From a5891f7478d0d77491783c1faddf8452e508fabf Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Mon, 24 Mar 2025 23:17:10 +0000
Subject: [PATCH 01/12] l2circuit role and playbook - initial commit
---
geant/gap_ansible/playbooks/l2circuit.yaml | 47 +++++++++++++++++++
geant/gap_ansible/roles/l2circuits/README.md | 29 ++++++++++++
.../roles/l2circuits/defaults/main.yml | 3 ++
.../roles/l2circuits/handlers/main.yml | 3 ++
.../roles/l2circuits/meta/main.yml | 37 +++++++++++++++
.../roles/l2circuits/tasks/compile.yaml | 15 ++++++
.../l2circuits/tasks/connection_tasks.yaml | 16 +++++++
.../roles/l2circuits/tasks/main.yml | 20 ++++++++
.../roles/l2circuits/tasks/merge_vars.yaml | 11 +++++
.../roles/l2circuits/tasks/push_config.yaml | 16 +++++++
.../templates/juniper/deploy/l2circuit.j2 | 0
.../templates/nokia/deploy/l2circuit.j2 | 35 ++++++++++++++
.../roles/l2circuits/vars/main.yml | 11 +++++
13 files changed, 243 insertions(+)
create mode 100644 geant/gap_ansible/playbooks/l2circuit.yaml
create mode 100644 geant/gap_ansible/roles/l2circuits/README.md
create mode 100644 geant/gap_ansible/roles/l2circuits/defaults/main.yml
create mode 100644 geant/gap_ansible/roles/l2circuits/handlers/main.yml
create mode 100644 geant/gap_ansible/roles/l2circuits/meta/main.yml
create mode 100644 geant/gap_ansible/roles/l2circuits/tasks/compile.yaml
create mode 100644 geant/gap_ansible/roles/l2circuits/tasks/connection_tasks.yaml
create mode 100644 geant/gap_ansible/roles/l2circuits/tasks/main.yml
create mode 100644 geant/gap_ansible/roles/l2circuits/tasks/merge_vars.yaml
create mode 100644 geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml
create mode 100644 geant/gap_ansible/roles/l2circuits/templates/juniper/deploy/l2circuit.j2
create mode 100644 geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
create mode 100644 geant/gap_ansible/roles/l2circuits/vars/main.yml
diff --git a/geant/gap_ansible/playbooks/l2circuit.yaml b/geant/gap_ansible/playbooks/l2circuit.yaml
new file mode 100644
index 00000000..b6190bf1
--- /dev/null
+++ b/geant/gap_ansible/playbooks/l2circuit.yaml
@@ -0,0 +1,47 @@
+- name: Manage L2circuits
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Generate an ID for this run
+ ansible.builtin.set_fact:
+ opid: "{{ lookup('community.general.random_string', length=18, special=false) }}"
+
+ - name: Print the ID
+ ansible.builtin.debug:
+ msg: "{{ opid }}"
+
+ - name: Create a folder for all compiled output
+ ansible.builtin.file:
+ path: "/var/tmp/ansible_run_{{ opid }}"
+ state: directory
+ mode: "0755"
+ delegate_to: localhost
+
+ - name: Import group_vars/all
+ ansible.builtin.include_vars:
+ dir: /opt/ansible_inventory/group_vars/all
+
+ - name: Import standard variables for "{{ subscription.product.product_type }}/{{ subscription.layer_2_circuit_service_type | upper | replace(' ', '_') }}"
+ ansible.builtin.include_vars:
+ dir: /opt/ansible_inventory/geant_services/{{ subscription.product.product_type }}/{{ subscription.layer_2_circuit_service_type | upper | replace(' ', '_') }}
+ #
+ # - name: Import group_vars/routers
+ # ansible.builtin.include_vars:
+ # dir: /opt/ansible_inventory/group_vars/routers
+
+ - name: Include l2circuit role
+ ansible.builtin.include_role:
+ name: l2circuits
+ loop: "{{ subscription.layer_2_circuit.layer_2_circuit_sides }}"
+ loop_control:
+ loop_var: l2c_side
+
+ # - name: Deploy
+ # # when: verb == deploy
+ # block:
+ # - name: Include deployment role
+ # ansible.builtin.include_role:
+ # name: deploy_service_config
+ # loop: "{{ subscription.layer_2_circuit.layer_2_circuit_sides }}"
+ # loop_control:
+ # loop_var: l2c_side
diff --git a/geant/gap_ansible/roles/l2circuits/README.md b/geant/gap_ansible/roles/l2circuits/README.md
new file mode 100644
index 00000000..cc977fe5
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/README.md
@@ -0,0 +1,29 @@
+# Role Name
+
+Role to manage l2circuits/epipes in multivendor network.
+
+## Requirements
+
+GEANT custom netconf module with Nokia "commit_comment" and "config_mode" features.
+
+## Role Variables
+
+- vars/main.yaml
+- external inventory (group_vars)
+- orchestrator (GSO)
+
+## Dependencies
+
+n/a
+
+## Example Playbook
+
+Role is supposed to be driven by GSO.
+
+## License
+
+MIT
+
+## Author Information
+
+A. Kurbatov, S. Spinelli. GEANT Orchestration and Automation Team (GOAT).
diff --git a/geant/gap_ansible/roles/l2circuits/defaults/main.yml b/geant/gap_ansible/roles/l2circuits/defaults/main.yml
new file mode 100644
index 00000000..d2434bbb
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/defaults/main.yml
@@ -0,0 +1,3 @@
+#SPDX-License-Identifier: MIT-0
+---
+# defaults file for l2ciruits
diff --git a/geant/gap_ansible/roles/l2circuits/handlers/main.yml b/geant/gap_ansible/roles/l2circuits/handlers/main.yml
new file mode 100644
index 00000000..3c33c1b4
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/handlers/main.yml
@@ -0,0 +1,3 @@
+#SPDX-License-Identifier: MIT-0
+---
+# handlers file for l2ciruits
diff --git a/geant/gap_ansible/roles/l2circuits/meta/main.yml b/geant/gap_ansible/roles/l2circuits/meta/main.yml
new file mode 100644
index 00000000..fca8e2db
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/meta/main.yml
@@ -0,0 +1,37 @@
+#SPDX-License-Identifier: MIT-0
+galaxy_info:
+ author: A. Kurbatov
+ description: GEANT Orchestration and Automation Team
+ company: GEANT
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Choose a valid license ID from https://spdx.org - some suggested licenses:
+ # - BSD-3-Clause (default)
+ # - MIT
+ # - GPL-2.0-or-later
+ # - GPL-3.0-only
+ # - Apache-2.0
+ # - CC-BY-4.0
+ license: MIT
+
+ min_ansible_version: "2.10"
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ galaxy_tags:
+ - network
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies:
+ []
+ # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+ # if you add dependencies to this list.
diff --git a/geant/gap_ansible/roles/l2circuits/tasks/compile.yaml b/geant/gap_ansible/roles/l2circuits/tasks/compile.yaml
new file mode 100644
index 00000000..86f50fbb
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/tasks/compile.yaml
@@ -0,0 +1,15 @@
+---
+- name: Set ansible host to localhost to compile template
+ ansible.builtin.set_fact:
+ ansible_host: "localhost"
+ ansible_connection: local
+
+- name: Print the template in "/var/tmp/ansible_run_{{ opid }}/{{ l2circuits_fqdn }}_l2c.conf"
+ # when: verb in ["deploy", "update", "terminate"]
+ ansible.builtin.template:
+ src: "{{ l2circuits_vendor }}/{{ verb }}/l2circuit.j2"
+ dest: "/var/tmp/ansible_run_{{ opid }}/{{ l2circuits_fqdn }}_l2c.conf"
+ lstrip_blocks: true
+ trim_blocks: true
+ mode: "0755"
+ delegate_to: localhost
diff --git a/geant/gap_ansible/roles/l2circuits/tasks/connection_tasks.yaml b/geant/gap_ansible/roles/l2circuits/tasks/connection_tasks.yaml
new file mode 100644
index 00000000..22de00d9
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/tasks/connection_tasks.yaml
@@ -0,0 +1,16 @@
+---
+- name: Set ansible_host to terminal server when router is offline
+ ansible.builtin.set_fact:
+ ansible_host: "{{ l2circuits_router.router_site.site_ts_address }}"
+ ansible_port: "{{ l2circuits_router.router_ts_port }}"
+ when: l2circuits_router.router_access_via_ts | ansible.builtin.bool
+
+- name: Set ansible_host back to the {{ inventory_hostname }}
+ when: not l2circuits_router.router_access_via_ts | ansible.builtin.bool
+ ansible.builtin.set_fact:
+ ansible_host: "{{ inventory_hostname }}"
+
+- name: Load netconf connection config
+ ansible.builtin.set_fact:
+ ansible_connection: "{{ netconf_access[l2circuits_router.vendor].ansible_connection }}"
+ ansible_network_os: "{{ netconf_access[l2circuits_router.vendor].ansible_network_os }}"
diff --git a/geant/gap_ansible/roles/l2circuits/tasks/main.yml b/geant/gap_ansible/roles/l2circuits/tasks/main.yml
new file mode 100644
index 00000000..f1bcf186
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/tasks/main.yml
@@ -0,0 +1,20 @@
+---
+# - name: Print l2c_side
+# when: inventory_hostname == l2circuits_fqdn
+# ansible.builtin.debug:
+# var: l2c_side
+
+- name: Produce the config for the current l2circuit endpoint
+ when: inventory_hostname == l2circuits_fqdn
+ block:
+ - name: Merge vars
+ ansible.builtin.include_tasks: merge_vars.yaml
+
+ - name: Compile template
+ ansible.builtin.include_tasks: compile.yaml
+
+ - name: Include connecion tasks
+ ansible.builtin.include_tasks: connection_tasks.yaml
+
+ - name: Push config to the router
+ ansible.builtin.include_tasks: push_config.yaml
diff --git a/geant/gap_ansible/roles/l2circuits/tasks/merge_vars.yaml b/geant/gap_ansible/roles/l2circuits/tasks/merge_vars.yaml
new file mode 100644
index 00000000..cc7bb19c
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/tasks/merge_vars.yaml
@@ -0,0 +1,11 @@
+---
+- name: Load info for the remote l2circuit endpoint
+ ansible.builtin.set_fact:
+ remote_side: "{{ subscription | community.general.json_query(qry) }}"
+ vars:
+ qry: "layer_2_circuit.layer_2_circuit_sides[?sbp.edge_port.node.router_fqdn != '{{ inventory_hostname }}'] | [0]"
+
+- name: Calculate SDP to use locally
+ ansible.builtin.set_fact:
+ sdp_id: "{{ remote_side.sbp.edge_port.node.router_lo_ipv4_address |
+ replace(sdp_prefix_regex, '') | replace('.', '') + l2circuits_sdp_type }}"
diff --git a/geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml b/geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml
new file mode 100644
index 00000000..79c30566
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml
@@ -0,0 +1,16 @@
+---
+- name: Config deploy [CHECK ONLY][NOKIA]
+ when: >
+ dry_run | ansible.builtin.bool
+ and
+ l2circuits_vendor == "nokia"
+ geant.gap_ansible.nokia_netconf_config:
+ format: xml
+ default_operation: merge
+ content: "{{ lookup('ansible.builtin.file', '/var/tmp/ansible_run_{{ opid }}/{{ l2circuits_fqdn }}_l2c.conf') }}"
+ commit: true
+ validate: true
+ config_mode: private
+ diff: true
+ register: output
+ check_mode: true
diff --git a/geant/gap_ansible/roles/l2circuits/templates/juniper/deploy/l2circuit.j2 b/geant/gap_ansible/roles/l2circuits/templates/juniper/deploy/l2circuit.j2
new file mode 100644
index 00000000..e69de29b
diff --git a/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2 b/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
new file mode 100644
index 00000000..32c73f88
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
@@ -0,0 +1,35 @@
+{#{% if l2circuits_is_standalone_run %}#}
+<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:alu="urn:ietf:params:xml:ns:netconf:base:1.0">
+ <configure xmlns="urn:nokia.com:sros:ns:yang:sr:conf">
+{#{% endif %}#}
+
+<service xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
+ <epipe>
+ <service-name>EPIPE:{{ l2circuits_l2c_vcid }}</service-name>
+ <admin-state>enable</admin-state>
+ <description>SRV_L2CIRCUIT CUSTOMER BELNET GRNET #FED4FIRE-00669 $GS-00669</description>
+ <service-id>{{ l2circuits_l2c_vcid }}</service-id>
+ <customer>1</customer>
+ <vpn-id>{{ l2circuits_l2c_vcid }}</vpn-id>
+ <service-mtu>{{ service_mtu.nokia }}</service-mtu>
+ <ignore-l2vpn-mtu-mismatch>false</ignore-l2vpn-mtu-mismatch>
+ <spoke-sdp>
+ <sdp-bind-id>{{ sdp_id }}:{{ l2circuits_l2c_vcid }}</sdp-bind-id>
+ <admin-state>enable</admin-state>
+ <control-word>true</control-word>
+ <vc-type>{{ 'ether' if l2circuits_l2c_type == 'Ethernet' else 'vlan' }}</vc-type>
+ <pw-status>
+ <signaling>true</signaling>
+ </pw-status>
+ </spoke-sdp>
+ <sap>
+ <sap-id>{{ l2circuits_lag_name }}:{{ l2circuits_vlan }}</sap-id>
+ <admin-state>enable</admin-state>
+ </sap>
+ </epipe>
+</service>
+
+{#{% if l2circuits_is_standalone_run %}#}
+ </configure>
+</config>
+{#{% endif %}#}
diff --git a/geant/gap_ansible/roles/l2circuits/vars/main.yml b/geant/gap_ansible/roles/l2circuits/vars/main.yml
new file mode 100644
index 00000000..766826d3
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/vars/main.yml
@@ -0,0 +1,11 @@
+---
+l2circuits_is_standalone_run: false
+
+l2circuits_sdp_type: "1"
+l2circuits_router: "{{ l2c_side.sbp.edge_port.node }}"
+l2circuits_vendor: "{{ l2c_side.sbp.edge_port.node.vendor }}"
+l2circuits_fqdn: "{{ l2c_side.sbp.edge_port.node.router_fqdn }}"
+l2circuits_lag_name: "{{ l2c_side.sbp.edge_port.edge_port_name }}"
+l2circuits_vlan: "{{ l2c_side.sbp.vlan_id }}"
+l2circuits_l2c_type: "{{ subscription.layer_2_circuit.layer_2_circuit_type }}"
+l2circuits_l2c_vcid: "{{ subscription.layer_2_circuit.virtual_circuit_id }}"
--
GitLab
From 5dc6cd7d058028d1927e373f1638c24d0fe923c9 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Tue, 25 Mar 2025 15:02:36 +0000
Subject: [PATCH 02/12] Added partner name per side
---
.../roles/l2circuits/tasks/merge_vars.yaml | 11 +++++++++++
.../l2circuits/templates/nokia/deploy/l2circuit.j2 | 7 ++++---
geant/gap_ansible/roles/l2circuits/vars/main.yml | 1 +
3 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/geant/gap_ansible/roles/l2circuits/tasks/merge_vars.yaml b/geant/gap_ansible/roles/l2circuits/tasks/merge_vars.yaml
index cc7bb19c..58958102 100644
--- a/geant/gap_ansible/roles/l2circuits/tasks/merge_vars.yaml
+++ b/geant/gap_ansible/roles/l2circuits/tasks/merge_vars.yaml
@@ -5,6 +5,17 @@
vars:
qry: "layer_2_circuit.layer_2_circuit_sides[?sbp.edge_port.node.router_fqdn != '{{ inventory_hostname }}'] | [0]"
+- name: Load info for the local l2circuit endpoint
+ ansible.builtin.set_fact:
+ local_side: "{{ subscription | community.general.json_query(qry) }}"
+ vars:
+ qry: "layer_2_circuit.layer_2_circuit_sides[?sbp.edge_port.node.router_fqdn == '{{ inventory_hostname }}'] | [0]"
+
+- name: Set partner names for the l2circuit endpoints
+ ansible.builtin.set_fact:
+ local_partner_name: "{{ local_side.sbp.edge_port.partner_name }}"
+ remote_partner_name: "{{ remote_side.sbp.edge_port.partner_name }}"
+
- name: Calculate SDP to use locally
ansible.builtin.set_fact:
sdp_id: "{{ remote_side.sbp.edge_port.node.router_lo_ipv4_address |
diff --git a/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2 b/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
index 32c73f88..2496dc50 100644
--- a/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
+++ b/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
@@ -5,9 +5,9 @@
<service xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
<epipe>
- <service-name>EPIPE:{{ l2circuits_l2c_vcid }}</service-name>
+ <service-name>EPIPE:{{ l2circuits_custom_service_name }}:{{ l2circuits_l2c_vcid }}</service-name>
<admin-state>enable</admin-state>
- <description>SRV_L2CIRCUIT CUSTOMER BELNET GRNET #FED4FIRE-00669 $GS-00669</description>
+ <description>SRV_L2CIRCUIT CUSTOMER {{ local_partner_name | upper }} {{ remote_partner_name | upper }} #{{ l2circuits_custom_service_name }} ${{ local_side.sbp.gs_id }}</description>
<service-id>{{ l2circuits_l2c_vcid }}</service-id>
<customer>1</customer>
<vpn-id>{{ l2circuits_l2c_vcid }}</vpn-id>
@@ -23,7 +23,8 @@
</pw-status>
</spoke-sdp>
<sap>
- <sap-id>{{ l2circuits_lag_name }}:{{ l2circuits_vlan }}</sap-id>
+ <description>{{ local_partner_name | uppper }}:{{ l2circuits_vlan }}:{{ local_side.sbp.gs_id }}</description>
+ <sap-id>{{ l2circuits_lag_name }}:{{ l2circuits_vlan }}</sap-id>
<admin-state>enable</admin-state>
</sap>
</epipe>
diff --git a/geant/gap_ansible/roles/l2circuits/vars/main.yml b/geant/gap_ansible/roles/l2circuits/vars/main.yml
index 766826d3..9380163e 100644
--- a/geant/gap_ansible/roles/l2circuits/vars/main.yml
+++ b/geant/gap_ansible/roles/l2circuits/vars/main.yml
@@ -9,3 +9,4 @@ l2circuits_lag_name: "{{ l2c_side.sbp.edge_port.edge_port_name }}"
l2circuits_vlan: "{{ l2c_side.sbp.vlan_id }}"
l2circuits_l2c_type: "{{ subscription.layer_2_circuit.layer_2_circuit_type }}"
l2circuits_l2c_vcid: "{{ subscription.layer_2_circuit.virtual_circuit_id }}"
+l2circuits_custom_service_name: "{{ subscription.layer_2_circuit.custom_service_name }}"
--
GitLab
From 3993f429bbae846675f222476f574aeba392fcae Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Wed, 26 Mar 2025 10:20:57 +0000
Subject: [PATCH 03/12] l2circuits - add Juniper steps to push_config
---
.../roles/l2circuits/tasks/push_config.yaml | 37 +++++++++++++++++++
1 file changed, 37 insertions(+)
diff --git a/geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml b/geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml
index 79c30566..fd4e4dfe 100644
--- a/geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml
+++ b/geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml
@@ -14,3 +14,40 @@
diff: true
register: output
check_mode: true
+
+# - name: Fail if config diff is detected
+# when: >
+# output.changed | ansible.builtin.bool
+# and
+# is_verification_workflow | ansible.builtin.bool
+# ansible.builtin.fail:
+# msg: >
+# The config for {{ subscription.description }} has drifted!
+
+# - name: Config deploy [CHECK ONLY][NOKIA]
+# when: >
+# dry_run | ansible.builtin.bool
+# and
+# l2circuits_vendor == "nokia"
+# geant.gap_ansible.nokia_netconf_config:
+# format: xml
+# default_operation: merge
+# content: "{{ lookup('ansible.builtin.file', '/var/tmp/ansible_run_{{ opid }}/{{ l2circuits_fqdn }}_l2c.conf') }}"
+# commit: true
+# validate: true
+# config_mode: private
+# diff: true
+# register: output
+# check_mode: true
+
+- name: Config deploy [CHECK ONLY][JUNIPER]
+ when: >
+ dry_run | ansible.builtin.bool
+ and
+ l2circuits_vendor == "juniper"
+ junipernetworks.junos.junos_config:
+ update: "replace"
+ src: "/var/tmp/ansible_run_{{ opid }}/{{ l2circuits_fqdn }}_l2c.conf"
+ src_format: set
+ check_commit: true
+ diff: true
--
GitLab
From 531beaeb75c7a9e4656ceefe57b9915340ff39a9 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Wed, 26 Mar 2025 10:22:18 +0000
Subject: [PATCH 04/12] l2circuits - refine Nokia template and add Juniper
template
---
.../l2circuits/templates/juniper/deploy/l2circuit.j2 | 11 +++++++++++
.../l2circuits/templates/nokia/deploy/l2circuit.j2 | 6 +++---
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/geant/gap_ansible/roles/l2circuits/templates/juniper/deploy/l2circuit.j2 b/geant/gap_ansible/roles/l2circuits/templates/juniper/deploy/l2circuit.j2
index e69de29b..e4021485 100644
--- a/geant/gap_ansible/roles/l2circuits/templates/juniper/deploy/l2circuit.j2
+++ b/geant/gap_ansible/roles/l2circuits/templates/juniper/deploy/l2circuit.j2
@@ -0,0 +1,11 @@
+set interfaces {{ l2circuits_lag_name }} unit {{ l2circuits_vlan }} description "SRV_L2CIRCUIT CUSTOMER {{ local_partner_name | upper }} {{ remote_partner_name | upper }} #{{ l2circuits_custom_service_name | replace(' ', '_') }} ${{ local_side.sbp.gs_id }}"
+set interfaces {{ l2circuits_lag_name }} unit {{ l2circuits_vlan }} encapsulation vlan-ccc
+set interfaces {{ l2circuits_lag_name }} unit {{ l2circuits_vlan }} vlan-id {{ l2circuits_vlan }}
+set interfaces {{ l2circuits_lag_name }} unit {{ l2circuits_vlan }} family ccc
+set interfaces {{ l2circuits_lag_name }} unit {{ l2circuits_vlan }} input-vlan-map pop
+set interfaces {{ l2circuits_lag_name }} unit {{ l2circuits_vlan }} output-vlan-map push
+
+set protocols l2circuit neighbor {{ remote_side.sbp.edge_port.node.router_lo_ipv4_address }} interface {{ l2circuits_lag_name }}.{{ l2circuits_vlan }} virtual-circuit-id {{ l2circuits_l2c_vcid }}
+set protocols l2circuit neighbor {{ remote_side.sbp.edge_port.node.router_lo_ipv4_address }} interface {{ l2circuits_lag_name }}.{{ l2circuits_vlan }} control-word
+set protocols l2circuit neighbor {{ remote_side.sbp.edge_port.node.router_lo_ipv4_address }} interface {{ l2circuits_lag_name }}.{{ l2circuits_vlan }} mtu {{ service_mtu.juniper }}
+
diff --git a/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2 b/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
index 2496dc50..bb31c698 100644
--- a/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
+++ b/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
@@ -5,9 +5,9 @@
<service xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
<epipe>
- <service-name>EPIPE:{{ l2circuits_custom_service_name }}:{{ l2circuits_l2c_vcid }}</service-name>
+ <service-name>EPIPE:{{ l2circuits_custom_service_name | replace(' ', '_') }}:{{ l2circuits_l2c_vcid }}</service-name>
<admin-state>enable</admin-state>
- <description>SRV_L2CIRCUIT CUSTOMER {{ local_partner_name | upper }} {{ remote_partner_name | upper }} #{{ l2circuits_custom_service_name }} ${{ local_side.sbp.gs_id }}</description>
+ <description>SRV_L2CIRCUIT CUSTOMER {{ local_partner_name | upper }} {{ remote_partner_name | upper }} #{{ l2circuits_custom_service_name | replace(' ', '_') }} ${{ local_side.sbp.gs_id }}</description>
<service-id>{{ l2circuits_l2c_vcid }}</service-id>
<customer>1</customer>
<vpn-id>{{ l2circuits_l2c_vcid }}</vpn-id>
@@ -23,7 +23,7 @@
</pw-status>
</spoke-sdp>
<sap>
- <description>{{ local_partner_name | uppper }}:{{ l2circuits_vlan }}:{{ local_side.sbp.gs_id }}</description>
+ <description>{{ local_partner_name | upper }}:{{ l2circuits_vlan }}:{{ local_side.sbp.gs_id }}</description>
<sap-id>{{ l2circuits_lag_name }}:{{ l2circuits_vlan }}</sap-id>
<admin-state>enable</admin-state>
</sap>
--
GitLab
From e2b2cff90a8d1d6fff3a59205fa9e71f1795b332 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Fri, 28 Mar 2025 16:20:37 +0000
Subject: [PATCH 05/12] Move standrard tasks inside the l2circuits role
---
geant/gap_ansible/roles/l2circuits/tasks/main.yml | 3 +++
.../roles/l2circuits/tasks/standard_tasks.yaml | 15 +++++++++++++++
2 files changed, 18 insertions(+)
create mode 100644 geant/gap_ansible/roles/l2circuits/tasks/standard_tasks.yaml
diff --git a/geant/gap_ansible/roles/l2circuits/tasks/main.yml b/geant/gap_ansible/roles/l2circuits/tasks/main.yml
index f1bcf186..85f49952 100644
--- a/geant/gap_ansible/roles/l2circuits/tasks/main.yml
+++ b/geant/gap_ansible/roles/l2circuits/tasks/main.yml
@@ -7,6 +7,9 @@
- name: Produce the config for the current l2circuit endpoint
when: inventory_hostname == l2circuits_fqdn
block:
+ - name: Include standard tasks
+ ansible.builtin.include_tasks: standard_tasks.yaml
+
- name: Merge vars
ansible.builtin.include_tasks: merge_vars.yaml
diff --git a/geant/gap_ansible/roles/l2circuits/tasks/standard_tasks.yaml b/geant/gap_ansible/roles/l2circuits/tasks/standard_tasks.yaml
new file mode 100644
index 00000000..4772e5bb
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/tasks/standard_tasks.yaml
@@ -0,0 +1,15 @@
+---
+- name: Generate an ID for this run
+ ansible.builtin.set_fact:
+ opid: "{{ lookup('community.general.random_string', length=18, special=false) }}"
+
+- name: Print the ID
+ ansible.builtin.debug:
+ msg: "{{ opid }}"
+
+- name: Create a folder for all compiled output
+ ansible.builtin.file:
+ path: "/var/tmp/ansible_run_{{ opid }}"
+ state: directory
+ mode: "0755"
+ delegate_to: localhost
--
GitLab
From 8d6b60aab97ff812d3196b298691f2d7f73451ea Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Fri, 28 Mar 2025 16:21:21 +0000
Subject: [PATCH 06/12] l2circuits: add real push tasks
---
.../roles/l2circuits/tasks/push_config.yaml | 41 ++++++++++++-------
1 file changed, 26 insertions(+), 15 deletions(-)
diff --git a/geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml b/geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml
index fd4e4dfe..3153a8cb 100644
--- a/geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml
+++ b/geant/gap_ansible/roles/l2circuits/tasks/push_config.yaml
@@ -24,21 +24,20 @@
# msg: >
# The config for {{ subscription.description }} has drifted!
-# - name: Config deploy [CHECK ONLY][NOKIA]
-# when: >
-# dry_run | ansible.builtin.bool
-# and
-# l2circuits_vendor == "nokia"
-# geant.gap_ansible.nokia_netconf_config:
-# format: xml
-# default_operation: merge
-# content: "{{ lookup('ansible.builtin.file', '/var/tmp/ansible_run_{{ opid }}/{{ l2circuits_fqdn }}_l2c.conf') }}"
-# commit: true
-# validate: true
-# config_mode: private
-# diff: true
-# register: output
-# check_mode: true
+- name: Config deploy [REAL][NOKIA]
+ when: >
+ not dry_run | ansible.builtin.bool
+ and
+ l2circuits_vendor == "nokia"
+ geant.gap_ansible.nokia_netconf_config:
+ format: xml
+ default_operation: merge
+ content: "{{ lookup('ansible.builtin.file', '/var/tmp/ansible_run_{{ opid }}/{{ l2circuits_fqdn }}_l2c.conf') }}"
+ commit: true
+ commit_comment: "{{ commit_comment }}"
+ config_mode: private
+ diff: true
+ register: output
- name: Config deploy [CHECK ONLY][JUNIPER]
when: >
@@ -51,3 +50,15 @@
src_format: set
check_commit: true
diff: true
+
+- name: Config deploy [REAL][JUNIPER]
+ when: >
+ not dry_run | ansible.builtin.bool
+ and
+ l2circuits_vendor == "juniper"
+ junipernetworks.junos.junos_config:
+ update: "replace"
+ src: "/var/tmp/ansible_run_{{ opid }}/{{ l2circuits_fqdn }}_l2c.conf"
+ src_format: set
+ comment: "{{ commit_comment }}"
+ diff: true
--
GitLab
From ff39b976c40e6a5339a36f3471815f8fc2f17707 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Fri, 28 Mar 2025 16:21:41 +0000
Subject: [PATCH 07/12] l2circuits: Juniper terminate template
---
.../roles/l2circuits/templates/juniper/terminate/l2circuit.j2 | 2 ++
1 file changed, 2 insertions(+)
create mode 100644 geant/gap_ansible/roles/l2circuits/templates/juniper/terminate/l2circuit.j2
diff --git a/geant/gap_ansible/roles/l2circuits/templates/juniper/terminate/l2circuit.j2 b/geant/gap_ansible/roles/l2circuits/templates/juniper/terminate/l2circuit.j2
new file mode 100644
index 00000000..067d5114
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/templates/juniper/terminate/l2circuit.j2
@@ -0,0 +1,2 @@
+delete protocols l2circuit neighbor {{ remote_side.sbp.edge_port.node.router_lo_ipv4_address }} interface {{ l2circuits_lag_name }}.{{ l2circuits_vlan }}
+delete interfaces {{ l2circuits_lag_name }} unit {{ l2circuits_vlan }}
--
GitLab
From 03be9488986c85af8baac357b21684a31f3cbd01 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Fri, 28 Mar 2025 16:22:08 +0000
Subject: [PATCH 08/12] l2circuits: Nokia terminate template
---
.../templates/nokia/terminate/l2circuit.j2 | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
create mode 100644 geant/gap_ansible/roles/l2circuits/templates/nokia/terminate/l2circuit.j2
diff --git a/geant/gap_ansible/roles/l2circuits/templates/nokia/terminate/l2circuit.j2 b/geant/gap_ansible/roles/l2circuits/templates/nokia/terminate/l2circuit.j2
new file mode 100644
index 00000000..eb28e6a9
--- /dev/null
+++ b/geant/gap_ansible/roles/l2circuits/templates/nokia/terminate/l2circuit.j2
@@ -0,0 +1,19 @@
+<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:alu="urn:ietf:params:xml:ns:netconf:base:1.0">
+ <configure xmlns="urn:nokia.com:sros:ns:yang:sr:conf">
+
+{% if l2circuits_l2c_type == 'VLAN' %}
+ <connection-profile xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes" alu:operation="delete">
+ <vlan>
+ <connection-profile-id>{{ l2circuits_l2c_vcid }}</connection-profile-id>
+ </vlan>
+ </connection-profile>
+{% endif %}
+
+<service xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
+ <epipe alu:operation="delete">
+ <service-name>EPIPE:{{ l2circuits_custom_service_name | replace(' ', '_') }}:{{ l2circuits_l2c_vcid }}</service-name>
+ </epipe>
+</service>
+
+ </configure>
+</config>
--
GitLab
From 72a82e448d57046df6ed0f5b7489888a3662e9e3 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Fri, 28 Mar 2025 16:22:34 +0000
Subject: [PATCH 09/12] l2circuits: Nokia template - add connection profile
---
.../templates/nokia/deploy/l2circuit.j2 | 71 +++++++++++--------
1 file changed, 42 insertions(+), 29 deletions(-)
diff --git a/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2 b/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
index bb31c698..6d8567ba 100644
--- a/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
+++ b/geant/gap_ansible/roles/l2circuits/templates/nokia/deploy/l2circuit.j2
@@ -1,36 +1,49 @@
{#{% if l2circuits_is_standalone_run %}#}
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:alu="urn:ietf:params:xml:ns:netconf:base:1.0">
<configure xmlns="urn:nokia.com:sros:ns:yang:sr:conf">
-{#{% endif %}#}
-<service xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
- <epipe>
- <service-name>EPIPE:{{ l2circuits_custom_service_name | replace(' ', '_') }}:{{ l2circuits_l2c_vcid }}</service-name>
- <admin-state>enable</admin-state>
- <description>SRV_L2CIRCUIT CUSTOMER {{ local_partner_name | upper }} {{ remote_partner_name | upper }} #{{ l2circuits_custom_service_name | replace(' ', '_') }} ${{ local_side.sbp.gs_id }}</description>
- <service-id>{{ l2circuits_l2c_vcid }}</service-id>
- <customer>1</customer>
- <vpn-id>{{ l2circuits_l2c_vcid }}</vpn-id>
- <service-mtu>{{ service_mtu.nokia }}</service-mtu>
- <ignore-l2vpn-mtu-mismatch>false</ignore-l2vpn-mtu-mismatch>
- <spoke-sdp>
- <sdp-bind-id>{{ sdp_id }}:{{ l2circuits_l2c_vcid }}</sdp-bind-id>
- <admin-state>enable</admin-state>
- <control-word>true</control-word>
- <vc-type>{{ 'ether' if l2circuits_l2c_type == 'Ethernet' else 'vlan' }}</vc-type>
- <pw-status>
- <signaling>true</signaling>
- </pw-status>
- </spoke-sdp>
- <sap>
- <description>{{ local_partner_name | upper }}:{{ l2circuits_vlan }}:{{ local_side.sbp.gs_id }}</description>
- <sap-id>{{ l2circuits_lag_name }}:{{ l2circuits_vlan }}</sap-id>
- <admin-state>enable</admin-state>
- </sap>
- </epipe>
-</service>
+{% if l2circuits_l2c_type == 'VLAN' %}
+ <connection-profile xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes" alu:operation="replace">
+ <vlan>
+ <connection-profile-id>{{ l2circuits_l2c_vcid }}</connection-profile-id>
+ <qtag-range>
+ <start>{{ subscription.layer_2_circuit.vlan_range_lower_bound }}</start>
+ <end>{{ subscription.layer_2_circuit.vlan_range_upper_bound }}</end>
+ </qtag-range>
+ </vlan>
+ </connection-profile>
+{% endif %}
+
+ <service xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
+ <epipe alu:operation="replace">
+ <service-name >EPIPE:{{ l2circuits_custom_service_name | replace(' ', '_') }}:{{ l2circuits_l2c_vcid }}</service-name>
+ <admin-state>enable</admin-state>
+ <description>SRV_L2CIRCUIT CUSTOMER {{ local_partner_name | upper }} {{ remote_partner_name | upper }} #{{ l2circuits_custom_service_name | replace(' ', '_') }} ${{ local_side.sbp.gs_id }}</description>
+ <service-id>{{ l2circuits_l2c_vcid }}</service-id>
+ <customer>1</customer>
+ <vpn-id>{{ l2circuits_l2c_vcid }}</vpn-id>
+ <service-mtu>{{ service_mtu.nokia }}</service-mtu>
+ <ignore-l2vpn-mtu-mismatch>false</ignore-l2vpn-mtu-mismatch>
+ <spoke-sdp>
+ <sdp-bind-id>{{ sdp_id }}:{{ l2circuits_l2c_vcid }}</sdp-bind-id>
+ <admin-state>enable</admin-state>
+ <control-word>true</control-word>
+ <vc-type>{{ 'ether' if l2circuits_l2c_type == 'Ethernet' else 'vlan' }}</vc-type>
+ <pw-status>
+ <signaling>true</signaling>
+ </pw-status>
+ </spoke-sdp>
+ <sap>
+ <description>{{ local_partner_name | upper }}:{{ l2circuits_vlan }}:{{ local_side.sbp.gs_id }}</description>
+ {% if l2circuits_l2c_type == 'Ethernet' %}
+ <sap-id>{{ l2circuits_lag_name }}:{{ l2circuits_vlan }}</sap-id>
+ {% else %}
+ <sap-id>{{ l2circuits_lag_name }}:cp-{{ l2circuits_l2c_vcid }}</sap-id>
+ {% endif %}
+ <admin-state>enable</admin-state>
+ </sap>
+ </epipe>
+ </service>
-{#{% if l2circuits_is_standalone_run %}#}
</configure>
</config>
-{#{% endif %}#}
--
GitLab
From 484d73bdd9c3e2e0aa23e8fbd1436010321bba50 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Fri, 28 Mar 2025 16:26:11 +0000
Subject: [PATCH 10/12] add defaults vars
---
geant/gap_ansible/roles/l2circuits/defaults/main.yml | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/geant/gap_ansible/roles/l2circuits/defaults/main.yml b/geant/gap_ansible/roles/l2circuits/defaults/main.yml
index d2434bbb..87a8dfd7 100644
--- a/geant/gap_ansible/roles/l2circuits/defaults/main.yml
+++ b/geant/gap_ansible/roles/l2circuits/defaults/main.yml
@@ -1,3 +1,2 @@
-#SPDX-License-Identifier: MIT-0
---
-# defaults file for l2ciruits
+is_verification_workflow: false
--
GitLab
From 82bbd7fd8904049e3611f1e80f761f832889fbf9 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Tue, 1 Apr 2025 10:17:25 +0100
Subject: [PATCH 11/12] l2circuit playbook cleanup
---
geant/gap_ansible/playbooks/l2circuit.yaml | 29 ----------------------
1 file changed, 29 deletions(-)
diff --git a/geant/gap_ansible/playbooks/l2circuit.yaml b/geant/gap_ansible/playbooks/l2circuit.yaml
index b6190bf1..5f20a0fd 100644
--- a/geant/gap_ansible/playbooks/l2circuit.yaml
+++ b/geant/gap_ansible/playbooks/l2circuit.yaml
@@ -2,21 +2,6 @@
hosts: all
gather_facts: false
tasks:
- - name: Generate an ID for this run
- ansible.builtin.set_fact:
- opid: "{{ lookup('community.general.random_string', length=18, special=false) }}"
-
- - name: Print the ID
- ansible.builtin.debug:
- msg: "{{ opid }}"
-
- - name: Create a folder for all compiled output
- ansible.builtin.file:
- path: "/var/tmp/ansible_run_{{ opid }}"
- state: directory
- mode: "0755"
- delegate_to: localhost
-
- name: Import group_vars/all
ansible.builtin.include_vars:
dir: /opt/ansible_inventory/group_vars/all
@@ -24,10 +9,6 @@
- name: Import standard variables for "{{ subscription.product.product_type }}/{{ subscription.layer_2_circuit_service_type | upper | replace(' ', '_') }}"
ansible.builtin.include_vars:
dir: /opt/ansible_inventory/geant_services/{{ subscription.product.product_type }}/{{ subscription.layer_2_circuit_service_type | upper | replace(' ', '_') }}
- #
- # - name: Import group_vars/routers
- # ansible.builtin.include_vars:
- # dir: /opt/ansible_inventory/group_vars/routers
- name: Include l2circuit role
ansible.builtin.include_role:
@@ -35,13 +16,3 @@
loop: "{{ subscription.layer_2_circuit.layer_2_circuit_sides }}"
loop_control:
loop_var: l2c_side
-
- # - name: Deploy
- # # when: verb == deploy
- # block:
- # - name: Include deployment role
- # ansible.builtin.include_role:
- # name: deploy_service_config
- # loop: "{{ subscription.layer_2_circuit.layer_2_circuit_sides }}"
- # loop_control:
- # loop_var: l2c_side
--
GitLab
From d5fc4fa88a3fb93b4748075e53cf34d6c57e50cf Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Tue, 1 Apr 2025 10:26:02 +0100
Subject: [PATCH 12/12] Linting
---
geant/gap_ansible/roles/l2circuits/handlers/main.yml | 1 -
geant/gap_ansible/roles/l2circuits/meta/main.yml | 1 -
2 files changed, 2 deletions(-)
diff --git a/geant/gap_ansible/roles/l2circuits/handlers/main.yml b/geant/gap_ansible/roles/l2circuits/handlers/main.yml
index 3c33c1b4..10433d11 100644
--- a/geant/gap_ansible/roles/l2circuits/handlers/main.yml
+++ b/geant/gap_ansible/roles/l2circuits/handlers/main.yml
@@ -1,3 +1,2 @@
-#SPDX-License-Identifier: MIT-0
---
# handlers file for l2ciruits
diff --git a/geant/gap_ansible/roles/l2circuits/meta/main.yml b/geant/gap_ansible/roles/l2circuits/meta/main.yml
index fca8e2db..8e604b5c 100644
--- a/geant/gap_ansible/roles/l2circuits/meta/main.yml
+++ b/geant/gap_ansible/roles/l2circuits/meta/main.yml
@@ -1,4 +1,3 @@
-#SPDX-License-Identifier: MIT-0
galaxy_info:
author: A. Kurbatov
description: GEANT Orchestration and Automation Team
--
GitLab