Configure external address for fafnir

diff --git a/cookbooks/networking/templates/default/interfaces.erb b/cookbooks/networking/templates/default/interfaces.erb
index 89fc316eb4aa1810321eda4af1787a498c9c8bdb..50238cb5f885ff16cb55970d1c7173c4ceb9c9b7 100644 (file)
--- a/cookbooks/networking/templates/default/interfaces.erb
+++ b/cookbooks/networking/templates/default/interfaces.erb
@@ -2,6 +2,7 @@
 
 iface lo inet loopback
 <% node[:networking][:interfaces].each do |name,interface| -%>
+<% if interface[:interface] -%>
 
 iface <%= interface[:interface] %> <%= interface[:family] %> static
       address   <%= interface[:address] %>
@@ -31,5 +32,6 @@ iface <%= interface[:interface] %> <%= interface[:family] %> static
       autoconf  0
 <% end -%>
 <% end -%>
+<% end -%>
 
-auto lo <%= node[:networking][:interfaces].collect { |n,i| i[:interface] }.sort.uniq.join(" ") %>
+auto lo <%= node[:networking][:interfaces].collect { |n,i| i[:interface] }.compact.sort.uniq.join(" ") %>

diff --git a/cookbooks/networking/templates/default/shorewall-hosts.erb b/cookbooks/networking/templates/default/shorewall-hosts.erb
index 76160b0607c6d5e81d85c881f422e848d9c16d76..86c294cc6d43b3e97c10ac2173c1105561201c5a 100644 (file)
--- a/cookbooks/networking/templates/default/shorewall-hosts.erb
+++ b/cookbooks/networking/templates/default/shorewall-hosts.erb
@@ -2,6 +2,7 @@
 
 # ZONE HOST                    OPTIONS
 <% node.interfaces(:family => :inet, :role => :external).each do |interface| -%>
+<% if interface[:interface] -%>
 <% @zones.keys.sort.each do |zone| -%>
 <% if @zones[zone]["inet"] -%>
 <% @zones[zone]["inet"].sort.each do |ra| -%>
@@ -10,3 +11,4 @@
 <% end -%>
 <% end -%>
 <% end -%>
+<% end -%>

diff --git a/cookbooks/networking/templates/default/shorewall-interfaces.erb b/cookbooks/networking/templates/default/shorewall-interfaces.erb
index 89d8a2d54ae8a5887606a358c267787ab7b86dff..d8a5705d27b8ee4370ca7ca4c52a32f4a5c0dc72 100644 (file)
--- a/cookbooks/networking/templates/default/shorewall-interfaces.erb
+++ b/cookbooks/networking/templates/default/shorewall-interfaces.erb
@@ -2,7 +2,7 @@
 
 # ZONE INTERFACE       BROADCAST       OPTIONS
 <% node[:networking][:interfaces].each do |name,interface| -%>
-<% if interface[:family] == "inet" -%>
+<% if interface[:interface] && interface[:family] == "inet" -%>
 <% if interface[:role] == "internal" -%>
 loc    <%= interface[:interface] %>            detect          nosmurfs,tcpflags
 <% elsif interface[:role] == "external" -%>

diff --git a/cookbooks/networking/templates/default/shorewall-zones.erb b/cookbooks/networking/templates/default/shorewall-zones.erb
index cd207d802909db808ad9f6e9e8f191bde435deae..1f82a4ce14ac102cf81b8e36ddad1299aa00d6eb 100644 (file)
--- a/cookbooks/networking/templates/default/shorewall-zones.erb
+++ b/cookbooks/networking/templates/default/shorewall-zones.erb
@@ -28,3 +28,4 @@ es:osm                <%= @type %>
 sz:osm         <%= @type %>
 ex:osm         <%= @type %>
 dh:osm         <%= @type %>
+aws:osm                <%= @type %>

diff --git a/roles/aws.rb b/roles/aws.rb
index eabb762c74fe59518932f25da382cd2c5dc3375c..ae3225f729e9f449c693c1d853f01d29d1d25888 100644 (file)
--- a/roles/aws.rb
+++ b/roles/aws.rb
@@ -10,6 +10,12 @@ default_attributes(
           :prefix => "20",
           :gateway => "172.31.0.1"
         }
+      },
+      :external => {
+        :zone => "aws",
+        :inet => {
+          :prefix => "32"
+        }
       }
     }
   }

diff --git a/roles/fafnir.rb b/roles/fafnir.rb
index 2345b25654d21b74908ea9b8e3040d4c4a6c9463..1c5ee364f5f4a7547f83afffde405d4b796d71b1 100644 (file)
--- a/roles/fafnir.rb
+++ b/roles/fafnir.rb
@@ -13,6 +13,11 @@ default_attributes(
         :family => :inet,
         :address => "172.31.10.210",
         :hwaddress => "02:c1:c5:8b:5f:1d"
+      },
+      :external_ipv4 => {
+        :role => :external,
+        :family => :inet,
+        :address => "52.50.86.69"
       }
     }
   },