From 79310795023ce5d65bf32df200542d63e0ff2d6b Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Tue, 22 Apr 2025 14:11:06 +0100
Subject: [PATCH 1/8] fw_filters: l3_core_service_type -> product.product_type
---
.../fw_filters/tasks/merge_variables.yaml | 22 ++++++++-----------
1 file changed, 9 insertions(+), 13 deletions(-)
diff --git a/geant/gap_ansible/roles/fw_filters/tasks/merge_variables.yaml b/geant/gap_ansible/roles/fw_filters/tasks/merge_variables.yaml
index 227ae8ef..2d12a599 100644
--- a/geant/gap_ansible/roles/fw_filters/tasks/merge_variables.yaml
+++ b/geant/gap_ansible/roles/fw_filters/tasks/merge_variables.yaml
@@ -5,7 +5,7 @@
# when: >-
# subscription.product.product_type == "L3CoreService"
# and
- # subscription.l3_core_service_type in l3_service_types.ies or subscription.l3_core_service_type in l3_service_types.vprn
+ # subscription.product.product_type | upper in l3_service_types.ies or subscription.product.product_type | upper in l3_service_types.vprn
# and
# ap.sbp.custom_firewall_filters | ansible.builtin.bool
block:
@@ -13,7 +13,7 @@
when: >
ap.sbp.custom_firewall_filters | ansible.builtin.bool
and
- subscription.l3_core_service_type in l3_service_types.ies
+ subscription.product.product_type | upper in l3_service_types.ies
ansible.builtin.set_fact:
custom_edge_fw: "{{ [STANDARD_NREN_FW__to_merge, CUSTOM_NREN_FW] | community.general.lists_mergeby('name',
recursive=true, list_merge='append') }}"
@@ -22,7 +22,7 @@
when: >
ap.sbp.custom_firewall_filters | ansible.builtin.bool
and
- subscription.l3_core_service_type in l3_service_types.ies
+ subscription.product.product_type | upper in l3_service_types.ies
ansible.builtin.set_fact:
gen_filters: "{{ [STANDARD_EDGE_FW__to_merge, custom_edge_fw] | community.general.lists_mergeby('name') }}"
@@ -33,15 +33,15 @@
when: >
ap.sbp.custom_firewall_filters | ansible.builtin.bool
and
- subscription.l3_core_service_type in l3_service_types.vprn
+ subscription.product.product_type | upper in l3_service_types.vprn
ansible.builtin.set_fact:
- standard_nren_fw: "STANDARD_{{ subscription.l3_core_service_type }}_NREN_FW__to_merge"
+ standard_nren_fw: "STANDARD_{{ subscription.product.product_type | upper }}_NREN_FW__to_merge"
- name: Load Standard NREN FW
when: >
ap.sbp.custom_firewall_filters | ansible.builtin.bool
and
- subscription.l3_core_service_type in l3_service_types.vprn
+ subscription.product.product_type | upper in l3_service_types.vprn
ansible.builtin.set_fact:
standard_nren_fw: "{{ lookup('community.general.merge_variables', standard_nren_fw) }}"
@@ -50,7 +50,7 @@
when: >
ap.sbp.custom_firewall_filters | ansible.builtin.bool
and
- subscription.l3_core_service_type in l3_service_types.vprn
+ subscription.product.product_type | upper in l3_service_types.vprn
ansible.builtin.set_fact:
custom_edge_fw: "{{ [CUSTOM_NREN_FW, standard_nren_fw] | community.general.lists_mergeby('name',
recursive=true, list_merge='append') }}"
@@ -63,16 +63,12 @@
when: >
ap.sbp.custom_firewall_filters | ansible.builtin.bool
and
- subscription.l3_core_service_type in l3_service_types.vprn
+ subscription.product.product_type | upper in l3_service_types.vprn
ansible.builtin.set_fact:
gen_filters: "{{ [STANDARD_EDGE_FW__to_merge, custom_edge_fw] | community.general.lists_mergeby('name') }}"
- name: Prepare FW vars for NREN L3 Core Service with standard filters
- when: >-
- subscription.product.product_type == "L3CoreService"
- and
- subscription.l3_core_service_type in l3_service_types.ies or subscription.l3_core_service_type in l3_service_types.vprn
- and
+ when: >
not ap.sbp.custom_firewall_filters | ansible.builtin.bool
block:
- name: Merge NREN standard filters
--
GitLab
From bff0edf5fed8de1213678da1c28f9e489ecc22a1 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Wed, 23 Apr 2025 16:06:17 +0100
Subject: [PATCH 2/8] `sbp` role: l3_core_service_type -> product.product_type
---
.../roles/sbp/templates/nokia/deploy/sbp.j2 | 30 +++++++++----------
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/geant/gap_ansible/roles/sbp/templates/nokia/deploy/sbp.j2 b/geant/gap_ansible/roles/sbp/templates/nokia/deploy/sbp.j2
index 52195314..9b650c67 100644
--- a/geant/gap_ansible/roles/sbp/templates/nokia/deploy/sbp.j2
+++ b/geant/gap_ansible/roles/sbp/templates/nokia/deploy/sbp.j2
@@ -4,24 +4,24 @@
{% endif %}
<service xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
- {% if subscription.l3_core_service_type in l3_service_types.ies %}
+ {% if subscription.product.product_type | upper in l3_service_types.ies %}
<ies xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
<service-name>{{ ies_re_name }}</service-name>
- {% elif subscription.l3_core_service_type in l3_service_types.vprn %}
+ {% elif subscription.product.product_type | upper in l3_service_types.vprn %}
<vprn xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
<service-name>{{ vprn_name }}</service-name>
{% endif %}
<interface alu:operation="replace">
<interface-name>{{ lag_name }}.{{ ap.sbp.vlan_id }}</interface-name>
- {% if subscription.l3_core_service_type in l3_service_types.ies %}
+ {% if subscription.product.product_type | upper in l3_service_types.ies %}
<description>SRV_GLOBAL CUSTOMER {{ partner_name }} {{ '#'+ap.custom_service_name if ap.custom_service_name is string }} ${{ ap.sbp.gs_id }} | ASN{{ partner.asn }} | </description>
- {% elif subscription.l3_core_service_type == 'IAS' %}
+ {% elif subscription.product.product_type | upper == 'IAS' %}
<description>SRV_IAS CUSTOMER {{ partner_name }} {{ '#'+ap.custom_service_name if ap.custom_service_name is string }} {{ partner.ias_flavour | regex_search('IAS(GWS)?(PS)?') }} ${{ ap.sbp.gs_id }} | ASN{{ partner.asn }} | </description>
<ingress>
<policy-accounting>GEANT_DEST_CLASS_POL_TEMPLATE_01</policy-accounting>
<destination-class-lookup>true</destination-class-lookup>
</ingress>
- {% elif subscription.l3_core_service_type in l3_service_types.vprn %}
+ {% elif subscription.product.product_type | upper in l3_service_types.vprn %}
<description>SRV_L3VPN CUSTOMER {{ partner_name }} {{ '#'+ap.custom_service_name if ap.custom_service_name is string }} ${{ ap.sbp.gs_id }} | ASN{{ partner.asn }} | </description>
{% endif %}
<ip-mtu>{{ sbp_params.ip_mtu }}</ip-mtu>
@@ -48,23 +48,23 @@
{% endif %}
<ingress>
<filter>
- {% if subscription.l3_core_service_type in l3_service_types.ies %}
+ {% if subscription.product.product_type | upper in l3_service_types.ies %}
<ip>{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_EDGE_IN</ip>
<ipv6>{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_EDGE_IN_V6</ipv6>
- {% elif subscription.l3_core_service_type in l3_service_types.vprn %}
- <ip>{{ subscription.l3_core_service_type }}_{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_IN</ip>
- <ipv6>{{ subscription.l3_core_service_type }}_{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_IN_V6</ipv6>
+ {% elif subscription.product.product_type | upper in l3_service_types.vprn %}
+ <ip>{{ subscription.product.product_type | upper }}_{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_IN</ip>
+ <ipv6>{{ subscription.product.product_type | upper }}_{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_IN_V6</ipv6>
{% endif %}
</filter>
</ingress>
<egress>
<filter>
- {% if subscription.l3_core_service_type in l3_service_types.ies %}
+ {% if subscription.product.product_type | upper in l3_service_types.ies %}
<ip>{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_EDGE_OUT</ip>
<ipv6>{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_EDGE_OUT_V6</ipv6>
- {% elif subscription.l3_core_service_type in l3_service_types.vprn %}
- <ip>{{ subscription.l3_core_service_type }}_{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_OUT</ip>
- <ipv6>{{ subscription.l3_core_service_type }}_{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_OUT_V6</ipv6>
+ {% elif subscription.product.product_type | upper in l3_service_types.vprn %}
+ <ip>{{ subscription.product.product_type | upper }}_{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_OUT</ip>
+ <ipv6>{{ subscription.product.product_type | upper }}_{{ partner_name | upper }}_{{ ap.ap_type[:1] }}_OUT_V6</ipv6>
{% endif %}
</filter>
</egress>
@@ -122,9 +122,9 @@
</address>
</ipv6>
</interface>
- {% if subscription.l3_core_service_type in l3_service_types.ies %}
+ {% if subscription.product.product_type | upper in l3_service_types.ies %}
</ies>
- {% elif subscription.l3_core_service_type in l3_service_types.vprn %}
+ {% elif subscription.product.product_type | upper in l3_service_types.vprn %}
</vprn>
{% endif %}
</service>
--
GitLab
From ea6ba2a59f3c36d8913fdad9aeaa198a18b3ef32 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Wed, 23 Apr 2025 16:08:33 +0100
Subject: [PATCH 3/8] `deploy_service_config`: replace L3CoreService
product_type
---
geant/gap_ansible/roles/deploy_service_config/tasks/main.yml | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/geant/gap_ansible/roles/deploy_service_config/tasks/main.yml b/geant/gap_ansible/roles/deploy_service_config/tasks/main.yml
index db97f9ff..88c0a37e 100644
--- a/geant/gap_ansible/roles/deploy_service_config/tasks/main.yml
+++ b/geant/gap_ansible/roles/deploy_service_config/tasks/main.yml
@@ -6,11 +6,13 @@
# However, mixing "imports" with "includes" is not recommended.
# Another way is to "apply" the "delegate_to: localhost".
- name: Set router and vendor for the use with SBP
- when: subscription.product.product_type == 'L3CoreService'
+ when: subscription.product.product_type | upper in l3_service_types.ies
+ or subscription.product.product_type | upper in l3_service_types.vprn
ansible.builtin.set_fact:
router: "{{ ap.sbp.edge_port.node }}"
vendor: "{{ ap.sbp.edge_port.node.vendor }}"
+# TODO: check product_type VRF
- name: Extract current inventory router from "vrf_router_list"
when: subscription.product.product_type == 'VRF'
ansible.builtin.set_fact:
--
GitLab
From c0f4292317274dc00d0a71e7a53148bcdc6a5f07 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Fri, 25 Apr 2025 18:23:14 +0100
Subject: [PATCH 4/8] Update L3-related playbook to match an updated GSO
subscription structure
---
.../playbooks/l3_core_service.yaml | 50 +++++++++++--------
.../playbooks/manage_bgp_peers.yaml | 22 +++++---
geant/gap_ansible/playbooks/manage_sbp.yaml | 17 ++++---
.../playbooks/validate_prefix_list.yaml | 20 +++++---
4 files changed, 68 insertions(+), 41 deletions(-)
diff --git a/geant/gap_ansible/playbooks/l3_core_service.yaml b/geant/gap_ansible/playbooks/l3_core_service.yaml
index a610d12a..b1ec56b9 100644
--- a/geant/gap_ansible/playbooks/l3_core_service.yaml
+++ b/geant/gap_ansible/playbooks/l3_core_service.yaml
@@ -10,7 +10,7 @@
# ansible.builtin.include_role:
# name: service_checks
# loop:
- # "{{ subscription.l3_core_service.ap_list }}"
+ # "{{ subscription.l3_subscription_type.l3_core.ap_list }}"
# loop_control:
# loop_var: ap
@@ -43,34 +43,42 @@
- name: Import standard general variables for GEANT L3 Core Services
ansible.builtin.include_vars:
- file: /opt/ansible_inventory/geant_services/{{ subscription.product.product_type }}/general.yaml
+ file: /opt/ansible_inventory/geant_services/L3CoreService/general.yaml
+
+ - name: Set the L3 subscription key
+ ansible.builtin.set_fact:
+ subscription_key: "{{ l3_services[subscription.product.product_type | upper] }}"
+
+ - name: Set the AP list var
+ ansible.builtin.set_fact:
+ ap_list: "{{ subscription[subscription_key].l3_core.ap_list }}"
- name: Import general variables for {{ partner_name | upper }}
ansible.builtin.include_vars:
file: /opt/ansible_inventory/geant_partners/{{ partner_name | upper }}/general.yaml
- - name: Import standard variables for "{{ subscription.product.product_type }}/{{ subscription.l3_core_service_type | replace(' ', '_') }}"
+ - name: Import standard variables for "L3CoreService/{{ subscription.product.product_type | replace(' ', '_') | upper }}"
ansible.builtin.include_vars:
- dir: /opt/ansible_inventory/geant_services/{{ subscription.product.product_type }}/{{ subscription.l3_core_service_type | replace(' ', '_') }}
+ dir: /opt/ansible_inventory/geant_services/L3CoreService/{{ subscription.product.product_type | replace(' ', '_') | upper }}
- - name: Import {{ partner_name | upper }} specific variables for {{ subscription.l3_core_service_type | replace(' ', '_') }}
+ - name: Import {{ partner_name | upper }} specific variables for {{ subscription.product.product_type | replace(' ', '_') | upper }}
when: >
- subscription.l3_core_service.ap_list | selectattr('sbp.custom_firewall_filters', 'eq', true) | list | length > 0
+ ap_list | selectattr('sbp.custom_firewall_filters', 'eq', true) | list | length > 0
or
- subscription.l3_core_service.ap_list | map(attribute='sbp.bgp_session_list') | flatten | selectattr('has_custom_policies', 'eq', true) | list | length > 0
+ ap_list | map(attribute='sbp.bgp_session_list') | flatten | selectattr('has_custom_policies', 'eq', true) | list | length > 0
ansible.builtin.include_vars:
- dir: /opt/ansible_inventory/geant_partners/{{ partner_name | upper }}/{{ subscription.l3_core_service_type | replace(' ', '_') }}
+ dir: /opt/ansible_inventory/geant_partners/{{ partner_name | upper }}/{{ subscription.product.product_type | replace(' ', '_') }}
- name: Compile SBP-related config
when: object == 'sbp'
block:
- name: Include IP prefix list if Custom FW is selected
when: >
- subscription.l3_core_service.ap_list | selectattr('sbp.custom_firewall_filters', 'eq', true) | list | length > 0
+ ap_list | selectattr('sbp.custom_firewall_filters', 'eq', true) | list | length > 0
ansible.builtin.include_role:
name: ip_prefix_lists
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -78,7 +86,7 @@
ansible.builtin.include_role:
name: fw_filters
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -86,7 +94,7 @@
ansible.builtin.include_role:
name: sbp
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -99,7 +107,7 @@
vars:
qry: "bgp_session_list[?ip_type == 'ipv4'] | [0]"
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -109,7 +117,7 @@
vars:
qry: "bgp_session_list[?ip_type == 'ipv6'] | [0]"
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -117,20 +125,20 @@
when: >
bgp_session_v4.families is contains('mcast-ipv4') or bgp_session_v6 is contains('mcast-ipv6')
and
- subscription.l3_core_service_type in l3_service_types.ies
+ subscription.product.product_type | upper in l3_service_types.ies
ansible.builtin.include_role:
name: pim
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
- name: Include PO prefix list generation
- when: subscription.l3_core_service_type in generate_po_prefix_lists
+ when: subscription.product.product_type | upper in l3_generate_po_prefix_lists
ansible.builtin.include_role:
name: po_prefix_lists
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -138,7 +146,7 @@
ansible.builtin.include_role:
name: policy_options
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -146,7 +154,7 @@
ansible.builtin.include_role:
name: bgp_config
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -158,6 +166,6 @@
ansible.builtin.include_role:
name: deploy_service_config
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
diff --git a/geant/gap_ansible/playbooks/manage_bgp_peers.yaml b/geant/gap_ansible/playbooks/manage_bgp_peers.yaml
index d594de83..113fa28b 100644
--- a/geant/gap_ansible/playbooks/manage_bgp_peers.yaml
+++ b/geant/gap_ansible/playbooks/manage_bgp_peers.yaml
@@ -25,20 +25,28 @@
ansible.builtin.include_vars:
file: /opt/ansible_inventory/geant_partners/{{ partner_name | upper }}/general.yaml
- - name: Import general variables for {{ subscription.product.product_type }}
+ - name: Import standard general variables for GEANT L3 Core Services
ansible.builtin.include_vars:
- file: /opt/ansible_inventory/geant_services/{{ subscription.product.product_type }}/general.yaml
+ file: /opt/ansible_inventory/geant_services/L3CoreService/general.yaml
- - name: Import BGP specific vars for {{ subscription.l3_core_service_type | replace(' ', '_') }}
+ - name: Set the L3 subscription key
+ ansible.builtin.set_fact:
+ subscription_key: "{{ l3_services[subscription.product.product_type | upper] }}"
+
+ - name: Set the AP list var
+ ansible.builtin.set_fact:
+ ap_list: "{{ subscription[subscription_key].l3_core.ap_list }}"
+
+ - name: Import BGP specific vars for {{ subscription.product.product_type | upper | replace(' ', '_') }}
ansible.builtin.include_vars:
- file: /opt/ansible_inventory/geant_services/{{ subscription.product.product_type }}/{{ subscription.l3_core_service_type | replace(' ', '_') }}/bgp.yaml
+ file: /opt/ansible_inventory/geant_services/L3CoreService/{{ subscription.product.product_type | upper | replace(' ', '_') }}/bgp.yaml
- name: Check BGP neighbors
when: verb == 'check'
ansible.builtin.include_role:
name: service_checks
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -48,7 +56,7 @@
ansible.builtin.include_role:
name: bgp_config
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -59,6 +67,6 @@
ansible.builtin.include_role:
name: deploy_service_config
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
diff --git a/geant/gap_ansible/playbooks/manage_sbp.yaml b/geant/gap_ansible/playbooks/manage_sbp.yaml
index 8298ef64..75665516 100644
--- a/geant/gap_ansible/playbooks/manage_sbp.yaml
+++ b/geant/gap_ansible/playbooks/manage_sbp.yaml
@@ -21,20 +21,23 @@
ansible.builtin.include_vars:
dir: /opt/ansible_inventory/group_vars/all
- - name: Import general variables for {{ subscription.product.product_type }}
+ - name: Import standard general variables for GEANT L3 Core Services
ansible.builtin.include_vars:
- file: /opt/ansible_inventory/geant_services/{{ subscription.product.product_type }}/general.yaml
+ file: /opt/ansible_inventory/geant_services/L3CoreService/general.yaml
- # - name: Import BGP specific vars for {{ subscription.l3_core_service_type }}
- # ansible.builtin.include_vars:
- # file: /opt/ansible_inventory/geant_services/{{ subscription.product.product_type }}/{{ subscription.l3_core_service_type }}/bgp.yaml
+ - name: Set the L3 subscription key
+ ansible.builtin.set_fact:
+ subscription_key: "{{ l3_services[subscription.product.product_type | upper] }}"
+ - name: Set the AP list var
+ ansible.builtin.set_fact:
+ ap_list: "{{ subscription[subscription_key].l3_core.ap_list }}"
- name: Deactivate SPB on the old router
ansible.builtin.include_role:
name: sbp
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -45,6 +48,6 @@
ansible.builtin.include_role:
name: deploy_service_config
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
diff --git a/geant/gap_ansible/playbooks/validate_prefix_list.yaml b/geant/gap_ansible/playbooks/validate_prefix_list.yaml
index 00f1e9cf..691c055c 100644
--- a/geant/gap_ansible/playbooks/validate_prefix_list.yaml
+++ b/geant/gap_ansible/playbooks/validate_prefix_list.yaml
@@ -24,24 +24,32 @@
- name: Import standard general variables for GEANT L3 Core Services
ansible.builtin.include_vars:
- file: /opt/ansible_inventory/geant_services/{{ subscription.product.product_type }}/general.yaml
+ file: /opt/ansible_inventory/geant_services/L3CoreService/general.yaml
+
+ - name: Set the L3 subscription key
+ ansible.builtin.set_fact:
+ subscription_key: "{{ l3_services[subscription.product.product_type | upper] }}"
+
+ - name: Set the AP list var
+ ansible.builtin.set_fact:
+ ap_list: "{{ subscription[subscription_key].l3_core.ap_list }}"
- name: Import general variables for {{ partner_name | upper }}
ansible.builtin.include_vars:
file: /opt/ansible_inventory/geant_partners/{{ partner_name | upper }}/general.yaml
- - name: Import standard variables for "{{ subscription.product.product_type }}/{{ subscription.l3_core_service_type | replace(' ', '_') }}"
+ - name: Import standard variables for "L3CoreService/{{ subscription.product.product_type | replace(' ', '_') | upper }}"
ansible.builtin.include_vars:
- dir: /opt/ansible_inventory/geant_services/{{ subscription.product.product_type }}/{{ subscription.l3_core_service_type | replace(' ', '_') }}
+ dir: /opt/ansible_inventory/geant_services/L3CoreService/{{ subscription.product.product_type | replace(' ', '_') | upper }}
- name: Generate PO prefix lists
block:
- name: Include PO prefix list role
- when: subscription.l3_core_service_type in generate_po_prefix_lists
+ when: subscription.product.product_type | upper in l3_generate_po_prefix_lists
ansible.builtin.include_role:
name: po_prefix_lists
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
@@ -52,6 +60,6 @@
ansible.builtin.include_role:
name: deploy_service_config
loop:
- "{{ subscription.l3_core_service.ap_list }}"
+ "{{ ap_list }}"
loop_control:
loop_var: ap
--
GitLab
From 5a20e4e4b6ac51538266b4ba7b42ae89a8479def Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Fri, 25 Apr 2025 18:24:46 +0100
Subject: [PATCH 5/8] `bgp_config`: Update tasks and templates to match the new
GSO L3 subscription structure
---
.../gap_ansible/roles/bgp_config/tasks/merge_vars.yaml | 10 +++++-----
.../bgp_config/templates/juniper/deactivate/bgp.j2 | 4 ++--
.../roles/bgp_config/templates/nokia/deploy/bgp.j2 | 4 ++--
3 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/geant/gap_ansible/roles/bgp_config/tasks/merge_vars.yaml b/geant/gap_ansible/roles/bgp_config/tasks/merge_vars.yaml
index ead8d780..58cab6fd 100644
--- a/geant/gap_ansible/roles/bgp_config/tasks/merge_vars.yaml
+++ b/geant/gap_ansible/roles/bgp_config/tasks/merge_vars.yaml
@@ -1,16 +1,16 @@
---
-- name: Set Standard BGP import and export policy names for {{ subscription.l3_core_service_type }}
+- name: Set Standard BGP import and export policy names for {{ subscription.product.product_type | upper }}
when: >
- subscription.l3_core_service_type in l3_service_types.ies
+ subscription.product.product_type | upper in l3_service_types.ies
ansible.builtin.set_fact:
import_policies_v4: "{{ bgp.policies.import.v4 }}"
import_policies_v6: "{{ bgp.policies.import.v6 }}"
export_policies_v4: "{{ bgp.policies.export.v4 }}"
export_policies_v6: "{{ bgp.policies.export.v6 }}"
-- name: Set standard BGP import and export policy names for VPRN {{ subscription.l3_core_service_type }}
+- name: Set standard BGP import and export policy names for VPRN {{ subscription.product.product_type | upper }}
when: >
- subscription.l3_core_service_type in l3_service_types.vprn
+ subscription.product.product_type | upper in l3_service_types.vprn
and
not bgp_session_v4.has_custom_policies | ansible.builtin.bool
or
@@ -23,7 +23,7 @@
- name: Set custom BGP import and export policy names for VPRN
when: >
- subscription.l3_core_service_type in l3_service_types.vprn
+ subscription.product.product_type | upper in l3_service_types.vprn
and
bgp_session_v4.has_custom_policies | ansible.builtin.bool
or
diff --git a/geant/gap_ansible/roles/bgp_config/templates/juniper/deactivate/bgp.j2 b/geant/gap_ansible/roles/bgp_config/templates/juniper/deactivate/bgp.j2
index b0e88b28..07d4fa49 100644
--- a/geant/gap_ansible/roles/bgp_config/templates/juniper/deactivate/bgp.j2
+++ b/geant/gap_ansible/roles/bgp_config/templates/juniper/deactivate/bgp.j2
@@ -1,11 +1,11 @@
{% for neighbor in bgp_obj %}
- {% if subscription.l3_core_service_type in l3_service_types.ies %}
+ {% if subscription.product.product_type | upper in l3_service_types.ies %}
{% if neighbor.ip_type == 'ipv4' %}
deactivate protocols bgp group {{ bgp.group.ipv4_juniper }} neighbor {{ neighbor.peer_address }}
{% elif neighbor.ip_type == 'ipv6' %}
deactivate protocols bgp group {{ bgp.group.ipv6_juniper }} neighbor {{ neighbor.peer_address }}
{% endif %}
- {% elif subscription.l3_core_service_type in l3_service_types.vprn %}
+ {% elif subscription.product.product_type | upper in l3_service_types.vprn %}
{% if neighbor.ip_type == 'ipv4' %}
deactivate routing-instances {{ bgp.routing_instance_juniper }} protocols bgp group {{ bgp.group.ipv4_juniper }} neighbor {{ neighbor.peer_address }}
{% elif neighbor.ip_type == 'ipv6' %}
diff --git a/geant/gap_ansible/roles/bgp_config/templates/nokia/deploy/bgp.j2 b/geant/gap_ansible/roles/bgp_config/templates/nokia/deploy/bgp.j2
index 97d6c5cf..c09c5d02 100644
--- a/geant/gap_ansible/roles/bgp_config/templates/nokia/deploy/bgp.j2
+++ b/geant/gap_ansible/roles/bgp_config/templates/nokia/deploy/bgp.j2
@@ -1,11 +1,11 @@
- {% if subscription.l3_core_service_type in l3_service_types.ies %}
+ {% if subscription.product.product_type | upper in l3_service_types.ies %}
<router xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
<router-name>Base</router-name>
<bgp xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
{% include 'bgp_neighbor.j2' %}
</bgp>
</router>
- {% elif subscription.l3_core_service_type in l3_service_types.vprn %}
+ {% elif subscription.product.product_type | upper in l3_service_types.vprn %}
<service xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
<vprn xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
<service-name>{{ vprn_name }}</service-name>
--
GitLab
From c99370b86113fedd0e9568afe965a9309fb3ed1d Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Fri, 25 Apr 2025 18:25:29 +0100
Subject: [PATCH 6/8] `deploy_service_config`: Update tasks to match the new
GSO L3 subscription
---
.../gap_ansible/roles/deploy_service_config/tasks/main.yml | 6 ++++--
.../roles/deploy_service_config/tasks/push_config.yml | 2 +-
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/geant/gap_ansible/roles/deploy_service_config/tasks/main.yml b/geant/gap_ansible/roles/deploy_service_config/tasks/main.yml
index 88c0a37e..c7194182 100644
--- a/geant/gap_ansible/roles/deploy_service_config/tasks/main.yml
+++ b/geant/gap_ansible/roles/deploy_service_config/tasks/main.yml
@@ -6,8 +6,10 @@
# However, mixing "imports" with "includes" is not recommended.
# Another way is to "apply" the "delegate_to: localhost".
- name: Set router and vendor for the use with SBP
- when: subscription.product.product_type | upper in l3_service_types.ies
- or subscription.product.product_type | upper in l3_service_types.vprn
+ when: >
+ subscription.product.product_type | upper in l3_services.keys() | list
+ # when: subscription.product.product_type | upper in l3_service_types.ies
+ # or subscription.product.product_type | upper in l3_service_types.vprn
ansible.builtin.set_fact:
router: "{{ ap.sbp.edge_port.node }}"
vendor: "{{ ap.sbp.edge_port.node.vendor }}"
diff --git a/geant/gap_ansible/roles/deploy_service_config/tasks/push_config.yml b/geant/gap_ansible/roles/deploy_service_config/tasks/push_config.yml
index a4c61832..59c2a28b 100644
--- a/geant/gap_ansible/roles/deploy_service_config/tasks/push_config.yml
+++ b/geant/gap_ansible/roles/deploy_service_config/tasks/push_config.yml
@@ -24,7 +24,7 @@
subscription.product.product_type == 'L3CoreService'
ansible.builtin.fail:
msg: >
- The config of {{ object }} in {{ subscription.l3_core_service_type }}
+ The config of {{ object }} in {{ subscription.product.product_type | upper }}
for {{ partner_name | upper }} drifted!
- name: Fail if there is any diff - Any product
--
GitLab
From 076c9f7bdc82fcf4a64501dae3ceb3e4c4703786 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Fri, 25 Apr 2025 18:27:09 +0100
Subject: [PATCH 7/8] `policy_options`: Update tasks to match the new GSO L3
subscription
---
.../tasks/calc_nren_communities.yaml | 4 ++--
.../roles/policy_options/tasks/main.yml | 21 ++++++++++---------
.../tasks/merge_ias_vrf_standard_vars.yaml | 8 +++----
.../tasks/merge_vrf_custom_vars.yaml | 6 +++---
.../tasks/merge_vrf_standard_vars.yaml | 6 +++---
5 files changed, 23 insertions(+), 22 deletions(-)
diff --git a/geant/gap_ansible/roles/policy_options/tasks/calc_nren_communities.yaml b/geant/gap_ansible/roles/policy_options/tasks/calc_nren_communities.yaml
index f79109f3..5ab21b1c 100644
--- a/geant/gap_ansible/roles/policy_options/tasks/calc_nren_communities.yaml
+++ b/geant/gap_ansible/roles/policy_options/tasks/calc_nren_communities.yaml
@@ -1,11 +1,11 @@
---
- name: Set NREN community names
- when: not subscription.l3_core_service_type in ['LHCONE']
+ when: not subscription.product.product_type | upper in ['LHCONE']
ansible.builtin.set_fact:
nren_community_names: ["GEANT_{{ partner_name | upper }}", "GEANT_{{ partner_name | upper }}_BLOCK"]
- name: Set NREN community names
- when: subscription.l3_core_service_type in ['LHCONE']
+ when: subscription.product.product_type | upper in ['LHCONE']
ansible.builtin.set_fact:
nren_community_names: ["GEANT_{{ partner_name | upper }}", "LHCONE_{{ partner_name | upper }}_BLOCK"]
diff --git a/geant/gap_ansible/roles/policy_options/tasks/main.yml b/geant/gap_ansible/roles/policy_options/tasks/main.yml
index fcd5c618..701eac27 100644
--- a/geant/gap_ansible/roles/policy_options/tasks/main.yml
+++ b/geant/gap_ansible/roles/policy_options/tasks/main.yml
@@ -2,7 +2,7 @@
# tasks file for policy_options
- name: Set BGP V4 session object to check for custom policies
when: >
- subscription.product.product_type == "L3CoreService"
+ subscription.product.product_type | upper in l3_services.keys() | list
ansible.builtin.set_fact:
bgp_session_v4: "{{ ap.sbp | json_query(qry) }}"
vars:
@@ -10,7 +10,7 @@
- name: Set BGP V6 session object to check for custom policies
when: >
- subscription.product.product_type == "L3CoreService"
+ subscription.product.product_type | upper in l3_services.keys() | list
ansible.builtin.set_fact:
bgp_session_v6: "{{ ap.sbp | json_query(qry) }}"
vars:
@@ -18,14 +18,14 @@
- name: Calculate NREN-specific communities
when: >
- subscription.product.product_type == "L3CoreService"
+ subscription.product.product_type | upper in l3_services.keys() | list
ansible.builtin.include_tasks: calc_nren_communities.yaml
- name: Load GEANT-IP policies
when: >
- subscription.product.product_type == "L3CoreService"
+ subscription.product.product_type | upper in l3_services.keys() | list
and
- subscription.l3_core_service_type in l3_service_types.ies
+ subscription.product.product_type | upper in l3_service_types.ies
block:
- name: Load GEANT-IP standard policies if selected
when: >
@@ -43,9 +43,9 @@
- name: Load IAS VRF policies
when: >
- subscription.product.product_type == "L3CoreService"
+ subscription.product.product_type | upper in l3_services.keys() | list
and
- subscription.l3_core_service_type == "IAS"
+ subscription.product.product_type | upper == "IAS"
block:
- name: Load NREN standard VRF policies
when: >
@@ -63,11 +63,11 @@
- name: Load VRF policies
when: >
- subscription.product.product_type == "L3CoreService"
+ subscription.product.product_type | upper in l3_services.keys() | list
and
- subscription.l3_core_service_type in l3_service_types.vprn
+ subscription.product.product_type | upper in l3_service_types.vprn
and
- not subscription.l3_core_service_type == "IAS"
+ not subscription.product.product_type | upper == "IAS"
block:
- name: Load NREN standard VRF policies
when: >
@@ -83,6 +83,7 @@
bgp_session_v6.has_custom_policies | ansible.builtin.bool
ansible.builtin.include_tasks: merge_vrf_custom_vars.yaml
+# TODO: Check product_type VRF
- name: Load Standard Policy Options for creation of VRF {{ subscription.vrf.vrf_name }}
when: >
subscription.product.product_type == "VRF"
diff --git a/geant/gap_ansible/roles/policy_options/tasks/merge_ias_vrf_standard_vars.yaml b/geant/gap_ansible/roles/policy_options/tasks/merge_ias_vrf_standard_vars.yaml
index 679f6c1b..e00c0948 100644
--- a/geant/gap_ansible/roles/policy_options/tasks/merge_ias_vrf_standard_vars.yaml
+++ b/geant/gap_ansible/roles/policy_options/tasks/merge_ias_vrf_standard_vars.yaml
@@ -1,13 +1,13 @@
---
-- name: Load Standard Policy Options prefix lists for VRF {{ subscription.l3_core_service_type }}
+- name: Load Standard Policy Options prefix lists for VRF {{ subscription.product.product_type | upper }}
ansible.builtin.set_fact:
po_final_prefix_lists: "{{ lookup('community.general.merge_variables', 'STANDARD_VRF_PO_PREFIX_LISTS') }}"
- name: Set the policy name based on the partner "ias_flavour" for {{ partner_name | upper }}
ansible.builtin.set_fact:
- po_policy_name: "STANDARD_VRF_PO_POLICIES_{{ partner.ias_flavour }}"
+ po_policy_name: "STANDARD_VRF_PO_POLICIES_{{ subscription[subscription_key].ias_flavor }}"
-- name: Load Standard Policy Options policies for {{ partner.ias_flavour }}
+- name: Load Standard Policy Options policies for {{ subscription[subscription_key].ias_flavor }}
ansible.builtin.set_fact:
po_final_policies: "{{ lookup('community.general.merge_variables', po_policy_name) }}"
@@ -53,7 +53,7 @@
ansible.builtin.set_fact:
po_final_policies: "{{ [po_final_policies, po_policy_default_route_v6] | community.general.lists_mergeby('name') }}"
-- name: Load Standard Policy Options prefix lists for VRF {{ subscription.l3_core_service_type }}
+- name: Load Standard Policy Options prefix lists for VRF {{ subscription.product.product_type | upper }}
ansible.builtin.set_fact:
po_vrf_communities: "{{ lookup('community.general.merge_variables', 'STANDARD_VRF_COMMUNITIES') }}"
diff --git a/geant/gap_ansible/roles/policy_options/tasks/merge_vrf_custom_vars.yaml b/geant/gap_ansible/roles/policy_options/tasks/merge_vrf_custom_vars.yaml
index e792d228..4e6a6852 100644
--- a/geant/gap_ansible/roles/policy_options/tasks/merge_vrf_custom_vars.yaml
+++ b/geant/gap_ansible/roles/policy_options/tasks/merge_vrf_custom_vars.yaml
@@ -1,13 +1,13 @@
---
-- name: Load Standard Policy Options prefix lists for VRF {{ subscription.l3_core_service_type }}
+- name: Load Standard Policy Options prefix lists for VRF {{ subscription.product.product_type | upper }}
ansible.builtin.set_fact:
po_final_prefix_lists: "{{ lookup('community.general.merge_variables', 'STANDARD_VRF_PO_PREFIX_LISTS') }}"
-- name: Load Standard Policy Options policies for VRF {{ subscription.l3_core_service_type }}
+- name: Load Standard Policy Options policies for VRF {{ subscription.product.product_type | upper }}
ansible.builtin.set_fact:
po_final_policies: "{{ lookup('community.general.merge_variables', 'CUSTOM_VRF_PO_POLICIES') }}"
-- name: Load Standard Policy Options prefix lists for VRF {{ subscription.l3_core_service_type }}
+- name: Load Standard Policy Options prefix lists for VRF {{ subscription.product.product_type | upper }}
ansible.builtin.set_fact:
po_vrf_communities: "{{ lookup('community.general.merge_variables', 'STANDARD_VRF_COMMUNITIES') }}"
diff --git a/geant/gap_ansible/roles/policy_options/tasks/merge_vrf_standard_vars.yaml b/geant/gap_ansible/roles/policy_options/tasks/merge_vrf_standard_vars.yaml
index 08199e70..003fbb1f 100644
--- a/geant/gap_ansible/roles/policy_options/tasks/merge_vrf_standard_vars.yaml
+++ b/geant/gap_ansible/roles/policy_options/tasks/merge_vrf_standard_vars.yaml
@@ -1,13 +1,13 @@
---
-- name: Load Standard Policy Options prefix lists for VRF {{ subscription.l3_core_service_type }}
+- name: Load Standard Policy Options prefix lists for VRF {{ subscription.product.product_type | upper }}
ansible.builtin.set_fact:
po_final_prefix_lists: "{{ lookup('community.general.merge_variables', 'STANDARD_VRF_PO_PREFIX_LISTS') }}"
-- name: Load Standard Policy Options policies for VRF {{ subscription.l3_core_service_type }}
+- name: Load Standard Policy Options policies for VRF {{ subscription.product.product_type | upper }}
ansible.builtin.set_fact:
po_final_policies: "{{ lookup('community.general.merge_variables', 'STANDARD_VRF_PO_POLICIES') }}"
-- name: Load Standard Policy Options prefix lists for VRF {{ subscription.l3_core_service_type }}
+- name: Load Standard Policy Options prefix lists for VRF {{ subscription.product.product_type | upper }}
ansible.builtin.set_fact:
po_vrf_communities: "{{ lookup('community.general.merge_variables', 'STANDARD_VRF_COMMUNITIES') }}"
--
GitLab
From d7eb3bb69f863712edee7d805b0b0e0131b0bb58 Mon Sep 17 00:00:00 2001
From: Aleksandr Kurbatov <ak@geant.org>
Date: Fri, 25 Apr 2025 18:27:46 +0100
Subject: [PATCH 8/8] `sbp`: Update template to use IAS flavor parameter from
GSO
---
geant/gap_ansible/roles/sbp/templates/nokia/deploy/sbp.j2 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/geant/gap_ansible/roles/sbp/templates/nokia/deploy/sbp.j2 b/geant/gap_ansible/roles/sbp/templates/nokia/deploy/sbp.j2
index 9b650c67..5d6daeab 100644
--- a/geant/gap_ansible/roles/sbp/templates/nokia/deploy/sbp.j2
+++ b/geant/gap_ansible/roles/sbp/templates/nokia/deploy/sbp.j2
@@ -16,7 +16,7 @@
{% if subscription.product.product_type | upper in l3_service_types.ies %}
<description>SRV_GLOBAL CUSTOMER {{ partner_name }} {{ '#'+ap.custom_service_name if ap.custom_service_name is string }} ${{ ap.sbp.gs_id }} | ASN{{ partner.asn }} | </description>
{% elif subscription.product.product_type | upper == 'IAS' %}
- <description>SRV_IAS CUSTOMER {{ partner_name }} {{ '#'+ap.custom_service_name if ap.custom_service_name is string }} {{ partner.ias_flavour | regex_search('IAS(GWS)?(PS)?') }} ${{ ap.sbp.gs_id }} | ASN{{ partner.asn }} | </description>
+ <description>SRV_IAS CUSTOMER {{ partner_name }} {{ '#'+ap.custom_service_name if ap.custom_service_name is string }} {{ subscription[subscription_key].ias_flavor | regex_search('IAS(GWS)?(PS)?') }} ${{ ap.sbp.gs_id }} | ASN{{ partner.asn }} | </description>
<ingress>
<policy-accounting>GEANT_DEST_CLASS_POL_TEMPLATE_01</policy-accounting>
<destination-class-lookup>true</destination-class-lookup>
--
GitLab