rc/network
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
network/roles/fabric/tasks/main.yml
Timotej Lazar bc93f26a21 fabric: disable snmpd 
And reduce CPU utilization from 150% to ~30%.
2025-03-23 12:35:23 +01:00

99 lines
2 KiB
YAML
Raw Blame History

- name: Set hostname
hostname:
name: "{{ inventory_hostname }}"
- name: Set hostname in /etc/hosts
lineinfile:
path: /etc/hosts
regexp: '^127.0.1.1\s+'
line: "127.0.1.1 {{ inventory_hostname }}"
- name: Disable unneeded services
service:
name: '{{ item }}'
enabled: false
state: stopped
loop:
- nvued
- nvue-startup
- netqd@mgmt
- snmpd
- name: Set up ports
template:
dest: /etc/cumulus/ports.conf
src: ports.conf.j2
notify: reload switchd
- name: Set up management VRF and interface
template:
dest: /etc/network/interfaces
src: interfaces.j2
mode: 0644
notify: reload interfaces
- name: Set up loopback and switch interfaces
template:
dest: "/etc/network/interfaces.d/{{ item }}.intf"
src: "{{ item }}.intf.j2"
mode: 0644
notify: reload interfaces
loop:
- loopback
- switch
- name: Set up peerlink
template:
dest: "/etc/network/interfaces.d/peerlink.intf"
src: "peerlink.intf.j2"
mode: 0644
notify: reload interfaces
when: "peer is defined"
- name: Set up bridge
template:
dest: "/etc/network/interfaces.d/bridge.intf"
src: "bridge.intf.j2"
mode: 0644
notify: reload interfaces
when: "'bridge' in interfaces | map(attribute='name')"
- name: Set nameservers for mgmt VRF
template:
dest: /etc/resolv.conf
src: resolv.conf.j2
mode: 0644
notify: reload interfaces
- name: Unoverride Cumulus SSH options
lineinfile:
path: /etc/ssh/sshd_config
regexp: '^(PubkeyAcceptedKeyTypes .*)'
line: '#\1'
backrefs: yes
notify: reload sshd
- name: Disable SSH in default VRF
service:
name: ssh
enabled: no
state: stopped
- name: Listen for SSH only in mgmt VRF
service:
name: ssh@mgmt
enabled: yes
state: started
- name: Enable BGP for FRR
lineinfile:
path: /etc/frr/daemons
regexp: '^bgpd='
line: 'bgpd=yes'
notify: restart frr
- name: Enable FRR
service:
name: frr
enabled: yes
state: started
Reference in a new issue View git blame Copy permalink