kubespray/roles/network_plugin/macvlan/tasks/main.yml

---
- name: Macvlan | Retrieve Pod Cidr
  command: "{{ kubectl }} get nodes {{ kube_override_hostname | default(inventory_hostname) }} -o jsonpath='{.spec.podCIDR}'"
  changed_when: false
  register: node_pod_cidr_cmd
  delegate_to: "{{ groups['kube_control_plane'][0] }}"

- name: Macvlan | set node_pod_cidr
  set_fact:
    node_pod_cidr: "{{ node_pod_cidr_cmd.stdout }}"

- name: Macvlan | Retrieve default gateway network interface
  become: false
  raw: ip -4 route list 0/0 | sed 's/.*dev \([[:alnum:]]*\).*/\1/'
  changed_when: false
  register: node_default_gateway_interface_cmd

- name: Macvlan | set node_default_gateway_interface
  set_fact:
    node_default_gateway_interface: "{{ node_default_gateway_interface_cmd.stdout | trim }}"

- name: Macvlan | Install network gateway interface on debian
  template:
    src: debian-network-macvlan.cfg.j2
    dest: /etc/network/interfaces.d/60-mac0.cfg
    mode: 0644
  notify: Macvlan | restart network
  when: ansible_os_family in ["Debian"]

- block:
  - name: Macvlan | Install macvlan script on centos
    copy:
      src: "{{ item }}"
      dest: /etc/sysconfig/network-scripts/
      owner: root
      group: root
      mode: "0755"
    with_fileglob:
    - files/*

  - name: Macvlan | Install post-up script on centos
    copy:
      src: "files/ifup-local"
      dest: /sbin/
      owner: root
      group: root
      mode: "0755"
    when: enable_nat_default_gateway

  - name: Macvlan | Install network gateway interface on centos
    template:
      src: "{{ item.src }}.j2"
      dest: "/etc/sysconfig/network-scripts/{{ item.dst }}"
      mode: 0644
    with_items:
    - {src: centos-network-macvlan.cfg, dst: ifcfg-mac0 }
    - {src: centos-routes-macvlan.cfg, dst: route-mac0 }
    - {src: centos-postup-macvlan.cfg, dst: post-up-mac0 }
    notify: Macvlan | restart network

  when: ansible_os_family == "RedHat"

- block:
  - name: Macvlan | Install service nat via gateway on Flatcar Container Linux
    template:
      src: coreos-service-nat_ouside.j2
      dest: /etc/systemd/system/enable_nat_ouside.service
      mode: 0644
    when: enable_nat_default_gateway

  - name: Macvlan | Enable service nat via gateway on Flatcar Container Linux
    command: "{{ item }}"
    with_items:
    - systemctl daemon-reload
    - systemctl enable enable_nat_ouside.service
    when: enable_nat_default_gateway

  - name: Macvlan | Install network gateway interface on Flatcar Container Linux
    template:
      src: "{{ item.src }}.j2"
      dest: "/etc/systemd/network/{{ item.dst }}"
      mode: 0644
    with_items:
    - {src: coreos-device-macvlan.cfg, dst: macvlan.netdev }
    - {src: coreos-interface-macvlan.cfg, dst: output.network }
    - {src: coreos-network-macvlan.cfg, dst: macvlan.network }
    notify: Macvlan | restart network

  when: ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]

- name: Macvlan | Install cni definition for Macvlan
  template:
    src: 10-macvlan.conf.j2
    dest: /etc/cni/net.d/10-macvlan.conf
    mode: 0644

- name: Macvlan | Install loopback definition for Macvlan
  template:
    src: 99-loopback.conf.j2
    dest: /etc/cni/net.d/99-loopback.conf
    mode: 0644

- name: Enable net.ipv4.conf.all.arp_notify in sysctl
  ansible.posix.sysctl:
    name: net.ipv4.conf.all.arp_notify
    value: 1
    sysctl_set: yes
    sysctl_file: "{{ sysctl_file_path }}"
    state: present
    reload: yes