From 691e3ebbc4122613472347fdb31b0a395a8807bf Mon Sep 17 00:00:00 2001 From: Astro Date: Mon, 12 Dec 2016 22:34:31 +0100 Subject: [PATCH] vlan c3d2 + 2 containers --- salt-pillar/hosts/init.sls | 5 ++++ salt-pillar/lxc-containers/server1.sls | 16 +++++++++++ salt-pillar/subnets/init.sls | 1 + salt-pillar/switches/init.sls | 29 ++++++++++---------- salt-pillar/top.sls | 4 ++- salt/server1-network.sls | 2 +- salt/switches/3com-4200G.expect | 38 ++++++++++++++++---------- salt/top.sls | 6 +++- 8 files changed, 69 insertions(+), 32 deletions(-) diff --git a/salt-pillar/hosts/init.sls b/salt-pillar/hosts/init.sls index 9fb72c7..1f21663 100644 --- a/salt-pillar/hosts/init.sls +++ b/salt-pillar/hosts/init.sls @@ -46,6 +46,8 @@ hosts-inet: upstream1: 172.20.72.6 upstream2: 172.20.72.8 anon1: 172.20.72.7 + c3d2-gw: 172.20.72.8 + c3d2-anon: 172.20.72.9 pub: pub-gw: 172.20.76.1 serv: @@ -54,3 +56,6 @@ hosts-inet: priv1-gw: 172.20.74.1 priv2: priv2-gw: 172.20.75.1 + c3d2: + c3d2-anon: 172.22.99.1 + c3d2-gw: 172.22.99.4 diff --git a/salt-pillar/lxc-containers/server1.sls b/salt-pillar/lxc-containers/server1.sls index c110797..90ec731 100644 --- a/salt-pillar/lxc-containers/server1.sls +++ b/salt-pillar/lxc-containers/server1.sls @@ -51,3 +51,19 @@ containers: interfaces: core: type: veth + + c3d2-gw: + interfaces: + core: + type: veth + gw: upstream1 + c3d2: + type: veth + + c3d2-anon: + interfaces: + core: + type: veth + gw: anon1 + c3d2: + type: veth diff --git a/salt-pillar/subnets/init.sls b/salt-pillar/subnets/init.sls index e5b1301..8a28d2f 100644 --- a/salt-pillar/subnets/init.sls +++ b/salt-pillar/subnets/init.sls @@ -4,4 +4,5 @@ subnets-inet: pub: 172.20.76.0/23 priv1: 172.20.74.0/28 priv2: 172.20.75.0/28 + c3d2: 172.22.99.0/24 mgmt: 10.0.0.0/24 diff --git a/salt-pillar/switches/init.sls b/salt-pillar/switches/init.sls index 2dc1171..c1a6fbc 100644 --- a/salt-pillar/switches/init.sls +++ b/salt-pillar/switches/init.sls @@ -47,13 +47,15 @@ switches: - GigabitEthernet 1/0/11 - GigabitEthernet 1/0/12 - GigabitEthernet 1/0/13 - ap1: + ap2: mode: trunk ports: - GigabitEthernet 1/0/14 vlans: - mgmt - pub + - c3d2 + # obsolete: - priv1 ap3: mode: trunk @@ -62,6 +64,8 @@ switches: vlans: - mgmt - pub + - c3d2 + # obsolete: - priv1 ap4: mode: trunk @@ -155,21 +159,18 @@ switches: - priv14 - priv15 - priv16 - up1: - mode: access + c3d2-flatbert: + mode: bond ports: - - GigabitEthernet 1/0/43 - priv1: - mode: access + - GigabitEthernet1/0/43 + - GigabitEthernet1/0/44 + access: c3d2 + c3d2-storage: + mode: bond ports: - - GigabitEthernet 1/0/44 - priv2: - mode: access - ports: - - GigabitEthernet 1/0/45 - - GigabitEthernet 1/0/46 - - GigabitEthernet 1/0/47 - - GigabitEthernet 1/0/48 + - GigabitEthernet1/0/45 + - GigabitEthernet1/0/46 + access: c3d2 password: | -----BEGIN PGP MESSAGE----- diff --git a/salt-pillar/top.sls b/salt-pillar/top.sls index 5c12148..04a1331 100644 --- a/salt-pillar/top.sls +++ b/salt-pillar/top.sls @@ -4,9 +4,11 @@ base: - subnets - vlans - ospf - '*-gw': + 'priv*-gw': - dhcp - ospf.gw + 'c3d2-gw or c3d2-anon': + - ospf.gw 'anon1': - vpn.anon1 - upstream.anon1 diff --git a/salt/server1-network.sls b/salt/server1-network.sls index 09d577e..b8fd9bf 100644 --- a/salt/server1-network.sls +++ b/salt/server1-network.sls @@ -37,7 +37,7 @@ bond0.{{ vlan }}: - network: bond0 {% endfor %} -{%- set bridge_nets = ['mgmt', 'core', 'serv', 'pub'] %} +{%- set bridge_nets = ['mgmt', 'core', 'serv', 'pub', 'c3d2'] %} {%- for net in bridge_nets %} {%- set vlan = pillar['vlans'][net] %} br-{{ net }}: diff --git a/salt/switches/3com-4200G.expect b/salt/switches/3com-4200G.expect index e473e68..b443897 100644 --- a/salt/switches/3com-4200G.expect +++ b/salt/switches/3com-4200G.expect @@ -58,22 +58,23 @@ expect "{{ hostname }}]" {%- if conf['mode'] == 'trunk' or conf['mode'] == 'bond' %} {%- if conf['mode'] == 'bond' %} {%- set group = group + 1 %} -{%- endif %} -{%- for port in conf['ports'] %} +{%- endif %} +{%- for port in conf['ports'] %} send "interface {{ port }}\r" expect "]" -{%- if conf['mode'] == 'bond' %} +{%- if conf['mode'] == 'bond' %} send "lacp enable\r" -{%- else %} +{%- else %} send "undo lacp enable\r" -{%- endif %} +{%- endif %} expect "]" -{%- if conf['mode'] == 'bond' %} +{%- if conf['mode'] == 'bond' %} send "port link-aggregation group {{ group }}\r" -{%- else %} +{%- else %} send "undo port link-aggregation group\r" -{%- endif %} +{%- endif %} expect "]" +{%- if conf.get('vlans') %} send "port link-type trunk\r" expect "]" # Set dummy default vlan @@ -82,16 +83,22 @@ expect "]" # Deconfigure all but mgmt vlan send "undo port trunk permit vlan 2 to 4094\r" expect "]" -{%- for vlan_name in conf['vlans'] %} +{%- for vlan_name in conf['vlans'] %} send "port trunk permit vlan {{ pillar['vlans'][vlan_name] }}\r" expect "]" -{%- endfor %} +{%- endfor %} +{%- else %} +send "port link-type access\r" +expect "]" +send "port access vlan {{ pillar['vlans'][conf['access']] }}\r" +expect "]" +{%- endif %} send "quit\r" expect "{{ hostname }}]" -{%- endfor %} +{%- endfor %} -{%- elif conf['mode'] == 'access' %} -{%- for port in conf['ports'] %} +{%- elif conf['mode'] == 'access' %} +{%- for port in conf['ports'] %} send "interface {{ port }}\r" expect "]" send "undo port link-aggregation group\r" @@ -99,11 +106,12 @@ expect "]" send "port link-type access\r" expect "]" send "port access vlan {{ pillar['vlans'][name] }}\r" +expect "]" send "quit\r" expect "{{ hostname }}]" -{%- endfor %} +{%- endfor %} -{%- endif %} +{%- endif %} {%- endfor %} send "save main\r" diff --git a/salt/top.sls b/salt/top.sls index 8f1a901..ffaf307 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -6,11 +6,15 @@ base: - ospf - switches - cpe - '*-gw': + 'priv*-gw': - no-ssh - forwarding - ospf - dhcp + 'c3d2-gw or c3d2-anon': + - no-ssh + - forwarding + - ospf 'upstream*': - no-ssh - forwarding