2 files changed, 201 insertions, 2 deletions
diff --git a/src/migration-scripts/container/0-to-1 b/src/migration-scripts/container/0-to-1
index 96ed6edee..d0461389b 100755
--- a/src/migration-scripts/container/0-to-1
+++ b/src/migration-scripts/container/0-to-1
@@ -17,18 +17,61 @@
 # T4870: change underlaying container filesystem from vfs to overlay
 
 import os
-import sys
 import shutil
+import sys
 
 from vyos.configtree import ConfigTree
+from vyos.util import call
 
 if (len(sys.argv) < 1):
     print("Must specify file name!")
     sys.exit(1)
 
-# We actually need no filename as this is a filesystem operation
+file_name = sys.argv[1]
+
+with open(file_name, 'r') as f:
+    config_file = f.read()
+
+base = ['container', 'name']
+config = ConfigTree(config_file)
+
+# Check if containers exist and we need to perform image manipulation
+if config.exists(base):
+    for container in config.list_nodes(base):
+        # Stop any given container first
+        call(f'systemctl stop vyos-container-{container}.service')
+        # Export container image for later re-import to new filesystem. We store
+        # the backup on a real disk as a tmpfs (like /tmp) could probably lack
+        # memory if a host has too many containers stored.
+        image_name = config.return_value(base + [container, 'image'])
+        call(f'podman image save --quiet --output /root/{container}.tar --format oci-archive {image_name}')
+
+# No need to adjust the strage driver online (this is only used for testing and
+# debugging on a live system) - it is already overlay2 when the migration script
+# is run during system update. But the specified driver in the image is actually
+# overwritten by the still present VFS filesystem on disk. Thus podman still
+# thinks it uses VFS until we delete the libpod directory under:
+# /usr/lib/live/mount/persistence/container/storage
+#call('sed -i "s/vfs/overlay2/g" /etc/containers/storage.conf /usr/share/vyos/templates/container/storage.conf.j2')
+
 base_path = '/usr/lib/live/mount/persistence/container/storage'
 for dir in ['libpod', 'vfs', 'vfs-containers', 'vfs-images', 'vfs-layers']:
     if os.path.exists(f'{base_path}/{dir}'):
         shutil.rmtree(f'{base_path}/{dir}')
 
+# Now all remaining information about VFS is gone and we operate in overlayfs2
+# filesystem mode. Time to re-import the images.
+if config.exists(base):
+    for container in config.list_nodes(base):
+        # Export container image for later re-import to new filesystem
+        image_name = config.return_value(base + [container, 'image'])
+        image_path = f'/root/{container}.tar'
+        call(f'podman image load --quiet --input {image_path}')
+
+        # Start any given container first
+        call(f'systemctl start vyos-container-{container}.service')
+
+        # Delete temporary container image
+        if os.path.exists(image_path):
+            os.unlink(image_path)
+
diff --git a/src/migration-scripts/qos/1-to-2 b/src/migration-scripts/qos/1-to-2
new file mode 100755
index 000000000..6f4c08a50
--- /dev/null
+++ b/src/migration-scripts/qos/1-to-2
@@ -0,0 +1,156 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2022 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+from sys import argv,exit
+
+from vyos.base import Warning
+from vyos.configtree import ConfigTree
+from vyos.util import read_file
+
+def bandwidth_percent_to_val(interface, percent) -> int:
+    speed = read_file(f'/sys/class/net/{interface}/speed')
+    if not speed.isnumeric():
+        Warning('Interface speed cannot be determined (assuming 10 Mbit/s)')
+        speed = 10
+    speed = int(speed) *1000000 # convert to MBit/s
+    return speed * int(percent) // 100 # integer division
+
+if (len(argv) < 1):
+    print("Must specify file name!")
+    exit(1)
+
+file_name = argv[1]
+
+with open(file_name, 'r') as f:
+    config_file = f.read()
+
+base = ['traffic-policy']
+config = ConfigTree(config_file)
+
+if not config.exists(base):
+    # Nothing to do
+    exit(0)
+
+iface_config = {}
+
+if config.exists(['interfaces']):
+    def get_qos(config, interface, interface_base):
+        if config.exists(interface_base):
+            tmp = { interface : {} }
+            if config.exists(interface_base + ['in']):
+                tmp[interface]['ingress'] = config.return_value(interface_base + ['in'])
+            if config.exists(interface_base + ['out']):
+                tmp[interface]['egress'] = config.return_value(interface_base + ['out'])
+            config.delete(interface_base)
+            return tmp
+        return None
+
+    # Migrate "interface ethernet eth0 traffic-policy in|out" to "qos interface eth0 ingress|egress"
+    for type in config.list_nodes(['interfaces']):
+        for interface in config.list_nodes(['interfaces', type]):
+            interface_base = ['interfaces', type, interface, 'traffic-policy']
+            tmp = get_qos(config, interface, interface_base)
+            if tmp: iface_config.update(tmp)
+
+            vif_path = ['interfaces', type, interface, 'vif']
+            if config.exists(vif_path):
+                for vif in config.list_nodes(vif_path):
+                    vif_interface_base = vif_path + [vif, 'traffic-policy']
+                    ifname = f'{interface}.{vif}'
+                    tmp = get_qos(config, ifname, vif_interface_base)
+                    if tmp: iface_config.update(tmp)
+
+            vif_s_path = ['interfaces', type, interface, 'vif-s']
+            if config.exists(vif_s_path):
+                for vif_s in config.list_nodes(vif_s_path):
+                    vif_s_interface_base = vif_s_path + [vif_s, 'traffic-policy']
+                    ifname = f'{interface}.{vif_s}'
+                    tmp = get_qos(config, ifname, vif_s_interface_base)
+                    if tmp: iface_config.update(tmp)
+
+                    # vif-c interfaces MUST be migrated before their parent vif-s
+                    # interface as the migrate_*() functions delete the path!
+                    vif_c_path = ['interfaces', type, interface, 'vif-s', vif_s, 'vif-c']
+                    if config.exists(vif_c_path):
+                        for vif_c in config.list_nodes(vif_c_path):
+                            vif_c_interface_base = vif_c_path + [vif_c, 'traffic-policy']
+                            ifname = f'{interface}.{vif_s}.{vif_c}'
+                            tmp = get_qos(config, ifname, vif_s_interface_base)
+                            if tmp: iface_config.update(tmp)
+
+
+# Now we have the information which interface uses which QoS policy.
+# Interface binding will be moved to the qos CLi tree
+config.set(['qos'])
+config.copy(base, ['qos', 'policy'])
+config.delete(base)
+
+# TODO
+# - remove burst from network emulator
+
+def change_cli_bandwidth(config, path):
+    if config.exists(path + ['bandwidth']):
+        bw = config.return_value(path + ['bandwidth'])
+        if bw.endswith('%'):
+            bw = bandwidth_percent_to_val(interface, bw.rstrip('%'))
+            config.set(path + ['bandwidth'], value=bw)
+    return
+
+# Now map the interface policy binding to the new CLI syntax
+for interface, interface_config in iface_config.items():
+    if 'ingress' in interface_config:
+        config.set(['qos', 'interface', interface, 'ingress'], value=interface_config['ingress'])
+    if 'egress' in interface_config:
+        config.set(['qos', 'interface', interface, 'egress'], value=interface_config['egress'])
+
+    # QoS policy <-> interface binding is now established - we now can adjust some
+    # CLI values like bandwidth in percent
+    for direction in ['ingress', 'egress']:
+        if direction not in interface_config:
+            continue
+        # Convert % bandwidth values to absolute values
+        for policy in config.list_nodes(['qos', 'policy']):
+            for policy_name in config.list_nodes(['qos', 'policy', policy]):
+                if policy_name == interface_config[direction]:
+                    policy_base = ['qos', 'policy', policy, policy_name]
+                    # This is for the toplevel bandwidth node on a policy
+                    change_cli_bandwidth(config, policy_base)
+
+                    # This is for class based bandwidth value
+                    if config.exists(policy_base + ['class']):
+                        for cls in config.list_nodes(policy_base + ['class']):
+                            cls_base = policy_base + ['class', cls]
+                            change_cli_bandwidth(config, cls_base)
+
+                    # This is for the bandwidth value specified under the
+                    # policy "default" tree
+                    if config.exists(policy_base + ['default']):
+                        default_base = policy_base + ['default']
+                        change_cli_bandwidth(config, default_base)
+
+# Remove "burst" CLI node from network emulator
+netem_base = ['qos', 'policy', 'network-emulator']
+if config.exists(netem_base):
+    for policy_name in config.list_nodes(netem_base):
+        if config.exists(netem_base + [policy_name, 'burst']):
+            config.delete(netem_base + [policy_name, 'burst'])
+
+try:
+    with open(file_name, 'w') as f:
+        f.write(config.to_string())
+except OSError as e:
+    print("Failed to save the modified config: {}".format(e))
+    exit(1)