Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[202012] Minigraph parser changes for storage backend acl #11267

Merged
merged 9 commits into from
Jul 8, 2022
Merged

[202012] Minigraph parser changes for storage backend acl #11267

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
b1a946d
Minigraph parser changes for storage backend acl
neethajohn Jun 22, 2022
02daed6
Add testcase for backend acl generation for leaf device
neethajohn Jun 22, 2022
a988b83
Fix syntax errors
neethajohn Jun 22, 2022
9b82a97
Fix the sample graph file
neethajohn Jun 22, 2022
7ddd655
Ensure port list is unique
neethajohn Jun 22, 2022
15352a5
Fix incorrect number of args
neethajohn Jun 27, 2022
473d7f0
Fix portchannel name
neethajohn Jun 27, 2022
adf394b
Fix storage backend graph
neethajohn Jun 27, 2022
97719a5
Address review comments
neethajohn Jun 30, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 21 additions & 2 deletions src/sonic-config-engine/minigraph.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1048,7 +1048,26 @@ def parse_spine_chassis_fe(results, vni, lo_intfs, phyport_intfs, pc_intfs, pc_m
#
###############################################################################

def filter_acl_table_bindings(acls, neighbors, port_channels, sub_role):
def filter_acl_table_for_backend(acls, vlan_members):
filter_acls = {}
for acl_name, value in acls.items():
if 'everflow' not in acl_name.lower():
filter_acls[acl_name] = value

ports = set()
for vlan, member in vlan_members:
ports.add(member)
filter_acls['DATAACL'] = { 'policy_desc': 'DATAACL',
'stage': 'ingress',
'type': 'L3',
'ports': list(ports)
}
return filter_acls

def filter_acl_table_bindings(acls, neighbors, port_channels, sub_role, device_type, is_storage_device, vlan_members):
if device_type == 'BackEndToRRouter' and is_storage_device:
return filter_acl_table_for_backend(acls, vlan_members)

filter_acls = {}

# If the asic role is BackEnd no ACL Table (Ctrl/Data/Everflow) is binded.
Expand Down Expand Up @@ -1566,7 +1585,7 @@ def parse_xml(filename, platform=None, port_config_file=None, asic_name=None, hw
results['DHCP_RELAY'] = dhcp_relay_table
results['NTP_SERVER'] = dict((item, {}) for item in ntp_servers)
results['TACPLUS_SERVER'] = dict((item, {'priority': '1', 'tcp_port': '49'}) for item in tacacs_servers)
results['ACL_TABLE'] = filter_acl_table_bindings(acls, neighbors, pcs, sub_role)
results['ACL_TABLE'] = filter_acl_table_bindings(acls, neighbors, pcs, sub_role, current_device['type'], is_storage_device, vlan_members)
results['FEATURE'] = {
'telemetry': {
'status': 'enabled'
Expand Down
Loading