Disable netfilter for network bridge
This commit is contained in:
parent
4d397012a4
commit
b49fdee359
@ -1,11 +1,6 @@
|
|||||||
Set {{ pillar['network']['bridge'] }} to be managed by NetworkManager:
|
|
||||||
cmd.run:
|
|
||||||
- name: nmcli device set {{ pillar['network']['bridge'] }} managed yes
|
|
||||||
- unless: bash -c "if [[ \"$(nmcli device show {{ pillar['network']['bridge'] }} | sed -n 's/^GENERAL.STATE.*(\(.*\)).*$/\1/p')\" == \"unmanaged\" ]]; then exit 1; else exit 0; fi"
|
|
||||||
|
|
||||||
Configure {{ pillar['network']['bridge'] }} connection:
|
Configure {{ pillar['network']['bridge'] }} connection:
|
||||||
cmd.run:
|
cmd.run:
|
||||||
- name: nmcli connection add con-name {{ pillar['network']['bridge'] }} type bridge ifname {{ pillar['network']['bridge'] }} ipv4.method manual ipv4.addresses {{ pillar['network']['ip'] }}/24 ipv4.dns "127.0.0.1, 1.1.1.1, 1.1.1.2" ipv6.method disabled connection.autoconnect yes stp no
|
- name: nmcli connection add con-name {{ pillar['network']['bridge'] }} type bridge ifname {{ pillar['network']['bridge'] }} ipv4.method manual ipv4.addresses {{ pillar['network']['ip'] }}/24 ipv4.dns "127.0.0.1, 1.1.1.1, 1.1.1.2" ipv6.method disabled connection.zone internal connection.autoconnect yes stp no
|
||||||
- unless: nmcli connection show {{ pillar['network']['bridge'] }} > /dev/null
|
- unless: nmcli connection show {{ pillar['network']['bridge'] }} > /dev/null
|
||||||
|
|
||||||
Add {{ pillar['network']['interface'] }} to bridge {{ pillar['network']['bridge'] }}:
|
Add {{ pillar['network']['interface'] }} to bridge {{ pillar['network']['bridge'] }}:
|
||||||
|
@ -1,12 +1,3 @@
|
|||||||
<<<<<<< HEAD
|
|
||||||
Install kvm server and tools:
|
|
||||||
pkg.installed:
|
|
||||||
# - name: pattern:kvm_server
|
|
||||||
- pkgs:
|
|
||||||
- pattern:kvm_server
|
|
||||||
- pattern:kvm_tools
|
|
||||||
- includes: [pattern]
|
|
||||||
=======
|
|
||||||
Install KVM Server:
|
Install KVM Server:
|
||||||
pkg.installed:
|
pkg.installed:
|
||||||
- name: pattern:kvm_server
|
- name: pattern:kvm_server
|
||||||
@ -22,5 +13,16 @@ Start libvirtd:
|
|||||||
- name: libvirtd
|
- name: libvirtd
|
||||||
- enable: True
|
- enable: True
|
||||||
|
|
||||||
|
Disable netfilter on network bridge:
|
||||||
>>>>>>> kvm-rancher
|
file.managed:
|
||||||
|
- name: /etc/sysctl.d/netfilter.conf
|
||||||
|
- source: salt://kvm/files/netfilter.conf
|
||||||
|
- user: root
|
||||||
|
- group: root
|
||||||
|
- mode: "0644"
|
||||||
|
|
||||||
|
Reload systctl for br_netfilter:
|
||||||
|
cmd.run:
|
||||||
|
- name: sysctl -p /etc/sysctl.d/netfilter.conf
|
||||||
|
- onchanges:
|
||||||
|
- file: Disable netfilter on network bridge
|
||||||
|
Loading…
Reference in New Issue
Block a user