summaryrefslogtreecommitdiff
path: root/src/migration-scripts
AgeCommit message (Collapse)Author
2021-02-28tunnel: T3364: rename encapsulation mode "gre-bridge" to "gretap"Christian Poessinger
The following list shows the mapping of VyOS tunnel encapsulation modes to the corresponding Linux modes. VyOS Linux gre gre gre-bridge gretap ipip ipip ipip6 ipip6 ip6ip6 ip6ip6 ip6gre ip6gre sit sit Besides gre-bridge this is pretty consistent. As bridge interfaces are also called tap interfaces gre-bridge will be renamed to gretap to make the post-processing much easier. This means (in detail) that there are no more child classes of _Tunnel and there will be now one geneirc TunnelIf class handling all sorts of encapsulation.
2021-02-22Merge branch 'current' of https://github.com/vyos/vyos-1x into currentDaniil Baturin
2021-02-22T3346: handle the case of empty nodes when migrating NAT to syntax version 5Daniil Baturin
2021-02-15bgp: T3311: remove remote-as from address-familyChristian Poessinger
When moving from Quagga to FRR the BGP address-family was extended by an invalid peer-group statement. FRR always moved a configured peer-group from the AFI level down to the neighbor level. With the migration to FRR reload we must take care about this by ourselves.
2021-02-14bgp: T2844: add IPv4 disable-send-community supportChristian Poessinger
2021-02-11ospfv3: T3267: move interface specific options to "protocols ospfv3"Christian Poessinger
2021-02-11ripng: T3281: move interface specific options to "protocols ripng"Christian Poessinger
2021-02-10conntrack: T3290: remove references to removed GRE pluginsBrandon Stepler
2021-02-07rip: T2547: migrate interface specific configuration under protocols ripChristian Poessinger
2021-02-07system: T2486: bugfix name-servers-dhcp NameError on vif-c interfacesChristian Poessinger
Commit 0f8beae7426 ("system: T2486: migrate disable-dhcp-nameservers to name-servers-dhcp") added a migration script for moving the name-servers. A small glitch was introduced when referencing vif-c interfaces unter a vif-s interface where a variable got referenced which was not defined.
2021-02-07rpki: T3293: bugfix for config migration when cache and address name matchChristian Poessinger
If the RPKI cache name equals the configured address, renaming is not possible, as rename expects the new path to not exist.
2021-02-05route: static: T2450: provide full protocol support in XML and Python with ↵Christian Poessinger
new CLI
2021-02-05vrf: T2450: provide full protocol support in XML and Python with new CLIChristian Poessinger
2021-02-04migrator: ospf: T3267: cleanup empty interface "ip" nodesChristian Poessinger
When per interface OSPF configuration is migrated into "protocols ospf interface" we should cleanup and empty ip {} node unter the individual interface. This makes the config look more nicely.
2021-01-30bgp: T3037: add migration scriptChristian Poessinger
(cherry picked from commit 32822d5e1831dff5cd904c0cb5886f7d737afab6)
2021-01-29ospf: T3267: fix invalid migrator version numberChristian Poessinger
2021-01-29ospf: T3267: move "interface ip ospf" configuration to "protocols ospf ↵Christian Poessinger
interface" For easier maintenance and operability move the interface specific protocol setting of OSPF to the OSPF protocol section. This is now also in-line with IS-IS. This means to migrate: ethernet eth0 { vif 202 { ip { ospf { authentication { md5 { key-id 10 { md5-key vyosvyos } } } dead-interval 40 hello-interval 10 priority 1 retransmit-interval 5 transmit-delay 1 } } } } to protocols { ospf { interface eth0.201 { authentication { md5 { key-id 10 { md5-key vyosvyos } } } dead-interval 40 hello-interval 10 priority 1 retransmit-interval 5 transmit-delay 1 } }
2021-01-29rpki: T3255: provide full protocol support in XML and PythonChristian Poessinger
This commit provides the implementation of the OSPF CLI with a Jinja2 template that is loaded by FRR reload.
2021-01-24nptv6: T2518: Delete redundant blank linesjack9603301
2021-01-23nptv6: T2518: Remove trailing spacesjack9603301
2021-01-23nptv6: T2518: Remove redundant paths for migration scriptsJACK
2021-01-23nptv6: T2518: Initial support for nat66 (NPT)jack9603301
2020-12-20ethernet: T3140: relax "ethernet offload-options" CLI definitionChristian Poessinger
Migrate from ethernet eth1 { offload-options { generic-receive on generic-segmentation on scatter-gather on tcp-segmentation on udp-fragmentation on } } to ethernet eth1 { offload { ufo tso sg gso gro } }
2020-12-20wifi: T3043: country-code should be lower caseChristian Poessinger
2020-12-08mirror: T3089: support two-way traffic mirroringjack9603301
2020-12-06migration: interfaces: remove superfluous importsChristian Poessinger
2020-12-04pppoe: T3112: drop "ipv6 enable" optionChristian Poessinger
IPv6 enable can be considered once the ipv6 node is present!
2020-11-21ethernet: T3048: fix migrator to also support a plain configChristian Poessinger
When VyOS boots the first time with the default configuration there it actually no "interface ethernet" node present in the config, thus we must exit the migrator. Without this change vyos.configtree.ConfigTreeError: Path [b'interfaces ethernet'] doesn't exist will be thrown.
2020-11-21system: T3078: rename "system options" -> "system option"Christian Poessinger
By design a CLI node should not be named by its plural but rather describe it as singular.
2020-11-21ethernet: T3048: drop static smp-affinity for dynamic performance tuningChristian Poessinger
After migrating the ethernet interfaces from the good old Perl days the smp-affinity node yet has no effect anymore as the code is still missing (my bad, sorry). Drop the smp-affinity node and rather use tuned instead with the network-throughput or network-latency profile. - network-throughput: Profile for throughput network tuning. It is based on the throughput-performance profile. It additionaly increases kernel network buffers. - network-latency: Profile for low latency network tuning. It is based on the latency-performance profile. It additionaly disables transparent hugepages, NUMA balancing and tunes several other network related sysctl parameters. I'd set network-throughput as the default on a new set system option performance <throughput | latency> CLI node which is present in the default configuration. https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf
2020-11-03wireless: T3042: move wifi-regulatory-domain into individual interface ↵Christian Poessinger
definition
2020-11-03wireless: T3043: rename "wpa mode both" to "wpa+wpa2"Christian Poessinger
2020-10-04pppoe-server: T2829: shift config migrators by oneChristian Poessinger
As VyOS vrux (1.2.7) requires a mirgator (1-to-2) for the MPPE node change (T2829) we need to shift all other migrators in 1.3 by one. As migrators probe the existance of nodes no negative side-effects are expected.
2020-10-04pppoe-server: migrators: fix python styleChristian Poessinger
2020-10-04pppoe-server: T2829: fix broken migration script (exit called)Christian Poessinger
A test statement was still present in the production code introduced in commit efeac80f8 ("pppoe-server: T2829: migrate 'ppp-options mppe' to leafNode"). This has been fixed.
2020-10-04pppoe-server: T2953: rename CLI local-ip to gateway-addressChristian Poessinger
Required to get a common CLI for all services provided by Accel-PPP. Once the CLI for each service is consitent - Jinja2 templates can be reused together with get_config_dict().
2020-10-04sstp: T2953: migrate gateway-address, client-ip-settings to common levelChristian Poessinger
* move "network-settings gateway-address" to "gateway-address" * move "network-settings client-ip-settings" to "client-ip-pool"
2020-10-03sstp: T2953: migrate mtu to common levelChristian Poessinger
Preparation before using get_config_dict() and common Jinja2 templates.
2020-10-03sstp: T2953: migrate name-server settions to common levelChristian Poessinger
In order to reuse as much as possible before migrationg to get_config_dict() and re-use Jinja2 snippets the name-server node must be moved one level up to 'set vpn sstp name-server'.
2020-10-02sstp: T2953: migrate ppp-settings to ppp-options nodeChristian Poessinger
2020-09-26login: migration: T2929: add missing if condition when probing for radius-serverChristian Poessinger
2020-09-25syslog: T2899: shift system migration files +1 to allow for cruxJohn Estabrook
2020-09-25syslog: T1845: fix indentation levelJohn Estabrook
2020-09-20wwan: ifconfig: T2905: sync CLI nodes in dialup interfacesChristian Poessinger
Both PPPoE and WWAN interfaces are dialer interfaces handled by ppp, but use different CLI nodes for the same functionality. PPPoE has "connect-on-demand" to initiate an "on-demand" dialing and WWAN uses "ondemand" for this purpose. Rename WWAN "ondemand" node to "connect-on-demand".
2020-09-20vif-s: ifconfig: T2903: use explicit VLAN protocol over raw numbersChristian Poessinger
In the past we had to provide the ethertype value used for the VLAN protocol (0x88A8 -> 802.1ad or 0x8100 -> 802.1q). This should be changed to a more user friendly CLI node (protocol over ethertype) and 802.1ad over it's raw value 0x88A8. There is no need in presenting RAW information from the ethernet header to the user. Also iproute2 calls it protocol which makes way more sense over the "raw" value.
2020-08-26pppoe-server: T2829: migrate 'ppp-options mppe' to leafNodeChristian Poessinger
2020-08-22dhcpv6-pd: T2677: optimize CLI interface for PD configurationChristian Poessinger
The current CLI did not support multiple prefix-delegations per interface. Some ISPs only send one /64 to a client per prefix-delegation request, but they allow the customer to request multiple prefixes. The 'dhcpv6-options prefix-delegation' node has been renamed and converted to a tag node named 'dhcpv6-options pd'. The tag node specifies a PD request (>=0). In the past the user needed to know what prefix will be assigned and required to calculate the sla-len by himself. The 'sla-len' node was dropped and is now calculated in the background from the 'dhcpv6-options pd 0 length' node. It is no longer mandatory to supply the 'sla-id' node, if sla-id is not specified it is 'guessed' by counting upwards. Example configuration: ---------------------- ethernet eth1 { address dhcpv6 dhcpv6-options { pd 0 { length 56 interface eth2 { address 1 } } } } This will request a /56 assignment from the ISP and will delegate a /64 network to interface eth2. VyOS will use the interface address ::1 on the delegate interface (eth2) as its local address.
2020-07-29wireguard: T2743: move key migration from config script to migration scriptChristian Poessinger
Migration files on the storage should be done one time by a migration script instead of every time the configuration changes. Moving this to an older migration script is fine as this is around for a long time and all rolling releases are already up2date. It only affects updates from VyOS 1.2 series.
2020-07-11snmp: T2687: precalculate snmpv3 encrypted keysChristian Poessinger
As of now when adding new credentials for any SNMPv3 user we submit the credential either plaintext or encrypted. A plaintext credential will be hashed by SNMPd in the background and then passed back into the CLI so it's not stored in cleartext. This feels like the wrong way in changing the CLI content with data produced by a 3rd party daemon which implements the service. It feels like the tail wiggles the entire dog. This should be changed in the following way: - After retrieving the plaintext password from CLI, use Python to hash the key in advance - Re-populate the encrypted key into the CLI and drop the plaintext one - Generate service configuration and continue startup of SNMPd This also fixes a race condition when SNMPd started up but not properly provided the hasehd keys in the configuration resulting in a ConfigurationError. Now as we also support binding SNMPd to a VRF this fixes a deadlock situation on bootup as we can only bind late to the VRF and require up to 5 restarts of the service - but the service will never start.
2020-07-07ssh: T2691: bugfix loglevel config migrationChristian Poessinger
When migrating the conf from VyOS 1.2 to 1.3 a configuration error could appear if the user specified "info" as loglevel instead of "INFO". There was no input validation done in 1.2 but this is now enforced in 1.3. In VyOS 1.3 loglevel will be always lowercase on the CLI and when migrating the config this is transformed. Also VyOS 1.2 accpeted any arbitrary loglevel. If an invalid loglevel is found it will be set to info.