tutorials/vFWDT/playbooks/vpgn/latest/ansible/distributetraffic/site.yml

   1 ---
   2 - hosts: vFWDT
   3   gather_facts: no
   4   remote_user: ubuntu
   5   tasks:
   6     - include_vars: "{{ ConfigFileName }}"
   7       register: json
   8     - name: Install grepcidr library
   9       shell: apt-get install grepcidr
  10       become: true
  11     - name: Read protected net CIDR
  12       shell: cat /opt/config/protected_net_cidr.txt
  13       register: protectedCidr
  14       become: true
  15     - name: Read unprotected net CIDR
  16       shell: cat /opt/config/unprotected_private_net_cidr.txt
  17       register: unprotectedCidr
  18       become: true
  19     - name: Read PKG IP
  20       shell: cat /opt/config/vpg_private_ip_0.txt
  21       register: pkgIp
  22       become: true
  23     - name: Read OLD FW IP
  24       shell: cat /opt/config/fw_ipaddr.txt
  25       register: oldFwIp
  26       become: true
  27     - name: Read OLD SINK IP
  28       shell: cat /opt/config/sink_ipaddr.txt
  29       register: oldSinkIp
  30       become: true
  31     - name: Get all Interfaces
  32       set_fact:
  33         interfaces: "{{destinations[0].vservers | map(attribute='l-interfaces') | list}}"
  34     - name: print all Interfaces
  35       debug: var=interfaces
  36     - name: Interfaces vserver 1
  37       set_fact:
  38         vserver1_interfaces: "{{destinations[0].vservers[0]['l-interfaces'] | list}}"
  39     - name: Interfaces vserver 2
  40       set_fact:
  41         vserver2_interfaces: "{{destinations[0].vservers[1]['l-interfaces'] | list}}"
  42     - block:
  43         - name: length interfaces vserver1
  44           set_fact:
  45             length1: "{{ vserver1_interfaces |length }}"
  46         - name: length interfaces vserver2
  47           set_fact:
  48             length2: "{{ vserver2_interfaces |length }}"
  49     - block:
  50         - name: adress 1 vserver
  51           set_fact:
  52             sink_addresses:
  53               - "{{destinations[0].vservers[0]['l-interfaces'][0]['ipv4-addresses'][0]}}"
  54               - "{{destinations[0].vservers[0]['l-interfaces'][1]['ipv4-addresses'][0]}}"
  55               - "{{destinations[0].vservers[0]['l-interfaces'][2]['ipv4-addresses'][0]}}"
  56         - name: adress 2 vserver
  57           set_fact:
  58             fw_addresses:
  59               - "{{destinations[0].vservers[1]['l-interfaces'][0]['ipv4-addresses'][0]}}"
  60               - "{{destinations[0].vservers[1]['l-interfaces'][1]['ipv4-addresses'][0]}}"
  61               - "{{destinations[0].vservers[1]['l-interfaces'][2]['ipv4-addresses'][0]}}"
  62               - "{{destinations[0].vservers[1]['l-interfaces'][3]['ipv4-addresses'][0]}}"
  63       when:
  64         - length1 == "3"
  65         - length2 == "4"
  66     - block:
  67         - name: adress 1 vserver
  68           set_fact:
  69             fw_addresses:
  70               - "{{destinations[0].vservers[0]['l-interfaces'][0]['ipv4-addresses'][0]}}"
  71               - "{{destinations[0].vservers[0]['l-interfaces'][1]['ipv4-addresses'][0]}}"
  72               - "{{destinations[0].vservers[0]['l-interfaces'][2]['ipv4-addresses'][0]}}"
  73               - "{{destinations[0].vservers[0]['l-interfaces'][3]['ipv4-addresses'][0]}}"
  74         - name: adress 2 vserver
  75           set_fact:
  76             sink_addresses:
  77               - "{{destinations[0].vservers[1]['l-interfaces'][0]['ipv4-addresses'][0]}}"
  78               - "{{destinations[0].vservers[1]['l-interfaces'][1]['ipv4-addresses'][0]}}"
  79               - "{{destinations[0].vservers[1]['l-interfaces'][2]['ipv4-addresses'][0]}}"
  80       when:
  81         - length1 == "4"
  82         - length2 == "3"
  83     - block:
  84         - name: Create file to store fw-addresses
  85           shell: touch /home/fw.txt
  86           become: true
  87         - name: Create file to store sink-addresses
  88           shell: touch /home/sink.txt
  89           become: true
  90         - name: Save sink-addresses to file
  91           lineinfile:
  92             path: /home/sink.txt
  93             line: "{{item}}"
  94           with_items:
  95             - "{{sink_addresses[0]}}"
  96             - "{{sink_addresses[1]}}"
  97             - "{{sink_addresses[2]}}"
  98           become: true
  99         - name: Save fw-addresses to file
 100           lineinfile:
 101             path: /home/fw.txt
 102             line: "{{item}}"
 103           with_items:
 104             - "{{fw_addresses[0]}}"
 105             - "{{fw_addresses[1]}}"
 106             - "{{fw_addresses[2]}}"
 107             - "{{fw_addresses[3]}}"
 108           become: true
 109         - name: Filter  SINK IPs
 110           shell: grepcidr {{protectedCidr.stdout}} /home/sink.txt
 111           register: sinkIp
 112           become: true
 113         - debug: var=sinkIp.stdout
 114         - name: Filter FW IPs
 115           shell: grepcidr {{unprotectedCidr.stdout}} /home/fw.txt
 116           register: fwIp
 117           become: true
 118         - debug: var=fwIp.stdout
 119         - name: Delete created files
 120           shell: rm -f /home/sink.txt /home/fw.txt
 121           become: true
 122     - debug: var=fwIp
 123     - debug: var=sinkIp
 124     - block:
 125         - name: get new FW IP
 126           set_fact:
 127             fwIp: "{{fwIp.stdout}}"
 128         - name: get new SINK IP
 129           set_fact:
 130             sinkIp: "{{sinkIp.stdout}}"
 131     - debug: var=pkgIp.stdout
 132     - debug: var=oldFwIp.stdout
 133     - debug: var=oldSinkIp.stdout
 134     - debug: var=protectedCidr.stdout
 135     - debug: var=unprotectedCidr.stdout
 136     - debug: var=sinkIp
 137     - debug: var=fwIp
 138     - debug:
 139         msg: "FW IP has not been changed"
 140       when: oldFwIp.stdout == fwIp
 141     - block:
 142         - name: Remove OLD FW IP route
 143           shell: vppctl ip route del {{ protectedCidr.stdout }} via {{ oldFwIp.stdout }}
 144         - name: Add NEW FW IP route
 145           shell: vppctl ip route add {{ protectedCidr.stdout }} via {{ fwIp }}
 146         - name: Save NEW FW IP address
 147           shell: echo {{ fwIp }} > /opt/config/fw_ipaddr.txt
 148         - debug:
 149             msg: "FW IP has been changed"
 150       become: true
 151       when: oldFwIp.stdout != fwIp
 152     - debug:
 153         msg: "SINK IP has not been changed"
 154       when: oldSinkIp.stdout == sinkIp
 155     - block:
 156         - block:
 157           - name: Modify packet stream files
 158             debug:
 159               msg: "Modify packet stream files"
 160           - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp1"
 161           - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp2"
 162           - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp3"
 163           - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp4"
 164           - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp5"
 165           - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp6"
 166           - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp7"
 167           - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp8"
 168           - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp9"
 169           - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp10"
 170         - block:
 171           - name: Delete old streams
 172             debug:
 173               msg: "Delete old streams"
 174           - shell: vppctl packet-generator delete fw_udp1
 175           - shell: vppctl packet-generator delete fw_udp2
 176           - shell: vppctl packet-generator delete fw_udp3
 177           - shell: vppctl packet-generator delete fw_udp4
 178           - shell: vppctl packet-generator delete fw_udp5
 179           - shell: vppctl packet-generator delete fw_udp6
 180           - shell: vppctl packet-generator delete fw_udp7
 181           - shell: vppctl packet-generator delete fw_udp8
 182           - shell: vppctl packet-generator delete fw_udp9
 183           - shell: vppctl packet-generator delete fw_udp10
 184         - block:
 185           - name: Install new streams
 186             debug:
 187               msg: "Install new streams"
 188           - shell: vppctl exec /opt/pg_streams/stream_fw_udp1
 189           - shell: vppctl exec /opt/pg_streams/stream_fw_udp2
 190           - shell: vppctl exec /opt/pg_streams/stream_fw_udp3
 191           - shell: vppctl exec /opt/pg_streams/stream_fw_udp4
 192           - shell: vppctl exec /opt/pg_streams/stream_fw_udp5
 193           - shell: vppctl exec /opt/pg_streams/stream_fw_udp6
 194           - shell: vppctl exec /opt/pg_streams/stream_fw_udp7
 195           - shell: vppctl exec /opt/pg_streams/stream_fw_udp8
 196           - shell: vppctl exec /opt/pg_streams/stream_fw_udp9
 197           - shell: vppctl exec /opt/pg_streams/stream_fw_udp10
 198         - block:
 199           - name: Enable new streams
 200             debug:
 201               msg: "Enable new streams"
 202           - shell: vppctl packet-generator enable fw_udp1
 203           - shell: vppctl packet-generator enable fw_udp2
 204           - shell: vppctl packet-generator enable fw_udp3
 205           - shell: vppctl packet-generator enable fw_udp4
 206           - shell: vppctl packet-generator enable fw_udp5
 207           - shell: vppctl packet-generator enable fw_udp6
 208           - shell: vppctl packet-generator enable fw_udp7
 209           - shell: vppctl packet-generator enable fw_udp8
 210           - shell: vppctl packet-generator enable fw_udp9
 211           - shell: vppctl packet-generator enable fw_udp10
 212         - name: Save NEW SINK IP address
 213           shell: echo {{ sinkIp }} > /opt/config/sink_ipaddr.txt
 214         - debug:
 215             msg: "SINK IP has been changed"
 216       become: true
 217       when: oldSinkIp.stdout != sinkIp