refactor ansible config and templates

sever-sever · Dec 21, 2023 · 5d0f8b4 · 5d0f8b4
1 parent 2e7331a
commit 5d0f8b4
Show file tree

Hide file tree

Showing 15 changed files with 85 additions and 32 deletions.
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
@@ -1,11 +1,15 @@
 [defaults]
-host_key_checking  = no
-inventory          = ./hosts
-callback_whitelist = minimal
-forks              = 50
-pipelining         = True
-ANSIBLE_NOCOLOR    = True
-# callbacks_enabled = timer, profile_tasks, profile_roles
+host_key_checking      = Fasle
+inventory              = ./hosts
+callback_whitelist     = minimal
+forks                  = 50
+pipelining             = True
+nocolor                = False
+nocows                 = True
+display_args_to_stdout = False
+display_skipped_hosts  = True
+retry_files_enabled    = False
+# callbacks_enabled      = timer, profile_tasks, profile_roles
 
 [ssh_connection]
 ssh_args = -o ControlMaster=auto -o ControlPersist=10s

diff --git a/ansible/group_vars/vyos_hosts.yml → ansible/group_vars/vyos_hosts/all.yml b/ansible/group_vars/vyos_hosts.yml → ansible/group_vars/vyos_hosts/all.yml
@@ -8,23 +8,3 @@ ansible_network_os         : vyos
 ansible_connection         : ansible.netcommon.network_cli
 gather_facts               : false
 
-# Routing
-routing:
-  ospf:
-    enable: false
-    area: 0
-  isis:
-    enable: true
-  bgp:
-    enable: false
-
-# API
-api:
-  enable: true
-  api_keys:
-    - name: KID
-      key: foo
-
-name_servers:
-  - 1.1.1.1
-  - 8.8.8.8
diff --git a/ansible/group_vars/vyos_hosts/api.yml b/ansible/group_vars/vyos_hosts/api.yml
@@ -0,0 +1,6 @@
+---
+api:
+  enable: true
+  api_keys:
+    - name: KID
+      key: foo
diff --git a/ansible/group_vars/vyos_hosts/dns.yml b/ansible/group_vars/vyos_hosts/dns.yml
@@ -0,0 +1,4 @@
+---
+name_servers:
+  - 1.1.1.1
+  - 8.8.8.8
diff --git a/ansible/group_vars/vyos_hosts/routing.yml b/ansible/group_vars/vyos_hosts/routing.yml
@@ -0,0 +1,10 @@
+---
+routing:
+  bgp:
+    enable: true
+    asn: 65001
+  ospf:
+    enable: false
+    area: 0
+  isis:
+    enable: true
diff --git a/ansible/host_vars/r1.yml b/ansible/host_vars/r1.yml
@@ -28,3 +28,6 @@ isis:
   net: 49.0001.1920.0200.0011.00
   interfaces:
     - eth1
+
+bgp:
+  neighbor: 192.0.2.1
diff --git a/ansible/host_vars/r4.yml b/ansible/host_vars/r4.yml
@@ -28,3 +28,6 @@ isis:
   net: 49.0001.1920.0200.0014.00
   interfaces:
     - eth1
+
+bgp:
+  neighbor: 192.0.2.5
diff --git a/ansible/hosts b/ansible/hosts
@@ -1,3 +1,3 @@
 [vyos_hosts]
-r1 ansible_ssh_host=192.168.122.11
-r4 ansible_ssh_host=192.168.122.14
+r1 ansible_ssh_host=192.168.122.11 vyos_version='1.3'
+r4 ansible_ssh_host=192.168.122.14 vyos_version='1.5'
diff --git a/ansible/interface.yml b/ansible/interface.yml
@@ -1,5 +1,5 @@
 ---
-- hosts: r4
+- hosts: vyos_hosts
   gather_facts: false
 
   tasks:

diff --git a/ansible/main.yml b/ansible/main.yml
@@ -5,6 +5,7 @@
 
   roles:
     - interfaces
+    - common
     - banner
     - routing
     - api
diff --git a/ansible/roles/common/tasks/main.yml b/ansible/roles/common/tasks/main.yml
@@ -0,0 +1,24 @@
+---
+
+- name: Configure name-servers
+  vyos.vyos.vyos_config:
+    src: nameservers.j2
+
+#- name: Debug hostvars for r1
+#  debug:
+#    var: hostvars['r1']
+
+#- name: Debug hostvars for r4
+#  debug:
+#    var: hostvars['r4']
+
+- name: Configure host-name
+  vyos.vyos.vyos_config:
+    lines:
+      - set system host-name {{ inventory_hostname }}
+
+- name: Configure time format
+  vyos.vyos.vyos_config:
+    lines:
+      - set system option time-format '24-hour'
+  when: hostvars[inventory_hostname].vyos_version == 1.5
diff --git a/ansible/roles/common/templates/nameservers.j2 b/ansible/roles/common/templates/nameservers.j2
@@ -0,0 +1,3 @@
+{% for nameserver in name_servers %}
+set system name-server '{{ nameserver }}'
+{% endfor %}
diff --git a/ansible/roles/routing/tasks/main.yml b/ansible/roles/routing/tasks/main.yml
@@ -5,7 +5,12 @@
     src: ospf.j2
   when: routing.ospf.enable
 
-- name: Configure ISIS
+- name: Configure IS-IS
   vyos.vyos.vyos_config:
     src: isis.j2
   when: routing.isis.enable
+
+- name: Configure BGP
+  vyos.vyos.vyos_config:
+    src: bgp.j2
+  when: routing.bgp.enable
diff --git a/ansible/roles/routing/templates/bgp.j2 b/ansible/roles/routing/templates/bgp.j2
@@ -0,0 +1,9 @@
+{% if routing.bgp.enable %}
+{%     if vyos_version == 1.5 %}
+set protocol bgp system-as '{{ routing.bgp.asn }}'
+{%     endif %}
+{%     set asn = '' if vyos_version == 1.5 or vyos_version == 1.4 else routing.bgp.asn %}
+set protocols bgp {{ asn }} neighbor {{ bgp.neighbor }} remote-as {{ routing.bgp.asn }}
+set protocols bgp {{ asn }} neighbor {{ bgp.neighbor }} address-family ipv4-unicast soft-reconfiguration inbound
+set protocols bgp {{ asn }} neighbor {{ bgp.neighbor }} description 'Configured by ansible'
+{% endif %}
diff --git a/ansible/roles/routing/templates/isis.j2 b/ansible/roles/routing/templates/isis.j2
@@ -1,6 +1,7 @@
 {% if routing.isis.enable %}
-set protocols isis net {{ isis.net }}
+set protocols isis net '{{ isis.net }}'
 set protocols isis redistribute ipv4 connected level-2
+set protocols isis redistribute ipv6 connected level-2
 
 {%     for interface in isis.interfaces %}
 set protocols isis interface {{ interface }}
-Original file line number
+Diff line change
@@ Expand Up / @@ -5,6 +5,7 @@ @@
       roles:
         - interfaces
+        - common
         - banner
         - routing
         - api