I had some odd errors with my multi-homed CentOS servers. I was finally able to fix them with the help of this blog post. Apparently basic multi-homed networking in CentOS is broken and you need to use the advanced configuration option. If you want to manually configure your servers then I follow the steps in the blog post I linked to above. In this post I will describe how to automate this configuration with Ansible.
Properly configure networking in CentOS 6.x using only Ansible variables. This configuration must work with any combination of physical NICs and VLANs.
Create a separate Ansible role for networking called network. Define your networks in
group_vars/all and host specific network configurations in
host_vars/host.example.com. See the role code on my github repository.
The networking role will set all the network related configuration files including the advanced settings. The advanced settings add the following files:
These will configure a multi-homed server properly and also work fine for single-homed hosts.
As you will be able to see from the Ansible source code files, this requires many variable and some complex logic. Some of the complex is due to the way the Jinja2 templating engine handles variables. It isn’t possible to take a purely DRY approach.
If the defaults in ifcfg-eth.j2 work for you then all you have to do is describe your networks in
group_vars/all and then add the host specific variables.
Assume you have three networks: dev, staging, and production. In this case your all file would contain this:
You need a
vlan_id even if you don’t use VLANs because
rt_tables requires a numeric id. The
xen_uuid is for Xen VMs. You can omit if you don’t use Xen.
For a single-homed server running as a Xen VM the host_vars file should follow this pattern (delete the Xen line if unneeded):
For a host that uses two tagged VLANs on Eth0 it would follow this pattern:
This creates a dummy eth0 configuration and an eth0.12 and eth0.13 file. The “.” in front of the
vlan_id must be there for the code to work. For a untagged interfaces simply change
false and set the
"". This latter is needed to work around Jinja2 idiosyncrasies as is all the redundancy between
all and the host files.