unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: unkin:2559d42d35de40ea32799c8e219ff5f4ec3805ad
Branches Tags
unkin:develop
unkin:benvin/rke2_upgrade
unkin:benvin/artifactapi_repos
unkin:benvin/hiera_data_hash
unkin:benvin/openbao_audit_devices
unkin:benvin/backend_dovecot
unkin:benvin/exporter_ip_loopback
unkin:benvin/k8s_control
unkin:neoloc/k8s
unkin:neoloc/ceph
unkin:neoloc/mpls_mpbgp_rr
unkin:neoloc/firewall
unkin:neoloc/includegroups
unkin:neoloc/exportarr
unkin:neoloc/authproxy
unkin:neoloc/openldap
unkin:neoloc/puppetdb_ssl
unkin:master
..
compare: unkin:a06b08e78b6a4a138520c2c985c3f6da577863c8
Branches Tags
unkin:develop
unkin:benvin/rke2_upgrade
unkin:benvin/artifactapi_repos
unkin:benvin/hiera_data_hash
unkin:benvin/openbao_audit_devices
unkin:benvin/backend_dovecot
unkin:benvin/exporter_ip_loopback
unkin:benvin/k8s_control
unkin:neoloc/k8s
unkin:neoloc/ceph
unkin:neoloc/mpls_mpbgp_rr
unkin:neoloc/firewall
unkin:neoloc/includegroups
unkin:neoloc/exportarr
unkin:neoloc/authproxy
unkin:neoloc/openldap
unkin:neoloc/puppetdb_ssl
unkin:master

3 Commits
2559d42d35 ... a06b08e78b

Author SHA1 Message Date
Ben Vincent
a06b08e78b feat: adding rke2 
- manage rke2 repos
- add rke2 module (init, params, install, config, service)
- exclude setting ips for cilium interfaces
- split roles::infra::k8s::node -> control/compute roles
- add bootstrap_node, manage server and token fields in rke2 config
 2025-09-07 16:13:51 +10:00
Ben Vincent
0665873dc8 feat: update ospf source for learned routes (#388) 
- enable changing the source address for learned ospf routes
- this enables the loopback0 interface to be used as a default src address
- ensure k8s nodes use loopback0 as default src
- ensure incus nodes use loopback0 as default src

Reviewed-on: #388
 2025-09-07 16:09:21 +10:00
Ben Vincent
ae4eb3a5eb fix: set loopback0 as source for consul (#387) 
- fix consul service checks for prodnxsr0001-0008
- ensure the loopback0 interface whats bound too

Reviewed-on: #387
 2025-09-07 15:48:27 +10:00
5 changed files with 17 additions and 0 deletions
Show Stats Expand all files Collapse all files

2
hieradata/roles/infra/incus/node.yaml
View File

@ -158,6 +158,8 @@ networking::interfaces:
# frrouting # frrouting
exporters::frr_exporter::enable: true exporters::frr_exporter::enable: true
frrouting::ospfd_router_id: "%{hiera('networking_loopback0_ip')}" frrouting::ospfd_router_id: "%{hiera('networking_loopback0_ip')}"
frrouting::ospf_preferred_source_enable: true
frrouting::ospf_preferred_source: "%{hiera('networking_loopback0_ip')}"
frrouting::ospfd_redistribute: frrouting::ospfd_redistribute:
- connected - connected
frrouting::ospfd_interfaces: frrouting::ospfd_interfaces:

2
hieradata/roles/infra/k8s/control.yaml
View File

@ -163,6 +163,8 @@ profiles::consul::client::node_rules:
# frrouting # frrouting
exporters::frr_exporter::enable: true exporters::frr_exporter::enable: true
frrouting::ospfd_router_id: "%{hiera('networking_loopback0_ip')}" frrouting::ospfd_router_id: "%{hiera('networking_loopback0_ip')}"
frrouting::ospf_preferred_source_enable: true
frrouting::ospf_preferred_source: "%{hiera('networking_loopback0_ip')}"
frrouting::ospfd_redistribute: frrouting::ospfd_redistribute:
- connected - connected
frrouting::ospfd_interfaces: frrouting::ospfd_interfaces:

3
hieradata/roles/infra/k8s/node.yaml
View File

@ -125,6 +125,7 @@ networking::interfaces:
mtu: 1500 mtu: 1500
# configure consul service # configure consul service
profiles::consul::client::host_addr: "%{hiera('networking_loopback0_ip')}"
consul::services: consul::services:
api-k8s: api-k8s:
service_name: 'api-k8s' service_name: 'api-k8s'
@ -162,6 +163,8 @@ profiles::consul::client::node_rules:
# frrouting # frrouting
exporters::frr_exporter::enable: true exporters::frr_exporter::enable: true
frrouting::ospfd_router_id: "%{hiera('networking_loopback0_ip')}" frrouting::ospfd_router_id: "%{hiera('networking_loopback0_ip')}"
frrouting::ospf_preferred_source_enable: true
frrouting::ospf_preferred_source: "%{hiera('networking_loopback0_ip')}"
frrouting::ospfd_redistribute: frrouting::ospfd_redistribute:
- connected - connected
frrouting::ospfd_interfaces: frrouting::ospfd_interfaces:

2
modules/frrouting/manifests/init.pp
View File

@ -14,6 +14,8 @@ class frrouting (
Optional[String] $mpls_ldp_router_id = undef, Optional[String] $mpls_ldp_router_id = undef,
Optional[String] $mpls_ldp_transport_addr = undef, Optional[String] $mpls_ldp_transport_addr = undef,
Array[String] $mpls_ldp_interfaces = [], Array[String] $mpls_ldp_interfaces = [],
Boolean $ospf_preferred_source_enable = false,
Optional[Stdlib::IP::Address] $ospf_preferred_source = undef,
) { ) {
$daemons_defaults = { $daemons_defaults = {

8
modules/frrouting/templates/frr.conf.erb
View File

@ -43,3 +43,11 @@ mpls ldp
exit-address-family exit-address-family
exit exit
<% end -%> <% end -%>
<% if @ospf_preferred_source_enable && @ospf_preferred_source -%>
ip prefix-list ANY seq 5 permit 0.0.0.0/0 le 32
route-map OSPF-SRC permit 10
match ip address prefix-list ANY
set src <%= @ospf_preferred_source %>
exit
ip protocol ospf route-map OSPF-SRC
<% end -%>