From 6f0249e39164b9d59de6550337e2901e5ed9ebf1 Mon Sep 17 00:00:00 2001 From: DmitriyEshenko Date: Mon, 22 Nov 2021 20:55:06 +0000 Subject: tftp: T4012: Add TFTP VRF support --- src/conf_mode/tftp_server.py | 9 +++++++-- src/systemd/tftpd@.service | 2 +- 2 files changed, 8 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/conf_mode/tftp_server.py b/src/conf_mode/tftp_server.py index 2409eec1f..ef726670c 100755 --- a/src/conf_mode/tftp_server.py +++ b/src/conf_mode/tftp_server.py @@ -24,6 +24,7 @@ from sys import exit from vyos.config import Config from vyos.configdict import dict_merge +from vyos.configverify import verify_vrf from vyos.template import render from vyos.template import is_ipv4 from vyos.util import call @@ -65,10 +66,11 @@ def verify(tftpd): if 'listen_address' not in tftpd: raise ConfigError('TFTP server listen address must be configured!') - for address in tftpd['listen_address']: + for address, address_config in tftpd['listen_address'].items(): if not is_addr_assigned(address): print(f'WARNING: TFTP server listen address "{address}" not ' \ 'assigned to any interface!') + verify_vrf(address_config) return None @@ -83,7 +85,7 @@ def generate(tftpd): return None idx = 0 - for address in tftpd['listen_address']: + for address, address_config in tftpd['listen_address'].items(): config = deepcopy(tftpd) port = tftpd['port'] if is_ipv4(address): @@ -91,6 +93,9 @@ def generate(tftpd): else: config['listen_address'] = f'[{address}]:{port} -6' + if 'vrf' in address_config: + config['vrf'] = address_config['vrf'] + file = config_file + str(idx) render(file, 'tftp-server/default.tmpl', config) idx = idx + 1 diff --git a/src/systemd/tftpd@.service b/src/systemd/tftpd@.service index 266bc0962..a674bf598 100644 --- a/src/systemd/tftpd@.service +++ b/src/systemd/tftpd@.service @@ -7,7 +7,7 @@ RequiresMountsFor=/run Type=forking #NotifyAccess=main EnvironmentFile=-/etc/default/tftpd%I -ExecStart=/usr/sbin/in.tftpd "$DAEMON_ARGS" +ExecStart=/bin/sh -c "${VRF_ARGS} /usr/sbin/in.tftpd ${DAEMON_ARGS}" Restart=on-failure [Install] -- cgit v1.2.3 From ee53af35eb1edb6167a65b290f25a95b2a586498 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Tue, 23 Nov 2021 14:10:51 -0600 Subject: graphql: T3993: add requests for manipulating firewall groups --- .../graphql/graphql/schema/firewall_group.graphql | 47 ++++++++++++++++++++++ .../api/graphql/graphql/schema/schema.graphql | 3 ++ .../remove_firewall_address_group_members.py | 21 ++++++++++ src/services/api/graphql/recipes/session.py | 27 ++++++------- .../templates/create_firewall_address_group.tmpl | 4 ++ .../remove_firewall_address_group_members.tmpl | 3 ++ .../update_firewall_address_group_members.tmpl | 3 ++ 7 files changed, 93 insertions(+), 15 deletions(-) create mode 100644 src/services/api/graphql/graphql/schema/firewall_group.graphql create mode 100644 src/services/api/graphql/recipes/remove_firewall_address_group_members.py create mode 100644 src/services/api/graphql/recipes/templates/create_firewall_address_group.tmpl create mode 100644 src/services/api/graphql/recipes/templates/remove_firewall_address_group_members.tmpl create mode 100644 src/services/api/graphql/recipes/templates/update_firewall_address_group_members.tmpl (limited to 'src') diff --git a/src/services/api/graphql/graphql/schema/firewall_group.graphql b/src/services/api/graphql/graphql/schema/firewall_group.graphql new file mode 100644 index 000000000..efe7de632 --- /dev/null +++ b/src/services/api/graphql/graphql/schema/firewall_group.graphql @@ -0,0 +1,47 @@ +input CreateFirewallAddressGroupInput { + name: String! + address: [String] +} + +type CreateFirewallAddressGroup { + name: String! + address: [String] +} + +type CreateFirewallAddressGroupResult { + data: CreateFirewallAddressGroup + success: Boolean! + errors: [String] +} + +input UpdateFirewallAddressGroupMembersInput { + name: String! + address: [String!]! +} + +type UpdateFirewallAddressGroupMembers { + name: String! + address: [String!]! +} + +type UpdateFirewallAddressGroupMembersResult { + data: UpdateFirewallAddressGroupMembers + success: Boolean! + errors: [String] +} + +input RemoveFirewallAddressGroupMembersInput { + name: String! + address: [String!]! +} + +type RemoveFirewallAddressGroupMembers { + name: String! + address: [String!]! +} + +type RemoveFirewallAddressGroupMembersResult { + data: RemoveFirewallAddressGroupMembers + success: Boolean! + errors: [String] +} diff --git a/src/services/api/graphql/graphql/schema/schema.graphql b/src/services/api/graphql/graphql/schema/schema.graphql index e34a4eadb..9e97a0d60 100644 --- a/src/services/api/graphql/graphql/schema/schema.graphql +++ b/src/services/api/graphql/graphql/schema/schema.graphql @@ -13,6 +13,9 @@ directive @configfile on FIELD_DEFINITION type Mutation { CreateDhcpServer(data: DhcpServerConfigInput) : CreateDhcpServerResult @configure CreateInterfaceEthernet(data: InterfaceEthernetConfigInput) : CreateInterfaceEthernetResult @configure + CreateFirewallAddressGroup(data: CreateFirewallAddressGroupInput) : CreateFirewallAddressGroupResult @configure + UpdateFirewallAddressGroupMembers(data: UpdateFirewallAddressGroupMembersInput) : UpdateFirewallAddressGroupMembersResult @configure + RemoveFirewallAddressGroupMembers(data: RemoveFirewallAddressGroupMembersInput) : RemoveFirewallAddressGroupMembersResult @configure SaveConfigFile(data: SaveConfigFileInput) : SaveConfigFileResult @configfile LoadConfigFile(data: LoadConfigFileInput) : LoadConfigFileResult @configfile } diff --git a/src/services/api/graphql/recipes/remove_firewall_address_group_members.py b/src/services/api/graphql/recipes/remove_firewall_address_group_members.py new file mode 100644 index 000000000..cde30c27a --- /dev/null +++ b/src/services/api/graphql/recipes/remove_firewall_address_group_members.py @@ -0,0 +1,21 @@ + +from . session import Session + +class RemoveFirewallAddressGroupMembers(Session): + def __init__(self, session, data): + super().__init__(session, data) + + # Define any custom processing of parameters here by overriding + # configure: + # + # def configure(self): + # self._data = transform_data(self._data) + # super().configure() + # self.clean_up() + + def configure(self): + super().configure() + + group_name = self._data['name'] + path = ['firewall', 'group', 'address-group', group_name] + self.delete_path_if_childless(path) diff --git a/src/services/api/graphql/recipes/session.py b/src/services/api/graphql/recipes/session.py index aa3932ab9..b96cc1753 100644 --- a/src/services/api/graphql/recipes/session.py +++ b/src/services/api/graphql/recipes/session.py @@ -1,27 +1,17 @@ from ariadne import convert_camel_case_to_snake import vyos.defaults +from vyos.config import Config from vyos.template import render class Session(object): def __init__(self, session, data): self._session = session - self.data = data + self._data = data self._name = convert_camel_case_to_snake(type(self).__name__) - @property - def data(self): - return self.__data - - @data.setter - def data(self, data): - if isinstance(data, dict): - self.__data = data - else: - raise ValueError("data must be of type dict") - def configure(self): session = self._session - data = self.data + data = self._data func_base_name = self._name tmpl_file = f'{func_base_name}.tmpl' @@ -46,9 +36,16 @@ class Session(object): except Exception as error: raise error + def delete_path_if_childless(self, path): + session = self._session + config = Config(session.get_session_env()) + if not config.list_nodes(path): + session.delete(path) + session.commit() + def save(self): session = self._session - data = self.data + data = self._data if 'file_name' not in data or not data['file_name']: data['file_name'] = '/config/config.boot' @@ -59,7 +56,7 @@ class Session(object): def load(self): session = self._session - data = self.data + data = self._data try: session.load_config(data['file_name']) diff --git a/src/services/api/graphql/recipes/templates/create_firewall_address_group.tmpl b/src/services/api/graphql/recipes/templates/create_firewall_address_group.tmpl new file mode 100644 index 000000000..a890d0086 --- /dev/null +++ b/src/services/api/graphql/recipes/templates/create_firewall_address_group.tmpl @@ -0,0 +1,4 @@ +set firewall group address-group {{ name }} +{% for add in address %} +set firewall group address-group {{ name }} address {{ add }} +{% endfor %} diff --git a/src/services/api/graphql/recipes/templates/remove_firewall_address_group_members.tmpl b/src/services/api/graphql/recipes/templates/remove_firewall_address_group_members.tmpl new file mode 100644 index 000000000..458f3e5fc --- /dev/null +++ b/src/services/api/graphql/recipes/templates/remove_firewall_address_group_members.tmpl @@ -0,0 +1,3 @@ +{% for add in address %} +delete firewall group address-group {{ name }} address {{ add }} +{% endfor %} diff --git a/src/services/api/graphql/recipes/templates/update_firewall_address_group_members.tmpl b/src/services/api/graphql/recipes/templates/update_firewall_address_group_members.tmpl new file mode 100644 index 000000000..f56c61231 --- /dev/null +++ b/src/services/api/graphql/recipes/templates/update_firewall_address_group_members.tmpl @@ -0,0 +1,3 @@ +{% for add in address %} +set firewall group address-group {{ name }} address {{ add }} +{% endfor %} -- cgit v1.2.3 From 39d6ca61c50f70171b2f7bcccbba2c70d102cb7f Mon Sep 17 00:00:00 2001 From: Charles Surett Date: Wed, 24 Nov 2021 18:07:56 -0500 Subject: hosts: T3979: Change address to a list This fixes `hostfile-update` in the dhcp-server --- src/utils/vyos-hostsd-client | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/utils/vyos-hostsd-client b/src/utils/vyos-hostsd-client index d4d38315a..a0515951a 100755 --- a/src/utils/vyos-hostsd-client +++ b/src/utils/vyos-hostsd-client @@ -129,7 +129,8 @@ try: params = h.split(",") if len(params) < 2: raise ValueError("Malformed host entry") - entry['address'] = params[1] + # Address needs to be a list because of changes made in T2683 + entry['address'] = [params[1]] entry['aliases'] = params[2:] data[params[0]] = entry client.add_hosts({args.tag: data}) -- cgit v1.2.3 From 3f8fe7a43fec410545b3004878de0c023955ee49 Mon Sep 17 00:00:00 2001 From: Andrii <85483797+andriiandrieiev@users.noreply.github.com> Date: Thu, 25 Nov 2021 13:18:07 +0200 Subject: filesystem: T3946: GPT table fix after disk resize --- src/op_mode/force_root-partition-auto-resize.sh | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src') diff --git a/src/op_mode/force_root-partition-auto-resize.sh b/src/op_mode/force_root-partition-auto-resize.sh index 4f13e3e03..b39e87560 100755 --- a/src/op_mode/force_root-partition-auto-resize.sh +++ b/src/op_mode/force_root-partition-auto-resize.sh @@ -44,7 +44,13 @@ fi # # Resize the partition and grow the filesystem. # +# "print" and "Fix" directives were added to fix GPT table if it corrupted after virtual drive extension. +# If GPT table is corrupted we'll get Fix/Ignore dialogue after "print" command. +# "Fix" will be the answer for this dialogue. +# If GPT table is fine and no auto-fix dialogue appeared the directive "Fix" simply will print parted utility help info. parted -m ${ROOT_DEV} ---pretend-input-tty > /dev/null 2>&1 < Date: Thu, 25 Nov 2021 19:58:06 +0000 Subject: containers: T3978: Fix correct variable name for network --- src/conf_mode/containers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/conf_mode/containers.py b/src/conf_mode/containers.py index ab992e415..2e14e0b25 100755 --- a/src/conf_mode/containers.py +++ b/src/conf_mode/containers.py @@ -158,7 +158,7 @@ def verify(container): v6_prefix = 0 # If ipv4-prefix not defined for user-defined network if 'prefix' not in network_config: - raise ConfigError(f'prefix for network "{net}" must be defined!') + raise ConfigError(f'prefix for network "{network}" must be defined!') for prefix in network_config['prefix']: if is_ipv4(prefix): v4_prefix += 1 -- cgit v1.2.3 From 72472b84b065005b05d134456e442073f07badf5 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:01 +0100 Subject: bfd: T3753: FRR 8 added support for bfdd when using frr-reload.py --- python/vyos/frr.py | 3 ++- src/conf_mode/protocols_bfd.py | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/python/vyos/frr.py b/python/vyos/frr.py index df6849472..616e4b3c9 100644 --- a/python/vyos/frr.py +++ b/python/vyos/frr.py @@ -84,7 +84,8 @@ if DEBUG: LOG.addHandler(ch2) _frr_daemons = ['zebra', 'bgpd', 'fabricd', 'isisd', 'ospf6d', 'ospfd', 'pbrd', - 'pimd', 'ripd', 'ripngd', 'sharpd', 'staticd', 'vrrpd', 'ldpd'] + 'pimd', 'ripd', 'ripngd', 'sharpd', 'staticd', 'vrrpd', 'ldpd', + 'bfdd'] path_vtysh = '/usr/bin/vtysh' path_frr_reload = '/usr/lib/frr/frr-reload.py' diff --git a/src/conf_mode/protocols_bfd.py b/src/conf_mode/protocols_bfd.py index 539fd7b8e..59083efb8 100755 --- a/src/conf_mode/protocols_bfd.py +++ b/src/conf_mode/protocols_bfd.py @@ -95,12 +95,14 @@ def generate(bfd): bfd['new_frr_config'] = render_to_string('frr/bfdd.frr.tmpl', bfd) def apply(bfd): + bfd_daemon = 'bfdd' + # Save original configuration prior to starting any commit actions frr_cfg = frr.FRRConfig() - frr_cfg.load_configuration() + frr_cfg.load_configuration(bfd_daemon) frr_cfg.modify_section('^bfd', '') frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', bfd['new_frr_config']) - frr_cfg.commit_configuration() + frr_cfg.commit_configuration(bfd_daemon) return None -- cgit v1.2.3 From 09064990b9e3ed0a19c1ca4257b385f92d25af2a Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:01 +0100 Subject: ospfv3: T3753: adjust to CLI options new in FRR 8.0 --- data/templates/frr/ospf6d.frr.tmpl | 8 ++-- interface-definitions/protocols-ospfv3.xml.in | 21 ++++++++++- smoketest/scripts/cli/test_protocols_ospfv3.py | 5 ++- src/migration-scripts/ospf/0-to-1 | 52 ++++++++++++++++++++++++++ 4 files changed, 78 insertions(+), 8 deletions(-) create mode 100755 src/migration-scripts/ospf/0-to-1 (limited to 'src') diff --git a/data/templates/frr/ospf6d.frr.tmpl b/data/templates/frr/ospf6d.frr.tmpl index a8c53738f..c6527ed6c 100644 --- a/data/templates/frr/ospf6d.frr.tmpl +++ b/data/templates/frr/ospf6d.frr.tmpl @@ -2,6 +2,9 @@ {% if interface is defined and interface is not none %} {% for iface, iface_config in interface.items() %} interface {{ iface }} +{% if iface_config.area is defined and iface_config.area is not none %} + ipv6 ospf6 area {{ iface_config.area }} +{% endif %} {% if iface_config.cost is defined and iface_config.cost is not none %} ipv6 ospf6 cost {{ iface_config.cost }} {% endif %} @@ -45,11 +48,6 @@ interface {{ iface }} router ospf6 {% if area is defined and area is not none %} {% for area_id, area_config in area.items() %} -{% if area_config.interface is defined and area_config.interface is not none %} -{% for interface in area_config.interface %} - interface {{ interface }} area {{ area_id }} -{% endfor %} -{% endif %} {% if area_config.area_type is defined and area_config.area_type is not none %} {% for type, type_config in area_config.area_type.items() %} area {{ area_id }} {{ type }} {{ 'no-summary' if type_config.no_summary is defined }} diff --git a/interface-definitions/protocols-ospfv3.xml.in b/interface-definitions/protocols-ospfv3.xml.in index fffeeb9a5..c7a94d58c 100644 --- a/interface-definitions/protocols-ospfv3.xml.in +++ b/interface-definitions/protocols-ospfv3.xml.in @@ -61,7 +61,6 @@ - #include Specify IPv6 prefix (border routers only) @@ -121,6 +120,26 @@ + + + Enable OSPF on this interface + + protocols ospfv3 area + + + u32 + OSPF area ID as decimal notation + + + ipv4 + OSPF area ID in IP address notation + + + + + + + #include #include diff --git a/smoketest/scripts/cli/test_protocols_ospfv3.py b/smoketest/scripts/cli/test_protocols_ospfv3.py index c0673629e..8e12990d5 100755 --- a/smoketest/scripts/cli/test_protocols_ospfv3.py +++ b/smoketest/scripts/cli/test_protocols_ospfv3.py @@ -49,7 +49,7 @@ class TestProtocolsOSPFv3(VyOSUnitTestSHIM.TestCase): interfaces = Section.interfaces('ethernet') for interface in interfaces: - self.cli_set(base_path + ['area', default_area, 'interface', interface]) + self.cli_set(base_path + ['interface', interface, 'area', default_area]) # commit changes self.cli_commit() @@ -63,7 +63,8 @@ class TestProtocolsOSPFv3(VyOSUnitTestSHIM.TestCase): self.assertIn(f' area {default_area} export-list {acl_name}', frrconfig) for interface in interfaces: - self.assertIn(f' interface {interface} area {default_area}', frrconfig) + if_config = self.getFRRconfig(f'interface {interface}') + self.assertIn(f'ipv6 ospf6 area {default_area}', if_config) self.cli_delete(['policy', 'access-list6', acl_name]) diff --git a/src/migration-scripts/ospf/0-to-1 b/src/migration-scripts/ospf/0-to-1 new file mode 100755 index 000000000..ff3a84b2c --- /dev/null +++ b/src/migration-scripts/ospf/0-to-1 @@ -0,0 +1,52 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2021 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# T3753: upgrade to FRR8 and move CLI options to better fit with the new FRR CLI + +from sys import argv +from vyos.configtree import ConfigTree + +if (len(argv) < 1): + print("Must specify file name!") + exit(1) + +file_name = argv[1] + +with open(file_name, 'r') as f: + config_file = f.read() + +ospfv3_base = ['protocols', 'ospfv3'] +config = ConfigTree(config_file) + +if config.exists(ospfv3_base): + area_base = ospfv3_base + ['area'] + if config.exists(area_base): + for area in config.list_nodes(area_base): + if not config.exists(area_base + [area, 'interface']): + continue + + for interface in config.return_values(area_base + [area, 'interface']): + config.set(ospfv3_base + ['interface', interface, 'area', area]) + config.set_tag(ospfv3_base + ['interface']) + + config.delete(area_base + [area, 'interface']) + +try: + with open(file_name, 'w') as f: + f.write(config.to_string()) +except OSError as e: + print(f'Failed to save the modified config: {e}') + exit(1) -- cgit v1.2.3 From 1c15e9de76f81383a32e60d2af54444dbb0474a1 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:01 +0100 Subject: ospf: T3753: adjust to CLI options new in FRR 8.0 FRR 7.5 router ospf passive-interface default no passive-interface eth0.202 Changed int FRR 8 to interface eth0.202 no ip ospf passive ! router ospf ospf router-id 172.18.254.202 log-adjacency-changes detail passive-interface default --- data/templates/frr/ospfd.frr.tmpl | 12 +++----- .../include/generic-disable-node.xml.i | 2 +- .../include/ospf/protocol-common-config.xml.i | 27 +++++++++--------- smoketest/scripts/cli/test_protocols_ospf.py | 17 +++++------ src/migration-scripts/ospf/0-to-1 | 33 ++++++++++++++++++++-- 5 files changed, 59 insertions(+), 32 deletions(-) (limited to 'src') diff --git a/data/templates/frr/ospfd.frr.tmpl b/data/templates/frr/ospfd.frr.tmpl index f65bb6e74..37d6f394b 100644 --- a/data/templates/frr/ospfd.frr.tmpl +++ b/data/templates/frr/ospfd.frr.tmpl @@ -49,10 +49,8 @@ interface {{ iface }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} {% if iface_config.network is defined and iface_config.network is not none %} ip ospf network {{ iface_config.network }} {% endif %} -{% if passive_interface_exclude is defined and passive_interface_exclude is not none %} -{% if iface in passive_interface_exclude %} - no ip ospf passive -{% endif %} +{% if iface_config.passive is defined %} + {{ 'no ' if iface_config.passive.disable is defined }}ip ospf passive {% endif %} ! {% endfor %} @@ -163,10 +161,8 @@ router ospf {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} ospf router-id {{ parameters.router_id }} {% endif %} {% endif %} -{% if passive_interface is defined and passive_interface is not none %} -{% for interface in passive_interface %} - passive-interface {{ interface }} -{% endfor %} +{% if passive_interface is defined and passive_interface.default is defined %} + passive-interface default {% endif %} {% if redistribute is defined and redistribute is not none %} {% for protocol, protocols_options in redistribute.items() %} diff --git a/interface-definitions/include/generic-disable-node.xml.i b/interface-definitions/include/generic-disable-node.xml.i index bb4fa5c4b..97a328ecc 100644 --- a/interface-definitions/include/generic-disable-node.xml.i +++ b/interface-definitions/include/generic-disable-node.xml.i @@ -1,7 +1,7 @@ - Temporary disable + Disable instance diff --git a/interface-definitions/include/ospf/protocol-common-config.xml.i b/interface-definitions/include/ospf/protocol-common-config.xml.i index 982e519a9..ac165a157 100644 --- a/interface-definitions/include/ospf/protocol-common-config.xml.i +++ b/interface-definitions/include/ospf/protocol-common-config.xml.i @@ -436,6 +436,14 @@ Must be broadcast, non-broadcast, point-to-multipoint or point-to-point + + + Suppress routing updates on an interface + + + #include + + #include @@ -597,26 +605,19 @@ #include -#include - + - Interface to exclude when using 'passive-interface default' + Suppress routing updates on an interface - + default - txt - Interface to exclude when suppressing routing updates - - - vlinkN - Virtual-link interface to exclude when suppressing routing updates + default + Default to suppress routing updates on all interfaces - - ^(vlink[0-9]+)$ + ^(default)$ - diff --git a/smoketest/scripts/cli/test_protocols_ospf.py b/smoketest/scripts/cli/test_protocols_ospf.py index 65bfd1824..3942219e7 100755 --- a/smoketest/scripts/cli/test_protocols_ospf.py +++ b/smoketest/scripts/cli/test_protocols_ospf.py @@ -254,14 +254,15 @@ class TestProtocolsOSPF(VyOSUnitTestSHIM.TestCase): self.cli_set(base_path + ['passive-interface', 'default']) for interface in interfaces: - self.cli_set(base_path + ['interface', interface, 'authentication', 'plaintext-password', password]) - self.cli_set(base_path + ['interface', interface, 'bandwidth', bandwidth]) - self.cli_set(base_path + ['interface', interface, 'bfd']) - self.cli_set(base_path + ['interface', interface, 'cost', cost]) - self.cli_set(base_path + ['interface', interface, 'mtu-ignore']) - self.cli_set(base_path + ['interface', interface, 'network', network]) - self.cli_set(base_path + ['interface', interface, 'priority', priority]) - self.cli_set(base_path + ['passive-interface-exclude', interface]) + base_interface = base_path + ['interface', interface] + self.cli_set(base_interface + ['authentication', 'plaintext-password', password]) + self.cli_set(base_interface + ['bandwidth', bandwidth]) + self.cli_set(base_interface + ['bfd']) + self.cli_set(base_interface + ['cost', cost]) + self.cli_set(base_interface + ['mtu-ignore']) + self.cli_set(base_interface + ['network', network]) + self.cli_set(base_interface + ['priority', priority]) + self.cli_set(base_interface + ['passive', 'disable']) # commit changes self.cli_commit() diff --git a/src/migration-scripts/ospf/0-to-1 b/src/migration-scripts/ospf/0-to-1 index ff3a84b2c..678569d9e 100755 --- a/src/migration-scripts/ospf/0-to-1 +++ b/src/migration-scripts/ospf/0-to-1 @@ -19,6 +19,24 @@ from sys import argv from vyos.configtree import ConfigTree +def ospf_passive_migration(config, ospf_base): + if config.exists(ospf_base): + if config.exists(ospf_base + ['passive-interface']): + default = False + for interface in config.return_values(ospf_base + ['passive-interface']): + if interface == 'default': + default = True + continue + config.set(ospf_base + ['interface', interface, 'passive']) + + config.delete(ospf_base + ['passive-interface']) + config.set(ospf_base + ['passive-interface'], value='default') + + if config.exists(ospf_base + ['passive-interface-exclude']): + for interface in config.return_values(ospf_base + ['passive-interface-exclude']): + config.set(ospf_base + ['interface', interface, 'passive', 'disable']) + config.delete(ospf_base + ['passive-interface-exclude']) + if (len(argv) < 1): print("Must specify file name!") exit(1) @@ -28,9 +46,9 @@ file_name = argv[1] with open(file_name, 'r') as f: config_file = f.read() -ospfv3_base = ['protocols', 'ospfv3'] config = ConfigTree(config_file) +ospfv3_base = ['protocols', 'ospfv3'] if config.exists(ospfv3_base): area_base = ospfv3_base + ['area'] if config.exists(area_base): @@ -39,11 +57,22 @@ if config.exists(ospfv3_base): continue for interface in config.return_values(area_base + [area, 'interface']): - config.set(ospfv3_base + ['interface', interface, 'area', area]) + config.set(ospfv3_base + ['interface', interface, 'area'], value=area) config.set_tag(ospfv3_base + ['interface']) config.delete(area_base + [area, 'interface']) +# Migrate OSPF syntax in default VRF +ospf_base = ['protocols', 'ospf'] +ospf_passive_migration(config, ospf_base) + +vrf_base = ['vrf', 'name'] +if config.exists(vrf_base): + for vrf in config.list_nodes(vrf_base): + vrf_ospf_base = vrf_base + [vrf, 'protocols', 'ospf'] + if config.exists(vrf_ospf_base): + ospf_passive_migration(config, vrf_ospf_base) + try: with open(file_name, 'w') as f: f.write(config.to_string()) -- cgit v1.2.3 From ea3c7785d06ed341487efb800c141fa7a7797ba7 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:01 +0100 Subject: frr: T3753: add default_add_before mnemonic for routing protocols to re-use code --- python/vyos/frr.py | 1 + src/conf_mode/policy.py | 4 ++-- src/conf_mode/protocols_bfd.py | 2 +- src/conf_mode/protocols_bgp.py | 4 ++-- src/conf_mode/protocols_isis.py | 4 ++-- src/conf_mode/protocols_ospf.py | 4 ++-- src/conf_mode/protocols_ospfv3.py | 2 +- src/conf_mode/protocols_rip.py | 2 +- src/conf_mode/protocols_ripng.py | 2 +- src/conf_mode/protocols_rpki.py | 2 +- src/conf_mode/vrf_vni.py | 2 +- 11 files changed, 15 insertions(+), 14 deletions(-) (limited to 'src') diff --git a/python/vyos/frr.py b/python/vyos/frr.py index 616e4b3c9..2e515a9e4 100644 --- a/python/vyos/frr.py +++ b/python/vyos/frr.py @@ -91,6 +91,7 @@ path_vtysh = '/usr/bin/vtysh' path_frr_reload = '/usr/lib/frr/frr-reload.py' path_config = '/run/frr' +default_add_before = r'(ip prefix-list .*|route-map .*|line vty|end)' class FrrError(Exception): pass diff --git a/src/conf_mode/policy.py b/src/conf_mode/policy.py index 1a03d520b..5c592a599 100755 --- a/src/conf_mode/policy.py +++ b/src/conf_mode/policy.py @@ -191,7 +191,7 @@ def apply(policy): frr_cfg.modify_section(r'^bgp extcommunity-list .*') frr_cfg.modify_section(r'^bgp large-community-list .*') frr_cfg.modify_section(r'^route-map .*') - frr_cfg.add_before('^line vty', policy['new_frr_config']) + frr_cfg.add_before(frr.default_add_before, policy['new_frr_config']) frr_cfg.commit_configuration(bgp_daemon) # The route-map used for the FIB (zebra) is part of the zebra daemon @@ -201,7 +201,7 @@ def apply(policy): frr_cfg.modify_section(r'^ip prefix-list .*') frr_cfg.modify_section(r'^ipv6 prefix-list .*') frr_cfg.modify_section(r'^route-map .*') - frr_cfg.add_before('^line vty', policy['new_frr_config']) + frr_cfg.add_before(frr.default_add_before, policy['new_frr_config']) frr_cfg.commit_configuration(zebra_daemon) # If FRR config is blank, rerun the blank commit x times due to frr-reload diff --git a/src/conf_mode/protocols_bfd.py b/src/conf_mode/protocols_bfd.py index 59083efb8..f698e30d9 100755 --- a/src/conf_mode/protocols_bfd.py +++ b/src/conf_mode/protocols_bfd.py @@ -101,7 +101,7 @@ def apply(bfd): frr_cfg = frr.FRRConfig() frr_cfg.load_configuration(bfd_daemon) frr_cfg.modify_section('^bfd', '') - frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', bfd['new_frr_config']) + frr_cfg.add_before(frr.default_add_before, bfd['new_frr_config']) frr_cfg.commit_configuration(bfd_daemon) return None diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index 68284e0f9..084198251 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -288,7 +288,7 @@ def apply(bgp): # The route-map used for the FIB (zebra) is part of the zebra daemon frr_cfg.load_configuration(zebra_daemon) frr_cfg.modify_section(r'(\s+)?ip protocol bgp route-map [-a-zA-Z0-9.]+$', '', '(\s|!)') - frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', bgp['frr_zebra_config']) + frr_cfg.add_before(frr.default_add_before, bgp['frr_zebra_config']) frr_cfg.commit_configuration(zebra_daemon) # Generate empty helper string which can be ammended to FRR commands, it @@ -299,7 +299,7 @@ def apply(bgp): frr_cfg.load_configuration(bgp_daemon) frr_cfg.modify_section(f'^router bgp \d+{vrf}$', '') - frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', bgp['frr_bgpd_config']) + frr_cfg.add_before(frr.default_add_before, bgp['frr_bgpd_config']) frr_cfg.commit_configuration(bgp_daemon) # Save configuration to /run/frr/config/frr.conf diff --git a/src/conf_mode/protocols_isis.py b/src/conf_mode/protocols_isis.py index 4505e2496..120fc68a0 100755 --- a/src/conf_mode/protocols_isis.py +++ b/src/conf_mode/protocols_isis.py @@ -215,7 +215,7 @@ def apply(isis): # The route-map used for the FIB (zebra) is part of the zebra daemon frr_cfg.load_configuration(zebra_daemon) frr_cfg.modify_section(r'(\s+)?ip protocol isis route-map [-a-zA-Z0-9.]+$', '', '(\s|!)') - frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', isis['frr_zebra_config']) + frr_cfg.add_before(frr.default_add_before, isis['frr_zebra_config']) frr_cfg.commit_configuration(zebra_daemon) # Generate empty helper string which can be ammended to FRR commands, it @@ -233,7 +233,7 @@ def apply(isis): for interface in isis[key]: frr_cfg.modify_section(f'^interface {interface}{vrf}$', '') - frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', isis['frr_isisd_config']) + frr_cfg.add_before(frr.default_add_before, isis['frr_isisd_config']) frr_cfg.commit_configuration(isis_daemon) # Save configuration to /run/frr/config/frr.conf diff --git a/src/conf_mode/protocols_ospf.py b/src/conf_mode/protocols_ospf.py index 6ccda2e5a..71eb39205 100755 --- a/src/conf_mode/protocols_ospf.py +++ b/src/conf_mode/protocols_ospf.py @@ -210,7 +210,7 @@ def apply(ospf): # The route-map used for the FIB (zebra) is part of the zebra daemon frr_cfg.load_configuration(zebra_daemon) frr_cfg.modify_section(r'(\s+)?ip protocol ospf route-map [-a-zA-Z0-9.]+$', '', '(\s|!)') - frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', ospf['frr_zebra_config']) + frr_cfg.add_before(frr.default_add_before, ospf['frr_zebra_config']) frr_cfg.commit_configuration(zebra_daemon) # Generate empty helper string which can be ammended to FRR commands, it @@ -228,7 +228,7 @@ def apply(ospf): for interface in ospf[key]: frr_cfg.modify_section(f'^interface {interface}{vrf}$', '') - frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', ospf['frr_ospfd_config']) + frr_cfg.add_before(frr.default_add_before, ospf['frr_ospfd_config']) frr_cfg.commit_configuration(ospf_daemon) # Save configuration to /run/frr/config/frr.conf diff --git a/src/conf_mode/protocols_ospfv3.py b/src/conf_mode/protocols_ospfv3.py index 536ffa690..bb05e65ac 100755 --- a/src/conf_mode/protocols_ospfv3.py +++ b/src/conf_mode/protocols_ospfv3.py @@ -83,7 +83,7 @@ def apply(ospfv3): frr_cfg.load_configuration(frr_daemon) frr_cfg.modify_section(r'^interface \S+', '') frr_cfg.modify_section('^router ospf6$', '') - frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', ospfv3['new_frr_config']) + frr_cfg.add_before(frr.default_add_before, ospfv3['new_frr_config']) frr_cfg.commit_configuration(frr_daemon) # Save configuration to /run/frr/config/frr.conf diff --git a/src/conf_mode/protocols_rip.py b/src/conf_mode/protocols_rip.py index 6b78f6f2d..b7eaad745 100755 --- a/src/conf_mode/protocols_rip.py +++ b/src/conf_mode/protocols_rip.py @@ -114,7 +114,7 @@ def apply(rip): frr_cfg.modify_section(r'interface \S+', '') frr_cfg.modify_section('^router rip$', '') - frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', rip['new_frr_config']) + frr_cfg.add_before(frr.default_add_before, rip['new_frr_config']) frr_cfg.commit_configuration(rip_daemon) # Save configuration to /run/frr/config/frr.conf diff --git a/src/conf_mode/protocols_ripng.py b/src/conf_mode/protocols_ripng.py index bc4954f63..eada236b5 100755 --- a/src/conf_mode/protocols_ripng.py +++ b/src/conf_mode/protocols_ripng.py @@ -105,7 +105,7 @@ def apply(ripng): frr_cfg.modify_section(r'key chain \S+', '') frr_cfg.modify_section(r'interface \S+', '') frr_cfg.modify_section('router ripng', '') - frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', ripng['new_frr_config']) + frr_cfg.add_before(frr.default_add_before, ripng['new_frr_config']) frr_cfg.commit_configuration(frr_daemon) # Save configuration to /run/frr/config/frr.conf diff --git a/src/conf_mode/protocols_rpki.py b/src/conf_mode/protocols_rpki.py index 947c8ab7a..0688e542f 100755 --- a/src/conf_mode/protocols_rpki.py +++ b/src/conf_mode/protocols_rpki.py @@ -87,7 +87,7 @@ def apply(rpki): frr_cfg = frr.FRRConfig() frr_cfg.load_configuration(frr_daemon) frr_cfg.modify_section('rpki', '') - frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', rpki['new_frr_config']) + frr_cfg.add_before(frr.default_add_before, rpki['new_frr_config']) frr_cfg.commit_configuration(frr_daemon) return None diff --git a/src/conf_mode/vrf_vni.py b/src/conf_mode/vrf_vni.py index 50d60f0dc..ca7eb7849 100755 --- a/src/conf_mode/vrf_vni.py +++ b/src/conf_mode/vrf_vni.py @@ -48,7 +48,7 @@ def apply(vrf): frr_cfg = frr.FRRConfig() frr_cfg.load_configuration(frr_daemon) frr_cfg.modify_section(f'^vrf .+$', '') - frr_cfg.add_before(r'(interface .*|line vty)', vrf['new_frr_config']) + frr_cfg.add_before(r'(interface .*|line vty|end)', vrf['new_frr_config']) frr_cfg.commit_configuration(frr_daemon) # Save configuration to /run/frr/config/frr.conf -- cgit v1.2.3 From 32725123a2e98f3f417a94e4646721e97be1eaca Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:01 +0100 Subject: bfd: T3753: adjust to new FRR 8.1 syntax Every node in running config now has an explicit "exit" tag. --- data/templates/frr/bfdd.frr.tmpl | 11 +++++++---- src/conf_mode/protocols_bfd.py | 10 +++------- 2 files changed, 10 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/data/templates/frr/bfdd.frr.tmpl b/data/templates/frr/bfdd.frr.tmpl index 3fb1f47d6..c14939677 100644 --- a/data/templates/frr/bfdd.frr.tmpl +++ b/data/templates/frr/bfdd.frr.tmpl @@ -1,4 +1,4 @@ -! +{% if profile is defined or peer is defined %} bfd {% if profile is defined and profile is not none %} {% for profile_name, profile_config in profile.items() %} @@ -18,7 +18,8 @@ bfd {% else %} no shutdown {% endif %} - exit + exit + ! {% endfor %} {% endif %} {% if peer is defined and peer is not none %} @@ -38,8 +39,10 @@ bfd {% else %} no shutdown {% endif %} - exit + exit + ! {% endfor %} {% endif %} - end +exit ! +{% endif %} diff --git a/src/conf_mode/protocols_bfd.py b/src/conf_mode/protocols_bfd.py index f698e30d9..94825ba10 100755 --- a/src/conf_mode/protocols_bfd.py +++ b/src/conf_mode/protocols_bfd.py @@ -16,8 +16,6 @@ import os -from sys import exit - from vyos.config import Config from vyos.configdict import dict_merge from vyos.template import is_ipv6 @@ -36,7 +34,6 @@ def get_config(config=None): conf = Config() base = ['protocols', 'bfd'] bfd = conf.get_config_dict(base, get_first_key=True) - # Bail out early if configuration tree does not exist if not conf.exists(base): return bfd @@ -89,9 +86,7 @@ def verify(bfd): def generate(bfd): if not bfd: - bfd['new_frr_config'] = '' return None - bfd['new_frr_config'] = render_to_string('frr/bfdd.frr.tmpl', bfd) def apply(bfd): @@ -100,8 +95,9 @@ def apply(bfd): # Save original configuration prior to starting any commit actions frr_cfg = frr.FRRConfig() frr_cfg.load_configuration(bfd_daemon) - frr_cfg.modify_section('^bfd', '') - frr_cfg.add_before(frr.default_add_before, bfd['new_frr_config']) + frr_cfg.modify_section('^bfd', stop_pattern='^exit', remove_stop_mark=True) + if 'new_frr_config' in bfd: + frr_cfg.add_before(frr.default_add_before, bfd['new_frr_config']) frr_cfg.commit_configuration(bfd_daemon) return None -- cgit v1.2.3 From 262fec8868d09d7cdd1f939a9ec0c74ba0ecc7c5 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:01 +0100 Subject: ospf: T3753: adjust to new FRR 8.1 syntax Every node in running config now has an explicit "exit" tag --- data/templates/frr/ospfd.frr.tmpl | 2 ++ src/conf_mode/protocols_ospf.py | 22 +++++++++++----------- 2 files changed, 13 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/data/templates/frr/ospfd.frr.tmpl b/data/templates/frr/ospfd.frr.tmpl index 37d6f394b..a7b770f07 100644 --- a/data/templates/frr/ospfd.frr.tmpl +++ b/data/templates/frr/ospfd.frr.tmpl @@ -52,6 +52,7 @@ interface {{ iface }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} {% if iface_config.passive is defined %} {{ 'no ' if iface_config.passive.disable is defined }}ip ospf passive {% endif %} +exit ! {% endfor %} {% endif %} @@ -182,4 +183,5 @@ router ospf {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} {# Timer values have default values #} timers throttle spf {{ timers.throttle.spf.delay }} {{ timers.throttle.spf.initial_holdtime }} {{ timers.throttle.spf.max_holdtime }} {% endif %} +exit ! diff --git a/src/conf_mode/protocols_ospf.py b/src/conf_mode/protocols_ospf.py index 71eb39205..255560e19 100755 --- a/src/conf_mode/protocols_ospf.py +++ b/src/conf_mode/protocols_ospf.py @@ -56,10 +56,10 @@ def get_config(config=None): # instead of the VRF instance. if vrf: ospf['vrf'] = vrf - # As we no re-use this Python handler for both VRF and non VRF instances for - # OSPF we need to find out if any interfaces changed so properly adjust - # the FRR configuration and not by acctident change interfaces from a - # different VRF. + # FRR has VRF support for different routing daemons. As interfaces belong + # to VRFs - or the global VRF, we need to check for changed interfaces so + # that they will be properly rendered for the FRR config. Also this eases + # removal of interfaces from the running configuration. interfaces_removed = node_changed(conf, base + ['interface']) if interfaces_removed: ospf['interface_removed'] = list(interfaces_removed) @@ -191,8 +191,6 @@ def verify(ospf): def generate(ospf): if not ospf or 'deleted' in ospf: - ospf['frr_ospfd_config'] = '' - ospf['frr_zebra_config'] = '' return None ospf['protocol'] = 'ospf' # required for frr/vrf.route-map.frr.tmpl @@ -209,8 +207,9 @@ def apply(ospf): # The route-map used for the FIB (zebra) is part of the zebra daemon frr_cfg.load_configuration(zebra_daemon) - frr_cfg.modify_section(r'(\s+)?ip protocol ospf route-map [-a-zA-Z0-9.]+$', '', '(\s|!)') - frr_cfg.add_before(frr.default_add_before, ospf['frr_zebra_config']) + frr_cfg.modify_section('(\s+)?ip protocol ospf route-map [-a-zA-Z0-9.]+', stop_pattern='(\s|!)') + if 'frr_zebra_config' in ospf: + frr_cfg.add_before(frr.default_add_before, ospf['frr_zebra_config']) frr_cfg.commit_configuration(zebra_daemon) # Generate empty helper string which can be ammended to FRR commands, it @@ -220,15 +219,16 @@ def apply(ospf): vrf = ' vrf ' + ospf['vrf'] frr_cfg.load_configuration(ospf_daemon) - frr_cfg.modify_section(f'^router ospf{vrf}$', '') + frr_cfg.modify_section(f'^router ospf{vrf}', stop_pattern='^exit', remove_stop_mark=True) for key in ['interface', 'interface_removed']: if key not in ospf: continue for interface in ospf[key]: - frr_cfg.modify_section(f'^interface {interface}{vrf}$', '') + frr_cfg.modify_section(f'^interface {interface}{vrf}', stop_pattern='^exit', remove_stop_mark=True) - frr_cfg.add_before(frr.default_add_before, ospf['frr_ospfd_config']) + if 'frr_ospfd_config' in ospf: + frr_cfg.add_before(frr.default_add_before, ospf['frr_ospfd_config']) frr_cfg.commit_configuration(ospf_daemon) # Save configuration to /run/frr/config/frr.conf -- cgit v1.2.3 From c65ee39e28422785734fd736eb15727ae9228b5a Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:01 +0100 Subject: policy: T3753: adjust to new FRR 8.1 syntax Every node in running config now has an explicit "exit" tag --- data/templates/frr/policy.frr.tmpl | 7 +++---- smoketest/scripts/cli/test_policy.py | 2 +- src/conf_mode/policy.py | 18 ++++++------------ 3 files changed, 10 insertions(+), 17 deletions(-) (limited to 'src') diff --git a/data/templates/frr/policy.frr.tmpl b/data/templates/frr/policy.frr.tmpl index 51adc1902..d3d3957a5 100644 --- a/data/templates/frr/policy.frr.tmpl +++ b/data/templates/frr/policy.frr.tmpl @@ -1,4 +1,3 @@ -! {% if access_list is defined and access_list is not none %} {% for acl, acl_config in access_list.items() | natural_sort %} {% if acl_config.description is defined and acl_config.description is not none %} @@ -60,7 +59,7 @@ ipv6 access-list {{ acl }} seq {{ rule }} {{ rule_config.action }} {{ src }} {{ {% for acl, acl_config in as_path_list.items() | natural_sort %} {% if acl_config.rule is defined and acl_config.rule is not none %} {% for rule, rule_config in acl_config.rule.items() | natural_sort %} -bgp as-path access-list {{ acl }} {{ rule_config.action }} {{ rule_config.regex }} +bgp as-path access-list {{ acl }} seq {{ rule }} {{ rule_config.action }} {{ rule_config.regex }} {% endfor %} {% endif %} {% endfor %} @@ -314,9 +313,9 @@ route-map {{ route_map }} {{ rule_config.action }} {{ rule }} set weight {{ rule_config.set.weight }} {% endif %} {% endif %} -{% endfor %} +exit ! +{% endfor %} {% endif %} {% endfor %} {% endif %} -! diff --git a/smoketest/scripts/cli/test_policy.py b/smoketest/scripts/cli/test_policy.py index 1286a768d..5844e1ec1 100755 --- a/smoketest/scripts/cli/test_policy.py +++ b/smoketest/scripts/cli/test_policy.py @@ -307,7 +307,7 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase): continue for rule, rule_config in as_path_config['rule'].items(): - tmp = f'bgp as-path access-list {as_path}' + tmp = f'bgp as-path access-list {as_path} seq {rule}' if rule_config['action'] == 'permit': tmp += ' permit' else: diff --git a/src/conf_mode/policy.py b/src/conf_mode/policy.py index 5c592a599..5f9fcab9f 100755 --- a/src/conf_mode/policy.py +++ b/src/conf_mode/policy.py @@ -171,9 +171,7 @@ def verify(policy): def generate(policy): if not policy: - policy['new_frr_config'] = '' return None - policy['new_frr_config'] = render_to_string('frr/policy.frr.tmpl', policy) return None @@ -190,8 +188,9 @@ def apply(policy): frr_cfg.modify_section(r'^bgp community-list .*') frr_cfg.modify_section(r'^bgp extcommunity-list .*') frr_cfg.modify_section(r'^bgp large-community-list .*') - frr_cfg.modify_section(r'^route-map .*') - frr_cfg.add_before(frr.default_add_before, policy['new_frr_config']) + frr_cfg.modify_section(r'^route-map .*', stop_pattern='^exit', remove_stop_mark=True) + if 'new_frr_config' in policy: + frr_cfg.add_before(frr.default_add_before, policy['new_frr_config']) frr_cfg.commit_configuration(bgp_daemon) # The route-map used for the FIB (zebra) is part of the zebra daemon @@ -200,16 +199,11 @@ def apply(policy): frr_cfg.modify_section(r'^ipv6 access-list .*') frr_cfg.modify_section(r'^ip prefix-list .*') frr_cfg.modify_section(r'^ipv6 prefix-list .*') - frr_cfg.modify_section(r'^route-map .*') - frr_cfg.add_before(frr.default_add_before, policy['new_frr_config']) + frr_cfg.modify_section(r'^route-map .*', stop_pattern='^exit', remove_stop_mark=True) + if 'new_frr_config' in policy: + frr_cfg.add_before(frr.default_add_before, policy['new_frr_config']) frr_cfg.commit_configuration(zebra_daemon) - # If FRR config is blank, rerun the blank commit x times due to frr-reload - # behavior/bug not properly clearing out on one commit. - if policy['new_frr_config'] == '': - for a in range(5): - frr_cfg.commit_configuration(zebra_daemon) - # Save configuration to /run/frr/config/frr.conf frr.save_configuration() -- cgit v1.2.3 From 4e35c58c3ff85668797aa2413cd8af72ec29c830 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:01 +0100 Subject: bgp: T3753: adjust to new FRR 8.1 syntax --- data/templates/frr/bgpd.frr.tmpl | 3 +-- src/conf_mode/protocols_bgp.py | 12 ++++++------ 2 files changed, 7 insertions(+), 8 deletions(-) (limited to 'src') diff --git a/data/templates/frr/bgpd.frr.tmpl b/data/templates/frr/bgpd.frr.tmpl index 61936bb56..fbdbafd6e 100644 --- a/data/templates/frr/bgpd.frr.tmpl +++ b/data/templates/frr/bgpd.frr.tmpl @@ -524,5 +524,4 @@ router bgp {{ local_as }} {{ 'vrf ' ~ vrf if vrf is defined and vrf is not none {% if timers is defined and timers.keepalive is defined and timers.holdtime is defined %} timers bgp {{ timers.keepalive }} {{ timers.holdtime }} {% endif %} - end -! \ No newline at end of file +exit \ No newline at end of file diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index 084198251..359bfff76 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -268,8 +268,6 @@ def verify(bgp): def generate(bgp): if not bgp or 'deleted' in bgp: - bgp['frr_bgpd_config'] = '' - bgp['frr_zebra_config'] = '' return None bgp['protocol'] = 'bgp' # required for frr/vrf.route-map.frr.tmpl @@ -287,8 +285,9 @@ def apply(bgp): # The route-map used for the FIB (zebra) is part of the zebra daemon frr_cfg.load_configuration(zebra_daemon) - frr_cfg.modify_section(r'(\s+)?ip protocol bgp route-map [-a-zA-Z0-9.]+$', '', '(\s|!)') - frr_cfg.add_before(frr.default_add_before, bgp['frr_zebra_config']) + frr_cfg.modify_section(r'(\s+)?ip protocol bgp route-map [-a-zA-Z0-9.]+', stop_pattern='(\s|!)') + if 'frr_zebra_config' in bgp: + frr_cfg.add_before(frr.default_add_before, bgp['frr_zebra_config']) frr_cfg.commit_configuration(zebra_daemon) # Generate empty helper string which can be ammended to FRR commands, it @@ -298,8 +297,9 @@ def apply(bgp): vrf = ' vrf ' + bgp['vrf'] frr_cfg.load_configuration(bgp_daemon) - frr_cfg.modify_section(f'^router bgp \d+{vrf}$', '') - frr_cfg.add_before(frr.default_add_before, bgp['frr_bgpd_config']) + frr_cfg.modify_section(f'^router bgp \d+{vrf}', stop_pattern='^exit', remove_stop_mark=True) + if 'frr_bgpd_config' in bgp: + frr_cfg.add_before(frr.default_add_before, bgp['frr_bgpd_config']) frr_cfg.commit_configuration(bgp_daemon) # Save configuration to /run/frr/config/frr.conf -- cgit v1.2.3 From f20c589da12810d5202b8f6eae262178467b60a4 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:01 +0100 Subject: ospfv3: T3753: adjust to new FRR 8.1 syntax --- data/templates/frr/ospf6d.frr.tmpl | 2 ++ src/conf_mode/protocols_ospfv3.py | 34 +++++++++++++++++++++++++--------- 2 files changed, 27 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/data/templates/frr/ospf6d.frr.tmpl b/data/templates/frr/ospf6d.frr.tmpl index c6527ed6c..5871b3d7a 100644 --- a/data/templates/frr/ospf6d.frr.tmpl +++ b/data/templates/frr/ospf6d.frr.tmpl @@ -41,6 +41,7 @@ interface {{ iface }} {% if iface_config.passive is defined %} ipv6 ospf6 passive {% endif %} +exit ! {% endfor %} {% endif %} @@ -87,4 +88,5 @@ router ospf6 redistribute {{ protocol }} {{ 'route-map ' + options.route_map if options.route_map is defined }} {% endfor %} {% endif %} +exit ! diff --git a/src/conf_mode/protocols_ospfv3.py b/src/conf_mode/protocols_ospfv3.py index bb05e65ac..374327798 100755 --- a/src/conf_mode/protocols_ospfv3.py +++ b/src/conf_mode/protocols_ospfv3.py @@ -20,6 +20,7 @@ from sys import exit from vyos.config import Config from vyos.configdict import dict_merge +from vyos.configdict import node_changed from vyos.configverify import verify_common_route_maps from vyos.template import render_to_string from vyos.ifconfig import Interface @@ -29,8 +30,6 @@ from vyos import frr from vyos import airbag airbag.enable() -frr_daemon = 'ospf6d' - def get_config(config=None): if config: conf = config @@ -39,8 +38,17 @@ def get_config(config=None): base = ['protocols', 'ospfv3'] ospfv3 = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) + # FRR has VRF support for different routing daemons. As interfaces belong + # to VRFs - or the global VRF, we need to check for changed interfaces so + # that they will be properly rendered for the FRR config. Also this eases + # removal of interfaces from the running configuration. + interfaces_removed = node_changed(conf, base + ['interface']) + if interfaces_removed: + ospfv3['interface_removed'] = list(interfaces_removed) + # Bail out early if configuration tree does not exist if not conf.exists(base): + ospfv3.update({'deleted' : ''}) return ospfv3 # We also need some additional information from the config, prefix-lists @@ -70,21 +78,29 @@ def verify(ospfv3): return None def generate(ospfv3): - if not ospfv3: - ospfv3['new_frr_config'] = '' + if not ospfv3 or 'deleted' in ospfv3: return None ospfv3['new_frr_config'] = render_to_string('frr/ospf6d.frr.tmpl', ospfv3) return None def apply(ospfv3): + ospf6_daemon = 'ospf6d' + # Save original configuration prior to starting any commit actions frr_cfg = frr.FRRConfig() - frr_cfg.load_configuration(frr_daemon) - frr_cfg.modify_section(r'^interface \S+', '') - frr_cfg.modify_section('^router ospf6$', '') - frr_cfg.add_before(frr.default_add_before, ospfv3['new_frr_config']) - frr_cfg.commit_configuration(frr_daemon) + frr_cfg.load_configuration(ospf6_daemon) + frr_cfg.modify_section('^router ospf6', stop_pattern='^exit', remove_stop_mark=True) + + for key in ['interface', 'interface_removed']: + if key not in ospfv3: + continue + for interface in ospfv3[key]: + frr_cfg.modify_section(f'^interface {interface}', stop_pattern='^exit', remove_stop_mark=True) + + if 'new_frr_config' in ospfv3: + frr_cfg.add_before(frr.default_add_before, ospfv3['new_frr_config']) + frr_cfg.commit_configuration(ospf6_daemon) # Save configuration to /run/frr/config/frr.conf frr.save_configuration() -- cgit v1.2.3 From d1daf8e3c8a22e773ed0800ba2d9585a151ccb86 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:02 +0100 Subject: rip: T3753: adjust to new FRR 8.1 syntax --- data/templates/frr/ripd.frr.tmpl | 6 +++++- src/conf_mode/protocols_rip.py | 30 ++++++++++++++++++++++-------- 2 files changed, 27 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/data/templates/frr/ripd.frr.tmpl b/data/templates/frr/ripd.frr.tmpl index cabc236f0..c44bb6d27 100644 --- a/data/templates/frr/ripd.frr.tmpl +++ b/data/templates/frr/ripd.frr.tmpl @@ -1,4 +1,3 @@ -! {# RIP key-chain definition #} {% if interface is defined and interface is not none %} {% for iface, iface_config in interface.items() %} @@ -9,7 +8,9 @@ key chain {{ iface }}-rip {% if key_options.password is defined and key_options.password is not none %} key-string {{ key_options.password }} {% endif %} + exit {% endfor %} +exit {% endif %} {% endfor %} {% endif %} @@ -31,6 +32,8 @@ interface {{ iface }} {% if iface_config.split_horizon is defined and iface_config.split_horizon.poison_reverse is defined %} ip rip split-horizon poisoned-reverse {% endif %} +exit +! {% endfor %} {% endif %} ! @@ -89,6 +92,7 @@ router rip {% endif %} {% endif %} {% include 'frr/rip_ripng.frr.j2' %} +exit ! {% if route_map is defined and route_map is not none %} ip protocol rip route-map {{ route_map }} diff --git a/src/conf_mode/protocols_rip.py b/src/conf_mode/protocols_rip.py index b7eaad745..96df41bdb 100755 --- a/src/conf_mode/protocols_rip.py +++ b/src/conf_mode/protocols_rip.py @@ -20,6 +20,7 @@ from sys import exit from vyos.config import Config from vyos.configdict import dict_merge +from vyos.configdict import node_changed from vyos.configverify import verify_common_route_maps from vyos.configverify import verify_access_list from vyos.configverify import verify_prefix_list @@ -39,8 +40,17 @@ def get_config(config=None): base = ['protocols', 'rip'] rip = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) + # FRR has VRF support for different routing daemons. As interfaces belong + # to VRFs - or the global VRF, we need to check for changed interfaces so + # that they will be properly rendered for the FRR config. Also this eases + # removal of interfaces from the running configuration. + interfaces_removed = node_changed(conf, base + ['interface']) + if interfaces_removed: + rip['interface_removed'] = list(interfaces_removed) + # Bail out early if configuration tree does not exist if not conf.exists(base): + rip.update({'deleted' : ''}) return rip # We have gathered the dict representation of the CLI, but there are default @@ -89,12 +99,10 @@ def verify(rip): f'with "split-horizon disable" for "{interface}"!') def generate(rip): - if not rip: - rip['new_frr_config'] = '' + if not rip or 'deleted' in rip: return None rip['new_frr_config'] = render_to_string('frr/ripd.frr.tmpl', rip) - return None def apply(rip): @@ -106,15 +114,21 @@ def apply(rip): # The route-map used for the FIB (zebra) is part of the zebra daemon frr_cfg.load_configuration(zebra_daemon) - frr_cfg.modify_section(r'^ip protocol rip route-map [-a-zA-Z0-9.]+$', '') + frr_cfg.modify_section('^ip protocol rip route-map [-a-zA-Z0-9.]+', stop_pattern='(\s|!)') frr_cfg.commit_configuration(zebra_daemon) frr_cfg.load_configuration(rip_daemon) - frr_cfg.modify_section(r'key chain \S+', '') - frr_cfg.modify_section(r'interface \S+', '') - frr_cfg.modify_section('^router rip$', '') + frr_cfg.modify_section('^key chain \S+', stop_pattern='^exit', remove_stop_mark=True) + frr_cfg.modify_section('^router rip', stop_pattern='^exit', remove_stop_mark=True) + + for key in ['interface', 'interface_removed']: + if key not in rip: + continue + for interface in rip[key]: + frr_cfg.modify_section(f'^interface {interface}', stop_pattern='^exit', remove_stop_mark=True) - frr_cfg.add_before(frr.default_add_before, rip['new_frr_config']) + if 'new_frr_config' in rip: + frr_cfg.add_before(frr.default_add_before, rip['new_frr_config']) frr_cfg.commit_configuration(rip_daemon) # Save configuration to /run/frr/config/frr.conf -- cgit v1.2.3 From 1a96fb8a4424967f9d535df64c3119fc572d2f52 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:02 +0100 Subject: ripng: T3753: adjust to new FRR 8.1 syntax --- data/templates/frr/ripngd.frr.tmpl | 7 ++++++- smoketest/scripts/cli/test_protocols_ripng.py | 22 +++++++++++++++++++++- src/conf_mode/protocols_ripng.py | 24 ++++++++++++++++-------- 3 files changed, 43 insertions(+), 10 deletions(-) (limited to 'src') diff --git a/data/templates/frr/ripngd.frr.tmpl b/data/templates/frr/ripngd.frr.tmpl index 25df15121..ca7b9b5fb 100644 --- a/data/templates/frr/ripngd.frr.tmpl +++ b/data/templates/frr/ripngd.frr.tmpl @@ -1,4 +1,3 @@ -! {# Interface specific configuration #} {% if interface is defined and interface is not none %} {% for iface, iface_config in interface.items() %} @@ -9,6 +8,7 @@ interface {{ iface }} {% if iface_config.split_horizon is defined and iface_config.split_horizon.poison_reverse is defined %} ipv6 rip split-horizon poisoned-reverse {% endif %} +exit {% endfor %} {% endif %} ! @@ -57,4 +57,9 @@ router ripng {% endif %} {% endif %} {% include 'frr/rip_ripng.frr.j2' %} +exit +! +{% if route_map is defined and route_map is not none %} +ipv6 protocol ripng route-map {{ route_map }} +{% endif %} ! diff --git a/smoketest/scripts/cli/test_protocols_ripng.py b/smoketest/scripts/cli/test_protocols_ripng.py index 40585e778..53336a533 100755 --- a/smoketest/scripts/cli/test_protocols_ripng.py +++ b/smoketest/scripts/cli/test_protocols_ripng.py @@ -54,7 +54,7 @@ class TestProtocolsRIPng(VyOSUnitTestSHIM.TestCase): # Check for running process self.assertTrue(process_named_running(PROCESS_NAME)) - def test_ripng(self): + def test_ripng_01_parameters(self): metric = '8' interfaces = Section.interfaces('ethernet') aggregates = ['2001:db8:1000::/48', '2001:db8:2000::/48', '2001:db8:3000::/48'] @@ -121,5 +121,25 @@ class TestProtocolsRIPng(VyOSUnitTestSHIM.TestCase): proto = 'ospf6' self.assertIn(f' redistribute {proto} metric {metric} route-map {route_map}', frrconfig) + def test_ripng_02_zebra_route_map(self): + # Implemented because of T3328 + self.cli_set(base_path + ['route-map', route_map]) + # commit changes + self.cli_commit() + + # Verify FRR configuration + zebra_route_map = f'ipv6 protocol ripng route-map {route_map}' + frrconfig = self.getFRRconfig(zebra_route_map) + self.assertIn(zebra_route_map, frrconfig) + + # Remove the route-map again + self.cli_delete(base_path + ['route-map']) + # commit changes + self.cli_commit() + + # Verify FRR configuration + frrconfig = self.getFRRconfig(zebra_route_map) + self.assertNotIn(zebra_route_map, frrconfig) + if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/src/conf_mode/protocols_ripng.py b/src/conf_mode/protocols_ripng.py index eada236b5..d46a2216c 100755 --- a/src/conf_mode/protocols_ripng.py +++ b/src/conf_mode/protocols_ripng.py @@ -31,8 +31,6 @@ from vyos import frr from vyos import airbag airbag.enable() -frr_daemon = 'ripngd' - def get_config(config=None): if config: conf = config @@ -99,14 +97,24 @@ def generate(ripng): return None def apply(ripng): + ripng_daemon = 'ripngd' + zebra_daemon = 'zebra' + # Save original configuration prior to starting any commit actions frr_cfg = frr.FRRConfig() - frr_cfg.load_configuration(frr_daemon) - frr_cfg.modify_section(r'key chain \S+', '') - frr_cfg.modify_section(r'interface \S+', '') - frr_cfg.modify_section('router ripng', '') - frr_cfg.add_before(frr.default_add_before, ripng['new_frr_config']) - frr_cfg.commit_configuration(frr_daemon) + + # The route-map used for the FIB (zebra) is part of the zebra daemon + frr_cfg.load_configuration(zebra_daemon) + frr_cfg.modify_section('^ipv6 protocol ripng route-map [-a-zA-Z0-9.]+', stop_pattern='(\s|!)') + frr_cfg.commit_configuration(zebra_daemon) + + frr_cfg.load_configuration(ripng_daemon) + frr_cfg.modify_section('key chain \S+', stop_pattern='^exit', remove_stop_mark=True) + frr_cfg.modify_section('interface \S+', stop_pattern='^exit', remove_stop_mark=True) + frr_cfg.modify_section('^router ripng', stop_pattern='^exit', remove_stop_mark=True) + if 'new_frr_config' in ripng: + frr_cfg.add_before(frr.default_add_before, ripng['new_frr_config']) + frr_cfg.commit_configuration(ripng_daemon) # Save configuration to /run/frr/config/frr.conf frr.save_configuration() -- cgit v1.2.3 From ff4e9245b4cc187124345171c07fd22b0aae7377 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:02 +0100 Subject: static: T3753: adjust to new FRR 8.1 syntax --- src/conf_mode/protocols_static.py | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/conf_mode/protocols_static.py b/src/conf_mode/protocols_static.py index f010141e9..5cfe37655 100755 --- a/src/conf_mode/protocols_static.py +++ b/src/conf_mode/protocols_static.py @@ -85,6 +85,8 @@ def verify(static): return None def generate(static): + if not static: + return None static['new_frr_config'] = render_to_string('frr/staticd.frr.tmpl', static) return None @@ -97,19 +99,19 @@ def apply(static): # The route-map used for the FIB (zebra) is part of the zebra daemon frr_cfg.load_configuration(zebra_daemon) - frr_cfg.modify_section(r'^ip protocol static route-map [-a-zA-Z0-9.]+$', '') + frr_cfg.modify_section(r'^ip protocol static route-map [-a-zA-Z0-9.]+', '') frr_cfg.commit_configuration(zebra_daemon) - frr_cfg.load_configuration(static_daemon) if 'vrf' in static: vrf = static['vrf'] - frr_cfg.modify_section(f'^vrf {vrf}$', '') + frr_cfg.modify_section(f'^vrf {vrf}', stop_pattern='^exit', remove_stop_mark=True) else: - frr_cfg.modify_section(r'^ip route .*', '') - frr_cfg.modify_section(r'^ipv6 route .*', '') + frr_cfg.modify_section(r'^ip route .*') + frr_cfg.modify_section(r'^ipv6 route .*') - frr_cfg.add_before(r'(interface .*|line vty)', static['new_frr_config']) + if 'new_frr_config' in static: + frr_cfg.add_before(frr.default_add_before, static['new_frr_config']) frr_cfg.commit_configuration(static_daemon) # Save configuration to /run/frr/config/frr.conf -- cgit v1.2.3 From 79e91d9193aa118663626dd79450aa608f3a1a04 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:02 +0100 Subject: vrf: vni: T3753: adjust to new FRR 8.1 syntax --- src/conf_mode/vrf_vni.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/conf_mode/vrf_vni.py b/src/conf_mode/vrf_vni.py index ca7eb7849..a357f30dd 100755 --- a/src/conf_mode/vrf_vni.py +++ b/src/conf_mode/vrf_vni.py @@ -47,8 +47,9 @@ def apply(vrf): # add configuration to FRR frr_cfg = frr.FRRConfig() frr_cfg.load_configuration(frr_daemon) - frr_cfg.modify_section(f'^vrf .+$', '') - frr_cfg.add_before(r'(interface .*|line vty|end)', vrf['new_frr_config']) + frr_cfg.modify_section(f'^vrf .+', '') + if 'new_frr_config' in vrf: + frr_cfg.add_before(frr.default_add_before, vrf['new_frr_config']) frr_cfg.commit_configuration(frr_daemon) # Save configuration to /run/frr/config/frr.conf -- cgit v1.2.3 From 5f2e797d8f33b995afdfa02953f461ac6d2fc88c Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:02 +0100 Subject: rpki: T3753: adjust to new FRR 8.1 syntax --- data/templates/frr/rpki.frr.tmpl | 1 + smoketest/scripts/cli/test_protocols_rpki.py | 2 -- src/conf_mode/protocols_rpki.py | 17 +++++++++++------ 3 files changed, 12 insertions(+), 8 deletions(-) (limited to 'src') diff --git a/data/templates/frr/rpki.frr.tmpl b/data/templates/frr/rpki.frr.tmpl index fbdfa27c3..7f9823f6b 100644 --- a/data/templates/frr/rpki.frr.tmpl +++ b/data/templates/frr/rpki.frr.tmpl @@ -14,4 +14,5 @@ rpki {% if polling_period is defined and polling_period is not none %} rpki polling_period {{ polling_period }} {% endif %} +exit ! diff --git a/smoketest/scripts/cli/test_protocols_rpki.py b/smoketest/scripts/cli/test_protocols_rpki.py index d9792ce8d..e5e45565b 100755 --- a/smoketest/scripts/cli/test_protocols_rpki.py +++ b/smoketest/scripts/cli/test_protocols_rpki.py @@ -36,8 +36,6 @@ class TestProtocolsRPKI(VyOSUnitTestSHIM.TestCase): self.cli_commit() # Nothing RPKI specific should be left over in the config - # - # Disabled until T3266 is resolved # frrconfig = self.getFRRconfig('rpki') # self.assertNotIn('rpki', frrconfig) diff --git a/src/conf_mode/protocols_rpki.py b/src/conf_mode/protocols_rpki.py index 0688e542f..41ce1f1fd 100755 --- a/src/conf_mode/protocols_rpki.py +++ b/src/conf_mode/protocols_rpki.py @@ -28,8 +28,6 @@ from vyos import frr from vyos import airbag airbag.enable() -frr_daemon = 'bgpd' - def get_config(config=None): if config: conf = config @@ -38,7 +36,9 @@ def get_config(config=None): base = ['protocols', 'rpki'] rpki = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) + # Bail out early if configuration tree does not exist if not conf.exists(base): + rpki.update({'deleted' : ''}) return rpki # We have gathered the dict representation of the CLI, but there are default @@ -79,16 +79,21 @@ def verify(rpki): return None def generate(rpki): + if not rpki: + return rpki['new_frr_config'] = render_to_string('frr/rpki.frr.tmpl', rpki) return None def apply(rpki): + bgp_daemon = 'bgpd' + # Save original configuration prior to starting any commit actions frr_cfg = frr.FRRConfig() - frr_cfg.load_configuration(frr_daemon) - frr_cfg.modify_section('rpki', '') - frr_cfg.add_before(frr.default_add_before, rpki['new_frr_config']) - frr_cfg.commit_configuration(frr_daemon) + frr_cfg.load_configuration(bgp_daemon) + frr_cfg.modify_section('^rpki') + if 'new_frr_config' in rpki: + frr_cfg.add_before(frr.default_add_before, rpki['new_frr_config']) + frr_cfg.commit_configuration(bgp_daemon) return None -- cgit v1.2.3 From df37032ddf58afeff91cfa2b4b0e815a17d44243 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:02 +0100 Subject: isis: T3753: adjust to new FRR 8.1 syntax --- data/templates/frr/isisd.frr.tmpl | 91 ++++++++++++++-------------- smoketest/scripts/cli/test_protocols_isis.py | 3 +- src/conf_mode/protocols_isis.py | 22 +++---- 3 files changed, 59 insertions(+), 57 deletions(-) (limited to 'src') diff --git a/data/templates/frr/isisd.frr.tmpl b/data/templates/frr/isisd.frr.tmpl index 51ac40060..fc0799e02 100644 --- a/data/templates/frr/isisd.frr.tmpl +++ b/data/templates/frr/isisd.frr.tmpl @@ -1,4 +1,50 @@ ! +{% if interface is defined and interface is not none %} +{% for iface, iface_config in interface.items() %} +interface {{ iface }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} + ip router isis VyOS + ipv6 router isis VyOS +{% if iface_config.bfd is defined %} + isis bfd +{% endif %} +{% if iface_config.network is defined and iface_config.network.point_to_point is defined %} + isis network point-to-point +{% endif %} +{% if iface_config.circuit_type is defined %} + isis circuit-type {{ iface_config.circuit_type }} +{% endif %} +{% if iface_config.hello_interval is defined and iface_config.hello_interval is not none %} + isis hello-interval {{ iface_config.hello_interval }} +{% endif %} +{% if iface_config.hello_multiplier is defined and iface_config.hello_multiplier is not none %} + isis hello-multiplier {{ iface_config.hello_multiplier }} +{% endif %} +{% if iface_config.hello_padding is defined %} + isis hello padding +{% endif %} +{% if iface_config.metric is defined and iface_config.metric is not none %} + isis metric {{ iface_config.metric }} +{% endif %} +{% if iface_config.passive is defined %} + isis passive +{% endif %} +{% if iface_config.password is defined and iface_config.password.plaintext_password is defined and iface_config.password.plaintext_password is not none %} + isis password clear {{ iface_config.password.plaintext_password }} +{% endif %} +{% if iface_config.priority is defined and iface_config.priority is not none %} + isis priority {{ iface_config.priority }} +{% endif %} +{% if iface_config.psnp_interval is defined and iface_config.psnp_interval is not none %} + isis psnp-interval {{ iface_config.psnp_interval }} +{% endif %} +{% if iface_config.no_three_way_handshake is defined %} + no isis three-way-handshake +{% endif %} +exit +! +{% endfor %} +{% endif %} +! router isis VyOS {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} net {{ net }} {% if dynamic_hostname is defined %} @@ -151,48 +197,5 @@ router isis VyOS {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} is-type {{ level }} {% endif %} {% endif %} -! -{% if interface is defined and interface is not none %} -{% for iface, iface_config in interface.items() %} -interface {{ iface }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} - ip router isis VyOS - ipv6 router isis VyOS -{% if iface_config.bfd is defined %} - isis bfd -{% endif %} -{% if iface_config.network is defined and iface_config.network.point_to_point is defined %} - isis network point-to-point -{% endif %} -{% if iface_config.circuit_type is defined %} - isis circuit-type {{ iface_config.circuit_type }} -{% endif %} -{% if iface_config.hello_interval is defined and iface_config.hello_interval is not none %} - isis hello-interval {{ iface_config.hello_interval }} -{% endif %} -{% if iface_config.hello_multiplier is defined and iface_config.hello_multiplier is not none %} - isis hello-multiplier {{ iface_config.hello_multiplier }} -{% endif %} -{% if iface_config.hello_padding is defined %} - isis hello padding -{% endif %} -{% if iface_config.metric is defined and iface_config.metric is not none %} - isis metric {{ iface_config.metric }} -{% endif %} -{% if iface_config.passive is defined %} - isis passive -{% endif %} -{% if iface_config.password is defined and iface_config.password.plaintext_password is defined and iface_config.password.plaintext_password is not none %} - isis password clear {{ iface_config.password.plaintext_password }} -{% endif %} -{% if iface_config.priority is defined and iface_config.priority is not none %} - isis priority {{ iface_config.priority }} -{% endif %} -{% if iface_config.psnp_interval is defined and iface_config.psnp_interval is not none %} - isis psnp-interval {{ iface_config.psnp_interval }} -{% endif %} -{% if iface_config.no_three_way_handshake is defined %} - no isis three-way-handshake -{% endif %} -{% endfor %} -{% endif %} +exit ! \ No newline at end of file diff --git a/smoketest/scripts/cli/test_protocols_isis.py b/smoketest/scripts/cli/test_protocols_isis.py index 949198ee6..e42040025 100755 --- a/smoketest/scripts/cli/test_protocols_isis.py +++ b/smoketest/scripts/cli/test_protocols_isis.py @@ -199,8 +199,6 @@ class TestProtocolsISIS(VyOSUnitTestSHIM.TestCase): def test_isis_06_spf_delay(self): - self.isis_base_config() - network = 'point-to-point' holddown = '10' init_delay = '50' @@ -208,6 +206,7 @@ class TestProtocolsISIS(VyOSUnitTestSHIM.TestCase): short_delay = '100' time_to_learn = '75' + self.cli_set(base_path + ['net', net]) for interface in self._interfaces: self.cli_set(base_path + ['interface', interface, 'network', network]) diff --git a/src/conf_mode/protocols_isis.py b/src/conf_mode/protocols_isis.py index 120fc68a0..3a0c40dc6 100755 --- a/src/conf_mode/protocols_isis.py +++ b/src/conf_mode/protocols_isis.py @@ -56,10 +56,10 @@ def get_config(config=None): # instead of the VRF instance. if vrf: isis['vrf'] = vrf - # As we no re-use this Python handler for both VRF and non VRF instances for - # IS-IS we need to find out if any interfaces changed so properly adjust - # the FRR configuration and not by acctident change interfaces from a - # different VRF. + # FRR has VRF support for different routing daemons. As interfaces belong + # to VRFs - or the global VRF, we need to check for changed interfaces so + # that they will be properly rendered for the FRR config. Also this eases + # removal of interfaces from the running configuration. interfaces_removed = node_changed(conf, base + ['interface']) if interfaces_removed: isis['interface_removed'] = list(interfaces_removed) @@ -196,8 +196,6 @@ def verify(isis): def generate(isis): if not isis or 'deleted' in isis: - isis['frr_isisd_config'] = '' - isis['frr_zebra_config'] = '' return None isis['protocol'] = 'isis' # required for frr/vrf.route-map.frr.tmpl @@ -214,8 +212,9 @@ def apply(isis): # The route-map used for the FIB (zebra) is part of the zebra daemon frr_cfg.load_configuration(zebra_daemon) - frr_cfg.modify_section(r'(\s+)?ip protocol isis route-map [-a-zA-Z0-9.]+$', '', '(\s|!)') - frr_cfg.add_before(frr.default_add_before, isis['frr_zebra_config']) + frr_cfg.modify_section('(\s+)?ip protocol isis route-map [-a-zA-Z0-9.]+', stop_pattern='(\s|!)') + if 'frr_zebra_config' in isis: + frr_cfg.add_before(frr.default_add_before, isis['frr_zebra_config']) frr_cfg.commit_configuration(zebra_daemon) # Generate empty helper string which can be ammended to FRR commands, it @@ -225,15 +224,16 @@ def apply(isis): vrf = ' vrf ' + isis['vrf'] frr_cfg.load_configuration(isis_daemon) - frr_cfg.modify_section(f'^router isis VyOS{vrf}$', '') + frr_cfg.modify_section(f'^router isis VyOS{vrf}', stop_pattern='^exit', remove_stop_mark=True) for key in ['interface', 'interface_removed']: if key not in isis: continue for interface in isis[key]: - frr_cfg.modify_section(f'^interface {interface}{vrf}$', '') + frr_cfg.modify_section(f'^interface {interface}{vrf}', stop_pattern='^exit', remove_stop_mark=True) - frr_cfg.add_before(frr.default_add_before, isis['frr_isisd_config']) + if 'frr_isisd_config' in isis: + frr_cfg.add_before(frr.default_add_before, isis['frr_isisd_config']) frr_cfg.commit_configuration(isis_daemon) # Save configuration to /run/frr/config/frr.conf -- cgit v1.2.3 From fe0038c21b170f1b54a5a4461ca3aaade1ef93b7 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:02 +0100 Subject: ospfv3: T3753: reload config five (5) times - workaround for FRR issue #10132 Re-applying the same configuration after it failed the first times makes it load. See https://github.com/FRRouting/frr/issues/10132 for more details. --- src/conf_mode/protocols_ospfv3.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/conf_mode/protocols_ospfv3.py b/src/conf_mode/protocols_ospfv3.py index 374327798..77d9e0366 100755 --- a/src/conf_mode/protocols_ospfv3.py +++ b/src/conf_mode/protocols_ospfv3.py @@ -100,7 +100,15 @@ def apply(ospfv3): if 'new_frr_config' in ospfv3: frr_cfg.add_before(frr.default_add_before, ospfv3['new_frr_config']) - frr_cfg.commit_configuration(ospf6_daemon) + + # https://github.com/FRRouting/frr/issues/10132 + count = 0 + while count <= 5: + count += 1 + try: + frr_cfg.commit_configuration(ospf6_daemon) + except: + pass # Save configuration to /run/frr/config/frr.conf frr.save_configuration() -- cgit v1.2.3 From 3800ea910a72a4d1a78b63f235980d9414747816 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 10:32:02 +0100 Subject: isis: T3753: reload config five (5) times - workaround for FRR issue #10133 Re-applying the same configuration after it failed the first times makes it load. See https://github.com/FRRouting/frr/issues/10133 for more details --- src/conf_mode/protocols_isis.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/conf_mode/protocols_isis.py b/src/conf_mode/protocols_isis.py index 3a0c40dc6..5d02de869 100755 --- a/src/conf_mode/protocols_isis.py +++ b/src/conf_mode/protocols_isis.py @@ -234,7 +234,15 @@ def apply(isis): if 'frr_isisd_config' in isis: frr_cfg.add_before(frr.default_add_before, isis['frr_isisd_config']) - frr_cfg.commit_configuration(isis_daemon) + + # https://github.com/FRRouting/frr/issues/XXXX + count = 0 + while count <= 5: + count += 1 + try: + frr_cfg.commit_configuration(isis_daemon) + except: + pass # Save configuration to /run/frr/config/frr.conf frr.save_configuration() -- cgit v1.2.3 From 5e38895c906f05ecd3815573f07106a9ccab145a Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 19:34:07 +0100 Subject: frr: alwaws try to commit connfig 5 times As a result to some frr-reload bugs workarounded in commit 3800ea91 or fe0038c2 this commit adds the workaround in general. --- python/vyos/frr.py | 20 ++++++++++++-------- src/conf_mode/protocols_isis.py | 10 +--------- src/conf_mode/protocols_ospfv3.py | 10 +--------- src/conf_mode/protocols_rpki.py | 3 +++ 4 files changed, 17 insertions(+), 26 deletions(-) (limited to 'src') diff --git a/python/vyos/frr.py b/python/vyos/frr.py index 119ea8b50..7bad2b0b6 100644 --- a/python/vyos/frr.py +++ b/python/vyos/frr.py @@ -216,13 +216,8 @@ def reload_configuration(config, daemon=None): def save_configuration(): - """Save FRR configuration to /run/frr/config/frr.conf - It save configuration on each commit. T3217 - """ - - cmd(f'{path_vtysh} -n -w') - - return + """ T3217: Save FRR configuration to /run/frr/config/frr.conf """ + return cmd(f'{path_vtysh} -n -w') def execute(command): @@ -457,7 +452,16 @@ class FRRConfig: LOG.debug('commit_configuration: Commiting configuration') for i, e in enumerate(self.config): LOG.debug(f'commit_configuration: new_config {i:3} {e}') - reload_configuration('\n'.join(self.config), daemon=daemon) + + # https://github.com/FRRouting/frr/issues/10132 + # https://github.com/FRRouting/frr/issues/10133 + count = 0 + while count <= 5: + count += 1 + try: + reload_configuration('\n'.join(self.config), daemon=daemon) + except: + pass def modify_section(self, start_pattern, replacement='!', stop_pattern=r'\S+', remove_stop_mark=False, count=0): if isinstance(replacement, str): diff --git a/src/conf_mode/protocols_isis.py b/src/conf_mode/protocols_isis.py index 5d02de869..0011e6fbf 100755 --- a/src/conf_mode/protocols_isis.py +++ b/src/conf_mode/protocols_isis.py @@ -235,15 +235,7 @@ def apply(isis): if 'frr_isisd_config' in isis: frr_cfg.add_before(frr.default_add_before, isis['frr_isisd_config']) - # https://github.com/FRRouting/frr/issues/XXXX - count = 0 - while count <= 5: - count += 1 - try: - frr_cfg.commit_configuration(isis_daemon) - except: - pass - + frr_cfg.commit_configuration(isis_daemon) # Save configuration to /run/frr/config/frr.conf frr.save_configuration() diff --git a/src/conf_mode/protocols_ospfv3.py b/src/conf_mode/protocols_ospfv3.py index 77d9e0366..5d6ca7169 100755 --- a/src/conf_mode/protocols_ospfv3.py +++ b/src/conf_mode/protocols_ospfv3.py @@ -101,15 +101,7 @@ def apply(ospfv3): if 'new_frr_config' in ospfv3: frr_cfg.add_before(frr.default_add_before, ospfv3['new_frr_config']) - # https://github.com/FRRouting/frr/issues/10132 - count = 0 - while count <= 5: - count += 1 - try: - frr_cfg.commit_configuration(ospf6_daemon) - except: - pass - + frr_cfg.commit_configuration(ospf6_daemon) # Save configuration to /run/frr/config/frr.conf frr.save_configuration() diff --git a/src/conf_mode/protocols_rpki.py b/src/conf_mode/protocols_rpki.py index 41ce1f1fd..dadd8d6f4 100755 --- a/src/conf_mode/protocols_rpki.py +++ b/src/conf_mode/protocols_rpki.py @@ -93,7 +93,10 @@ def apply(rpki): frr_cfg.modify_section('^rpki') if 'new_frr_config' in rpki: frr_cfg.add_before(frr.default_add_before, rpki['new_frr_config']) + frr_cfg.commit_configuration(bgp_daemon) + # Save configuration to /run/frr/config/frr.conf + frr.save_configuration() return None -- cgit v1.2.3 From f1973bcf16fcc5e38c5fa3d3749846470e8e4afa Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 27 Nov 2021 20:10:55 +0100 Subject: frr: T3753: autosave config when calling commit_configuration() --- python/vyos/frr.py | 11 ++++++++--- src/conf_mode/policy.py | 3 --- src/conf_mode/protocols_bgp.py | 3 --- src/conf_mode/protocols_isis.py | 2 -- src/conf_mode/protocols_ospf.py | 3 --- src/conf_mode/protocols_ospfv3.py | 2 -- src/conf_mode/protocols_rip.py | 3 --- src/conf_mode/protocols_ripng.py | 3 --- src/conf_mode/protocols_rpki.py | 3 --- src/conf_mode/protocols_static.py | 3 --- src/conf_mode/vrf_vni.py | 3 --- 11 files changed, 8 insertions(+), 31 deletions(-) (limited to 'src') diff --git a/python/vyos/frr.py b/python/vyos/frr.py index e5253350a..a8f115d9a 100644 --- a/python/vyos/frr.py +++ b/python/vyos/frr.py @@ -445,9 +445,11 @@ class FRRConfig: mark_configuration('\n'.join(self.config)) def commit_configuration(self, daemon=None): - '''Commit the current configuration to FRR - daemon: str with name of the FRR daemon to commit to or - None to use the consolidated config + ''' + Commit the current configuration to FRR daemon: str with name of the + FRR daemon to commit to or None to use the consolidated config. + + Configuration is automatically saved after apply ''' LOG.debug('commit_configuration: Commiting configuration') for i, e in enumerate(self.config): @@ -469,6 +471,9 @@ class FRRConfig: if count >= count_max: raise ConfigurationNotValid(f'Config commit retry counter ({count_max}) exceeded') + # Save configuration to /run/frr/config/frr.conf + save_configuration() + def modify_section(self, start_pattern, replacement='!', stop_pattern=r'\S+', remove_stop_mark=False, count=0): if isinstance(replacement, str): diff --git a/src/conf_mode/policy.py b/src/conf_mode/policy.py index 5f9fcab9f..e251396c7 100755 --- a/src/conf_mode/policy.py +++ b/src/conf_mode/policy.py @@ -204,9 +204,6 @@ def apply(policy): frr_cfg.add_before(frr.default_add_before, policy['new_frr_config']) frr_cfg.commit_configuration(zebra_daemon) - # Save configuration to /run/frr/config/frr.conf - frr.save_configuration() - return None if __name__ == '__main__': diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index 359bfff76..b88f0c4ef 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -302,9 +302,6 @@ def apply(bgp): frr_cfg.add_before(frr.default_add_before, bgp['frr_bgpd_config']) frr_cfg.commit_configuration(bgp_daemon) - # Save configuration to /run/frr/config/frr.conf - frr.save_configuration() - return None if __name__ == '__main__': diff --git a/src/conf_mode/protocols_isis.py b/src/conf_mode/protocols_isis.py index 0011e6fbf..9b4b215de 100755 --- a/src/conf_mode/protocols_isis.py +++ b/src/conf_mode/protocols_isis.py @@ -236,8 +236,6 @@ def apply(isis): frr_cfg.add_before(frr.default_add_before, isis['frr_isisd_config']) frr_cfg.commit_configuration(isis_daemon) - # Save configuration to /run/frr/config/frr.conf - frr.save_configuration() return None diff --git a/src/conf_mode/protocols_ospf.py b/src/conf_mode/protocols_ospf.py index 255560e19..9d1fb48e4 100755 --- a/src/conf_mode/protocols_ospf.py +++ b/src/conf_mode/protocols_ospf.py @@ -231,9 +231,6 @@ def apply(ospf): frr_cfg.add_before(frr.default_add_before, ospf['frr_ospfd_config']) frr_cfg.commit_configuration(ospf_daemon) - # Save configuration to /run/frr/config/frr.conf - frr.save_configuration() - return None if __name__ == '__main__': diff --git a/src/conf_mode/protocols_ospfv3.py b/src/conf_mode/protocols_ospfv3.py index 5d6ca7169..f1e490f48 100755 --- a/src/conf_mode/protocols_ospfv3.py +++ b/src/conf_mode/protocols_ospfv3.py @@ -102,8 +102,6 @@ def apply(ospfv3): frr_cfg.add_before(frr.default_add_before, ospfv3['new_frr_config']) frr_cfg.commit_configuration(ospf6_daemon) - # Save configuration to /run/frr/config/frr.conf - frr.save_configuration() return None diff --git a/src/conf_mode/protocols_rip.py b/src/conf_mode/protocols_rip.py index 96df41bdb..300f56489 100755 --- a/src/conf_mode/protocols_rip.py +++ b/src/conf_mode/protocols_rip.py @@ -131,9 +131,6 @@ def apply(rip): frr_cfg.add_before(frr.default_add_before, rip['new_frr_config']) frr_cfg.commit_configuration(rip_daemon) - # Save configuration to /run/frr/config/frr.conf - frr.save_configuration() - return None if __name__ == '__main__': diff --git a/src/conf_mode/protocols_ripng.py b/src/conf_mode/protocols_ripng.py index d46a2216c..d9b8c0b30 100755 --- a/src/conf_mode/protocols_ripng.py +++ b/src/conf_mode/protocols_ripng.py @@ -116,9 +116,6 @@ def apply(ripng): frr_cfg.add_before(frr.default_add_before, ripng['new_frr_config']) frr_cfg.commit_configuration(ripng_daemon) - # Save configuration to /run/frr/config/frr.conf - frr.save_configuration() - return None if __name__ == '__main__': diff --git a/src/conf_mode/protocols_rpki.py b/src/conf_mode/protocols_rpki.py index dadd8d6f4..4bd4e8650 100755 --- a/src/conf_mode/protocols_rpki.py +++ b/src/conf_mode/protocols_rpki.py @@ -95,9 +95,6 @@ def apply(rpki): frr_cfg.add_before(frr.default_add_before, rpki['new_frr_config']) frr_cfg.commit_configuration(bgp_daemon) - # Save configuration to /run/frr/config/frr.conf - frr.save_configuration() - return None if __name__ == '__main__': diff --git a/src/conf_mode/protocols_static.py b/src/conf_mode/protocols_static.py index 5cfe37655..c1e427b16 100755 --- a/src/conf_mode/protocols_static.py +++ b/src/conf_mode/protocols_static.py @@ -114,9 +114,6 @@ def apply(static): frr_cfg.add_before(frr.default_add_before, static['new_frr_config']) frr_cfg.commit_configuration(static_daemon) - # Save configuration to /run/frr/config/frr.conf - frr.save_configuration() - return None if __name__ == '__main__': diff --git a/src/conf_mode/vrf_vni.py b/src/conf_mode/vrf_vni.py index a357f30dd..680d79826 100755 --- a/src/conf_mode/vrf_vni.py +++ b/src/conf_mode/vrf_vni.py @@ -52,9 +52,6 @@ def apply(vrf): frr_cfg.add_before(frr.default_add_before, vrf['new_frr_config']) frr_cfg.commit_configuration(frr_daemon) - # Save configuration to /run/frr/config/frr.conf - frr.save_configuration() - return None if __name__ == '__main__': -- cgit v1.2.3 From 95d214d2406df82bb57dd7669d230295d8aca5f5 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 28 Nov 2021 09:54:22 +0100 Subject: ospf: comment cleanup --- src/conf_mode/protocols_ospf.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/conf_mode/protocols_ospf.py b/src/conf_mode/protocols_ospf.py index 9d1fb48e4..4895cde6f 100755 --- a/src/conf_mode/protocols_ospf.py +++ b/src/conf_mode/protocols_ospf.py @@ -177,11 +177,11 @@ def verify(ospf): raise ConfigError('Can not use OSPF interface area and area ' \ 'network configuration at the same time!') - if 'vrf' in ospf: # If interface specific options are set, we must ensure that the # interface is bound to our requesting VRF. Due to the VyOS # priorities the interface is bound to the VRF after creation of # the VRF itself, and before any routing protocol is configured. + if 'vrf' in ospf: vrf = ospf['vrf'] tmp = get_interface_config(interface) if 'master' not in tmp or tmp['master'] != vrf: -- cgit v1.2.3 From 192903561e5d7211155554fe06c18673fa74e1ed Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 28 Nov 2021 10:00:57 +0100 Subject: ospfv3: T3928: add VRF support set vrf name foo protocols ospfv3 --- data/templates/frr/ospf6d.frr.tmpl | 4 +- .../include/ospfv3/protocol-common-config.xml.i | 241 +++++++++++++++++++++ interface-definitions/protocols-ospfv3.xml.in | 240 +------------------- interface-definitions/vrf.xml.in | 9 + smoketest/scripts/cli/test_protocols_ospfv3.py | 39 ++++ src/conf_mode/protocols_ospfv3.py | 46 +++- 6 files changed, 331 insertions(+), 248 deletions(-) create mode 100644 interface-definitions/include/ospfv3/protocol-common-config.xml.i (limited to 'src') diff --git a/data/templates/frr/ospf6d.frr.tmpl b/data/templates/frr/ospf6d.frr.tmpl index 5871b3d7a..10a6d9b4b 100644 --- a/data/templates/frr/ospf6d.frr.tmpl +++ b/data/templates/frr/ospf6d.frr.tmpl @@ -1,7 +1,7 @@ ! {% if interface is defined and interface is not none %} {% for iface, iface_config in interface.items() %} -interface {{ iface }} +interface {{ iface }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} {% if iface_config.area is defined and iface_config.area is not none %} ipv6 ospf6 area {{ iface_config.area }} {% endif %} @@ -46,7 +46,7 @@ exit {% endfor %} {% endif %} ! -router ospf6 +router ospf6 {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} {% if area is defined and area is not none %} {% for area_id, area_config in area.items() %} {% if area_config.area_type is defined and area_config.area_type is not none %} diff --git a/interface-definitions/include/ospfv3/protocol-common-config.xml.i b/interface-definitions/include/ospfv3/protocol-common-config.xml.i new file mode 100644 index 000000000..a93939a34 --- /dev/null +++ b/interface-definitions/include/ospfv3/protocol-common-config.xml.i @@ -0,0 +1,241 @@ + + + + OSPFv3 Area + + u32 + Area ID as a decimal value + + + ipv4 + Area ID in IP address forma + + + + + + + + + + OSPFv3 Area type + + + + + Stub OSPFv3 area + + + + + Do not inject inter-area routes into the stub + + + + + + + + + + Name of export-list + + policy access-list6 + + + + + + Name of import-list + + policy access-list6 + + + + + + Specify IPv6 prefix (border routers only) + + ipv6net + Specify IPv6 prefix (border routers only) + + + + + + + + + Advertise this range + + + + + + Do not advertise this range + + + + + + + + + + Administrative distance + + + #include + + + OSPFv3 administrative distance + + + #include + + + + + + + Enable routing on an IPv6 interface + + + + + txt + Interface used for routing information exchange + + + + + + + + + Enable OSPF on this interface + + protocols ospfv3 area + + + u32 + OSPF area ID as decimal notation + + + ipv4 + OSPF area ID in IP address notation + + + + + + + + #include + #include + + + Interface MTU + + u32:1-65535 + Interface MTU + + + + + + + + + Instance Id (default: 0) + + u32:0-255 + Instance Id + + + + + + 0 + + + + Network type + + broadcast point-to-point + + + broadcast + Broadcast network type + + + point-to-point + Point-to-point network type + + + ^(broadcast|point-to-point)$ + + Must be broadcast or point-to-point + + + #include + + +#include + + + OSPFv3 specific parameters + + + #include + + + + + Redistribute information from another routing protocol + + + + + Redistribute BGP routes + + + #include + + + + + Redistribute connected routes + + + #include + + + + + Redistribute kernel routes + + + #include + + + + + Redistribute RIPNG routes + + + #include + + + + + Redistribute static routes + + + #include + + + + +#include + diff --git a/interface-definitions/protocols-ospfv3.xml.in b/interface-definitions/protocols-ospfv3.xml.in index c7a94d58c..2b98ffa7b 100644 --- a/interface-definitions/protocols-ospfv3.xml.in +++ b/interface-definitions/protocols-ospfv3.xml.in @@ -8,245 +8,7 @@ 620 - - - OSPFv3 Area - - u32 - Area ID as a decimal value - - - ipv4 - Area ID in IP address forma - - - - - - - - - - OSPFv3 Area type - - - - - Stub OSPFv3 area - - - - - Do not inject inter-area routes into the stub - - - - - - - - - - Name of export-list - - policy access-list6 - - - - - - Name of import-list - - policy access-list6 - - - - - - Specify IPv6 prefix (border routers only) - - ipv6net - Specify IPv6 prefix (border routers only) - - - - - - - - - Advertise this range - - - - - - Do not advertise this range - - - - - - - - - - Administrative distance - - - #include - - - OSPFv3 administrative distance - - - #include - - - - - - - Enable routing on an IPv6 interface - - - - - txt - Interface used for routing information exchange - - - - - - - - - Enable OSPF on this interface - - protocols ospfv3 area - - - u32 - OSPF area ID as decimal notation - - - ipv4 - OSPF area ID in IP address notation - - - - - - - - #include - #include - - - Interface MTU - - u32:1-65535 - Interface MTU - - - - - - - - - Instance Id (default: 0) - - u32:0-255 - Instance Id - - - - - - 0 - - - - Network type - - broadcast point-to-point - - - broadcast - Broadcast network type - - - point-to-point - Point-to-point network type - - - ^(broadcast|point-to-point)$ - - Must be broadcast or point-to-point - - - #include - - - #include - - - OSPFv3 specific parameters - - - #include - - - - - Redistribute information from another routing protocol - - - - - Redistribute BGP routes - - - #include - - - - - Redistribute connected routes - - - #include - - - - - Redistribute kernel routes - - - #include - - - - - Redistribute RIPNG routes - - - #include - - - - - Redistribute static routes - - - #include - - - - - #include + #include diff --git a/interface-definitions/vrf.xml.in b/interface-definitions/vrf.xml.in index d6a602f53..14c31fa8a 100644 --- a/interface-definitions/vrf.xml.in +++ b/interface-definitions/vrf.xml.in @@ -60,6 +60,15 @@ #include + + + Open Shortest Path First (OSPF) for IPv6 + 621 + + + #include + + Static route parameters diff --git a/smoketest/scripts/cli/test_protocols_ospfv3.py b/smoketest/scripts/cli/test_protocols_ospfv3.py index 8e12990d5..f0557f640 100755 --- a/smoketest/scripts/cli/test_protocols_ospfv3.py +++ b/smoketest/scripts/cli/test_protocols_ospfv3.py @@ -167,5 +167,44 @@ class TestProtocolsOSPFv3(VyOSUnitTestSHIM.TestCase): self.assertIn(f' area {area_stub} stub', frrconfig) self.assertIn(f' area {area_stub_nosum} stub no-summary', frrconfig) + + def test_ospfv3_06_vrfs(self): + # It is safe to assume that when the basic VRF test works, all + # other OSPF related features work, as we entirely inherit the CLI + # templates and Jinja2 FRR template. + table = '1000' + vrf = 'blue' + vrf_base = ['vrf', 'name', vrf] + vrf_iface = 'eth1' + router_id = '1.2.3.4' + router_id_vrf = '1.2.3.5' + + self.cli_set(vrf_base + ['table', table]) + self.cli_set(vrf_base + ['protocols', 'ospfv3', 'interface', vrf_iface, 'bfd']) + self.cli_set(vrf_base + ['protocols', 'ospfv3', 'parameters', 'router-id', router_id_vrf]) + + self.cli_set(['interfaces', 'ethernet', vrf_iface, 'vrf', vrf]) + + # Also set a default VRF OSPF config + self.cli_set(base_path + ['parameters', 'router-id', router_id]) + self.cli_commit() + + # Verify FRR ospfd configuration + frrconfig = self.getFRRconfig('router ospf6') + self.assertIn(f'router ospf6', frrconfig) + self.assertIn(f' ospf6 router-id {router_id}', frrconfig) + + frrconfig = self.getFRRconfig(f'interface {vrf_iface} vrf {vrf}') + self.assertIn(f'interface {vrf_iface} vrf {vrf}', frrconfig) + self.assertIn(f' ipv6 ospf6 bfd', frrconfig) + + frrconfig = self.getFRRconfig(f'router ospf6 vrf {vrf}') + self.assertIn(f'router ospf6 vrf {vrf}', frrconfig) + self.assertIn(f' ospf6 router-id {router_id_vrf}', frrconfig) + + # cleanup + self.cli_delete(['vrf', 'name', vrf]) + self.cli_delete(['interfaces', 'ethernet', vrf_iface, 'vrf']) + if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/src/conf_mode/protocols_ospfv3.py b/src/conf_mode/protocols_ospfv3.py index f1e490f48..d0460b830 100755 --- a/src/conf_mode/protocols_ospfv3.py +++ b/src/conf_mode/protocols_ospfv3.py @@ -17,6 +17,7 @@ import os from sys import exit +from sys import argv from vyos.config import Config from vyos.configdict import dict_merge @@ -24,6 +25,7 @@ from vyos.configdict import node_changed from vyos.configverify import verify_common_route_maps from vyos.template import render_to_string from vyos.ifconfig import Interface +from vyos.util import get_interface_config from vyos.xml import defaults from vyos import ConfigError from vyos import frr @@ -35,9 +37,22 @@ def get_config(config=None): conf = config else: conf = Config() - base = ['protocols', 'ospfv3'] + + vrf = None + if len(argv) > 1: + vrf = argv[1] + + base_path = ['protocols', 'ospfv3'] + + # eqivalent of the C foo ? 'a' : 'b' statement + base = vrf and ['vrf', 'name', vrf, 'protocols', 'ospfv3'] or base_path ospfv3 = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) + # Assign the name of our VRF context. This MUST be done before the return + # statement below, else on deletion we will delete the default instance + # instead of the VRF instance. + if vrf: ospfv3['vrf'] = vrf + # FRR has VRF support for different routing daemons. As interfaces belong # to VRFs - or the global VRF, we need to check for changed interfaces so # that they will be properly rendered for the FRR config. Also this eases @@ -69,12 +84,22 @@ def verify(ospfv3): verify_common_route_maps(ospfv3) if 'interface' in ospfv3: - for ifname, if_config in ospfv3['interface'].items(): - if 'ifmtu' in if_config: - mtu = Interface(ifname).get_mtu() - if int(if_config['ifmtu']) > int(mtu): + for interface, interface_config in ospfv3['interface'].items(): + if 'ifmtu' in interface_config: + mtu = Interface(interface).get_mtu() + if int(interface_config['ifmtu']) > int(mtu): raise ConfigError(f'OSPFv3 ifmtu can not exceed physical MTU of "{mtu}"') + # If interface specific options are set, we must ensure that the + # interface is bound to our requesting VRF. Due to the VyOS + # priorities the interface is bound to the VRF after creation of + # the VRF itself, and before any routing protocol is configured. + if 'vrf' in ospfv3: + vrf = ospfv3['vrf'] + tmp = get_interface_config(interface) + if 'master' not in tmp or tmp['master'] != vrf: + raise ConfigError(f'Interface {interface} is not a member of VRF {vrf}!') + return None def generate(ospfv3): @@ -89,14 +114,21 @@ def apply(ospfv3): # Save original configuration prior to starting any commit actions frr_cfg = frr.FRRConfig() + + # Generate empty helper string which can be ammended to FRR commands, it + # will be either empty (default VRF) or contain the "vrf Date: Sun, 28 Nov 2021 10:37:36 +0100 Subject: vrf: vni: T3753: adjust to new FRR 8.1 syntax --- src/conf_mode/vrf_vni.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/conf_mode/vrf_vni.py b/src/conf_mode/vrf_vni.py index 680d79826..1a7bd1f09 100755 --- a/src/conf_mode/vrf_vni.py +++ b/src/conf_mode/vrf_vni.py @@ -47,7 +47,7 @@ def apply(vrf): # add configuration to FRR frr_cfg = frr.FRRConfig() frr_cfg.load_configuration(frr_daemon) - frr_cfg.modify_section(f'^vrf .+', '') + frr_cfg.modify_section(f'^vrf .+', stop_pattern='^exit-vrf', remove_stop_mark=True) if 'new_frr_config' in vrf: frr_cfg.add_before(frr.default_add_before, vrf['new_frr_config']) frr_cfg.commit_configuration(frr_daemon) -- cgit v1.2.3 From b675c8b6187c4b77759e3f96c9c92dd382dabeae Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 28 Nov 2021 10:44:12 +0100 Subject: op-mode: lldp: T3999: bugfix KeyError: 'capability' --- src/op_mode/lldp_op.py | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src') diff --git a/src/op_mode/lldp_op.py b/src/op_mode/lldp_op.py index 731e71891..b9ebc991a 100755 --- a/src/op_mode/lldp_op.py +++ b/src/op_mode/lldp_op.py @@ -55,6 +55,9 @@ def parse_data(data, interface): if interface is not None and local_if != interface: continue for chassis, c_value in values.get('chassis', {}).items(): + # bail out early if no capabilities found + if 'capability' not in c_value: + continue capabilities = c_value['capability'] if isinstance(capabilities, dict): capabilities = [capabilities] -- cgit v1.2.3 From f36ac55e5355b170b181eef999be616700edffc1 Mon Sep 17 00:00:00 2001 From: Viacheslav Date: Mon, 29 Nov 2021 19:54:42 +0000 Subject: op-mode: T3725: Show configuration in JSON format --- op-mode-definitions/show-configuration.xml.in | 15 +++++++++++ src/op_mode/show_configuration_json.py | 36 +++++++++++++++++++++++++++ 2 files changed, 51 insertions(+) create mode 100755 src/op_mode/show_configuration_json.py (limited to 'src') diff --git a/op-mode-definitions/show-configuration.xml.in b/op-mode-definitions/show-configuration.xml.in index 318942ab0..5a2fdedfa 100644 --- a/op-mode-definitions/show-configuration.xml.in +++ b/op-mode-definitions/show-configuration.xml.in @@ -30,6 +30,21 @@ ${vyos_op_scripts_dir}/show_configuration_files.sh + + + Show running configuration in JSON format + + + ${vyos_op_scripts_dir}/show_configuration_json.py + + + + Show running configuration in readable JSON format + + ${vyos_op_scripts_dir}/show_configuration_json.py --pretty + + + diff --git a/src/op_mode/show_configuration_json.py b/src/op_mode/show_configuration_json.py new file mode 100755 index 000000000..fdece533b --- /dev/null +++ b/src/op_mode/show_configuration_json.py @@ -0,0 +1,36 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2021 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import argparse +import json + +from vyos.configquery import ConfigTreeQuery + + +config = ConfigTreeQuery() +c = config.get_config_dict() + +parser = argparse.ArgumentParser() +parser.add_argument("-p", "--pretty", action="store_true", help="Show pretty configuration in JSON format") + + +if __name__ == '__main__': + args = parser.parse_args() + + if args.pretty: + print(json.dumps(c, indent=4)) + else: + print(json.dumps(c)) -- cgit v1.2.3 From 1f926e1b1fe7d82113be55916a55ca7e3cceac76 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Mon, 29 Nov 2021 11:27:40 -0600 Subject: graphql: T3993: add op-mode requests --- src/services/api/graphql/graphql/directives.py | 16 ++++++++++++---- src/services/api/graphql/graphql/mutations.py | 7 ++++++- src/services/api/graphql/graphql/schema/schema.graphql | 2 ++ src/services/api/graphql/graphql/schema/show.graphql | 14 ++++++++++++++ src/services/api/graphql/recipes/session.py | 12 ++++++++++++ 5 files changed, 46 insertions(+), 5 deletions(-) create mode 100644 src/services/api/graphql/graphql/schema/show.graphql (limited to 'src') diff --git a/src/services/api/graphql/graphql/directives.py b/src/services/api/graphql/graphql/directives.py index f5cd88acd..55aceca1b 100644 --- a/src/services/api/graphql/graphql/directives.py +++ b/src/services/api/graphql/graphql/directives.py @@ -1,5 +1,5 @@ from ariadne import SchemaDirectiveVisitor, ObjectType -from . mutations import make_configure_resolver, make_config_file_resolver +from . mutations import * def non(arg): pass @@ -19,7 +19,6 @@ class VyosDirective(SchemaDirectiveVisitor): class ConfigureDirective(VyosDirective): """ Class providing implementation of 'configure' directive in schema. - """ def visit_field_definition(self, field, object_type): super().visit_field_definition(field, object_type, @@ -28,10 +27,19 @@ class ConfigureDirective(VyosDirective): class ConfigFileDirective(VyosDirective): """ Class providing implementation of 'configfile' directive in schema. - """ def visit_field_definition(self, field, object_type): super().visit_field_definition(field, object_type, make_resolver=make_config_file_resolver) -directives_dict = {"configure": ConfigureDirective, "configfile": ConfigFileDirective} +class ShowDirective(VyosDirective): + """ + Class providing implementation of 'show' directive in schema. + """ + def visit_field_definition(self, field, object_type): + super().visit_field_definition(field, object_type, + make_resolver=make_show_resolver) + +directives_dict = {"configure": ConfigureDirective, + "configfile": ConfigFileDirective, + "show": ShowDirective} diff --git a/src/services/api/graphql/graphql/mutations.py b/src/services/api/graphql/graphql/mutations.py index 8a28b13d7..5913ee8b1 100644 --- a/src/services/api/graphql/graphql/mutations.py +++ b/src/services/api/graphql/graphql/mutations.py @@ -51,7 +51,8 @@ def make_resolver(mutation_name, class_name, session_func): klass = type(class_name, (Session,), {}) k = klass(session, data) method = getattr(k, session_func) - method() + result = method() + data['result'] = result return { "success": True, @@ -78,3 +79,7 @@ def make_config_file_resolver(mutation_name): return make_resolver(mutation_name, class_name, 'load') else: raise Exception + +def make_show_resolver(mutation_name): + class_name = mutation_name + return make_resolver(mutation_name, class_name, 'show') diff --git a/src/services/api/graphql/graphql/schema/schema.graphql b/src/services/api/graphql/graphql/schema/schema.graphql index 9e97a0d60..764a50130 100644 --- a/src/services/api/graphql/graphql/schema/schema.graphql +++ b/src/services/api/graphql/graphql/schema/schema.graphql @@ -9,6 +9,7 @@ type Query { directive @configure on FIELD_DEFINITION directive @configfile on FIELD_DEFINITION +directive @show on FIELD_DEFINITION type Mutation { CreateDhcpServer(data: DhcpServerConfigInput) : CreateDhcpServerResult @configure @@ -18,4 +19,5 @@ type Mutation { RemoveFirewallAddressGroupMembers(data: RemoveFirewallAddressGroupMembersInput) : RemoveFirewallAddressGroupMembersResult @configure SaveConfigFile(data: SaveConfigFileInput) : SaveConfigFileResult @configfile LoadConfigFile(data: LoadConfigFileInput) : LoadConfigFileResult @configfile + Show(data: ShowInput) : ShowResult @show } diff --git a/src/services/api/graphql/graphql/schema/show.graphql b/src/services/api/graphql/graphql/schema/show.graphql new file mode 100644 index 000000000..c7709e48b --- /dev/null +++ b/src/services/api/graphql/graphql/schema/show.graphql @@ -0,0 +1,14 @@ +input ShowInput { + path: [String!]! +} + +type Show { + path: [String] + result: String +} + +type ShowResult { + data: Show + success: Boolean! + errors: [String] +} diff --git a/src/services/api/graphql/recipes/session.py b/src/services/api/graphql/recipes/session.py index b96cc1753..c6c3209c0 100644 --- a/src/services/api/graphql/recipes/session.py +++ b/src/services/api/graphql/recipes/session.py @@ -63,3 +63,15 @@ class Session(object): session.commit() except Exception as error: raise error + + def show(self): + session = self._session + data = self._data + out = '' + + try: + out = session.show(data['path']) + except Exception as error: + raise error + + return out -- cgit v1.2.3 From a05866e5301934f61a3c83550f91926e03bfc7b0 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Mon, 29 Nov 2021 16:02:12 -0600 Subject: graphql: T3993: add config session show_config Note that one can also use the mutation Show, with path ["configuration", "json", "pretty"]; that command will obscure passwords and keys, and we may want to disallow this version. --- src/services/api/graphql/graphql/directives.py | 9 +++++++++ src/services/api/graphql/graphql/mutations.py | 4 ++++ .../api/graphql/graphql/schema/schema.graphql | 2 ++ .../api/graphql/graphql/schema/show_config.graphql | 21 +++++++++++++++++++++ src/services/api/graphql/recipes/session.py | 19 +++++++++++++++++++ 5 files changed, 55 insertions(+) create mode 100644 src/services/api/graphql/graphql/schema/show_config.graphql (limited to 'src') diff --git a/src/services/api/graphql/graphql/directives.py b/src/services/api/graphql/graphql/directives.py index 55aceca1b..4bc31c6b5 100644 --- a/src/services/api/graphql/graphql/directives.py +++ b/src/services/api/graphql/graphql/directives.py @@ -24,6 +24,14 @@ class ConfigureDirective(VyosDirective): super().visit_field_definition(field, object_type, make_resolver=make_configure_resolver) +class ShowConfigDirective(VyosDirective): + """ + Class providing implementation of 'show' directive in schema. + """ + def visit_field_definition(self, field, object_type): + super().visit_field_definition(field, object_type, + make_resolver=make_show_config_resolver) + class ConfigFileDirective(VyosDirective): """ Class providing implementation of 'configfile' directive in schema. @@ -41,5 +49,6 @@ class ShowDirective(VyosDirective): make_resolver=make_show_resolver) directives_dict = {"configure": ConfigureDirective, + "showconfig": ShowConfigDirective, "configfile": ConfigFileDirective, "show": ShowDirective} diff --git a/src/services/api/graphql/graphql/mutations.py b/src/services/api/graphql/graphql/mutations.py index 5913ee8b1..0ba2cd4bb 100644 --- a/src/services/api/graphql/graphql/mutations.py +++ b/src/services/api/graphql/graphql/mutations.py @@ -70,6 +70,10 @@ def make_configure_resolver(mutation_name): class_name = mutation_name return make_resolver(mutation_name, class_name, 'configure') +def make_show_config_resolver(mutation_name): + class_name = mutation_name + return make_resolver(mutation_name, class_name, 'show_config') + def make_config_file_resolver(mutation_name): if 'Save' in mutation_name: class_name = mutation_name.replace('Save', '', 1) diff --git a/src/services/api/graphql/graphql/schema/schema.graphql b/src/services/api/graphql/graphql/schema/schema.graphql index 764a50130..375b88cc5 100644 --- a/src/services/api/graphql/graphql/schema/schema.graphql +++ b/src/services/api/graphql/graphql/schema/schema.graphql @@ -10,6 +10,7 @@ type Query { directive @configure on FIELD_DEFINITION directive @configfile on FIELD_DEFINITION directive @show on FIELD_DEFINITION +directive @showconfig on FIELD_DEFINITION type Mutation { CreateDhcpServer(data: DhcpServerConfigInput) : CreateDhcpServerResult @configure @@ -20,4 +21,5 @@ type Mutation { SaveConfigFile(data: SaveConfigFileInput) : SaveConfigFileResult @configfile LoadConfigFile(data: LoadConfigFileInput) : LoadConfigFileResult @configfile Show(data: ShowInput) : ShowResult @show + ShowConfig(data: ShowConfigInput) : ShowConfigResult @showconfig } diff --git a/src/services/api/graphql/graphql/schema/show_config.graphql b/src/services/api/graphql/graphql/schema/show_config.graphql new file mode 100644 index 000000000..34afd2aa9 --- /dev/null +++ b/src/services/api/graphql/graphql/schema/show_config.graphql @@ -0,0 +1,21 @@ +""" +Use 'scalar Generic' for show config output, to avoid attempts to +JSON-serialize in case of JSON output. +""" +scalar Generic + +input ShowConfigInput { + path: [String!]! + configFormat: String +} + +type ShowConfig { + path: [String] + result: Generic +} + +type ShowConfigResult { + data: ShowConfig + success: Boolean! + errors: [String] +} diff --git a/src/services/api/graphql/recipes/session.py b/src/services/api/graphql/recipes/session.py index c6c3209c0..f8c072b39 100644 --- a/src/services/api/graphql/recipes/session.py +++ b/src/services/api/graphql/recipes/session.py @@ -1,6 +1,10 @@ +import json + from ariadne import convert_camel_case_to_snake + import vyos.defaults from vyos.config import Config +from vyos.configtree import ConfigTree from vyos.template import render class Session(object): @@ -43,6 +47,21 @@ class Session(object): session.delete(path) session.commit() + def show_config(self): + session = self._session + data = self._data + out = '' + + try: + out = session.show_config(data['path']) + if data.get('config_format', '') == 'json': + config_tree = vyos.configtree.ConfigTree(out) + out = json.loads(config_tree.to_json()) + except Exception as error: + raise error + + return out + def save(self): session = self._session data = self._data -- cgit v1.2.3 From 9304b1409a53cc197ef4d8fa58e96e0542b01128 Mon Sep 17 00:00:00 2001 From: DmitriyEshenko Date: Wed, 1 Dec 2021 07:56:24 +0000 Subject: openconnect: T3695: Add systemd service checker on commit --- src/conf_mode/vpn_openconnect.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'src') diff --git a/src/conf_mode/vpn_openconnect.py b/src/conf_mode/vpn_openconnect.py index f6db196dc..51ea1f223 100755 --- a/src/conf_mode/vpn_openconnect.py +++ b/src/conf_mode/vpn_openconnect.py @@ -23,9 +23,11 @@ from vyos.pki import wrap_certificate from vyos.pki import wrap_private_key from vyos.template import render from vyos.util import call +from vyos.util import is_systemd_service_running from vyos.xml import defaults from vyos import ConfigError from crypt import crypt, mksalt, METHOD_SHA512 +from time import sleep from vyos import airbag airbag.enable() @@ -172,6 +174,16 @@ def apply(ocserv): os.unlink(file) else: call('systemctl restart ocserv.service') + counter = 0 + while True: + # exit early when service runs + if is_systemd_service_running("ocserv.service"): + break + sleep(0.250) + if counter > 5: + raise ConfigError('openconnect failed to start, check the logs for details') + break + counter += 1 if __name__ == '__main__': -- cgit v1.2.3 From 9f6ca1e489c0498bfa90ca027d1d7419d4e422b8 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Tue, 30 Nov 2021 16:55:03 -0600 Subject: graphql: T3993: update README.graphql --- src/services/api/graphql/README.graphql | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/services/api/graphql/README.graphql b/src/services/api/graphql/README.graphql index 29f58f709..a3c30b005 100644 --- a/src/services/api/graphql/README.graphql +++ b/src/services/api/graphql/README.graphql @@ -73,6 +73,20 @@ mutation { } } +Op-mode 'show' commands may be requested by path, e.g.: + +mutation { + Show (data: {path: ["interfaces", "ethernet", "detail"]}) { + success + errors + data { + result + } + } +} + +N.B. to see the output the 'data' field 'result' must be present in the +request. The GraphQL playground will be found at: @@ -97,15 +111,22 @@ services │   │   └── schema │   │   ├── config_file.graphql │   │   ├── dhcp_server.graphql +│   │   ├── firewall_group.graphql │   │   ├── interface_ethernet.graphql -│   │   └── schema.graphql +│   │   ├── schema.graphql +│   │   ├── show_config.graphql +│   │   └── show.graphql │   ├── README.graphql │   ├── recipes │   │   ├── __init__.py +│   │   ├── remove_firewall_address_group_members.py │   │   ├── session.py │   │   └── templates │   │   ├── create_dhcp_server.tmpl -│   │   └── create_interface_ethernet.tmpl +│   │   ├── create_firewall_address_group.tmpl +│   │   ├── create_interface_ethernet.tmpl +│   │   ├── remove_firewall_address_group_members.tmpl +│   │   └── update_firewall_address_group_members.tmpl │   └── state.py ├── vyos-configd ├── vyos-hostsd -- cgit v1.2.3 From f2bdd26c36e7074d093e001656bc649b7c7426d3 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Wed, 1 Dec 2021 11:49:22 -0600 Subject: http-api: T3440: simplify vyos-http-api initialization --- src/conf_mode/http-api.py | 2 +- src/systemd/vyos-http-api.service | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/conf_mode/http-api.py b/src/conf_mode/http-api.py index 7e4b117c8..4bfcbeb47 100755 --- a/src/conf_mode/http-api.py +++ b/src/conf_mode/http-api.py @@ -100,7 +100,7 @@ def apply(http_api): call('systemctl stop vyos-http-api.service') # Let uvicorn settle before restarting Nginx - time.sleep(2) + time.sleep(1) cmd(f'{vyos_conf_scripts_dir}/https.py', raising=ConfigError) diff --git a/src/systemd/vyos-http-api.service b/src/systemd/vyos-http-api.service index ba5df5984..55370b356 100644 --- a/src/systemd/vyos-http-api.service +++ b/src/systemd/vyos-http-api.service @@ -1,10 +1,9 @@ [Unit] Description=VyOS HTTP API service -After=auditd.service systemd-user-sessions.service time-sync.target vyos-router.service +After=vyos-router.service Requires=vyos-router.service [Service] -ExecStartPre=/usr/libexec/vyos/init/vyos-config ExecStart=/usr/libexec/vyos/services/vyos-http-api-server Type=idle @@ -18,6 +17,5 @@ User=root Group=vyattacfg [Install] -# Installing in a earlier target leaves ExecStartPre waiting -WantedBy=getty.target +WantedBy=vyos.target -- cgit v1.2.3 From 358831c18fcf2937f4bf85a55fa0c8bdc802d817 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Wed, 1 Dec 2021 13:14:07 -0600 Subject: graphql: T3993: define add/delete system image request --- src/services/api/graphql/graphql/directives.py | 11 +++++++- src/services/api/graphql/graphql/mutations.py | 10 ++++++++ .../api/graphql/graphql/schema/image.graphql | 29 ++++++++++++++++++++++ .../api/graphql/graphql/schema/schema.graphql | 3 +++ src/services/api/graphql/recipes/session.py | 29 +++++++++++++++++++++- 5 files changed, 80 insertions(+), 2 deletions(-) create mode 100644 src/services/api/graphql/graphql/schema/image.graphql (limited to 'src') diff --git a/src/services/api/graphql/graphql/directives.py b/src/services/api/graphql/graphql/directives.py index 4bc31c6b5..10bc522db 100644 --- a/src/services/api/graphql/graphql/directives.py +++ b/src/services/api/graphql/graphql/directives.py @@ -48,7 +48,16 @@ class ShowDirective(VyosDirective): super().visit_field_definition(field, object_type, make_resolver=make_show_resolver) +class ImageDirective(VyosDirective): + """ + Class providing implementation of 'image' directive in schema. + """ + def visit_field_definition(self, field, object_type): + super().visit_field_definition(field, object_type, + make_resolver=make_image_resolver) + directives_dict = {"configure": ConfigureDirective, "showconfig": ShowConfigDirective, "configfile": ConfigFileDirective, - "show": ShowDirective} + "show": ShowDirective, + "image": ImageDirective} diff --git a/src/services/api/graphql/graphql/mutations.py b/src/services/api/graphql/graphql/mutations.py index 0ba2cd4bb..8e5aab56d 100644 --- a/src/services/api/graphql/graphql/mutations.py +++ b/src/services/api/graphql/graphql/mutations.py @@ -87,3 +87,13 @@ def make_config_file_resolver(mutation_name): def make_show_resolver(mutation_name): class_name = mutation_name return make_resolver(mutation_name, class_name, 'show') + +def make_image_resolver(mutation_name): + if 'Add' in mutation_name: + class_name = mutation_name.replace('Add', '', 1) + return make_resolver(mutation_name, class_name, 'add') + elif 'Delete' in mutation_name: + class_name = mutation_name.replace('Delete', '', 1) + return make_resolver(mutation_name, class_name, 'delete') + else: + raise Exception diff --git a/src/services/api/graphql/graphql/schema/image.graphql b/src/services/api/graphql/graphql/schema/image.graphql new file mode 100644 index 000000000..7d1b4f9d0 --- /dev/null +++ b/src/services/api/graphql/graphql/schema/image.graphql @@ -0,0 +1,29 @@ +input AddSystemImageInput { + location: String! +} + +type AddSystemImage { + location: String + result: String +} + +type AddSystemImageResult { + data: AddSystemImage + success: Boolean! + errors: [String] +} + +input DeleteSystemImageInput { + name: String! +} + +type DeleteSystemImage { + name: String + result: String +} + +type DeleteSystemImageResult { + data: DeleteSystemImage + success: Boolean! + errors: [String] +} diff --git a/src/services/api/graphql/graphql/schema/schema.graphql b/src/services/api/graphql/graphql/schema/schema.graphql index 375b88cc5..c6899bee6 100644 --- a/src/services/api/graphql/graphql/schema/schema.graphql +++ b/src/services/api/graphql/graphql/schema/schema.graphql @@ -11,6 +11,7 @@ directive @configure on FIELD_DEFINITION directive @configfile on FIELD_DEFINITION directive @show on FIELD_DEFINITION directive @showconfig on FIELD_DEFINITION +directive @image on FIELD_DEFINITION type Mutation { CreateDhcpServer(data: DhcpServerConfigInput) : CreateDhcpServerResult @configure @@ -22,4 +23,6 @@ type Mutation { LoadConfigFile(data: LoadConfigFileInput) : LoadConfigFileResult @configfile Show(data: ShowInput) : ShowResult @show ShowConfig(data: ShowConfigInput) : ShowConfigResult @showconfig + AddSystemImage(data: AddSystemImageInput) : AddSystemImageResult @image + DeleteSystemImage(data: DeleteSystemImageInput) : DeleteSystemImageResult @image } diff --git a/src/services/api/graphql/recipes/session.py b/src/services/api/graphql/recipes/session.py index f8c072b39..5ece78ee6 100644 --- a/src/services/api/graphql/recipes/session.py +++ b/src/services/api/graphql/recipes/session.py @@ -7,7 +7,12 @@ from vyos.config import Config from vyos.configtree import ConfigTree from vyos.template import render -class Session(object): +class Session: + """ + Wrapper for calling configsession functions based on GraphQL requests. + Non-nullable fields in the respective schema allow avoiding a key check + in 'data'. + """ def __init__(self, session, data): self._session = session self._data = data @@ -94,3 +99,25 @@ class Session(object): raise error return out + + def add(self): + session = self._session + data = self._data + + try: + res = session.install_image(data['location']) + except Exception as error: + raise error + + return res + + def delete(self): + session = self._session + data = self._data + + try: + res = session.remove_image(data['name']) + except Exception as error: + raise error + + return res -- cgit v1.2.3 From 482ef0644539ea69de07980cd7b599d2e48ed1c1 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Mon, 29 Nov 2021 20:00:15 +0100 Subject: rpki: T3753: add missing "exit" marker after FRR upstream fix --- src/conf_mode/protocols_rpki.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/conf_mode/protocols_rpki.py b/src/conf_mode/protocols_rpki.py index 4bd4e8650..51ad0d315 100755 --- a/src/conf_mode/protocols_rpki.py +++ b/src/conf_mode/protocols_rpki.py @@ -90,7 +90,7 @@ def apply(rpki): # Save original configuration prior to starting any commit actions frr_cfg = frr.FRRConfig() frr_cfg.load_configuration(bgp_daemon) - frr_cfg.modify_section('^rpki') + frr_cfg.modify_section('^rpki', stop_pattern='^exit', remove_stop_mark=True) if 'new_frr_config' in rpki: frr_cfg.add_before(frr.default_add_before, rpki['new_frr_config']) -- cgit v1.2.3