Ansible Adventures

Related to this post:

I have Ansible generating standardized IAID/DUIDs for DHCP across several platforms.

# RFC 4361 advocates for IAID/DUID use in DHCPv4. No specific method for
# generating the IAID is specified, other than it be unique, persistent
# and 32 bits. We use a truncated SHA256 hash the hardware MAC address,
# or if the interface is virtual and doesn't have a hardware address,
# we hash the interface name (dev).
- name: "The IAID for {{iface['dev']}} is {{iaid_var}}"
  ansible.builtin.set_fact:
    iface: "{{  iface
                | combine( { 'iaid': iaid_var } ) }}"
  vars:
    iaid_var: "{{ ( iface['hw_addr']
                    | default(iface['dev'])
                    | hash('sha256') )[:8]
                    | regex_findall('..')
                    | join(':') }}"

- name: "The DUID for {{iface['dev']}} is {{duid_var}}"
  ansible.builtin.set_fact:
    iface: "{{  iface
                | combine( { 'duid': duid_var } ) }}"
  vars:
    duid_var: "{{ ( '0004'
                    + ( ( ansible_system_vendor
                          + ansible_product_name
                          + ansible_product_uuid
                          + ansible_product_version
                          + ansible_product_serial )
                        | hash('sha256') )[:32] )
                  | regex_findall('..')
                  | join(':') }}"
TASK [o0_o.site.network : The IAID for eth0 is 52:e6:d6:1e] *****************************************************************
ok: [debian11.hq.example.com]

TASK [o0_o.site.network : The DUID for eth0 is 00:04:d4:d6:5f:0d:ae:79:ea:72:b7:97:91:84:2d:d1:b4:c8] ***********************
ok: [debian11.hq.example.com]

It turned out (imo) that generating my own IAID and DUID and supplying them to NetworkManager or networkd was easier than trying to get the stock values out of Linux.*

At least it’s all standardized now.

* I have not yet fully implemented this, so knock on wood…

2 Likes