New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Web UI for switch management #3
Comments
I'm no good at anything but I can write a developer's version of the UI, can you add a tag of "needing-help" to those issues you think you can be helped with? I'd like to do my part to keep these switches out of a landfill and get myself cheaper switches. Edit: is there some specific software that could be supported or would running docker on device be a possibility. |
There is no support for Docker, nor will there be as the switch runs a fixed kernel version (3.18.123) and has very limited resources (~5MB flash available, 128MB of RAM). There is uhttpd present in the firmware. Looking at the source code, uhttpd appears to have support for HTTP POST/PUT, but perhaps that requires Lua or a more complex configuration than I have currently. |
Yeah, that's gonna be a tight fit even with PHP... I wonder if we could just expose a basic serial interface or something. I'm gonna go hunt down for one of these switches. Edit: Is it possible to extract an image from one of these devices (just an vmdk equivalent?). I'd love to take a crack at it using a VM (5mb is enough for a static site but you need something to execute your commands) |
There is an early image that Hal built and linked in the build instructions Google Doc. Just checked and lighthttpd is on there under /usr/sbin, and starts up with a basic config happily enough. |
Buildroot offers several options for web servers, including lighthttpd instead of uhttpd is possible.
5MB is currently the space allocated to JFFS2, which is the user-storage portion of the firmware. That is to say, you can use all 5MB, but then you won't have space for any persistent storage. My thinking was as follows:
This is very simple and won't require anything advanced running on the switch. Using inotify in C or bash is simple and will not consume much space. Likewise, using GET/POST in a web server is simple and probably supported by the HTTP options available in buildroot, we simply need to find the right choice and build it. IMHO, the best way forward is an HTTP server and a static website that runs on the client with JS to manipulate settings. Anything else requires too much space and/or increases complexity. |
Yes and no. If you want similar user space, you can use buildroot to build an x86 VM with the same commands and storage size. You will not have the |
Hal sent me an email with a cheap testing switch I can use. Based on the existing from the configuration ticket, I'm going with this. The UI will allow you to change the credentials (logging in assumes you have proper rights) I'm thinking of just a basic static site that just reads in the config. I'm going to get lighthttpd running locally to see what this looks like. |
@halmartin @randlor I've pushed up a basic version of what I have to the freeraki-ui repo here (https://github.com/WriteCodeEveryday/freeraki-ui). Not super secure since there's no server side component but it can do the job for now. I'm gonna mess around the lighttpd and see what it takes to get a basic server to put those files available and process the POST request for the user saving it. |
@WriteCodeEveryday, off to a great start. I've got a basic lighttpd config with your UI up and running on the switch, just messing around with WebDAV now to see how we can get the POST processed. Regarding authentication, could we perhaps leverage mod_auth to handle this rather than doing it in script? |
@randlor If we do mod_auth, we can use the sha256 that's being sent by the app. Here's what I'm thinking
I'm not real good on embedded development (work on massive React apps that need at least 1Gb of RAM) so I'm not caught up on WebDAV but everything I see so far points to POST not being super viable here (https://stackoverflow.com/a/22606899). |
Got the MS42 in the mail (thanks for the right direction on cheap @halmartin), I'm gonna try building it using Leo's Notes but I'm a little short on knowledge for sure (also lacking a proper build environment as I am running on a PopOS Debian Live CD due to a Windows incident) |
Leo's approach is an entirely different firmware which utilizes Meraki's binaries for switch management (notably, I have written instructions on how to install the firmware built from this repository, which in my opinion is actually easier than Leo's method as you only need to flash the SPI flash. Using the buildroot firmware, there is no need to transfer files over serial or modify the contents of NAND. If you wish, I can provide a recent firmware build that includes Note that you will need an SPI programmer and a SOIC-16 chip clip, or a soldering iron and "dupont" prototype wires. |
@WriteCodeEveryday I used a Raspberry Pi instead of an SPI programmer, with a SOIC clip and DuPont wires. Saves all the pain of soldering, much much easier. @halmartin is there a more recent build than 0722 available? |
@randlor it's a bit more complex on the MS42, as the SOIC flash is underneath the PCB, requiring you to remove the PCB from the chassis to access the chip. There is a header you can solder to on the top of the board, that's what I've done. I will update the installation instructions to include the MS42. Edit: the installation docs have been updated with instructions for the MS42. |
@halmartin your helpfulness shall be rewarded with an epic UI that will be full of blinklies and hot pink (or just a working build) 👍 |
I have written a small, terrible shell script to print the current status of the switch ports as JSON: switch_status Here is what the output looks like on my MS220-8P with port 1 connected and SFPs installed in ports 9 and 10:
This might be helpful for displaying the status of the switch in the web UI. |
A shell CGI script and a bit of lighttpd config (mod-auth, mod-cgi) should get you going with 0 dependencies. As for the json, why not make ports an array? Seems the natural way to model a switch, maybe something like: {
"device": "Meraki MS220-8P",
"version": "1.2.3-beta",
"date": "2020-04-23T18:25:43.511Z",
"ports": [
{
"port_number": 1,
"pvid": 1,
"vlans": [1, 10],
"tagged": true,
"stp": true,
"lacp": false,
"poe": {
"enabled": true,
"mode": "802.3af"
}
},
{
"port_number": 2,
"pvid": 1,
"vlans": [10],
"tagged": true,
"stp": true,
"lacp": false,
"poe": {
"enabled": true,
"mode": "802.3af"
}
}
]
} |
Good suggestions, I've implemented the following changes:
|
That looks better however looks like you are mixing status with configuration maybe. If you are going to build a web config interface you want those 2 things to be separate documents I think. I can think of a |
I think it's fine to have them in the same document, the biggest issue is removing that username/password out of the configuration. I'm almost done moving and will begin flashing my little meraki and getting back into this. |
In case anyone is still interested, I decided to play with this over the weekend (https://github.com/hall/freeraki-ui). Made a few changes but happy to be contested on the right approach. Here's a screenshot, using the last file posted in the comments here (extrapolated out to 10 ports). Some of the changes include
Need to add a legend but I think most, if not all, of the currently-discussed config is represented. |
Alright -- not very familiar with buildroot and didn't want to re-flash my device if I didn't have to so I got things working with uhttpd. The install docs should be able to get the UI setup (you'll need the incoming config daemon to actually have the settings applied but you can at least see the The API is currently a super simple CGI script that just reads and writes You might also have to add Let us know if you try it out and, if you do, what breaks. @halmartin, not sure what you had in mind for where this code should eventually exist but I'll start a PR to this repo if you feel it belongs here. |
I tried to build the UI following the instructions in the repo, but I got the following error:
I am not a Node person, so I don't know what to do to solve this. |
I believe it just doesn't like your version of node. This FROM node:14-alpine
RUN apk add --no-cache zip
COPY . /opt/freeraki-ui
WORKDIR /opt/freeraki-ui
RUN npm i
RUN npm run build Just pushed a change to build it in docker with one command:
|
I think 1 & 2 are because the latest version expects 3 is valid. I'll remove PoE options if the config isn't present. Unrelated, but I'm also considering making the bottom section a table so all ports can be viewed together instead of needing to click through each one. |
Pushed a commit to only show PoE enable and mode options if the |
I like the table view! What about also applying a light shading of a port based on the status? e.g. white for disconnected, orange for 100M, green for 1000M, and something (plaid?) for 10000M |
A few more updates:
Another feature I think would be really useful is if we could determine the hostname of the device attached to a port. I did a little digging on how to do that but have, so far, come up empty handed. Anyone happen to know a way to do that? |
LLDP? But the host would have to run it as well. |
Hm, I'm hoping for an approach with fewer to no (extra) requirements of the devices on the network. I found
|
Maybe you know something I don't, but how do you associate a MAC address to a port? What about a port which leads to another switch? What about a host with a static IP address with no reverse DNS record on the port? |
Oh, I have no idea 😁 I'm just poking around to see what I can find out. This SO answer seems to suggest that it's possible (for OpenWRT, at least) with some effort but I'm not certain how much of that applies here.
Yeah, I don't think the arp table is entirely helpful as a source of truth since we (for display on the UI) only care about directly connected devices.
I'm just looking for some way to ID the device connected on a particular port so a static IP address is just a good if there's no DNS record available. Looking at screenshots of other switch interfaces online, it doesn't seem like this is a standard feature (and, after a bit more searching, may not even be possible). |
HI! This is a bit out dated, but I have a fleet of meraki paperweights that I would like to revive. |
Hi @gothixkhan! Well, as I see it, you can either continue this PR, or create your own UI 😄 I am happy to address any questions you have about the firmware, just drop me an email! |
@gothixkhan, having an extra pair of hands working toward wrapping this up would be nice. If you have the time/desire to help get this into a more robust state, I'd be happy to work with you (and/or others) to pick it back up; fluctuating motivation is the only reason it's currently stalled on my end 🙃 The overall state (of the postmerkos-ui repo) is that it was (almost) fully implemented in bash but that proved too slow so it's being rewritten in C. The basics should all be in place but it's not feature complete. Happy to create some issues there if you want to help push some of that forward. |
There is no UI in the firmware to configure the switch. Users are required to use SSH if they want to make changes to the switch configuration. This is not a great user experience, as even simple layer 2 switches include web management (though often not SSH).
Please see #2 for my thoughts on how switch configuration could work on the backend, and how it might make development of a management UI simpler.
I am not good at front-end development, nor do I have time/desire to write a Web UI for the firmware. This issue is a placeholder for anyone else who is interested in writing a management UI.
The text was updated successfully, but these errors were encountered: