Skip to content

Commit

Permalink
Add verification for override (sonic-net#2305)
Browse files Browse the repository at this point in the history
What I did
Add Yang verification for config override-config-table

How I did it
Make 3 step verification: running config, golden input, final config

How to verify it
Run unit test.
  • Loading branch information
wen587 authored and EdenGri committed Oct 12, 2022
1 parent dc1b489 commit 368094f
Show file tree
Hide file tree
Showing 5 changed files with 397 additions and 19 deletions.
78 changes: 59 additions & 19 deletions config/main.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
import sys
import time
import itertools
import copy

from collections import OrderedDict
from generic_config_updater.generic_updater import GenericUpdater, ConfigFormat
Expand Down Expand Up @@ -46,7 +47,7 @@
from . import vlan
from . import vxlan
from . import plugins
from .config_mgmt import ConfigMgmtDPB
from .config_mgmt import ConfigMgmtDPB, ConfigMgmt
from . import mclag
from . import syslog

Expand Down Expand Up @@ -1885,27 +1886,66 @@ def override_config_table(db, input_config_db, dry_run):

config_db = db.cfgdb

# Read config from configDB
current_config = config_db.get_config()
# Serialize to the same format as json input
sonic_cfggen.FormatConverter.to_serialized(current_config)

updated_config = update_config(current_config, config_input)

yang_enabled = device_info.is_yang_config_validation_enabled(config_db)
if yang_enabled:
# The ConfigMgmt will load YANG and running
# config during initialization.
try:
cm = ConfigMgmt()
cm.validateConfigData()
except Exception as ex:
click.secho("Failed to validate running config. Error: {}".format(ex), fg="magenta")
sys.exit(1)

# Validate input config
validate_config_by_cm(cm, config_input, "config_input")
# Validate updated whole config
validate_config_by_cm(cm, updated_config, "updated_config")

if dry_run:
# Read config from configDB
current_config = config_db.get_config()
# Serialize to the same format as json input
sonic_cfggen.FormatConverter.to_serialized(current_config)
# Override current config with golden config
for table in config_input:
current_config[table] = config_input[table]
print(json.dumps(current_config, sort_keys=True,
print(json.dumps(updated_config, sort_keys=True,
indent=4, cls=minigraph_encoder))
else:
# Deserialized golden config to DB recognized format
sonic_cfggen.FormatConverter.to_deserialized(config_input)
# Delete table from DB then mod_config to apply golden config
click.echo("Removing configDB overriden table first ...")
for table in config_input:
config_db.delete_table(table)
click.echo("Overriding input config to configDB ...")
data = sonic_cfggen.FormatConverter.output_to_db(config_input)
config_db.mod_config(data)
click.echo("Overriding completed. No service is restarted.")
override_config_db(config_db, config_input)


def validate_config_by_cm(cm, config_json, jname):
tmp_config_json = copy.deepcopy(config_json)
try:
cm.loadData(tmp_config_json)
cm.validateConfigData()
except Exception as ex:
click.secho("Failed to validate {}. Error: {}".format(jname, ex), fg="magenta")
sys.exit(1)


def update_config(current_config, config_input):
updated_config = copy.deepcopy(current_config)
# Override current config with golden config
for table in config_input:
updated_config[table] = config_input[table]
return updated_config


def override_config_db(config_db, config_input):
# Deserialized golden config to DB recognized format
sonic_cfggen.FormatConverter.to_deserialized(config_input)
# Delete table from DB then mod_config to apply golden config
click.echo("Removing configDB overriden table first ...")
for table in config_input:
config_db.delete_table(table)
click.echo("Overriding input config to configDB ...")
data = sonic_cfggen.FormatConverter.output_to_db(config_input)
config_db.mod_config(data)
click.echo("Overriding completed. No service is restarted.")


#
# 'hostname' command
Expand Down
71 changes: 71 additions & 0 deletions tests/config_override_input/final_config_yang_failure.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
{
"running_config": {
"ACL_TABLE": {
"DATAACL": {
"policy_desc": "DATAACL",
"ports": [
"Ethernet4"
],
"stage": "ingress",
"type": "L3"
},
"NTP_ACL": {
"policy_desc": "NTP_ACL",
"services": [
"NTP"
],
"stage": "ingress",
"type": "CTRLPLANE"
}
},
"AUTO_TECHSUPPORT_FEATURE": {
"bgp": {
"rate_limit_interval": "600",
"state": "enabled"
},
"database": {
"rate_limit_interval": "600",
"state": "enabled"
}
},
"PORT": {
"Ethernet4": {
"admin_status": "up",
"alias": "fortyGigE0/4",
"description": "Servers0:eth0",
"index": "1",
"lanes": "29,30,31,32",
"mtu": "9100",
"pfc_asym": "off",
"speed": "40000",
"tpid": "0x8100"
},
"Ethernet8": {
"admin_status": "up",
"alias": "fortyGigE0/8",
"description": "Servers1:eth0",
"index": "2",
"lanes": "33,34,35,36",
"mtu": "9100",
"pfc_asym": "off",
"speed": "40000",
"tpid": "0x8100"
}
}
},
"golden_config": {
"PORT": {
"Ethernet12": {
"admin_status": "up",
"alias": "fortyGigE0/12",
"description": "Servers2:eth0",
"index": "3",
"lanes": "37,38,39,40",
"mtu": "9100",
"pfc_asym": "off",
"speed": "40000",
"tpid": "0x8100"
}
}
}
}
89 changes: 89 additions & 0 deletions tests/config_override_input/golden_input_yang_failure.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
{
"running_config": {
"ACL_TABLE": {
"DATAACL": {
"policy_desc": "DATAACL",
"ports": [
"Ethernet4"
],
"stage": "ingress",
"type": "L3"
},
"NTP_ACL": {
"policy_desc": "NTP_ACL",
"services": [
"NTP"
],
"stage": "ingress",
"type": "CTRLPLANE"
}
},
"AUTO_TECHSUPPORT_FEATURE": {
"bgp": {
"rate_limit_interval": "600",
"state": "enabled"
},
"database": {
"rate_limit_interval": "600",
"state": "enabled"
}
},
"PORT": {
"Ethernet4": {
"admin_status": "up",
"alias": "fortyGigE0/4",
"description": "Servers0:eth0",
"index": "1",
"lanes": "29,30,31,32",
"mtu": "9100",
"pfc_asym": "off",
"speed": "40000",
"tpid": "0x8100"
},
"Ethernet8": {
"admin_status": "up",
"alias": "fortyGigE0/8",
"description": "Servers1:eth0",
"index": "2",
"lanes": "33,34,35,36",
"mtu": "9100",
"pfc_asym": "off",
"speed": "40000",
"tpid": "0x8100"
}
}
},
"golden_config": {
"ACL_TABLE": {
"EVERFLOWV6": {
"policy_desc": "EVERFLOWV6",
"ports": [
"Ethernet0"
],
"stage": "ingress",
"type": "MIRRORV6"
}
},
"AUTO_TECHSUPPORT_FEATURE": {
"bgp": {
"state": "disabled"
},
"database": {
"state": "disabled"
}
},
"PORT": {
"Ethernet12": {
"admin_status": "up",
"alias": "fortyGigE0/12",
"description": "Servers2:eth0",
"index": "3",
"lanes": "37,38,39,40",
"mtu": "9100",
"pfc_asym": "off",
"speed": "40000",
"tpid": "0x8100"
}
}
}
}
89 changes: 89 additions & 0 deletions tests/config_override_input/running_config_yang_failure.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
{
"running_config": {
"ACL_TABLE": {
"DATAACL": {
"policy_desc": "DATAACL",
"ports": [
"Ethernet0"
],
"stage": "ingress",
"type": "L3"
},
"NTP_ACL": {
"policy_desc": "NTP_ACL",
"services": [
"NTP"
],
"stage": "ingress",
"type": "CTRLPLANE"
}
},
"AUTO_TECHSUPPORT_FEATURE": {
"bgp": {
"rate_limit_interval": "600",
"state": "enabled"
},
"database": {
"rate_limit_interval": "600",
"state": "enabled"
}
},
"PORT": {
"Ethernet4": {
"admin_status": "up",
"alias": "fortyGigE0/4",
"description": "Servers0:eth0",
"index": "1",
"lanes": "29,30,31,32",
"mtu": "9100",
"pfc_asym": "off",
"speed": "40000",
"tpid": "0x8100"
},
"Ethernet8": {
"admin_status": "up",
"alias": "fortyGigE0/8",
"description": "Servers1:eth0",
"index": "2",
"lanes": "33,34,35,36",
"mtu": "9100",
"pfc_asym": "off",
"speed": "40000",
"tpid": "0x8100"
}
}
},
"golden_config": {
"ACL_TABLE": {
"EVERFLOWV6": {
"policy_desc": "EVERFLOWV6",
"ports": [
"Ethernet12"
],
"stage": "ingress",
"type": "MIRRORV6"
}
},
"AUTO_TECHSUPPORT_FEATURE": {
"bgp": {
"state": "disabled"
},
"database": {
"state": "disabled"
}
},
"PORT": {
"Ethernet12": {
"admin_status": "up",
"alias": "fortyGigE0/12",
"description": "Servers2:eth0",
"index": "3",
"lanes": "37,38,39,40",
"mtu": "9100",
"pfc_asym": "off",
"speed": "40000",
"tpid": "0x8100"
}
}
}
}
Loading

0 comments on commit 368094f

Please sign in to comment.