[EDGEPOD-186] Add Ansible playbook for Aether Edge
Change-Id: I71d73a5a4fdf7e5ccf12df924597af6ab90a68b4
diff --git a/aether-playbook/roles/router/defaults/main.yml b/aether-playbook/roles/router/defaults/main.yml
new file mode 100644
index 0000000..6af6545
--- /dev/null
+++ b/aether-playbook/roles/router/defaults/main.yml
@@ -0,0 +1,22 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+router_type: linux
+netplan_config_file: /etc/netplan/sgi-s1u-gateway.yaml
+
+# Provide below to run the playbook
+#sgi_gateway_ip:
+#s1u_gateway_ip:
+#sgi_s1u_gateway_iface:
diff --git a/aether-playbook/roles/router/linux/handlers/main.yml b/aether-playbook/roles/router/linux/handlers/main.yml
new file mode 100644
index 0000000..6408d79
--- /dev/null
+++ b/aether-playbook/roles/router/linux/handlers/main.yml
@@ -0,0 +1,20 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: netplan generate
+ command: netplan generate
+
+- name: netplan apply
+ command: netplan apply
diff --git a/aether-playbook/roles/router/linux/tasks/main.yml b/aether-playbook/roles/router/linux/tasks/main.yml
new file mode 100644
index 0000000..c37bca1
--- /dev/null
+++ b/aether-playbook/roles/router/linux/tasks/main.yml
@@ -0,0 +1,56 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: Create netplan config file for SGI network gateway
+ template:
+ src: etc/netplan/sgi-s1u-gateway.yaml.j2
+ dest: "{{ netplan_config_file }}"
+ notify:
+ - netplan generate
+ - netplan apply
+ tags: router
+
+- name: Install iptables-persistent
+ apt:
+ name: iptables-persistent
+ state: present
+ update_cache: yes
+ tags: router
+
+- name: Ensure ip_forward enabled
+ sysctl:
+ name: net.ipv4.ip_forward
+ value: '1'
+ sysctl_set: yes
+ state: present
+ tags: router
+
+- name: Set default forwarding policy to ACCEPT
+ iptables:
+ chain: FORWARD
+ policy: ACCEPT
+ tags: router
+
+- name: Add SNAT
+ iptables:
+ table: nat
+ chain: POSTROUTING
+ out_interface: "{{ ansible_default_ipv4.interface }}"
+ jump: MASQUERADE
+ tags: router
+
+- name: Save iptables v4 rules
+ shell: iptables-save > /etc/iptables/rules.v4
+ tags: router
diff --git a/aether-playbook/roles/router/linux/templates/etc/netplan/sgi-s1u-gateway.yaml.j2 b/aether-playbook/roles/router/linux/templates/etc/netplan/sgi-s1u-gateway.yaml.j2
new file mode 100644
index 0000000..7c6cef7
--- /dev/null
+++ b/aether-playbook/roles/router/linux/templates/etc/netplan/sgi-s1u-gateway.yaml.j2
@@ -0,0 +1,26 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+network:
+ version: 2
+ renderer: networkd
+ ethernets:
+ {{ sgi_s1u_gateway_iface }}:
+ addresses:
+ - {{ sgi_gateway_ip }}
+ - {{ s1u_gateway_ip }}
+ routes:
+ - to: {{ ue_pool }}
+ via: {{ spgwu_sgi_ip }}
diff --git a/aether-playbook/roles/router/meta/main.yml b/aether-playbook/roles/router/meta/main.yml
new file mode 100644
index 0000000..3c4fe58
--- /dev/null
+++ b/aether-playbook/roles/router/meta/main.yml
@@ -0,0 +1,23 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+dependencies:
+ - role: router/linux
+ when:
+ - router_type == 'linux'
+
+# - role: router/vyos
+# when:
+# - router_type == 'vyos'