prevent wrong behaviour when more than one dhcp on interfaces

firts we check that the VM has already get some IP address
and if so we just deploy as usual. If VM have no IP address
on any interface we throw all interfaces except first (eth0) to
the `empty vlan` that have no DHCP server enabled. VLAD ID defined
in environment variable. After network configuration inside VM we
restore propper VLAN IDs on all interfaces. This approach should help
in situations when DHCP available on more than one interfaces and those
interfaces configured as dhcp-clients, thus more than one default gw
will be configured with some metrics and all traffic will be routed
to the right one or will be not.

plugins/filters.py

@@ -59,10 +59,13 @@ def to_nics_dict(src):
                                "addrs": addrs}
     return nics
 
-def to_proxmox_net(src):
+def to_proxmox_net(src, vlan=None):
     out = {}
     ks = ['virtio', 'bridge', 'tag']
     for k,v in src.items():
+        if k != 'eth0' and vlan:
+            v['tag'] = vlan
+
         k = k.replace('eth','net')
         [ v.pop(x, None) for x in set(v.keys()).difference(ks) ]
         v.pop('ipv4', None) # remove unused key

roles/common/tasks/main.yml

@@ -121,6 +121,14 @@
     delay: 2
     timeout: 300
 
+- debug: msg="{{hostvars['localhost']['other_nics_to_vlan']}}"
+
+- name: enable vlans on other interfaces
+  include_role:
+    name: pve
+    tasks_from: enable_vlans.yml
+  when: hostvars['localhost']['other_nics_to_vlan']
+
 - name: configure PBR
   include_tasks: configure_pbr.yml
   with_dict: "{{node.net}}"

roles/pve/tasks/create_vm.yml

@@ -1,6 +1,7 @@
 ---
 - set_fact: node_name="{{tmp_node}}"
 - set_fact: vm_name="{{node_name}}.{{stack.name}}"
+- set_fact: other_nics_to_vlan=false
 
 - name: "[{{vm_name}}] clone VM"
   proxmox_kvm:
@@ -31,6 +32,24 @@
   delay: 1
   ignore_errors: yes
 
+- name: "[{{vm_name}}] get VM`s ip addresses"
+  proxmox_qemu_agent:
+    api_user: "{{env.pve.username}}"
+    api_password: "{{env.pve.password}}"
+    api_host: "{{env.pve.api_url}}"
+    name: "{{vm_name}}"
+    command: "network-get-interfaces"
+  register: res
+  until: res.results | json_query('[] | [?name!=`lo`]."ip-addresses" | [] | [?"ip-address-type"==`ipv4`] | []."ip-address"') | length > 0
+  retries: 3
+  delay: 1
+  ignore_errors: yes
+
+- set_fact: other_nics_to_vlan="{{env.pve.empty_vlan}}"
+  when: res.failed
+
+- debug: msg="{{hostvars['localhost']['other_nics_to_vlan']}}"
+
 - name: "[{{vm_name}}] configure VM"
   proxmox_kvm:
     node: srv
@@ -44,7 +63,7 @@
     cores: "{{stack.nodes[node_name].cores}}"
     memory: "{{stack.nodes[node_name].mem}}"
 #    storage: "{{env.pve.storage}}"
-    net: "{{stack.nodes[node_name].net | to_proxmox_net}}"
+    net: "{{stack.nodes[node_name].net | to_proxmox_net(other_nics_to_vlan)}}"
     update: yes
     state: present
 #    ide: '{ide[2]: "local-lvm:cloudinit"}'

roles/pve/tasks/enable_vlans.yml

@@ -0,0 +1,28 @@
+---
+- set_fact: node_name="{{inventory_hostname_short}}"
+- set_fact: vm_name="{{node_name}}.{{stack.name}}"
+
+- name: "[{{vm_name}}] enable all VLANs"
+  proxmox_kvm:
+    node: srv
+    api_user: "{{env.pve.username}}"
+    api_password: "{{env.pve.password}}"
+    api_host: "{{env.pve.api_url}}"
+    name: "{{vm_name}}"
+    agent: yes
+    cpu: host
+    kvm: yes
+    cores: "{{stack.nodes[node_name].cores}}"
+    memory: "{{stack.nodes[node_name].mem}}"
+    net: "{{stack.nodes[node_name].net | to_proxmox_net}}"
+    update: yes
+    state: present
+    ipconfig0: "ip={{stack.nodes[node_name].net.eth0.ipv4[0]}},gw={{stack.nodes[node_name].net.eth0.default}}"
+    nameserver: "{{stack.nodes[node_name].net.eth0.nameservers | default(omit) | first}}"
+    searchdomain: "{{stack.nodes[node_name].net.eth0.search | default(omit) | first}}"
+  register: vm_status
+  until: vm_status is succeeded
+  retries: 30
+  delay: 1
+  ignore_errors: yes
+  delegate_to: localhost