Skip to content

Jd bgp works #81

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
darmach wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Jd bgp works #81

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
79f9262
Ensure BGP Speakers are created
darmach Jan 16, 2026
9b31299
Ensure BGP Peers are created
darmach Jan 16, 2026
fc50c72
Update network role README
darmach Jan 16, 2026
e2eb9a0
Add missing password to BGP peer creation
darmach Jan 16, 2026
618f017
Cosmetic changes
darmach Jan 16, 2026
b65e7a8
BGP tasks conditional
darmach Jan 16, 2026
b9f6214
Define default for peer_auth_type
darmach Jan 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 19 additions & 1 deletion roles/os_networks/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ dict containing the following items:
internal interface.
- `network`: Unique name or ID of the external gateway network.
- `external_fixed_ips`: Optional list of IP address parameters for the
external gateway network. Each is a dictionary with the subnet name or
external gateway network. Each is a dictionary with the subnet name or
subnet ID and the IP address to assign on the subnet.
- `project`: Optionally create this router for a project other than the
authenticating project.
Expand Down Expand Up @@ -126,6 +126,24 @@ following items:

*NOTE*: RBAC assignments cannot be modified after they are created.

`os_networks_bgp_speakers`: List of BGP speakers to create.
Each item should be a dict containing the following items:
- `name`: Name of the BGP speaker.
- `local_as`: Local autonomous system number (ASN) for the BGP Speaker.
- `ip_version`: Optional IP version for BGP speaker.
- `advertise_floating_ip_host_routes`: Whether to advertise fip host routes.
- `advertise_tenant_networks`: Whether to advertise tenant networks.
- `state`: Optional state of the BGP speaker, default is `present`.

`os_networks_bgp_peers`: List of BGP peers to create.
Each item should be a dict containing the following items:
- `name`: Name of the BGP Peer.
- `peer_ip`: IP address of the BGP peer.
- `remote_as`: Remote autonomous system number (ASN) for the BGP Peer.
- `peer_auth_type`: Authentication type, choices: ['none', 'md5'].
- `password`: Password for the BGP peer when `peer_auth_type` is 'md5'.
- `state`: Optional state of the BGP peer, default is `present`.

Dependencies
------------

Expand Down
20 changes: 20 additions & 0 deletions roles/os_networks/defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,5 +101,25 @@ os_networks_security_groups: []
# in the designated way.
os_networks_rbac: []

# List of BGP speakers to create.
# Each item should be a dict containing the following items:
# - `name`: Name of the BGP speaker.
# - `local_as`: Local autonomous system number (ASN) for the BGP Speaker.
# - `ip_version`: Optional IP version for BGP speaker.
# - `advertise_floating_ip_host_routes`: Whether to advertise fip host routes.
# - `advertise_tenant_networks`: Whether to advertise tenant networks.
# - `state`: Optional state of the BGP speaker, default is `present`.
os_networks_bgp_speakers: []

# List of BGP peers to create.
# Each item should be a dict containing the following items:
# - `name`: Name that has to be given to the BGP Peer.
# - `peer_ip`: IP address of the BGP peer.
# - `remote_as`: Remote autonomous system number (ASN) for the BGP Peer.
# - `peer_auth_type`: Authentication type, choices: ['none', 'md5'].
# - `password`: Authentication password for the BGP peer when peer_auth_type set.
# - `state`: Optional state of the subnet pool, default is `present`.
os_networks_bgp_peers: []

# Upper constraints file for installation of Python dependencies.
os_networks_upper_constraints_file: https://releases.openstack.org/constraints/upper/2025.1
34 changes: 34 additions & 0 deletions roles/os_networks/tasks/networks.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -136,3 +136,37 @@
with_subelements:
- "{{ os_networks_security_groups }}"
- rules

- name: Ensure BGP Speakers are created
openstack.cloud.bgp_speaker:
auth_type: "{{ os_networks_auth_type }}"

Check failure on line 142 in roles/os_networks/tasks/networks.yml

View workflow job for this annotation

GitHub Actions / lint / Ansible 2.18 lint

syntax-check[unknown-module] 

couldn't resolve module/action 'openstack.cloud.bgp_speaker'. This often indicates a misspelling, missing collection, or incorrect module path.

Check failure on line 142 in roles/os_networks/tasks/networks.yml

View workflow job for this annotation

GitHub Actions / lint / Ansible 2.20 lint

syntax-check[unknown-module] 

couldn't resolve module/action 'openstack.cloud.bgp_speaker'. This often indicates a misspelling, missing collection, or incorrect module path.
auth: "{{ os_networks_auth }}"
region_name: "{{ os_networks_region | default(omit) }}"
cacert: "{{ os_networks_cacert | default(omit) }}"
cloud: "{{ os_networks_cloud | default(omit) }}"
interface: "{{ os_networks_interface | default(omit, true) }}"
name: "{{ item.name }}"
local_as: "{{ item.local_as }}"
ip_version: "{{ item.ip_version | default(omit) }}"
advertise_floating_ip_host_routes: "{{ item.advertise_floating_ip_host_routes | default(omit) }}"
advertise_tenant_networks: "{{ item.advertise_tenant_networks | default(omit) }}"
state: "{{ item.state | default(omit) }}"
with_items: "{{ os_networks_bgp_speakers }}"
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist Bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

This task will fail if the os_networks_bgp_speakers variable is not defined. To make the role more robust, you should add a when condition to only run this task if the list is defined and not empty. I'd also recommend adding os_networks_bgp_speakers: [] to defaults/main.yml.

  with_items: "{{ os_networks_bgp_speakers }}"
  when: os_networks_bgp_speakers | default([]) | length > 0

when: os_networks_bgp_speakers | default([]) | length > 0

- name: Ensure BGP Peers are created
openstack.cloud.bgp_peer:
auth_type: "{{ os_networks_auth_type }}"
auth: "{{ os_networks_auth }}"
region_name: "{{ os_networks_region | default(omit) }}"

Check warning on line 161 in roles/os_networks/tasks/networks.yml

View workflow job for this annotation

GitHub Actions / lint / Ansible 2.18 lint

jinja[spacing] 

Jinja2 spacing could be improved: {{ item.peer_auth_type | default(omit)}} -> {{ item.peer_auth_type | default(omit) }}
cacert: "{{ os_networks_cacert | default(omit) }}"
cloud: "{{ os_networks_cloud | default(omit) }}"
interface: "{{ os_networks_interface | default(omit, true) }}"
name: "{{ item.name }}"
remote_as: "{{ item.remote_as }}"
peer_ip: "{{ item.peer_ip }}"
peer_auth_type: "{{ item.peer_auth_type | default(omit)}}"
password: "{{ item.password | default(omit) }}"
state: "{{ item.state | default(omit) }}"
with_items: "{{ os_networks_bgp_peers }}"
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist Bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

Similar to the BGP speakers task, this task will fail if os_networks_bgp_peers is not defined. A when condition should be added for robustness. I'd also recommend adding os_networks_bgp_peers: [] to defaults/main.yml.

  with_items: "{{ os_networks_bgp_peers }}"
  when: os_networks_bgp_peers | default([]) | length > 0

when: os_networks_bgp_peers | default([]) | length > 0
Loading