1
0
mirror of https://github.com/CumulusNetworks/ifupdown2.git synced 2024-05-06 15:54:50 +00:00
Commit Graph

62 Commits

Author SHA1 Message Date
Julien Fortin
7b2c74c496 Merge branch 'dev' into release/cl-stable 2016-05-04 20:20:49 +02:00
Roopa Prabhu
eb3ce8c871 addons: vrf: do not write vrf map to disk during query operation
Ticket: CM-10569
Reviewed By: julien, nikhil
Testing Done: Tested ifquery -c as non root user

unlike ifup/ifdown/ifreload, ifquery can be called by a
non-root user. so make sure we dont write the root owned
vrf map file during ifquery

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-04-28 15:49:46 -07:00
Roopa Prabhu
f6466fcb90 addons: vrf: add a check and error for reserved system table names
Ticket:
Reviewed By: dsa, nikhil, julien
Testing Done: Tested with system reserved table names

example: err msg:
$ifquery default
auto default
iface default
	vrf-table auto

error: default: cannot use system reserved ['253', '0', '254',
'255'] table names

This patch makes all tables in  /etc/iproute2/rt_tables reserved

$cat /etc/iproute2/rt_tables
255	local
254	main
253	default
0	unspec

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-04-27 20:07:21 -07:00
Nikhil
baa909c6d0 addons: adding '--with-defaults' option for base ifquery
Ticket: CM-7840
Reviewed By: Roopa Prabhu
Testing Done: yes, with different configurations for physical & logical devices

This patch adds 'ifquery --with-defaults' to print the policy default
values for unconfigured attributes.

Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
2016-04-26 15:04:17 -07:00
Roopa Prabhu
c8a3b44e94 addons: vrf: fix check for max vrf dev count
Ticket: CM-10465
Reviewed By: julien, nikhil
Testing Done: Tested creating more than 64 vrf devices

example config:
{noformat}
%for v in range(1, 66):
auto vrf${v}
iface vrf${v}
        vrf-table auto
%endfor
{noformat}

also, since vrf module already does a link up on vrf dev, remove
link up of vrf dev from ifupdownmain scheduler callback
2016-04-23 23:21:50 -07:00
Roopa Prabhu
c4e05f9f8c addons: vrf: fix vrf-helper args at boot
Ticket:
Reviewed By: dsa
Testing Done: tested boot with vrf devs and checking vrf-helper args

Call it with the 'boot' arg at boot:
/usr/lib/vrf/vrf-helper create blue 1002 boot

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-04-23 09:12:36 -07:00
Nikhil
6e16e5ae90 addons,ifupdown,sbin: adding ifquery --with-defaults option
Ticket: CM-7840
Reviewed By: Roopa Prabhu
Testing Done: yes, by installing ifupdown .deb file onto dell-s3000-02

This patch adds a new argument '--with-defaults' to 'ifquery'
when 'ifquery --with-defaults' is executed, running states of all interface
attributes are compared against respective configured attributes from
/etc/network/interfaces file, if configured. Otherwise, compared against
default attributes from policy file

This patch also: (1) fixes ifquery check failure for bridge-* stp attributes.
(2) removes vrf-default-route and vrf-cgroup attributes from ifupdown2 policy
and just have the vrf-helper attribute

Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
2016-04-22 12:01:51 -07:00
Roopa Prabhu
669b422add addons: vrf: fix check in vrf map initialization when no running vrfs present
Ticket: CM-10178
Review: trivial
Testing: tested with failing testcase in the CM

This patch fixes a check in vrf map initialization code which did
not account for running vrfs correctly. This caused the case where
there were no running vrfs but stale map file to fail.

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>

addons,ifupdown,sbin: adding ifquery --with-defaults option

Ticket: CM-7840
Reviewed By: Roopa Prabhu
Testing Done: yes, by installing ifupdown .deb file onto dell-s3000-02

This patch adds a new argument '--with-defaults' to 'ifquery'
when 'ifquery --with-defaults' is executed, running states of all interface
attributes are compared against respective configured attributes from
/etc/network/interfaces file, if configured. Otherwise, compared against
default attributes from policy file

Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
2016-04-22 11:44:04 -07:00
Roopa Prabhu
fdf548b091 addons: vrf: remove vrf service code. vrf-helper already handles
services

Ticket: CM-10533
Reviewed By: dsa
Testing Done: Tested sanity

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-04-21 13:18:19 -07:00
Roopa Prabhu
4934af352a addons: vrf: fix check in vrf map initialization when no running vrfs present
Ticket: CM-10178
Review: trivial
Testing: tested with failing testcase in the CM

This patch fixes a check in vrf map initialization code which did
not account for running vrfs correctly. This caused the case where
there were no running vrfs but stale map file to fail.

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-04-19 15:32:32 -07:00
Roopa Prabhu
28f9a0779d Merge branch 'dev' into release/cl-stable 2016-04-19 15:02:53 -07:00
Roopa Prabhu
6369e77414 addons: vrf: move to vrf-helper for cgroup and default routes
Ticket: CM-10288
Reviewed By: dsa
Testing Done: Tested vrf and mgmt vrf sanity
2016-04-17 23:53:07 -07:00
Roopa Prabhu
25e2386e43 addons: vrf: fix reuse of table id and misc fixes
Ticket: CM-10329 and others
Reviewed By: julien, nikhil
Testing Done: Tested vrf sanity and negative cases

- This patch also fixes duplicate rule additions (every reload
was causing ip rules to be added)
- This patch also adds support for vrf_helper which is commented
out due to some problems.

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-04-16 20:12:56 -07:00
Roopa Prabhu
fc5e1735c0 ifupdown: add new ifupdownflags class to carry ifupdown flags
Ticket: cleanup
Reviewed By:
Testing Done: Tested ifupdown sanity

This gets rid of some ugly previous flag handling which was
passed through modules. This creates a global instance of
flags that all addon modules and helper modules can use.

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-04-14 22:30:53 -07:00
Roopa Prabhu
39ee399b45 addons: vrf: change vrf default route metric to 8192
Ticket: CM-10386
Reviewed By: dsa, vivek
Testing Done: sanity test
2016-04-13 11:35:31 -07:00
Roopa Prabhu
717cee3187 addons: dhcp: add vrf awareness
Ticket: CM-10292, CM-10282
Reviewed By: dsa, nikhil, julien
Testing Done: Tested dhcp config on an vrf slave

- Add support for policy module_globals variable
  "vrf-exec-cmd-prefix". It is read into per module
  self.vrf_exec_cmd_prefix variable

- If self.vrf_exec_cmd_prefix is present and interface is a
  vrf slave, use ifupdown2 will call such command in vrf
  context using:
    "%s %s %s" %(<vrf-exec-cmd-prefix>, <vrfname>, <cmd>)

- This also fixes calling of dhcp refresh when a dhcp slave is
  removed from a vrf

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-04-12 23:13:41 -07:00
Roopa Prabhu
9057588f8f ifupdownmain: check upperfaceobj role before printing the warning
Ticket: found during other testing
Reviewed By: trivial
Testing Done: Tested ifreload with dependency errors and dependencies
with upperiface being a master and also vlan device

This patch avoids false positives when set role is called twice
for an interface which is a vrf slave but also has a vlan device on
top of it.
2016-04-04 21:38:26 -07:00
Nikhil
675ae21a0e addons: vrf: ifquery fixes for vrf
Ticket: CM-10175
Reviewed By: Roopa Prabhu
Testing Done: yes, by installing ifupdown .deb onto dell-s3000-02

This patch fixes inappropriate ifquery fails.
This patch also include a review comment update for addressvirtual.py
[CCR-4310], ticket: [CM-8658]
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
2016-04-04 21:38:17 -07:00
Roopa Prabhu
e8b2d48677 addons: vrf: redo iproute2 vrf interface map handling
Ticket: CM-10188, CM-10061
Reviewed By: dsa, nikhil, julien
Testing Done: Tested static routes with vrf names for tables

This patch does the following:
- if a single vrf device is present in the config,
builds the vrf map by reading vrf interfaces from the kernel (with
existing link cache. Builds a shadow vrf only attribute cache)
- reads existing table map and adjusts it if required
- main change is the iproute2 map file on disk is updated
immediately on vrf creation, so that static routes used along with the
vrf slaves can use the vrf name for the table. This also helps dhclient dns
hook script which may use mgmt table name directly.
- cleans up default routes on down

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-04-04 21:37:53 -07:00
Roopa Prabhu
f7551dcbe7 ifupdownmain: check upperfaceobj role before printing the warning
Ticket: found during other testing
Reviewed By: trivial
Testing Done: Tested ifreload with dependency errors and dependencies
with upperiface being a master and also vlan device

This patch avoids false positives when set role is called twice
for an interface which is a vrf slave but also has a vlan device on
top of it.
2016-04-04 13:51:21 -07:00
Nikhil
586535e8db addons: vrf: ifquery fixes for vrf
Ticket: CM-10175
Reviewed By: Roopa Prabhu
Testing Done: yes, by installing ifupdown .deb onto dell-s3000-02

This patch fixes inappropriate ifquery fails.
This patch also include a review comment update for addressvirtual.py
[CCR-4310], ticket: [CM-8658]
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
2016-04-04 02:20:44 -07:00
Nikhil
c523bc944d Revert "addons: vrf: ifquery fixes for vrf"
This reverts commit 934c4c49c0.

    Ticket: CM-10175
    Reviewed By: Roopa Prabhu
    Testing Done: yes, by installing ifupdown .deb file onto dell-s3000-02

default addr fix for vrf check is deleting lo addrs accidentally
info: rtnetlink: setting link lo up
info: executing ip addr del ::1/128 dev lo
info: executing ip addr del 127.0.0.1/8 dev lo
info: eth0: running ops ...

Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
2016-04-01 21:49:00 -07:00
Nikhil
050838834b Revert "addons: vrf: ifquery fixes for vrf"
This reverts commit 934c4c49c0.

    Ticket: CM-10175
    Reviewed By: Roopa Prabhu
    Testing Done: yes, by installing ifupdown .deb file onto dell-s3000-02

default addr fix for vrf check is deleting lo addrs accidentally
info: rtnetlink: setting link lo up
info: executing ip addr del ::1/128 dev lo
info: executing ip addr del 127.0.0.1/8 dev lo
info: eth0: running ops ...

Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
2016-04-01 21:33:16 -07:00
Roopa Prabhu
05ac52f075 addons: vrf: redo iproute2 vrf interface map handling
Ticket: CM-10188, CM-10061
Reviewed By: dsa, nikhil, julien
Testing Done: Tested static routes with vrf names for tables

This patch does the following:
- if a single vrf device is present in the config,
builds the vrf map by reading vrf interfaces from the kernel (with
existing link cache. Builds a shadow vrf only attribute cache)
- reads existing table map and adjusts it if required
- main change is the iproute2 map file on disk is updated
immediately on vrf creation, so that static routes used along with the
vrf slaves can use the vrf name for the table. This also helps dhclient dns
hook script which may use mgmt table name directly.
- cleans up default routes on down

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-03-31 21:56:39 -07:00
Roopa Prabhu
0ba04b3803 addons: vrf: more fixes and cleanups for mgmt and data vrf handling
Ticket: CM-10188, CM-9881
Reviewed By: nikhil, julien, dsa, daniel
Testing Done: Tested mgmt vrf bringup, teardown, static routes at boot
etc

This patch fixes a few things:
- kill existing ssh clients on enslavement change for mgmt vrf (original patch by NikhilG)
- bring vrf master up first during vrf slave enslavement if
master does not exist. This was originally done only for
vrf dhcp slaves. With this patch we do it for all vrf slaves.
needed for static routes on vrf slaves (CM-10188).
- cleanup: reorganize code and a few cleanups and corner case handling

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Nikhil Gajendrakumar <nikhil@cumulusnetworks.com>
2016-03-30 23:49:51 -07:00
Roopa Prabhu
858a230f91 ifupdownmain: redo shared dependent checks
Ticket: CM-10027
Reviewed By: julien, nikhil
Testing Done: Tested with an interfaces file with shared dependents

In the process of fixing this saw a few more issues with link kind
handing. Its better to separate kind from interface private flags
like bond slave and bridge port. this patch cleans up all that handling.

Example errors:
error: misconfig..? swp5.2 vrfslave  is enslaved to multiple interfaces
['vrf1012', 'br2']
error: misconfig..? swp5.2 bridgeport  is enslaved to multiple
interfaces ['vrf1012', 'br2']
2016-03-30 23:44:48 -07:00
Nikhil
934c4c49c0 addons: vrf: ifquery fixes for vrf
Ticket: CM-10175
Reviewed By: Roopa Prabhu
Testing Done: yes, by installing ifupdown .deb onto dell-s3000-02

This patch fixes inappropriate ifquery fails.
This patch also include a review comment update for addressvirtual.py
[CCR-4310], ticket: [CM-8658]
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
2016-03-30 19:13:58 -07:00
Roopa Prabhu
60fa92039e addons: vrf: temporarily disable kill_ssh
Ticket: CM-10094
Reviewed By:
Testing Done:

It is killing ifupdown2 and setsid is not working as expected
2016-03-25 08:25:44 -07:00
Nikhil
32f6e6ca40 addons: vrf: drop ssh connections over eth0 on enable or disable
Ticket: CM-9881
Reviewed By: Roopa Prabhu
Testing Done: yes

This patch is the second version of drop ssh sessions
changes:
    added try catch around os.setsid()

Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
2016-03-25 00:45:24 -07:00
Roopa Prabhu
aa36221f34 addons: vrf: more ordering fixes for management vrf and dhcp vrf slaves
fixes the following:
- if the vrf slave had a master but is no longer a slave
according to ifaceobj, look at running state and
undo vrf enslavement
- add support to cl-vrf service disable <vrf>

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-03-24 21:59:54 -07:00
Nikhil
5c5a7b93cd addons: vrf: drop ssh connections over eth0 on enable or disable
Ticket: CM-9881
Reviewed By: Roopa Prabhu
Testing Done: yes

***initial version ***
SSH clients will be closed to avoid the connection hang
when management VRF is enabled or disabled using a login through eth0
Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
2016-03-24 17:55:47 -07:00
Roopa Prabhu
f825610ec6 addons: vrf: down the slave after unslaving during down
Ticket: CM-10050
Reviewed By:
Testing Done: tested with bridge testcase described in the bug
2016-03-23 23:51:11 -07:00
Roopa Prabhu
f1c9248267 addons: vrf: delete rules before deleting the vrf interface on down
Ticket: CM-10057
Reviewed By: trivial
Testing Done: Tested ifdown of a vrf interface
2016-03-23 21:12:47 -07:00
Roopa Prabhu
fd8c6caf7f addons: vrf: enforce reserved table id range 1001-5000
Ticket:
Reviewed By:
Testing Done: Tested vrf-table id with valid and invalid table ids

currently the reserved table id range is set to 1001-5000
and it comes from a policy file /var/lib/ifupdown2/policy.d/vrf.json
2016-03-23 19:33:16 -07:00
Roopa Prabhu
c4be54818e addons: vrf: during down of a vrf device make sure to refresh dhcp slaves
Ticket: CM-10049
Reviewed By:
Testing Done: Tested disabling management vrf
2016-03-23 19:04:59 -07:00
Roopa Prabhu
097533507b addons: vrf: multiple fixes to vrf enslavement and auto handling
Ticket: CM-10005
Reviewed By:
Testing Done: Tested boot and ifreload after changes

- fix access to addr_method on an object which had no
address method defined. This was a recently introduced
regression that caused vrf enslavement to end per-matuarely.
- few fixes around vrf_table conversion between string
and integer
2016-03-23 00:08:34 -07:00
Roopa Prabhu
3f1811d949 addons: vrf: use full path to cgdelete
Ticket: CM-10018
Reviewed By: trivial
Testing Done: Tested ifdown of vrf device
2016-03-22 21:38:23 -07:00
Nikhil
c61672da44 addons: vrf: move ip -6 fib rule for local table
Ticket: CM-9968
Reviewed By: Roopa Prabhu
Testing Done: yes, by installing ifupdown .deb file onto dell-s3000-02

patch to move ip -6 fib rule for local table after vrf rules

Signed-off-by: Nikhil <nikhil@cumulusnetworks.com>
2016-03-21 12:39:18 -07:00
Nikhil
e607276995 addons: vrf: Avoid adding duplicate fib6 rule
Ticket: CM-9975
Reviewed By: Roopa Prabhu
Testing Done: yes, by installing deb file onto dell-s3000-02

Avoid adding duplicate ipv6 fib rule when one is missing for IPv4
2016-03-21 12:35:58 -07:00
Roopa Prabhu
4d2c979814 addons: vrf: fix a few vrf enslavement and table id allocation corner cases
Ticket: CM-9957
Reviewed By: dsa, julien, nikhil
Testing Done: Tested vrf enslave/deslave + ifreload

This patch fixes a few corner cases:
- release dhcp on all new enslavement or change of enslavement
- fix a NoneType error on ifreload when a vrf enslavement was removed
- handle a corner case with auto table ids

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-03-18 21:25:09 -07:00
Roopa Prabhu
d54baa2232 addons: vrf: fix cases where auto was getting written to iproute2 vrf map
Ticket:
Reviewed By: trivial
Testing Done:

This also changes a few errors to warn

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-03-18 11:22:22 -07:00
Roopa Prabhu
122ef35bf9 addons: vrf: release any dhcp leases before vrf slave enslavement
Ticket: CM-9929
Reviewed By:
Testing Done: Tested vrf dhcp slave enslavement on ifreload

algo:
- when a vrf slave enslavement changes, before performing the
  new master enslavement,
- check if vrf slave has dhcp configured
- if yes, release dhclient running on the vrf slave
2016-03-17 16:18:14 -07:00
Roopa Prabhu
05ca6f0140 addons: vrf: set metric 240 for vrf installed default unreachable routes
Ticket: CM-9934
Reviewed By: trivial
Testing Done: Tested vrf create and destroy
2016-03-17 12:34:56 -07:00
Roopa Prabhu
df53966d0d addons: vrf: handle auto table ids for dhcp slaves
Ticket: CM-9921
Reviewed By: trivial
Testing Done: Tested with table id auto for management vrf

I have recently added special handling for vrf slaves with dhcp.
And missed handling of vrf-table auto for such slaves.
This patch fixes auto when bringing up vrf masters for dhcp vrf
slaves

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-03-17 09:07:53 -07:00
Roopa Prabhu
8ad5c76784 addons: vrf: special handling for vrf slaves configured for dhcp
Ticket: CM-9868
Reviewed By: dsa, nikhil, julien
Testing Done: tested with vrf slaves with dhcp

Problem:
since vrf slaves are brought up before master, When vrf slaves are
configured for dhcp, the dhclient hook for vrf runs before the master is
up. This was seen with management vrf.
This solution is special logic to handle vrf slaves with
dhcp in the vrf addon module.

currently only supports interface declared with dhcp and
indicated as vrf slave. as in example below (dhcp and vrf must be in the
same iface stanza):

auto eth0
iface eth0 inet dhcp
        vrf mgmt

changes to vrf module:
- make vrf module methods accept the ifaceobj lookup function, which is
already passed as argument to all methods from ifupdown scheduler
- during vrf slave bringup,
        - if master does not exist and slave's address_method is dhcp
        - lookup master object, and bring up the vrf master
        - mark this master as processed so that the next time this vrf
          module sees master it knows that it is already processed
          (this is covered by the vrfPrivFlags)

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-03-14 23:01:05 -07:00
Roopa Prabhu
40103cf756 addons: vrf: use full path to cgcreate and cgset
This avoids 'No such file or directory' errors at bootup
when ifupdown2 is called from the init script

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2016-03-14 22:05:49 -07:00
Roopa Prabhu
4a95c92f55 addons: vrf: fix typo in reading vrf-max-count attribute name get at init
Ticket: CM-9105
Reviewed By: trivial
Testing Done: tested vrf bringup and default attributes at boot
2016-03-13 18:17:35 -07:00
Roopa Prabhu
83841a5136 addons: vrf: fix typo in vrf default attribute name get at init
Ticket: CM-9105
Reviewed By: trivial
Testing Done: tested vrf bringup and default attributes at boot

also change some policy manager errors to info
2016-03-13 18:04:23 -07:00
Roopa Prabhu
6f2890fcf4 vrf: finish support for vrf-table auto
Ticket: CM-9105
Reviewed By: dsa, nikhil, julien
Testing Done:

This commit contains:
- few logic fixes in vrf-table auto handling code
- adds a new policy manager api to read module global
attributes like the below:
 "module_globals": {"vrf_table-id-start" : 1001,
                    "vrf_table-id-end" : 5000,
                    "vrf-max-count" : 64 },
                    "vrf-cgroup-create" : "yes" },

- Accepts following new vrf attributes from policy files

{
    "vrf": {
        "module_globals": {"vrf_table-id-start" : 1001,
                           "vrf_table-id-end" : 5000,
                           "vrf-max-count" : 64 },
                           "vrf-cgroup-create" : "yes" },
        "defaults": { "vrf-default-route": "yes" }
    }
}
2016-03-11 18:44:25 -08:00
Nikhil
4ce47ce4ed vrf: Fix to remove FIB rules on VRF delete
Ticket: CM-9814
Reviewed By: Roopa Prabhu
Testing Done: Yes, by installing ifupdown .deb file onto cel-e1031-01
2016-03-10 15:40:23 -08:00