debops.ifupdown default variables

Sections

APT packages
General role configuration
Default network interface layout
Network interface configuration
Custom ifupdown hooks
Custom configuration files
Configuration for other Ansible roles
Role metadata

APT packages 

ifupdown__base_packages

List of base APT packages to install.

ifupdown__base_packages:
  - [ 'ifupdown', 'bsdutils', 'rsync' ]
  - '{{ []
        if ("/usr/sbin/NetworkManager" in ansible_local.ifupdown.known_managers|d([]))
        else "rdnssd" }}'

ifupdown__dynamic_packages

List of APT packages to install based on the requirements of the interface types that are configured by the role (support for bridges, bonding, VLANs, depends on the presence of a given interface type).

ifupdown__dynamic_packages: '{{ lookup("template", "lookup/ifupdown__dynamic_packages.j2", convert_data=False) | from_yaml }}'

ifupdown__packages

List of additional APT packages to install with the role.

ifupdown__packages: []

ifupdown__purge_packages

List of APT packages which will be purged when this role is enabled, to stop them from interfering with ifupdown.

ifupdown__purge_packages: [ 'netplan.io', 'nplan' ]

General role configuration 

ifupdown__interface_weight_map

This is a YAML dictionary which maps the interface type to a number which is prepended to the configuration file names to ensure correct order of the network interfaces. It also defines the order the interfaces are brought down and up.

You shouldn't change the map after the ifupdown configuration is deployed, otherwise the role will lose track of the configuration files and duplicate configuration might be created.

ifupdown__interface_weight_map:
  'mapping':   '00'
  'bonding':   '10'
  'ether':     '20'
  'slip':      '30'
  'wlan':      '30'
  'wwan':      '30'
  'vlan':      '40'
  'bridge':    '60'
  '6to4':      '80'
  'tunnel':    '80'
  'default':   '80'

ifupdown__reconfigure_auto

If True, the role will reconfigure interfaces automatically after changes are detected by Ansible. If False, role will install the reconfiguration script on the remote host so that the user can run it to apply the changes by hand.

ifupdown__reconfigure_auto: True

ifupdown__reconfigure_script_path

Path where the reconfiguration script will be installed if automatic reconfiguration is disabled.

ifupdown__reconfigure_script_path: '{{ (ansible_local.fhs.lib | d("/usr/local/lib"))
                                       + "/ifupdown-reconfigure-interfaces" }}'

ifupdown__reconfigure_init_file

Path where the original /etc/network/interfaces file will be copied to on the first role run to allow for reconfiguration of existing interfaces.

ifupdown__reconfigure_init_file: '/etc/network/interfaces.d/old-interfaces'

ifupdown__default_nat_masquerade

By default, when IPv4 NAT is enabled on a bridge interface, the role will configure a SNAT firewall rule using the primary IP address of the default gateway interface. This is good for hosts in a static environment, where the host's IP address doesn't change.

If your host is used in a dynamic environment or switches between different environments, you can set this variable to True and the role will use the MASQUERADE firewall rule instead to modify packets on the fly with current outgoing IPv4 address. This can be changed on the interface level as well.

ifupdown__default_nat_masquerade: False

Default network interface layout 

ifupdown__external_interface

Name of the physical network interface which is assumed by the role to be an "external" interface. This is usually the default network interface.

ifupdown__external_interface: '{{ ansible_local.ifupdown.external_interface|d(lookup("template", "lookup/ifupdown__external_interface.j2", convert_data=False) | from_yaml) }}'

ifupdown__internal_interface

Name of the physical network interface which is assumed by the role to be an "internal" interface. This will be one of the non-default network interfaces, chosen in alphabetical order.

ifupdown__internal_interface: '{{ ansible_local.ifupdown.internal_interface|d(lookup("template", "lookup/ifupdown__internal_interface.j2", convert_data=False) | from_yaml) }}'

ifupdown__interface_layout

Name of the "network interface layout" defined in the ifupdown__default_interfaces_map which will be used to configure initial state of the network interfaces. This name is used in the ifupdown__default_interfaces variable to select a network layout.

ifupdown__interface_layout: '{{ "dynamic"
                                if (ansible_virtualization_type in [ "lxc","openvz" ] and
                                    ansible_virtualization_role == "guest")
                                else "bridge" }}'

ifupdown__default_interfaces_map

A YAML dictionary with different network interface configurations:

static: One Ethernet primary interface with static configuration taken from Ansible facts.
dynamic: One or two Ethernet interfaces with DHCP configuration.
bridge: One or two Ethernet interfaces with bridges attached to them, each bridge uses DHCP configuration.
manual: Do not use any network interface layout and do not configure any interface.

The default interface configuration can be modified by other ifupdown__*_interfaces variables if necessary. See the ifupdown__interfaces documentation for more details.

ifupdown__default_interfaces_map:

  'static':

    'external':
      iface: '{{ ansible_default_ipv4.interface|d("") }}'
      inet: 'static'
      inet6: 'auto'
      address: '{{ (ansible_default_ipv4.address|d("") + "/" +
                    ansible_default_ipv4.netmask|d("")) }}'
      gateway: '{{ ansible_default_ipv4.gateway|d("") }}'
      dns_nameservers: '{{ ansible_dns.nameservers|d(False) }}'
      dns_search: '{{ ansible_dns.search|d(False) }}'

  'dynamic':

    'external':
      iface: '{{ ifupdown__external_interface }}'
      inet: 'dhcp'
      inet6: 'auto'
      state: '{{ "present"
                 if ifupdown__external_interface in ansible_interfaces
                 else "ignore" }}'

    'internal':
      iface: '{{ ifupdown__internal_interface }}'
      inet: 'dhcp'
      inet6: 'auto'
      state: '{{ "present"
                 if ifupdown__internal_interface in ansible_interfaces
                 else "ignore" }}'

    'br0':
      state: '{{ "absent"
                 if (ansible_local.ifupdown.interface_layout|d() == "bridge")
                 else "ignore" }}'

    'br1':
      state: '{{ "absent"
                 if (ansible_local.ifupdown.interface_layout|d() == "bridge")
                 else "ignore" }}'

  'bridge':

    'external':
      iface: '{{ ifupdown__external_interface }}'
      inet: 'manual'
      inet6: False
      state: '{{ "present"
                 if ifupdown__external_interface in ansible_interfaces
                 else "ignore" }}'

    'internal':
      iface: '{{ ifupdown__internal_interface }}'
      inet: 'manual'
      inet6: False
      state: '{{ "present"
                 if ifupdown__internal_interface in ansible_interfaces
                 else "ignore" }}'

    'br0':
      inet: 'dhcp'
      inet6: 'auto'
      type: 'bridge'
      forward: True
      bridge_ports: '{{ ifupdown__external_interface }}'
      state: '{{ "present"
                 if ifupdown__external_interface in ansible_interfaces
                 else "ignore" }}'

    'br1':
      inet: 'dhcp'
      inet6: 'auto'
      type: 'bridge'
      forward: True
      bridge_ports: '{{ ifupdown__internal_interface }}'
      state: '{{ "present"
                 if ifupdown__internal_interface in ansible_interfaces
                 else "ignore" }}'

  'manual': {}

Network interface configuration 

These variables are YAML dictionaries with network interface definitions. See ifupdown__interfaces documentation for more details.

ifupdown__ethernet_interfaces

YAML dictionary which holds the basic information about the Ethernet interfaces detected by the role.

ifupdown__ethernet_interfaces: '{{ lookup("template", "lookup/ifupdown__ethernet_interfaces.j2", convert_data=False) | from_yaml }}'

ifupdown__default_interfaces

YAML dictionary which holds the default configuration applied to the network interfaces, depending on the selected interface layout.

ifupdown__default_interfaces: '{{ ifupdown__default_interfaces_map[ifupdown__interface_layout] | d({}) }}'

ifupdown__interfaces

YAML dictionary which holds the configuration of network interfaces for all hosts in the Ansible inventory.

ifupdown__interfaces: {}

ifupdown__group_interfaces

YAML dictionary which holds the configuration of network interfaces for hosts in a specific Ansible inventory group.

ifupdown__group_interfaces: {}

ifupdown__host_interfaces

YAML dictionary which holds the configuration of network interfaces for specific hosts in the Ansible inventory.

ifupdown__host_interfaces: {}

ifupdown__dependent_interfaces

YAML dictionary which holds the configuration of network interfaces defined by other Ansible roles via dependent variables.

ifupdown__dependent_interfaces: {}

ifupdown__combined_interfaces

YAML dictionary which combines all of the other network interface configuration variables and is used in the role tasks and templates to generate the configuration.

ifupdown__combined_interfaces: '{{ lookup("template", "lookup/ifupdown__combined_interfaces.j2", convert_data=False) | from_yaml }}'

Custom ifupdown hooks 

ifupdown__custom_hooks

List of custom hooks created by the debops.ifupdown role. See Custom ifupdown hooks for more details.

ifupdown__custom_hooks:

  - name: 'filter-dhcp-options'
    hook: 'etc/dhcp/dhclient-enter-hooks.d/filter-dhcp-options'
    mode: '0644'
    state: 'present'

Custom configuration files 

You can create custom configuration files on remote hosts if needed to further configure the network interfaces. See ifupdown__custom_files for more details.

ifupdown__custom_files

Manage custom files on all hosts in Ansible inventory.

ifupdown__custom_files: []

ifupdown__custom_group_files

Manage custom files on hosts in specific Ansible inventory group.

ifupdown__custom_group_files: []

ifupdown__custom_host_files

Manage custom files on specific hosts in Ansible inventory.

ifupdown__custom_host_files: []

ifupdown__custom_dependent_files

Manage custom files defined by other Ansible roles through the role dependent variables.

ifupdown__custom_dependent_files: []

Configuration for other Ansible roles 

ifupdown__ferm__dependent_rules

Configuration for debops.ferm, generated dynamically from the network interface configuration and passed to the role through a variable.

ifupdown__ferm__dependent_rules: '{{ lookup("template", "lookup/ifupdown__ferm__dependent_rules.j2", convert_data=False) | from_yaml }}'

ifupdown__kmod__dependent_load

Configuration for debops.kmod, generated dynamically from the network interface configuration and passed to the role through a variable.

ifupdown__kmod__dependent_load: '{{ lookup("template", "lookup/ifupdown__kmod__dependent_load.j2", convert_data=False) | from_yaml }}'

ifupdown__sysctl__dependent_parameters

Configuration for the debops.sysctl Ansible role.

ifupdown__sysctl__dependent_parameters: '{{ lookup("template",
                                            "lookup/ifupdown__sysctl__dependent_parameters.j2",
                                            convert_data=False) | from_yaml }}'

Role metadata 

ifupdown__role_metadata

This is a variable with the role metadata used internally by DebOps.

ifupdown__role_metadata:
  version: '0.3.0'