conditionally render sonic config

metal-stack · Dec 4, 2024 · ea01c31 · ea01c31
1 parent 49588bc
commit ea01c31
Show file tree

Hide file tree

Showing 6 changed files with 25 additions and 29 deletions.
diff --git a/partition/roles/sonic/README.md b/partition/roles/sonic/README.md
@@ -18,6 +18,7 @@ It depends on the `switch_facts` module from `ansible-common`, so make sure modu
 | sonic_ip_masquerade                                        |           | Enable ip masquerading on eth0.                                                                                      |
 | sonic_breakouts                                            |           | The breakout configuration for ports, e.g. `dict('Ethernet0'='4x25G')`                                               |
 | sonic_config_action                                        |           | Either `load` or `reload`. In the latter case all services will be restarted. If not given, defaults to `load`       |
+| sonic_render_config_db_template                            |           | When `true` the `metal.yaml.j2` template will be rendered into `/etc/sonic/config_db.json`                           |
 | sonic_ports                                                |           | Configuration for ports (mtu, fec, have highest precedence). These ports will be up by default.                      |
 | sonic_ports.name                                           |           | The port name.                                                                                                       |
 | sonic_ports.speed                                          |           | Speed of the port.                                                                                                   |

diff --git a/partition/roles/sonic/defaults/main.yaml b/partition/roles/sonic/defaults/main.yaml
@@ -5,6 +5,7 @@ sonic_nameservers: []
 sonic_ip_masquerade: false
 sonic_timezone: Europe/Berlin
 sonic_config_action: load
+sonic_render_config_db_template: true
 
 ## Physical settings
 sonic_ports: []

diff --git a/partition/roles/sonic/tasks/main.yaml b/partition/roles/sonic/tasks/main.yaml
@@ -105,15 +105,18 @@
     fail_msg: The running configuration is incomplete because it does not contain 'BREAKOUT_CFG'.
   when: sonic_breakouts is defined
 
-- name: Render config_db
-  set_fact:
-    config_db: "{{ lookup('template', 'metal.yaml.j2') }}"
-
-- name: Save config_db as JSON file
-  copy:
-    content: "{{ config_db | from_yaml | to_nice_json }}"
-    dest: /etc/sonic/config_db.json
-  notify: "config {{ sonic_config_action }}"
+- name: Render and save config_db
+  when: sonic_render_config_db_template
+  block:
+  - name: Render config_db
+    set_fact:
+      config_db: "{{ lookup('template', 'metal.yaml.j2') }}"
+
+  - name: Save config_db as JSON file
+    copy:
+      content: "{{ config_db | from_yaml | to_nice_json }}"
+      dest: /etc/sonic/config_db.json
+    notify: "config {{ sonic_config_action }}"
 
 - name: Set NTP timezone
   timezone:

diff --git a/partition/roles/sonic/templates/frr.conf.j2 b/partition/roles/sonic/templates/frr.conf.j2
@@ -4,6 +4,7 @@ hostname {{ inventory_hostname }}
 !
 service integrated-vtysh-config
 !
+agentx
 log syslog {{ sonic_frr_syslog_level }}
 {% if sonic_frr_debug_options is defined %}
 {% for option in sonic_frr_debug_options %}

diff --git a/partition/roles/ztp/README.md b/partition/roles/ztp/README.md
@@ -22,11 +22,6 @@ host leaf01 {
 
 For more information on the `ztp.json` format refer to the [documentation](https://github.com/sonic-net/SONiC/blob/master/doc/ztp/ztp.md).
 
-### Noteworthy
-
-With a `ztp.json` file it is possible to provision a SONiC switch entirely via ZTP without using the `sonic` role.
-To achieve this, some of the variables from the `sonic` role are reused in this role.
-They are needed to render the templates for the `/etc/resolv.conf` and the `/etc/sonic/iptables.json`.
 Note that each switch that uses the `ztp.json` file needs an individual `config_db.json`, that it can download at `http://{{ ztp_listen_address }}:{{ ztp_port }}/<hostname>_config_db.json`.
 For example, if the switch's hostname is `r01leaf02`, there should be a file called `r01leaf02_config_db.json` located in `{{ ztp_host_dir_path }}/config/`.
 The configs can be added to the `ztp_additional_files` variable, e.g.
@@ -41,16 +36,13 @@ ztp_additional_files:
 
 ## Variables
 
-| Name                         | Mandatory | Description                                                                                               |
-| ---------------------------- | --------- | --------------------------------------------------------------------------------------------------------- |
-| ztp_nginx_image_name         | yes       | the docker image to use to serve ztp scripts.                                                             |
-| ztp_nginx_image_tag          | yes       | the tag of the docker image to use to serve ztp scripts.                                                  |
-| ztp_host_dir_path            |           | the path to serve ztp scripts from.                                                                       |
-| ztp_listen_address           |           | the address used to serve ztp requests                                                                    |
-| ztp_port                     |           | the port to serve ztp scripts on.                                                                         |
-| ztp_authorized_keys          | yes       | the authorized keys that should be installed by ztp.                                                      |
-| ztp_admin_user               |           | the user for which the authorized keys will be provisioned.                                               |
-| ztp_additional_files         |           | puts additional files into serve directory.                                                               |
-| ztp_sonic_nameservers        |           | the nameservers to put into resolv.conf for sonic                                                         |
-| ztp_sonic_extended_cacl.ipv4 |           | iptables ipv4 rules that should be added as extended Control Plane ACLs (Edgecore Sonic specific feature) |
-| ztp_sonic_extended_cacl.ipv6 |           | iptables ipv6 rules that should be added as extended Control Plane ACLs (Edgecore Sonic specific feature) |
+| Name                 | Mandatory | Description                                                 |
+| -------------------- | --------- | ----------------------------------------------------------- |
+| ztp_nginx_image_name | yes       | the docker image to use to serve ztp scripts.               |
+| ztp_nginx_image_tag  | yes       | the tag of the docker image to use to serve ztp scripts.    |
+| ztp_host_dir_path    |           | the path to serve ztp scripts from.                         |
+| ztp_listen_address   |           | the address used to serve ztp requests                      |
+| ztp_port             |           | the port to serve ztp scripts on.                           |
+| ztp_authorized_keys  | yes       | the authorized keys that should be installed by ztp.        |
+| ztp_admin_user       |           | the user for which the authorized keys will be provisioned. |
+| ztp_additional_files |           | puts additional files into serve directory.                 |
diff --git a/partition/roles/ztp/tasks/main.yaml b/partition/roles/ztp/tasks/main.yaml
@@ -23,8 +23,6 @@
     dest: "{{ ztp_host_dir_path }}/config/{{ item | splitext | first }}"
     mode: 0644
   loop:
-    - iptables.json.j2
-    - resolv.conf.j2
     - ztp.json.j2
     - ztp.sh.j2