From 272524137ff85531d3eeb3dc5879b5aa521531c4 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 21 May 2020 13:50:11 +0200 Subject: revamp dellos6 roles --- roles/dellos6/base/defaults/main.yml | 11 ++++++ roles/dellos6/base/tasks/main.yml | 27 +++++++++++++-- roles/dellos6/bootstrap/templates/init.j2 | 8 +++++ roles/dellos6/layer2/templates/interfaces.j2 | 51 ++++++++++++++++------------ roles/dellos6/layer2/templates/vlans.j2 | 2 ++ 5 files changed, 74 insertions(+), 25 deletions(-) create mode 100644 roles/dellos6/base/defaults/main.yml (limited to 'roles') diff --git a/roles/dellos6/base/defaults/main.yml b/roles/dellos6/base/defaults/main.yml new file mode 100644 index 00000000..35d3cbb8 --- /dev/null +++ b/roles/dellos6/base/defaults/main.yml @@ -0,0 +1,11 @@ +--- +# dellos6_sntp: +# server: + +# dellos6_logging: +# server: + +# dellos6_snmp: +# location; +# contact: +# community: diff --git a/roles/dellos6/base/tasks/main.yml b/roles/dellos6/base/tasks/main.yml index 30924abd..58c31d74 100644 --- a/roles/dellos6/base/tasks/main.yml +++ b/roles/dellos6/base/tasks/main.yml @@ -1,7 +1,28 @@ --- -- name: disable telnet and http server +## TODO: disable sntp if dellos6_sntp is not defined? +- name: configure SNTP + when: dellos6_sntp is defined dellos6_config: lines: - - ip telnet server disable - - no ip http server + - "sntp server {{ dellos6_sntp.server }}" + - sntp unicast client enable + notify: save configuration + +## TODO: disable logging if dellos6_logging is not defined? +- name: configure logging + when: dellos6_logging is defined + dellos6_config: + lines: + - "logging {{ dellos6_logging.server }}" + - exit + notify: save configuration + +## TODO: disable snmp if dellos6_snmp is not defined? +- name: configure snmp + when: dellos6_snmp is defined + dellos6_config: + lines: + - '{% if "location" in dellos6_snmp %}snmp-server location "{{ dellos6_snmp.location }}"{% else %}no snmp-server location{% endif %}' + - '{% if "contact" in dellos6_snmp %}snmp-server contact "{{ dellos6_snmp.contact }}"{% else %}no snmp-server contact{% endif %}' + - 'snmp-server community {{ dellos6_snmp.community }}' notify: save configuration diff --git a/roles/dellos6/bootstrap/templates/init.j2 b/roles/dellos6/bootstrap/templates/init.j2 index 42623fec..e832e614 100644 --- a/roles/dellos6/bootstrap/templates/init.j2 +++ b/roles/dellos6/bootstrap/templates/init.j2 @@ -15,6 +15,9 @@ exit interface vlan {{ dellos6_mgmt_vlan }} ip address {{ dellos6_mgmt_ipaddr }} {{ dellos6_mgmt_netmask }} exit +{% if dellos6_mgmt_gateway is defined %} +ip default-gateway {{ dellos6_mgmt_gateway }} +{% endif %} no spanning-tree crypto key generate rsa @@ -32,6 +35,11 @@ exit no application install hiveagent no application install SupportAssist +ip telnet server disable +no ip http server +no snmp-server enable traps +no snmp-server enable traps all + enable password {{ ansible_become_password }} end diff --git a/roles/dellos6/layer2/templates/interfaces.j2 b/roles/dellos6/layer2/templates/interfaces.j2 index 6484db19..dc6b344e 100644 --- a/roles/dellos6/layer2/templates/interfaces.j2 +++ b/roles/dellos6/layer2/templates/interfaces.j2 @@ -5,34 +5,41 @@ description "{{ interface.description }}" {% endif %} {% if 'channel_group' in interface %} channel-group {{ interface.channel_group }} mode active -{% endif %} +{% else %} switchport mode {{ interface.switchport_mode | default('access') }} -{% if 'switchport_mode' not in interface or interface.switchport_mode == 'access' %} -{% if 'vlan' in interface %} +{% if 'switchport_mode' not in interface or interface.switchport_mode == 'access' %} +{% if 'vlan' in interface %} switchport access vlan {{ interface.vlan }} -{% endif %} -{% elif interface.switchport_mode == 'trunk' %} -{% if 'pvid' in interface %} +{% endif %} +{% elif interface.switchport_mode == 'trunk' %} +{% if 'pvid' in interface %} switchport trunk native vlan {{ interface.pvid }} -{% endif %} -{% elif interface.switchport_mode == 'general' %} -{% if 'tagged_only' in interface and interface.tagged_only %} +{% endif %} +{% elif interface.switchport_mode == 'general' %} +{% if 'tagged_only' in interface and interface.tagged_only %} switchport general acceptable-frame-type tagged-only -{% endif %} -{% if 'ingress_filtering' in interface and not interface.ingress_filtering %} +{% endif %} +{% if 'ingress_filtering' in interface and not interface.ingress_filtering %} switchport general ingress-filtering disable -{% endif %} -{% if 'forbidden_vlans' in interface %} -switchport general forbidden vlan add {{ interface.forbidden_vlans | join(',') }} -{% endif %} -{% if 'allowed_vlans_tagged' in interface %} -switchport general allowed vlan add {{ interface.allowed_vlans_tagged | join(',') }} tagged -{% endif %} -{% if 'allowed_vlans_untagged' in interface %} -switchport general allowed vlan add {{ interface.allowed_vlans_untagged | join(',') }} untagged -{% endif %} -{% if 'pvid' in interface %} +{% endif %} +{% if 'forbidden_vlans' in interface %} +{% for vlans in (interface.forbidden_vlans | vlan_parser) %} +switchport general forbidden vlan add {{ vlans }} +{% endfor %} +{% endif %} +{% if 'allowed_vlans_tagged' in interface %} +{% for vlans in (interface.allowed_vlans_tagged | vlan_parser) %} +switchport general allowed vlan add {{ vlans }} tagged +{% endfor %} +{% endif %} +{% if 'allowed_vlans_untagged' in interface %} +{% for vlans in (interface.allowed_vlans_untagged | vlan_parser) %} +switchport general allowed vlan add {{ vlans }} untagged +{% endfor %} +{% endif %} +{% if 'pvid' in interface %} switchport general pvid {{ interface.pvid }} +{% endif %} {% endif %} {% endif %} exit diff --git a/roles/dellos6/layer2/templates/vlans.j2 b/roles/dellos6/layer2/templates/vlans.j2 index 6403c735..a5081288 100644 --- a/roles/dellos6/layer2/templates/vlans.j2 +++ b/roles/dellos6/layer2/templates/vlans.j2 @@ -1,5 +1,7 @@ {% for vlan in dellos6_vlans %} +{% if vlan.id != "1" %} vlan {{ vlan.id }} name "{{ vlan.name }}" exit +{% endif %} {% endfor %} -- cgit v1.2.3