Need an API for re-deploying an entire switch's configuration

[henn]

This is needed for when a switch dies/gets reinstalled or is in an unknown state.

Something like switch-deploy() or switch-flush()

Discussed with @okrieg and @gsilvis

[ryabouza]

How would this work? Would switch_flush just remove any ports on the switch that reside on the VLANs listed in haas.cfg, then create the networks that are listed in the DB? How should it handle journal entries?

[zenhack]

Quoting Ryan Abouzahra (2014-10-20 11:41:53)

How would this work? Would switch_flush just remove any ports on the switch that reside on the VLANs listed in haas.cfg, then create the networks that are listed in the DB?

My thinking is we could just itertate through the db and apply everything. Is there a reason that wouldn't work? For security reasons, we might want to make sure the saved (on-boot) config on the switch just has all the ports turned off - this way we don't risk people accidentally being on networks they shouldn't be.

[ryabouza]

Okay, how would we handle journal entries? Would they be applied after the DB? Also, how much of an "unknown state" do we intend to support? What happens if the trunk port isn't setup?

[henn]

I'd suggest that to maintain simplicity, we set a flag that causes the journal action thread(s) to suspend, verify this happened, then deploy that switch's config.

[ryabouza]

That seems like the correct solution to me.

[gsilvis]

The trunk port is a real problem here---right now the HaaS never touches it at all.

[gsilvis]

I think an easier solution may be to have a special journal entry "apply entire database"

[zenhack]

Quoting gsilvis (2014-10-20 17:55:25)

The trunk port is a real problem here---right now the HaaS never touches it at all.

We really ought to be recording this somewhere - right now the configuration on that port is a complete snowflake.

[henn]

Treat the trunk as another port that supports "trunked" mode? Perhaps support a free text field that is a series of special commands?

[zenhack]

Quoting henn (2014-10-20 22:09:05)

Treat the trunk as another port that supports "trunked" mode? Perhaps support a free text field that is a series of special commands?

I don't think we should try to come up with an ad-hoc representation of trunking just for this -- maybe if/when we actually otherwise support trunking that would be the way to go.

The trunk port is static config - it probably should be encoded in ansible/puppet/etc. Probably we should somehow make sure the switch's boot config has the right settings for that port, and all of the ports with nodes on them come up shut off. Then simply walking through the database will be enough.