Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create Debug gNOI service for interacting with devices for debugging #147

Merged
merged 1 commit into from
Nov 3, 2023
Merged

Create Debug gNOI service for interacting with devices for debugging #147

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion compile_protos.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ set -euo pipefail
proto_imports=".:${GOPATH}/src/github.com/google/protobuf/src:${GOPATH}/src/github.com/googleapis/googleapis:${GOPATH}/src:."

# Go
for p in types common containerz diag bgp cert factory_reset file healthz layer2 mpls system os otdr wavelength_router packet_link_qualification; do
for p in types common containerz debug diag bgp cert factory_reset file healthz layer2 mpls system os otdr wavelength_router packet_link_qualification; do
protoc -I="${proto_imports}" --go-grpc_out=. --go-grpc_opt=paths=source_relative --go_out=. --go_opt=paths=source_relative $p/$p.proto
done

54 changes: 54 additions & 0 deletions debug/BUILD.bazel
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
load("@rules_proto//proto:defs.bzl", "proto_library")
load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")

#Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#
load("@com_github_grpc_grpc//bazel:cc_grpc_library.bzl", "cc_grpc_library")

package(
default_visibility = ["//visibility:public"],
licenses = ["notice"],
)

proto_library(
name = "debug_proto",
srcs = ["debug.proto"],
deps = [
"//types:types_proto",
"@com_google_protobuf//:any_proto",
],
)

cc_proto_library(
name = "debug_cc_proto",
deps = [":debug_proto"],
)

cc_grpc_library(
name = "debug_cc_grpc_proto",
srcs = [":debug_proto"],
grpc_only = True,
deps = [":debug_cc_proto"],
)

go_proto_library(
name = "debug_go_proto",
compilers = ["@io_bazel_rules_go//proto:go_grpc"],
importpath = "github.com/openconfig/gnoi/debug",
proto = ":debug_proto",
deps = ["//types:types_go_proto"],
)
40 changes: 40 additions & 0 deletions debug/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
# gNOI `Debug` Streaming RPC Design
marcushines marked this conversation as resolved.
Show resolved Hide resolved

**Contributors**: [email protected], [email protected]
**Last Updated**: 2023-11-04

## Background

* [gNOI Repository](https://github.com/openconfig/gnoi)
* [gNOI `Debug` service](https://github.com/openconfig/gnoi/tree/master/debug)

For all legacy devices that provided a CLI on box, providers have leveraged this CLI through services to provide users with the ability to interact with device CLI's to both get information as well as set operational state on devices. This interaction is very vendor specific and requires significant overhead to maintain the vendor specific bindings throughout the operational life cycle of a device.
marcushines marked this conversation as resolved.
Show resolved Hide resolved

With the introduction of g* services, the goal has been to remove vendor specific data formats from the view operators. This lets operators have standard models for interacting with any number of vendor devices consistently. There however are gaps between those endpoints versioning and the ability to troubleshoot specific data on a device before API's can be updated. This proposal is to enable a lightweight interface via gRPC to still access shell level interactions on the device in a secure, maintainable way.
marcushines marked this conversation as resolved.
Show resolved Hide resolved

marcushines marked this conversation as resolved.
Show resolved Hide resolved
## Architecture

The service will run on a specified port. This service upon recieving a command the server will validate the user has access to the service via Authz check. If user has access the server will then parse the request and check if the user has both the acccess to run the command and if provided act as the role user. If the user is allowed the device will then open "shell" in the mode requested and execute the command in that mode.

## User Experience

### User needs to get custom state from device

User Request -> Stream of data returned

Example requests are CLI ‘show’ commands. Ie:

`show proc cpu | json`

### User needs to be able to shell to subcomponent (linecard / backup supervisor) to get data

`shell <linecard>; show memory`

### User needs to tail a process to get output

`tail -f /var/log/foo`

### User needs to capture a trace of process

`strace <cmd>`

Loading