Query prefixes once for all hosts

And group them into vrf_prefixes for VLAN networks and bgp_prefixes for servers plugged directly into fabric. This should reduce the number of queries to NetBox when configuring firewalls and exit switches. Not sure but I think set_fact helps to avoid queries (as opposed to setting group_vars).
2024-04-28 10:59:32 +02:00 · 2024-04-28 10:59:32 +02:00 · 457ab7d3b7
commit 457ab7d3b7
parent 1c0709a6a6
10 changed files with 52 additions and 50 deletions
--- a/roles/leaf/templates/frr.conf.j2
+++ b/roles/leaf/templates/frr.conf.j2
@ -78,16 +78,13 @@ route-map loopbacks permit 10
 ip prefix-list default permit 0.0.0.0/0
 ipv6 prefix-list default permit ::/0

-{% for tenant in my_tenants %}
-{% for prefix in query('netbox.netbox.nb_lookup', 'prefixes', raw_data=true, api_filter='tenant='~tenant)
-    | selectattr('role') | selectattr('role.slug', '==', 'bgp') | rejectattr('vlan') %}
+{% for prefix in bgp_prefixes | selectattr('tenant.slug', 'in', my_tenants) %}
 {% if prefix.family.value == 4 %}
-ip prefix-list dc-{{ tenant }} permit {{ prefix.prefix }} ge 32
+ip prefix-list dc-{{ prefix.tenant.slug }} permit {{ prefix.prefix }} ge 32
 {% else %}
-ipv6 prefix-list dc-{{ tenant }} permit {{ prefix.prefix }} ge 64
+ipv6 prefix-list dc-{{ prefix.tenant.slug }} permit {{ prefix.prefix }} ge 64
 {% endif %}
 {% endfor %}
-{% endfor %}

 # We only announce the default route to DC servers.
 route-map default->dc permit 10