Static networking in Ansible the quick and dirty way

I’m in the process of setting up a server at home to replace an old one. I’m maintaining the new one via Ansible to try and get keep as tidy as possible. Part of the setup involves setting up a bridge interface so that I can run kvm virtual machines on the box.

In order to make the box a little more stable I decided to make the ethernet settings static rather than via DHCP. Unfortunately ansible doesn’t really have a nice standard way of setting up network ports (there are a few modules around but none in the main distribution).  After looking around I decided just to make a simple ansible role to handle the files.

The machine is running centos7. The networking initially looked like:

/etc/sysconfig/network-scripts/ifcfg-enp2s0
::::::::::::::
HWADDR=9C:B6:54:07:E8:49
TYPE=Ethernet
BOOTPROTO=dhcp
NAME=enp2s0
ONBOOT=yes
#

I decided the easiest way was to just manually create and copy the files. So I created a static_networking role.

roles/static_networking/handlers/main.yml
roles/static_networking/files/grey/ifcfg-enp2s0
roles/static_networking/files/grey/ifcfg-bridge0
roles/static_networking/tasks/main.yml
roles/static_networking/tasks/setup-redhat.yml

Inside the tasks the main.yml just loads up the setup-redhat.yml which is:

---
- name: copy files if they are listed in var
  copy: src={{ ansible_hostname }}/ifcfg-{{ item }} dest=/etc/sysconfig/network-scripts/ owner=root mode=0644
  with_items: static_interfaces
  notify:
  - restart network

Which is fairly simple. It just goes though a list of “static_interfaces” for a host and copies these files from the local machine to the machine I am setting up. If the copy makes any changes it sends a notify.

For the machine “grey” I just create some entries in hosts_vars/grey.yml

static_interfaces:
 - enp2s0
 - bridge0

and then the files themselves:

roles/static_networking/files/grey/ifcfg-bridge0
::::::::::::::
DEVICE="bridge0"
ONBOOT="yes"
TYPE=Bridge
BOOTPROTO=static
IPADDR=10.1.1.28
NETMASK=255.255.255.0
GATEWAY=10.1.1.1
::::::::::::::
roles/static_networking/files/grey/ifcfg-enp2s0
::::::::::::::
DEVICE="enp2s0"
ONBOOT="yes"
NM_CONTROLLED="no"
BOOTPROTO="none"
BRIDGE=bridge0
HWADDR="9c:b6:54:07:e8:49"

which are the actual files to be copied. If any files are actually updated the handler will be triggered

roles/static_networking/handlers/main.yml 
---
# Called by "name" when network config files are changed
- name: restart network
  service: name=network state=restarted

Overall it seems to work and I only broke networking once (the ip on enp2s0 keep getting re-added until I forced network manager to forget about it). I wouldn’t really recommend this sort of thing for non-trivial sites though. Keeping per-site configs in roles isn’t really the best way to do things.

Share