Initial commit

main.yml

@@ -0,0 +1,6 @@
+---
+- name: Install Junos vQFX virtual appliance
+  hosts: localhost
+  gather_facts: no
+  roles:
+    - vqfx

plugin.spec

@@ -0,0 +1,18 @@
+config:
+  plugin_type: install
+subparsers:
+  # the actual name of the plugin
+  vqfx:
+    description: The plugin sets up a virtual Juniper QFX switch
+    include_groups: ["Ansible options", "Common options"]
+    groups:
+      - title: I don't know what is this for
+        options:
+          configure_nested:
+            type: Bool
+            help: Whether nested virtualization should be enabled on this host.
+            default: False
+          ovs_bridges:
+            type: Value
+            help: List of OVS bridges to set up.
+            default: dunno how to make a list

roles/vqfx/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

roles/vqfx/defaults/main.yml

@@ -0,0 +1,8 @@
+---
+# defaults file for vqfx
+use_nested: no
+vagrant_working_dir: /home/anet-vagrant
+vagrant_box_source: http://10.8.125.119/vagrant
+ovs_bridges:
+  - br-controller
+  - br-baremetal

roles/vqfx/files/expect.sh

@@ -0,0 +1,91 @@
+#!/bin/bash
+set -x
+
+expect -c"
+  set timeout 300
+  spawn vagrant ssh vqfx
+  expect \"Password:\"
+  send \"Juniper\r\"
+  expect \"root@:RE:0%\"
+  send \"cli\r\"
+  expect \"root>\"
+  send \"config\r\"
+  expect \"root#\"
+  send \"set interfaces em1 unit 0 family inet address 169.254.0.2/24\r\"
+  expect \"root#\"
+  send \"commit\r\"
+  expect \"root#\"
+  send \"exit\r\"
+  expect \"root>\"
+  send \"restart chassis-control\r\"
+  expect \"root>\"
+  send \"exit\r\"
+  expect \"root@:RE:0%\"
+  send \"exit\r\"
+"
+
+sleep 60
+
+# get vagrant config for scp command
+vagrant ssh-config vqfx > /tmp/sshconf
+
+# copy the infterface wait script into the appliance
+expect -c "
+spawn bash -c \"scp -F /tmp/sshconf /tmp/wait.sh vqfx:~/wait.sh\"
+expect {
+  -re \".*es.*o.*\" {
+    exp_send \"yes\r\"
+    exp_continue
+  }
+  -re \".*sword.*\" {
+    exp_send \"Juniper\r\"
+  }
+}
+interact
+"
+
+# wait for interfaces to come up, then configure
+expect -c"
+  set timeout 300
+  spawn vagrant ssh vqfx
+  expect \"Password:\"
+  send \"Juniper\r\"
+  expect \"root@:RE:0%\"
+  send \"csh wait.sh\r\"
+  expect \"root@:RE:0%*\"
+  send \"cli\r\"
+  expect \"root>\"
+  send \"config\r\"
+  expect \"root#\"
+  send \"set vlans br-tenant vlan-id 37\r\"
+  expect \"root#\"
+  send \"set interfaces interface-range br-tenant unit 0 family ethernet-switching vlan members br-tenant\r\"
+  expect \"root#\"
+  send \"set interfaces irb unit 1 family inet address 192.168.2.250/24\r\"
+  expect \"root#\"
+  send \"set vlans default l3-interface irb.1\r\"
+  expect \"root#\"
+  send \"set interfaces xe-0/0/0 unit 0 family ethernet-switching vlan members default\r\"
+  expect \"root#\"
+  send \"set interfaces xe-0/0/1 unit 0 family ethernet-switching vlan members default\r\"
+  expect \"root#\"
+  send \"set interfaces interface-range br-tenant member-range xe-0/0/0 to xe-0/0/1\r\"
+  expect \"root#\"
+  send \"set interfaces interface-range br-tenant native-vlan-id 37\r\"
+  expect \"root#\"
+  send \"delete interfaces interface-range br-tenant unit 0 family ethernet-switching vlan members br-tenant\r\"
+  expect \"root#\"
+  send \"set interfaces interface-range br-tenant unit 0 family ethernet-switching interface-mode trunk\r\"
+  expect \"root#\"
+  send \"set interfaces interface-range br-tenant unit 0 family ethernet-switching vlan members br-tenant\r\"
+  expect \"root#\"
+  send \"commit\r\"
+  expect \"root#\"
+  send \"exit\r\"
+  expect \"root#\"
+  send \"exit\r\"
+  expect \"root>\"
+  send \"exit\r\"
+  expect \"root@:RE:0%\"
+  send \"exit\r\"
+"

roles/vqfx/files/wait.sh

@@ -0,0 +1,11 @@
+#!/bin/tcsh
+
+foreach x (1 2 3 4 5 6 7 8 9 10)
+  ifconfig > ifc
+  if { grep xe-0 ifc } then
+    break
+  endif
+  sleep 10
+end
+
+

roles/vqfx/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for vqfx

roles/vqfx/meta/main.yml

@@ -0,0 +1,57 @@
+galaxy_info:
+  author: your name
+  description: your description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Some suggested licenses:
+  # - BSD (default)
+  # - MIT
+  # - GPLv2
+  # - GPLv3
+  # - Apache
+  # - CC-BY
+  license: license (GPLv2, CC-BY, etc)
+
+  min_ansible_version: 1.2
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  # Optionally specify the branch Galaxy will use when accessing the GitHub
+  # repo for this role. During role install, if no tags are available,
+  # Galaxy will use this branch. During import Galaxy will access files on
+  # this branch. If Travis integration is configured, only notifications for this
+  # branch will be accepted. Otherwise, in all cases, the repo's default branch
+  # (usually master) will be used.
+  #github_branch:
+
+  #
+  # platforms is a list of platforms, and each platform has a name and a list of versions.
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.

roles/vqfx/tasks/create-vagrant-box.yml

@@ -0,0 +1,23 @@
+---
+- name: "Check if {{ box }} box already loaded"
+  shell: "vagrant box list | grep {{ box }}"
+  register: vagrant_box
+  ignore_errors: true
+  become: yes
+
+- name: "Check if there's already a {{ box }} image available"
+  stat:
+    path: "{{ vagrant_working_dir }}/vagrant-boxes/{{ box }}.box"
+  register: box_image
+  when: vagrant_box.rc != 0
+
+- name: "Download {{ box }} box"
+  get_url:
+    url: "{{ vagrant_box_source }}/{{ box }}.box"
+    dest: "{{ vagrant_working_dir }}/vagrant-boxes/{{ box }}.box"
+  when: vagrant_box.rc != 0 and box_image.stat.exists == False
+
+- name: "Add {{ box }} box"
+  command: "vagrant box add {{ vagrant_working_dir }}/vagrant-boxes/{{ box }}.box --name {{ box }}"
+  when: vagrant_box.rc != 0
+  become: yes

roles/vqfx/tasks/main.yml

@@ -0,0 +1,9 @@
+---
+- name: Setup vagrant environment
+  include_tasks: setup.yml
+
+- name: Install vagrant dependencies
+  include_tasks: vagrant-deps.yml
+
+- name: Deploy virtual switches
+  include_tasks: vagrant-deploy.yml

roles/vqfx/tasks/setup.yml

@@ -0,0 +1,69 @@
+---
+#- name: Create working directory
+#  file:
+#    path: "{{ working_dir }}"
+#    state: directory
+#  become: yes
+#
+# install vagrant and dependencies
+- name: Install vagrant
+  yum:
+    name: https://releases.hashicorp.com/vagrant/2.1.1/vagrant_2.1.1_x86_64.rpm
+    state: present
+  become: yes
+
+- name: Install vagrant-libvirt dependencies
+  yum:
+    name: "{{ item }}"
+    state: installed
+  with_items:
+    - qemu
+    - libvirt
+    - libvirt-devel
+    - ruby-devel
+    - gcc
+    - expect
+    - qemu-kvm
+    - libxslt-devel
+    - libxml2-devel
+    - libvirt-devel
+    - libguestfs-tools-c
+  become: yes
+
+    # expect ansible requires a newer version
+- name: Install pexpect from pip
+  pip:
+    name: pexpect
+  become: yes
+
+- name: Check vagrant-libvirt is installed
+  shell: "vagrant plugin list | grep vagrant-libvirt"
+  register: vagrant_libvirt
+  ignore_errors: true
+  become: yes
+
+- name: Install vagrant-libvirt
+  command: "vagrant plugin install vagrant-libvirt"
+  when: vagrant_libvirt.rc != 0
+  become: yes
+
+- shell: cat /sys/module/kvm_intel/parameters/nested || true
+  register: nested_result
+  when: use_nested
+
+- name: reload kvm_intel
+  block:
+    - lineinfile:
+        path: /etc/modprobe.d/kvm_intel.conf
+        line: 'options kvm-intel nested=1'
+        create: yes
+    - modprobe:
+        name: kvm_intel
+        state: absent
+    - modprobe:
+        name: kvm_intel
+        state: present
+  when:
+    - use_nested
+    - "'Y' not in nested_result.stdout"
+  become: yes