diff --git a/tasks/nspawn_networking.yml b/tasks/nspawn_networking.yml index 15d1cbd..5483c76 100644 --- a/tasks/nspawn_networking.yml +++ b/tasks/nspawn_networking.yml @@ -86,23 +86,25 @@ {%- if interface_data['type'] == 'bridge' %} {%- set _ = start_commands.append('-/sbin/ip link add dev veth-' + interface + '1 type veth peer name veth-' + interface + '2') %} {%- set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '1 up') %} - {%- set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '1 mtu ' + (interface_data['mtu'] | default(1500)) | string) %} + {%- set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '1 mtu ' ~ (interface_data["mtu"] | default(1500))) %} {%- set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '2 up') %} - {%- set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '2 mtu ' + (interface_data['mtu'] | default(1500)) | string) %} + {%- set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '2 mtu ' ~ (interface_data["mtu"] | default(1500))) %} {%- set _ = start_commands.append('-/sbin/ip link set dev veth-' + interface + '1 master ' + value.bridge) %} - {%- set _ = start_commands.append('-/sbin/ip link add ' + mv_interface + ' link veth-' + interface + '2 type macvlan mode ' + value.macvlan_mode | default(nspawn_macvlan_mode)) %} + {%- set _ = start_commands.append('-/sbin/ip link add ' + mv_interface + ' link veth-' + interface + '2 mtu ' ~ (interface_data["mtu"] | default(1500)) ~ ' type macvlan mode ' + value.macvlan_mode | default(nspawn_macvlan_mode)) %} {%- set _ = start_commands.append('-/sbin/ip link set dev ' + mv_interface + ' up') %} {%- else %} - {%- set _ = start_commands.append('-/sbin/ip link add ' + mv_interface + ' link ' + value.bridge + ' type macvlan mode ' + value.macvlan_mode | default(nspawn_macvlan_mode)) %} + {%- set _ = start_commands.append('-/sbin/ip link add ' + mv_interface + ' link ' + value.bridge + ' mtu ' ~ (interface_data["mtu"] | default(1500)) ~ ' type macvlan mode ' + value.macvlan_mode | default(nspawn_macvlan_mode)) %} {%- set _ = start_commands.append('-/sbin/ip link set dev ' + mv_interface + ' up') %} - {% if hostvars[inventory_hostname][key.split('_')[0] + '_cidr'] is defined %} - {% set net_cidr = hostvars[inventory_hostname]['container_cidr'] %} - {%- set _ = start_commands.append('-/sbin/ip route add ' + net_cidr + ' dev ' + mv_interface + ' metric 100 proto kernel scope link table local') %} - {% elif (value.address is defined) and (value.netmask is defined) %} - {% set prefix = (value.address ~ '/' ~ value.netmask) | ipaddr('prefix') %} - {% set _network = (value.address ~ '/' ~ prefix) | ipaddr('network') %} - {% set _net_addr_network = (_network ~ '/' ~ prefix) %} - {%- set _ = start_commands.append('-/sbin/ip route add ' + _net_addr_network + ' dev ' + mv_interface + ' metric 100 proto kernel scope link table local') %} + {% if not (value.enable_dhcp | default(false)) | bool %} + {% if hostvars[inventory_hostname][key.split('_')[0] + '_cidr'] is defined %} + {% set net_cidr = hostvars[inventory_hostname]['container_cidr'] %} + {%- set _ = start_commands.append('-/sbin/ip route add local ' + net_cidr + ' dev ' + mv_interface + ' metric 100 proto kernel scope host table local') %} + {% elif (value.address is defined) and (value.netmask is defined) %} + {% set prefix = (value.address ~ '/' ~ value.netmask) | ipaddr('prefix') %} + {% set _network = (value.address ~ '/' ~ prefix) | ipaddr('network') %} + {% set _net_addr_network = (_network ~ '/' ~ prefix) %} + {%- set _ = start_commands.append('-/sbin/ip route add local ' + _net_addr_network + ' dev ' + mv_interface + ' metric 100 proto kernel scope host table local') %} + {%- endif %} {%- endif %} {%- endif %} {%- endif %} diff --git a/templates/prep-scripts/_container_sys_setup.sh.j2 b/templates/prep-scripts/_container_sys_setup.sh.j2 index 1b6b75b..91d18a8 100644 --- a/templates/prep-scripts/_container_sys_setup.sh.j2 +++ b/templates/prep-scripts/_container_sys_setup.sh.j2 @@ -4,9 +4,7 @@ mkdir -p /dev mkdir -p /proc mkdir -p /sys/fs/cgroup mkdir -p /dev/pts - -#gnupg requires this -mkdir -p /root/.gnupg +mkdir -p /proc/self/fd # In order for the package manager to function /dev/null, /dev/random and # /dev/urandom must exist. This is is being run here because some images do not @@ -20,6 +18,14 @@ for i in {0..5}; do done [ ! -e /dev/pts/ptmx ] && mknod -m 0666 /dev/pts/ptmx c 5 2 +[ ! -e /dev/fd ] && ln -s /proc/self/fd /dev/fd +for i in {0..2}; do + ln -sf /dev/pts/0 /dev/fd/$i +done + +#gnupg requires this +mkdir -p /root/.gnupg + # Create the directory where local facts will be stored mkdir -p /etc/ansible/facts.d diff --git a/templates/prep-scripts/nspawn_ubuntu_prep.sh.j2 b/templates/prep-scripts/nspawn_ubuntu_prep.sh.j2 index 5815018..31b5f27 100644 --- a/templates/prep-scripts/nspawn_ubuntu_prep.sh.j2 +++ b/templates/prep-scripts/nspawn_ubuntu_prep.sh.j2 @@ -27,13 +27,13 @@ export DEBIAN_FRONTEND=noninteractive apt-get remove -y --purge snap* nspawn* lxd* resolvconf || true apt-get update -apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes gnupg - -#start gpg-agent if is is not already running -gpg-connect-agent /bye || true apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes {{ nspawn_container_distro_required_packages | join(' ') }} +#start gpg-agent if is is not already running +<(gpg-agent) || true +gpg-connect-agent /bye || true + if [[ -f "/root/repo.keys" ]]; then apt-key add /root/repo.keys fi