Add SONiC flavor to support migration (#114)

robertvolkmann · web-flow · commit d524ce8417c0 · 2022-07-29T13:12:12.000+02:00
* Add make target to download SONiC QEMU image
* Add python script to provision the virtual machine via telnet
* Add additional topology file for SONiC
diff --git a/.gitignore b/.gitignore
@@ -8,3 +8,4 @@ ansible-common
 metal-hammer*
 requirements.yaml
 .extra_vars.yaml
+sonic-vs.img
diff --git a/Makefile b/Makefile
@@ -18,11 +18,18 @@ MINI_LAB_VM_IMAGE := $(or $(MINI_LAB_VM_IMAGE),ghcr.io/metal-stack/mini-lab-vms:
 
 MACHINE_OS=ubuntu-20.04
 
+SONIC_REMOTE_IMG := https://sonic-build.azurewebsites.net/api/sonic/artifacts?branchName=master&platform=vs&buildId=125016&target=target%2Fsonic-vs.img.gz
+
 # Machine flavors
 ifeq ($(MINI_LAB_FLAVOR),default)
 LAB_MACHINES=machine01,machine02
+LAB_TOPOLOGY=mini-lab.cumulus.yaml
 else ifeq ($(MINI_LAB_FLAVOR),cluster-api)
 LAB_MACHINES=machine01,machine02,machine03
+LAB_TOPOLOGY=mini-lab.cumulus.yaml
+else ifeq ($(MINI_LAB_FLAVOR),sonic)
+LAB_MACHINES=machine01,machine02
+LAB_TOPOLOGY=mini-lab.sonic.yaml
 else
 $(error Unknown flavor $(MINI_LAB_FLAVOR))
 endif
@@ -70,8 +77,8 @@ partition: partition-bake
 .PHONY: partition-bake
 partition-bake:
 	# docker pull $(MINI_LAB_VM_IMAGE)
-	@if ! sudo containerlab --topo mini-lab.clab.yaml inspect | grep -i running > /dev/null; then \
-		sudo --preserve-env containerlab deploy --topo mini-lab.clab.yaml --reconfigure && \
+	@if ! sudo containerlab --topo $(LAB_TOPOLOGY) inspect | grep -i running > /dev/null; then \
+		sudo --preserve-env containerlab deploy --topo $(LAB_TOPOLOGY) --reconfigure && \
 		./scripts/deactivate_offloading.sh; fi
 
 .PHONY: env
@@ -110,7 +117,7 @@ cleanup-control-plane:
 
 .PHONY: cleanup-partition
 cleanup-partition:
-	sudo containerlab destroy --topo mini-lab.clab.yaml
+	sudo containerlab destroy --topo $(LAB_TOPOLOGY)
 
 .PHONY: _privatenet
 _privatenet: env
@@ -222,3 +229,6 @@ dev-env:
 .PHONY: build-vms-image
 build-vms-image:
 	cd images && docker build -f Dockerfile.vms -t $(MINI_LAB_VM_IMAGE) . && cd -
+
+sonic-vs.img:
+	curl --location --output - "${SONIC_REMOTE_IMG}" | gunzip > sonic-vs.img
diff --git a/README.md b/README.md
@@ -208,6 +208,7 @@ There's few versions of mini-lab environment that you can run. We call them flav
 
 - `default` -- runs 2 machines.
 - `cluster-api` -- runs 3 machines. Usefull for testing Control plane and worker node deployment with [Cluster API provider](https://github.com/metal-stack/cluster-api-provider-metalstack).
+- `sonic` -- use SONiC as network operating system for the leaves
 
 In order to start specific flavor, you can define the flavor as follows:
 
diff --git a/mini-lab.cumulus.yaml b/mini-lab.cumulus.yaml
diff --git a/mini-lab.sonic.yaml b/mini-lab.sonic.yaml
@@ -0,0 +1,37 @@
+name: mini-lab
+prefix: ""
+
+mgmt:
+  network: bridge
+
+topology:
+  kinds:
+    linux:
+      image: ${MINI_LAB_VM_IMAGE}
+      binds:
+        - /dev:/dev
+        - scripts:/mini-lab
+
+  nodes:
+    leaf01:
+      kind: linux
+      binds:
+        - files/ssh/id_rsa.pub:/id_rsa.pub
+        - sonic-vs.img:/sonic-vs.img
+      cmd: /mini-lab/sonic_entrypoint.py
+    leaf02:
+      kind: linux
+      binds:
+        - files/ssh/id_rsa.pub:/id_rsa.pub
+        - sonic-vs.img:/sonic-vs.img
+      cmd: /mini-lab/sonic_entrypoint.py
+    vms:
+      kind: linux
+
+  links:
+    - endpoints: ["leaf01:eth1", "vms:lan0"]
+    - endpoints: ["leaf02:eth1", "vms:lan1"]
+    - endpoints: ["leaf01:eth2", "vms:lan2"]
+    - endpoints: ["leaf02:eth2", "vms:lan3"]
+    - endpoints: ["leaf01:eth3", "vms:lan4"]
+    - endpoints: ["leaf02:eth3", "vms:lan5"]
diff --git a/scripts/mirror_tap_to_eth.sh b/scripts/mirror_tap_to_eth.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# Script is taken from https://netdevops.me/2021/transparently-redirecting-packets/frames-between-interfaces/
+# Read it for better understanding
+
+set -o errexit
+
+TAP_IF=$1
+# get interface index number up to 3 digits (everything after first three chars)
+# tap0 -> 0
+# tap123 -> 123
+INDEX=${TAP_IF:3:3}
+
+ip link set $TAP_IF up
+
+# create tc eth<->tap redirect rules
+tc qdisc add dev eth$INDEX ingress
+tc filter add dev eth$INDEX parent ffff: protocol all matchall action mirred egress redirect dev $TAP_IF
+
+tc qdisc add dev $TAP_IF ingress
+tc filter add dev $TAP_IF parent ffff: protocol all matchall action mirred egress redirect dev eth$INDEX
diff --git a/scripts/sonic_entrypoint.py b/scripts/sonic_entrypoint.py
@@ -0,0 +1,194 @@
+#!/usr/bin/python3
+import fcntl
+import logging
+import os
+import signal
+import socket
+import struct
+import subprocess
+import sys
+import telnetlib
+import time
+
+BASE_IMG = '/sonic-vs.img'
+USER = 'admin'
+PASSWORD = 'YourPaSsWoRd'
+
+
+class Qemu:
+    def __init__(self, name: str, memory: str, interfaces: int):
+        self._name = name
+        self._memory = memory
+        self._interfaces = interfaces
+        self._p = None
+        self._disk = '/overlay.img'
+
+    def prepare_overlay(self, base: str) -> None:
+        cmd = [
+            'qemu-img',
+            'create',
+            '-f', 'qcow2',
+            '-b', base,
+            self._disk,
+        ]
+        subprocess.run(cmd, check=True)
+
+    def start(self) -> None:
+        cmd = [
+            'qemu-system-x86_64',
+            '-cpu', 'host',
+            '-display', 'none',
+            '-enable-kvm',
+            '-machine', 'q35',
+            '-name', self._name,
+            '-m', self._memory,
+            '-drive', f'if=virtio,format=qcow2,file={self._disk}',
+            '-serial', 'telnet:127.0.0.1:5000,server,nowait',
+        ]
+
+        for i in range(self._interfaces):
+            with open(f'/sys/class/net/eth{i}/address', 'r') as f:
+                mac = f.read().strip()
+            cmd.append('-device')
+            cmd.append(f'virtio-net,netdev=hn{i},mac={mac}')
+            cmd.append(f'-netdev')
+            cmd.append(f'tap,id=hn{i},ifname=tap{i},script=/mini-lab/mirror_tap_to_eth.sh,downscript=no')
+
+        self._p = subprocess.Popen(cmd)
+
+    def wait(self) -> None:
+        self._p.wait()
+
+
+class Telnet:
+    def __init__(self):
+        self._tn: telnetlib.Telnet | None = None
+
+    def connect(self, host: str, port: int, max_retries=60) -> bool:
+        for i in range(1, max_retries + 1):
+            try:
+                self._tn = telnetlib.Telnet(host, port)
+                return True
+            except:
+                time.sleep(1)
+            if i == max_retries:
+                return False
+
+    def close(self):
+        self._tn.close()
+
+    def wait_until(self, match: str):
+        self._tn.read_until(match.encode('ascii'))
+
+    def write_and_wait(self, data: str, match: str = '$ ') -> str:
+        self._tn.write(data.encode('ascii') + b'\n')
+        return self._tn.read_until(match.encode('ascii')).decode('utf-8')
+
+    def write_test(self, data: str) -> str:
+        self._tn.write(data.encode('ascii') + b'\n')
+        time.sleep(5)
+        return self._tn.read_some().decode('utf-8')
+
+
+def main():
+    signal.signal(signal.SIGINT, handle_exit)
+    signal.signal(signal.SIGTERM, handle_exit)
+
+    logging.basicConfig(level=logging.INFO, stream=sys.stdout)
+    logger = logging.getLogger()
+
+    name = os.getenv('CLAB_LABEL_CLAB_NODE_NAME', default='switch')
+    memory = os.getenv('VM_MEMORY', default='2048')
+    interfaces = int(os.getenv('CLAB_INTFS', 0)) + 1
+
+    logger.info(f'Waiting for {interfaces} interfaces to be connected')
+    wait_until_all_interfaces_are_connected(interfaces)
+
+    vm = Qemu(name, memory, interfaces)
+
+    logger.info('Prepare disk')
+    vm.prepare_overlay(BASE_IMG)
+
+    logger.info('Start QEMU')
+    vm.start()
+
+    logger.info('Try to connect via telnet...')
+    tn = Telnet()
+    if not tn.connect('127.0.0.1', 5000):
+        logger.error('Cannot connect to telnet server')
+        sys.exit(1)
+
+    logger.info('Connected via telnet and waiting for login prompt')
+    tn.wait_until('login: ')
+
+    logger.info('Try to login')
+    tn.write_and_wait(USER, 'Password: ')
+    tn.write_and_wait(PASSWORD)
+
+    logger.info('Authorize ssh key')
+    authorize_ssh_key(tn)
+
+    logger.info('Wait until config-setup is done')
+    if not wait_until_config_setup_is_done(tn):
+        logger.error('config-setup still not done')
+        sys.exit(1)
+
+    net = get_ip_address('eth0') + '/16'
+    logger.info(f'Configure {net} on eth0')
+    tn.write_and_wait(f'sudo config interface ip add eth0 {net}')
+    tn.write_and_wait('sudo config save --yes')
+
+    tn.close()
+
+    logger.info('Wait until QEMU terminated')
+    vm.wait()
+
+
+def handle_exit(signal, frame):
+    sys.exit(0)
+
+
+def wait_until_all_interfaces_are_connected(interfaces: int) -> None:
+    while True:
+        i = 0
+        for iface in os.listdir('/sys/class/net/'):
+            if iface.startswith('eth'):
+                i += 1
+        if i == interfaces:
+            break
+        time.sleep(1)
+
+
+def get_ip_address(iface: str) -> str:
+    # Source: https://bit.ly/3dROGBN
+    s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+    return socket.inet_ntoa(fcntl.ioctl(
+        s.fileno(),
+        0x8915,  # SIOCGIFADDR
+        struct.pack('256s', iface.encode('utf_8'))
+    )[20:24])
+
+
+def wait_until_config_setup_is_done(tn: Telnet, max_retries: int = 60) -> bool:
+    for i in range(1, max_retries + 1):
+        # updategraph is started after the config-setup
+        result = tn.write_and_wait('systemctl is-active updategraph')
+        if not 'inactive' in result:
+            return True
+        time.sleep(1)
+        if i == max_retries:
+            return False
+
+
+def authorize_ssh_key(tn: Telnet) -> None:
+    with open('/id_rsa.pub') as f:
+        key = f.read().strip()
+
+    tn.write_and_wait(f'echo "{key}" > authorized_keys')
+    tn.write_and_wait('sudo mkdir /root/.ssh')
+    tn.write_and_wait('sudo chmod 0600 /root/.ssh')
+    tn.write_and_wait('sudo cp authorized_keys /root/.ssh/')
+
+
+if __name__ == '__main__':
+    main()
