Add mgmt handling to hostcfgd

Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com>

Author: fastiuk

scripts/hostcfgd

@@ -1299,6 +1299,98 @@ class DeviceMetaCfg(object):
             syslog.syslog(syslog.LOG_ERR, msg)
 
 
+class MgmtIfaceCfg(object):
+    """
+    MgmtIfaceCfg Config Daemon
+    Handles changes in MGMT_INTERFACE, MGMT_VRF_CONFIG tables.
+    1) Handle change of interface ip
+    2) Handle change of management VRF state
+    """
+
+    def __init__(self):
+        self.iface_config_data = {}
+        self.mgmt_vrf_enabled = ''
+
+    def load(self, mgmt_iface={}, mgmt_vrf={}):
+        # Get initial data
+        self.iface_config_data = mgmt_iface
+        self.mgmt_vrf_enabled = mgmt_vrf.get('mgmtVrfEnabled', '')
+        syslog.syslog(syslog.LOG_DEBUG,
+                      f'Initial mgmt interface conf: {self.iface_config_data}')
+        syslog.syslog(syslog.LOG_DEBUG,
+                      f'Initial mgmt VRF state: {self.mgmt_vrf_enabled}')
+
+    def update_mgmt_iface(self, iface, key, data):
+        """Handle update management interface config
+        """
+        syslog.syslog(syslog.LOG_DEBUG, 'MgmtIfaceCfg: mgmt iface update')
+
+        # Restart management interface service when config was changed
+        if data != self.iface_config_data.get(key):
+            cfg = {key: data}
+            syslog.syslog(syslog.LOG_INFO, f'MgmtIfaceCfg: Set new interface '
+                                           f'config {cfg} for {iface}')
+            try:
+                run_cmd('sudo systemctl restart interfaces-config', True, True)
+                run_cmd('sudo systemctl restart ntp-config', True, True)
+            except subprocess.CalledProcessError:
+                syslog.syslog(syslog.LOG_ERR, f'Failed to restart management '
+                              'interface services')
+                return
+
+            self.iface_config_data[key] = data
+
+    def update_mgmt_vrf(self, data):
+        """Handle update management VRF state
+        """
+        syslog.syslog(syslog.LOG_DEBUG, 'MgmtIfaceCfg: mgmt vrf state update')
+
+        # Restart mgmt vrf services when mgmt vrf config was changed.
+        # Empty not allowed.
+        enabled = data.get('mgmtVrfEnabled', '')
+        if not enabled or enabled == self.mgmt_vrf_enabled:
+            return
+
+        syslog.syslog(syslog.LOG_INFO, f'Set mgmt vrf state {enabled}')
+
+        # Restart related vrfs services
+        try:
+            run_cmd('service ntp stop', True, True)
+            run_cmd('systemctl restart interfaces-config', True, True)
+            run_cmd('service ntp start', True, True)
+        except subprocess.CalledProcessError:
+            syslog.syslog(syslog.LOG_ERR, f'Failed to restart management vrf '
+                          'services')
+            return
+
+        # Remove mgmt if route
+        if enabled == 'true':
+            """
+            The regular expression for grep in below cmd is to match eth0 line
+            in /proc/net/route, sample file:
+            $ cat /proc/net/route
+            Iface   Destination     Gateway         Flags   RefCnt  Use
+            eth0    00000000        01803B0A        0003    0       0
+            #################### Line break here ####################
+            Metric  Mask            MTU     Window  IRTT
+            202     00000000        0       0       0
+            """
+            try:
+                run_cmd(r"""cat /proc/net/route | grep -E \"eth0\s+"""
+                        r"""00000000\s+[0-9A-Z]+\s+[0-9]+\s+[0-9]+\s+[0-9]+"""
+                        r"""\s+202\" | wc -l""",
+                        True, True)
+            except subprocess.CalledProcessError:
+                syslog.syslog(syslog.LOG_ERR, 'MgmtIfaceCfg: Could not delete '
+                                              'eth0 route')
+                return
+
+            run_cmd("ip -4 route del default dev eth0 metric 202", False)
+
+        # Update cache
+        self.mgmt_vrf_enabled = enabled
+
+
 class HostConfigDaemon:
     def __init__(self):
         # Just a sanity check to verify if the CONFIG_DB has been initialized
@@ -1342,6 +1434,9 @@ class HostConfigDaemon:
         # Initialize DeviceMetaCfg
         self.devmetacfg = DeviceMetaCfg()
 
+        # Initialize MgmtIfaceCfg
+        self.mgmtifacecfg = MgmtIfaceCfg()
+
     def load(self, init_data):
         features = init_data['FEATURE']
         aaa = init_data['AAA']
@@ -1355,6 +1450,8 @@ class HostConfigDaemon:
         kdump = init_data['KDUMP']
         passwh = init_data['PASSW_HARDENING']
         dev_meta = init_data.get(swsscommon.CFG_DEVICE_METADATA_TABLE_NAME, {})
+        mgmt_ifc = init_data.get(swsscommon.CFG_MGMT_INTERFACE_TABLE_NAME, {})
+        mgmt_vrf = init_data.get(swsscommon.CFG_MGMT_VRF_CONFIG_TABLE_NAME, {})
 
         self.feature_handler.sync_state_field(features)
         self.aaacfg.load(aaa, tacacs_global, tacacs_server, radius_global, radius_server)
@@ -1363,6 +1460,7 @@ class HostConfigDaemon:
         self.kdumpCfg.load(kdump)
         self.passwcfg.load(passwh)
         self.devmetacfg.load(dev_meta)
+        self.mgmtifacecfg.load(mgmt_ifc, mgmt_vrf)
 
         # Update AAA with the hostname
         self.aaacfg.hostname_update(self.devmetacfg.hostname)
@@ -1415,6 +1513,10 @@ class HostConfigDaemon:
         mgmt_intf_name = self.__get_intf_name(key)
         self.aaacfg.handle_radius_source_intf_ip_chg(mgmt_intf_name)
         self.aaacfg.handle_radius_nas_ip_chg(mgmt_intf_name)
+        self.mgmtifacecfg.update_mgmt_iface(mgmt_intf_name, key, data)
+
+    def mgmt_vrf_handler(self, key, op, data):
+        self.mgmtifacecfg.update_mgmt_vrf(data)
 
     def lpbk_handler(self, key, op, data):
         key = ConfigDBConnector.deserialize_key(key)
@@ -1501,6 +1603,10 @@ class HostConfigDaemon:
         self.config_db.subscribe(swsscommon.CFG_DEVICE_METADATA_TABLE_NAME,
                                  make_callback(self.device_metadata_handler))
 
+        # Handle MGMT_VRF_CONFIG changes
+        self.config_db.subscribe(swsscommon.CFG_MGMT_VRF_CONFIG_TABLE_NAME,
+                                 make_callback(self.mgmt_vrf_handler))
+
         syslog.syslog(syslog.LOG_INFO,
                       "Waiting for systemctl to finish initialization")
         self.wait_till_system_init_done()

tests/hostcfgd/hostcfgd_test.py

@@ -390,3 +390,45 @@ def test_devicemeta_event(self):
             ]
             mocked_subprocess.check_call.assert_has_calls(expected,
                                                           any_order=True)
+
+    def test_mgmtiface_event(self):
+        """
+        Test handling mgmt events.
+        1) Management interface setup 
+        2) Management vrf setup
+        """
+        MockConfigDb.set_config_db(HOSTCFG_DAEMON_CFG_DB)
+        MockConfigDb.event_queue = [
+            (swsscommon.CFG_MGMT_INTERFACE_TABLE_NAME, 'eth0|1.2.3.4/24'),
+            (swsscommon.CFG_MGMT_VRF_CONFIG_TABLE_NAME, 'vrf_global')
+        ]
+        daemon = hostcfgd.HostConfigDaemon()
+        daemon.register_callbacks()
+        daemon.aaacfg = mock.MagicMock()
+        daemon.iptables = mock.MagicMock()
+        daemon.passwcfg = mock.MagicMock()
+        daemon.load(HOSTCFG_DAEMON_INIT_CFG_DB)
+        with mock.patch('hostcfgd.subprocess') as mocked_subprocess:
+            popen_mock = mock.Mock()
+            attrs = {'communicate.return_value': ('output', 'error')}
+            popen_mock.configure_mock(**attrs)
+            mocked_subprocess.Popen.return_value = popen_mock
+
+            try:
+                daemon.start()
+            except TimeoutError:
+                pass
+
+            expected = [
+                call('sudo systemctl restart interfaces-config', shell=True),
+                call('sudo systemctl restart ntp-config', shell=True),
+                call('service ntp stop', shell=True),
+                call('systemctl restart interfaces-config', shell=True),
+                call('service ntp start', shell=True),
+                call('cat /proc/net/route | grep -E \\"eth0\\s+00000000'
+                     '\\s+[0-9A-Z]+\\s+[0-9]+\\s+[0-9]+\\s+[0-9]+\\s+202\\" | '
+                     'wc -l', shell=True),
+                call('ip -4 route del default dev eth0 metric 202', shell=True)
+            ]
+            mocked_subprocess.check_call.assert_has_calls(expected,
+                                                          any_order=True)

tests/hostcfgd/test_vectors.py

@@ -19,7 +19,7 @@
                         "enabled": "false",
                         "num_dumps": "3",
                         "memory": "0M-2G:256M,2G-4G:320M,4G-8G:384M,8G-:448M"
-                        }
+                    }
                 },
                 "FEATURE": {
                     "dhcp_relay": {
@@ -118,7 +118,7 @@
                         "enabled": "false",
                         "num_dumps": "3",
                         "memory": "0M-2G:256M,2G-4G:320M,4G-8G:384M,8G-:448M"
-                        }
+                    }
                 },
                 "FEATURE": {
                     "dhcp_relay": {
@@ -235,7 +235,7 @@
                         "enabled": "false",
                         "num_dumps": "3",
                         "memory": "0M-2G:256M,2G-4G:320M,4G-8G:384M,8G-:448M"
-                        }
+                    }
                 },
                 "FEATURE": {
                     "dhcp_relay": {
@@ -331,7 +331,7 @@
                         "enabled": "false",
                         "num_dumps": "3",
                         "memory": "0M-2G:256M,2G-4G:320M,4G-8G:384M,8G-:448M"
-                        }
+                    }
                 },
                 "FEATURE": {
                     "dhcp_relay": {
@@ -431,7 +431,7 @@
                         "enabled": "false",
                         "num_dumps": "3",
                         "memory": "0M-2G:256M,2G-4G:320M,4G-8G:384M,8G-:448M"
-                        }
+                    }
                 },
                 "FEATURE": {
                     "dhcp_relay": {
@@ -592,5 +592,13 @@
             "type": "ToRRouter",
             "hostname": "SomeNewHostname"
         }
+    },
+    "MGMT_INTERFACE": {
+        "eth0|1.2.3.4/24": {}
+    },
+    "MGMT_VRF_CONFIG": {
+        "vrf_global": {
+            'mgmtVrfEnabled': 'true'
+        }
     }
 }