Add bgp config

f81215ef · Rafael László · 2eeedbef · f81215ef · f81215ef · f81215ef
Verified Commit f81215ef authored 3 years ago by Rafael László
--- a/ansible/router/main/base.yaml
+++ b/ansible/router/main/base.yaml
 ---
  
 - hosts: all
+  become: yes
  roles:
    - role: kszk.base
      tags: ["base"]
@@ -8,4 +9,7 @@
      tags: ["iptables"]
  vars_files:
    - "vars/base.yaml"
-  tasks: []
+  tasks:
+    - name: Setup bgp
+      tags: ["bgp"]
+      import_tasks: tasks/bgp.yaml
--- a/ansible/router/main/tasks/bgp.yaml
+++ b/ansible/router/main/tasks/bgp.yaml
+---
+
+- name: Install required packages for bgp
+  package:
+    state: present
+    name:
+      - frr
+      - gobgpd
+
+- name: Create opt/gobgpd folder
+  file:
+    path: /opt/gobgpd
+    state: directory
+
+- name: Download gobgpd tar file and extract it
+  unarchive: 
+    src: https://github.com/osrg/gobgp/releases/download/v2.33.0/gobgp_2.33.0_linux_amd64.tar.gz
+    dest: /opt/gobgpd
+    remote_src: yes
+
+- name: Place frr config file
+  template:
+    src: etc/frr/daemons.j2
+    dest: /etc/frr/daemons
+    mode: 0640
+  register: frr_config_file
+
+- name: Ensure frr is restarted and enabled to start at boot
+  service:
+    name: frr
+    state: restarted
+    enabled: yes
+  when: frr_config_file.changed
+
+- name: Place gobgpd systemd service file
+  template:
+    src: etc/systemd/system/gobgpd.service.j2
+    dest: /etc/systemd/system/gobgpd.service
+    mode: 0644
+  register: gobgpd_service_config_file
+
+- name: Place gobgpd config file
+  template:
+    src: etc/gobgpd.conf.j2
+    dest: /etc/gobgpd.conf
+    mode: 0644
+  register: gobgpd_config_file
+
+- name: Force systemd to reread configs
+  ansible.builtin.systemd:
+    daemon_reload: yes
+  when: gobgpd_service_config_file.changed
+
+- name: Ensure gobgpd is restarted and enabled to start at boot
+  service:
+    name: gobgpd
+    state: restarted
+    enabled: yes
+  when: gobgpd_config_file.changed or gobgpd_service_config_file.changed
--- a/ansible/router/main/templates/etc/frr/daemons.j2
+++ b/ansible/router/main/templates/etc/frr/daemons.j2
+#
+# !!!
+# {{ ansible_managed }}
+# !!!
+
+bgpd=no
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+pimd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+zebra=yes
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
--- a/ansible/router/main/templates/etc/gobgpd.conf.j2
+++ b/ansible/router/main/templates/etc/gobgpd.conf.j2
+# !!!
+# {{ ansible_managed }}
+# !!!
+
+[global.config]
+  as = 64512
+  router-id = "{{ bgp.router_ip }}"
+  local-address-list = ["{{ bgp.router_ip }}"]
+
+[global.use-multiple-paths.config]
+  enabled = true
+
+{% if bgp.neighbors is defined %}
+{% for neighbor in bgp.neighbors %}
+[[neighbors]]
+  [neighbors.config]
+    neighbor-address = "{{ neighbor }}"
+    peer-as = 64512
+{% endfor %}
+{% endif %}
+
+[zebra]
+  [zebra.config]
+    enabled = true
+    url = "unix:/var/run/frr/zserv.api"
+    redistribute-route-type-list = ["connect"]
+    software-name = "frr7.2"
+    version = 6
--- a/ansible/router/main/templates/etc/systemd/system/gobgpd.service.j2
+++ b/ansible/router/main/templates/etc/systemd/system/gobgpd.service.j2
+# !!!
+# {{ ansible_managed }}
+# !!!
+
+[Unit]
+Description=GoBGP Routing Daemon
+Documentation=file:/usr/share/doc/gobgpd/getting-started.md
+After=network.target syslog.service
+ConditionPathExists=/etc/gobgpd.conf
+
+[Service]
+Type=notify
+ExecStartPre=/opt/gobgpd/gobgpd -f /etc/gobgpd.conf -d
+ExecStart=/opt/gobgpd/gobgpd -f /etc/gobgpd.conf --sdnotify --disable-stdlog --syslog yes
+ExecReload=/opt/gobgpd/gobgpd -r
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+User=frr
+
+[Install]
+WantedBy=multi-user.target
--- a/ansible/router/main/vars/base.yaml
+++ b/ansible/router/main/vars/base.yaml
@@ -49,4 +49,12 @@ iptables_rules_v6_file: etc/iptables/rules.v6.j2

 # Playbook vars

-# nope
+bgp:
+  router_ip: "192.168.99.254"
+  neighbors: 
+    - "192.168.98.11"
+    - "192.168.98.12"
+    - "192.168.98.13"
+    - "192.168.98.21"
+    - "192.168.98.22"
+    - "192.168.98.23"