Timotej Lazar
fbfdc83ee5
The Proxmox SDN feature does not play nice with our FRR and VXLAN setup. With a single bridge we can’t have interface aliases. So use a bridge for each VLAN. Actually don’t even have VLANs, just bridges mainlined into VXLAN tunnels. Read the list of VLANs carried by Proxmox nodes from a custom field on the cluster in NetBox. Remove the vmbr0 device from individual nodes. |
||
---|---|---|
roles | ||
templates | ||
ansible.cfg | ||
inventory.yml | ||
README.md | ||
setup.yml |
These Ansible roles set up servers running various Linux distributions to participate in BGP routing. Device and IP address data are pulled from NetBox. A separate VRF mgmt
is configured for a L2 management interface.
Setup
Each server should have the following information recorded in NetBox:
- network interfaces
mgmt*
: used for management (Ansible) access; must define MAC and IP address - network interfaces
lan*
: used for BGP routing; must define MAC address - network interface
lo
: must define the IP address to announce over BGP, also serves as router ID
For the management IP address, another address in the same prefix should be defined with the tag gateway
.
Run
Create a read-only token in NetBox. Define required variables:
# one for nb_inventory and one for nb_lookup
export NETBOX_API_KEY=<token>
export NETBOX_TOKEN="${NETBOX_API_KEY}"
# one for both
export NETBOX_API=<netbox API endpoint>
Run one-off tasks with (add --key-file
or other options as necessary):
ansible -i inventory.yml -m ping 'server-*'
Run a playbook with:
ansible-playbook setup.yml -i inventory.yml -l 'server-*'