confd: Define the meaning of the script order on init/exit actions

In ye olde confd, we basically had `50-init.ip` - and that was fine. Then came containers, VLANs, bridges, etc.; and with it: a whole forest of setup/teardown scripts - and it was not fine anymore. For example: if found an init script running at 61, you would have to grep the source tree and look at _all_ other call sites to get a sense of what runs before and/or after it. Therefore: create enums for the init/exit actions where the order is explicitly stated, and use those for all interface scripts.
kernelkit · Dec 17, 2024 · ccce8ab · ccce8ab
1 parent 26b3a72
commit ccce8ab
Show file tree

Hide file tree

Showing 8 changed files with 85 additions and 20 deletions.
diff --git a/src/confd/src/cni.c b/src/confd/src/cni.c
@@ -392,7 +392,7 @@ int cni_netdag_gen_iface(struct dagger *net, const char *ifname,
 	if (iface_is_cni(ifname, cif, &cni_type)) {
 		int err;
 
-		fp = dagger_fopen_next(net, "init", ifname, 30, "cni.sh");
+		fp = dagger_fopen_net_init(net, ifname, NETDAG_INIT_PRE, "cni.sh");
 		if (!fp)
 			return -EIO;
 
@@ -407,7 +407,7 @@ int cni_netdag_gen_iface(struct dagger *net, const char *ifname,
 			return 1; /* CNI bridges are managed by podman */
 	} else if (iface_is_cni(ifname, dif, &cni_type)) {
 		/* No longer a container-network, clean up. */
-		fp = dagger_fopen_current(net, "exit", ifname, 30, "cni.sh");
+		fp = dagger_fopen_net_exit(net, ifname, NETDAG_EXIT_POST, "cni.sh");
 		if (!fp)
 			return -EIO;
 

diff --git a/src/confd/src/dagger.c b/src/confd/src/dagger.c
@@ -75,6 +75,18 @@ FILE *dagger_fopen_current(struct dagger *d, const char *action, const char *nod
 	return dagger_fopen(d, d->current, action, node, prio, script);
 }
 
+FILE *dagger_fopen_net_init(struct dagger *d, const char *node, enum netdag_init order,
+			    const char *script)
+{
+	return dagger_fopen_next(d, "init", node, order, script);
+}
+
+FILE *dagger_fopen_net_exit(struct dagger *d, const char *node, enum netdag_exit order,
+			    const char *script)
+{
+	return dagger_fopen_current(d, "exit", node, order, script);
+}
+
 int dagger_add_dep(struct dagger *d, const char *depender, const char *dependee)
 {
 	return systemf("ln -s ../%s %s/%d/dag/%s", dependee,

diff --git a/src/confd/src/dagger.h b/src/confd/src/dagger.h
@@ -35,4 +35,51 @@ int dagger_is_bootstrap(struct dagger *d);
 
 int dagger_claim(struct dagger *d, const char *path);
 
+
+enum netdag_exit {
+	/* Stop daemons running on interface (zcip etc.) */
+	NETDAG_EXIT_DAEMON = 30,
+
+	/* Interface specific tear-down (bridge objects) of lowers */
+	NETDAG_EXIT_LOWERS_PROTO = 35,
+
+	/* Interface specific tear-down (bridge objects) */
+	NETDAG_EXIT_PROTO = 40,
+
+	/* Detach lower interfaces (bridge ports, LAG ports, etc.) */
+	NETDAG_EXIT_LOWERS = 45,
+
+	/* Tear down interface settings, remove virtual interfaces */
+	NETDAG_EXIT_PRE = 49,
+	NETDAG_EXIT = 50,
+	NETDAG_EXIT_POST = 51,
+};
+
+enum netdag_init {
+	/* Configure link layer */
+	NETDAG_INIT_PHYS = 10,
+
+	/* Configure interface settings, create virtual interfaces */
+	NETDAG_INIT_PRE = 49,
+	NETDAG_INIT = 50,
+	NETDAG_INIT_POST = 51,
+
+	/* Attach lower interfaces (bridge ports, LAG ports, etc.) */
+	NETDAG_INIT_LOWERS = 55,
+
+	/* Interface specific setup (bridge objects) */
+	NETDAG_INIT_PROTO = 60,
+
+	/* Interface specific setup (bridge objects) of lowers */
+	NETDAG_INIT_LOWERS_PROTO = 65,
+
+	/* Start daemons running on interface (zcip etc.) */
+	NETDAG_INIT_DAEMON = 70,
+};
+
+FILE *dagger_fopen_net_init(struct dagger *d, const char *node, enum netdag_init order,
+			    const char *script);
+FILE *dagger_fopen_net_exit(struct dagger *d, const char *node, enum netdag_exit order,
+			    const char *script);
+
 #endif	/* CONFD_DAGGER_H_ */
diff --git a/src/confd/src/ieee802-ethernet-interface.c b/src/confd/src/ieee802-ethernet-interface.c
@@ -37,7 +37,7 @@ static int netdag_gen_ethtool_flow_control(struct dagger *net, struct lyd_node *
 	const char *ifname = lydx_get_cattr(cif, "name");
 	FILE *fp;
 
-	fp = dagger_fopen_next(net, "init", ifname, 10, "ethtool-aneg.sh");
+	fp = dagger_fopen_net_init(net, ifname, NETDAG_INIT_PHYS, "ethtool-aneg.sh");
 	if (!fp)
 		return -EIO;
 
@@ -56,7 +56,7 @@ static int netdag_gen_ethtool_autoneg(struct dagger *net, struct lyd_node *cif)
 	int mbps, err = 0;
 	FILE *fp;
 
-	fp = dagger_fopen_next(net, "init", ifname, 10, "ethtool-aneg.sh");
+	fp = dagger_fopen_net_init(net, ifname, NETDAG_INIT_PHYS, "ethtool-aneg.sh");
 	if (!fp)
 		return -EIO;
 

diff --git a/src/confd/src/ietf-interfaces.c b/src/confd/src/ietf-interfaces.c
@@ -332,7 +332,8 @@ static int netdag_gen_sysctl_setting(struct dagger *net, const char *ifname, FIL
 	if (!lydx_get_diff(node, &nd))
 		return 0;
 
-	*fpp = *fpp ? : dagger_fopen_next(net, "init", ifname, 60, "init.sysctl");
+	*fpp = *fpp ? : dagger_fopen_net_init(net, ifname,
+					      NETDAG_INIT_POST, "init.sysctl");
 	if (!*fpp)
 		return -EIO;
 
@@ -514,7 +515,7 @@ static int netdag_gen_iface_del(struct dagger *net, struct lyd_node *dif,
 		dagger_skip_current_iface(net, peer);
 	}
 
-	ip = dagger_fopen_current(net, "exit", ifname, 50, "exit.ip");
+	ip = dagger_fopen_net_exit(net, ifname, NETDAG_EXIT, "exit.ip");
 	if (!ip)
 		return -EIO;
 
@@ -580,7 +581,7 @@ static sr_error_t netdag_gen_iface(sr_session_ctx_t *session, struct dagger *net
 		op = LYDX_OP_CREATE;
 	}
 
-	ip = dagger_fopen_next(net, "init", ifname, 50, "init.ip");
+	ip = dagger_fopen_net_init(net, ifname, NETDAG_INIT, "init.ip");
 	if (!ip) {
 		err = -EIO;
 		goto err;

diff --git a/src/confd/src/ietf-ip.c b/src/confd/src/ietf-ip.c
@@ -37,7 +37,7 @@ int netdag_gen_ipv6_autoconf(struct dagger *net, struct lyd_node *cif,
 	}
 
 	/* 51: must run after interfaces have been created (think: bridge, veth) */
-	fp = dagger_fopen_next(net, "init", ifname, 51, "init.sysctl");
+	fp = dagger_fopen_net_init(net, ifname, NETDAG_INIT_POST, "init.sysctl");
 	if (fp) {
 		/* Autoconfigure addresses using Prefix Information in Router Advertisements */
 		fprintf(fp, "net.ipv6.conf.%s.autoconf = %d\n", ifname, global);
@@ -126,7 +126,7 @@ int netdag_gen_ipv4_autoconf(struct dagger *net, struct lyd_node *cif,
 		fprintf(fp, "\"\n");
 		fclose(fp);
 
-		initctl = dagger_fopen_next(net, "init", ifname, 60, "zeroconf-up.sh");
+		initctl = dagger_fopen_net_init(net, ifname, NETDAG_INIT_DAEMON, "zeroconf-up.sh");
 		if (!initctl)
 			return -EIO;
 
@@ -137,7 +137,7 @@ int netdag_gen_ipv4_autoconf(struct dagger *net, struct lyd_node *cif,
 			fprintf(initctl, "initctl -bnq touch zeroconf@%s.conf\n", ifname);
 	} else {
 	disable:
-		initctl = dagger_fopen_current(net, "exit", ifname, 40, "zeroconf-down.sh");
+		initctl = dagger_fopen_net_exit(net, ifname, NETDAG_EXIT_DAEMON, "zeroconf-down.sh");
 		if (!initctl) {
 			/* check if in bootstrap (pre gen 0) */
 			if (errno == EUNATCH)
@@ -254,7 +254,7 @@ int netdag_gen_ip_addrs(struct dagger *net, FILE *ip, const char *proto,
 		if (!cni_find(ifname) && if_nametoindex(ifname)) {
 			FILE *fp;
 
-			fp = dagger_fopen_current(net, "exit", ifname, 49, "flush.sh");
+			fp = dagger_fopen_net_exit(net, ifname, NETDAG_EXIT_PRE, "flush.sh");
 			if (fp) {
 				fprintf(fp, "ip -%c addr flush dev %s\n", proto[3], ifname);
 				fclose(fp);

diff --git a/src/confd/src/infix-if-bridge-port.c b/src/confd/src/infix-if-bridge-port.c
@@ -43,7 +43,8 @@ static int ixif_br_port_gen_pvid_del(struct lyd_node *cif, const char *brname, i
 		 */
 		return 0;
 
-	exit = dagger_fopen_current(&confd.netdag, "exit", brname, 61, "delete-pvids.bridge");
+	exit = dagger_fopen_net_exit(&confd.netdag, brname,
+				     NETDAG_EXIT_LOWERS_PROTO, "delete-pvids.bridge");
 	if (!exit)
 		return -EIO;
 
@@ -70,7 +71,8 @@ static int ixif_br_port_gen_pvid_add(struct lyd_node *cif, const char *brname, i
 		return 0;
 	}
 
-	init = dagger_fopen_next(&confd.netdag, "init", brname, 61, "add-pvids.bridge");
+	init = dagger_fopen_net_init(&confd.netdag, brname,
+				     NETDAG_INIT_LOWERS_PROTO, "add-pvids.bridge");
 	if (!init)
 		return -EIO;
 
@@ -138,7 +140,8 @@ static int ixif_br_port_gen_link(struct lyd_node *dif, struct lyd_node *cif)
 	if (err)
 		return ERR_IFACE(cif, err, "Unable to add dep \"%s\" to %s", iface, brname);
 
-	next = dagger_fopen_next(&confd.netdag, "init", brname, 55, "add-ports.ip");
+	next = dagger_fopen_net_init(&confd.netdag, brname,
+				     NETDAG_INIT_LOWERS, "add-ports.ip");
 	if (!next)
 		return -EIO;
 
@@ -190,7 +193,8 @@ int ixif_br_port_gen_join_leave(struct lyd_node *dif)
 	iface = lydx_get_cattr(dif, "name");
 
 	if (brdiff.old) {
-		prev = dagger_fopen_current(&confd.netdag, "exit", brdiff.old, 55, "delete-ports.ip");
+		prev = dagger_fopen_net_exit(&confd.netdag, brdiff.old,
+					     NETDAG_EXIT_LOWERS, "delete-ports.ip");
 		if (!prev)
 			return -EIO;
 
@@ -199,7 +203,8 @@ int ixif_br_port_gen_join_leave(struct lyd_node *dif)
 	}
 
 	if (brdiff.new) {
-		next = dagger_fopen_next(&confd.netdag, "init", brdiff.new, 55, "add-ports.ip");
+		next = dagger_fopen_net_init(&confd.netdag, brdiff.new,
+					     NETDAG_INIT_LOWERS, "add-ports.ip");
 		if (!next)
 			return -EIO;
 

diff --git a/src/confd/src/infix-if-bridge.c b/src/confd/src/infix-if-bridge.c
@@ -381,12 +381,12 @@ static int ixif_br_fini(struct ixif_br *br)
 	err = snippet_close(&br->bropts, br->ip);
 	fputc('\n', br->ip);
 
-	init = dagger_fopen_next(&confd.netdag, "init", br->name,
-				 60, "init.bridge");
+	init = dagger_fopen_net_init(&confd.netdag, br->name,
+				 NETDAG_INIT_PROTO, "init.bridge");
 
 	if (!dagger_is_bootstrap(&confd.netdag))
-		exit = dagger_fopen_current(&confd.netdag, "exit", br->name,
-					    60, "exit.bridge");
+		exit = dagger_fopen_net_exit(&confd.netdag, br->name,
+					    NETDAG_EXIT_PROTO, "exit.bridge");
 
 	err = err ? : snippet_close(&br->init.vlan, init);
 	err = err ? : snippet_close(&br->init.mcast, init);