Ubuntu: refactor network.yml playbook

The network.yml playbook is reduced in complexity, now performing
validation before including a role specific to the OS family of the host
(network-redhat or network-debian). This will allow the network
configuration to diverge between OS families without adding excessive
conditionals.  Currently the content of the roles is identical.

Story: 2004960

Change-Id: Iaa69e5303e554e6b30a23a3e84e36d09972888c9
This commit is contained in:
Mark Goddard 2021-04-06 17:58:15 +01:00
parent 97f2f3b5c7
commit ae2ed2215a
3 changed files with 105 additions and 49 deletions

View File

@ -4,11 +4,7 @@
tags:
- config
- network
vars:
ether_interfaces: "{{ network_interfaces | net_select_ethers | list }}"
bridge_interfaces: "{{ network_interfaces | net_select_bridges | list }}"
bond_interfaces: "{{ network_interfaces | net_select_bonds | list }}"
pre_tasks:
tasks:
- block:
- name: Validate network interface configuration
fail:
@ -33,50 +29,13 @@
{{ item }}. This should be configured via '{{ item }}_interface'.
with_items: "{{ bond_interfaces }}"
when: not item | net_interface
vars:
ether_interfaces: "{{ network_interfaces | net_select_ethers | list }}"
bridge_interfaces: "{{ network_interfaces | net_select_bridges | list }}"
bond_interfaces: "{{ network_interfaces | net_select_bonds | list }}"
tags:
- config-validation
- name: Ensure NetworkManager is disabled
service:
name: NetworkManager
state: stopped
enabled: no
become: True
register: nm_result
failed_when:
- nm_result is failed
# Ugh, Ansible's service module doesn't handle uninstalled services.
- "'Could not find the requested service' not in nm_result.msg"
roles:
- role: ahuffman.resolv
when: resolv_is_managed | bool
become: True
- role: MichaelRigart.interfaces
interfaces_route_tables: "{{ network_route_tables }}"
interfaces_ether_interfaces: >
{{ ether_interfaces |
map('net_interface_obj') |
list }}
interfaces_bridge_interfaces: >
{{ bridge_interfaces |
map('net_bridge_obj') |
list }}
interfaces_bond_interfaces: >
{{ bond_interfaces |
map('net_bond_obj') |
list }}
# Configure virtual ethernet patch links to connect the workload provision
# and external network bridges to the Neutron OVS bridge.
- name: Ensure OVS patch links exist
hosts: network:compute
tags:
- config
- network
tasks:
- import_role:
name: veth
vars:
veth_interfaces: "{{ network_interfaces | net_ovs_veths }}"
- name: Configure the network
include_role:
name: "network-{{ ansible_os_family | lower }}"

View File

@ -0,0 +1,51 @@
---
- name: Ensure NetworkManager is disabled
service:
name: NetworkManager
state: stopped
enabled: no
become: True
register: nm_result
failed_when:
- nm_result is failed
# Ugh, Ansible's service module doesn't handle uninstalled services.
- "'Could not find the requested service' not in nm_result.msg"
- import_role:
name: ahuffman.resolv
when: resolv_is_managed | bool
become: True
- name: Configure network interfaces (RedHat)
import_role:
name: MichaelRigart.interfaces
vars:
interfaces_route_tables: "{{ network_route_tables }}"
interfaces_ether_interfaces: >
{{ network_interfaces |
net_select_ethers |
map('net_interface_obj') |
list }}
interfaces_bridge_interfaces: >
{{ network_interfaces |
net_select_bridges |
map('net_bridge_obj') |
list }}
interfaces_bond_interfaces: >
{{ network_interfaces |
net_select_bonds |
map('net_bond_obj') |
list }}
# Ensure that interface bouncing is finished before veth pairs are added,
# since they are only ephemerally configured on Debian.
- name: Flush handlers
meta: flush_handlers
# Configure virtual ethernet patch links to connect the workload provision
# and external network bridges to the Neutron OVS bridge.
- name: Ensure OVS patch links exist
import_role:
name: veth
vars:
veth_interfaces: "{{ network_interfaces | net_ovs_veths }}"

View File

@ -0,0 +1,46 @@
---
- name: Ensure NetworkManager is disabled
service:
name: NetworkManager
state: stopped
enabled: no
become: True
register: nm_result
failed_when:
- nm_result is failed
# Ugh, Ansible's service module doesn't handle uninstalled services.
- "'Could not find the requested service' not in nm_result.msg"
- import_role:
name: ahuffman.resolv
when: resolv_is_managed | bool
become: True
- name: Configure network interfaces (RedHat)
import_role:
name: MichaelRigart.interfaces
vars:
interfaces_route_tables: "{{ network_route_tables }}"
interfaces_ether_interfaces: >
{{ network_interfaces |
net_select_ethers |
map('net_interface_obj') |
list }}
interfaces_bridge_interfaces: >
{{ network_interfaces |
net_select_bridges |
map('net_bridge_obj') |
list }}
interfaces_bond_interfaces: >
{{ network_interfaces |
net_select_bonds |
map('net_bond_obj') |
list }}
# Configure virtual ethernet patch links to connect the workload provision
# and external network bridges to the Neutron OVS bridge.
- name: Ensure OVS patch links exist
import_role:
name: veth
vars:
veth_interfaces: "{{ network_interfaces | net_ovs_veths }}"