Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Macsec profile deploy on peer VM's and DUT for macsec topo pipeline. #16048

Open
wants to merge 14 commits into
base: master
Choose a base branch
from
Open

Macsec profile deploy on peer VM's and DUT for macsec topo pipeline. #16048

wants to merge 14 commits into from
+147 −3

Conversation

judyjoseph
Copy link
Contributor

@judyjoseph judyjoseph commented Dec 12, 2024
edited
Loading

Approach

What is the motivation for this PR?

To run the macsec pipeline, the peer VM's and the local DUT should have the macsec config. These changes addresses those

Need to run the add-topo and deploy-mg with the options " -e enable_macsec=True -e macsec_profile=MACSEC_PROFILE"

How did you do it?

Following are the changes in this PR:

  1. Update config_sonic_basedon_testbed.yml with steps to generate the golden_config_db with macsec profile passed as input to deploy_mg
  2. Update the script ansible/library/generate_golden_config_db.py to create the golden_config_db for t2
  3. Update ansible/roles/eos/tasks/ceos_config.yml to create the macsec profile in the peer ceos VM
  4. Update the j2 template ceos config file ansible/roles/eos/templates/t2-core.j2 with macsec configuration.
  5. The t2 golden config db template file -- ansible/templates/golden_config_db_t2.j2

How did you verify/test it?

Verified the following commands work fine and macsec sessions comes up after deploy minigraph.

./testbed-cli.sh add-topo vmsvc3-t2-xxx-1 strsvc ../password.txt -e ceos_image_filename=xxx -e ceos_image=xxx -e ceos_image_orig=xxx -e ceosimage_saskey=xxx -e enable_macsec=True -e macsec_profile=MACSEC_PROFILE 


./testbed-cli.sh -t testbed.yaml deploy-mg vmsvc3-t2-xxx-1 strsvc ../password.txt -e enable_macsec=True -e macsec_profile=MACSEC_PROFILE

Any platform specific information?

Supported testbed topology if it's a new test case?

Documentation

@mssonicbld
Copy link
Collaborator

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@mssonicbld
Copy link
Collaborator

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@judyjoseph
Copy link
Contributor Author

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@mssonicbld
Copy link
Collaborator

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@mssonicbld
Copy link
Collaborator

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@mssonicbld
Copy link
Collaborator

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@mssonicbld
Copy link
Collaborator

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@mssonicbld
Copy link
Collaborator

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

This was referenced Dec 23, 2024
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@abdosi abdosi Awaiting requested review from abdosi

@arlakshm arlakshm Awaiting requested review from arlakshm

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@judyjoseph @mssonicbld