Add nftable configuration generate code
The generated configuration includes:
- Service port
- Whitelist subnet for private network
- SNAT rule related variables
- UE routing information (from config contexts on Netbox)
ref: INF-138
Change-Id: Ibd37e0dbbe5920c82d0fbf1246d7d41b924c0def
diff --git a/scripts/edgeconfig.py b/scripts/edgeconfig.py
index c8a31c2..fc49606 100644
--- a/scripts/edgeconfig.py
+++ b/scripts/edgeconfig.py
@@ -35,7 +35,7 @@
tenant = nbhelper.NBTenant()
# use base_config for additional items
- yaml_out = yaml.safe_load(args.base_config.read())
+ base_yaml = yaml.safe_load(args.base_config.read())
dhcpd_subnets = []
dhcpd_interfaces = []
@@ -54,14 +54,24 @@
dhcpd_subnets.append(dhcpd_subnet)
- # yaml_out["devices"] = nbhelper.NBDevice.all_devs()
- yaml_out["netprep_netplan"] = tenant.generate_netplan()
- yaml_out["dns_forward_zones"] = nbhelper.NBDNSForwardZone.all_fwd_zones()
- yaml_out["dns_reverse_zones"] = dns_reverse_zones
- yaml_out["dhcpd_subnets"] = dhcpd_subnets
- yaml_out["dhcpd_interfaces"] = dhcpd_interfaces
+ for device in tenant.get_devices():
+ output_yaml = base_yaml.copy()
- if tenant.generate_extra_config():
- yaml_out.update(tenant.generate_extra_config())
+ if (
+ isinstance(device, nbhelper.NBDevice)
+ and device.data.device_role.slug == "router"
+ ) or (
+ isinstance(device, nbhelper.NBVirtualMachine)
+ and device.data.role.slug == "router"
+ ):
+ output_yaml["dns_forward_zones"] = nbhelper.NBDNSForwardZone.all_fwd_zones()
+ output_yaml["dns_reverse_zones"] = dns_reverse_zones
+ output_yaml["dhcpd_subnets"] = dhcpd_subnets
+ output_yaml["dhcpd_interfaces"] = dhcpd_interfaces
+ output_yaml["netprep_nftables"] = device.generate_nftables()
+ output_yaml.update(device.generate_extra_config())
- print(yaml.safe_dump(yaml_out, indent=2))
+ output_yaml["netprep_netplan"] = device.generate_netplan()
+
+ with open("inventory/host_vars/%s.yaml" % device.name, "w") as f:
+ f.write(yaml.safe_dump(output_yaml, indent=2))