Skip to content

Commit a2829e0

Browse files
mdboothEmilienM
mdbooth
authored and
EmilienM
committed
network: Disable interfaces which aren't in use
1 parent 4761ca7 commit a2829e0

File tree

1 file changed

+52
-15
lines changed

1 file changed

+52
-15
lines changed

playbooks/network.yaml

Lines changed: 52 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -32,27 +32,57 @@
3232
enabled: true
3333
state: started
3434

35+
- name: Define dummy interfaces to be created
36+
set_fact:
37+
nmstate_ifs:
38+
- name: dummy0
39+
type: dummy
40+
state: up
41+
ipv4:
42+
enabled: false
43+
ipv6:
44+
enabled: false
45+
- name: dummy1
46+
type: dummy
47+
state: up
48+
ipv4:
49+
enabled: false
50+
ipv6:
51+
enabled: false
52+
53+
- name: Construct a list of disabled nics
54+
set_fact:
55+
disabled_nics: "{{ network_devices | difference(sriov_vfs) | difference(used_devices) }}"
56+
vars:
57+
used_devices: "{{ [ network_info.public_ipv4.interface ] + (sriov_interface is defined | ternary([sriov_interface], [])) }}"
58+
59+
60+
- name: Disable interfaces which aren't in use
61+
set_fact:
62+
nmstate_ifs: "{{ nmstate_ifs + [ {'name': item} | combine(removed) ] }}"
63+
loop: "{{ disabled_nics }}"
64+
vars:
65+
removed:
66+
state: absent
67+
68+
- name: Disable DHCP on SR-IOV PFs
69+
set_fact:
70+
nmstate_ifs: "{{ nmstate_ifs + [ {'name': item} | combine(nodhcp) ] }}"
71+
loop: "{{ sriov_pfs | difference(disabled_nics) }}"
72+
vars:
73+
nodhcp:
74+
ipv4:
75+
enabled: false
76+
ipv6:
77+
enabled: false
78+
3579
- name: Set nmstate # noqa 301
3680
command: nmstatectl set --no-commit --timeout 60
3781
args:
3882
stdin: "{{ network_state | to_nice_json }}"
3983
vars:
4084
network_state:
41-
interfaces:
42-
- name: dummy0
43-
type: dummy
44-
state: up
45-
ipv4:
46-
enabled: false
47-
ipv6:
48-
enabled: false
49-
- name: dummy1
50-
type: dummy
51-
state: up
52-
ipv4:
53-
enabled: false
54-
ipv6:
55-
enabled: false
85+
interfaces: "{{ nmstate_ifs }}"
5686
register: nmstateset
5787

5888
# Doing this in 2 steps means that we'll automatically rollback if we break
@@ -62,6 +92,13 @@
6292
vars:
6393
checkpoint: "{{ (nmstateset.stdout_lines|last).split()[1] }}"
6494

95+
# This prevents OpenStack installation failure later if the network unit
96+
# failed because not all physical interfaces have DHCP
97+
- name: Ensure network systemd unit is up
98+
systemd:
99+
name: network
100+
state: started
101+
65102
- name: Create systemd unit to add SNAT rule for hostonly network
66103
template:
67104
src: "standalone_snat.service.j2"

0 commit comments

Comments
 (0)