diff --git a/inventory.yaml b/inventory.yaml index 0eed359..ef138ab 100644 --- a/inventory.yaml +++ b/inventory.yaml @@ -54,7 +54,9 @@ all: ansible_host: 172.21.20.92 pve93: ansible_host: 172.21.20.93 - + bgp: + children: + proxmox: # Kubernetes cluster setup documented at # https://git.k-space.ee/k-space/kube kubernetes: diff --git a/proxmox/ceph.yaml b/proxmox/ceph.yaml index 32f51c9..fa4d041 100644 --- a/proxmox/ceph.yaml +++ b/proxmox/ceph.yaml @@ -8,6 +8,10 @@ - pve93 gather_facts: false tasks: + - name: Load secrets + ansible.builtin.include_vars: + file: ../secrets/bgp.yaml + - name: configure mesh network ansible.builtin.template: src: templates/ceph.interfaces.j2 diff --git a/proxmox/group_vars/bgp/main.yaml b/proxmox/group_vars/bgp/main.yaml new file mode 100644 index 0000000..613696c --- /dev/null +++ b/proxmox/group_vars/bgp/main.yaml @@ -0,0 +1,22 @@ +--- +bgp: + as: "64512" + interface: vmbr1 + peers: + - 172.21.255.254 + - 172.21.3.51 + - 172.21.3.52 + - 172.21.3.53 + - 172.21.3.81 + - 172.21.3.82 + - 172.21.3.83 + - 172.21.3.84 + peers_ipv6: + - 2001:bb8:4008:21:ffff:ffff:ffff:fffe + - 2001:bb8:4008:21::3:51 + - 2001:bb8:4008:21::3:52 + - 2001:bb8:4008:21::3:53 + - 2001:bb8:4008:21::3:81 + - 2001:bb8:4008:21::3:82 + - 2001:bb8:4008:21::3:83 + - 2001:bb8:4008:21::3:84 diff --git a/proxmox/host_vars/pve90.yaml b/proxmox/host_vars/pve90.yaml index 5c23313..f715861 100644 --- a/proxmox/host_vars/pve90.yaml +++ b/proxmox/host_vars/pve90.yaml @@ -4,4 +4,6 @@ ceph_mesh: openfabric_net: 49.0000.0000.0090.00 interfaces: - enp161s0 - - enp161s0d1 \ No newline at end of file + - enp161s0d1 + +bgp_router_id: 172.21.20.90 \ No newline at end of file diff --git a/proxmox/host_vars/pve91.yaml b/proxmox/host_vars/pve91.yaml index 8d1053d..2433f07 100644 --- a/proxmox/host_vars/pve91.yaml +++ b/proxmox/host_vars/pve91.yaml @@ -4,4 +4,6 @@ ceph_mesh: openfabric_net: 49.0000.0000.0091.00 interfaces: - enp161s0 - - enp161s0d1 \ No newline at end of file + - enp161s0d1 + +bgp_router_id: 172.21.20.91 \ No newline at end of file diff --git a/proxmox/host_vars/pve92.yaml b/proxmox/host_vars/pve92.yaml index def891d..b1e4500 100644 --- a/proxmox/host_vars/pve92.yaml +++ b/proxmox/host_vars/pve92.yaml @@ -4,4 +4,6 @@ ceph_mesh: openfabric_net: 49.0000.0000.0092.00 interfaces: - enp161s0 - - enp161s0d1 \ No newline at end of file + - enp161s0d1 + +bgp_router_id: 172.21.20.92 \ No newline at end of file diff --git a/proxmox/host_vars/pve93.yaml b/proxmox/host_vars/pve93.yaml index d2b5a59..f4482c4 100644 --- a/proxmox/host_vars/pve93.yaml +++ b/proxmox/host_vars/pve93.yaml @@ -4,4 +4,6 @@ ceph_mesh: openfabric_net: 49.0000.0000.0093.00 interfaces: - enp161s0 - - enp161s0d1 \ No newline at end of file + - enp161s0d1 + +bgp_router_id: 172.21.20.93 \ No newline at end of file diff --git a/proxmox/templates/frr.conf.j2 b/proxmox/templates/frr.conf.j2 index 621c128..ec85d01 100644 --- a/proxmox/templates/frr.conf.j2 +++ b/proxmox/templates/frr.conf.j2 @@ -28,3 +28,28 @@ router openfabric 1 lsp-gen-interval 5 exit ! +! +router bgp {{ bgp.as }} + bgp router-id {{ bgp_router_id }} + + bgp default ipv4-unicast + bgp default ipv6-unicast + + neighbor k6-infra peer-group + neighbor k6-infra remote-as {{ bgp.as }} + neighbor k6-infra password {{ bgp_password }} + neighbor k6-infra update-source {{ bgp.interface }} + +{% for peer in bgp.peers %} + neighbor {{ peer }} peer-group k6-infra +{% endfor %} + +{% for peer in bgp.peers_ipv6 %} + neighbor {{ peer }} peer-group k6-infra +{% endfor %} + ! + address-family ipv6 unicast + neighbor k6-infra activate + redistribute openfabric + exit-address-family +! diff --git a/secrets.yaml b/secrets.yaml new file mode 100644 index 0000000..1b72fe3 --- /dev/null +++ b/secrets.yaml @@ -0,0 +1,11 @@ +--- +- name: Checkout secrets + hosts: localhost + gather_facts: false + tasks: + - name: Checkout secrets + ansible.builtin.git: + repo: 'git@git.k-space.ee:secretspace/ansible.git' + dest: secrets + update: yes + version: main