[TSA]: Add community to the loopback prefix, when isolated (sonic-net#3708)

pavel-shirshov · zhenggen-xu · commit 3cd68d033490 · 2020-01-09T21:21:21.000Z
* Rename asn/deployment_id_asn_map.yaml to constants/constants.yaml

* Fix bgp templates

* Add community for loopback when bgpd is isolated

* Use correct community value
diff --git a/dockers/docker-fpm-frr/TSA b/dockers/docker-fpm-frr/TSA
@@ -3,20 +3,20 @@
 c=0
 config=$(vtysh -c "show run")
 echo "$config" | grep -q "route-map TO_BGP_PEER_V4 permit 2"
-c=$(($c+$?))
+c=$((c+$?))
 echo "$config" | grep -q "route-map TO_BGP_PEER_V4 deny 3"
-c=$(($c+$?))
+c=$((c+$?))
 echo "$config" | grep -q "route-map TO_BGP_PEER_V6 permit 2"
-c=$(($c+$?))
+c=$((c+$?))
 echo "$config" | grep -q "route-map TO_BGP_PEER_V6 deny 3"
-c=$(($c+$?))
+c=$((c+$?))
 
 if [[ $c -eq 4 ]];
 then
-  vtysh -c "configure terminal" -c "route-map TO_BGP_PEER_V4 permit 2" -c "match ip address prefix-list PL_LoopbackV4"
-  vtysh -c "configure terminal" -c "route-map TO_BGP_PEER_V4 deny 3"
-  vtysh -c "configure terminal" -c "route-map TO_BGP_PEER_V6 permit 2" -c "match ipv6 address prefix-list PL_LoopbackV6"
-  vtysh -c "configure terminal" -c "route-map TO_BGP_PEER_V6 deny 3"
+  TSA_FILE=$(mktemp)
+  sonic-cfggen -d -y /etc/sonic/constants.yml -t /usr/share/sonic/templates/bgpd.tsa.isolate.conf.j2 > "$TSA_FILE"
+  vtysh -f "$TSA_FILE"
+  rm -f "$TSA_FILE"
   echo "System Mode: Normal -> Maintenance"
 else
   echo "System is already in Maintenance mode"
diff --git a/dockers/docker-fpm-frr/TSB b/dockers/docker-fpm-frr/TSB
@@ -3,21 +3,20 @@
 c=0
 config=$(vtysh -c "show run")
 echo "$config" | grep -q "route-map TO_BGP_PEER_V4 permit 2"
-c=$(($c+$?))
+c=$((c+$?))
 echo "$config" | grep -q "route-map TO_BGP_PEER_V4 deny 3"
-c=$(($c+$?))
+c=$((c+$?))
 echo "$config" | grep -q "route-map TO_BGP_PEER_V6 permit 2"
-c=$(($c+$?))
+c=$((c+$?))
 echo "$config" | grep -q "route-map TO_BGP_PEER_V6 deny 3"
-c=$(($c+$?))
+c=$((c+$?))
 
 if [[ $c -eq 0 ]];
 then
-  vtysh -c "configure terminal" -c "no route-map TO_BGP_PEER_V4 deny 3"
-  vtysh -c "configure terminal" -c "no route-map TO_BGP_PEER_V4 permit 2"
-  vtysh -c "configure terminal" -c "no route-map TO_BGP_PEER_V6 deny 3"
-  vtysh -c "configure terminal" -c "no route-map TO_BGP_PEER_V6 permit 2"
-
+  TSB_FILE=$(mktemp)
+  sonic-cfggen -d -y /etc/sonic/constants.yml -t /usr/share/sonic/templates/bgpd.tsa.unisolate.conf.j2 > "$TSB_FILE"
+  vtysh -f "$TSB_FILE"
+  rm -f "$TSB_FILE"
   echo "System Mode: Maintenance -> Normal"
 else
   echo "System is already in Normal mode"
diff --git a/dockers/docker-fpm-frr/TSC b/dockers/docker-fpm-frr/TSC
@@ -4,13 +4,13 @@ echo "Traffic Shift Check:"
 c=0
 config=$(vtysh -c "show run")
 echo "$config" | grep -q "route-map TO_BGP_PEER_V4 permit 2"
-c=$(($c+$?))
+c=$((c+$?))
 echo "$config" | grep -q "route-map TO_BGP_PEER_V4 deny 3"
-c=$(($c+$?))
+c=$((c+$?))
 echo "$config" | grep -q "route-map TO_BGP_PEER_V6 permit 2"
-c=$(($c+$?))
+c=$((c+$?))
 echo "$config" | grep -q "route-map TO_BGP_PEER_V6 deny 3"
-c=$(($c+$?))
+c=$((c+$?))
 
 if [[ $c -eq 4 ]];
 then
diff --git a/dockers/docker-fpm-frr/bgpd.conf.default.j2 b/dockers/docker-fpm-frr/bgpd.conf.default.j2
@@ -107,7 +107,7 @@ router bgp {{ DEVICE_METADATA['localhost']['bgp_asn'] }}
 {% if bgp_peer['peer_asn'] is defined %}
   neighbor {{ bgp_peer['name'] }} remote-as {{ bgp_peer['peer_asn'] }}
 {% else %}
-  neighbor {{ bgp_peer['name'] }} remote-as {{ deployment_id_asn_map[DEVICE_METADATA['localhost']['deployment_id']] }}
+  neighbor {{ bgp_peer['name'] }} remote-as {{ constants.deployment_id_asn_map[DEVICE_METADATA['localhost']['deployment_id']] }}
 {% endif %}
   neighbor {{ bgp_peer['name'] }} ebgp-multihop 255
   neighbor {{ bgp_peer['name'] }} soft-reconfiguration inbound
diff --git a/dockers/docker-fpm-frr/bgpd.tsa.isolate.conf.j2 b/dockers/docker-fpm-frr/bgpd.tsa.isolate.conf.j2
@@ -0,0 +1,10 @@
+route-map TO_BGP_PEER_V4 permit 2
+  match ip address prefix-list PL_LoopbackV4
+  set community {{ constants.traffic_shift_community }}
+route-map TO_BGP_PEER_V4 deny 3
+!
+route-map TO_BGP_PEER_V6 permit 2
+  match ipv6 address prefix-list PL_LoopbackV6
+  set community {{ constants.traffic_shift_community }}
+route-map TO_BGP_PEER_V6 deny 3
+!
diff --git a/dockers/docker-fpm-frr/bgpd.tsa.unisolate.conf.j2 b/dockers/docker-fpm-frr/bgpd.tsa.unisolate.conf.j2
@@ -0,0 +1,6 @@
+no route-map TO_BGP_PEER_V4 permit 2
+no route-map TO_BGP_PEER_V4 deny 3
+!
+no route-map TO_BGP_PEER_V6 permit 2
+no route-map TO_BGP_PEER_V6 deny 3
+!
diff --git a/dockers/docker-fpm-frr/start.sh b/dockers/docker-fpm-frr/start.sh
@@ -5,13 +5,13 @@ mkdir -p /etc/frr
 CONFIG_TYPE=`sonic-cfggen -d -v 'DEVICE_METADATA["localhost"]["docker_routing_config_mode"]'`
 
 if [ -z "$CONFIG_TYPE" ] || [ "$CONFIG_TYPE" == "separated" ]; then
-    sonic-cfggen -d -y /etc/sonic/deployment_id_asn_map.yml -t /usr/share/sonic/templates/bgpd.conf.j2 > /etc/frr/bgpd.conf
+    sonic-cfggen -d -y /etc/sonic/constants.yml -t /usr/share/sonic/templates/bgpd.conf.j2 > /etc/frr/bgpd.conf
     sonic-cfggen -d -t /usr/share/sonic/templates/zebra.conf.j2 > /etc/frr/zebra.conf
     sonic-cfggen -d -t /usr/share/sonic/templates/staticd.conf.j2 > /etc/frr/staticd.conf
     echo "no service integrated-vtysh-config" > /etc/frr/vtysh.conf
     rm -f /etc/frr/frr.conf
 elif [ "$CONFIG_TYPE" == "unified" ]; then
-    sonic-cfggen -d -y /etc/sonic/deployment_id_asn_map.yml -t /usr/share/sonic/templates/frr.conf.j2 >/etc/frr/frr.conf
+    sonic-cfggen -d -y /etc/sonic/constants.yml -t /usr/share/sonic/templates/frr.conf.j2 >/etc/frr/frr.conf
     echo "service integrated-vtysh-config" > /etc/frr/vtysh.conf
     rm -f /etc/frr/bgpd.conf /etc/frr/zebra.conf /etc/frr/staticd.conf
 fi
diff --git a/dockers/docker-fpm-quagga/bgpd.conf.j2 b/dockers/docker-fpm-quagga/bgpd.conf.j2
@@ -101,7 +101,7 @@ router bgp {{ DEVICE_METADATA['localhost']['bgp_asn'] }}
 {% if bgp_peer['peer_asn'] is defined %}
   neighbor {{ bgp_peer['name'] }} remote-as {{ bgp_peer['peer_asn'] }}
 {% else %}
-  neighbor {{ bgp_peer['name'] }} remote-as {{ deployment_id_asn_map[DEVICE_METADATA['localhost']['deployment_id']] }}
+  neighbor {{ bgp_peer['name'] }} remote-as {{ constants.deployment_id_asn_map[DEVICE_METADATA['localhost']['deployment_id']] }}
 {% endif %}
   neighbor {{ bgp_peer['name'] }} ebgp-multihop 255
   neighbor {{ bgp_peer['name'] }} soft-reconfiguration inbound
diff --git a/dockers/docker-fpm-quagga/start.sh b/dockers/docker-fpm-quagga/start.sh
@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 
 mkdir -p /etc/quagga
-sonic-cfggen -d -y /etc/sonic/deployment_id_asn_map.yml -t /usr/share/sonic/templates/bgpd.conf.j2 > /etc/quagga/bgpd.conf
+sonic-cfggen -d -y /etc/sonic/constants.yml -t /usr/share/sonic/templates/bgpd.conf.j2 > /etc/quagga/bgpd.conf
 
 sonic-cfggen -d -t /usr/share/sonic/templates/zebra.conf.j2 > /etc/quagga/zebra.conf
 
diff --git a/files/build_templates/sonic_debian_extension.j2 b/files/build_templates/sonic_debian_extension.j2
@@ -235,7 +235,7 @@ sudo bash -c "echo '{ \"DEVICE_METADATA\": { \"localhost\": { \"default_bgp_stat
 sudo cp $IMAGE_CONFIGS/snmp/snmp.yml $FILESYSTEM_ROOT/etc/sonic/
 
 # Copy ASN configuration files
-sudo cp $IMAGE_CONFIGS/asn/deployment_id_asn_map.yml $FILESYSTEM_ROOT/etc/sonic/
+sudo cp $IMAGE_CONFIGS/constants/constants.yml $FILESYSTEM_ROOT/etc/sonic/
 
 # Copy sudoers configuration file
 sudo cp $IMAGE_CONFIGS/sudoers/sudoers $FILESYSTEM_ROOT/etc/
diff --git a/files/image_config/asn/deployment_id_asn_map.yml b/files/image_config/asn/deployment_id_asn_map.yml
diff --git a/files/image_config/constants/constants.yml b/files/image_config/constants/constants.yml
@@ -0,0 +1,4 @@
+constants:
+  deployment_id_asn_map:
+    "1" : 65432
+  traffic_shift_community: 12345:12345
