From bd9e08dc24d89266ca66b344e7c1b6e97aeefb6f Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Sat, 21 Jun 2025 23:16:34 +1000 Subject: [PATCH] feat: cleanup hieranodes settings (#321) - migrate hieranodes values to roles yaml - rename anycast ip keys to be similar Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/321 --- .../nodes/ausyd1nxvm2005.main.unkin.net.yaml | 47 ------------------- .../nodes/ausyd1nxvm2006.main.unkin.net.yaml | 47 ------------------- .../nodes/ausyd1nxvm2007.main.unkin.net.yaml | 47 ------------------- .../nodes/ausyd1nxvm2008.main.unkin.net.yaml | 47 ------------------- .../nodes/ausyd1nxvm2009.main.unkin.net.yaml | 47 ------------------- .../nodes/ausyd1nxvm2029.main.unkin.net.yaml | 47 ------------------- .../nodes/ausyd1nxvm2030.main.unkin.net.yaml | 47 ------------------- .../nodes/ausyd1nxvm2031.main.unkin.net.yaml | 47 ------------------- .../nodes/ausyd1nxvm2032.main.unkin.net.yaml | 47 ------------------- .../nodes/ausyd1nxvm2033.main.unkin.net.yaml | 47 ------------------- .../nodes/ausyd1nxvm2034.main.unkin.net.yaml | 47 ------------------- hieradata/roles/infra/dns/master.yaml | 47 +++++++++++++++++++ hieradata/roles/infra/dns/resolver.yaml | 47 +++++++++++++++++++ hieradata/roles/infra/storage/consul.yaml | 47 +++++++++++++++++++ 14 files changed, 141 insertions(+), 517 deletions(-) delete mode 100644 hieradata/nodes/ausyd1nxvm2005.main.unkin.net.yaml delete mode 100644 hieradata/nodes/ausyd1nxvm2006.main.unkin.net.yaml delete mode 100644 hieradata/nodes/ausyd1nxvm2007.main.unkin.net.yaml delete mode 100644 hieradata/nodes/ausyd1nxvm2008.main.unkin.net.yaml delete mode 100644 hieradata/nodes/ausyd1nxvm2009.main.unkin.net.yaml delete mode 100644 hieradata/nodes/ausyd1nxvm2029.main.unkin.net.yaml delete mode 100644 hieradata/nodes/ausyd1nxvm2030.main.unkin.net.yaml delete mode 100644 hieradata/nodes/ausyd1nxvm2031.main.unkin.net.yaml delete mode 100644 hieradata/nodes/ausyd1nxvm2032.main.unkin.net.yaml delete mode 100644 hieradata/nodes/ausyd1nxvm2033.main.unkin.net.yaml delete mode 100644 hieradata/nodes/ausyd1nxvm2034.main.unkin.net.yaml diff --git a/hieradata/nodes/ausyd1nxvm2005.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm2005.main.unkin.net.yaml deleted file mode 100644 index f873956..0000000 --- a/hieradata/nodes/ausyd1nxvm2005.main.unkin.net.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -hiera_include: - - frrouting - -# networking -profiles::consul::server::anycast_ip: 198.18.19.14 -systemd::manage_networkd: true -systemd::manage_all_network_files: true -networking::interfaces: - eth0: - type: physical - forwarding: true - dhcp: true - anycast0: - type: dummy - ipaddress: "%{hiera('profiles::consul::server::anycast_ip')}" - netmask: 255.255.255.255 - mtu: 1500 - -# frrouting -frrouting::ospfd_router_id: "%{facts.networking.ip}" -frrouting::ospfd_redistribute: - - connected -frrouting::ospfd_interfaces: - eth0: - area: 0.0.0.0 - anycast0: - area: 0.0.0.0 -frrouting::daemons: - ospfd: true - -# additional repos -profiles::yum::global::repos: - frr-extras: - name: frr-extras - descr: frr-extras repository - target: /etc/yum.repos.d/frr-extras.repo - baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent - frr-stable: - name: frr-stable - descr: frr-stable repository - target: /etc/yum.repos.d/frr-stable.repo - baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent diff --git a/hieradata/nodes/ausyd1nxvm2006.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm2006.main.unkin.net.yaml deleted file mode 100644 index f873956..0000000 --- a/hieradata/nodes/ausyd1nxvm2006.main.unkin.net.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -hiera_include: - - frrouting - -# networking -profiles::consul::server::anycast_ip: 198.18.19.14 -systemd::manage_networkd: true -systemd::manage_all_network_files: true -networking::interfaces: - eth0: - type: physical - forwarding: true - dhcp: true - anycast0: - type: dummy - ipaddress: "%{hiera('profiles::consul::server::anycast_ip')}" - netmask: 255.255.255.255 - mtu: 1500 - -# frrouting -frrouting::ospfd_router_id: "%{facts.networking.ip}" -frrouting::ospfd_redistribute: - - connected -frrouting::ospfd_interfaces: - eth0: - area: 0.0.0.0 - anycast0: - area: 0.0.0.0 -frrouting::daemons: - ospfd: true - -# additional repos -profiles::yum::global::repos: - frr-extras: - name: frr-extras - descr: frr-extras repository - target: /etc/yum.repos.d/frr-extras.repo - baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent - frr-stable: - name: frr-stable - descr: frr-stable repository - target: /etc/yum.repos.d/frr-stable.repo - baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent diff --git a/hieradata/nodes/ausyd1nxvm2007.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm2007.main.unkin.net.yaml deleted file mode 100644 index f873956..0000000 --- a/hieradata/nodes/ausyd1nxvm2007.main.unkin.net.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -hiera_include: - - frrouting - -# networking -profiles::consul::server::anycast_ip: 198.18.19.14 -systemd::manage_networkd: true -systemd::manage_all_network_files: true -networking::interfaces: - eth0: - type: physical - forwarding: true - dhcp: true - anycast0: - type: dummy - ipaddress: "%{hiera('profiles::consul::server::anycast_ip')}" - netmask: 255.255.255.255 - mtu: 1500 - -# frrouting -frrouting::ospfd_router_id: "%{facts.networking.ip}" -frrouting::ospfd_redistribute: - - connected -frrouting::ospfd_interfaces: - eth0: - area: 0.0.0.0 - anycast0: - area: 0.0.0.0 -frrouting::daemons: - ospfd: true - -# additional repos -profiles::yum::global::repos: - frr-extras: - name: frr-extras - descr: frr-extras repository - target: /etc/yum.repos.d/frr-extras.repo - baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent - frr-stable: - name: frr-stable - descr: frr-stable repository - target: /etc/yum.repos.d/frr-stable.repo - baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent diff --git a/hieradata/nodes/ausyd1nxvm2008.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm2008.main.unkin.net.yaml deleted file mode 100644 index f873956..0000000 --- a/hieradata/nodes/ausyd1nxvm2008.main.unkin.net.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -hiera_include: - - frrouting - -# networking -profiles::consul::server::anycast_ip: 198.18.19.14 -systemd::manage_networkd: true -systemd::manage_all_network_files: true -networking::interfaces: - eth0: - type: physical - forwarding: true - dhcp: true - anycast0: - type: dummy - ipaddress: "%{hiera('profiles::consul::server::anycast_ip')}" - netmask: 255.255.255.255 - mtu: 1500 - -# frrouting -frrouting::ospfd_router_id: "%{facts.networking.ip}" -frrouting::ospfd_redistribute: - - connected -frrouting::ospfd_interfaces: - eth0: - area: 0.0.0.0 - anycast0: - area: 0.0.0.0 -frrouting::daemons: - ospfd: true - -# additional repos -profiles::yum::global::repos: - frr-extras: - name: frr-extras - descr: frr-extras repository - target: /etc/yum.repos.d/frr-extras.repo - baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent - frr-stable: - name: frr-stable - descr: frr-stable repository - target: /etc/yum.repos.d/frr-stable.repo - baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent diff --git a/hieradata/nodes/ausyd1nxvm2009.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm2009.main.unkin.net.yaml deleted file mode 100644 index f873956..0000000 --- a/hieradata/nodes/ausyd1nxvm2009.main.unkin.net.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -hiera_include: - - frrouting - -# networking -profiles::consul::server::anycast_ip: 198.18.19.14 -systemd::manage_networkd: true -systemd::manage_all_network_files: true -networking::interfaces: - eth0: - type: physical - forwarding: true - dhcp: true - anycast0: - type: dummy - ipaddress: "%{hiera('profiles::consul::server::anycast_ip')}" - netmask: 255.255.255.255 - mtu: 1500 - -# frrouting -frrouting::ospfd_router_id: "%{facts.networking.ip}" -frrouting::ospfd_redistribute: - - connected -frrouting::ospfd_interfaces: - eth0: - area: 0.0.0.0 - anycast0: - area: 0.0.0.0 -frrouting::daemons: - ospfd: true - -# additional repos -profiles::yum::global::repos: - frr-extras: - name: frr-extras - descr: frr-extras repository - target: /etc/yum.repos.d/frr-extras.repo - baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent - frr-stable: - name: frr-stable - descr: frr-stable repository - target: /etc/yum.repos.d/frr-stable.repo - baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent diff --git a/hieradata/nodes/ausyd1nxvm2029.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm2029.main.unkin.net.yaml deleted file mode 100644 index ad02274..0000000 --- a/hieradata/nodes/ausyd1nxvm2029.main.unkin.net.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -hiera_include: - - frrouting - -# networking -dns_master_anycast_ip: 198.18.19.15 -systemd::manage_networkd: true -systemd::manage_all_network_files: true -networking::interfaces: - eth0: - type: physical - forwarding: true - dhcp: true - anycast0: - type: dummy - ipaddress: "%{hiera('dns_master_anycast_ip')}" - netmask: 255.255.255.255 - mtu: 1500 - -# frrouting -frrouting::ospfd_router_id: "%{facts.networking.ip}" -frrouting::ospfd_redistribute: - - connected -frrouting::ospfd_interfaces: - eth0: - area: 0.0.0.0 - anycast0: - area: 0.0.0.0 -frrouting::daemons: - ospfd: true - -# additional repos -profiles::yum::global::repos: - frr-extras: - name: frr-extras - descr: frr-extras repository - target: /etc/yum.repos.d/frr-extras.repo - baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent - frr-stable: - name: frr-stable - descr: frr-stable repository - target: /etc/yum.repos.d/frr-stable.repo - baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent diff --git a/hieradata/nodes/ausyd1nxvm2030.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm2030.main.unkin.net.yaml deleted file mode 100644 index ad02274..0000000 --- a/hieradata/nodes/ausyd1nxvm2030.main.unkin.net.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -hiera_include: - - frrouting - -# networking -dns_master_anycast_ip: 198.18.19.15 -systemd::manage_networkd: true -systemd::manage_all_network_files: true -networking::interfaces: - eth0: - type: physical - forwarding: true - dhcp: true - anycast0: - type: dummy - ipaddress: "%{hiera('dns_master_anycast_ip')}" - netmask: 255.255.255.255 - mtu: 1500 - -# frrouting -frrouting::ospfd_router_id: "%{facts.networking.ip}" -frrouting::ospfd_redistribute: - - connected -frrouting::ospfd_interfaces: - eth0: - area: 0.0.0.0 - anycast0: - area: 0.0.0.0 -frrouting::daemons: - ospfd: true - -# additional repos -profiles::yum::global::repos: - frr-extras: - name: frr-extras - descr: frr-extras repository - target: /etc/yum.repos.d/frr-extras.repo - baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent - frr-stable: - name: frr-stable - descr: frr-stable repository - target: /etc/yum.repos.d/frr-stable.repo - baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent diff --git a/hieradata/nodes/ausyd1nxvm2031.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm2031.main.unkin.net.yaml deleted file mode 100644 index ad02274..0000000 --- a/hieradata/nodes/ausyd1nxvm2031.main.unkin.net.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -hiera_include: - - frrouting - -# networking -dns_master_anycast_ip: 198.18.19.15 -systemd::manage_networkd: true -systemd::manage_all_network_files: true -networking::interfaces: - eth0: - type: physical - forwarding: true - dhcp: true - anycast0: - type: dummy - ipaddress: "%{hiera('dns_master_anycast_ip')}" - netmask: 255.255.255.255 - mtu: 1500 - -# frrouting -frrouting::ospfd_router_id: "%{facts.networking.ip}" -frrouting::ospfd_redistribute: - - connected -frrouting::ospfd_interfaces: - eth0: - area: 0.0.0.0 - anycast0: - area: 0.0.0.0 -frrouting::daemons: - ospfd: true - -# additional repos -profiles::yum::global::repos: - frr-extras: - name: frr-extras - descr: frr-extras repository - target: /etc/yum.repos.d/frr-extras.repo - baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent - frr-stable: - name: frr-stable - descr: frr-stable repository - target: /etc/yum.repos.d/frr-stable.repo - baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent diff --git a/hieradata/nodes/ausyd1nxvm2032.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm2032.main.unkin.net.yaml deleted file mode 100644 index 69fc05d..0000000 --- a/hieradata/nodes/ausyd1nxvm2032.main.unkin.net.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -hiera_include: - - frrouting - -# networking -dns_resolver_anycast_ip: 198.18.19.16 -systemd::manage_networkd: true -systemd::manage_all_network_files: true -networking::interfaces: - eth0: - type: physical - forwarding: true - dhcp: true - anycast0: - type: dummy - ipaddress: "%{hiera('dns_resolver_anycast_ip')}" - netmask: 255.255.255.255 - mtu: 1500 - -# frrouting -frrouting::ospfd_router_id: "%{facts.networking.ip}" -frrouting::ospfd_redistribute: - - connected -frrouting::ospfd_interfaces: - eth0: - area: 0.0.0.0 - anycast0: - area: 0.0.0.0 -frrouting::daemons: - ospfd: true - -# additional repos -profiles::yum::global::repos: - frr-extras: - name: frr-extras - descr: frr-extras repository - target: /etc/yum.repos.d/frr-extras.repo - baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent - frr-stable: - name: frr-stable - descr: frr-stable repository - target: /etc/yum.repos.d/frr-stable.repo - baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent diff --git a/hieradata/nodes/ausyd1nxvm2033.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm2033.main.unkin.net.yaml deleted file mode 100644 index 69fc05d..0000000 --- a/hieradata/nodes/ausyd1nxvm2033.main.unkin.net.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -hiera_include: - - frrouting - -# networking -dns_resolver_anycast_ip: 198.18.19.16 -systemd::manage_networkd: true -systemd::manage_all_network_files: true -networking::interfaces: - eth0: - type: physical - forwarding: true - dhcp: true - anycast0: - type: dummy - ipaddress: "%{hiera('dns_resolver_anycast_ip')}" - netmask: 255.255.255.255 - mtu: 1500 - -# frrouting -frrouting::ospfd_router_id: "%{facts.networking.ip}" -frrouting::ospfd_redistribute: - - connected -frrouting::ospfd_interfaces: - eth0: - area: 0.0.0.0 - anycast0: - area: 0.0.0.0 -frrouting::daemons: - ospfd: true - -# additional repos -profiles::yum::global::repos: - frr-extras: - name: frr-extras - descr: frr-extras repository - target: /etc/yum.repos.d/frr-extras.repo - baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent - frr-stable: - name: frr-stable - descr: frr-stable repository - target: /etc/yum.repos.d/frr-stable.repo - baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent diff --git a/hieradata/nodes/ausyd1nxvm2034.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm2034.main.unkin.net.yaml deleted file mode 100644 index 69fc05d..0000000 --- a/hieradata/nodes/ausyd1nxvm2034.main.unkin.net.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -hiera_include: - - frrouting - -# networking -dns_resolver_anycast_ip: 198.18.19.16 -systemd::manage_networkd: true -systemd::manage_all_network_files: true -networking::interfaces: - eth0: - type: physical - forwarding: true - dhcp: true - anycast0: - type: dummy - ipaddress: "%{hiera('dns_resolver_anycast_ip')}" - netmask: 255.255.255.255 - mtu: 1500 - -# frrouting -frrouting::ospfd_router_id: "%{facts.networking.ip}" -frrouting::ospfd_redistribute: - - connected -frrouting::ospfd_interfaces: - eth0: - area: 0.0.0.0 - anycast0: - area: 0.0.0.0 -frrouting::daemons: - ospfd: true - -# additional repos -profiles::yum::global::repos: - frr-extras: - name: frr-extras - descr: frr-extras repository - target: /etc/yum.repos.d/frr-extras.repo - baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent - frr-stable: - name: frr-stable - descr: frr-stable repository - target: /etc/yum.repos.d/frr-stable.repo - baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os - gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR - mirrorlist: absent diff --git a/hieradata/roles/infra/dns/master.yaml b/hieradata/roles/infra/dns/master.yaml index c83c101..ddd92d0 100644 --- a/hieradata/roles/infra/dns/master.yaml +++ b/hieradata/roles/infra/dns/master.yaml @@ -1,4 +1,7 @@ --- +hiera_include: + - frrouting + profiles::dns::master::ns_role: roles::infra::dns::master profiles::dns::master::use_ns: region profiles::dns::master::acls: @@ -151,3 +154,47 @@ profiles::dns::master::keys: secret_bits: 512 algorithm: hmac-sha256 secret: "%{lookup('profiles::dns::master::secret')}" + +# networking +anycast_ip: 198.18.19.15 +systemd::manage_networkd: true +systemd::manage_all_network_files: true +networking::interfaces: + eth0: + type: physical + forwarding: true + dhcp: true + anycast0: + type: dummy + ipaddress: "%{hiera('anycast_ip')}" + netmask: 255.255.255.255 + mtu: 1500 + +# frrouting +frrouting::ospfd_router_id: "%{facts.networking.ip}" +frrouting::ospfd_redistribute: + - connected +frrouting::ospfd_interfaces: + eth0: + area: 0.0.0.0 + anycast0: + area: 0.0.0.0 +frrouting::daemons: + ospfd: true + +# additional repos +profiles::yum::global::repos: + frr-extras: + name: frr-extras + descr: frr-extras repository + target: /etc/yum.repos.d/frr-extras.repo + baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os + gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR + mirrorlist: absent + frr-stable: + name: frr-stable + descr: frr-stable repository + target: /etc/yum.repos.d/frr-stable.repo + baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os + gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR + mirrorlist: absent diff --git a/hieradata/roles/infra/dns/resolver.yaml b/hieradata/roles/infra/dns/resolver.yaml index e9adbdf..c70ee5e 100644 --- a/hieradata/roles/infra/dns/resolver.yaml +++ b/hieradata/roles/infra/dns/resolver.yaml @@ -1,4 +1,7 @@ --- +hiera_include: + - frrouting + profiles::dns::resolver::acls: acl-main.unkin.net: addresses: @@ -202,3 +205,47 @@ profiles::dns::resolver::views: - acl-nomad-jobs - acl-common - acl-dmz + +# networking +anycast_ip: 198.18.19.16 +systemd::manage_networkd: true +systemd::manage_all_network_files: true +networking::interfaces: + eth0: + type: physical + forwarding: true + dhcp: true + anycast0: + type: dummy + ipaddress: "%{hiera('anycast_ip')}" + netmask: 255.255.255.255 + mtu: 1500 + +# frrouting +frrouting::ospfd_router_id: "%{facts.networking.ip}" +frrouting::ospfd_redistribute: + - connected +frrouting::ospfd_interfaces: + eth0: + area: 0.0.0.0 + anycast0: + area: 0.0.0.0 +frrouting::daemons: + ospfd: true + +# additional repos +profiles::yum::global::repos: + frr-extras: + name: frr-extras + descr: frr-extras repository + target: /etc/yum.repos.d/frr-extras.repo + baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os + gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR + mirrorlist: absent + frr-stable: + name: frr-stable + descr: frr-stable repository + target: /etc/yum.repos.d/frr-stable.repo + baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os + gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR + mirrorlist: absent diff --git a/hieradata/roles/infra/storage/consul.yaml b/hieradata/roles/infra/storage/consul.yaml index 3df5db8..cccf369 100644 --- a/hieradata/roles/infra/storage/consul.yaml +++ b/hieradata/roles/infra/storage/consul.yaml @@ -1,4 +1,7 @@ --- +hiera_include: + - frrouting + profiles::consul::server::members_lookup: true profiles::consul::server::data_dir: /data/consul profiles::consul::server::addresses: @@ -96,3 +99,47 @@ profiles::consul::prepared_query::rules: service_failover_n: 3 service_only_passing: true ttl: 10 + +# networking +profiles::consul::server::anycast_ip: 198.18.19.14 +systemd::manage_networkd: true +systemd::manage_all_network_files: true +networking::interfaces: + eth0: + type: physical + forwarding: true + dhcp: true + anycast0: + type: dummy + ipaddress: "%{hiera('profiles::consul::server::anycast_ip')}" + netmask: 255.255.255.255 + mtu: 1500 + +# frrouting +frrouting::ospfd_router_id: "%{facts.networking.ip}" +frrouting::ospfd_redistribute: + - connected +frrouting::ospfd_interfaces: + eth0: + area: 0.0.0.0 + anycast0: + area: 0.0.0.0 +frrouting::daemons: + ospfd: true + +# additional repos +profiles::yum::global::repos: + frr-extras: + name: frr-extras + descr: frr-extras repository + target: /etc/yum.repos.d/frr-extras.repo + baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os + gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR + mirrorlist: absent + frr-stable: + name: frr-stable + descr: frr-stable repository + target: /etc/yum.repos.d/frr-stable.repo + baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os + gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR + mirrorlist: absent