Add bgp-l3-xl dt

This commit adds a "bgp-l3-xl" dt where workers/computes/networkers
are deployed across three racks over a virtualized spine/leaf fabric
using bgp.

The overall footprint consists of 3 masters, 9 workers (3x rack),
6 computes (2x rack), 3 networkers (1x rack) plus 1 router, 2 spines
and 6 leaf switches (2x rack).

~~~
$ virsh list
 Id     Name                   State
----------------------------------------
 1292   cifmw-controller-0     running
 1293   cifmw-r0-compute-0     running
 1294   cifmw-r0-compute-1     running
 1295   cifmw-r1-compute-0     running
 1296   cifmw-r1-compute-1     running
 1297   cifmw-r2-compute-0     running
 1298   cifmw-r2-compute-1     running
 1299   cifmw-r0-networker-0   running
 1300   cifmw-r1-networker-0   running
 1301   cifmw-r2-networker-0   running
 1302   cifmw-ocp-master-0     running
 1303   cifmw-ocp-master-1     running
 1304   cifmw-ocp-master-2     running
 1305   cifmw-ocp-worker-0     running
 1306   cifmw-ocp-worker-1     running
 1307   cifmw-ocp-worker-2     running
 1308   cifmw-ocp-worker-3     running
 1309   cifmw-ocp-worker-4     running
 1310   cifmw-ocp-worker-5     running
 1311   cifmw-ocp-worker-6     running
 1312   cifmw-ocp-worker-7     running
 1313   cifmw-ocp-worker-8     running
 1314   cifmw-ocp-worker-9     running
 1315   cifmw-router-0         running
 1316   cifmw-spine-0          running
 1317   cifmw-spine-1          running
 1318   cifmw-leaf-0           running
 1319   cifmw-leaf-1           running
 1320   cifmw-leaf-2           running
 1321   cifmw-leaf-3           running
 1322   cifmw-leaf-4           running
 1323   cifmw-leaf-5           running
~~~

Author: lmiccini

.github/CODEOWNERS

@@ -6,7 +6,10 @@ roles/adoption_osp_deploy @openstack-k8s-operators/adoption-core-reviewers
 
 # BGP
 roles/ci_gen_kustomize_values/templates/bgp_dt01 @openstack-k8s-operators/bgp
+roles/ci_gen_kustomize_values/templates/bgp-l3-xl @openstack-k8s-operators/bgp
 playbooks/bgp-l3-computes-ready.yml @openstack-k8s-operators/bgp
+playbooks/bgp @openstack-k8s-operators/bgp
+scenarios/reproducers/bgp-l3-xl.yml @openstack-k8s-operators/bgp
 
 # Compliance
 roles/compliance @openstack-k8s-operators/security

playbooks/bgp/prepare-bgp-computes.yaml

@@ -0,0 +1,71 @@
+---
+- name: Configure computes
+  hosts: "computes{{ networkers_bool | default(false) | bool | ternary(',networkers', '') }}"
+  tasks:
+    - name: Check default route corresponds with BGP
+      ansible.builtin.command:
+        cmd: "ip route show default"
+      register: _initial_default_ip_route_result
+      changed_when: false
+
+    - name: Early end if default route is already based on BGP
+      ansible.builtin.meta: end_play
+      when: "'proto bgp' in _initial_default_ip_route_result.stdout"
+
+    - name: Obtain the device with the DHCP default route
+      ansible.builtin.shell:
+        cmd: >
+          ip r show default |
+          grep "proto dhcp" |
+          grep -o "dev \w*" |
+          cut -d" " -f 2
+      ignore_errors: true
+      register: dhcp_default_route_device
+      changed_when: false
+
+    - name: Remove DHCP default route if it exists
+      when:
+        - dhcp_default_route_device.rc == 0
+        - dhcp_default_route_device.stdout | trim | length > 0
+      vars:
+        default_device: "{{ dhcp_default_route_device.stdout | trim }}"
+      block:
+        - name: Obtain the connection for the DHCP default route device
+          ansible.builtin.command:
+            cmd: >
+              nmcli -g GENERAL.CONNECTION device show {{ default_device }}
+          register: default_connection
+          changed_when: false
+
+        - name: Ignore dhcp default route from ocpbm interfaces
+          become: true
+          community.general.nmcli:
+            conn_name: "{{ default_connection.stdout | trim }}"
+            gw4_ignore_auto: true
+            gw6_ignore_auto: true
+            never_default4: true
+            state: present
+
+    - name: Remove default route obtained via DHCP from leafs in order to apply BGP
+      become: true
+      ansible.builtin.shell:
+        cmd: >
+          set -o pipefail && ip route show default |
+          grep "proto dhcp" |
+          xargs -r ip route del
+      changed_when: false
+
+    - name: Restart NetworkManager
+      become: true
+      ansible.builtin.systemd:
+        name: NetworkManager.service
+        state: restarted
+
+    - name: Check new default route corresponds with BGP
+      ansible.builtin.command:
+        cmd: "ip route show default"
+      register: default_ip_route_result
+      retries: 10
+      delay: 1
+      until: "'proto bgp' in default_ip_route_result.stdout"
+      changed_when: false

playbooks/bgp/prepare-bgp-hypervisor-from-controller.yaml

@@ -0,0 +1,23 @@
+---
+- name: Prepare the BGP hypervisor with needed configuration
+  hosts: hypervisor
+  tasks:
+    - name: Set IPv4 forwarding
+      become: true
+      ansible.posix.sysctl:
+        name: net.ipv4.ip_forward
+        value: '1'
+        sysctl_set: true
+        sysctl_file: /etc/sysctl.d/90-network.conf
+        state: present
+        reload: true
+
+    - name: Disable reverse path forwarding validation
+      become: true
+      ansible.posix.sysctl:
+        name: net.ipv4.conf.all.rp_filter
+        value: '0'
+        sysctl_set: true
+        sysctl_file: /etc/sysctl.d/90-network.conf
+        state: present
+        reload: true