nokia_sros: Add pass-through management interface support #272
Conversation
| @@ -764,7 +764,7 @@ def get_version_specific_config(major_version: int): | |||
| """ | |||
|
|
|||
|
|
|||
| # to allow writing config to tftp location we needed to spin up a normal | |||
| # In mgmt host-forwarded mode, to allow writing config to tftp location we needed to spin up a normal | |||
There was a problem hiding this comment.
@michelredondo I wonder if we can get rid of the tftp server entirely...
I don't recall if we can provision the license without the file? Like in the config directly?
Would be nice to get away from the tftp thingy entirely...
There was a problem hiding this comment.
We can provision license and config with file like this:
primary-config=cf3:\config.cfg license-file=cf3:\license.txt
qemu dev=hda maps to cf3 in VSIM, which is also used to boot the VM, backed by the sros.qcow2 file.
We can’t modify qcow2 file once qemu has started, so we do it at the initial stage of launch.py, using guestmount (adding both libguestfs-tools and linux-image-generic to the dockerfile packages):
# copy license and config before qemu starts
vrnetlab.run_command(["mkdir", "-p", "/temp"])
vrnetlab.run_command(["guestmount", "-a", "/sros*.qcow2", "-m", "/dev/sda1:/", "/temp"])
vrnetlab.run_command(["cp", "/tftpboot/license.txt", "/temp"])
vrnetlab.run_command(["cp", "/tftpboot/config.txt", "/temp/config.cfg"])
vrnetlab.run_command(["guestunmount", "/temp"])
Now we have running VSIM with license and config file. The issue is that, any changes made to config are going to stay within the qcow file, so we have to find a way to update the config file in the host/container.
One option I see is to use inotifywait to check the sros-overlay.qcow2. When there is change, we assume the configuration has been changed and use virt-cat to copy file inside the qcow to the tftpboot folder:
while inotifywait -e modify sros-overlay.qcow2; do
virt-cat sros-overlay.qcow2 -m /dev/sda1:/ /config.cfg > /tftpboot/config.txt
done
Other alternatives to inotify:
- Copy file with virt-cat every few minutes.
- Copy file at the “stop” function of vrnetlab:
- A combination of both: config file snapshots every few minutes and also when the VM stops.
There was a problem hiding this comment.
this seems more complicated
I think it might be easier to add another cf disk for the config/license files, but I doubt if that is easier than having the tftp
https://github.com/hellt/vrnetlab/tree/master/sros#additional-cfs
There was a problem hiding this comment.
It might be easier, but we also need to populate the config/license inside the qcow file, using something like make-config.sh as junos does.
Also important to consider is that, with this cf1/cf2 method, we are no longer able to view the config file in "clear text" in the host. There is only a qcow file.
This PR provides pass-through mgmt support for SROS devices.
It's built on top of the work of @vista- in #268 and requires that PR. Thanks!!
In SROS devices we use a tftp server to read the license and also as the storage for the config file. For that to work the container holds a br-mgmt bridge with a new subnet (172.31.255.28/30) and the SROS management is always configured with the second IP of the range.
In this PR we use the same ideas as in #268, but we extend the tc filters so the SROS VM can still access the tftp server. In this new pass-through mode the tftp server will run in a special namespace inside the container that simulates the docker host:
The default mode for vr-sros is still "host-forwarded". It can be overridden by passing the env var CLAB_MGMT_PASSTHROUGH (true/false).