Ansible scripts for FRI servers
Go to file
Timotej Lazar 5da50c14f9 debian: run a separate sshd in mgmt VRF
Leave the default sshd alone. If ssh is not necessary in default VRF,
another role should disable it.
2023-10-25 13:06:57 +02:00
roles debian: run a separate sshd in mgmt VRF 2023-10-25 13:06:57 +02:00
templates Read default gateway for a subnet from a custom field in netbox 2023-10-05 12:44:39 +02:00
inventory.yml Add netbox inventory 2023-07-20 13:25:03 +02:00
README.md Add README 2023-07-20 13:26:36 +02:00
setup.yml proxmox: add initial support for L2 VXLAN 2023-10-18 15:02:36 +02:00

These Ansible roles set up servers running various Linux distributions to participate in BGP routing. Device and IP address data are pulled from NetBox. A separate VRF mgmt is configured for a L2 management interface.

Setup

Each server should have the following information recorded in NetBox:

  • network interfaces mgmt*: used for management (Ansible) access; must define MAC and IP address
  • network interfaces lan*: used for BGP routing; must define MAC address
  • network interface lo: must define the IP address to announce over BGP, also serves as router ID

For the management IP address, another address in the same prefix should be defined with the tag gateway.

Run

Create a read-only token in NetBox. Define required variables:

# one for nb_inventory and one for nb_lookup
export NETBOX_API_KEY=<token>
export NETBOX_TOKEN="${NETBOX_API_KEY}"
# one for both
export NETPOX_API=<netbox API endpoint>

Run one-off tasks with (add --key-file or other options as necessary):

ansible -i inventory.yml -m ping 'server-*'

Run a playbook with:

ansible-playbook setup.yml -i inventory.yml -l 'server-*'