linux-system-roles/networking, bare metal machines and vm's

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

So, a while back now we decided to move to using
linux-system-roles/networking to setup networking for instances in
ansible.

For bare metal machines this has been working mostly fine.
We install the machine, gather the mac addresses of it's various
interfaces and add them to ansible. Since the mac addresses don't
change, this works fine. This has been a nice help because this sets up
all the bridges we use and avoids us trying to manually configure them.
If you need to change ip's or the like, you can change in ansible, run
the playbook and it will change them on the machine fine (then you can
change them in dns).

For vm's things have been shakier. We initially started trying to use
this for all vm's too, but ran into a problem: virt-install, which we
use to install vm's, creates a new random mac every install. This meant
if you were adding it to ansible git you would have to install, have the
playbook fail, gather mac address and commit it and re-run. This is not
good workflow. I was pondering on this the other day, then realized that
we already have the mac in ansible facts. ;)

So, for vm's the new process is to never commit the actual mac address
to ansible git, instead just pass it in network_connections like:

  - name: eth0
    mac: "{{ ansible_default_ipv4.macaddress }}"

Then ansible does all the lifting for us and everything just works the
first time. :) If you want to change a ip on a vm, you can just change
it in ansible, run the playbook and it will change it (and then you
change dns).

So, summary:
* for baremetal machines, specify the mac addresses in ansible git.
* for vm's, just pass the existing mac address from ansible facts.

Does this make sense to everyone?

kevin

Attachment: signature.asc
Description: PGP signature

_______________________________________________
infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux