feat: continue incus implementation
- migrate to systemd-networkd - setup dummy, bridge and static/ethernet interfaces - manage sshd.service droping to start ssh after networking is online - enable ip forewarding - add fastpool/data/incus dataset - enable ospf and frr - add loopback0 as ssh listenaddress - add loopback1/2 for ceph cluster/public traffic
This commit is contained in:
@@ -0,0 +1,22 @@
|
||||
# manage bridges and bridge slaves
|
||||
define networking::bridge (
|
||||
String $type,
|
||||
Optional[Stdlib::IP::Address] $ipaddress,
|
||||
Optional[Stdlib::IP::Address] $netmask = undef,
|
||||
Optional[Stdlib::IP::Address] $gateway = undef,
|
||||
Optional[Boolean] $nocarrier = undef,
|
||||
Boolean $bridge = true,
|
||||
Integer[100-9200] $mtu = 1500,
|
||||
Optional[Boolean] $forwarding = false,
|
||||
) {
|
||||
include systemd
|
||||
|
||||
systemd::network { "${title}.netdev":
|
||||
content => template('networking/bridge.netdev.erb'),
|
||||
}
|
||||
|
||||
# Use shared template, it will detect bridge=true and skip Address/DNS/etc
|
||||
systemd::network { "${title}.network":
|
||||
content => template('networking/networkd-network.erb'),
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,18 @@
|
||||
# manage dummy/loopback interfaces
|
||||
define networking::dummy (
|
||||
String $type,
|
||||
Stdlib::IP::Address $ipaddress,
|
||||
Stdlib::IP::Address $netmask,
|
||||
Integer[100-9200] $mtu = 1500,
|
||||
Optional[Boolean] $forwarding = false,
|
||||
) {
|
||||
include systemd
|
||||
|
||||
systemd::network { "${title}.netdev":
|
||||
content => template('networking/dummy.netdev.erb'),
|
||||
}
|
||||
|
||||
systemd::network { "${title}.network":
|
||||
content => template('networking/networkd-network.erb'),
|
||||
}
|
||||
}
|
||||
@@ -4,37 +4,67 @@ class networking (
|
||||
Hash $interface_defaults = {},
|
||||
Hash $routes = {},
|
||||
Hash $route_defaults = {},
|
||||
Boolean $use_networkd = lookup('systemd::manage_networkd'),
|
||||
){
|
||||
|
||||
include network
|
||||
include networking::params
|
||||
|
||||
# manage interfaces
|
||||
$interfaces.each | $interface, $data | {
|
||||
$merged_data = merge($interface_defaults, $data)
|
||||
network_config { $interface:
|
||||
* => $merged_data,
|
||||
notify => Exec['networking_reload_network'],
|
||||
}
|
||||
}
|
||||
if $use_networkd {
|
||||
|
||||
# manage routes
|
||||
$routes.each | $route, $data | {
|
||||
$merged_data = merge($route_defaults, $data)
|
||||
network_route { $route:
|
||||
* => $merged_data,
|
||||
notify => Exec['networking_reload_network'],
|
||||
include systemd
|
||||
|
||||
service { 'NetworkManager':
|
||||
ensure => 'stopped',
|
||||
enable => false,
|
||||
}
|
||||
|
||||
$interfaces.each |String $iface, Hash $data| {
|
||||
$type = $data['type']
|
||||
#$params = $data.filter |$key, $value| { $key != 'type' }
|
||||
|
||||
case $type {
|
||||
'bridge': { networking::bridge { $iface: * => $data } }
|
||||
'dummy': { networking::dummy { $iface: * => $data } }
|
||||
'static': { networking::static { $iface: * => $data } }
|
||||
'physical': { networking::static { $iface: * => $data } }
|
||||
default: {
|
||||
fail("Unsupported interface type '${type}' for interface '${iface}'")
|
||||
}
|
||||
}
|
||||
}
|
||||
}else{
|
||||
# manage interfaces
|
||||
$interfaces.each | $interface, $data | {
|
||||
$merged_data = merge($interface_defaults, $data)
|
||||
network_config { $interface:
|
||||
* => $merged_data,
|
||||
notify => Exec['networking_reload_network'],
|
||||
}
|
||||
}
|
||||
|
||||
# manage routes
|
||||
$routes.each | $route, $data | {
|
||||
$merged_data = merge($route_defaults, $data)
|
||||
network_route { $route:
|
||||
* => $merged_data,
|
||||
notify => Exec['networking_reload_network'],
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# determine which networking service to restart
|
||||
$restart_command = $facts['os']['family'] ? {
|
||||
'RedHat' => $facts['os']['release']['major'] ? {
|
||||
'8' => '/usr/bin/systemctl restart network',
|
||||
'9' => '/usr/bin/systemctl restart NetworkManager',
|
||||
},
|
||||
'Debian' => '/usr/bin/systemctl restart networking',
|
||||
default => fail('Unsupported OS in networking-restart-command'),
|
||||
$restart_command = $use_networkd ? {
|
||||
true => '/usr/bin/systemctl restart systemd-networkd',
|
||||
default => $facts['os']['family'] ? {
|
||||
'RedHat' => $facts['os']['release']['major'] ? {
|
||||
'8' => '/usr/bin/systemctl restart network',
|
||||
'9' => '/usr/bin/systemctl restart NetworkManager',
|
||||
default => fail('Unsupported RedHat OS release for networking restart'),
|
||||
},
|
||||
'Debian' => '/usr/bin/systemctl restart networking',
|
||||
default => fail('Unsupported OS in networking-restart-command'),
|
||||
}
|
||||
}
|
||||
|
||||
# restart network/networking only if $restart_networking boolean is true
|
||||
|
||||
@@ -0,0 +1,26 @@
|
||||
# manage static interfaces
|
||||
define networking::static (
|
||||
String $type,
|
||||
Stdlib::IP::Address $ipaddress,
|
||||
Stdlib::IP::Address $netmask = '255.255.255.0',
|
||||
Integer[100-9200] $mtu = 1500,
|
||||
Optional[Boolean] $forwarding = false,
|
||||
Optional[Stdlib::IP::Address] $gateway = undef,
|
||||
Optional[Array[Stdlib::IP::Address]] $dns = undef,
|
||||
Optional[Array[Stdlib::Fqdn]] $domains = undef,
|
||||
Optional[Integer[0-4096]] $vlan = undef,
|
||||
Optional[Variant[Boolean,String]] $bridge = undef,
|
||||
Optional[Integer[0-4294967294]] $txqueuelen = undef,
|
||||
Optional[Stdlib::MAC] $mac = undef,
|
||||
) {
|
||||
include systemd
|
||||
|
||||
systemd::network { "${title}.network":
|
||||
content => template('networking/networkd-network.erb'),
|
||||
}
|
||||
#if $type == 'physical' and $mac {
|
||||
# systemd::network { "${title}.link":
|
||||
# content => template('networking/networkd-link.erb'),
|
||||
# }
|
||||
#}
|
||||
}
|
||||
Reference in New Issue
Block a user