build our own libvirt bridge
diff --git a/roles/config-virt/templates/daemon.j2 b/roles/config-virt/templates/daemon.j2
index c79bf4a..852aef6 100644
--- a/roles/config-virt/templates/daemon.j2
+++ b/roles/config-virt/templates/daemon.j2
@@ -27,8 +27,9 @@
{% for vm in head_vm_list -%}
{% if vm.forwarded_ports is defined -%}
+{% set vm_net = ( virt_nets | selectattr("head_vms", "defined") | first ) %}
{% for port in vm.forwarded_ports -%}
- add_port_fwd_rule {{ port.ext }} "{{ mgmtbr_prefix }}.{{ vm.ipv4_last_octet }}" {{ port.int }}
+ add_port_fwd_rule {{ port.ext }} "{{ vm_net.ipv4_prefix }}.{{ vm.ipv4_last_octet }}" {{ port.int }}
{% endfor -%}
{% endif -%}
{% endfor -%}
diff --git a/roles/config-virt/templates/default.xml.j2 b/roles/config-virt/templates/default.xml.j2
deleted file mode 100644
index 7914a2e..0000000
--- a/roles/config-virt/templates/default.xml.j2
+++ /dev/null
@@ -1,19 +0,0 @@
-<network>
- <name>default</name>
- <bridge name="{{ mgmtbr_name }}"/>
- <forward/>
- <domain name="{{ site_suffix }}" localonly="no"/>
- <dns>
-{% for ns in dns_servers %}
- <forwarder addr="{{ ns }}"/>
-{% endfor %}
- </dns>
- <ip address="{{ mgmtbr_prefix }}.1" netmask="255.255.255.0">
- <dhcp>
- <range start="{{ mgmtbr_prefix }}.2" end="{{ mgmtbr_prefix }}.254"/>
-{% for vm in head_vm_list %}
- <host name='{{ vm.name }}' ip='{{ mgmtbr_prefix }}.{{ vm.ipv4_last_octet }}'/>
-{% endfor %}
- </dhcp>
- </ip>
-</network>
diff --git a/roles/config-virt/templates/qemu.j2 b/roles/config-virt/templates/qemu.j2
index 1c947f9..9d20379 100644
--- a/roles/config-virt/templates/qemu.j2
+++ b/roles/config-virt/templates/qemu.j2
@@ -5,6 +5,10 @@
NIC=$( route|grep default|awk '{print $NF}' )
PORTAL=$( dig +short portal.opencloud.us | tail -1 )
+SUBNET=$( ip addr show $NIC|grep "inet "|awk '{print $2}' )
+{% set vm_net = ( virt_nets | selectattr("head_vms", "defined") | first ) %}
+PRIVATENET=$( ip addr show {{ vm_net.name }} |grep "inet "|awk '{print $2}' )
+
NAME="${1}"
OP="${2}"
SUBOP="${3}"
@@ -21,8 +25,6 @@
}
add_local_access_rules() {
- SUBNET=$( ip addr show $NIC|grep "inet "|awk '{print $2}' )
- PRIVATENET=$( ip addr show virbr0|grep "inet "|awk '{print $2}' )
add_rule "FORWARD" "-s $SUBNET -j ACCEPT"
# Don't NAT traffic from service VMs destined to the local subnet
add_rule "POSTROUTING" "-t nat -s $PRIVATENET -d $SUBNET -j RETURN"
diff --git a/roles/config-virt/templates/virt_net.xml.j2 b/roles/config-virt/templates/virt_net.xml.j2
new file mode 100644
index 0000000..ad043e9
--- /dev/null
+++ b/roles/config-virt/templates/virt_net.xml.j2
@@ -0,0 +1,28 @@
+<network>
+ <name>xos-{{ item.name }}</name>
+ <bridge name="{{ item.name }}"/>
+ <forward/>
+ <domain name="{{ site_suffix }}" localonly="no"/>
+ <dns>
+{% if unbound_listen_on_default %}
+{% for host in groups['head'] %}
+ <forwarder addr="{{ hostvars[host].ansible_default_ipv4.address }}"/>
+{% endfor %}
+{% endif %}
+{% if dns_servers is defined %}
+{% for ns in dns_servers %}
+ <forwarder addr="{{ ns }}"/>
+{% endfor %}
+{% endif %}
+ </dns>
+ <ip address="{{ item.ipv4_prefix }}.1" netmask="255.255.255.0">
+ <dhcp>
+ <range start="{{ item.ipv4_prefix }}.2" end="{{ item.ipv4_prefix }}.254"/>
+{% if item.head_vms %}
+{% for vm in head_vm_list %}
+ <host name='{{ vm.name }}' ip='{{ item.ipv4_prefix }}.{{ vm.ipv4_last_octet }}'/>
+{% endfor %}
+{% endif %}
+ </dhcp>
+ </ip>
+</network>