From 5e6620e19ec7644428c8acd3761af2d85fc6689c Mon Sep 17 00:00:00 2001
From: Taoyu Li <taoyl@microsoft.com>
Date: Mon, 12 Jun 2017 11:05:22 -0700
Subject: [PATCH] [bgp] Save bgp admin state (#690)

* [bgp] Save admin state and set default state to shutdown

* Set default behavior to no shutdown

* Add build option SHUTDOWN_BGP_ON_START

* Script change for default admin state to be on

* Address CR comments to bgp_neighbor script

* Fix script bug
---
 Makefile                                      |  1 +
 .../base_image_files/bgp_neighbor             | 55 +++++++++++++++++++
 dockers/docker-fpm-quagga/bgpd.conf.j2        |  3 +
 dockers/docker-fpm-quagga/start.sh            |  6 +-
 .../build_templates/sonic_debian_extension.j2 |  5 +-
 rules/config                                  |  4 ++
 rules/docker-fpm-quagga.mk                    |  1 +
 slave.mk                                      |  1 +
 8 files changed, 74 insertions(+), 2 deletions(-)
 create mode 100755 dockers/docker-fpm-quagga/base_image_files/bgp_neighbor

diff --git a/Makefile b/Makefile
index 97f054c035b6..b2938221b240 100644
--- a/Makefile
+++ b/Makefile
@@ -53,6 +53,7 @@ DOCKER_MGMT_BUILD = docker build --no-cache \
 	    PLATFORM=$(PLATFORM) \
 	    BUILD_NUMBER=$(BUILD_NUMBER) \
 	    ENABLE_DHCP_GRAPH_SERVICE=$(ENABLE_DHCP_GRAPH_SERVICE) \
+	    SHUTDOWN_BGP_ON_START=$(SHUTDOWN_BGP_ON_START) \
 	    SONIC_ENABLE_SYNCD_RPC=$(ENABLE_SYNCD_RPC) \
 	    PASSWORD=$(PASSWORD) \
 	    USERNAME=$(USERNAME) \
diff --git a/dockers/docker-fpm-quagga/base_image_files/bgp_neighbor b/dockers/docker-fpm-quagga/base_image_files/bgp_neighbor
new file mode 100755
index 000000000000..d6bd67a0a02d
--- /dev/null
+++ b/dockers/docker-fpm-quagga/base_image_files/bgp_neighbor
@@ -0,0 +1,55 @@
+#!/bin/bash -e
+
+usage(){
+   echo "Usage:   $0 <shutdown|startup> <neighbor_ip>"
+   exit 255
+}
+
+[[ $# -ne 2 ]] && usage
+
+COMMAND=$1
+NEIGHBOR_IP=$2
+
+if [ "$COMMAND" == "shutdown" ]; then
+    CMD_PREFIX=""
+elif [ "$COMMAND" == "startup" ]; then
+    CMD_PREFIX="no"
+else
+    usage
+fi
+
+ASN=`vtysh -c "show ip bgp summary" | sed -n "s/.*AS number \([0-9]\+\).*/\1/p"`
+if [ -z "$ASN" ]; then
+    exit 255
+fi
+
+[ -f /etc/sonic/bgp_admin.yml ] || echo "bgp_admin_state:" > /etc/sonic/bgp_admin.yml
+
+# Operate on all ipv4 neighbors when "neighbor_ip" = 0.0.0.0
+if [ "$NEIGHBOR_IP" == "0.0.0.0" ] ; then
+    for NEIGHBOR in `vtysh -c "show run" | grep nei | grep -oE "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" | sort | uniq`; do
+        vtysh -c "configure terminal" -c "router bgp $ASN" -c "$CMD_PREFIX neighbor $NEIGHBOR shutdown"
+        
+        # Save admin state in config file
+        sed -i "/^\s*$NEIGHBOR:/d" /etc/sonic/bgp_admin.yml
+        if [ "$COMMAND" == "startup" ]; then
+            echo "  $NEIGHBOR: on" >> /etc/sonic/bgp_admin.yml
+        else
+            echo "  $NEIGHBOR: off" >> /etc/sonic/bgp_admin.yml
+        fi
+    done
+
+else
+    # Examine bgp neighbor exists first
+    vtysh -c "show ip bgp neighbor $NEIGHBOR_IP" | grep -q "BGP neighbor is"
+
+    vtysh -c "configure terminal" -c "router bgp $ASN" -c "$CMD_PREFIX neighbor $NEIGHBOR_IP shutdown"
+
+    # Save admin state in config file
+    sed -i "/^\s*$NEIGHBOR_IP:/d" /etc/sonic/bgp_admin.yml
+    if [ "$COMMAND" == "startup" ]; then
+        echo "  $NEIGHBOR_IP: on" >> /etc/sonic/bgp_admin.yml
+    else
+        echo "  $NEIGHBOR_IP: off" >> /etc/sonic/bgp_admin.yml
+    fi
+fi
diff --git a/dockers/docker-fpm-quagga/bgpd.conf.j2 b/dockers/docker-fpm-quagga/bgpd.conf.j2
index fff27678c95b..0c848939df9d 100644
--- a/dockers/docker-fpm-quagga/bgpd.conf.j2
+++ b/dockers/docker-fpm-quagga/bgpd.conf.j2
@@ -50,6 +50,9 @@ router bgp {{ minigraph_bgp_asn }}
 {% if bgp_session['asn'] != 0 %}
   neighbor {{ bgp_session['addr'] }} remote-as {{ bgp_session['asn'] }}
   neighbor {{ bgp_session['addr'] }} description {{ bgp_session['name'] }}
+{% if bgp_admin_state and bgp_admin_state.has_key(bgp_session['addr']) and bgp_admin_state[bgp_session['addr']]==False or bgp_admin_state and not bgp_admin_state.has_key(bgp_session['addr']) and bgp_admin_state.has_key('all') and bgp_admin_state['all']==False %}
+  neighbor {{ bgp_session['addr'] }} shutdown
+{% endif %}
 {% if minigraph_devices[inventory_hostname]['type'] == 'ToRRouter' %}
   neighbor {{ bgp_session['addr'] }} allowas-in 1
 {% endif %}
diff --git a/dockers/docker-fpm-quagga/start.sh b/dockers/docker-fpm-quagga/start.sh
index a02117dee5ef..bc3fbf4e907a 100755
--- a/dockers/docker-fpm-quagga/start.sh
+++ b/dockers/docker-fpm-quagga/start.sh
@@ -1,7 +1,11 @@
 #!/usr/bin/env bash
 
 mkdir -p /etc/quagga
-sonic-cfggen -m /etc/sonic/minigraph.xml -t /usr/share/sonic/templates/bgpd.conf.j2 > /etc/quagga/bgpd.conf
+if [ -f /etc/sonic/bgp_admin.yml ]; then
+    sonic-cfggen -m /etc/sonic/minigraph.xml -y /etc/sonic/bgp_admin.yml -t /usr/share/sonic/templates/bgpd.conf.j2 > /etc/quagga/bgpd.conf
+else
+    sonic-cfggen -m /etc/sonic/minigraph.xml -t /usr/share/sonic/templates/bgpd.conf.j2 > /etc/quagga/bgpd.conf
+fi
 sonic-cfggen -m /etc/sonic/minigraph.xml -t /usr/share/sonic/templates/zebra.conf.j2 > /etc/quagga/zebra.conf
 
 sonic-cfggen -m /etc/sonic/minigraph.xml -t /usr/share/sonic/templates/isolate.j2 > /usr/sbin/bgp-isolate
diff --git a/files/build_templates/sonic_debian_extension.j2 b/files/build_templates/sonic_debian_extension.j2
index 94f8292fb955..00398654b12c 100644
--- a/files/build_templates/sonic_debian_extension.j2
+++ b/files/build_templates/sonic_debian_extension.j2
@@ -131,7 +131,10 @@ sudo bash -c "echo dhcp_as_static=true >> $FILESYSTEM_ROOT/etc/sonic/updategraph
 {% else %}
 sudo bash -c "echo enabled=false > $FILESYSTEM_ROOT/etc/sonic/updategraph.conf"
 {% endif %}
-
+{% if shutdown_bgp_on_start == "y" %}
+sudo bash -c "echo bgp_admin_state: > $FILESYSTEM_ROOT/etc/sonic/bgp_admin.yml"
+sudo bash -c "echo '  all: off' >> $FILESYSTEM_ROOT/etc/sonic/bgp_admin.yml"
+{% endif %}
 # Copy SNMP configuration files
 sudo cp $IMAGE_CONFIGS/snmp/snmp.yml $FILESYSTEM_ROOT/etc/sonic/
 
diff --git a/rules/config b/rules/config
index 4d0fc7801c9a..e813cd7ef1cb 100644
--- a/rules/config
+++ b/rules/config
@@ -38,6 +38,10 @@ DEFAULT_PASSWORD = YourPaSsWoRd
 # If not set (default behavior) the default minigraph built into the image will be used.
 # ENABLE_DHCP_GRAPH_SERVICE = y
 
+# SHUTDOWN_BGP_ON_START - if set to y all bgp sessions will be in admin down state when 
+# bgp service starts.
+# SHUTDOWN_BGP_ON_START = y
+
 # SONIC_CONFIG_DEBUG - install debug packages
 # Uncomment next line to enable:
 # SONIC_CONFIG_DEBUG = y
diff --git a/rules/docker-fpm-quagga.mk b/rules/docker-fpm-quagga.mk
index a9c0511ba173..1e95c96e001b 100644
--- a/rules/docker-fpm-quagga.mk
+++ b/rules/docker-fpm-quagga.mk
@@ -11,3 +11,4 @@ $(DOCKER_FPM_QUAGGA)_RUN_OPT += --net=host --privileged -t
 $(DOCKER_FPM_QUAGGA)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro
 
 $(DOCKER_FPM_QUAGGA)_BASE_IMAGE_FILES += vtysh:/usr/bin/vtysh
+$(DOCKER_FPM_QUAGGA)_BASE_IMAGE_FILES += bgp_neighbor:/usr/bin/bgp_neighbor
diff --git a/slave.mk b/slave.mk
index 40f3d617c081..c8ffbd8086f0 100644
--- a/slave.mk
+++ b/slave.mk
@@ -339,6 +339,7 @@ $(addprefix $(TARGET_PATH)/, $(SONIC_INSTALLERS)) : $(TARGET_PATH)/% : .platform
 	export sonicadmin_user="$(USERNAME)"
 	export sonic_asic_platform="$(CONFIGURED_PLATFORM)"
 	export enable_dhcp_graph_service="$(ENABLE_DHCP_GRAPH_SERVICE)"
+	export shutdown_bgp_on_start="$(SHUTDOWN_BGP_ON_START)"
 	export installer_debs="$(addprefix $(DEBS_PATH)/,$($*_DEPENDS))"
 	export lazy_installer_debs="$(foreach deb, $($*_INSTALLS),$(foreach device, $($(deb)_PLATFORM),$(addprefix $(device)@, $(DEBS_PATH)/$(deb))))"
 	export installer_images="$(addprefix $(TARGET_PATH)/,$($*_DOCKERS))"