Page MenuHomeDevCentral
Create Task
Maniphest T2203

CARP setup (IP allocation, vhid, advskew / priorité (master / backup), shared secret)
Closed, ResolvedPublic
Actions

Description

Steps :

  • Define CARP VIPs, VHIDs, priorities and the shared secret for internal and public networks.
  • Add the CARP configurations in NetBox.
  • Generate a new pillar with the script : utils/netbox/pillarize.py (D2790).
  • Compare pillar/nodes/nodes.sls with the newly generated pillar and apply necessary improvements in NetBox, in nodes.sls or in the script python (D3974 et D2790).
  • Add new functions in utils/netbox/pillarize.py to get the carp configurations on NetBox (D2790).
  • Put the shared secrets for VHID 1 and VHID 2 in VALT

Revisions and Commits

rOPS Nasqueron Operations
D3974rOPS061a931c2527 Synchronize nodes pillar with NetBox information

Related Objects

Event Timeline

Duranzed created this task.Feb 5 2026, 15:53
Herald added a subscriber: dereckson. · View Herald TranscriptFeb 5 2026, 15:53
Duranzed updated the task description. (Show Details)Feb 6 2026, 08:18
yousra updated the task description. (Show Details)Feb 8 2026, 19:18
dereckson triaged this task as Normal priority.Feb 11 2026, 19:53
dereckson renamed this task from Define IP range to Define IP range to use with CARP.Feb 16 2026, 01:32
yousra moved this task from Backlog to Working on on the Secure HA tunnels board.Feb 17 2026, 18:46
yousra claimed this task.Feb 17 2026, 19:05
yousra updated the task description. (Show Details)
yousra updated the task description. (Show Details)Wed, Feb 18, 08:57
yousra updated the task description. (Show Details)Wed, Feb 18, 10:40
yousra updated the task description. (Show Details)Wed, Feb 18, 13:02
yousra updated the task description. (Show Details)Wed, Feb 18, 13:06
yousra updated the task description. (Show Details)Wed, Feb 18, 13:40
yousra added a comment.Wed, Feb 18, 14:40

A new bloc IPV4 was added in NetBox : The 172.27.27.0/28 subnet was fully allocated and currently used by VMs on Hyper-1, so I expand it to a larger prefix by combining 172.27.27.0/28 and 172.27.27.16/28 into a single 172.27.27.0/27 subnet to allow better address utilization in the future.

dereckson added a comment.Thu, Feb 19, 00:56

19:21 < Yousra> Dereckson router-003: IP= 178.32.70.111/30, en fait .111 c'est la broadcast

Indeed, strico sensu, in a /30 block, the last one is the broadcast.
But here, each IP is actually used as /32: the server will have inet 178.32.70.111 netmask 255.255.255.255.
That strategy allows to avoid waste of blocks in a situation of exhaustion of available IPv4.

So for OVH IPFO (fail-over IPs):

  • we receive a range of IP, we can use every IP in that range
  • we treat everything as /32
yousra updated the task description. (Show Details)Thu, Feb 19, 12:22
yousra updated the task description. (Show Details)Thu, Feb 19, 12:31
yousra updated the task description. (Show Details)Thu, Feb 19, 13:19
yousra renamed this task from Define IP range to use with CARP to CARP setup (IP allocation, vhid, advskew / priorité (master / backup)).Sun, Feb 22, 13:25
yousra updated the task description. (Show Details)
yousra renamed this task from CARP setup (IP allocation, vhid, advskew / priorité (master / backup)) to CARP setup (IP allocation, vhid, advskew / priorité (master / backup), secret shared).Sun, Feb 22, 13:40
yousra renamed this task from CARP setup (IP allocation, vhid, advskew / priorité (master / backup), secret shared) to CARP setup (IP allocation, vhid, advskew / priorité (master / backup), shared secret).Sun, Feb 22, 13:42
yousra updated the task description. (Show Details)
yousra updated the task description. (Show Details)Sun, Feb 22, 20:10
yousra added a revision: D3974: Synchronize nodes pillar with NetBox information.
yousra updated the task description. (Show Details)Sun, Feb 22, 22:07
yousra updated the task description. (Show Details)Sun, Feb 22, 23:05
yousra updated the task description. (Show Details)
yousra updated the task description. (Show Details)Sun, Feb 22, 23:19
yousra updated the task description. (Show Details)Mon, Feb 23, 20:49
yousra updated the task description. (Show Details)Tue, Feb 24, 10:26
yousra updated the task description. (Show Details)
yousra mentioned this in T2264: Implement CARP configuration for router-002 and router-003 .Tue, Feb 24, 12:54
yousra added projects: Salt, Drake network.Tue, Feb 24, 21:34
yousra updated the task description. (Show Details)Tue, Mar 3, 20:00
yousra updated the task description. (Show Details)Wed, Mar 4, 12:05
yousra updated the task description. (Show Details)Wed, Mar 4, 12:08
yousra closed this task as Resolved.Sun, Mar 8, 15:11
yousra moved this task from Working on to Done on the Secure HA tunnels board.
yousra removed a project: Salt.Sun, Mar 8, 21:11
yousra added a commit: rOPS061a931c2527: Synchronize nodes pillar with NetBox information.Fri, Mar 13, 10:02
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator