[bird2] Now using bird2

host_vars/routeur-daniel.adm.crans.org/bird.yml

@@ -1,60 +1,49 @@
 ---
 loc_bird:
+  id: 185.230.79.253
+  asn:
+    crans: 204515
+    aurore: 43619
+    viarezo: 212424
+  static:
     ipv4:
-    id: 185.230.79.253
-    binds:
-      - 138.195.159.250
-      - 185.230.79.253
-    statics:
-      - 185.230.76.0/22
-    kernel_filter:
-      - 185.230.78.0/24
-    bgps:
-      - name: viarezo
-        allow_local_as: 1
-        local:
-          as: 204515
-          address: 138.195.159.250
-        remote:
-          as: 212424
-          address: 138.195.159.249
-        allow_export_prefixes:
-          - 185.230.76.0/22+
-      - name: aurore
-        allow_local_as: 1
-        local:
-          as: 204515
-          address: 185.230.79.253
-        remote:
-          as: 43619
-          address: 185.230.79.254
-        allow_export_prefixes:
-          - 185.230.76.0/22+
+      - route 185.230.76.0/22 unreachable
     ipv6:
-    id: 185.230.79.253
-    binds:
-      - 2a0c:b641:2f3::2
-      - 2a0c:700:28::1
-    statics:
-      - 2a0c:700::/32
-    bgps:
-      - name: viarezo
-        allow_local_as: 1
+      - route 2a0c:700::/32 unreachable
+  bgp:
+    - name: aurore4
+      description: "BGP4 session with aurore"
       local:
-          as: 204515
-          address: 2a0c:b641:2f3::2
-        remote:
-          as: 212424
-          address: 2a0c:b641:2f3::1
-        allow_export_prefixes:
-          - 2a0c:700::/32+
-      - name: aurore
-        allow_local_as: 1
+        asn: crans
+        addr: 185.230.79.253
+      neighbor:
+        asn: aurore
+        addr: 185.230.79.254
+      ipv4: true
+    - name: aurore6
+      description: "BGP6 session with aurore"
       local:
-          as: 204515
-          address: 2a0c:700:28::1
-        remote:
-          as: 43619
-          address: 2a0c:700:28::2
-        allow_export_prefixes:
-          - 2a0c:700::/32+
+        asn: crans
+        addr: 2a0c:700:28::1
+      neighbor:
+        asn: aurore
+        addr: 2a0c:700:28::2
+      ipv6: true
+    - name: viarezo4
+      description: "BGP4 session with viarezo"
+      local:
+        asn: crans
+        addr: 138.195.159.250
+      neighbor:
+        asn: viarezo
+        addr: 138.195.159.249
+      ipv4: true
+    - name: viarezo6
+      description: "BGP6 session with viarezo"
+      local:
+        asn: crans
+        addr: 2a0c:b641:2f3::2
+      neighbor:
+        asn: viarezo
+        addr: 2a0c:b641:2f3::1
+      ipv6: true

host_vars/routeur-sam.adm.crans.org/bird.yml

@@ -1,60 +1,49 @@
 ---
 loc_bird:
+  id: 185.230.79.253
+  asn:
+    crans: 204515
+    aurore: 43619
+    viarezo: 212424
+  static:
     ipv4:
-    id: 185.230.79.253
-    binds:
-      - 138.195.159.250
-      - 185.230.79.253
-    statics:
-      - 185.230.76.0/22
-    kernel_filter:
-      - 185.230.78.0/24
-    bgps:
-      - name: viarezo
-        allow_local_as: 1
-        local:
-          as: 204515
-          address: 138.195.159.250
-        remote:
-          as: 212424
-          address: 138.195.159.249
-        allow_export_prefixes:
-          - 185.230.76.0/22+
-      - name: aurore
-        allow_local_as: 1
-        local:
-          as: 204515
-          address: 185.230.79.253
-        remote:
-          as: 43619
-          address: 185.230.79.254
-        allow_export_prefixes:
-          - 185.230.76.0/22+
+      - route 185.230.76.0/22 unreachable
     ipv6:
-    id: 185.230.79.253
-    binds:
-      - 2a0c:b641:2f3::2
-      - 2a0c:700:28::1
-    statics:
-      - 2a0c:700::/32
-    bgps:
-      - name: viarezo
-        allow_local_as: 1
+      - route 2a0c:700::/32 unreachable
+  bgp:
+    - name: aurore4
+      description: "BGP4 session with aurore"
       local:
-          as: 204515
-          address: 2a0c:b641:2f3::2
-        remote:
-          as: 212424
-          address: 2a0c:b641:2f3::1
-        allow_export_prefixes:
-          - 2a0c:700::/32+
-      - name: aurore
-        allow_local_as: 1
+        asn: crans
+        addr: 185.230.79.253
+      neighbor:
+        asn: aurore
+        addr: 185.230.79.254
+      ipv4: true
+    - name: aurore6
+      description: "BGP6 session with aurore"
       local:
-          as: 204515
-          address: 2a0c:700:28::1
-        remote:
-          as: 43619
-          address: 2a0c:700:28::2
-        allow_export_prefixes:
-          - 2a0c:700::/32+
+        asn: crans
+        addr: 2a0c:700:28::1
+      neighbor:
+        asn: aurore
+        addr: 2a0c:700:28::2
+      ipv6: true
+    - name: viarezo4
+      description: "BGP4 session with viarezo"
+      local:
+        asn: crans
+        addr: 138.195.159.250
+      neighbor:
+        asn: viarezo
+        addr: 138.195.159.249
+      ipv4: true
+    - name: viarezo6
+      description: "BGP6 session with viarezo"
+      local:
+        asn: crans
+        addr: 2a0c:b641:2f3::2
+      neighbor:
+        asn: viarezo
+        addr: 2a0c:b641:2f3::1
+      ipv6: true

plays/bird.yml

@@ -4,4 +4,4 @@
   vars:
     bird: '{{ glob_bird | default({}) | combine(loc_bird | default({})) }}'
   roles:
-    - bird
+    - bird2

roles/bird/tasks/main.yml

@@ -1,27 +1,36 @@
 ---
-- name: Install BIRD
-  apt:
-    update_cache: true
-    name:
-      - bird
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
+- name: PLEASE STOP
+  pause:
+    prompt: "{{ item }}"
+  loop:
+    - APPUIE SUR ^C TOUT DE SUITE ET LANCE LE RÔLE BIRD2 !
+    - NAN MAIS VRAIMENT
+    - GENRE ARRÈTE
+    - ON T'AURA PRÉVENU
 
-- name: Deploy bird configuration
-  template:
-    src: bird/bird.conf.j2
-    dest: /etc/bird/bird.conf
-    mode: 0640
-    owner: bird
-    group: bird
-  notify: reload bird
+#- name: Install BIRD
+#  apt:
+#    update_cache: true
+#    name:
+#      - bird
+#  register: apt_result
+#  retries: 3
+#  until: apt_result is succeeded
 
-- name: Deploy bird6 configuration
-  template:
-    src: bird/bird6.conf.j2
-    dest: /etc/bird/bird6.conf
-    mode: 0640
-    owner: bird
-    group: bird
-  notify: reload bird6
+#- name: Deploy bird configuration
+#  template:
+#    src: bird/bird.conf.j2
+#    dest: /etc/bird/bird.conf
+#    mode: 0640
+#    owner: bird
+#    group: bird
+#  notify: reload bird
+
+#- name: Deploy bird6 configuration
+#  template:
+#    src: bird/bird6.conf.j2
+#    dest: /etc/bird/bird6.conf
+#    mode: 0640
+#    owner: bird
+#    group: bird
+#  notify: reload bird6

roles/bird2/handlers/main.yml

@@ -0,0 +1,19 @@
+---
+- name: systemctl status bird.service
+  service_facts:
+  listen: 'systemctl reload bird.service'
+
+- name: systemctl reload bird.service
+  pause:
+    prompt: |-
+      On a préféré ne pas redemarrer bird automatiquement.
+      Du coup, c'est à toi de t'en occuper:
+        - si tu as modifié quelque chose qui forcera le logiciel à ouvrir (ou fermer) un nouveau socket, tu dois le restart
+        - sinon tu peux te contenter de le reload
+      Quand c'est fait appuie sur ENTRÉE
+  when: not ansible_check_mode and ansible_facts.services['bird']['state'] == 'running'
+
+- name: systemctl stop bird.service
+  systemd:
+    name: bird.service
+    state: stopped

roles/bird2/tasks/main.yml

@@ -0,0 +1,25 @@
+---
+- name: Install BIRD2
+  apt:
+    update_cache: true
+    name:
+      - bird2
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+  notify: systemctl stop bird.service
+
+- name: systemctl disable bird.service
+  systemd:
+    name: bird.service
+    enabled: false
+
+- name: Deploy bird configuration
+  template:
+    src: bird/bird.conf.j2
+    dest: /etc/bird/bird.conf
+    mode: 0640
+    owner: bird
+    group: bird
+  notify: systemctl reload bird.service
+

roles/bird2/templates/bird/bird.conf.j2

@@ -0,0 +1,91 @@
+{{ ansible_header | comment }}
+
+# This is a basic configuration file, which contains boilerplate options and
+# some basic examples. It allows the BIRD daemon to start but will not cause
+# anything else to happen.
+#
+# Please refer to the BIRD User's Guide documentation, which is also available
+# online at http://bird.network.cz/ in HTML format, for more information on
+# configuring BIRD and adding routing protocols.
+
+# Configure logging
+log syslog all;
+
+# Set router ID. It is a unique identification of your router, usually one of
+# IPv4 addresses of the router. It is recommended to configure it explicitly.
+router id {{ bird.id }};
+
+# Turn on global debugging of all protocols (all messages or just selected classes)
+# debug protocols all;
+
+# +----------------------+
+# | CONSTANT DEFINITIONS |
+# +----------------------+
+{% for key,value in bird.asn.items() %}
+define {{ key }}_asn = {{ value }};
+{% endfor %}
+
+# +---------------+
+# | NOT PROTOCOLS |
+# +---------------+
+# The Device protocol is not a real routing protocol. It does not generate any
+# routes and it only serves as a module for getting information about network
+# interfaces from the kernel. It is necessary in almost any configuration.
+protocol device {}
+
+# The Kernel protocol is not a real routing protocol. Instead of communicating
+# with other routers in the network, it performs synchronization of BIRD
+# routing tables with the OS kernel. One instance per table.
+protocol kernel {
+	ipv4 {
+		import none;
+		export all;
+	};
+}
+
+protocol kernel {
+	ipv6 {
+		import none;
+		export all;
+	};
+}
+
+protocol static {
+	ipv4;
+{% for route in bird.static.ipv4 %}
+	{{ route }};
+{% endfor %}
+}
+
+protocol static {
+	ipv6;
+{% for route in bird.static.ipv6 %}
+	{{ route }};
+{% endfor %}
+}
+
+# +---------------+
+# | BGP PROTOCOLS |
+# +---------------+
+{% for protocol in bird.bgp %}
+protocol bgp {{ protocol.name }} {
+	description "{{ protocol.description }}";
+	local {{ protocol.local.addr }} as {{ protocol.local.asn }}_asn;
+	neighbor {{ protocol.neighbor.addr }} as {{ protocol.neighbor.asn }}_asn;
+	strict bind;
+{% if protocol.ipv4 is defined and protocol.ipv4 %}
+
+	ipv4 {
+		import all;
+		export where source ~ [ RTS_STATIC ];
+	};
+{% endif %}{% if protocol.ipv6 is defined and protocol.ipv6 %}
+
+	ipv6 {
+		import all;
+		export where source ~ [ RTS_STATIC ];
+	};
+{% endif %}
+}
+
+{% endfor %}