Banner HLD #1361
Banner HLD #1361
Conversation
|
|
|
|
SviatoslavBoichuk
force-pushed
the
banner_hld
branch
from
784d489 to
398f1e6
Compare
SviatoslavBoichuk
force-pushed
the
banner_hld
branch
from
398f1e6 to
f1fdf14
Compare
doc/banner/banner_hld.md
Outdated
|
|
||
| description "BANNER_MESSAGE part of config_db.json"; | ||
|
|
||
| container pre_login { |
There was a problem hiding this comment.
Add default values.
doc/banner/banner_hld.md
Outdated
|
|
||
| } | ||
|
|
||
| container post_login { |
There was a problem hiding this comment.
Instead of adding 3 containers i.e pre_login, post_login & post_logout, can we have the BANNER table name and key as "global" and three 3 attributes.
doc/banner/banner_hld.md
Outdated
|
|
||
| } | ||
|
|
||
| container post_login { |
There was a problem hiding this comment.
Rename the field name as motd and add descriptions for all three fields.
|
Questions:
|
|
community review recording https://zoom.us/rec/share/4Wwy3t9ogqaeABDgjvYQ6IOwAovCEqdamwVzTeR9dxlvMK2GlOhNhrkcWfOgpeyc.dXhqq6g4IUDmdjxa |
SviatoslavBoichuk
force-pushed
the
banner_hld
branch
from
f1fdf14 to
f8ed1f4
Compare
|
SviatoslavBoichuk
force-pushed
the
banner_hld
branch
from
f8ed1f4 to
bdfa859
Compare
What does it take to get something like this? https://gist.github.com/bearlike/d5c90dd24e43e0c5cf89342ac4331358 |
|
@SviatoslavBoichuk pls refer to the latest questions and if no further open issues, i will go a head and merge it. |
Originally feature was designed to provide opportunity for users to configure the Banner messages (even if it is just simple string) via CLI commands and save it to Redis Config DB, so it will be restored after SONiC upgrade (better user experiance). In case of the scripts - I don't see easy way to provide the same functionality for user as I described above. |
Provided reply to the latest questions. The code PRs planned to be published ~ middle of September (in worst case end of September). |
SviatoslavBoichuk
force-pushed
the
banner_hld
branch
from
bdfa859 to
bb18a23
Compare
| | :-----------: | :-----------------------------------------------------------------------------: | | ||
| | login | Display a banner to the users connected locally or remotely before login prompt | | ||
| | motd | Display a banner to the users after login prompt | | ||
| | logout | Display a logout banner to the users connected locally or remotely | |
There was a problem hiding this comment.
- Please explain the purpose or use case of logout banner requirement.
- Mention the Linux banner files (/etc/banner, /etc/motd, etc) where the banners are maintained for completeness
There was a problem hiding this comment.
- Purpose to have logout message is - full interface (login-motd-logout)
- Updated HLD and mentioned Linux files
There was a problem hiding this comment.
Sorry, still not convinced about the use case for logout banner. Linux does not support logout banner natively, seems to be something new being brought as SONiC specific. I would recommend to add logout banner, if valid use case is available.
There was a problem hiding this comment.
Logout message supported by bash (bash.bash_logout file). The logout message will be written from ConfDB to new file: /etc/logout_message. And "bash.bash_logout" will be modified to read logout message from "/etc/logout_message" and display it (via 'echo'). Some vendors, for example Mellanox (https://docs.nvidia.com/networking/display/onyxv3102002/ui+commands#src-80577389_UICommands-Banner) support logout banner, so it might be useful for users.
| **This feature will support the following functionality:** | ||
| 1. Show Banner configuration | ||
| 2. Configure Banner | ||
| 1. Feature state |
There was a problem hiding this comment.
Is enable / disable of banner feature is supported? If so, unable to locate the respective commands.
There was a problem hiding this comment.
Updated HLD with feature state enable/disable command (please see section 2.3.1 Config command group)
There was a problem hiding this comment.
It would be great if below details are added into HLD
- The behavior when feature state is disabled ==> Is it intended to revert back to default SONiC banner? If not, what is the procedure to revert back to default banner?
- The behavior of when feature state is enabled ==> Is user configured banner will be applied into system only when state is enabled?
- The behavior of banner configuration when feature state is disabled
- The provisions to revert back to default banners independently, looks like currently the feature state disabled option is meant for that (if the assumption is correct). Both banners will be reverted to default. I would suggest to add default option in both command syntax (config login banner default, config motd banner default) and remove the feature enable / disable option. This will provide flexibility to user to manage the banners independently and consistent with other configuration commands to set default values.
There was a problem hiding this comment.
Updated Flows section in HLD with explanation regarding feature state.
Regarding reverting back to default SONiC banners. AFAIK SONiC OS doesn't have an infra to restore configuration to default values, and whatever configuration you changed - to revert it back to "default" you need to configured "default" value again manually. The same is for this feature.
|
|
||
| <!-- omit in toc --> | ||
| ### 2.5.2 Banner config flow | ||
|  |
There was a problem hiding this comment.
I would recommend to update the banner files directly from hostcfgd service. This will avoid introducing another service (banner-config) which is intended to fetch the data from redis & update the banner files.
Is there any advantage of introducing new host service?
There was a problem hiding this comment.
The hostcfgd (after reboot) start later then network service - means banner might not be updated when user login to the system.
It is main goal to use the systemd service as single point where the banners will be updated and it will start before network service.
| 3. Save configuration and reboot device - expected to see configured message after login prompt. | ||
| 3. Configure logout banner message | ||
| 1. Logout form system - expected to see configured logout message. | ||
| 2. Do not save configuration and reboot device. Logout from system after reboot - expected to see default message before login prompt. |
There was a problem hiding this comment.
I hope that expected result shall be the default logout banner message after login + logout sequence
| 3. Configure logout banner message | ||
| 1. Logout form system - expected to see configured logout message. | ||
| 2. Do not save configuration and reboot device. Logout from system after reboot - expected to see default message before login prompt. | ||
| 3. Save configuration and reboot device. Logout from system after reboot expected to see configured message before login prompt. |
There was a problem hiding this comment.
I hope that expected result shall be the configured logout banner message after login + logout sequence
SviatoslavBoichuk
force-pushed
the
banner_hld
branch
from
5fb87d3 to
f2e2c91
Compare
|
@yxieca @venkatmahalingam @dharmaraj-gurusamy any further comments? if not we wish to merge this PR and share the code PRs soon |
| This feature require access to SONiC DB. All messages (MOTD, login and logout) saved into the SONiC config database. Hostcfgd will listen for the configuration changes in corresponding tables and restart banner-config service. Banner config service - it is simple SystemD service which runs before we get SSH connection. It reads configured messages from database and apply it to Linux. | ||
|
|
||
| **The Linux files will be used:** | ||
| 1. /etc/issue.net and /etc/issue - Login message |
There was a problem hiding this comment.
I hope that Debian uses /etc/login.warn file as default login banner file & Linux flavors use /etc/issue and /etc/issue.net files. Please correct me, if wrong. If so, any reason why it is not being updated & introducing new files?
There was a problem hiding this comment.
Don't see /etc/login.warn file is used by SONiC. The messages is configured to /etc/motd, /etc/issue.net files.
The Banner feature is going use the same files. We introduce only 1 new file: /etc/logout_message for logout banner.
This file will be used in "bash.bash_logout" script to read and display configured logout message.
| | :-----------: | :-----------------------------------------------------------------------------: | | ||
| | login | Display a banner to the users connected locally or remotely before login prompt | | ||
| | motd | Display a banner to the users after login prompt | | ||
| | logout | Display a logout banner to the users connected locally or remotely | |
There was a problem hiding this comment.
Sorry, still not convinced about the use case for logout banner. Linux does not support logout banner natively, seems to be something new being brought as SONiC specific. I would recommend to add logout banner, if valid use case is available.
| **This feature will support the following functionality:** | ||
| 1. Show Banner configuration | ||
| 2. Configure Banner | ||
| 1. Feature state |
There was a problem hiding this comment.
It would be great if below details are added into HLD
- The behavior when feature state is disabled ==> Is it intended to revert back to default SONiC banner? If not, what is the procedure to revert back to default banner?
- The behavior of when feature state is enabled ==> Is user configured banner will be applied into system only when state is enabled?
- The behavior of banner configuration when feature state is disabled
- The provisions to revert back to default banners independently, looks like currently the feature state disabled option is meant for that (if the assumption is correct). Both banners will be reverted to default. I would suggest to add default option in both command syntax (config login banner default, config motd banner default) and remove the feature enable / disable option. This will provide flexibility to user to manage the banners independently and consistent with other configuration commands to set default values.
SviatoslavBoichuk
force-pushed
the
banner_hld
branch
from
f2e2c91 to
e82c388
Compare
|
@SviatoslavBoichuk |
Hi @liat-grozovik , I update description with code PRs. |
|
|
||
| This feature require access to SONiC DB. All messages (MOTD, login and logout) saved into the SONiC config database. Hostcfgd will listen for the configuration changes in corresponding tables and restart banner-config service. Banner config service - it is simple SystemD service which runs before we get SSH connection. It reads configured messages from database and apply it to Linux. | ||
|
|
||
| **The Linux files will be used:** |
There was a problem hiding this comment.
I am wondering why should user not directly update the linux files. What is the value added by this HLD?
Is there a really scenarios that we need to config banner per device? If no, maybe a single command line to update these "Linux files" will be good enough. No dependency on database, hostcfgd, no need to have another service.
There was a problem hiding this comment.
The banner messages are user configuration.
We would like to provide to user simple CLI commands to configure messages.
Saved banners to Config DB will be restored after upgrade, so user don't need to set them again.
|
@SviatoslavBoichuk Can you please update the Quality Metric (Alpha/Beta/GA) for the feature either in this PR comments or in HLD itself based on https://github.com/sonic-net/SONiC/blob/master/doc/SONiC%20feature%20quality%20definition.md |
- Why I did it Added Banner feature related services according to HLD: sonic-net/SONiC#1361 - How I did it Added banner-config systemd service, YANG model for new ConfDB table and YANG model tests - How to verify it Manual test Co-authored-by: Sviatoslav Boichuk <[email protected]>
- Why I did it Added Banner feature related Config DB table according to HLD: sonic-net/SONiC#1361 - How I did it Added Banner table name to schema.h. Signed-off-by: Yevhen Fastiuk <[email protected]>
- Why I did it Added Banner feature related Config DB table according to HLD: sonic-net/SONiC#1361 - How I did it Added Banner table name to schema.h. Signed-off-by: Yevhen Fastiuk <[email protected]>
…79) - Why I did it Added Banner feature related hostcfgd service according to HLD: sonic-net/SONiC#1361 This PR depends on the following PR: sonic-net/sonic-swss-common#826 - How I did it Added BannerCfg service to hostcfgd. It handles Config DB changes and restart "banner-config" systemd service which will update banners. - How to verify it Manual test Signed-off-by: Yevhen Fastiuk <[email protected]> Co-authored-by: Yevhen Fastiuk <[email protected]>
…onfiguration (#3021) What I did Added CLI commands for Banner feature according to HLD: sonic-net/SONiC#1361 How I did it Added CLI commands to: Enable/disable Banner feature Configure Banner messages: login/motd/logout Related show command How to verify it Manual testing
This document provides general information about Banner implementation in SONiC
The scope of this document is to cover definition, design and implementation of SONiC Banner feature and Banner CLI.