vlan c3d2 + 2 containers

2016-12-12 22:34:31 +01:00 · 2016-12-12 22:34:31 +01:00 · 691e3ebbc4
parent 3a6445c070
commit 691e3ebbc4
8 changed files with 69 additions and 32 deletions
--- a/salt-pillar/hosts/init.sls
+++ b/salt-pillar/hosts/init.sls
@ -46,6 +46,8 @@ hosts-inet:
    upstream1: 172.20.72.6
    upstream2: 172.20.72.8
    anon1: 172.20.72.7
+    c3d2-gw: 172.20.72.8
+    c3d2-anon: 172.20.72.9
  pub:
    pub-gw: 172.20.76.1
  serv:
@ -54,3 +56,6 @@ hosts-inet:
    priv1-gw: 172.20.74.1
  priv2:
    priv2-gw: 172.20.75.1
+  c3d2:
+    c3d2-anon: 172.22.99.1
+    c3d2-gw: 172.22.99.4
--- a/salt-pillar/lxc-containers/server1.sls
+++ b/salt-pillar/lxc-containers/server1.sls
@ -51,3 +51,19 @@ containers:
    interfaces:
      core:
        type: veth
+
+  c3d2-gw:
+    interfaces:
+      core:
+        type: veth
+        gw: upstream1
+      c3d2:
+        type: veth
+
+  c3d2-anon:
+    interfaces:
+      core:
+        type: veth
+        gw: anon1
+      c3d2:
+        type: veth
--- a/salt-pillar/subnets/init.sls
+++ b/salt-pillar/subnets/init.sls
@ -4,4 +4,5 @@ subnets-inet:
  pub: 172.20.76.0/23
  priv1: 172.20.74.0/28
  priv2: 172.20.75.0/28
+  c3d2: 172.22.99.0/24
  mgmt: 10.0.0.0/24
--- a/salt-pillar/switches/init.sls
+++ b/salt-pillar/switches/init.sls
@ -47,13 +47,15 @@ switches:
          - GigabitEthernet 1/0/11
          - GigabitEthernet 1/0/12
          - GigabitEthernet 1/0/13
-      ap1:
+      ap2:
        mode: trunk
        ports:
          - GigabitEthernet 1/0/14
        vlans:
          - mgmt
          - pub
+          - c3d2
+          # obsolete:
          - priv1
      ap3:
        mode: trunk
@ -62,6 +64,8 @@ switches:
        vlans:
          - mgmt
          - pub
+          - c3d2
+          # obsolete:
          - priv1
      ap4:
        mode: trunk
@ -155,21 +159,18 @@ switches:
          - priv14
          - priv15
          - priv16
-      up1:
-        mode: access
+      c3d2-flatbert:
+        mode: bond
        ports:
-          - GigabitEthernet 1/0/43
-      priv1:
-        mode: access
+          - GigabitEthernet1/0/43
+          - GigabitEthernet1/0/44
+        access: c3d2
+      c3d2-storage:
+        mode: bond
        ports:
-          - GigabitEthernet 1/0/44
-      priv2:
-        mode: access
-        ports:
-          - GigabitEthernet 1/0/45
-          - GigabitEthernet 1/0/46
-          - GigabitEthernet 1/0/47
-          - GigabitEthernet 1/0/48
+          - GigabitEthernet1/0/45
+          - GigabitEthernet1/0/46
+        access: c3d2
    password: |
      -----BEGIN PGP MESSAGE-----

--- a/salt-pillar/top.sls
+++ b/salt-pillar/top.sls
@ -4,9 +4,11 @@ base:
    - subnets
    - vlans
    - ospf
-  '*-gw':
+  'priv*-gw':
    - dhcp
    - ospf.gw
+  'c3d2-gw or c3d2-anon':
+    - ospf.gw
  'anon1':
    - vpn.anon1
    - upstream.anon1
--- a/salt/server1-network.sls
+++ b/salt/server1-network.sls
@ -37,7 +37,7 @@ bond0.{{ vlan }}:
        - network: bond0
 {% endfor %}

-{%- set bridge_nets = ['mgmt', 'core', 'serv', 'pub'] %}
+{%- set bridge_nets = ['mgmt', 'core', 'serv', 'pub', 'c3d2'] %}
 {%- for net in bridge_nets %}
 {%- set vlan = pillar['vlans'][net] %}
 br-{{ net }}:
--- a/salt/switches/3com-4200G.expect
+++ b/salt/switches/3com-4200G.expect
@ -58,22 +58,23 @@ expect "{{ hostname }}]"
 {%-   if conf['mode'] == 'trunk' or conf['mode'] == 'bond' %}
 {%-     if conf['mode'] == 'bond' %}
 {%-       set group = group + 1 %}
-{%-   endif %}
-{%-   for port in conf['ports'] %}
+{%-     endif %}
+{%-     for port in conf['ports'] %}
 send "interface {{ port }}\r"
 expect "]"
-{%-     if conf['mode'] == 'bond' %}
+{%-       if conf['mode'] == 'bond' %}
 send "lacp enable\r"
-{%-     else %}
+{%-       else %}
 send "undo lacp enable\r"
-{%-     endif %}
+{%-       endif %}
 expect "]"
-{%-     if conf['mode'] == 'bond' %}
+{%-       if conf['mode'] == 'bond' %}
 send "port link-aggregation group {{ group }}\r"
-{%-     else %}
+{%-       else %}
 send "undo port link-aggregation group\r"
-{%-     endif %}
+{%-       endif %}
 expect "]"
+{%-       if conf.get('vlans') %}
 send "port link-type trunk\r"
 expect "]"
 # Set dummy default vlan
@ -82,16 +83,22 @@ expect "]"
 # Deconfigure all but mgmt vlan
 send "undo port trunk permit vlan 2 to 4094\r"
 expect "]"
-{%- for vlan_name in conf['vlans'] %}
+{%-         for vlan_name in conf['vlans'] %}
 send "port trunk permit vlan {{ pillar['vlans'][vlan_name] }}\r"
 expect "]"
-{%- endfor %}
+{%-         endfor %}
+{%-       else %}
+send "port link-type access\r"
+expect "]"
+send "port access vlan {{ pillar['vlans'][conf['access']] }}\r"
+expect "]"
+{%-       endif %}
 send "quit\r"
 expect "{{ hostname }}]"
-{%- endfor %}
+{%-     endfor %}

-{%- elif conf['mode'] == 'access' %}
-{%- for port in conf['ports'] %}
+{%-   elif conf['mode'] == 'access' %}
+{%-     for port in conf['ports'] %}
 send "interface {{ port }}\r"
 expect "]"
 send "undo port link-aggregation group\r"
@ -99,11 +106,12 @@ expect "]"
 send "port link-type access\r"
 expect "]"
 send "port access vlan {{ pillar['vlans'][name] }}\r"
+expect "]"
 send "quit\r"
 expect "{{ hostname }}]"
-{%- endfor %}
+{%-     endfor %}

-{%- endif %}
+{%-   endif %}
 {%- endfor %}

 send "save main\r"
--- a/salt/top.sls
+++ b/salt/top.sls
@ -6,11 +6,15 @@ base:
    - ospf
    - switches
    - cpe
-  '*-gw':
+  'priv*-gw':
    - no-ssh
    - forwarding
    - ospf
    - dhcp
+  'c3d2-gw or c3d2-anon':
+    - no-ssh
+    - forwarding
+    - ospf
  'upstream*':
    - no-ssh
    - forwarding