Disable netfilter for network bridge

This commit is contained in:
jonas 2021-11-24 12:42:48 +01:00
parent 4d397012a4
commit b49fdee359
2 changed files with 14 additions and 17 deletions

View File

@ -1,11 +1,6 @@
Set {{ pillar['network']['bridge'] }} to be managed by NetworkManager:
cmd.run:
- name: nmcli device set {{ pillar['network']['bridge'] }} managed yes
- unless: bash -c "if [[ \"$(nmcli device show {{ pillar['network']['bridge'] }} | sed -n 's/^GENERAL.STATE.*(\(.*\)).*$/\1/p')\" == \"unmanaged\" ]]; then exit 1; else exit 0; fi"
Configure {{ pillar['network']['bridge'] }} connection: Configure {{ pillar['network']['bridge'] }} connection:
cmd.run: cmd.run:
- name: nmcli connection add con-name {{ pillar['network']['bridge'] }} type bridge ifname {{ pillar['network']['bridge'] }} ipv4.method manual ipv4.addresses {{ pillar['network']['ip'] }}/24 ipv4.dns "127.0.0.1, 1.1.1.1, 1.1.1.2" ipv6.method disabled connection.autoconnect yes stp no - name: nmcli connection add con-name {{ pillar['network']['bridge'] }} type bridge ifname {{ pillar['network']['bridge'] }} ipv4.method manual ipv4.addresses {{ pillar['network']['ip'] }}/24 ipv4.dns "127.0.0.1, 1.1.1.1, 1.1.1.2" ipv6.method disabled connection.zone internal connection.autoconnect yes stp no
- unless: nmcli connection show {{ pillar['network']['bridge'] }} > /dev/null - unless: nmcli connection show {{ pillar['network']['bridge'] }} > /dev/null
Add {{ pillar['network']['interface'] }} to bridge {{ pillar['network']['bridge'] }}: Add {{ pillar['network']['interface'] }} to bridge {{ pillar['network']['bridge'] }}:

View File

@ -1,12 +1,3 @@
<<<<<<< HEAD
Install kvm server and tools:
pkg.installed:
# - name: pattern:kvm_server
- pkgs:
- pattern:kvm_server
- pattern:kvm_tools
- includes: [pattern]
=======
Install KVM Server: Install KVM Server:
pkg.installed: pkg.installed:
- name: pattern:kvm_server - name: pattern:kvm_server
@ -22,5 +13,16 @@ Start libvirtd:
- name: libvirtd - name: libvirtd
- enable: True - enable: True
Disable netfilter on network bridge:
>>>>>>> kvm-rancher file.managed:
- name: /etc/sysctl.d/netfilter.conf
- source: salt://kvm/files/netfilter.conf
- user: root
- group: root
- mode: "0644"
Reload systctl for br_netfilter:
cmd.run:
- name: sysctl -p /etc/sysctl.d/netfilter.conf
- onchanges:
- file: Disable netfilter on network bridge