kubespray/roles/network_plugin/macvlan/tasks/main.yml

---
- name: Macvlan | Retrieve Pod Cidr
  command: "{{ bin_dir }}/kubectl get nodes {{ kube_override_hostname | default(inventory_hostname) }} -o jsonpath='{.spec.podCIDR}'"
  changed_when: false
  register: node_pod_cidr_cmd
  delegate_to: "{{ groups['kube-master'][0] }}"

- name: Macvlan | set node_pod_cidr
  set_fact:
    node_pod_cidr={{ node_pod_cidr_cmd.stdout }}

- name: Macvlan | Retrieve default gateway network interface
  become: false
  raw: ip -4 route list 0/0 | sed 's/.*dev \([[:alnum:]]*\).*/\1/'
  changed_when: false
  register: node_default_gateway_interface_cmd

- name: Macvlan | set node_default_gateway_interface
  set_fact:
    node_default_gateway_interface={{ node_default_gateway_interface_cmd.stdout | trim }}

- name: Macvlan | Install network gateway interface on debian
  template:
    src: debian-network-macvlan.cfg.j2
    dest: /etc/network/interfaces.d/60-mac0.cfg
  notify: Macvlan | restart network
  when: ansible_os_family in ["Debian"]

- name: Macvlan | Install macvlan script on centos
  copy:
    src: "{{ item }}"
    dest: /etc/sysconfig/network-scripts/
    owner: root
    group: root
    mode: "0755"
  with_fileglob:
    - files/*
  when: ansible_os_family in ["CentOS","RedHat"]

- name: Macvlan | Install post-up script on centos
  copy:
    src: "files/ifup-local"
    dest: /sbin/
    owner: root
    group: root
    mode: "0755"
  when: ansible_os_family in ["CentOS","RedHat"] and enable_nat_default_gateway

- name: Macvlan | Install network gateway interface on centos
  template:
    src: "{{ item.src }}.j2"
    dest: "/etc/sysconfig/network-scripts/{{ item.dst }}"
  with_items:
    - {src: centos-network-macvlan.cfg, dst: ifcfg-mac0 }
    - {src: centos-routes-macvlan.cfg, dst: route-mac0 }
    - {src: centos-postup-macvlan.cfg, dst: post-up-mac0 }
  notify: Macvlan | restart network
  when: ansible_os_family in ["CentOS","RedHat"]

- name: Macvlan | Install service nat via gateway on Flatcar Container Linux
  template:
    src: coreos-service-nat_ouside.j2
    dest: /etc/systemd/system/enable_nat_ouside.service
  when: ansible_os_family in ["Flatcar Container Linux by Kinvolk"] and enable_nat_default_gateway

- name: Macvlan | Enable service nat via gateway on Flatcar Container Linux
  command: "{{ item }}"
  with_items:
    - systemctl daemon-reload
    - systemctl enable enable_nat_ouside.service
  when: ansible_os_family in ["Flatcar Container Linux by Kinvolk"] and enable_nat_default_gateway

- name: Macvlan | Install network gateway interface on Flatcar Container Linux
  template:
    src: "{{ item.src }}.j2"
    dest: "/etc/systemd/network/{{ item.dst }}"
  with_items:
    - {src: coreos-device-macvlan.cfg, dst: macvlan.netdev }
    - {src: coreos-interface-macvlan.cfg, dst: output.network }
    - {src: coreos-network-macvlan.cfg, dst: macvlan.network }
  notify: Macvlan | restart network
  when: ansible_os_family in ["Flatcar Container Linux by Kinvolk"]

- name: Macvlan | Install cni definition for Macvlan
  template:
    src: 10-macvlan.conf.j2
    dest: /etc/cni/net.d/10-macvlan.conf

- name: Macvlan | Install loopback definition for Macvlan
  template:
    src: 99-loopback.conf.j2
    dest: /etc/cni/net.d/99-loopback.conf

- name: Enable net.ipv4.conf.all.arp_notify in sysctl
  sysctl:
    name: net.ipv4.conf.all.arp_notify
    value: 1
    sysctl_set: yes
    sysctl_file: "{{ sysctl_file_path }}"
    state: present
    reload: yes