Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: replace static comamnds with grpc calls #103

Merged
merged 8 commits into from
Aug 31, 2023
Merged

ci: replace static comamnds with grpc calls #103

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
2273cbb
ci: move static config from leaf1 to testgrpc
glimchb Aug 26, 2023
edf7192
ci(vrf): replace static comamnds with grpc calls
glimchb Aug 26, 2023
631dab7
ci(bridge): replace static comamnds with grpc calls
glimchb Aug 26, 2023
6ac6aa3
ci(svi): replace static comamnds with grpc calls
glimchb Aug 26, 2023
45a14bb
ci(port): replace static comamnds with grpc calls
glimchb Aug 26, 2023
3c33b1d
fix(review): use correct VRF loop IPs
glimchb Aug 30, 2023
ca3d9a0
ci(svi): prefix svi_id with vrf name
glimchb Aug 30, 2023
4ff5865
ci(bridge): rename logical_bridge_id from vniXX to vlanXX
glimchb Aug 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
134 changes: 30 additions & 104 deletions docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,93 +54,6 @@ services:
sed -i "s/127.0.0.1/0.0.0.0/g" /etc/frr/daemons && \
ip link add name lo0 type dummy && \
ifconfig lo0 10.0.0.2 netmask 255.255.255.255 up && \

ip link add br-tenant type bridge vlan_default_pvid 0 vlan_filtering 1 vlan_protocol 802.1Q && \
ip link set br-tenant up && \

ip link add blue type vrf table 1000 && \
ip link set blue up && \
ip link add name lo1 type dummy && \
ip link set lo1 master blue up && \
ip address add 10.0.1.2/32 dev lo1 && \

ip link add green type vrf table 1001 && \
ip link set green up && \
ip link add name lo2 type dummy && \
ip link set lo2 master green up && \
ip address add 10.0.2.2/32 dev lo2 && \

ip link add yellow type vrf table 1002 && \
ip link set yellow up && \
ip link add name lo3 type dummy && \
ip link set lo3 master yellow up && \
ip address add 10.0.3.2/32 dev lo3 && \

ip link add br100 addr aa:bb:cc:00:00:02 type bridge && \
ip link set br100 master green up && \
ip link add vni100 type vxlan local 10.0.0.2 dstport 4789 id 100 nolearning && \
ip link set vni100 master br100 up && \

ip link add br101 addr aa:bb:cc:00:00:03 type bridge && \
ip link set br101 master yellow up && \
ip link add vni101 type vxlan local 10.0.0.2 dstport 4789 id 101 nolearning && \
ip link set vni101 master br101 up && \

ip link add vni10 type vxlan id 10 local 10.0.0.2 dstport 4789 nolearning && \
ip link set vni10 master br-tenant up && \
bridge vlan add dev vni10 vid 10 pvid untagged && \
bridge link set dev vni10 neigh_suppress on learning off && \

ip link add vni20 type vxlan id 20 local 10.0.0.2 dstport 4789 nolearning && \
ip link set vni20 master br-tenant up && \
bridge vlan add dev vni20 vid 20 pvid untagged && \
bridge link set dev vni20 neigh_suppress on learning off && \

ip link add vni30 type vxlan id 30 local 10.0.0.2 dstport 4789 nolearning && \
ip link set vni30 master br-tenant up && \
bridge vlan add dev vni30 vid 30 pvid untagged && \
bridge link set dev vni30 neigh_suppress on learning off && \

ip link add vni40 type vxlan id 40 local 10.0.0.2 dstport 4789 nolearning && \
ip link set vni40 master br-tenant up && \
bridge vlan add dev vni40 vid 40 pvid untagged && \
bridge link set dev vni40 neigh_suppress on learning off && \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How the fields "neigh_suppress" and "learning off" are mapped to the API?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

They don't have to be reflected in the API. They are hard-coded in the EVPN-bridge implementation (until the point where someone shows that it is necessary to be able to control them. Then we can discuss how to enhance the logical bridge API with an optional attribute).


bridge vlan add dev br-tenant vid 20 self && \
ip link add link br-tenant name vlan20 type vlan id 20 && \
ip link set vlan20 address aa:bb:cc:00:00:21 && \
ip link set vlan20 master blue up && \
ip address add 20.20.20.1/24 dev vlan20 && \

bridge vlan add dev br-tenant vid 30 self && \
ip link add link br-tenant name vlan30 type vlan id 30 && \
ip link set vlan30 address aa:bb:cc:00:00:31 && \
ip link set vlan30 master blue up && \
ip address add 30.30.30.1/24 dev vlan30 && \

bridge vlan add dev br-tenant vid 40 self && \
ip link add link br-tenant name vlan40 type vlan id 40 && \
ip link set vlan40 address aa:bb:cc:00:00:41 && \
ip link set vlan40 master green up && \
ip address add 40.40.40.1/24 dev vlan40 && \

bridge vlan add dev br-tenant vid 50 self && \
ip link add link br-tenant name vlan50 type vlan id 50 && \
ip link set vlan50 address aa:bb:cc:00:00:51 && \
ip link set vlan50 master yellow up && \
ip address add 50.50.50.1/24 dev vlan50 && \

ip link set eth1 up && ip addr flush dev eth1 && \
ip link set eth1 master br-tenant up && \
bridge vlan add dev eth1 vid 10 && \

bridge vlan add dev eth1 vid 20 && \

bridge vlan add dev eth1 vid 40 && \

ip addr flush dev eth2 && ip link set eth2 master br-tenant up && \
bridge vlan add dev eth2 vid 50 && \
glimchb marked this conversation as resolved.
Show resolved Hide resolved

/etc/init.d/frr stop && \
/usr/lib/frr/watchfrr -d -F traditional zebra bgpd staticd && \
sleep infinity'
Expand Down Expand Up @@ -334,23 +247,35 @@ services:
ip link add br-tenant type bridge vlan_default_pvid 0 vlan_filtering 1 vlan_protocol 802.1Q && \
ip link set br-tenant up && \
echo create && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateVrf "{\"vrf\" : {\"spec\" : {\"vni\" : 100, \"loopback_ip_prefix\": {}, \"vtep_ip_prefix\": {\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 167772162}, \"len\": 24} }}, \"vrf_id\" : \"blue\" }" && \
glimchb marked this conversation as resolved.
Show resolved Hide resolved
/entrypoint.sh call --json_input --json_output localhost:50151 CreateVrf "{\"vrf\" : {\"spec\" : {\"vni\" : 101, \"loopback_ip_prefix\": {}, \"vtep_ip_prefix\": {\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 167772162}, \"len\": 24} }}, \"vrf_id\" : \"green\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateVrf "{\"vrf\" : {\"spec\" : {\"vni\" : 102, \"loopback_ip_prefix\": {}, \"vtep_ip_prefix\": {\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 167772162}, \"len\": 24} }}, \"vrf_id\" : \"yellow\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateLogicalBridge "{\"logical_bridge\" : {\"spec\" : {\"vni\" : 11, \"vlan_id\": 11 }}, \"logical_bridge_id\" : \"vxlan11\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateLogicalBridge "{\"logical_bridge\" : {\"spec\" : {\"vni\" : 22, \"vlan_id\": 22 }}, \"logical_bridge_id\" : \"vxlan22\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateLogicalBridge "{\"logical_bridge\" : {\"spec\" : {\"vni\" : 33, \"vlan_id\": 33 }}, \"logical_bridge_id\" : \"vxlan33\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateBridgePort "{\"bridge_port\" : {\"spec\" : {\"mac_address\" : \"qrvMAAAB\", \"ptype\": \"ACCESS\", \"logical_bridges\": [] }}, \"bridge_port_id\" : \"eth2\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateBridgePort "{\"bridge_port\" : {\"spec\" : {\"mac_address\" : \"qrvMAAAB\", \"ptype\": \"TRUNK\" , \"logical_bridges\": [] }}, \"bridge_port_id\" : \"eth3\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateVrf "{\"vrf_id\" : \"blue\", \"vrf\" : {\"spec\" : { \"loopback_ip_prefix\": {\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 167772418}, \"len\": 24}, \"vtep_ip_prefix\": {\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 167772162}, \"len\": 24} }} }" && \
glimchb marked this conversation as resolved.
Show resolved Hide resolved
/entrypoint.sh call --json_input --json_output localhost:50151 CreateVrf "{\"vrf_id\" : \"green\", \"vrf\" : {\"spec\" : {\"vni\" : 100, \"loopback_ip_prefix\": {\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 167772674}, \"len\": 24}, \"vtep_ip_prefix\": {\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 167772162}, \"len\": 24} }} }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateVrf "{\"vrf_id\" : \"yellow\", \"vrf\" : {\"spec\" : {\"vni\" : 101, \"loopback_ip_prefix\": {\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 167772930}, \"len\": 24}, \"vtep_ip_prefix\": {\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 167772162}, \"len\": 24} }} }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateLogicalBridge "{\"logical_bridge_id\" : \"vlan10\", \"logical_bridge\" : {\"spec\" : {\"vni\" : 10, \"vlan_id\": 10 }} }" && \
Copy link
Member

@venkatmahalingam venkatmahalingam Aug 30, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ip link add vni10 type vxlan id 10 local 10.0.0.2 dstport 4789 nolearning

How's the above command is mapped in the API incase of L2VXLAN (I dont expect VRF and SVI objects in L2-VXLAN)? where to provide VTEP local IP in the API?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The VRF spec has a field vtep_ip_prefix for this purpose.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we need a VRF for L2VXLAN case?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch, the LogicalBridgeSpec in the API should also have a vtep_ip_prefix. See issue #83

Copy link
Member Author

@glimchb glimchb Aug 31, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

opened #147 for VTEP IP

/entrypoint.sh call --json_input --json_output localhost:50151 CreateLogicalBridge "{\"logical_bridge_id\" : \"vlan20\", \"logical_bridge\" : {\"spec\" : {\"vni\" : 20, \"vlan_id\": 20 }} }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateLogicalBridge "{\"logical_bridge_id\" : \"vlan30\", \"logical_bridge\" : {\"spec\" : {\"vni\" : 30, \"vlan_id\": 30 }} }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateLogicalBridge "{\"logical_bridge_id\" : \"vlan40\", \"logical_bridge\" : {\"spec\" : {\"vni\" : 40, \"vlan_id\": 40 }} }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateLogicalBridge "{\"logical_bridge_id\" : \"vlan50\", \"logical_bridge\" : {\"spec\" : { \"vlan_id\": 50 }} }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateSvi "{\"svi_id\" : \"blue-vlan20\", \"svi\" : {\"spec\" : {\"vrf\": \"//network.opiproject.org/vrfs/blue\", \"logical_bridge\": \"//network.opiproject.org/bridges/vlan20\", \"mac_address\" : \"qrvMAAAh\", \"gw_ip_prefix\": [{\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 336860161}, \"len\": 24}] }} }" && \
Copy link
Member

@venkatmahalingam venkatmahalingam Aug 30, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we use vlan20 instead of blue-vlan20 for SVI name? and logical_bridge_id as br"vlan-id"? ,e.g br50

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I specifically want the SVI name to reflect the binding between VRF and logical bridge.
And I don't see any reason to encode the object type as prefix into the logical bridge objects. We are not doing that for other object types either. How we call the underlying Linux realization entities is a different matter.

Copy link
Member

@venkatmahalingam venkatmahalingam Aug 30, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How we call the underlying Linux realization entities is a different matter.
-> This is the problem, unnecessary lengthy names lead to have additional mapping in the backend as Linux interface names length restricted to 15 characters. IMO, it is easy to get and know the SVI to VRF mappings, if we want to rebind the SVI from one VRF to another VRF on the fly, I would need to delete the SVI and create it with new VRF name part of SVI name.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree with @venkatmahalingam on this problem

if we want to rebind the SVI from one VRF to another VRF on the fly, I would need to delete the SVI and create it with new VRF name part of SVI name.

But naming of objects is left to the user, there is no code or rules to mandate to use any names... so we as OPI should not care...
user will pick a name or (since resource ID) is optional, grpc server will generate UUID as a name (or more accurately resource ID) instead...

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How realistic and important a use case is it to move a subnet on a logical bridge to another VRF without any traffic impact? To me that is a change in network planning, which typically has wider implications in the network.
I know it is possible in Linux to shift an existing SVI netdev to another VRF just by enslaving it to the new vrf netdev, but is this something the EVPN-GW API must cover? In fact, I think it currently does cover it, as the VRF reference in the SVI spec is not marked as immutable. Same goes for the LogicalBridge reference, by the way, but the VLAN ID of an SVI netdev can't be changed in Linux on the fly.
At any rate, the object naming arbitrary, and we can apply any convention we like in this example configuration.

/entrypoint.sh call --json_input --json_output localhost:50151 CreateSvi "{\"svi_id\" : \"blue-vlan30\", \"svi\" : {\"spec\" : {\"vrf\": \"//network.opiproject.org/vrfs/blue\", \"logical_bridge\": \"//network.opiproject.org/bridges/vlan30\", \"mac_address\" : \"qrvMAAAx\", \"gw_ip_prefix\": [{\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 505290241}, \"len\": 24}] }} }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateSvi "{\"svi_id\" : \"green-vlan40\", \"svi\" : {\"spec\" : {\"vrf\": \"//network.opiproject.org/vrfs/green\", \"logical_bridge\": \"//network.opiproject.org/bridges/vlan40\", \"mac_address\" : \"qrvMAABB\", \"gw_ip_prefix\": [{\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 673720321}, \"len\": 24}] }} }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateSvi "{\"svi_id\" : \"yellow-vlan50\", \"svi\" : {\"spec\" : {\"vrf\": \"//network.opiproject.org/vrfs/yellow\", \"logical_bridge\": \"//network.opiproject.org/bridges/vlan50\", \"mac_address\" : \"qrvMAABR\", \"gw_ip_prefix\": [{\"addr\": {\"af\": \"IP_AF_INET\", \"v4_addr\": 842150401}, \"len\": 24}] }} }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateBridgePort "{\"bridge_port_id\" : \"eth1\", \"bridge_port\" : {\"spec\" : {\"mac_address\" : \"qrvMAAAB\", \"ptype\": \"TRUNK\", \"logical_bridges\": [\"//network.opiproject.org/bridges/vlan10\", \"//network.opiproject.org/bridges/vlan20\", \"//network.opiproject.org/bridges/vlan40\"] }} }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 CreateBridgePort "{\"bridge_port_id\" : \"eth2\", \"bridge_port\" : {\"spec\" : {\"mac_address\" : \"qrvMAAAB\", \"ptype\": \"TRUNK\", \"logical_bridges\": [\"//network.opiproject.org/bridges/vlan50\"] }} }" && \
echo get && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetVrf "{\"name\" : \"//network.opiproject.org/vrfs/blue\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetVrf "{\"name\" : \"//network.opiproject.org/vrfs/green\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetVrf "{\"name\" : \"//network.opiproject.org/vrfs/yellow\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetLogicalBridge "{\"name\" : \"//network.opiproject.org/bridges/vxlan11\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetLogicalBridge "{\"name\" : \"//network.opiproject.org/bridges/vxlan22\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetLogicalBridge "{\"name\" : \"//network.opiproject.org/bridges/vxlan33\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetBridgePort "{\"name\" : \"//network.opiproject.org/ports/eth2\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetBridgePort "{\"name\" : \"//network.opiproject.org/ports/eth3\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetVrf "{\"name\" : \"//network.opiproject.org/vrfs/blue\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetVrf "{\"name\" : \"//network.opiproject.org/vrfs/green\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetVrf "{\"name\" : \"//network.opiproject.org/vrfs/yellow\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetLogicalBridge "{\"name\" : \"//network.opiproject.org/bridges/vlan10\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetLogicalBridge "{\"name\" : \"//network.opiproject.org/bridges/vlan20\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetLogicalBridge "{\"name\" : \"//network.opiproject.org/bridges/vlan30\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetLogicalBridge "{\"name\" : \"//network.opiproject.org/bridges/vlan40\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetLogicalBridge "{\"name\" : \"//network.opiproject.org/bridges/vlan50\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetSvi "{\"name\" : \"//network.opiproject.org/svis/blue-vlan20\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetSvi "{\"name\" : \"//network.opiproject.org/svis/blue-vlan30\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetSvi "{\"name\" : \"//network.opiproject.org/svis/green-vlan40\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetSvi "{\"name\" : \"//network.opiproject.org/svis/yellow-vlan50\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetBridgePort "{\"name\" : \"//network.opiproject.org/ports/eth1\" }" && \
/entrypoint.sh call --json_input --json_output localhost:50151 GetBridgePort "{\"name\" : \"//network.opiproject.org/ports/eth2\" }" && \
echo done'

host2-leaf2:
Expand Down Expand Up @@ -415,7 +340,8 @@ services:
# L3VXLAN Symmetric IRB:
# Ping to Bleaf internet connectivity IPs from Host1 via green and yellow VRFs from Leaf1
command: |
sh -x -c 'ip link add link eth0 name eth0.10 type vlan id 10 && \
sh -x -c 'sleep 30 && \
ip link add link eth0 name eth0.10 type vlan id 10 && \
ip link set eth0 up && ip addr flush dev eth0 && \
ip link set eth0.10 up && \
ip addr add 10.10.10.10/24 dev eth0.10 && \
Expand Down