The network module is used to create and manage network settings, interfaces can be set as either managed or ignored. By default all interfaces are ignored unless specified.
Note
RedHat-based systems (RHEL, CentOS, Scientific, etc.) have been supported since version 2014.1.0.
Debian-based systems (Debian, Ubuntu, etc.) have been supported since version 2017.7.0. The following options are not supported: ipaddr_start, and ipaddr_end.
Other platforms are not yet supported.
Note
On Debian-based systems, networking configuration can be specified in /etc/network/interfaces or via included files such as (by default) /etc/network/interfaces.d/*. This can be problematic for configuration management. It is recommended to use either file.managed or network.managed.
If using network.managed, it can be useful to ensure interfaces.d/ is empty. This can be done using:
- /etc/network/interfaces.d:
- file.directory:
- clean: True
system: network.system: - enabled: True - hostname: server1.example.com - gateway: 192.168.0.1 - gatewaydev: eth0 - nozeroconf: True - nisdomain: example.com - require_reboot: True eth0: network.managed: - enabled: True - type: eth - proto: static - ipaddr: 10.1.0.7 - netmask: 255.255.255.0 - gateway: 10.1.0.1 - enable_ipv6: true - ipv6proto: static - ipv6ipaddrs: - 2001:db8:dead:beef::3/64 - 2001:db8:dead:beef::7/64 - ipv6gateway: 2001:db8:dead:beef::1 - ipv6netmask: 64 - dns: - 8.8.8.8 - 8.8.4.4 eth0-range0: network.managed: - type: eth - ipaddr_start: 192.168.1.1 - ipaddr_end: 192.168.1.10 - clonenum_start: 10 - mtu: 9000 bond0-range0: network.managed: - type: eth - ipaddr_start: 192.168.1.1 - ipaddr_end: 192.168.1.10 - clonenum_start: 10 - mtu: 9000 eth1.0-range0: network.managed: - type: eth - ipaddr_start: 192.168.1.1 - ipaddr_end: 192.168.1.10 - clonenum_start: 10 - vlan: True - mtu: 9000 bond0.1-range0: network.managed: - type: eth - ipaddr_start: 192.168.1.1 - ipaddr_end: 192.168.1.10 - clonenum_start: 10 - vlan: True - mtu: 9000 .. note:: add support of ranged interfaces (vlan, bond and eth) for redhat system, Important:type must be eth. routes: network.routes: - name: eth0 - routes: - name: secure_network ipaddr: 10.2.0.0 netmask: 255.255.255.0 gateway: 10.1.0.3 - name: HQ_network ipaddr: 10.100.0.0 netmask: 255.255.0.0 gateway: 10.1.0.10 eth2: network.managed: - enabled: True - type: slave - master: bond0 eth3: network.managed: - enabled: True - type: slave - master: bond0 eth4: network.managed: - enabled: True - type: eth - proto: dhcp - bridge: br0 eth5: network.managed: - enabled: True - type: eth - proto: dhcp - noifupdown: True # Do not restart the interface # you need to reboot/reconfigure manualy bond0: network.managed: - type: bond - ipaddr: 10.1.0.1 - netmask: 255.255.255.0 - mode: gre - proto: static - dns: - 8.8.8.8 - 8.8.4.4 - enabled: False - slaves: eth2 eth3 - require: - network: eth2 - network: eth3 - miimon: 100 - arp_interval: 250 - downdelay: 200 - lacp_rate: fast - max_bonds: 1 - updelay: 0 - use_carrier: on - xmit_hash_policy: layer2 - mtu: 9000 - autoneg: on - speed: 1000 - duplex: full - rx: on - tx: off - sg: on - tso: off - ufo: off - gso: off - gro: off - lro: off bond0.2: network.managed: - type: vlan - ipaddr: 10.1.0.2 - use: - network: bond0 - require: - network: bond0 bond0.3: network.managed: - type: vlan - ipaddr: 10.1.0.3 - use: - network: bond0 - require: - network: bond0 bond0.10: network.managed: - type: vlan - ipaddr: 10.1.0.4 - use: - network: bond0 - require: - network: bond0 bond0.12: network.managed: - type: vlan - ipaddr: 10.1.0.5 - use: - network: bond0 - require: - network: bond0 br0: network.managed: - enabled: True - type: bridge - proto: dhcp - bridge: br0 - delay: 0 - ports: eth4 - bypassfirewall: True - use: - network: eth4 - require: - network: eth4 eth6: network.managed: - type: eth - noifupdown: True # IPv4 - proto: static - ipaddr: 192.168.4.9 - netmask: 255.255.255.0 - gateway: 192.168.4.1 - enable_ipv6: True # IPv6 - ipv6proto: static - ipv6ipaddr: 2001:db8:dead:c0::3 - ipv6netmask: 64 - ipv6gateway: 2001:db8:dead:c0::1 # override shared; makes those options v4-only - ipv6ttl: 15 # Shared - mtu: 1480 - ttl: 18 - dns: - 8.8.8.8 - 8.8.4.4 eth7: - type: eth - proto: static - ipaddr: 10.1.0.7 - netmask: 255.255.255.0 - gateway: 10.1.0.1 - enable_ipv6: True - ipv6proto: static - ipv6ipaddr: 2001:db8:dead:beef::3 - ipv6netmask: 64 - ipv6gateway: 2001:db8:dead:beef::1 - noifupdown: True eth8: network.managed: - enabled: True - type: eth - proto: static - enable_ipv6: true - ipv6proto: static - ipv6ipaddrs: - 2001:db8:dead:beef::3/64 - 2001:db8:dead:beef::7/64 - ipv6gateway: 2001:db8:dead:beef::1 - ipv6netmask: 64 - dns: - 8.8.8.8 - 8.8.4.4 system: network.system: - enabled: True - hostname: server1.example.com - gateway: 192.168.0.1 - gatewaydev: eth0 - nozeroconf: True - nisdomain: example.com - require_reboot: True - apply_hostname: True lo: network.managed: - name: lo - type: eth - proto: loopback - onboot: yes - userctl: no - ipv6_autoconf: no - enable_ipv6: true .. note:: Apply changes to hostname immediately. .. versionadded:: 2015.5.0 system: network.system: - hostname: server2.example.com - apply_hostname: True - retain_settings: True .. note:: Use `retain_settings` to retain current network settings that are not otherwise specified in the state. Particularly useful if only setting the hostname. Default behavior is to delete unspecified network settings. .. versionadded:: 2016.11.0
Note
When managing bridged interfaces on a Debian or Ubuntu based system, the ports argument is required. Red Hat systems will ignore the argument.
Ensure that the named interface is configured properly.
Manage network interface static routes.
Ensure that global network settings are configured properly.
© 2019 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltstack.com/en/latest/ref/states/all/salt.states.network.html