From 9f4db40ff68f45c611a84772bc79f58813ad3ef1 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 15 Jul 2020 17:07:11 +0200
Subject: network: allow multiple overlays per segment (WIP)

---
 inventory/group_vars/vmhost-sk-2019vm/main.yml       | 19 ++++++++++---------
 inventory/group_vars/vmhost-sk-tomnext/main.yml      | 11 ++++++-----
 inventory/host_vars/ch-mimas.yml                     |  2 +-
 inventory/host_vars/ele-gwhetzner.yml                |  2 +-
 inventory/host_vars/emc-master.yml                   |  2 +-
 inventory/host_vars/lw-master.yml                    |  2 +-
 inventory/host_vars/sk-testvm.yml                    |  2 +-
 inventory/host_vars/sk-tomnext-hp.yml                |  2 +-
 inventory/host_vars/sk-tomnext-nc.yml                |  2 +-
 inventory/host_vars/sk-torrent.yml                   |  2 +-
 roles/vm/host/network/templates/bridge-interfaces.j2 | 13 +++++++------
 roles/vm/host/network/templates/interfaces.j2        |  2 +-
 12 files changed, 32 insertions(+), 29 deletions(-)

diff --git a/inventory/group_vars/vmhost-sk-2019vm/main.yml b/inventory/group_vars/vmhost-sk-2019vm/main.yml
index 254d6d8b..4786040b 100644
--- a/inventory/group_vars/vmhost-sk-2019vm/main.yml
+++ b/inventory/group_vars/vmhost-sk-2019vm/main.yml
@@ -18,15 +18,16 @@ vm_host:
           sk-testvm: 253
           sk-2019vm: 254
         nat: yes
-        overlay:
-          prefix: 178.63.180.136/29
-          offsets:
-            sk-torrent: 0
-#            emc-master: 1
-            lw-master: 1
-            ele-gwhetzner: 2
-            ch-mimas: 6
-            sk-testvm: 7
+        overlays:
+          default:
+            prefix: 178.63.180.136/29
+            offsets:
+              sk-torrent: 0
+#              emc-master: 1
+              lw-master: 1
+              ele-gwhetzner: 2
+              ch-mimas: 6
+              sk-testvm: 7
   zfs:
     default:
       pool: storage
diff --git a/inventory/group_vars/vmhost-sk-tomnext/main.yml b/inventory/group_vars/vmhost-sk-tomnext/main.yml
index eacc58a2..a3706dcd 100644
--- a/inventory/group_vars/vmhost-sk-tomnext/main.yml
+++ b/inventory/group_vars/vmhost-sk-tomnext/main.yml
@@ -14,11 +14,12 @@ vm_host:
           sk-tomnext-hp: 104
           sk-tomnext: 254
         nat: yes
-        overlay:
-          prefix: 94.130.206.64/26
-          offsets:
-            sk-tomnext-nc: 39
-            sk-tomnext-hp: 40
+        overlays:
+          default:
+            prefix: 94.130.206.64/26
+            offsets:
+              sk-tomnext-nc: 39
+              sk-tomnext-hp: 40
   zfs:
     default:
       pool: storage
diff --git a/inventory/host_vars/ch-mimas.yml b/inventory/host_vars/ch-mimas.yml
index 38422a30..356d3b8b 100644
--- a/inventory/host_vars/ch-mimas.yml
+++ b/inventory/host_vars/ch-mimas.yml
@@ -24,7 +24,7 @@ network:
     name: eth0
     address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
     gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}"
-    overlay: "{{ (vm_host.network.bridges.public.overlay.prefix | ipaddr(vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}"
+    overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}"
   interfaces:
   - *_network_primary_
 
diff --git a/inventory/host_vars/ele-gwhetzner.yml b/inventory/host_vars/ele-gwhetzner.yml
index 3be84fd7..5a15196a 100644
--- a/inventory/host_vars/ele-gwhetzner.yml
+++ b/inventory/host_vars/ele-gwhetzner.yml
@@ -24,7 +24,7 @@ network:
     name: primary0
     address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
     gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}"
-    overlay: "{{ (vm_host.network.bridges.public.overlay.prefix | ipaddr(vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}"
+    overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}"
   interfaces:
   - *_network_primary_
 
diff --git a/inventory/host_vars/emc-master.yml b/inventory/host_vars/emc-master.yml
index dcf51a45..b39839a4 100644
--- a/inventory/host_vars/emc-master.yml
+++ b/inventory/host_vars/emc-master.yml
@@ -27,7 +27,7 @@ network:
     name: primary0
     address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
     gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}"
-    overlay: "{{ (vm_host.network.bridges.public.overlay.prefix | ipaddr(vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}"
+    overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}"
   interfaces:
   - *_network_primary_
 
diff --git a/inventory/host_vars/lw-master.yml b/inventory/host_vars/lw-master.yml
index dcf51a45..b39839a4 100644
--- a/inventory/host_vars/lw-master.yml
+++ b/inventory/host_vars/lw-master.yml
@@ -27,7 +27,7 @@ network:
     name: primary0
     address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
     gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}"
-    overlay: "{{ (vm_host.network.bridges.public.overlay.prefix | ipaddr(vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}"
+    overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}"
   interfaces:
   - *_network_primary_
 
diff --git a/inventory/host_vars/sk-testvm.yml b/inventory/host_vars/sk-testvm.yml
index 86c00c1f..e16d187d 100644
--- a/inventory/host_vars/sk-testvm.yml
+++ b/inventory/host_vars/sk-testvm.yml
@@ -24,7 +24,7 @@ network:
     name: primary0
     address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
     gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}"
-    overlay: "{{ (vm_host.network.bridges.public.overlay.prefix | ipaddr(vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}"
+    overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}"
   interfaces:
   - *_network_primary_
 
diff --git a/inventory/host_vars/sk-tomnext-hp.yml b/inventory/host_vars/sk-tomnext-hp.yml
index 8975e5a3..53d22fec 100644
--- a/inventory/host_vars/sk-tomnext-hp.yml
+++ b/inventory/host_vars/sk-tomnext-hp.yml
@@ -31,7 +31,7 @@ network:
     name: primary0
     address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
     gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}"
-    overlay: "{{ (vm_host.network.bridges.public.overlay.prefix | ipaddr(vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}"
+    overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}"
   interfaces:
   - *_network_primary_
 
diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml
index 340795eb..c43235ec 100644
--- a/inventory/host_vars/sk-tomnext-nc.yml
+++ b/inventory/host_vars/sk-tomnext-nc.yml
@@ -30,7 +30,7 @@ network:
     name: primary0
     address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
     gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}"
-    overlay: "{{ (vm_host.network.bridges.public.overlay.prefix | ipaddr(vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}"
+    overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}"
   interfaces:
   - *_network_primary_
 
diff --git a/inventory/host_vars/sk-torrent.yml b/inventory/host_vars/sk-torrent.yml
index c8967dab..f2ece040 100644
--- a/inventory/host_vars/sk-torrent.yml
+++ b/inventory/host_vars/sk-torrent.yml
@@ -28,7 +28,7 @@ network:
     name: primary0
     address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
     gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}"
-    overlay: "{{ (vm_host.network.bridges.public.overlay.prefix | ipaddr(vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}"
+    overlay: "{{ (vm_host.network.bridges.public.overlays.default.prefix | ipaddr(vm_host.network.bridges.public.overlays.default.offsets[inventory_hostname])).split('/')[0] }}"
   interfaces:
   - *_network_primary_
 
diff --git a/roles/vm/host/network/templates/bridge-interfaces.j2 b/roles/vm/host/network/templates/bridge-interfaces.j2
index 05144430..c0519737 100644
--- a/roles/vm/host/network/templates/bridge-interfaces.j2
+++ b/roles/vm/host/network/templates/bridge-interfaces.j2
@@ -32,13 +32,14 @@ iface {{ bridge_name }} inet manual
   up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding
   up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }}
 {%   endif %}
-{%   if 'overlay' in bridge %}
-{%     for dest, offset in (bridge.overlay.offsets | dictsort(by='value')) %}
-  up /bin/ip route add {{ (bridge.overlay.prefix | ipaddr(offset)).split('/')[0] }}/32 via {{ (bridge.prefix | ipaddr(bridge.offsets[dest])).split('/')[0] }}  # {{ dest }}
+{%   for overlay_name in (bridge.overlays | default({}) | list | sort) %}
+{%     set overlay = bridge.overlays[overlay_name] %}
+{%     for dest, offset in (overlay.offsets | dictsort(by='value')) %}
+  up /bin/ip route add {{ (overlay.prefix | ipaddr(offset)).split('/')[0] }}/32 via {{ (bridge.prefix | ipaddr(bridge.offsets[dest])).split('/')[0] }}  # {{ dest }}
 {%     endfor %}
-  up /bin/ip route add unreachable {{ bridge.overlay.prefix }}
-  down /sbin/ip route del {{ bridge.overlay.prefix }}
-{%   endif %}
+  up /bin/ip route add unreachable {{ overlay.prefix }}
+  down /sbin/ip route del {{ overlay.prefix }}
+{%   endfor %}
 {%   if 'nat' in bridge and bridge.nat %}
   down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }}
 {%   endif %}
diff --git a/roles/vm/host/network/templates/interfaces.j2 b/roles/vm/host/network/templates/interfaces.j2
index fe57a024..004c1f96 100644
--- a/roles/vm/host/network/templates/interfaces.j2
+++ b/roles/vm/host/network/templates/interfaces.j2
@@ -60,7 +60,7 @@ iface {{ interface.name }} inet6 static
 
 
 {% endfor %}
-{% for parent in network.vlans | default({}) | list | sort %}
+{% for parent in (network.vlans | default({}) | list | sort) %}
 ## vlan interfaces @ {{ parent }}
 
 {%   for vlan in network.vlans[parent] %}
-- 
cgit v1.2.3