cerc-io
/
stack-orchestrator
mirror of https://github.com/cerc-io/stack-orchestrator
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
12 Commits
66 Branches
528 Tags
47 MiB
Python 57.3%
Shell 36.6%
Dockerfile 4.5%
TypeScript 1%
JavaScript 0.3%
Other 0.2%
 
 
 
 
 
 
Go to file
A. F. Dudley b82d66eeff fix: VRF isolation for mia-sw01 relay, TCP dport mangle for ip_echo 
mia-sw01: Replace PBR-based outbound routing with VRF isolation.
TCAM profile tunnel-interface-acl doesn't support PBR or traffic-policy
on tunnel interfaces. Tunnel100 now lives in VRF "relay" whose default
route sends decapsulated traffic to was-sw01 via backbone, avoiding
BCP38 drops on the ISP uplink for src 137.239.194.65.

biscayne: Add TCP dport mangle rule for ip_echo (port 8001). Without it,
outbound ip_echo probes use biscayne's real IP instead of the Ashburn
relay IP, causing entrypoints to probe the wrong address. Also fix
loopback IP idempotency (handle "already assigned" error).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 		2026-03-07 23:31:18 +00:00
ashburn-relay-lab chore: add containerlab topologies for relay testing 2026-03-07 22:30:03 +00:00
docs feat: dedicated GRE tunnel (Tunnel100) bypassing DZ-managed Tunnel500 2026-03-07 01:47:58 +00:00
inventory feat: layer 4 invariants, mount checks, and deployment layer docs 2026-03-07 13:08:04 +00:00
inventory-switches fix: separate switch inventory to prevent accidental targeting 2026-03-07 10:56:48 +00:00
playbooks fix: VRF isolation for mia-sw01 relay, TCP dport mangle for ip_echo 2026-03-07 23:31:18 +00:00
scripts fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
shred-relay-lab chore: add containerlab topologies for relay testing 2026-03-07 22:30:03 +00:00
.gitignore fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
CLAUDE.md fix: inventory layering — playbooks use hosts:all, cross-inventory uses explicit hosts 2026-03-07 22:28:21 +00:00
README.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
ansible.cfg fix: redeploy playbook handles SSH agent, git pull, config regen, stale PVs 2026-03-07 09:58:29 +00:00

README.md

biscayne-agave-runbook

Ansible playbooks for operating the kind-based agave-stack deployment on biscayne.vaasl.io.