infix icon indicating copy to clipboard operation
infix copied to clipboard
verified publisher icon kernelkit

Refactor YANG bootstrap from online to offline

Open troglobit opened this issue 1 year ago • 6 comments

Currently, loading of all YANG models at runtime takes a LOT of time -- on the main quad-core Cortex A72 platform it takes up to 15 seconds!

The reason for us not using the defaults created offline (at build time) is that sysrepo only allows initializing the factory datastore (per yang model) when loading the YANG model.

After discussions in the team we think one avenue to explore here is to patch sysrepo to unlock loading factory using sysrepoctl at least once at boot. This would allow us to load device specific factory data, e.g. admin user's default password (unique per device).

troglobit avatar Mar 04 '24 10:03 troglobit

As part of this task we might consider making some other changes to our model:

  • /system/hostname: Support %-specifiers. We should probably support at least:
    • %i: OS ID (from /etc/os-release). infix on vanilla builds,
    • %m: NIC specific part of base MAC. c0:ff:ee
  • /system/authentication/user/password: Augment model to allow the literal factory-default or similar. This would indicate that the device's factory password, whatever it may be, should be used.

This would make it easier to support having static factory-configs, though there are still problems to solve there I think (SSH server keys come to mind).

  • #435

wkz avatar Apr 02 '24 19:04 wkz

Further discussions on this topic have yielded the following ideas:

  • We will need to add support for yescrypt, and similar, so updating the password hash pattern in ietf-system for $y$ will open up for alos carrying a string like factory-default as well

    • #435

  • /ietf-interface:interfaces could be extended with support for templates, or profiles

     interface e1
   type ethernet
   profile default
   ethernet speed-duplex 100 full

 interface default
   type profile
   ipv6

    The yang model could look something like:

     interface {
     leaf-ref profile;
       default "default";
 }
    • #436

troglobit avatar May 03 '24 06:05 troglobit

Should we make a break-down of this task?

jovatn avatar May 08 '24 05:05 jovatn

Great idea, with the work of @mattiaswal we now know more about it, and the work has also shifted a bit. It looks something like this (to be added to the issue summary if we agree):

  1. Refactor bootstrap enough to be done pre-runtime (buildtime if possible), i.e., this task
  2. #434
  3. #433

There are more steps, but focus has moved slightly from speeding up boot to enabling upgrade of sysrepo to get rousette integrated so we get RESTCONF support for the proper WebUI.

troglobit avatar May 08 '24 06:05 troglobit

Are these things part of this task or should we spawn or create subtasks?

  • #432
  • #435

jovatn avatar May 13 '24 06:05 jovatn

@jovatn + @mattiaswal I've made a breakdown into more tasks now. Would've been great if there was a "depends-on" relationship for issues on GitHub ... anyway, we should have a CCB meeting and plan these.

troglobit avatar May 13 '24 09:05 troglobit

Fixed in PR #460.

troglobit avatar May 24 '24 10:05 troglobit