Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added grpc config to the mgmt grpc server #1971

Merged
merged 2 commits into from
Apr 4, 2024
Merged

Added grpc config to the mgmt grpc server #1971

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6c4bb83
added grpc config to the mgmt grpc server
hellt Apr 3, 2024
6f57482
remove default tls profile
hellt Apr 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions docs/manual/kinds/srl.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -327,6 +327,17 @@ IP Address:172.20.20.3, IP Address:2001:172:20:20:0:0:0:3

Nokia SR Linux nodes support setting of [SANs](../nodes.md#subject-alternative-names-san).

### gRPC server

Starting with SR Linux 24.3.1, the gRPC server config block is used to configure gRPC-based services such as gNMI, gNOI, gRIBI and P4RT. The factory configuration includes the `mgmt` gRPC server block to which containerlab adds all those services and:

* generated TLS profile
* unix-socket access for gRPC services
* increased rate limit
* trace options

These additions are meant to make all gRPC services available to the user out of the box with the enabled tracing and a custom TLS profile.

### License

SR Linux container can run without a license emulating the datacenter types (7220 IXR) :partying_face:.
Expand Down
19 changes: 10 additions & 9 deletions nodes/srl/version.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,15 +22,6 @@ set / system gnmi-server rate-limit 65000
set / system gnmi-server trace-options [ request response common ]
set / system gnmi-server unix-socket admin-state enable`

// grpc contains the grpc server(s) configuration for srlinux versions >= 24.3.
grpcConfig = `set / system grpc-server clab services [ gnmi gnoi gribi p4rt ]
set / system grpc-server clab tls-profile clab-profile
set / system grpc-server clab rate-limit 65000
set / system grpc-server clab network-instance mgmt
set / system grpc-server clab trace-options [ request response common ]
set / system grpc-server clab unix-socket admin-state enable
set / system grpc-server clab admin-state enable`

// aclConfig contains the ACL configuration for srlinux versions >= 24.3 to enable
// non secure telnet and http access to the router which are useful for labs.
aclConfig = `set / acl acl-filter cpm type ipv4 entry 88 description "Containerlab-added rule: Accept incoming Telnet when the other host initiates the TCP connection"
Expand Down Expand Up @@ -63,6 +54,16 @@ set / acl acl-filter cpm type ipv6 entry 188 match ipv6 next-header tcp
set / acl acl-filter cpm type ipv6 entry 188 match transport destination-port operator eq
set / acl acl-filter cpm type ipv6 entry 188 match transport destination-port value 80
set / acl acl-filter cpm type ipv6 entry 188 action accept`

// grpc contains the grpc server(s) configuration for srlinux versions >= 24.3.
grpcConfig = `set / system grpc-server mgmt services [ gnmi gnoi gribi p4rt ]
set / system grpc-server mgmt tls-profile clab-profile
set / system grpc-server mgmt rate-limit 65000
set / system grpc-server mgmt network-instance mgmt
set / system grpc-server mgmt trace-options [ request response common ]
set / system grpc-server mgmt unix-socket admin-state enable
set / system grpc-server mgmt admin-state enable
delete / system grpc-server mgmt default-tls-profile`
)

// SrlVersion represents an sr linux version as a set of fields.
Expand Down
Loading