ansible-openqa-management/tasks/remove_openqa-multivm-networking.yml

93 lines
2.1 KiB
YAML

---
- name: Remove files
ansible.builtin.file:
path: '{{ item }}'
state: absent
loop:
- /etc/sysconfig/os-autoinst-openvswitch
- /etc/sysconfig/network-scripts/ifcfg-{{ openqa_multivm_bridge_interface }}
- name: Remove tap interface configurations
ansible.builtin.file:
path: /etc/sysconfig/network-scripts/ifcfg-tap{{ item }}
state: absent
loop: "{{ range(openqa_worker_count | int) | list }}"
- name: Delete bridge interface
ansible.builtin.command: ovs-vsctl del-br {{ openqa_multivm_bridge_interface }}
changed_when: true
- name: Disable openvswitch services
ansible.builtin.systemd:
name: "{{ item }}"
state: stopped
enabled: false
loop:
- os-autoinst-openvswitch
- openvswitch
- name: Remove packages
ansible.builtin.dnf:
pkg:
- os-autoinst-openvswitch
- tunctl
- network-scripts
state: absent
- name: Remove /sbin/ifup-pre-local
ansible.builtin.file:
path: /sbin/ifup-pre-local
state: absent
- name: Disable bridge interface for internal zone
ansible.posix.firewalld:
permanent: true
interface: br0
state: disabled
zone: internal
notify: reload_firewalld
- name: Disable masquerade for public and internal zones
ansible.posix.firewalld:
masquerade: true
permanent: true
state: disabled
zone: '{{ item }}'
loop:
- public
- internal
notify: reload_firewalld
- name: Disable ipv4 IP forwarding
ansible.posix.sysctl:
name: net.ipv4.ip_forward
value: '1'
state: absent
sysctl_file: /etc/sysctl.d/ip-forward.conf
sysctl_set: true
- name: Set-target ACCEPT on public zone
ansible.posix.firewalld:
permanent: true
state: absent
zone: public
target: ACCEPT
notify: reload_firewalld
- name: Remove port for GRE tunnel
ansible.posix.firewalld:
permanent: true
port: 1723/tcp
state: disabled
notify: reload_firewalld
- name: Set WORKER_CLASS for tap interfaces
community.general.ini_file:
path: /etc/openqa/workers.ini
section: global
option: WORKER_CLASS
value: qemu_x86_64,tap
state: absent
mode: '0644'
...