metal-stack · robertvolkmann · Jul 7, 2022 · Jul 13, 2022 · Aug 3, 2022 · Oct 26, 2022
@@ -7,20 +7,27 @@
     - name: metal-roles/partition/roles/docker-on-cumulus
       tags: docker-on-cumulus
 
-- name: deploy dhcp server and pixiecore
-  hosts: leaf01
+- name: configure mgmt server
+  hosts: mgmt
   vars:
     setup_yaml:
       - url: https://raw.githubusercontent.com/metal-stack/releases/{{ metal_stack_release_version }}/release.yaml
         meta_var: metal_stack_release
   roles:
+    - name: mgmt
+      tags: mgmt
     - name: ansible-common
-      tags: always
-    - name: metal-roles/partition/roles/dhcp
-      tags: dhcp
+      tags: pixiecore
     - name: metal-roles/partition/roles/pixiecore
       tags: pixiecore
 
+- name: deploy dhcp relay
+  hosts: leaf01
+  vars:
+  roles:
+    - name: metal-roles/partition/roles/dhcp-relay
+      tags: dhcp
+
 - name: deploy metal-core
   hosts: leaves
   vars:

@@ -6,6 +6,16 @@ partition:
   hosts:
     localhost:
       ansible_python_interpreter: "{{ ansible_playbook_python }}"
+    mgmt:
+      dhcp_server_ip: "{{ hostvars['mgmt']['ansible_host'] }}"
+      dhcp_net: 10.0.1.0
+      dhcp_netmask: 255.255.255.0
+      dhcp_range_min: 10.0.1.2
+      dhcp_range_max: 10.0.1.255
+      pixie_server_ip: "{{ hostvars['mgmt']['ansible_host'] }}"
+
+      ansible_user: root
+      ansible_ssh_private_key_file: "{{ playbook_dir }}/files/ssh/id_rsa"
   children:
     leaves:
 
@@ -16,10 +26,7 @@ leaves:
       asn: 4200000011
       metal_core_cidr: 10.0.1.1/24
 
-      dhcp_net: 10.0.1.0
-      dhcp_netmask: 255.255.255.0
-      dhcp_range_min: 10.0.1.2
-      dhcp_range_max: 10.0.1.255
+      dhcp_relay_server: "{{ hostvars['mgmt']['ansible_host'] }}"
     leaf02:
       lo: 10.0.0.12
       asn: 4200000012
@@ -30,8 +37,6 @@ leaves:
     interfaces:
     - name: swp1
     uplinks: []
-    pixie_server_ip: 10.0.1.1
-    dhcp_server_ip: 10.0.1.1
 
     ansible_python_interpreter: /usr/bin/python
     ansible_user: root

@@ -12,24 +12,41 @@ topology:
       sandbox: grigoriymikh/sandbox:latest
       binds:
         - files/ssh/id_rsa.pub:/root/.ssh/authorized_keys
-    linux:
-      image: ${MINI_LAB_VM_IMAGE}
 
   nodes:
     leaf01:
       kind: cvx
     leaf02:
       kind: cvx
+    mgmt:
+      kind: linux
+      image: weaveworks/ignite-ubuntu:20.04
+      kernel: weaveworks/ignite-kernel:5.4.157
+      sandbox: grigoriymikh/sandbox:latest
+      runtime: ignite
+      binds:
+        - files/ssh/id_rsa.pub:/root/.ssh/authorized_keys
     vms:
       kind: linux
+      image: ${MINI_LAB_VM_IMAGE}
       binds:
         - /dev:/dev
         - scripts:/mini-lab
+    test:
+      kind: linux
+      image: ignite-ubuntu:22.04
+      kernel: robertvolkmann/ignite-kernel:5.10.77
+      sandbox: grigoriymikh/sandbox:latest
+      runtime: ignite
+      binds:
+        - files/ssh/id_rsa.pub:/root/.ssh/authorized_keys
 
   links:
     - endpoints: ["leaf01:swp1", "vms:lan0"]
     - endpoints: ["leaf02:swp1", "vms:lan1"]
     - endpoints: ["leaf01:swp2", "vms:lan2"]
     - endpoints: ["leaf02:swp2", "vms:lan3"]
-    - endpoints: ["leaf01:swp3", "vms:lan4"]
-    - endpoints: ["leaf02:swp3", "vms:lan5"]
+    - endpoints: ["leaf01:swp3", "test:eth1"]
+    - endpoints: ["leaf02:swp3", "test:eth2"]
+    - endpoints: ["mgmt:eth1", "test:eth3"]
+
@@ -0,0 +1,10 @@
+---
+dhcp_net:
+dhcp_netmask:
+dhcp_range_min:
+dhcp_range_max:
+dhcp_server_ip:
+
+dhcp_dns_servers:
+- 1.1.1.1
+- 8.8.8.8
@@ -0,0 +1,6 @@
+---
+- name: dhcpd restart
+  service:
+    name: isc-dhcp-server
+    enabled: true
+    state: restarted
@@ -0,0 +1,34 @@
+---
+- name: Check mandatory variables for this role are set
+  assert:
+    fail_msg: "not all mandatory variables given, check role documentation"
+    quiet: yes
+    that:
+      - dhcp_net is defined
+      - dhcp_netmask is not none
+      - dhcp_server_ip is not none
+      - dhcp_range_min is not none
+      - dhcp_range_max is not none
+
+- name: Ensure isc-dhcp-server is installed
+  apt:
+    name: isc-dhcp-server
+    update_cache: yes
+
+- name: render dhcpd conf
+  template:
+    src: dhcpd.conf.j2
+    dest: /etc/dhcp/dhcpd.conf
+  notify: dhcpd restart
+
+- name: render isc config for
+  template:
+    src: isc-dhcp-server.j2
+    dest: /etc/default/isc-dhcp-server
+  notify: dhcpd restart
+
+- name: dhcpd enabled
+  service:
+    name: isc-dhcp-server
+    enabled: true
+    state: started
@@ -0,0 +1,30 @@
+---
+- name: ensure dependencies are installed
+  apt:
+    update_cache: yes
+    name:
+      - apt-transport-https
+      - ca-certificates
+      - curl
+      - gnupg2
+
+- name: setup key for docker
+  apt_key:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
+
+- name: add docker engine repo for debian jessie
+  apt_repository:
+    repo: 'deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable'
+    update_cache: yes
+
+- name: install docker
+  apt:
+    name: docker-ce
+
+- name: enable and start docker.service
+  systemd:
+    name: docker
+    daemon_reload: yes
+    enabled: true
+    state: started
@@ -0,0 +1,11 @@
+---
+- name: Set hostname `mgmt`
+  ansible.builtin.hostname:
+    name: mgmt
+
+- name: Setup dhcpd
+  import_tasks: dhcpd.yaml
+
+- name: Setup docker
+  import_tasks: docker.yaml
+
@@ -0,0 +1,18 @@
+default-lease-time 600;
+max-lease-time 600;
+
+log-facility local7;
+
+shared-network pool {
+  subnet {{ dhcp_net }} netmask {{ dhcp_netmask }} {
+    range {{ dhcp_range_min }} {{ dhcp_range_max }};
+    # Provide routers to set up default gateway for clients.
+    option routers {{ dhcp_server_ip }};
+    # In case of Vagrant DNS must not be resolved via mgmt servers.
+    # This is because the setup to provide e.g. metal images via mgmt servers exceeds resources in Vagrant case.
+    option domain-name-servers {{ dhcp_dns_servers | join(', ') }};
+  }
+
+  subnet 172.17.0.0 netmask 255.255.255.0 {
+  }
+}
@@ -0,0 +1,17 @@
+# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
+
+# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
+#DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
+#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf
+
+# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
+#DHCPDv4_PID=/var/run/dhcpd.pid
+#DHCPDv6_PID=/var/run/dhcpd6.pid
+
+# Additional options to start dhcpd with.
+#	Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
+#OPTIONS=""
+
+# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
+#	Separate multiple interfaces with spaces, e.g. "eth0 eth1".
+INTERFACESv4="eth0"
@@ -26,7 +26,7 @@ while [ "$MYINT" -lt "$INTFS" ]; do
 done
 
 # creating macvtap interfaces for the qemu vms
-for i in $(seq 0 5); do
+for i in $(seq 0 3); do
   ip link add link lan${i} name macvtap${i} type macvtap mode passthru
   ip link set macvtap${i} up
   ip link set macvtap${i} promisc on