efd90dd2f9
This allows packets to flow freely between things that bind IPs on the network bridge. Change-Id: Iaacdca31b27b7033ec08499bcea7061b9d3ec279
55 lines
1.4 KiB
YAML
55 lines
1.4 KiB
YAML
- name: Include OS-specific variables
|
|
include_vars: "{{ item }}"
|
|
with_first_found:
|
|
- "{{ ansible_distribution }}.yaml"
|
|
- "{{ ansible_os_family }}.yaml"
|
|
- "default.yaml"
|
|
|
|
# RHEL and CentOS requires repositories provided by RDO in order to install
|
|
# openvswitch, set them up.
|
|
- name: Set-up RDO repositories
|
|
become: yes
|
|
package:
|
|
name: "{{ rdo_repository }}"
|
|
state: installed
|
|
when:
|
|
- rdo_repository is defined
|
|
- ansible_os_family == "RedHat"
|
|
- ansible_distribution != "Fedora"
|
|
register: rdo_repos
|
|
|
|
- name: Install openvswitch
|
|
become: yes
|
|
package:
|
|
name: "{{ ovs_package }}"
|
|
state: installed
|
|
|
|
- name: Ensure openvswitch is started
|
|
become: yes
|
|
service:
|
|
name: "{{ ovs_service }}"
|
|
state: started
|
|
enabled: yes
|
|
|
|
# If we've installed RDO repositories for openvswitch earlier, remove them
|
|
- name: Ensure RDO repositories are removed
|
|
become: yes
|
|
package:
|
|
name: "rdo-release"
|
|
state: absent
|
|
when: rdo_repos | changed
|
|
|
|
- name: Authorize the multi-node-bridge network
|
|
become: yes
|
|
iptables:
|
|
state: present
|
|
action: insert
|
|
chain: INPUT
|
|
ip_version: ipv4
|
|
source: "{{ bridge_address_prefix }}.0/{{ bridge_address_subnet }}"
|
|
destination: "{{ bridge_address_prefix }}.0/{{ bridge_address_subnet }}"
|
|
jump: ACCEPT
|
|
when:
|
|
- bridge_configure_address | bool
|
|
- bridge_authorize_internal_traffic | bool
|