From 99aef435743c16bb9c201d7e8a2366b50a8b0f90 Mon Sep 17 00:00:00 2001
From: Timotej Lazar <timotej.lazar@fri.uni-lj.si>
Date: Sat, 13 Jul 2024 18:08:31 +0200
Subject: [PATCH] exit: add DHCP relay for new server

Really quite shoddy as it is right now. Should get better once the old
server is retired.
---
 inventory.yml                           |  1 +
 roles/exit/files/keepalive-service      | 18 -----------------
 roles/exit/tasks/dhcp.yml               | 17 ++++++++--------
 roles/exit/templates/isc-dhcp-relay.j2  | 27 ++++++++++---------------
 roles/exit/templates/keepalived.conf.j2 |  7 ++++++-
 5 files changed, 27 insertions(+), 43 deletions(-)
 delete mode 100644 roles/exit/files/keepalive-service

diff --git a/inventory.yml b/inventory.yml
index 7edb45c..da6ea32 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -13,3 +13,4 @@ query_filters:
   - role: 'compute-node'
   - role: 'firewall'
   - role: 'switch'
+  - role: 'server'
diff --git a/roles/exit/files/keepalive-service b/roles/exit/files/keepalive-service
deleted file mode 100644
index c1f895f..0000000
--- a/roles/exit/files/keepalive-service
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-class="${1}"
-name="${2}"
-state="${3}"
-
-case "${state}" in
-"MASTER" | "FAULT")
-	systemctl start "${name}"
-	;;
-"BACKUP" | "STOP")
-	systemctl stop "${name}"
-	;;
-*)
-        logger "keepalived unknown state for ${name}: ${state}"
-        exit 1
-	;;
-esac
diff --git a/roles/exit/tasks/dhcp.yml b/roles/exit/tasks/dhcp.yml
index f714088..37aec1a 100644
--- a/roles/exit/tasks/dhcp.yml
+++ b/roles/exit/tasks/dhcp.yml
@@ -1,16 +1,17 @@
+# TODO rewrite task and templates into something sane once the old DHCP server is retired
+- set_fact:
+    dhcp_servers: '{{ prefixes | selectattr("custom_fields.dhcp_server") | groupby(attribute="custom_fields.dhcp_server.address") }}'
+
 - name: Install keepalived
   import_tasks: keepalived.yml
 
-- name: Create keepalive notify script for systemd services
-  copy:
-    dest: /usr/local/bin/
-    src: keepalive-service
-    mode: 0755
-
-- name: Configure DHCP relays
+- name: Configure relay for old DHCP server
   template:
-    dest: "/etc/default/isc-dhcp-relay"
+    dest: '/etc/default/isc-dhcp-relay-{{ prefixes | selectattr("prefix", "==", item.0 | ipaddr("network/prefix")) | map(attribute="vrf.name") | first }}'
     src: isc-dhcp-relay.j2
+  loop: '{{ dhcp_servers }}'
+  loop_control:
+    label: "{{ item.0 }}"
   notify: restart keepalived
 
 - name: Set up keepalived
diff --git a/roles/exit/templates/isc-dhcp-relay.j2 b/roles/exit/templates/isc-dhcp-relay.j2
index 21cb999..ae42667 100644
--- a/roles/exit/templates/isc-dhcp-relay.j2
+++ b/roles/exit/templates/isc-dhcp-relay.j2
@@ -1,17 +1,12 @@
-{% set dhcp_vlans = vrf_prefixes | selectattr('custom_fields.dhcp_ranges')
-    | map(attribute='vlan.vid') | sort -%}
+{% set my_server = item.0 %}
+{% set my_vlans = item.1 | map(attribute='vlan.vid') | sort %}
+{% set my_prefix = prefixes | selectattr("prefix", "==", my_server | ipaddr("network/prefix")) | first -%}
 
-# What servers should the DHCP relay forward requests to?
-SERVERS="{{ dhcp }}"
-
-# On what interfaces should the DHCP relay (dhrelay) serve DHCP requests?
-# Always include the interface towards the DHCP server.
-# This variable requires a -i for each interface configured above.
-# This will be used in the actual dhcrelay command
-# For example, "-i eth0 -i eth1"
-INTF_CMD="{{ interfaces | selectattr('parent') | selectattr('parent.name', '==', 'bridge')
-    | selectattr('untagged_vlan') | selectattr('untagged_vlan.vid', 'in', dhcp_vlans)
-    | map(attribute='name') | sort | map('regex_replace', '^', '-id ') | join(' ') }} -iu {{ iface_uplink }} -iu peerlink.4"
-
-# Additional options that are passed to the DHCP relay daemon?
-OPTIONS="-U outside"
+SERVERS="{{ my_server | ipaddr('address') }}"
+{% if my_prefix.vrf.name == 'outside' %}
+INTF_CMD="{{ my_vlans | map('regex_replace', '^', '-id bridge.') | join(' ') }} -iu {{ iface_uplink }} -iu peerlink.4 -U {{ my_prefix.vrf.name }}"
+OPTIONS=""
+{% else %}
+INTF_CMD="{{ my_vlans | map('regex_replace', '^', '-id bridge.') | join(' ') }} -U bridge.{{ my_prefix.vlan.vid }}"
+OPTIONS="--giaddr-src"
+{% endif %}
diff --git a/roles/exit/templates/keepalived.conf.j2 b/roles/exit/templates/keepalived.conf.j2
index 67f9325..7a7fb95 100644
--- a/roles/exit/templates/keepalived.conf.j2
+++ b/roles/exit/templates/keepalived.conf.j2
@@ -1,3 +1,5 @@
+{% set dhcrelays = prefixes | selectattr('prefix', 'in', dhcp_servers | map('first') | ipaddr("network/prefix"))
+    | map(attribute="vrf.name") | map('regex_replace', '^', 'dhcrelay@') %}
 {% set exits = [inventory_hostname, peer]|sort -%}
 
 global_defs {
@@ -18,5 +20,8 @@ vrrp_instance dhcrelay {
         @^{{ exit }} {{ "169.254.1.0/24" | ipaddr(loop.index + 1) | ipaddr('address') }}
 {% endfor %}
     }
-    notify /usr/local/bin/keepalive-service
+    notify_master "systemctl start {{ dhcrelays | join(' ') }}"
+    notify_fault "systemctl start {{ dhcrelays | join(' ') }}"
+    notify_backup "systemctl stop {{ dhcrelays | join(' ') }}"
+    notify_stop "systemctl stop {{ dhcrelays | join(' ') }}"
 }