diff options
Diffstat (limited to 'src')
| -rwxr-xr-x | src/completion/list_bgp_peer_groups.sh | 23 | ||||
| -rwxr-xr-x | src/conf_mode/interfaces-tunnel.py | 4 | ||||
| -rwxr-xr-x | src/conf_mode/protocols_bgp.py | 45 | ||||
| -rwxr-xr-x | src/conf_mode/protocols_ospf.py | 61 | ||||
| -rwxr-xr-x | src/conf_mode/protocols_static.py | 24 | ||||
| -rwxr-xr-x | src/conf_mode/protocols_vrf.py | 72 | ||||
| -rwxr-xr-x | src/migration-scripts/vrf/1-to-2 | 61 | 
7 files changed, 200 insertions, 90 deletions
| diff --git a/src/completion/list_bgp_peer_groups.sh b/src/completion/list_bgp_peer_groups.sh new file mode 100755 index 000000000..4503d608f --- /dev/null +++ b/src/completion/list_bgp_peer_groups.sh @@ -0,0 +1,23 @@ +#!/bin/sh +# Copyright (C) 2021 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program.  If not, see <http://www.gnu.org/licenses/>. + +# Return BGP peer-groups from CLI + +declare -a vals +eval "bgp_as=$(cli-shell-api listNodes protocols bgp)" +eval "vals=($(cli-shell-api listNodes protocols bgp $bgp_as peer-group))" + +echo -n ${vals[@]} +exit 0 diff --git a/src/conf_mode/interfaces-tunnel.py b/src/conf_mode/interfaces-tunnel.py index b63312750..cab94a5b0 100755 --- a/src/conf_mode/interfaces-tunnel.py +++ b/src/conf_mode/interfaces-tunnel.py @@ -34,7 +34,7 @@ from vyos.ifconfig import Interface  from vyos.ifconfig import TunnelIf  from vyos.template import is_ipv4  from vyos.template import is_ipv6 -from vyos.util import get_json_iface_options +from vyos.util import get_interface_config  from vyos.util import dict_search  from vyos import ConfigError  from vyos import airbag @@ -103,7 +103,7 @@ def apply(tunnel):      # There is no other solution to destroy and recreate the tunnel.      encap = ''      remote = '' -    tmp = get_json_iface_options(interface) +    tmp = get_interface_config(interface)      if tmp:          encap = dict_search('linkinfo.info_kind', tmp)          remote = dict_search('linkinfo.info_data.remote', tmp) diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index 7dede74a1..43ca37f9d 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -17,6 +17,7 @@  import os  from sys import exit +from sys import argv  from vyos.config import Config  from vyos.configdict import dict_merge @@ -37,11 +38,24 @@ def get_config(config=None):          conf = config      else:          conf = Config() -    base = ['protocols', 'bgp'] + +    vrf = None +    if len(argv) > 1: +        vrf = argv[1] + +    base_path = ['protocols', 'bgp'] + +    # eqivalent of the C foo ? 'a' : 'b' statement +    base = vrf and ['vrf', 'name', vrf, 'protocols', 'bgp'] or base_path      bgp = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) -    # Bail out early if configuration tree does not exist +    # Assign the name of our VRF context. This MUST be done before the return +    # statement below, else on deletion we will delete the default instance +    # instead of the VRF instance. +    if vrf: bgp.update({'vrf' : vrf}) +      if not conf.exists(base): +        bgp.update({'deleted' : ''})          return bgp      # We also need some additional information from the config, @@ -80,11 +94,20 @@ def verify(bgp):      if not bgp:          return None -    # Check if declared more than one ASN -    if len(bgp) > 1: -        raise ConfigError('Only one BGP AS number can be defined!') +    # FRR bgpd only supports one Autonomous System Number, verify this! +    asn = 0 +    for key in bgp: +        if key.isnumeric(): +            asn +=1 +        if asn > 1: +            raise ConfigError('Only one BGP AS number can be defined!')      for asn, asn_config in bgp.items(): +        # Workaround for https://phabricator.vyos.net/T1711 +        # We also have a vrf, and deleted key now - so we can only veriy "numbers" +        if not asn.isnumeric(): +            continue +          # Common verification for both peer-group and neighbor statements          for neighbor in ['neighbor', 'peer_group']:              # bail out early if there is no neighbor or peer-group statement @@ -175,7 +198,7 @@ def verify(bgp):      return None  def generate(bgp): -    if not bgp: +    if not bgp or 'deleted' in bgp:          bgp['new_frr_config'] = ''          return None @@ -183,6 +206,8 @@ def generate(bgp):      # of the config dict      asn = list(bgp.keys())[0]      bgp[asn]['asn'] = asn +    if 'vrf' in bgp: +        bgp[asn]['vrf'] = bgp['vrf']      bgp['new_frr_config'] = render_to_string('frr/bgp.frr.tmpl', bgp[asn])      return None @@ -191,7 +216,13 @@ def apply(bgp):      # Save original configuration prior to starting any commit actions      frr_cfg = frr.FRRConfig()      frr_cfg.load_configuration(frr_daemon) -    frr_cfg.modify_section(f'^router bgp \d+$', '') + +    if 'vrf' in bgp: +        vrf = bgp['vrf'] +        frr_cfg.modify_section(f'^router bgp \d+ vrf {vrf}$', '') +    else: +        frr_cfg.modify_section('^router bgp \d+$', '') +      frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', bgp['new_frr_config'])      frr_cfg.commit_configuration(frr_daemon) diff --git a/src/conf_mode/protocols_ospf.py b/src/conf_mode/protocols_ospf.py index aefe7c23e..ef2aeda7f 100755 --- a/src/conf_mode/protocols_ospf.py +++ b/src/conf_mode/protocols_ospf.py @@ -17,14 +17,17 @@  import os  from sys import exit +from sys import argv  from vyos.config import Config  from vyos.configdict import dict_merge +from vyos.configdict import node_changed  from vyos.configverify import verify_route_maps  from vyos.configverify import verify_interface_exists  from vyos.template import render_to_string  from vyos.util import call  from vyos.util import dict_search +from vyos.util import get_interface_config  from vyos.xml import defaults  from vyos import ConfigError  from vyos import frr @@ -38,16 +41,33 @@ def get_config(config=None):          conf = config      else:          conf = Config() -    base = ['protocols', 'ospf'] + +    vrf = None +    if len(argv) > 1: +        vrf = argv[1] + +    base_path = ['protocols', 'ospf'] + +    # eqivalent of the C foo ? 'a' : 'b' statement +    base = vrf and ['vrf', 'name', vrf, 'protocols', 'ospf'] or base_path      ospf = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) +    # Assign the name of our VRF context. This MUST be done before the return +    # statement below, else on deletion we will delete the default instance +    # instead of the VRF instance. +    if vrf: ospf['vrf'] = vrf +      # Bail out early if configuration tree does not exist      if not conf.exists(base): +        ospf.update({'deleted' : ''})          return ospf      # We have gathered the dict representation of the CLI, but there are default      # options which we need to update into the dictionary retrived. -    default_values = defaults(base) +    # XXX: Note that we can not call defaults(base), as defaults does not work +    # on an instance of a tag node. As we use the exact same CLI definition for +    # both the non-vrf and vrf version this is absolutely safe! +    default_values = defaults(base_path)      # We have to cleanup the default dict, as default values could enable features      # which are not explicitly enabled on the CLI. Example: default-information @@ -99,6 +119,14 @@ def get_config(config=None):              ospf['interface'][interface] = dict_merge(default_values,                  ospf['interface'][interface]) +    # As we no re-use this Python handler for both VRF and non VRF instances for +    # OSPF we need to find out if any interfaces changed so properly adjust +    # the FRR configuration and not by acctident change interfaces from a +    # different VRF. +    interfaces_removed = node_changed(conf, base + ['interface']) +    if interfaces_removed: +        ospf['interface_removed'] = list(interfaces_removed) +      # We also need some additional information from the config, prefix-lists      # and route-maps for instance. They will be used in verify()      base = ['policy'] @@ -121,12 +149,22 @@ def verify(ospf):              # time. FRR will only activate the last option set via CLI.              if {'hello_multiplier', 'dead_interval'} <= set(ospf['interface'][interface]):                  raise ConfigError(f'Can not use hello-multiplier and dead-interval ' \ -                                  f'concurrently for "{interface}"!') +                                  f'concurrently for {interface}!') + +            if 'vrf' in ospf: +                # If interface specific options are set, we must ensure that the +                # interface is bound to our requesting VRF. Due to the VyOS/Vyatta +                # priorities the interface is bound to the VRF after creation of +                # the VRF itself, and before any routing protocol is configured. +                vrf = ospf['vrf'] +                tmp = get_interface_config(interface) +                if 'master' not in tmp or tmp['master'] != vrf: +                    raise ConfigError(f'Interface {interface} is not a member of VRF {vrf}!')      return None  def generate(ospf): -    if not ospf: +    if not ospf or 'deleted' in ospf:          ospf['new_frr_config'] = ''          return None @@ -137,8 +175,19 @@ def apply(ospf):      # Save original configuration prior to starting any commit actions      frr_cfg = frr.FRRConfig()      frr_cfg.load_configuration(frr_daemon) -    frr_cfg.modify_section(r'^interface \S+', '') -    frr_cfg.modify_section('^router ospf$', '') + +    if 'vrf' in ospf: +        vrf = ospf['vrf'] +        frr_cfg.modify_section(f'^router ospf vrf {vrf}$', '') +    else: +        frr_cfg.modify_section('^router ospf$', '') + +    for key in ['interface', 'interface_removed']: +        if key not in ospf: +            continue +        for interface in ospf[key]: +            frr_cfg.modify_section(f'^interface {interface}$', '') +      frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', ospf['new_frr_config'])      frr_cfg.commit_configuration(frr_daemon) diff --git a/src/conf_mode/protocols_static.py b/src/conf_mode/protocols_static.py index 5d101b33e..51b4acfc8 100755 --- a/src/conf_mode/protocols_static.py +++ b/src/conf_mode/protocols_static.py @@ -17,6 +17,7 @@  import os  from sys import exit +from sys import argv  from vyos.config import Config  from vyos.template import render_to_string @@ -34,8 +35,19 @@ def get_config(config=None):          conf = config      else:          conf = Config() -    base = ['protocols', 'static'] + +    vrf = None +    if len(argv) > 1: +        vrf = argv[1] + +    base_path = ['protocols', 'static'] +    # eqivalent of the C foo ? 'a' : 'b' statement +    base = vrf and ['vrf', 'name', vrf, 'protocols', 'static'] or base_path      static = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) + +    # Assign the name of our VRF context +    if vrf: static['vrf'] = vrf +      return static  def verify(static): @@ -50,8 +62,14 @@ def apply(static):      # Save original configuration prior to starting any commit actions      frr_cfg = frr.FRRConfig()      frr_cfg.load_configuration(frr_daemon) -    frr_cfg.modify_section(r'^ip route .*', '') -    frr_cfg.modify_section(r'^ipv6 route .*', '') + +    if 'vrf' in static: +        vrf = static['vrf'] +        frr_cfg.modify_section(f'^vrf {vrf}$', '') +    else: +        frr_cfg.modify_section(r'^ip route .*', '') +        frr_cfg.modify_section(r'^ipv6 route .*', '') +      frr_cfg.add_before(r'(interface .*|line vty)', static['new_frr_config'])      frr_cfg.commit_configuration(frr_daemon) diff --git a/src/conf_mode/protocols_vrf.py b/src/conf_mode/protocols_vrf.py deleted file mode 100755 index 227e7d5e1..000000000 --- a/src/conf_mode/protocols_vrf.py +++ /dev/null @@ -1,72 +0,0 @@ -#!/usr/bin/env python3 -# -# Copyright (C) 2021 VyOS maintainers and contributors -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 or later as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program.  If not, see <http://www.gnu.org/licenses/>. - -import os - -from sys import exit - -from vyos.config import Config -from vyos.template import render_to_string -from vyos.util import call -from vyos import ConfigError -from vyos import frr -from vyos import airbag -airbag.enable() - -frr_daemon = 'staticd' - -def get_config(config=None): -    if config: -        conf = config -    else: -        conf = Config() -    base = ['protocols', 'vrf'] -    vrf = conf.get_config_dict(base, key_mangling=('-', '_')) -    return vrf - -def verify(vrf): - -    return None - -def generate(vrf): -    vrf['new_frr_config'] = render_to_string('frr/vrf.frr.tmpl', vrf) -    return None - -def apply(vrf): -    # Save original configuration prior to starting any commit actions -    frr_cfg = frr.FRRConfig() -    frr_cfg.load_configuration(frr_daemon) -    frr_cfg.modify_section(r'vrf \S+', '') -    frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', vrf['new_frr_config']) -    frr_cfg.commit_configuration(frr_daemon) - -    # If FRR config is blank, rerun the blank commit x times due to frr-reload -    # behavior/bug not properly clearing out on one commit. -    if vrf['new_frr_config'] == '': -        for a in range(5): -            frr_cfg.commit_configuration(frr_daemon) - -    return None - -if __name__ == '__main__': -    try: -        c = get_config() -        verify(c) -        generate(c) -        apply(c) -    except ConfigError as e: -        print(e) -        exit(1) diff --git a/src/migration-scripts/vrf/1-to-2 b/src/migration-scripts/vrf/1-to-2 new file mode 100755 index 000000000..20128e957 --- /dev/null +++ b/src/migration-scripts/vrf/1-to-2 @@ -0,0 +1,61 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2021 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program.  If not, see <http://www.gnu.org/licenses/>. + +# - T3344: migrate routing options from "protocols vrf" to "vrf <name> protocols" + +from sys import argv +from sys import exit +from vyos.configtree import ConfigTree + +if (len(argv) < 2): +    print("Must specify file name!") +    exit(1) + +file_name = argv[1] + +with open(file_name, 'r') as f: +    config_file = f.read() + +base = ['protocols', 'vrf'] +config = ConfigTree(config_file) + +if not config.exists(base): +    # Nothing to do +    exit(0) + +vrf_base = ['vrf', 'name'] +config.set(vrf_base) +config.set_tag(vrf_base) + +# Copy all existing static routes to the new base node under "vrf name <name> protocols static" +for vrf in config.list_nodes(base): +    static_base = base + [vrf, 'static'] +    if not config.exists(static_base): +        continue + +    new_static_base = vrf_base + [vrf, 'protocols'] +    config.set(new_static_base) +    config.copy(static_base, new_static_base + ['static']) + +# Now delete the old configuration +config.delete(base) + +try: +    with open(file_name, 'w') as f: +        f.write(config.to_string()) +except OSError as e: +    print("Failed to save the modified config: {}".format(e)) +    exit(1) | 
