Details

Reviewers

dereckson
Duranzed

Maniphest Tasks

T2319: Automate GRE tunnel failover on CARP PRIMARY router

Summary

Add a Salt reactor configuration to automatically reconfigure GRE tunnels when a CARP primary change occurs.

This introduces:

reactor.conf: listens to the event network/carp/primary
tunnels.sls: reactor state that triggers tunnel reconfiguration on all relevant nodes

The reactor executes a script on:

ysul
windriver
router-002
router-003

Additionally:

A new state roles/core/network/tunnels.sls is added to deploy the create-tunnels.sh script on routers and devservers (the targets)

Also the reactor will call ospf.sls that will call /usr/local/libexec/frr/set-ospf-default-route developped in D4093

Ref T2319

Test Plan

Simulate CARP failover
Verify the Salt event is send
Check that the reactor executes tunnels.sls
Validate GRE interfaces are recreated correctly

Diff Detail

Repository

rOPS Nasqueron Operations

Lint

Lint Passed

Unit

No Test Coverage

Branch

arcpatch-D4098

Build Status

Buildable 6698
Build 6986: arc lint + arc unit

Event Timeline

yousra requested review of this revision.Wed, Apr 29, 17:48

yousra created this revision.

Harbormaster completed remote builds in B6678: Diff 10721.Wed, Apr 29, 17:48

yousra edited the summary of this revision. (Show Details)Wed, Apr 29, 17:55

yousra added a task: T2319: Automate GRE tunnel failover on CARP PRIMARY router.

yousra mentioned this in T2319: Automate GRE tunnel failover on CARP PRIMARY router.

Changed the interface name from windriver to primary router (gre1 instead of gre2)

Harbormaster completed remote builds in B6684: Diff 10727.Sun, May 3, 14:08

Changed the file tunnels.sls : create tunnels on routers and after on clients (windriver and ysul)

Harbormaster completed remote builds in B6685: Diff 10728.Sun, May 3, 16:44

Updated GRE/IPsec failover script

Harbormaster completed remote builds in B6691: Diff 10734.Tue, May 5, 11:26

Updated function calls

Harbormaster completed remote builds in B6692: Diff 10735.Tue, May 5, 11:32

Script for creation GRE tunnel will now send logs to a correct file syslog

Harbormaster completed remote builds in B6694: Diff 10738.Tue, May 5, 14:09

Updated connection names for IKE and children

Harbormaster completed remote builds in B6698: Diff 10742.Wed, May 6, 10:34

Added sleep command to avoid conflitct between commands for the IKE to be mounted correctly

Harbormaster completed remote builds in B6699: Diff 10743.Wed, May 6, 10:47

Fixed the commit that now have all the ipsec config

Harbormaster completed remote builds in B6700: Diff 10744.Wed, May 6, 13:14

yousra retitled this revision from Add Salt reactor for GRE tunnel creation on CARP failover to Add Salt reactor for GRE tunnel creation on CARP failover .Wed, May 6, 13:40

yousra edited the summary of this revision. (Show Details)

yousra edited the summary of this revision. (Show Details)Wed, May 6, 13:51

Added reactor to trigger default route advertise OSPF

Harbormaster completed remote builds in B6701: Diff 10745.Wed, May 6, 14:06

Add Salt reactor for GRE tunnel creation on CARP failover
Needs ReviewPublic
Actions

Details

Diff Detail

Event Timeline

Revision Contents
Changeset List

Diff 10742

roles/salt-primary/reactor/files/create-tunnels.sh

Add Salt reactor for GRE tunnel creation on CARP failoverNeeds ReviewPublicActions

Details

Diff Detail

Event Timeline

Revision ContentsChangeset List

Diff 10742

roles/salt-primary/reactor/files/create-tunnels.sh

Add Salt reactor for GRE tunnel creation on CARP failover
Needs ReviewPublic
Actions

Revision Contents
Changeset List