Figuring out if IP addresses are public or private for use in chef recipes

Question

I'm using Chef to automate deployment of various SmartOS zones. I'm trying to figure out what the correct way of determining if a network interface has a public or private address and keeping track of that. For generic Apache Listen and NameVirtualHost directives the following is sufficient:

ips = []
links = %x{dladm show-vnic -o link | grep -v LINK}.strip.split("\n")
links.each do |link|
  ips << %x{ifconfig #{link} | grep inet | awk '{ print $2 }'}.strip
end

For ipfilter rules I need to have two different classes of rules. Rules that get applied to public interfaces and then apply a different set to private interfaces. Should I be passing all the interfaces to chef via the json configuration file rather than figuring it out inside recipes?

I could not tag it with SmartOS which is the Illumos fork of OpenSolaris which I am using. — Jacques Marneweck, Sep 14 '12 at 16:45

score 0 · Answer 1 · answered Nov 23 '12 at 13:54

ohai generates attribute data at runtime.

in particular you may be interested in

$ sudo ohai network/interfaces

and the related

node["network"]["interfaces"]

You will still have to reject RFC1918 inet4 addresses and check the link scope is global for inet6

Figuring out if IP addresses are public or private for use in chef recipes

1 Answers1