-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding the HLD for SONiC long reset button press
- Loading branch information
Showing
3 changed files
with
277 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,277 @@ | ||
# Long reset button press HLD | ||
|
||
## Table of contents | ||
|
||
- [Revision](#) | ||
- [Scope](#scope) | ||
- [Definitions/Abbreviations](#definitionsabbreviations) | ||
- [Requirements](#requirements-in-this-feature-we-want-to-be-able-to) | ||
- [1 Architecture design](#architecture-design) | ||
- [2 High level design](#high-level-design) | ||
- [3 Performance](#performance) | ||
- [4 Flows](#flows) | ||
- [5 Configuration and management](#configuration-and-management) | ||
- [5.1. CLI](#cli) | ||
- [5.2. YANG Model](#yang-model) | ||
- [6 Warmboot and Fastboot Design Impact](#warmboot-and-fastboot-design-impact) | ||
- [7 Restrictions/Limitations](#restrictionslimitations) | ||
- [8 Testing Requirements/Design](#testing-requirementsdesign) | ||
- [8.1. Unit Test cases](#unit-test-cases) | ||
- [8.2. System Test cases](#system-test-cases) | ||
|
||
### | ||
|
||
### | ||
|
||
### | ||
|
||
### | ||
|
||
# Revision | ||
|
||
| **Rev** | **Date** | **Author** | **Change Description** | | ||
|:---------:|:------------:|:-------------------------------:|:------------------------| | ||
| 1.0 | 17/12/2023 | Azmy Ali (Nvidia SONiC Team) | Initial public version | | ||
|
||
### | ||
|
||
# Scope | ||
|
||
This document describes the design details for supporting long reset button press on a SONiC switch. In this document, we will specify the default behavior | ||
for SONiC OS on long reset button press and the new service intorduced during initializtion flow to handle the functionality applied on long reset button press. | ||
|
||
# Definitions/Abbreviations | ||
|
||
| **Term** | **Description** | | ||
|-----------------------------|--------------------------------------------------------------------------------------| | ||
| SONiC | Software for Open Networking in the Cloud | | ||
| Long reset button press | Pressing the physical reset button on the switch not less than 15 seconds | | ||
| short reset button press | Pressing the physical reset button on the switch less than 15 seconds | | ||
| CLI | Сommand-line Interface | | ||
| YANG | Yet Another Next Generation | | ||
|
||
### | ||
|
||
# Requirements Overview | ||
|
||
The long reset button press feature implementation shall support the following: | ||
|
||
1. On long reboot press, the OS will restore the local users' configurations, by deleting non-default users and restoring default passwords for default users and expiring these passwords due to security conecerns. | ||
2. Each vendor can decide what is the behavior on long reset button press and add his own implementation. | ||
3. On short reset button press, the current init flow should not be affected and should boot normally. | ||
4. Feature should be enabled or diabled by setting compliation flag to true or false. | ||
5. Feature can be disabled and enabled using CLI command. | ||
6. The feature is enabled by default. | ||
|
||
|
||
### | ||
|
||
# Architecture Design | ||
|
||
In this feature, we want to add new systemd service ```long-reboot.service``` to the init flow. This new service is expected to run on the system during boot and before any connection is open to the switch which includes SSH and serial connection as well and perform the vendor defined behavior on long reset button press. | ||
|
||
![](./sonic_long_reboot.png) | ||
|
||
The service is dependent on the ```database.service``` for reading the configured feature state, so it needs to run after it during boot. | ||
|
||
### | ||
|
||
# High-Level Design | ||
|
||
This feature will be a built-in SONiC feature. The default behavior implementation will reside in ```src/sonic-platform-common/sonic_platform_base/long_reboot_press_base.py``` file. The default behavior will delete non-default users and restore the original passwords of the default users and expire them. | ||
The ```long_reboot_press_base.py``` will contain the following class | ||
|
||
|
||
``` | ||
class LongRebootPressBase(object): | ||
""" | ||
Base class for long reboot press on the switch | ||
""" | ||
|
||
def start(self): | ||
''' | ||
define the functionality | ||
''' | ||
# the implementation of deleting non-default users adn restoring original passwords for default users and expiring them | ||
``` | ||
|
||
|
||
Each vendor should inherent this class and add the implementation that he desires in this class. In the ```src/sonic-host-services/scripts/long-reboot``` script, that it is being called on ```long-reboot.service``` start, will do import of the inherented class and calls the ```start()``` method of the class as we can see in the following code snippet. | ||
|
||
|
||
``` | ||
def get_platform_long_reboot_press(): | ||
try: | ||
from sonic_platform.long_reboot_press import LongRebootPressPlatform | ||
long_reboot_press_class = LongRebootPressPlatform() | ||
except ImportError: | ||
syslog.syslog(syslog.LOG_WARNING, "LongRebootPress: sonic_platform package not installed. Unable to find platform long reboot press implementation") | ||
raise Exception('Long reboot press implementation is not defined') | ||
|
||
return long_reboot_press_class | ||
|
||
``` | ||
|
||
|
||
The ```LongRebootPressPlatform``` class that each vendor implements should look like this: | ||
|
||
|
||
``` | ||
class LongRebootPressPlatform(LongRebootPressBase): | ||
def start(self): | ||
''' | ||
Vendor specific implementation. | ||
''' | ||
# can inherent the base class implementation | ||
``` | ||
|
||
|
||
The new serivce python script ```src/sonic-host-services/scripts/long-reboot``` will read the feature state from the ```LONG_RESET_BUTTON``` table in ```CONFIG_DB``` database. If feature is enabled and a long reset button press detected, the service will perfom the implementation in the ```start()``` method as we can see in the following code snippet: | ||
|
||
``` | ||
class LongRebootPress: | ||
def __init__(self): | ||
self.platform_long_reboot_press = get_platform_long_reboot_press() | ||
def get_feature_state(self): | ||
feature_state = 'enabled' | ||
try: | ||
db = ConfigDBConnector() | ||
db.connect(wait_for_init=True, retry_on=True) | ||
feature_info = db.get_table(swsscommon.CFG_LONG_RESET_BUTTON) | ||
feature_state = feature_info.get('feature', {}).get('state') | ||
return True if feature_state == 'enabled' else False | ||
except Exception: | ||
syslog.syslog(syslog.LOG_ERR, "LongRebootPress: Failed to connect to DB") | ||
raise | ||
def start(self): | ||
feature_enabled = self.get_feature_state() | ||
long_reboot_button_press = get_long_reboot_status() | ||
if long_reboot_button_press and feature_enabled: | ||
syslog.syslog(syslog.LOG_INFO, "LongRebootPress: Long reboot detected, the system is resetting passwords to default") | ||
self.platform_long_reboot_press.start() | ||
else: | ||
syslog.syslog(syslog.LOG_INFO, "LongRebootPress: Skipping..") | ||
def main(): | ||
LongRebootPress().start() | ||
``` | ||
|
||
The feature is added to the init flow as long as the we set the ```ENABLE_LONG_RESET_BUTTON_PRESS``` in ```rules/config``` | ||
|
||
``` | ||
# ENABLE_LONG_RESET_BUTTON_PRESS - enable long reset button press on switch | ||
ENABLE_LONG_RESET_BUTTON_PRESS ?= y | ||
``` | ||
|
||
### | ||
|
||
# Performance | ||
|
||
The ```long-reboot.service``` is required to run as fast as possible, and it is expected to finish running in milliseconds **(150-300 milliseconds)** on long reset detected, and not delay the init flow more than that. | ||
|
||
# Flows | ||
|
||
###### Long Reboot Press during init flow | ||
![](./sonic-reboot-press-init-flow.png "Long Reboot Press during init") | ||
|
||
The defualt long reset button press functionality is to delete non default users and restore original passwords for default users and expire them, all done using linux commands | ||
|
||
# Configuration and management | ||
|
||
## CLI | ||
|
||
<!-- omit in toc --> | ||
## Command structure | ||
|
||
**User interface**: | ||
``` | ||
config | ||
\-- long-reset-button-press | ||
|-- state <enabled|disabled> | ||
show | ||
\-- long-reset-button-press | ||
``` | ||
|
||
### Config command group | ||
**The following command set long-reset-button-press feature state:** | ||
```bash | ||
config long-reset-button-press state <enabled|disabled> | ||
``` | ||
|
||
### Show command | ||
**The following command display long-reset-button-press configuration:** | ||
```bash | ||
root@sonic:/home/admin# show long-reset-button-press | ||
state | ||
------- | ||
enabled | ||
``` | ||
|
||
## YANG model | ||
New YANG model `long-reset-button-press.yang` will be added to provide support for configuring long-reset-button-press state. | ||
|
||
**Skeleton code:** | ||
``` | ||
module sonic-long-reset-button-press { | ||
yang-version 1.1; | ||
namespace "http://github.com/sonic-net/long-reset-button-press"; | ||
description "LONG_RESET_BUTTON YANG Module for SONiC-based OS"; | ||
revision 2023-05-18 { | ||
description "First Revision"; | ||
} | ||
container sonic-long-reset-button-press { | ||
container LONG_RESET_BUTTON { | ||
description "LONG_RESET_BUTTON part of config_db.json"; | ||
container STATE { | ||
leaf state { | ||
type string { | ||
pattern "enabled|disabled"; | ||
} | ||
description "Long reset button feature state"; | ||
default disabled; | ||
} | ||
} /* end of container STATE */ | ||
} | ||
/* end of container LONG_RESET_BUTTON */ | ||
} | ||
/* end of top level container */ | ||
} | ||
/* end of module sonic-long-reset-button-press */ | ||
``` | ||
|
||
|
||
# Warmboot and Fastboot Design Impact | ||
|
||
The feature will not have any impact on fast reboot or warmboot. | ||
|
||
# Restrictions/Limitations | ||
|
||
No limitations and restrictions | ||
|
||
# Testing Requirements/Design | ||
|
||
## Unit Test cases | ||
|
||
In unit testing we want to see that the feature control commands change the state in the DB. | ||
|
||
## System Test cases | ||
|
||
We want to test the following flows: | ||
|
||
1. On long reset button press and the feature state is enabled, non-default users are supposed to be deleted and default users are restored to original passwords and expired. | ||
2. On long reset button press and the feature state is disabled, no change the current init flow. | ||
3. short reboot/warm/fast reboot does not affect the current init flow. |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.