Refactor neighbor VM image downloading #14200
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The original design assumes downloading neighbor VM images from azure storage using SAS key if image file is not found on local testbed server. Since SAS key is considered as a credential, the design introduces complexity of managing SAS keys securely. This change refactored the design to download image files from simple HTTP server. URL of the image files can be specified in variable files under `ansible/group_vars/vm_host`. Signed-off-by: Xin Wang <[email protected]>
opcoder0
approved these changes
Aug 23, 2024
There was a problem hiding this comment.
LGTM.
- Check ___ image
- Download ___ image
I see the blocks that perform the above functions are quite similar. I was wondering if they could be moved to another task (download-image.yml) with variables and be called from start.yml like the other re-use happening between start.yml -> start_vm.yml. Perhaps in a refactor PR.
|
@wangxin PR conflicts with 202205 branch |
mssonicbld
pushed a commit
to mssonicbld/sonic-mgmt
that referenced
this pull request
Sep 2, 2024
What is the motivation for this PR? The original design assumes downloading neighbor VM images from azure storage using SAS key if image file is not found on local testbed server. Since SAS key is considered as a credential, the design introduces complexity of managing SAS keys securely. How did you do it? This change refactored the design to download image files from simple HTTP server. URL of the image files can be specified in variable files under ansible/group_vars/vm_host. How did you verify/test it? Run add-topo/remove-topo, start-topo-vms/stop-topo-vms Signed-off-by: Xin Wang <[email protected]>
|
@wangxin PR conflicts with 202305 branch |
|
Cherry-pick PR to 202405: #14353 |
mssonicbld
pushed a commit
to mssonicbld/sonic-mgmt
that referenced
this pull request
Sep 2, 2024
What is the motivation for this PR? The original design assumes downloading neighbor VM images from azure storage using SAS key if image file is not found on local testbed server. Since SAS key is considered as a credential, the design introduces complexity of managing SAS keys securely. How did you do it? This change refactored the design to download image files from simple HTTP server. URL of the image files can be specified in variable files under ansible/group_vars/vm_host. How did you verify/test it? Run add-topo/remove-topo, start-topo-vms/stop-topo-vms Signed-off-by: Xin Wang <[email protected]>
8 tasks
|
Cherry-pick PR to 202311: #14354 |
8 tasks
wangxin
added a commit
to wangxin/sonic-mgmt
that referenced
this pull request
Sep 2, 2024
What is the motivation for this PR? The original design assumes downloading neighbor VM images from azure storage using SAS key if image file is not found on local testbed server. Since SAS key is considered as a credential, the design introduces complexity of managing SAS keys securely. How did you do it? This change refactored the design to download image files from simple HTTP server. URL of the image files can be specified in variable files under ansible/group_vars/vm_host. How did you verify/test it? Run add-topo/remove-topo, start-topo-vms/stop-topo-vms Signed-off-by: Xin Wang <[email protected]>
wangxin
added a commit
to wangxin/sonic-mgmt
that referenced
this pull request
Sep 2, 2024
What is the motivation for this PR? The original design assumes downloading neighbor VM images from azure storage using SAS key if image file is not found on local testbed server. Since SAS key is considered as a credential, the design introduces complexity of managing SAS keys securely. How did you do it? This change refactored the design to download image files from simple HTTP server. URL of the image files can be specified in variable files under ansible/group_vars/vm_host. How did you verify/test it? Run add-topo/remove-topo, start-topo-vms/stop-topo-vms Signed-off-by: Xin Wang <[email protected]>
8 tasks
8 tasks
mssonicbld
pushed a commit
that referenced
this pull request
Sep 2, 2024
What is the motivation for this PR? The original design assumes downloading neighbor VM images from azure storage using SAS key if image file is not found on local testbed server. Since SAS key is considered as a credential, the design introduces complexity of managing SAS keys securely. How did you do it? This change refactored the design to download image files from simple HTTP server. URL of the image files can be specified in variable files under ansible/group_vars/vm_host. How did you verify/test it? Run add-topo/remove-topo, start-topo-vms/stop-topo-vms Signed-off-by: Xin Wang <[email protected]>
mssonicbld
pushed a commit
that referenced
this pull request
Sep 2, 2024
What is the motivation for this PR? The original design assumes downloading neighbor VM images from azure storage using SAS key if image file is not found on local testbed server. Since SAS key is considered as a credential, the design introduces complexity of managing SAS keys securely. How did you do it? This change refactored the design to download image files from simple HTTP server. URL of the image files can be specified in variable files under ansible/group_vars/vm_host. How did you verify/test it? Run add-topo/remove-topo, start-topo-vms/stop-topo-vms Signed-off-by: Xin Wang <[email protected]>
wangxin
added a commit
that referenced
this pull request
Sep 2, 2024
Manually cherry-pick #14200 to 202305 branch due to conflicts. What is the motivation for this PR? The original design assumes downloading neighbor VM images from azure storage using SAS key if image file is not found on local testbed server. Since SAS key is considered as a credential, the design introduces complexity of managing SAS keys securely. How did you do it? This change refactored the design to download image files from simple HTTP server. URL of the image files can be specified in variable files under ansible/group_vars/vm_host. How did you verify/test it? Run add-topo/remove-topo, start-topo-vms/stop-topo-vms Signed-off-by: Xin Wang <[email protected]>
wangxin
added a commit
that referenced
this pull request
Sep 2, 2024
Manually cherry-pick #14200 to 202205 branch due to conflicts. What is the motivation for this PR? The original design assumes downloading neighbor VM images from azure storage using SAS key if image file is not found on local testbed server. Since SAS key is considered as a credential, the design introduces complexity of managing SAS keys securely. How did you do it? This change refactored the design to download image files from simple HTTP server. URL of the image files can be specified in variable files under ansible/group_vars/vm_host. How did you verify/test it? Run add-topo/remove-topo, start-topo-vms/stop-topo-vms Signed-off-by: Xin Wang <[email protected]>
8 tasks
wangxin
pushed a commit
that referenced
this pull request
Sep 3, 2024
What is the motivation for this PR? In PR #14200, it updated the file path of ceos.yml. But in our code, there still exists some references to the file which are not be updated to the new path. In this PR, we update these references to the new path. How did you do it? Update some references of ceos.yml to the new path.
hdwhdw
pushed a commit
to hdwhdw/sonic-mgmt
that referenced
this pull request
Sep 20, 2024
What is the motivation for this PR? In PR sonic-net#14200, it updated the file path of ceos.yml. But in our code, there still exists some references to the file which are not be updated to the new path. In this PR, we update these references to the new path. How did you do it? Update some references of ceos.yml to the new path.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of PR
Summary:
Fixes # (issue)
Type of change
Back port request
Approach
What is the motivation for this PR?
The original design assumes downloading neighbor VM images from azure storage using SAS key if image file is not found on local testbed server. Since SAS key is considered as a credential, the design introduces complexity of managing SAS keys securely.
How did you do it?
This change refactored the design to download image files from simple HTTP server. URL of the image files can be specified in variable files under
ansible/group_vars/vm_host.How did you verify/test it?
Run add-topo/remove-topo, start-topo-vms/stop-topo-vms
Any platform specific information?
Supported testbed topology if it's a new test case?
Documentation
The documentation should be updated accordingly. I will submit separate PR for the documentation change.