1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
|
.. _network_config_v1:
Networking config Version 1
***************************
This network configuration format lets users customise their instance's
networking interfaces by assigning subnet configuration, virtual device
creation (bonds, bridges, VLANs) routes and DNS configuration.
Required elements of a `network config Version 1` are ``config`` and
``version``.
``Cloud-init`` will read this format from :ref:`base_config_reference`.
For example, the following could be present in
:file:`/etc/cloud/cloud.cfg.d/custom-networking.cfg`:
.. code-block:: yaml
network:
version: 1
config:
- type: physical
name: eth0
subnets:
- type: dhcp
The :ref:`datasource_nocloud` datasource can also provide ``cloud-init``
networking configuration in this format.
Configuration types
===================
Within the network ``config`` portion, users include a list of configuration
types. The current list of support ``type`` values are as follows:
- ``physical``: Physical
- ``bond``: Bond
- ``bridge``: Bridge
- ``vlan``: VLAN
- ``nameserver``: Nameserver
- ``route``: Route
Physical, Bond, Bridge and VLAN types may also include IP configuration under
the key ``subnets``.
- ``subnets``: Subnet/IP
Physical
--------
The ``physical`` type configuration represents a "physical" network device,
typically Ethernet-based. At least one of these entries is required for
external network connectivity. Type ``physical`` requires only one key:
``name``. A ``physical`` device may contain some or all of the following
keys:
``name: <desired device name>``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
A device's name must be less than 15 characters. Names exceeding the maximum
will be truncated. This is a limitation of the Linux kernel network-device
structure.
``mac_address: <MAC Address>``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The MAC Address is a device unique identifier that most Ethernet-based network
devices possess. Specifying a MAC Address is optional.
Letters must be lowercase.
.. note::
It is best practice to "quote" all MAC addresses, since an unquoted MAC
address might be incorrectly interpreted as an integer in `YAML`_.
.. note::
``Cloud-init`` will handle the persistent mapping between a device's
``name`` and the ``mac_address``.
``mtu: <MTU SizeBytes>``
^^^^^^^^^^^^^^^^^^^^^^^^
The MTU key represents a device's Maximum Transmission Unit, which is the
largest size packet or frame, specified in octets (eight-bit bytes), that can
be sent in a packet- or frame-based network. Specifying ``mtu`` is optional.
.. note::
The possible supported values of a device's MTU are not available at
configuration time. It's possible to specify a value too large or to
small for a device, and may be ignored by the device.
Physical example
^^^^^^^^^^^^^^^^
.. code-block::
network:
version: 1
config:
# Simple network adapter
- type: physical
name: interface0
mac_address: '00:11:22:33:44:55'
# Second nic with Jumbo frames
- type: physical
name: jumbo0
mac_address: 'aa:11:22:33:44:55'
mtu: 9000
# 10G pair
- type: physical
name: gbe0
mac_address: 'cd:11:22:33:44:00'
- type: physical
name: gbe1
mac_address: 'cd:11:22:33:44:02'
Bond
----
A ``bond`` type will configure a Linux software Bond with one or more network
devices. A ``bond`` type requires the following keys:
``name: <desired device name>``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
A device's name must be less than 15 characters. Names exceeding the maximum
will be truncated. This is a limitation of the Linux kernel network-device
structure.
``mac_address: <MAC Address>``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
When specifying MAC Address on a bond this value will be assigned to the bond
device and may be different than the MAC address of any of the underlying
bond interfaces. Specifying a MAC Address is optional. If ``mac_address`` is
not present, then the bond will use one of the MAC Address values from one of
the bond interfaces.
.. note::
It is best practice to "quote" all MAC addresses, since an unquoted MAC
address might be incorrectly interpreted as an integer in `YAML`_.
``bond_interfaces: <List of network device names>``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The ``bond_interfaces`` key accepts a list of network device ``name`` values
from the configuration. This list may be empty.
``mtu: <MTU SizeBytes>``
^^^^^^^^^^^^^^^^^^^^^^^^
The MTU key represents a device's Maximum Transmission Unit, the largest size
packet or frame, specified in octets (eight-bit bytes), that can be sent in a
packet- or frame-based network. Specifying ``mtu`` is optional.
.. note::
The possible supported values of a device's MTU are not available at
configuration time. It's possible to specify a value too large or to
small for a device, and may be ignored by the device.
``params: <Dictionary of key: value bonding parameter pairs>``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The ``params`` key in a bond holds a dictionary of bonding parameters.
This dictionary may be empty. For more details on what the various bonding
parameters mean please read the Linux Kernel :file:`Bonding.txt`.
Valid ``params`` keys are:
- ``active_slave``: Set bond attribute
- ``ad_actor_key``: Set bond attribute
- ``ad_actor_sys_prio``: Set bond attribute
- ``ad_actor_system``: Set bond attribute
- ``ad_aggregator``: Set bond attribute
- ``ad_num_ports``: Set bond attribute
- ``ad_partner_key``: Set bond attribute
- ``ad_partner_mac``: Set bond attribute
- ``ad_select``: Set bond attribute
- ``ad_user_port_key``: Set bond attribute
- ``all_slaves_active``: Set bond attribute
- ``arp_all_targets``: Set bond attribute
- ``arp_interval``: Set bond attribute
- ``arp_ip_target``: Set bond attribute
- ``arp_validate``: Set bond attribute
- ``downdelay``: Set bond attribute
- ``fail_over_mac``: Set bond attribute
- ``lacp_rate``: Set bond attribute
- ``lp_interval``: Set bond attribute
- ``miimon``: Set bond attribute
- ``mii_status``: Set bond attribute
- ``min_links``: Set bond attribute
- ``mode``: Set bond attribute
- ``num_grat_arp``: Set bond attribute
- ``num_unsol_na``: Set bond attribute
- ``packets_per_slave``: Set bond attribute
- ``primary``: Set bond attribute
- ``primary_reselect``: Set bond attribute
- ``queue_id``: Set bond attribute
- ``resend_igmp``: Set bond attribute
- ``slaves``: Set bond attribute
- ``tlb_dynamic_lb``: Set bond attribute
- ``updelay``: Set bond attribute
- ``use_carrier``: Set bond attribute
- ``xmit_hash_policy``: Set bond attribute
Bond example
^^^^^^^^^^^^
.. code-block::
network:
version: 1
config:
# Simple network adapter
- type: physical
name: interface0
mac_address: '00:11:22:33:44:55'
# 10G pair
- type: physical
name: gbe0
mac_address: 'cd:11:22:33:44:00'
- type: physical
name: gbe1
mac_address: 'cd:11:22:33:44:02'
- type: bond
name: bond0
bond_interfaces:
- gbe0
- gbe1
params:
bond-mode: active-backup
Bridge
------
Type ``bridge`` requires the following keys:
- ``name``: Set the name of the bridge.
- ``bridge_interfaces``: Specify the ports of a bridge via their ``name``.
This list may be empty.
- ``params``: A list of bridge params. For more details, please read the
``bridge-utils-interfaces`` manpage.
Valid keys are:
- ``bridge_ageing``: Set the bridge's ageing value.
- ``bridge_bridgeprio``: Set the bridge device network priority.
- ``bridge_fd``: Set the bridge's forward delay.
- ``bridge_hello``: Set the bridge's hello value.
- ``bridge_hw``: Set the bridge's MAC address.
- ``bridge_maxage``: Set the bridge's maxage value.
- ``bridge_maxwait``: Set how long network scripts should wait for the
bridge to be up.
- ``bridge_pathcost``: Set the cost of a specific port on the bridge.
- ``bridge_portprio``: Set the priority of a specific port on the bridge.
- ``bridge_ports``: List of devices that are part of the bridge.
- ``bridge_stp``: Set spanning tree protocol on or off.
- ``bridge_waitport``: Set amount of time in seconds to wait on specific
ports to become available.
Bridge example
^^^^^^^^^^^^^^
.. code-block::
network:
version: 1
config:
# Simple network adapter
- type: physical
name: interface0
mac_address: '00:11:22:33:44:55'
# Second nic with Jumbo frames
- type: physical
name: jumbo0
mac_address: 'aa:11:22:33:44:55'
mtu: 9000
- type: bridge
name: br0
bridge_interfaces:
- jumbo0
params:
bridge_ageing: 250
bridge_bridgeprio: 22
bridge_fd: 1
bridge_hello: 1
bridge_maxage: 10
bridge_maxwait: 0
bridge_pathcost:
- jumbo0 75
bridge_pathprio:
- jumbo0 28
bridge_stp: 'off'
bridge_maxwait:
- jumbo0 0
VLAN
----
Type ``vlan`` requires the following keys:
- ``name``: Set the name of the VLAN
- ``vlan_link``: Specify the underlying link via its ``name``.
- ``vlan_id``: Specify the VLAN numeric id.
The following optional keys are supported:
``mtu: <MTU SizeBytes>``
^^^^^^^^^^^^^^^^^^^^^^^^
The MTU key represents a device's Maximum Transmission Unit, the largest size
packet or frame, specified in octets (eight-bit bytes), that can be sent in a
packet- or frame-based network. Specifying ``mtu`` is optional.
.. note::
The possible supported values of a device's MTU are not available at
configuration time. It's possible to specify a value too large or to
small for a device and may be ignored by the device.
VLAN example
^^^^^^^^^^^^
.. code-block::
network:
version: 1
config:
# Physical interfaces.
- type: physical
name: eth0
mac_address: 'c0:d6:9f:2c:e8:80'
# VLAN interface.
- type: vlan
name: eth0.101
vlan_link: eth0
vlan_id: 101
mtu: 1500
Nameserver
----------
Users can specify a ``nameserver`` type. Nameserver dictionaries include
the following keys:
- ``address``: List of IPv4 or IPv6 address of nameservers.
- ``search``: List of hostnames to include in the :file:`resolv.conf` search
path.
- ``interface``: Optional. Ties the nameserver definition to the specified
interface. The value specified here must match the ``name`` of an interface
defined in this config. If unspecified, this nameserver will be considered
a global nameserver.
Nameserver example
^^^^^^^^^^^^^^^^^^
.. code-block::
network:
version: 1
config:
- type: physical
name: interface0
mac_address: '00:11:22:33:44:55'
subnets:
- type: static
address: 192.168.23.14/27
gateway: 192.168.23.1
- type: nameserver
interface: interface0 # Ties nameserver to interface0 only
address:
- 192.168.23.2
- 8.8.8.8
search:
- exemplary
Route
-----
Users can include static routing information as well. A ``route`` dictionary
has the following keys:
- ``destination``: IPv4 network address with CIDR netmask notation.
- ``gateway``: IPv4 gateway address with CIDR netmask notation.
- ``metric``: Integer which sets the network metric value for this route.
Route example
^^^^^^^^^^^^^
.. code-block::
network:
version: 1
config:
- type: physical
name: interface0
mac_address: '00:11:22:33:44:55'
subnets:
- type: static
address: 192.168.23.14/24
gateway: 192.168.23.1
- type: route
destination: 192.168.24.0/24
gateway: 192.168.24.1
metric: 3
Subnet/IP
---------
For any network device (one of the "config types") users can define a list of
``subnets`` which contain ip configuration dictionaries. Multiple subnet
entries will create interface aliases, allowing a single interface to use
different ip configurations.
Valid keys for ``subnets`` include the following:
- ``type``: Specify the subnet type.
- ``control``: Specify 'manual', 'auto' or 'hotplug'. Indicates how the
interface will be handled during boot.
- ``address``: IPv4 or IPv6 address. It may include CIDR netmask notation.
- ``netmask``: IPv4 subnet mask in dotted format or CIDR notation.
- ``gateway``: IPv4 address of the default gateway for this subnet.
- ``dns_nameservers``: Specify a list of IPv4 dns server IPs to end up in
:file:`resolv.conf`.
- ``dns_search``: Specify a list of search paths to be included in
:file:`resolv.conf`.
- ``routes``: Specify a list of routes for a given interface.
Subnet types are one of the following:
- ``dhcp4``: Configure this interface with IPv4 dhcp.
- ``dhcp``: Alias for ``dhcp4``.
- ``dhcp6``: Configure this interface with IPv6 dhcp.
- ``static``: Configure this interface with a static IPv4.
- ``static6``: Configure this interface with a static IPv6.
- ``ipv6_dhcpv6-stateful``: Configure this interface with ``dhcp6``.
- ``ipv6_dhcpv6-stateless``: Configure this interface with SLAAC and DHCP.
- ``ipv6_slaac``: Configure address with SLAAC.
When making use of ``dhcp`` or either of the ``ipv6_dhcpv6`` types,
no additional configuration is needed in the subnet dictionary.
Using ``ipv6_dhcpv6-stateless`` or ``ipv6_slaac`` allows the IPv6 address to be
automatically configured with StateLess Address AutoConfiguration (`SLAAC`_).
SLAAC requires support from the network, so verify that your cloud or network
offering has support before trying it out. With ``ipv6_dhcpv6-stateless``,
DHCPv6 is still used to fetch other subnet details such as gateway or DNS
servers. If you only want to discover the address, use ``ipv6_slaac``.
Subnet DHCP example
^^^^^^^^^^^^^^^^^^^
.. code-block::
network:
version: 1
config:
- type: physical
name: interface0
mac_address: '00:11:22:33:44:55'
subnets:
- type: dhcp
Subnet static example
^^^^^^^^^^^^^^^^^^^^^
.. code-block::
network:
version: 1
config:
- type: physical
name: interface0
mac_address: '00:11:22:33:44:55'
subnets:
- type: static
address: 192.168.23.14/27
gateway: 192.168.23.1
dns_nameservers:
- 192.168.23.2
- 8.8.8.8
dns_search:
- exemplary.maas
Multiple subnet example
^^^^^^^^^^^^^^^^^^^^^^^
The following will result in an ``interface0`` using DHCP and ``interface0:1``
using the static subnet configuration:
.. code-block::
network:
version: 1
config:
- type: physical
name: interface0
mac_address: '00:11:22:33:44:55'
subnets:
- type: dhcp
- type: static
address: 192.168.23.14/27
gateway: 192.168.23.1
dns_nameservers:
- 192.168.23.2
- 8.8.8.8
dns_search:
- exemplary
Subnet with routes example
^^^^^^^^^^^^^^^^^^^^^^^^^^
.. code-block::
network:
version: 1
config:
- type: physical
name: interface0
mac_address: '00:11:22:33:44:55'
subnets:
- type: dhcp
- type: static
address: 10.184.225.122
netmask: 255.255.255.252
routes:
- gateway: 10.184.225.121
netmask: 255.240.0.0
network: 10.176.0.0
- gateway: 10.184.225.121
netmask: 255.240.0.0
network: 10.208.0.0
Multi-layered configurations
============================
Complex networking sometimes uses layers of configuration. The syntax allows
users to build those layers one at a time. All of the virtual network devices
supported allow specifying an underlying device by their ``name`` value.
Bonded VLAN example
-------------------
.. code-block::
network:
version: 1
config:
# 10G pair
- type: physical
name: gbe0
mac_address: 'cd:11:22:33:44:00'
- type: physical
name: gbe1
mac_address: 'cd:11:22:33:44:02'
# Bond.
- type: bond
name: bond0
bond_interfaces:
- gbe0
- gbe1
params:
bond-mode: 802.3ad
bond-lacp-rate: fast
# A Bond VLAN.
- type: vlan
name: bond0.200
vlan_link: bond0
vlan_id: 200
subnets:
- type: dhcp4
Multiple VLAN example
---------------------
.. code-block::
network:
version: 1
config:
- id: eth0
mac_address: 'd4:be:d9:a8:49:13'
mtu: 1500
name: eth0
subnets:
- address: 10.245.168.16/21
dns_nameservers:
- 10.245.168.2
gateway: 10.245.168.1
type: static
type: physical
- id: eth1
mac_address: 'd4:be:d9:a8:49:15'
mtu: 1500
name: eth1
subnets:
- address: 10.245.188.2/24
dns_nameservers: []
type: static
type: physical
- id: eth1.2667
mtu: 1500
name: eth1.2667
subnets:
- address: 10.245.184.2/24
dns_nameservers: []
type: static
type: vlan
vlan_id: 2667
vlan_link: eth1
- id: eth1.2668
mtu: 1500
name: eth1.2668
subnets:
- address: 10.245.185.1/24
dns_nameservers: []
type: static
type: vlan
vlan_id: 2668
vlan_link: eth1
- id: eth1.2669
mtu: 1500
name: eth1.2669
subnets:
- address: 10.245.186.1/24
dns_nameservers: []
type: static
type: vlan
vlan_id: 2669
vlan_link: eth1
- id: eth1.2670
mtu: 1500
name: eth1.2670
subnets:
- address: 10.245.187.2/24
dns_nameservers: []
type: static
type: vlan
vlan_id: 2670
vlan_link: eth1
- address: 10.245.168.2
search:
- dellstack
type: nameserver
.. _SLAAC: https://tools.ietf.org/html/rfc4862
.. _YAML: https://yaml.org/type/int.html
|
