matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update AclInterface and Management Interfaces parsing for multi-asic case (#14952)

Browse Source 
* AclInterface and Management Interfaces are parsed on finding first valid node for it.
Above logic works for multi-asic scenarios where ACL Interface and Management Interfaces are present in DPG order {Host, Asicx, Asicy} but not when DPG is in {Asicx, Asicy, Host} order.
This commit is contained in:
abdosi 2023-06-02 16:04:14 -07:00 committed by GitHub
parent 5680c544b6
commit 3a098cfdea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 101 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/sonic-config-engine/minigraph.py
View File

@ -453,8 +453,8 @@ def parse_loopback_intf(child):
def parse_dpg(dpg, hname): def parse_dpg(dpg, hname):
aclintfs = None aclintfs = {}
mgmtintfs = None mgmtintfs = {}
subintfs = None subintfs = None
intfs= {} intfs= {}
lo_intfs= {} lo_intfs= {}
@ -480,15 +480,15 @@ def parse_dpg(dpg, hname):
There is just one aclintf node in the minigraph There is just one aclintf node in the minigraph
Get the aclintfs node first. Get the aclintfs node first.
""" """
if aclintfs is None and child.find(str(QName(ns, "AclInterfaces"))) is not None: if not aclintfs and child.find(str(QName(ns, "AclInterfaces"))) is not None and child.find(str(QName(ns, "AclInterfaces"))).findall(str(QName(ns, "AclInterface"))):
aclintfs = child.find(str(QName(ns, "AclInterfaces"))) aclintfs = child.find(str(QName(ns, "AclInterfaces"))).findall(str(QName(ns, "AclInterface")))
""" """
In Multi-NPU platforms the mgmt intfs are defined only for the host not for individual asic In Multi-NPU platforms the mgmt intfs are defined only for the host not for individual asic
There is just one mgmtintf node in the minigraph There is just one mgmtintf node in the minigraph
Get the mgmtintfs node first. We need mgmt intf to get mgmt ip in per asic dockers. Get the mgmtintfs node first. We need mgmt intf to get mgmt ip in per asic dockers.
""" """
if mgmtintfs is None and child.find(str(QName(ns, "ManagementIPInterfaces"))) is not None: if not mgmtintfs and child.find(str(QName(ns, "ManagementIPInterfaces"))) is not None and child.find(str(QName(ns, "ManagementIPInterfaces"))).findall(str(QName(ns1, "ManagementIPInterface"))):
mgmtintfs = child.find(str(QName(ns, "ManagementIPInterfaces"))) mgmtintfs = child.find(str(QName(ns, "ManagementIPInterfaces"))).findall(str(QName(ns1, "ManagementIPInterface")))
hostname = child.find(str(QName(ns, "Hostname"))) hostname = child.find(str(QName(ns, "Hostname")))
if hostname.text.lower() != hname.lower(): if hostname.text.lower() != hname.lower():
continue continue
@ -531,7 +531,7 @@ def parse_dpg(dpg, hname):
mvrf["vrf_global"] = {"mgmtVrfEnabled": mvrf_en_flag} mvrf["vrf_global"] = {"mgmtVrfEnabled": mvrf_en_flag}
mgmt_intf = {} mgmt_intf = {}
for mgmtintf in mgmtintfs.findall(str(QName(ns1, "ManagementIPInterface"))): for mgmtintf in mgmtintfs:
intfname = mgmtintf.find(str(QName(ns, "AttachTo"))).text intfname = mgmtintf.find(str(QName(ns, "AttachTo"))).text
ipprefix = mgmtintf.find(str(QName(ns1, "PrefixStr"))).text ipprefix = mgmtintf.find(str(QName(ns1, "PrefixStr"))).text
mgmtipn = ipaddress.ip_network(UNICODE_TYPE(ipprefix), False) mgmtipn = ipaddress.ip_network(UNICODE_TYPE(ipprefix), False)
@ -685,7 +685,7 @@ def parse_dpg(dpg, hname):
vlans[sonic_vlan_name] = vlan_attributes vlans[sonic_vlan_name] = vlan_attributes
vlan_member_list[sonic_vlan_name] = vmbr_list vlan_member_list[sonic_vlan_name] = vmbr_list
for aclintf in aclintfs.findall(str(QName(ns, "AclInterface"))): for aclintf in aclintfs:
if aclintf.find(str(QName(ns, "InAcl"))) is not None: if aclintf.find(str(QName(ns, "InAcl"))) is not None:
aclname = aclintf.find(str(QName(ns, "InAcl"))).text.upper().replace(" ", "_").replace("-", "_") aclname = aclintf.find(str(QName(ns, "InAcl"))).text.upper().replace(" ", "_").replace("-", "_")
stage = "ingress" stage = "ingress"

128
src/sonic-config-engine/tests/sample-chassis-packet-lc-graph.xml
View File

@ -79,59 +79,6 @@
</Routers> </Routers>
</CpgDec> </CpgDec>
<DpgDec> <DpgDec>
<DeviceDataPlaneInfo>
<IPSecTunnels/>
<LoopbackIPInterfaces xmlns:a="http://schemas.datacontract.org/2004/07/Microsoft.Search.Autopilot.Evolution">
<a:LoopbackIPInterface>
<Name>HostIP</Name>
<AttachTo>Loopback0</AttachTo>
<a:Prefix xmlns:b="Microsoft.Search.Autopilot.Evolution">
<b:IPPrefix>10.0.1.6/32</b:IPPrefix>
</a:Prefix>
<a:PrefixStr>10.0.1.6/32</a:PrefixStr>
</a:LoopbackIPInterface>
</LoopbackIPInterfaces>
<ManagementIPInterfaces xmlns:a="http://schemas.datacontract.org/2004/07/Microsoft.Search.Autopilot.Evolution">
<a:ManagementIPInterface>
<Name>HostIP</Name>
<AttachTo>eth0</AttachTo>
<a:Prefix xmlns:b="Microsoft.Search.Autopilot.Evolution">
<b:IPPrefix>10.3.147.97/23</b:IPPrefix>
</a:Prefix>
<a:PrefixStr>10.3.147.97/23</a:PrefixStr>
</a:ManagementIPInterface>
</ManagementIPInterfaces>
<ManagementVIPInterfaces xmlns:a="http://schemas.datacontract.org/2004/07/Microsoft.Search.Autopilot.Evolution"/>
<MplsInterfaces/>
<MplsTeInterfaces/>
<RsvpInterfaces/>
<Hostname>str2-8808-lc2-1</Hostname>
<PortChannelInterfaces>
</PortChannelInterfaces>
<IPInterfaces>
<IPInterface>
<Name i:nil="true"/>
<AttachTo>Eth1/1/47</AttachTo>
<Prefix>27.1.1.1/24</Prefix>
</IPInterface>
</IPInterfaces>
<VlanInterfaces>
</VlanInterfaces>
<IPNextHops>
<IPNextHop>
<ElementType>IPNextHop</ElementType>
<Name i:nil="true"/>
<Address>8.0.0.1</Address>
<AttachTo>PortChannel40,192.168.1.2;PortChannel50,192.168.2.2</AttachTo>
<Type>StaticRoute</Type>
</IPNextHop>
</IPNextHops>
<DataAcls/>
<AclInterfaces>
</AclInterfaces>
<DownstreamSummaries/>
<DownstreamSummarySet xmlns:a="http://schemas.datacontract.org/2004/07/Microsoft.Search.Autopilot.Evolution"/>
</DeviceDataPlaneInfo>
<DeviceDataPlaneInfo> <DeviceDataPlaneInfo>
<IPSecTunnels/> <IPSecTunnels/>
<LoopbackIPInterfaces xmlns:a="http://schemas.datacontract.org/2004/07/Microsoft.Search.Autopilot.Evolution"> <LoopbackIPInterfaces xmlns:a="http://schemas.datacontract.org/2004/07/Microsoft.Search.Autopilot.Evolution">
@ -216,6 +163,81 @@
<Type>StaticRoute</Type> <Type>StaticRoute</Type>
</IPNextHop> </IPNextHop>
</IPNextHops> </IPNextHops>
<AclInterfaces>
<AclInterface>
<InAcl>SNMP_ACL</InAcl>
<AttachTo>SNMP</AttachTo>
<Type>SNMP</Type>
</AclInterface>
<AclInterface>
<AttachTo>VTY_LINE</AttachTo>
<InAcl>ssh-only</InAcl>
<Type>SSH</Type>
</AclInterface>
</AclInterfaces>
</DeviceDataPlaneInfo>
<DeviceDataPlaneInfo>
<IPSecTunnels/>
<LoopbackIPInterfaces xmlns:a="http://schemas.datacontract.org/2004/07/Microsoft.Search.Autopilot.Evolution">
<a:LoopbackIPInterface>
<Name>HostIP</Name>
<AttachTo>Loopback0</AttachTo>
<a:Prefix xmlns:b="Microsoft.Search.Autopilot.Evolution">
<b:IPPrefix>10.0.1.6/32</b:IPPrefix>
</a:Prefix>
<a:PrefixStr>10.0.1.6/32</a:PrefixStr>
</a:LoopbackIPInterface>
</LoopbackIPInterfaces>
<ManagementIPInterfaces xmlns:a="http://schemas.datacontract.org/2004/07/Microsoft.Search.Autopilot.Evolution">
<a:ManagementIPInterface>
<Name>HostIP</Name>
<AttachTo>eth0</AttachTo>
<a:Prefix xmlns:b="Microsoft.Search.Autopilot.Evolution">
<b:IPPrefix>10.3.147.97/23</b:IPPrefix>
</a:Prefix>
<a:PrefixStr>10.3.147.97/23</a:PrefixStr>
</a:ManagementIPInterface>
</ManagementIPInterfaces>
<ManagementVIPInterfaces xmlns:a="http://schemas.datacontract.org/2004/07/Microsoft.Search.Autopilot.Evolution"/>
<MplsInterfaces/>
<MplsTeInterfaces/>
<RsvpInterfaces/>
<Hostname>str2-8808-lc2-1</Hostname>
<PortChannelInterfaces>
</PortChannelInterfaces>
<IPInterfaces>
<IPInterface>
<Name i:nil="true"/>
<AttachTo>Eth1/1/47</AttachTo>
<Prefix>27.1.1.1/24</Prefix>
</IPInterface>
</IPInterfaces>
<VlanInterfaces>
</VlanInterfaces>
<IPNextHops>
<IPNextHop>
<ElementType>IPNextHop</ElementType>
<Name i:nil="true"/>
<Address>8.0.0.1</Address>
<AttachTo>PortChannel40,192.168.1.2;PortChannel50,192.168.2.2</AttachTo>
<Type>StaticRoute</Type>
</IPNextHop>
</IPNextHops>
<DataAcls/>
<AclInterfaces>
<AclInterface>
<InAcl>SNMP_ACL</InAcl>
<AttachTo>SNMP</AttachTo>
<Type>SNMP</Type>
</AclInterface>
<AclInterface>
<AttachTo>VTY_LINE</AttachTo>
<InAcl>ssh-only</InAcl>
<Type>SSH</Type>
</AclInterface>
</AclInterfaces>
<DownstreamSummaries/>
<DownstreamSummarySet xmlns:a="http://schemas.datacontract.org/2004/07/Microsoft.Search.Autopilot.Evolution"/>
</DeviceDataPlaneInfo> </DeviceDataPlaneInfo>
</DpgDec> </DpgDec>
<LinkMetadataDeclaration> <LinkMetadataDeclaration>

15
src/sonic-config-engine/tests/test_cfggen.py
View File

@ -983,6 +983,21 @@ class TestCfgGen(TestCase):
) )
) )
def test_minigraph_packet_chassis_acl(self):
argument = ['-m', self.packet_chassis_graph, '-p', self.packet_chassis_port_ini, '-v', "ACL_TABLE"]
output = self.run_script(argument)
self.assertEqual(
utils.to_dict(output.strip()),
utils.to_dict("{'SNMP_ACL': {'policy_desc': 'SNMP_ACL', 'type': 'CTRLPLANE', 'stage': 'ingress', 'services': ['SNMP']}, 'SSH_ONLY': {'policy_desc': 'SSH_ONLY', 'type': 'CTRLPLANE', 'stage': 'ingress', 'services': ['SSH']}}")
)
argument = ['-m', self.packet_chassis_graph, '-p', self.packet_chassis_port_ini, '-n', "asic1", '-v', "ACL_TABLE"]
output = self.run_script(argument)
self.assertEqual(
utils.to_dict(output.strip()),
utils.to_dict("{'SNMP_ACL': {'policy_desc': 'SNMP_ACL', 'type': 'CTRLPLANE', 'stage': 'ingress', 'services': ['SNMP']}, 'SSH_ONLY': {'policy_desc': 'SSH_ONLY', 'type': 'CTRLPLANE', 'stage': 'ingress', 'services': ['SSH']}}")
)
def test_minigraph_bgp_packet_chassis_peer(self): def test_minigraph_bgp_packet_chassis_peer(self):
argument = ['-m', self.packet_chassis_graph, '-p', self.packet_chassis_port_ini, '-n', "asic1", '-v', "BGP_INTERNAL_NEIGHBOR[\'8.0.0.1\']"] argument = ['-m', self.packet_chassis_graph, '-p', self.packet_chassis_port_ini, '-n', "asic1", '-v', "BGP_INTERNAL_NEIGHBOR[\'8.0.0.1\']"]
output = self.run_script(argument) output = self.run_script(argument)