network/salt/server1-network.sls

{%- import_yaml "netmasks.yaml" as netmasks -%}
{% set bond_slaves = ['enp3s0f0', 'enp3s0f1', 'enp4s0f0', 'enp4s0f1'] %}

/etc/modules-load.d/server1.conf:
  file.managed:
    - source: salt://modules.conf
    - mode: 644

/etc/network/if-up.d/bond-slaves:
  file.managed:
    - source: salt://bond-slaves
    - mode: 755

bond0:
  network.managed:
    - name: bond0
      proto: manual
      type: bond
      mode: 802.3ad
      slaves: {{ ' '.join(bond_slaves) }}
      miimon: 100
      updelay: 1000
      downdelay: 1000
      lacp_rate: 1
      xmit_hash_policy: layer3+4
      require:
        - file: /etc/network/if-up.d/bond-slaves

{% for name, vlan in pillar['vlans'].items() %}
bond0.{{ vlan }}:
  network.managed:
    - type: vlan
      proto: manual
      use:
        - network: bond0
      require:
        - network: bond0
{% endfor %}

{%- set bridge_nets = ['mgmt', 'core', 'serv', 'pub', 'c3d2'] %}
{%- for net in bridge_nets %}
{%- set vlan = pillar['vlans'][net] %}
br-{{ net }}:
  network.managed:
    - type: bridge
      ports: bond0.{{ vlan }}
      delay: 0
{%- set ip_addr = pillar['hosts-inet'].get(net) and pillar['hosts-inet'][net].get('server1') %}
{%- if ip_addr %}
{%- set prefix_len = pillar['subnets-inet'][net].split('/')[1] %}
      proto: static
      address: {{ ip_addr }}
      netmask: {{ netmasks[prefix_len] }}
{%- if net == 'core' %}
      gateway: {{ pillar['hosts-inet']['core']['upstream1'] }}
      dns-nameservers: "{{ pillar['hosts-inet']['core']['upstream1'] }} {{ pillar['hosts-inet']['core']['upstream2'] }}"
{%- endif %}
{%- else %}
      proto: manual
      ipv6_autoconf: no
      enable_ipv6: false
{%- endif %}
      use:
        - network: bond0.{{ vlan }}
      require:
        - network: bond0.{{ vlan}}
{%- endfor %}
current state 2016-11-08 22:36:08 +01:00			`{%- import_yaml "netmasks.yaml" as netmasks -%}`
server1-network: fix bond0 slave ifaces 2018-09-13 23:46:16 +02:00			`{% set bond_slaves = ['enp3s0f0', 'enp3s0f1', 'enp4s0f0', 'enp4s0f1'] %}`
add the salt playground :) 2016-11-03 00:26:30 +01:00
server1-network: load-modules 2016-12-01 18:07:39 +01:00			`/etc/modules-load.d/server1.conf:`
			`file.managed:`
			`- source: salt://modules.conf`
			`- mode: 644`

add if-up.d/bond-slaves for reboot safety 2016-11-16 22:47:26 +01:00			`/etc/network/if-up.d/bond-slaves:`
			`file.managed:`
			`- source: salt://bond-slaves`
server1-network: load-modules 2016-12-01 18:07:39 +01:00			`- mode: 755`
add if-up.d/bond-slaves for reboot safety 2016-11-16 22:47:26 +01:00
add the salt playground :) 2016-11-03 00:26:30 +01:00			`bond0:`
			`network.managed:`
			`- name: bond0`
			`proto: manual`
			`type: bond`
			`mode: 802.3ad`
			`slaves: {{ ' '.join(bond_slaves) }}`
			`miimon: 100`
server1-network: bond+br tuning 2016-11-22 17:35:20 +01:00			`updelay: 1000`
			`downdelay: 1000`
server1-network: fix lacp separate slave configuration led to slaves being added before bond mode was set which must not happen. 2016-11-28 17:12:11 +01:00			`lacp_rate: 1`
server1-network: bond+br tuning 2016-11-22 17:35:20 +01:00			`xmit_hash_policy: layer3+4`
add if-up.d/bond-slaves for reboot safety 2016-11-16 22:47:26 +01:00			`require:`
			`- file: /etc/network/if-up.d/bond-slaves`
add the salt playground :) 2016-11-03 00:26:30 +01:00
current state 2016-11-08 22:36:08 +01:00			`{% for name, vlan in pillar['vlans'].items() %}`
add the salt playground :) 2016-11-03 00:26:30 +01:00			`bond0.{{ vlan }}:`
			`network.managed:`
			`- type: vlan`
current state 2016-11-08 22:36:08 +01:00			`proto: manual`
add the salt playground :) 2016-11-03 00:26:30 +01:00			`use:`
			`- network: bond0`
			`require:`
			`- network: bond0`
			`{% endfor %}`

vlan c3d2 + 2 containers 2016-12-12 22:34:31 +01:00			`{%- set bridge_nets = ['mgmt', 'core', 'serv', 'pub', 'c3d2'] %}`
server1-network: remove unneeded up/priv bridges 2016-12-11 03:11:20 +01:00			`{%- for net in bridge_nets %}`
this is what salty progress looks like 2016-11-06 02:49:56 +01:00			`{%- set vlan = pillar['vlans'][net] %}`
			`br-{{ net }}:`
add the salt playground :) 2016-11-03 00:26:30 +01:00			`network.managed:`
			`- type: bridge`
this is what salty progress looks like 2016-11-06 02:49:56 +01:00			`ports: bond0.{{ vlan }}`
server1-network: bond+br tuning 2016-11-22 17:35:20 +01:00			`delay: 0`
rewire lxc-containers to 100% bridging 2016-11-23 01:11:32 +01:00			`{%- set ip_addr = pillar['hosts-inet'].get(net) and pillar['hosts-inet'][net].get('server1') %}`
this is what salty progress looks like 2016-11-06 02:49:56 +01:00			`{%- if ip_addr %}`
			`{%- set prefix_len = pillar['subnets-inet'][net].split('/')[1] %}`
			`proto: static`
current state 2016-11-08 22:36:08 +01:00			`address: {{ ip_addr }}`
			`netmask: {{ netmasks[prefix_len] }}`
hot-fixes 2016-11-14 21:49:38 +01:00			`{%- if net == 'core' %}`
			`gateway: {{ pillar['hosts-inet']['core']['upstream1'] }}`
server1-network: fix dns-nameservers 2016-11-29 02:27:37 +01:00			`dns-nameservers: "{{ pillar['hosts-inet']['core']['upstream1'] }} {{ pillar['hosts-inet']['core']['upstream2'] }}"`
hot-fixes 2016-11-14 21:49:38 +01:00			`{%- endif %}`
current state 2016-11-08 22:36:08 +01:00			`{%- else %}`
			`proto: manual`
rewire lxc-containers to 100% bridging 2016-11-23 01:11:32 +01:00			`ipv6_autoconf: no`
			`enable_ipv6: false`
this is what salty progress looks like 2016-11-06 02:49:56 +01:00			`{%- endif %}`
add the salt playground :) 2016-11-03 00:26:30 +01:00			`use:`
this is what salty progress looks like 2016-11-06 02:49:56 +01:00			`- network: bond0.{{ vlan }}`
add the salt playground :) 2016-11-03 00:26:30 +01:00			`require:`
this is what salty progress looks like 2016-11-06 02:49:56 +01:00			`- network: bond0.{{ vlan}}`
			`{%- endfor %}`