ansibleguy.linux_networking

Panoramica Versioni Approfondimenti

Ansible Role - Linux Network Configuration

Ansible Role for setting up network configurations and interfaces on Linux servers.

Buy me a coffee

Molecule Test Status YamlLint Test Status PyLint Test Status Ansible-Lint Test Status Ansible Galaxy

Tested On:

  • Debian 11

Installation

# latest version
ansible-galaxy role install git+https://github.com/ansibleguy/linux_networking

# from Ansible Galaxy
ansible-galaxy install ansibleguy.linux_networking

# or install to a custom role path
ansible-galaxy install ansibleguy.linux_networking --roles-path ./roles

# install required dependencies
ansible-galaxy install -r requirements.yml
python3 -m pip install -r requirements.txt

Usage

Want a simple Ansible GUI? Check out my Ansible WebUI

Configuration

Set up the network configuration as needed:

network:
  support:
    vlan: true
    bridge: true
    bonding: true
    traffic_forwarding: true
    ipv6: true

  purge_orphaned_interfaces: true
    
  interfaces:  # for more configuration details see: https://wiki.debian.org/NetworkConfiguration
    ens192:
      address: '192.168.142.90/24'
      gateway: '192.168.142.1'
      script_post-up: ['ip route add 172.16.100.0/24 dev ens192 src 192.168.142.90 via 192.168.142.10']
      aliases:
        - address: '2a09:cd41:f:42ee::1'
          gateway: '2a09:cd41:f:42ee::f'
        - '2a09:cd41:f:42ee::1'
    bridge01:
      bridge_ports: ['ens193', 'ens194']
      script_down: ['/usr/local/sbin/random_script.sh']
    ens195:  # initialize parent interface
    ens195.85:
      vlan: true
      hotplug: false
      address: '10.0.85.90/24'
      gateway: '10.0.85.1'
      nameservers: ['10.0.85.1']
    bond01:
      bond-mode: '802.3ad'
      bond-lacp-rate: 1
      bond-miimon: 100
      address: '192.168.200.10/26'
      bond-slaves: ['ens196', 'ens197'] 
    bond02:
      bond-mode: 'active-passive'
      address: '192.168.210.10/26'
      bond-slaves: ['ens198', 'ens199']

  validation:
    enable: true
    tests:
      ping:
        google_dns: '8.8.8.8'
      port:
        internal_web:
          host: 'someSite.internal'
          port: 443

  startup_service:
    enable: true
    interfaces:
      tunnel01:
        type: 'vti'
        args:
          key: 32
          local: '192.168.133.1'
          remote: '192.168.133.2'
    
    routes:
      '192.168.142.1':
        - net: '10.10.40.0/22'
          metric: 50
      tunnel01:
        - net: '10.10.52.0/24'
    
    routes_cmd:
      - 'ip route add 0.0.0.0/0 via 192.168.142.254 metric 200'

Execution

Run the playbook with this command:

ansible-playbook -K -D -i inventory/hosts.yml playbook.yml

You can also use some helpful tags:

  • base
  • interfaces
  • routing

Features

  • Network Interfaces

    • Bridges
    • Bonding
    • VLANs
    • IPv4 & IPv6

  • Static Routing

    • Via interface scripts
    • Via startup service

  • Defaults

    • Installs basic network diagnostic tools
    • Cleans up unused interfaces
    • Supports:
      • IPv6

  • Optional Features

    • Network startup service for specific configurations
    • Protection against lockout via validation script
    • Supports:
      • Interface bonding
      • Interface bridging
      • VLAN interfaces
      • Traffic forwarding (like a router)

Information

  • Note: This role currently only works on Debian systems (some support for Ubuntu).

  • Note: Most features can be turned on or off.

    For all available options, check the default configuration in the main defaults-file!

  • Warning: Not every setting you provide is checked for correctness. Incorrect configurations may cause issues!

  • Note: The network validation port check only supports TCP ports, as checking UDP connectivity is not straightforward.

Example Configurations

Basic, Bond, VLAN Setup

Config

network:
  support:
    vlan: true
    bridge: true
    bonding: true
    ipv6: false

  interfaces:
    ens192:
      address: '10.48.2.90/24'
      gateway: '10.48.2.254'
    bond01:
      bond-mode: 'balance-tlb'
      address: '10.48.2.92/24'
      bond-slaves: ['ens224', 'ens256']
    ens161:
    ens161.5:
      vlan: true
      hotplug: false
      address: '10.10.55.10/24'
      nameservers: ['10.0.55.1']
      script_post-up: ['ip route add 192.168.4.0/22 via 10.10.55.1 metric 50']

Result:

guy@ansible:~# ip a
> 2: ens192:
>     inet 10.48.2.90/24
> 3: bond01 <MASTER,UP>
>     inet 10.48.2.92/24
> 4: ens256: <SLAVE,UP>
> 5: ens224: <SLAVE,UP>
> 6: ens161:
> 7: ens161.5@ens161:
>     inet 10.10.55.10/24

guy@ansible:~# ip route show
> default via 10.48.2.254 dev ens192
> 10.10.55.0/24 dev ens161.5
> 10.48.2.0/24 dev bond01

IPv6 & Aliases

Config

network:
  validation:
    enable: true
  interfaces:
    eth0:
      address: '10.0.85.90/24'
      gateway: '10.0.85.1'
      aliases:
        - address: '2a09:cd41:f:42ee::1/124'
          gateway: '2a09:cd41:f:42ee::f'
        - '2a09:cd41:f:42ee::2'

Result:

guy@ansible:~# ping -6 one.one.one.one -I 2a09:cd41:f:42ee::2
> PING one.one.one.one from 2a09:cd41:f:42ee::2: 56 data bytes

guy@ansible:~# ip a
> 2: eth0: 
>     inet 10.0.85.90/24
>     inet6 2a09:cd41:f:42ee::1/124

guy@ansible:~# cat /etc/network/interfaces.d/eth0
> # Ansible managed
> 
> auto eth0
> iface eth0 inet static
>     address 194.32.76.202/24
>     gateway 194.32.76.1
> 
> auto eth0:1
> iface eth0:1 inet6 static
>     address 2a09:cd41:f:42ee::1/124
> 
> auto eth0:2
> iface eth0:2 inet6 static
>     address 2a09:cd41:f:42ee::2
Informazioni sul progetto

Role to configure network interfaces and routing on linux servers

role network interfaces routing bridge bonding vlan
Installa
ansible-galaxy install ansibleguy.linux_networking
GitHub repository
7 stelle
2 fork
5 problemi aperti
Licenza
other
Download
2.5k
Proprietario
AnsibleGuy
[email protected] | GPG: https://badges.ansibleguy.net/public.gpg