Initial commit, squashed

roles/fabric/templates/bond.intf.j2

@@ -0,0 +1,23 @@
+{% for bond in interfaces | map(attribute='lag') | reject('none') | sort(attribute='name') | unique %}
+{% set iface = interfaces | selectattr('id', '==', bond.id) | first %}
+{% set members = interfaces | selectattr('lag') | selectattr('lag.name', '==', bond.name) -%}
+
+auto {{ bond.name }}
+iface {{ bond.name }}
+    bond-slaves {{ members | map(attribute='name') | join(' ') }}
+{% if iface.mode.value == 'access' and iface.untagged_vlan %}
+    bridge-access {{ iface.untagged_vlan.vid }}
+{% elif iface.mode.value == 'tagged' and iface.tagged_vlans %}
+    bridge-vids {{ iface.tagged_vlans | map(attribute='vid') | join(' ') }}
+{% endif %}
+
+{#- If the peer shares a bond with the same name, generate a clag-id for it unless the bonded link is to peer itself. #}
+{% if peer %}
+{% set peer_members = hostvars[peer].interfaces
+    | selectattr('lag') | selectattr('lag.name', '==', bond.name) %}
+{% if peer_members | iface_peer | reject('eq', inventory_hostname) %}
+    clag-id {{ (members + peer_members) | cl_clag_id }}
+{% endif %}
+{% endif %}
+
+{% endfor %}

roles/fabric/templates/bridge.intf.j2

@@ -0,0 +1,23 @@
+{# Note that there must be exactly one VLAN-aware bridge. #}
+{% set bridge = interfaces | selectattr('type') | selectattr('type.value', '==', 'bridge') | first %}
+{# interfaces (always bonds on Mellanox) that belong to this bridge #}
+{% set ports = interfaces | selectattr('bridge') | selectattr('bridge.name', '==', bridge.name) %}
+{# allowed VLANs can be specified on the bridge, any of its ports, or  #}
+{% set my_vlans = bridge.tagged_vlans or (ports | iface_vlans | flatten | sort | unique) or vlans %}
+{% set my_vlan_ids = my_vlans | map(attribute='vid') | sort -%}
+
+auto {{ bridge.name }}
+iface {{ bridge.name }}
+    bridge-ports {{ ports | map(attribute='name') | join(' ') }}{% if my_vlans %} vxlan{% endif +%}
+    bridge-vlan-aware yes
+    bridge-pvid 1
+{% if bridge.mode.value == 'tagged' and my_vlans %}
+    bridge-vids {{ my_vlan_ids | join(' ') }}
+{% endif %}
+
+{% if my_vlans %}
+auto vxlan
+iface vxlan
+    bridge-vlan-vni-map {{ my_vlan_ids | zip(my_vlan_ids) | map('join', '=') | join(' ') }}
+    bridge-learning off
+{% endif %}

roles/fabric/templates/interfaces.j2

@@ -0,0 +1,21 @@
+source /etc/network/interfaces.d/*.intf
+
+# Management VRF and interface.
+auto mgmt
+iface mgmt
+    address 127.0.0.1/8
+    address ::1/128
+    vrf-table auto
+
+{% for iface in interfaces | selectattr('mgmt_only') | selectattr('enabled') %}
+auto {{ iface.name }}
+iface {{ iface.name }}
+    vrf mgmt
+{% for ip in iface.ip_addresses | rejectattr('address', 'match', '^fe80::.*/64$' ) %}
+    address {{ ip.address }}
+{% endfor %}
+{% if iface.custom_fields.gateway %}
+    gateway {{ iface.custom_fields.gateway.address | ipaddr('address') }}
+{% endif %}
+
+{% endfor %}

roles/fabric/templates/loopback.intf.j2

@@ -0,0 +1,19 @@
+{% set addrs = interfaces | selectattr('name', '==', 'lo') |
+        map(attribute='ip_addresses') | first | selectattr('role') %}
+{% set loopback = addrs | selectattr('role.value', '==', 'loopback') |
+        map(attribute='address') %}
+{% set anycast = addrs | selectattr('role.value', '==', 'anycast') |
+        map(attribute='address') %}
+auto lo
+iface lo inet loopback
+{% for address in loopback %}
+    address {{ address }}
+{% endfor %}
+{% if peer is defined %}
+{% if loopback | ipv4 %}
+    vxlan-local-tunnelip {{ loopback | ipv4 | first | ipaddr('address') }}
+{% endif %}
+{% if anycast | ipv4 %}
+    clagd-vxlan-anycast-ip {{ anycast | first | ipaddr('address') }}
+{% endif %}
+{% endif %}

roles/fabric/templates/peerlink.intf.j2

@@ -0,0 +1,17 @@
+{% set peer_ip = hostvars[peer].interfaces
+    | selectattr('name', '==', 'lo')
+    | map(attribute='ip_addresses') | first
+    | selectattr('role') | selectattr('role.value', '==', 'loopback')
+    | map(attribute='address') | ipv4 | first | ipaddr('address') %}
+{% set anycast_ip = interfaces
+    | selectattr('name', '==', 'lo')
+    | map(attribute='ip_addresses') | first
+    | selectattr('role') | selectattr('role.value', '==', 'anycast')
+    | map(attribute='address') | ipv4 | first | ipaddr('address') -%}
+
+# Peer link to the other switch.
+auto peerlink.4094
+iface peerlink.4094
+    clagd-peer-ip linklocal
+    clagd-backup-ip {{ peer_ip }}
+    clagd-sys-mac {{ anycast_ip | cl_clag_sys_mac }}

roles/fabric/templates/ports.conf.j2

@@ -0,0 +1,11 @@
+# https://docs.nvidia.com/networking-ethernet-software/cumulus-linux/Layer-1-and-Switch-Ports/Interface-Configuration-and-Management/Switch-Port-Attributes/#breakout-ports
+{% for interface in interfaces | selectattr('name', 'match', '^swp[0-9]+$') %}
+{{ interface.name|regex_replace('^swp', '') }}=
+{%- if interfaces|selectattr('name', 'match', '^'+interface.name+'s[0-9]+$') %}
+4x
+{% elif not interface.enabled %}
+disabled
+{% else %}
+1x
+{% endif %}
+{% endfor %}

roles/fabric/templates/resolv.conf.j2

@@ -0,0 +1,3 @@
+{% for server in dns %}
+nameserver {{ server }} # vrf mgmt
+{% endfor %}

roles/fabric/templates/switch.intf.j2

@@ -0,0 +1,12 @@
+{% for iface in interfaces | iface_real | rejectattr('mgmt_only') | selectattr('enabled') %}
+auto {{ iface.name }}
+iface {{ iface.name }}
+{% if iface.vrf %}
+    vrf {{ iface.vrf.name }}
+{% endif %}
+    mtu {{ iface.mtu if iface.mtu else 9216 }}
+{% for addr in iface.ip_addresses %}
+    address {{ addr.address }}
+{% endfor %}
+
+{% endfor %}