From 872652ed41d76601768f7ced81283edfba9fef96 Mon Sep 17 00:00:00 2001
From: Robert Volkmann <20912167+robertvolkmann@users.noreply.github.com>
Date: Fri, 19 Jul 2024 08:09:10 +0200
Subject: [PATCH] Fix Cumulus (#180)

---
 .github/workflows/integration.yaml    |  1 +
 roles/cumulus/handlers/main.yaml      | 25 +++++++++++++
 roles/cumulus/tasks/router.yaml       | 21 +++++++++++
 roles/cumulus/templates/frr.conf.j2   | 41 +++++++++++++++++++++
 roles/cumulus/templates/interfaces.j2 | 51 +++++++++++++++++++++++++++
 5 files changed, 139 insertions(+)
 create mode 100644 roles/cumulus/templates/frr.conf.j2
 create mode 100644 roles/cumulus/templates/interfaces.j2

diff --git a/.github/workflows/integration.yaml b/.github/workflows/integration.yaml
index b53a5201..2f77350c 100644
--- a/.github/workflows/integration.yaml
+++ b/.github/workflows/integration.yaml
@@ -78,6 +78,7 @@ jobs:
         ./test/ci-cleanup.sh
         ./test/integration.sh
       env:
+        MINI_LAB_FLAVOR: ${{ matrix.flavors.name }}
         DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
         DOCKER_HUB_TOKEN: ${{ secrets.DOCKER_HUB_TOKEN }}
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/roles/cumulus/handlers/main.yaml b/roles/cumulus/handlers/main.yaml
index b355d495..7732c61d 100644
--- a/roles/cumulus/handlers/main.yaml
+++ b/roles/cumulus/handlers/main.yaml
@@ -25,6 +25,25 @@
     enabled: true
     state: restarted
 
+- name: reload interfaces
+  shell: sleep 3; ifreload -a
+  async: 1
+  poll: 0
+  notify: wait for new connection
+
+- name: wait for new connection
+  wait_for_connection:
+    connect_timeout: 20
+    sleep: 5
+    delay: 5
+    timeout: 300
+
+- name: reload frr
+  service:
+    name: frr
+    enabled: true
+    state: reloaded
+
 - name: restart frr
   service:
     name: frr
@@ -36,3 +55,9 @@
     name: lldpd
     enabled: true
     state: restarted
+
+- name: restart ntp@mgmt
+  service:
+    name: ntp@mgmt
+    enabled: true
+    state: restarted
diff --git a/roles/cumulus/tasks/router.yaml b/roles/cumulus/tasks/router.yaml
index 7e1c4325..4593660b 100644
--- a/roles/cumulus/tasks/router.yaml
+++ b/roles/cumulus/tasks/router.yaml
@@ -36,6 +36,17 @@
     state: restarted
   when: ("macaddress" not in lldpd_subtype_check.stdout)
 
+- name: populate service facts
+  service_facts:
+
+- name: render interfaces configuration
+  template:
+    src: interfaces.j2
+    dest: /etc/network/interfaces
+    validate: '/sbin/ifup --syntax-check --all --interfaces %s'
+  notify: reload interfaces
+  when: "ansible_facts.services['metal-core.service'] is not defined"
+
 - name: render resolv.conf
   template:
     src: resolv.conf.j2
@@ -48,6 +59,16 @@
     dest: /etc/frr/daemons
   notify: restart frr
 
+- name: render frr configuration
+  template:
+    src: frr.conf.j2
+    dest: /etc/frr/frr.conf
+    validate: '/usr/bin/vtysh --dryrun --inputfile %s'
+  tags: frr
+  register: frr_rendered
+  notify: reload frr
+  when: "ansible_facts.services['metal-core.service'] is not defined"
+
 - name: set hostname
   nclu:
     commands:
diff --git a/roles/cumulus/templates/frr.conf.j2 b/roles/cumulus/templates/frr.conf.j2
new file mode 100644
index 00000000..384314af
--- /dev/null
+++ b/roles/cumulus/templates/frr.conf.j2
@@ -0,0 +1,41 @@
+#jinja2: lstrip_blocks: "True", trim_blocks: "True"
+frr version 4.0+cl3u9
+frr defaults datacenter
+hostname {{ ansible_hostname }}
+username cumulus nopassword
+!
+service integrated-vtysh-config
+!
+log syslog informational
+!
+vrf mgmt
+ ip route 10.0.1.0/24 {{ ansible_host }} nexthop-vrf default
+ exit-vrf
+!
+router bgp {{ asn }}
+ bgp router-id {{ lo }}
+ neighbor FABRIC peer-group
+ neighbor FABRIC remote-as external
+ {% for iface in uplinks %}
+ neighbor {{ iface.name }} interface peer-group FABRIC
+ {% endfor %}
+ !
+ address-family ipv4 unicast
+  neighbor FABRIC activate
+  redistribute connected route-map LOOPBACKS
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor FABRIC activate
+  advertise-all-vni
+ exit-address-family
+!
+route-map LOOPBACKS permit 10
+  match interface lo
+!
+{% if metal_partition_mgmt_gateway %}
+ip route 0.0.0.0/0 {{ metal_partition_mgmt_gateway }} nexthop-vrf mgmt
+!
+{% endif %}
+line vty
+!
diff --git a/roles/cumulus/templates/interfaces.j2 b/roles/cumulus/templates/interfaces.j2
new file mode 100644
index 00000000..057f943e
--- /dev/null
+++ b/roles/cumulus/templates/interfaces.j2
@@ -0,0 +1,51 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*.intf
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+    address {{ lo }}/32
+
+# The primary network interface
+auto eth0
+iface eth0
+    address {{ ansible_host }}/24
+    gateway {{ metal_partition_mgmt_gateway }}
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+    address 127.0.0.1/8
+    vrf-table auto
+
+{% for iface in uplinks %}
+auto {{ iface.name }}
+iface {{ iface.name }}
+    mtu {{ mtu.vxlan }}
+
+{% endfor %}
+
+auto bridge
+iface bridge
+    bridge-ports vni104000
+    bridge-vids 4000
+    bridge-vlan-aware yes
+
+auto vlan4000
+iface vlan4000
+    mtu {{ mtu.default }}
+    address {{ metal_core_cidr }}
+    vlan-id 4000
+    vlan-raw-device bridge
+
+auto vni104000
+iface vni104000
+    mtu {{ mtu.default }}
+    bridge-access 4000
+    bridge-learning off
+    mstpctl-bpduguard yes
+    mstpctl-portbpdufilter yes
+    vxlan-id 104000
+    vxlan-local-tunnelip {{ lo }}