From 2de21889e2e83da9d6c5844e5cc9080f3ac75348 Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Thu, 27 Jun 2019 14:45:42 +0200 Subject: [PATCH 01/21] Netplan support (via dedicated defines) #203 --- manifests/netplan.pp | 39 ++++++++++++++++++ manifests/netplan/interface.pp | 74 ++++++++++++++++++++++++++++++++++ 2 files changed, 113 insertions(+) create mode 100644 manifests/netplan.pp create mode 100644 manifests/netplan/interface.pp diff --git a/manifests/netplan.pp b/manifests/netplan.pp new file mode 100644 index 0000000..e5ec122 --- /dev/null +++ b/manifests/netplan.pp @@ -0,0 +1,39 @@ +# Define network::netplan +# +# Define to manage a netplan configuration file +# +define network::netplan ( + String $config_file_name = "50-${title}-yaml", + Enum['present','absent'] $ensure = 'present', + String $renderer = 'networkd', + Numeric $version = 2, + + Stdlib::Absolutepath $config_dir_path = '/etc/netplan', + + Hash $ethernets = {}, + Hash $wifis = {}, + Hash $bridges = {}, + Hash $bonds = {}, + Hash $tunnels = {}, + Hash $vlans = {}, + +) { + + $netplan_data = { + 'network' => { + 'version' => $version, + 'renderer' => $renderer, + 'ethernets' => $ethernets, + 'wifis' => $wifis, + 'bridges' => $bridges, + 'bonds' => $bonds, + 'tunnels' => $tunnels, + 'vlans' => $vlans, + } + } + + file { "${config_dir_path}/${config_file_name}": + ensure => $ensure, + content => to_yaml($netplan_data), + } +} diff --git a/manifests/netplan/interface.pp b/manifests/netplan/interface.pp new file mode 100644 index 0000000..566a694 --- /dev/null +++ b/manifests/netplan/interface.pp @@ -0,0 +1,74 @@ +# Define network::netplan::interface +# +# Define to manage an interface via netplan +# +define network::netplan::interface ( + Enum['present','absent'] $ensure = 'present', + + String $config_file_name = "50-${title}-yaml", + String $interface_type = 'ethernet', + Hash $interface_options = {}, + + Stdlib::Absolutepath $config_dir_path = '/etc/netplan', + + String $renderer = 'networkd', + Numeric $version = 2, + + Boolean $dhcp4 = false, + Boolean $dhcp6 = false, + + Optional[Stdlib::MAC] $macaddress = undef, + Variant[Undef,Array] $addresses = undef, + Variant[Undef,Array] $routes = undef, + Optional[Stdlib::IP::Address::V4] $gateway4 = undef, + Optional[Stdlib::IP::Address::V6] $gateway6 = undef, + Optional[Array] $nameservers_addresses = undef, + Optional[Array] $nameservers_search = undef, + + Optional[String] $file_content = undef, + Optional[String] $file_source = undef, + +) { + + $match_values = $macaddress ? { + undef => undef, + default => { + match => { + macaddress => $macaddress, + } + } + } + + $default_values = { + dhcp4 => $dhcp4, + dhcp6 => $dhcp6, + addresses => $addresses, + gateway4 => $gateway4, + gateway6 => $gateway6, + nameservers => { + addresses => $nameservers_addresses, + search => $nameservers_search, + }, + routes => $routes, + } + + $netplan_data = { + 'network' => { + 'version' => $version, + "${interface_type}s" => { + $interface_name => delete_undef_values($default_values + $match_values + $interface_options), + } + } + } + + $real_file_content = $file_source ? { + undef => pick($file_content,to_yaml($netplan_data)), + default => undef, + } + file { "${config_dir_path}/${config_file_name}": + ensure => $ensure, + content => $real_file_content, + source => $file_source, + } + +} From fddca6753babb865a898f96e419ae982219ce403 Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Thu, 27 Jun 2019 17:42:55 +0200 Subject: [PATCH 02/21] Fixes --- manifests/netplan.pp | 11 ++++++++++- manifests/netplan/interface.pp | 1 + 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/manifests/netplan.pp b/manifests/netplan.pp index e5ec122..9bdeb02 100644 --- a/manifests/netplan.pp +++ b/manifests/netplan.pp @@ -17,6 +17,9 @@ Hash $tunnels = {}, Hash $vlans = {}, + Optional[String] $file_content = undef, + Optional[String] $file_source = undef, + ) { $netplan_data = { @@ -32,8 +35,14 @@ } } + $real_file_content = $file_source ? { + undef => pick($file_content,to_yaml($netplan_data)), + default => undef, + } + file { "${config_dir_path}/${config_file_name}": ensure => $ensure, - content => to_yaml($netplan_data), + content => $real_file_content, + source => $file_source, } } diff --git a/manifests/netplan/interface.pp b/manifests/netplan/interface.pp index 566a694..5cf4464 100644 --- a/manifests/netplan/interface.pp +++ b/manifests/netplan/interface.pp @@ -5,6 +5,7 @@ define network::netplan::interface ( Enum['present','absent'] $ensure = 'present', + String $interface_name = $title, String $config_file_name = "50-${title}-yaml", String $interface_type = 'ethernet', Hash $interface_options = {}, From 8e4fc5aa94d6d17f5e705963541245fce82b6f5b Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Thu, 27 Jun 2019 18:49:05 +0200 Subject: [PATCH 03/21] pdk convert --- .fixtures.yml | 1 + .gitattributes | 5 ++ .gitignore | 36 +++++++++--- .gitlab-ci.yml | 41 ++++++++++++++ .pdkignore | 42 ++++++++++++++ .puppet-lint.rc | 1 + .rspec | 2 + .rubocop.yml | 122 +++++++++++++++++++++++++++++++++++++++++ .travis.yml | 68 ++++++++++++++++++----- .yardopts | 1 + Gemfile | 105 +++++------------------------------ Rakefile | 77 ++++++++++++++++++++++++-- appveyor.yml | 55 +++++++++++++++++++ metadata.json | 7 ++- spec/default_facts.yml | 7 +++ spec/spec_helper.rb | 46 ++++++++++++++++ 16 files changed, 496 insertions(+), 120 deletions(-) create mode 100644 .gitattributes create mode 100644 .gitlab-ci.yml create mode 100644 .pdkignore create mode 100644 .puppet-lint.rc create mode 100644 .rspec create mode 100644 .rubocop.yml create mode 100644 .yardopts create mode 100644 appveyor.yml create mode 100644 spec/default_facts.yml diff --git a/.fixtures.yml b/.fixtures.yml index c2a5c35..c736f94 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -2,5 +2,6 @@ fixtures: repositories: stdlib: "git://github.com/puppetlabs/puppetlabs-stdlib.git" concat: "git://github.com/puppetlabs/puppetlabs-concat.git" + host: "git://github.com/puppetlabs/puppetlabs/puppetlabs-host_core.git" symlinks: network: "#{source_dir}" diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9032a01 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,5 @@ +*.rb eol=lf +*.erb eol=lf +*.pp eol=lf +*.sh eol=lf +*.epp eol=lf diff --git a/.gitignore b/.gitignore index 4cc8399..2767022 100644 --- a/.gitignore +++ b/.gitignore @@ -1,9 +1,27 @@ -.*.sw? -pkg -spec/fixtures -.rspec_system -*.un~ -Gemfile.lock -.bundle -vendor - +.git/ +.*.sw[op] +.metadata +.yardoc +.yardwarns +*.iml +/.bundle/ +/.idea/ +/.vagrant/ +/coverage/ +/bin/ +/doc/ +/Gemfile.local +/Gemfile.lock +/junit/ +/log/ +/pkg/ +/spec/fixtures/manifests/ +/spec/fixtures/modules/ +/tmp/ +/vendor/ +/convert_report.txt +/update_report.txt +.DS_Store +.project +.envrc +/inventory.yaml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..81e6d76 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,41 @@ +--- +stages: + - syntax + - unit + +cache: + paths: + - vendor/bundle + +before_script: + - bundle -v + - rm Gemfile.lock || true + - gem update --system $RUBYGEMS_VERSION + - gem --version + - bundle -v + - bundle install --without system_tests --path vendor/bundle --jobs $(nproc) + +syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop-Ruby 2.5.3-Puppet ~> 6: + stage: syntax + image: ruby:2.5.3 + script: + - bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop + variables: + PUPPET_GEM_VERSION: '~> 6' + +parallel_spec-Ruby 2.5.3-Puppet ~> 6: + stage: unit + image: ruby:2.5.3 + script: + - bundle exec rake parallel_spec + variables: + PUPPET_GEM_VERSION: '~> 6' + +parallel_spec-Ruby 2.4.5-Puppet ~> 5: + stage: unit + image: ruby:2.4.5 + script: + - bundle exec rake parallel_spec + variables: + PUPPET_GEM_VERSION: '~> 5' + diff --git a/.pdkignore b/.pdkignore new file mode 100644 index 0000000..e6215cd --- /dev/null +++ b/.pdkignore @@ -0,0 +1,42 @@ +.git/ +.*.sw[op] +.metadata +.yardoc +.yardwarns +*.iml +/.bundle/ +/.idea/ +/.vagrant/ +/coverage/ +/bin/ +/doc/ +/Gemfile.local +/Gemfile.lock +/junit/ +/log/ +/pkg/ +/spec/fixtures/manifests/ +/spec/fixtures/modules/ +/tmp/ +/vendor/ +/convert_report.txt +/update_report.txt +.DS_Store +.project +.envrc +/inventory.yaml +/appveyor.yml +/.fixtures.yml +/Gemfile +/.gitattributes +/.gitignore +/.gitlab-ci.yml +/.pdkignore +/Rakefile +/rakelib/ +/.rspec +/.rubocop.yml +/.travis.yml +/.yardopts +/spec/ +/.vscode/ diff --git a/.puppet-lint.rc b/.puppet-lint.rc new file mode 100644 index 0000000..cc96ece --- /dev/null +++ b/.puppet-lint.rc @@ -0,0 +1 @@ +--relative diff --git a/.rspec b/.rspec new file mode 100644 index 0000000..16f9cdb --- /dev/null +++ b/.rspec @@ -0,0 +1,2 @@ +--color +--format documentation diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000..f5a6c2a --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,122 @@ +--- +require: rubocop-rspec +AllCops: + DisplayCopNames: true + TargetRubyVersion: '2.1' + Include: + - "./**/*.rb" + Exclude: + - bin/* + - ".vendor/**/*" + - "**/Gemfile" + - "**/Rakefile" + - pkg/**/* + - spec/fixtures/**/* + - vendor/**/* + - "**/Puppetfile" + - "**/Vagrantfile" + - "**/Guardfile" +Metrics/LineLength: + Description: People have wide screens, use them. + Max: 200 +GetText/DecorateString: + Description: We don't want to decorate test output. + Exclude: + - spec/* +RSpec/BeforeAfterAll: + Description: Beware of using after(:all) as it may cause state to leak between tests. + A necessary evil in acceptance testing. + Exclude: + - spec/acceptance/**/*.rb +RSpec/HookArgument: + Description: Prefer explicit :each argument, matching existing module's style + EnforcedStyle: each +Style/BlockDelimiters: + Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to + be consistent then. + EnforcedStyle: braces_for_chaining +Style/ClassAndModuleChildren: + Description: Compact style reduces the required amount of indentation. + EnforcedStyle: compact +Style/EmptyElse: + Description: Enforce against empty else clauses, but allow `nil` for clarity. + EnforcedStyle: empty +Style/FormatString: + Description: Following the main puppet project's style, prefer the % format format. + EnforcedStyle: percent +Style/FormatStringToken: + Description: Following the main puppet project's style, prefer the simpler template + tokens over annotated ones. + EnforcedStyle: template +Style/Lambda: + Description: Prefer the keyword for easier discoverability. + EnforcedStyle: literal +Style/RegexpLiteral: + Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168 + EnforcedStyle: percent_r +Style/TernaryParentheses: + Description: Checks for use of parentheses around ternary conditions. Enforce parentheses + on complex expressions for better readability, but seriously consider breaking + it up. + EnforcedStyle: require_parentheses_when_complex +Style/TrailingCommaInArguments: + Description: Prefer always trailing comma on multiline argument lists. This makes + diffs, and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/TrailingCommaInLiteral: + Description: Prefer always trailing comma on multiline literals. This makes diffs, + and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/SymbolArray: + Description: Using percent style obscures symbolic intent of array's contents. + EnforcedStyle: brackets +RSpec/MessageSpies: + EnforcedStyle: receive +Style/Documentation: + Exclude: + - lib/puppet/parser/functions/**/* + - spec/**/* +Style/WordArray: + EnforcedStyle: brackets +Style/CollectionMethods: + Enabled: true +Style/MethodCalledOnDoEndBlock: + Enabled: true +Style/StringMethods: + Enabled: true +Layout/EndOfLine: + Enabled: false +Layout/IndentHeredoc: + Enabled: false +Metrics/AbcSize: + Enabled: false +Metrics/BlockLength: + Enabled: false +Metrics/ClassLength: + Enabled: false +Metrics/CyclomaticComplexity: + Enabled: false +Metrics/MethodLength: + Enabled: false +Metrics/ModuleLength: + Enabled: false +Metrics/ParameterLists: + Enabled: false +Metrics/PerceivedComplexity: + Enabled: false +RSpec/DescribeClass: + Enabled: false +RSpec/ExampleLength: + Enabled: false +RSpec/MessageExpectation: + Enabled: false +RSpec/MultipleExpectations: + Enabled: false +RSpec/NestedGroups: + Enabled: false +Style/AsciiComments: + Enabled: false +Style/IfUnlessModifier: + Enabled: false +Style/SymbolProc: + Enabled: false diff --git a/.travis.yml b/.travis.yml index 46cc24b..43e5d75 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,21 +1,63 @@ --- -sudo: false +dist: trusty language: ruby cache: bundler -script: 'bundle exec rake validate lint spec' before_install: - - gem update bundler + - bundle -v + - rm -f Gemfile.lock + - gem update --system $RUBYGEMS_VERSION + - gem --version + - bundle -v +script: + - 'bundle exec rake $CHECK' +bundler_args: --without system_tests +rvm: + - 2.1.9 + - 2.5.3 +stages: + - static + - spec + - acceptance + - + if: tag =~ ^v\d + name: deploy matrix: fast_finish: true include: - - rvm: 2.1.9 - env: PUPPET_GEM_VERSION="~> 3.6.0" - - rvm: 2.1.9 - env: PUPPET_GEM_VERSION="~> 3" - - rvm: 2.1.9 - env: PUPPET_GEM_VERSION="~> 4" - - rvm: 2.4.1 - env: PUPPET_GEM_VERSION="~> 5" + - + env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" + stage: static + - + rvm: 2.1.9 + env: PUPPET_GEM_VERSION="~> 3" + stage: spec + - + rvm: 2.1.9 + env: PUPPET_GEM_VERSION="~> 4" + stage: spec + - + env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec + rvm: 2.4.5 + stage: spec + - + env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec + rvm: 2.5.3 + stage: spec + - + env: DEPLOY_TO_FORGE=yes + stage: deploy +branches: + only: + - master + - /^v\d/ notifications: - email: - - al@example42.com + email: false +deploy: + provider: puppetforge + user: puppet + password: + secure: "" + on: + tags: true + all_branches: true + condition: "$DEPLOY_TO_FORGE = yes" diff --git a/.yardopts b/.yardopts new file mode 100644 index 0000000..29c933b --- /dev/null +++ b/.yardopts @@ -0,0 +1 @@ +--markup markdown diff --git a/Gemfile b/Gemfile index 683560c..cf2c387 100644 --- a/Gemfile +++ b/Gemfile @@ -1,25 +1,15 @@ -# Based on pdk default Gemfile -# Added danger gems - source ENV['GEM_SOURCE'] || 'https://rubygems.org' def location_for(place_or_version, fake_version = nil) - if place_or_version =~ %r{\A(git[:@][^#]*)#(.*)} - [fake_version, { git: Regexp.last_match(1), branch: Regexp.last_match(2), require: false }].compact - elsif place_or_version =~ %r{\Afile:\/\/(.*)} - ['>= 0', { path: File.expand_path(Regexp.last_match(1)), require: false }] - else - [place_or_version, { require: false }] - end -end + git_url_regex = %r{\A(?(https?|git)[:@][^#]*)(#(?.*))?} + file_url_regex = %r{\Afile:\/\/(?.*)} -def gem_type(place_or_version) - if place_or_version =~ %r{\Agit[:@]} - :git - elsif !place_or_version.nil? && place_or_version.start_with?('file:') - :file + if place_or_version && (git_url = place_or_version.match(git_url_regex)) + [fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact + elsif place_or_version && (file_url = place_or_version.match(file_url_regex)) + ['>= 0', { path: File.expand_path(file_url[:path]), require: false }] else - :gem + [place_or_version, { require: false }] end end @@ -31,6 +21,8 @@ group :development do gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') + gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "puppet-module-posix-default-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-posix-dev-r#{minor_version}", require: false, platforms: [:ruby] gem "puppet-module-win-default-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw] @@ -38,86 +30,29 @@ group :development do end puppet_version = ENV['PUPPET_GEM_VERSION'] -puppet_type = gem_type(puppet_version) facter_version = ENV['FACTER_GEM_VERSION'] hiera_version = ENV['HIERA_GEM_VERSION'] -def puppet_older_than?(version) - puppet_version = ENV['PUPPET_GEM_VERSION'] - !puppet_version.nil? && - Gem::Version.correct?(puppet_version) && - Gem::Requirement.new("< #{version}").satisfied_by?(Gem::Version.new(puppet_version.dup)) -end - gems = {} gems['puppet'] = location_for(puppet_version) # If facter or hiera versions have been specified via the environment -# variables, use those versions. If not, and if the puppet version is < 3.5.0, -# use known good versions of both for puppet < 3.5.0. -if facter_version - gems['facter'] = location_for(facter_version) -elsif puppet_type == :gem && puppet_older_than?('3.5.0') - gems['facter'] = ['>= 1.6.11', '<= 1.7.5', require: false] -end - -if hiera_version - gems['hiera'] = location_for(ENV['HIERA_GEM_VERSION']) -elsif puppet_type == :gem && puppet_older_than?('3.5.0') - gem['hiera'] = ['>= 1.0.0', '<= 1.3.0', require: false] -end +# variables -if Gem.win_platform? && (puppet_type != :gem || puppet_older_than?('3.5.0')) - # For Puppet gems < 3.5.0 (tested as far back as 3.0.0) on Windows - if puppet_type == :gem - gems['ffi'] = ['1.9.0', require: false] - gems['minitar'] = ['0.5.4', require: false] - gems['win32-eventlog'] = ['0.5.3', '<= 0.6.5', require: false] - gems['win32-process'] = ['0.6.5', '<= 0.7.5', require: false] - gems['win32-security'] = ['~> 0.1.2', '<= 0.2.5', require: false] - gems['win32-service'] = ['0.7.2', '<= 0.8.8', require: false] - else - gems['ffi'] = ['~> 1.9.0', require: false] - gems['minitar'] = ['~> 0.5.4', require: false] - gems['win32-eventlog'] = ['~> 0.5', '<= 0.6.5', require: false] - gems['win32-process'] = ['~> 0.6', '<= 0.7.5', require: false] - gems['win32-security'] = ['~> 0.1', '<= 0.2.5', require: false] - gems['win32-service'] = ['~> 0.7', '<= 0.8.8', require: false] - end - - gems['win32-dir'] = ['~> 0.3', '<= 0.4.9', require: false] +gems['facter'] = location_for(facter_version) if facter_version +gems['hiera'] = location_for(hiera_version) if hiera_version - if RUBY_VERSION.start_with?('1.') - gems['win32console'] = ['1.3.2', require: false] - # sys-admin was removed in Puppet 3.7.0 and doesn't compile under Ruby 2.x - gems['sys-admin'] = ['1.5.6', require: false] - end - - # Puppet < 3.7.0 requires these. - # Puppet >= 3.5.0 gem includes these as requirements. - # The following versions are tested to work with 3.0.0 <= puppet < 3.7.0. - gems['win32-api'] = ['1.4.8', require: false] - gems['win32-taskscheduler'] = ['0.2.2', require: false] - gems['windows-api'] = ['0.4.3', require: false] - gems['windows-pr'] = ['1.2.3', require: false] -elsif Gem.win_platform? +if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)} # If we're using a Puppet gem on Windows which handles its own win32-xxx gem # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). gems['win32-dir'] = ['<= 0.4.9', require: false] gems['win32-eventlog'] = ['<= 0.6.5', require: false] gems['win32-process'] = ['<= 0.7.5', require: false] gems['win32-security'] = ['<= 0.2.5', require: false] - gems['win32-service'] = ['<= 0.8.8', require: false] + gems['win32-service'] = ['0.8.8', require: false] end -if puppet_older_than?('5.0.0') - # Hiera-eyaml is embedded in Hiera 5 / Puppet 5 -else - gems['hiera-eyaml'] = ['~> 2.0'] -end - - gems.each do |gem_name, gem_params| gem gem_name, *gem_params end @@ -133,16 +68,4 @@ extra_gemfiles.each do |gemfile| eval(File.read(gemfile), binding) end end - -# Danger integration: http://danger.systems -gem 'danger' -gem 'danger-changelog' -gem 'danger-mention' - -# Coveralls -gem 'coveralls', require: false - -# Semantic Puppet -gem 'semantic_puppet', require: false -gem 'puppet-blacksmith', require: false # vim: syntax=ruby diff --git a/Rakefile b/Rakefile index de1c314..750ef46 100644 --- a/Rakefile +++ b/Rakefile @@ -1,9 +1,76 @@ require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' +require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? +require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? +require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? -# Blacksmith -begin - require 'puppet_blacksmith/rake_tasks' -rescue LoadError - puts "Blacksmith needed only to push to the Forge" +def changelog_user + return unless Rake.application.top_level_tasks.include? "changelog" + returnVal = nil || JSON.load(File.read('metadata.json'))['author'] + raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? + puts "GitHubChangelogGenerator user:#{returnVal}" + returnVal end + +def changelog_project + return unless Rake.application.top_level_tasks.include? "changelog" + returnVal = nil || JSON.load(File.read('metadata.json'))['name'] + raise "unable to find the changelog_project in .sync.yml or the name in metadata.json" if returnVal.nil? + puts "GitHubChangelogGenerator project:#{returnVal}" + returnVal +end + +def changelog_future_release + return unless Rake.application.top_level_tasks.include? "changelog" + returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version'] + raise "unable to find the future_release (version) in metadata.json" if returnVal.nil? + puts "GitHubChangelogGenerator future_release:#{returnVal}" + returnVal +end + +PuppetLint.configuration.send('disable_relative') + +if Bundler.rubygems.find_name('github_changelog_generator').any? + GitHubChangelogGenerator::RakeTask.new :changelog do |config| + raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? + config.user = "#{changelog_user}" + config.project = "#{changelog_project}" + config.future_release = "#{changelog_future_release}" + config.exclude_labels = ['maintenance'] + config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." + config.add_pr_wo_labels = true + config.issues = false + config.merge_prefix = "### UNCATEGORIZED PRS; GO LABEL THEM" + config.configure_sections = { + "Changed" => { + "prefix" => "### Changed", + "labels" => ["backwards-incompatible"], + }, + "Added" => { + "prefix" => "### Added", + "labels" => ["feature", "enhancement"], + }, + "Fixed" => { + "prefix" => "### Fixed", + "labels" => ["bugfix"], + }, + } + end +else + desc 'Generate a Changelog from GitHub' + task :changelog do + raise <= Gem::Version.new('2.2.2')" +EOM + end +end + diff --git a/appveyor.yml b/appveyor.yml new file mode 100644 index 0000000..e10ba3b --- /dev/null +++ b/appveyor.yml @@ -0,0 +1,55 @@ +--- +version: 1.1.x.{build} +branches: + only: + - master +skip_commits: + message: /^\(?doc\)?.*/ +clone_depth: 10 +init: + - SET + - 'mkdir C:\ProgramData\PuppetLabs\code && exit 0' + - 'mkdir C:\ProgramData\PuppetLabs\facter && exit 0' + - 'mkdir C:\ProgramData\PuppetLabs\hiera && exit 0' + - 'mkdir C:\ProgramData\PuppetLabs\puppet\var && exit 0' +environment: + matrix: + - + RUBY_VERSION: 24-x64 + CHECK: syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop + - + PUPPET_GEM_VERSION: ~> 5.0 + RUBY_VERSION: 24 + CHECK: parallel_spec + - + PUPPET_GEM_VERSION: ~> 5.0 + RUBY_VERSION: 24-x64 + CHECK: parallel_spec + - + PUPPET_GEM_VERSION: ~> 6.0 + RUBY_VERSION: 25 + CHECK: parallel_spec + - + PUPPET_GEM_VERSION: ~> 6.0 + RUBY_VERSION: 25-x64 + CHECK: parallel_spec +matrix: + fast_finish: true +install: + - set PATH=C:\Ruby%RUBY_VERSION%\bin;%PATH% + - bundle install --jobs 4 --retry 2 --without system_tests + - type Gemfile.lock +build: off +test_script: + - bundle exec puppet -V + - ruby -v + - gem -v + - bundle -v + - bundle exec rake %CHECK% +notifications: + - provider: Email + to: + - nobody@nowhere.com + on_build_success: false + on_build_failure: false + on_build_status_changed: false diff --git a/metadata.json b/metadata.json index 64d7964..269b437 100644 --- a/metadata.json +++ b/metadata.json @@ -1,10 +1,10 @@ { "name": "example42-network", "version": "3.5.0", - "source": "https://github.com/example42/puppet-network", "author": "Alessandro Franceschi", "summary": "Example42 Network Module", "license": "Apache-2.0", + "source": "https://github.com/example42/puppet-network", "project_page": "https://github.com/example42/puppet-network", "dependencies": [ { @@ -101,5 +101,8 @@ "name": "puppet", "version_requirement": ">= 3.0.0 <7.0.0" } - ] + ], + "pdk-version": "1.10.0", + "template-url": "file:///opt/puppetlabs/pdk/share/cache/pdk-templates.git#1.10.0", + "template-ref": "1.10.0-0-gbba9ac3" } diff --git a/spec/default_facts.yml b/spec/default_facts.yml new file mode 100644 index 0000000..ea1e480 --- /dev/null +++ b/spec/default_facts.yml @@ -0,0 +1,7 @@ +# Use default_module_facts.yml for module specific facts. +# +# Facts specified here will override the values provided by rspec-puppet-facts. +--- +ipaddress: "172.16.254.254" +is_pe: false +macaddress: "AA:AA:AA:AA:AA:AA" diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 2c6f566..93b25ec 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1 +1,47 @@ require 'puppetlabs_spec_helper/module_spec_helper' +require 'rspec-puppet-facts' + +require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb')) + +include RspecPuppetFacts + +default_facts = { + puppetversion: Puppet.version, + facterversion: Facter.version, +} + +default_fact_files = [ + File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')), + File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')), +] + +default_fact_files.each do |f| + next unless File.exist?(f) && File.readable?(f) && File.size?(f) + + begin + default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) + rescue => e + RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" + end +end + +RSpec.configure do |c| + c.default_facts = default_facts + c.before :each do + # set to strictest setting for testing + # by default Puppet runs at warning level + Puppet.settings[:strict] = :warning + end + c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] + c.after(:suite) do + end +end + +def ensure_module_defined(module_name) + module_name.split('::').reduce(Object) do |last_module, next_module| + last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module, false) + last_module.const_get(next_module, false) + end +end + +# 'spec_overrides' from sync.yml will appear below this line From 5951b9eabb2fa4f576835bf08d9ff6883fbc9c36 Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Thu, 27 Jun 2019 20:05:29 +0200 Subject: [PATCH 04/21] Updated travis --- .travis.yml | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 43e5d75..5b4bd7f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,7 +12,7 @@ script: - 'bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - - 2.1.9 + - 2.3.0 - 2.5.3 stages: - static @@ -28,11 +28,11 @@ matrix: env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static - - rvm: 2.1.9 + rvm: 2.3.0 env: PUPPET_GEM_VERSION="~> 3" stage: spec - - rvm: 2.1.9 + rvm: 2.3.0 env: PUPPET_GEM_VERSION="~> 4" stage: spec - @@ -46,6 +46,15 @@ matrix: - env: DEPLOY_TO_FORGE=yes stage: deploy + allow_failures: + - + rvm: 2.3.0 + env: PUPPET_GEM_VERSION="~> 3" + stage: spec + - + rvm: 2.3.0 + env: PUPPET_GEM_VERSION="~> 4" + stage: spec branches: only: - master From e12042f39082303e5f405e1e57ad0bfe3020cd23 Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Thu, 27 Jun 2019 20:34:04 +0200 Subject: [PATCH 05/21] Travis --- .travis.yml | 2 ++ {tests => examples}/init.pp | 0 2 files changed, 2 insertions(+) rename {tests => examples}/init.pp (100%) diff --git a/.travis.yml b/.travis.yml index 5b4bd7f..b0c2da3 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,6 +25,7 @@ matrix: fast_finish: true include: - + rvm: 2.5.3 env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static - @@ -46,6 +47,7 @@ matrix: - env: DEPLOY_TO_FORGE=yes stage: deploy + allow_failures: - rvm: 2.3.0 diff --git a/tests/init.pp b/examples/init.pp similarity index 100% rename from tests/init.pp rename to examples/init.pp From b378c47a13c2fdd6d24fc11c3a06715e6e77dc49 Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Thu, 27 Jun 2019 20:55:02 +0200 Subject: [PATCH 06/21] Travis ignore rubocop --- .travis.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index b0c2da3..68a5584 100644 --- a/.travis.yml +++ b/.travis.yml @@ -26,7 +26,11 @@ matrix: include: - rvm: 2.5.3 - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" + env: CHECK="rubocop" + stage: static + - + rvm: 2.5.3 + env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file syntax lint metadata_lint" stage: static - rvm: 2.3.0 @@ -49,6 +53,10 @@ matrix: stage: deploy allow_failures: + - + rvm: 2.5.3 + env: CHECK="rubocop" + stage: static - rvm: 2.3.0 env: PUPPET_GEM_VERSION="~> 3" From 977dff439d1746e55b4b767064958d3392d95eb0 Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Fri, 28 Jun 2019 10:36:05 +0200 Subject: [PATCH 07/21] Updated travis --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 68a5584..421405b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -73,7 +73,7 @@ notifications: email: false deploy: provider: puppetforge - user: puppet + user: example42 password: secure: "" on: From 8d99f9a7d5c51ee69beb9ffd79bcd43f623f29ed Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Fri, 28 Jun 2019 10:54:24 +0200 Subject: [PATCH 08/21] Use netplan on Ubuntu 18.04 by default --- data/osfamily/Ubuntu18.04.yaml | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 data/osfamily/Ubuntu18.04.yaml diff --git a/data/osfamily/Ubuntu18.04.yaml b/data/osfamily/Ubuntu18.04.yaml new file mode 100644 index 0000000..cc64999 --- /dev/null +++ b/data/osfamily/Ubuntu18.04.yaml @@ -0,0 +1,2 @@ +--- +network::use_netplan: true \ No newline at end of file From 0788cb0011847b099a870c9b4396437fdc7b535c Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Fri, 28 Jun 2019 16:33:11 +0200 Subject: [PATCH 09/21] Massive import from alvagante/puppet-network4 repo --- README.md | 496 ++----------- files/{ => legacy}/rt_tables | 0 manifests/hostname.pp | 80 ++ manifests/init.pp | 401 ++-------- manifests/interface.pp | 927 +++++------------------- manifests/legacy/interface.pp | 804 ++++++++++++++++++++ manifests/legacy/mroute.pp | 125 ++++ manifests/legacy/params.pp | 45 ++ manifests/legacy/route.pp | 212 ++++++ manifests/legacy/routing_table.pp | 46 ++ manifests/legacy/rule.pp | 88 +++ manifests/route.pp | 217 +----- manifests/routing_table.pp | 51 +- manifests/rule.pp | 91 +-- templates/interface/Debian.epp | 9 + templates/interface/RedHat.epp | 10 + templates/interface/Solaris.epp | 2 + templates/interface/Suse.epp | 5 + templates/legacy/hostname-Debian.erb | 1 + templates/legacy/hostname-RedHat.erb | 13 + templates/legacy/interface/Debian.erb | 317 ++++++++ templates/legacy/interface/RedHat.erb | 224 ++++++ templates/legacy/interface/Suse.erb | 97 +++ templates/legacy/mroute-RedHat.erb | 6 + templates/legacy/mroute-SuSE.erb | 6 + templates/legacy/mroute_down-Debian.erb | 13 + templates/legacy/mroute_up-Debian.erb | 13 + templates/legacy/route-RedHat.erb | 6 + templates/legacy/route-Suse.erb | 6 + templates/legacy/route6-RedHat.erb | 6 + templates/legacy/route_down-Debian.erb | 12 + templates/legacy/route_up-Debian.erb | 12 + templates/legacy/rule-RedHat.erb | 6 + templates/legacy/rule_down-Debian.erb | 12 + templates/legacy/rule_up-Debian.erb | 12 + templates/legacy/spec.conf | 5 + 36 files changed, 2531 insertions(+), 1845 deletions(-) rename files/{ => legacy}/rt_tables (100%) create mode 100644 manifests/hostname.pp create mode 100644 manifests/legacy/interface.pp create mode 100644 manifests/legacy/mroute.pp create mode 100644 manifests/legacy/params.pp create mode 100644 manifests/legacy/route.pp create mode 100644 manifests/legacy/routing_table.pp create mode 100644 manifests/legacy/rule.pp create mode 100644 templates/interface/Debian.epp create mode 100644 templates/interface/RedHat.epp create mode 100644 templates/interface/Solaris.epp create mode 100644 templates/interface/Suse.epp create mode 100644 templates/legacy/hostname-Debian.erb create mode 100644 templates/legacy/hostname-RedHat.erb create mode 100644 templates/legacy/interface/Debian.erb create mode 100644 templates/legacy/interface/RedHat.erb create mode 100644 templates/legacy/interface/Suse.erb create mode 100644 templates/legacy/mroute-RedHat.erb create mode 100644 templates/legacy/mroute-SuSE.erb create mode 100644 templates/legacy/mroute_down-Debian.erb create mode 100644 templates/legacy/mroute_up-Debian.erb create mode 100644 templates/legacy/route-RedHat.erb create mode 100644 templates/legacy/route-Suse.erb create mode 100644 templates/legacy/route6-RedHat.erb create mode 100644 templates/legacy/route_down-Debian.erb create mode 100644 templates/legacy/route_up-Debian.erb create mode 100644 templates/legacy/rule-RedHat.erb create mode 100644 templates/legacy/rule_down-Debian.erb create mode 100644 templates/legacy/rule_up-Debian.erb create mode 100644 templates/legacy/spec.conf diff --git a/README.md b/README.md index bb4f055..ba4322e 100644 --- a/README.md +++ b/README.md @@ -1,488 +1,100 @@ -# network -[![Build Status](https://travis-ci.org/example42/puppet-network.png?branch=master)](https://travis-ci.org/example42/puppet-network) +# example42 puppet-network module + +Example 42 Puppet module to manage networking on Linux and Solaris. #### Table of Contents -1. [Overview](#overview) -2. [Module Description](#module-description) -3. [Setup](#setup) - * [Resources managed by network module](#resources-managed-by-network-module) +1. [Description](#description) +2. [Setup - The basics of getting started with network](#setup) + * [What network affects](#what-network-affects) * [Setup requirements](#setup-requirements) - * [Beginning with module network](#beginning-with-module-network) -4. [Usage](#usage) -5. [Hiera examples](#hiera-examples) -6. [Operating Systems Support](#operating-systems-support) -7. [Development](#development) - -## Overview - -This module configures networking on Linux and Solaris. It manages network parameters, interfaces, routes, -rules and routing tables. - -## Module Description - -Main class is used as entrypoint for general variables. - -It manages hostname configuration and has hiera hash lookups to generate the following, provided, resources: - -- network::interface - Define to manage network interfaces -- network::route - Define to manage network routes -- network::mroute - Define to manage network routes - Alternative with easier management of multiple routes per interface -- network::routing_table - Define to manage iproute2 routing tables -- network::rule - Define to manage network rules - -## Setup - -### Setup Requirements -* PuppetLabs [stdlib module](https://github.com/puppetlabs/puppetlabs-stdlib) -* PuppetLabs [concat module](https://github.com/puppetlabs/puppetlabs-concat) -* Puppet version >= 3.0.0 < 7.0.0 -* Facter version >= 1.6.2 - -### Beginning with module network - -The main class arguments can be provided either via Hiera (from Puppet 3.x) or direct parameters: - - class { 'network': - parameter => value, - } - - -The module provides a generic network::conf define to manage any file in the config_dir_path which is: - - On 'Debian' osfamily: '/etc/network', - - On 'Redhat' osfamily: '/etc/sysconfig/network-scripts', - - On 'Suse' osfamily: '/etc/sysconfig/network', - - network::conf { 'if-up.d/my_script': - template => 'site/network/my_script', - } - -The module provides a cross OS compliant define to manage single interfaces: network::interface - -IMPORTANT NOTICE: On Debian if you use network::interface once you must provide ALL the network::interface defines for all your interfaces. It requires separate declarations for each IP stack on each interface. -Please keep in mind Debian and RedHat do not share the same approach in IPv4 / IPv6 management and thus require different hash structures. - -To configure a dhcp interface - - network::interface { 'eth0': - enable_dhcp => true, - } - -To configure a static interface with basic parameters - - network::interface { 'eth1': - ipaddress => '10.42.42.50', - netmask => '255.255.255.0', - } - - -## Generic interface parameters configation examples - -You have different possible approaches in the usage of this module. Use the one you prefer. - -* Just use the network::interface defines: - - network::interface { 'eth0': - enable_dhcp => true, - } - - network::interface { 'eth1': - ipaddress => '10.42.42.50', - netmask => '255.255.255.0', - } - -* Use the main network class and the interfaces_hash to configure all the interfaces - - class { 'network': - interfaces_hash => { - 'eth0' => { - enable_dhcp => true, - }, - 'eth1' => { - ipaddress => '10.42.42.50', - netmask => '255.255.255.0', - }, - }, - } - -Same information as Hiera data in yaml format: - - network::interfaces_hash: - eth0: - enable_dhcp: true - eth1: - ipaddress: '10.42.42.50' - netmask: '255.255.255.0' - -* Use the main network class and the usual stdmod parameters to manage the (main) network configuration file - - On 'Debian' osfamily: '/etc/network/interfaces', - - On 'Redhat' osfamily: '/etc/sysconfig/network-scripts/ifcfg-eth0' # Yes, quite opinionated, you can change it with config_file_path. - - On 'Suse' osfamily: '/etc/sysconfig/network/ifcfg-eth0' + * [Beginning with network](#beginning-with-network) +3. [Usage - Configuration options and additional functionality](#usage) +4. [Reference - An under-the-hood peek at what the module is doing and how](#reference) +5. [Backwards compatibility](#backwards-compatibility) +6. [Limitations - OS compatibility, etc.](#limitations) +7. [Development - Guide for contributing to the module](#development) - class { 'network': - config_file_template => 'site/network/network.conf.erb', - } +## Description -* Manage the whole configuration directory +This module configures networking on Linux and Solaris. - class { 'network': - config_dir_source => 'puppet:///modules/site/network/conf/', - } +It manages hostname, interfaces, routes, rules and routing tables. -* DO NOT automatically restart the network service after configuration changes (either via the main network class or via network::interfaces) +The new version (4) works only on Puppet 4 and later and has several changes in class and defines parameters. - class { 'network': - config_file_notify => '', - } +Options to provide [backwards compatibility](#backwards-compatibility) are available in order to use the legacy versions of the module's defines. +## Module Description -* The network::interface exposes, and uses in the default templates, network configuration parameters available on Debian (most), RedHat (some), Suse (most) so it's flexible, easily expandable and should adapt to any need, but you may still want to provide a custom template with: - - network::interface { 'eth0': - enable_dhcp => true, - template => "site/network/interface/${::osfamily}.erb", - } - -## Network routes management examples - -* The network::route can be used to define static routes on Debian and RedHat systems. The following example manages a static route on eth0 - - network::route { 'eth0': - ipaddress => [ '192.168.17.0', ], - netmask => [ '255.255.255.0', ], - gateway => [ '192.168.17.250', ], - } - - On 'Debian' osfamily: it will create 2 files: '/etc/network/if-up.d/z90-route-eth0' and '/etc/network/if-down.d/z90-route-eth0', - - On 'RedHat' osfamily: it will create the file '/etc/sysconfig/network-scripts/route-eth0' - - You can provide to the main network class the routes_hash parameter to manage all your routes via a hash. - -* This example add 2 static routes on the interface bond2 - - network::route { 'bond2': - ipaddress => [ '192.168.2.0', '10.0.0.0', ], - netmask => [ '255.255.255.0', '255.0.0.0', ], - gateway => [ '192.168.1.1', '10.0.0.1', ], - } - -* To configure the default route on Suse, use the routes_hash parameter, like in the following example: - - class { 'network': - routes_hash => { - 'eth0' => { - ipaddress => [ 'default', ], - gateway => [ '192.168.0.1', ], - netmask => [ '-', ], - interface => 'eth0', - } - } - } - -* An alternative way to manage routes is using the network::mroute define, which expects a hash of one or more routes where you specify the network and the gateway (either as ip or device name): - - network::mroute { 'bond2': - routes => { - '192.168.2.0/24' => '192.168.1.1', - '10.0.0.0/8' => '10.0.0.1', - '80.81.82.0/16' => 'bond0', - } - } - -* The network::routing_table and network::rule classes can be used to configure ip rules and routing tables. Make sure to define a routing table before using it, like in this example: - - network::routing_table { 'vlan22': - table_id => '200', - } - - network::rule { 'eth0': - iprule => ['from 192.168.22.0/24 lookup vlan22', ], - } - -You can then add routes to this routing table: - - network::route { 'eth1': - ipaddress => [ '192.168.22.0', ], - netmask => [ '255.255.255.0', ], - gateway => [ '192.168.22.1', ], - table => [ 'vlan22' ], - } - -If adding routes to a routing table on an interface with multiple routes, it -is necessary to specify false or 'main' for the table on the other routes. -The 'main' routing table is where routes are added by default. E.g. this: - - network::route { 'bond0': - ipaddress => [ '192.168.2.0', '10.0.0.0', ] - netmask => [ '255.255.255.0', '255.0.0.0', ], - gateway => [ '192.168.1.1', '10.0.0.1', ], - } +Main class is used as entrypoint for general variables and wrapper for Hiera driven management of the provided defines. - network::route { 'bond0': - ipaddress => [ '192.168.3.0', ], - netmask => [ '255.255.255.0', ], - gateway => [ '192.168.3.1', ], - table => [ 'vlan22' ], - } +Classes: -would need to become: +- network::hostname - Manages hostname - network::route { 'bond0': - ipaddress => [ '192.168.2.0', '10.0.0.0', '192.168.3.0', ] - netmask => [ '255.255.255.0', '255.0.0.0', '255.255.255.0', ], - gateway => [ '192.168.1.1', '10.0.0.1', '192.168.3.1', ], - table => [ false, false, 'vlan22' ], - } +Defines: -The same applies if adding scope, source or gateway, i.e. false needs to be -specified for those routes without values for those parameters, if defining -multiple routes for the same interface. +- network::interface - Manages network interfaces +- network::route - Manages network routes +- network::routing_table - Manages iproute2 routing tables +- network::rule - Manages network rules -The following definition: +Legacy defines (inherited from version 3 of the module): - network::route { 'bond2': - ipaddress => [ '0.0.0.0', '192.168.3.0' ] - netmask => [ '0.0.0.0', '255.255.255.0' ], - gateway => [ '192.168.3.1', false ], - scope => [ false, 'link', ], - source => [ false, '192.168.3.10', ], - table => [ 'vlan22' 'vlan22', ], - } +- network::legacy::interface - Manages network interfaces +- network::legacy::route - Manages network routes +- network::legacy::mroute - Manages network routes in an alternative, easier to handle, way +- network::legacy::routing_table - Manages iproute2 routing tables +- network::legacy::rule - Manages network rules -yields the following routes in table vlan22: +## Setup - # ip route show table vlan22 - default via 192.168.3.1 dev bond2 - 192.168.3.0/255.255.255.0 dev bond2 scope link src 192.168.3.10 +### What puppet-network affects -Normally the link level routing (192.168.3.0/255.255.255.0) is added -automatically by the kernel when an interface is brought up. When using routing -rules and routing tables, this does not happen, so this route must be added -manually. +### Setup Requirements -## Hiera examples +Puppetlabs-stdlib module is the only prerequisite module. -Here are some examples of usage via Hiera (with yaml backend). +Puppet 4 or later is required for this module. -Main class settings: +If you have earlier Puppet versions use code from the 3.x tags. - network::hostname: 'web01' - network::gateway: 192.168.0.1 # Default gateway (on RHEL systems) - network::hiera_merge: true # Use hiera_hash() instead of hiera() to resolve the values for the following hashes +### Beginning with network -Configuration of interfaces (check ```network::interface``` for all the available params. +Include the main class to be able to manage via Hiera the network resources handled by the module: -Single interface via dhcp: + include network + +This does nothing by default, but allows to configure network resources with Hiera data like: + network::hostname: server.example.com network::interfaces_hash: eth0: enable_dhcp: true - -Bond interface: - - eth0: - method: manual - bond_master: 'bond3' - allow_hotplug: 'eth0' - manage_order: '08' - eth1: - method: manual - bond_master: 'bond3' - allow_hotplug: 'eth1' - manage_order: '08' - bond3: - ipaddress: "10.0.28.10" - netmask: '255.255.248.0' - gateway: "10.0.24.1" - dns_nameservers: "8.8.8.8 8.8.4.4" - dns_search: 'my.domain' - bond_mode: 'balance-alb' - bond_miimon: '100' - bond_slaves: [] - -Debian/Ubuntu IPv4/IPv6 management example for basic IP config, IP aliaseconfig and VLAN config : - - 'eth0:0v4': - 'enable': 'true' - 'bootproto': 'none' - 'peerdns': 'no' - 'userctl': 'no' - 'restart_all_nic': 'false' - 'accept_ra': '1' - 'type': 'Ethernet' - 'mtu': '1500' - 'interface': 'eth0:0' - 'ipaddress': 'X.X.X.X/22' - 'family': 'inet' - - 'eth0:0v6': - 'enable': 'true' - 'bootproto': 'none' - 'peerdns': 'no' - 'userctl': 'no' - 'restart_all_nic': 'false' - 'accept_ra': '1' - 'autoconf': '0' - 'type': 'Ethernet' - 'mtu': '1500' - 'interface': 'eth0:0' - 'ipaddress': 'X.X.X.1::85/64' - 'family': 'inet6' - - 'eth1v4': - 'enable': 'true' - 'bootproto': 'none' - 'peerdns': 'no' - 'userctl': 'no' - 'restart_all_nic': 'false' - 'accept_ra': '0' - 'type': 'Ethernet' - 'mtu': '1500' - 'interface': 'eth1' - 'ipaddress': 'X.X.X.1/29' - 'family': 'inet' - - 'eth1v6': - 'enable': 'true' - 'bootproto': 'none' - 'peerdns': 'no' - 'userctl': 'no' - 'restart_all_nic': 'false' - 'accept_ra': '0' - 'type': 'Ethernet' - 'mtu': '1500' - 'interface': 'eth1' - 'ipaddress': 'X.X.X.1:bb:43::2/64' - 'family': 'inet6' - - 'eth1.12v4': - 'enable': 'true' - 'bootproto': 'none' - 'peerdns': 'no' - 'userctl': 'no' - 'restart_all_nic': 'false' - 'accept_ra': '1' - 'type': 'Ethernet' - 'mtu': '1500' - 'vlan': 'yes' - 'interface': 'eth1.12' - 'ipaddress': 'X.X.X.1/29' - 'family': 'inet' - - 'eth1.12v6': - 'enable': 'true' - 'bootproto': 'none' - 'peerdns': 'no' - 'userctl': 'no' - 'restart_all_nic': 'false' - 'accept_ra': '1' - 'autoconf': '0' - 'type': 'Ethernet' - 'mtu': '1500' - 'vlan': 'yes' - 'interface': 'eth1.12' - 'ipaddress': 'X.X.X.1:dd:3::2/64' - 'family': 'inet6' - - 'eth0v4': - 'enable': 'true' - 'bootproto': 'none' - 'peerdns': 'no' - 'userctl': 'no' - 'restart_all_nic': 'false' - 'accept_ra': '1' - 'type': 'Ethernet' - 'mtu': '1500' - 'dns_nameservers': 'X.X.X.1 X.X.X.1 X.X.X.1' - 'interface': 'eth0' - 'ipaddress': 'X.X.X.X/22' - 'gateway': 'X.X.X.1' - 'family': 'inet' - - 'eth0v6': - 'enable': 'true' - 'bootproto': 'none' - 'peerdns': 'no' - 'userctl': 'no' - 'restart_all_nic': 'false' - 'accept_ra': '1' - 'autoconf': '0' - 'type': 'Ethernet' - 'mtu': '1500' - 'interface': 'eth0' - 'ipaddress': 'X.X.X.1::85/64' - 'gateway': 'X.X.X.1::1' - 'family': 'inet6' - -Configuration of multiple static routes (using the ```network::route``` define, when more than one route is added the elements of the arrays have to be ordered coherently): - + eth1: + ipaddress: '10.42.42.50' + netmask: '255.255.255.0' network::routes_hash: - eth0: - ipaddress: - - 99.99.228.0 - - 100.100.244.0 - netmask: - - 255.255.255.0 - - 255.255.252.0 - gateway: - - 192.168.0.1 - - 174.136.107.1 - - -Configuration of multiple static routes (using the newer ```network::mroute``` define) you can specify as gateway either a device or an IP or also add a table reference: - - network::mroutes_hash: - eth0: + eth1: routes: 99.99.228.0/24: eth0 100.100.244.0/22: 174.136.107.1 101.99.228.0/24: 'eth0 table 1' + +## Usage -## Operating Systems Support +## Reference -This is tested on these OS: -- RedHat - - 5 - - 6 - - 7 -- Debian - - 6 - - 7 - - 8 -- Ubuntu - - 10.04 - - 12.04 - - 14.04 - - partly verified on Ubuntu 16.04 -- Suse (ifrule files are only supported on Suse with wicked >= 0.6.33) - - OpenSuse 12 - - SLES 11SP3 - - SLES 12SP1 - - SLES 15 +## Backwards compatibility -## Development +## Limitations -Pull requests (PR) and bug reports via GitHub are welcomed. -When submitting PR please follow these quidelines: -- Provide puppet-lint compliant code -- If possible provide rspec tests -- Follow the module style and stdmod naming standards +## Development -When submitting bug report please include or link: -- The Puppet code that triggers the error -- The output of facter on the system where you try it -- All the relevant error logs -- Any other information useful to understand the context diff --git a/files/rt_tables b/files/legacy/rt_tables similarity index 100% rename from files/rt_tables rename to files/legacy/rt_tables diff --git a/manifests/hostname.pp b/manifests/hostname.pp new file mode 100644 index 0000000..ae19062 --- /dev/null +++ b/manifests/hostname.pp @@ -0,0 +1,80 @@ +# A description of what this class does +# +# @summary A short summary of the purpose of this class +# +# @example +# include network::hostname +class network::hostname ( + Optional[String] $hostname_file_template = undef, + Boolean $hostname_legacy = false, + Hash $options = {}, +) { + + $hostname_default_template = $hostname_legacy ? { + true => "network/legacy/hostname-${::osfamily}.erb", + false => "network/hostname-${::osfamily}.erb", + } + $file_template = pick($hostname_file_template,$hostname_default_template) + $manage_hostname = pick($::network::hostname,$::fqdn) + + if $::osfamily == 'RedHat' { + file { '/etc/sysconfig/network': + ensure => present, + mode => '0644', + owner => 'root', + group => 'root', + content => template($file_template), + notify => $::network::manage_config_file_notify, + } + case $::lsbmajdistrelease { + '7': { + exec { 'sethostname': + command => "/usr/bin/hostnamectl set-hostname ${manage_hostname}", + unless => "/usr/bin/hostnamectl status | grep 'Static hostname: ${manage_hostname}'", + } + } + default: {} + } + } + + if $::osfamily == 'Debian' { + file { '/etc/hostname': + ensure => present, + mode => '0644', + owner => 'root', + group => 'root', + content => template($file_template), + notify => $::network::manage_config_file_notify, + } + } + + if $::osfamily == 'Suse' { + file { '/etc/HOSTNAME': + ensure => present, + mode => '0644', + owner => 'root', + group => 'root', + content => inline_template("<%= @manage_hostname %>\n"), + notify => Exec['sethostname'], + } + exec { 'sethostname': + command => "/bin/hostname ${manage_hostname}", + unless => "/bin/hostname -f | grep ${manage_hostname}", + } + } + + if $::osfamily == 'Solaris' { + file { '/etc/nodename': + ensure => present, + mode => '0644', + owner => 'root', + group => 'root', + content => inline_template("<%= @manage_hostname %>\n"), + notify => Exec['sethostname'], + } + exec { 'sethostname': + command => "/usr/bin/hostname ${manage_hostname}", + unless => "/usr/bin/hostname | /usr/bin/grep ${manage_hostname}", + } + } +} diff --git a/manifests/init.pp b/manifests/init.pp index f2f8326..967a779 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,356 +1,111 @@ +# A description of what this class does # -# = Class: network -# -# This class installs and manages network -# -# -# == Parameters -# -# [*gateway*] -# String. Optional. Default: undef -# The default gateway of your system -# -# [*hostname*] -# String. Optional. Default: undef -# The hostname of your system -# -# [*interfaces_hash*] -# Hash. Default undef. -# The complete interfaces configuration (nested) hash -# Needs this structure: -# - First level: Interface name -# - Second level: Interface options (check network::interface for the -# available options) -# If an hash is provided here, network::interface defines are declared with: -# create_resources("network::interface", $interfaces_hash, $default_interfaces_hash) -# -# [*default_interfaces_hash*] -# Hash. Default {}. -# Values applied to all interfaces, if they don't specify a more specific value -# themselves. -# -# [*routes_hash*] -# Hash. Default undef. -# The complete routes configuration (nested) hash -# If an hash is provided here, network::route defines are declared with: -# create_resources("network::route", $routes_hash) -# -# [*mroutes_hash*] -# Hash. Default undef. -# An hash of multiple route to be applied -# If an hash is provided here, network::mroute defines are declared with: -# create_resources("network::mroute", $mroutes_hash) -# -# [*rules_hash*] -# Hash. Default undef. -# An hash of ip rules to be applied -# If an hash is provided here, network::rules defines are declared with: -# create_resources("network::rules", $rules_hash) -# -# [*tables_hash*] -# Hash. Default undef. -# An hash of routing tables to be applied -# If an hash is provided here, network::routing_table defines are declared with: -# create_resources("network::routing_table", $tables_hash) +# @summary A short summary of the purpose of this class # +# @example +# include network class network ( - - $hostname = undef, - - $interfaces_hash = undef, - $default_interfaces_hash = {}, - $routes_hash = undef, - $mroutes_hash = undef, - $rules_hash = undef, - $tables_hash = undef, - - $hostname_file_template = "network/hostname-${::osfamily}.erb", - - # Parameter used only on RedHat family - $gateway = undef, - $nozeroconf = undef, - $ipv6enable = undef, - - # Stdmod commons - $package_name = $::network::params::package_name, - $package_ensure = 'present', - - $service_restart_exec = $::network::params::service_restart_exec, - - $config_file_path = $::network::params::config_file_path, - $config_file_require = undef, - $config_file_notify = 'class_default', - $config_file_source = undef, - $config_file_template = undef, - $config_file_content = undef, - $config_file_options_hash = { } , - - $config_file_per_interface = false, - - $config_dir_path = $::network::params::config_dir_path, - $config_dir_source = undef, - $config_dir_purge = false, - $config_dir_recurse = true, - - $dependency_class = undef, - $my_class = undef, - - $monitor_class = undef, - $monitor_options_hash = { } , - - $firewall_class = undef, - $firewall_options_hash = { } , - - $scope_hash_filter = '(uptime.*|timestamp)', - - $tcp_port = undef, - $udp_port = undef, - - $hiera_merge = false, - - ) inherits ::network::params { - - # Hiera import - - if( $hiera_merge == true ) { - $hiera_interfaces_hash = hiera_hash("${module_name}::interfaces_hash",undef) - $real_interfaces_hash = $hiera_interfaces_hash ? { - undef => $interfaces_hash, - default => $hiera_interfaces_hash, - } - - $hiera_routes_hash = hiera_hash('network::routes_hash',undef) - $real_routes_hash = $hiera_routes_hash ? { - undef => $routes_hash, - default => $hiera_routes_hash, - } - - $hiera_mroutes_hash = hiera_hash('network::mroutes_hash',undef) - $real_mroutes_hash = $hiera_mroutes_hash ? { - undef => $mroutes_hash, - default => $hiera_mroutes_hash, - } - $hiera_rules_hash = hiera_hash('network::rules_hash',undef) - $real_rules_hash = $hiera_rules_hash ? { - undef => $rules_hash, - default => $hiera_rules_hash, - } - $hiera_tables_hash = hiera_hash('network::tables_hash',undef) - $real_tables_hash = $hiera_tables_hash ? { - undef => $tables_hash, - default => $hiera_tables_hash, - } - } - else { - $real_interfaces_hash = $interfaces_hash - $real_routes_hash = $routes_hash - $real_mroutes_hash = $mroutes_hash - $real_rules_hash = $rules_hash - $real_tables_hash = $tables_hash - } - - - # Class variables validation and management - - $config_file_owner = $::network::params::config_file_owner - $config_file_group = $::network::params::config_file_group - $config_file_mode = $::network::params::config_file_mode - - $manage_config_file_content = $config_file_content ? { - undef => $config_file_template ? { - undef => undef, - default => template($config_file_template), - }, - default => $config_file_content, - } - - $manage_config_file_notify = $config_file_notify ? { + Optional[String] $hostname = undef, + + # This "param" is looked up in code according to interfaces_merge_behaviour + # Optional[Hash] $interfaces_hash = undef, + Boolean $interfaces_legacy = false, + Enum['first','hash','deep'] $interfaces_merge_behaviour = 'first', + Hash $interfaces_defaults = {}, + + # This "param" is looked up in code according to routes_merge_behaviour + # Optional[Hash] $routes_hash = undef, + Boolean $routes_legacy = false, + Enum['first','hash','deep'] $routes_merge_behaviour = 'first', + Hash $routes_defaults = {}, + + # This "param" is looked up in code according to rules_merge_behaviour + # Optional[Hash] $rules_hash = undef, + Boolean $rules_legacy = false, + Enum['first','hash','deep'] $rules_merge_behaviour = 'first', + Hash $rules_defaults = {}, + + # This "param" is looked up in code according to tables_merge_behaviour + # Optional[Hash] $tables_hash = undef, + Boolean $tables_legacy = false, + Enum['first','hash','deep'] $tables_merge_behaviour = 'first', + Hash $tables_defaults = {}, + + String $service_restart_exec = 'service network restart', + Variant[Resource,String] $config_file_notify = 'class_default', + Boolean $config_file_per_interface = true, +) { + + $manage_config_file_notify = $config_file_notify ? { 'class_default' => "Exec[${service_restart_exec}]", 'undef' => undef, '' => undef, undef => undef, default => $config_file_notify, } - - $manage_hostname = pick($hostname, $::fqdn) - - if $package_ensure == 'absent' { - $config_dir_ensure = absent - $config_file_ensure = absent - } else { - $config_dir_ensure = directory - $config_file_ensure = present - } - - - # Dependency class - - if $dependency_class { - include $dependency_class - } - - - # Resources managed - - if $package_name { - package { 'network': - ensure => $package_ensure, - name => $package_name, - } - Package['network'] -> Network::Interface<||> - Package['network'] -> Network::Route<||> - Package['network'] -> Network::Mroute<||> - Package['network'] -> Network::Rule<||> - Package['network'] -> Network::Routing_table<||> - } - - if $config_file_path - and $config_file_source - or $manage_config_file_content { - file { 'network.conf': - ensure => $config_file_ensure, - path => $config_file_path, - mode => $config_file_mode, - owner => $config_file_owner, - group => $config_file_group, - source => $config_file_source, - content => $manage_config_file_content, - notify => $manage_config_file_notify, - require => $config_file_require, - } - } - - if $config_dir_source { - file { 'network.dir': - ensure => $config_dir_ensure, - path => $config_dir_path, - source => $config_dir_source, - recurse => $config_dir_recurse, - purge => $config_dir_purge, - force => $config_dir_purge, - notify => $manage_config_file_notify, - require => $config_file_require, - } - } - - # Command that triggers network restart exec { $service_restart_exec : command => $service_restart_exec, alias => 'network_restart', refreshonly => true, path => '/bin:/sbin:/usr/bin:/usr/sbin', + } + if $hostname { + contain '::network::hostname' } - # Create network interfaces from interfaces_hash, if present - - if $real_interfaces_hash { - create_resources('network::interface', $real_interfaces_hash, $default_interfaces_hash) - } - - if $real_routes_hash { - create_resources('network::route', $real_routes_hash) - } - - if $real_mroutes_hash { - create_resources('network::mroute', $real_mroutes_hash) - } - - if $real_rules_hash { - create_resources('network::rule', $real_rules_hash) - } - - if $real_tables_hash { - create_resources('network::routing_table', $real_tables_hash) - } - - # Configure default gateway (On RedHat). Also hostname is set. - if $::osfamily == 'RedHat' - and ($::network::gateway - or $::network::hostname) { - file { '/etc/sysconfig/network': - ensure => $config_file_ensure, - mode => $config_file_mode, - owner => $config_file_owner, - group => $config_file_group, - content => template($network::hostname_file_template), - notify => $network::manage_config_file_notify, - } - case $::lsbmajdistrelease { - '7': { - exec { 'sethostname': - command => "/usr/bin/hostnamectl set-hostname ${manage_hostname}", - unless => "/usr/bin/hostnamectl status | grep 'Static hostname: ${manage_hostname}'", - } + # Declare network interfaces based on network::interfaces_hash + $interfaces_hash = lookup('network::interfaces_hash',Hash,$interfaces_merge_behaviour,{}) + $interfaces_hash.each |$k,$v| { + if $interfaces_legacy { + network::legacy::interface { $k: + * => $interfaces_defaults + $v, + } + } else { + network::interface { $k: + * => $interfaces_defaults + $v, } - default: {} - } - } - - # Configure hostname (On Debian) - if $::osfamily == 'Debian' - and $hostname { - file { '/etc/hostname': - ensure => $config_file_ensure, - mode => $config_file_mode, - owner => $config_file_owner, - group => $config_file_group, - content => template($hostname_file_template), - notify => $manage_config_file_notify, } } - if $::osfamily == 'Suse' { - if $hostname { - file { '/etc/HOSTNAME': - ensure => $config_file_ensure, - mode => $config_file_mode, - owner => $config_file_owner, - group => $config_file_group, - content => inline_template("<%= @manage_hostname %>\n"), - notify => Exec['sethostname'], + # Declare network routes based on network::routes_hash + $routes_hash = lookup('network::routes_hash',Hash,$routes_merge_behaviour,{}) + $routes_hash.each |$k,$v| { + if $routes_legacy { + network::legacy::route { $k: + * => $routes_defaults + $v, } - exec { 'sethostname': - command => "/bin/hostname ${manage_hostname}", - unless => "/bin/hostname -f | grep ${manage_hostname}", + } else { + network::route { $k: + * => $routes_defaults + $v, } } } - if $::osfamily == 'Solaris' { - if $hostname { - file { '/etc/nodename': - ensure => $config_file_ensure, - mode => $config_file_mode, - owner => $config_file_owner, - group => $config_file_group, - content => inline_template("<%= @manage_hostname %>\n"), - notify => Exec['sethostname'], + # Declare network rules based on network::rules_hash + $rules_hash = lookup('network::rules_hash',Hash,$rules_merge_behaviour,{}) + $rules_hash.each |$k,$v| { + if $rules_legacy { + network::legacy::rule { $k: + * => $rules_defaults + $v, } - exec { 'sethostname': - command => "/usr/bin/hostname ${manage_hostname}", - unless => "/usr/bin/hostname | /usr/bin/grep ${manage_hostname}", + } else { + network::rule { $k: + * => $rules_defaults + $v, } } } - - # Extra classes - - if $network::my_class { - include $network::my_class - } - - if $network::monitor_class { - class { $network::monitor_class: - options_hash => $network::monitor_options_hash, - scope_hash => {}, # TODO: Find a good way to inject class' scope - } - } - - if $firewall_class { - class { $firewall_class: - options_hash => $firewall_options_hash, - scope_hash => {}, + # Declare network tables based on network::tables_hash + $tables_hash = lookup('network::tables_hash',Hash,$tables_merge_behaviour,{}) + $tables_hash.each |$k,$v| { + if $tables_legacy { + network::legacy::routing_table { $k: + * => $tables_defaults + $v, + } + } else { + network::table { $k: + * => $tables_defaults + $v, + } } } diff --git a/manifests/interface.pp b/manifests/interface.pp index 4b865c5..73c0293 100644 --- a/manifests/interface.pp +++ b/manifests/interface.pp @@ -1,673 +1,164 @@ +# A description of what this defined type does # -# = Define: network::interface +# @summary A short summary of the purpose of this defined type. # -# This define manages interfaces. -# Currently only Debian and RedHat families supported. -# Some parameters are supported only for specific families -# -# == Common parameters -# -# $enable_dhcp -# Boolean. Default: false -# Activates DHCP on the interface -# -# [*ipaddress*] -# [*netmask*] -# [*broadcast*] -# [*hwaddr*] -# String. Default: undef -# Standard network parameters -# -# [*enable*] -# Boolean. Default: true -# Manages the interface presence. Possible values: -# * true - Interface created and enabled at boot. -# * false - Interface removed from boot. -# -# [*template*] -# String. Optional. Default: Managed by module. -# Provide an alternative custom template to use for configuration of: -# - On Debian: file fragments in /etc/network/interfaces -# - On RedHat: files /etc/sysconfig/network-scripts/ifcfg-${name} -# You can copy and adapt network/templates/interface/${::osfamily}.erb -# -# [*restart_all_nic*] -# Boolean. Default: true -# Manages the way to apply interface creation/modification: -# - If true, will trigger a restart of all network interfaces -# - If false, will only start/restart this specific interface -# -# [*reload_command*] -# String. Default: $::operatingsystem ? {'CumulusLinux' => 'ifreload -a', -# default => "ifdown ${interface}; ifup ${interface}", -# } -# Defines the command(s) that will be used to reload a nic when restart_all_nic -# is set to false -# -# [*options*] -# A generic hash of custom options that can be used in a custom template -# -# [*options_extra_redhat*] -# [*options_extra_debian*] -# [*options_extra_suse*] -# Custom hashes of options that are added to the default template that manages -# interfaces respectively under RedHat, Debian and Suse families -# -# [*description*] -# String. Optional. Default: undef -# Adds comment with given description in file before interface declaration. -# -# == Debian only parameters -# -# $address = undef, -# Both ipaddress (standard name) and address (Debian param name) if set -# configure the ipv4 address of the interface. -# If both are present address is used. -# Note, that if $my_inner_ipaddr (for GRE) is set - it is used instead. -# -# $manage_order = 10, -# This is used by concat to define the order of your fragments, -# can be used to load an interface before another. -# default it's 10. -# -# $method = '', -# Both enable_dhcp (standard) and method (Debian specific param name) if set -# configure dhcp on the interface via the method setting. -# If both are present method is used. -# -# $up = [ ], -# $pre_up = [ ], -# $post_up = [ ], -# $down = [ ], -# $pre_down = [ ], -# $post_down = [ ], -# Map to Debian interfaces parameters (with _ instead of -) -# Note that these params MUST be arrays, even if with only one element -# -# $nonlocal_gateway = undef, -# Gateway, that does not belong to interface's network and needs extra -# route to be available. Shortcut for: -# -# post-up ip route add $nonlocal_gateway dev $interface -# post-up ip route add default via $nonlocal_gateway dev $interface -# pre-down ip route del default via $nonlocal_gateway dev $interface -# pre-down ip route del $nonlocal_gateway dev $interface -# -# $additional_networks = [], -# Convenience shortcut to add more networks to the interface. Expands to: -# -# up ip addr add $network dev $interface -# down ip addr del $network dev $interface -# -# Check the arguments in the code for the other Debian specific settings -# If defined they are set in the used template. -# -# == RedHat only parameters -# -# $type = 'Ethernet', -# Defaults to 'Ethernet', but following types are supported for OVS: -# "OVSPort", "OVSIntPort", "OVSBond", "OVSTunnel" and "OVSPatchPort". -# 'InfiniBand' type is supported as well. -# -# $ipaddr = undef, -# Both ipaddress (standard name) and ipaddr (RedHat param name) if set -# configure the ipv4 address of the interface. -# If both are present ipaddr is used. -# -# $hwaddr = undef, -# hwaddr if set configures the mac address of the interface. -# -# $prefix = undef, -# Network PREFIX aka CIDR notation of the network mask. The PREFIX -# takes precedence if both PREFIX and NETMASK are set. -# -# $bootproto = '', -# Both enable_dhcp (standard) and bootproto (Debian specific param name), -# if set, configure dhcp on the interface via the bootproto setting. -# If both are present bootproto is used. -# -# $arpcheck = undef -# Whether the interface will check if the supplied IP address is already in -# use. Valid values are undef, "yes", "no". -# -# $arp = undef -# Used to enable or disable ARP completely for an interface at initialization -# Valid values are undef, "yes", "no". -# -# $nozeroconf = undef -# Used to enable or disable ZEROCONF routes completely for an -# interface at initialization -# Valid values are undef, "yes, 'no". -# -# $linkdelay = undef -# Used to introduce a delay (sleep) of the specified number of seconds when -# bringing an interface up. -# -# $check_link_down = false -# Set to true to add check_link_down function in the interface file -# -# $hotswap = undef -# Set to no to prevent interface from being activated when hot swapped - Default is yes -# -# $vid = undef -# Set to specify vlan id # -# -# == RedHat and Debian only GRE interface specific parameters -# -# $peer_outer_ipaddr = undef -# IP address of the remote tunnel endpoint -# -# $peer_inner_ipaddr = undef -# IP address of the remote end of the tunnel interface. If this is specified, -# a route to PEER_INNER_IPADDR through the tunnel is added automatically. -# -# $my_outer_ipaddr = undef -# IP address of the local tunnel endpoint. If unspecified, an IP address -# is selected automatically for outgoing tunnel packets, and incoming tunnel -# packets are accepted on all local IP addresses. -# -# $my_inner_ipaddr = undef -# Local IP address of the tunnel interface. -# -# == RedHat only Open vSwitch specific parameters -# -# $devicetype = undef, -# Always set to "ovs" if configuring OVS* type. -# -# $bond_ifaces = undef, -# Physical interfaces for "OVSBond". -# -# $ovs_bridge = undef, -# For types other than "OVSBridge" type. It specifies the OVS bridge -# to which port, patch or tunnel should be attached to. -# -# $ovs_ports = undef, -# It specifies the OVS ports should OVS bridge attach -# -# $ovs_extra = undef, -# Optional: extra ovs-vsctl commands seperate by "--" (double dash) -# -# $ovs_options = undef, -# Optional: extra options to set in the Port table. -# Check ovs-vsctl's add-port man page. -# -# $ovs_patch_peer = undef, -# Patche's peer on the other bridge for "OVSPatchPort" type. -# -# $ovs_tunnel_type = undef, -# Tunnel types (eg. "vxlan", "gre") for "OVSTunnel" type. -# -# $ovs_tunnel_options = undef, -# Tunnel options (eg. "remote_ip") for "OVSTunnel" type. -# -# $ovsdhcpinterfaces = undef, -# All the interfaces that can reach the DHCP server as a space separated list -# -# $ovsbootproto = undef, -# Needs OVSBOOTPROTO instead of BOOTPROTO to enable DHCP on the bridge -# -# Check the arguments in the code for the other RedHat specific settings -# If defined they are set in the used template. -# -# == RedHat only InfiniBand specific parameters -# -# $connected_mode = undef, -# Enable or not InfiniBand CONNECTED_MODE. It true, CONNECTED_MODE=yes will -# be added to ifcfg file. -# -# == Suse and Debian only parameters -# -# $aliases = undef -# Array of aliased IPs for given interface. -# Note, that for Debian generated interfaces will have static method and -# netmask 255.255.255.255. If you need something other - generate -# interfaces by hand. Also note, that interfaces will be named -# $interface:$idx, where $idx is IP index in list, starting from 0. -# If you're adding manual interfaces - beware of clashes. -# -# == Suse only parameters -# -# Check the arguments in the code for the other Suse specific settings -# If defined they are set in the used template. -# -# -# == Red Hat zLinux on IBM ZVM/System Z (s390/s390x) only parameters -# -# $subchannels = undef, -# The hardware addresses of QETH or Hipersocket hardware. -# -# $nettype = undef, -# The networking hardware type. qeth, lcs or ctc. -# The default is 'qeth'. -# -# $layer2 = undef, -# The networking layer mode in Red Hat 6. 0 or 1. -# The defauly is 0. From Red Hat 7 this is confifured using the options -# parameter below. -# -# $zlinux_options = undef -# You can add any valid sysfs attribute and its value to the OPTIONS -# parameter.The Red Hat Enterprise Linux (7 )installation program currently -# uses this to configure the layer mode (layer2) and the relative port -# number (portno) of qeth devices. +# @example +# network::interface { 'namevar': } define network::interface ( + Boolean $enable = true, + Enum['present','absent'] $ensure = 'present', - $enable = true, - $ensure = 'present', - $template = "network/interface/${::osfamily}.erb", - $options = undef, - $options_extra_redhat = undef, - $options_extra_debian = undef, - $options_extra_suse = undef, - $interface = $name, - $restart_all_nic = true, - $reload_command = undef, - - $enable_dhcp = false, - - $ipaddress = '', - $netmask = undef, - $network = undef, - $broadcast = undef, - $gateway = undef, - $hwaddr = undef, - $mtu = undef, - - $description = undef, - - ## Debian specific - $manage_order = '10', - $auto = true, - $allow_hotplug = undef, - $method = '', - $family = 'inet', - $stanza = 'iface', - $address = '', - $dns_search = undef, - $dns_nameservers = undef, - # For method: static - $metric = undef, - $pointopoint = undef, - - # For method: dhcp - $hostname = undef, - $leasehours = undef, - $leasetime = undef, - $client = undef, - - # For method: bootp - $bootfile = undef, - $server = undef, + String $template = "network/interface/${::osfamily}.epp", + Optional $config_path = undef, - # For method: tunnel - $mode = undef, - $endpoint = undef, - $dstaddr = undef, - $local = undef, - $ttl = undef, + Boolean $enable_dhcp = false, - # For method: ppp - $provider = undef, - $unit = undef, + String $interface = $title, + String $description = "Interface $title", - # For inet6 family - $privext = undef, - $dhcp = undef, - $media = undef, - $accept_ra = undef, - $autoconf = undef, - $vlan_raw_device = undef, + Optional[Stdlib::Compat::Ipv4] $ipv4_address = undef, + Optional[Stdlib::Compat::Ipv4] $ipv4_netmask = undef, + Optional[Stdlib::Compat::Ipv4] $ipv4_broadcast = undef, - # Convenience shortcuts - $nonlocal_gateway = undef, - $additional_networks = [ ], + Optional[Stdlib::Compat::Ipv6] $ipv6_address = undef, + Optional[Stdlib::Compat::Ipv6] $ipv6_netmask = undef, - # Common ifupdown scripts - $up = [ ], - $pre_up = [ ], - $post_up = [ ], - $down = [ ], - $pre_down = [ ], - $post_down = [ ], + Hash $extra_settings = {}, + Boolean $use_default_settings = true, - # For virtual routing and forwarding (VRF) - $vrf = undef, - $vrf_table = undef, + Hash $options = {}, + Boolean $restart_all_nic = true, + Optional[String]$reload_command = undef, - # For bonding - $slaves = [ ], - $bond_mode = undef, - $bond_miimon = undef, - $bond_downdelay = undef, - $bond_updelay = undef, - $bond_lacp_rate = undef, - $bond_master = undef, - $bond_primary = undef, - $bond_slaves = [ ], - $bond_xmit_hash_policy = undef, - $bond_num_grat_arp = undef, - $bond_arp_all = undef, - $bond_arp_interval = undef, - $bond_arp_iptarget = undef, - $bond_fail_over_mac = undef, - $bond_ad_select = undef, - $use_carrier = undef, - $primary_reselect = undef, + Boolean $manage_prerequisites = true, + Boolean $suppress_warnings = false, +) { - # For teaming - $team_config = undef, - $team_port_config = undef, - $team_master = undef, - - # For bridging - $bridge_ports = [ ], - $bridge_stp = undef, - $bridge_fd = undef, - $bridge_maxwait = undef, - $bridge_waitport = undef, - - # For wpa_supplicant - $wpa_ssid = undef, - $wpa_bssid = undef, - $wpa_psk = undef, - $wpa_key_mgmt = [ ], - $wpa_group = [ ], - $wpa_pairwise = [ ], - $wpa_auth_alg = [ ], - $wpa_proto = [ ], - $wpa_identity = undef, - $wpa_password = undef, - $wpa_scan_ssid = undef, - $wpa_ap_scan = undef, - - ## RedHat specific - $ipaddr = '', - $prefix = undef, - $uuid = undef, - $bootproto = '', - $userctl = 'no', - $type = 'Ethernet', - $ethtool_opts = undef, - $ipv6init = undef, - $ipv6_autoconf = undef, - $ipv6_privacy = undef, - $ipv6_addr_gen_mode = undef, - $ipv6addr = undef, - $ipv6addr_secondaries = [], - $ipv6_defaultgw = undef, - $dhcp_hostname = undef, - $srcaddr = undef, - $peerdns = '', - $peerntp = '', - $onboot = '', - $onparent = undef, - $defroute = undef, - $dns1 = undef, - $dns2 = undef, - $dns3 = undef, - $domain = undef, - $nm_controlled = undef, - $master = undef, - $slave = undef, - $bonding_master = undef, - $bonding_opts = undef, - $vlan = undef, - $vlan_name_type = undef, - $vlan_id = undef, - $vid = undef, - $physdev = undef, - $bridge = undef, - $arpcheck = undef, - $zone = undef, - $arp = undef, - $nozeroconf = undef, - $linkdelay = undef, - $check_link_down = false, - $hotplug = undef, - $persistent_dhclient = undef, - $nm_name = undef, - - # RedHat specific for InfiniBand - $connected_mode = undef, - - # RedHat specific for GRE - $peer_outer_ipaddr = undef, - $peer_inner_ipaddr = undef, - $my_outer_ipaddr = undef, - $my_inner_ipaddr = undef, - - # RedHat and Debian specific for Open vSwitch - $devicetype = undef, # On RedHat. Same of ovs_type for Debian - $bond_ifaces = undef, # On RedHat Same of ovs_bonds for Debian - $ovs_type = undef, # Debian - $ovs_bonds = undef, # Debian - $ovs_bridge = undef, - $ovs_ports = undef, - $ovs_extra = undef, - $ovs_options = undef, - $ovs_patch_peer = undef, - $ovsrequires = undef, - $ovs_tunnel_type = undef, - $ovs_tunnel_options = undef, - $ovsdhcpinterfaces = undef, - $ovsbootproto = undef, - - # RedHat specific for zLinux - $subchannels = undef, - $nettype = undef, - $layer2 = undef, - $zlinux_options = undef, - - ## Suse specific - $startmode = '', - $usercontrol = 'no', - $firewall = undef, - $aliases = undef, - $remote_ipaddr = undef, - $check_duplicate_ip = undef, - $send_gratuitous_arp = undef, - $pre_up_script = undef, - $post_up_script = undef, - $pre_down_script = undef, - $post_down_script = undef, - - # For bonding - $bond_moduleopts = undef, - # also used for Suse bonding: $bond_master, $bond_slaves - - # For bridging - $bridge_fwddelay = undef, - # also used for Suse bridging: $bridge, $bridge_ports, $bridge_stp - - # For vlan - $etherdevice = undef, - # also used for Suse vlan: $vlan - - ) { - - include ::network - - validate_bool($auto) - validate_bool($enable) - validate_bool($restart_all_nic) - - validate_array($up) - validate_array($pre_up) - validate_array($down) - validate_array($pre_down) - validate_array($slaves) - validate_array($bond_slaves) - validate_array($bridge_ports) - validate_array($wpa_key_mgmt) - validate_array($wpa_group) - validate_array($wpa_pairwise) - validate_array($wpa_auth_alg) - validate_array($wpa_proto) - - # $subchannels is only valid for zLinux/SystemZ/s390x. - if $::architecture == 's390x' { - validate_array($subchannels) - validate_re($nettype, '^(qeth|lcs|ctc)$', "${name}::\$nettype may be 'qeth', 'lcs' or 'ctc' only and is set to <${nettype}>.") - # Different parameters required for RHEL6 and RHEL7 - if $::operatingsystemmajrelease =~ /^7/ { - validate_string($zlinux_options) - } else { - validate_re($layer2, '^0|1$', "${name}::\$layer2 must be 1 or 0 and is to <${layer2}>.") + ### Define variables + # Build configuration settings hash + case fact('os.osfamily') { + 'RedHat': { + $os_settings = { + DEVICE => $interface, + NM_CONTROLLED => 'no', + } } + 'Debian': { + $os_settings = { + } + $os_settings = { + } + } + default: {} } - if $arp != undef and ! ($arp in ['yes', 'no']) { - fail('arp must be one of: undef, yes, no') - } - - if $arpcheck != undef and ! ($arpcheck in ['yes', 'no']) { - fail('arpcheck must be one of: undef, yes, no') - } - - if $nozeroconf != undef and ! ($nozeroconf in ['yes', 'no']) { - fail('nozeroconf must be one of: undef, yes, no') - } - - if $check_duplicate_ip != undef and ! ($check_duplicate_ip in ['yes', 'no']) { - fail('check_duplicate_ip must be one of: undef, yes, no') - } - if $send_gratuitous_arp != undef and ! ($send_gratuitous_arp in ['yes', 'no']) { - fail('send_gratuitous_arp must be one of: undef, yes, no') + # $settings variable is used in templates + if $use_default_settings { + $settings = $os_settings + $extra_settings + } else { + $settings = $extra_settings } - - if $::osfamily != 'RedHat' and ($type == 'InfiniBand' or $connected_mode) { - fail('InfiniBand parameters are supported only for RedHat family.') + # Content used in interface configuration file + $template_type=$template[-4,4] + case $template_type { + '.epp': { + $content = epp($template,$settings) + } + '.erb': { + $content = template($template) + } + default: { + # If no known extension is present, we treat $template as an erb template + $content = template($template) + } } - - if $type != 'InfiniBand' and $connected_mode != undef { - fail('CONNECTED_MODE parameter available for InfiniBand interfaces only') + # Configuration file path + case fact('os.family') { + 'RedHat': { + $config_file_path = pick($config_path,"/etc/sysconfig/network-scripts/ifcfg-${title}") + } + 'Suse': { + $config_file_path = pick($config_path,"/etc/sysconfig/network/ifcfg-${title}") + } + 'Debian': { + if fact('os.name') == 'CumulusLinux' { + $config_file_path = pick($config_path,"/etc/network/interfaces.d/${title}") + } else { + $config_file_path = pick($config_path,"/etc/network/interfaces.d/${title}.cfg") + } + } + 'Solaris': { + $config_file_path = pick($config_path,"/etc/hostname.${title}") + } } - if $prefix != undef and $netmask != undef { - fail('Use either netmask or prefix to define the netmask for the interface') - } + # Define how to restart network service + $network_notify = pick($reload_command, $::network::manage_config_file_notify) - $manage_hwaddr = $hwaddr ? { - default => $hwaddr, - } - $manage_method = $method ? { - '' => $enable_dhcp ? { - true => 'dhcp', - false => 'static', - }, - default => $method, - } + ### Manage configurations + case fact('os.name') { - # Debian specific - case $manage_method { - 'auto': { $manage_address = undef } - 'bootp': { $manage_address = undef } - 'dhcp': { $manage_address = undef } - 'ipv4ll': { $manage_address = undef } - 'loopback': { $manage_address = undef } - 'manual': { $manage_address = undef } - 'none': { $manage_address = undef } - 'ppp': { $manage_address = undef } - 'wvdial': { $manage_address = undef } - default: { - $manage_address = $my_inner_ipaddr ? { - undef => $address ? { - '' => $ipaddress, - default => $address, - }, - default => $my_inner_ipaddr, + # On RedHat family we manage "/etc/sysconfig/network-scripts/ifcfg-${title}" + 'RedHat', 'CentOS', 'Scientific', 'OracleLinux','Fedora': { + # Configuration + file { $config_file_path: + ensure => $ensure, + content => $content, + mode => '0644', + owner => 'root', + group => 'root', + notify => $network_notify, } } - } - # Redhat and Suse specific - if $::operatingsystem == 'SLES' and versioncmp($::operatingsystemrelease, 12) >= 0 { - $bootproto_false = 'static' - } else { - $bootproto_false = 'none' - } - - $manage_bootproto = $bootproto ? { - '' => $enable_dhcp ? { - true => 'dhcp', - false => $bootproto_false - }, - default => $bootproto, - } - $manage_peerdns = $peerdns ? { - '' => $manage_bootproto ? { - 'dhcp' => 'yes', - default => 'no', - }, - true => 'yes', - false => 'no', - default => $peerdns, - } - $manage_peerntp = $peerntp ? { - '' => $manage_bootproto ? { - 'dhcp' => 'yes', - default => 'no', - }, - default => $peerntp, - } - $manage_ipaddr = $ipaddr ? { - '' => $ipaddress, - default => $ipaddr, - } - $manage_onboot = $onboot ? { - '' => $enable ? { - true => 'yes', - false => 'no', - }, - default => $onboot, - } - $manage_defroute = $defroute ? { - true => 'yes', - false => 'no', - default => $defroute, - } - $manage_startmode = $startmode ? { - '' => $enable ? { - true => 'auto', - false => 'off', - }, - default => $startmode, - } - - # Resources - $real_reload_command = $reload_command ? { - undef => $::operatingsystem ? { - 'CumulusLinux' => 'ifreload -a', - default => "ifdown ${interface} --force ; ifup ${interface}", - }, - default => $reload_command, - } - if $restart_all_nic == false and $::kernel == 'Linux' { - exec { "network_restart_${name}": - command => $real_reload_command, - path => '/sbin', - refreshonly => true, + # On Suse family we manage "/etc/sysconfig/network/ifcfg-${title}" + 'SLES', 'OpenSuSE': { + # Prerequisites + if $manage_prerequisites + and has_key($settings,'VLAN_ID') + and !defined(Package['vlan']) { + package { 'vlan': + ensure => 'present', + } + Package['vlan'] -> File[$config_file_path] + } + if $manage_prerequisites + and has_key($settings,'BRIDGE') + and !defined(Package['bridge-utils']) { + package { 'bridge-utils': + ensure => 'present', + } + Package['bridge-utils'] -> File[$config_file_path] + } + # Configuration + file { $config_file_path: + ensure => $ensure, + content => $content, + mode => '0600', + owner => 'root', + group => 'root', + notify => $network_notify, + } } - $network_notify = "Exec[network_restart_${name}]" - } else { - $network_notify = $network::manage_config_file_notify - } - - case $::osfamily { - 'Debian': { - if $vlan_raw_device { - if versioncmp('9.0', $::operatingsystemrelease) >= 0 - and !defined(Package['vlan']) { - package { 'vlan': - ensure => 'present', - } + # On Debian family we manage "/etc/network/interfaces.d/${title}.cfg" + # or lines in /etc/sysconfig/network according to the value of + # $::network::config_file_per_interface + 'Debian', 'Ubuntu', 'LinuxMint': { + # Prerequisites + if $manage_prerequisites + and has_key($settings,'vlan-raw-device') + and versioncmp('9.0', $::operatingsystemrelease) >= 0 + and !defined(Package['vlan']) { + package { 'vlan': + ensure => 'present', } } - - if $network::config_file_per_interface { + # Configuration + if $::network::config_file_per_interface { + # Scenario with a file per interface if ! defined(File['/etc/network/interfaces.d']) { file { '/etc/network/interfaces.d': ensure => 'directory', @@ -676,41 +167,21 @@ group => 'root', } } - if $::operatingsystem == 'CumulusLinux' { - file { "interface-${name}": - ensure => $ensure, - path => "/etc/network/interfaces.d/${name}", - content => template($template), - notify => $network_notify, - } - if ! defined(File_line['config_file_per_interface']) { - file_line { 'config_file_per_interface': - ensure => $ensure, - path => '/etc/network/ifupdown2/ifupdown2.conf', - line => 'addon_scripts_support=1', - match => 'addon_scripts_suppor*', - notify => $network_notify, - } - } - } else { - file { "interface-${name}": - ensure => $ensure, - path => "/etc/network/interfaces.d/${name}.cfg", - content => template($template), - notify => $network_notify, - } - if ! defined(File_line['config_file_per_interface']) { - file_line { 'config_file_per_interface': - ensure => $ensure, - path => '/etc/network/interfaces', - line => 'source /etc/network/interfaces.d/*.cfg', - notify => $network_notify, - } + file { $config_file_path: + ensure => $ensure, + content => $content, + notify => $network_notify, + } + if ! defined(File_line['config_file_per_interface']) { + file_line { 'config_file_per_interface': + ensure => $ensure, + path => '/etc/network/interfaces', + line => 'source /etc/network/interfaces.d/*.cfg', + notify => $network_notify, } } - File['/etc/network/interfaces.d'] - -> File["interface-${name}"] } else { + # Scenario with everything configured in /etc/network/interfaces if ! defined(Concat['/etc/network/interfaces']) { concat { '/etc/network/interfaces': mode => '0644', @@ -719,87 +190,66 @@ notify => $network_notify, } } - - concat::fragment { "interface-${name}": + concat::fragment { "interface-${title}": target => '/etc/network/interfaces', - content => template($template), - order => $manage_order, + content => $content, + order => pick($options['order'], 50), } - } - - if ! defined(Network::Interface['lo']) { - network::interface { 'lo': - address => '127.0.0.1', - method => 'loopback', - manage_order => '05', + if ! defined(Network::Interface['lo']) { + network::interface { 'lo': + address => '127.0.0.1', + method => 'loopback', + options => { 'order' => '05' }, + } } } } - 'RedHat': { - file { "/etc/sysconfig/network-scripts/ifcfg-${name}": + # On Cumulus we manage "/etc/network/interfaces.d/${name}" + # and line addon_scripts_support=1 in /etc/network/ifupdown2/ifupdown2.conf + 'CumulusLinux': { + # Configuration + file { $config_file_path: ensure => $ensure, - content => template($template), - mode => '0644', - owner => 'root', - group => 'root', + content => $content, notify => $network_notify, } - } - - 'Suse': { - if $vlan { - if !defined(Package['vlan']) { - package { 'vlan': - ensure => 'present', - } - } - Package['vlan'] - -> File["/etc/sysconfig/network/ifcfg-${name}"] - } - if $bridge { - if !defined(Package['bridge-utils']) { - package { 'bridge-utils': - ensure => 'present', - } + if ! defined(File_line['config_file_per_interface']) { + file_line { 'config_file_per_interface': + ensure => $ensure, + path => '/etc/network/ifupdown2/ifupdown2.conf', + line => 'addon_scripts_support=1', + match => 'addon_scripts_suppor*', + notify => $network_notify, } - Package['bridge-utils'] - -> File["/etc/sysconfig/network/ifcfg-${name}"] - } - - file { "/etc/sysconfig/network/ifcfg-${name}": - ensure => $ensure, - content => template($template), - mode => '0600', - owner => 'root', - group => 'root', - notify => $network_notify, } } + # On Solaris we manage "/etc/hostname.${title}" + # ipadm exec, host entry and network service 'Solaris': { + # Configuration if $::operatingsystemrelease == '5.11' { if ! defined(Service['svc:/network/physical:nwam']) { service { 'svc:/network/physical:nwam': ensure => stopped, enable => false, - before => [ - Service['svc:/network/physical:default'], - Exec["create ipaddr ${title}"], - File["hostname iface ${title}"], - ], } } + Service['svc:/network/physical:nwam'] + -> Service['svc:/network/physical:default'] + -> Exec["create ipaddr ${title}"] + -> File[$config_file_path] } case $::operatingsystemmajrelease { '11','5': { if $enable_dhcp { - $create_ip_command = "ipadm create-addr -T dhcp ${title}/dhcp" - $show_ip_command = "ipadm show-addr ${title}/dhcp" + $create_ip_command = "ipadm create-addr -T dhcp ${interface}/dhcp" + $show_ip_command = "ipadm show-addr ${interface}/dhcp" } else { - $create_ip_command = "ipadm create-addr -T static -a ${ipaddress}/${netmask} ${title}/v4static" - $show_ip_command = "ipadm show-addr ${title}/v4static" + $create_ip_command = "ipadm create-addr -T static -a ${ipv4_address}/${ipv4_netmask} ${interface}/v4static" + $show_ip_command = "ipadm show-addr ${interface}/v4static" } } default: { @@ -811,37 +261,34 @@ command => $create_ip_command, unless => $show_ip_command, path => '/bin:/sbin:/usr/sbin:/usr/bin:/usr/gnu/bin', - tag => 'solaris', } - file { "hostname iface ${title}": - ensure => file, - path => "/etc/hostname.${title}", - content => inline_template("<%= @ipaddress %> netmask <%= @netmask %>\n"), + file { $config_file_path: + ensure => $ensure, + content => $content, require => Exec["create ipaddr ${title}"], - tag => 'solaris', } host { $::fqdn: ensure => present, - ip => $ipaddress, + ip => $ipv4_address, host_aliases => [$::hostname], - require => File["hostname iface ${title}"], + require => File[$config_file_path], } if ! defined(Service['svc:/network/physical:default']) { service { 'svc:/network/physical:default': ensure => running, enable => true, - subscribe => [ - File["hostname iface ${title}"], - Exec["create ipaddr ${title}"], - ], } } + Service['svc:/network/physical:default'] ~> File[$config_file_path] + Service['svc:/network/physical:default'] ~> Exec["create ipaddr ${interface}"] } + # Other OS not supported default: { - alert("${::operatingsystem} not supported. No changes done here.") + if ! $suppress_warnings { + alert("${::operatingsystem} not supported. Nothing done here. Set $suppress_warnings to true to disable this message") + } } - } } diff --git a/manifests/legacy/interface.pp b/manifests/legacy/interface.pp new file mode 100644 index 0000000..0565c0b --- /dev/null +++ b/manifests/legacy/interface.pp @@ -0,0 +1,804 @@ +# +# = Define: network::interface +# +#  +# This define manages interfaces. +# Currently only Debian and RedHat families supported. +# Some parameters are supported only for specific families +# +# == Common parameters +# +# $enable_dhcp +# Boolean. Default: false +# Activates DHCP on the interface +# +# [*ipaddress*] +# [*netmask*] +# [*broadcast*] +# [*hwaddr*] +# String. Default: undef +# Standard network parameters +# +# [*enable*] +# Boolean. Default: true +# Manages the interface presence. Possible values: +# * true - Interface created and enabled at boot. +# * false - Interface removed from boot. +# +# [*template*] +# String. Optional. Default: Managed by module. +# Provide an alternative custom template to use for configuration of: +# - On Debian: file fragments in /etc/network/interfaces +# - On RedHat: files /etc/sysconfig/network-scripts/ifcfg-${name} +# You can copy and adapt network/templates/interface/${::osfamily}.erb +# +# [*restart_all_nic*] +# Boolean. Default: true +# Manages the way to apply interface creation/modification: +# - If true, will trigger a restart of all network interfaces +# - If false, will only start/restart this specific interface +# +# [*reload_command*] +# String. Default: $::operatingsystem ? {'CumulusLinux' => 'ifreload -a', +# default => "ifdown ${interface}; ifup ${interface}", +# } +# Defines the command(s) that will be used to reload a nic when restart_all_nic +# is set to false +# +# [*options*] +# A generic hash of custom options that can be used in a custom template +# +# [*description*] +# String. Optional. Default: undef +# Adds comment with given description in file before interface declaration. +# +# == Debian only parameters +# +# $address = undef, +# Both ipaddress (standard name) and address (Debian param name) if set +# configure the ipv4 address of the interface. +# If both are present address is used. +# Note, that if $my_inner_ipaddr (for GRE) is set - it is used instead. +# +# $manage_order = 10, +# This is used by concat to define the order of your fragments, +# can be used to load an interface before another. +# default it's 10. +# +# $method = '', +# Both enable_dhcp (standard) and method (Debian specific param name) if set +# configure dhcp on the interface via the method setting. +# If both are present method is used. +# +# $up = [ ], +# $pre_up = [ ], +# $post_up = [ ], +# $down = [ ], +# $pre_down = [ ], +# $post_down = [ ], +# Map to Debian interfaces parameters (with _ instead of -) +# Note that these params MUST be arrays, even if with only one element +# +# $nonlocal_gateway = undef, +# Gateway, that does not belong to interface's network and needs extra +# route to be available. Shortcut for: +# +# post-up ip route add $nonlocal_gateway dev $interface +# post-up ip route add default via $nonlocal_gateway dev $interface +# pre-down ip route del default via $nonlocal_gateway dev $interface +# pre-down ip route del $nonlocal_gateway dev $interface +# +# $additional_networks = [], +# Convenience shortcut to add more networks to the interface. Expands to: +# +# up ip addr add $network dev $interface +# down ip addr del $network dev $interface +# +# Check the arguments in the code for the other Debian specific settings +# If defined they are set in the used template. +# +# == RedHat only parameters +# +# $type = 'Ethernet', +# Defaults to 'Ethernet', but following types are supported for OVS: +# "OVSPort", "OVSIntPort", "OVSBond", "OVSTunnel" and "OVSPatchPort". +# +# $ipaddr = undef, +# Both ipaddress (standard name) and ipaddr (RedHat param name) if set +# configure the ipv4 address of the interface. +# If both are present ipaddr is used. +# +# $hwaddr = undef, +# hwaddr if set configures the mac address of the interface. +# +# $bootproto = '', +# Both enable_dhcp (standard) and bootproto (Debian specific param name), +# if set, configure dhcp on the interface via the bootproto setting. +# If both are present bootproto is used. +# +# $arpcheck = undef +# Whether the interface will check if the supplied IP address is already in +# use. Valid values are undef, "yes", "no". +# +# $arp = undef +# Used to enable or disable ARP completely for an interface at initialization +# Valid values are undef, "yes", "no". +# +# $nozeroconf = undef +# Used to enable or disable ZEROCONF routes completely for an +# interface at initialization +# Valid values are undef, "yes, 'no". +# +# $linkdelay = undef +# Used to introduce a delay (sleep) of the specified number of seconds when +# bringing an interface up. +# +# $check_link_down = false +# Set to true to add check_link_down function in the interface file +# +# $hotswap = undef +# Set to no to prevent interface from being activated when hot swapped - Default is yes +# +# == RedHat and Debian only GRE interface specific parameters +# +# $peer_outer_ipaddr = undef +# IP address of the remote tunnel endpoint +# +# $peer_inner_ipaddr = undef +# IP address of the remote end of the tunnel interface. If this is specified, +# a route to PEER_INNER_IPADDR through the tunnel is added automatically. +# +# $my_outer_ipaddr = undef +# IP address of the local tunnel endpoint. If unspecified, an IP address +# is selected automatically for outgoing tunnel packets, and incoming tunnel +# packets are accepted on all local IP addresses. +# +# $my_inner_ipaddr = undef +# Local IP address of the tunnel interface. +# +# == RedHat only Open vSwitch specific parameters +# +# $devicetype = undef, +# Always set to "ovs" if configuring OVS* type. +# +# $bond_ifaces = undef, +# Physical interfaces for "OVSBond". +# +# $ovs_bridge = undef, +# For types other than "OVSBridge" type. It specifies the OVS bridge +# to which port, patch or tunnel should be attached to. +# +# $ovs_ports = undef, +# It specifies the OVS ports should OVS bridge attach +# +# $ovs_extra = undef, +# Optional: extra ovs-vsctl commands seperate by "--" (double dash) +# +# $ovs_options = undef, +# Optional: extra options to set in the Port table. +# Check ovs-vsctl's add-port man page. +# +# $ovs_patch_peer = undef, +# Patche's peer on the other bridge for "OVSPatchPort" type. +# +# $ovs_tunnel_type = undef, +# Tunnel types (eg. "vxlan", "gre") for "OVSTunnel" type. +# +# $ovs_tunnel_options = undef, +# Tunnel options (eg. "remote_ip") for "OVSTunnel" type. +# +# $ovsdhcpinterfaces = undef, +# All the interfaces that can reach the DHCP server as a space separated list +# +# $ovsbootproto = undef, +# Needs OVSBOOTPROTO instead of BOOTPROTO to enable DHCP on the bridge +# +# Check the arguments in the code for the other RedHat specific settings +# If defined they are set in the used template. +# +# == Suse and Debian only parameters +# +# $aliases = undef +# Array of aliased IPs for given interface. +# Note, that for Debian generated interfaces will have static method and +# netmask 255.255.255.255. If you need something other - generate +# interfaces by hand. Also note, that interfaces will be named +# $interface:$idx, where $idx is IP index in list, starting from 0. +# If you're adding manual interfaces - beware of clashes. +# +# == Suse only parameters +# +# Check the arguments in the code for the other Suse specific settings +# If defined they are set in the used template. +# +# +# == Red Hat zLinux on IBM ZVM/System Z (s390/s390x) only parameters +# +# $subchannels = undef, +# The hardware addresses of QETH or Hipersocket hardware. +# +# $nettype = undef, +# The networking hardware type. qeth, lcs or ctc. +# The default is 'qeth'. +# +# $layer2 = undef, +# The networking layer mode in Red Hat 6. 0 or 1. +# The defauly is 0. From Red Hat 7 this is confifured using the options +# parameter below. +# +# $zlinux_options = undef +# You can add any valid sysfs attribute and its value to the OPTIONS +# parameter.The Red Hat Enterprise Linux (7 )installation program currently +# uses this to configure the layer mode (layer2) and the relative port +# number (portno) of qeth devices. +define network::legacy::interface ( + + $enable = true, + $ensure = 'present', + $template = "network/legacy/interface/${::osfamily}.erb", + $options = undef, + $interface = $name, + $restart_all_nic = true, + $reload_command = undef, + + $enable_dhcp = false, + + $ipaddress = '', + $netmask = undef, + $network = undef, + $broadcast = undef, + $gateway = undef, + $hwaddr = undef, + $mtu = undef, + + $description = undef, + + ## Debian specific + $manage_order = '10', + $auto = true, + $allow_hotplug = undef, + $method = '', + $family = 'inet', + $stanza = 'iface', + $address = '', + $dns_search = undef, + $dns_nameservers = undef, + # For method: static + $metric = undef, + $pointopoint = undef, + + # For method: dhcp + $hostname = undef, + $leasehours = undef, + $leasetime = undef, + $client = undef, + + # For method: bootp + $bootfile = undef, + $server = undef, + + # For method: tunnel + $mode = undef, + $endpoint = undef, + $dstaddr = undef, + $local = undef, + $ttl = undef, + + # For method: ppp + $provider = undef, + $unit = undef, + + # For inet6 family + $privext = undef, + $dhcp = undef, + $media = undef, + $accept_ra = undef, + $autoconf = undef, + $vlan_raw_device = undef, + + # Convenience shortcuts + $nonlocal_gateway = undef, + $additional_networks = [ ], + + # Common ifupdown scripts + $up = [ ], + $pre_up = [ ], + $post_up = [ ], + $down = [ ], + $pre_down = [ ], + $post_down = [ ], + + # For virtual routing and forwarding (VRF) + $vrf = undef, + $vrf_table = undef, + + # For bonding + $slaves = [ ], + $bond_mode = undef, + $bond_miimon = undef, + $bond_downdelay = undef, + $bond_updelay = undef, + $bond_lacp_rate = undef, + $bond_master = undef, + $bond_primary = undef, + $bond_slaves = [ ], + $bond_xmit_hash_policy = undef, + $bond_num_grat_arp = undef, + $bond_arp_all = undef, + $bond_arp_interval = undef, + $bond_arp_iptarget = undef, + $bond_fail_over_mac = undef, + $bond_ad_select = undef, + $use_carrier = undef, + $primary_reselect = undef, + + # For teaming + $team_config = undef, + $team_port_config = undef, + $team_master = undef, + + # For bridging + $bridge_ports = [ ], + $bridge_stp = undef, + $bridge_fd = undef, + $bridge_maxwait = undef, + $bridge_waitport = undef, + + # For wpa_supplicant + $wpa_ssid = undef, + $wpa_bssid = undef, + $wpa_psk = undef, + $wpa_key_mgmt = [ ], + $wpa_group = [ ], + $wpa_pairwise = [ ], + $wpa_auth_alg = [ ], + $wpa_proto = [ ], + $wpa_identity = undef, + $wpa_password = undef, + $wpa_scan_ssid = undef, + $wpa_ap_scan = undef, + + ## RedHat specific + $ipaddr = '', + $uuid = undef, + $bootproto = '', + $userctl = 'no', + $type = 'Ethernet', + $ethtool_opts = undef, + $ipv6init = undef, + $ipv6_autoconf = undef, + $ipv6addr = undef, + $ipv6_defaultgw = undef, + $dhcp_hostname = undef, + $srcaddr = undef, + $peerdns = '', + $peerntp = '', + $onboot = '', + $onparent = undef, + $defroute = undef, + $dns1 = undef, + $dns2 = undef, + $domain = undef, + $nm_controlled = undef, + $master = undef, + $slave = undef, + $bonding_master = undef, + $bonding_opts = undef, + $vlan = undef, + $vlan_name_type = undef, + $vlan_id = undef, + $physdev = undef, + $bridge = undef, + $arpcheck = undef, + $zone = undef, + $arp = undef, + $nozeroconf = undef, + $linkdelay = undef, + $check_link_down = false, + $hotplug = undef, + $persistent_dhclient = undef, + $nm_name = undef, + + # RedHat specific for GRE + $peer_outer_ipaddr = undef, + $peer_inner_ipaddr = undef, + $my_outer_ipaddr = undef, + $my_inner_ipaddr = undef, + + # RedHat and Debian specific for Open vSwitch + $devicetype = undef, # On RedHat. Same of ovs_type for Debian + $bond_ifaces = undef, # On RedHat Same of ovs_bonds for Debian + $ovs_type = undef, # Debian + $ovs_bonds = undef, # Debian + $ovs_bridge = undef, + $ovs_ports = undef, + $ovs_extra = undef, + $ovs_options = undef, + $ovs_patch_peer = undef, + $ovsrequires = undef, + $ovs_tunnel_type = undef, + $ovs_tunnel_options = undef, + $ovsdhcpinterfaces = undef, + $ovsbootproto = undef, + + # RedHat specific for zLinux + $subchannels = undef, + $nettype = undef, + $layer2 = undef, + $zlinux_options = undef, + + ## Suse specific + $startmode = '', + $usercontrol = 'no', + $firewall = undef, + $aliases = undef, + $remote_ipaddr = undef, + $check_duplicate_ip = undef, + $send_gratuitous_arp = undef, + $pre_up_script = undef, + $post_up_script = undef, + $pre_down_script = undef, + $post_down_script = undef, + + # For bonding + $bond_moduleopts = undef, + # also used for Suse bonding: $bond_master, $bond_slaves + + # For bridging + $bridge_fwddelay = undef, + # also used for Suse bridging: $bridge, $bridge_ports, $bridge_stp + + # For vlan + $etherdevice = undef, + # also used for Suse vlan: $vlan + + ) { + + include ::network + + validate_bool($auto) + validate_bool($enable) + validate_bool($restart_all_nic) + + validate_array($up) + validate_array($pre_up) + validate_array($down) + validate_array($pre_down) + validate_array($slaves) + validate_array($bond_slaves) + validate_array($bridge_ports) + validate_array($wpa_key_mgmt) + validate_array($wpa_group) + validate_array($wpa_pairwise) + validate_array($wpa_auth_alg) + validate_array($wpa_proto) + + # $subchannels is only valid for zLinux/SystemZ/s390x. + if $::architecture == 's390x' { + validate_array($subchannels) + validate_re($nettype, '^(qeth|lcs|ctc)$', "${name}::\$nettype may be 'qeth', 'lcs' or 'ctc' only and is set to <${nettype}>.") + # Different parameters required for RHEL6 and RHEL7 + if $::operatingsystemmajrelease =~ /^7/ { + validate_string($zlinux_options) + } else { + validate_re($layer2, '^0|1$', "${name}::\$layer2 must be 1 or 0 and is to <${layer2}>.") + } + } + + if $arp != undef and ! ($arp in ['yes', 'no']) { + fail('arp must be one of: undef, yes, no') + } + + if $arpcheck != undef and ! ($arpcheck in ['yes', 'no']) { + fail('arpcheck must be one of: undef, yes, no') + } + + if $nozeroconf != undef and ! ($nozeroconf in ['yes', 'no']) { + fail('nozeroconf must be one of: undef, yes, no') + } + + if $check_duplicate_ip != undef and ! ($check_duplicate_ip in ['yes', 'no']) { + fail('check_duplicate_ip must be one of: undef, yes, no') + } + + if $send_gratuitous_arp != undef and ! ($send_gratuitous_arp in ['yes', 'no']) { + fail('send_gratuitous_arp must be one of: undef, yes, no') + } + + $manage_hwaddr = $hwaddr ? { + default => $hwaddr, + } + + $manage_method = $method ? { + '' => $enable_dhcp ? { + true => 'dhcp', + false => 'static', + }, + default => $method, + } + + # Debian specific + case $manage_method { + 'auto': { $manage_address = undef } + 'bootp': { $manage_address = undef } + 'dhcp': { $manage_address = undef } + 'ipv4ll': { $manage_address = undef } + 'loopback': { $manage_address = undef } + 'manual': { $manage_address = undef } + 'none': { $manage_address = undef } + 'ppp': { $manage_address = undef } + 'wvdial': { $manage_address = undef } + default: { + $manage_address = $my_inner_ipaddr ? { + undef => $address ? { + '' => $ipaddress, + default => $address, + }, + default => $my_inner_ipaddr, + } + } + } + + # Redhat and Suse specific + if $::operatingsystem == 'SLES' and $::operatingsystemrelease =~ /^12/ { + $bootproto_false = 'static' + } else { + $bootproto_false = 'none' + } + + $manage_bootproto = $bootproto ? { + '' => $enable_dhcp ? { + true => 'dhcp', + false => $bootproto_false + }, + default => $bootproto, + } + $manage_peerdns = $peerdns ? { + '' => $manage_bootproto ? { + 'dhcp' => 'yes', + default => 'no', + }, + true => 'yes', + false => 'no', + default => $peerdns, + } + $manage_peerntp = $peerntp ? { + '' => $manage_bootproto ? { + 'dhcp' => 'yes', + default => 'no', + }, + default => $peerntp, + } + $manage_ipaddr = $ipaddr ? { + '' => $ipaddress, + default => $ipaddr, + } + $manage_onboot = $onboot ? { + '' => $enable ? { + true => 'yes', + false => 'no', + }, + default => $onboot, + } + $manage_defroute = $defroute ? { + true => 'yes', + false => 'no', + default => $defroute, + } + $manage_startmode = $startmode ? { + '' => $enable ? { + true => 'auto', + false => 'off', + }, + default => $startmode, + } + + # Resources + $real_reload_command = $reload_command ? { + undef => $::operatingsystem ? { + 'CumulusLinux' => 'ifreload -a', + default => "ifdown ${interface} --force ; ifup ${interface}", + }, + default => $reload_command, + } + if $restart_all_nic == false and $::kernel == 'Linux' { + exec { "network_restart_${name}": + command => $real_reload_command, + path => '/sbin', + refreshonly => true, + } + $network_notify = "Exec[network_restart_${name}]" + } else { + $network_notify = $::network::manage_config_file_notify + } + + case $::osfamily { + + 'Debian': { + if $vlan_raw_device { + if versioncmp('9.0', $::operatingsystemrelease) >= 0 + and !defined(Package['vlan']) { + package { 'vlan': + ensure => 'present', + } + } + } + + if $network::config_file_per_interface { + if ! defined(File['/etc/network/interfaces.d']) { + file { '/etc/network/interfaces.d': + ensure => 'directory', + mode => '0755', + owner => 'root', + group => 'root', + } + } + if $::operatingsystem == 'CumulusLinux' { + file { "interface-${name}": + ensure => $ensure, + path => "/etc/network/interfaces.d/${name}", + content => template($template), + notify => $network_notify, + } + if ! defined(File_line['config_file_per_interface']) { + file_line { 'config_file_per_interface': + ensure => $ensure, + path => '/etc/network/ifupdown2/ifupdown2.conf', + line => 'addon_scripts_support=1', + match => 'addon_scripts_suppor*', + notify => $network_notify, + } + } + } else { + file { "interface-${name}": + ensure => $ensure, + path => "/etc/network/interfaces.d/${name}.cfg", + content => template($template), + notify => $network_notify, + } + if ! defined(File_line['config_file_per_interface']) { + file_line { 'config_file_per_interface': + ensure => $ensure, + path => '/etc/network/interfaces', + line => 'source /etc/network/interfaces.d/*.cfg', + notify => $network_notify, + } + } + } + File['/etc/network/interfaces.d'] + -> File["interface-${name}"] + } else { + if ! defined(Concat['/etc/network/interfaces']) { + concat { '/etc/network/interfaces': + mode => '0644', + owner => 'root', + group => 'root', + notify => $network_notify, + } + } + + concat::fragment { "interface-${name}": + target => '/etc/network/interfaces', + content => template($template), + order => $manage_order, + } + + } + + if ! defined(Network::Legacy::Interface['lo']) { + network::legacy::interface { 'lo': + address => '127.0.0.1', + method => 'loopback', + manage_order => '05', + } + } + } + + 'RedHat': { + file { "/etc/sysconfig/network-scripts/ifcfg-${name}": + ensure => $ensure, + content => template($template), + mode => '0644', + owner => 'root', + group => 'root', + notify => $network_notify, + } + } + + 'Suse': { + if $vlan { + if !defined(Package['vlan']) { + package { 'vlan': + ensure => 'present', + } + } + Package['vlan'] + -> File["/etc/sysconfig/network/ifcfg-${name}"] + } + if $bridge { + if !defined(Package['bridge-utils']) { + package { 'bridge-utils': + ensure => 'present', + } + } + Package['bridge-utils'] + -> File["/etc/sysconfig/network/ifcfg-${name}"] + } + + file { "/etc/sysconfig/network/ifcfg-${name}": + ensure => $ensure, + content => template($template), + mode => '0600', + owner => 'root', + group => 'root', + notify => $network_notify, + } + } + + 'Solaris': { + if $::operatingsystemrelease == '5.11' { + if ! defined(Service['svc:/network/physical:nwam']) { + service { 'svc:/network/physical:nwam': + ensure => stopped, + enable => false, + before => [ + Service['svc:/network/physical:default'], + Exec["create ipaddr ${title}"], + File["hostname iface ${title}"], + ], + } + } + } + case $::operatingsystemmajrelease { + '11','5': { + if $enable_dhcp { + $create_ip_command = "ipadm create-addr -T dhcp ${title}/dhcp" + $show_ip_command = "ipadm show-addr ${title}/dhcp" + } else { + $create_ip_command = "ipadm create-addr -T static -a ${ipaddress}/${netmask} ${title}/v4static" + $show_ip_command = "ipadm show-addr ${title}/v4static" + } + } + default: { + $create_ip_command = 'true ' + $show_ip_command = 'true ' + } + } + exec { "create ipaddr ${title}": + command => $create_ip_command, + unless => $show_ip_command, + path => '/bin:/sbin:/usr/sbin:/usr/bin:/usr/gnu/bin', + tag => 'solaris', + } + file { "hostname iface ${title}": + ensure => file, + path => "/etc/hostname.${title}", + content => inline_template("<%= @ipaddress %> netmask <%= @netmask %>\n"), + require => Exec["create ipaddr ${title}"], + tag => 'solaris', + } + host { $::fqdn: + ensure => present, + ip => $ipaddress, + host_aliases => [$::hostname], + require => File["hostname iface ${title}"], + } + if ! defined(Service['svc:/network/physical:default']) { + service { 'svc:/network/physical:default': + ensure => running, + enable => true, + subscribe => [ + File["hostname iface ${title}"], + Exec["create ipaddr ${title}"], + ], + } + } + } + + default: { + alert("${::operatingsystem} not supported. No changes done here.") + } + + } + +} diff --git a/manifests/legacy/mroute.pp b/manifests/legacy/mroute.pp new file mode 100644 index 0000000..b434572 --- /dev/null +++ b/manifests/legacy/mroute.pp @@ -0,0 +1,125 @@ +# == Definition: network::mroute +# +# Manages multiples routes on a single file +# Configures /etc/sysconfig/networking-scripts/route-$name on Rhel +# Adds 2 files on Debian: +# One under /etc/network/if-up.d and +# One in /etc/network/if-down.d +# +# === Parameters: +# +# [*routes*] +# Required parameter. Must be an hash of network-gateway pairs. +# Example: +# network::mroute { 'bond1': +# routes => { +# '99.99.228.0/24' => 'bond1', +# '100.100.244.0/22' => '174.136.107.1', +# } +# +# [*route_up_template*] +# Template to use to manage route up setup. Default is defined according to +# $::osfamily +# +# [*route_down_template*] +# Template to use to manage route down script. Used only on Debian family. +# +# [*config_file_notify*] +# String. Optional. Default: 'class_default' +# Defines the notify argument of the created file. +# The default special value implies the same behaviour of the main class +# configuration file. Set to undef to remove any notify, or set +# the name(s) of the resources to notify +# +# +# === Actions: +# +# On Rhel +# Deploys the file /etc/sysconfig/network-scripts/route-$name. +# +# On Debian +# Deploy 2 files 1 under /etc/network/if-up.d and 1 in /etc/network/if-down.d +# +# On Suse +# Deploys the file /etc/sysconfig/network/ifroute-$name. +# +define network::legacy::mroute ( + $routes, + $interface = $name, + $config_file_notify = 'class_default', + $ensure = 'present', + $route_up_template = undef, + $route_down_template = undef, +) { + # Validate our arrays + validate_hash($routes) + + include ::network + + $real_config_file_notify = $config_file_notify ? { + 'class_default' => $::network::manage_config_file_notify, + default => $config_file_notify, + } + + $real_route_up_template = $route_up_template ? { + undef => $::osfamily ? { + 'RedHat' => 'network/legacy/mroute-RedHat.erb', + 'Debian' => 'network/legacy/mroute_up-Debian.erb', + 'SuSE' => 'network/legacy/mroute-SuSE.erb', + }, + default => $route_up_template, + } + $real_route_down_template = $route_down_template ? { + undef => $::osfamily ? { + 'Debian' => 'network/legacy/mroute_down-Debian.erb', + default => undef, + }, + default => $route_down_template, + } + + case $::osfamily { + 'RedHat': { + file { "route-${name}": + ensure => $ensure, + mode => '0644', + owner => 'root', + group => 'root', + path => "/etc/sysconfig/network-scripts/route-${name}", + content => template($real_route_up_template), + notify => $real_config_file_notify, + } + } + 'Debian': { + file { "routeup-${name}": + ensure => $ensure, + mode => '0755', + owner => 'root', + group => 'root', + path => "/etc/network/if-up.d/z90-route-${name}", + content => template($real_route_up_template), + notify => $real_config_file_notify, + } + file { "routedown-${name}": + ensure => $ensure, + mode => '0755', + owner => 'root', + group => 'root', + path => "/etc/network/if-down.d/z90-route-${name}", + content => template($real_route_down_template), + notify => $real_config_file_notify, + } + } + 'SuSE': { + file { "route-${name}": + ensure => $ensure, + mode => '0644', + owner => 'root', + group => 'root', + path => "/etc/sysconfig/network/ifroute-${name}", + content => template($real_route_up_template), + notify => $real_config_file_notify, + } + } + default: { fail('Operating system not supported') } + } +} diff --git a/manifests/legacy/params.pp b/manifests/legacy/params.pp new file mode 100644 index 0000000..7fb6393 --- /dev/null +++ b/manifests/legacy/params.pp @@ -0,0 +1,45 @@ +# Class: network::params +# +# Defines all the variables used in the module. +# +class network::params { + + $service_restart_exec = $::osfamily ? { + 'Debian' => '/sbin/ifdown -a --force ; /sbin/ifup -a', + 'Solaris' => '/usr/sbin/svcadm restart svc:/network/physical:default', + default => 'service network restart', + } + + $config_file_path = $::osfamily ? { + 'Debian' => '/etc/network/interfaces', + 'RedHat' => '/etc/sysconfig/network-scripts/ifcfg-eth0', + 'Suse' => '/etc/sysconfig/network/ifcfg-eth0', + default => undef, + } + + $config_file_mode = $::osfamily ? { + default => '0644', + } + + $config_file_owner = $::osfamily ? { + default => 'root', + } + + $config_file_group = $::osfamily ? { + default => 'root', + } + + $config_dir_path = $::osfamily ? { + 'Debian' => '/etc/network', + 'Redhat' => '/etc/sysconfig/network-scripts', + 'Suse' => '/etc/sysconfig/network', + default => undef, + } + + case $::osfamily { + 'Debian','RedHat','Amazon','Suse', 'Solaris': { } + default: { + fail("${::operatingsystem} not supported.") + } + } +} diff --git a/manifests/legacy/route.pp b/manifests/legacy/route.pp new file mode 100644 index 0000000..c3d683e --- /dev/null +++ b/manifests/legacy/route.pp @@ -0,0 +1,212 @@ +# == Definition: network::route +# +# Based on https://github.com/razorsedge/puppet-network/ route.pp manifest. +# Configures /etc/sysconfig/networking-scripts/route-$name on Rhel +# Adds 2 files on Debian: +# One under /etc/network/if-up.d and +# One in /etc/network/if-down.d +# +# === Parameters: +# +# $ipaddress - required +# $netmask - required +# $gateway - optional +# $metric - optional +# $mtu - optional +# $scope - optional +# $source - optional +# $table - optional +# $cidr - optional +# +# [*config_file_notify*] +# String. Optional. Default: 'class_default' +# Defines the notify argument of the created file. +# The default special value implies the same behaviour of the main class +# configuration file. Set to undef to remove any notify, or set +# the name(s) of the resources to notify +# +# +# === Actions: +# +# On Rhel +# Deploys 2 files under/etc/sysconfig/network-scripts/, route-$name and route6-$name +# +# On Debian +# Deploy 2 files 1 under /etc/network/if-up.d and 1 in /etc/network/if-down.d +# +# === Sample Usage: +# +# network::route { 'eth0': +# ipaddress => [ '192.168.17.0', ], +# netmask => [ '255.255.255.0', ], +# gateway => [ '192.168.17.250', ], +# } +# +# network::route { 'bond2': +# ipaddress => [ '192.168.2.0', '10.0.0.0', '::', ], +# netmask => [ '255.255.255.0', '255.0.0.0', '0', ], +# gateway => [ '192.168.1.1', '10.0.0.1', 'fd00::1', ], +# family => [ 'inet4', 'inet4', 'inet6', ], +# } +# +# Note that for the familiy parameter, everything else than "inet6" will be written +# as an IPv4 route. +# +# A routing table can also be specified for the route: +# +# network::route { 'eth1': +# ipaddress => [ '192.168.3.0', ], +# netmask => [ '255.255.255.0', ], +# gateway => [ '192.168.3.1', ], +# table => [ 'vlan22' ], +# } +# +# If adding routes to a routing table on an interface with multiple routes, it +# is necessary to specify false or 'main' for the table on the other routes. +# The 'main' routing table is where routes are added by default. +# +# The same applies if adding scope, source or gateway, i.e. false needs to be +# specified for those routes without values for those parameters, if defining +# multiple routes for the same interface. +# +# The first two routes in the following example are functionally equivalent to +# the routes added in the example above for bond2. +# +# network::route { 'bond2': +# ipaddress => [ '192.168.2.0', '10.0.0.0', '0.0.0.0', '192.168.3.0' ] +# netmask => [ '255.255.255.0', '255.0.0.0', '0.0.0.0', '255.255.255.0' ], +# gateway => [ '192.168.1.1', '10.0.0.1', '192.168.3.1', false ], +# scope => [ false, false, false, 'link', ], +# source => [ false, false, false, '192.168.3.10', ], +# table => [ false, false, 'vlan22' 'vlan22', ], +# } +# +# The second two routes yield the following routes in table vlan22: +# +# # ip route show table vlan22 +# default via 192.168.3.1 dev bond2 +# 192.168.3.0/255.255.255.0 dev bond2 scope link src 192.168.3.10 +# +# Normally the link level routing (192.168.3.0/255.255.255.0) is added +# automatically by the kernel when an interface is brought up. When using routing +# rules and routing tables, this does not happen, so this route must be added +# manually. +# +# +# === Authors: +# +# Mike Arnold +# Riccardo Capecchi +# +# === Copyright: +# +# Copyright (C) 2011 Mike Arnold, unless otherwise noted. +# +define network::legacy::route ( + $ipaddress, + $netmask, + $gateway = undef, + $metric = undef, + $mtu = undef, + $scope = undef, + $source = undef, + $table = undef, + $cidr = undef, + $family = [ 'inet4' ], + $interface = $name, + $ensure = 'present' +) { + # Validate our arrays + validate_array($ipaddress) + validate_array($netmask) + + if $gateway { + validate_array($gateway) + } + + if $metric { + validate_array($metric) + } + + if $mtu { + validate_integer($mtu) + } + + if $scope { + validate_array($scope) + } + + if $source { + validate_array($source) + } + + if $table { + validate_array($table) + } + + if $cidr { + validate_array($cidr) + $_cidr = $cidr + } else { + $_cidr = build_cidr_array($netmask) + } + + if $family { + validate_array($family) + } + + case $::osfamily { + 'RedHat': { + file { "route-${name}": + ensure => $ensure, + mode => '0644', + owner => 'root', + group => 'root', + path => "/etc/sysconfig/network-scripts/route-${name}", + content => template('network/legacy/route-RedHat.erb'), + notify => $::network::manage_config_file_notify, + } + file { "route6-${name}": + ensure => $ensure, + mode => '0644', + owner => 'root', + group => 'root', + path => "/etc/sysconfig/network-scripts/route6-${name}", + content => template('network/legacy/route6-RedHat.erb'), + notify => $::network::manage_config_file_notify, + } + } + 'Suse': { + file { "ifroute-${name}": + ensure => $ensure, + mode => '0644', + owner => 'root', + group => 'root', + path => "/etc/sysconfig/network/ifroute-${name}", + content => template('network/legacy/route-Suse.erb'), + notify => $::network::manage_config_file_notify, + } + } + 'Debian': { + file { "routeup-${name}": + ensure => $ensure, + mode => '0755', + owner => 'root', + group => 'root', + path => "/etc/network/if-up.d/z90-route-${name}", + content => template('network/legacy/route_up-Debian.erb'), + notify => $::network::manage_config_file_notify, + } + file { "routedown-${name}": + ensure => $ensure, + mode => '0755', + owner => 'root', + group => 'root', + path => "/etc/network/if-down.d/z90-route-${name}", + content => template('network/legacy/route_down-Debian.erb'), + notify => $::network::manage_config_file_notify, + } + } + default: { fail('Operating system not supported') } + } +} # define network::route diff --git a/manifests/legacy/routing_table.pp b/manifests/legacy/routing_table.pp new file mode 100644 index 0000000..79580d0 --- /dev/null +++ b/manifests/legacy/routing_table.pp @@ -0,0 +1,46 @@ +# == Definition: network::routing_table +# +# Configures /etc/iproute2/rt_tables +# +# === Parameters: +# +# $table_id - required +# +# === Actions: +# +# Adds routing table id and name to /etc/iproute2/rt_tables +# +# === Sample Usage: +# +# network::routing_table { 'vlan22': +# table_id => '200', +# } +# +# === Authors: +# +# Marcus Furlong +# + +define network::legacy::routing_table ( + $table_id, + $table = $name + ) { + + if ! defined(Concat['/etc/iproute2/rt_tables']) { + concat { '/etc/iproute2/rt_tables': + owner => 'root', + group => 'root', + mode => '0644', + } + + concat::fragment { 'rt_tables-base': + target => '/etc/iproute2/rt_tables', + source => 'puppet:///modules/network/legacy/rt_tables', + } + } + + concat::fragment { "rt_tables-${table}": + target => '/etc/iproute2/rt_tables', + content => "${table_id}\t${table}\n", + } +} # define network::routing_table diff --git a/manifests/legacy/rule.pp b/manifests/legacy/rule.pp new file mode 100644 index 0000000..e67b698 --- /dev/null +++ b/manifests/legacy/rule.pp @@ -0,0 +1,88 @@ +# == Definition: network::rule +# +# Configures /etc/sysconfig/networking-scripts/rule-$name on RHEL +# +# === Parameters: +# +# $iprule - required +# +# === Actions: +# +# On RHEL +# Deploys /etc/sysconfig/networking-scripts/rule-$name +# +# On Debian +# Deploys 2 files, 1 under /etc/network/if-up.d and 1 in /etc/network/if-down.d +# +# === Sample Usage: +# +# network::rule { 'eth0': +# iprule => ['from 192.168.22.0/24 lookup vlan22', ], +# } +# +# === Authors: +# +# Marcus Furlong +# + +define network::legacy::rule ( + $iprule, + $interface = $name, + $family = undef, + $ensure = 'present' +) { + # Validate our arrays + validate_array($iprule) + + if $family { + validate_array($family) + } + + include ::network + + case $::osfamily { + 'RedHat': { + file { "rule-${interface}": + ensure => present, + owner => root, + group => root, + mode => '0644', + path => "/etc/sysconfig/network-scripts/rule-${interface}", + content => template('network/legacy/rule-RedHat.erb'), + notify => $network::manage_config_file_notify, + } + } + 'Suse': { + file { "ifrule-${interface}": + ensure => present, + owner => root, + group => root, + mode => '0644', + path => "/etc/sysconfig/network/ifrule-${interface}", + content => template('network/legacy/rule-RedHat.erb'), + notify => $network::manage_config_file_notify, + } + } + 'Debian': { + file { "ruleup-${name}": + ensure => $ensure, + mode => '0755', + owner => 'root', + group => 'root', + path => "/etc/network/if-up.d/z90-rule-${name}", + content => template('network/legacy/rule_up-Debian.erb'), + notify => $network::manage_config_file_notify, + } + file { "ruledown-${name}": + ensure => $ensure, + mode => '0755', + owner => 'root', + group => 'root', + path => "/etc/network/if-down.d/z90-rule-${name}", + content => template('network/legacy/rule_down-Debian.erb'), + notify => $network::manage_config_file_notify, + } + } + default: { fail('Operating system not supported') } + } +} # define network::rule diff --git a/manifests/route.pp b/manifests/route.pp index 8f86ad3..b64a37a 100644 --- a/manifests/route.pp +++ b/manifests/route.pp @@ -1,214 +1,9 @@ -# == Definition: network::route +# A description of what this defined type does # -# Based on https://github.com/razorsedge/puppet-network/ route.pp manifest. -# Configures /etc/sysconfig/networking-scripts/route-$name on Rhel -# Adds 2 files on Debian: -# One under /etc/network/if-up.d and -# One in /etc/network/if-down.d +# @summary A short summary of the purpose of this defined type. # -# === Parameters: -# -# $ipaddress - required -# $netmask - required -# $gateway - optional -# $metric - optional -# $mtu - optional -# $scope - optional -# $source - optional -# $table - optional -# $cidr - optional -# -# [*config_file_notify*] -# String. Optional. Default: 'class_default' -# Defines the notify argument of the created file. -# The default special value implies the same behaviour of the main class -# configuration file. Set to undef to remove any notify, or set -# the name(s) of the resources to notify -# -# -# === Actions: -# -# On Rhel -# Deploys 2 files under/etc/sysconfig/network-scripts/, route-$name and route6-$name -# -# On Debian -# Deploy 2 files 1 under /etc/network/if-up.d and 1 in /etc/network/if-down.d -# -# === Sample Usage: -# -# network::route { 'eth0': -# ipaddress => [ '192.168.17.0', ], -# netmask => [ '255.255.255.0', ], -# gateway => [ '192.168.17.250', ], -# } -# -# network::route { 'bond2': -# ipaddress => [ '192.168.2.0', '10.0.0.0', '::', ], -# netmask => [ '255.255.255.0', '255.0.0.0', '0', ], -# gateway => [ '192.168.1.1', '10.0.0.1', 'fd00::1', ], -# family => [ 'inet4', 'inet4', 'inet6', ], -# } -# -# Note that for the familiy parameter, everything else than "inet6" will be written -# as an IPv4 route. -# -# A routing table can also be specified for the route: -# -# network::route { 'eth1': -# ipaddress => [ '192.168.3.0', ], -# netmask => [ '255.255.255.0', ], -# gateway => [ '192.168.3.1', ], -# table => [ 'vlan22' ], -# } -# -# If adding routes to a routing table on an interface with multiple routes, it -# is necessary to specify false or 'main' for the table on the other routes. -# The 'main' routing table is where routes are added by default. -# -# The same applies if adding scope, source or gateway, i.e. false needs to be -# specified for those routes without values for those parameters, if defining -# multiple routes for the same interface. -# -# The first two routes in the following example are functionally equivalent to -# the routes added in the example above for bond2. -# -# network::route { 'bond2': -# ipaddress => [ '192.168.2.0', '10.0.0.0', '0.0.0.0', '192.168.3.0' ] -# netmask => [ '255.255.255.0', '255.0.0.0', '0.0.0.0', '255.255.255.0' ], -# gateway => [ '192.168.1.1', '10.0.0.1', '192.168.3.1', false ], -# scope => [ false, false, false, 'link', ], -# source => [ false, false, false, '192.168.3.10', ], -# table => [ false, false, 'vlan22' 'vlan22', ], -# } -# -# The second two routes yield the following routes in table vlan22: -# -# # ip route show table vlan22 -# default via 192.168.3.1 dev bond2 -# 192.168.3.0/255.255.255.0 dev bond2 scope link src 192.168.3.10 -# -# Normally the link level routing (192.168.3.0/255.255.255.0) is added -# automatically by the kernel when an interface is brought up. When using routing -# rules and routing tables, this does not happen, so this route must be added -# manually. -# -# -# === Authors: -# -# Mike Arnold -# Riccardo Capecchi -# -# === Copyright: -# -# Copyright (C) 2011 Mike Arnold, unless otherwise noted. -# -define network::route ( - $ipaddress, - $netmask, - $gateway = undef, - $metric = undef, - $mtu = undef, - $scope = undef, - $source = undef, - $table = undef, - $cidr = undef, - $family = [ 'inet4' ], - $interface = $name, - $ensure = 'present' +# @example +# network::route { 'namevar': } +define network::route( ) { - # Validate our arrays - validate_array($ipaddress) - validate_array($netmask) - - if $gateway { - validate_array($gateway) - } - - if $metric { - validate_array($metric) - } - - if $mtu { - validate_integer($mtu) - } - - if $scope { - validate_array($scope) - } - - if $source { - validate_array($source) - } - - if $table { - validate_array($table) - } - - if $cidr { - validate_array($cidr) - $_cidr = $cidr - } else { - $_cidr = build_cidr_array($netmask) - } - - if $family { - validate_array($family) - } - - include ::network - - case $::osfamily { - 'RedHat': { - file { "route-${name}": - ensure => $ensure, - mode => '0644', - owner => 'root', - group => 'root', - path => "/etc/sysconfig/network-scripts/route-${name}", - content => template('network/route-RedHat.erb'), - notify => $network::manage_config_file_notify, - } - file { "route6-${name}": - ensure => $ensure, - mode => '0644', - owner => 'root', - group => 'root', - path => "/etc/sysconfig/network-scripts/route6-${name}", - content => template('network/route6-RedHat.erb'), - notify => $network::manage_config_file_notify, - } - } - 'Suse': { - file { "ifroute-${name}": - ensure => $ensure, - mode => '0644', - owner => 'root', - group => 'root', - path => "/etc/sysconfig/network/ifroute-${name}", - content => template('network/route-Suse.erb'), - notify => $network::manage_config_file_notify, - } - } - 'Debian': { - file { "routeup-${name}": - ensure => $ensure, - mode => '0755', - owner => 'root', - group => 'root', - path => "/etc/network/if-up.d/z90-route-${name}", - content => template('network/route_up-Debian.erb'), - notify => $network::manage_config_file_notify, - } - file { "routedown-${name}": - ensure => $ensure, - mode => '0755', - owner => 'root', - group => 'root', - path => "/etc/network/if-down.d/z90-route-${name}", - content => template('network/route_down-Debian.erb'), - notify => $network::manage_config_file_notify, - } - } - default: { fail('Operating system not supported') } - } -} # define network::route +} diff --git a/manifests/routing_table.pp b/manifests/routing_table.pp index 07a106f..03ce4de 100644 --- a/manifests/routing_table.pp +++ b/manifests/routing_table.pp @@ -1,46 +1,9 @@ -# == Definition: network::routing_table +# A description of what this defined type does # -# Configures /etc/iproute2/rt_tables +# @summary A short summary of the purpose of this defined type. # -# === Parameters: -# -# $table_id - required -# -# === Actions: -# -# Adds routing table id and name to /etc/iproute2/rt_tables -# -# === Sample Usage: -# -# network::routing_table { 'vlan22': -# table_id => '200', -# } -# -# === Authors: -# -# Marcus Furlong -# - -define network::routing_table ( - $table_id, - $table = $name - ) { - - if ! defined(Concat['/etc/iproute2/rt_tables']) { - concat { '/etc/iproute2/rt_tables': - owner => 'root', - group => 'root', - mode => '0644', - } - - concat::fragment { 'rt_tables-base': - target => '/etc/iproute2/rt_tables', - source => 'puppet:///modules/network/rt_tables', - } - } - - concat::fragment { "rt_tables-${table}": - target => '/etc/iproute2/rt_tables', - content => "${table_id}\t${table}\n", - } -} # define network::routing_table +# @example +# network::routing_table { 'namevar': } +define network::routing_table( +) { +} diff --git a/manifests/rule.pp b/manifests/rule.pp index ba22f4a..f17971e 100644 --- a/manifests/rule.pp +++ b/manifests/rule.pp @@ -1,88 +1,9 @@ -# == Definition: network::rule +# A description of what this defined type does # -# Configures /etc/sysconfig/networking-scripts/rule-$name on RHEL +# @summary A short summary of the purpose of this defined type. # -# === Parameters: -# -# $iprule - required -# -# === Actions: -# -# On RHEL -# Deploys /etc/sysconfig/networking-scripts/rule-$name -# -# On Debian -# Deploys 2 files, 1 under /etc/network/if-up.d and 1 in /etc/network/if-down.d -# -# === Sample Usage: -# -# network::rule { 'eth0': -# iprule => ['from 192.168.22.0/24 lookup vlan22', ], -# } -# -# === Authors: -# -# Marcus Furlong -# - -define network::rule ( - $iprule, - $interface = $name, - $family = undef, - $ensure = 'present' +# @example +# network::rule { 'namevar': } +define network::rule( ) { - # Validate our arrays - validate_array($iprule) - - if $family { - validate_array($family) - } - - include ::network - - case $::osfamily { - 'RedHat': { - file { "rule-${interface}": - ensure => present, - owner => root, - group => root, - mode => '0644', - path => "/etc/sysconfig/network-scripts/rule-${interface}", - content => template('network/rule-RedHat.erb'), - notify => $network::manage_config_file_notify, - } - } - 'Suse': { - file { "ifrule-${interface}": - ensure => present, - owner => root, - group => root, - mode => '0644', - path => "/etc/sysconfig/network/ifrule-${interface}", - content => template('network/rule-RedHat.erb'), - notify => $network::manage_config_file_notify, - } - } - 'Debian': { - file { "ruleup-${name}": - ensure => $ensure, - mode => '0755', - owner => 'root', - group => 'root', - path => "/etc/network/if-up.d/z90-rule-${name}", - content => template('network/rule_up-Debian.erb'), - notify => $network::manage_config_file_notify, - } - file { "ruledown-${name}": - ensure => $ensure, - mode => '0755', - owner => 'root', - group => 'root', - path => "/etc/network/if-down.d/z90-rule-${name}", - content => template('network/rule_down-Debian.erb'), - notify => $network::manage_config_file_notify, - } - } - default: { fail('Operating system not supported') } - } -} # define network::rule +} diff --git a/templates/interface/Debian.epp b/templates/interface/Debian.epp new file mode 100644 index 0000000..b6a22c8 --- /dev/null +++ b/templates/interface/Debian.epp @@ -0,0 +1,9 @@ +# Interface <%= $interface %> managed by Puppet +# <%= $description %> +<% if $options['auto'] -%> +auto <%= $interface %> +<% end -%> +<%= $stanza %> <%= $interface %> <%= $family %> <%= $manage_method %> +<% $settings.each | $k,$v | { -%> + <%= $k %> <%= $v %> +<% end -%> diff --git a/templates/interface/RedHat.epp b/templates/interface/RedHat.epp new file mode 100644 index 0000000..3da3c07 --- /dev/null +++ b/templates/interface/RedHat.epp @@ -0,0 +1,10 @@ +# Interface <%= $interface %> managed by Puppet +# <%= $description %> +<% $settings.each | $k,$v | { -%> +<%= $k %>=<%= $v %> +<% } -%> +<% if $options['check_link_down'] { -%> +check_link_down() { + return 1; +} +<% } -%> diff --git a/templates/interface/Solaris.epp b/templates/interface/Solaris.epp new file mode 100644 index 0000000..a55a091 --- /dev/null +++ b/templates/interface/Solaris.epp @@ -0,0 +1,2 @@ +# File managed by Puppet +<%= $ipv4_address %> netmask <%= $ipv4_netmask %> diff --git a/templates/interface/Suse.epp b/templates/interface/Suse.epp new file mode 100644 index 0000000..a30c7e0 --- /dev/null +++ b/templates/interface/Suse.epp @@ -0,0 +1,5 @@ +# Interface <%= $interface %> managed by Puppet +# <%= $description %> +<% $settings.each | $k,$v | { -%> +<%= $k %>=<%= $v %> +<% } -%> diff --git a/templates/legacy/hostname-Debian.erb b/templates/legacy/hostname-Debian.erb new file mode 100644 index 0000000..a837783 --- /dev/null +++ b/templates/legacy/hostname-Debian.erb @@ -0,0 +1 @@ +<%= @manage_hostname.split('.').first %> diff --git a/templates/legacy/hostname-RedHat.erb b/templates/legacy/hostname-RedHat.erb new file mode 100644 index 0000000..ba0a82b --- /dev/null +++ b/templates/legacy/hostname-RedHat.erb @@ -0,0 +1,13 @@ +# File Managed by Puppet +NETWORKING="yes" +<% if @gateway -%> +GATEWAY="<%= @gateway %>" +<% end -%> +<% if @nozeroconf -%> +NOZEROCONF="<%= @nozeroconf %>" +<% end -%> +<% if @ipv6enable -%> +NETWORKING_IPV6="<%= @ipv6enable %>" +IPV6INIT="<%= @ipv6enable %>" +<% end -%> +HOSTNAME="<%= @manage_hostname.split('.').first %>" diff --git a/templates/legacy/interface/Debian.erb b/templates/legacy/interface/Debian.erb new file mode 100644 index 0000000..bddd909 --- /dev/null +++ b/templates/legacy/interface/Debian.erb @@ -0,0 +1,317 @@ +# Interface <%= @name %> +<% if @description and ! @description.empty? -%> +# <%= @description %> +<% end -%> +<% if @auto -%> +auto <%= @interface %> +<% end -%> +<% if @allow_hotplug -%> +allow-hotplug <%= @interface %> +<% end -%> +<%= @stanza %> <%= @interface %> <%= @family %> <%= @manage_method %> +<% if @manage_address and ! @manage_address.empty? -%> + address <%= @manage_address %> +<% end -%> +<% if @manage_hwaddr -%> + hwaddress <%= @manage_hwaddr %> +<% end -%> +<% if @netmask -%> + netmask <%= @netmask %> +<% end -%> +<% if @network -%> + network <%= @network %> +<% end -%> +<% if @broadcast -%> + broadcast <%= @broadcast %> +<% end -%> +<% if @metric -%> + metric <%= @metric %> +<% end -%> +<% if @pointopoint -%> + pointopoint <%= @pointopoint %> +<% end -%> +<% if @mtu -%> + mtu <%= @mtu %> +<% end -%> +<% if @dns_nameservers -%> + dns-nameservers <%= @dns_nameservers %> +<% end -%> +<% if @dns_search -%> + dns-search <%= @dns_search %> +<% end -%> +<% if @gateway -%> + gateway <%= @gateway %> +<% end -%> +<% if @hostname -%> + hostname <%= @hostname %> +<% end -%> +<% if @leasehours -%> + leasehours <%= @leasehours %> +<% end -%> +<% if @leasetime -%> + leasetime <%= @leasetime %> +<% end -%> +<% if @client -%> + client <%= @client %> +<% end -%> +<% if @bootfile -%> + hostname <%= @bootfile %> +<% end -%> +<% if @server -%> + server <%= @server %> +<% end -%> +<% if @mode -%> + mode <%= @mode %> +<% end -%> +<% if @endpoint -%> + endpoint <%= @endpoint %> +<% end -%> +<% if @dstaddr -%> + dstaddr <%= @dstaddr %> +<% end -%> +<% if @local -%> + local <%= @local %> +<% end -%> +<% if @ttl -%> + ttl <%= @ttl %> +<% end -%> +<% if @provider -%> + provider <%= @provider %> +<% end -%> +<% if @unit -%> + unit <%= @unit %> +<% end -%> +<% if @options -%> + options <%= @options %> +<% end -%> +<% if @privext -%> + privext <%= @privext %> +<% end -%> +<% if @dhcp -%> + dhcp <%= @dhcp %> +<% end -%> +<% if @media -%> + media <%= @media %> +<% end -%> +<% if @accept_ra -%> + accept_ra <%= @accept_ra %> +<% end -%> +<% if @autoconf -%> + autoconf <%= @autoconf %> +<% end -%> +<% if @vlan_raw_device -%> + vlan-raw-device <%= @vlan_raw_device %> +<% end -%> +<% if @additional_networks -%> +<% if @additional_networks.is_a? Array -%> +<% @additional_networks.each do |val| -%> + up ip addr add <%= val %> dev <%= @interface %> + down ip addr del <%= val %> dev <%= @interface %> +<% end -%> +<% else -%> + up ip addr add <%= @additional_networks %> dev <%= @interface %> + down ip addr del <%= @additional_networks %> dev <%= @interface %> +<% end -%> +<% end -%> +<% if @peer_outer_ipaddr then -%> + up ip link set <%= @interface %> multicast on + pre-up ip tunnel add <%= @interface %> mode gre remote <%= @peer_outer_ipaddr %><% if @my_outer_ipaddr then %> local <%= @my_outer_ipaddr %><% end %> ttl 255 +<% if @peer_inner_ipaddr -%> + pointopoint <%= @peer_inner_ipaddr %> +<% end -%> + post-down ip tunnel del <%= @interface %> +<% end -%> +<% if @nonlocal_gateway -%> + post-up ip route add <%= @nonlocal_gateway %> dev <%= @interface %> + post-up ip route add default via <%= @nonlocal_gateway %> dev <%= @interface %> + pre-down ip route del default via <%= @nonlocal_gateway %> dev <%= @interface %> + pre-down ip route del <%= @nonlocal_gateway %> dev <%= @interface %> +<% end -%> +<% if @up.length > 0 then -%> +<% @up.each do |script| -%> + up <%= script %> +<% end -%> +<% end -%> +<% if @pre_up.length > 0 then -%> +<% @pre_up.each do |script| -%> + pre-up <%= script %> +<% end -%> +<% end -%> +<% if @post_up.length > 0 then -%> +<% @post_up.each do |script| -%> + post-up <%= script %> +<% end -%> +<% end -%> +<% if @down.length > 0 then -%> +<% @down.each do |script| -%> + down <%= script %> +<% end -%> +<% end -%> +<% if @pre_down.length > 0 then -%> +<% @pre_down.each do |script| -%> + pre-down <%= script %> +<% end -%> +<% end -%> +<% if @post_down.length > 0 then -%> +<% @post_down.each do |script| -%> + post-down <%= script %> +<% end -%> +<% end -%> +<% if @slaves.size > 0 then -%> + slaves <%= @slaves.join(' ') %> +<% end -%> +<% if @bond_mode -%> + bond-mode <%= @bond_mode %> +<% end -%> +<% if @bond_miimon -%> + bond-miimon <%= @bond_miimon %> +<% end -%> +<% if @bond_lacp_rate -%> + bond-lacp-rate <%= @bond_lacp_rate %> +<% end -%> +<% if @bond_num_grat_arp -%> + bond-num_grat_arp <%= @bond_num_grat_arp %> +<% end -%> +<% if @bond_downdelay -%> + bond-downdelay <%= @bond_downdelay %> +<% end -%> +<% if @bond_updelay -%> + bond-updelay <%= @bond_updelay %> +<% end -%> +<% if @bond_arp_all -%> + arp_all_targets <%= @bond_arp_all %> +<% end -%> +<% if @bond_arp_interval -%> + arp_interval <%= @bond_arp_interval %> +<% end -%> +<% if @bond_arp_iptarget -%> + arp_ip_target <%= @bond_arp_iptarget.join(',') %> +<% end -%> +<% if @bond_fail_over_mac -%> + fail_over_mac <%= @bond_fail_over_mac %> +<% end -%> +<% if @bond_master -%> + bond-master <%= @bond_master %> +<% end -%> +<% if @bond_primary -%> + bond-primary <%= @bond_primary %> +<% end -%> +<% if @bond_slaves.size > 0 then -%> + bond-slaves <%= @bond_slaves.join(' ') %> +<% end -%> +<% if @bridge_ports.size > 0 then -%> + bridge_ports <%= @bridge_ports.join(' ') %> +<% end -%> +<% if @bridge_stp -%> + bridge_stp <%= @bridge_stp %> +<% end -%> +<% if @bridge_fd -%> + bridge_fd <%= @bridge_fd %> +<% end -%> +<% if @bridge_maxwait -%> + bridge_maxwait <%= @bridge_maxwait %> +<% end -%> +<% if @bridge_waitport -%> + bridge_waitport <%= @bridge_waitport %> +<% end -%> +<% if @bond_xmit_hash_policy -%> + bond_xmit_hash_policy <%= @bond_xmit_hash_policy %> +<% end -%> +<% if @bond_ad_select -%> + bond-ad-select <%= @bond_ad_select %> +<% end -%> +<% if @use_carrier -%> + use_carrier <%= @use_carrier %> +<% end -%> +<% if @primary_reselect -%> + primary_reselect <%= @primary_reselect %> +<% end -%> +<% if @wpa_ssid -%> + wpa-ssid <%= @wpa_ssid %> +<% end -%> +<% if @wpa_bssid -%> + wpa-bssid <%= @wpa_bssid %> +<% end -%> +<% if @wpa_psk -%> + wpa-psk <%= @wpa_psk %> +<% end -%> +<% if @wpa_key_mgmt.size > 0 then -%> + wpa-key-mgmt <%= @wpa_key_mgmt.join(' ') %> +<% end -%> +<% if @wpa_group.size > 0 then -%> + wpa-group <%= @wpa_group.join(' ') %> +<% end -%> +<% if @wpa_pairwise.size > 0 then -%> + wpa-pairwise <%= @wpa_pairwise.join(' ') %> +<% end -%> +<% if @wpa_auth_alg.size > 0 then -%> + wpa-auth-alg <%= @wpa_auth_alg.join(' ') %> +<% end -%> +<% if @wpa_proto.size > 0 then -%> + wpa-proto <%= @wpa_proto.join(' ') %> +<% end -%> +<% if @wpa_identity -%> + wpa-identity <%= @wpa_identity %> +<% end -%> +<% if @wpa_password -%> + wpa-password <%= @wpa_password %> +<% end -%> +<% if @wpa_scan_ssid -%> + wpa-scan-ssid <%= @wpa_scan_ssid %> +<% end -%> +<% if @wpa_ap_scan -%> + wpa-ap-scan <%= @wpa_ap_scan %> +<% end -%> +<% if @vrf -%> + vrf <%= @vrf %> +<% end -%> +<% if @vrf_table -%> + vrf-table <%= @vrf_table %> +<% end -%> +<% if @ovs_bridge -%> + ovs_bridge <%= @ovs_bridge %> +<% end -%> +<% if @ovs_ports -%> + ovs_ports <%= @ovs_ports %> +<% end -%> +<% if @ovs_type -%> + ovs_type <%= @ovs_type %> +<% end -%> +<% if @ovs_bonds -%> + ovs_bonds <%= @ovs_bonds %> +<% end -%> +<% if @ovs_patch_peer -%> + ovs_patch_peer <%= @ovs_patch_peer %> +<% end -%> +<% if @ovs_tunnel_type -%> + ovs_tunnel_type <%= @ovs_tunnel_type %> +<% end -%> +<% if @ovs_tunnel_options -%> + ovs_tunnel_options <%= @ovs_tunnel_options %> +<% end -%> +<% if @ovs_options -%> + ovs_options <%= @ovs_options %> +<% end -%> +<% if @ovs_extra -%> + ovs_extra <%= @ovs_extra %> +<% end -%> +<% if @aliases -%> +<% if @aliases.is_a? Array -%> +<% @aliases.each_with_index do |val, idx| %> +<% if @auto -%> +auto <%= @interface %>:<%= idx %> +<% end -%> +<%= @stanza %> <%= @interface %>:<%= idx %> <%= @family %> static + address <%= val %> + netmask 255.255.255.255 +<% end -%> +<% else -%> +<% if @auto -%> +auto <%= @interface %>:0 +<% end -%> +<%= @stanza %> <%= @interface %>:0 <%= @family %> static + address <%= @aliases %> + netmask 255.255.255.255 +<% end -%> +<% end -%> + diff --git a/templates/legacy/interface/RedHat.erb b/templates/legacy/interface/RedHat.erb new file mode 100644 index 0000000..d9b4cb6 --- /dev/null +++ b/templates/legacy/interface/RedHat.erb @@ -0,0 +1,224 @@ +# File Managed by Puppet +<% if @description and ! @description.empty? -%> +# <%= @description %> +<% end -%> +DEVICE="<%= @interface %>" +<% if ! @ovsbootproto -%> +BOOTPROTO="<%= @manage_bootproto %>" +<% end -%> +ONBOOT="<%= @manage_onboot %>" +TYPE="<%= @type %>" +USERCTL="<%= @userctl %>" +PEERDNS="<%= @manage_peerdns %>" +PEERNTP="<%= @manage_peerntp %>" +<% if @peer_outer_ipaddr -%> +PEER_OUTER_IPADDR=<%= @peer_outer_ipaddr %> +<% end -%> +<% if @peer_inner_ipaddr-%> +PEER_INNER_IPADDR=<%= @peer_inner_ipaddr %> +<% end -%> +<% if @my_outer_ipaddr -%> +MY_OUTER_IPADDR=<%= @my_outer_ipaddr %> +<% end -%> +<% if @my_inner_ipaddr -%> +MY_INNER_IPADDR=<%= @my_inner_ipaddr %> +<% end -%> +<% if @uuid -%> +UUID="<%= @uuid %>" +<% end -%> +<% if @ethtool_opts -%> +ETHTOOL_OPTS="<%= @ethtool_opts %>" +<% end -%> +<% if @subchannels -%> +SUBCHANNELS="<%= @subchannels.sort.join(',') %>" +<% end -%> +<% if @layer2 -%> +LAYER2="<%= @layer2 %>" +<% end -%> +<% if @nettype -%> +NETTYPE="<%= @nettype %>" +<% end -%> +<% if @zlinux_options -%> +OPTIONS="<%= @zlinux_options %>" +<% end -%> +<% if @manage_ipaddr and ! @manage_ipaddr.empty? -%> +<% if @ipaddress.kind_of?(Array) -%> +<%- (1..(@ipaddress.length)).each do |id| -%> +IPADDR<%= id %>="<%= @ipaddress[id-1] %>" +<% end -%> +<% else -%> +IPADDR="<%= @manage_ipaddr %>" +<% end -%> +<% end -%> +<% if @netmask -%> +<% if @ipaddress.kind_of?(Array) -%> +<% if @netmask.kind_of?(Array) -%> +<%- (1..(@netmask.length)).each do |id| -%> +NETMASK<%= id %>="<%= @netmask[id-1] %>" +<% end -%> +<% else -%> +<%- (1..(@ipaddress.length)).each do |id| -%> +NETMASK<%= id %>="<%= @netmask %>" +<% end -%> +<% end -%> +<% else -%> +NETMASK="<%= @netmask %>" +<% end -%> +<% end -%> +<% if @broadcast -%> +BROADCAST="<%= @broadcast %>" +<% end -%> +<% if @gateway -%> +<% if @ipaddress.kind_of?(Array) -%> +GATEWAY1="<%= @gateway %>" +<% else -%> +GATEWAY="<%= @gateway %>" +<% end -%> +<% end -%> +<% if @manage_defroute -%> +DEFROUTE="<%= @manage_defroute %>" +<% end -%> +<% if @manage_hwaddr -%> +HWADDR="<%= @manage_hwaddr %>" +<% end -%> +<% if @ipv6init -%> +IPV6INIT="<%= @ipv6init %>" +<% end -%> +<% if @ipv6_autoconf -%> +IPV6_AUTOCONF="<%= @ipv6_autoconf %>" +<% end -%> +<% if @ipv6addr -%> +IPV6ADDR="<%= @ipv6addr %>" +<% end -%> +<% if @ipv6_defaultgw -%> +IPV6_DEFAULTGW="<%= @ipv6_defaultgw %>" +<% end -%> +<% if @dhcp_hostname -%> +DHCP_HOSTNAME="<%= @dhcp_hostname %>" +<% end -%> +<% if @srcaddr -%> +SRCADDR="<%= @srcaddr %>" +<% end -%> +<% if @dns1 -%> +DNS1="<%= @dns1 %>" +<% end -%> +<% if @dns2 -%> +DNS2="<%= @dns2 %>" +<% end -%> +<% if @domain -%> +DOMAIN="<%= @domain %>" +<% end -%> +<% if @nm_controlled -%> +NM_CONTROLLED="<%= @nm_controlled %>" +<% end -%> +<% if @master -%> +MASTER="<%= @master %>" +<% end -%> +<% if @slave -%> +SLAVE="<%= @slave %>" +<% end -%> +<% if @bonding_master -%> +BONDING_MASTER="<%= @bonding_master %>" +<% end -%> +<% if @bonding_opts -%> +BONDING_OPTS="<%= @bonding_opts %>" +<% else -%> +<% if @bond_mode or @bond_miimon -%> +BONDING_OPTS="<%- if @bond_mode -%>mode=<%= @bond_mode %><%- end -%><%- if @bond_miimon -%> miimon=<%= @bond_miimon %><%- end -%>" +<% end -%> +<% end -%> +<% if @team_config -%> +TEAM_CONFIG='<%= @team_config -%>' +<% end -%> +<% if @team_master -%> +TEAM_MASTER=<%= @team_master %> +<% end -%> +<% if @team_port_config -%> +TEAM_PORT_CONFIG='<%= @team_port_config %>' +<% end -%> +<% if @mtu -%> +MTU="<%= @mtu %>" +<% end -%> +<% if @vlan -%> +VLAN="<%= @vlan %>" +<% end -%> +<% if @vlan_id -%> +VLAN_ID="<%= @vlan_id %>" +<% end -%> +<% if @vlan_name_type -%> +VLAN_NAME_TYPE="<%= @vlan_name_type %>" +<% end -%> +<% if @physdev -%> +PHYSDEV="<%= @physdev %>" +<% end -%> +<% if @bridge -%> +BRIDGE="<%= @bridge %>" +<% end -%> +<% if @bridge_stp -%> +STP="<%= @bridge_stp %>" +<% end -%> +<% if @arpcheck -%> +ARPCHECK="<%= @arpcheck %>" +<% end -%> +<% if @arp -%> +ARP="<%= @arp %>" +<% end -%> +<% if @zone -%> +ZONE="<%= @zone %>" +<% end -%> +<% if @onparent-%> +ONPARENT="<%= @onparent %>" +<% end -%> +<% if @nozeroconf -%> +NOZEROCONF="<%= @nozeroconf %>" +<% end -%> +<% if @linkdelay -%> +LINKDELAY="<%= @linkdelay %>" +<% end -%> +<% if @hotplug -%> +HOTPLUG="<%= @hotplug %>" +<% end -%> +<% if @persistent_dhclient -%> +PERSISTENT_DHCLIENT="<%= @persistent_dhclient %>" +<% end -%> +<% if @devicetype -%> +DEVICETYPE="<%= @devicetype %>" +<% end -%> +<% if @ovs_bridge -%> +OVS_BRIDGE="<%= @ovs_bridge %>" +<% end -%> +<% if @bond_ifaces -%> +BOND_IFACES="<%= @bond_ifaces %>" +<% end -%> +<% if @ovs_extra -%> +OVS_EXTRA="<%= @ovs_extra %>" +<% end -%> +<% if @ovs_options -%> +OVS_OPTIONS="<%= @ovs_options %>" +<% end -%> +<% if @ovs_patch_peer -%> +OVS_PATCH_PEER="<%= @ovs_patch_peer %>" +<% end -%> +<% if @ovs_tunnel_type -%> +OVS_TUNNEL_TYPE="<%= @ovs_tunnel_type %>" +<% end -%> +<% if @ovs_tunnel_options -%> +OVS_TUNNEL_OPTIONS="<%= @ovs_tunnel_options %>" +<% end -%> +<% if @ovsdhcpinterfaces -%> +OVSDHCPINTERFACES="<%= @ovsdhcpinterfaces %>" +<% end -%> +<% if @ovsbootproto -%> +OVSBOOTPROTO="<%= @ovsbootproto %>" +<% end -%> +<% if @ovsrequires -%> +OVSREQUIRES="<%= @ovsrequires %>" +<% end -%> +<% if @nm_name -%> +NAME="<%= @nm_name %>" +<% end -%> +<% if @check_link_down == true -%> +check_link_down() { + return 1; +} +<% end -%> diff --git a/templates/legacy/interface/Suse.erb b/templates/legacy/interface/Suse.erb new file mode 100644 index 0000000..3f64a3a --- /dev/null +++ b/templates/legacy/interface/Suse.erb @@ -0,0 +1,97 @@ +# File Managed by Puppet +<% if @description and ! @description.empty? -%> +# <%= @description %> +<% end -%> +BOOTPROTO="<%= @manage_bootproto %>" +STARTMODE="<%= @manage_startmode %>" +USERCONTROL="<%= @usercontrol %>" +<% if @etherdevice -%> +ETHERDEVICE="<%= @etherdevice %>" +<% end -%> +<% if @ethtool_opts -%> +ETHTOOL_OPTIONS="<%= @ethtool_opts %>" +<% end -%> +<% if @manage_ipaddr and ! @manage_ipaddr.empty? -%> +IPADDR="<%= @manage_ipaddr %>" +<% end -%> +<% if @netmask -%> +NETMASK="<%= @netmask %>" +<% end -%> +<% if @network -%> +NETWORK="<%= @network %>" +<% end -%> +<% if @broadcast -%> +BROADCAST="<%= @broadcast %>" +<% end -%> +<% if @gateway -%> +GATEWAY="<%= @gateway %>" +<% end -%> +<% if @mtu -%> +MTU="<%= @mtu %>" +<% end -%> +<% if @vlan -%> +VLAN_ID="<%= @vlan %>" +<% end -%> +<% if @manage_hwaddr -%> +LLADDR="<%= @manage_hwaddr %>" +<% end -%> +<% if @bridge -%> +BRIDGE="<%= @bridge %>" +<% end -%> +<% if @bridge_fwddelay -%> +BRIDGE_FORWARDDELAY="<%= @bridge_fwddelay %>" +<% end -%> +<% if @bridge_ports.size > 0 then -%> +BRIDGE_PORTS="<%= @bridge_ports.join(' ') %>" +<% end -%> +<% if @bridge_stp -%> +BRIDGE_STP="<%= @bridge_stp %>" +<% end -%> +<% if @bond_master -%> +BONDING_MASTER="<%= @bond_master %>" +<% end -%> +<% if @bond_moduleopts -%> +BONDING_MODULE_OPTS="<%= @bond_moduleopts %>" +<% end -%> +<% if @bond_slaves -%> + <%- if @bond_slaves.is_a? Array -%> + <%- @bond_slaves.each_with_index do |slave,idx| -%> +BONDING_SLAVE<%= idx %>="<%= slave %>" + <%- end -%> + <%- else -%> +BONDING_SLAVE0="<%= @bond_slaves %>" + <%- end -%> +<% end -%> +<% if @aliases -%> + <%- if @aliases.is_a? Array -%> + <%- @aliases.each_with_index do |val,idx| -%> +IPADDR_<%= idx %>="<%= val %>" + <%- end -%> + <%- else -%> +IPADDR_0="<%= @aliases %>" + <%- end -%> +<% end -%> +<% if @firewall -%> +FIREWALL="<%= @firewall %>" +<% end -%> +<% if @remote_ipaddr -%> +REMOTE_IPADDR="<%= @remote_ipaddr %>" +<% end -%> +<% if @check_duplicate_ip -%> +CHECK_DUPLICATE_IP="<%= @check_duplicate_ip %>" +<% end -%> +<% if @send_gratuitous_arp -%> +SEND_GRATUITOUS_ARP="<%= @send_gratuitous_arp %>" +<% end -%> +<% if @pre_up_script -%> +PRE_UP_SCRIPT="<%= @pre_up_script %>" +<% end -%> +<% if @post_up_script -%> +POST_UP_SCRIPT="<%= @post_up_script %>" +<% end -%> +<% if @pre_down_script -%> +PRE_DOWN_SCRIPT="<%= @pre_down_script %>" +<% end -%> +<% if @post_down_script -%> +POST_DOWN_SCRIPT="<%= @post_down_script %>" +<% end -%> diff --git a/templates/legacy/mroute-RedHat.erb b/templates/legacy/mroute-RedHat.erb new file mode 100644 index 0000000..eb2069e --- /dev/null +++ b/templates/legacy/mroute-RedHat.erb @@ -0,0 +1,6 @@ +### +### File managed by Puppet +### +<% @routes.each do |net,gw| -%> +<%= net %> <% if /^\d/.match(gw) %>via<% else %>dev<% end %> <%= gw %> +<% end -%> diff --git a/templates/legacy/mroute-SuSE.erb b/templates/legacy/mroute-SuSE.erb new file mode 100644 index 0000000..428daaa --- /dev/null +++ b/templates/legacy/mroute-SuSE.erb @@ -0,0 +1,6 @@ +### +### File managed by Puppet +### +<% @routes.each do |net,gw| -%> +<%= net %> <%= gw %> - +<% end -%> diff --git a/templates/legacy/mroute_down-Debian.erb b/templates/legacy/mroute_down-Debian.erb new file mode 100644 index 0000000..511ce05 --- /dev/null +++ b/templates/legacy/mroute_down-Debian.erb @@ -0,0 +1,13 @@ +#!/bin/bash +# +### +### File managed by Puppet +### +if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then +<% @routes.each do |net,gw| -%> + if ip route show | grep -qF "<%= net %> " + then + ip route del <%= net %> <% if /^\d/.match(gw) %>via<% else %>dev<% end %> <%= gw %> + fi +<% end -%> +fi diff --git a/templates/legacy/mroute_up-Debian.erb b/templates/legacy/mroute_up-Debian.erb new file mode 100644 index 0000000..78be710 --- /dev/null +++ b/templates/legacy/mroute_up-Debian.erb @@ -0,0 +1,13 @@ +#!/bin/bash +# +### +### File managed by Puppet +### +if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then +<% @routes.each do |net,gw| -%> + if ! ip route show | grep -qF "<%= net %> " + then + ip route add <%= net %> <% if /^\d/.match(gw) %>via<% else %>dev<% end %> <%= gw %> + fi +<% end -%> +fi diff --git a/templates/legacy/route-RedHat.erb b/templates/legacy/route-RedHat.erb new file mode 100644 index 0000000..b7081b8 --- /dev/null +++ b/templates/legacy/route-RedHat.erb @@ -0,0 +1,6 @@ +### +### File managed by Puppet +### +<%- (0..(@ipaddress.length-1)).each do |id| -%> +<%- if @family and @family[id] != 'inet6' -%><%= @ipaddress[id] %>/<%= @netmask[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %><%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> +<%- end -%><%- end %> diff --git a/templates/legacy/route-Suse.erb b/templates/legacy/route-Suse.erb new file mode 100644 index 0000000..39bd9dd --- /dev/null +++ b/templates/legacy/route-Suse.erb @@ -0,0 +1,6 @@ +### +#### File managed by Puppet +#### +<%- (0..(@ipaddress.length-1)).each do |id| -%> +<%= @ipaddress[id] %><%- if @gateway and @gateway[id] -%> <%= @gateway[id] %><%- else -%> -<%- end -%> <%= @netmask[id] %> <%= @interface %><%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> +<%- end %> diff --git a/templates/legacy/route6-RedHat.erb b/templates/legacy/route6-RedHat.erb new file mode 100644 index 0000000..f460900 --- /dev/null +++ b/templates/legacy/route6-RedHat.erb @@ -0,0 +1,6 @@ +### +### File managed by Puppet +### +<%- (0..(@ipaddress.length-1)).each do |id| -%> +<%- if @family and @family[id] == 'inet6' -%><%= @ipaddress[id] %>/<%= @netmask[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %><%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %> +<%- end -%><%- end %> diff --git a/templates/legacy/route_down-Debian.erb b/templates/legacy/route_down-Debian.erb new file mode 100644 index 0000000..c3db28f --- /dev/null +++ b/templates/legacy/route_down-Debian.erb @@ -0,0 +1,12 @@ +#!/bin/bash +# +### File managed by Puppet +# +if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then +<%- (0..(@ipaddress.length-1)).each do |id| -%> + if ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route show <%- if @table and @table[id] -%> table <%= @table[id] %><% end %> | grep -qF "<%= @ipaddress[id] %><%- if @_cidr and @_cidr[id] and @_cidr[id] != 32 -%>/<%= @_cidr[id] %><%- end -%> " + then + ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route del <%= @ipaddress[id] %>/<%= @netmask[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %> <%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> + fi +<%- end -%> +fi diff --git a/templates/legacy/route_up-Debian.erb b/templates/legacy/route_up-Debian.erb new file mode 100644 index 0000000..10ddbcd --- /dev/null +++ b/templates/legacy/route_up-Debian.erb @@ -0,0 +1,12 @@ +#!/bin/bash +# +### File managed by Puppet +# +if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then +<%- (0..(@ipaddress.length-1)).each do |id| -%> + if ! ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route show <%- if @table and @table[id] -%> table <%= @table[id] %><% end %> | grep -qF "<%= @ipaddress[id] %><%- if @_cidr and @_cidr[id] and @_cidr[id] != 32 -%>/<%= @_cidr[id] %><%- end -%> " + then + ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route add <%= @ipaddress[id] %>/<%= @netmask[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %> <%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> + fi +<%- end -%> +fi diff --git a/templates/legacy/rule-RedHat.erb b/templates/legacy/rule-RedHat.erb new file mode 100644 index 0000000..0b086a4 --- /dev/null +++ b/templates/legacy/rule-RedHat.erb @@ -0,0 +1,6 @@ +### +### File managed by Puppet +### +<% @iprule.each do |rule| -%> +<%= rule %> +<% end -%> diff --git a/templates/legacy/rule_down-Debian.erb b/templates/legacy/rule_down-Debian.erb new file mode 100644 index 0000000..20e6b15 --- /dev/null +++ b/templates/legacy/rule_down-Debian.erb @@ -0,0 +1,12 @@ +#!/bin/bash +# +### File managed by Puppet +# +if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then +<%- (0..(@iprule.length-1)).each do |id| -%> + if ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> rule show | grep -qF "<%= @iprule[id] %>" + then + ip <%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> rule del <%= @iprule[id] %> + fi +<%- end -%> +fi diff --git a/templates/legacy/rule_up-Debian.erb b/templates/legacy/rule_up-Debian.erb new file mode 100644 index 0000000..0ba92be --- /dev/null +++ b/templates/legacy/rule_up-Debian.erb @@ -0,0 +1,12 @@ +#!/bin/bash +# +### File managed by Puppet +# +if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then +<%- (0..(@iprule.length-1)).each do |id| -%> + if ! ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> rule show | grep -qF "<%= @iprule[id] %>" + then + ip <%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> rule add <%= @iprule[id] %> + fi +<%- end -%> +fi diff --git a/templates/legacy/spec.conf b/templates/legacy/spec.conf new file mode 100644 index 0000000..5cd7291 --- /dev/null +++ b/templates/legacy/spec.conf @@ -0,0 +1,5 @@ +# This is a template used only for rspec tests + +# Custom Options +<%= @config_file_options_hash['opt_a'] %> +<%= @config_file_options_hash['opt_b'] %> From 940dbe547fa5bd5dc93c84e1097d058e08ea73f8 Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Fri, 28 Jun 2019 16:57:15 +0200 Subject: [PATCH 10/21] Refreshed legacy templates to latest versions on master --- templates/legacy/interface/Debian.erb | 6 +++++- templates/legacy/interface/RedHat.erb | 26 +++++++++++++++++++++++++ templates/legacy/interface/Suse.erb | 5 +++++ templates/legacy/mroute-RedHat.erb | 8 +++++++- templates/legacy/mroute_down-Debian.erb | 7 ++++++- templates/legacy/mroute_up-Debian.erb | 7 ++++++- templates/legacy/route-RedHat.erb | 2 +- templates/legacy/route6-RedHat.erb | 2 +- templates/legacy/route_down-Debian.erb | 4 ++-- templates/legacy/route_up-Debian.erb | 4 ++-- templates/legacy/rule-RedHat.erb | 6 ++++-- templates/legacy/rule6-RedHat.erb | 8 ++++++++ 12 files changed, 73 insertions(+), 12 deletions(-) create mode 100644 templates/legacy/rule6-RedHat.erb diff --git a/templates/legacy/interface/Debian.erb b/templates/legacy/interface/Debian.erb index bddd909..6c2b3e3 100644 --- a/templates/legacy/interface/Debian.erb +++ b/templates/legacy/interface/Debian.erb @@ -314,4 +314,8 @@ auto <%= @interface %>:0 netmask 255.255.255.255 <% end -%> <% end -%> - +<% if @options_extra_debian -%> +<% @options_extra_debian.each do |k,v| -%> + <%= k %> <%= v %> +<% end -%> +<% end -%> diff --git a/templates/legacy/interface/RedHat.erb b/templates/legacy/interface/RedHat.erb index d9b4cb6..aba537a 100644 --- a/templates/legacy/interface/RedHat.erb +++ b/templates/legacy/interface/RedHat.erb @@ -65,6 +65,9 @@ NETMASK<%= id %>="<%= @netmask %>" NETMASK="<%= @netmask %>" <% end -%> <% end -%> +<% if @prefix -%> +PREFIX="<%= @prefix %>" +<% end -%> <% if @broadcast -%> BROADCAST="<%= @broadcast %>" <% end -%> @@ -87,9 +90,18 @@ IPV6INIT="<%= @ipv6init %>" <% if @ipv6_autoconf -%> IPV6_AUTOCONF="<%= @ipv6_autoconf %>" <% end -%> +<% if @ipv6_privacy -%> +IPV6_PRIVACY="<%= @ipv6_privacy %>" +<% end -%> +<% if @ipv6_addr_gen_mode -%> +IPV6_ADDR_GEN_MODE="<%= @ipv6_addr_gen_mode %>" +<% end -%> <% if @ipv6addr -%> IPV6ADDR="<%= @ipv6addr %>" <% end -%> +<% unless @ipv6addr_secondaries.empty? -%> +IPV6ADDR_SECONDARIES="<%= @ipv6addr_secondaries.sort.join(' ') %>" +<% end -%> <% if @ipv6_defaultgw -%> IPV6_DEFAULTGW="<%= @ipv6_defaultgw %>" <% end -%> @@ -105,6 +117,9 @@ DNS1="<%= @dns1 %>" <% if @dns2 -%> DNS2="<%= @dns2 %>" <% end -%> +<% if @dns3 -%> +DNS3="<%= @dns3 %>" +<% end -%> <% if @domain -%> DOMAIN="<%= @domain %>" <% end -%> @@ -145,6 +160,9 @@ VLAN="<%= @vlan %>" <% if @vlan_id -%> VLAN_ID="<%= @vlan_id %>" <% end -%> +<% if @vid -%> +VID="<%= @vid %>" +<% end -%> <% if @vlan_name_type -%> VLAN_NAME_TYPE="<%= @vlan_name_type %>" <% end -%> @@ -217,8 +235,16 @@ OVSREQUIRES="<%= @ovsrequires %>" <% if @nm_name -%> NAME="<%= @nm_name %>" <% end -%> +<% if @options_extra_redhat -%> +<% @options_extra_redhat.each do |k,v| -%> +<%= k %>="<%= v %>" +<% end -%> +<% end -%> <% if @check_link_down == true -%> check_link_down() { return 1; } <% end -%> +<% if @connected_mode -%> +CONNECTED_MODE=yes +<% end -%> diff --git a/templates/legacy/interface/Suse.erb b/templates/legacy/interface/Suse.erb index 3f64a3a..7674fbe 100644 --- a/templates/legacy/interface/Suse.erb +++ b/templates/legacy/interface/Suse.erb @@ -95,3 +95,8 @@ PRE_DOWN_SCRIPT="<%= @pre_down_script %>" <% if @post_down_script -%> POST_DOWN_SCRIPT="<%= @post_down_script %>" <% end -%> +<% if @options_extra_suse -%> +<% @options_extra_suse.each do |k,v| -%> +<%= k %>="<%= v %>" +<% end -%> +<% end -%> diff --git a/templates/legacy/mroute-RedHat.erb b/templates/legacy/mroute-RedHat.erb index eb2069e..c1fd76c 100644 --- a/templates/legacy/mroute-RedHat.erb +++ b/templates/legacy/mroute-RedHat.erb @@ -2,5 +2,11 @@ ### File managed by Puppet ### <% @routes.each do |net,gw| -%> -<%= net %> <% if /^\d/.match(gw) %>via<% else %>dev<% end %> <%= gw %> +<%= net -%> +<% + if gw.kind_of?(Array) + gw.each do | g | %> nexthop via <%= g %><% end %> + <%- elsif /^\d/.match(gw) %> via <%= gw %> + <%- else %> dev <%= gw %> + <%- end -%> <% end -%> diff --git a/templates/legacy/mroute_down-Debian.erb b/templates/legacy/mroute_down-Debian.erb index 511ce05..b216311 100644 --- a/templates/legacy/mroute_down-Debian.erb +++ b/templates/legacy/mroute_down-Debian.erb @@ -7,7 +7,12 @@ if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then <% @routes.each do |net,gw| -%> if ip route show | grep -qF "<%= net %> " then - ip route del <%= net %> <% if /^\d/.match(gw) %>via<% else %>dev<% end %> <%= gw %> + ip route del <% if @table -%>table <%= @table %> <% end -%><%= net %><% + if gw.kind_of?(Array) + gw.each do | g | %> nexthop via <%= g %><% end %> + <%- elsif /^\d/.match(gw) %> via <%= gw %> + <%- else %> dev <%= gw %> + <%- end -%> fi <% end -%> fi diff --git a/templates/legacy/mroute_up-Debian.erb b/templates/legacy/mroute_up-Debian.erb index 78be710..875d6d1 100644 --- a/templates/legacy/mroute_up-Debian.erb +++ b/templates/legacy/mroute_up-Debian.erb @@ -7,7 +7,12 @@ if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then <% @routes.each do |net,gw| -%> if ! ip route show | grep -qF "<%= net %> " then - ip route add <%= net %> <% if /^\d/.match(gw) %>via<% else %>dev<% end %> <%= gw %> + ip route add <% if @table -%>table <%= @table %> <% end -%><%= net %><% + if gw.kind_of?(Array) + gw.each do | g | %> nexthop via <%= g %><% end %> + <%- elsif /^\d/.match(gw) %> via <%= gw %> + <%- else %> dev <%= gw %> + <%- end -%> fi <% end -%> fi diff --git a/templates/legacy/route-RedHat.erb b/templates/legacy/route-RedHat.erb index b7081b8..0c33f23 100644 --- a/templates/legacy/route-RedHat.erb +++ b/templates/legacy/route-RedHat.erb @@ -2,5 +2,5 @@ ### File managed by Puppet ### <%- (0..(@ipaddress.length-1)).each do |id| -%> -<%- if @family and @family[id] != 'inet6' -%><%= @ipaddress[id] %>/<%= @netmask[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %><%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> +<%- if @family and @family[id] != 'inet6' -%><%= @ipaddress[id] %>/<%= @_cidr[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %><%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> <%- end -%><%- end %> diff --git a/templates/legacy/route6-RedHat.erb b/templates/legacy/route6-RedHat.erb index f460900..f24a6e1 100644 --- a/templates/legacy/route6-RedHat.erb +++ b/templates/legacy/route6-RedHat.erb @@ -2,5 +2,5 @@ ### File managed by Puppet ### <%- (0..(@ipaddress.length-1)).each do |id| -%> -<%- if @family and @family[id] == 'inet6' -%><%= @ipaddress[id] %>/<%= @netmask[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %><%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %> +<%- if @family and @family[id] == 'inet6' -%><%= @ipaddress[id] %>/<%= @_cidr[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %><%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %> <%- end -%><%- end %> diff --git a/templates/legacy/route_down-Debian.erb b/templates/legacy/route_down-Debian.erb index c3db28f..7c06013 100644 --- a/templates/legacy/route_down-Debian.erb +++ b/templates/legacy/route_down-Debian.erb @@ -4,9 +4,9 @@ # if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then <%- (0..(@ipaddress.length-1)).each do |id| -%> - if ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route show <%- if @table and @table[id] -%> table <%= @table[id] %><% end %> | grep -qF "<%= @ipaddress[id] %><%- if @_cidr and @_cidr[id] and @_cidr[id] != 32 -%>/<%= @_cidr[id] %><%- end -%> " + if ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route show <%- if @table and @table[id] -%> table <%= @table[id] %><% end %> | grep -qP "<%= @ipaddress[id] %><%- if @_cidr and @_cidr[id] and @_cidr[id] != 32 -%>/<%= @_cidr[id] %><%- if @ipaddress[id] == '0.0.0.0' and @_cidr[id] == 0 %>|default<%- end %><%- end -%> " then - ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route del <%= @ipaddress[id] %>/<%= @netmask[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %> <%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> + ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route del <%= @ipaddress[id] %>/<%= @_cidr[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %> <%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> fi <%- end -%> fi diff --git a/templates/legacy/route_up-Debian.erb b/templates/legacy/route_up-Debian.erb index 10ddbcd..7dcfbc0 100644 --- a/templates/legacy/route_up-Debian.erb +++ b/templates/legacy/route_up-Debian.erb @@ -4,9 +4,9 @@ # if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then <%- (0..(@ipaddress.length-1)).each do |id| -%> - if ! ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route show <%- if @table and @table[id] -%> table <%= @table[id] %><% end %> | grep -qF "<%= @ipaddress[id] %><%- if @_cidr and @_cidr[id] and @_cidr[id] != 32 -%>/<%= @_cidr[id] %><%- end -%> " + if ! ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route show <%- if @table and @table[id] -%> table <%= @table[id] %><% end %> | grep -qP "<%= @ipaddress[id] %><%- if @_cidr and @_cidr[id] and @_cidr[id] != 32 -%>/<%= @_cidr[id] %><%- if @ipaddress[id] == '0.0.0.0' and @_cidr[id] == 0 %>|default<%- end %><%- end -%> " then - ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route add <%= @ipaddress[id] %>/<%= @netmask[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %> <%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> + ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route add <%= @ipaddress[id] %>/<%= @_cidr[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %> <%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> fi <%- end -%> fi diff --git a/templates/legacy/rule-RedHat.erb b/templates/legacy/rule-RedHat.erb index 0b086a4..103d0fa 100644 --- a/templates/legacy/rule-RedHat.erb +++ b/templates/legacy/rule-RedHat.erb @@ -1,6 +1,8 @@ ### ### File managed by Puppet ### -<% @iprule.each do |rule| -%> -<%= rule %> +<%- (0..(@iprule.length-1)).each do |id| -%> +<%- if @family and @family[id] != 'inet6' -%> +<%= @iprule[id] %> <% end -%> +<%- end -%> diff --git a/templates/legacy/rule6-RedHat.erb b/templates/legacy/rule6-RedHat.erb new file mode 100644 index 0000000..7c0bfbd --- /dev/null +++ b/templates/legacy/rule6-RedHat.erb @@ -0,0 +1,8 @@ +### +### File managed by Puppet +### +<%- (0..(@iprule.length-1)).each do |id| -%> +<%- if @family and @family[id] == 'inet6' -%> +<%= @iprule[id] %> +<% end -%> +<%- end -%> From 79df2060d2a939b7e318e1b273c513b1087f0e1d Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Fri, 28 Jun 2019 17:07:53 +0200 Subject: [PATCH 11/21] Refreshed and updated legacy manifests from current master --- manifests/legacy/interface.pp | 57 +++++++++++++++++++++++++++---- manifests/legacy/mroute.pp | 19 ++++++++++- manifests/legacy/params.pp | 5 +++ manifests/legacy/route.pp | 14 ++++---- manifests/legacy/routing_table.pp | 2 +- manifests/legacy/rule.pp | 5 ++- 6 files changed, 84 insertions(+), 18 deletions(-) diff --git a/manifests/legacy/interface.pp b/manifests/legacy/interface.pp index 0565c0b..d822e05 100644 --- a/manifests/legacy/interface.pp +++ b/manifests/legacy/interface.pp @@ -1,7 +1,6 @@ # -# = Define: network::interface +# = Define: network::legacy::interface # -#  # This define manages interfaces. # Currently only Debian and RedHat families supported. # Some parameters are supported only for specific families @@ -48,6 +47,12 @@ # [*options*] # A generic hash of custom options that can be used in a custom template # +# [*options_extra_redhat*] +# [*options_extra_debian*] +# [*options_extra_suse*] +# Custom hashes of options that are added to the default template that manages +# interfaces respectively under RedHat, Debian and Suse families +# # [*description*] # String. Optional. Default: undef # Adds comment with given description in file before interface declaration. @@ -102,6 +107,7 @@ # $type = 'Ethernet', # Defaults to 'Ethernet', but following types are supported for OVS: # "OVSPort", "OVSIntPort", "OVSBond", "OVSTunnel" and "OVSPatchPort". +# 'InfiniBand' type is supported as well. # # $ipaddr = undef, # Both ipaddress (standard name) and ipaddr (RedHat param name) if set @@ -111,6 +117,10 @@ # $hwaddr = undef, # hwaddr if set configures the mac address of the interface. # +# $prefix = undef, +# Network PREFIX aka CIDR notation of the network mask. The PREFIX +# takes precedence if both PREFIX and NETMASK are set. +# # $bootproto = '', # Both enable_dhcp (standard) and bootproto (Debian specific param name), # if set, configure dhcp on the interface via the bootproto setting. @@ -139,6 +149,9 @@ # $hotswap = undef # Set to no to prevent interface from being activated when hot swapped - Default is yes # +# $vid = undef +# Set to specify vlan id # +# # == RedHat and Debian only GRE interface specific parameters # # $peer_outer_ipaddr = undef @@ -196,6 +209,12 @@ # Check the arguments in the code for the other RedHat specific settings # If defined they are set in the used template. # +# == RedHat only InfiniBand specific parameters +# +# $connected_mode = undef, +# Enable or not InfiniBand CONNECTED_MODE. It true, CONNECTED_MODE=yes will +# be added to ifcfg file. +# # == Suse and Debian only parameters # # $aliases = undef @@ -237,6 +256,9 @@ $ensure = 'present', $template = "network/legacy/interface/${::osfamily}.erb", $options = undef, + $options_extra_redhat = undef, + $options_extra_debian = undef, + $options_extra_suse = undef, $interface = $name, $restart_all_nic = true, $reload_command = undef, @@ -360,6 +382,7 @@ ## RedHat specific $ipaddr = '', + $prefix = undef, $uuid = undef, $bootproto = '', $userctl = 'no', @@ -367,7 +390,10 @@ $ethtool_opts = undef, $ipv6init = undef, $ipv6_autoconf = undef, + $ipv6_privacy = undef, + $ipv6_addr_gen_mode = undef, $ipv6addr = undef, + $ipv6addr_secondaries = [], $ipv6_defaultgw = undef, $dhcp_hostname = undef, $srcaddr = undef, @@ -378,6 +404,7 @@ $defroute = undef, $dns1 = undef, $dns2 = undef, + $dns3 = undef, $domain = undef, $nm_controlled = undef, $master = undef, @@ -387,6 +414,7 @@ $vlan = undef, $vlan_name_type = undef, $vlan_id = undef, + $vid = undef, $physdev = undef, $bridge = undef, $arpcheck = undef, @@ -399,6 +427,9 @@ $persistent_dhclient = undef, $nm_name = undef, + # RedHat specific for InfiniBand + $connected_mode = undef, + # RedHat specific for GRE $peer_outer_ipaddr = undef, $peer_inner_ipaddr = undef, @@ -406,7 +437,7 @@ $my_inner_ipaddr = undef, # RedHat and Debian specific for Open vSwitch - $devicetype = undef, # On RedHat. Same of ovs_type for Debian + $devicetype = undef, # On RedHat. Same of ovs_type for Debian $bond_ifaces = undef, # On RedHat Same of ovs_bonds for Debian $ovs_type = undef, # Debian $ovs_bonds = undef, # Debian @@ -505,6 +536,18 @@ fail('send_gratuitous_arp must be one of: undef, yes, no') } + if $::osfamily != 'RedHat' and ($type == 'InfiniBand' or $connected_mode) { + fail('InfiniBand parameters are supported only for RedHat family.') + } + + if $type != 'InfiniBand' and $connected_mode != undef { + fail('CONNECTED_MODE parameter available for InfiniBand interfaces only') + } + + if $prefix != undef and $netmask != undef { + fail('Use either netmask or prefix to define the netmask for the interface') + } + $manage_hwaddr = $hwaddr ? { default => $hwaddr, } @@ -540,7 +583,7 @@ } # Redhat and Suse specific - if $::operatingsystem == 'SLES' and $::operatingsystemrelease =~ /^12/ { + if $::operatingsystem == 'SLES' and versioncmp($::operatingsystemrelease, 12) >= 0 { $bootproto_false = 'static' } else { $bootproto_false = 'none' @@ -609,7 +652,7 @@ } $network_notify = "Exec[network_restart_${name}]" } else { - $network_notify = $::network::manage_config_file_notify + $network_notify = $network::manage_config_file_notify } case $::osfamily { @@ -685,8 +728,8 @@ } - if ! defined(Network::Legacy::Interface['lo']) { - network::legacy::interface { 'lo': + if ! defined(Network::Interface['lo']) { + network::interface { 'lo': address => '127.0.0.1', method => 'loopback', manage_order => '05', diff --git a/manifests/legacy/mroute.pp b/manifests/legacy/mroute.pp index b434572..3347647 100644 --- a/manifests/legacy/mroute.pp +++ b/manifests/legacy/mroute.pp @@ -1,4 +1,4 @@ -# == Definition: network::mroute +# == Definition: network::legacy::mroute # # Manages multiples routes on a single file # Configures /etc/sysconfig/networking-scripts/route-$name on Rhel @@ -16,6 +16,16 @@ # '99.99.228.0/24' => 'bond1', # '100.100.244.0/22' => '174.136.107.1', # } +# } +# +# ECMP route with two gateways example (works only with RedHat and Debian): +# +# network::mroute { 'bond1': +# routes => { +# '99.99.228.0/24' => 'bond1', +# '100.100.244.0/22' => ['174.136.107.1', '174.136.107.2'], +# } +# } # # [*route_up_template*] # Template to use to manage route up setup. Default is defined according to @@ -77,6 +87,13 @@ default => $route_down_template, } + if $::osfamily == 'SuSE' { + $networks = keys($routes) + network::mroute::validate_gw { $networks: + routes => $routes, + } + } + case $::osfamily { 'RedHat': { file { "route-${name}": diff --git a/manifests/legacy/params.pp b/manifests/legacy/params.pp index 7fb6393..40594ed 100644 --- a/manifests/legacy/params.pp +++ b/manifests/legacy/params.pp @@ -36,6 +36,11 @@ default => undef, } + $package_name = $::operatingsystem ? { + 'Ubuntu' => 'ifupdown', + default => undef, + } + case $::osfamily { 'Debian','RedHat','Amazon','Suse', 'Solaris': { } default: { diff --git a/manifests/legacy/route.pp b/manifests/legacy/route.pp index c3d683e..4cdcfdc 100644 --- a/manifests/legacy/route.pp +++ b/manifests/legacy/route.pp @@ -1,4 +1,4 @@ -# == Definition: network::route +# == Definition: network::legacy::route # # Based on https://github.com/razorsedge/puppet-network/ route.pp manifest. # Configures /etc/sysconfig/networking-scripts/route-$name on Rhel @@ -155,6 +155,8 @@ validate_array($family) } + include ::network + case $::osfamily { 'RedHat': { file { "route-${name}": @@ -164,7 +166,7 @@ group => 'root', path => "/etc/sysconfig/network-scripts/route-${name}", content => template('network/legacy/route-RedHat.erb'), - notify => $::network::manage_config_file_notify, + notify => $network::manage_config_file_notify, } file { "route6-${name}": ensure => $ensure, @@ -173,7 +175,7 @@ group => 'root', path => "/etc/sysconfig/network-scripts/route6-${name}", content => template('network/legacy/route6-RedHat.erb'), - notify => $::network::manage_config_file_notify, + notify => $network::manage_config_file_notify, } } 'Suse': { @@ -184,7 +186,7 @@ group => 'root', path => "/etc/sysconfig/network/ifroute-${name}", content => template('network/legacy/route-Suse.erb'), - notify => $::network::manage_config_file_notify, + notify => $network::manage_config_file_notify, } } 'Debian': { @@ -195,7 +197,7 @@ group => 'root', path => "/etc/network/if-up.d/z90-route-${name}", content => template('network/legacy/route_up-Debian.erb'), - notify => $::network::manage_config_file_notify, + notify => $network::manage_config_file_notify, } file { "routedown-${name}": ensure => $ensure, @@ -204,7 +206,7 @@ group => 'root', path => "/etc/network/if-down.d/z90-route-${name}", content => template('network/legacy/route_down-Debian.erb'), - notify => $::network::manage_config_file_notify, + notify => $network::manage_config_file_notify, } } default: { fail('Operating system not supported') } diff --git a/manifests/legacy/routing_table.pp b/manifests/legacy/routing_table.pp index 79580d0..d8d33d2 100644 --- a/manifests/legacy/routing_table.pp +++ b/manifests/legacy/routing_table.pp @@ -1,4 +1,4 @@ -# == Definition: network::routing_table +# == Definition: network::legacy::routing_table # # Configures /etc/iproute2/rt_tables # diff --git a/manifests/legacy/rule.pp b/manifests/legacy/rule.pp index 2097340..b0cd402 100644 --- a/manifests/legacy/rule.pp +++ b/manifests/legacy/rule.pp @@ -1,4 +1,4 @@ -# == Definition: network::rule +# == Definition: network::legacy::rule # # Configures /etc/sysconfig/networking-scripts/rule-$name on RHEL # @@ -25,7 +25,7 @@ # Marcus Furlong # -define network::rule ( +define network::legacy::rule ( $iprule, $interface = $name, $family = undef, @@ -95,4 +95,3 @@ default: { fail('Operating system not supported') } } } # define network::rule - From 63b1c9c3ea7540dea8bc5e1c35f77a3657d432bf Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Fri, 28 Jun 2019 18:01:19 +0200 Subject: [PATCH 12/21] New network::route define based on legacy network::mroute --- .travis.yml | 17 +--- manifests/mroute.pp | 142 --------------------------- manifests/route.pp | 158 ++++++++++++++++++++++++++++++- templates/hostname-RedHat.erb | 2 +- templates/mroute-RedHat.erb | 12 --- templates/mroute-SuSE.erb | 6 -- templates/mroute_down-Debian.erb | 18 ---- templates/mroute_up-Debian.erb | 18 ---- templates/route-RedHat.erb | 12 ++- templates/route-Suse.erb | 16 +++- templates/route6-RedHat.erb | 12 ++- templates/route_down-Debian.erb | 16 +++- templates/route_up-Debian.erb | 16 +++- 13 files changed, 207 insertions(+), 238 deletions(-) delete mode 100644 manifests/mroute.pp delete mode 100644 templates/mroute-RedHat.erb delete mode 100644 templates/mroute-SuSE.erb delete mode 100644 templates/mroute_down-Debian.erb delete mode 100644 templates/mroute_up-Debian.erb diff --git a/.travis.yml b/.travis.yml index 421405b..23816f6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,7 +12,6 @@ script: - 'bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - - 2.3.0 - 2.5.3 stages: - static @@ -33,12 +32,8 @@ matrix: env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file syntax lint metadata_lint" stage: static - - rvm: 2.3.0 - env: PUPPET_GEM_VERSION="~> 3" - stage: spec - - - rvm: 2.3.0 - env: PUPPET_GEM_VERSION="~> 4" + env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec + rvm: 2.4.5 stage: spec - env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec @@ -57,14 +52,6 @@ matrix: rvm: 2.5.3 env: CHECK="rubocop" stage: static - - - rvm: 2.3.0 - env: PUPPET_GEM_VERSION="~> 3" - stage: spec - - - rvm: 2.3.0 - env: PUPPET_GEM_VERSION="~> 4" - stage: spec branches: only: - master diff --git a/manifests/mroute.pp b/manifests/mroute.pp deleted file mode 100644 index d31742b..0000000 --- a/manifests/mroute.pp +++ /dev/null @@ -1,142 +0,0 @@ -# == Definition: network::mroute -# -# Manages multiples routes on a single file -# Configures /etc/sysconfig/networking-scripts/route-$name on Rhel -# Adds 2 files on Debian: -# One under /etc/network/if-up.d and -# One in /etc/network/if-down.d -# -# === Parameters: -# -# [*routes*] -# Required parameter. Must be an hash of network-gateway pairs. -# Example: -# network::mroute { 'bond1': -# routes => { -# '99.99.228.0/24' => 'bond1', -# '100.100.244.0/22' => '174.136.107.1', -# } -# } -# -# ECMP route with two gateways example (works only with RedHat and Debian): -# -# network::mroute { 'bond1': -# routes => { -# '99.99.228.0/24' => 'bond1', -# '100.100.244.0/22' => ['174.136.107.1', '174.136.107.2'], -# } -# } -# -# [*route_up_template*] -# Template to use to manage route up setup. Default is defined according to -# $::osfamily -# -# [*route_down_template*] -# Template to use to manage route down script. Used only on Debian family. -# -# [*config_file_notify*] -# String. Optional. Default: 'class_default' -# Defines the notify argument of the created file. -# The default special value implies the same behaviour of the main class -# configuration file. Set to undef to remove any notify, or set -# the name(s) of the resources to notify -# -# -# === Actions: -# -# On Rhel -# Deploys the file /etc/sysconfig/network-scripts/route-$name. -# -# On Debian -# Deploy 2 files 1 under /etc/network/if-up.d and 1 in /etc/network/if-down.d -# -# On Suse -# Deploys the file /etc/sysconfig/network/ifroute-$name. -# -define network::mroute ( - $routes, - $interface = $name, - $config_file_notify = 'class_default', - $ensure = 'present', - $route_up_template = undef, - $route_down_template = undef, -) { - # Validate our arrays - validate_hash($routes) - - include ::network - - $real_config_file_notify = $config_file_notify ? { - 'class_default' => $::network::manage_config_file_notify, - default => $config_file_notify, - } - - $real_route_up_template = $route_up_template ? { - undef => $::osfamily ? { - 'RedHat' => 'network/mroute-RedHat.erb', - 'Debian' => 'network/mroute_up-Debian.erb', - 'SuSE' => 'network/mroute-SuSE.erb', - }, - default => $route_up_template, - } - $real_route_down_template = $route_down_template ? { - undef => $::osfamily ? { - 'Debian' => 'network/mroute_down-Debian.erb', - default => undef, - }, - default => $route_down_template, - } - - if $::osfamily == 'SuSE' { - $networks = keys($routes) - network::mroute::validate_gw { $networks: - routes => $routes, - } - } - - case $::osfamily { - 'RedHat': { - file { "route-${name}": - ensure => $ensure, - mode => '0644', - owner => 'root', - group => 'root', - path => "/etc/sysconfig/network-scripts/route-${name}", - content => template($real_route_up_template), - notify => $real_config_file_notify, - } - } - 'Debian': { - file { "routeup-${name}": - ensure => $ensure, - mode => '0755', - owner => 'root', - group => 'root', - path => "/etc/network/if-up.d/z90-route-${name}", - content => template($real_route_up_template), - notify => $real_config_file_notify, - } - file { "routedown-${name}": - ensure => $ensure, - mode => '0755', - owner => 'root', - group => 'root', - path => "/etc/network/if-down.d/z90-route-${name}", - content => template($real_route_down_template), - notify => $real_config_file_notify, - } - } - 'SuSE': { - file { "route-${name}": - ensure => $ensure, - mode => '0644', - owner => 'root', - group => 'root', - path => "/etc/sysconfig/network/ifroute-${name}", - content => template($real_route_up_template), - notify => $real_config_file_notify, - } - } - default: { fail('Operating system not supported') } - } -} diff --git a/manifests/route.pp b/manifests/route.pp index b64a37a..d613d6e 100644 --- a/manifests/route.pp +++ b/manifests/route.pp @@ -1,9 +1,157 @@ -# A description of what this defined type does +# == Definition: network::route # -# @summary A short summary of the purpose of this defined type. +# Manages multiples routes on a single file +# Configures /etc/sysconfig/networking-scripts/route-$name on Rhel +# Adds 2 files on Debian: +# One under /etc/network/if-up.d and +# One in /etc/network/if-down.d # -# @example -# network::route { 'namevar': } -define network::route( +# Is based on the legacy network::mroute define of version 3 of this module. +# +# === Parameters: +# +# [*routes*] +# Required parameter. Must be an hash of network-gateway pairs. +# Example: +# network::mroute { 'bond1': +# routes => { +# '99.99.228.0/24' => 'bond1', +# '100.100.244.0/22' => '174.136.107.1', +# } +# } +# +# ECMP route with two gateways example (works only with RedHat and Debian): +# +# network::mroute { 'bond1': +# routes => { +# '99.99.228.0/24' => 'bond1', +# '100.100.244.0/22' => ['174.136.107.1', '174.136.107.2'], +# } +# } +# +# [*route_up_template*] +# Template to use to manage route up setup. Default is defined according to +# $::osfamily +# +# [*route_down_template*] +# Template to use to manage route down script. Used only on Debian family. +# +# [*config_file_notify*] +# String. Optional. Default: 'class_default' +# Defines the notify argument of the created file. +# The default special value implies the same behaviour of the main class +# configuration file. Set to undef to remove any notify, or set +# the name(s) of the resources to notify +# +# +# === Actions: +# +# On Rhel +# Deploys the file /etc/sysconfig/network-scripts/route-$name. +# +# On Debian +# Deploy 2 files 1 under /etc/network/if-up.d and 1 in /etc/network/if-down.d +# +# On Suse +# Deploys the file /etc/sysconfig/network/ifroute-$name. +# +define network::route ( + Optional[Hash] $routes = {}, + Optional[Hash] $ipv6_routes = {}, + String $interface = $title, + String $config_file_notify = 'class_default', + Enum['present','absent'] $ensure = 'present', + Enum['v4','v6'] $family = 'ipv4', + Optional[$route_up_template = undef, + $route_down_template = undef, ) { + # Validate our arrays + validate_hash($routes) + + include ::network + + $real_config_file_notify = $config_file_notify ? { + 'class_default' => $::network::manage_config_file_notify, + default => $config_file_notify, + } + + $real_route_up_template = $route_up_template ? { + undef => $::osfamily ? { + 'RedHat' => 'network/route-RedHat.erb', + 'Debian' => 'network/route_up-Debian.erb', + 'SuSE' => 'network/route-SuSE.erb', + }, + default => $route_up_template, + } + $real_route_down_template = $route_down_template ? { + undef => $::osfamily ? { + 'Debian' => 'network/route_down-Debian.erb', + default => undef, + }, + default => $route_down_template, + } + + if $::osfamily == 'SuSE' { + $networks = keys($routes) + network::mroute::validate_gw { $networks: + routes => $routes, + } + } + + case $::osfamily { + 'RedHat': { + file { "route-${name}": + ensure => $ensure, + mode => '0644', + owner => 'root', + group => 'root', + path => "/etc/sysconfig/network-scripts/route-${name}", + content => template($real_route_up_template), + notify => $real_config_file_notify, + } + if $ipv6_routes != {} { + file { "route6-${name}": + ensure => $ensure, + mode => '0644', + owner => 'root', + group => 'root', + path => "/etc/sysconfig/network-scripts/route6-${name}", + content => template('network/route6-RedHat.erb'), + notify => $network::manage_config_file_notify, + } + } + } + 'Debian': { + file { "routeup-${name}": + ensure => $ensure, + mode => '0755', + owner => 'root', + group => 'root', + path => "/etc/network/if-up.d/z90-route-${name}", + content => template($real_route_up_template), + notify => $real_config_file_notify, + } + file { "routedown-${name}": + ensure => $ensure, + mode => '0755', + owner => 'root', + group => 'root', + path => "/etc/network/if-down.d/z90-route-${name}", + content => template($real_route_down_template), + notify => $real_config_file_notify, + } + } + 'SuSE': { + file { "ifroute-${name}": + ensure => $ensure, + mode => '0644', + owner => 'root', + group => 'root', + path => "/etc/sysconfig/network/ifroute-${name}", + content => template($real_route_up_template), + notify => $real_config_file_notify, + } + } + default: { fail('Operating system not supported') } + } } diff --git a/templates/hostname-RedHat.erb b/templates/hostname-RedHat.erb index ba0a82b..58c54e8 100644 --- a/templates/hostname-RedHat.erb +++ b/templates/hostname-RedHat.erb @@ -10,4 +10,4 @@ NOZEROCONF="<%= @nozeroconf %>" NETWORKING_IPV6="<%= @ipv6enable %>" IPV6INIT="<%= @ipv6enable %>" <% end -%> -HOSTNAME="<%= @manage_hostname.split('.').first %>" +HOSTNAME="<%= @manage_hostname %>" diff --git a/templates/mroute-RedHat.erb b/templates/mroute-RedHat.erb deleted file mode 100644 index c1fd76c..0000000 --- a/templates/mroute-RedHat.erb +++ /dev/null @@ -1,12 +0,0 @@ -### -### File managed by Puppet -### -<% @routes.each do |net,gw| -%> -<%= net -%> -<% - if gw.kind_of?(Array) - gw.each do | g | %> nexthop via <%= g %><% end %> - <%- elsif /^\d/.match(gw) %> via <%= gw %> - <%- else %> dev <%= gw %> - <%- end -%> -<% end -%> diff --git a/templates/mroute-SuSE.erb b/templates/mroute-SuSE.erb deleted file mode 100644 index 428daaa..0000000 --- a/templates/mroute-SuSE.erb +++ /dev/null @@ -1,6 +0,0 @@ -### -### File managed by Puppet -### -<% @routes.each do |net,gw| -%> -<%= net %> <%= gw %> - -<% end -%> diff --git a/templates/mroute_down-Debian.erb b/templates/mroute_down-Debian.erb deleted file mode 100644 index b216311..0000000 --- a/templates/mroute_down-Debian.erb +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# -### -### File managed by Puppet -### -if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then -<% @routes.each do |net,gw| -%> - if ip route show | grep -qF "<%= net %> " - then - ip route del <% if @table -%>table <%= @table %> <% end -%><%= net %><% - if gw.kind_of?(Array) - gw.each do | g | %> nexthop via <%= g %><% end %> - <%- elsif /^\d/.match(gw) %> via <%= gw %> - <%- else %> dev <%= gw %> - <%- end -%> - fi -<% end -%> -fi diff --git a/templates/mroute_up-Debian.erb b/templates/mroute_up-Debian.erb deleted file mode 100644 index 875d6d1..0000000 --- a/templates/mroute_up-Debian.erb +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# -### -### File managed by Puppet -### -if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then -<% @routes.each do |net,gw| -%> - if ! ip route show | grep -qF "<%= net %> " - then - ip route add <% if @table -%>table <%= @table %> <% end -%><%= net %><% - if gw.kind_of?(Array) - gw.each do | g | %> nexthop via <%= g %><% end %> - <%- elsif /^\d/.match(gw) %> via <%= gw %> - <%- else %> dev <%= gw %> - <%- end -%> - fi -<% end -%> -fi diff --git a/templates/route-RedHat.erb b/templates/route-RedHat.erb index 0c33f23..c1fd76c 100644 --- a/templates/route-RedHat.erb +++ b/templates/route-RedHat.erb @@ -1,6 +1,12 @@ ### ### File managed by Puppet ### -<%- (0..(@ipaddress.length-1)).each do |id| -%> -<%- if @family and @family[id] != 'inet6' -%><%= @ipaddress[id] %>/<%= @_cidr[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %><%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> -<%- end -%><%- end %> +<% @routes.each do |net,gw| -%> +<%= net -%> +<% + if gw.kind_of?(Array) + gw.each do | g | %> nexthop via <%= g %><% end %> + <%- elsif /^\d/.match(gw) %> via <%= gw %> + <%- else %> dev <%= gw %> + <%- end -%> +<% end -%> diff --git a/templates/route-Suse.erb b/templates/route-Suse.erb index 39bd9dd..c1fd76c 100644 --- a/templates/route-Suse.erb +++ b/templates/route-Suse.erb @@ -1,6 +1,12 @@ ### -#### File managed by Puppet -#### -<%- (0..(@ipaddress.length-1)).each do |id| -%> -<%= @ipaddress[id] %><%- if @gateway and @gateway[id] -%> <%= @gateway[id] %><%- else -%> -<%- end -%> <%= @netmask[id] %> <%= @interface %><%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> -<%- end %> +### File managed by Puppet +### +<% @routes.each do |net,gw| -%> +<%= net -%> +<% + if gw.kind_of?(Array) + gw.each do | g | %> nexthop via <%= g %><% end %> + <%- elsif /^\d/.match(gw) %> via <%= gw %> + <%- else %> dev <%= gw %> + <%- end -%> +<% end -%> diff --git a/templates/route6-RedHat.erb b/templates/route6-RedHat.erb index f24a6e1..c81a376 100644 --- a/templates/route6-RedHat.erb +++ b/templates/route6-RedHat.erb @@ -1,6 +1,12 @@ ### ### File managed by Puppet ### -<%- (0..(@ipaddress.length-1)).each do |id| -%> -<%- if @family and @family[id] == 'inet6' -%><%= @ipaddress[id] %>/<%= @_cidr[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %><%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %> -<%- end -%><%- end %> +<% @ipv6_routes.each do |net,gw| -%> +<%= net -%> +<% + if gw.kind_of?(Array) + gw.each do | g | %> nexthop via <%= g %><% end %> + <%- elsif /^\d/.match(gw) %> via <%= gw %> + <%- else %> dev <%= gw %> + <%- end -%> +<% end -%> diff --git a/templates/route_down-Debian.erb b/templates/route_down-Debian.erb index 7c06013..b216311 100644 --- a/templates/route_down-Debian.erb +++ b/templates/route_down-Debian.erb @@ -1,12 +1,18 @@ #!/bin/bash # +### ### File managed by Puppet -# +### if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then -<%- (0..(@ipaddress.length-1)).each do |id| -%> - if ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route show <%- if @table and @table[id] -%> table <%= @table[id] %><% end %> | grep -qP "<%= @ipaddress[id] %><%- if @_cidr and @_cidr[id] and @_cidr[id] != 32 -%>/<%= @_cidr[id] %><%- if @ipaddress[id] == '0.0.0.0' and @_cidr[id] == 0 %>|default<%- end %><%- end -%> " +<% @routes.each do |net,gw| -%> + if ip route show | grep -qF "<%= net %> " then - ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route del <%= @ipaddress[id] %>/<%= @_cidr[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %> <%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> + ip route del <% if @table -%>table <%= @table %> <% end -%><%= net %><% + if gw.kind_of?(Array) + gw.each do | g | %> nexthop via <%= g %><% end %> + <%- elsif /^\d/.match(gw) %> via <%= gw %> + <%- else %> dev <%= gw %> + <%- end -%> fi -<%- end -%> +<% end -%> fi diff --git a/templates/route_up-Debian.erb b/templates/route_up-Debian.erb index 7dcfbc0..875d6d1 100644 --- a/templates/route_up-Debian.erb +++ b/templates/route_up-Debian.erb @@ -1,12 +1,18 @@ #!/bin/bash # +### ### File managed by Puppet -# +### if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then -<%- (0..(@ipaddress.length-1)).each do |id| -%> - if ! ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route show <%- if @table and @table[id] -%> table <%= @table[id] %><% end %> | grep -qP "<%= @ipaddress[id] %><%- if @_cidr and @_cidr[id] and @_cidr[id] != 32 -%>/<%= @_cidr[id] %><%- if @ipaddress[id] == '0.0.0.0' and @_cidr[id] == 0 %>|default<%- end %><%- end -%> " +<% @routes.each do |net,gw| -%> + if ! ip route show | grep -qF "<%= net %> " then - ip<%- if @family and @family[id] == 'inet6' -%> -6<%- end -%> route add <%= @ipaddress[id] %>/<%= @_cidr[id] %><%- if @gateway and @gateway[id] -%> via <%= @gateway[id] %><%- end -%> dev <%= @interface %> <%- if @scope and @scope[id] -%> scope <%= @scope[id] %><%- end -%><%- if @source and @source[id] -%> src <%= @source[id] %><%- end -%><%- if @table and @table[id] -%> table <%= @table[id] %><% end %><%- if @metric and @metric[id] -%> metric <%= @metric[id] %><% end %><%- if @mtu and @mtu[id] -%> mtu <%= @mtu[id] %><% end %> + ip route add <% if @table -%>table <%= @table %> <% end -%><%= net %><% + if gw.kind_of?(Array) + gw.each do | g | %> nexthop via <%= g %><% end %> + <%- elsif /^\d/.match(gw) %> via <%= gw %> + <%- else %> dev <%= gw %> + <%- end -%> fi -<%- end -%> +<% end -%> fi From 3a4ae131b5c6d67051e041d97174125e66cabe8e Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Fri, 28 Jun 2019 18:04:10 +0200 Subject: [PATCH 13/21] New network::routing_table define based on legacy network::routing_table --- manifests/conf.pp | 115 ------------------------------------- manifests/routing_table.pp | 51 +++++++++++++--- 2 files changed, 44 insertions(+), 122 deletions(-) delete mode 100644 manifests/conf.pp diff --git a/manifests/conf.pp b/manifests/conf.pp deleted file mode 100644 index 482d3fb..0000000 --- a/manifests/conf.pp +++ /dev/null @@ -1,115 +0,0 @@ -# -# = Define: network::conf -# -# With this define you can manage any network configuration file -# -# == Parameters -# -# [*template*] -# String. Optional. Default: undef. Alternative to: source, content. -# Sets the module path of a custom template to use as content of -# the config file -# When defined, config file has: content => content($template), -# Example: template => 'site/network/my.conf.erb', -# -# [*content*] -# String. Optional. Default: undef. Alternative to: template, source. -# Sets directly the value of the file's content parameter -# When defined, config file has: content => $content, -# Example: content => "# File manage by Puppet \n", -# -# [*source*] -# String. Optional. Default: undef. Alternative to: template, content. -# Sets the value of the file's source parameter -# When defined, config file has: source => $source, -# Example: source => 'puppet:///site/network/my.conf', -# -# [*ensure*] -# String. Default: present -# Manages config file presence. Possible values: -# * 'present' - Create and manages the file. -# * 'absent' - Remove the file. -# -# [*path*] -# String. Optional. Default: $config_dir/$title -# The path of the created config file. If not defined a file -# name like the the name of the title a custom template to -# use as content of configfile -# If defined, configfile file has: content => content("$template") -# -# [*mode*] -# [*owner*] -# [*group*] -# [*config_file_require*] -# [*replace*] -# String. Optional. Default: undef -# All these parameters map directly to the created file attributes. -# If not defined the module's defaults are used. -# If defined, config file file has, for example: mode => $mode -# -# [*config_file_notify*] -# String. Optional. Default: 'class_default' -# Defines the notify argument of the created file. -# The default special value implies the same behaviour of the main class -# configuration file. Set to undef to remove any notify, or set -# the name(s) of the resources to notify -# -# [*options_hash*] -# Hash. Default undef. Needs: 'template'. -# An hash of custom options to be used in templates to manage any key pairs of -# arbitrary settings. -# -define network::conf ( - - $source = undef, - $template = undef, - $content = undef, - - $path = undef, - $mode = undef, - $owner = undef, - $group = undef, - - $config_file_notify = 'class_default', - $config_file_require = undef, - - $options_hash = undef, - - $ensure = present ) { - - validate_re($ensure, ['present','absent'], 'Valid values are: present, absent. WARNING: If set to absent the conf file is removed.') - - include ::network - - $manage_path = pick($path, "${::network::config_dir_path}/${name}") - $manage_mode = pick($mode, $::network::config_file_mode) - $manage_owner = pick($owner, $::network::config_file_owner) - $manage_group = pick($group, $::network::config_file_group) - $manage_require = pick($config_file_require, $::network::config_file_require) - $manage_notify = $config_file_notify ? { - 'class_default' => $::network::manage_config_file_notify, - default => $config_file_notify, - } - $manage_content = $content ? { - undef => $template ? { - undef => undef, - default => template($template), - }, - default => $content, - } - - - file { "network_conf_${name}": - ensure => $ensure, - source => $source, - content => $manage_content, - path => $manage_path, - mode => $manage_mode, - owner => $manage_owner, - group => $manage_group, - require => $manage_require, - notify => $manage_notify, - } - -} - diff --git a/manifests/routing_table.pp b/manifests/routing_table.pp index 03ce4de..39dbef3 100644 --- a/manifests/routing_table.pp +++ b/manifests/routing_table.pp @@ -1,9 +1,46 @@ -# A description of what this defined type does +# == Definition: network::routing_table # -# @summary A short summary of the purpose of this defined type. +# Configures /etc/iproute2/rt_tables # -# @example -# network::routing_table { 'namevar': } -define network::routing_table( -) { -} +# === Parameters: +# +# $table_id - required +# +# === Actions: +# +# Adds routing table id and name to /etc/iproute2/rt_tables +# +# === Sample Usage: +# +# network::routing_table { 'vlan22': +# table_id => '200', +# } +# +# === Authors: +# +# Marcus Furlong +# + +define network::routing_table ( + String $table_id, + String $table = $name + ) { + + if ! defined(Concat['/etc/iproute2/rt_tables']) { + concat { '/etc/iproute2/rt_tables': + owner => 'root', + group => 'root', + mode => '0644', + } + + concat::fragment { 'rt_tables-base': + target => '/etc/iproute2/rt_tables', + source => 'puppet:///modules/network/legacy/rt_tables', + } + } + + concat::fragment { "rt_tables-${table}": + target => '/etc/iproute2/rt_tables', + content => "${table_id}\t${table}\n", + } +} # define network::routing_table From 2a6cae17a893bcb3c9f9cad104326480e9d4c10a Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Fri, 28 Jun 2019 19:44:30 +0200 Subject: [PATCH 14/21] Works on new network::interface --- manifests/interface.pp | 27 ++- templates/interface/Debian.epp | 6 +- templates/interface/Debian.erb | 321 --------------------------------- templates/interface/RedHat.epp | 7 +- templates/interface/RedHat.erb | 250 ------------------------- templates/interface/Suse.epp | 2 + templates/interface/Suse.erb | 102 ----------- 7 files changed, 31 insertions(+), 684 deletions(-) delete mode 100644 templates/interface/Debian.erb delete mode 100644 templates/interface/RedHat.erb delete mode 100644 templates/interface/Suse.erb diff --git a/manifests/interface.pp b/manifests/interface.pp index 73c0293..262f9e9 100644 --- a/manifests/interface.pp +++ b/manifests/interface.pp @@ -9,7 +9,7 @@ Enum['present','absent'] $ensure = 'present', String $template = "network/interface/${::osfamily}.epp", - Optional $config_path = undef, + Optional[String] $config_path = undef, Boolean $enable_dhcp = false, @@ -24,6 +24,8 @@ Optional[Stdlib::Compat::Ipv6] $ipv6_netmask = undef, Hash $extra_settings = {}, + Optional[String] $extra_header = undef, + Optional[String] $extra_footer = undef, Boolean $use_default_settings = true, Hash $options = {}, @@ -41,13 +43,30 @@ $os_settings = { DEVICE => $interface, NM_CONTROLLED => 'no', + IPADDR => $ipv4_address, + IPV6ADDR => $ipv6_address, } + $os_footer = lookupvar($options['check_link_down') ? { + true => @(EOF) + check_link_down() { + return 1; + } + |- EOF + false => '' + } + $os_header = '' } 'Debian': { $os_settings = { } + $os_header = "${stanza} ${interface} ${family} ${method}" + $os_footer = '' + } + 'SuSE': { $os_settings = { } + $os_header = '' + $os_footer = '' } default: {} } @@ -56,14 +75,18 @@ # $settings variable is used in templates if $use_default_settings { $settings = $os_settings + $extra_settings + $header = $os_header + $extra_header + $footer = $os_footer + $extra_footer } else { $settings = $extra_settings + $header = $extra_header + $footer = $extra_footer } # Content used in interface configuration file $template_type=$template[-4,4] case $template_type { '.epp': { - $content = epp($template,$settings) + $content = epp($template,$settings,$header,$footer) } '.erb': { $content = template($template) diff --git a/templates/interface/Debian.epp b/templates/interface/Debian.epp index b6a22c8..a4eae0c 100644 --- a/templates/interface/Debian.epp +++ b/templates/interface/Debian.epp @@ -1,9 +1,7 @@ # Interface <%= $interface %> managed by Puppet # <%= $description %> -<% if $options['auto'] -%> -auto <%= $interface %> -<% end -%> -<%= $stanza %> <%= $interface %> <%= $family %> <%= $manage_method %> +<%= $header -%> <% $settings.each | $k,$v | { -%> <%= $k %> <%= $v %> <% end -%> +<%= $footer -%> diff --git a/templates/interface/Debian.erb b/templates/interface/Debian.erb deleted file mode 100644 index 6c2b3e3..0000000 --- a/templates/interface/Debian.erb +++ /dev/null @@ -1,321 +0,0 @@ -# Interface <%= @name %> -<% if @description and ! @description.empty? -%> -# <%= @description %> -<% end -%> -<% if @auto -%> -auto <%= @interface %> -<% end -%> -<% if @allow_hotplug -%> -allow-hotplug <%= @interface %> -<% end -%> -<%= @stanza %> <%= @interface %> <%= @family %> <%= @manage_method %> -<% if @manage_address and ! @manage_address.empty? -%> - address <%= @manage_address %> -<% end -%> -<% if @manage_hwaddr -%> - hwaddress <%= @manage_hwaddr %> -<% end -%> -<% if @netmask -%> - netmask <%= @netmask %> -<% end -%> -<% if @network -%> - network <%= @network %> -<% end -%> -<% if @broadcast -%> - broadcast <%= @broadcast %> -<% end -%> -<% if @metric -%> - metric <%= @metric %> -<% end -%> -<% if @pointopoint -%> - pointopoint <%= @pointopoint %> -<% end -%> -<% if @mtu -%> - mtu <%= @mtu %> -<% end -%> -<% if @dns_nameservers -%> - dns-nameservers <%= @dns_nameservers %> -<% end -%> -<% if @dns_search -%> - dns-search <%= @dns_search %> -<% end -%> -<% if @gateway -%> - gateway <%= @gateway %> -<% end -%> -<% if @hostname -%> - hostname <%= @hostname %> -<% end -%> -<% if @leasehours -%> - leasehours <%= @leasehours %> -<% end -%> -<% if @leasetime -%> - leasetime <%= @leasetime %> -<% end -%> -<% if @client -%> - client <%= @client %> -<% end -%> -<% if @bootfile -%> - hostname <%= @bootfile %> -<% end -%> -<% if @server -%> - server <%= @server %> -<% end -%> -<% if @mode -%> - mode <%= @mode %> -<% end -%> -<% if @endpoint -%> - endpoint <%= @endpoint %> -<% end -%> -<% if @dstaddr -%> - dstaddr <%= @dstaddr %> -<% end -%> -<% if @local -%> - local <%= @local %> -<% end -%> -<% if @ttl -%> - ttl <%= @ttl %> -<% end -%> -<% if @provider -%> - provider <%= @provider %> -<% end -%> -<% if @unit -%> - unit <%= @unit %> -<% end -%> -<% if @options -%> - options <%= @options %> -<% end -%> -<% if @privext -%> - privext <%= @privext %> -<% end -%> -<% if @dhcp -%> - dhcp <%= @dhcp %> -<% end -%> -<% if @media -%> - media <%= @media %> -<% end -%> -<% if @accept_ra -%> - accept_ra <%= @accept_ra %> -<% end -%> -<% if @autoconf -%> - autoconf <%= @autoconf %> -<% end -%> -<% if @vlan_raw_device -%> - vlan-raw-device <%= @vlan_raw_device %> -<% end -%> -<% if @additional_networks -%> -<% if @additional_networks.is_a? Array -%> -<% @additional_networks.each do |val| -%> - up ip addr add <%= val %> dev <%= @interface %> - down ip addr del <%= val %> dev <%= @interface %> -<% end -%> -<% else -%> - up ip addr add <%= @additional_networks %> dev <%= @interface %> - down ip addr del <%= @additional_networks %> dev <%= @interface %> -<% end -%> -<% end -%> -<% if @peer_outer_ipaddr then -%> - up ip link set <%= @interface %> multicast on - pre-up ip tunnel add <%= @interface %> mode gre remote <%= @peer_outer_ipaddr %><% if @my_outer_ipaddr then %> local <%= @my_outer_ipaddr %><% end %> ttl 255 -<% if @peer_inner_ipaddr -%> - pointopoint <%= @peer_inner_ipaddr %> -<% end -%> - post-down ip tunnel del <%= @interface %> -<% end -%> -<% if @nonlocal_gateway -%> - post-up ip route add <%= @nonlocal_gateway %> dev <%= @interface %> - post-up ip route add default via <%= @nonlocal_gateway %> dev <%= @interface %> - pre-down ip route del default via <%= @nonlocal_gateway %> dev <%= @interface %> - pre-down ip route del <%= @nonlocal_gateway %> dev <%= @interface %> -<% end -%> -<% if @up.length > 0 then -%> -<% @up.each do |script| -%> - up <%= script %> -<% end -%> -<% end -%> -<% if @pre_up.length > 0 then -%> -<% @pre_up.each do |script| -%> - pre-up <%= script %> -<% end -%> -<% end -%> -<% if @post_up.length > 0 then -%> -<% @post_up.each do |script| -%> - post-up <%= script %> -<% end -%> -<% end -%> -<% if @down.length > 0 then -%> -<% @down.each do |script| -%> - down <%= script %> -<% end -%> -<% end -%> -<% if @pre_down.length > 0 then -%> -<% @pre_down.each do |script| -%> - pre-down <%= script %> -<% end -%> -<% end -%> -<% if @post_down.length > 0 then -%> -<% @post_down.each do |script| -%> - post-down <%= script %> -<% end -%> -<% end -%> -<% if @slaves.size > 0 then -%> - slaves <%= @slaves.join(' ') %> -<% end -%> -<% if @bond_mode -%> - bond-mode <%= @bond_mode %> -<% end -%> -<% if @bond_miimon -%> - bond-miimon <%= @bond_miimon %> -<% end -%> -<% if @bond_lacp_rate -%> - bond-lacp-rate <%= @bond_lacp_rate %> -<% end -%> -<% if @bond_num_grat_arp -%> - bond-num_grat_arp <%= @bond_num_grat_arp %> -<% end -%> -<% if @bond_downdelay -%> - bond-downdelay <%= @bond_downdelay %> -<% end -%> -<% if @bond_updelay -%> - bond-updelay <%= @bond_updelay %> -<% end -%> -<% if @bond_arp_all -%> - arp_all_targets <%= @bond_arp_all %> -<% end -%> -<% if @bond_arp_interval -%> - arp_interval <%= @bond_arp_interval %> -<% end -%> -<% if @bond_arp_iptarget -%> - arp_ip_target <%= @bond_arp_iptarget.join(',') %> -<% end -%> -<% if @bond_fail_over_mac -%> - fail_over_mac <%= @bond_fail_over_mac %> -<% end -%> -<% if @bond_master -%> - bond-master <%= @bond_master %> -<% end -%> -<% if @bond_primary -%> - bond-primary <%= @bond_primary %> -<% end -%> -<% if @bond_slaves.size > 0 then -%> - bond-slaves <%= @bond_slaves.join(' ') %> -<% end -%> -<% if @bridge_ports.size > 0 then -%> - bridge_ports <%= @bridge_ports.join(' ') %> -<% end -%> -<% if @bridge_stp -%> - bridge_stp <%= @bridge_stp %> -<% end -%> -<% if @bridge_fd -%> - bridge_fd <%= @bridge_fd %> -<% end -%> -<% if @bridge_maxwait -%> - bridge_maxwait <%= @bridge_maxwait %> -<% end -%> -<% if @bridge_waitport -%> - bridge_waitport <%= @bridge_waitport %> -<% end -%> -<% if @bond_xmit_hash_policy -%> - bond_xmit_hash_policy <%= @bond_xmit_hash_policy %> -<% end -%> -<% if @bond_ad_select -%> - bond-ad-select <%= @bond_ad_select %> -<% end -%> -<% if @use_carrier -%> - use_carrier <%= @use_carrier %> -<% end -%> -<% if @primary_reselect -%> - primary_reselect <%= @primary_reselect %> -<% end -%> -<% if @wpa_ssid -%> - wpa-ssid <%= @wpa_ssid %> -<% end -%> -<% if @wpa_bssid -%> - wpa-bssid <%= @wpa_bssid %> -<% end -%> -<% if @wpa_psk -%> - wpa-psk <%= @wpa_psk %> -<% end -%> -<% if @wpa_key_mgmt.size > 0 then -%> - wpa-key-mgmt <%= @wpa_key_mgmt.join(' ') %> -<% end -%> -<% if @wpa_group.size > 0 then -%> - wpa-group <%= @wpa_group.join(' ') %> -<% end -%> -<% if @wpa_pairwise.size > 0 then -%> - wpa-pairwise <%= @wpa_pairwise.join(' ') %> -<% end -%> -<% if @wpa_auth_alg.size > 0 then -%> - wpa-auth-alg <%= @wpa_auth_alg.join(' ') %> -<% end -%> -<% if @wpa_proto.size > 0 then -%> - wpa-proto <%= @wpa_proto.join(' ') %> -<% end -%> -<% if @wpa_identity -%> - wpa-identity <%= @wpa_identity %> -<% end -%> -<% if @wpa_password -%> - wpa-password <%= @wpa_password %> -<% end -%> -<% if @wpa_scan_ssid -%> - wpa-scan-ssid <%= @wpa_scan_ssid %> -<% end -%> -<% if @wpa_ap_scan -%> - wpa-ap-scan <%= @wpa_ap_scan %> -<% end -%> -<% if @vrf -%> - vrf <%= @vrf %> -<% end -%> -<% if @vrf_table -%> - vrf-table <%= @vrf_table %> -<% end -%> -<% if @ovs_bridge -%> - ovs_bridge <%= @ovs_bridge %> -<% end -%> -<% if @ovs_ports -%> - ovs_ports <%= @ovs_ports %> -<% end -%> -<% if @ovs_type -%> - ovs_type <%= @ovs_type %> -<% end -%> -<% if @ovs_bonds -%> - ovs_bonds <%= @ovs_bonds %> -<% end -%> -<% if @ovs_patch_peer -%> - ovs_patch_peer <%= @ovs_patch_peer %> -<% end -%> -<% if @ovs_tunnel_type -%> - ovs_tunnel_type <%= @ovs_tunnel_type %> -<% end -%> -<% if @ovs_tunnel_options -%> - ovs_tunnel_options <%= @ovs_tunnel_options %> -<% end -%> -<% if @ovs_options -%> - ovs_options <%= @ovs_options %> -<% end -%> -<% if @ovs_extra -%> - ovs_extra <%= @ovs_extra %> -<% end -%> -<% if @aliases -%> -<% if @aliases.is_a? Array -%> -<% @aliases.each_with_index do |val, idx| %> -<% if @auto -%> -auto <%= @interface %>:<%= idx %> -<% end -%> -<%= @stanza %> <%= @interface %>:<%= idx %> <%= @family %> static - address <%= val %> - netmask 255.255.255.255 -<% end -%> -<% else -%> -<% if @auto -%> -auto <%= @interface %>:0 -<% end -%> -<%= @stanza %> <%= @interface %>:0 <%= @family %> static - address <%= @aliases %> - netmask 255.255.255.255 -<% end -%> -<% end -%> -<% if @options_extra_debian -%> -<% @options_extra_debian.each do |k,v| -%> - <%= k %> <%= v %> -<% end -%> -<% end -%> diff --git a/templates/interface/RedHat.epp b/templates/interface/RedHat.epp index 3da3c07..be6532f 100644 --- a/templates/interface/RedHat.epp +++ b/templates/interface/RedHat.epp @@ -1,10 +1,7 @@ # Interface <%= $interface %> managed by Puppet # <%= $description %> +<%= $header -%> <% $settings.each | $k,$v | { -%> <%= $k %>=<%= $v %> <% } -%> -<% if $options['check_link_down'] { -%> -check_link_down() { - return 1; -} -<% } -%> +<%= $footer -%> diff --git a/templates/interface/RedHat.erb b/templates/interface/RedHat.erb deleted file mode 100644 index aba537a..0000000 --- a/templates/interface/RedHat.erb +++ /dev/null @@ -1,250 +0,0 @@ -# File Managed by Puppet -<% if @description and ! @description.empty? -%> -# <%= @description %> -<% end -%> -DEVICE="<%= @interface %>" -<% if ! @ovsbootproto -%> -BOOTPROTO="<%= @manage_bootproto %>" -<% end -%> -ONBOOT="<%= @manage_onboot %>" -TYPE="<%= @type %>" -USERCTL="<%= @userctl %>" -PEERDNS="<%= @manage_peerdns %>" -PEERNTP="<%= @manage_peerntp %>" -<% if @peer_outer_ipaddr -%> -PEER_OUTER_IPADDR=<%= @peer_outer_ipaddr %> -<% end -%> -<% if @peer_inner_ipaddr-%> -PEER_INNER_IPADDR=<%= @peer_inner_ipaddr %> -<% end -%> -<% if @my_outer_ipaddr -%> -MY_OUTER_IPADDR=<%= @my_outer_ipaddr %> -<% end -%> -<% if @my_inner_ipaddr -%> -MY_INNER_IPADDR=<%= @my_inner_ipaddr %> -<% end -%> -<% if @uuid -%> -UUID="<%= @uuid %>" -<% end -%> -<% if @ethtool_opts -%> -ETHTOOL_OPTS="<%= @ethtool_opts %>" -<% end -%> -<% if @subchannels -%> -SUBCHANNELS="<%= @subchannels.sort.join(',') %>" -<% end -%> -<% if @layer2 -%> -LAYER2="<%= @layer2 %>" -<% end -%> -<% if @nettype -%> -NETTYPE="<%= @nettype %>" -<% end -%> -<% if @zlinux_options -%> -OPTIONS="<%= @zlinux_options %>" -<% end -%> -<% if @manage_ipaddr and ! @manage_ipaddr.empty? -%> -<% if @ipaddress.kind_of?(Array) -%> -<%- (1..(@ipaddress.length)).each do |id| -%> -IPADDR<%= id %>="<%= @ipaddress[id-1] %>" -<% end -%> -<% else -%> -IPADDR="<%= @manage_ipaddr %>" -<% end -%> -<% end -%> -<% if @netmask -%> -<% if @ipaddress.kind_of?(Array) -%> -<% if @netmask.kind_of?(Array) -%> -<%- (1..(@netmask.length)).each do |id| -%> -NETMASK<%= id %>="<%= @netmask[id-1] %>" -<% end -%> -<% else -%> -<%- (1..(@ipaddress.length)).each do |id| -%> -NETMASK<%= id %>="<%= @netmask %>" -<% end -%> -<% end -%> -<% else -%> -NETMASK="<%= @netmask %>" -<% end -%> -<% end -%> -<% if @prefix -%> -PREFIX="<%= @prefix %>" -<% end -%> -<% if @broadcast -%> -BROADCAST="<%= @broadcast %>" -<% end -%> -<% if @gateway -%> -<% if @ipaddress.kind_of?(Array) -%> -GATEWAY1="<%= @gateway %>" -<% else -%> -GATEWAY="<%= @gateway %>" -<% end -%> -<% end -%> -<% if @manage_defroute -%> -DEFROUTE="<%= @manage_defroute %>" -<% end -%> -<% if @manage_hwaddr -%> -HWADDR="<%= @manage_hwaddr %>" -<% end -%> -<% if @ipv6init -%> -IPV6INIT="<%= @ipv6init %>" -<% end -%> -<% if @ipv6_autoconf -%> -IPV6_AUTOCONF="<%= @ipv6_autoconf %>" -<% end -%> -<% if @ipv6_privacy -%> -IPV6_PRIVACY="<%= @ipv6_privacy %>" -<% end -%> -<% if @ipv6_addr_gen_mode -%> -IPV6_ADDR_GEN_MODE="<%= @ipv6_addr_gen_mode %>" -<% end -%> -<% if @ipv6addr -%> -IPV6ADDR="<%= @ipv6addr %>" -<% end -%> -<% unless @ipv6addr_secondaries.empty? -%> -IPV6ADDR_SECONDARIES="<%= @ipv6addr_secondaries.sort.join(' ') %>" -<% end -%> -<% if @ipv6_defaultgw -%> -IPV6_DEFAULTGW="<%= @ipv6_defaultgw %>" -<% end -%> -<% if @dhcp_hostname -%> -DHCP_HOSTNAME="<%= @dhcp_hostname %>" -<% end -%> -<% if @srcaddr -%> -SRCADDR="<%= @srcaddr %>" -<% end -%> -<% if @dns1 -%> -DNS1="<%= @dns1 %>" -<% end -%> -<% if @dns2 -%> -DNS2="<%= @dns2 %>" -<% end -%> -<% if @dns3 -%> -DNS3="<%= @dns3 %>" -<% end -%> -<% if @domain -%> -DOMAIN="<%= @domain %>" -<% end -%> -<% if @nm_controlled -%> -NM_CONTROLLED="<%= @nm_controlled %>" -<% end -%> -<% if @master -%> -MASTER="<%= @master %>" -<% end -%> -<% if @slave -%> -SLAVE="<%= @slave %>" -<% end -%> -<% if @bonding_master -%> -BONDING_MASTER="<%= @bonding_master %>" -<% end -%> -<% if @bonding_opts -%> -BONDING_OPTS="<%= @bonding_opts %>" -<% else -%> -<% if @bond_mode or @bond_miimon -%> -BONDING_OPTS="<%- if @bond_mode -%>mode=<%= @bond_mode %><%- end -%><%- if @bond_miimon -%> miimon=<%= @bond_miimon %><%- end -%>" -<% end -%> -<% end -%> -<% if @team_config -%> -TEAM_CONFIG='<%= @team_config -%>' -<% end -%> -<% if @team_master -%> -TEAM_MASTER=<%= @team_master %> -<% end -%> -<% if @team_port_config -%> -TEAM_PORT_CONFIG='<%= @team_port_config %>' -<% end -%> -<% if @mtu -%> -MTU="<%= @mtu %>" -<% end -%> -<% if @vlan -%> -VLAN="<%= @vlan %>" -<% end -%> -<% if @vlan_id -%> -VLAN_ID="<%= @vlan_id %>" -<% end -%> -<% if @vid -%> -VID="<%= @vid %>" -<% end -%> -<% if @vlan_name_type -%> -VLAN_NAME_TYPE="<%= @vlan_name_type %>" -<% end -%> -<% if @physdev -%> -PHYSDEV="<%= @physdev %>" -<% end -%> -<% if @bridge -%> -BRIDGE="<%= @bridge %>" -<% end -%> -<% if @bridge_stp -%> -STP="<%= @bridge_stp %>" -<% end -%> -<% if @arpcheck -%> -ARPCHECK="<%= @arpcheck %>" -<% end -%> -<% if @arp -%> -ARP="<%= @arp %>" -<% end -%> -<% if @zone -%> -ZONE="<%= @zone %>" -<% end -%> -<% if @onparent-%> -ONPARENT="<%= @onparent %>" -<% end -%> -<% if @nozeroconf -%> -NOZEROCONF="<%= @nozeroconf %>" -<% end -%> -<% if @linkdelay -%> -LINKDELAY="<%= @linkdelay %>" -<% end -%> -<% if @hotplug -%> -HOTPLUG="<%= @hotplug %>" -<% end -%> -<% if @persistent_dhclient -%> -PERSISTENT_DHCLIENT="<%= @persistent_dhclient %>" -<% end -%> -<% if @devicetype -%> -DEVICETYPE="<%= @devicetype %>" -<% end -%> -<% if @ovs_bridge -%> -OVS_BRIDGE="<%= @ovs_bridge %>" -<% end -%> -<% if @bond_ifaces -%> -BOND_IFACES="<%= @bond_ifaces %>" -<% end -%> -<% if @ovs_extra -%> -OVS_EXTRA="<%= @ovs_extra %>" -<% end -%> -<% if @ovs_options -%> -OVS_OPTIONS="<%= @ovs_options %>" -<% end -%> -<% if @ovs_patch_peer -%> -OVS_PATCH_PEER="<%= @ovs_patch_peer %>" -<% end -%> -<% if @ovs_tunnel_type -%> -OVS_TUNNEL_TYPE="<%= @ovs_tunnel_type %>" -<% end -%> -<% if @ovs_tunnel_options -%> -OVS_TUNNEL_OPTIONS="<%= @ovs_tunnel_options %>" -<% end -%> -<% if @ovsdhcpinterfaces -%> -OVSDHCPINTERFACES="<%= @ovsdhcpinterfaces %>" -<% end -%> -<% if @ovsbootproto -%> -OVSBOOTPROTO="<%= @ovsbootproto %>" -<% end -%> -<% if @ovsrequires -%> -OVSREQUIRES="<%= @ovsrequires %>" -<% end -%> -<% if @nm_name -%> -NAME="<%= @nm_name %>" -<% end -%> -<% if @options_extra_redhat -%> -<% @options_extra_redhat.each do |k,v| -%> -<%= k %>="<%= v %>" -<% end -%> -<% end -%> -<% if @check_link_down == true -%> -check_link_down() { - return 1; -} -<% end -%> -<% if @connected_mode -%> -CONNECTED_MODE=yes -<% end -%> diff --git a/templates/interface/Suse.epp b/templates/interface/Suse.epp index a30c7e0..be6532f 100644 --- a/templates/interface/Suse.epp +++ b/templates/interface/Suse.epp @@ -1,5 +1,7 @@ # Interface <%= $interface %> managed by Puppet # <%= $description %> +<%= $header -%> <% $settings.each | $k,$v | { -%> <%= $k %>=<%= $v %> <% } -%> +<%= $footer -%> diff --git a/templates/interface/Suse.erb b/templates/interface/Suse.erb deleted file mode 100644 index 7674fbe..0000000 --- a/templates/interface/Suse.erb +++ /dev/null @@ -1,102 +0,0 @@ -# File Managed by Puppet -<% if @description and ! @description.empty? -%> -# <%= @description %> -<% end -%> -BOOTPROTO="<%= @manage_bootproto %>" -STARTMODE="<%= @manage_startmode %>" -USERCONTROL="<%= @usercontrol %>" -<% if @etherdevice -%> -ETHERDEVICE="<%= @etherdevice %>" -<% end -%> -<% if @ethtool_opts -%> -ETHTOOL_OPTIONS="<%= @ethtool_opts %>" -<% end -%> -<% if @manage_ipaddr and ! @manage_ipaddr.empty? -%> -IPADDR="<%= @manage_ipaddr %>" -<% end -%> -<% if @netmask -%> -NETMASK="<%= @netmask %>" -<% end -%> -<% if @network -%> -NETWORK="<%= @network %>" -<% end -%> -<% if @broadcast -%> -BROADCAST="<%= @broadcast %>" -<% end -%> -<% if @gateway -%> -GATEWAY="<%= @gateway %>" -<% end -%> -<% if @mtu -%> -MTU="<%= @mtu %>" -<% end -%> -<% if @vlan -%> -VLAN_ID="<%= @vlan %>" -<% end -%> -<% if @manage_hwaddr -%> -LLADDR="<%= @manage_hwaddr %>" -<% end -%> -<% if @bridge -%> -BRIDGE="<%= @bridge %>" -<% end -%> -<% if @bridge_fwddelay -%> -BRIDGE_FORWARDDELAY="<%= @bridge_fwddelay %>" -<% end -%> -<% if @bridge_ports.size > 0 then -%> -BRIDGE_PORTS="<%= @bridge_ports.join(' ') %>" -<% end -%> -<% if @bridge_stp -%> -BRIDGE_STP="<%= @bridge_stp %>" -<% end -%> -<% if @bond_master -%> -BONDING_MASTER="<%= @bond_master %>" -<% end -%> -<% if @bond_moduleopts -%> -BONDING_MODULE_OPTS="<%= @bond_moduleopts %>" -<% end -%> -<% if @bond_slaves -%> - <%- if @bond_slaves.is_a? Array -%> - <%- @bond_slaves.each_with_index do |slave,idx| -%> -BONDING_SLAVE<%= idx %>="<%= slave %>" - <%- end -%> - <%- else -%> -BONDING_SLAVE0="<%= @bond_slaves %>" - <%- end -%> -<% end -%> -<% if @aliases -%> - <%- if @aliases.is_a? Array -%> - <%- @aliases.each_with_index do |val,idx| -%> -IPADDR_<%= idx %>="<%= val %>" - <%- end -%> - <%- else -%> -IPADDR_0="<%= @aliases %>" - <%- end -%> -<% end -%> -<% if @firewall -%> -FIREWALL="<%= @firewall %>" -<% end -%> -<% if @remote_ipaddr -%> -REMOTE_IPADDR="<%= @remote_ipaddr %>" -<% end -%> -<% if @check_duplicate_ip -%> -CHECK_DUPLICATE_IP="<%= @check_duplicate_ip %>" -<% end -%> -<% if @send_gratuitous_arp -%> -SEND_GRATUITOUS_ARP="<%= @send_gratuitous_arp %>" -<% end -%> -<% if @pre_up_script -%> -PRE_UP_SCRIPT="<%= @pre_up_script %>" -<% end -%> -<% if @post_up_script -%> -POST_UP_SCRIPT="<%= @post_up_script %>" -<% end -%> -<% if @pre_down_script -%> -PRE_DOWN_SCRIPT="<%= @pre_down_script %>" -<% end -%> -<% if @post_down_script -%> -POST_DOWN_SCRIPT="<%= @post_down_script %>" -<% end -%> -<% if @options_extra_suse -%> -<% @options_extra_suse.each do |k,v| -%> -<%= k %>="<%= v %>" -<% end -%> -<% end -%> From 9af0325116d6b94520d5b568b739c99a35355869 Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Sat, 29 Jun 2019 10:02:32 +0200 Subject: [PATCH 15/21] Minors --- manifests/interface.pp | 28 +++++++++++++++------------- metadata.json | 5 ++--- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/manifests/interface.pp b/manifests/interface.pp index 262f9e9..10941b6 100644 --- a/manifests/interface.pp +++ b/manifests/interface.pp @@ -16,18 +16,20 @@ String $interface = $title, String $description = "Interface $title", - Optional[Stdlib::Compat::Ipv4] $ipv4_address = undef, - Optional[Stdlib::Compat::Ipv4] $ipv4_netmask = undef, - Optional[Stdlib::Compat::Ipv4] $ipv4_broadcast = undef, + Optional[Stdlib::IP::Address::V4] $ipv4_address = undef, + Optional[Stdlib::IP::Address::V4] $ipv4_netmask = undef, + Optional[Stdlib::IP::Address::V4] $ipv4_broadcast = undef, - Optional[Stdlib::Compat::Ipv6] $ipv6_address = undef, - Optional[Stdlib::Compat::Ipv6] $ipv6_netmask = undef, + Optional[Stdlib::IP::Address::V6] $ipv6_address = undef, + Optional[Stdlib::IP::Address::V6] $ipv6_netmask = undef, Hash $extra_settings = {}, Optional[String] $extra_header = undef, Optional[String] $extra_footer = undef, Boolean $use_default_settings = true, + Array $os_features = ['check_link_down','auto'], + Hash $options = {}, Boolean $restart_all_nic = true, Optional[String]$reload_command = undef, @@ -46,19 +48,19 @@ IPADDR => $ipv4_address, IPV6ADDR => $ipv6_address, } - $os_footer = lookupvar($options['check_link_down') ? { - true => @(EOF) + if 'check_link_down' in $os_features { + $os_footer = @("EOF") check_link_down() { return 1; } |- EOF - false => '' + } else { + $os_footer = '' } $os_header = '' } 'Debian': { - $os_settings = { - } + $os_settings = {} $os_header = "${stanza} ${interface} ${family} ${method}" $os_footer = '' } @@ -74,11 +76,11 @@ # $settings variable is used in templates if $use_default_settings { - $settings = $os_settings + $extra_settings + $settings = delete_undef_values($os_settings + $extra_settings) $header = $os_header + $extra_header $footer = $os_footer + $extra_footer } else { - $settings = $extra_settings + $settings = delete_undef_values($extra_settings) $header = $extra_header $footer = $extra_footer } @@ -181,7 +183,7 @@ } # Configuration if $::network::config_file_per_interface { - # Scenario with a file per interface + # Scenario with a file per interface if ! defined(File['/etc/network/interfaces.d']) { file { '/etc/network/interfaces.d': ensure => 'directory', diff --git a/metadata.json b/metadata.json index d4cc2cb..f71c229 100644 --- a/metadata.json +++ b/metadata.json @@ -1,7 +1,6 @@ { "name": "example42-network", "version": "4.0.1.alpha1", - "source": "https://github.com/example42/puppet-network", "author": "example42 Gmbh and others", "summary": "Example42 Network Module", "license": "Apache-2.0", @@ -107,7 +106,7 @@ "version_requirement": ">= 4.0.0 <7.0.0" } ], - "pdk-version": "1.10.0", - "template-url": "file:///opt/puppetlabs/pdk/share/cache/pdk-templates.git#1.10.0", + "pdk-version": "1.11.0", + "template-url": "https://github.com/puppetlabs/pdk-templates#1.10.0", "template-ref": "1.10.0-0-gbba9ac3" } From b7127e2166f2a2a9f5496fe24e5aead1f43a2871 Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Thu, 18 Jul 2019 20:53:03 +0000 Subject: [PATCH 16/21] More minors --- manifests/legacy/params.pp | 4 ++-- manifests/route.pp | 20 +++++++++----------- 2 files changed, 11 insertions(+), 13 deletions(-) diff --git a/manifests/legacy/params.pp b/manifests/legacy/params.pp index 40594ed..73a4d81 100644 --- a/manifests/legacy/params.pp +++ b/manifests/legacy/params.pp @@ -1,8 +1,8 @@ -# Class: network::params +# Class: network::legacy::params # # Defines all the variables used in the module. # -class network::params { +class network::legacy::params { $service_restart_exec = $::osfamily ? { 'Debian' => '/sbin/ifdown -a --force ; /sbin/ifup -a', diff --git a/manifests/route.pp b/manifests/route.pp index d613d6e..cf14133 100644 --- a/manifests/route.pp +++ b/manifests/route.pp @@ -56,17 +56,15 @@ # Deploys the file /etc/sysconfig/network/ifroute-$name. # define network::route ( - Optional[Hash] $routes = {}, - Optional[Hash] $ipv6_routes = {}, - String $interface = $title, - String $config_file_notify = 'class_default', - Enum['present','absent'] $ensure = 'present', - Enum['v4','v6'] $family = 'ipv4', - Optional[$route_up_template = undef, - $route_down_template = undef, + Optional[Hash] $routes = {}, + Optional[Hash] $ipv6_routes = {}, + String $interface = $title, + String $config_file_notify = 'class_default', + Enum['present','absent'] $ensure = 'present', + Enum['ipv4','ipv6'] $family = 'ipv4', + Optional[String] $route_up_template = undef, + Optional[String] $route_down_template = undef, ) { - # Validate our arrays - validate_hash($routes) include ::network @@ -117,7 +115,7 @@ group => 'root', path => "/etc/sysconfig/network-scripts/route6-${name}", content => template('network/route6-RedHat.erb'), - notify => $network::manage_config_file_notify, + notify => $real_config_file_notify, } } } From 48fc9e9f4c7dba5f596594900f666f235f71f8d2 Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Sun, 15 Sep 2019 20:56:54 +0200 Subject: [PATCH 17/21] Major fixes and docs --- .fixtures.yml | 2 +- README.md | 45 +++- data/Ubuntu14.04.yaml | 2 + data/Ubuntu14.10.yaml | 2 + data/Ubuntu16.04.yaml | 2 + data/Ubuntu16.10.yaml | 2 + data/Ubuntu17.04.yaml | 2 + data/Ubuntu17.10.yaml | 2 + data/Ubuntu18.04.yaml | 3 + data/osfamily/.gitkeep | 0 data/osfamily/Ubuntu18.04.yaml | 2 - examples/legacy.yaml | 19 ++ hiera.yaml | 16 ++ lib/puppet/functions/netmask2cidr.rb | 9 + manifests/init.pp | 157 +++++++++++- manifests/interface.pp | 360 ++++++++++++++++++++------- manifests/netplan.pp | 2 +- manifests/netplan/interface.pp | 29 ++- manifests/params.pp | 50 ---- manifests/route.pp | 2 +- templates/interface/Debian.epp | 14 +- templates/interface/RedHat.epp | 10 +- templates/interface/Suse.epp | 10 +- types/netplanaddresses.pp | 10 + 24 files changed, 569 insertions(+), 183 deletions(-) create mode 100644 data/Ubuntu14.04.yaml create mode 100644 data/Ubuntu14.10.yaml create mode 100644 data/Ubuntu16.04.yaml create mode 100644 data/Ubuntu16.10.yaml create mode 100644 data/Ubuntu17.04.yaml create mode 100644 data/Ubuntu17.10.yaml create mode 100644 data/Ubuntu18.04.yaml delete mode 100644 data/osfamily/.gitkeep delete mode 100644 data/osfamily/Ubuntu18.04.yaml create mode 100644 examples/legacy.yaml create mode 100644 hiera.yaml create mode 100644 lib/puppet/functions/netmask2cidr.rb delete mode 100644 manifests/params.pp create mode 100644 types/netplanaddresses.pp diff --git a/.fixtures.yml b/.fixtures.yml index c736f94..5329d1c 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -2,6 +2,6 @@ fixtures: repositories: stdlib: "git://github.com/puppetlabs/puppetlabs-stdlib.git" concat: "git://github.com/puppetlabs/puppetlabs-concat.git" - host: "git://github.com/puppetlabs/puppetlabs/puppetlabs-host_core.git" + host: "git://github.com/puppetlabs/puppetlabs-host_core.git" symlinks: network: "#{source_dir}" diff --git a/README.md b/README.md index ba4322e..9081d3e 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ Main class is used as entrypoint for general variables and wrapper for Hiera dri Classes: -- network::hostname - Manages hostname +- network::hostname - Manages the system hostname Defines: @@ -40,6 +40,8 @@ Defines: - network::route - Manages network routes - network::routing_table - Manages iproute2 routing tables - network::rule - Manages network rules +- network::netplan - Generic netplan.io configuration +- network::netplan::interface - Netplan.io interface configuration Legacy defines (inherited from version 3 of the module): @@ -53,6 +55,10 @@ Legacy defines (inherited from version 3 of the module): ### What puppet-network affects +The main network class does nothing with default values for parameters but can be included and used +as entrypoints to manage via Hiera hashes of the defines provided in the modules. + +Single defines manage the relevant network entity (interfaces, routes, rules, tables ...) ### Setup Requirements @@ -68,7 +74,7 @@ Include the main class to be able to manage via Hiera the network resources hand include network -This does nothing by default, but allows to configure network resources with Hiera data like: +This allows to configure network resources with Hiera data like: network::hostname: server.example.com network::interfaces_hash: @@ -89,12 +95,47 @@ This does nothing by default, but allows to configure network resources with Hie ## Reference +For full reference look at the defines documentation. + +For configuration examples via Hiera look at the examples directory. ## Backwards compatibility +If you are using the version 3 of this module and are configuring networking via Hiera data, you must set the relevant +legacy options so that hashes of interface, route, and other resources can be maintained ad the legacy defines used. +You have to set this for each network resource type. By default the new versions are used. +On hiera configure something like (Yaml format): + + network::interfaces_legacy: true + network::rules_legacy: true + network::tables_legacy: true + network::routes_legacy: true + +Given the quite critical nature of the resources manages we highly recommend to test carefully the effect of an upgrade of +this module on your current infrastructure and to keep the first runs on noop mode. + +Some configuration files might change as well, in minor details like new lines or spaces, even when using the legacy +options. To avoid automatic restart of network service on a configuration change set: + + network::config_file_notify: false ## Limitations +This module works currently supports only the major Linux distributions (RedHat and derivatives, Debian and derivatives, included Cumulus, SuSE +and derivatives, Solaris). + +The legacy defines are introduced for backwards compatibility only and are not supposed to be improved in the future. +The new, default, defines, are designed in a way to be more easily adaptable to custom needs (for example there's no need to add parameters +for any new or uncommon configuration entry). ## Development +To contribute to the module submit a Pull Request on GitHub. + +Please be sure to provide: + +- Code changes for syntax and lint +- Relevant documentation +- Relevant spec tests + + diff --git a/data/Ubuntu14.04.yaml b/data/Ubuntu14.04.yaml new file mode 100644 index 0000000..29ecd42 --- /dev/null +++ b/data/Ubuntu14.04.yaml @@ -0,0 +1,2 @@ +--- +network::service_restart_exec: 'service networking reload' diff --git a/data/Ubuntu14.10.yaml b/data/Ubuntu14.10.yaml new file mode 100644 index 0000000..29ecd42 --- /dev/null +++ b/data/Ubuntu14.10.yaml @@ -0,0 +1,2 @@ +--- +network::service_restart_exec: 'service networking reload' diff --git a/data/Ubuntu16.04.yaml b/data/Ubuntu16.04.yaml new file mode 100644 index 0000000..b2b21c0 --- /dev/null +++ b/data/Ubuntu16.04.yaml @@ -0,0 +1,2 @@ +--- +network::service_restart_exec: 'systemctl restart networking' diff --git a/data/Ubuntu16.10.yaml b/data/Ubuntu16.10.yaml new file mode 100644 index 0000000..b2b21c0 --- /dev/null +++ b/data/Ubuntu16.10.yaml @@ -0,0 +1,2 @@ +--- +network::service_restart_exec: 'systemctl restart networking' diff --git a/data/Ubuntu17.04.yaml b/data/Ubuntu17.04.yaml new file mode 100644 index 0000000..b2b21c0 --- /dev/null +++ b/data/Ubuntu17.04.yaml @@ -0,0 +1,2 @@ +--- +network::service_restart_exec: 'systemctl restart networking' diff --git a/data/Ubuntu17.10.yaml b/data/Ubuntu17.10.yaml new file mode 100644 index 0000000..b2b21c0 --- /dev/null +++ b/data/Ubuntu17.10.yaml @@ -0,0 +1,2 @@ +--- +network::service_restart_exec: 'systemctl restart networking' diff --git a/data/Ubuntu18.04.yaml b/data/Ubuntu18.04.yaml new file mode 100644 index 0000000..b67b83b --- /dev/null +++ b/data/Ubuntu18.04.yaml @@ -0,0 +1,3 @@ +--- +network::use_netplan: true +network::service_restart_exec: 'netplan apply' diff --git a/data/osfamily/.gitkeep b/data/osfamily/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/data/osfamily/Ubuntu18.04.yaml b/data/osfamily/Ubuntu18.04.yaml deleted file mode 100644 index cc64999..0000000 --- a/data/osfamily/Ubuntu18.04.yaml +++ /dev/null @@ -1,2 +0,0 @@ ---- -network::use_netplan: true \ No newline at end of file diff --git a/examples/legacy.yaml b/examples/legacy.yaml new file mode 100644 index 0000000..fcf21d6 --- /dev/null +++ b/examples/legacy.yaml @@ -0,0 +1,19 @@ +### +# Sample configurations using legacy defines +--- +network::routes_legacy: true +network::interfaces_legacy: true +network::rule_legacy: true +network::tables_legacy: true +network::routes_hash: + eth1: + routes: + '10.42.50.0/24': '10.42.43.1' + '10.42.100.0/24': '10.42.43.1' + '10.42.251.0/24': '10.42.43.1' +network::interfaces_hash: + 'eth0': + enable_dhcp: true + 'eth1': + ipaddress: '10.42.43.104' + netmask: '255.255.255.0' diff --git a/hiera.yaml b/hiera.yaml new file mode 100644 index 0000000..f1c3c46 --- /dev/null +++ b/hiera.yaml @@ -0,0 +1,16 @@ +--- +version: 5 + +defaults: + datadir: data + data_hash: yaml_data + +hierarchy: + - name: "In module hierarchy" + paths: + - "%{facts.os.name}%{facts.os.release.major}.yaml" + - "%{facts.os.name}.yaml" + - "%{facts.os.family}%{facts.os.release.major}.yaml" + - "%{facts.os.family}.yaml" + - "%{facts.kernel}.yaml" + - "common.yaml" diff --git a/lib/puppet/functions/netmask2cidr.rb b/lib/puppet/functions/netmask2cidr.rb new file mode 100644 index 0000000..43afed0 --- /dev/null +++ b/lib/puppet/functions/netmask2cidr.rb @@ -0,0 +1,9 @@ +require 'ipaddr' +Puppet::Functions.create_function(:netmask2cidr, Puppet::Functions::InternalFunction) do + dispatch :single do + param 'Stdlib::IP::Address', :netmask + end + def single(netmask) + result = IPAddr.new(netmask).to_i.to_s(2).count("1") + end +end diff --git a/manifests/init.pp b/manifests/init.pp index 967a779..89d9ca1 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,12 +1,114 @@ -# A description of what this class does +# This class manages networking on different Operating systems +# It provives entry points to define, via Hiera data, hashes of +# interfaces, routes, rules and tables. +# The version 4 of this module also introduces backward incompatible +# defines to manage such objects, but allows to use previous style +# syntax by setting to true the telegant legacy params. +# With default settings with class does not manage any resource. + +# @summary Data entrypoint for different network related defines +# +# @param hostname If set the network::hostname class is included and the +# system's hostname configured +# +# @param host_conf_template The .epp or .erb template to use as content +# of the /etc/host.conf file. If undef (as default) the file is not managed. +# @param host_conf_options A custom hash of options to use inside the +# host_conf_template to parametrise values to interpolate. +# In a .epp template refer to them with <%= $options['key'] %> +# In a .erb template refer to them with <%= @host_conf_options['key'] %> +# +# @param nsswitch_conf_template The .epp or .erb template to use as content +# of the /etc/nsswitch file. If undef (as default) the file is not managed. +# @param nsswitch_conf_options A custom hash of options to use inside the +# nsswitch_conf_template to parametrise values to interpolate. +# In a .epp template refer to them with <%= $options['key'] %> +# In a .erb template refer to them with <%= @nsswitch_conf_options['key'] %> +# +# @param interfaces_hash An hash of interfaces to configure. +# This is not actually a class parameter, but a key looked up using the +# merge behaviour configured via $interfaces_merge_behaviour. +# If $interfaces_legacy is false (default) the define network::interface +# is declared for each element of this hash. +# If $interfaces_legacy is true then the hash values are iterated over +# the define network::legacy::interface +# @param interfaces_legacy Allows usage backwards compatible hiera data by +# using the network::legacy::interface define which is a copy of the +# network::interface define on version 3 of this module +# @param interfaces_merge_behaviour Defines the lookup method to use to +# retrieve via hiera the $interfaces_hash +# @param interfaces_defaults An hash of default settings to merge with +# the settings of each element of the $interfaces_hash +# Useful to consolidate duplicated data in Hiera. # -# @summary A short summary of the purpose of this class +# @param routes_hash An hash of routes to configure. +# This is not actually a class parameter, but a key looked up using the +# merge behaviour configured via $routes_merge_behaviour. +# If $routes_legacy is false (default) the define network::route +# is declared for each element of this hash. +# If $routes_legacy is true then the hash values are iterated over +# the define network::legacy::route +# @param routes_legacy Allows usage backwards compatible hiera data by +# using the network::legacy::route define which is a copy of the +# network::route define on version 3 of this module +# @param routes_merge_behaviour Defines the lookup method to use to +# retrieve via hiera the $routes_hash +# @param routes_defaults An hash of default settings to merge with +# the settings of each element of the $routes_hash +# +# @param rules_hash An hash of rules to configure. +# This is not actually a class parameter, but a key looked up using the +# merge behaviour configured via $rules_merge_behaviour. +# If $rules_legacy is false (default) the define network::rule +# is declared for each element of this hash. +# If $rules_legacy is true then the hash values are iterated over +# the define network::legacy::rule +# @param rules_legacy Allows usage backwards compatible hiera data by +# using the network::legacy::rule define which is a copy of the +# network::rule define on version 3 of this module +# @param rules_merge_behaviour Defines the lookup method to use to +# retrieve via hiera the $rules_hash +# @param rules_defaults An hash of default settings to merge with +# the settings of each element of the $rules_hash +# +# @param tables_hash An hash of tables to configure. +# This is not actually a class parameter, but a key looked up using the +# merge behaviour configured via $tables_merge_behaviour. +# If $tables_legacy is false (default) the define network::table +# is declared for each element of this hash. +# If $tables_legacy is true then the hash values are iterated over +# the define network::legacy::table +# @param tables_legacy Allows usage backwards compatible hiera data by +# using the network::legacy::table define which is a copy of the +# network::table define on version 3 of this module +# @param tables_merge_behaviour Defines the lookup method to use to +# retrieve via hiera the $tables_hash +# @param tables_defaults An hash of default settings to merge with +# the settings of each element of the $tables_hash +# +# @param service_restart_exec The command to use to restart network +# service when configuration changes occurs. Used with the default +# setting for $config_file_notify +# @param config_file_notify The Resource to trigger when a configuration +# change occurs. Default is Exec[$service_restart_exec], set to undef +# or false or an empty string to not add any notify param on +# config files resources (so no network change is automatically applied) +# Note that if you configure a custom resource reference you must provide it +# in your own profiles. +# @param config_file_per_interface If to configure interfaces in a single file +# or having a single configuration file for each interface. +# Default is true whenever a single file per interface is supported. # -# @example -# include network class network ( Optional[String] $hostname = undef, + Optional[String] $host_conf_template = undef, + Hash $host_conf_options = {}, + + Optional[String] $nsswitch_conf_template = undef, + Hash $nsswitch_conf_options = {}, + + Boolean $use_netplan = false, # This "param" is looked up in code according to interfaces_merge_behaviour # Optional[Hash] $interfaces_hash = undef, Boolean $interfaces_legacy = false, @@ -31,28 +133,61 @@ Enum['first','hash','deep'] $tables_merge_behaviour = 'first', Hash $tables_defaults = {}, - String $service_restart_exec = 'service network restart', - Variant[Resource,String] $config_file_notify = 'class_default', - Boolean $config_file_per_interface = true, + String $service_restart_exec = 'service network restart', + Variant[Resource,String[0,0],Undef,Boolean] $config_file_notify = true, + Boolean $config_file_per_interface = true, ) { $manage_config_file_notify = $config_file_notify ? { - 'class_default' => "Exec[${service_restart_exec}]", - 'undef' => undef, + true => "Exec[${service_restart_exec}]", + false => undef, '' => undef, undef => undef, default => $config_file_notify, } + + # Exec to restart interfaces exec { $service_restart_exec : command => $service_restart_exec, alias => 'network_restart', refreshonly => true, - path => '/bin:/sbin:/usr/bin:/usr/sbin', - } + path => $::path, + } + if $hostname { contain '::network::hostname' } + # Manage /etc/host.conf if $host_conf_template is set + if $host_conf_template { + $host_conf_template_type=$host_conf_template[-4,4] + $host_conf_content = $host_conf_template_type ? { + '.epp' => epp($host_conf_template,{ options => $host_conf_options }), + '.erb' => template($host_conf_template), + default => template($host_conf_template), + } + file { '/etc/host.conf': + ensure => present, + content => $host_conf_content, + notify => $manage_config_file_notify, + } + } + + # Manage /etc/nsswitch.conf if $nsswitch_conf_template is set + if $nsswitch_conf_template { + $nsswitch_conf_template_type=$nsswitch_conf_template[-4,4] + $nsswitch_conf_content = $nsswitch_conf_template_type ? { + '.epp' => epp($nsswitch_conf_template,{ options => $nsswitch_conf_options}), + '.erb' => template($nsswitch_conf_template), + default => template($nsswitch_conf_template), + } + file { '/etc/nsswitch.conf': + ensure => present, + content => $nsswitch_conf_content, + notify => $manage_config_file_notify, + } + } + # Declare network interfaces based on network::interfaces_hash $interfaces_hash = lookup('network::interfaces_hash',Hash,$interfaces_merge_behaviour,{}) $interfaces_hash.each |$k,$v| { diff --git a/manifests/interface.pp b/manifests/interface.pp index 10941b6..1bd573a 100644 --- a/manifests/interface.pp +++ b/manifests/interface.pp @@ -1,53 +1,123 @@ -# A description of what this defined type does +# This define manages network interfaces on different operating systems. +# It provides some default configurations that can be overridden via relevant +# parameters. # -# @summary A short summary of the purpose of this defined type. +# @summary A define to manage network interfaces # -# @example -# network::interface { 'namevar': } +# @example Configure an interface to use DHCP +# network::interface { 'eth0': +# enable_dhcp => true, +# } +# +# @example Configure an interface with a given IP address +# network::interface { 'eth0': +# ipv4_address => 10.42.42.42, +# ipv4_netmask => 255.255.255.0, +# } +# +# @param ensure If to create or remove the relevant configuration file. +# @param template The epp or erb template to use for the interface configuration +# file. Default is automatically defined based on $::osfamily, +# @param config_path The path of the interface configuration file. +# Default is automatically defined based on the Operating System. +# @param enable_dhcp If to configure the interface to use dhcp. +# @param interface The name of the interface to use. Default value is the $title of +# the define. Can be set explicitly in case different title names have to +# used. +# @param description A free text description to use, where applicable, to describe +# the interface. It has no real effect on the interface configuration. +# @param ipv4_address The optional IPv4 address of the interface. +# @param ipv4_netmask The optional netmask of the IPv4 address. +# @param ipv4_network The optional IPv4 network address. +# @param ipv4_broadcast The optional IPv4 broadcast address. +# @param ipv6_address The optional IPv6 address of the interface. +# @param ipv6_netmask The optional netmask of the IPv6 address. +# @param ipv6_network The optional IPv6 network address. +# @param mtu The interface Maximum Transmission Unit (in bytes). +# @param mac The (optional) interface MAC address. +# @param redhat_extra_settings A free hash of custom settings to +# add to the interface configuration. Used only on redhat family nodes. +# @param redhat_extra_header A custom free text to add as header +# to the interface configuration file on RedHat family nodes. +# @param redhat_extra_footer A custom free text to add as footer +# to the interface configuration file on RedHat family nodes. +# @param debian_extra_settings Equivalent of redhat_extra_settings for Debian osfamily. +# @param debian_extra_header Equivalent of redhat_extra_header for Debian osfamily. +# @param debian_extra_footer Equivalent of redhat_extra_footer for Debian osfamily. +# @param suse_extra_settings Equivalent of redhat_extra_settings for Suse osfamily. +# @param suse_extra_header Equivalent of redhat_extra_header for Suse osfamily. +# @param suse_extra_footer Equivalent of redhat_extra_footer for Suse osfamily. +# @param solaris_extra_settings Equivalent of redhat_extra_settings for Solaris. +# @param solaris_extra_header Equivalent of redhat_extra_header for Solaris. +# @param solaris_extra_footer Equivalent of redhat_extra_footer for Solaris. +# @param use_default_settings If to use some default settings also based on $os_features +# to correctly configure interface files. They can be overridden via the +# osfamily extra_settings. +# @param os_features Some features which affect the default_settings. +# @param config_file_notify The Resource to trigger when a configuration +# change occurs. Default is what is se in $:::network::config_file_notify +# @param manage_prerequisites If to automatically manage prerequisite resources +# like packages when needed by the interface type +# @suppress_warnings If not avoid to display notify warnings for unsupported OS. define network::interface ( - Boolean $enable = true, - Enum['present','absent'] $ensure = 'present', + Enum['present','absent'] $ensure = 'present', + Boolean $enable = true, + Boolean $use_netplan = lookup('network::use_netplan',Boolean,first,false), - String $template = "network/interface/${::osfamily}.epp", - Optional[String] $config_path = undef, + String $template = "network/interface/${::osfamily}.epp", + Optional[String] $config_path = undef, - Boolean $enable_dhcp = false, - String $interface = $title, - String $description = "Interface $title", + String $interface = $title, + String $description = "Interface ${title}", + Boolean $ipv4_dhcp = false, Optional[Stdlib::IP::Address::V4] $ipv4_address = undef, Optional[Stdlib::IP::Address::V4] $ipv4_netmask = undef, + Optional[Stdlib::IP::Address::V4] $ipv4_network = undef, Optional[Stdlib::IP::Address::V4] $ipv4_broadcast = undef, + Optional[Stdlib::IP::Address::V4] $ipv4_gateway = undef, + Optional[Integer] $ipv4_mtu = undef, + + Boolean $ipv6_dhcp = false, + Optional[Stdlib::IP::Address::V6] $ipv6_address = undef, + Optional[Stdlib::IP::Address::V6] $ipv6_netmask = undef, + Optional[Stdlib::IP::Address::V6] $ipv6_network = undef, + Optional[Stdlib::IP::Address::V6] $ipv6_gateway = undef, + Optional[Integer] $ipv6_mtu = undef, + + Optional[Integer] $mac = undef, + Boolean $mac_override = false, + + Hash $redhat_extra_settings = {}, + Optional[String] $redhat_extra_header = undef, + Optional[String] $redhat_extra_footer = undef, - Optional[Stdlib::IP::Address::V6] $ipv6_address = undef, - Optional[Stdlib::IP::Address::V6] $ipv6_netmask = undef, + Hash $debian_extra_settings = {}, + Optional[String] $debian_extra_header = undef, + Optional[String] $debian_extra_footer = undef, - Hash $extra_settings = {}, - Optional[String] $extra_header = undef, - Optional[String] $extra_footer = undef, - Boolean $use_default_settings = true, + Hash $suse_extra_settings = {}, + Optional[String] $suse_extra_header = undef, + Optional[String] $suse_extra_footer = undef, - Array $os_features = ['check_link_down','auto'], + Hash $solaris_extra_settings = {}, + Optional[String] $solaris_extra_header = undef, + Optional[String] $solaris_extra_footer = undef, - Hash $options = {}, - Boolean $restart_all_nic = true, - Optional[String]$reload_command = undef, + Boolean $use_default_settings = true, - Boolean $manage_prerequisites = true, - Boolean $suppress_warnings = false, + Array $os_features = ['check_link_down','auto'], + + Variant[Undef,Resource,String] $config_file_notify = 'class_default', + Boolean $config_file_per_interface = true, + + Boolean $manage_prerequisites = true, + Boolean $suppress_warnings = false, ) { - ### Define variables - # Build configuration settings hash - case fact('os.osfamily') { + case fact('os.family') { 'RedHat': { - $os_settings = { - DEVICE => $interface, - NM_CONTROLLED => 'no', - IPADDR => $ipv4_address, - IPV6ADDR => $ipv6_address, - } if 'check_link_down' in $os_features { $os_footer = @("EOF") check_link_down() { @@ -58,17 +128,95 @@ $os_footer = '' } $os_header = '' + $os_settings = { + 'ONBOOT' => $enable ? { + true => 'yes', + false => 'yes', + }, + 'BOOTPROTO' => $ipv4_dhcp ? { + true => 'dhcp', + false => 'none', + }, + 'DEVICE' => $interface, + 'IPADDR' => $ipv4_address, + 'NETWORK' => $ipv4_network, + 'NETMASK' => $ipv4_netmask, + 'BROADCAST' => $ipv4_broadcast, + 'GATEWAY' => $ipv4_gateway, + 'MTU' => $ipv4_mtu, + 'HWADDR' => $mac_override ? { + true => undef, + default => $mac, + }, + 'MACADDR' => $mac_override ? { + true => $mac, + default => undef, + }, + 'DHCPV6C' => $ipv6_dhcp ? { + true => 'yes', + false => undef, + }, + 'IPV6ADDR' => $ipv6_address, + 'IPV6MTU' => $ipv6_mtu, + 'IPV6INIT' => $ipv6_dhcp ? { + true => 'yes', + false => $ipv6_address ? { + undef => undef, + default => 'yes', + }, + }, + } + $extra_settings = $redhat_extra_settings + $extra_header = $redhat_extra_header + $extra_footer = $redhat_extra_footer } 'Debian': { - $os_settings = {} - $os_header = "${stanza} ${interface} ${family} ${method}" + $debian_method = $ipv4_dhcp ? { + true => 'dhcp', + false => 'static', + } + $os_header = "iface ${interface} inet ${debian_method}\n" $os_footer = '' + $os_settings = { + address => $ipv4_address, + netmask => $ipv4_netmask, + } + $extra_settings = $debian_extra_settings + $extra_header = $debian_extra_header + $extra_footer = $debian_extra_footer } 'SuSE': { + $os_header = '' + $os_footer = '' $os_settings = { + 'STARTMODE' => $enable ? { + true => 'auto', + false => 'off', + }, + 'BOOTPROTO' => $ipv4_dhcp ? { + true => 'dhcp', + false => 'static', + }, + 'DEVICE' => $interface, + 'IPADDR' => $ipv4_address, + 'NETWORK' => $ipv4_network, + 'NETMASK' => $ipv4_netmask, + 'BROADCAST' => $ipv4_broadcast, + 'GATEWAY' => $ipv4_gateway, + 'MTU' => $ipv4_mtu, + 'LLADDR' => $mac, } + $extra_settings = $suse_extra_settings + $extra_header = $suse_extra_header + $extra_footer = $suse_extra_footer + } + 'Solaris': { $os_header = '' $os_footer = '' + $os_settings = {} + $extra_settings = $solaris_extra_settings + $extra_header = $solaris_extra_header + $extra_footer = $solaris_extra_footer } default: {} } @@ -77,18 +225,27 @@ # $settings variable is used in templates if $use_default_settings { $settings = delete_undef_values($os_settings + $extra_settings) - $header = $os_header + $extra_header - $footer = $os_footer + $extra_footer + $header = "${os_header}${extra_header}" + $footer = "${os_footer}${extra_footer}" } else { $settings = delete_undef_values($extra_settings) $header = $extra_header $footer = $extra_footer } + + $params = { + settings => $settings, + header => $header, + footer => $footer, + interface => $interface, + description => $description, + } + # Content used in interface configuration file $template_type=$template[-4,4] case $template_type { '.epp': { - $content = epp($template,$settings,$header,$footer) + $content = epp($template, { params => $params } ) } '.erb': { $content = template($template) @@ -116,10 +273,14 @@ 'Solaris': { $config_file_path = pick($config_path,"/etc/hostname.${title}") } + default: {} } # Define how to restart network service - $network_notify = pick($reload_command, $::network::manage_config_file_notify) + $real_config_file_notify = $config_file_notify ? { + 'class_default' => $::network::manage_config_file_notify, + default => $config_file_notify, + } ### Manage configurations @@ -134,7 +295,7 @@ mode => '0644', owner => 'root', group => 'root', - notify => $network_notify, + notify => $real_config_file_notify, } } @@ -142,12 +303,14 @@ 'SLES', 'OpenSuSE': { # Prerequisites if $manage_prerequisites - and has_key($settings,'VLAN_ID') - and !defined(Package['vlan']) { - package { 'vlan': - ensure => 'present', + and is_hash($extra_params) { + if has_key($extra_params,'VLAN_ID') + and !defined(Package['vlan']) { + package { 'vlan': + ensure => 'present', + } + Package['vlan'] -> File[$config_file_path] } - Package['vlan'] -> File[$config_file_path] } if $manage_prerequisites and has_key($settings,'BRIDGE') @@ -164,7 +327,7 @@ mode => '0600', owner => 'root', group => 'root', - notify => $network_notify, + notify => $real_config_file_notify, } } @@ -182,50 +345,71 @@ } } # Configuration - if $::network::config_file_per_interface { - # Scenario with a file per interface - if ! defined(File['/etc/network/interfaces.d']) { - file { '/etc/network/interfaces.d': - ensure => 'directory', - mode => '0755', - owner => 'root', - group => 'root', + if $use_netplan { + if $ipv4_address { + if $ipv4_netmask { + # TODO Handle ipv6 and multiple addresses + $ipv4_cidr = netmask2cidr($ipv4_netmask) + $addressv4 = [ "${ipv4_address}/${ipv4_cidr}" ] + } else { + fail('A ipv4_netmask must be set if ipv4_address is present') } + } else { + $addressv4 = undef } - file { $config_file_path: - ensure => $ensure, - content => $content, - notify => $network_notify, - } - if ! defined(File_line['config_file_per_interface']) { - file_line { 'config_file_per_interface': - ensure => $ensure, - path => '/etc/network/interfaces', - line => 'source /etc/network/interfaces.d/*.cfg', - notify => $network_notify, - } + network::netplan::interface { $interface: + dhcp4 => $ipv4_dhcp, + dhcp6 => $ipv6_dhcp, + addresses => $addressv4, + gateway4 => $ipv4_gateway, + gateway6 => $ipv6_gateway, } } else { - # Scenario with everything configured in /etc/network/interfaces - if ! defined(Concat['/etc/network/interfaces']) { - concat { '/etc/network/interfaces': - mode => '0644', - owner => 'root', - group => 'root', - notify => $network_notify, + if $::network::config_file_per_interface { + # Scenario with a file per interface + if ! defined(File['/etc/network/interfaces.d']) { + file { '/etc/network/interfaces.d': + ensure => 'directory', + mode => '0755', + owner => 'root', + group => 'root', + } + } + file { $config_file_path: + ensure => $ensure, + content => $content, + notify => $real_config_file_notify, + } + if ! defined(File_line['config_file_per_interface']) { + file_line { 'config_file_per_interface': + ensure => $ensure, + path => '/etc/network/interfaces', + line => 'source /etc/network/interfaces.d/*.cfg', + notify => $real_config_file_notify, + } + } + } else { + # Scenario with everything configured in /etc/network/interfaces + if ! defined(Concat['/etc/network/interfaces']) { + concat { '/etc/network/interfaces': + mode => '0644', + owner => 'root', + group => 'root', + notify => $real_config_file_notify, + } + } + concat::fragment { "interface-${title}": + target => '/etc/network/interfaces', + content => $content, + # order => pick($options['order'], 50), } - } - concat::fragment { "interface-${title}": - target => '/etc/network/interfaces', - content => $content, - order => pick($options['order'], 50), - } - if ! defined(Network::Interface['lo']) { - network::interface { 'lo': - address => '127.0.0.1', - method => 'loopback', - options => { 'order' => '05' }, + if ! defined(Network::Interface['lo']) { + network::interface { 'lo': + address => '127.0.0.1', + method => 'loopback', + options => { 'order' => '05' }, + } } } } @@ -238,7 +422,7 @@ file { $config_file_path: ensure => $ensure, content => $content, - notify => $network_notify, + notify => $real_config_file_notify, } if ! defined(File_line['config_file_per_interface']) { file_line { 'config_file_per_interface': @@ -246,7 +430,7 @@ path => '/etc/network/ifupdown2/ifupdown2.conf', line => 'addon_scripts_support=1', match => 'addon_scripts_suppor*', - notify => $network_notify, + notify => $real_config_file_notify, } } } @@ -300,8 +484,8 @@ } if ! defined(Service['svc:/network/physical:default']) { service { 'svc:/network/physical:default': - ensure => running, - enable => true, + ensure => running, + enable => true, } } Service['svc:/network/physical:default'] ~> File[$config_file_path] @@ -311,7 +495,7 @@ # Other OS not supported default: { if ! $suppress_warnings { - alert("${::operatingsystem} not supported. Nothing done here. Set $suppress_warnings to true to disable this message") + alert("${::operatingsystem} not supported. Nothing done here. Set \$suppress_warnings to true to disable this message") } } } diff --git a/manifests/netplan.pp b/manifests/netplan.pp index 9bdeb02..947eb1f 100644 --- a/manifests/netplan.pp +++ b/manifests/netplan.pp @@ -3,7 +3,7 @@ # Define to manage a netplan configuration file # define network::netplan ( - String $config_file_name = "50-${title}-yaml", + String $config_file_name = "50-${title}.yaml", Enum['present','absent'] $ensure = 'present', String $renderer = 'networkd', Numeric $version = 2, diff --git a/manifests/netplan/interface.pp b/manifests/netplan/interface.pp index 5cf4464..ad79de5 100644 --- a/manifests/netplan/interface.pp +++ b/manifests/netplan/interface.pp @@ -6,11 +6,12 @@ Enum['present','absent'] $ensure = 'present', String $interface_name = $title, - String $config_file_name = "50-${title}-yaml", + String $config_file_name = "50-${title}.yaml", String $interface_type = 'ethernet', Hash $interface_options = {}, Stdlib::Absolutepath $config_dir_path = '/etc/netplan', + Optional[String]$reload_command = undef, String $renderer = 'networkd', Numeric $version = 2, @@ -18,8 +19,8 @@ Boolean $dhcp4 = false, Boolean $dhcp6 = false, - Optional[Stdlib::MAC] $macaddress = undef, - Variant[Undef,Array] $addresses = undef, + Optional[Stdlib::MAC] $macaddress = getvar("networking.interfaces.${interface_name}.mac"), + Variant[Undef,Network::NetplanAddresses] $addresses = undef, Variant[Undef,Array] $routes = undef, Optional[Stdlib::IP::Address::V4] $gateway4 = undef, Optional[Stdlib::IP::Address::V6] $gateway6 = undef, @@ -31,25 +32,32 @@ ) { + # Define how to restart network service + $network_notify = pick_default($reload_command, $::network::manage_config_file_notify) + $match_values = $macaddress ? { - undef => undef, + undef => {}, default => { - match => { + match => { macaddress => $macaddress, } } } + if $nameservers_addresses or $nameservers_search { + $nameservers_values = { + addresses => $nameservers_addresses, + search => $nameservers_search, + } + } else { + $nameservers_values = {} + } $default_values = { dhcp4 => $dhcp4, dhcp6 => $dhcp6, addresses => $addresses, gateway4 => $gateway4, gateway6 => $gateway6, - nameservers => { - addresses => $nameservers_addresses, - search => $nameservers_search, - }, routes => $routes, } @@ -57,7 +65,7 @@ 'network' => { 'version' => $version, "${interface_type}s" => { - $interface_name => delete_undef_values($default_values + $match_values + $interface_options), + $interface_name => delete_undef_values($default_values + $match_values + $nameservers_values + $interface_options), } } } @@ -70,6 +78,7 @@ ensure => $ensure, content => $real_file_content, source => $file_source, + notify => $network_notify, } } diff --git a/manifests/params.pp b/manifests/params.pp deleted file mode 100644 index 40594ed..0000000 --- a/manifests/params.pp +++ /dev/null @@ -1,50 +0,0 @@ -# Class: network::params -# -# Defines all the variables used in the module. -# -class network::params { - - $service_restart_exec = $::osfamily ? { - 'Debian' => '/sbin/ifdown -a --force ; /sbin/ifup -a', - 'Solaris' => '/usr/sbin/svcadm restart svc:/network/physical:default', - default => 'service network restart', - } - - $config_file_path = $::osfamily ? { - 'Debian' => '/etc/network/interfaces', - 'RedHat' => '/etc/sysconfig/network-scripts/ifcfg-eth0', - 'Suse' => '/etc/sysconfig/network/ifcfg-eth0', - default => undef, - } - - $config_file_mode = $::osfamily ? { - default => '0644', - } - - $config_file_owner = $::osfamily ? { - default => 'root', - } - - $config_file_group = $::osfamily ? { - default => 'root', - } - - $config_dir_path = $::osfamily ? { - 'Debian' => '/etc/network', - 'Redhat' => '/etc/sysconfig/network-scripts', - 'Suse' => '/etc/sysconfig/network', - default => undef, - } - - $package_name = $::operatingsystem ? { - 'Ubuntu' => 'ifupdown', - default => undef, - } - - case $::osfamily { - 'Debian','RedHat','Amazon','Suse', 'Solaris': { } - default: { - fail("${::operatingsystem} not supported.") - } - } -} diff --git a/manifests/route.pp b/manifests/route.pp index cf14133..6a2ad84 100644 --- a/manifests/route.pp +++ b/manifests/route.pp @@ -59,7 +59,7 @@ Optional[Hash] $routes = {}, Optional[Hash] $ipv6_routes = {}, String $interface = $title, - String $config_file_notify = 'class_default', + Variant[Undef,Resource,String] $config_file_notify = 'class_default', Enum['present','absent'] $ensure = 'present', Enum['ipv4','ipv6'] $family = 'ipv4', Optional[String] $route_up_template = undef, diff --git a/templates/interface/Debian.epp b/templates/interface/Debian.epp index a4eae0c..e474731 100644 --- a/templates/interface/Debian.epp +++ b/templates/interface/Debian.epp @@ -1,7 +1,7 @@ -# Interface <%= $interface %> managed by Puppet -# <%= $description %> -<%= $header -%> -<% $settings.each | $k,$v | { -%> - <%= $k %> <%= $v %> -<% end -%> -<%= $footer -%> +# Interface <%= $params['interface'] %> managed by Puppet +# <%= $params['description'] %> +<%= $params['header'] -%> +<% $params['settings'].each | $k,$v | { -%> + <%= $k %> <%= $v %> +<% } -%> +<%= $params['footer'] -%> diff --git a/templates/interface/RedHat.epp b/templates/interface/RedHat.epp index be6532f..15d0d14 100644 --- a/templates/interface/RedHat.epp +++ b/templates/interface/RedHat.epp @@ -1,7 +1,7 @@ -# Interface <%= $interface %> managed by Puppet -# <%= $description %> -<%= $header -%> -<% $settings.each | $k,$v | { -%> +# Interface <%= $params['interface'] %> managed by Puppet +# <%= $params['description'] %> +<%= $params['header'] -%> +<% $params['settings'].each | $k,$v | { -%> <%= $k %>=<%= $v %> <% } -%> -<%= $footer -%> +<%= $params['footer'] -%> diff --git a/templates/interface/Suse.epp b/templates/interface/Suse.epp index be6532f..15d0d14 100644 --- a/templates/interface/Suse.epp +++ b/templates/interface/Suse.epp @@ -1,7 +1,7 @@ -# Interface <%= $interface %> managed by Puppet -# <%= $description %> -<%= $header -%> -<% $settings.each | $k,$v | { -%> +# Interface <%= $params['interface'] %> managed by Puppet +# <%= $params['description'] %> +<%= $params['header'] -%> +<% $params['settings'].each | $k,$v | { -%> <%= $k %>=<%= $v %> <% } -%> -<%= $footer -%> +<%= $params['footer'] -%> diff --git a/types/netplanaddresses.pp b/types/netplanaddresses.pp new file mode 100644 index 0000000..28218a1 --- /dev/null +++ b/types/netplanaddresses.pp @@ -0,0 +1,10 @@ +type Network::Netplanaddresses = Array[ + Variant[ + Stdlib::IP::Address::V4::CIDR, + Variant[ + Stdlib::IP::Address::V6::Full, + Stdlib::IP::Address::V6::Compressed, + Stdlib::IP::Address::V6::Alternative, + ] + ] +] From 7531a91116525d84120c5f5788c35c6889329fde Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Wed, 2 Oct 2019 17:19:58 +0200 Subject: [PATCH 18/21] Updated Netplan interface --- data/Debian9.yaml | 2 ++ manifests/netplan/interface.pp | 54 +++++++++++++++------------------- types/netplanaddresses.pp | 2 +- types/netplandhcp.pp | 4 +++ 4 files changed, 31 insertions(+), 31 deletions(-) create mode 100644 data/Debian9.yaml create mode 100644 types/netplandhcp.pp diff --git a/data/Debian9.yaml b/data/Debian9.yaml new file mode 100644 index 0000000..35de2d0 --- /dev/null +++ b/data/Debian9.yaml @@ -0,0 +1,2 @@ +--- +network::service_restart_exec: 'systemctl restart network' diff --git a/manifests/netplan/interface.pp b/manifests/netplan/interface.pp index ad79de5..8424325 100644 --- a/manifests/netplan/interface.pp +++ b/manifests/netplan/interface.pp @@ -3,29 +3,29 @@ # Define to manage an interface via netplan # define network::netplan::interface ( - Enum['present','absent'] $ensure = 'present', + Enum['present','absent'] $ensure = 'present', - String $interface_name = $title, - String $config_file_name = "50-${title}.yaml", - String $interface_type = 'ethernet', - Hash $interface_options = {}, + String $interface_name = $title, + String $config_file_name = "50-${title}.yaml", + String $interface_type = 'ethernet', + Hash $interface_options = {}, - Stdlib::Absolutepath $config_dir_path = '/etc/netplan', - Optional[String]$reload_command = undef, + Stdlib::Absolutepath $config_dir_path = '/etc/netplan', + Optional[String]$reload_command = 'netplan apply', - String $renderer = 'networkd', - Numeric $version = 2, + String $renderer = 'networkd', + Numeric $version = 2, - Boolean $dhcp4 = false, - Boolean $dhcp6 = false, + Network::NetplanDhcp $dhcp4 = false, + Network::NetplanDhcp $dhcp6 = false, Optional[Stdlib::MAC] $macaddress = getvar("networking.interfaces.${interface_name}.mac"), Variant[Undef,Network::NetplanAddresses] $addresses = undef, Variant[Undef,Array] $routes = undef, - Optional[Stdlib::IP::Address::V4] $gateway4 = undef, - Optional[Stdlib::IP::Address::V6] $gateway6 = undef, - Optional[Array] $nameservers_addresses = undef, - Optional[Array] $nameservers_search = undef, + Optional[Stdlib::Compat::Ipv4] $gateway4 = undef, + Optional[Stdlib::Compat::Ipv6] $gateway6 = undef, + Optional[Hash] $nameservers = undef, + Optional[Hash] $parameters = undef, Optional[String] $file_content = undef, Optional[String] $file_source = undef, @@ -44,28 +44,22 @@ } } - if $nameservers_addresses or $nameservers_search { - $nameservers_values = { - addresses => $nameservers_addresses, - search => $nameservers_search, - } - } else { - $nameservers_values = {} - } $default_values = { - dhcp4 => $dhcp4, - dhcp6 => $dhcp6, - addresses => $addresses, - gateway4 => $gateway4, - gateway6 => $gateway6, - routes => $routes, + dhcp4 => $dhcp4, + dhcp6 => $dhcp6, + addresses => $addresses, + gateway4 => $gateway4, + gateway6 => $gateway6, + routes => $routes, + nameservers => $nameservers, + parameters => $parameters, } $netplan_data = { 'network' => { 'version' => $version, "${interface_type}s" => { - $interface_name => delete_undef_values($default_values + $match_values + $nameservers_values + $interface_options), + $interface_name => delete_undef_values($default_values + $match_values + $interface_options), } } } diff --git a/types/netplanaddresses.pp b/types/netplanaddresses.pp index 28218a1..ad4d4a3 100644 --- a/types/netplanaddresses.pp +++ b/types/netplanaddresses.pp @@ -1,4 +1,4 @@ -type Network::Netplanaddresses = Array[ +type Network::NetplanAddresses = Array[ Variant[ Stdlib::IP::Address::V4::CIDR, Variant[ diff --git a/types/netplandhcp.pp b/types/netplandhcp.pp new file mode 100644 index 0000000..9b1616f --- /dev/null +++ b/types/netplandhcp.pp @@ -0,0 +1,4 @@ +type Network::NetplanDhcp = Variant[ + Boolean, + Enum['yes','no','true','false'] +] From 88c0fdb35a8bb78f44db3a23ba06ece19a9ed0bd Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Wed, 2 Oct 2019 17:30:20 +0200 Subject: [PATCH 19/21] Better handling of exec_notify on Netplan interface --- manifests/netplan/interface.pp | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/manifests/netplan/interface.pp b/manifests/netplan/interface.pp index 8424325..68b13b2 100644 --- a/manifests/netplan/interface.pp +++ b/manifests/netplan/interface.pp @@ -33,7 +33,19 @@ ) { # Define how to restart network service - $network_notify = pick_default($reload_command, $::network::manage_config_file_notify) + if $reload_command { + $network_notify = 'Exec[network::netplan::interface reload]' + if !defined(Exec['network::netplan::interface reload']) { + exec { 'network::netplan::interface reload': + command => $reload_command, + refreshonly => true, + path => $::path + } + } + pick_default($reload_command, $::network::manage_config_file_notify) + } else { + $network_notify = pick_default($::network::manage_config_file_notify) + } $match_values = $macaddress ? { undef => {}, From 78c2fa8c3be4e546b15b96e4d5558b17ff62cee6 Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Wed, 16 Oct 2019 22:27:10 +0200 Subject: [PATCH 20/21] Added data entrypoints both for legacy and new network defines --- manifests/init.pp | 148 +++++++++++++++++++++++++--------- manifests/legacy/interface.pp | 4 +- 2 files changed, 113 insertions(+), 39 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 89d9ca1..a10a0f1 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -25,9 +25,13 @@ # In a .epp template refer to them with <%= $options['key'] %> # In a .erb template refer to them with <%= @nsswitch_conf_options['key'] %> # -# @param interfaces_hash An hash of interfaces to configure. +# @param interfaces_hash An hash of interfaces to configure using the old +# v3 compatible define network::legacy::interface. +# The lookup method is based on the $hiera_merge parameter. +# This is a deprecated parameter used for version 3 backwards compatibility. +# @param interfaces An hash of interfaces to configure. # This is not actually a class parameter, but a key looked up using the -# merge behaviour configured via $interfaces_merge_behaviour. +# merge behaviour configured via the $interfaces_merge_behaviour parameter. # If $interfaces_legacy is false (default) the define network::interface # is declared for each element of this hash. # If $interfaces_legacy is true then the hash values are iterated over @@ -41,7 +45,11 @@ # the settings of each element of the $interfaces_hash # Useful to consolidate duplicated data in Hiera. # -# @param routes_hash An hash of routes to configure. +# @param routes_hash An hash of routes to configure using the old +# v3 compatible define network::legacy::route. +# The lookup method is based on the $hiera_merge parameter. +# This is a deprecated parameter used for version 3 backwards compatibility. +# @param routes An hash of routes to configure. # This is not actually a class parameter, but a key looked up using the # merge behaviour configured via $routes_merge_behaviour. # If $routes_legacy is false (default) the define network::route @@ -55,8 +63,12 @@ # retrieve via hiera the $routes_hash # @param routes_defaults An hash of default settings to merge with # the settings of each element of the $routes_hash -# -# @param rules_hash An hash of rules to configure. +# +# @param rules_hash An hash of rules to configure using the old +# v3 compatible define network::legacy::rule. +# The lookup method is based on the $hiera_merge parameter. +# This is a deprecated parameter used for version 3 backwards compatibility. +# @param rules An hash of rules to configure. # This is not actually a class parameter, but a key looked up using the # merge behaviour configured via $rules_merge_behaviour. # If $rules_legacy is false (default) the define network::rule @@ -70,8 +82,12 @@ # retrieve via hiera the $rules_hash # @param rules_defaults An hash of default settings to merge with # the settings of each element of the $rules_hash -# -# @param tables_hash An hash of tables to configure. +# +# @param tables_hash An hash of tables to configure using the old +# v3 compatible define network::legacy::table. +# The lookup method is based on the $hiera_merge parameter. +# This is a deprecated parameter used for version 3 backwards compatibility. +# @param tables An hash of tables to configure. # This is not actually a class parameter, but a key looked up using the # merge behaviour configured via $tables_merge_behaviour. # If $tables_legacy is false (default) the define network::table @@ -85,7 +101,7 @@ # retrieve via hiera the $tables_hash # @param tables_defaults An hash of default settings to merge with # the settings of each element of the $tables_hash -# +# # @param service_restart_exec The command to use to restart network # service when configuration changes occurs. Used with the default # setting for $config_file_notify @@ -98,7 +114,9 @@ # @param config_file_per_interface If to configure interfaces in a single file # or having a single configuration file for each interface. # Default is true whenever a single file per interface is supported. -# +# @param hiera_merge If to use hash merge lookup for legacy s_hash +# parameters. +# This is a deprecated parameter used for version 3 backwards compatibility. class network ( Optional[String] $hostname = undef, @@ -110,40 +128,54 @@ Boolean $use_netplan = false, # This "param" is looked up in code according to interfaces_merge_behaviour - # Optional[Hash] $interfaces_hash = undef, + # Optional[Hash] $interfaces = undef, Boolean $interfaces_legacy = false, Enum['first','hash','deep'] $interfaces_merge_behaviour = 'first', Hash $interfaces_defaults = {}, # This "param" is looked up in code according to routes_merge_behaviour - # Optional[Hash] $routes_hash = undef, + # Optional[Hash] $routes = undef, Boolean $routes_legacy = false, Enum['first','hash','deep'] $routes_merge_behaviour = 'first', Hash $routes_defaults = {}, # This "param" is looked up in code according to rules_merge_behaviour - # Optional[Hash] $rules_hash = undef, + # Optional[Hash] $rules = undef, Boolean $rules_legacy = false, Enum['first','hash','deep'] $rules_merge_behaviour = 'first', Hash $rules_defaults = {}, # This "param" is looked up in code according to tables_merge_behaviour - # Optional[Hash] $tables_hash = undef, - Boolean $tables_legacy = false, - Enum['first','hash','deep'] $tables_merge_behaviour = 'first', - Hash $tables_defaults = {}, + # Optional[Hash] $tables = undef, + Boolean $tables_legacy = false, + Enum['first','hash','deep'] $tables_merge_behaviour = 'first', + Hash $tables_defaults = {}, - String $service_restart_exec = 'service network restart', + # Legacy Params + Hash $interfaces_hash = {}, + Hash $routes_hash = {}, + Hash $rules_hash = {}, + Hash $tables_hash = {}, + String $service_restart_exec = 'service network restart', Variant[Resource,String[0,0],Undef,Boolean] $config_file_notify = true, - Boolean $config_file_per_interface = true, + Variant[Resource,String[0,0],Undef,Boolean] $config_file_require = undef, + Boolean $config_file_per_interface = true, + Boolean $hiera_merge = false, ) { $manage_config_file_notify = $config_file_notify ? { - true => "Exec[${service_restart_exec}]", - false => undef, - '' => undef, - undef => undef, - default => $config_file_notify, + true => "Exec[${service_restart_exec}]", + false => undef, + '' => undef, + undef => undef, + default => $config_file_notify, + } + $manage_config_file_require = $config_file_require ? { + true => undef, + false => undef, + '' => undef, + undef => undef, + default => $config_file_require, } # Exec to restart interfaces @@ -167,7 +199,7 @@ default => template($host_conf_template), } file { '/etc/host.conf': - ensure => present, + ensure => present, content => $host_conf_content, notify => $manage_config_file_notify, } @@ -182,15 +214,15 @@ default => template($nsswitch_conf_template), } file { '/etc/nsswitch.conf': - ensure => present, + ensure => present, content => $nsswitch_conf_content, notify => $manage_config_file_notify, } } - # Declare network interfaces based on network::interfaces_hash - $interfaces_hash = lookup('network::interfaces_hash',Hash,$interfaces_merge_behaviour,{}) - $interfaces_hash.each |$k,$v| { + # Declare network interfaces based on network::interfaces + $interfaces = lookup('network::interfaces',Hash,$interfaces_merge_behaviour,{}) + $interfaces.each |$k,$v| { if $interfaces_legacy { network::legacy::interface { $k: * => $interfaces_defaults + $v, @@ -201,10 +233,20 @@ } } } + # Declare network::legacy::interface based on legacy network::interfaces_hash + $legacy_interfaces_hash = $hiera_merge ? { + true => lookup('network::interfaces_hash',Hash,'hash',{}), + false => $interfaces_hash, + } + $legacy_interfaces_hash.each |$k,$v| { + network::legacy::interface { $k: + * => $interfaces_defaults + $v, + } + } - # Declare network routes based on network::routes_hash - $routes_hash = lookup('network::routes_hash',Hash,$routes_merge_behaviour,{}) - $routes_hash.each |$k,$v| { + # Declare network routes based on network::routes + $routes = lookup('network::routes',Hash,$routes_merge_behaviour,{}) + $routes.each |$k,$v| { if $routes_legacy { network::legacy::route { $k: * => $routes_defaults + $v, @@ -215,10 +257,21 @@ } } } + # Declare network::legacy::route based on legacy network::routes_hash + $legacy_routes_hash = $hiera_merge ? { + true => lookup('network::routes_hash',Hash,'hash',{}), + false => $routes_hash, + } + $legacy_routes_hash.each |$k,$v| { + network::legacy::route { $k: + * => $routes_defaults + $v, + } + } + - # Declare network rules based on network::rules_hash - $rules_hash = lookup('network::rules_hash',Hash,$rules_merge_behaviour,{}) - $rules_hash.each |$k,$v| { + # Declare network rules based on network::rules + $rules = lookup('network::rules',Hash,$rules_merge_behaviour,{}) + $rules.each |$k,$v| { if $rules_legacy { network::legacy::rule { $k: * => $rules_defaults + $v, @@ -229,10 +282,21 @@ } } } + # Declare network::legacy::rule based on legacy network::rules_hash + $legacy_rules_hash = $hiera_merge ? { + true => lookup('network::rules_hash',Hash,'hash',{}), + false => $rules_hash, + } + $legacy_rules_hash.each |$k,$v| { + network::legacy::rule { $k: + * => $rules_defaults + $v, + } + } - # Declare network tables based on network::tables_hash - $tables_hash = lookup('network::tables_hash',Hash,$tables_merge_behaviour,{}) - $tables_hash.each |$k,$v| { + + # Declare network tables based on network::tables + $tables = lookup('network::tables',Hash,$tables_merge_behaviour,{}) + $tables.each |$k,$v| { if $tables_legacy { network::legacy::routing_table { $k: * => $tables_defaults + $v, @@ -243,5 +307,15 @@ } } } + # Declare network::legacy::table based on legacy network::tables_hash + $legacy_tables_hash = $hiera_merge ? { + true => lookup('network::tables_hash',Hash,'hash',{}), + false => $tables_hash, + } + $legacy_tables_hash.each |$k,$v| { + network::legacy::table { $k: + * => $tables_defaults + $v, + } + } } diff --git a/manifests/legacy/interface.pp b/manifests/legacy/interface.pp index d822e05..d089a79 100644 --- a/manifests/legacy/interface.pp +++ b/manifests/legacy/interface.pp @@ -728,8 +728,8 @@ } - if ! defined(Network::Interface['lo']) { - network::interface { 'lo': + if ! defined(Network::Legacy::Interface['lo']) { + network::legacy::interface { 'lo': address => '127.0.0.1', method => 'loopback', manage_order => '05', From bb66ce2b964d49c0bc085da4b3015caa41c4efde Mon Sep 17 00:00:00 2001 From: Alessandro Franceschi Date: Fri, 18 Dec 2020 23:34:40 +0100 Subject: [PATCH 21/21] Removed redundant _legacy params, more on README --- README.md | 49 ++++++++++++++++++++-------- examples/legacy.yaml | 4 --- manifests/init.pp | 76 +++++++------------------------------------- 3 files changed, 48 insertions(+), 81 deletions(-) diff --git a/README.md b/README.md index 9081d3e..1b13e88 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,7 @@ Example 42 Puppet module to manage networking on Linux and Solaris. 3. [Usage - Configuration options and additional functionality](#usage) 4. [Reference - An under-the-hood peek at what the module is doing and how](#reference) 5. [Backwards compatibility](#backwards-compatibility) +6. [## Upgrade from version 3 and migration](#upgrade-from-version-3-and-migration) 6. [Limitations - OS compatibility, etc.](#limitations) 7. [Development - Guide for contributing to the module](#development) @@ -32,6 +33,7 @@ Main class is used as entrypoint for general variables and wrapper for Hiera dri Classes: +- network - Allows Hiera driven configuration of the various defines - network::hostname - Manages the system hostname Defines: @@ -53,6 +55,7 @@ Legacy defines (inherited from version 3 of the module): ## Setup + ### What puppet-network affects The main network class does nothing with default values for parameters but can be included and used @@ -99,29 +102,49 @@ For full reference look at the defines documentation. For configuration examples via Hiera look at the examples directory. -## Backwards compatibility +## Upgrade from version 3 and migration + +When upgrading from version 3 to version 4 of this module you have 2 options: + +- Keep on using the old defines with relevant data +- Migrate to the new defines + +### Keep on using old defines + +The Version 3 defines for network resources have been renamed to legacy but they entrypoint have been preserved, so, if you managed your network cnfigurations via the network::*_hash Hiera keys you should not have any change in behaviour. -If you are using the version 3 of this module and are configuring networking via Hiera data, you must set the relevant -legacy options so that hashes of interface, route, and other resources can be maintained ad the legacy defines used. -You have to set this for each network resource type. By default the new versions are used. -On hiera configure something like (Yaml format): +| Version 3 defines | Version 4 equivalent | Hiera entrypoint | +| network::interface | network::legacy::interface | network::interfaces_hash | +| network::route | network::legacy::route | network::routes_hash | +| network::mroute | network::legacy::mroute | network::mroutes_hash | +| network::rule | network::legacy::rule | network::rules_hash | +| network::routing_table | network::legacy::routing_table | network::tables_hash | - network::interfaces_legacy: true - network::rules_legacy: true - network::tables_legacy: true - network::routes_legacy: true +If you use in you profile, classes or wrapper defines directly the above version 3 defines, then you need to rename them using the legacy names. -Given the quite critical nature of the resources manages we highly recommend to test carefully the effect of an upgrade of +Given the quite critical nature of the resources managed we highly recommend to test carefully the effect of an upgrade of this module on your current infrastructure and to keep the first runs on noop mode. -Some configuration files might change as well, in minor details like new lines or spaces, even when using the legacy -options. To avoid automatic restart of network service on a configuration change set: +Some configuration files might change as well, in minor details like new lines or spaces, even when using the legacy defines. To avoid automatic restart of network service on a configuration change set: network::config_file_notify: false +### Miggrate to the new defines + +The new, version 4 defines have replaced the names of the old ones and can be configured via hiera using new entrypoints in the netwrok class: + +| Version 4 defines | Hiera entrypoint | +| network::interface | network::interfaces | +| network::route | network::routes | +| network::mroute | network::mroutes | +| network::rule | network::rules | +| network::routing_table | network::tables | + +The parameters of these defines have changes and, in many cases, also their internals. + ## Limitations -This module works currently supports only the major Linux distributions (RedHat and derivatives, Debian and derivatives, included Cumulus, SuSE +This module currently supports only the major Linux distributions (RedHat and derivatives, Debian and derivatives, included Cumulus, SuSE and derivatives, Solaris). The legacy defines are introduced for backwards compatibility only and are not supposed to be improved in the future. diff --git a/examples/legacy.yaml b/examples/legacy.yaml index fcf21d6..bcfcbf5 100644 --- a/examples/legacy.yaml +++ b/examples/legacy.yaml @@ -1,10 +1,6 @@ ### # Sample configurations using legacy defines --- -network::routes_legacy: true -network::interfaces_legacy: true -network::rule_legacy: true -network::tables_legacy: true network::routes_hash: eth1: routes: diff --git a/manifests/init.pp b/manifests/init.pp index a10a0f1..db1fb18 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -32,13 +32,7 @@ # @param interfaces An hash of interfaces to configure. # This is not actually a class parameter, but a key looked up using the # merge behaviour configured via the $interfaces_merge_behaviour parameter. -# If $interfaces_legacy is false (default) the define network::interface -# is declared for each element of this hash. -# If $interfaces_legacy is true then the hash values are iterated over -# the define network::legacy::interface -# @param interfaces_legacy Allows usage backwards compatible hiera data by -# using the network::legacy::interface define which is a copy of the -# network::interface define on version 3 of this module +# The define network::interface is declared for each element of this hash. # @param interfaces_merge_behaviour Defines the lookup method to use to # retrieve via hiera the $interfaces_hash # @param interfaces_defaults An hash of default settings to merge with @@ -52,13 +46,7 @@ # @param routes An hash of routes to configure. # This is not actually a class parameter, but a key looked up using the # merge behaviour configured via $routes_merge_behaviour. -# If $routes_legacy is false (default) the define network::route -# is declared for each element of this hash. -# If $routes_legacy is true then the hash values are iterated over -# the define network::legacy::route -# @param routes_legacy Allows usage backwards compatible hiera data by -# using the network::legacy::route define which is a copy of the -# network::route define on version 3 of this module +# The define network::route is declared for each element of this hash. # @param routes_merge_behaviour Defines the lookup method to use to # retrieve via hiera the $routes_hash # @param routes_defaults An hash of default settings to merge with @@ -71,13 +59,7 @@ # @param rules An hash of rules to configure. # This is not actually a class parameter, but a key looked up using the # merge behaviour configured via $rules_merge_behaviour. -# If $rules_legacy is false (default) the define network::rule -# is declared for each element of this hash. -# If $rules_legacy is true then the hash values are iterated over -# the define network::legacy::rule -# @param rules_legacy Allows usage backwards compatible hiera data by -# using the network::legacy::rule define which is a copy of the -# network::rule define on version 3 of this module +# The define network::rule is declared for each element of this hash. # @param rules_merge_behaviour Defines the lookup method to use to # retrieve via hiera the $rules_hash # @param rules_defaults An hash of default settings to merge with @@ -90,13 +72,7 @@ # @param tables An hash of tables to configure. # This is not actually a class parameter, but a key looked up using the # merge behaviour configured via $tables_merge_behaviour. -# If $tables_legacy is false (default) the define network::table -# is declared for each element of this hash. -# If $tables_legacy is true then the hash values are iterated over -# the define network::legacy::table -# @param tables_legacy Allows usage backwards compatible hiera data by -# using the network::legacy::table define which is a copy of the -# network::table define on version 3 of this module +# The define network::table is declared for each element of this hash. # @param tables_merge_behaviour Defines the lookup method to use to # retrieve via hiera the $tables_hash # @param tables_defaults An hash of default settings to merge with @@ -129,25 +105,21 @@ Boolean $use_netplan = false, # This "param" is looked up in code according to interfaces_merge_behaviour # Optional[Hash] $interfaces = undef, - Boolean $interfaces_legacy = false, Enum['first','hash','deep'] $interfaces_merge_behaviour = 'first', Hash $interfaces_defaults = {}, # This "param" is looked up in code according to routes_merge_behaviour # Optional[Hash] $routes = undef, - Boolean $routes_legacy = false, Enum['first','hash','deep'] $routes_merge_behaviour = 'first', Hash $routes_defaults = {}, # This "param" is looked up in code according to rules_merge_behaviour # Optional[Hash] $rules = undef, - Boolean $rules_legacy = false, Enum['first','hash','deep'] $rules_merge_behaviour = 'first', Hash $rules_defaults = {}, # This "param" is looked up in code according to tables_merge_behaviour # Optional[Hash] $tables = undef, - Boolean $tables_legacy = false, Enum['first','hash','deep'] $tables_merge_behaviour = 'first', Hash $tables_defaults = {}, @@ -223,14 +195,8 @@ # Declare network interfaces based on network::interfaces $interfaces = lookup('network::interfaces',Hash,$interfaces_merge_behaviour,{}) $interfaces.each |$k,$v| { - if $interfaces_legacy { - network::legacy::interface { $k: - * => $interfaces_defaults + $v, - } - } else { - network::interface { $k: - * => $interfaces_defaults + $v, - } + network::interface { $k: + * => $interfaces_defaults + $v, } } # Declare network::legacy::interface based on legacy network::interfaces_hash @@ -247,14 +213,8 @@ # Declare network routes based on network::routes $routes = lookup('network::routes',Hash,$routes_merge_behaviour,{}) $routes.each |$k,$v| { - if $routes_legacy { - network::legacy::route { $k: - * => $routes_defaults + $v, - } - } else { - network::route { $k: - * => $routes_defaults + $v, - } + network::route { $k: + * => $routes_defaults + $v, } } # Declare network::legacy::route based on legacy network::routes_hash @@ -272,14 +232,8 @@ # Declare network rules based on network::rules $rules = lookup('network::rules',Hash,$rules_merge_behaviour,{}) $rules.each |$k,$v| { - if $rules_legacy { - network::legacy::rule { $k: - * => $rules_defaults + $v, - } - } else { - network::rule { $k: - * => $rules_defaults + $v, - } + network::rule { $k: + * => $rules_defaults + $v, } } # Declare network::legacy::rule based on legacy network::rules_hash @@ -297,14 +251,8 @@ # Declare network tables based on network::tables $tables = lookup('network::tables',Hash,$tables_merge_behaviour,{}) $tables.each |$k,$v| { - if $tables_legacy { - network::legacy::routing_table { $k: - * => $tables_defaults + $v, - } - } else { - network::table { $k: - * => $tables_defaults + $v, - } + network::table { $k: + * => $tables_defaults + $v, } } # Declare network::legacy::table based on legacy network::tables_hash