Ticket: CM-7360
Reviewed By: CCR-4721
Testing Done: smoke / testifreload / Tested on amd64 platform (by Sam)
For now, we use a mirror copy of nlmanager sources to make sure we don't
depend on it as an external package
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-11080
Reviewed By: roopa, dsa, dave olson, daniel, julien
Testing Done: yes, with mgmt VRF configured
This patch parses '/usr/bin/pstree -Aps <pid>' output to find
the pid of current ssh session, and send 'sudo ifreload -a'
to background before killing itself.
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
Ticket: CM-8623
Reviewed By: Roopa Prabhu, Julien Fortin
Testing Done: yes, using the below mentioned config.
This patch fixes 'ifquery -c' error, bridge pvid error, which is an
unrelated error for the following valid config.
This patch also removes 'bridge-pvid', if configured, from 'bridge-vids' set.
In the below example, 510 is removed from the set bridge-vids 510-550.
The new bridge-vids set is 511-550.
auto swp1
iface swp1 inet6 dhcp
address 14.0.0.5/30
down ip addr flush dev swp1
auto Bridge1
iface Bridge1
address 0.0.0.0/0
down ip addr flush dev Bridge1
bridge-vlan-aware yes
bridge-ports swp1
bridge-pvid 510
bridge-vids 510-550
bridge-stp on
mstpctl-portnetwork swp1=yes
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
Ticket: CM-8561
Reviewed By: kanna, julien
Testing Done: Tested on amd64 switch
ifreload always deletes and adds back a host IP address
if that address is specified without a "/" and without a "netmask" config.
The problem is fixed so that _inet_address_convert_to_cidr() handles a missing
"/" and a missing "netmask" config. The host addresses is no longer added to a
list of addresses we will del/add. The patch was simply to add a case for the
missing "/" and a missing "netmask".
Ticket: None
Reviewed By: Roopa
Testing Done: smoke/testifupdown2.py:TestMakoJson
ifupdown2.TestMakoJson test was failing because the json values werent trimmed
Because of a trailing whitespace, a list of iface had an empty value, ifupdown2
was throwing an exception.
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: None
Reviewed By: CCR-4692
Testing Done: smoke + scale tests
If called with close_fds=True the subprocess module will try to close every fd
from 3 to MAXFD before executing the specified command. This is done in Python
not even with a C-implementation which truly affecting performances.
This patch aims to better handle the file descriptor used by ifupdown2. Either
by closing them after use or by setting the close-on-exec flag for the file
descriptor, which causes the file descriptor to be automatically
(and atomically) closed when any of the exec-family functions succeed.
With the actual patch all tests are passing, I can't think of any future issue
but if any a possible future modification might be to use the parameter
'preexec_fn', which allows us to set function which will be executed in the
child process before executing the command line. We can always manually close
any remaining open file descriptors with something like:
>>> os.listdir('/proc/self/fd/')
['0', '1', '2', ‘3’, etc..]
>>> for fd in os.listdir('/proc/self/fd/')
>>> if int(fd) > 2:
>>> os.close(fd)
This patch is also totally re-organising the use of subprocesses. By removing
all subprocess code redundancy.
Ticket: CM-7678
Reviewed By: Roopa Prabhu
Testing Done: yes, with vlan aware/unaware bridge on dell-s3000-02
This patch enables bpdu filter and bpdu guard enabled for vxland device under
the bridge if these two attributes are unconfigured
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
brought up
Ticket: CM-11016
Reviewed By: julien, nikhil
Testing Done: tested with config in the CM bug
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
brought up
Ticket: CM-10954, CM-10953
Reviewed By: julien
Testing Done: ran ifupdown2 smoke and vrf ifup/ifdown testing
- vrf master if not around is brought up when the first slave is brought up
by design (because we want the slaves to be
enslaved to a vrf master before addresses are configured).
and master is not brought up by first because interfaces
are brought up down to top in the dependency tree.
- This patch makes sure a slave brings up a vrf master only
when all interfaces are specified. When an individual interface
is brought up, skip master bring up and throw an error.
- Since the addon modules also need to use the ALL and WITH_DEPENDS
flags, this patch moves them to the existing global ifupdownflags
class
- vrf module uses the ifupdownflags.ALL flag to not bring up the master
when only the slave is being brought up
example:
ifup <vrf> # brings up the vrf device
ifup <vrf> --with-depends # brings up the vrf dev and
# its slaves
ifup <vrf_slave> # if vrf master is not around,
# an error is thrown
ifup <vrf_slave> --with-depends # will still not bring up the vrf master
ifdown <vrf> # deletes vrf dev and flushes the
# addresses on vrf slaves
ifup <vrf> # brings up vrf dev and does not
# up the adresses on the slaves
ifup <vrf> --with-depends # will bring up vrf and reapply config
# on slaves (including addresses)
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-10857
Reviewed By: julien, nikhil
Testing Done: Tested moving from a dhcp to static addr method for eth0
before the patch:
- when moving from dhcp to static address method, after releasing the dhcp
address, it takes a few seconds for the dhcp address to go away. When we
query addresses to configure, there is a chance that we may end up
getting the dhcp address for a few seconds. Which is ok until when the
static address to be configured is same as the dhcp address.
In which case we end up not configuring the static address because we
think it is already configured (per the running list).
After this patch:
- when moving from dhcp to static address method, we always re-apply the
address config avoiding the chance of not configuring an address due to a
dhcp address sticking around.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-10857
Reviewed By: julien, nikhil
Testing Done: Tested moving from a static to dhcp addr method for eth0
the check to see if dhclient is running on an interface was failing.
which caused the following problem:
- interface when moved from dhcp to static addr_method was
not killing the existing dhcp process
- and a subsequent move from static to dhcp addr_method quit starting
dhcp because a dhclient process was already running
- but the original dhcp ip was already removed because of the
static address config which leaves eth0 in a weird state
After this patch:
- move from dhcp to static addr_method will release any
existing dhcp leases on an interface
- a subsequent move from static to dhcp will request a new
dhcp lease
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket:
Reviewed By:
Testing Done: ran l2 smoke
usage of mstpctl-ports will now give you a warning:
warning: attribute mstpctl-ports is deprecated. use bridge-ports instead.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket:
Reviewed By: trivial
Testing Done: tested sanity and bridge bringup and reload
bridge module already disables ipv6 on ports when bridge-ports is
specified. Making this change because i saw redundant calls to
disable_ipv6 on bridge ports by modules bridge and mstpctl
when bridge-ports is specified. It is slowing down ifreload
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-8095
Reviewed By: julien, nikhil
Testing Done: Tested ifupdown2 sanity and unclean removal of interfaces from the
interfaces file
example: for the below interfaces file,
{noformat}
auto bond2
iface bond2 inet static
address 100.0.0.2/16
bond-slaves swp3 swp4
auto bridge
iface bridge
bridge-vlan-aware yes
bridge-ports swp1 swp2 bond2
bridge-vids 12 505
bridge-stp on
auto swp1
iface swp1
mtu 9000
{noformat}
when iface sections for bond2 and swp1 are removed from the interfaces file
but left as dependents of bridge, on an ifreload:
prior to this patch:
===================
- ifreload would throw a warning for both bond2 and swp1
warning: bond2: misconfig ? removed but still exists as a dependency of
['bridge']
warning: swp1: misconfig ? removed but still exists as a dependency of
['bridge']
after the patch:
================
- ifreload will now correctly throw a warning only for bond2
warning: bond2: misconfig ? removed but still exists as a dependency of
['bridge']
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
not bond slaves
Ticket: CM-9449
Reviewed By: julien
Testing Done: Tested resetting mtu on physical interfaces to default
default mtu is already present in address.json policy file. This patch
continues to take a cautious and conservative approach to
reset mtu of only physical interfaces if different from default mtu
and mtu is not given by the user. bond slaves get their mtu from
the bond when bond has a configured mtu. so this patch only
resets mtu on physical interfaces which are not bond slaves.
{noformat}
$cat /var/lib/ifupdown2/policy.d/address.json
{
"address": {
"defaults": { "mtu": "1500" }
}
}
{noformat}
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-10751
Reviewed By: Roopa, Nikhil
Testing Done: tested the script with and without porttab file
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Ticket: CM-8736
Reviewed By: Roopa
Testing Done: Smoke tests + the ones from the ticket
By default ifupdown2 will adjust logical devices MTU
based on the physical interface they are running on top of.
set this flag to 0 to disable this behaviour
adjust_logical_dev_mtu=1
Ticket: CM-10569
Reviewed By: julien, nikhil
Testing Done: Tested ifquery -c as non root user
unlike ifup/ifdown/ifreload, ifquery can be called by a
non-root user. so make sure we dont write the root owned
vrf map file during ifquery
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket:
Reviewed By: dsa, nikhil, julien
Testing Done: Tested with system reserved table names
example: err msg:
$ifquery default
auto default
iface default
vrf-table auto
error: default: cannot use system reserved ['253', '0', '254',
'255'] table names
This patch makes all tables in /etc/iproute2/rt_tables reserved
$cat /etc/iproute2/rt_tables
255 local
254 main
253 default
0 unspec
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Ticket: CM-7840
Reviewed By: Roopa Prabhu
Testing Done: yes, with different configurations for physical & logical devices
This patch adds 'ifquery --with-defaults' to print the policy default
values for unconfigured attributes.
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
Ticket: CM-10281
Reviewed By: Roopa Prabhu
Testing Done: Tested with the configuration mentioned in the bug id
Due to bug CM-10188, defualt route via gateway is not installed in time.
It needs 2 sec delay, and fix to CM-10188 shall rectify this issue.
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
