antpro/infra
1
0
Fork 0
forked from saratov/infra
Code Issues Pull Requests Projects Releases Wiki Activity

use etcnet to configure PBR

Browse Source
This commit is contained in:
Sergey Bubnov 2019-06-04 20:07:01 +04:00
parent 0c285e5bff
commit c7c3317689
2 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
roles/common/tasks/configure_nics.yml
View File

@ -39,10 +39,17 @@
lineinfile: lineinfile:
path: /etc/iproute2/rt_tables path: /etc/iproute2/rt_tables
line: "{{ (tbl_id | int) + 200 }} tbl_{{nic.key}}" line: "{{ (tbl_id | int) + 200 }} tbl_{{nic.key}}"
notify: restart network
- name: "create config for {{nic.key}}"
file:
path: "/etc/net/ifaces/{{nic.key}}"
state: directory
- name: define routing rules - name: define routing rules
shell: | template:
ip rule add from {{item|ipaddr('address')}}/{{item|ipaddr('prefix')}} lookup tbl_{{nic.key}} || /bin/true src: pbr_config.j2
ip route add default via {{nic.value.default}} dev {{nic.key}} table tbl_{{nic.key}} || /bin/true dest: "/etc/net/ifaces/{{nic.key}}/ifup-post"
mode: '0755'
with_items: "{{nic.value.ipv4}}" with_items: "{{nic.value.ipv4}}"
notify: restart network
when: nic.value.ipv4 is defined and nic.value.default is defined when: nic.value.ipv4 is defined and nic.value.default is defined
when: node.net | length > 1 and nic.value.descr == 'priv' when: node.net | length > 1 and nic.value.descr == 'priv'

3
roles/common/templates/pbr_config.j2 Normal file
View File

@ -0,0 +1,3 @@
#!/usr/bin/env bash
ip rule add from {{item|ipaddr('address')}}/{{item|ipaddr('prefix')}} lookup tbl_{{nic.key}} || /bin/true
ip route add default via {{nic.value.default}} dev {{nic.key}} table tbl_{{nic.key}} || /bin/true