summaryrefslogtreecommitdiffstats
path: root/tutorials/vFWDT
diff options
context:
space:
mode:
authorMichal Chabiera <michal.chabiera@orange.com>2019-06-10 10:38:36 +0000
committerLukasz Rajewski <lukasz.rajewski@orange.com>2019-06-14 11:22:25 +0000
commitcff9de6631e36a00fd1b802a425892cde5ead619 (patch)
tree78dc5f22234e0bfd6b916e48fb0a755217743e6d /tutorials/vFWDT
parent00f1dfc2d16bbe2f69d1a8d95f027ec77a385069 (diff)
DistributeTraffic playbook for vFWDT
Signed-off-by: Michal Chabiera <michal.chabiera@orange.com> Issue-ID: INT-751 Change-Id: I6a7f449b1f62565673bec18eb732000566efe648 (cherry picked from commit 73a66a348f321af37480991f11999794803f91ea)
Diffstat (limited to 'tutorials/vFWDT')
-rw-r--r--tutorials/vFWDT/playbooks/vpgn/latest/ansible/distributetraffic/site.yml217
1 files changed, 217 insertions, 0 deletions
diff --git a/tutorials/vFWDT/playbooks/vpgn/latest/ansible/distributetraffic/site.yml b/tutorials/vFWDT/playbooks/vpgn/latest/ansible/distributetraffic/site.yml
index e69de29b..14de1646 100644
--- a/tutorials/vFWDT/playbooks/vpgn/latest/ansible/distributetraffic/site.yml
+++ b/tutorials/vFWDT/playbooks/vpgn/latest/ansible/distributetraffic/site.yml
@@ -0,0 +1,217 @@
+---
+- hosts: vpgn
+ gather_facts: no
+ remote_user: ubuntu
+ tasks:
+ - include_vars: "{{ ConfigFileName }}"
+ register: json
+ - name: Install grepcidr library
+ shell: apt-get install grepcidr
+ become: true
+ - name: Read protected net CIDR
+ shell: cat /opt/config/protected_net_cidr.txt
+ register: protectedCidr
+ become: true
+ - name: Read unprotected net CIDR
+ shell: cat /opt/config/unprotected_private_net_cidr.txt
+ register: unprotectedCidr
+ become: true
+ - name: Read PKG IP
+ shell: cat /opt/config/vpg_private_ip_0.txt
+ register: pkgIp
+ become: true
+ - name: Read OLD FW IP
+ shell: cat /opt/config/fw_ipaddr.txt
+ register: oldFwIp
+ become: true
+ - name: Read OLD SINK IP
+ shell: cat /opt/config/sink_ipaddr.txt
+ register: oldSinkIp
+ become: true
+ - name: Get all Interfaces
+ set_fact:
+ interfaces: "{{destinations[0].vservers | map(attribute='l-interfaces') | list}}"
+ - name: print all Interfaces
+ debug: var=interfaces
+ - name: Interfaces vserver 1
+ set_fact:
+ vserver1_interfaces: "{{destinations[0].vservers[0]['l-interfaces'] | list}}"
+ - name: Interfaces vserver 2
+ set_fact:
+ vserver2_interfaces: "{{destinations[0].vservers[1]['l-interfaces'] | list}}"
+ - block:
+ - name: length interfaces vserver1
+ set_fact:
+ length1: "{{ vserver1_interfaces |length }}"
+ - name: length interfaces vserver2
+ set_fact:
+ length2: "{{ vserver2_interfaces |length }}"
+ - block:
+ - name: adress 1 vserver
+ set_fact:
+ sink_addresses:
+ - "{{destinations[0].vservers[0]['l-interfaces'][0]['ipv4-addresses'][0]}}"
+ - "{{destinations[0].vservers[0]['l-interfaces'][1]['ipv4-addresses'][0]}}"
+ - "{{destinations[0].vservers[0]['l-interfaces'][2]['ipv4-addresses'][0]}}"
+ - name: adress 2 vserver
+ set_fact:
+ fw_addresses:
+ - "{{destinations[0].vservers[1]['l-interfaces'][0]['ipv4-addresses'][0]}}"
+ - "{{destinations[0].vservers[1]['l-interfaces'][1]['ipv4-addresses'][0]}}"
+ - "{{destinations[0].vservers[1]['l-interfaces'][2]['ipv4-addresses'][0]}}"
+ - "{{destinations[0].vservers[1]['l-interfaces'][3]['ipv4-addresses'][0]}}"
+ when:
+ - length1 == "3"
+ - length2 == "4"
+ - block:
+ - name: adress 1 vserver
+ set_fact:
+ fw_addresses:
+ - "{{destinations[0].vservers[0]['l-interfaces'][0]['ipv4-addresses'][0]}}"
+ - "{{destinations[0].vservers[0]['l-interfaces'][1]['ipv4-addresses'][0]}}"
+ - "{{destinations[0].vservers[0]['l-interfaces'][2]['ipv4-addresses'][0]}}"
+ - "{{destinations[0].vservers[0]['l-interfaces'][3]['ipv4-addresses'][0]}}"
+ - name: adress 2 vserver
+ set_fact:
+ sink_addresses:
+ - "{{destinations[0].vservers[1]['l-interfaces'][0]['ipv4-addresses'][0]}}"
+ - "{{destinations[0].vservers[1]['l-interfaces'][1]['ipv4-addresses'][0]}}"
+ - "{{destinations[0].vservers[1]['l-interfaces'][2]['ipv4-addresses'][0]}}"
+ when:
+ - length1 == "4"
+ - length2 == "3"
+ - block:
+ - name: Create file to store fw-addresses
+ shell: touch /home/fw.txt
+ become: true
+ - name: Create file to store sink-addresses
+ shell: touch /home/sink.txt
+ become: true
+ - name: Save sink-addresses to file
+ lineinfile:
+ path: /home/sink.txt
+ line: "{{item}}"
+ with_items:
+ - "{{sink_addresses[0]}}"
+ - "{{sink_addresses[1]}}"
+ - "{{sink_addresses[2]}}"
+ become: true
+ - name: Save fw-addresses to file
+ lineinfile:
+ path: /home/fw.txt
+ line: "{{item}}"
+ with_items:
+ - "{{fw_addresses[0]}}"
+ - "{{fw_addresses[1]}}"
+ - "{{fw_addresses[2]}}"
+ - "{{fw_addresses[3]}}"
+ become: true
+ - name: Filter SINK IPs
+ shell: grepcidr {{protectedCidr.stdout}} /home/sink.txt
+ register: sinkIp
+ become: true
+ - debug: var=sinkIp.stdout
+ - name: Filter FW IPs
+ shell: grepcidr {{unprotectedCidr.stdout}} /home/fw.txt
+ register: fwIp
+ become: true
+ - debug: var=fwIp.stdout
+ - name: Delete created files
+ shell: rm -f /home/sink.txt /home/fw.txt
+ become: true
+ - debug: var=fwIp
+ - debug: var=sinkIp
+ - block:
+ - name: get new FW IP
+ set_fact:
+ fwIp: "{{fwIp.stdout}}"
+ - name: get new SINK IP
+ set_fact:
+ sinkIp: "{{sinkIp.stdout}}"
+ - debug: var=pkgIp.stdout
+ - debug: var=oldFwIp.stdout
+ - debug: var=oldSinkIp.stdout
+ - debug: var=protectedCidr.stdout
+ - debug: var=unprotectedCidr.stdout
+ - debug: var=sinkIp
+ - debug: var=fwIp
+ - debug:
+ msg: "FW IP has not been changed"
+ when: oldFwIp.stdout == fwIp
+ - block:
+ - name: Remove OLD FW IP route
+ shell: vppctl ip route del {{ protectedCidr.stdout }} via {{ oldFwIp.stdout }}
+ - name: Add NEW FW IP route
+ shell: vppctl ip route add {{ protectedCidr.stdout }} via {{ fwIp }}
+ - name: Save NEW FW IP address
+ shell: echo {{ fwIp }} > /opt/config/fw_ipaddr.txt
+ - debug:
+ msg: "FW IP has been changed"
+ become: true
+ when: oldFwIp.stdout != fwIp
+ - debug:
+ msg: "SINK IP has not been changed"
+ when: oldSinkIp.stdout == sinkIp
+ - block:
+ - block:
+ - name: Modify packet stream files
+ debug:
+ msg: "Modify packet stream files"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp1"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp2"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp3"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp4"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp5"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp6"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp7"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp8"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp9"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp10"
+ - block:
+ - name: Delete old streams
+ debug:
+ msg: "Delete old streams"
+ - shell: vppctl packet-generator delete fw_udp1
+ - shell: vppctl packet-generator delete fw_udp2
+ - shell: vppctl packet-generator delete fw_udp3
+ - shell: vppctl packet-generator delete fw_udp4
+ - shell: vppctl packet-generator delete fw_udp5
+ - shell: vppctl packet-generator delete fw_udp6
+ - shell: vppctl packet-generator delete fw_udp7
+ - shell: vppctl packet-generator delete fw_udp8
+ - shell: vppctl packet-generator delete fw_udp9
+ - shell: vppctl packet-generator delete fw_udp10
+ - block:
+ - name: Install new streams
+ debug:
+ msg: "Install new streams"
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp1
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp2
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp3
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp4
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp5
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp6
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp7
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp8
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp9
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp10
+ - block:
+ - name: Enable new streams
+ debug:
+ msg: "Enable new streams"
+ - shell: vppctl packet-generator enable fw_udp1
+ - shell: vppctl packet-generator enable fw_udp2
+ - shell: vppctl packet-generator enable fw_udp3
+ - shell: vppctl packet-generator enable fw_udp4
+ - shell: vppctl packet-generator enable fw_udp5
+ - shell: vppctl packet-generator enable fw_udp6
+ - shell: vppctl packet-generator enable fw_udp7
+ - shell: vppctl packet-generator enable fw_udp8
+ - shell: vppctl packet-generator enable fw_udp9
+ - shell: vppctl packet-generator enable fw_udp10
+ - name: Save NEW SINK IP address
+ shell: echo {{ sinkIp }} > /opt/config/sink_ipaddr.txt
+ - debug:
+ msg: "SINK IP has been changed"
+ become: true
+ when: oldSinkIp.stdout != sinkIp