neoloc/loopback_dns (#281)

- manage all interfaces in dns (except lo and anycast)
- move loopback0 anycast addresses to be anycast0

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/281
This commit was merged in pull request #281.
This commit is contained in:
2025-05-11 16:36:04 +10:00
parent 3e0141bb1b
commit 87a6c73578
14 changed files with 67 additions and 37 deletions
@@ -11,7 +11,7 @@ networking::interfaces:
type: physical
forwarding: true
dhcp: true
loopback0:
anycast0:
type: dummy
ipaddress: "%{hiera('profiles::consul::server::anycast_ip')}"
netmask: 255.255.255.255
@@ -24,7 +24,7 @@ frrouting::ospfd_redistribute:
frrouting::ospfd_interfaces:
eth0:
area: 0.0.0.0
loopback0:
anycast0:
area: 0.0.0.0
frrouting::daemons:
ospfd: true
@@ -11,7 +11,7 @@ networking::interfaces:
type: physical
forwarding: true
dhcp: true
loopback0:
anycast0:
type: dummy
ipaddress: "%{hiera('profiles::consul::server::anycast_ip')}"
netmask: 255.255.255.255
@@ -24,7 +24,7 @@ frrouting::ospfd_redistribute:
frrouting::ospfd_interfaces:
eth0:
area: 0.0.0.0
loopback0:
anycast0:
area: 0.0.0.0
frrouting::daemons:
ospfd: true
@@ -11,7 +11,7 @@ networking::interfaces:
type: physical
forwarding: true
dhcp: true
loopback0:
anycast0:
type: dummy
ipaddress: "%{hiera('profiles::consul::server::anycast_ip')}"
netmask: 255.255.255.255
@@ -24,7 +24,7 @@ frrouting::ospfd_redistribute:
frrouting::ospfd_interfaces:
eth0:
area: 0.0.0.0
loopback0:
anycast0:
area: 0.0.0.0
frrouting::daemons:
ospfd: true
@@ -11,7 +11,7 @@ networking::interfaces:
type: physical
forwarding: true
dhcp: true
loopback0:
anycast0:
type: dummy
ipaddress: "%{hiera('profiles::consul::server::anycast_ip')}"
netmask: 255.255.255.255
@@ -24,7 +24,7 @@ frrouting::ospfd_redistribute:
frrouting::ospfd_interfaces:
eth0:
area: 0.0.0.0
loopback0:
anycast0:
area: 0.0.0.0
frrouting::daemons:
ospfd: true
@@ -11,7 +11,7 @@ networking::interfaces:
type: physical
forwarding: true
dhcp: true
loopback0:
anycast0:
type: dummy
ipaddress: "%{hiera('profiles::consul::server::anycast_ip')}"
netmask: 255.255.255.255
@@ -24,7 +24,7 @@ frrouting::ospfd_redistribute:
frrouting::ospfd_interfaces:
eth0:
area: 0.0.0.0
loopback0:
anycast0:
area: 0.0.0.0
frrouting::daemons:
ospfd: true
@@ -11,7 +11,7 @@ networking::interfaces:
type: physical
forwarding: true
dhcp: true
loopback0:
anycast0:
type: dummy
ipaddress: "%{hiera('dns_master_anycast_ip')}"
netmask: 255.255.255.255
@@ -24,7 +24,7 @@ frrouting::ospfd_redistribute:
frrouting::ospfd_interfaces:
eth0:
area: 0.0.0.0
loopback0:
anycast0:
area: 0.0.0.0
frrouting::daemons:
ospfd: true
@@ -11,7 +11,7 @@ networking::interfaces:
type: physical
forwarding: true
dhcp: true
loopback0:
anycast0:
type: dummy
ipaddress: "%{hiera('dns_master_anycast_ip')}"
netmask: 255.255.255.255
@@ -24,7 +24,7 @@ frrouting::ospfd_redistribute:
frrouting::ospfd_interfaces:
eth0:
area: 0.0.0.0
loopback0:
anycast0:
area: 0.0.0.0
frrouting::daemons:
ospfd: true
@@ -11,7 +11,7 @@ networking::interfaces:
type: physical
forwarding: true
dhcp: true
loopback0:
anycast0:
type: dummy
ipaddress: "%{hiera('dns_master_anycast_ip')}"
netmask: 255.255.255.255
@@ -24,7 +24,7 @@ frrouting::ospfd_redistribute:
frrouting::ospfd_interfaces:
eth0:
area: 0.0.0.0
loopback0:
anycast0:
area: 0.0.0.0
frrouting::daemons:
ospfd: true
@@ -11,7 +11,7 @@ networking::interfaces:
type: physical
forwarding: true
dhcp: true
loopback0:
anycast0:
type: dummy
ipaddress: "%{hiera('dns_resolver_anycast_ip')}"
netmask: 255.255.255.255
@@ -24,7 +24,7 @@ frrouting::ospfd_redistribute:
frrouting::ospfd_interfaces:
eth0:
area: 0.0.0.0
loopback0:
anycast0:
area: 0.0.0.0
frrouting::daemons:
ospfd: true
@@ -11,7 +11,7 @@ networking::interfaces:
type: physical
forwarding: true
dhcp: true
loopback0:
anycast0:
type: dummy
ipaddress: "%{hiera('dns_resolver_anycast_ip')}"
netmask: 255.255.255.255
@@ -24,7 +24,7 @@ frrouting::ospfd_redistribute:
frrouting::ospfd_interfaces:
eth0:
area: 0.0.0.0
loopback0:
anycast0:
area: 0.0.0.0
frrouting::daemons:
ospfd: true
@@ -11,7 +11,7 @@ networking::interfaces:
type: physical
forwarding: true
dhcp: true
loopback0:
anycast0:
type: dummy
ipaddress: "%{hiera('dns_resolver_anycast_ip')}"
netmask: 255.255.255.255
@@ -24,7 +24,7 @@ frrouting::ospfd_redistribute:
frrouting::ospfd_interfaces:
eth0:
area: 0.0.0.0
loopback0:
anycast0:
area: 0.0.0.0
frrouting::daemons:
ospfd: true
+11 -1
View File
@@ -13,10 +13,18 @@ profiles::pki::vault::alt_names:
- incus.query.consul
- "incus.service.%{facts.country}-%{facts.region}.consul"
profiles::pki::vault::ip_sans:
- "%{hiera('networking_loopback0_ip')}"
- "%{hiera('networking_loopback1_ip')}"
- "%{hiera('networking_loopback2_ip')}"
profiles::ssh::sign::principals:
- incus.service.consul
- incus.query.consul
- "incus.service.%{facts.country}-%{facts.region}.consul"
- "%{hiera('networking_loopback0_ip')}"
- "%{hiera('networking_loopback1_ip')}"
- "%{hiera('networking_loopback2_ip')}"
# configure consul service
consul::services:
@@ -65,10 +73,12 @@ profiles::yum::global::repos:
gpgkey: https://packagerepo.service.consul/zfs/rhel9/kmod-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-openzfs-2022
mirrorlist: absent
# dns
profiles::dns::base::primary_interface: loopback0
# networking
systemd::manage_networkd: true
systemd::manage_all_network_files: true
#networking::use_networkd: true
networking::interfaces:
enp2s0:
type: physical