From f970dfa3fe25240092e16ab4112122eff08f4678 Mon Sep 17 00:00:00 2001 From: Aleksandr Kurbatov <aleksandr.kurbatov@GL1342.local> Date: Fri, 7 Jun 2024 21:29:20 +0100 Subject: [PATCH] ibgp_update: add functionality for validation workflow --- .../roles/ibgp_update/tasks/deploy.yaml | 12 +++-- .../roles/ibgp_update/tasks/main.yml | 3 +- .../templates/nokia/add_pe_to_p.j2 | 4 +- .../templates/nokia/verify_p_ibgp.j2 | 51 +++++++++++++++++++ .../roles/ibgp_update/vars/main.yml | 2 + 5 files changed, 64 insertions(+), 8 deletions(-) create mode 100644 geant/gap_ansible/roles/ibgp_update/templates/nokia/verify_p_ibgp.j2 diff --git a/geant/gap_ansible/roles/ibgp_update/tasks/deploy.yaml b/geant/gap_ansible/roles/ibgp_update/tasks/deploy.yaml index 0cabfe6d..26e38d19 100644 --- a/geant/gap_ansible/roles/ibgp_update/tasks/deploy.yaml +++ b/geant/gap_ansible/roles/ibgp_update/tasks/deploy.yaml @@ -30,17 +30,19 @@ commit: true validate: true diff: true + register: output check_mode: true when: > ( dry_run | ansible.builtin.bool ) is true and vendor == "nokia" -- name: Validation succeeded - ansible.builtin.debug: - msg: "Base config has been validated against the router and no syntax errors were found" +- name: Fail if there is any diff + ansible.builtin.fail: + msg: iBGP configuration drifted!!! when: > - ( dry_run | ansible.builtin.bool ) is true and - vendor == "nokia" + output.changed | ansible.builtin.bool + and + is_verification_workflow | ansible.builtin.bool - name: Update iBGP mesh ["{{ verb }}"] on "{{ inventory_hostname }}" [AND COMMIT][NOKIA] diff --git a/geant/gap_ansible/roles/ibgp_update/tasks/main.yml b/geant/gap_ansible/roles/ibgp_update/tasks/main.yml index 99c9c615..3fe51947 100644 --- a/geant/gap_ansible/roles/ibgp_update/tasks/main.yml +++ b/geant/gap_ansible/roles/ibgp_update/tasks/main.yml @@ -29,7 +29,8 @@ - name: Include PE into P tasks if selected ansible.builtin.include_tasks: add_pe_to_p.yaml - when: verb == "add_pe_to_p" + when: > + verb in [ "add_pe_to_p", "verify_p_ibgp" ] - name: Check status of iBGP on P router ansible.builtin.include_tasks: check_p_ibgp.yaml diff --git a/geant/gap_ansible/roles/ibgp_update/templates/nokia/add_pe_to_p.j2 b/geant/gap_ansible/roles/ibgp_update/templates/nokia/add_pe_to_p.j2 index ef53ae4b..2b9528d8 100644 --- a/geant/gap_ansible/roles/ibgp_update/templates/nokia/add_pe_to_p.j2 +++ b/geant/gap_ansible/roles/ibgp_update/templates/nokia/add_pe_to_p.j2 @@ -4,12 +4,12 @@ <router-name>Base</router-name> <bgp> {% for pe_fqdn, pe_ipadd in pe_router_list.items() %} - <neighbor xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes"> + <neighbor xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes" alu:operation="replace"> <ip-address>{{ pe_ipadd.lo4 }}</ip-address> <description>{{ pe_fqdn }}</description> <group>iGEANT-P-ONLY</group> </neighbor> - <neighbor xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes"> + <neighbor xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes" alu:operation="replace"> <ip-address>{{ pe_ipadd.lo6 }}</ip-address> <description>{{ pe_fqdn }}</description> <group>iGEANT6-P-ONLY</group> diff --git a/geant/gap_ansible/roles/ibgp_update/templates/nokia/verify_p_ibgp.j2 b/geant/gap_ansible/roles/ibgp_update/templates/nokia/verify_p_ibgp.j2 new file mode 100644 index 00000000..3c30bba2 --- /dev/null +++ b/geant/gap_ansible/roles/ibgp_update/templates/nokia/verify_p_ibgp.j2 @@ -0,0 +1,51 @@ + +<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:alu="urn:ietf:params:xml:ns:netconf:base:1.0"> + <configure xmlns="urn:nokia.com:sros:ns:yang:sr:conf"> + <router> + <router-name>Base</router-name> + <bgp xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes" alu:operation="replace"> + <error-handling alu:operation="replace"> + <update-fault-tolerance>true</update-fault-tolerance> + </error-handling> + <local-as alu:operation="replace"> + <as-number>{{ geant_re_as_number }}</as-number> + </local-as> + <group alu:operation="replace"> + <group-name>iGEANT-P-ONLY</group-name> + <admin-state>enable</admin-state> + <next-hop-self>true</next-hop-self> + <type>internal</type> + <peer-as>{{ geant_re_as_number }}</peer-as> + <capability-negotiation>true</capability-negotiation> + <local-address>{{ subscription.router.router_lo_ipv4_address }}</local-address> + <family> + <mcast-ipv4>true</mcast-ipv4> + </family> + </group> + <group alu:operation="replace"> + <group-name>iGEANT6-P-ONLY</group-name> + <next-hop-self>true</next-hop-self> + <type>internal</type> + <peer-as>{{ geant_re_as_number }}</peer-as> + <capability-negotiation>true</capability-negotiation> + <local-address>{{ subscription.router.router_lo_ipv6_address }}</local-address> + <family> + <mcast-ipv6>true</mcast-ipv6> + </family> + </group> + {% for pe_fqdn, pe_ipadd in pe_router_list.items() %} + <neighbor xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes" alu:operation="replace"> + <ip-address>{{ pe_ipadd.lo4 }}</ip-address> + <description>{{ pe_fqdn }}</description> + <group>iGEANT-P-ONLY</group> + </neighbor> + <neighbor xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes" alu:operation="replace"> + <ip-address>{{ pe_ipadd.lo6 }}</ip-address> + <description>{{ pe_fqdn }}</description> + <group>iGEANT6-P-ONLY</group> + </neighbor> + {% endfor %} + </bgp> + </router> + </configure> +</config> diff --git a/geant/gap_ansible/roles/ibgp_update/vars/main.yml b/geant/gap_ansible/roles/ibgp_update/vars/main.yml index 554323f9..e118a3ef 100644 --- a/geant/gap_ansible/roles/ibgp_update/vars/main.yml +++ b/geant/gap_ansible/roles/ibgp_update/vars/main.yml @@ -1,10 +1,12 @@ --- # vars file for ibg_update dry_run: "True" +is_verification_workflow: false verbs: - add_pe_to_p # Adds all the existing PEs in the P-GROUP on the newly installed P - add_p_to_pe # Adds the newly installed P to the P-GROUP in all the existing PEs - check_p_ibgp + - verify_p_ibgp # Validates the config of BGP stanza including neighbors - remove_p_from_pe # placeholder for future use | Removes the P that is going to be promoted to PE from the P-GROUP on all PEs - add_pe_to_pe # placeholder for future use | Adds the newly installed PE (could be an EX-P or a new PE) to the PE-GROUP on all the other PEs - add_new_pe_to_p # placeholder for future use | Adds the newly installed PE (could be an EX-P or a new PE) the P-GROUP on all the Ps -- GitLab