As an initial implementation, instead of immediately creating a new Salt execution module, I will temporarily use cmd.run to configure CARP.

This approach allows us to configure easily the CARP configuration (rc.conf entries).

This is intended as a short-term solution to validate the configuration and integration with Vault.
A future refactoring may introduce a dedicated a carp execution module for better maintainability and abstraction.

Steps:

• Create the role folder "router"

• Create the required init.sls file

• Create the new state carp.sls inside a folder carp created

• Add a new function (get_carp_entries()) in the file _modules/node.py to retrive the carp configuration from nodes.sls and test the function (D3979)

• Configure the file carp.sls (D3986)
  
  --> requires to retrieve the shared secrets from VALT, steps :
  • 1. Add a policy for role router in pillar/credentials/vault.sls
  • 2. Add a file router/carp/carp.jinja where we find the carp configuration
  • 3. In carp.sls we can now call the template jinja to add the configuration in /etc/rc.conf.d/netif/carp

• Deploy the network configuration via Salt on every machine : salt 'node' state.apply roles/core/network

• Deploy the carp configuration to router-002 and router-003 via Salt, and validate CARP is correctly applied.