[bgp] Save bgp admin state (#690)

* [bgp] Save admin state and set default state to shutdown

* Set default behavior to no shutdown

* Add build option SHUTDOWN_BGP_ON_START

* Script change for default admin state to be on

* Address CR comments to bgp_neighbor script

* Fix script bug

Makefile

@@ -53,6 +53,7 @@ DOCKER_MGMT_BUILD = docker build --no-cache \
 	    PLATFORM=$(PLATFORM) \
 	    BUILD_NUMBER=$(BUILD_NUMBER) \
 	    ENABLE_DHCP_GRAPH_SERVICE=$(ENABLE_DHCP_GRAPH_SERVICE) \
+	    SHUTDOWN_BGP_ON_START=$(SHUTDOWN_BGP_ON_START) \
 	    SONIC_ENABLE_SYNCD_RPC=$(ENABLE_SYNCD_RPC) \
 	    PASSWORD=$(PASSWORD) \
 	    USERNAME=$(USERNAME) \

dockers/docker-fpm-quagga/base_image_files/bgp_neighbor

@@ -0,0 +1,55 @@
+#!/bin/bash -e
+
+usage(){
+   echo "Usage:   $0 <shutdown|startup> <neighbor_ip>"
+   exit 255
+}
+
+[[ $# -ne 2 ]] && usage
+
+COMMAND=$1
+NEIGHBOR_IP=$2
+
+if [ "$COMMAND" == "shutdown" ]; then
+    CMD_PREFIX=""
+elif [ "$COMMAND" == "startup" ]; then
+    CMD_PREFIX="no"
+else
+    usage
+fi
+
+ASN=`vtysh -c "show ip bgp summary" | sed -n "s/.*AS number \([0-9]\+\).*/\1/p"`
+if [ -z "$ASN" ]; then
+    exit 255
+fi
+
+[ -f /etc/sonic/bgp_admin.yml ] || echo "bgp_admin_state:" > /etc/sonic/bgp_admin.yml
+
+# Operate on all ipv4 neighbors when "neighbor_ip" = 0.0.0.0
+if [ "$NEIGHBOR_IP" == "0.0.0.0" ] ; then
+    for NEIGHBOR in `vtysh -c "show run" | grep nei | grep -oE "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort | uniq`; do
+        vtysh -c "configure terminal" -c "router bgp $ASN" -c "$CMD_PREFIX neighbor $NEIGHBOR shutdown"
+
+        # Save admin state in config file
+        sed -i "/^\s*$NEIGHBOR:/d" /etc/sonic/bgp_admin.yml
+        if [ "$COMMAND" == "startup" ]; then
+            echo "  $NEIGHBOR: on" >> /etc/sonic/bgp_admin.yml
+        else
+            echo "  $NEIGHBOR: off" >> /etc/sonic/bgp_admin.yml
+        fi
+    done
+
+else
+    # Examine bgp neighbor exists first
+    vtysh -c "show ip bgp neighbor $NEIGHBOR_IP" | grep -q "BGP neighbor is"
+
+    vtysh -c "configure terminal" -c "router bgp $ASN" -c "$CMD_PREFIX neighbor $NEIGHBOR_IP shutdown"
+
+    # Save admin state in config file
+    sed -i "/^\s*$NEIGHBOR_IP:/d" /etc/sonic/bgp_admin.yml
+    if [ "$COMMAND" == "startup" ]; then
+        echo "  $NEIGHBOR_IP: on" >> /etc/sonic/bgp_admin.yml
+    else
+        echo "  $NEIGHBOR_IP: off" >> /etc/sonic/bgp_admin.yml
+    fi
+fi

dockers/docker-fpm-quagga/bgpd.conf.j2

@@ -50,6 +50,9 @@ router bgp {{ minigraph_bgp_asn }}
 {% if bgp_session['asn'] != 0 %}
   neighbor {{ bgp_session['addr'] }} remote-as {{ bgp_session['asn'] }}
   neighbor {{ bgp_session['addr'] }} description {{ bgp_session['name'] }}
+{% if bgp_admin_state and bgp_admin_state.has_key(bgp_session['addr']) and bgp_admin_state[bgp_session['addr']]==False or bgp_admin_state and not bgp_admin_state.has_key(bgp_session['addr']) and bgp_admin_state.has_key('all') and bgp_admin_state['all']==False %}
+  neighbor {{ bgp_session['addr'] }} shutdown
+{% endif %}
 {% if minigraph_devices[inventory_hostname]['type'] == 'ToRRouter' %}
   neighbor {{ bgp_session['addr'] }} allowas-in 1
 {% endif %}

dockers/docker-fpm-quagga/start.sh

@@ -1,7 +1,11 @@
 #!/usr/bin/env bash
 
 mkdir -p /etc/quagga
-sonic-cfggen -m /etc/sonic/minigraph.xml -t /usr/share/sonic/templates/bgpd.conf.j2 > /etc/quagga/bgpd.conf
+if [ -f /etc/sonic/bgp_admin.yml ]; then
+    sonic-cfggen -m /etc/sonic/minigraph.xml -y /etc/sonic/bgp_admin.yml -t /usr/share/sonic/templates/bgpd.conf.j2 > /etc/quagga/bgpd.conf
+else
+    sonic-cfggen -m /etc/sonic/minigraph.xml -t /usr/share/sonic/templates/bgpd.conf.j2 > /etc/quagga/bgpd.conf
+fi
 sonic-cfggen -m /etc/sonic/minigraph.xml -t /usr/share/sonic/templates/zebra.conf.j2 > /etc/quagga/zebra.conf
 
 sonic-cfggen -m /etc/sonic/minigraph.xml -t /usr/share/sonic/templates/isolate.j2 > /usr/sbin/bgp-isolate

files/build_templates/sonic_debian_extension.j2

@@ -131,7 +131,10 @@ sudo bash -c "echo dhcp_as_static=true >> $FILESYSTEM_ROOT/etc/sonic/updategraph
 {% else %}
 sudo bash -c "echo enabled=false > $FILESYSTEM_ROOT/etc/sonic/updategraph.conf"
 {% endif %}
-
+{% if shutdown_bgp_on_start == "y" %}
+sudo bash -c "echo bgp_admin_state: > $FILESYSTEM_ROOT/etc/sonic/bgp_admin.yml"
+sudo bash -c "echo '  all: off' >> $FILESYSTEM_ROOT/etc/sonic/bgp_admin.yml"
+{% endif %}
 # Copy SNMP configuration files
 sudo cp $IMAGE_CONFIGS/snmp/snmp.yml $FILESYSTEM_ROOT/etc/sonic/
 

rules/config

@@ -38,6 +38,10 @@ DEFAULT_PASSWORD = YourPaSsWoRd
 # If not set (default behavior) the default minigraph built into the image will be used.
 # ENABLE_DHCP_GRAPH_SERVICE = y
 
+# SHUTDOWN_BGP_ON_START - if set to y all bgp sessions will be in admin down state when 
+# bgp service starts.
+# SHUTDOWN_BGP_ON_START = y
+
 # SONIC_CONFIG_DEBUG - install debug packages
 # Uncomment next line to enable:
 # SONIC_CONFIG_DEBUG = y

rules/docker-fpm-quagga.mk

@@ -11,3 +11,4 @@ $(DOCKER_FPM_QUAGGA)_RUN_OPT += --net=host --privileged -t
 $(DOCKER_FPM_QUAGGA)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro
 
 $(DOCKER_FPM_QUAGGA)_BASE_IMAGE_FILES += vtysh:/usr/bin/vtysh
+$(DOCKER_FPM_QUAGGA)_BASE_IMAGE_FILES += bgp_neighbor:/usr/bin/bgp_neighbor

slave.mk

@@ -339,6 +339,7 @@ $(addprefix $(TARGET_PATH)/, $(SONIC_INSTALLERS)) : $(TARGET_PATH)/% : .platform
 	export sonicadmin_user="$(USERNAME)"
 	export sonic_asic_platform="$(CONFIGURED_PLATFORM)"
 	export enable_dhcp_graph_service="$(ENABLE_DHCP_GRAPH_SERVICE)"
+	export shutdown_bgp_on_start="$(SHUTDOWN_BGP_ON_START)"
 	export installer_debs="$(addprefix $(DEBS_PATH)/,$($*_DEPENDS))"
 	export lazy_installer_debs="$(foreach deb, $($*_INSTALLS),$(foreach device, $($(deb)_PLATFORM),$(addprefix $(device)@, $(DEBS_PATH)/$(deb))))"
 	export installer_images="$(addprefix $(TARGET_PATH)/,$($*_DOCKERS))"