forked from 9pfs/dn42-ansible
Add files
This commit is contained in:
commit
15b63b8952
6 changed files with 129 additions and 0 deletions
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
.*.swp
|
40
collector.conf
Normal file
40
collector.conf
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
protocol bgp ROUTE_COLLECTOR
|
||||||
|
{
|
||||||
|
local as OWNAS;
|
||||||
|
neighbor fd42:4242:2601:ac12::1 as 4242422602;
|
||||||
|
|
||||||
|
# enable multihop as the collector is not locally connected
|
||||||
|
multihop;
|
||||||
|
|
||||||
|
ipv4 {
|
||||||
|
# export all available paths to the collector
|
||||||
|
add paths tx;
|
||||||
|
|
||||||
|
# import/export filters
|
||||||
|
import none;
|
||||||
|
export filter {
|
||||||
|
# export all valid routes
|
||||||
|
if ( is_valid_network() && source ~ [ RTS_STATIC, RTS_BGP ] )
|
||||||
|
then {
|
||||||
|
accept;
|
||||||
|
}
|
||||||
|
reject;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
ipv6 {
|
||||||
|
# export all available paths to the collector
|
||||||
|
add paths tx;
|
||||||
|
|
||||||
|
# import/export filters
|
||||||
|
import none;
|
||||||
|
export filter {
|
||||||
|
# export all valid routes
|
||||||
|
if ( is_valid_network_v6() && source ~ [ RTS_STATIC, RTS_BGP ] )
|
||||||
|
then {
|
||||||
|
accept;
|
||||||
|
}
|
||||||
|
reject;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
24
int-bgp.j2
Normal file
24
int-bgp.j2
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
template bgp intpeers {
|
||||||
|
local as OWNAS;
|
||||||
|
|
||||||
|
ipv4 {
|
||||||
|
import where source = RTS_BGP && is_valid_network() && !is_self_net();
|
||||||
|
export where source = RTS_BGP && is_valid_network() && !is_self_net();
|
||||||
|
next hop self;
|
||||||
|
add paths yes;
|
||||||
|
};
|
||||||
|
|
||||||
|
ipv6 {
|
||||||
|
import where source = RTS_BGP && is_valid_network_v6() && !is_self_net_v6();
|
||||||
|
export where source = RTS_BGP && is_valid_network_v6() && !is_self_net_v6();
|
||||||
|
next hop self;
|
||||||
|
add paths yes;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{% for host in groups['routers'] %}
|
||||||
|
{% if host != inventory_hostname %}
|
||||||
|
protocol bgp int_{{ hostvars[host]['pop_loc'] }} from intpeers {
|
||||||
|
neighbor {{ hostvars[host]['unicastv6'] }} as OWNAS;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
{% endfor %}
|
38
inventory.yml
Normal file
38
inventory.yml
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
all:
|
||||||
|
children:
|
||||||
|
routers:
|
||||||
|
nameservers:
|
||||||
|
routers:
|
||||||
|
hosts:
|
||||||
|
us1.routers.9pfs.dn42:
|
||||||
|
ansible_python_interpreter: "/usr/bin/python3"
|
||||||
|
unicastv6: fd32:6b0:70a6:179::1
|
||||||
|
machine_type: vm
|
||||||
|
pop_loc: us01
|
||||||
|
us2.routers.9pfs.dn42:
|
||||||
|
ansible_python_interpreter: "/usr/bin/python3"
|
||||||
|
machine_type: container
|
||||||
|
unicastv6: fd32:6b0:70a6:179::2
|
||||||
|
pop_loc: us02
|
||||||
|
us3.routers.9pfs.dn42:
|
||||||
|
ansible_python_interpreter: "/usr/bin/python3"
|
||||||
|
machine_type: container
|
||||||
|
unicastv6: fd32:6b0:70a6:179::4
|
||||||
|
pop_loc: us03
|
||||||
|
uk1.routers.9pfs.dn42:
|
||||||
|
ansible_python_interpreter: "/usr/bin/python3"
|
||||||
|
machine_type: container
|
||||||
|
unicastv6: fd32:6b0:70a6:179::3
|
||||||
|
pop_loc: uk01
|
||||||
|
services:
|
||||||
|
hosts:
|
||||||
|
mail.9pfs.dn42:
|
||||||
|
ansible_python_interpreter: "/usr/bin/python3"
|
||||||
|
machine_type: vm
|
||||||
|
children:
|
||||||
|
nameservers:
|
||||||
|
nameservers:
|
||||||
|
hosts:
|
||||||
|
us1.ns.9pfs.dn42:
|
||||||
|
machine_type: container
|
||||||
|
us2.ns.9pfs.dn42:
|
17
update-bgp.yml
Normal file
17
update-bgp.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
- hosts: routers
|
||||||
|
remote_user: root
|
||||||
|
tasks:
|
||||||
|
- name: add internal bgp peers
|
||||||
|
template:
|
||||||
|
src: int-bgp.j2
|
||||||
|
dest: /etc/bird/peers/internal.conf
|
||||||
|
- name: add route collector peering
|
||||||
|
copy:
|
||||||
|
src: collector.conf
|
||||||
|
dest: /etc/bird/peers/collector.conf
|
||||||
|
- name: reload bird
|
||||||
|
ansible.builtin.systemd_service:
|
||||||
|
name: bird.service
|
||||||
|
enabled: true
|
||||||
|
state: reloaded
|
||||||
|
when: ansible_service_mgr == 'systemd'
|
9
upgrade.yml
Normal file
9
upgrade.yml
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
- hosts: all
|
||||||
|
remote_user: root
|
||||||
|
tasks:
|
||||||
|
- name: upgrade debian systems
|
||||||
|
ansible.builtin.apt:
|
||||||
|
update_cache: yes
|
||||||
|
upgrade: dist
|
||||||
|
cache_valid_time: 3600
|
||||||
|
when: ansible_distribution == 'Debian'
|
Loading…
Reference in a new issue