Page MenuHomeDevCentral

Refactor routes configuration
ClosedPublic

Authored by dereckson on Mar 14 2022, 18:15.
Tags
None
Referenced Files
F3743692: D2595.id6615.diff
Thu, Nov 14, 23:12
F3743567: D2595.diff
Thu, Nov 14, 22:03
F3743566: D2595.id6548.diff
Thu, Nov 14, 22:02
F3743564: D2595.id6618.diff
Thu, Nov 14, 22:02
F3742513: D2595.id6617.diff
Thu, Nov 14, 07:43
Unknown Object (File)
Wed, Nov 13, 05:07
Unknown Object (File)
Tue, Nov 12, 23:41
Unknown Object (File)
Tue, Nov 12, 02:02
Subscribers
None

Details

Summary

Until now, routes configuration was provided only for FreeBSD,
but nothing for Linux machines.

This change reads route from two sources:

  • the new nodes' network data structure, for default gateway
  • the networks pillar for private networks

For FreeBSD, a consolidated /etc/rc.conf.d/managed replaces
former ipv4 file.

On CentOS and Debian, there is some traction to switch to Network Manager
to configure the network even on servers. There is a NMState library
with a configuration in YAML format suitable for our needs, but dependencies
are really heavy to store this. And it only supports Network Manager,
not used on CentOS machines.

The solution selected for Linux systems is to provision a /etc/routes.conf
with all the routes definition and a routes utility to apply them. Zero
dependency in addition to iproutes. A systemd unit runs it during startup.

Acknowledgment: thanks to @semarie, Natacha (@faelys) and @alarig
for feedback about how to read routes.conf and discard comments.

Test Plan

Deploy on router-001, Ysul and Dwellers

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Errors
SeverityLocationCodeMessage
Error_modules/node.py:396E501flake8 E501
Advice_modules/node.py:322F821flake8 F821
Advice_modules/node.py:322F821flake8 F821
Advice_modules/node.py:326F821flake8 F821
Advice_modules/node.py:330F821flake8 F821
Advice_modules/node.py:333F821flake8 F821
Advice_modules/node.py:336F821flake8 F821
Advice_modules/node.py:340F821flake8 F821
Advice_modules/node.py:343F821flake8 F821
Advice_modules/node.py:346F821flake8 F821
Advice_modules/node.py:350F821flake8 F821
Advice_modules/node.py:353F821flake8 F821
Advice_modules/node.py:356F821flake8 F821
Advice_modules/node.py:370F821flake8 F821
Advice_modules/node.py:371F821flake8 F821
Advice_modules/node.py:383F821flake8 F821
Advice_modules/node.py:395F821flake8 F821
Unit
No Test Coverage
Branch
network-routes
Build Status
Buildable 4109
Build 4361: arc lint + arc unit

Event Timeline

dereckson created this revision.
dereckson added inline comments.
roles/core/network/init.sls
17

D2581 should merge private and ipv4

Works also with zero element

Shorten too long like (black)

_modules/node.py
393

Skip it on os_family = 'RedHat' (already got that from GATEWAY in ipcfg script)

FreeBSD

/etc/rc.conf.d/routing/managed
#   [...]
#   </auto-generated>
static_routes=igb0_default private_drake

route_igb0_default="default 51.159.18.1"

route_private_drake="-net 172.27.27.0/24 172.27.27.254"

Rocky (formerly CentOS 8.5)

/etc/routes.conf on Dwellers
#   [...]
#   </auto-generated>
172.27.27.0/24 via 172.27.27.1
Dwellers
$ systemctl status routes
● routes.service - Apply static routes through ip routes
   Loaded: loaded (/etc/systemd/system/routes.service; enabled; vendor preset: disabled)
   Active: active (exited) since Mon 2022-03-21 21:47:34 UTC; 2min 44s ago
     Docs: https://agora.nasqueron.org/Operations_grimoire/Network
 Main PID: 304762 (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 62399)
   Memory: 0B
   CGroup: /system.slice/routes.service

$ netstat -rn | grep 172.27.27.1
172.27.27.0     172.27.27.1     255.255.255.0   UG        0 0          0 ens224

Route is at the correct interface at priority 0.

This revision is now accepted and ready to land.Mar 21 2022, 22:00

variable -> string for a dictionary key

dereckson edited the summary of this revision. (Show Details)
This revision was landed with ongoing or failed builds.Mar 21 2022, 22:12
This revision was automatically updated to reflect the committed changes.