Include vlans with defined IRB int in device vlans even if no port present
Open, LowPublic
Actions

Assigned To

Authored By

	cmooney
	Fri, May 31, 11:13 AM

Description

It's been a bit of a pain when rolling out new racks in the routed / evpn switch setup as currently Homer only configured vlans on a switch if there are ports (access or trunk) configured as members of those vlans at layer-2.

The issue this causes is that prior to the first host being added to a given vlan the config for that vlan is missing on the switch, and the sre.network.configure-switch-interfaces cookbook does not add them. Instead, when it tries to configure the given vlan on the port connecting the new host we hit an error, and Homer needs to be used instead to add all the required config.

It was previously suggested to configure vlans based on location in advance, but this is somewhat tricky (relying on naming conventions), so I think a simpler way is just to also parse any interfaces starting with "irb." defined in Netbox. In the new design we always have a local IRB int acting as gateway for the per-rack vlans, so this should work good. It should be doable with a small patch to Homer if people are agreed.

Details

	Subject	Repo	Branch	Lines +/-
	Validate IRB interface names correspond to vlan and refactor	operations/software/netbox-extras	master	+16 -7
	Include vlans with an IRB int in device vlans even if not on L2 port	operations/software/homer	master	+11 -0

Customize query in gerrit

Related Objects

Mentioned In: rOSHO7af405b0dd0e: Include vlans with an IRB int in device vlans even if not on L2 port

Event Timeline

cmooney triaged this task as Low priority.Fri, May 31, 11:13 AM

cmooney created this task.

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFri, May 31, 11:13 AM

Change #1037773 had a related patch set uploaded (by Cathal Mooney; author: Cathal Mooney):

[operations/software/homer@master] Include vlans with an IRB int in device vlans even if not on L2 port

https://gerrit.wikimedia.org/r/1037773

gerritbot added a project: Patch-For-Review.Fri, May 31, 11:16 AM

Diff with this patch applied on one of the new codfw switches:

cmooney@wikilap:~$ homer lsw1-d2-codfw* diff
INFO:homer.devices:Initialized 99 devices
INFO:homer:Generating diff for query lsw1-d2-codfw*
INFO:homer:Gathering global Netbox data
INFO:homer.devices:Matched 1 device(s) for query 'lsw1-d2-codfw*'
INFO:homer:Generating configuration for lsw1-d2-codfw.mgmt.codfw.wmnet
INFO:homer.transports.junos:Running commit check on lsw1-d2-codfw.mgmt.codfw.wmnet
Changes for 1 devices: ['lsw1-d2-codfw.mgmt.codfw.wmnet']

[edit policy-options policy-statement Evpn_rt_import]
     term static_type1_rt { ... }
+    term l2vni {
+        from community VNI2002044;
+        then accept;
+    }
     term l3vni { ... }
[edit policy-options]
+   community VNI2002044 members target:64811:2044;
[edit protocols evpn]
+    vni-options {
+        vni 2002044 {
+            vrf-target target:64811:2044;
+        }
+    }
[edit]
+  vlans {
+      private1-d2-codfw {
+          vlan-id 2044;
+          l3-interface irb.2044;
+          vxlan {
+              vni 2002044;
+          }
+      }
+  }

---------------
INFO:homer:Homer run completed successfully on 1 devices: ['lsw1-d2-codfw.mgmt.codfw.wmnet']

cmooney updated the task description. (Show Details)Fri, May 31, 11:32 AM

• OKJ04 added a subtask: T366433: CentralAuth tests broken unless you run them inside Quibble.Mon, Jun 3, 1:39 AM

JJMC89 removed a subtask: T366433: CentralAuth tests broken unless you run them inside Quibble.Mon, Jun 3, 1:44 AM

Change #1040154 had a related patch set uploaded (by Cathal Mooney; author: Cathal Mooney):

[operations/software/netbox-extras@master] Validate IRB interface names correspond to vlan and refactor

https://gerrit.wikimedia.org/r/1040154

Change #1037773 merged by jenkins-bot: