cdn-ops/global/overlay/etc/puppet/modules/cdn/manifests/l4lb.pp

# Configure the SUNET CDN l4lb service
class cdn::l4lb(
  Boolean $cilium_enabled = false,
  String $cilium_version = 'v1.16.1',
  String $cilium_devices = 'enp129s0f1np1',
)
{
  if $cilium_enabled {
    sunet::docker_compose { 'sunet-cdn-l4lb':
      content          => template('cdn/l4lb/docker-compose.yml.erb'),
      service_name     => 'cdn-l4lb',
      compose_dir      => '/opt/sunet-cdn/compose/l4lb',
      compose_filename => 'docker-compose.yml',
      description      => 'SUNET CDN l4lb',
    }
  }

  include sunet::systemd_reload

  package {'bird2': ensure => installed }

  file { '/opt/sunet-cdn':
    ensure => directory,
    owner  => 'root',
    group  => 'root',
    mode   => '0640',
  }

  $sysctl_file = '/etc/sysctl.d/99-cdn-l4lb.conf'
    file { $sysctl_file:
      ensure  => file,
      owner   => 'root',
      group   => 'root',
      mode    => '0644',
      content => template('cdn/l4lb/sysctl.erb'),
    }
    # Load the sysctl file if it has changed
    exec { "sysctl -p ${sysctl_file}":
      subscribe   => File[$sysctl_file],
      refreshonly => true,
    }

  file { '/opt/sunet-cdn/l4lb':
    ensure => directory,
    owner  => 'root',
    group  => 'root',
    mode   => '0640',
  }

  file { '/opt/sunet-cdn/l4lb/conf':
    ensure => directory,
    owner  => 'root',
    group  => 'root',
    mode   => '0640',
  }

  file { '/opt/sunet-cdn/l4lb/conf/netns.json':
    ensure  => file,
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
    content => template('cdn/l4lb/netns.json.erb'),
  }

  file { '/usr/local/bin/sunet-l4lb-namespace':
    ensure  => file,
    owner   => 'root',
    group   => 'root',
    mode    => '0755',
    content => file('cdn/l4lb/sunet-l4lb-namespace'),
  }

  file { '/etc/systemd/system/sunet-l4lb-namespace.service':
    ensure  => file,
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
    content => template('cdn/l4lb/sunet-l4lb-namespace.service.erb'),
  }

  file { '/etc/systemd/system/bird.service.d':
    ensure => directory,
    owner  => 'root',
    group  => 'root',
    mode   => '0755',
  }

  file { '/etc/systemd/system/bird.service.d/override.conf':
    ensure  => file,
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
    content => template('cdn/l4lb/bird-override.conf.erb'),
    notify  => [Class['sunet::systemd_reload']]
  }

  file { '/etc/bird/bird.conf':
    ensure  => file,
    owner   => 'bird',
    group   => 'bird',
    mode    => '0640',
    content => template('cdn/l4lb/bird.conf.erb'),
    notify  => Service['bird'],
  }

  service { 'bird':
    ensure => 'running',
    enable => true,
  }
}