From f81215ef066c5441899337f369bdedcd85bb20aa Mon Sep 17 00:00:00 2001
From: Rafael Laszlo <rlacko99@gmail.com>
Date: Fri, 19 Nov 2021 17:02:03 +0100
Subject: [PATCH] Add bgp config
---
ansible/router/main/base.yaml | 6 +-
ansible/router/main/tasks/bgp.yaml | 59 +++++++++++++++++++
.../router/main/templates/etc/frr/daemons.j2 | 47 +++++++++++++++
.../router/main/templates/etc/gobgpd.conf.j2 | 28 +++++++++
.../etc/systemd/system/gobgpd.service.j2 | 20 +++++++
ansible/router/main/vars/base.yaml | 10 +++-
6 files changed, 168 insertions(+), 2 deletions(-)
create mode 100644 ansible/router/main/tasks/bgp.yaml
create mode 100644 ansible/router/main/templates/etc/frr/daemons.j2
create mode 100644 ansible/router/main/templates/etc/gobgpd.conf.j2
create mode 100644 ansible/router/main/templates/etc/systemd/system/gobgpd.service.j2
diff --git a/ansible/router/main/base.yaml b/ansible/router/main/base.yaml
index e9d5502..8f896be 100644
--- a/ansible/router/main/base.yaml
+++ b/ansible/router/main/base.yaml
@@ -1,6 +1,7 @@
---
- hosts: all
+ become: yes
roles:
- role: kszk.base
tags: ["base"]
@@ -8,4 +9,7 @@
tags: ["iptables"]
vars_files:
- "vars/base.yaml"
- tasks: []
+ tasks:
+ - name: Setup bgp
+ tags: ["bgp"]
+ import_tasks: tasks/bgp.yaml
diff --git a/ansible/router/main/tasks/bgp.yaml b/ansible/router/main/tasks/bgp.yaml
new file mode 100644
index 0000000..fa52613
--- /dev/null
+++ b/ansible/router/main/tasks/bgp.yaml
@@ -0,0 +1,59 @@
+---
+
+- name: Install required packages for bgp
+ package:
+ state: present
+ name:
+ - frr
+ - gobgpd
+
+- name: Create opt/gobgpd folder
+ file:
+ path: /opt/gobgpd
+ state: directory
+
+- name: Download gobgpd tar file and extract it
+ unarchive:
+ src: https://github.com/osrg/gobgp/releases/download/v2.33.0/gobgp_2.33.0_linux_amd64.tar.gz
+ dest: /opt/gobgpd
+ remote_src: yes
+
+- name: Place frr config file
+ template:
+ src: etc/frr/daemons.j2
+ dest: /etc/frr/daemons
+ mode: 0640
+ register: frr_config_file
+
+- name: Ensure frr is restarted and enabled to start at boot
+ service:
+ name: frr
+ state: restarted
+ enabled: yes
+ when: frr_config_file.changed
+
+- name: Place gobgpd systemd service file
+ template:
+ src: etc/systemd/system/gobgpd.service.j2
+ dest: /etc/systemd/system/gobgpd.service
+ mode: 0644
+ register: gobgpd_service_config_file
+
+- name: Place gobgpd config file
+ template:
+ src: etc/gobgpd.conf.j2
+ dest: /etc/gobgpd.conf
+ mode: 0644
+ register: gobgpd_config_file
+
+- name: Force systemd to reread configs
+ ansible.builtin.systemd:
+ daemon_reload: yes
+ when: gobgpd_service_config_file.changed
+
+- name: Ensure gobgpd is restarted and enabled to start at boot
+ service:
+ name: gobgpd
+ state: restarted
+ enabled: yes
+ when: gobgpd_config_file.changed or gobgpd_service_config_file.changed
diff --git a/ansible/router/main/templates/etc/frr/daemons.j2 b/ansible/router/main/templates/etc/frr/daemons.j2
new file mode 100644
index 0000000..04ecfbf
--- /dev/null
+++ b/ansible/router/main/templates/etc/frr/daemons.j2
@@ -0,0 +1,47 @@
+#
+# !!!
+# {{ ansible_managed }}
+# !!!
+
+bgpd=no
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+pimd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+zebra=yes
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options=" -A 127.0.0.1 -s 90000000"
+bgpd_options=" -A 127.0.0.1"
+ospfd_options=" -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options=" -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options=" -A 127.0.0.1"
+pimd_options=" -A 127.0.0.1"
+ldpd_options=" -A 127.0.0.1"
+nhrpd_options=" -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options=" -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options=" -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options=" -A 127.0.0.1"
diff --git a/ansible/router/main/templates/etc/gobgpd.conf.j2 b/ansible/router/main/templates/etc/gobgpd.conf.j2
new file mode 100644
index 0000000..cb32480
--- /dev/null
+++ b/ansible/router/main/templates/etc/gobgpd.conf.j2
@@ -0,0 +1,28 @@
+# !!!
+# {{ ansible_managed }}
+# !!!
+
+[global.config]
+ as = 64512
+ router-id = "{{ bgp.router_ip }}"
+ local-address-list = ["{{ bgp.router_ip }}"]
+
+[global.use-multiple-paths.config]
+ enabled = true
+
+{% if bgp.neighbors is defined %}
+{% for neighbor in bgp.neighbors %}
+[[neighbors]]
+ [neighbors.config]
+ neighbor-address = "{{ neighbor }}"
+ peer-as = 64512
+{% endfor %}
+{% endif %}
+
+[zebra]
+ [zebra.config]
+ enabled = true
+ url = "unix:/var/run/frr/zserv.api"
+ redistribute-route-type-list = ["connect"]
+ software-name = "frr7.2"
+ version = 6
diff --git a/ansible/router/main/templates/etc/systemd/system/gobgpd.service.j2 b/ansible/router/main/templates/etc/systemd/system/gobgpd.service.j2
new file mode 100644
index 0000000..9437f3e
--- /dev/null
+++ b/ansible/router/main/templates/etc/systemd/system/gobgpd.service.j2
@@ -0,0 +1,20 @@
+# !!!
+# {{ ansible_managed }}
+# !!!
+
+[Unit]
+Description=GoBGP Routing Daemon
+Documentation=file:/usr/share/doc/gobgpd/getting-started.md
+After=network.target syslog.service
+ConditionPathExists=/etc/gobgpd.conf
+
+[Service]
+Type=notify
+ExecStartPre=/opt/gobgpd/gobgpd -f /etc/gobgpd.conf -d
+ExecStart=/opt/gobgpd/gobgpd -f /etc/gobgpd.conf --sdnotify --disable-stdlog --syslog yes
+ExecReload=/opt/gobgpd/gobgpd -r
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+User=frr
+
+[Install]
+WantedBy=multi-user.target
diff --git a/ansible/router/main/vars/base.yaml b/ansible/router/main/vars/base.yaml
index 751c142..bf98851 100644
--- a/ansible/router/main/vars/base.yaml
+++ b/ansible/router/main/vars/base.yaml
@@ -49,4 +49,12 @@ iptables_rules_v6_file: etc/iptables/rules.v6.j2
# Playbook vars
-# nope
+bgp:
+ router_ip: "192.168.99.254"
+ neighbors:
+ - "192.168.98.11"
+ - "192.168.98.12"
+ - "192.168.98.13"
+ - "192.168.98.21"
+ - "192.168.98.22"
+ - "192.168.98.23"
--
GitLab