From 29d741d17b7f029b4313d70182cfcc6f7c333a06 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Tue, 3 May 2016 11:16:35 +0100 Subject: [PATCH 1/1] Configure external address for fafnir --- cookbooks/networking/templates/default/interfaces.erb | 4 +++- cookbooks/networking/templates/default/shorewall-hosts.erb | 2 ++ .../networking/templates/default/shorewall-interfaces.erb | 2 +- cookbooks/networking/templates/default/shorewall-zones.erb | 1 + roles/aws.rb | 6 ++++++ roles/fafnir.rb | 5 +++++ 6 files changed, 18 insertions(+), 2 deletions(-) diff --git a/cookbooks/networking/templates/default/interfaces.erb b/cookbooks/networking/templates/default/interfaces.erb index 89fc316eb..50238cb5f 100644 --- a/cookbooks/networking/templates/default/interfaces.erb +++ b/cookbooks/networking/templates/default/interfaces.erb @@ -2,6 +2,7 @@ iface lo inet loopback <% node[:networking][:interfaces].each do |name,interface| -%> +<% if interface[:interface] -%> iface <%= interface[:interface] %> <%= interface[:family] %> static address <%= interface[:address] %> @@ -31,5 +32,6 @@ iface <%= interface[:interface] %> <%= interface[:family] %> static autoconf 0 <% end -%> <% end -%> +<% end -%> -auto lo <%= node[:networking][:interfaces].collect { |n,i| i[:interface] }.sort.uniq.join(" ") %> +auto lo <%= node[:networking][:interfaces].collect { |n,i| i[:interface] }.compact.sort.uniq.join(" ") %> diff --git a/cookbooks/networking/templates/default/shorewall-hosts.erb b/cookbooks/networking/templates/default/shorewall-hosts.erb index 76160b060..86c294cc6 100644 --- a/cookbooks/networking/templates/default/shorewall-hosts.erb +++ b/cookbooks/networking/templates/default/shorewall-hosts.erb @@ -2,6 +2,7 @@ # ZONE HOST OPTIONS <% node.interfaces(:family => :inet, :role => :external).each do |interface| -%> +<% if interface[:interface] -%> <% @zones.keys.sort.each do |zone| -%> <% if @zones[zone]["inet"] -%> <% @zones[zone]["inet"].sort.each do |ra| -%> @@ -10,3 +11,4 @@ <% end -%> <% end -%> <% end -%> +<% end -%> diff --git a/cookbooks/networking/templates/default/shorewall-interfaces.erb b/cookbooks/networking/templates/default/shorewall-interfaces.erb index 89d8a2d54..d8a5705d2 100644 --- a/cookbooks/networking/templates/default/shorewall-interfaces.erb +++ b/cookbooks/networking/templates/default/shorewall-interfaces.erb @@ -2,7 +2,7 @@ # ZONE INTERFACE BROADCAST OPTIONS <% node[:networking][:interfaces].each do |name,interface| -%> -<% if interface[:family] == "inet" -%> +<% if interface[:interface] && interface[:family] == "inet" -%> <% if interface[:role] == "internal" -%> loc <%= interface[:interface] %> detect nosmurfs,tcpflags <% elsif interface[:role] == "external" -%> diff --git a/cookbooks/networking/templates/default/shorewall-zones.erb b/cookbooks/networking/templates/default/shorewall-zones.erb index cd207d802..1f82a4ce1 100644 --- a/cookbooks/networking/templates/default/shorewall-zones.erb +++ b/cookbooks/networking/templates/default/shorewall-zones.erb @@ -28,3 +28,4 @@ es:osm <%= @type %> sz:osm <%= @type %> ex:osm <%= @type %> dh:osm <%= @type %> +aws:osm <%= @type %> diff --git a/roles/aws.rb b/roles/aws.rb index eabb762c7..ae3225f72 100644 --- a/roles/aws.rb +++ b/roles/aws.rb @@ -10,6 +10,12 @@ default_attributes( :prefix => "20", :gateway => "172.31.0.1" } + }, + :external => { + :zone => "aws", + :inet => { + :prefix => "32" + } } } } diff --git a/roles/fafnir.rb b/roles/fafnir.rb index 2345b2565..1c5ee364f 100644 --- a/roles/fafnir.rb +++ b/roles/fafnir.rb @@ -13,6 +13,11 @@ default_attributes( :family => :inet, :address => "172.31.10.210", :hwaddress => "02:c1:c5:8b:5f:1d" + }, + :external_ipv4 => { + :role => :external, + :family => :inet, + :address => "52.50.86.69" } } }, -- 2.43.2