Merge pull request #21 from bgraef/main

add vlan deployment

ocne/build.yml

@@ -44,37 +44,59 @@
 
 - name: Set the compute instance id
   ansible.builtin.set_fact:
-    instance_id: "{{ result.instance.id }}"
+    my_instance_id: "{{ result.instance.id }}"
 
 - name: Set the compute instance display_name
   ansible.builtin.set_fact:
     instance_display_name: "{{ result.instance.display_name }}"
 
-- name: Get the vnic attachment details of instance
+- name: Get the primary vnic attachment details of instance
   oracle.oci.oci_compute_vnic_attachment_facts:
     compartment_id: "{{ my_compartment_id }}"
-    instance_id: "{{ instance_id }}"
+    instance_id: "{{ my_instance_id }}"
   register: result
   retries: 10
   delay: 30
   until: result is not failed
 
-- name: Get vnic details
+- name: Get primary vnic details
   oracle.oci.oci_network_vnic_facts:
-    id: "{{ result.vnic_attachments[0].vnic_id }}"
+    vnic_id: "{{ result.vnic_attachments[0].vnic_id }}"
   register: result
   retries: 10
   delay: 30
   until: result is not failed
 
-- name: Set the instance private ip address
+- name: Set the instance primary private ip address
   ansible.builtin.set_fact:
     instance_private_ip: "{{ result.vnic.private_ip }}"
 
-- name: Set the instance public ip address
+- name: Set the instance primary public ip address
   ansible.builtin.set_fact:
     instance_public_ip: "{{ result.vnic.public_ip }}"
 
+- name: Add vlan vnic to instance
+  when: use_vlan
+  block:
+    - name: Create vlan vnic_attachment
+      oracle.oci.oci_compute_vnic_attachment:
+        compartment_id: "{{ my_compartment_id }}"
+        create_vnic_details:
+          assign_public_ip: false
+          display_name: "vlan-vnic-{{ item.value.instance_name }}"
+          vlan_id: "{{ my_vlan_id }}"
+        display_name: "vlan-attach-{{ item.value.instance_name }}"
+        instance_id: "{{ my_instance_id }}"
+      register: result
+      retries: 10
+      delay: 30
+      until: result is not failed
+
+    - name: Print vnic_attachment for vlan
+      ansible.builtin.debug:
+        var: result
+      when: debug_enabled
+
 - name: Add block volume to worker nodes for ceph storage
   when:
     - item.value.type == "worker"
@@ -99,7 +121,7 @@
 
     - name: Attach ceph storage block volume
       oracle.oci.oci_compute_volume_attachment:
-        instance_id: "{{ instance_id }}"
+        instance_id: "{{ my_instance_id }}"
         type: paravirtualized
         volume_id: "{{ volume_id }}"
         compartment_id: "{{ my_compartment_id }}"
@@ -126,4 +148,4 @@
     ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
     ansible_host: "{{ instance_public_ip }}"
     ansible_port: 22
-    instance_ocid: "{{ instance_id }}"
+    instance_ocid: "{{ my_instance_id }}"

ocne/create_instance.yml

@@ -235,6 +235,10 @@
       ansible.builtin.set_fact:
         my_subnet_domain_name: "{{ result.subnet.subnet_domain_name }}"
 
+    - name: Set vlan
+      ansible.builtin.include_tasks: "create_vlan.yml"
+      when: use_vlan
+
     - name: Set oci vars file
       ansible.builtin.template:
         src: oci_vars.j2
@@ -313,6 +317,10 @@
     - name: Configure instance
       ansible.builtin.include_tasks: "host_setup.yml"
 
+    - name: Assign vlan ip addresses
+      ansible.builtin.include_tasks: "host_assign_vlan_ip.yml"
+      when: use_vlan
+
 - name: Install Oracle Cloud Native Environment
   vars:
     install_type: "{{ ocne_type if ocne_type is defined else (lookup('file', 'default_vars.yml') | from_yaml).ocne_type | default('none') }}"
@@ -422,6 +430,16 @@
             state: 'absent'
           loop: "{{ oci_ccm_lb_ids }}"
 
+    - name: Delete the vlan
+      oracle.oci.oci_network_vlan:
+        vlan_id: "{{ my_vlan_id }}"
+        state: absent
+
+    - name: Delete network_security_group
+      oracle.oci.oci_network_security_group:
+        network_security_group_id: "{{ my_nsg_id }}"
+        state: absent
+
     - name: Delete the subnet
       oracle.oci.oci_network_subnet:
         id: "{{ my_subnet_id }}"

ocne/create_lb.yml

@@ -67,7 +67,7 @@
   ansible.builtin.setup:
   delegate_to: "{{ item }}"
   delegate_facts: true
-  #loop: "{{ groups['controlplane'] | flatten(levels=1) }}"
+  # loop: "{{ groups['controlplane'] | flatten(levels=1) }}"
   loop: "{{ range(groups['controlplane'] | length - empty_cp_nodes | int) | map('extract', groups['controlplane']) | list }}"
 
 - name: Print loop var

ocne/create_vlan.yml

@@ -0,0 +1,64 @@
+---
+# Copyright (c) 2024 Oracle and/or its affiliates.
+# This software is made available to you under the terms of the Universal Permissive License (UPL), Version 1.0.
+# The Universal Permissive License (UPL), Version 1.0 (see COPYING or https://oss.oracle.com/licenses/upl)
+# See LICENSE.TXT for details.
+
+- name: Create network_security_group
+  oracle.oci.oci_network_security_group:
+    compartment_id: "{{ my_compartment_id }}"
+    vcn_id: "{{ my_vcn_id }}"
+    display_name: "Linuxvirt VLAN NSG"
+  register: result
+  retries: 10
+  delay: 30
+  until: result is not failed
+
+- name: Set network_security_group id
+  ansible.builtin.set_fact:
+    my_nsg_id: "{{ result.network_security_group.id }}"
+
+- name: Perform action add on network_security_group_security_rule
+  oracle.oci.oci_network_security_group_security_rule_actions:
+    network_security_group_id: "{{ my_nsg_id }}"
+    action: add
+    security_rules:
+      -
+        direction: "EGRESS"
+        protocol: "all"
+        destination_type: "CIDR_BLOCK"
+        destination: "0.0.0.0/0"
+      -
+        direction: "INGRESS"
+        protocol: "all"
+        source_type: "CIDR_BLOCK"
+        source: "10.0.0.0/16"
+  register: result
+  retries: 10
+  delay: 30
+  until: result is not failed
+
+- name: Create a vlan
+  oracle.oci.oci_network_vlan:
+    availability_domain: "{{ my_availability_domain }}"
+    cidr_block: "{{ vlan_cidr_block }}"
+    compartment_id: "{{ my_compartment_id }}"
+    display_name: "Linuxvirt VLAN"
+    # route_table_id: "{{ rt_id }}"
+    # vlan_tag: "10"
+    nsg_ids:
+      - "{{ my_nsg_id }}"
+    vcn_id: "{{ my_vcn_id }}"
+  register: result
+  retries: 10
+  delay: 30
+  until: result is not failed
+
+- name: Set vlan id
+  ansible.builtin.set_fact:
+    my_vlan_id: "{{ result.vlan.id }}"
+
+- name: Print vlan details
+  ansible.builtin.debug:
+    msg: "Created a new vlan {{ result }}"
+  when: debug_enabled

ocne/default_vars.yml

@@ -17,13 +17,16 @@ instance_shape: "VM.Standard.E4.Flex"
 instance_ocpus: 2
 instance_memory: 32
 subnet_cidr_block: "10.0.0.48/28"
+use_vlan: false
+vlan_cidr_block: 10.0.12.0/24
 
 username: "oracle"
 user_default_password: "oracle"
 debug_enabled: false
 ocne_type: quick
 use_ocne_full: false
 use_lb: false
+use_int_lb: false
 oci_ccm_bash: false
 use_oci_ccm: false
 use_istio: false