use metalctl also from pr

metal-stack · Jul 7, 2024 · 34a2bf3 · 34a2bf3
1 parent 3ebae8b
commit 34a2bf3
Show file tree

Hide file tree

Showing 5 changed files with 53 additions and 7 deletions.
diff --git a/Makefile b/Makefile
@@ -116,6 +116,7 @@ cleanup-partition:
 	sudo $(CONTAINERLAB) destroy --topo mini-lab.cumulus.yaml
 	sudo $(CONTAINERLAB) destroy --topo mini-lab.sonic.yaml
 
+# IPv4
 .PHONY: _privatenet
 _privatenet: env
 	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl network list --name user-private-network | grep user-private-network || docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl network allocate --partition mini-lab --project 00000000-0000-0000-0000-000000000000 --name user-private-network
@@ -128,6 +129,20 @@ machine: _privatenet
 firewall: _ips _privatenet
 	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl firewall create --description fw --name fw --hostname fw --project 00000000-0000-0000-0000-000000000000 --partition mini-lab --image firewall-ubuntu-3.0 --size v1-small-x86 --networks internet-mini-lab,$(shell docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl network list --name user-private-network -o template --template '{{ .id }}')
 
+# IPv6
+.PHONY: _privatenet6
+_privatenet6: env
+	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl network list --name user-private-network-6 | grep user-private-network-6 || docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl network allocate --partition mini-lab --project 00000000-0000-0000-0000-000000000000 --name user-private-network-6 --addressfamily ipv6
+
+.PHONY: machine6
+machine6: _privatenet6
+	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl machine create --description test6 --name test6 --hostname test6 --project 00000000-0000-0000-0000-000000000000 --partition mini-lab --image $(MACHINE_OS) --size v1-small-x86 --networks $(shell docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl network list --name user-private-network-6 -o template --template '{{ .id }}')
+
+.PHONY: firewall6
+firewall6: _ips _privatenet6
+	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl firewall create --description fw --name fw --hostname fw --project 00000000-0000-0000-0000-000000000000 --partition mini-lab --image firewall-ubuntu-3.0 --size v1-small-x86 --networks internet-ipv6-mini-lab,$(shell docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl network list --name user-private-network-6 -o template --template '{{ .id }}')
+
+
 .PHONY: ls
 ls: env
 	docker compose run $(DOCKER_COMPOSE_TTY_ARG) metalctl machine ls

diff --git a/files/inet/frr.conf b/files/inet/frr.conf
@@ -1,11 +1,12 @@
 frr defaults datacenter
 hostname inet
-!
 log syslog informational
+ipv6 forwarding
 !
 vrf vrfInternet
  vni 104009
  ip route 0.0.0.0/0 172.17.0.1
+ ipv6 route ::/0 2001:db8:1::1
 exit-vrf
 !
 interface eth2
@@ -32,6 +33,10 @@ router bgp 4200000021
   redistribute connected route-map LOOPBACKS
  exit-address-family
  !
+ address-family ipv6 unicast
+  redistribute connected route-map LOOPBACKS
+ exit-address-family
+ !
  address-family l2vpn evpn
   advertise-all-vni
   neighbor FABRIC activate
@@ -46,12 +51,14 @@ router bgp 4200000021 vrf vrfInternet
   redistribute static
  exit-address-family
  !
+ address-family ipv6 unicast
+  redistribute static
+ exit-address-family
+ !
  address-family l2vpn evpn
   advertise ipv4 unicast
  exit-address-family
 !
 route-map LOOPBACKS permit 10
-  match interface lo
-!
-line vty
+ match interface lo
 !
diff --git a/inventories/group_vars/all/images.yaml b/inventories/group_vars/all/images.yaml
@@ -9,7 +9,7 @@ metal_stack_release_version: develop
 # metal_api_image_name:
 metal_api_image_tag: ipv6-support
 # metal_metalctl_image_name:
-# metal_metalctl_image_tag:
+metal_metalctl_image_tag: 252-ipv6-support
 # metal_masterdata_api_image_name:
 # metal_masterdata_api_image_tag:
 # metal_console_image_name:
@@ -19,6 +19,7 @@ metal_api_image_tag: ipv6-support
 # further overrides can be looked up in the metal-role projects where the mapping is defined:
 # https://github.com/metal-stack/metal-roles/blob/master/defaults/main.yaml
 
+metal_core_image_tag: ipv6-support
 ##
 ## for ansible roles
 ##

diff --git a/inventories/group_vars/control-plane/metal.yml b/inventories/group_vars/control-plane/metal.yml
@@ -74,7 +74,7 @@ metal_api_networks:
   partitionid: mini-lab
   childprefixlength: 64
   prefixes:
-  - fd00:000a::/48
+  - 2001:000a::/48
 - id: internet-mini-lab
   name: "Virtual Internet Network"
   description: "Virtual Internet Network for mini-lab"
@@ -101,7 +101,7 @@ metal_api_networks:
   partitionid: "mini-lab"
   vrf: 106009
   prefixes:
-  - fd00:000b::/48
+  - 2002:000b::/48
 - id: underlay-mini-lab
   name: "Underlay Network"
   description: "Underlay Network for mini-lab"

diff --git a/roles/cumulus/files/frr.tpl b/roles/cumulus/files/frr.tpl
@@ -65,6 +65,15 @@ router bgp {{ $ASN }}
   {{- end }}
  exit-address-family
  !
+ address-family ipv6 unicast
+  redistribute connected route-map LOOPBACKS
+  neighbor FIREWALL allowas-in 2
+  neighbor FIREWALL activate
+  {{- range $k, $f := .Ports.Firewalls }}
+  neighbor {{ $f.Port }} route-map fw-{{ $k }}-in in
+  {{- end }}
+ exit-address-family
+ !
  address-family l2vpn evpn
   advertise-all-vni
   neighbor FABRIC activate
@@ -112,6 +121,15 @@ router bgp {{ $ASN }} vrf {{ $vrf }}
   {{- end }}
  exit-address-family
  !
+ address-family ipv6 unicast
+  redistribute connected
+  neighbor MACHINE maximum-prefix 24000
+  neighbor MACHINE activate
+  {{- if gt (len $t.IPPrefixLists) 0 }}
+  neighbor MACHINE route-map {{ $vrf }}-in6 in
+  {{- end }}
+ exit-address-family
+ !
  address-family l2vpn evpn
   advertise ipv4 unicast
  exit-address-family
@@ -138,6 +156,11 @@ router bgp {{ $ASN }} vrf vrfInternet
   network 0.0.0.0/0
  exit-address-family
  !
+ address-family ipv6 unicast
+  import vrf mgmt
+  network ::/0
+ exit-address-family
+ !
  address-family l2vpn evpn
   advertise ipv4 unicast
  exit-address-family