razorsedge · ManfredP · Jun 8, 2020 · Jun 3, 2020 · Jan 27, 2021
diff --git a/manifests/alias/range.pp b/manifests/alias/range.pp
@@ -75,6 +75,11 @@
     'absent' => 'absent',
     default  => undef,
   }
+  if versioncmp($::operatingsystemrelease, '8') >= 0 {
+    $nm_controlled = true
+  } else {
+    $nm_controlled = false
+  }
 
   file { "ifcfg-${interface}-range${clonenum_start}":
     ensure  => $file_ensure,
@@ -88,7 +93,7 @@
 
   if $restart {
     File["ifcfg-${interface}-range${clonenum_start}"] {
-      notify  => Service['network'],
+      notify  => Class['network::service'],
     }
   }
 

diff --git a/manifests/bond/slave.pp b/manifests/bond/slave.pp
@@ -21,7 +21,7 @@
 #
 # === Requires:
 #
-#   Service['network']
+#   Class['network::service']
 #
 # === Sample Usage:
 #
@@ -61,6 +61,11 @@
   include '::network'
 
   $interface = $name
+  if versioncmp($::operatingsystemrelease, '8') >= 0 {
+    $nm_controlled = true
+  } else {
+    $nm_controlled = false
+  }
 
   file { "ifcfg-${interface}":
     ensure  => 'present',
@@ -74,7 +79,7 @@
 
   if $restart {
     File["ifcfg-${interface}"] {
-      notify  => Service['network'],
+      notify  => Class['network::service'],
     }
   }
 } # define network::bond::slave
diff --git a/manifests/bridge.pp b/manifests/bridge.pp
@@ -67,6 +67,11 @@
     'down'  => 'no',
     default => undef,
   }
+  if versioncmp($::operatingsystemrelease, '8') >= 0 {
+    $nm_controlled = true
+  } else {
+    $nm_controlled = false
+  }
 
   file { "ifcfg-${interface}":
     ensure  => 'present',
@@ -80,7 +85,7 @@
 
   if $restart {
     File["ifcfg-${interface}"] {
-      notify  => Service['network'],
+      notify  => Class['network::service'],
     }
   }
 } # define network::bridge
diff --git a/manifests/bridge/dynamic.pp b/manifests/bridge/dynamic.pp
@@ -68,6 +68,11 @@
     'down'  => 'no',
     default => undef,
   }
+  if versioncmp($::operatingsystemrelease, '8') >= 0 {
+    $nm_controlled = true
+  } else {
+    $nm_controlled = false
+  }
 
   file { "ifcfg-${interface}":
     ensure  => 'present',
@@ -81,7 +86,7 @@
 
   if $restart {
     File["ifcfg-${interface}"] {
-      notify  => Service['network'],
+      notify  => Class['network::service'],
     }
   }
 } # define network::bridge::dynamic
diff --git a/manifests/bridge/static.pp b/manifests/bridge/static.pp
@@ -112,6 +112,11 @@
     'down'  => 'no',
     default => undef,
   }
+  if versioncmp($::operatingsystemrelease, '8') >= 0 {
+    $nm_controlled = true
+  } else {
+    $nm_controlled = false
+  }
 
   file { "ifcfg-${interface}":
     ensure  => 'present',
@@ -125,7 +130,7 @@
 
   if $restart {
     File["ifcfg-${interface}"] {
-      notify  => Service['network'],
+      notify  => Class['network::service'],
     }
   }
 } # define network::bridge::static
diff --git a/manifests/global.pp b/manifests/global.pp
@@ -32,7 +32,7 @@
 #
 # === Requires:
 #
-#   Service['network']
+#   Class['network::service']
 #
 # === Sample Usage:
 #
@@ -129,7 +129,7 @@
 
   if $restart {
     File['network.sysconfig'] {
-      notify  => Service['network'],
+      notify  => Class['network::service'],
     }
   }
 } # class global
diff --git a/manifests/hiera.pp b/manifests/hiera.pp
@@ -12,7 +12,7 @@
 #
 # === Requires:
 #
-#   Service['network']
+#   Class['network::service']
 #
 # === Sample Usage:
 #

diff --git a/manifests/if/promisc.pp b/manifests/if/promisc.pp
@@ -19,7 +19,7 @@
 #
 # === Requires:
 #
-#   Service['network']
+#   Class['network::service']
 #
 # === Sample Usage:
 #

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -8,7 +8,7 @@
 #
 # === Actions:
 #
-# Defines the network service so that other resources can notify it to restart.
+# Fails if not on a RHEL system
 #
 # === Sample Usage:
 #
@@ -30,14 +30,7 @@
       fail('This network module only supports RedHat-based systems.')
     }
   }
-
-  service { 'network':
-    ensure     => 'running',
-    enable     => true,
-    hasrestart => true,
-    hasstatus  => true,
-    provider   => 'redhat',
-  }
+  contain network::service
 } # class network
 
 # == Definition: network_if_base
@@ -177,6 +170,12 @@
     $dns2_real = $dns2
   }
 
+  if versioncmp($::operatingsystemrelease, '8') >= 0 {
+    $nm_controlled = true
+  } else {
+    $nm_controlled = false
+  }
+
   if $isalias {
     $onparent = $ensure ? {
       'up'    => 'yes',
@@ -199,7 +198,7 @@
       command     => "ip addr flush dev ${interface}",
       refreshonly => true,
       subscribe   => File["ifcfg-${interface}"],
-      before      => Service['network'],
+      before      => Class['network::service'],
       path        => '/sbin:/usr/sbin',
     }
   }
@@ -215,7 +214,7 @@
 
   if $restart {
     File["ifcfg-${interface}"] {
-      notify  => Service['network'],
+      notify  => Class['network::service'],
     }
   }
 } # define network_if_base

diff --git a/manifests/route.pp b/manifests/route.pp
@@ -16,7 +16,7 @@
 # === Requires:
 #
 #   File["ifcfg-$name"]
-#   Service['network']
+#   Class['network::service']
 #
 # === Sample Usage:
 #
@@ -41,35 +41,67 @@
 # Copyright (C) 2011 Mike Arnold, unless otherwise noted.
 #
 define network::route (
-  $ipaddress,
-  $netmask,
-  $gateway,
-  $restart = true,
+  $ipaddress   = [],
+  $netmask     = [],
+  $gateway     = [],
+  $ipv4_routes = [],
+  $ipv6_routes = [],
+  $restart     = true,
 ) {
   # Validate our arrays
   validate_array($ipaddress)
   validate_array($netmask)
   validate_array($gateway)
+  validate_array($ipv4_routes)
+  validate_array($ipv6_routes)
   # Validate our booleans
   validate_bool($restart)
 
   include '::network'
 
   $interface = $name
 
-  file { "route-${interface}":
-    ensure  => 'present',
-    mode    => '0644',
-    owner   => 'root',
-    group   => 'root',
-    path    => "/etc/sysconfig/network-scripts/route-${interface}",
-    content => template('network/route-eth.erb'),
-    before  => File["ifcfg-${interface}"],
+  if $restart {
+    $notify = Class['network::service']
+  } else {
+    $notify = undef
   }
 
-  if $restart {
-    File["route-${interface}"] {
-      notify  => Service['network'],
+  if empty($ipaddress) and (!empty($ipv4_routes) or !empty($ipv6_routes)) {
+    if ! empty($ipv4_routes) {
+      file { "route-${interface}":
+        ensure  => 'present',
+        mode    => '0644',
+        owner   => 'root',
+        group   => 'root',
+        path    => "/etc/sysconfig/network-scripts/route-${interface}",
+        content => template('network/route-eth-v4.erb'),
+        before  => File["ifcfg-${interface}"],
+        notify  => $notify,
+      }
+    }
+    if ! empty($ipv6_routes) {
+      file { "route6-${interface}":
+        ensure  => 'present',
+        mode    => '0644',
+        owner   => 'root',
+        group   => 'root',
+        path    => "/etc/sysconfig/network-scripts/route6-${interface}",
+        content => template('network/route-eth-v6.erb'),
+        before  => File["ifcfg-${interface}"],
+        notify  => $notify,
+      }
+    }
+  } else {
+    file { "route-${interface}":
+      ensure  => 'present',
+      mode    => '0644',
+      owner   => 'root',
+      group   => 'root',
+      path    => "/etc/sysconfig/network-scripts/route-${interface}",
+      content => template('network/route-eth.erb'),
+      before  => File["ifcfg-${interface}"],
+      notify  => $notify,
     }
   }
 } # define network::route
diff --git a/manifests/rule.pp b/manifests/rule.pp
@@ -0,0 +1,84 @@
+# == Definition: network::rule
+#
+# Configures /etc/sysconfig/networking-scripts/rule-$name.
+#
+# === Parameters:
+#
+#   $ipv4_rules
+#   $ipv6_rules
+#
+# === Actions:
+#
+# Deploys the file /etc/sysconfig/network-scripts/rule-$name.
+#
+# === Requires:
+#
+#   File["ifcfg-$name"]
+#   Class['network::service']
+#
+# === Sample Usage:
+#
+#   network::route { 'eth0':
+#     ipv4_rules => [{
+#       iif   => 'eth0',
+#       table => 1,
+#     },{
+#       from  => '192.168.200.100',
+#       table => 1,
+#     },]
+#   }
+#
+# === Authors:
+#
+# Manfred Pusch <[email protected]>
+#
+# === Copyright:
+#
+# Copyright (C) 2016 Manfred Pusch, unless otherwise noted.
+#
+define network::rule (
+  $ipv4_rules = [],
+  $ipv6_rules = [],
+  $restart    = true,
+) {
+  # Validate our arrays
+  validate_array($ipv4_rules)
+  validate_array($ipv6_rules)
+  # Validate our booleans
+  validate_bool($restart)
+
+  include '::network'
+
+  $interface = $name
+
+  if $restart {
+    $notify = Class['network::service']
+  } else {
+    $notify = undef
+  }
+
+  if ! empty($ipv4_rules) {
+    file { "rule-${interface}":
+      ensure  => 'present',
+      mode    => '0644',
+      owner   => 'root',
+      group   => 'root',
+      path    => "/etc/sysconfig/network-scripts/rule-${interface}",
+      content => template('network/rule-eth-v4.erb'),
+      before  => File["ifcfg-${interface}"],
+      notify  => $notify,
+    }
+  }
+  if ! empty($ipv6_rules) {
+    file { "rule6-${interface}":
+      ensure  => 'present',
+      mode    => '0644',
+      owner   => 'root',
+      group   => 'root',
+      path    => "/etc/sysconfig/network-scripts/rule6-${interface}",
+      content => template('network/rule-eth-v6.erb'),
+      before  => File["ifcfg-${interface}"],
+      notify  => $notify,
+    }
+  }
+} # define network::rule