--- # Required from inventory: # calico_rr_ip - which specific IP to use for RR, defaults to # "ip" from inventory or "ansible_default_ipv4.address" - name: Calico-rr | Set IP fact set_fact: rr_ip: "{{ calico_rr_ip | default(ip) | default(ansible_default_ipv4.address) }}" - name: Calico-rr | Create calico certs directory file: dest: "{{ calico_cert_dir }}" state: directory mode: 0750 owner: root group: root - name: Calico-rr | Link etcd certificates for calico-node file: src: "{{ etcd_cert_dir }}/{{ item.s }}" dest: "{{ calico_cert_dir }}/{{ item.d }}" state: hard force: yes with_items: - {s: "ca.pem", d: "ca_cert.crt"} - {s: "node-{{ inventory_hostname }}.pem", d: "cert.crt"} - {s: "node-{{ inventory_hostname }}-key.pem", d: "key.pem"} - name: Calico-rr | Create confd templates directory file: dest: "/templates" state: directory mode: 0750 owner: root group: root - name: Calico-rr | Link confd templates for calico-node file: src: "{{ item }}" dest: "/templates/{{ item }}" state: hard force: yes with_items: - bird.cfg.template - bird6.cfg.template - name: Calico-rr | Create dir for logs file: path: /var/log/calico-rr state: directory mode: 0755 owner: root group: root - name: Calico-rr | Write calico-rr.env for systemd init file template: src: calico-rr.env.j2 dest: /etc/calico/calico-rr.env notify: restart calico-rr - name: Calico-rr | Write calico-rr systemd init file template: src: calico-rr.service.j2 dest: /etc/systemd/system/calico-rr.service notify: restart calico-rr - name: Calico-rr | Configure route reflector command: |- {{ bin_dir }}/etcdctl --peers={{ etcd_access_addresses }} \ set /calico/bgp/v1/rr_v4/{{ rr_ip }} \ '{ "ip": "{{ rr_ip }}", "cluster_id": "{{ cluster_id }}" }' delegate_to: "{{groups['etcd'][0]}}" - name: Calico-rr | Configure OSPF Export command: |- {{ bin_dir }}/etcdctl --peers={{ etcd_access_addresses }} \ set /calico/bgp/v1/ospf_to_hosts/{{item.ip}} \ '{ "IP": "{{item.ip}}", "eligible": {{item.eligible}} }' delegate_to: "{{groups['etcd'][0]}}" with_items: calico_ospf_peers when: calico_ospf_peers|length > 1 - meta: flush_handlers - name: Calico-rr | Enable calico-rr service: name: calico-rr state: started enabled: yes