy - NetDev: Name: dummy-storage Kind: dummy - NetDev: Name: dummy-vlan Kind: dummy - NetDev: Name: dummy-dbaas Kind: dummy - NetDev: Name: dummy-lbaas Kind: dummy - NetDev: Name: dummy-bmaas Kind: dummy - NetDev: Name: br-mgmt Kind: bridge - NetDev: Name: br-vxlan Kind: bridge - NetDev: Name: br-storage Kind: bridge - NetDev: Name: br-vlan Kind: bridge - NetDev: Name: br-dbaas Kind: bridge - NetDev: Name: br-lbaas Kind: bridge - NetDev: Name: br-bmaas Kind: bridge - NetDev: Name: br-vlan-veth Kind: veth Peer: Name: eth12 - NetDev: Name: br-dbaas-veth Kind: veth Peer: Name: eth13 - NetDev: Name: br-lbaas-veth Kind: veth Peer: Name: eth14 - NetDev: Name: br-bmaas-veth Kind: veth Peer: Name: eth15 systemd_networks: - interface: "dummy-mgmt" bridge: "br-mgmt" mtu: 9000 - interface: "br-mgmt" config_overrides: Network: Address: ? "172.29.236.100/22" ? "172.29.236.101/22" - interface: "dummy-storage" bridge: "br-storage" mtu: 9000 - interface: "br-storage" address: "172.29.244.100" netmask: "255.255.252.0" - interface: "dummy-dbaas" bridge: "br-dbaas" mtu: 9000 - interface: "br-dbaas" address: "172.29.252.100" netmask: "255.255.252.0" - interface: "br-dbaas-veth" bridge: "br-dbaas" mtu: 9000 - interface: "dummy-lbaas" bridge: "br-lbaas" mtu: 9000 - interface: "br-lbaas" address: "172.29.232.100" netmask: "255.255.252.0" - interface: "br-lbaas-veth" bridge: "br-lbaas" mtu: 9000 - interface: "dummy-bmaas" bridge: "br-bmaas" mtu: 1500 - interface: "br-bmaas" address: "172.29.228.100" netmask: "255.255.252.0" - interface: "br-bmaas-veth" bridge: "br-bmaas" mtu: 1500 - interface: "dummy-vxlan" bridge: "br-vxlan" mtu: 9000 - interface: "br-vxlan" address: "172.29.240.100" netmask: "255.255.252.0" - interface: "dummy-vlan" bridge: "br-vlan" mtu: 9000 - interface: "br-vlan" config_overrides: Network: Address: ? "172.29.248.100/22" ? "172.29.248.1/22" - interface: "br-vlan-veth" bridge: "br-vlan" mtu: 9000 tags: - network-config # NOTE(jrosser) The systemd_networkd role uses a handler to restart the networking service # This will normally not run until the end of the play, so we must force it here - name: Force systemd_networkd hander to run meta: flush_handlers # NOTE(jrosser) The intention here is not to proceed further until the network bridges are up # This ensures there will be no race between the bridges coming up and subsequent tasks which # require functional network interfaces - name: Check that network bridges are up wait_for: port: 22 timeout: 30 host: "{{ item }}" with_items: - 172.29.236.100 # br-mgmt - 172.29.244.100 # br-storage - 172.29.252.100 # br-dbaas - 172.29.232.100 # br-lbaas - 172.29.240.100 # br-vxlan - 172.29.228.100 # br-bmaas - name: Run the systemd service role include_role: name: systemd_service vars: systemd_services: - service_name: "networking-post-up" config_overrides: Unit: Description: networking-post-up After: network-online.target Wants: network-online.target Service: RemainAfterExit: yes service_type: oneshot execstarts: - "-{{ bootstrap_host_iptables_path }} -t nat -A POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE" - "-{{ bootstrap_host_ethtool_path }} -K br-mgmt gso off sg off tso off tx off" - "-{{ bootstrap_host_ethtool_path }} -K br-vxlan gso off sg off tso off tx off" - "-{{ bootstrap_host_ethtool_path }} -K br-storage gso off sg off tso off tx off" - "-{{ bootstrap_host_ethtool_path }} -K br-vlan gso off sg off tso off tx off" - "-{{ bootstrap_host_ethtool_path }} -K br-dbaas gso off sg off tso off tx off" - "-{{ bootstrap_host_ethtool_path }} -K br-lbaas gso off sg off tso off tx off" - "-{{ bootstrap_host_ethtool_path }} -K br-bmaas gso off sg off tso off tx off" - "-{{ bootstrap_host_ip_path }} link set eth12 up" - "-{{ bootstrap_host_ip_path }} link set br-vlan-veth up" - "-{{ bootstrap_host_ethtool_path }} -K eth12 gso off sg off tso off tx off" - "-{{ bootstrap_host_ip_path }} link set eth13 up" - "-{{ bootstrap_host_ip_path }} link set br-dbaas-veth up" - "-{{ bootstrap_host_ethtool_path }} -K eth13 gso off sg off tso off tx off" - "-{{ bootstrap_host_ip_path }} link set eth14 up" - "-{{ bootstrap_host_ip_path }} link set br-lbaas-veth up" - "-{{ bootstrap_host_ethtool_path }} -K eth14 gso off sg off tso off tx off" - "-{{ bootstrap_host_ip_path }} link set eth15 up" - "-{{ bootstrap_host_ip_path }} link set br-bmaas-veth up" - "-{{ bootstrap_host_ethtool_path }} -K eth15 gso off sg off tso off tx off" execstops: - "{{ bootstrap_host_iptables_path }} -t nat -D POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE" enabled: yes state: started systemd_tempd_prefix: openstack tags: - network-config - name: Updating the facts due to net changes setup: gather_subset: network tags: - networking