Commit 22c19cb9 by Czémán Arnold Committed by cloud

fwdriver, manager: move fwdriver specific states and files to fwdriver, and…

fwdriver, manager: move fwdriver specific states and files to fwdriver, and manager specific states to manager
network: collect common network states to network module
parent b973dc4a
include:
- profile
- agentdriver
- fwdriver
- manager
- graphite
- monitor-client
- storagedriver
- vmdriver
- vncproxy
- fwdriver
- network
include:
- openvswitch
- network
/home/{{ pillar['fwdriver']['user'] }}/.virtualenvs/fw/bin/postactivate:
file.managed:
......@@ -95,6 +95,12 @@ systemd-sysctl:
- template: jinja
- mode: 644
firewall-selinux_pkgs:
pkg.installed:
- pkgs:
- policycoreutils
- policycoreutils-python
firewall-init_semodule:
cmd.run:
- cwd: /root
......@@ -103,6 +109,6 @@ firewall-init_semodule:
- unless: semodule -l |grep -qs ^firewall-init
- require:
- file: /root/firewall-init.te
- pkg: firewall-selinux_pkgs
{% endif %}
#!/bin/bash
sed -i '/HWADDR=.*/d' /etc/sysconfig/network-scripts/ifcfg-vm
sed -i -e \$aNM_CONTROLLED=\"no\" /etc/sysconfig/network-scripts/ifcfg-vm
/bin/systemctl daemon-reload
ifup vm
systemctl restart firewall
systemctl restart dhcpd
exit 0
# systemd service file extras added by CIRCLE Salt installer:
# openvswitch and virtual network interface must be up before
# dhcpd is started
[Unit]
After=openvswitch-switch.service
[Service]
ExecStartPre=-/sbin/ifup vm
{# TODO: change 'vm' to pillar['fwdriver']['vm_if'] ? #}
{# TODO: similar patch for firewall.service ? #}
......@@ -2,6 +2,7 @@ include:
- fwdriver.gitrepo
- fwdriver.virtualenv
- fwdriver.configuration
- fwdriver.network
disable_os_firewall:
cmd.run:
......@@ -58,14 +59,3 @@ firewall:
firewall-init:
service:
- enabled
{# TODO: standalone firewall mode #}
{% if pillar['fwdriver']['open_ports'] %}
salt://fwdriver/files/open_ports.sh:
cmd.script:
- template: jinja
- user: {{ pillar['user'] }}
- require:
- service: firewall
{% endif %}
ovs-if:
cmd.run:
- name: ovs-vsctl add-port cloud vm tag=2 -- set Interface vm type=internal
- unless: ovs-vsctl list-ifaces cloud | grep "^vm$"
vm:
network.managed:
- enabled: True
- type: eth
- proto: none
- ipaddr: {{ pillar['fwdriver']['vm_net_ip'] }}
- netmask: {{ pillar['fwdriver']['vm_net_mask'] }}
- pre_up_cmds:
{% if grains['os_family'] == 'RedHat' %}
- /bin/systemctl restart openvswitch
{% elif grains['os'] == 'Debian' %}
- /bin/systemctl restart openvswitch-switch
{% else %}
- /etc/init.d/openvswitch-switch restart
{% endif %}
- require:
- cmd: ovs-if
{% if grains['os'] == 'Debian' %}
symlink_dhcpd:
file.symlink:
- name: /etc/init.d/dhcpd
- target: /etc/init.d/isc-dhcp-server
- force: True
cmd.run:
- name: /bin/systemctl daemon-reload
- require:
- file: symlink_dhcpd
{% endif %}
firewall2:
service:
- name: firewall
- running
- require:
- network: vm
{% if grains['os_family'] == 'RedHat' %}
fix_dhcp:
cmd.script:
- name: salt://fwdriver/files/fix_dhcp.sh
{% endif %}
{% if grains['os'] == 'Debian' %}
{# For next reboot #}
after_openvswitch_conf:
file.managed:
- name: /etc/systemd/system/isc-dhcp-server.service.d/after_openvswitch.conf
- source: salt://fwdriver/files/fix_dhcp_Debian.conf
- user: root
- group: root
- template: jinja
- makedirs: True
fix_dhcp_daemon_reload:
cmd.run:
- name: /bin/systemctl daemon-reload
- require:
- file: after_openvswitch_conf
{% endif %}
......@@ -88,3 +88,21 @@ memcached:
- enable: True
- require:
- pkg: manager
{% if pillar['fwdriver']['open_ports'] %}
open_ports:
cmd.script:
- name: salt://fwdriver/files/open_ports.sh
- template: jinja
- user: {{ pillar['user'] }}
{% endif %}
reload_firewall:
cmd.script:
- name: salt://network/files/reload_firewall.sh
- template: jinja
- user: {{ pillar['user'] }}
{% if pillar['fwdriver']['open_ports'] %}
- require:
- cmd: open_ports
{% endif %}
ovs-if:
cmd.run:
- name: ovs-vsctl add-port cloud vm tag=2 -- set Interface vm type=internal
- unless: ovs-vsctl list-ifaces cloud | grep "^vm$"
include:
- openvswitch
vm:
network.managed:
- enabled: True
- type: eth
- proto: none
- ipaddr: {{ pillar['fwdriver']['vm_net_ip'] }}
- netmask: {{ pillar['fwdriver']['vm_net_mask'] }}
- pre_up_cmds:
{% if grains['os_family'] == 'RedHat' %}
- /bin/systemctl restart openvswitch
{% elif grains['os'] == 'Debian' %}
- /bin/systemctl restart openvswitch-switch
{% else %}
- /etc/init.d/openvswitch-switch restart
{% endif %}
- require:
- cmd: ovs-if
{% if grains['os'] == 'Debian' %}
symlink_dhcpd:
file.symlink:
- name: /etc/init.d/dhcpd
- target: /etc/init.d/isc-dhcp-server
- force: True
cmd.run:
- name: /bin/systemctl daemon-reload
- require:
- file: symlink_dhcpd
{% endif %}
firewall2:
service:
- name: firewall
- running
- require:
- network: vm
reload_firewall:
cmd.script:
- name: salt://network/files/reload_firewall.sh
- template: jinja
- user: {{ pillar['user'] }}
- require:
- service: firewall2
{% if grains['os'] == 'Debian' %}
- cmd: symlink_dhcpd
{% endif %}
ovs-bridge:
openvswitch_bridge.present:
- name: cloud
{% if grains['os_family'] == 'RedHat' %}
net_config:
......@@ -59,56 +14,4 @@ net_config:
- user: root
- group: root
- mode: 644
fix_dhcp:
cmd.script:
- name: salt://network/files/fix_dhcp.sh
- require:
- cmd: reload_firewall
- file: net_config
{% endif %}
isc-dhcp-server:
{% if grains['os_family'] == 'RedHat' or grains['os'] == 'Debian' %}
cmd.run:
- name: /bin/systemctl restart dhcpd
{% if grains['os_family'] == 'RedHat' %}
- watch:
- cmd: fix_dhcp
{% elif grains['os'] == 'Debian' %}
- watch:
- cmd: fix_dhcp_daemon_reload
{% endif %}
{% endif %}
service.running:
- enable: True
{% if grains['os_family'] == 'RedHat' %}
- watch:
- cmd: fix_dhcp
{% elif grains['os'] == 'Debian' %}
- watch:
- cmd: fix_dhcp_daemon_reload
{% endif %}
{% if grains['os_family'] == 'RedHat' or grains['os'] == 'Debian' %}
- name: dhcpd
- require:
- cmd: isc-dhcp-server
{% endif %}
{% if grains['os'] == 'Debian' %}
{# For next reboot #}
after_openvswitch_conf:
file.managed:
- name: /etc/systemd/system/isc-dhcp-server.service.d/after_openvswitch.conf
- source: salt://network/files/fix_dhcp_Debian.conf
- user: root
- group: root
- template: jinja
- makedirs: True
fix_dhcp_daemon_reload:
cmd.run:
- name: /bin/systemctl daemon-reload
- require:
- file: after_openvswitch_conf
{% endif %}
include:
- openvswitch
- network
/home/{{ pillar['user'] }}/.virtualenvs/vmdriver/bin/postactivate:
file.managed:
......@@ -24,11 +24,6 @@ include:
- source: file:///home/{{ pillar['user'] }}/vmdriver/miscellaneous/{{ file }}
{% endfor %}
ovs-bridge:
cmd.run:
- name: ovs-vsctl add-br cloud
- unless: ovs-vsctl list-br | grep "^cloud$"
/etc/sudoers.d/netdriver:
file.managed:
- source: salt://vmdriver/files/sudoers
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment