proxmox: use multiple non-VLAN-aware bridges

The Proxmox SDN feature does not play nice with our FRR and VXLAN setup.
With a single bridge we can’t have interface aliases. So use a bridge
for each VLAN. Actually don’t even have VLANs, just bridges mainlined
into VXLAN tunnels.

Read the list of VLANs carried by Proxmox nodes from a custom field on
the cluster in NetBox. Remove the vmbr0 device from individual nodes.

roles/proxmox/templates/interfaces.j2

@@ -1,30 +1,22 @@
-{# Keep vmbr0 named as is and in the main interfaces file so Proxmox can find it. #}
+{% set my_cluster = query('netbox.netbox.nb_lookup', 'clusters', raw_data=true,
-{% set bridge = interfaces | selectattr('type') | selectattr('type.value', '==', 'bridge') | first %}
+	api_filter='name='~cluster) | first -%}
-{% set my_vlan_ids = bridge.tagged_vlans | default([]) | map(attribute='vid') | sort -%}
 
-# Bridge for V(X)LANs.
+# bridges must be named vmbrN for proxmox to care
-auto {{ bridge.name }}
+{% for vlan in my_cluster.custom_fields.vlans | sort(attribute='vid') %}
-iface {{ bridge.name }} inet manual
+auto vmbr{{ vlan.vid }}
-    bridge-vlan-aware yes
+iface vmbr{{ vlan.vid }} inet manual
-    bridge-ports regex (vni.*)
+    # {{ vlan.name }}
+    bridge-vlan-aware no
+    bridge-ports vni{{ vlan.vid }}
     bridge-stp off
     bridge-fd 0
 
-{% for vid in my_vlan_ids %}
+auto vni{{ vlan.vid }}
-auto vni{{ vid }}
+iface vni{{ vlan.vid }} inet static
-iface vni{{ vid }} inet static
+    vxlan-id {{ vlan.vid }}
-    vxlan-id {{ vid }}
-    bridge-access {{ vid }}
     mstpctl-bpduguard yes
     mstpctl-portbpdufilter yes
 
 {% endfor %}
 
-# In place of vni* interfaces above this should work also but does not.
-# Might start working after proxmox upgrades their ifupdown2.
-#auto vxlan
-#iface vxlan inet static
-#    bridge-vlan-vni-map {{ my_vlan_ids | zip(my_vlan_ids) | map('join', '=') | join(' ') }}
-#    bridge-learning off
-
 source /etc/network/interfaces.d/*