diff --git a/roles/fabric/tasks/main.yml b/roles/fabric/tasks/main.yml index d71f65c..fa3e55e 100644 --- a/roles/fabric/tasks/main.yml +++ b/roles/fabric/tasks/main.yml @@ -42,8 +42,8 @@ - name: Set up peerlink template: - dest: "/etc/network/interfaces.d/bond.intf" - src: "bond.intf.j2" + dest: "/etc/network/interfaces.d/peerlink.intf" + src: "peerlink.intf.j2" mode: 0644 notify: reload interfaces when: "peer is defined" @@ -56,14 +56,6 @@ notify: reload interfaces when: "'bridge' in interfaces | map(attribute='name')" -- name: Set up bonds - template: - dest: "/etc/network/interfaces.d/bond.intf" - src: "bond.intf.j2" - mode: 0644 - notify: reload interfaces - when: "'lag' in interfaces | map(attribute='type.value')" - - name: Set nameservers for mgmt VRF template: dest: /etc/resolv.conf diff --git a/roles/fabric/templates/bond.intf.j2 b/roles/fabric/templates/bond.intf.j2 deleted file mode 100644 index 46a9bb0..0000000 --- a/roles/fabric/templates/bond.intf.j2 +++ /dev/null @@ -1,23 +0,0 @@ -{% for bond in interfaces | map(attribute='lag') | reject('none') | sort(attribute='name') | unique %} -{% set iface = interfaces | selectattr('id', '==', bond.id) | first %} -{% set members = interfaces | selectattr('lag') | selectattr('lag.name', '==', bond.name) -%} - -auto {{ bond.name }} -iface {{ bond.name }} - bond-slaves {{ members | map(attribute='name') | join(' ') }} -{% if iface.mode.value == 'access' and iface.untagged_vlan %} - bridge-access {{ iface.untagged_vlan.vid }} -{% elif iface.mode.value == 'tagged' and iface.tagged_vlans %} - bridge-vids {{ iface.tagged_vlans | map(attribute='vid') | join(' ') }} -{% endif %} - -{#- If the peer shares a bond with the same name, generate a clag-id for it unless the bonded link is to peer itself. #} -{% if peer is defined %} -{% set peer_members = hostvars[peer].interfaces - | selectattr('lag') | selectattr('lag.name', '==', bond.name) %} -{% if peer_members | iface_peer | reject('eq', inventory_hostname) %} - clag-id {{ (members + peer_members) | cl_clag_id }} -{% endif %} -{% endif %} - -{% endfor %} diff --git a/roles/fabric/templates/bridge.intf.j2 b/roles/fabric/templates/bridge.intf.j2 index c917169..af9ae63 100644 --- a/roles/fabric/templates/bridge.intf.j2 +++ b/roles/fabric/templates/bridge.intf.j2 @@ -10,7 +10,7 @@ auto {{ bridge.name }} iface {{ bridge.name }} bridge-ports {{ ports | map(attribute='name') | join(' ') }}{% if my_vlans %} vxlan{% endif +%} bridge-vlan-aware yes - bridge-pvid 1 + bridge-pvid {{ bridge.untagged_vlan | default(1, true) }} {% if bridge.mode.value == 'tagged' and my_vlans %} bridge-vids {{ my_vlan_ids | join(' ') }} {% endif %} diff --git a/roles/fabric/templates/switch.intf.j2 b/roles/fabric/templates/switch.intf.j2 index 6b85cd5..29185b1 100644 --- a/roles/fabric/templates/switch.intf.j2 +++ b/roles/fabric/templates/switch.intf.j2 @@ -1,11 +1,28 @@ -{% for iface in interfaces | iface_real | rejectattr('mgmt_only') | selectattr('enabled') %} +{% for iface in interfaces | rejectattr('name', 'in', ('lo', 'bridge')) | rejectattr('mgmt_only') | selectattr('enabled') %} auto {{ iface.name }} iface {{ iface.name }} {% if iface.vrf %} vrf {{ iface.vrf.name }} {% endif -%} -{# Set allowed VLANs if we are part of the bridge. #} +{% if iface.mtu %} + mtu {{ iface.mtu }} +{% endif -%} + +{% if iface.type.value == 'lag' %} +{#- Bond/MLAG stuff. #} +{% set members = interfaces | selectattr('lag') | selectattr('lag.name', '==', iface.name) %} + bond-slaves {{ members | map(attribute='name') | join(' ') }} +{# If the peer shares a bond with the same name, generate a clag-id for it unless the bonded link is to peer itself. #} +{% if peer is defined %} +{% set peer_members = hostvars[peer].interfaces | selectattr('lag') | selectattr('lag.name', '==', iface.name) %} +{% if peer_members | iface_peer | reject('eq', inventory_hostname) %} + clag-id {{ (members + peer_members) | cl_clag_id }} +{% endif %} +{% endif %} +{% endif %} + +{#- Set allowed VLANs if we are part of the bridge. #} {% if iface.bridge and iface.mode %} {% if iface.mode.value == 'access' and iface.untagged_vlan %} bridge-access {{ iface.untagged_vlan.vid }} @@ -13,7 +30,8 @@ iface {{ iface.name }} bridge-vids {{ iface.tagged_vlans | map(attribute='vid') | join(' ') }} {% endif %} {% endif %} - mtu {{ iface.mtu if iface.mtu else 9216 }} + +{#- Addresses. #} {% for addr in iface.ip_addresses %} address {{ addr.address }} {% endfor %} diff --git a/roles/firewall/templates/mactab.j2 b/roles/firewall/templates/mactab.j2 index ae0bda9..9028171 100644 --- a/roles/firewall/templates/mactab.j2 +++ b/roles/firewall/templates/mactab.j2 @@ -1,3 +1,3 @@ -{% for iface in interfaces | iface_real %} +{% for iface in interfaces | selectattr('mac_address') %} {{ iface.name }} {{ iface.mac_address | lower }} {% endfor %} \ No newline at end of file diff --git a/roles/leaf/templates/frr.conf.j2 b/roles/leaf/templates/frr.conf.j2 index d6c4b0f..1b6f4d7 100644 --- a/roles/leaf/templates/frr.conf.j2 +++ b/roles/leaf/templates/frr.conf.j2 @@ -4,7 +4,8 @@ | selectattr('role') | selectattr('role.value', '==', 'loopback') | map(attribute='address') %} {% set iface_bgp = interfaces - | iface_real | selectattr('enabled') + | selectattr('enabled') + | rejectattr('type.value', 'in', ('bridge', 'lag')) | rejectattr('mgmt_only') | rejectattr('bridge') | rejectattr('lag') %} {% set iface_server = iface_bgp | selectattr('custom_fields.tenant') %} {% set iface_fabric = iface_bgp | difference(iface_server) | rejectattr('ip_addresses') %} @@ -65,7 +66,7 @@ router bgp {{ asn.asn }} {% for iface in ifaces_evpn|default([]) %} neighbor {{ iface }} activate {% endfor %} -{% if interfaces | selectattr('mode') %} +{% if peer is defined and interfaces | selectattr('mode') %} advertise-all-vni {% endif %} exit-address-family