Macsec profile deploy on peer VM's and DUT for macsec topo pipeline.

[judyjoseph]

Approach

What is the motivation for this PR?

To run the macsec pipeline, the peer VM's and the local DUT should have the macsec config. These changes addresses those

Need to run the add-topo and deploy-mg with the options " -e enable_macsec=True -e macsec_profile=MACSEC_PROFILE"

How did you do it?

Following are the changes in this PR:

1. Update config_sonic_basedon_testbed.yml with steps to generate the golden_config_db with macsec profile passed as input to deploy_mg
2. Update the script ansible/library/generate_golden_config_db.py to create the golden_config_db for t2
3. Update ansible/roles/eos/tasks/ceos_config.yml to create the macsec profile in the peer ceos VM
4. Update the j2 template ceos config file ansible/roles/eos/templates/t2-core.j2 with macsec configuration.
5. The t2 golden config db template file -- ansible/templates/golden_config_db_t2.j2

How did you verify/test it?

Verified the following commands work fine and macsec sessions comes up after deploy minigraph.

./testbed-cli.sh add-topo vmsvc3-t2-xxx-1 strsvc ../password.txt -e ceos_image_filename=xxx -e ceos_image=xxx -e ceos_image_orig=xxx -e ceosimage_saskey=xxx -e enable_macsec=True -e macsec_profile=MACSEC_PROFILE 


./testbed-cli.sh -t testbed.yaml deploy-mg vmsvc3-t2-xxx-1 strsvc ../password.txt -e enable_macsec=True -e macsec_profile=MACSEC_PROFILE 

Any platform specific information?

Supported testbed topology if it's a new test case?

Documentation

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[judyjoseph]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[mssonicbld]

/azp run

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[liamkearney-msft]

lgtm - can you also make sure to test with macsec not configured, to make sure that MG deploy works with non-macsec t2 topos.
thanks!

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[judyjoseph]

lgtm - can you also make sure to test with macsec not configured, to make sure that MG deploy works with non-macsec t2 topos. thanks!

tried it looks good

[judyjoseph]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[arlakshm]

lgtm. some comment for future enhancements

[mssonicbld]

/azp run

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[abdosi]

lgtm. we need to handle in single asic LC in another PR

[judyjoseph]

lgtm. we need to handle in single asic LC in another PR

@abdosi I did update the PR earlier : can you check this commit : baecdc2