proxmox: consolidate interface templates

2024-02-26 14:30:17 +01:00 · 2024-02-26 14:30:17 +01:00 · 0af8474e52
parent 7b4cb8f579
commit 0af8474e52
6 changed files with 23 additions and 29 deletions
--- a/roles/proxmox/tasks/frr.yml
+++ b/roles/proxmox/tasks/frr.yml
@ -1,15 +1,15 @@
- name: Install packages for SDN
+- name: Install FRR
  package:
-    name: libpve-network-perl
+    name: frr

- name: Copy FRR config
+- name: Configure FRR
  template:
    dest: /etc/frr/frr.conf
    src: frr.conf.j2
    mode: 0644
  notify: reload frr

- name: Enable FRR service
+- name: Enable FRR
  service:
    name: frr
    enabled: yes
--- a/roles/proxmox/tasks/main.yml
+++ b/roles/proxmox/tasks/main.yml
@ -25,22 +25,19 @@
  notify: reboot

 - name: Set up interfaces
+  template:
+    dest: /etc/network/interfaces.d/real.intf
+    src: real.intf.j2
+    mode: 0644
+  notify: reload interfaces
+
+- name: Set up bridges
  template:
    dest: /etc/network/interfaces
    src: interfaces.j2
    mode: 0644
  notify: reload interfaces

- name: Set up fabric and loopback interfaces
-  template:
-    dest: '/etc/network/interfaces.d/{{ item }}'
-    src: '{{ item }}.j2'
-    mode: 0644
-  notify: reload interfaces
-  loop:
-    - fabric.intf
-    - loopback.intf
-
 - include_tasks: mgmt.yml

- include_tasks: sdn.yml
+- include_tasks: frr.yml
--- a/roles/proxmox/tasks/mgmt.yml
+++ b/roles/proxmox/tasks/mgmt.yml
@ -1,13 +1,6 @@
 # We could probably avoid rebooting in some cases, but those should never happen
 # in normal operation anyway. This way all setup is done before rebooting once.

- name: Set up management interfaces
-  template:
-    dest: /etc/network/interfaces.d/mgmt.intf
-    src: mgmt.intf.j2
-    mode: 0644
-  notify: reboot
-
 - name: Configure SSH instance in management VRF
  copy:
    dest: /etc/ssh/
--- a/roles/proxmox/templates/frr.conf.j2
+++ b/roles/proxmox/templates/frr.conf.j2
@ -12,7 +12,7 @@ router bgp {{ asn.asn }}
  neighbor fabric remote-as external
  neighbor fabric capability extended-nexthop

-{% for iface in interfaces | selectattr('name', 'match', '^lan') %}
+{% for iface in interfaces | rejectattr('name', '==', 'lo') | rejectattr('mgmt_only') | rejectattr('vrf') %}
  neighbor {{ iface.name }} interface peer-group fabric
  neighbor {{ iface.name }} bfd
 {% endfor %}
--- a/roles/proxmox/templates/interfaces.j2
+++ b/roles/proxmox/templates/interfaces.j2
@ -2,7 +2,7 @@
 	api_filter='name='~cluster) | first -%}

 # bridges must be named vmbrN for proxmox to care
-{% for vlan in my_cluster.custom_fields.vlans | sort(attribute='vid') %}
+{% for vlan in my_cluster.custom_fields.vlans | default([], true) | sort(attribute='vid') %}
 auto vmbr{{ vlan.vid }}
 iface vmbr{{ vlan.vid }} inet manual
    # {{ vlan.name }}
--- a/roles/proxmox/templates/real.intf.j2
+++ b/roles/proxmox/templates/real.intf.j2
@ -1,14 +1,19 @@
-# Management VRF and link.
+# Management VRF.
 auto mgmt
 iface mgmt
    address 127.0.0.1/8
    address ::1/128
    vrf-table auto

-{% for iface in interfaces | selectattr('name', 'match', '^mgmt') | selectattr('ip_addresses') %}
+{% for iface in interfaces | rejectattr('mgmt_only') %}
 auto {{ iface.name }}
-iface {{ iface.name }}
-    vrf mgmt
+iface {{ iface.name }} inet {% if iface.name == 'lo' %}loopback{% else %}static{% endif +%}
+{% if iface.mtu %}
+    mtu {{ iface.mtu }}
+{% endif %}
+{% if iface.vrf %}
+    vrf {{ iface.vrf.name }}
+{% endif %}
 {% for ip in iface.ip_addresses %}
    address {{ ip.address }}
 {% endfor %}
@ -17,4 +22,3 @@ iface {{ iface.name }}
 {% endif %}

 {% endfor %}
-