Andrew Bogott has submitted this change and it was merged.
Change subject: Create an 'interface' module.
......................................................................
Create an 'interface' module.
This is mostly a copy-paste job from manifests::generic-definitions.pp
Change-Id: Ia0bf79e227a6738f7072a8bf4bf984d445d81a4f
---
M manifests/generic-definitions.pp
A modules/interface/manifests/add_ip6_mapped.pp
A modules/interface/manifests/aggregate.pp
A modules/interface/manifests/init.pp
A modules/interface/manifests/manual.pp
A modules/interface/manifests/offload.pp
A modules/interface/manifests/tagged.pp
A modules/interface/manifests/tun6to4.pp
8 files changed, 337 insertions(+), 0 deletions(-)
Approvals:
Andrew Bogott: Looks good to me, approved
jenkins-bot: Verified
diff --git a/manifests/generic-definitions.pp b/manifests/generic-definitions.pp
index 5c2264c..d6b88a8 100644
--- a/manifests/generic-definitions.pp
+++ b/manifests/generic-definitions.pp
@@ -180,6 +180,9 @@
}
# Expects address without a length, like address => "208.80.152.10", prefixlen
=> "32"
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
define interface_ip($interface, $address, $prefixlen="32") {
$prefix = "${address}/${prefixlen}"
$ipaddr_command = "ip addr add ${prefix} dev ${interface}"
@@ -200,6 +203,9 @@
}
}
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
define interface_manual($interface, $family="inet") {
if $::lsbdistid == "Ubuntu" and versioncmp($::lsbdistrelease, "10.04")
>= 0 {
# Use augeas to create a new manually setup interface
@@ -216,6 +222,9 @@
}
}
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
define interface_up_command($interface, $command) {
if $::lsbdistid == "Ubuntu" and versioncmp($::lsbdistrelease, "10.04")
>= 0 {
# Use augeas to add an 'up' command to the interface
@@ -227,6 +236,9 @@
}
}
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
define interface_setting($interface, $setting, $value) {
if $::lsbdistid == "Ubuntu" and versioncmp($::lsbdistrelease, "10.04")
>= 0 {
# Use augeas to add an 'up' command to the interface
@@ -237,10 +249,16 @@
}
}
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
class base::vlan-tools {
package { vlan: ensure => latest; }
}
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
class base::bonding-tools {
package { ["ifenslave-2.6", "ethtool"] : ensure => latest; }
}
@@ -249,6 +267,9 @@
package { python-mwclient: ensure => latest; }
}
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
define interface_tun6to4($remove=undef) {
if $remove == 'true' {
$augeas_cmd = [ "rm auto[./1 = 'tun6to4']",
@@ -285,6 +306,9 @@
}
}
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
define interface_tagged($base_interface, $vlan_id, $address=undef,
$netmask=undef, $family="inet", $method="static", $up=undef, $down=undef,
$remove=undef) {
require base::vlan-tools
@@ -346,6 +370,9 @@
}
}
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
define interface_aggregate_member($master) {
require base::bonding-tools
@@ -371,6 +398,9 @@
}
}
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
define interface_aggregate($orig_interface=undef, $members=[],
$lacp_rate="fast", $hash_policy="layer2+3") {
require base::bonding-tools
@@ -438,6 +468,9 @@
}
}
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
define interface_add_ip6_mapped($interface=undef, $ipv4_address=undef) {
if ! $interface {
$all_interfaces = split($::interfaces, ",")
@@ -479,6 +512,9 @@
# The (abbreviated) offload setting, e.g. 'gro'
# - $value:
# The value (on/off)
+# WARNING: This function is deprecated, and code will soon be switched
+# over to the new 'interface' module. Until that cut happens
+# THIS CLASS IS FROZEN.
define interface_offload($interface="eth0", $setting, $value) {
# Set in /etc/network/interfaces
interface_setting { $title: interface => $interface, setting =>
"offload-${setting}", value => $value }
diff --git a/modules/interface/manifests/add_ip6_mapped.pp
b/modules/interface/manifests/add_ip6_mapped.pp
new file mode 100644
index 0000000..d238bcd
--- /dev/null
+++ b/modules/interface/manifests/add_ip6_mapped.pp
@@ -0,0 +1,29 @@
+define interface::add_ip6_mapped($interface=undef, $ipv4_address=undef) {
+ if ! $interface {
+ $all_interfaces = split($::interfaces, ",")
+ $intf = $all_interfaces[0]
+ }
+ else {
+ $intf = $interface
+ }
+
+ if ! member(split($::interfaces, ","), $intf) {
+ warning("Not adding IPv6 address to $intf because this interface does
not exist!")
+ }
+ else {
+ if ! $ipv4_address {
+ $ip4_address = "::${::ipaddress}"
+ }
+ else {
+ $ip4_address = "::${ipv4_address}"
+ }
+
+ $ipv6_address = inline_template("<%= require 'ipaddr';
(IPAddr.new(scope.lookupvar(\"::ipaddress6_${intf}\")).mask(64) |
IPAddr.new(ip4_address.gsub('.', ':'))).to_s() %>")
+
+ interface { $title:
+ interface => $intf,
+ address => $ipv6_address,
+ prefixlen => "64"
+ }
+ }
+}
diff --git a/modules/interface/manifests/aggregate.pp
b/modules/interface/manifests/aggregate.pp
new file mode 100644
index 0000000..00cccca
--- /dev/null
+++ b/modules/interface/manifests/aggregate.pp
@@ -0,0 +1,95 @@
+define interface::aggregate_member($master) {
+ require interface::bonding-tools
+
+ $interface = $title
+
+ if $::lsbdistid == "Ubuntu" and versioncmp($::lsbdistrelease, "10.04") >=
0 {
+ augeas { "aggregate member ${interface}":
+ context => "/files/etc/network/interfaces/",
+ changes => [
+ "set auto[./1 = '$interface']/1 '$interface'",
+ "set iface[. = '$interface'] '$interface'",
+ "set iface[. = '$interface']/family 'inet'",
+ "set iface[. = '$interface']/method 'manual'",
+ ],
+ notify => Exec["ifup $interface"]
+ }
+
+ exec { "ifup $interface":
+ command => "/sbin/ifup --force $interface; /sbin/ip link set dev
$interface up",
+ require => Augeas["aggregate member ${interface}"],
+ refreshonly => true
+ }
+ }
+}
+
+define aggregate($orig_interface=undef, $members=[], $lacp_rate="fast",
$hash_policy="layer2+3") {
+ require interface::bonding-tools
+
+ # Use the definition title as the destination (aggregated) interface
+ $aggr_interface = $title
+
+ if $::lsbdistid == "Ubuntu" and versioncmp($::lsbdistrelease, "10.04") >=
0 {
+ if $orig_interface != "" {
+ # Convert an existing interface, e.g. from eth0 to bond0
+ $augeas_changes = [
+ "set auto[./1 = '${orig_interface}']/1 '${aggr_interface}'",
+ "set iface[. = '${orig_interface}'] '${aggr_interface}'"
+ ]
+
+ # Bring down the old interface after conversion
+ exec { "ip addr flush dev ${orig_interface}":
+ command => "/sbin/ip addr flush dev ${orig_interface}",
+ before => Exec["ifup ${aggr_interface}"],
+ subscribe => Augeas["create $aggr_interface"],
+ refreshonly => true,
+ notify => Exec["ifup ${aggr_interface}"]
+ }
+ } else {
+ $augeas_changes = [
+ "set auto[./1 = '${aggr_interface}']/1 '${aggr_interface}'",
+ "set iface[. = '${aggr_interface}'] '${aggr_interface}'",
+ "set iface[. = '${aggr_interface}']/family 'inet'",
+ "set iface[. = '${aggr_interface}']/method 'manual'"
+ ]
+ }
+
+ augeas { "create $aggr_interface":
+ context => "/files/etc/network/interfaces/",
+ changes => $augeas_changes,
+ onlyif => "match iface[. = '${aggr_interface}'] size == 0",
+ notify => Exec["ifup ${aggr_interface}"]
+ }
+
+ augeas { "configure $aggr_interface":
+ require => Augeas["create $aggr_interface"],
+ context => "/files/etc/network/interfaces/",
+ changes => [
+ inline_template("set iface[. = '<%= aggr_interface
%>']/bond-slaves '<%= members.join(' ') %>'"),
+ "set iface[. = '${aggr_interface}']/bond-mode '802.3ad'",
+ "set iface[. = '${aggr_interface}']/bond-lacp-rate
'${lacp_rate}'",
+ "set iface[. = '${aggr_interface}']/bond-miimon '100'",
+ "set iface[. = '${aggr_interface}']/bond-xmit-hash-policy
'${hash_policy}'"
+ ],
+ notify => Exec["ifup ${aggr_interface}"]
+ }
+
+ # Define all aggregate members
+ interface::aggregate_member{ $members:
+ require => Augeas["create $aggr_interface"],
+ master => $aggr_interface,
+ notify => Exec["ifup ${aggr_interface}"]
+ }
+
+ # Bring up the new interface
+ exec { "ifup ${aggr_interface}":
+ command => "/sbin/ifup --force ${aggr_interface}",
+ require => Interface::Aggregate_member[$members],
+ refreshonly => true
+ }
+ }
+}
+
+class interface::bonding-tools {
+ package { ["ifenslave-2.6", "ethtool"] : ensure => latest; }
+}
diff --git a/modules/interface/manifests/init.pp
b/modules/interface/manifests/init.pp
new file mode 100644
index 0000000..0ee9f2b
--- /dev/null
+++ b/modules/interface/manifests/init.pp
@@ -0,0 +1,20 @@
+# Expects address without a length, like address => "208.80.152.10", prefixlen
=> "32"
+define interface($interface, $address, $prefixlen="32") {
+ $prefix = "${address}/${prefixlen}"
+ $ipaddr_command = "ip addr add ${prefix} dev ${interface}"
+
+ if $::lsbdistid == "Ubuntu" and versioncmp($::lsbdistrelease, "10.04") >=
0 {
+ # Use augeas to add an 'up' command to the interface
+ augeas { "${interface}_${prefix}":
+ context => "/files/etc/network/interfaces/*[. = '${interface}' and
./family = 'inet']",
+ changes => "set up[last()+1] '${ipaddr_command}'",
+ onlyif => "match up[. = '${ipaddr_command}'] size == 0";
+ }
+ }
+
+ # Add the IP address manually as well
+ exec { $ipaddr_command:
+ path => "/bin:/usr/bin",
+ returns => [0, 2]
+ }
+}
diff --git a/modules/interface/manifests/manual.pp
b/modules/interface/manifests/manual.pp
new file mode 100644
index 0000000..c54b1fd
--- /dev/null
+++ b/modules/interface/manifests/manual.pp
@@ -0,0 +1,15 @@
+define interface::manual($interface, $family="inet") {
+ if $::lsbdistid == "Ubuntu" and versioncmp($::lsbdistrelease, "10.04") >=
0 {
+ # Use augeas to create a new manually setup interface
+ $augeas_cmd = [ "set auto[./1 = '$interface']/1 '$interface'",
+ "set iface[. = '$interface'] '$interface'",
+ "set iface[. = '$interface']/family '$family'",
+ "set iface[. = '$interface']/method 'manual'",
+ ]
+
+ augeas { "${interface}_manual":
+ context => "/files/etc/network/interfaces",
+ changes => $augeas_cmd;
+ }
+ }
+}
diff --git a/modules/interface/manifests/offload.pp
b/modules/interface/manifests/offload.pp
new file mode 100644
index 0000000..4c4d143
--- /dev/null
+++ b/modules/interface/manifests/offload.pp
@@ -0,0 +1,43 @@
+# Definition: interface::offload
+#
+# Sets interface offload parameters (with ethtool)
+#
+# Parameters:
+# - $interface:
+# The network interface to operate on
+# - $setting:
+# The (abbreviated) offload setting, e.g. 'gro'
+# - $value:
+# The value (on/off)
+define interface::offload($interface="eth0", $setting, $value) {
+ # Set in /etc/network/interfaces
+ interface::setting { $title: interface => $interface, setting =>
"offload-${setting}", value => $value }
+
+ # And make sure it's always active
+ $long_param = $setting ? {
+ 'rx' => "rx-checksumming",
+ 'tx' => "tx-checksumming",
+ 'sg' => "scatter-gather",
+ 'tso' => "tcp-segmentation-offload",
+ 'ufo' => "udp-fragmentation-offload",
+ 'gso' => "generic-segmentation-offload",
+ 'gro' => "generic-receive-offload",
+ 'lro' => "large-receive-offload"
+ }
+
+ exec { "ethtool ${interface} -K ${setting} ${value}":
+ path => "/usr/bin:/usr/sbin:/bin:/sbin",
+ command => "ethtool -K ${interface} ${setting} ${value}",
+ unless => "test $(ethtool -k ${interface} | awk '/${long_param}:/ {
print \$2 }') = '${value}'"
+ }
+}
+
+define interface::setting($interface, $setting, $value) {
+ if $::lsbdistid == "Ubuntu" and versioncmp($::lsbdistrelease, "10.04") >=
0 {
+ # Use augeas to add an 'up' command to the interface
+ augeas { "${interface}_${title}":
+ context => "/files/etc/network/interfaces/*[. = '${interface}' and
family = 'inet']",
+ changes => "set ${setting} '${value}'",
+ }
+ }
+}
diff --git a/modules/interface/manifests/tagged.pp
b/modules/interface/manifests/tagged.pp
new file mode 100644
index 0000000..eb6943e
--- /dev/null
+++ b/modules/interface/manifests/tagged.pp
@@ -0,0 +1,64 @@
+class interface::vlan-tools {
+ package { vlan: ensure => latest; }
+}
+
+define interface::tagged($base_interface, $vlan_id, $address=undef,
$netmask=undef, $family="inet", $method="static", $up=undef, $down=undef,
$remove=undef) {
+ require interface::vlan-tools
+
+ $intf = "${base_interface}.${vlan_id}"
+
+ if $address {
+ $addr_cmd = "set iface[. = '$intf']/address '$address'"
+ } else {
+ $addr_cmd = ""
+ }
+
+ if $netmask {
+ $netmask_cmd = "set iface[. = '$intf']/netmask '$netmask'"
+ } else {
+ $netmask_cmd = ""
+ }
+
+ if $up {
+ $up_cmd = "set iface[. = '$intf']/up '$up'"
+ } else {
+ $up_cmd = ""
+ }
+ if $down {
+ $down_cmd = "set iface[. = '$intf']/down '$down'"
+ } else {
+ $down_cmd = ""
+ }
+
+ if $remove == 'true' {
+ $augeas_cmd = [ "rm auto[./1 = '$intf']",
+ "rm iface[. = '$intf']"
+ ]
+ } else {
+ $augeas_cmd = [ "set auto[./1 = '$intf']/1 '$intf'",
+ "set iface[. = '$intf'] '$intf'",
+ "set iface[. = '$intf']/family '$family'",
+ "set iface[. = '$intf']/method '$method'",
+ $addr_cmd,
+ $netmask_cmd,
+ $up_cmd,
+ $down_cmd,
+ ]
+ }
+
+ if $::lsbdistid == "Ubuntu" and versioncmp($::lsbdistrelease, "10.04") >=
0 {
+ if $remove == 'true' {
+ exec { "/sbin/ifdown $intf": before => Augeas["$intf"] }
+ }
+
+ # Use augeas
+ augeas { "$intf":
+ context => "/files/etc/network/interfaces/",
+ changes => $augeas_cmd;
+ }
+
+ if $remove != 'true' {
+ exec { "/sbin/ifup $intf": require => Augeas["$intf"] }
+ }
+ }
+}
diff --git a/modules/interface/manifests/tun6to4.pp
b/modules/interface/manifests/tun6to4.pp
new file mode 100644
index 0000000..9446df6
--- /dev/null
+++ b/modules/interface/manifests/tun6to4.pp
@@ -0,0 +1,35 @@
+define interface::tun6to4($remove=undef) {
+ if $remove == 'true' {
+ $augeas_cmd = [ "rm auto[./1 = 'tun6to4']",
+ "rm iface[. = 'tun6to4']"
+ ]
+ } else {
+ $augeas_cmd = [ "set auto[./1 = 'tun6to4']/1 'tun6to4'",
+ "set iface[. = 'tun6to4'] 'tun6to4'",
+ "set iface[. = 'tun6to4']/family 'inet6'",
+ "set iface[. = 'tun6to4']/method 'v4tunnel'",
+ "set iface[. = 'tun6to4']/endpoint 'any'",
+ "set iface[. = 'tun6to4']/local '192.88.99.1'",
+ "set iface[. = 'tun6to4']/ttl '64'",
+ "set iface[. = 'tun6to4']/pre-up 'ip address add
192.88.99.1/32 dev lo label lo:6to4'",
+ "set iface[. = 'tun6to4']/down 'ip address del 192.88.99.1/32
dev lo label lo:6to4'",
+ "set iface[. = 'tun6to4']/up 'ip -6 route add 2002::/16 dev
\$IFACE'",
+ ]
+ }
+
+ if $::lsbdistid == "Ubuntu" and versioncmp($::lsbdistrelease, "10.04") >=
0 {
+ if $remove == 'true' {
+ exec { "/sbin/ifdown tun6to4": before => Augeas["tun6to4"] }
+ }
+
+ # Use augeas
+ augeas { "tun6to4":
+ context => "/files/etc/network/interfaces/",
+ changes => $augeas_cmd;
+ }
+
+ if $remove != 'true' {
+ exec { "/sbin/ifup tun6to4": require => Augeas["tun6to4"] }
+ }
+ }
+}
--
To view, visit https://gerrit.wikimedia.org/r/75347
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ia0bf79e227a6738f7072a8bf4bf984d445d81a4f
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott <abog...@wikimedia.org>
Gerrit-Reviewer: Andrew Bogott <abog...@wikimedia.org>
Gerrit-Reviewer: Mark Bergsma <m...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
