- name: Include OS-specific variables include_vars: "{{ zj_distro_os }}" with_first_found: - "{{ ansible_distribution }}.yaml" - "{{ ansible_os_family }}.yaml" - "default.yaml" loop_control: loop_var: zj_distro_os # openvswitch for CentOS is available from the RDO repositories. # We're setting it up manually to prevent centos-release-openstack or rdo-release # from installing repositories we don't need. - when: - ansible_os_family == "RedHat" - ansible_distribution != "Fedora" become: yes block: - name: Set up RDO GPG key copy: src: RPM-GPG-KEY-CentOS-SIG-Cloud dest: /tmp/RPM-GPG-KEY-CentOS-SIG-Cloud mode: 0644 - name: Set up RDO repository template: src: zuul-multi-node-bridge-ovs.repo.j2 dest: /etc/yum.repos.d/zuul-multi-node-bridge-ovs.repo mode: 0644 - name: Set package.use values for OVS on Gentoo become: yes lineinfile: path: /etc/portage/package.use/ovs line: "{{ zj_item.line }}" create: yes mode: 0644 loop: - { line: 'dev-python/twisted conch # for openvswitch' } - { line: 'sys-apps/util-linux caps # for openvswitch' } - { line: 'net-misc/openvswitch -modules # ovs/gre are staticly built' } loop_control: loop_var: zj_item when: - ansible_distribution == 'Gentoo' - name: Install openvswitch become: yes package: name: "{{ ovs_package }}" state: present when: - ansible_distribution != 'Gentoo' - name: Install openvswitch (Gentoo) become: yes package: name: "{{ ovs_package }}" state: present jobs: 8 when: - ansible_distribution == 'Gentoo' - name: Ensure openvswitch is started become: yes service: name: "{{ ovs_service }}" state: started enabled: yes - name: Remove RDO repository files become: yes file: path: "{{ zj_rdo }}" state: absent loop: - /tmp/RPM-GPG-KEY-CentOS-SIG-Cloud - /etc/yum.repos.d/zuul-multi-node-bridge-ovs.repo loop_control: loop_var: zj_rdo when: - ansible_os_family == "RedHat" - ansible_distribution != "Fedora" - name: Authorize the multi-node-bridge network become: yes iptables: state: present action: insert chain: INPUT ip_version: ipv4 source: "{{ bridge_address_prefix }}.0/{{ bridge_address_subnet }}" destination: "{{ bridge_address_prefix }}.0/{{ bridge_address_subnet }}" jump: ACCEPT when: - bridge_configure_address | bool - bridge_authorize_internal_traffic | bool - when: bridge_mtu is not defined block: - name: Determine bridge mtu shell: | # Find all interfaces with a permanent mac address type. # Permanent mac addrs imply "real" hardware and not interfaces we have # created through this system. This makes our MTU determination mostly # idempotent allowing us to create multiple overlays without # perpetually smaller MTUs. # find is used instead of ls as we can select the 'link' type with find # only the link type is needed because files do not have interface # properties and directories are not used for this area of /sys SMALLEST_MTU="" for X in $(find /sys/class/net/ -maxdepth 1 -type l -exec basename {} ';') ; do MAC_TYPE=$(cat "/sys/class/net/${X}/addr_assign_type") if [ "$MAC_TYPE" -ne "0" ] ; then # Type 0 is a permanent address implying a "real" # interface. We ignore other interfaces as that is what we # create here continue fi MTU=$(cat "/sys/class/net/${X}/mtu") if [ -z "$SMALLEST_MTU" ] || [ "$SMALLEST_MTU" -gt "$MTU" ] ; then SMALLEST_MTU=$MTU fi done # 70 byte overhead for vxlan + IPv6, which will also support IPv4 echo $(( SMALLEST_MTU - 70 )) args: executable: /bin/bash environment: PATH: '{{ ansible_env.PATH }}:/bin:/sbin:/usr/sbin' register: mtu_output - name: Set bridge_mtu set_fact: bridge_mtu: "{{ mtu_output.stdout }}"