diff --git a/README.md b/README.md
index cb14d334cd2cf18b653fc558182e07599bc56a82..367cb20473e619d26798440388861af229470bd0 100644
--- a/README.md
+++ b/README.md
@@ -8,6 +8,7 @@ create.py is a python program that generates a vagrant source file from a defini
- Python 3
- VirtualBox 6
- Ansible 2.3.3.0
+- Vagrant 2.2.5
- Virtualization must be enabled
- DHCP server for vboxnet0 must be turned off in VirtualBox. It can be done manually in VirtualBox or with the command `$ VBoxManage dhcpserver remove --ifname vboxnet0`
@@ -16,7 +17,7 @@ create.py is a python program that generates a vagrant source file from a defini
2. Install Python dependencies with `pip3 install -r requirements.txt`.
3. Clone the project.
4. Navigate to the project folder.
-5. Type `$ python3 create.py sandbox.yml`.
+5. Type `$ python3 create.py sandbox.yml`. On Windows or in case of an error due to ansible/python use `python3 create.py -l sandbox.yml`. (note: This will rewrite the previously generated Vagrantfile and ansible files.)
6. Run `$ vagrant up`
### Input yaml file structure
@@ -86,11 +87,13 @@ The name of the correct network interface can be different for every box. The su
- other VirtualBox attributes
- more complex routing
-### Known [issues](https://gitlab.ics.muni.cz/cs4eu/sandbox-creator/issues?label_name%5B%5D=known_issue):
-- after running on Windows the output may contain invalid multibyte chars
+### Known [issues](https://gitlab.ics.muni.cz/cs4eu/sandbox-creator/issues?scope=all&utf8=âś“&state=all&label_name[]=known_issue):
+- After running on Windows the output may contain invalid multibyte chars.
+- Vagrant up can somtimes get stuck on "SSH auth method: private key" in case of "generic/debian10" box or on "SSH auth method: password" in case of "kalilinux/rolling-light" box. This is probably an issue of VirtualBox. In this case try to create the machine again. In case of "kalilinux/rolling-light" remove the line `device.ssh.password = "vagrant"` from the generated Vagrantfile and try to bring it up again.
+- On some machines ansible local (flag -l) can get stuck while connecting to the created virtual machine.
### Notes
-- tested on Vagrant 2.2.5, VirtualBox 6.0.4 and 6.0.10
+- tested on Vagrant 2.2.5, VirtualBox 6.0.4 and 6.0.10, Ansible 2.3.3.0
- Vagrantfile and the provision directory contains everything needed by vagrant. Feel free to move them to a different directory after creation.
### Credits
diff --git a/big_broker.yml b/big_broker.yml
new file mode 100644
index 0000000000000000000000000000000000000000..72fbd9515c1966a460944966a13367ec4eb9d39a
--- /dev/null
+++ b/big_broker.yml
@@ -0,0 +1,65 @@
+---
+name: big-broker
+hosts:
+ - name: web
+ base_box: generic/debian10
+ memory: 2048
+
+ - name: workstation
+ base_box: generic/debian10
+ memory: 2048
+
+ - name: database
+ base_box: generic/debian10
+ memory: 2048
+
+ - name: attacker
+ base_box: kalilinux/rolling-light
+ memory: 2048
+
+ - name: client
+ base_box: generic/debian10
+ memory: 2048
+
+routers:
+ - name: big-broker-router
+
+ - name: internet-router
+
+networks:
+ - name: big-broker
+ cidr: 172.18.1.0/24
+
+ - name: internet
+ cidr: 10.1.0.0/16
+
+net_mappings:
+ - host: web
+ network: big-broker
+ ip: 172.18.1.5
+
+ - host: workstation
+ network: big-broker
+ ip: 172.18.1.132
+
+ - host: database
+ network: big-broker
+ ip: 172.18.1.14
+
+ - host: attacker
+ network: internet
+ ip: 10.1.135.83
+
+ - host: client
+ network: internet
+ ip: 10.1.17.4
+
+router_mappings:
+ - router: big-broker-router
+ network: big-broker
+ ip: 172.18.1.1
+
+ - router: internet-router
+ network: internet
+ ip: 10.1.0.1
+...
diff --git a/create.py b/create.py
index b3ee2c796e367c3b3988622da3a8f506fa798ca1..5ad7906f65143bf67d7be9a16a1240b1b3ae5591 100644
--- a/create.py
+++ b/create.py
@@ -6,15 +6,27 @@ import jinja2
from modules.file_generator import generate_vagrantfile, generate_ansible_files
from modules.device_creator import open_file
+from modules.routing import create_border_router
-""" Supressing error traceback. """
-sys.tracebacklimit = 0
-
-if len(sys.argv) != 2:
- print("Error: Expecting 1 argument (yml file).")
+if len(sys.argv) == 3:
+ if str(sys.argv[1]) == "-l":
+ ansible_local = True
+ input_file_name = str(sys.argv[2])
+ elif str(sys.argv[2]) == "-l":
+ ansible_local = True
+ input_file_name = str(sys.argv[1])
+ else:
+ print("Error: Expecting a yml file and optionally a flag -l.")
+ sys.exit()
+elif len(sys.argv) == 2:
+ ansible_local = False
+ input_file_name = str(sys.argv[1])
+else:
+ print("Error: Expecting a yml file and optionally a flag -l.")
sys.exit()
-device_definitions = open_file(str(sys.argv[1]))
+device_definitions = open_file(input_file_name)
+create_border_router(device_definitions)
-generate_vagrantfile(device_definitions)
+generate_vagrantfile(device_definitions, ansible_local)
generate_ansible_files(device_definitions)
diff --git a/modules/ansible_data_generator.py b/modules/ansible_data_generator.py
index e720a48bee149a0885d66fe17067b55c9e97fec0..99e8ee4a09a865f35f17c7eb21135506d539e373 100644
--- a/modules/ansible_data_generator.py
+++ b/modules/ansible_data_generator.py
@@ -2,14 +2,16 @@ from modules.device_creator import open_file
INTERFACE_FILE = "name_mapping/interface.yml"
-def create_network_map(net_mappings, router_mappings):
+def create_network_map(definitions):
""" Creates a structure with network topology for Jinja2 template. """
routings = []
- for router_mapping in router_mappings:
+ for router_mapping in definitions["router_mappings"]:
routing = dict()
routing["router_name"] = router_mapping["router"]
+ routing["router_network"] = router_mapping["network"]
+ routing["router_network_ip"] = _find_network_ip(router_mapping["network"], definitions)
routing["router_ip"] = router_mapping["ip"]
routings.append(routing)
@@ -21,6 +23,10 @@ def _find_router_ip(network_name, router_mappings):
if router_mapping["network"] == network_name:
return router_mapping["ip"]
+def _find_network_ip(network_name, definitions):
+ for network in definitions["networks"]:
+ if network["name"] == network_name:
+ return network["cidr"]
def _find_interface(host_name, hosts):
diff --git a/modules/device_creator.py b/modules/device_creator.py
index a6c8abbf6ef781515852ac3741137b894ee761af..12f67b6064f2c9a0c621f1854ac0dc04bb40b170 100644
--- a/modules/device_creator.py
+++ b/modules/device_creator.py
@@ -31,8 +31,17 @@ def _add_provisioning(hostname, host_definitions):
except IOError:
pass
+def _add_rsync(box, host_name, definitions):
+ """ add rsync to debian machines """
-def _create_hosts(yml, mappings, flavors):
+ if box == "generic/debian10":
+ definitions[host_name].append("# standard shared folder doesn't work on debian")
+ definitions[host_name].append("device.vm.synced_folder \".\", \"/vagrant\", type: \"rsync\", rsync__exclude: \".git/\"")
+
+ if box == "kalilinux/rolling-light":
+ definitions[host_name].append("device.ssh.password = \"vagrant\"")
+
+def _create_hosts(yml, mappings, flavors, ansible_local):
""" Creates a dictionary with formatted definition of each host. """
host_definitions = {}
@@ -44,28 +53,32 @@ def _create_hosts(yml, mappings, flavors):
add_prov_attributes(
host, flavors, mappings['need_provider'], host_definitions)
_add_provisioning(host["name"], host_definitions)
+ if ansible_local:
+ _add_rsync(host["base_box"], host["name"], host_definitions)
return host_definitions
-def _create_routers(yml):
+def _create_routers(yml, ansible_local):
""" Creates a dictionary with formatted definition of each router. """
router_definitions = {}
for router in yml['routers']:
router_definitions[router['name']] = []
add_router_ip(router["name"], yml, router_definitions)
- add_router_specification(router, router_definitions)
+ add_router_specification(router, router_definitions, ansible_local)
+ if ansible_local:
+ _add_rsync("generic/debian10", router["name"], router_definitions)
return router_definitions
-def create_devices(definitions):
+def create_devices(definitions, ansible_local):
""" Returns a merged dictionary of host and router definitions. """
mappings = open_file(MAPPING_FILE)
flavors = open_file(FLAVORS_FILE)
return {
- **_create_hosts(definitions, mappings, flavors),
- **_create_routers(definitions)}
+ **_create_hosts(definitions, mappings, flavors, ansible_local),
+ **_create_routers(definitions, ansible_local)}
diff --git a/modules/file_generator.py b/modules/file_generator.py
index e748bbe1f781516d3ec652e11ae87a683f99544d..d73861e69095902cdff418c15719fe3962cbd528 100644
--- a/modules/file_generator.py
+++ b/modules/file_generator.py
@@ -3,7 +3,7 @@ import os
from modules.device_creator import create_devices
from modules.ansible_data_generator import create_network_map, create_host_map, create_network_ips
-
+from modules.routing import BORDER_ROUTER_IP, BORDER_ROUTER_NAME, BORDER_ROUTER_NETWORK_NAME, BORDER_ROUTER_PUBLIC_IP
def _load_template(template_name):
""" Returns a loaded jinja2 template. """
@@ -23,23 +23,23 @@ def _generate_file(filename, output_string):
print("Error: cannot write to this location.")
-def _create_role_directory(role_name):
+def _create_role_directory(role_name, provisioning_dir):
""" Creates directory structure for a role. """
try:
- os.mkdir("provisioning")
+ os.mkdir(provisioning_dir)
except FileExistsError:
pass
try:
- os.mkdir("provisioning/roles")
+ os.mkdir(provisioning_dir + "/roles")
except FileExistsError:
pass
try:
- os.mkdir("provisioning/roles/" + role_name)
+ os.mkdir(provisioning_dir + "/roles/" + role_name)
except FileExistsError:
pass
try:
- os.mkdir("provisioning/roles/" + role_name +"/tasks")
+ os.mkdir(provisioning_dir + "/roles/" + role_name +"/tasks")
except FileExistsError:
pass
@@ -54,13 +54,13 @@ def _find_user_ansible_files(definitions):
return host_names
-def generate_vagrantfile(definitions):
+def generate_vagrantfile(definitions, ansible_local):
""" Writes the prepared output to a Vagrantfile. """
-
- device_definitions = create_devices(definitions)
+
+ device_definitions = create_devices(definitions, ansible_local)
user_ansible_files = _find_user_ansible_files(definitions)
template = _load_template("vagrantfile")
- output = template.render(devices=device_definitions, user_files=user_ansible_files)
+ output = template.render(devices=device_definitions, user_files=user_ansible_files, ansible_local=ansible_local)
_generate_file("Vagrantfile", output)
print("Info: Vagrantfile successfully created.")
@@ -70,12 +70,10 @@ def _generate_playbook(definitions):
""" Generates the main playbook. """
host_map = create_host_map(definitions["net_mappings"], definitions["router_mappings"], definitions["hosts"])
- network = create_network_map(
- definitions["net_mappings"], definitions["router_mappings"])
- network_ips = create_network_ips(definitions["networks"])
+ network = create_network_map(definitions)
template = _load_template("playbook")
- output = template.render(hosts=host_map, routers=network, network_ips=network_ips)
+ output = template.render(hosts=host_map, routers=network)
try:
os.mkdir("provisioning")
@@ -89,19 +87,18 @@ def _generate_device_configuration(definitions):
""" Generates a playbook with basic device configutarion. """
host_map = create_host_map(definitions["net_mappings"], definitions["router_mappings"], definitions["hosts"])
- network = create_network_map(
- definitions["net_mappings"], definitions["router_mappings"])
+ network = create_network_map(definitions)
network_ips = create_network_ips(definitions["networks"])
template = _load_template("device_configuration")
- output = template.render(hosts=host_map, routers=network, network_ips=network_ips)
+ output = template.render(hosts=host_map, routers=network, network_ips=network_ips, border_router_name = BORDER_ROUTER_NAME)
try:
- os.mkdir("provisioning")
+ os.mkdir("base_provisioning")
except FileExistsError:
pass
- _generate_file("./provisioning/device_configuration.yml", output)
+ _generate_file("./base_provisioning/device_configuration.yml", output)
def _generate_hosts_role(definitions):
@@ -109,16 +106,47 @@ def _generate_hosts_role(definitions):
host_map = create_host_map(definitions["net_mappings"], definitions["router_mappings"], definitions["hosts"])
- network = create_network_map(
- definitions["net_mappings"], definitions["router_mappings"])
+ network = create_network_map(definitions)
template = _load_template("hosts")
output = template.render(hosts=host_map, routers=network)
- _create_role_directory("hosts")
+ _create_role_directory("hosts", "base_provisioning")
+ _generate_file("./base_provisioning/roles/hosts/tasks/main.yml", output)
+
+ user_template = _load_template("user_hosts")
+ user_output = template.render()
+
+ _create_role_directory("hosts", "provisioning")
_generate_file("./provisioning/roles/hosts/tasks/main.yml", output)
+def _generate_separate_hosts_role(definitions):
+ """ Generate roles for separate host devices. """
+
+ host_map = create_host_map(definitions["net_mappings"], definitions["router_mappings"], definitions["hosts"])
+
+ for host in definitions["hosts"]:
+
+ for host_attributes in host_map:
+ if host_attributes["host_name"] == host["name"]:
+ host_name = host_attributes["host_name"]
+ router_ip = host_attributes["router_ip"]
+ interface = host_attributes["interface"]
+
+ template = _load_template("separate_hosts")
+ output = template.render(host_name=host_name, router_ip=router_ip, interface=interface)
+
+ _create_role_directory(host["name"], "base_provisioning")
+ _generate_file("./base_provisioning/roles/" + host["name"] + "/tasks/main.yml", output)
+
+
+ template = _load_template("user_separate_hosts")
+ output = template.render(host_name=host_name)
+
+ _create_role_directory(host["name"], "provisioning")
+ _generate_file("./provisioning/roles/" + host["name"] + "/tasks/main.yml", output)
+
def _generate_routers_role(definitions):
""" Generates routers role. """
@@ -128,14 +156,52 @@ def _generate_routers_role(definitions):
host_map = create_host_map(definitions["net_mappings"], definitions["router_mappings"], definitions["hosts"])
- network = create_network_map(
- definitions["net_mappings"], definitions["router_mappings"])
+ network = create_network_map(definitions)
template = _load_template("routers")
- output = template.render(hosts=host_map, routers=network)
+ output = template.render(hosts=host_map, routers=network, border_router_ip=BORDER_ROUTER_IP)
+
+ _create_role_directory("routers", "base_provisioning")
+ _generate_file("./base_provisioning/roles/routers/tasks/main.yml", output)
+
+
+def _find_cidr(network_name, definitions):
+ """ Finds cidr of a network from name. """
+
+ for network in definitions["networks"]:
+ if network["name"] == network_name:
+ return network["cidr"]
+
+def _get_br_routers(definitions):
+ """ Returns a list of router ips that are in the border router network. """
+
+ br_mappings = dict()
+ for router_mapping in definitions["router_mappings"]:
+ if router_mapping["network"] == BORDER_ROUTER_NETWORK_NAME:
+ for router_mapping2 in definitions["router_mappings"]:
+ if router_mapping["router"] == router_mapping2["router"] and router_mapping["network"] != router_mapping2["network"]:
+ br_mappings[_find_cidr(router_mapping2["network"], definitions)] = router_mapping["ip"]
+
+ return br_mappings
+
+def _generate_br_role(definitions):
+ """ Generates br role. """
+
+ if not definitions['routers'] or not definitions['router_mappings']:
+ print("Info: No router definition was found. Skipping border router creation.")
+ return
+
+ network = create_network_map(definitions)
+
+ host_map = create_host_map(definitions["net_mappings"], definitions["router_mappings"], definitions["hosts"])
+
+ routers_in_br_network = _get_br_routers(definitions)
+
+ template = _load_template("br")
+ output = template.render(hosts = host_map, routers=network, br_routes=routers_in_br_network, border_router_name=BORDER_ROUTER_NAME, border_router_public_ip=BORDER_ROUTER_PUBLIC_IP)
- _create_role_directory("routers")
- _generate_file("./provisioning/roles/routers/tasks/main.yml", output)
+ _create_role_directory("br", "base_provisioning")
+ _generate_file("./base_provisioning/roles/br/tasks/main.yml", output)
def generate_ansible_files(device_definitions):
@@ -144,6 +210,8 @@ def generate_ansible_files(device_definitions):
_generate_playbook(device_definitions)
_generate_device_configuration(device_definitions)
_generate_hosts_role(device_definitions)
+ _generate_separate_hosts_role(device_definitions)
_generate_routers_role(device_definitions)
+ _generate_br_role(device_definitions)
print("Info: Ansible files successfully created.")
diff --git a/modules/network_parser.py b/modules/network_parser.py
index 8de9a8a9bc3df6c420e4b34f8be38a8b6cddbcec..a7224025003e77dd926ce0809e41df667cf94817 100644
--- a/modules/network_parser.py
+++ b/modules/network_parser.py
@@ -1,6 +1,7 @@
""" This module handles network creation. """
import sys
+from modules.routing import BORDER_ROUTER_NAME, BORDER_ROUTER_PUBLIC_IP
def _find_networks(hostname, mappings, device_type):
@@ -50,9 +51,11 @@ def _add_interfaces(hostname, mapping, device_type, networks, definitions):
definitions[hostname].append(
"device.vm.network :private_network, ip: \"" + mapping["ip"]
+ "\", virtualbox__intnet: \"" + mapping["network"] + "\"")
+
+ if hostname == BORDER_ROUTER_NAME:
+ definitions[BORDER_ROUTER_NAME].append("device.vm.network :public_network, ip: \" " + BORDER_ROUTER_PUBLIC_IP + "\"")
- if device_type == "host":
- _add_netmask(hostname, mapping["network"], networks, definitions)
+ _add_netmask(hostname, mapping["network"], networks, definitions)
def add_networks(hostname, yml, definitions):
""" Adds ip address and natmask to a host. """
diff --git a/modules/provider.py b/modules/provider.py
index c4b6941783fb31150aedb535733a408ef37628d9..5bf02fc1d53ffa0c3de5d24fdd543df44055f803 100644
--- a/modules/provider.py
+++ b/modules/provider.py
@@ -48,7 +48,7 @@ def add_prov_attributes(host, flavors, provider_attributes, definitions):
definitions[host['name']].append("end")
-def add_router_specification(router, definitions):
+def add_router_specification(router, definitions, ansible_local):
""" Adds the default specification for a router. """
router_box = "generic/debian10"
diff --git a/modules/routing.py b/modules/routing.py
new file mode 100644
index 0000000000000000000000000000000000000000..f1b556f0b45f4292075b1c8c56ffe352f2f80ca0
--- /dev/null
+++ b/modules/routing.py
@@ -0,0 +1,73 @@
+import sys
+
+BORDER_ROUTER_NAME = "br"
+BORDER_ROUTER_IP = "172.18.0.1"
+BORDER_ROUTER_PUBLIC_IP = "172.18.10.1"
+BORDER_ROUTER_NETWORK_NAME = "BR"
+BORDER_ROUTER_NETWORK_IP = "172.18.0.0/24"
+
+def _are_br_parameters_free(definitions):
+ """ Checks if border router parameters are not already taken. """
+
+ for host in definitions["hosts"]:
+ if host["name"] == BORDER_ROUTER_NAME:
+ return False
+
+ for router in definitions["routers"]:
+ if router["name"] == BORDER_ROUTER_NAME:
+ return False
+
+ for network in definitions["networks"]:
+ if network["name"] == BORDER_ROUTER_NETWORK_NAME or network["cidr"] == BORDER_ROUTER_NETWORK_IP:
+ return False
+
+ for net_mapping in definitions["net_mappings"]:
+ if net_mapping["ip"] == BORDER_ROUTER_IP:
+ return False
+
+
+ for router_mapping in definitions["router_mappings"]:
+ if router_mapping["ip"] == BORDER_ROUTER_IP:
+ return False
+
+ return True
+
+
+def _create_mappings_to_border_router(definitions):
+ """ Creates router_mapping entries from routers to border router. """
+
+ for router in definitions["routers"]:
+ num = definitions["routers"].index(router) + 5
+ if num > 255:
+ print("Error: too many routers.")
+ sys.exit(1)
+
+ ip = BORDER_ROUTER_IP[:(0-len(str(num)))]
+ ip += str(num)
+
+ definitions["router_mappings"].append({"router":router["name"]
+ ,"network":BORDER_ROUTER_NETWORK_NAME
+ ,"ip":ip})
+
+
+def create_border_router(definitions):
+ """ Adds the definition of border router to definitions """
+
+ # TODO this should be later moved to input check
+ if not _are_br_parameters_free:
+ print("Error: Device parameter conflict.")
+
+ """ Last number in the ip of routers in border network. """
+ router_n = 5
+
+ _create_mappings_to_border_router(definitions)
+
+
+ definitions["routers"].append({"name":BORDER_ROUTER_NAME })
+ definitions["networks"].append({"name":BORDER_ROUTER_NETWORK_NAME
+ ,"cidr":BORDER_ROUTER_NETWORK_IP})
+ definitions["router_mappings"].append({"router":BORDER_ROUTER_NAME
+ ,"network":BORDER_ROUTER_NETWORK_NAME
+ ,"ip":BORDER_ROUTER_IP} )
+
+
diff --git a/name_mapping/interface.yml b/name_mapping/interface.yml
index 9761b225a446b5ec75d2ab8a733c0f89404d5ee6..b675069d546ccf754b9c2ea5a5000dabe4c82f75 100644
--- a/name_mapping/interface.yml
+++ b/name_mapping/interface.yml
@@ -2,3 +2,4 @@ kalilinux/rolling-light: eth1
xubuntu-16.04-desktop-amd64: eth1
ubuntu/xenial64: enp0s8
acntech/xubuntu-developer: enp0s8
+debian/contrib-jessie64: eth1
diff --git a/templates/br b/templates/br
new file mode 100644
index 0000000000000000000000000000000000000000..570104710ca254c62eeefeb5c0fd1ab8b56b4ba4
--- /dev/null
+++ b/templates/br
@@ -0,0 +1,40 @@
+---
+# Configuration for the border router
+
+- name: Enable IP forwarding
+ copy:
+ dest: "/etc/sysctl.conf"
+ content: "net.ipv4.ip_forward=1"
+
+- name: Restarting procps service
+ command: /etc/init.d/procps restart
+
+{% for host in hosts %}
+- name: Add {{ host.host_name }} alias
+ lineinfile:
+ path: /etc/hosts
+ line: {{ host.host_ip }} {{ host.host_name }}
+
+{% endfor %}
+{% for router in routers %}
+- name: Add {{ router.router_name }} alias
+ lineinfile:
+ path: /etc/hosts
+ line: {{ router.router_ip }} {{ router.router_name }}
+
+{% endfor %}
+
+{% for target_cidr, router_ip in br_routes.items() %}
+- name: Add routing to network {{ target_cidr }}
+ command: route add -net {{ target_cidr }} gw {{ router_ip }} eth1
+{% endfor %}
+
+- name: Add postrouting
+ # ssh connection fails without async after execution of iptables commands
+ shell: "sleep 2 && sudo iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source {{ border_router_public_ip }}"
+ async: 1
+ poll: 0
+
+- name: Save postrouting rule
+ command: su -c 'iptables-save > /etc/iptables.rules'
+...
diff --git a/templates/device_configuration b/templates/device_configuration
index 73a852fe23a6ad5db658fbe1de3a385b43a7718b..e8ba8322319433a12718201c9e7823f43b14a95a 100644
--- a/templates/device_configuration
+++ b/templates/device_configuration
@@ -7,18 +7,34 @@
roles:
- hosts
+{% for host in hosts %}
+- name: Configuring host {{ host.host_name }} separately
+ hosts: {{ host.host_name }}
+ become: yes
+ roles:
+ - {{ host.host_name }}
+
+{% endfor %}
{% for host in hosts %}
- name: Configuring host {{ host.host_name }}
hosts: {{ host.host_name }}
become: yes
tasks:
- - name: Change default gateway
- command: route add default gw {{ host.router_ip }} {{ host.interface }}
+{% for network_ip in network_ips %}
+ - name: Add gateway for {{ network_ip }}
+ command: route add -net {{ network_ip }} gw {{ host.router_ip }} {{ host.interface }}
+{% endfor %}
{% endfor %}
- name: Configuring all routers
- hosts: {{ routers|map(attribute='router_name')|unique|join(',') }}
+ hosts: {{ routers|map(attribute='router_name')|unique|reject('eq', border_router_name)|join(',') }}
become: yes
roles:
- routers
+
+- name: Configuring border router
+ hosts: {{ border_router_name }}
+ become: yes
+ roles:
+ - br
...
diff --git a/templates/hosts b/templates/hosts
index 7ec4b06d1cb50d78bbeb36dd935879df7ea9cbac..e9254f11c31650636be65efaf1f4cdc53326191e 100644
--- a/templates/hosts
+++ b/templates/hosts
@@ -1,5 +1,5 @@
---
-# Configuration of all host devices
+# Basic configuration of all host devices
- name: Install net-tools
command: apt install net-tools
@@ -18,4 +18,7 @@
line: {{ router.router_ip }} {{ router.router_name }}
{% endfor %}
+
+- name: Delete default gateway
+ command: route del default
...
diff --git a/templates/playbook b/templates/playbook
index cfe188a59a72408645ea38f871339d4b5b7d9110..7f3e1c7089a960a7da5b952b974f818a23081acf 100644
--- a/templates/playbook
+++ b/templates/playbook
@@ -1,33 +1,12 @@
---
-# Main ansible playbook
-
-#- import_playbook: device_configuration.yml - for new version
-
-- name: Configuring all hosts
- hosts: {{ hosts|map(attribute='host_name')|unique|join(',') }}
- become: yes
- roles:
- - hosts
-
-{% for host in hosts %}
-- name: Configuring host {{ host.host_name }}
- hosts: {{ host.host_name }}
- become: yes
- tasks:
-{% for network_ip in network_ips %}
- - name: Add gateway for {{ network_ip }}
- command: route add -net {{ network_ip }} gw {{ host.router_ip }} {{ host.interface }}
-{% endfor %}
-
-
-{% endfor %}
-- name: Configuring all routers
- hosts: {{ routers|map(attribute='router_name')|unique|join(',') }}
- become: yes
- roles:
- - routers
-
+# Main user ansible playbook
# Write your custom configuration here:
+- name: Hello world
+ hosts: all
+ tasks:
+ - name: print hello world
+ debug:
+ msg: "Hello World"
...
diff --git a/templates/routers b/templates/routers
index 88a4207a4b61b42d98dde36d273a8d71595ae16e..01f390d6dece8929ead4c09d6144659bc2ac05aa 100644
--- a/templates/routers
+++ b/templates/routers
@@ -23,4 +23,9 @@
line: {{ router.router_ip }} {{ router.router_name }}
{% endfor %}
+- name: Delete default gateway
+ command: route del default
+
+- name: Add default path to border router
+ command: route add default gw {{ border_router_ip }} eth2
...
diff --git a/templates/separate_hosts b/templates/separate_hosts
new file mode 100644
index 0000000000000000000000000000000000000000..42e3f8076cb7cd468c1bf1cfb87f295d4ddbac46
--- /dev/null
+++ b/templates/separate_hosts
@@ -0,0 +1,6 @@
+---
+# Role for the host {{ host_name }}
+
+- name: Add default path to router
+ command: route add default gw {{ router_ip }} {{ interface }}
+...
diff --git a/templates/user_hosts b/templates/user_hosts
new file mode 100644
index 0000000000000000000000000000000000000000..0dccf70c06e2ec8580828c2c8c6693e870030b59
--- /dev/null
+++ b/templates/user_hosts
@@ -0,0 +1,8 @@
+---
+# This is a role for all hosts.
+# You can write your tasks here.
+# These changes will affect all hosts.
+
+
+
+...
diff --git a/templates/user_separate_hosts b/templates/user_separate_hosts
new file mode 100644
index 0000000000000000000000000000000000000000..f49a8bafc9297f21682d4a170677d597336f6544
--- /dev/null
+++ b/templates/user_separate_hosts
@@ -0,0 +1,8 @@
+---
+# This is a role for the host {{ host_name }}.
+# You can write your tasks here.
+# These changes will affect only the host {{ host_name }}.
+
+
+
+...
diff --git a/templates/vagrantfile b/templates/vagrantfile
index c6dc87ac323c84fb3bb77fecef40e8906a11b12d..946446c71fc08127a3026740579c095125186d20 100644
--- a/templates/vagrantfile
+++ b/templates/vagrantfile
@@ -19,17 +19,29 @@ Vagrant.configure("2") do |config|
{{ printAttributes(name) }} end
{% endfor %}
- # configuration of devices with ansible
- config.vm.provision "ansible" do |ansible|
+ # basic ansible configuration of devices and networks
+ config.vm.provision :ansible{% if ansible_local %}_local{% endif %} do |ansible|
+ ansible.playbook = "base_provisioning/device_configuration.yml"
+ ansible.verbose = true
+ ansible.extra_vars = {
+ ansible_python_interpreter: "/usr/bin/python3",
+ }
+ end
+
+
+ # user configuration of devices with ansible
+ config.vm.provision :ansible{% if ansible_local %}_local{% endif %} do |ansible|
ansible.playbook = "provisioning/playbook.yml"
+ ansible.verbose = true
ansible.extra_vars = {
ansible_python_interpreter: "/usr/bin/python3",
}
end
{% for name in user_files %}
- config.vm.provision "ansible" do |ansible|
+ config.vm.provision :ansible{% if ansible_local %}_local{% endif %} do |ansible|
ansible.playbook = "provisioning/{{ name }}.yml"
+ ansible.verbose = true
ansible.extra_vars = {
ansible_python_interpreter: "/usr/bin/python3",
}