6c94ac8515
See https://github.com/ansible/ansible/issues/73654 Change-Id: I06ab9cee6539762d7ba3e25e07b5661a8fa485f3
108 lines
3.5 KiB
YAML
108 lines
3.5 KiB
YAML
---
|
|
# Copyright 2016, Logan Vig <logan2211@gmail.com>
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# Based on the default Calico BIRD template at
|
|
# https://github.com/projectcalico/felix/blob/master/etc/bird/calico-bird.conf.template
|
|
|
|
# BGP peer configuration for Calico by default will attempt to configure peering
|
|
# sessions with the host's default gateway over IPv4/IPv6. This is just one
|
|
# example of the various BGP peering configurations that could be used here
|
|
# and should be customized further to match the deployer's upstream BGP
|
|
# configuration. Calico has documented some example BGP topologies at:
|
|
# http://docs.projectcalico.org/master/reference/private-cloud/l2-interconnect-fabric
|
|
# http://docs.projectcalico.org/master/reference/private-cloud/l3-interconnect-fabric
|
|
|
|
# Set to your iBGP ASN
|
|
bird_bgp_asn: 65000
|
|
|
|
bird_bgp_ipv4_peer_ip: "{{ ansible_facts['default_ipv4']['gateway'] }}"
|
|
#calculate the first address in the subnet since the IPv6 "gateway" may be a
|
|
#link local address that we cannot peer to.
|
|
bird_bgp_ipv6_peer_ip: >-
|
|
{% if ansible_facts['default_ipv6']['address'] is defined
|
|
and ansible_facts['default_ipv6']['prefix'] is defined %}
|
|
{{
|
|
((ansible_facts['default_ipv6']['address'] ~ '/' ~ ansible_facts['default_ipv6']['prefix']) |
|
|
ipaddr('network') ~ '/' ~ ansible_facts['default_ipv6']['prefix']
|
|
) | ipaddr('net') | ipaddr(1) | ipaddr('address')
|
|
}}
|
|
{% endif %}
|
|
|
|
bird_ipv4_protocols:
|
|
kernel: |
|
|
learn;
|
|
persist;
|
|
scan time 2;
|
|
graceful restart;
|
|
device: |
|
|
scan time 2;
|
|
direct: |
|
|
interface "-dummy0", "dummy1", "eth*", "em*", "en*";
|
|
bgp:
|
|
UPLINK: |
|
|
description "Connection to BGP route reflector";
|
|
local as {{ bird_bgp_asn }};
|
|
neighbor {{ bird_bgp_ipv4_peer_ip }} as {{ bird_bgp_asn }};
|
|
hold time 15;
|
|
graceful restart;
|
|
check link;
|
|
direct;
|
|
gateway direct;
|
|
export filter export_bgp;
|
|
next hop self;
|
|
|
|
bird_ipv6_protocols:
|
|
kernel: |
|
|
learn;
|
|
persist;
|
|
scan time 2;
|
|
graceful restart;
|
|
device: |
|
|
scan time 2;
|
|
direct: |
|
|
interface "-dummy0", "dummy1", "eth*", "em*", "en*";
|
|
bgp:
|
|
UPLINK: |
|
|
description "Connection to BGP route reflector";
|
|
local as {{ bird_bgp_asn }};
|
|
neighbor {{ bird_bgp_ipv6_peer_ip }} as {{ bird_bgp_asn }};
|
|
hold time 15;
|
|
graceful restart;
|
|
check link;
|
|
direct;
|
|
gateway direct;
|
|
export filter export_bgp;
|
|
next hop self;
|
|
|
|
#configure bird to advertise subnets bound to these interface wildcards
|
|
bird_advertise_interfaces:
|
|
- 'tap*'
|
|
- 'cali*'
|
|
- 'dummy1'
|
|
|
|
bird_ipv4_filters:
|
|
export_bgp: |
|
|
if ( {% for i in bird_advertise_interfaces %}(ifname ~ "{{ i }}"){% if not loop.last %} || {% endif %}{% endfor %} ) then {
|
|
if net != 0.0.0.0/0 then accept;
|
|
}
|
|
reject;
|
|
|
|
bird_ipv6_filters:
|
|
export_bgp: |
|
|
if ( {% for i in bird_advertise_interfaces %}(ifname ~ "{{ i }}"){% if not loop.last %} || {% endif %}{% endfor %} ) then {
|
|
if net != ::/0 then accept;
|
|
}
|
|
reject;
|