Revert "[bgp] Add 'allow list' manager feature (sonic-net#5309)"

This reverts commit 6eed082.

Author: lguohan

dockers/docker-fpm-frr/frr/bgpd/templates/general/peer-group.conf.j2

@@ -24,7 +24,7 @@
 {% if CONFIG_DB__DEVICE_METADATA['localhost']['type'] == 'ToRRouter' %}
     neighbor PEER_V6 allowas-in 1
     neighbor PEER_V6_INT allowas-in 1
-{% endif %}
+  {% endif %}
 {% if CONFIG_DB__DEVICE_METADATA['localhost']['sub_role'] == 'BackEnd' %}
     neighbor PEER_V6_INT route-reflector-client
 {% endif %}

dockers/docker-fpm-frr/frr/bgpd/templates/general/policies.conf.j2

@@ -3,33 +3,6 @@
 !
 !
 !
-{% if constants.bgp.allow_list is defined and constants.bgp.allow_list.enabled is defined and constants.bgp.allow_list.enabled %}
-{%   if constants.bgp.allow_list.default_action is defined and constants.bgp.allow_list.default_action.strip() == 'deny' %}
-route-map ALLOW_LIST_DEPLOYMENT_ID_0_V4 permit 65535
-  set community no-export additive
-!
-route-map ALLOW_LIST_DEPLOYMENT_ID_0_V6 permit 65535
-  set community no-export additive
-{%   else %}
-route-map ALLOW_LIST_DEPLOYMENT_ID_0_V4 permit 65535
-  set community {{ constants.bgp.allow_list.drop_community }} additive
-!
-route-map ALLOW_LIST_DEPLOYMENT_ID_0_V6 permit 65535
-  set community {{ constants.bgp.allow_list.drop_community }} additive
-{%   endif %}
-!
-route-map FROM_BGP_PEER_V4 permit 2
-  call ALLOW_LIST_DEPLOYMENT_ID_0_V4
-  on-match next
-!
-route-map FROM_BGP_PEER_V6 permit 2
-  call ALLOW_LIST_DEPLOYMENT_ID_0_V6
-  on-match next
-!
-{% endif %}
-!
-!
-!
 route-map FROM_BGP_PEER_V4 permit 100
 !
 route-map TO_BGP_PEER_V4 permit 100

files/image_config/constants/constants.yml

@@ -18,18 +18,6 @@ constants:
       enabled: true
       ipv4: 64
       ipv6: 64
-    allow_list:
-      enabled: true
-      default_action: "permit"   # or "deny"
-      drop_community: 5060:12345  # value of the community to identify a prefix to drop. Make sense only with allow_list_default_action equal to 'permit'
-      default_pl_rules:
-        v4:
-          - "deny 0.0.0.0/0 le 17"
-          - "permit 127.0.0.1/32"
-        v6:
-          - "deny 0::/0 le 59"
-          - "deny 0::/0 ge 65"
-          - "permit fe80::/64"
     peers:
       general: # peer_type
         db_table: "BGP_NEIGHBOR"

rules/sonic_bgpcfgd.mk

@@ -6,7 +6,6 @@ $(SONIC_BGPCFGD)_SRC_PATH = $(SRC_PATH)/sonic-bgpcfgd
 # of sonic-config-engine and bgpcfgd explicitly calls sonic-cfggen
 # as part of its unit tests.
 # TODO: Refactor unit tests so that these dependencies are not needed
-$(SONIC_BGPCFGD)_DEPENDS += $(SONIC_PY_COMMON_PY2)
-$(SONIC_BGPCFGD)_DEBS_DEPENDS += $(LIBSWSSCOMMON) $(PYTHON_SWSSCOMMON)
+$(SONIC_BGPCFGD)_DEPENDS += $(SWSSSDK_PY2) $(SONIC_PY_COMMON_PY2)
 $(SONIC_BGPCFGD)_PYTHON_VERSION = 2
 SONIC_PYTHON_WHEELS += $(SONIC_BGPCFGD)

src/sonic-bgpcfgd/.gitignore

@@ -6,4 +6,3 @@ app/*.pyc
 tests/*.pyc
 tests/__pycache__/
 .idea
-.coverage

src/sonic-bgpcfgd/app/allow_list.py

@@ -10,33 +10,19 @@ class ConfigMgr(object):
     """ The class represents frr configuration """
     def __init__(self):
         self.current_config = None
-        self.current_config_raw = None
 
     def reset(self):
         """ Reset stored config """
         self.current_config = None
-        self.current_config_raw = None
 
     def update(self):
         """ Read current config from FRR """
         self.current_config = None
-        self.current_config_raw = None
         ret_code, out, err = run_command(["vtysh", "-c", "show running-config"])
         if ret_code != 0:
-            # FIXME: should we throw exception here?
             log_crit("can't update running config: rc=%d out='%s' err='%s'" % (ret_code, out, err))
             return
-        text = []
-        for line in out.split('\n'):
-            if line.lstrip().startswith('!'):
-                continue
-            text.append(line)
-        text += ["     "]  # Add empty line to have something to work on, if there is no text
-        self.current_config_raw = text
-        self.current_config = self.to_canonical(out)  # FIXME: use test as an input
-
-    def push_list(self, cmdlist):
-        return self.push("\n".join(cmdlist))
+        self.current_config = self.to_canonical(out)
 
     def push(self, cmd):
         """
@@ -65,12 +51,8 @@ def write(self, cmd):
             log_err("ConfigMgr::push(): can't push configuration '%s', rc='%d', stdout='%s', stderr='%s'" % err_tuple)
         if ret_code == 0:
             self.current_config = None  # invalidate config
-            self.current_config_raw = None
         return ret_code == 0
 
-    def get_text(self):
-        return self.current_config_raw
-
     @staticmethod
     def to_canonical(raw_config):
         """

src/sonic-bgpcfgd/app/config.py

@@ -1 +1 @@
-g_debug = True  # FIXME: read from env variable, or from constants
+g_debug = False

src/sonic-bgpcfgd/app/directory.py

@@ -15,13 +15,10 @@ import jinja2
 import netaddr
 from swsscommon import swsscommon
 
-from app.directory import Directory
-from app.manager import Manager
 from app.vars import g_debug
 from app.log import log_debug, log_notice, log_info, log_warn, log_err, log_crit
 from app.template import TemplateFabric
 from app.config import ConfigMgr
-from app.allow_list import BGPAllowListMgr
 from app.util import run_command
 
 g_run = True
@@ -849,7 +846,7 @@ def wait_for_daemons(daemons, seconds):
 def read_constants():
     """ Read file with constants values from /etc/sonic/constants.yml """
     with open('/etc/sonic/constants.yml') as fp:
-        content = yaml.load(fp) # FIXME: , Loader=yaml.FullLoader)
+        content = yaml.load(fp)
         if "constants" not in content:
             log_crit("/etc/sonic/constants.yml doesn't have 'constants' key")
             raise Exception("/etc/sonic/constants.yml doesn't have 'constants' key")
@@ -881,8 +878,6 @@ def main():
         BGPPeerMgrBase(common_objs, "CONFIG_DB", swsscommon.CFG_BGP_NEIGHBOR_TABLE_NAME, "general", True),
         BGPPeerMgrBase(common_objs, "CONFIG_DB", "BGP_MONITORS", "monitors", True),
         BGPPeerMgrBase(common_objs, "CONFIG_DB", "BGP_PEER_RANGE", "dynamic", False),
-        # AllowList Managers
-        BGPAllowListMgr(common_objs, "CONFIG_DB", "BGP_ALLOWED_PREFIXES"),
     ]
     runner = Runner()
     for mgr in managers: