diff --git a/roles/os_networks/README.md b/roles/os_networks/README.md index 8ad07e0..eb833a6 100644 --- a/roles/os_networks/README.md +++ b/roles/os_networks/README.md @@ -87,7 +87,7 @@ dict containing the following items: internal interface. - `network`: Unique name or ID of the external gateway network. - `external_fixed_ips`: Optional list of IP address parameters for the - external gateway network. Each is a dictionary with the subnet name or + external gateway network. Each is a dictionary with the subnet name or subnet ID and the IP address to assign on the subnet. - `project`: Optionally create this router for a project other than the authenticating project. @@ -126,6 +126,24 @@ following items: *NOTE*: RBAC assignments cannot be modified after they are created. +`os_networks_bgp_speakers`: List of BGP speakers to create. +Each item should be a dict containing the following items: +- `name`: Name of the BGP speaker. +- `local_as`: Local autonomous system number (ASN) for the BGP Speaker. +- `ip_version`: Optional IP version for BGP speaker. +- `advertise_floating_ip_host_routes`: Whether to advertise fip host routes. +- `advertise_tenant_networks`: Whether to advertise tenant networks. +- `state`: Optional state of the BGP speaker, default is `present`. + +`os_networks_bgp_peers`: List of BGP peers to create. +Each item should be a dict containing the following items: +- `name`: Name of the BGP Peer. +- `peer_ip`: IP address of the BGP peer. +- `remote_as`: Remote autonomous system number (ASN) for the BGP Peer. +- `peer_auth_type`: Authentication type, choices: ['none', 'md5']. +- `password`: Password for the BGP peer when `peer_auth_type` is 'md5'. +- `state`: Optional state of the BGP peer, default is `present`. + Dependencies ------------ diff --git a/roles/os_networks/defaults/main.yml b/roles/os_networks/defaults/main.yml index 2606e49..a7ae231 100644 --- a/roles/os_networks/defaults/main.yml +++ b/roles/os_networks/defaults/main.yml @@ -101,5 +101,25 @@ os_networks_security_groups: [] # in the designated way. os_networks_rbac: [] +# List of BGP speakers to create. +# Each item should be a dict containing the following items: +# - `name`: Name of the BGP speaker. +# - `local_as`: Local autonomous system number (ASN) for the BGP Speaker. +# - `ip_version`: Optional IP version for BGP speaker. +# - `advertise_floating_ip_host_routes`: Whether to advertise fip host routes. +# - `advertise_tenant_networks`: Whether to advertise tenant networks. +# - `state`: Optional state of the BGP speaker, default is `present`. +os_networks_bgp_speakers: [] + +# List of BGP peers to create. +# Each item should be a dict containing the following items: +# - `name`: Name that has to be given to the BGP Peer. +# - `peer_ip`: IP address of the BGP peer. +# - `remote_as`: Remote autonomous system number (ASN) for the BGP Peer. +# - `peer_auth_type`: Authentication type, choices: ['none', 'md5']. +# - `password`: Authentication password for the BGP peer when peer_auth_type set. +# - `state`: Optional state of the subnet pool, default is `present`. +os_networks_bgp_peers: [] + # Upper constraints file for installation of Python dependencies. os_networks_upper_constraints_file: https://releases.openstack.org/constraints/upper/2025.1 diff --git a/roles/os_networks/tasks/networks.yml b/roles/os_networks/tasks/networks.yml index b9b45ea..5adc8f4 100644 --- a/roles/os_networks/tasks/networks.yml +++ b/roles/os_networks/tasks/networks.yml @@ -136,3 +136,37 @@ with_subelements: - "{{ os_networks_security_groups }}" - rules + +- name: Ensure BGP Speakers are created + openstack.cloud.bgp_speaker: + auth_type: "{{ os_networks_auth_type }}" + auth: "{{ os_networks_auth }}" + region_name: "{{ os_networks_region | default(omit) }}" + cacert: "{{ os_networks_cacert | default(omit) }}" + cloud: "{{ os_networks_cloud | default(omit) }}" + interface: "{{ os_networks_interface | default(omit, true) }}" + name: "{{ item.name }}" + local_as: "{{ item.local_as }}" + ip_version: "{{ item.ip_version | default(omit) }}" + advertise_floating_ip_host_routes: "{{ item.advertise_floating_ip_host_routes | default(omit) }}" + advertise_tenant_networks: "{{ item.advertise_tenant_networks | default(omit) }}" + state: "{{ item.state | default(omit) }}" + with_items: "{{ os_networks_bgp_speakers }}" + when: os_networks_bgp_speakers | default([]) | length > 0 + +- name: Ensure BGP Peers are created + openstack.cloud.bgp_peer: + auth_type: "{{ os_networks_auth_type }}" + auth: "{{ os_networks_auth }}" + region_name: "{{ os_networks_region | default(omit) }}" + cacert: "{{ os_networks_cacert | default(omit) }}" + cloud: "{{ os_networks_cloud | default(omit) }}" + interface: "{{ os_networks_interface | default(omit, true) }}" + name: "{{ item.name }}" + remote_as: "{{ item.remote_as }}" + peer_ip: "{{ item.peer_ip }}" + peer_auth_type: "{{ item.peer_auth_type | default(omit)}}" + password: "{{ item.password | default(omit) }}" + state: "{{ item.state | default(omit) }}" + with_items: "{{ os_networks_bgp_peers }}" + when: os_networks_bgp_peers | default([]) | length > 0