Page MenuHomeDevCentral
Files F27214962

D4098.diff
No OneTemporary
Actions

D4098.diff
View Options

diff --git a/roles/core/network/init.sls b/roles/core/network/init.sls
--- a/roles/core/network/init.sls
+++ b/roles/core/network/init.sls
@@ -13,6 +13,7 @@
- .dhclient6
- .gre
- .routes
+ - .tunnels
# Drake can be configured as:
#
diff --git a/roles/core/network/tunnels.sls b/roles/core/network/tunnels.sls
new file mode 100644
--- /dev/null
+++ b/roles/core/network/tunnels.sls
@@ -0,0 +1,17 @@
+# Network — GRE tunnel creation script
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import dirs with context %}
+
+{% if 'router' in grains.get('roles', []) or 'devserver' in grains.get('roles', []) %}
+
+{{ dirs.libexec }}/tunnels/create-tunnels:
+ file.managed:
+ - source: salt://roles/salt-primary/reactor/files/create-tunnels.sh
+ - makedirs: True
+ - mode: 755
+
+{% endif %}
diff --git a/roles/salt-primary/reactor/files/create-tunnels.sh b/roles/salt-primary/reactor/files/create-tunnels.sh
new file mode 100644
--- /dev/null
+++ b/roles/salt-primary/reactor/files/create-tunnels.sh
@@ -0,0 +1,154 @@
+#!/bin/sh
+
+# -------------------------------------------------------------
+# Network — CARP GRE tunnels configuration script
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/salt-primary/reactor/files/create-tunnels.sh
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+
+# -------------------------------------------------------------
+# Configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+set -eu
+
+PRIMARY_ROUTER="$1"
+
+VIP="51.68.252.230"
+
+# this file log is for test : later will be a log file /var/log/carp-tunnels.log with tag carp-tunnels
+LOG="/tmp/test-reactor.log"
+
+
+# -------------------------------------------------------------
+# Helper functions
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+# will be updated later
+log() {
+ echo "$(date '+%Y-%m-%d %H:%M:%S') $*" >> "$LOG"
+}
+
+
+# -----------------------------------------------------------------------------
+# Function: destroy_tunnels
+# Description: Destroy a GRE tunnel interface if it exists
+#
+# Parameters:
+# IFACE GRE interface name
+#
+# Returns:
+# 0 on success
+# -----------------------------------------------------------------------------
+destroy_tunnels() {
+ IFACE="$1"
+
+ if ifconfig "$IFACE" >/dev/null 2>&1; then
+ log "Destroying $IFACE"
+ ifconfig "$IFACE" destroy
+ else
+ log "Interface $IFACE does not exist, skipping"
+ fi
+}
+
+
+# -----------------------------------------------------------------------------
+# Function: create_tunnels
+# Description: Configure a GRE tunnel interface
+#
+# Parameters:
+# IFACE GRE interface name
+# DESC Interface description
+# LOCAL_PUBLIC_IP Local tunnel public IP address
+# REMOTE_PUBLIC_IP Remote tunnel public IP address
+# LOCAL_TUNNEL_IP Local tunnel IP address
+# REMOTE_TUNNEL_IP Remote tunnel IP address
+#
+# Returns:
+# 0 on success, exits on error
+# -----------------------------------------------------------------------------
+create_tunnels() {
+ IFACE="$1"
+ DESC="$2"
+ LOCAL_PUBLIC_IP="$3"
+ REMOTE_PUBLIC_IP="$4"
+ LOCAL_TUNNEL_IP="$5"
+ REMOTE_TUNNEL_IP="$6"
+
+ if ! ifconfig "$IFACE" >/dev/null 2>&1; then
+ ifconfig "$IFACE" create
+ fi
+
+ log "Configuring $IFACE → $DESC"
+
+ ifconfig "$IFACE" description "$DESC"
+ ifconfig "$IFACE" tunnel "$LOCAL_PUBLIC_IP" "$REMOTE_PUBLIC_IP"
+ ifconfig "$IFACE" inet "$LOCAL_TUNNEL_IP" "$REMOTE_TUNNEL_IP" netmask 255.255.255.255
+ ifconfig "$IFACE" up
+}
+
+
+# -------------------------------------------------------------
+# Entry point
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+log "CARP PRIMARY ROUTER detected: $PRIMARY_ROUTER"
+
+
+HOST="$(hostname -s)"
+
+case "$HOST" in
+ ysul)
+ log "Configuring the tunnel on ysul"
+
+ destroy_tunnels gre1
+
+ create_tunnels gre1 ysul_to_primary_router 163.172.49.16 "$VIP" 172.27.27.31 172.27.27.241
+ ;;
+
+ windriver)
+ log "Configuring the tunnel on windriver"
+
+ destroy_tunnels gre2
+
+ create_tunnels gre2 windriver_to_primary_router 195.154.30.15 "$VIP" 172.27.27.36 172.27.27.243
+ ;;
+
+ router-002|router-003)
+
+ destroy_tunnels gre1
+
+ destroy_tunnels gre2
+
+ if [ "$HOST" != "$PRIMARY_ROUTER" ]; then
+ log "$HOST is not PRIMARY ($PRIMARY_ROUTER is PRIMARY), skipping"
+ exit 0
+ fi
+
+ log "Configuring tunnels on primary router: $HOST"
+
+ create_tunnels gre1 primary_router_to_windriver "$VIP" 195.154.30.15 172.27.27.243 172.27.27.36
+
+ create_tunnels gre2 primary_router_to_ysul "$VIP" 163.172.49.16 172.27.27.241 172.27.27.31
+ ;;
+
+ *)
+ log "Skipping host: $HOST"
+ exit 0
+ ;;
+esac
+
+log "Tunnel configuration completed"
diff --git a/roles/salt-primary/reactor/files/reactor.conf b/roles/salt-primary/reactor/files/reactor.conf
new file mode 100644
--- /dev/null
+++ b/roles/salt-primary/reactor/files/reactor.conf
@@ -0,0 +1,18 @@
+# -------------------------------------------------------------
+# Salt — reactor configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/salt-primary/reactor/files/reactor.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+reactor:
+ - 'network/carp/primary':
+ - /srv/reactor/tunnels.sls
diff --git a/roles/salt-primary/reactor/files/tunnels.sls b/roles/salt-primary/reactor/files/tunnels.sls
new file mode 100644
--- /dev/null
+++ b/roles/salt-primary/reactor/files/tunnels.sls
@@ -0,0 +1,29 @@
+# -------------------------------------------------------------
+# Network — CARP GRE tunnels creation
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/salt-primary/reactor/files/tunnels.sls
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+{% from "map.jinja" import dirs with context %}
+
+{% set primary_router = data["data"]["router"] %}
+
+create_tunnels:
+ local.cmd.run:
+ - tgt:
+ - ysul
+ - windriver
+ - router-002
+ - router-003
+ - tgt_type: list
+ - arg:
+ - {{ dirs.libexec }}/tunnels/create-tunnels {{ primary_router }}
diff --git a/roles/salt-primary/reactor/init.sls b/roles/salt-primary/reactor/init.sls
--- a/roles/salt-primary/reactor/init.sls
+++ b/roles/salt-primary/reactor/init.sls
@@ -17,11 +17,11 @@
# the reactor config does not exist.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-{% if salt["slsutil.file_exists"]("reactor/reactor.conf") %}
+{% if salt["slsutil.file_exists"]("roles/salt-primary/reactor/files/reactor.conf") %}
{{ dirs.etc }}/salt/master.d/reactor.conf:
file.symlink:
- - target: /opt/salt/nasqueron-operations/reactor/reactor.conf
+ - target: /opt/salt/nasqueron-operations/roles/salt-primary/reactor/files/reactor.conf
{% else %}
@@ -29,3 +29,13 @@
file.absent
{% endif %}
+
+# -------------------------------------------------------------
+# GRE tunnels
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/srv/reactor/tunnels.sls:
+ file.managed:
+ - source: salt://roles/salt-primary/reactor/files/tunnels.sls
+ - makedirs: True
+ - mode: 644

File Metadata

Mime Type
text/plain
Expires
Sat, May 2, 14:29 (14 h, 39 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3678468
Default Alt Text
D4098.diff (8 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator