feat: continue incus implementation (#245)

- migrate to systemd-networkd
- setup dummy, bridge and static/ethernet interfaces
- manage sshd.service droping to start ssh after networking is online
- enable ip forewarding
- add fastpool/data/incus dataset
- enable ospf and frr
- add loopback0 as ssh listenaddress
- add loopback1/2 for ceph cluster/public traffic

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/245
This commit was merged in pull request #245.
This commit is contained in:
2025-04-06 16:38:04 +10:00
parent 06666fe488
commit c225564bdb
17 changed files with 310 additions and 51 deletions
+51 -21
View File
@@ -4,37 +4,67 @@ class networking (
Hash $interface_defaults = {},
Hash $routes = {},
Hash $route_defaults = {},
Boolean $use_networkd = lookup('systemd::manage_networkd'),
){
include network
include networking::params
# manage interfaces
$interfaces.each | $interface, $data | {
$merged_data = merge($interface_defaults, $data)
network_config { $interface:
* => $merged_data,
notify => Exec['networking_reload_network'],
}
}
if $use_networkd {
# manage routes
$routes.each | $route, $data | {
$merged_data = merge($route_defaults, $data)
network_route { $route:
* => $merged_data,
notify => Exec['networking_reload_network'],
include systemd
service { 'NetworkManager':
ensure => 'stopped',
enable => false,
}
$interfaces.each |String $iface, Hash $data| {
$type = $data['type']
#$params = $data.filter |$key, $value| { $key != 'type' }
case $type {
'bridge': { networking::bridge { $iface: * => $data } }
'dummy': { networking::dummy { $iface: * => $data } }
'static': { networking::static { $iface: * => $data } }
'physical': { networking::static { $iface: * => $data } }
default: {
fail("Unsupported interface type '${type}' for interface '${iface}'")
}
}
}
}else{
# manage interfaces
$interfaces.each | $interface, $data | {
$merged_data = merge($interface_defaults, $data)
network_config { $interface:
* => $merged_data,
notify => Exec['networking_reload_network'],
}
}
# manage routes
$routes.each | $route, $data | {
$merged_data = merge($route_defaults, $data)
network_route { $route:
* => $merged_data,
notify => Exec['networking_reload_network'],
}
}
}
# determine which networking service to restart
$restart_command = $facts['os']['family'] ? {
'RedHat' => $facts['os']['release']['major'] ? {
'8' => '/usr/bin/systemctl restart network',
'9' => '/usr/bin/systemctl restart NetworkManager',
},
'Debian' => '/usr/bin/systemctl restart networking',
default => fail('Unsupported OS in networking-restart-command'),
$restart_command = $use_networkd ? {
true => '/usr/bin/systemctl restart systemd-networkd',
default => $facts['os']['family'] ? {
'RedHat' => $facts['os']['release']['major'] ? {
'8' => '/usr/bin/systemctl restart network',
'9' => '/usr/bin/systemctl restart NetworkManager',
default => fail('Unsupported RedHat OS release for networking restart'),
},
'Debian' => '/usr/bin/systemctl restart networking',
default => fail('Unsupported OS in networking-restart-command'),
}
}
# restart network/networking only if $restart_networking boolean is true