From 8c7f469cc4463fe6b368c6310c4edafa67283571 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Thu, 11 Mar 2021 20:38:48 +0100 Subject: vrf: ospf: T2271: create individual OSPF process for specified VRF name VyOS CLI config: vrf red { ospf { default-information { originate { always } } default-metric 30 passive-interface default } } Will create the FRR configuration snippet: ! router ospf vrf red auto-cost reference-bandwidth 100 timers throttle spf 200 1000 10000 passive-interface default default-metric 30 default-information originate always ! --- data/templates/frr/ospf.frr.tmpl | 4 +- interface-definitions/protocols-vrf.xml.in | 8 ++++ smoketest/scripts/cli/test_protocols_ospf.py | 59 +++++++++++++++++++------- src/conf_mode/protocols_ospf.py | 63 +++++++++++++++++++++++++--- 4 files changed, 112 insertions(+), 22 deletions(-) diff --git a/data/templates/frr/ospf.frr.tmpl b/data/templates/frr/ospf.frr.tmpl index 140b6b406..a47c64c89 100644 --- a/data/templates/frr/ospf.frr.tmpl +++ b/data/templates/frr/ospf.frr.tmpl @@ -1,7 +1,7 @@ ! {% if interface is defined and interface is not none %} {% for iface, iface_config in interface.items() %} -interface {{ iface }} +interface {{ iface }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} {% if iface_config.authentication is defined and iface_config.authentication is not none %} {% if iface_config.authentication.plaintext_password is defined and iface_config.authentication.plaintext_password is not none %} ip ospf authentication-key {{ iface_config.authentication.plaintext_password }} @@ -50,7 +50,7 @@ interface {{ iface }} {% endfor %} {% endif %} ! -router ospf +router ospf {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} {% if access_list is defined and access_list is not none %} {% for acl, acl_config in access_list.items() %} {% for protocol in acl_config.export if acl_config.export is defined %} diff --git a/interface-definitions/protocols-vrf.xml.in b/interface-definitions/protocols-vrf.xml.in index 77297938b..e9ef5dc2a 100644 --- a/interface-definitions/protocols-vrf.xml.in +++ b/interface-definitions/protocols-vrf.xml.in @@ -27,6 +27,14 @@ #include + + + Open Shortest Path First (OSPF) + + + #include + + #include diff --git a/smoketest/scripts/cli/test_protocols_ospf.py b/smoketest/scripts/cli/test_protocols_ospf.py index d9a6c17e4..683ca12b8 100755 --- a/smoketest/scripts/cli/test_protocols_ospf.py +++ b/smoketest/scripts/cli/test_protocols_ospf.py @@ -27,7 +27,9 @@ base_path = ['protocols', 'ospf'] route_map = 'foo-bar-baz10' -def getFRROSPFconfig(): +def getFRRconfig(vrf=None): + if vrf: + return cmd(f'vtysh -c "show run" | sed -n "/^router ospf vrf {vrf}/,/^!/p"') return cmd('vtysh -c "show run" | sed -n "/^router ospf/,/^!/p"') def getFRRInterfaceConfig(interface): @@ -45,6 +47,7 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.delete(['policy', 'route-map', route_map]) self.session.delete(base_path) + self.session.commit() del self.session @@ -54,12 +57,11 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.commit() # Verify FRR ospfd configuration - frrconfig = getFRROSPFconfig() + frrconfig = getFRRconfig() self.assertIn(f'router ospf', frrconfig) self.assertIn(f' auto-cost reference-bandwidth 100', frrconfig) self.assertIn(f' timers throttle spf 200 1000 10000', frrconfig) # defaults - def test_ospf_02_simple(self): router_id = '127.0.0.1' abr_type = 'ibm' @@ -76,7 +78,7 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.commit() # Verify FRR ospfd configuration - frrconfig = getFRROSPFconfig() + frrconfig = getFRRconfig() self.assertIn(f'router ospf', frrconfig) self.assertIn(f' auto-cost reference-bandwidth {bandwidth}', frrconfig) self.assertIn(f' ospf router-id {router_id}', frrconfig) @@ -100,7 +102,7 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.commit() # Verify FRR ospfd configuration - frrconfig = getFRROSPFconfig() + frrconfig = getFRRconfig() self.assertIn(f'router ospf', frrconfig) self.assertIn(f' timers throttle spf 200 1000 10000', frrconfig) # defaults for ptotocol in protocols: @@ -121,7 +123,7 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.commit() # Verify FRR ospfd configuration - frrconfig = getFRROSPFconfig() + frrconfig = getFRRconfig() self.assertIn(f'router ospf', frrconfig) self.assertIn(f' timers throttle spf 200 1000 10000', frrconfig) # defaults self.assertIn(f' default-information originate metric {metric} metric-type {metric_type} route-map {route_map}', frrconfig) @@ -131,7 +133,7 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.commit() # Verify FRR ospfd configuration - frrconfig = getFRROSPFconfig() + frrconfig = getFRRconfig() self.assertIn(f' default-information originate always metric {metric} metric-type {metric_type} route-map {route_map}', frrconfig) @@ -158,7 +160,7 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.commit() # Verify FRR ospfd configuration - frrconfig = getFRROSPFconfig() + frrconfig = getFRRconfig() self.assertIn(f'router ospf', frrconfig) self.assertIn(f' mpls-te on', frrconfig) self.assertIn(f' mpls-te router-address 0.0.0.0', frrconfig) # default @@ -173,7 +175,7 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.set(base_path + ['distance', 'ospf', 'inter-area', inter_area]) self.session.commit() - frrconfig = getFRROSPFconfig() + frrconfig = getFRRconfig() self.assertIn(f' distance ospf intra-area {intra_area} inter-area {inter_area} external {external}', frrconfig) @@ -189,7 +191,7 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.commit() # Verify FRR ospfd configuration - frrconfig = getFRROSPFconfig() + frrconfig = getFRRconfig() self.assertIn(f'router ospf', frrconfig) for neighbor in neighbors: self.assertIn(f' neighbor {neighbor} priority {priority} poll-interval {poll_interval}', frrconfig) # default @@ -205,7 +207,7 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.commit() # Verify FRR ospfd configuration - frrconfig = getFRROSPFconfig() + frrconfig = getFRRconfig() self.assertIn(f'router ospf', frrconfig) self.assertIn(f' passive-interface default', frrconfig) # default for interface in interfaces: @@ -227,7 +229,7 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.commit() # Verify FRR ospfd configuration - frrconfig = getFRROSPFconfig() + frrconfig = getFRRconfig() self.assertIn(f'router ospf', frrconfig) for protocol in redistribute: if protocol in ['kernel', 'static']: @@ -257,7 +259,7 @@ class TestProtocolsOSPF(unittest.TestCase): self.session.commit() # Verify FRR ospfd configuration - frrconfig = getFRROSPFconfig() + frrconfig = getFRRconfig() import pprint # From time to time the CI fails with an error like: # ====================================================================== @@ -308,5 +310,34 @@ class TestProtocolsOSPF(unittest.TestCase): self.assertIn(f' ip ospf priority {priority}', config) self.assertIn(f' bandwidth {bandwidth}', config) + def test_ospf_01_11_vrfs(self): + vrfs = ['red', 'green', 'blue'] + # It is safe to assume that when the basic VRF test works, all + # other OSPF related features work, as we entirely inherit the CLI + # templates and Jinja2 FRR template. + table = '1000' + for vrf in vrfs: + self.session.set(['vrf', 'name', vrf, 'table', table]) + self.session.set(['protocols', 'vrf', vrf, 'ospf']) + table = str(int(table) + 1000) + + self.session.commit() + + # Verify FRR ospfd configuration + frrconfig = getFRRconfig() + self.assertIn(f'router ospf', frrconfig) + self.assertIn(f' auto-cost reference-bandwidth 100', frrconfig) + self.assertIn(f' timers throttle spf 200 1000 10000', frrconfig) # defaults + + for vrf in vrfs: + frrconfig = getFRRconfig(vrf) + self.assertIn(f'router ospf vrf {vrf}', frrconfig) + self.assertIn(f' auto-cost reference-bandwidth 100', frrconfig) + self.assertIn(f' timers throttle spf 200 1000 10000', frrconfig) # defaults + + self.session.delete(['protocols', 'vrf', vrf]) + self.session.delete(['vrf', 'name', vrf]) + + if __name__ == '__main__': - unittest.main(verbosity=2) + unittest.main(verbosity=2, failfast=True) diff --git a/src/conf_mode/protocols_ospf.py b/src/conf_mode/protocols_ospf.py index aefe7c23e..8c2372bd9 100755 --- a/src/conf_mode/protocols_ospf.py +++ b/src/conf_mode/protocols_ospf.py @@ -17,14 +17,18 @@ import os from sys import exit +from sys import argv from vyos.config import Config from vyos.configdict import dict_merge +from vyos.configdict import node_changed from vyos.configverify import verify_route_maps from vyos.configverify import verify_interface_exists +from vyos.configverify import verify_vrf from vyos.template import render_to_string from vyos.util import call from vyos.util import dict_search +from vyos.util import get_json_iface_options from vyos.xml import defaults from vyos import ConfigError from vyos import frr @@ -38,16 +42,33 @@ def get_config(config=None): conf = config else: conf = Config() - base = ['protocols', 'ospf'] + + vrf = None + if len(argv) > 1: + vrf = argv[1] + + base_path = ['protocols', 'ospf'] + + # eqivalent of the C foo ? 'a' : 'b' statement + base = vrf and ['protocols', 'vrf', vrf, 'ospf'] or base_path ospf = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) + # Assign the name of our VRF context. This MUST be done before the return + # statement below, else on deletion we will delete the default instance + # instead of the VRF instance. + if vrf: ospf['vrf'] = vrf + # Bail out early if configuration tree does not exist if not conf.exists(base): + ospf.update({'deleted' : ''}) return ospf # We have gathered the dict representation of the CLI, but there are default # options which we need to update into the dictionary retrived. - default_values = defaults(base) + # XXX: Note that we can not call defaults(base), as defaults does not work + # on an instance of a tag node. As we use the exact same CLI definition for + # both the non-vrf and vrf version this is absolutely safe! + default_values = defaults(base_path) # We have to cleanup the default dict, as default values could enable features # which are not explicitly enabled on the CLI. Example: default-information @@ -99,6 +120,14 @@ def get_config(config=None): ospf['interface'][interface] = dict_merge(default_values, ospf['interface'][interface]) + # As we no re-use this Python handler for both VRF and non VRF instances for + # OSPF we need to find out if any interfaces changed so properly adjust + # the FRR configuration and not by acctident change interfaces from a + # different VRF. + interfaces_removed = node_changed(conf, base + ['interface']) + if interfaces_removed: + ospf['interface_removed'] = list(interfaces_removed) + # We also need some additional information from the config, prefix-lists # and route-maps for instance. They will be used in verify() base = ['policy'] @@ -112,6 +141,7 @@ def verify(ospf): if not ospf: return None + verify_vrf(ospf) verify_route_maps(ospf) if 'interface' in ospf: @@ -121,12 +151,22 @@ def verify(ospf): # time. FRR will only activate the last option set via CLI. if {'hello_multiplier', 'dead_interval'} <= set(ospf['interface'][interface]): raise ConfigError(f'Can not use hello-multiplier and dead-interval ' \ - f'concurrently for "{interface}"!') + f'concurrently for {interface}!') + + if 'vrf' in ospf: + # If interface specific options are set, we must ensure that the + # interface is bound to our requesting VRF. Due to the VyOS/Vyatta + # priorities the interface is bound to the VRF after creation of + # the VRF itself, and before any routing protocol is configured. + vrf = ospf['vrf'] + tmp = get_json_iface_options(interface) + if 'master' not in tmp or tmp['master'] != vrf: + raise ConfigError(f'Interface {interface} is not a member of VRF {vrf}!') return None def generate(ospf): - if not ospf: + if not ospf or 'deleted' in ospf: ospf['new_frr_config'] = '' return None @@ -137,8 +177,19 @@ def apply(ospf): # Save original configuration prior to starting any commit actions frr_cfg = frr.FRRConfig() frr_cfg.load_configuration(frr_daemon) - frr_cfg.modify_section(r'^interface \S+', '') - frr_cfg.modify_section('^router ospf$', '') + + if 'vrf' in ospf: + vrf = ospf['vrf'] + frr_cfg.modify_section(f'^router ospf vrf {vrf}$', '') + else: + frr_cfg.modify_section('^router ospf$', '') + + for key in ['interface', 'interface_removed']: + if key not in ospf: + continue + for interface in ospf[key]: + frr_cfg.modify_section(f'^interface {interface}$', '') + frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', ospf['new_frr_config']) frr_cfg.commit_configuration(frr_daemon) -- cgit v1.2.3