kubespray/roles/network_plugin/macvlan/tasks/main.yml

---
- name: Macvlan | Retrieve Pod Cidr
  command: "{{ bin_dir }}/kubectl get nodes {{ kube_override_hostname | default(inventory_hostname) }} -o jsonpath='{.spec.podCIDR}'"
  changed_when: false
  register: node_pod_cidr_cmd
  delegate_to: "{{ groups['kube-master'][0] }}"

- name: Macvlan | set node_pod_cidr
  set_fact:
    node_pod_cidr={{ node_pod_cidr_cmd.stdout }}

- name: Macvlan | Retrieve default gateway network interface
  become: false
  raw: ip -4 route list 0/0 | sed 's/.*dev \([[:alnum:]]*\).*/\1/'
  changed_when: false
  register: node_default_gateway_interface_cmd

- name: Macvlan | set node_default_gateway_interface
  set_fact:
    node_default_gateway_interface={{ node_default_gateway_interface_cmd.stdout | trim }}

- name: Macvlan | Install network gateway interface on debian
  template:
    src: debian-network-macvlan.cfg.j2
    dest: /etc/network/interfaces.d/60-mac0.cfg
  notify: Macvlan | restart network
  when: ansible_os_family in ["Debian"]

- name: Macvlan | Install macvlan script on centos
  copy:
    src: "{{ item }}"
    dest: /etc/sysconfig/network-scripts/
    owner: root
    group: root
    mode: "0755"
  with_fileglob:
    - files/*
  when: ansible_os_family in ["CentOS","RedHat"]

- name: Macvlan | Install post-up script on centos
  copy:
    src: "files/ifup-local"
    dest: /sbin/
    owner: root
    group: root
    mode: "0755"
  when: ansible_os_family in ["CentOS","RedHat"] and enable_nat_default_gateway

- name: Macvlan | Install network gateway interface on centos
  template:
    src: "{{ item.src }}.j2"
    dest: "/etc/sysconfig/network-scripts/{{ item.dst }}"
  with_items:
    - {src: centos-network-macvlan.cfg, dst: ifcfg-mac0 }
    - {src: centos-routes-macvlan.cfg, dst: route-mac0 }
    - {src: centos-postup-macvlan.cfg, dst: post-up-mac0 }
  notify: Macvlan | restart network
  when: ansible_os_family in ["CentOS","RedHat"]

- name: Macvlan | Install service nat via gateway on coreos
  template:
    src: coreos-service-nat_ouside.j2
    dest: /etc/systemd/system/enable_nat_ouside.service
  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] and enable_nat_default_gateway

- name: Macvlan | Enable service nat via gateway on coreos
  command: "{{ item }}"
  with_items:
    - systemctl daemon-reload
    - systemctl enable enable_nat_ouside.service
  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] and enable_nat_default_gateway

- name: Macvlan | Install network gateway interface on coreos
  template:
    src: "{{ item.src }}.j2"
    dest: "/etc/systemd/network/{{ item.dst }}"
  with_items:
    - {src: coreos-device-macvlan.cfg, dst: macvlan.netdev }
    - {src: coreos-interface-macvlan.cfg, dst: output.network }
    - {src: coreos-network-macvlan.cfg, dst: macvlan.network }
  notify: Macvlan | restart network
  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]

- name: Macvlan | Install cni definition for Macvlan
  template:
    src: 10-macvlan.conf.j2
    dest: /etc/cni/net.d/10-macvlan.conf

- name: Macvlan | Install loopback definition for Macvlan
  template:
    src: 99-loopback.conf.j2
    dest: /etc/cni/net.d/99-loopback.conf

- name: Enable net.ipv4.conf.all.arp_notify in sysctl
  sysctl:
    name: net.ipv4.conf.all.arp_notify
    value: 1
    sysctl_set: yes
    sysctl_file: "{{ sysctl_file_path }}"
    state: present
    reload: yes
add macvlan cni to kubespray (#4901) * add macvlan cni to kubespray * macvlan: lint yaml files and fix sample config file * macvlan: add OWNERS file * add macvlan to README * macvlan : CI first shoot * macvlan : CI add full masquerade * delegate retrive pod cidr to master only * macvlan: add config for CI * macvlan: add netchecker deployment 2019-06-28 15:35:38 +08:00			`---`
Fix ansible-lint E301 for commands fetching data (#6465) 2020-07-28 23:39:47 +08:00			`- name: Macvlan \| Retrieve Pod Cidr`
add macvlan cni to kubespray (#4901) * add macvlan cni to kubespray * macvlan: lint yaml files and fix sample config file * macvlan: add OWNERS file * add macvlan to README * macvlan : CI first shoot * macvlan : CI add full masquerade * delegate retrive pod cidr to master only * macvlan: add config for CI * macvlan: add netchecker deployment 2019-06-28 15:35:38 +08:00			`command: "{{ bin_dir }}/kubectl get nodes {{ kube_override_hostname \| default(inventory_hostname) }} -o jsonpath='{.spec.podCIDR}'"`
Fix ansible-lint E301 for commands fetching data (#6465) 2020-07-28 23:39:47 +08:00			`changed_when: false`
add macvlan cni to kubespray (#4901) * add macvlan cni to kubespray * macvlan: lint yaml files and fix sample config file * macvlan: add OWNERS file * add macvlan to README * macvlan : CI first shoot * macvlan : CI add full masquerade * delegate retrive pod cidr to master only * macvlan: add config for CI * macvlan: add netchecker deployment 2019-06-28 15:35:38 +08:00			`register: node_pod_cidr_cmd`
			`delegate_to: "{{ groups['kube-master'][0] }}"`

			`- name: Macvlan \| set node_pod_cidr`
			`set_fact:`
			`node_pod_cidr={{ node_pod_cidr_cmd.stdout }}`

Fix ansible-lint E301 for commands fetching data (#6465) 2020-07-28 23:39:47 +08:00			`- name: Macvlan \| Retrieve default gateway network interface`
add macvlan cni to kubespray (#4901) * add macvlan cni to kubespray * macvlan: lint yaml files and fix sample config file * macvlan: add OWNERS file * add macvlan to README * macvlan : CI first shoot * macvlan : CI add full masquerade * delegate retrive pod cidr to master only * macvlan: add config for CI * macvlan: add netchecker deployment 2019-06-28 15:35:38 +08:00			`become: false`
			`raw: ip -4 route list 0/0 \| sed 's/.dev \([[:alnum:]]\).*/\1/'`
Fix ansible-lint E301 for commands fetching data (#6465) 2020-07-28 23:39:47 +08:00			`changed_when: false`
add macvlan cni to kubespray (#4901) * add macvlan cni to kubespray * macvlan: lint yaml files and fix sample config file * macvlan: add OWNERS file * add macvlan to README * macvlan : CI first shoot * macvlan : CI add full masquerade * delegate retrive pod cidr to master only * macvlan: add config for CI * macvlan: add netchecker deployment 2019-06-28 15:35:38 +08:00			`register: node_default_gateway_interface_cmd`

			`- name: Macvlan \| set node_default_gateway_interface`
			`set_fact:`
			`node_default_gateway_interface={{ node_default_gateway_interface_cmd.stdout \| trim }}`

			`- name: Macvlan \| Install network gateway interface on debian`
			`template:`
			`src: debian-network-macvlan.cfg.j2`
			`dest: /etc/network/interfaces.d/60-mac0.cfg`
			`notify: Macvlan \| restart network`
			`when: ansible_os_family in ["Debian"]`

			`- name: Macvlan \| Install macvlan script on centos`
			`copy:`
			`src: "{{ item }}"`
			`dest: /etc/sysconfig/network-scripts/`
			`owner: root`
			`group: root`
			`mode: "0755"`
			`with_fileglob:`
			`- files/*`
			`when: ansible_os_family in ["CentOS","RedHat"]`

			`- name: Macvlan \| Install post-up script on centos`
			`copy:`
			`src: "files/ifup-local"`
			`dest: /sbin/`
			`owner: root`
			`group: root`
			`mode: "0755"`
			`when: ansible_os_family in ["CentOS","RedHat"] and enable_nat_default_gateway`

			`- name: Macvlan \| Install network gateway interface on centos`
			`template:`
			`src: "{{ item.src }}.j2"`
			`dest: "/etc/sysconfig/network-scripts/{{ item.dst }}"`
			`with_items:`
			`- {src: centos-network-macvlan.cfg, dst: ifcfg-mac0 }`
			`- {src: centos-routes-macvlan.cfg, dst: route-mac0 }`
			`- {src: centos-postup-macvlan.cfg, dst: post-up-mac0 }`
			`notify: Macvlan \| restart network`
			`when: ansible_os_family in ["CentOS","RedHat"]`

			`- name: Macvlan \| Install service nat via gateway on coreos`
			`template:`
			`src: coreos-service-nat_ouside.j2`
			`dest: /etc/systemd/system/enable_nat_ouside.service`
added "Flatcar", "Flatcar Container Linux by Kinvolk" for all coreOS role (#5607) 2020-02-18 16:15:29 +08:00			`when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] and enable_nat_default_gateway`
add macvlan cni to kubespray (#4901) * add macvlan cni to kubespray * macvlan: lint yaml files and fix sample config file * macvlan: add OWNERS file * add macvlan to README * macvlan : CI first shoot * macvlan : CI add full masquerade * delegate retrive pod cidr to master only * macvlan: add config for CI * macvlan: add netchecker deployment 2019-06-28 15:35:38 +08:00
			`- name: Macvlan \| Enable service nat via gateway on coreos`
			`command: "{{ item }}"`
			`with_items:`
			`- systemctl daemon-reload`
			`- systemctl enable enable_nat_ouside.service`
added "Flatcar", "Flatcar Container Linux by Kinvolk" for all coreOS role (#5607) 2020-02-18 16:15:29 +08:00			`when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] and enable_nat_default_gateway`
add macvlan cni to kubespray (#4901) * add macvlan cni to kubespray * macvlan: lint yaml files and fix sample config file * macvlan: add OWNERS file * add macvlan to README * macvlan : CI first shoot * macvlan : CI add full masquerade * delegate retrive pod cidr to master only * macvlan: add config for CI * macvlan: add netchecker deployment 2019-06-28 15:35:38 +08:00
			`- name: Macvlan \| Install network gateway interface on coreos`
			`template:`
			`src: "{{ item.src }}.j2"`
			`dest: "/etc/systemd/network/{{ item.dst }}"`
			`with_items:`
			`- {src: coreos-device-macvlan.cfg, dst: macvlan.netdev }`
			`- {src: coreos-interface-macvlan.cfg, dst: output.network }`
			`- {src: coreos-network-macvlan.cfg, dst: macvlan.network }`
			`notify: Macvlan \| restart network`
added "Flatcar", "Flatcar Container Linux by Kinvolk" for all coreOS role (#5607) 2020-02-18 16:15:29 +08:00			`when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]`
add macvlan cni to kubespray (#4901) * add macvlan cni to kubespray * macvlan: lint yaml files and fix sample config file * macvlan: add OWNERS file * add macvlan to README * macvlan : CI first shoot * macvlan : CI add full masquerade * delegate retrive pod cidr to master only * macvlan: add config for CI * macvlan: add netchecker deployment 2019-06-28 15:35:38 +08:00
			`- name: Macvlan \| Install cni definition for Macvlan`
			`template:`
			`src: 10-macvlan.conf.j2`
			`dest: /etc/cni/net.d/10-macvlan.conf`

			`- name: Macvlan \| Install loopback definition for Macvlan`
			`template:`
			`src: 99-loopback.conf.j2`
			`dest: /etc/cni/net.d/99-loopback.conf`

			`- name: Enable net.ipv4.conf.all.arp_notify in sysctl`
			`sysctl:`
			`name: net.ipv4.conf.all.arp_notify`
			`value: 1`
			`sysctl_set: yes`
			`sysctl_file: "{{ sysctl_file_path }}"`
			`state: present`
			`reload: yes`