feat: anycast dhcp

- dhcp is used only for old-vms, or when pxebooting new hosts - anycast used for failover
2025-06-29 13:02:20 +10:00 · 2025-06-29 13:02:20 +10:00 · b747be58d0
commit b747be58d0
parent 7b07626162
3 changed files with 69 additions and 24 deletions
--- a/hieradata/roles/infra/dhcp/server.yaml
+++ b/hieradata/roles/infra/dhcp/server.yaml
@ -1,4 +1,52 @@
 ---
+hiera_include:
+  - frrouting
+  - profiles::dhcp::server
+
+# networking
+anycast_ip: 198.18.19.18
+systemd::manage_networkd: true
+systemd::manage_all_network_files: true
+networking::interfaces:
+  eth0:
+    type: physical
+    forwarding: true
+    dhcp: true
+  anycast0:
+    type: dummy
+    ipaddress: "%{hiera('anycast_ip')}"
+    netmask: 255.255.255.255
+    mtu: 1500
+
+# frrouting
+frrouting::ospfd_router_id: "%{facts.networking.ip}"
+frrouting::ospfd_redistribute:
+  - connected
+frrouting::ospfd_interfaces:
+  eth0:
+    area: 0.0.0.0
+  anycast0:
+    area: 0.0.0.0
+frrouting::daemons:
+  ospfd: true
+
+# additional repos
+profiles::yum::global::repos:
+  frr-extras:
+    name: frr-extras
+    descr: frr-extras repository
+    target: /etc/yum.repos.d/frr-extras.repo
+    baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os
+    gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR
+    mirrorlist: absent
+  frr-stable:
+    name: frr-stable
+    descr: frr-stable repository
+    target: /etc/yum.repos.d/frr-stable.repo
+    baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os
+    gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR
+    mirrorlist: absent
+
 profiles::dhcp::server::ntpservers:
  - ntp01.main.unkin.net
  - ntp02.main.unkin.net
--- a/site/profiles/manifests/dhcp/server.pp
+++ b/site/profiles/manifests/dhcp/server.pp
@ -14,34 +14,32 @@ class profiles::dhcp::server (
  Boolean             $empty_local_pool = false
 ){

-  if $facts['enc_role'] == 'roles::infra::dhcp::server' {
-    class { 'dhcp':
-      service_ensure     => running,
-      interfaces         => $interfaces,
-      ntpservers         => $ntpservers,
-      default_lease_time => $default_lease_time,
-      globaloptions      => $globaloptions
-    }
+  class { 'dhcp':
+    service_ensure     => running,
+    interfaces         => $interfaces,
+    ntpservers         => $ntpservers,
+    default_lease_time => $default_lease_time,
+    globaloptions      => $globaloptions
+  }

-    # if pools, import them
-    $pools.each | $name, $data | {
-      dhcp::pool { $name:
-          * => $data,
-      }
+  # if pools, import them
+  $pools.each | $name, $data | {
+    dhcp::pool { $name:
+        * => $data,
    }
+  }

-    # if classes, import them
-    $classes.each | $name, $data | {
-      dhcp::dhcp_class { $name:
-          * => $data,
-      }
+  # if classes, import them
+  $classes.each | $name, $data | {
+    dhcp::dhcp_class { $name:
+        * => $data,
    }
+  }

-    if $empty_local_pool {
-      dhcp::pool {'local':
-        network => $facts['networking']['interfaces'][$network_primary_interface]['network'],
-        mask    => $facts['networking']['interfaces'][$network_primary_interface]['netmask'],
-      }
+  if $empty_local_pool {
+    dhcp::pool {'local':
+      network => $facts['networking']['interfaces'][$network_primary_interface]['network'],
+      mask    => $facts['networking']['interfaces'][$network_primary_interface]['netmask'],
    }
  }
 }
--- a/site/roles/manifests/infra/dhcp/server.pp
+++ b/site/roles/manifests/infra/dhcp/server.pp
@ -6,6 +6,5 @@ class roles::infra::dhcp::server {
  }else{
    include profiles::defaults
    include profiles::base
-    include profiles::dhcp::server
  }
 }