rename

590d2a9d · nanahira · 4024ab2e · 590d2a9d
Commit 590d2a9d authored Jan 11, 2021 by nanahira
Show whitespace changes
Inline Side-by-side

Showing with 34 additions and 0 deletions

ansible/migrate-mini-router.yaml ansible/migrate-mini-router.yaml +34 -0

No files found.
--- a/ansible/migrate-mini-router.yaml
+++ b/ansible/migrate-mini-router.yaml
+- hosts: switch
+  remote_user: root
+  tasks:
+    - name: load vars
+      include_vars:
+        file: '../result/{{item}}.yaml'
+      with_items:
+        - global-vars
+        - vars-{{inventory_hostname_short}}
+    - name: post scripts
+      template:
+        src: scripts/{{item}}.sh.j2
+        dest: '{{ansible_user_dir}}/nextgen-network/scripts/{{item}}.sh'
+        mode: a+x
+      with_items:
+        - postup
+        - predown
+        - global-postup
+        - utility
+        - switch-rules-up
+        - switch-rules-down
+        - ocserv-postup
+        - ocserv-predown
+    - name: migrate
+      become: true
+      shell: |
+        {% for interface in masqInterfaces %}
+        iptables -t mangle -A NEXTGEN_ORIGIN -i {{item.name}} ! -p ospf -m set ! --match-set mycard src -j CONNMARK --set-xmark {{interface.mark}}
+        iptables -t mangle -A NEXTGEN_ORIGIN -m connmark --mark {{item.mark}} -j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff
+        iptables -t mangle -A OUTPUT -m connmark --mark {{item.mark}} -j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff
+        # TODO: ip rule
+        # ip rule add pref 300 fwmark {{item.mark}} lookup {{item.mark}}
+        {% endfor %}
+      with_items: '{{masqInterfaces}}'