Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Network Working Group Meeting Agenda 3 #363

Open
Qalthos opened this issue Sep 26, 2018 · 113 comments

Comments

Projects
None yet
@Qalthos
Copy link
Contributor

commented Sep 26, 2018

Please leave a comment regarding any agenda item you wish to discuss. If you don't show up for the meeting, your item will be skipped.

If your IRC nick is different from your Github username, leave that as well.

See https://github.com/ansible/community/tree/master/group-network for the schedule

All Core Networking issues (most recently updated at the top):
https://github.com/ansible/ansible/issues?q=is%3Aopen+label%3Anetworking+-label%3Aneeds_revision+sort%3Aupdated-desc

Network Working Group: https://github.com/ansible/community/tree/master/group-network

#ansible-network on Freenode IRC

@Qalthos

This comment has been minimized.

Copy link
Contributor Author

commented Oct 1, 2018

@samerd commented 2 hours ago

Please welcome @anasbadaha (https://github.com/anasbadaha) a new team member of Mellanox-Onyx His first PR: ansible/ansible#46218 Please review this PR and merge if OK with you

@caphrim007

This comment has been minimized.

Copy link

commented Oct 1, 2018

commenting on top of @dagwieers 's comment here

#247 (comment)

For F5 specific stuff, we have a special token that is generated (and required to be re-used) after we auth with a user/pass. we need to put that token in a Header which we send with future requests. This token needs to be deleted at the "end of the session" too otherwise we'll eventually run out of available tokens.

So right now we establish a connection (non-httpapi) make all our calls with the token, and then delete the token upon success/fail.

We have a couple modules that also check to see if the box is online to begin with. Today this isnt a problem because we handle the connection in the module. If the connection is moved out of the module, then the httpapi connection will need to know how to deal with this. In our case, it's technically equivalent of wait_for and some other custom checks. I imagine this would be a little ugly to bake into the httpapi (or equivalent) code.

Finally, we have several modules that reboot the device and wait for it to come back online. This rebooting invalidates the token as well. We would need to be able to mimic this in httpapi (or equivalent).

@dagwieers

This comment has been minimized.

Copy link
Member

commented Oct 1, 2018

I have started a new Wiki page to share requirements from each of the potential httpapi shareholders.
https://github.com/ansible/community/wiki/Plugin:-httpapi

Feel free to add more information there.

@Qalthos

This comment has been minimized.

Copy link
Contributor Author

commented Oct 2, 2018

@caphrim007

For F5 specific stuff, we have a special token that is generated (and required to be re-used) after we auth with a user/pass. we need to put that token in a Header which we send with future requests. This token needs to be deleted at the "end of the session" too otherwise we'll eventually run out of available tokens.

That's pretty standard. In an httpapi plugin, you can set self.connection._auth to a dictionary that gets merged with headers on every call. This would presumably get set in login() and cleared in logout(), which do what they sound like. logout() is also helpfully called during close(), so connection shutdown will clear your token for you (as will meta: reset_connection).

We have a couple modules that also check to see if the box is online to begin with.

This is one I haven't given a whole lot of thought to. I'm not entirely sure what this means, to be honest. I'm not really sure what this needs that until: "'stdout' in result" (or, more probably, some better test) doesn't give you.

Finally, we have several modules that reboot the device and wait for it to come back online. This rebooting invalidates the token as well. We would need to be able to mimic this in httpapi (or equivalent).

meta: reset_connection should be able to do just this. For persistent connections, it calls the connection's close() (which, as above, calls your httpapi plugin's logout() method).

Additionally, (and especially as a lot of the above points were requested by them), if you want to see how someone who is not me wrote an httpapi plugin to work with something that does not look anything like NX-API/eAPI (read: REST), take a look at plugins/httpapi/ftd.py. If you want to know what is expected of an httpapi plugin, the interface is described in plugins/httpapi/__init__.py, and if something still doesn't seem clear, bring it up and I'll be happy to talk about how to make it better.

@dagwieers I think this covers most of your needs as well. The major sticking point I know you still have is cluster support, and I haven't the faintest idea how to make that work in a way that doesn't ruin all the niceties that making connections look like real connection plugins. My only idea is to add a failover_hosts option to your httpapi plugin that subs out the connection's _url, but I have no idea how much trouble trying to do something like that might cause.

@gundalow

This comment has been minimized.

Copy link
Contributor

commented Oct 8, 2018

Proposal: Interface manager role ansible-network/network-proposals#1

The interface manager role provides a platform agnostic implementation to declaratively manage the aggregate set of network interfaces on a remote device. This role is designed to effectively replace the net_interface module that is currently part of Ansible core.

@privateip

This comment has been minimized.

Copy link
Member

commented Oct 10, 2018

Proposal: VRF definitions role ansible-network/network-proposals#3

This proposal describe the implementation of a new resource role for managing VRF definitions in network device active configurations. This role would replace the current net_vrf agnostic module that currently resides in Ansible core.

@privateip

This comment has been minimized.

Copy link
Member

commented Oct 10, 2018

Proposal: VLANs role ansible-network/network-proposals#2

This proposal describes the implementation of a VLANs role to replace the current platform agnostic implementation ofnet_vlan currently in Ansible core.

@amuraleedhar

This comment has been minimized.

Copy link

commented Oct 10, 2018

Please review and merge PR ansible/ansible#46623

Thanks & Regards
-Anil

@Qalthos

This comment has been minimized.

Copy link
Contributor Author

commented Oct 10, 2018

2018-10-10

Team status and updates

  • Ansible 2.7 was released last week!
  • AnsibleFest was last week as well

Actions

  • @privateip Update description that configure-vlan will be folded into this role
  • @privateip create role architecture writeup that can be linked in to role proposals to answer common questions regarding roles
  • @privateip describe each role option on proposals

Logs

Minutes: https://meetbot.fedoraproject.org/ansible-network/2018-10-10/ansible_network_working_group.2018-10-10-16.00.html
Minutes (text): https://meetbot.fedoraproject.org/ansible-network/2018-10-10/ansible_network_working_group.2018-10-10-16.00.txt
Log: https://meetbot.fedoraproject.org/ansible-network/2018-10-10/ansible_network_working_group.2018-10-10-16.00.log.html

@salman1485

This comment has been minimized.

Copy link

commented Oct 15, 2018

Can we discuss this please on 10/17- ansible/ansible#46185

@Qalthos

This comment has been minimized.

Copy link
Contributor Author

commented Oct 18, 2018

2018-10-17

Team status and updates

  • The ansible-network team did releases this week of roles and published them on https://galaxy.ansible.com/ansible-network/
  • Reminder that Python 2.6 support has been removed from the ansible controller as of Ansible 2.7
    • This means network modules will stop working without Python 2.7 or 3.5+

Logs

Minutes: https://meetbot.fedoraproject.org/ansible-network/2018-10-17/ansible_network_working_group.2018-10-17-16.02.html
Minutes (text): https://meetbot.fedoraproject.org/ansible-network/2018-10-17/ansible_network_working_group.2018-10-17-16.02.txt
Log: https://meetbot.fedoraproject.org/ansible-network/2018-10-17/ansible_network_working_group.2018-10-17-16.02.log.html

@anasbadaha

This comment has been minimized.

Copy link

commented Oct 24, 2018

Hi,
I'm a new member in Mellanox onyx team.
please review and merge the following PRs:
ansible/ansible#46494
ansible/ansible#46500
ansible/ansible#47027
ansible/ansible#47489
ansible/ansible#47501
ansible/ansible#47552
ansible/ansible#47554

Best Regards,
Anas Badaha

@Qalthos

This comment has been minimized.

Copy link
Contributor Author

commented Oct 24, 2018

2018-10-24

Team status and updates

  • 2.7.1 should be coming real soon
  • continued work on a network_configurator role for tower
  • adding configure_user support to cisco_iosxr provider
  • fixed nxos_facts bug in non-structured output
  • bugfix for network-engine repeat_for templating
  • Working with Cisco for firepower facts/install modules

Logs

Minutes: https://meetbot.fedoraproject.org/ansible-network/2018-10-24/ansible_network_working_group.2018-10-24-16.03.html
Minutes (text): https://meetbot.fedoraproject.org/ansible-network/2018-10-24/ansible_network_working_group.2018-10-24-16.03.txt
Log: https://meetbot.fedoraproject.org/ansible-network/2018-10-24/ansible_network_working_group.2018-10-24-16.03.log.html

@justjais

This comment has been minimized.

Copy link
Contributor

commented Oct 31, 2018

2018-10-31

Team status and updates

  • Released VyOS provider 2.6.2 and 2.7.0. Fixed ios_user issue for password-based existing users(#47656). Added support for 25G and 100G interfaces in ios_vlan and ios_l2_interface(#47852)
  • working with cisco on asa firepower module, the role for network operation
  • working on odl integration for l3vpn use case
  • working on network_configurator role and nios bugs

Logs

Minutes: https://meetbot.fedoraproject.org/ansible-network/2018-10-31/ansible_network_working_group.2018-10-31-15.57.html
10:29 PM Minutes (text): https://meetbot.fedoraproject.org/ansible-network/2018-10-31/ansible_network_working_group.2018-10-31-15.57.txt
Log: https://meetbot.fedoraproject.org/ansible-network/2018-10-31/ansible_network_working_group.2018-10-31-15.57.log.html

@mikewiebe

This comment has been minimized.

Copy link
Contributor

commented Nov 14, 2018

Need the following PR Merged:

ansible/ansible#47944 Merged

@Qalthos

This comment has been minimized.

Copy link
Contributor Author

commented Nov 14, 2018

2018-11-14

Team status and updates

  • worked on tower lookup plugin removing tower_cli dependency
  • juniper_junos 2.6.2 and 2.7.0 released
  • cisco_nxos 2.6.2 and 2.7.0 released - updates load function to use cli_config module.
  • work on adding network_cli, netconf, httapi connection session tracing capability

Logs

Minutes: https://meetbot.fedoraproject.org/ansible-network/2018-11-14/ansible_network_working_group.2018-11-14-16.00.html
Minutes (text): https://meetbot.fedoraproject.org/ansible-network/2018-11-14/ansible_network_working_group.2018-11-14-16.00.txt
Log: https://meetbot.fedoraproject.org/ansible-network/2018-11-14/ansible_network_working_group.2018-11-14-16.00.log.html

@amuraleedhar

This comment has been minimized.

Copy link

commented Nov 20, 2018

Need the following PR Merged:
ansible/ansible#48924 - MERGED
ansible/ansible#48154 - MERGED

@Qalthos

This comment has been minimized.

Copy link
Contributor Author

commented Nov 28, 2018

2018-11-28

Team status and updates

  • Fixed nxos_facts neighbors issues
  • Network interface role proposal for nxos
  • Released juniper_junos v2.7.1
  • work in progress to add get function to yang role
  • Released VyOS provider 2.7.1
  • Released cisco_ios 2.6.3
  • system property role and iosxr lldp role
  • add session tracing feature for network_cli
  • Ansible 2.7.2 was released
    Logs

Minutes: https://meetbot.fedoraproject.org/ansible-network/2018-11-28/ansible_network_working_group.2018-11-28-16.06.html
Minutes (text): https://meetbot.fedoraproject.org/ansible-network/2018-11-28/ansible_network_working_group.2018-11-28-16.06.txt
Log: https://meetbot.fedoraproject.org/ansible-network/2018-11-28/ansible_network_working_group.2018-11-28-16.06.log.html

@amuraleedhar

This comment has been minimized.

Copy link

commented Dec 4, 2018

Please merge
ansible/ansible#49467 Merged

@mikewiebe

This comment has been minimized.

Copy link
Contributor

commented Dec 5, 2018

@Qalthos

This comment has been minimized.

Copy link
Contributor Author

commented Dec 12, 2018

2018-12-12

Team status and updates

  • cisco_ios 2.7.0 was released
  • cisco_iosxr 2.7.1 was released
  • network_engine 2.7.2 was released
  • working with skydive network topologies
  • Worked on ansible_facts generation with gather_facts for network platforms.
  • Updated nxapi & eapi httpapi plugins to be more in-line with how httpapi plugins are expected to work

Actions

Logs

Minutes: https://meetbot.fedoraproject.org/ansible-network/2018-12-12/ansible_network_working_group.2018-12-12-16.01.html
Minutes (text): https://meetbot.fedoraproject.org/ansible-network/2018-12-12/ansible_network_working_group.2018-12-12-16.01.txt
Log: https://meetbot.fedoraproject.org/ansible-network/2018-12-12/ansible_network_working_group.2018-12-12-16.01.log.html

@amuraleedhar

This comment has been minimized.

Copy link

commented Dec 14, 2018

@FedericoOlivieri

This comment has been minimized.

Copy link

commented Dec 19, 2018

New IOS NTP module.

- ios_ntp:
    server: 8.8.9.9
    source_int: Loopback0
    acl: NTP_ACL
    logging: true
    key_id: 10
    auth_key: 15435A030726242723273C21181319000A
    auth: true
    state: absent
    provider: "{{ staging }}"

ansible/ansible#49894

@Qalthos

This comment has been minimized.

Copy link
Contributor Author

commented Dec 19, 2018

2018-12-19

Team status and updates

  • Ported vyos provider load & replace to use cli_command and cli_config
  • Working on vyos_ping module
  • Ansible 2.7.5 was released last Thursday
  • No more IRC meetings until 2019-01-02

Actions

Logs

Minutes: https://meetbot.fedoraproject.org/ansible-network/2018-12-19/ansible_network_working_group.2018-12-19-16.00.html
Minutes (text): https://meetbot.fedoraproject.org/ansible-network/2018-12-19/ansible_network_working_group.2018-12-19-16.00.txt
Log: https://meetbot.fedoraproject.org/ansible-network/2018-12-19/ansible_network_working_group.2018-12-19-16.00.log.html

@amuraleedhar

This comment has been minimized.

Copy link

commented Jan 8, 2019

Please merge PR
ansible/ansible#50145 - Review comments Done Merged
ansible/ansible#50641 - New Module Merged

@kbreit

This comment has been minimized.

Copy link

commented May 23, 2019

IRC: mrproper

@xuxiaowei0512

This comment has been minimized.

Copy link

commented May 28, 2019

@samerd

This comment has been minimized.

Copy link

commented May 28, 2019

Added support for container management in onyx switches:
could you please review and merge:
ansible/ansible#57066

@chaitanyaavi

This comment has been minimized.

@chrisvanheuveln

This comment has been minimized.

Copy link

commented May 29, 2019

Please review and merge several NXOS BFD related PRs:

@kbreit

This comment has been minimized.

Copy link

commented May 31, 2019

IRC: mrproper

@xuxiaowei0512

This comment has been minimized.

Copy link

commented Jun 4, 2019

@mikewiebe

This comment has been minimized.

Copy link
Contributor

commented Jun 4, 2019

Please merge. Reviewed internally and shipit label added.

@mikewiebe

This comment has been minimized.

Copy link
Contributor

commented Jun 4, 2019

Please review and merge: Already reviewed by @trishnaguha but she had one additional comment which has been resolved.

Please merge. Reviewed internally and shipit label added.

@kbreit

This comment has been minimized.

Copy link

commented Jun 6, 2019

IRC: mrproper
Review - ansible/ansible#57289
Review - ansible/ansible#54627 (merged)
Review - ansible/ansible#57286 (merged)
Review - ansible/ansible#53891
Review - ansible/ansible#57562 (merged)
Review - ansible/ansible#56201 (merged)

@chaitanyaavi

This comment has been minimized.

Copy link

commented Jun 12, 2019

Updated as per review comments by @Qalthos
ansible/ansible#57531
ansible/ansible#57116

@xuxiaowei0512

This comment has been minimized.

@kbreit

This comment has been minimized.

Copy link

commented Jun 12, 2019

IRC: mrproper

Feature Enhancements:
Review - ansible/ansible#57708
Review - ansible/ansible#54625

New Module:
Review - ansible/ansible#55485
Review - ansible/ansible#52889

@kbreit

This comment has been minimized.

Copy link

commented Jun 19, 2019

IRC: mrproper

Discussion:

  • Meraki recently added "Action Batches" to their API. This allows someone to call the API with a single request and embed multiple requests within it. It executes the actions in an asynchronous manner. Documentation is available at https://dashboard.meraki.com/api_docs#action-batches. I would like to add support for these in the Meraki modules, but am struggling to come up with an elegant way to implement it.
  • I have spent some time on the httpapi implementation and cannot get it to work for the Meraki modules. The Meraki modules don't require an inventory as there's a single URL the modules hit. Also, there's only a static authentication key with no username or password. Because of this, it seems like it isn't a perfect fit for httpapi and I'd like to discuss this further.

New modules:

Feature Enhancement:

@chaitanyaavi

This comment has been minimized.

Copy link

commented Jun 20, 2019

Discuss on review comments and replies in detail
ansible/ansible#57116

Added new test for Avi's module utils
ansible/ansible#58382

@xuxiaowei0512

This comment has been minimized.

@grastogi23

This comment has been minimized.

Copy link

commented Jun 26, 2019

Discuss on review comments and replies in detail
ansible/ansible#57116

Added new test for Avi's module utils
ansible/ansible#58382

we are stuck in-between in travel connection. Please skip this for this week's agenda. We will add it back next week.

@pabelanger

This comment has been minimized.

@kbreit

This comment has been minimized.

Copy link

commented Jul 2, 2019

IRC: mrproper

Discussion:

  • I have spent some time on the httpapi implementation and cannot get it to work for the Meraki modules. The Meraki modules don't require an inventory as there's a single URL the modules hit. Also, there's only a static authentication key with no username or password. Because of this, it seems like it isn't a perfect fit for httpapi and I'd like to discuss this further.

New modules:

Feature Enhancement:

@chaitanyaavi

This comment has been minimized.

Copy link

commented Jul 3, 2019

Discuss on review comments and replies in detail
ansible/ansible#57116

Added new test for Avi's module utils
ansible/ansible#58382

Added new lookup module
ansible/ansible#58667

@chaitanyaavi

This comment has been minimized.

Copy link

commented Jul 10, 2019

@xuxiaowei0512

This comment has been minimized.

Copy link

commented Jul 10, 2019

If it is possible, please give me a review and approve.
Thanks a lot.
ansible/ansible#58077
ansible/ansible#58249

@pabelanger

This comment has been minimized.

Copy link

commented Jul 10, 2019

Sorry for the short notice, but today we'll be cancelling our weekly meeting. There is a conflict with the network team and internal meeting. We well review the patches above and leave comments / merge as needed.

@yaplej

This comment has been minimized.

Copy link

commented Jul 11, 2019

Hope to get a resolution for these issues.
ansible/ansible#43996
ansible/ansible#43861

@kbreit

This comment has been minimized.

Copy link

commented Jul 17, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.