As an initial implementation, instead of immediately creating a new Salt execution module, I will temporarily use cmd.run to configure CARP.

This approach allows us to configure easily the CARP configuration (rc.conf entries).

This is intended as a short-term solution to validate the configuration and integration with Vault.
A future refactoring may introduce a dedicated a carp execution module for better maintainability and abstraction.

Steps:

• Create the role folder "router"

• Create the required init.sls file

• Create the new state carp.sls inside the folder carp created

• Add a new function (get_carp_entries()) in the file _modules/node.py to retrive the carp configuration from nodes.sls and test the function (D3979)

• Configure the file carp.sls (D3986)
  • 1. Add a Vault policy for role router in pillar/credentials/vault.sls
  • 2. Create the template carp.rc inside router/carp/files that will have the CARP configuration
  • 3. In carp.sls we can now call the template jinja to add the configuration in /etc/rc.conf.d/netif/carp

• Deploy the network configuration via Salt on every machine : salt 'node' state.apply roles/core/network

• Deploy the carp configuration to router-002 and router-003 via Salt, and validate CARP is correctly applied

• Add the routers to top.sls to be able to do : sudo salt 'router-002' state.apply roles/router