From 166a2d33b844af8e06b3fc38479f44a6955b04cb Mon Sep 17 00:00:00 2001 From: Gregor Michels Date: Thu, 3 Nov 2022 00:15:05 +0100 Subject: [PATCH] new playbook 'playbook_provision_switches' to finally provision switches via ansible. Because we cannot fit python onto the switches we are using the awesome ansible module/role from gekmihesg to still be able to automate this :) https://github.com/gekmihesg/ansible-openwrt --- ansible-inventory | 7 +++-- playbook_provision_switches.yml | 28 ++++++++++++++++++++ templates/switches/etc/config/network | 38 +++++++++++++++++++++++++++ templates/switches/etc/config/system | 16 +++++++++++ 4 files changed, 87 insertions(+), 2 deletions(-) create mode 100644 playbook_provision_switches.yml create mode 100644 templates/switches/etc/config/network create mode 100644 templates/switches/etc/config/system diff --git a/ansible-inventory b/ansible-inventory index cf32b54..53587b2 100644 --- a/ansible-inventory +++ b/ansible-inventory @@ -14,8 +14,8 @@ garet_profile=aruba-ap-105_21.02 garet_release=845a6ba [switches] -sw-access01 ip=10.84.1.11 -sw-access02 ip=10.84.1.12 +sw-access01 ip=10.84.1.11 base_mac=bc:cf:4f:e3:bb:8d +sw-access02 ip=10.84.1.12 base_mac=bc:cf:4f:e3:ac:39 [gateways] gw-core01 ip=10.84.1.1 @@ -38,3 +38,6 @@ mon-e2e-wan01 ip=192.168.0.3 cpus=1 disk=10 memory=256 net='{"net0":"name=e [container:vars] ostemplate=local:vztmpl/debian-11-standard_11.3-1_amd64.tar.zst + +[openwrt:children] +switches diff --git a/playbook_provision_switches.yml b/playbook_provision_switches.yml new file mode 100644 index 0000000..57b110d --- /dev/null +++ b/playbook_provision_switches.yml @@ -0,0 +1,28 @@ +--- +- name: provision switches + hosts: switches + gather_facts: no + roles: + - gekmihesg.openwrt + vars: + - openwrt_install_recommended_packages: no + tasks: + - name: provision /etc/config + template: + src: "{{ item }}" + dest: /etc/config/ + with_fileglob: + - "templates/switches/etc/config/*" + notify: + - "reload {{ item | basename }}" + + handlers: + - name: reload system + service: + name: system + state: reloaded + + - name: reload network + service: + name: network + state: reloaded diff --git a/templates/switches/etc/config/network b/templates/switches/etc/config/network new file mode 100644 index 0000000..b9bdf8c --- /dev/null +++ b/templates/switches/etc/config/network @@ -0,0 +1,38 @@ + +config interface 'loopback' + option device 'lo' + option proto 'static' + option ipaddr '127.0.0.1' + option netmask '255.0.0.0' + +config device 'switch' + option name 'switch' + option type 'bridge' + option macaddr '{{ base_mac }}' + +config bridge-vlan 'mgmt_vlan' + option device 'switch' + option vlan '1' + option ports 'lan1 lan2 lan3 lan4 lan5 lan6 lan7 lan8' + +config device + option name 'switch.1' + option macaddr '{{ base_mac }}' + +config interface 'mgmt' + option device 'switch.1' + option ipaddr '{{ ip }}' + option proto 'static' + option netmask '255.255.255.0' + option gateway '10.84.1.1' + list dns '10.84.1.1' + +config bridge-vlan 'clients_vlan' + option device 'switch' + option vlan '2' + option ports 'lan1:t lan2:t lan3:t lan4:t lan5:t lan6:t lan7:t lan8:t' + +config bridge-vlan 'backoffice_vlan' + option device 'switch' + option vlan '8' + option ports 'lan1:t lan2:t lan3:t lan4:t lan5:t lan6:t lan7:t lan8:t' diff --git a/templates/switches/etc/config/system b/templates/switches/etc/config/system new file mode 100644 index 0000000..54e19b4 --- /dev/null +++ b/templates/switches/etc/config/system @@ -0,0 +1,16 @@ + +config system + option ttylogin '0' + option log_size '64' + option urandom_seed '0' + option timezone 'Europe/Berlin' + option hostname '{{ inventory_hostname }}' + +config timeserver 'ntp' + option enabled '1' + option enable_server '0' + list server '0.openwrt.pool.ntp.org' + list server '1.openwrt.pool.ntp.org' + list server '2.openwrt.pool.ntp.org' + list server '3.openwrt.pool.ntp.org' +