reorganize pve

proxmox/networking.yaml

@@ -0,0 +1,107 @@
+- name: PVE base network configuration
+  hosts: proxmox
+  serial: 1 # one host at a time
+  tasks:
+    - name: /etc/network/interfaces
+      tags: network
+      ansible.builtin.template:
+        src: templates/network.interfaces.j2
+        dest: /etc/network/interfaces
+      notify: reload networking
+    - name: UI primary IP (/etc/hosts)
+      tags: network
+      ansible.builtin.lineinfile:
+        path: /etc/hosts
+        regexp: ' {{ inventory_hostname_short }}$'
+        line: '{{ primary_ipv6 | split("/") | first }} {{ inventory_hostname }} {{ inventory_hostname_short }}'
+  handlers:
+    - name: reload networking
+      ansible.builtin.systemd_service:
+        name: networking.service
+        state: reloaded
+---
+- name: PVE CEPH network configuration
+  hosts:
+    - pve90.proxmox.infra.k-space.ee
+    - pve91.proxmox.infra.k-space.ee
+    - pve92.proxmox.infra.k-space.ee
+    - pve93.proxmox.infra.k-space.ee
+  serial: 1  # one host at a time
+
+  tasks:
+    - name: Load secrets
+      ansible.builtin.include_vars:
+        file: ../secrets/bgp.yaml
+
+    - name: configure mesh network
+      ansible.builtin.template:
+        src: templates/ceph.interfaces.j2
+        dest: /etc/network/interfaces.d/ceph
+      tags: network
+
+    - name: ifup lo
+      ansible.builtin.command:
+        cmd: ifup lo
+      tags: network
+
+    - name: ifup mesh interfaces
+      ansible.builtin.command:
+        cmd: "ifup {{ item }}"
+      loop: "{{ ceph_mesh.interfaces }}"
+      loop_control:
+        label: "ifup {{ item }}"
+      tags: network
+
+    - name: enable fabricd OpenFabric in FRR
+      ansible.builtin.lineinfile:
+        path: /etc/frr/daemons
+        regexp: ^fabricd=.*$
+        line: fabricd=yes
+      notify: reload FRR
+      tags: frr
+
+    - name: configure FRR
+      ansible.builtin.template:
+        src: templates/frr.conf.j2
+        dest: /etc/frr/frr.conf
+      notify: reload FRR
+      tags: frr
+
+    - name: enable/start FRR
+      ansible.builtin.systemd_service:
+        name: frr.service
+        enabled: true
+        state: started
+
+    - name: configure ebtables
+      ansible.builtin.template:
+        src: templates/ebtables.rules.j2
+        dest: /etc/ebtables.rules
+        mode: "u=rw,g=r,o=r"
+      notify: reload ebtables
+      tags: ebtables
+
+    - name: create ebtables systemd service
+      ansible.builtin.template:
+        src: templates/ebtables.service.j2
+        dest: /etc/systemd/system/ebtables.service
+        mode: "u=rw,g=r,o=r"
+      tags: ebtables
+
+    - name: enable/start ebtables service
+      ansible.builtin.systemd_service:
+        name: ebtables.service
+        enabled: true
+        state: started
+      tags: ebtables
+
+  handlers:
+    - name: reload FRR
+      ansible.builtin.systemd_service:
+        name: frr.service
+        state: reloaded
+
+    - name: reload ebtables
+      ansible.builtin.systemd_service:
+        name: frr.service
+        state: restarted