Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
shixiong
/
okd
1
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Koks: e6c159afb4
Atzari Tagi
okd
/
roles
/
contiv
/
tasks
/
default_network.yml

default_network.yml 3.9 KB
Vēsture Neapstrādāts

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 
  1. ---
    2. 

  2. - name: Contiv | Wait for netmaster
    3. 

  3.   command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" tenant ls'
    4. 

  4.   register: tenant_result
    5. 

  5.   until: tenant_result.stdout.find("default") != -1
    6. 

  6.   retries: 9
    7. 

  7.   delay: 10
    8. 

  8. 

  9. - name: Contiv | Set globals
    10. 

  10.   command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" global set --fabric-mode {{ contiv_fabric_mode }} --vlan-range {{ contiv_vlan_range }} --fwd-mode {{ netplugin_fwd_mode }} --private-subnet {{ contiv_private_ext_subnet }}'
    11. 

  11.   run_once: true
    12. 

  12. 

  13. - name: Contiv | Set arp mode to flood if ACI
    14. 

  14.   command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" global set --arp-mode flood'
    15. 

  15.   when: contiv_fabric_mode == "aci"
    16. 

  16.   run_once: true
    17. 

  17. 

  18. - name: Contiv | Check if default-net exists
    19. 

  19.   command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" net ls'
    20. 

  20.   register: net_result
    21. 

  21.   run_once: true
    22. 

  22. 

  23. - name: Contiv | Create default-net
    24. 

  24.   command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" net create --subnet={{ contiv_default_subnet }} -e {{ contiv_encap_mode }} -p {{ contiv_default_network_tag }} --gateway {{ contiv_default_gw }} default-net'
    25. 

  25.   when: net_result.stdout.find("default-net") == -1
    26. 

  26.   run_once: true
    27. 

  27. 

  28. - name: Contiv | Create host access infra network for VxLan routing case
    29. 

  29.   command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" net create --subnet={{ contiv_h1_subnet_default }} --gateway={{ contiv_h1_gw_default }} --nw-type="infra" contivh1'
    30. 

  30.   when: (contiv_encap_mode == "vxlan") and (netplugin_fwd_mode == "routing")
    31. 

  31.   run_once: true
    32. 

  32. 

  33. #- name: Contiv | Create an allow-all policy for the default-group
    34. 

  34. #  command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" policy create ose-allow-all-policy'
    35. 

  35. #  when: contiv_fabric_mode == "aci"
    36. 

  36. #  run_once: true
    37. 

  37. 

  38. - name: Contiv | Set up aci external contract to consume default external contract
    39. 

  39.   command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" external-contracts create -c -a {{ apic_default_external_contract }} oseExtToConsume'
    40. 

  40.   when: (contiv_fabric_mode == "aci") and (apic_configure_default_policy == true)
    41. 

  41.   run_once: true
    42. 

  42. 

  43. - name: Contiv | Set up aci external contract to provide default external contract
    44. 

  44.   command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" external-contracts create -p -a {{ apic_default_external_contract }} oseExtToProvide'
    45. 

  45.   when: (contiv_fabric_mode == "aci") and (apic_configure_default_policy == true)
    46. 

  46.   run_once: true
    47. 

  47. 

  48. - name: Contiv | Create aci default-group
    49. 

  49.   command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" group create default-net default-group'
    50. 

  50.   when: contiv_fabric_mode == "aci"
    51. 

  51.   run_once: true
    52. 

  52. 

  53. - name: Contiv | Add external contracts to the default-group
    54. 

  54.   command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" group create -e oseExtToConsume -e oseExtToProvide default-net default-group'
    55. 

  55.   when: (contiv_fabric_mode == "aci") and (apic_configure_default_policy == true)
    56. 

  56.   run_once: true
    57. 

  57. 

  58. #- name: Contiv | Add policy rule 1 for allow-all policy
    59. 

  59. #  command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" policy rule-add -d in --action allow ose-allow-all-policy 1'
    60. 

  60. #  when: contiv_fabric_mode == "aci"
    61. 

  61. #  run_once: true
    62. 

  62. 

  63. #- name: Contiv | Add policy rule 2 for allow-all policy
    64. 

  64. #  command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" policy rule-add -d out --action allow ose-allow-all-policy 2'
    65. 

  65. #  when: contiv_fabric_mode == "aci"
    66. 

  66. #  run_once: true
    67. 

  67. 

  68. - name: Contiv | Create default aci app profile
    69. 

  69.   command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" app-profile create -g default-group {{ apic_default_app_profile }}'
    70. 

  70.   when: contiv_fabric_mode == "aci"
    71. 

  71.   run_once: true
    72.