c12s-kubespray/roles/network_plugin/macvlan/tasks/main.yml
2019-10-02 04:41:07 -07:00

115 lines
3.6 KiB
YAML

---
- name: Macvlan | Set cni directory permissions
file:
path: /opt/cni/bin
state: directory
owner: kube
recurse: true
mode: 0755
- name: Macvlan | Copy cni plugins
unarchive:
src: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
dest: "/opt/cni/bin"
mode: 0755
remote_src: yes
- name: Macvlan | Retrieve Pod Cidr
command: "{{ bin_dir }}/kubectl get nodes {{ kube_override_hostname | default(inventory_hostname) }} -o jsonpath='{.spec.podCIDR}'"
register: node_pod_cidr_cmd
delegate_to: "{{ groups['kube-master'][0] }}"
- name: Macvlan | set node_pod_cidr
set_fact:
node_pod_cidr={{ node_pod_cidr_cmd.stdout }}
- name: Macvlan | Retrieve default gateway network interface
become: false
raw: ip -4 route list 0/0 | sed 's/.*dev \([[:alnum:]]*\).*/\1/'
register: node_default_gateway_interface_cmd
- name: Macvlan | set node_default_gateway_interface
set_fact:
node_default_gateway_interface={{ node_default_gateway_interface_cmd.stdout | trim }}
- name: Macvlan | Install network gateway interface on debian
template:
src: debian-network-macvlan.cfg.j2
dest: /etc/network/interfaces.d/60-mac0.cfg
notify: Macvlan | restart network
when: ansible_os_family in ["Debian"]
- name: Macvlan | Install macvlan script on centos
copy:
src: "{{ item }}"
dest: /etc/sysconfig/network-scripts/
owner: root
group: root
mode: "0755"
with_fileglob:
- files/*
when: ansible_os_family in ["CentOS","RedHat"]
- name: Macvlan | Install post-up script on centos
copy:
src: "files/ifup-local"
dest: /sbin/
owner: root
group: root
mode: "0755"
when: ansible_os_family in ["CentOS","RedHat"] and enable_nat_default_gateway
- name: Macvlan | Install network gateway interface on centos
template:
src: "{{ item.src }}.j2"
dest: "/etc/sysconfig/network-scripts/{{ item.dst }}"
with_items:
- {src: centos-network-macvlan.cfg, dst: ifcfg-mac0 }
- {src: centos-routes-macvlan.cfg, dst: route-mac0 }
- {src: centos-postup-macvlan.cfg, dst: post-up-mac0 }
notify: Macvlan | restart network
when: ansible_os_family in ["CentOS","RedHat"]
- name: Macvlan | Install service nat via gateway on coreos
template:
src: coreos-service-nat_ouside.j2
dest: /etc/systemd/system/enable_nat_ouside.service
when: ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] and enable_nat_default_gateway
- name: Macvlan | Enable service nat via gateway on coreos
command: "{{ item }}"
with_items:
- systemctl daemon-reload
- systemctl enable enable_nat_ouside.service
when: ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] and enable_nat_default_gateway
- name: Macvlan | Install network gateway interface on coreos
template:
src: "{{ item.src }}.j2"
dest: "/etc/systemd/network/{{ item.dst }}"
with_items:
- {src: coreos-device-macvlan.cfg, dst: macvlan.netdev }
- {src: coreos-interface-macvlan.cfg, dst: output.network }
- {src: coreos-network-macvlan.cfg, dst: macvlan.network }
notify: Macvlan | restart network
when: ansible_os_family in ["CoreOS", "Container Linux by CoreOS"]
- name: Macvlan | Install cni definition for Macvlan
template:
src: 10-macvlan.conf.j2
dest: /etc/cni/net.d/10-macvlan.conf
- name: Macvlan | Install loopback definition for Macvlan
template:
src: 99-loopback.conf.j2
dest: /etc/cni/net.d/99-loopback.conf
- name: Enable net.ipv4.conf.all.arp_notify in sysctl
sysctl:
name: net.ipv4.conf.all.arp_notify
value: 1
sysctl_set: yes
sysctl_file: "{{ sysctl_file_path }}"
state: present
reload: yes