Last active
March 19, 2024 10:22
-
-
Save platu/ebf4e99f243766db3b612759c97d7c62 to your computer and use it in GitHub Desktop.
IaC Lab01 Ansible playbook for virtualization env and switch port configuration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- name: PREPARE LAB ENVIRONMENT | |
hosts: hypervisors | |
tasks: | |
- name: ENSURE SYMLINK TO MASTERS DIRECTORY EXISTS | |
ansible.builtin.file: | |
src: /var/cache/kvm/masters | |
dest: "{{ ansible_env.HOME }}/masters" | |
state: link | |
- name: ENSURE VM DIRECTORY EXISTS | |
ansible.builtin.file: | |
path: "{{ ansible_env.HOME }}/vm" | |
state: directory | |
mode: "0755" | |
- name: ENSURE SYMLINK TO SCRIPTS DIRECTORY EXISTS | |
ansible.builtin.file: | |
src: /var/cache/kvm/masters/scripts | |
dest: "{{ ansible_env.HOME }}/vm/scripts" | |
state: link | |
- name: ENSURE LAB DIRECTORY EXISTS | |
ansible.builtin.file: | |
path: "{{ ansible_env.HOME }}/vm/{{ lab_name }}" | |
state: directory | |
mode: "0755" | |
- name: CHECK IF TAP INTERFACES ARE ALREADY USED BY ANOTHER USER | |
ansible.builtin.shell: | |
cmd: | | |
set -o pipefail | |
if $(pgrep -vafu $USER | grep -q "={{ item.name }},"); then | |
echo "{{ item.name }} is already in use by another user." | |
exit 1 | |
fi | |
exit 0 | |
executable: /bin/bash | |
register: result | |
failed_when: result.rc != 0 | |
changed_when: result.rc != 0 | |
when: | |
# only run the task if the tap interface already exists on hypervisor | |
- item.name in ansible_facts.interfaces | |
with_items: | |
- "{{ hostvars[inventory_hostname].taps }}" | |
- name: CONFIGURE TAP INTERFACES SWITCH CONNECTION | |
ansible.builtin.shell: | |
cmd: | | |
# exit if the defined switch does not exist | |
switches_list=$(sudo ovs-vsctl list-br) | |
if ! grep -q "{{ item.switch }}" <<< "${switches_list}"; then | |
exit 1 | |
fi | |
# Check if the port is already connected to the defined switch | |
actual_switch=$(sudo ovs-vsctl port-to-br {{ item.name }}) | |
if [[ ${actual_switch} != "{{ item.switch }}" ]]; then | |
sudo ovs-vsctl del-port ${actual_switch} {{ item.name }} | |
sudo ovs-vsctl add-port {{ item.switch }} {{ item.name }} | |
echo "Port {{ item.name }} connected to {{ item.switch }}" | |
fi | |
exit 0 | |
executable: /bin/bash | |
register: result | |
when: | |
# only run the task if the tap interface already exists on hypervisor | |
- item.name in ansible_facts.interfaces | |
# changed when the "connected to" message is found in the output | |
changed_when: result.stdout.find("connected to") != -1 | |
failed_when: result.rc != 0 or item.name not in ansible_facts.interfaces | |
with_items: | |
- "{{ hostvars[inventory_hostname].taps }}" | |
- name: CONFIGURE TAP INTERFACES IN ACCESS MODE | |
ansible.builtin.shell: | |
cmd: | | |
# Check if the port is already configured with the defined vlan mode | |
actual_mode=$(sudo ovs-vsctl get port {{ item.name }} vlan_mode) | |
if [[ ${actual_mode} != "{{ item.vlan_mode }}" ]]; then | |
sudo ovs-vsctl set port {{ item.name }} vlan_mode="{{ item.vlan_mode }}" | |
echo "Port {{ item.name }} vlan mode changed to {{ item.vlan_mode }}" | |
fi | |
# Check if the port is already configured with the defined vlan tag | |
actual_tag=$(sudo ovs-vsctl get port {{ item.name }} tag) | |
if [[ ${actual_tag} != "{{ item.tag }}" ]]; then | |
sudo ovs-vsctl set port {{ item.name }} tag="{{ item.tag }}" | |
echo "Port {{ item.name }} tag changed to {{ item.tag }}" | |
fi | |
exit 0 | |
executable: /bin/bash | |
register: result | |
# changed when the "changed to" message is found in the output | |
changed_when: result.stdout.find("changed to") != -1 | |
# tag attribute is mandatory for access mode | |
failed_when: item.tag is not defined | |
when: | |
# only run the task if the tap interface already exists | |
- item.name in ansible_facts.interfaces | |
# access mode is selected | |
- item.vlan_mode is defined and item.vlan_mode == "access" | |
- item.tag is defined | |
with_items: | |
- "{{ hostvars[inventory_hostname].taps }}" | |
- name: CONFIGURE TAP INTERFACES IN TRUNK MODE | |
ansible.builtin.shell: | |
cmd: | | |
# Check if the port is already configured with the defined vlan mode | |
actual_mode=$(sudo ovs-vsctl get port {{ item.name }} vlan_mode) | |
if [[ ${actual_mode} != "{{ item.vlan_mode }}" ]]; then | |
sudo ovs-vsctl set port {{ item.name }} vlan_mode="{{ item.vlan_mode }}" | |
echo "Port {{ item.name }} vlan mode changed to {{ item.vlan_mode }}" | |
fi | |
# Check if the port is already configured with the defined vlan tag | |
actual_trunks=$(sudo ovs-vsctl get port {{ item.name }} trunks) | |
if [[ "${actual_trunks}" != "{{ item.trunks }}" ]]; then | |
sudo ovs-vsctl set port {{ item.name }} trunks="{{ item.trunks }}" | |
echo "Port {{ item.name }} vlan list changed to {{ item.trunks }}" | |
fi | |
exit 0 | |
executable: /bin/bash | |
register: result | |
# changed when the "changed to" message is found in the output | |
changed_when: result.stdout.find("changed to") != -1 | |
# trunks attribute is mandatory for trunk mode | |
failed_when: item.trunks is not defined | |
when: | |
# only run the task if the tap interface already exists | |
- item.name in ansible_facts.interfaces | |
# trunk mode is selected | |
- item.vlan_mode is defined and item.vlan_mode == "trunk" | |
- item.trunks is defined | |
with_items: | |
- "{{ hostvars[inventory_hostname].taps }}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment