Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update gnmi hld #112

Open
wants to merge 376 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 250 commits
Commits
Show all changes
376 commits
Select commit Hold shift + click to select a range
bbe0af0
Update show PortChannel summary
Tejaswi-Goel Oct 18, 2019
fc2a7ec
Addressed review comments
Oct 23, 2019
9355e92
Minor updates
Tejaswi-Goel Oct 24, 2019
c283aa0
Addressing comments and updating FDB hld.
ViramShah91 Oct 24, 2019
dabd256
Update sFlow admin-state
GarrickHe Oct 28, 2019
0a6da10
Add Docker to Host communication Design document
nirenjan Oct 28, 2019
e2a8168
Updating FDB HLD and addressing comments.
ViramShah91 Oct 29, 2019
46c327c
Draft version of Tacacs+ HLD
joyas-joseph Oct 29, 2019
87fe4e1
updating FDB HLD and addressing comments
ViramShah91 Oct 30, 2019
bfa5191
Adding table reference
ViramShah91 Oct 30, 2019
0285a3e
Update SONiC_OC_FDB_get_support_HLD.md
ViramShah91 Oct 30, 2019
d3f6871
HLD for Inband Flow Analyzer feature
spenugondaa Oct 30, 2019
4f96c3c
Merge pull request #35 from project-arlo/sonic_host_service
nirenjan Oct 30, 2019
934a9ab
Merge pull request #14 from project-arlo/oc-fdb-get-support
jeff-yin Oct 30, 2019
cd14f3b
Updated for config-db schema changes
venkatmahalingam Oct 31, 2019
acf1ed4
add initial version of data VRF HLD in mgmt framework
Oct 31, 2019
58cadd4
address 1 review comment and change vrf to ip vrf in cli cmd
Oct 31, 2019
44177b6
added ptree
spenugondaa Oct 31, 2019
8ecb004
Update sFlow HLD
GarrickHe Nov 1, 2019
2f36814
Fix revision table
GarrickHe Nov 1, 2019
e681827
Fix revision table format
GarrickHe Nov 1, 2019
3c5f361
1. add complete sonic vrf hld requirements. add a table to compare re…
Nov 4, 2019
dffd0c5
fix format
Nov 4, 2019
e7af9d3
fix format
Nov 4, 2019
55964ad
removed status/statistics commands as there is no db schema
spenugondaa Nov 5, 2019
b7f7d5a
Uploading the "Show Techsupport" HLD for review.
kerry-meyer Nov 5, 2019
a55fafa
Merge pull request #15 from project-arlo/sflow-hld
jeff-yin Nov 7, 2019
d10779a
Updated HLD with SONiC yang models info
Nov 7, 2019
3fe837b
Uploading a revised version to address comments from Jeff Yin
kerry-meyer Nov 7, 2019
78139d9
This version addresses follow-up comments from Jeff Yin.
kerry-meyer Nov 9, 2019
b846430
Update create PortChannel REST URI
Tejaswi-Goel Nov 8, 2019
2c8bb46
Updated show command output
Nov 13, 2019
2829dd9
Updated the HLD as per the comments and new commands.
Nov 13, 2019
4cd88f9
Minor bug fix for changing interface-mode
Nov 13, 2019
ceb1786
Merge pull request #10 from project-arlo/oc-mgmt-intf
jeff-yin Nov 13, 2019
da723c9
Merge pull request #11 from project-arlo/oc-portchannel-interface
jeff-yin Nov 13, 2019
ccb9bd7
Added backtick enclosure for the command syntax specification.
kerry-meyer Nov 14, 2019
5a72856
Updated the FRR BGP NBI HLD to add KLISH commands.
venkatmahalingam Nov 14, 2019
8a2d5cd
Merge pull request #13 from project-arlo/oc_vlan_hld_br
bhavini-gada Nov 15, 2019
1b5fe0d
Remove redundant 'port' keyword
GarrickHe Nov 15, 2019
6d19fef
Correct a duplicated unit test case to specify the correct test descr…
kerry-meyer Nov 18, 2019
7b732b6
Add new commands
venkatmahalingam Nov 21, 2019
156553d
update HLD based on code review comments and fixes
spenugondaa Nov 21, 2019
0bdc419
Adding show ip arp HLD.
obaidamin Nov 22, 2019
3549887
Fixed command syntax
obaidamin Nov 22, 2019
5cbb88b
Minor edits
obaidamin Nov 22, 2019
738f869
Minor edits
obaidamin Nov 22, 2019
5672065
HLD: Management interface for Sonic Config Management operations (#33)
bhaveshdell Nov 22, 2019
36b8693
Merge pull request #44 from project-arlo/sflow-hld
bhavini-gada Nov 22, 2019
1d492b8
address comments
Nov 23, 2019
2b338f7
Updated for internal comments.
venkatmahalingam Nov 25, 2019
a40074d
Adding test unit cases
arunsundark Nov 19, 2019
4a2aa40
Merge pull request #16 from project-arlo/image-mgmt-feature-dev
jeff-yin Nov 25, 2019
0777c43
Merge pull request #28 from project-arlo/mgmt-vrf-framework
bhavini-gada Nov 26, 2019
2bb43d7
Merge pull request #38 from project-arlo/ifa_hld
bhavini-gada Nov 26, 2019
27a505c
Add host service developer guide
nirenjan Nov 26, 2019
362680e
Merging PortChannel and VLAN HLD
Tejaswi-Goel Nov 26, 2019
5a54ef2
Add/modified the translib APIs for phase 2
anand-kumar-subramanian Nov 27, 2019
d1f576d
Adding clear counters design details
Tejaswi-Goel Nov 27, 2019
8b76edc
RESTCONF yang library and other enhancements
sachinholla Dec 3, 2019
45a2dae
RESTCONF yang library and other enhancements
sachinholla Dec 3, 2019
5941485
Provide changes to address review comments: Add requested additional …
kerry-meyer Dec 3, 2019
69481b9
Added a reference in the Overview section to the document describing …
kerry-meyer Dec 3, 2019
2407369
address comments
Dec 4, 2019
2c76baf
sync
Dec 4, 2019
499305f
Management framework Developer Guide
anand-kumar-subramanian Dec 5, 2019
4ad6c54
Fixed the links
anand-kumar-subramanian Dec 5, 2019
6fce350
Add details about D-Bus architecture (container to host).
mikelazar Dec 7, 2019
3450fdb
Merge pull request #51 from mikelazar/dbus-container--to-host-doc
mikelazar Dec 7, 2019
e09545c
.
Dec 9, 2019
5153492
Update Docker to Host communication.md
mikelazar Dec 10, 2019
68badf7
Merge pull request #43 from project-arlo/show-techsupport-hld
bhavini-gada Dec 11, 2019
896daf8
Added support for loopback interface HLD config
justinejose91 Dec 11, 2019
38b5dcd
Update SONiC_OC_Vlan_PortChannel_HLD.md
justinejose91 Dec 11, 2019
b53d7df
RBAC HLD (#37)
jeff-yin Dec 12, 2019
1e901cc
RESTCONF enity-tag support is moved to next release
sachinholla Dec 13, 2019
61626bf
Merge pull request #49 from project-arlo/rest_server_hld
anand-kumar-subramanian Dec 13, 2019
bb4f60f
Update SONiC_OC_Vlan_PortChannel_HLD.md
Tejaswi-Goel Dec 13, 2019
04f850e
Added details for 'clear ip/ipv6 arp/neighbors' commands.
obaidamin Dec 16, 2019
e3fe0cf
Add information on logging and security requirements.
mikelazar Dec 17, 2019
fdea75d
Merge pull request #1 from mikelazar/dbus-container--to-host-doc
mikelazar Dec 17, 2019
881fc5b
Merge branch 'master' into master
mikelazar Dec 17, 2019
d17d2a4
Merge pull request #54 from mikelazar/master
mikelazar Dec 17, 2019
e49ebbc
update HLD with CLI, yang tree and few details
spenugondaa Dec 17, 2019
803ec42
update the HLD with yang tree, CLI examples and few feature details
spenugondaa Dec 17, 2019
c7afec7
updated with no commands
spenugondaa Dec 17, 2019
ec30340
Address the comments on error handling and method of testing
venkatmahalingam Dec 19, 2019
27e1967
Comments addressed
venkatmahalingam Dec 19, 2019
6adfabb
Adding CVL related enhancement details
dutta-partha Dec 19, 2019
fe397ff
Merge pull request #56 from project-arlo/mgmt_framework_hld_cvl
sachin-brm Dec 20, 2019
84e94b9
Added 'force' option in syntax and in sonic-yang model.
obaidamin Dec 20, 2019
049eefc
Adding description of hamd DBus interface as well as hamctl (#57)
martin-belanger Jan 6, 2020
9605647
added a writeup for RESTCONF API GEN Tool
faraazc Jan 8, 2020
aa570d4
added a writeup for RESTCONF API GEN Tool, edited image
faraazc Jan 8, 2020
a1256a5
Removed USER DB and all the Tables will now be in the CONFIG DB
anand-kumar-subramanian Jan 8, 2020
0a9cf96
renamed: SONiC_OC_Vlan_PortChannel_HLD.md -> SONiC_OC_Interface_HLD.md
Tejaswi-Goel Dec 13, 2019
5679cc9
Updated sonic-yang module name
obaidamin Jan 9, 2020
c1fb760
Delete SONiC_OC_PortChannel_Interface_HLD.md
bhavini-gada Jan 15, 2020
b5a57b4
Delete SONiC_OC_Vlan_HLD.md
bhavini-gada Jan 15, 2020
4740795
Merge pull request #53 from project-arlo/common-hld-vlan-pc-counters
bhavini-gada Jan 15, 2020
88aa73b
Merge pull request #46 from project-arlo/hld-show-ip-arp
bhavini-gada Jan 16, 2020
d046a9c
Merge pull request #41 from project-arlo/bsun_data_vrf2
bhavini-gada Jan 16, 2020
8e07bb8
HLD for ztp support via mgmt-framework (#26)
arunsundark Jan 18, 2020
f8db0ce
Change PortChannel Creation command
Jan 22, 2020
8573560
Updated HLD for show ip arp vrf support
obaidamin Feb 6, 2020
d59281c
Syntax correction
obaidamin Feb 6, 2020
ac11177
Formatting changes
obaidamin Feb 6, 2020
92fc520
Merge pull request #63 from project-arlo/master
dutta-partha Apr 9, 2020
4c0baa1
Updated CVL section based on CVL enhancements.
dutta-partha Apr 9, 2020
6885461
Merge pull request #64 from project-arlo/mgmt_framework_hld_cvl
anand-kumar-subramanian Apr 9, 2020
39a47c4
Add API versioning details to HLD
sachinholla Apr 9, 2020
3ce7f1c
Updated REST Server authentication section.
sachinholla Apr 9, 2020
a99788b
Merge pull request #65 from project-arlo/mf_hld_update
sachinholla Apr 9, 2020
ed00d1f
Update Mgmt framework HLD for CLI/Transformer enhancements (#66)
kwangsuk Apr 9, 2020
e10cc27
Updated mgmt-framework to include details with
faraazc Apr 10, 2020
3b3ce96
Update gNMI sections (#67)
seiferteric Apr 10, 2020
f4d4483
Merge branch 'master' into mgmt_framework_hld
anand-kumar-subramanian Apr 10, 2020
9783c16
Merge pull request #68 from project-arlo/mgmt_framework_hld
anand-kumar-subramanian Apr 10, 2020
78432cd
Added information on sonic-mgmt-common repo
anand-kumar-subramanian Apr 10, 2020
4885968
Update the DB Access Layer with some additional APIs and clarifications
a-barboza Apr 13, 2020
6d3e4b8
Added VRF examples and updated sonic-yang model
obaidamin Apr 21, 2020
8fff56b
First draft of HLD for management framework NTP support
May 4, 2020
dd4ccdf
mv .txt to .md
May 4, 2020
560e8f8
Merge pull request #60 from project-arlo/show-ip-arp-vrf
bhavini-gada May 5, 2020
ed4fda1
Merge pull request #58 from project-arlo/portchannel_command
bhavini-gada May 5, 2020
67a7060
DNS support in SONiC
venkatmahalingam May 8, 2020
c402169
Added VRRP HLD for Buzznik
dks19 May 8, 2020
66283fd
Support for source interface and comments addressed
venkatmahalingam May 12, 2020
9033f18
Adding aliasFeature HLD doc.
justinejose91 May 13, 2020
0d15cb4
Alias Feature HLD
justinejose91 May 14, 2020
271f60b
Deleting the aliasFeature HLD from the repo.
justinejose91 May 14, 2020
179fc0f
Comment addressed
venkatmahalingam May 16, 2020
50a7b29
Merge pull request #70 from project-arlo/DNS-HLD
venkatmahalingam May 16, 2020
7351fb1
Merge pull request #23 from project-arlo/frr-bgp-ext-mgmt-frmwrk
venkatmahalingam May 16, 2020
074f989
EVPN VxLAN HLD
May 21, 2020
8e62ba6
Merge pull request #75 from rpjain-nw/master
dks19 May 21, 2020
bd19be2
LDAP Name Service
a-barboza May 21, 2020
599f413
MCLAG Enhancements HLD
Praveen-Brcm May 22, 2020
634d8d6
Updated with Separate IP klish details
Praveen-Brcm May 22, 2020
0e10f56
Add LACP fast rate option to Interfaces HLD
May 22, 2020
e8d36de
Updated Mclag Enhancements document
Praveen-Brcm May 22, 2020
8f390bd
Remove MCLAG HLD
Praveen-Brcm May 22, 2020
6aef38c
MCLAG Enhancements HLD
Praveen-Brcm May 22, 2020
23a1aa9
Update
Praveen-Brcm May 22, 2020
b18bdad
Add show command examples with different interface naming mode
May 28, 2020
1396a9c
SONiC RBAC (#62)
nirenjan May 29, 2020
4187238
Update sFlow HLD
GarrickHe May 29, 2020
a5ad11a
Merge pull request #89 from project-arlo/oc-sflow
GarrickHe Jun 3, 2020
d459497
Updated for source-interface support
venkatmahalingam Jun 8, 2020
fd41906
Addressed the commented mentioned in the HLD.
Jun 9, 2020
64bc28a
HLD to provide interfaces to warm-restart feature to configure and sh…
Arul-Jeniston-Mc Jun 15, 2020
577516a
HLD to provide CLI, REST, GNMI interfaces warm-restart
Arul-Jeniston-Mc Jun 15, 2020
aef34ca
Delete warm_restart_management_interface_feature.md
Arul-Jeniston-Mc Jun 15, 2020
0850498
Merge pull request #48 from project-arlo/sonic_host_service
sameerdell Jun 15, 2020
b33995a
HLD to implement CLI, REST and gNMI interface to configure and manage…
Arul-Jeniston-Mc Jun 15, 2020
8e8235b
Delete warm_restart_management_interface_feature.md
Arul-Jeniston-Mc Jun 15, 2020
88acf0d
Delete warm_restart_management_interface_feature.md
Arul-Jeniston-Mc Jun 15, 2020
0fd0109
HLD to implement CLI, REST and gNMI interface to configure and manage…
Arul-Jeniston-Mc Jun 15, 2020
f2080e0
PIM-SSM(IPv4) HLD for Mgmt-framework changes
rathnasabapathyv Jun 16, 2020
f4fe80e
update
rathnasabapathyv Jun 16, 2020
e2a3595
Address RBAC HLD comments (#94)
nirenjan Jun 17, 2020
f1c492f
Merge branch 'master' of https://github.com/project-arlo/SONiC into p…
rathnasabapathyv Jun 17, 2020
7ed9201
Updated Openconfig section
rathnasabapathyv Jun 17, 2020
6991b27
Sflow on mgmt VRF support.
venkatmahalingam Jun 18, 2020
b0d0596
Merge pull request #77 from project-arlo/lacp-fast-rate
bhavini-gada Jun 18, 2020
d4b0514
Interface range Specification feature HLD
Tejaswi-Goel May 21, 2020
dea81de
update CLI section
kwangsuk Jun 19, 2020
0a77663
update version
kwangsuk Jun 20, 2020
728ca39
Add markup
kwangsuk Jun 20, 2020
9861f89
Merge pull request #97 from project-arlo/cli-guide
anand-kumar-subramanian Jun 20, 2020
6713e5b
LDAP Name Service
a-barboza Jun 23, 2020
762c276
Phase-II changes with new repo structure
sachinholla Jun 24, 2020
2cc2715
TOC update
sachinholla Jun 24, 2020
e7b1212
Merge pull request #98 from project-arlo/dev_guide_update
faraazbrcm Jun 25, 2020
fcd8129
Merge pull request #76 from project-arlo/ldap_hld
a-barboza Jun 25, 2020
004d49e
Update details with respect to document generators and JSON tools
faraazbrcm Jun 26, 2020
4435cd5
Merge pull request #1 from faraazbrcm/faraazbrcm-patch-1
faraazbrcm Jun 26, 2020
a33b997
Merge pull request #99 from faraazbrcm/master
anand-kumar-subramanian Jun 26, 2020
f2614e9
Comments addressed
venkatmahalingam Jun 29, 2020
85e727a
Merge pull request #96 from project-arlo/sflow-mgmt-vrf
venkatmahalingam Jun 29, 2020
e4d6eb4
HLD for audit-log
spenugondaa Jul 1, 2020
9860147
Updated show cmds o/p
rathnasabapathyv Jul 7, 2020
6f78308
Merge branch 'master' of https://github.com/project-arlo/SONiC into p…
rathnasabapathyv Jul 7, 2020
32e1a2e
Updated OC Interface HLD regarding rate utilization counters enhancem…
Jul 8, 2020
8f8c775
Added flags information to show ip pim topology cmd
rathnasabapathyv Jul 8, 2020
507adf5
Updated HLD's with rate utilization counters info.
Jul 8, 2020
35e51e0
Added rate-interval info under rest api section.
Jul 9, 2020
774812d
Updated Change Description.
Jul 9, 2020
5d03249
Removed not supported counters.
Jul 9, 2020
d985a68
Changed datatype for utilization counters as per the review comments.
Jul 9, 2020
b1e2887
Added info about show interface counters rate command.
Jul 9, 2020
e5198c5
Fixed issue in formatting
Jul 9, 2020
fd05270
Added rate interval column for show interface counters rate command.
Jul 9, 2020
5a6931c
Updated rate interval values.
Jul 9, 2020
33100df
Display packets first followed by bits and bytes info, addressed as p…
Jul 14, 2020
101aec0
Updated OC-yang for OC-yang compliance fixes and upTime/expiryTime ya…
rathnasabapathyv Jul 14, 2020
284af7e
Added show o/p for show ip pim vrf all option + updated other section…
rathnasabapathyv Jul 18, 2020
da59ec1
updated show o/p details
rathnasabapathyv Jul 18, 2020
b296878
Update Audit_Log_HLD.md
spenugondaa Jul 23, 2020
f378e0b
Update Audit_Log_HLD.md
spenugondaa Jul 23, 2020
eabd9d9
Add Transformer_RFC_Compliance.md file
jeff-yin Jul 23, 2020
6837959
Add PUT cases.jpg for RFC compliance doc
jeff-yin Jul 23, 2020
ec1613e
Delete PUT cases.jpg
jeff-yin Jul 23, 2020
be395bf
Fix ToC, minor edits to Transformer_RFC_Compliance
jeff-yin Jul 23, 2020
1e37928
Add PUT_cases.jpg for RFC_Compliance doc
jeff-yin Jul 23, 2020
ee1ec48
Fix more ToC links in Transformer_RFC_Compliance
jeff-yin Jul 23, 2020
e0b090b
Merge pull request #103 from project-arlo/xfmr_rfc_compliance
kwangsuk Jul 24, 2020
0d9c075
Update Audit_Log_HLD.md
spenugondaa Jul 27, 2020
aec1dbb
Management framework- CLI "show running conifguration" Document.
bhaveshdell May 22, 2020
55aca1f
Rename the files.
bhaveshdell May 22, 2020
0f22100
Update image file name.
bhaveshdell May 22, 2020
27a092f
Update command and view rendering sections.
bhaveshdell May 26, 2020
02adcfa
Address review comments.
bhaveshdell Jun 15, 2020
546faa3
Revise and update.
bhaveshdell Jun 16, 2020
58877e0
Update users guide with section on command formats.
bhaveshdell Aug 6, 2020
8e9fa14
Merge pull request #102 from project-arlo/intf-counters-rate-util
sameerdell Aug 11, 2020
6c9be22
Merge pull request #100 from project-arlo/audit-log-hld
sameerdell Aug 11, 2020
828264e
Merge pull request #93 from project-arlo/Arul-Jeniston-Mc-patch-2
sameerdell Aug 11, 2020
e19d56a
Merge pull request #78 from project-arlo/showrunning-doc
sameerdell Aug 11, 2020
a9f8931
Merge pull request #39 from project-arlo/tacacs-hld
sameerdell Aug 11, 2020
191c7b0
Merge pull request #95 from project-arlo/pim_ssm_3.x_dev
sameerdell Aug 11, 2020
3f9abaa
In-band management via mgmt VRF
venkatmahalingam Aug 28, 2020
d2ab17d
Merge pull request #105 from project-arlo/in-band-mgmt
sameerdell Sep 1, 2020
0d10b37
Added details for response_type in Generic client
faraazbrcm Sep 10, 2020
ded5f74
Merge pull request #106 from project-arlo/faraazbrcm-patch-1
anand-kumar-subramanian Sep 10, 2020
7447f9d
Merge remote-tracking branch 'origin/master' into ntp_doc
Sep 21, 2020
dd2ed31
add clarification
Sep 21, 2020
86e7f0a
Developer Guide: Update DB access layer with link to HLD
a-barboza Sep 25, 2020
e29cf90
Merge pull request #107 from project-arlo/a-barboza-dg
a-barboza Sep 25, 2020
cbfbaad
Yang changes updates & show cmds spacing updates
rathnasabapathyv Oct 2, 2020
b006fd7
Merge pull request #109 from project-arlo/pim_ssm_3.x_dev
sameerdell Oct 2, 2020
8091955
Update Developer Guide.md
anand-kumar-subramanian Oct 9, 2020
ef76e9c
Update SONiC_OC_Interface_HLD.md
haemanthisree Oct 24, 2020
5a26530
Merge pull request #110 from haemanthisree/vlan_hld_update
sameerdell Oct 30, 2020
8f2bd2c
Platform HLD
GarrickHe Nov 2, 2020
d3da65e
Update Platform HLD
GarrickHe Nov 2, 2020
acc38d0
add support for NTP authentication
Nov 3, 2020
9a1f162
add support to configure multiple NTP source interfaces
Nov 9, 2020
08b6583
modify Yang model and add tables in 3.2
Dec 8, 2020
a02c020
fix format
Dec 8, 2020
2fc73eb
Merge pull request #73 from project-arlo/alias-hld-br
bhavini-gada Dec 8, 2020
b000d3d
Merge pull request #69 from project-arlo/ntp_doc
bhavini-gada Dec 8, 2020
c891e79
Merge pull request #74 from project-arlo/IntfRangeHLD
bhavini-gada Dec 8, 2020
5d364ae
Merge pull request #91 from project-arlo/oc-sflow
GarrickHe Dec 30, 2020
81ef190
wip
seiferteric Jan 9, 2021
28b66f2
Add more gNMI information to HLD
seiferteric Jan 10, 2021
c5f8fdf
Formatting fix
seiferteric Jan 10, 2021
436cf9b
Address PR comments
seiferteric Jan 12, 2021
f48f816
Address PR comments
seiferteric Jan 12, 2021
f061ebb
Address PR comments
seiferteric Jan 12, 2021
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1,014 changes: 1,014 additions & 0 deletions doc/SONiC_OC_NTP_HLD.md

Large diffs are not rendered by default.

730 changes: 730 additions & 0 deletions doc/VRRP_HLD_Buzznik.md

Large diffs are not rendered by default.

60 changes: 60 additions & 0 deletions doc/aaa/Persistent HTTP Connections from CLI.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
Persistent HTTP connections from CLI
====================================

The SONiC CLI provided by the management framework container runs an instance of
klish, which provides a fixed set of commands. The CLI is simply a front-end to
the REST server, and each command is mapped to a corresponding REST endpoint.

# Command Flow

When the user enters a specific command on the CLI, the corresponding `ACTION`
tag in the CLI XML specification shells out to a Python script with any
arguments and an optional template to format the returned values. This script
connects to the REST server on the local machine over HTTPS, retrieves and
formats the JSON response. The Python script then exits, terminating any HTTP
connection that had been set up.

This is the current behavior, even without RBAC support, which means that every
command will need to set up a new HTTPS connection. However, when RBAC is
enabled, it is not likely to cause a noticeable performance impact, since the
system is already incurring the TLS overhead.

As can be seen from the flow above, it is not possible to set up a persistent
HTTP connection, since every command spawns a new connection.

# Alternative Designs

This section describes some alternative designs that will enable the CLI to
create a persistent connection.

## Proxy service

As part of the management framework, we can add a "proxy" service that is
spawned with the CLI. This service will set up a secure HTTP connection for the
authenticated user, and create a local unix socket that is accessible only by
that user. The CLI XML will remain unchanged, but the Python ApiClient class
will be changed to connect to the local socket.

This will still create independent HTTP connections, but they can be insecure
connections, while the proxy service will transfer the connections from the
insecure unix socket to the secure tunnel, which will reduce the TLS connection
time.

**Note:** The security considerations have not been completely mapped out, and
this may open the system up to security holes.

## Klish modification

This approach considers modifying the Klish executable. When Klish is spawned,
it will set up the HTTPS connection and keep it alive as long as the CLI is
active. Each `ACTION` tag will call into klish functions that will connect to
the existing HTTPS connection.

This approach is the most secure option, however, it needs heavy modification to
klish, and there are several unknowns at this time.

## No modification - Buzznik

This approach leaves the design as is for the Buzznik release. Every command
will continue to create a new HTTPS connection, as it does today, and will tear
down the connection on completion of the request.
460 changes: 460 additions & 0 deletions doc/aaa/SONiC RBAC HLD.md

Large diffs are not rendered by default.

481 changes: 481 additions & 0 deletions doc/aaa/SONiC RBAC.md

Large diffs are not rendered by default.

2,626 changes: 2,626 additions & 0 deletions doc/aaa/ldap.md

Large diffs are not rendered by default.

Loading