aruhier.systemd_networkd
Ansible 角色:systemd_networkd
Ansible 角色用于配置 systemd-networkd。
角色变量
# 链接
systemd_networkd_link: {}
# 网络设备
systemd_networkd_netdev: {}
# 网络
systemd_networkd_network: {}
# 角色是否需要重启 systemd-networkd 以应用新配置?
systemd_networkd_apply_config: false
# 是否启用 systemd_resolved
systemd_networkd_enable_resolved: true
# 删除匹配前缀的配置文件
systemd_networkd_cleanup: false
systemd_networkd_cleanup_prefix: ''
systemd_networkd_cleanup_prefix_is_regex: false
依赖关系
无
示例剧本
- 配置网络接口
systemd_networkd_network:
eth0:
- Match:
- Name: "eth0"
- Network:
- DHCP: "no"
- IPv6AcceptRouterAdvertisements: "no"
- DNS: 8.8.8.8
- DNS: 8.8.4.4
- Domains: "your.tld"
- Address: "192.0.2.176/24"
- Gateway: "192.0.2.1"
- Address: "2001:db8::302/64"
- Address: "fc00:0:0:103::302/64"
- Gateway: "2001:db8::1"
这将会在 /etc/systemd/network/ 下创建 eth0.network 文件,并启用
systemd-networkd 和 systemd-resolved。
每个 systemd_networkd_* 下的键对应要创建的文件名
(systemd_networkd_network 中的 .network,systemd_networkd_link 中的 .link 等等)。然后,每个文件名下的键是
systemd-networkd 中记录的一个部分,包含键值对 option: value。每个键值对会被转换为格式 option=value。
- 配置聚合接口
systemd_networkd_netdev:
bond0:
- NetDev:
- Name: "bond0"
- Kind: "bond"
- Bond:
- Mode: "802.3ad"
- LACPTransmitRate: "fast"
systemd_networkd_network:
bond0:
- Match:
- Name: "eth*"
- Network:
- DHCP: "yes"
- Bond: "bond0"
这将创建一个 LACP 聚合接口 bond0,包含所有以 eth 开头的接口。
- 配置基于接口的路由
systemd_networkd_conf:
route_tables:
- Network:
- RouteTable: "rtvlan10:10"
- RouteTable: "rtvlan11:11"
systemd_networkd_netdev:
netdev_bond0:
- NetDev:
- Name: bond0
- Kind: bond
- Bond:
- Mode: active-backup
- MIIMonitorSec: 0.1
- UpDelaySec: 0.2
- DownDelaySec: 0.2
- LACPTransmitRate: fast
- TransmitHashPolicy: layer2+3
netdev_vlan10:
- NetDev:
- Name: netdev_vlan10
- Kind: vlan
- VLAN:
- Id: 10
netdev_vlan11:
- NetDev:
- Name: netdev_vlan11
- Kind: vlan
- VLAN:
- Id: 11
netdev_bridge_vm_vlan10:
- NetDev:
- Name: netdev_bridge_vlan10
- Kind: bridge
netdev_bridge_vm_vlan11:
- NetDev:
- Name: netdev_bridge_vlan11
- Kind: bridge
systemd_networkd_network:
# 物理接口
eno3:
- Match:
- Name: eno3
- Network:
- Bond: bond0
eno4:
- Match:
- Name: eno4
- Network:
- Bond: bond0
bond0:
- Match:
- Name: bond0
- Network:
- Description: "静态/未配置的聚合,适用于 eno3 和 eno4"
# 我们不希望在 bond 自身上有任何 IP
- LinkLocalAddressing: "no"
- LLDP: "no"
- EmitLLDP: "no"
- IPv6AcceptRA: "no"
- IPv6SendRA: "no"
- VLAN: netdev_vlan10
- VLAN: netdev_vlan11
network_interface_vlan10:
- Match:
- Name: netdev_vlan10
- Type: vlan
- Network:
- Description: "在 vlan10 上的网络接口,连接到 netdev_bridge_vm_vlan10"
- Bridge: "netdev_bridge_vm_vlan10"
- DHCP: "no"
- DNS: &gw_vlan10 "10.0.10.1"
- Address: "10.0.10.161/24"
- DNS: *gw_vlan10
- Gateway: *gw_vlan10
network_interface_vlan11:
- Match:
- Name: netdev_vlan11
- Type: vlan
- Network:
- Description: "在 vlan11 上的网络接口,连接到 netdev_bridge_vm_vlan11"
- Bridge: "netdev_bridge_vm_vlan11"
- DHCP: "no"
- DNS: &gw_vlan11 "10.0.11.1"
- Address: "10.0.11.161/24"
- DNS: *gw_vlan11
- Gateway: *gw_vlan11
systemd_networkd_rt_tables:
- id: 11
name: rtvlan11
- id: 20
name: rtvlan20
systemd-resolved
默认情况下,此角色管理 /etc/resolv.conf 和 /etc/nsswitch.conf,以使用
由 systemd-resolved 提供的 DNS 存根解析器和 NSS 模块。
可以通过将 systemd_networkd_symlink_resolv_conf 和
systemd_networkd_manage_nsswitch_config 设置为 false 来禁用此行为,或者可以更改解析顺序。默认配置使用默认的 files 数据库和相应的 systemd 模块:
systemd_networkd_nsswitch_passwd: "files systemd"
systemd_networkd_nsswitch_group: "files systemd"
systemd_networkd_nsswitch_shadow: "files systemd"
systemd_networkd_nsswitch_gshadow: "files systemd"
systemd_networkd_nsswitch_hosts: "files resolve [!UNAVAIL=return] myhostname dns"
systemd_networkd_nsswitch_networks: "files dns"
systemd_networkd_nsswitch_protocols: "files"
systemd_networkd_nsswitch_services: "files"
systemd_networkd_nsswitch_ethers: "files"
systemd_networkd_nsswitch_rpc: "files"
systemd_networkd_nsswitch_netgroup: "nis"
systemd_networkd_nsswitch_automount: "files"
systemd_networkd_nsswitch_aliases: "files"
systemd_networkd_nsswitch_publickey: "files"
许可证
该工具基于 BSD 许可证。如有错误、问题或想要提交拉取请求,欢迎随时联系我!
安装
ansible-galaxy install aruhier.systemd_networkd许可证
other
下载
2.8k
拥有者