ansible-role-networking-setup

An Ansible role to define static IPs, set hostnames and setup iptables on debian-based systems.

Table of Contents

• Side notes
• Role Variables
  • Networking Interface Profiles
  • iptable definitions
  • Sample Roles
    • Network interfaces and Static IPs
    • Hostname
• Dependencies
  • Requirements
• License
• Author Information

Side notes

This package provides 3 "subtask" functionalities. Each functionality can be addressed by adding it to the subtasks-list (e.g. subtasks: [ 'interfaces' ]). The functionality values are as follows:

• 'interfaces' - sets the network interface definitions based on given interface profiles, hence e.g. static IPs, dns-server, routing etc.
• 'hostname' - sets the hostname, and statically cross-references all other hosts from the networking_group_name via the /etc/hosts-file
• 'netfilter' - sets iptables definitions

The role performs a reboot of the hosts after all (sub)tasks of the role have been performed successfully. This helps in updating the network environment of the host. To avoid or bypass this reboot behavior, set the perform_reboot flag to false.

Role Variables

defaults/main.yml

Networking Interface Profiles

This is a list of interface profile definitions, which will be translated into the requirements of the default renderer for network configuration of each operating system, such as:

• dhcpcd
• NetworkManager
• Netplan

This is the structure of the profile definitions:

# profiles
networking_interface_profiles:
  - type: iface
    interface: lo
    address_family: inet      # or inet6 or ipx
    address_method: loopback  # or dhcp
    auto: lo                  # optional; manpage interfaces(5)
  - type: iface
    interface: eth0
    address_family: inet      # or inet6 or ipx
    address_method: static    # or dhcp
    auto: eth0
    allow_hotplug: eth0
    cidr_notation: 192.168.1.150/24 # static ip as CIDR
    address: 192.168.1.150          # static ip
    netmask: 255.255.255.0  # results into CIDR suffix /24
    gateway: 192.168.1.1
    network: 192.168.1.0
    broadcast: 192.168.1.255
    dns_nameservers: # are there any local DNS Name Servers?
      - 192.168.1.100
      - 192.168.1.1
      - 8.8.8.8

iptable definitions

networking_iptables_definitions:
  - chain: FORWARD
    ctstate: RELATED,ESTABLISHED
    in_interface: wlan0
    jump: ACCEPT
    out_interface: eth0
    state: present
    table: filter
  - chain: FORWARD
    in_interface: eth0
    jump: ACCEPT
    out_interface: wlan0
    state: present
    table: filter
  - chain: POSTROUTING
    jump: MASQUERADE
    out_interface: wlan0
    source: 192.168.1.0/24
    state: present
    table: nat

Sample Roles

Assuming you have the variable networking_interface_profiles defined.

Network interfaces and Static IPs

Setup static IPs as follows:

Attention: This Subtasks ends with a Reboot!

  roles:
    - role: mvrahden.networking-setup
      subtasks: [ 'interfaces' ]
      networking_interface_profiles: "{{ my_awesome_interface_profiles }}"

Hostname

Setup hostnames as follows:

  roles:
    - role: mvrahden.networking-setup
      subtasks: [ 'hostname' ]
      networking_group_name: my_clustered_hosts # inventory name
      networking_group_domain: example.com
      networking_device_interfaces: "{{ my_awesome_interface_profiles }}"

Dependencies

None

Requirements

Packages installed on your system:

• Ansible

License

MIT

Author Information

• Menno van Rahden