Merge remote-tracking branch 'origin/master' into gardener-v1.96

metal-stack · Oct 23, 2024 · 695338b · 695338b
2 parents 8bd8fa7 + e7a1e30
commit 695338b
Show file tree

Hide file tree

Showing 6 changed files with 71 additions and 0 deletions.
diff --git a/partition/roles/ztp/README.md b/partition/roles/ztp/README.md
@@ -9,7 +9,28 @@ Configures a server for providing zero-touch-provisioning scripts for switches.
 | ztp_nginx_image_name | yes       | the docker image to use to serve ztp scripts.               |
 | ztp_nginx_image_tag  | yes       | the tag of the docker image to use to serve ztp scripts.    |
 | ztp_host_dir_path    |           | the path to serve ztp scripts from.                         |
+| ztp_listen_address   |           | the address used to serve ztp requests                      |
 | ztp_port             |           | the port to serve ztp scripts on.                           |
 | ztp_authorized_keys  | yes       | the authorized keys that should be installed by ztp.        |
 | ztp_admin_user       |           | the user for which the authorized keys will be provisioned. |
 | ztp_additional_files |           | puts additional files into serve directory.                 |
+
+## Provisioning SONiC Switches via ztp.json
+
+On SONiC switches it is possible to describe the ZTP procedure in a file called `ztp.json`.
+It contains all steps that should be performed during ZTP along with some additional options.
+We use `ztp.json` to trigger a restart of the BGP service after the initial switch provisioning.
+To use the `ztp.json` file, add a DHCP option with code 67 to the DHCP server that serves the file.
+For example, add a section like the following to `/etc/dhcp/dhcpd.conf`:
+
+```
+option sonic_ztp code 67 = text;
+
+host leaf01 {
+  hardware ethernet aa:aa:aa:aa:aa:aa;
+  fixed-address 10.1.253.154;
+  option sonic_ztp "http://10.1.253.13:8080/ztp.json";
+}
+```
+
+For more information on the `ztp.json` format refer to the [documentation](https://github.com/sonic-net/SONiC/blob/master/doc/ztp/ztp.md).
diff --git a/partition/roles/ztp/defaults/main/main.yaml b/partition/roles/ztp/defaults/main/main.yaml
@@ -4,6 +4,7 @@ ztp_host_dir_path: /ztp
 ztp_authorized_keys:
 ztp_admin_user: admin
 
+ztp_listen_address: "{{ ansible_host }}"
 ztp_port: 8080
 
 ztp_additional_files: []

diff --git a/partition/roles/ztp/files/config_db.json b/partition/roles/ztp/files/config_db.json
@@ -0,0 +1,7 @@
+{
+  "DEVICE_METADATA": {
+    "localhost": {
+      "docker_routing_config_mode": "split"
+    }
+  }
+}
diff --git a/partition/roles/ztp/files/reload.sh b/partition/roles/ztp/files/reload.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+sudo systemctl restart bgp
diff --git a/partition/roles/ztp/tasks/main.yaml b/partition/roles/ztp/tasks/main.yaml
@@ -23,6 +23,24 @@
     dest: "{{ ztp_host_dir_path }}/config/ztp.sh"
     mode: 0644
 
+- name: copy config_db.json
+  copy:
+    src: "config_db.json"
+    dest: "{{ ztp_host_dir_path }}/config/config_db.json"
+    mode: 0644
+
+- name: copy reload script
+  copy: 
+    src: "reload.sh"
+    dest: "{{ ztp_host_dir_path }}/config/reload.sh"
+    mode: 0644
+
+- name: render ztp.json
+  template:
+    src: "ztp.json.j2"
+    dest: "{{ ztp_host_dir_path }}/config/ztp.json"
+    mode: 0644
+
 - name: copy additional contents
   copy:
     dest: "{{ ztp_host_dir_path }}/config/{{ item.name }}"

diff --git a/partition/roles/ztp/templates/ztp.json.j2 b/partition/roles/ztp/templates/ztp.json.j2
@@ -0,0 +1,21 @@
+{
+  "ztp": {
+    "02-user": {
+      "plugin": {
+        "url": "http://{{ ztp_listen_address }}:{{ ztp_port }}/ztp.sh"
+      }
+    },
+    "03-configdb-json": {
+      "url": {
+        "source": "http://{{ ztp_listen_address }}:{{ ztp_port }}/config_db.json"
+      },
+      "clear-config": false
+    },
+    "04-reload": {
+      "plugin": {
+        "url": "http://{{ ztp_listen_address }}:{{ ztp_port }}/reload.sh"
+      }
+    },
+    "restart-ztp-no-config": false
+  }
+}