Chapter 4. Using System Roles to configure network connections

The network system role on RHEL enables administrators to automate network-related configuration and management tasks using Ansible.

4.1. Configuring a static Ethernet connection using RHEL System Roles

This procedure describes how to use RHEL System roles to remotely add an Ethernet connection for the enp7s0 interface with the following settings by running an Ansible playbook:

  • A static IPv4 address - 192.0.2.1 with a /24 subnet mask
  • A static IPv6 address - 2001:db8:1::1 with a /64 subnet mask
  • An IPv4 default gateway - 192.0.2.254
  • An IPv6 default gateway - 2001:db8:1::fffe
  • An IPv4 DNS server - 192.0.2.200
  • An IPv6 DNS server - 2001:db8:1::ffbb
  • A DNS search domain - example.com

Run this procedure on the Ansible control node.

Prerequisites

  • The ansible and rhel-system-roles packages are installed on the control node.
  • If you use a different remote user than root when you run the playbook, this user has appropriate sudo permissions on the managed node.
  • The host uses NetworkManager to configure the network.

Procedure

  1. If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the /etc/ansible/hosts Ansible inventory file: 

    node.example.com

  2. Create the ~/ethernet-static-IP.yml playbook with the following content: 

    ---
- name: Configure an Ethernet connection with static IP
  hosts: node.example.com
  become: true
  tasks:
  - include_role:
      name: linux-system-roles.network

    vars:
      network_connections:
        - name: enp7s0
          type: ethernet
          autoconnect: yes
          ip:
            address:
              - 192.0.2.1/24
              - 2001:db8:1::1/64
            gateway4: 192.0.2.254
            gateway6: 2001:db8:1::fffe
            dns:
              - 192.0.2.200
              - 2001:db8:1::ffbb
            dns_search:
              - example.com
          state: up

  3. Run the playbook:

    • To connect as root user to the managed host, enter: 

      # ansible-playbook -u root ~/ethernet-static-IP.yml

    • To connect as a user to the managed host, enter: 

      # ansible-playbook -u user_name --ask-become-pass ~/ethernet-static-IP.yml

      The --ask-become-pass option makes sure that the ansible-playbook command prompts for the sudo password of the user defined in the -u user_name option.

    If you do not specify the -u user_name option, ansible-playbook connects to the managed host as the user that is currently logged in to the control node.

Additional resources

  • For details about the parameters used in network_connections and for additional information about the network System Role, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file.
  • For details about the ansible-playbook command, see the ansible-playbook(1) man page.

4.2. Configuring a dynamic Ethernet connection using RHEL System Roles

This procedure describes how to use RHEL System Roles to remotely add a dynamic Ethernet connection for the enp7s0 interface by running an Ansible playbook. With this setting, the network connection requests the IP settings for this connection from a DHCP server. Run this procedure on the Ansible control node.

Prerequisites

  • A DHCP server is available in the network.
  • The ansible and rhel-system-roles packages are installed on the control node.
  • If you use a different remote user than root when you run the playbook, this user has appropriate sudo permissions on the managed node.
  • The host uses NetworkManager to configure the network.

Procedure

  1. If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the /etc/ansible/hosts Ansible inventory file: 

    node.example.com

  2. Create the ~/ethernet-dynamic-IP.yml playbook with the following content: 

    ---
- name: Configure an Ethernet connection with dynamic IP
  hosts: node.example.com
  become: true
  tasks:
  - include_role:
      name: linux-system-roles.network

    vars:
      network_connections:
        - name: enp7s0
          type: ethernet
          autoconnect: yes
          ip:
            dhcp4: yes
            auto6: yes
          state: up

  3. Run the playbook:

    • To connect as root user to the managed host, enter: 

      # ansible-playbook -u root ~/ethernet-dynamic-IP.yml

    • To connect as a user to the managed host, enter: 

      # ansible-playbook -u user_name --ask-become-pass ~/ethernet-dynamic-IP.yml

      The --ask-become-pass option makes sure that the ansible-playbook command promptsv for the sudo password of the user defined in the -u user_name option.

    If you do not specify the -u user_name option, ansible-playbook connects to the managed host as the user that is currently logged in to the control node.

Additional resources

  • For details about the parameters used in network_connections and for additional information about the network System Role, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file.
  • For details about the ansible-playbook command, see the ansible-playbook(1) man page.

4.3. Configuring VLAN tagging using System Roles

You can use the networking RHEL System Role to configure VLAN tagging. This procedure describes how to add an Ethernet connection and a VLAN with ID 10 that uses this Ethernet connection. As the parent device, the VLAN connection contains the IP, default gateway, and DNS configurations.

Depending on your environment, adjust the play accordingly. For example:

  • To use the VLAN as a port in other connections, such as a bond, omit the ip attribute, and set the IP configuration in the parent configuration.
  • To use team, bridge, or bond devices in the VLAN, adapt the interface_name and type attributes of the ports you use in the VLAN.

Prerequisites

  • The ansible and rhel-system-roles packages are installed on the control node.
  • If you use a different remote user than root when you run the playbook, this user has appropriate sudo permissions on the managed node.

Procedure

  1. If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the /etc/ansible/hosts Ansible inventory file: 

    node.example.com

  2. Create the ~/vlan-ethernet.yml playbook with the following content: 

    ---
- name: Configure a VLAN that uses an Ethernet connection
  hosts: node.example.com
  become: true
  tasks:
  - include_role:
      name: linux-system-roles.network

    vars:
      network_connections:
        # Add an Ethernet profile for the underlying device of the VLAN
        - name: enp1s0
          type: ethernet
	  interface_name: enp1s0
	  autoconnect: yes
          state: up
	  ip:
	    dhcp4: no
	    auto6: no

        # Define the VLAN profile
        - name: vlan10
          type: vlan
          ip:
            address:
              - "192.0.2.1/24"
              - "2001:db8:1::1/64"
            gateway4: 192.0.2.254
            gateway6: 2001:db8:1::fffe
            dns:
              - 192.0.2.200
              - 2001:db8:1::ffbb
            dns_search:
              - example.com
          vlan_id: 10
	  parent: enp1s0
          state: up

    The parent attribute in the VLAN profile configures the VLAN to operate on top of the enp1s0 device.

  3. Run the playbook:

    • To connect as root user to the managed host, enter: 

      # ansible-playbook -u root ~/vlan-ethernet.yml

    • To connect as a user to the managed host, enter: 

      # ansible-playbook -u user_name --ask-become-pass ~/vlan-ethernet.yml

      The --ask-become-pass option makes sure that the ansible-playbook command prompts for the sudo password of the user defined in the -u user_name option.

    If you do not specify the -u user_name option, ansible-playbook connects to the managed host as the user that is currently logged in to the control node.

Additional resources

  • For details about the parameters used in network_connections and for additional information about the network System Role, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file.
  • For details about the ansible-playbook command, see the ansible-playbook(1) man page.

4.4. Configuring a network bridge using RHEL System Roles

You can use the networking RHEL System Role to configure a Linux bridge. This procedure describes how to configure a network bridge that uses two Ethernet devices, and sets IPv4 and IPv6 addresses, default gateways, and DNS configuration.

Note

Set the IP configuration on the bridge and not on the ports of the Linux bridge.

Prerequisites

  • The ansible and rhel-system-roles packages are installed on the control node.
  • If you use a different remote user than root when you run the playbook, this user has appropriate sudo permissions on the managed node.
  • Two or more physical or virtual network devices are installed on the server.

Procedure

  1. If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the /etc/ansible/hosts Ansible inventory file: 

    node.example.com

  2. Create the ~/bridge-ethernet.yml playbook with the following content: 

    ---
- name: Configure a network bridge that uses two Ethernet ports
  hosts: node.example.com
  become: true
  tasks:
  - include_role:
      name: linux-system-roles.network

    vars:
      network_connections:
        # Define the bridge profile
        - name: bridge0
          type: bridge
          interface_name: bridge0
          ip:
            address:
              - "192.0.2.1/24"
              - "2001:db8:1::1/64"
            gateway4: 192.0.2.254
            gateway6: 2001:db8:1::fffe
            dns:
              - 192.0.2.200
              - 2001:db8:1::ffbb
            dns_search:
              - example.com
          state: up

        # Add an Ethernet profile to the bridge
        - name: bridge0-port1
          interface_name: enp7s0
          type: ethernet
          master: bridge0
          slave_type: bridge
          state: up

        # Add a second Ethernet profile to the bridge
        - name: bridge0-port2
          interface_name: enp8s0
          type: ethernet
          master: bridge0
          slave_type: bridge
          state: up

  3. Run the playbook:

    • To connect as root user to the managed host, enter: 

      # ansible-playbook -u root ~/bridge-ethernet.yml

    • To connect as a user to the managed host, enter: 

      # ansible-playbook -u user_name --ask-become-pass ~/bridge-ethernet.yml

      The --ask-become-pass option makes sure that the ansible-playbook command prompts for the sudo password of the user defined in the -u user_name option.

    If you do not specify the -u user_name option, ansible-playbook connects to the managed host as the user that is currently logged in to the control node.

Additional resources

  • For details about the parameters used in network_connections and for additional information about the network System Role, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file.
  • For details about the ansible-playbook command, see the ansible-playbook(1) man page.

4.5. Configuring a network bond using RHEL System Roles

You can use the network RHEL System Role to configure a network bond. This procedure describes how to configure a bond in active-backup mode that uses two Ethernet devices, and sets an IPv4 and IPv6 addresses, default gateways, and DNS configuration.

Note

Set the IP configuration on the bridge and not on the ports of the Linux bridge.

Prerequisites

  • The ansible and rhel-system-roles packages are installed on the control node.
  • If you use a different remote user than root when you run the playbook, this user has appropriate sudo permissions on the managed node.
  • Two or more physical or virtual network devices are installed on the server.

Procedure

  1. If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the /etc/ansible/hosts Ansible inventory file: 

    node.example.com

  2. Create the ~/bond-ethernet.yml playbook with the following content: 

    ---
- name: Configure a network bond that uses two Ethernet ports
  hosts: node.example.com
  become: true
  tasks:
  - include_role:
      name: linux-system-roles.network

    vars:
      network_connections:
        # Define the bond profile
        - name: bond0
          type: bond
          interface_name: bond0
          ip:
            address:
              - "192.0.2.1/24"
              - "2001:db8:1::1/64"
            gateway4: 192.0.2.254
            gateway6: 2001:db8:1::fffe
            dns:
              - 192.0.2.200
              - 2001:db8:1::ffbb
            dns_search:
              - example.com
          bond:
            mode: active-backup
          state: up

        # Add an Ethernet profile to the bond
        - name: bond0-port1
          interface_name: enp7s0
          type: ethernet
          master: bond0
          state: up

        # Add a second Ethernet profile to the bond
        - name: bond0-port2
          interface_name: enp8s0
          type: ethernet
          master: bond0
          state: up

  3. Run the playbook:

    • To connect as root user to the managed host, enter: 

      # ansible-playbook -u root ~/bond-ethernet.yml

    • To connect as a user to the managed host, enter: 

      # ansible-playbook -u user_name --ask-become-pass ~/bond-ethernet.yml

      The --ask-become-pass option makes sure that the ansible-playbook command prompts for the sudo password of the user defined in the -u user_name option.

    If you do not specify the -u user_name option, ansible-playbook connects to the managed host as the user that is currently logged in to the control node.

Additional resources

  • For details about the parameters used in network_connections and for additional information about the network System Role, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file.
  • For details about the ansible-playbook command, see the ansible-playbook(1) man page.

4.6. Configuring a static Ethernet connection with 802.1X network authentication using RHEL System Roles

Using RHEL System Roles, you can automate the creation of an Ethernet connection that uses the 802.1X standard to authenticate the client. This procedure describes how to remotely add an Ethernet connection for the enp1s0 interface with the following settings by running an Ansible playbook:

  • A static IPv4 address - 192.0.2.1 with a /24 subnet mask
  • A static IPv6 address - 2001:db8:1::1 with a /64 subnet mask
  • An IPv4 default gateway - 192.0.2.254
  • An IPv6 default gateway - 2001:db8:1::fffe
  • An IPv4 DNS server - 192.0.2.200
  • An IPv6 DNS server - 2001:db8:1::ffbb
  • A DNS search domain - example.com
  • 802.1X network authentication using the TLS Extensible Authentication Protocol (EAP)

Run this procedure on the Ansible control node.

Prerequisites

  • The ansible and rhel-system-roles packages are installed on the control node.
  • If you use a different remote user than root when you run the playbook, you must have appropriate sudo permissions on the managed node.
  • The network supports 802.1X network authentication.
  • The managed node uses NetworkManager.

  • The following files required for TLS authentication exist on the control node:

    • The client key stored in the /srv/data/client.key file.
    • The client certificate stored in the /srv/data/client.crt file.
    • The Certificate Authority (CA) certificate stored in the /srv/data/ca.crt file.

Procedure

  1. If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the /etc/ansible/hosts Ansible inventory file: 

    node.example.com

  2. Create the ~/enable-802.1x.yml playbook with the following content: 

    ---
- name: Configure an Ethernet connection with 802.1X authentication
  hosts: node.example.com
  become: true
  tasks:
    - name: Copy client key for 802.1X authentication
      copy:
        src: "/srv/data/client.key"
        dest: "/etc/pki/tls/private/client.key"
        mode: 0600

    - name: Copy client certificate for 802.1X authentication
      copy:
        src: "/srv/data/client.crt"
        dest: "/etc/pki/tls/certs/client.crt"

    - name: Copy CA certificate for 802.1X authentication
      copy:
        src: "/srv/data/ca.crt"
        dest: "/etc/pki/ca-trust/source/anchors/ca.crt"

    - include_role:
        name: linux-system-roles.network
      vars:
        network_connections:
          - name: enp1s0
            type: ethernet
            autoconnect: yes
            ip:
              address:
                - 192.0.2.1/24
                - 2001:db8:1::1/64
              gateway4: 192.0.2.254
              gateway6: 2001:db8:1::fffe
              dns:
                - 192.0.2.200
                - 2001:db8:1::ffbb
              dns_search:
                - example.com
            ieee802_1x:
              identity: user_name
              eap: tls
              private_key: "/etc/pki/tls/private/client.key"
              private_key_password: "password"
              client_cert: "/etc/pki/tls/certs/client.crt"
              ca_cert: "/etc/pki/ca-trust/source/anchors/ca.crt"
              domain_suffix_match: example.com
            state: up

  3. Run the playbook:

    • To connect as root user to the managed host, enter: 

      # ansible-playbook -u root ~/enable-802.1x.yml

    • To connect as a user to the managed host, enter: 

      # ansible-playbook -u user_name --ask-become-pass ~/ethernet-static-IP.yml

      The --ask-become-pass option makes sure that the ansible-playbook command prompts for the sudo password of the user defined in the -u user_name option.

    If you do not specify the -u user_name option, ansible-playbook connects to the managed host as the user that is currently logged in to the control node.

Additional resources

  • For details about the parameters used in network_connections and for additional information about the network System Role, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file.
  • For details about the 802.1X parameters, see the ieee802_1x section in the /usr/share/ansible/roles/rhel-system-roles.network/README.md file.
  • For details about the ansible-playbook command, see the ansible-playbook(1) man page.

4.7. Setting the default gateway on an existing connection using System Roles

You can use the networking RHEL System Role to set the default gateway.

Important

When you run a play that uses the networking RHEL System Role, the System Role overrides an existing connection profile with the same name if the settings do not match the ones specified in the play. Therefore, always specify the whole configuration of the network connection profile in the play, even if, for example, the IP configuration already exists. Otherwise, the role resets these values to their defaults.

Depending on whether it already exists, the procedure creates or updates the enp1s0 connection profile with the following settings:

  • A static IPv4 address - 198.51.100.20 with a /24 subnet mask
  • A static IPv6 address - 2001:db8:1::1 with a /64 subnet mask
  • An IPv4 default gateway - 198.51.100.254
  • An IPv6 default gateway - 2001:db8:1::fffe
  • An IPv4 DNS server - 198.51.100.200
  • An IPv6 DNS server - 2001:db8:1::ffbb
  • A DNS search domain - example.com

Prerequisites

  • The ansible and rhel-system-roles packages are installed on the control node.
  • If you use a different remote user than root when you run the playbook, this user has appropriate sudo permissions on the managed node.

Procedure

  1. If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the /etc/ansible/hosts Ansible inventory file: 

    node.example.com

  2. Create the ~/ethernet-connection.yml playbook with the following content: 

    ---
- name: Configure an Ethernet connection with static IP and default gateway
  hosts: node.example.com
  become: true
  tasks:
  - include_role:
      name: linux-system-roles.network

    vars:
      network_connections:
        - name: enp1s0
          type: ethernet
          autoconnect: yes
          ip:
            address:
              - 198.51.100.20/24
              - 2001:db8:1::1/64
            gateway4: 198.51.100.254
            gateway6: 2001:db8:1::fffe
            dns:
              - 198.51.100.200
              - 2001:db8:1::ffbb
            dns_search:
              - example.com
          state: up

  3. Run the playbook:

    • To connect as root user to the managed host, enter: 

      # ansible-playbook -u root ~/ethernet-connection.yml

    • To connect as a user to the managed host, enter: 

      # ansible-playbook -u user_name --ask-become-pass ~/ethernet-connection.yml

      The --ask-become-pass option makes sure that the ansible-playbook command prompts for the sudo password of the user defined in the -u user_name option.

    If you do not specify the -u user_name option, ansible-playbook connects to the managed host as the user that is currently logged in to the control node.

Additional resources

  • For details about the parameters used in network_connections and for additional information about the network System Role, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file.
  • For details about the ansible-playbook command, see the ansible-playbook(1) man page.

4.8. Configuring a static route using RHEL System Roles

You can use the networking RHEL System Role to configure static routes.

Important

When you run a play that uses the networking RHEL System Role, the System Role overrides an existing connection profile with the same name if the settings do not match the ones specified in the play. Therefore, always specify the whole configuration of the network connection profile in the play, even if, for example, the IP configuration already exists. Otherwise, the role resets these values to their defaults.

Depending on whether it already exists, the procedure creates or updates the enp7s0 connection profile with the following settings:

  • A static IPv4 address - 198.51.100.20 with a /24 subnet mask
  • A static IPv6 address - 2001:db8:1::1 with a /64 subnet mask
  • An IPv4 default gateway - 198.51.100.254
  • An IPv6 default gateway - 2001:db8:1::fffe
  • An IPv4 DNS server - 198.51.100.200
  • An IPv6 DNS server - 2001:db8:1::ffbb
  • A DNS search domain - example.com

  • Static routes:

    • 192.0.2.0/24 with gateway 198.51.100.1
    • 203.0.113.0/24 with gateway 198.51.100.2

Prerequisites

  • The ansible and rhel-system-roles packages are installed on the control node.
  • If you use a different remote user than root when you run the playbook, this user has appropriate sudo permissions on the managed node.

Procedure

  1. If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the /etc/ansible/hosts Ansible inventory file: 

    node.example.com

  2. Create the ~/add-static-routes.yml playbook with the following content: 

    ---
- name: Configure an Ethernet connection with static IP and additional routes
  hosts: node.example.com
  become: true
  tasks:
  - include_role:
      name: linux-system-roles.network

    vars:
      network_connections:
        - name: enp7s0
          type: ethernet
          autoconnect: yes
          ip:
            address:
              - 198.51.100.20/24
              - 2001:db8:1::1/64
            gateway4: 198.51.100.254
            gateway6: 2001:db8:1::fffe
            dns:
              - 198.51.100.200
              - 2001:db8:1::ffbb
            dns_search:
              - example.com
            route:
              - network: 192.0.2.0
                prefix: 24
                gateway: 198.51.100.1
              - network: 203.0.113.0
                prefix: 24
                gateway: 198.51.100.2
          state: up

  3. Run the playbook:

    • To connect as root user to the managed host, enter: 

      # ansible-playbook -u root ~/add-static-routes.yml

    • To connect as a user to the managed host, enter: 

      # ansible-playbook -u user_name --ask-become-pass ~/add-static-routes.yml

      The --ask-become-pass option makes sure that the ansible-playbook command prompts for the sudo password of the user defined in the -u user_name option.

    If you do not specify the -u user_name option, ansible-playbook connects to the managed host as the user that is currently logged in to the control node.

Verification steps

  • Display the routing table: 

    # ip -4 route
default via 198.51.100.254 dev enp7s0 proto static metric 100
192.0.2.0/24 via 198.51.100.1 dev enp7s0 proto static metric 100
203.0.113.0/24 via 198.51.100.2 dev enp7s0 proto static metric 100
...

Additional resources

  • For details about the parameters used in network_connections and for additional information about the network System Role, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file.
  • For details about the ansible-playbook command, see the ansible-playbook(1) man page.

4.9. Using System Roles to set ethtool features

You can use the networking RHEL System Role to configure ethtool features of a NetworkManager connection.

Important

When you run a play that uses the networking RHEL System Role, the System Role overrides an existing connection profile with the same name if the settings do not match the ones specified in the play. Therefore, always specify the whole configuration of the network connection profile in the play, even if, for example the IP configuration, already exists. Otherwise the role resets these values to their defaults.

Depending on whether it already exists, the procedure creates or updates the enp1s0 connection profile with the following settings:

  • A static IPv4 address - 198.51.100.20 with a /24 subnet mask
  • A static IPv6 address - 2001:db8:1::1 with a /64 subnet mask
  • An IPv4 default gateway - 198.51.100.254
  • An IPv6 default gateway - 2001:db8:1::fffe
  • An IPv4 DNS server - 198.51.100.200
  • An IPv6 DNS server - 2001:db8:1::ffbb
  • A DNS search domain - example.com

  • ethtool features:

    • Generic receive offload (GRO): disabled
    • Generic segmentation offload (GSO): enabled
    • TX Stream Control Transmission Protocol (SCTP) segmentation: disabled

Prerequisites

  • The ansible and rhel-system-roles packages are installed on the control node.
  • If you use a different remote user than root when you run the playbook, this user has appropriate sudo permissions on the managed node.

Procedure

  1. If the host on which you want to execute the instructions in the playbook is not yet inventoried, add the IP or name of this host to the /etc/ansible/hosts Ansible inventory file: 

    node.example.com

  2. Create the ~/configure-ethernet-device-with-ethtool-features.yml playbook with the following content: 

    ---
- name. Configure an Ethernet connection with ethtool features
  hosts: node.example.com
  become: true
  tasks:
  - include_role:
      name: linux-system-roles.network

    vars:
      network_connections:
        - name: enp1s0
          type: ethernet
          autoconnect: yes
          ip:
            address:
              - 198.51.100.20/24
              - 2001:db8:1::1/64
            gateway4: 198.51.100.254
            gateway6: 2001:db8:1::fffe
            dns:
              - 198.51.100.200
              - 2001:db8:1::ffbb
            dns_search:
              - example.com
          ethtool:
            feature:
              gro: "no"
              gso: "yes"
              tx_sctp_segmentation: "no"
          state: up

  3. Run the playbook:

    • To connect as root user to the managed host, enter: 

      # ansible-playbook -u root ~/configure-ethernet-device-with-ethtool-features.yml

    • To connect as a user to the managed host, enter: 

      # ansible-playbook -u user_name --ask-become-pass ~/configure-ethernet-device-with-ethtool-features.yml

      The --ask-become-pass option makes sure that the ansible-playbook command prompts for the sudo password of the user defined in the -u user_name option.

    If you do not specify the -u user_name option, ansible-playbook connects to the managed host as the user that is currently logged in to the control node.

Additional resources

  • For a full list of ethtool features and details about the parameters used in network_connections, and for additional information about the network system role, see the /usr/share/ansible/roles/rhel-system-roles.network/README.md file.
  • For details about the ansible-playbook command, see the ansible-playbook(1) man page.