exit: add DHCP relay for new server

Really quite shoddy as it is right now. Should get better once the old
server is retired.

inventory.yml

@@ -13,3 +13,4 @@ query_filters:
   - role: 'compute-node'
   - role: 'firewall'
   - role: 'switch'
+  - role: 'server'

roles/exit/files/keepalive-service

@@ -1,18 +0,0 @@
-#!/bin/sh
-
-class="${1}"
-name="${2}"
-state="${3}"
-
-case "${state}" in
-"MASTER" | "FAULT")
-	systemctl start "${name}"
-	;;
-"BACKUP" | "STOP")
-	systemctl stop "${name}"
-	;;
-*)
-        logger "keepalived unknown state for ${name}: ${state}"
-        exit 1
-	;;
-esac

roles/exit/tasks/dhcp.yml

@@ -1,16 +1,17 @@
+# TODO rewrite task and templates into something sane once the old DHCP server is retired
+- set_fact:
+    dhcp_servers: '{{ prefixes | selectattr("custom_fields.dhcp_server") | groupby(attribute="custom_fields.dhcp_server.address") }}'
+
 - name: Install keepalived
   import_tasks: keepalived.yml
 
-- name: Create keepalive notify script for systemd services
+- name: Configure relay for old DHCP server
-  copy:
-    dest: /usr/local/bin/
-    src: keepalive-service
-    mode: 0755
-
-- name: Configure DHCP relays
   template:
-    dest: "/etc/default/isc-dhcp-relay"
+    dest: '/etc/default/isc-dhcp-relay-{{ prefixes | selectattr("prefix", "==", item.0 | ipaddr("network/prefix")) | map(attribute="vrf.name") | first }}'
     src: isc-dhcp-relay.j2
+  loop: '{{ dhcp_servers }}'
+  loop_control:
+    label: "{{ item.0 }}"
   notify: restart keepalived
 
 - name: Set up keepalived

roles/exit/templates/isc-dhcp-relay.j2

@@ -1,17 +1,12 @@
-{% set dhcp_vlans = vrf_prefixes | selectattr('custom_fields.dhcp_ranges')
+{% set my_server = item.0 %}
-    | map(attribute='vlan.vid') | sort -%}
+{% set my_vlans = item.1 | map(attribute='vlan.vid') | sort %}
+{% set my_prefix = prefixes | selectattr("prefix", "==", my_server | ipaddr("network/prefix")) | first -%}
 
-# What servers should the DHCP relay forward requests to?
+SERVERS="{{ my_server | ipaddr('address') }}"
-SERVERS="{{ dhcp }}"
+{% if my_prefix.vrf.name == 'outside' %}
-
+INTF_CMD="{{ my_vlans | map('regex_replace', '^', '-id bridge.') | join(' ') }} -iu {{ iface_uplink }} -iu peerlink.4 -U {{ my_prefix.vrf.name }}"
-# On what interfaces should the DHCP relay (dhrelay) serve DHCP requests?
+OPTIONS=""
-# Always include the interface towards the DHCP server.
+{% else %}
-# This variable requires a -i for each interface configured above.
+INTF_CMD="{{ my_vlans | map('regex_replace', '^', '-id bridge.') | join(' ') }} -U bridge.{{ my_prefix.vlan.vid }}"
-# This will be used in the actual dhcrelay command
+OPTIONS="--giaddr-src"
-# For example, "-i eth0 -i eth1"
+{% endif %}
-INTF_CMD="{{ interfaces | selectattr('parent') | selectattr('parent.name', '==', 'bridge')
-    | selectattr('untagged_vlan') | selectattr('untagged_vlan.vid', 'in', dhcp_vlans)
-    | map(attribute='name') | sort | map('regex_replace', '^', '-id ') | join(' ') }} -iu {{ iface_uplink }} -iu peerlink.4"
-
-# Additional options that are passed to the DHCP relay daemon?
-OPTIONS="-U outside"

roles/exit/templates/keepalived.conf.j2

@@ -1,3 +1,5 @@
+{% set dhcrelays = prefixes | selectattr('prefix', 'in', dhcp_servers | map('first') | ipaddr("network/prefix"))
+    | map(attribute="vrf.name") | map('regex_replace', '^', 'dhcrelay@') %}
 {% set exits = [inventory_hostname, peer]|sort -%}
 
 global_defs {
@@ -18,5 +20,8 @@ vrrp_instance dhcrelay {
         @^{{ exit }} {{ "169.254.1.0/24" | ipaddr(loop.index + 1) | ipaddr('address') }}
 {% endfor %}
     }
-    notify /usr/local/bin/keepalive-service
+    notify_master "systemctl start {{ dhcrelays | join(' ') }}"
+    notify_fault "systemctl start {{ dhcrelays | join(' ') }}"
+    notify_backup "systemctl stop {{ dhcrelays | join(' ') }}"
+    notify_stop "systemctl stop {{ dhcrelays | join(' ') }}"
 }