fabric-testbed · kthare10 · Sep 18, 2024 · Aug 6, 2024 · Sep 12, 2024 · Sep 13, 2024
diff --git a/fabric_am/handlers/switch_handler.py b/fabric_am/handlers/switch_handler.py
@@ -140,15 +140,24 @@ def create(self, unit: ConfigToken) -> Tuple[dict, ConfigToken]:
             Utils.verify_ssh(mgmt_ip=ansible_host, user=ansible_ssh_user, pwd=ansible_ssh_pass,
                              logger=self.get_logger(), retry=10)
 
-            sde_file_name = self.get_config().get(Constants.CONFIG_SECTION_RUNTIME).get(AmConstants.P4)
             extra_vars = {
                 AmConstants.OPERATION: AmConstants.OP_CONFIG,
-                AmConstants.SSH_KEY: ssh_key,
-                AmConstants.SDE_FILE_NAME: sde_file_name
+                AmConstants.SSH_KEY: ssh_key
             }
             Utils.execute_ansible(inventory_path=inventory_path, playbook_path=f"{playbook_path}/{playbook}",
                                   extra_vars=extra_vars, logger=self.get_logger())
 
+            Utils.verify_ssh(mgmt_ip=ansible_host, user=ansible_ssh_user, pwd=ansible_ssh_pass,
+                             logger=self.get_logger(), retry=10)
+
+            extra_vars = {
+                AmConstants.OPERATION: AmConstants.OP_POST_REBOOT,
+            }
+            Utils.execute_ansible(inventory_path=inventory_path, playbook_path=f"{playbook_path}/{playbook}",
+                                  extra_vars=extra_vars, logger=self.get_logger())
+
+            Utils.verify_ssh(mgmt_ip=ansible_host, user=ansible_ssh_user, pwd=ansible_ssh_pass,
+                             logger=self.get_logger(), retry=10)
         except Exception as e:
             self.get_logger().error(e)
             self.get_logger().error(traceback.format_exc())

diff --git a/fabric_am/playbooks/head_switch_provisioning.yml b/fabric_am/playbooks/head_switch_provisioning.yml
@@ -28,6 +28,10 @@
 - hosts:
     - fabric_p4_switch
 
+  become: true
+  become_method: sudo
+  become_user: root
+
   gather_facts: no
 
   roles:

diff --git a/fabric_am/playbooks/inventory_template b/fabric_am/playbooks/inventory_template
@@ -5,6 +5,9 @@ renc-p4.fabric-testbed.net ansible_host=192.168.11.7
 renc-p4.fabric-testbed.net ansible_python_interpreter=/nix/var/nix/profiles/RARE/bin/python3.10
 renc-p4.fabric-testbed.net ansible_ssh_user=rare
 renc-p4.fabric-testbed.net ansible_ssh_pass=XXXX
+renc-p4.fabric-testbed.net docker_username=XXXX
+renc-p4.fabric-testbed.net docker_password=XXXX
+renc-p4.fabric-testbed.net docker_image=XXXX
 
 
 [fabric_site_worker]

diff --git a/fabric_am/playbooks/roles/fpga_provisioning/tasks/main.yml b/fabric_am/playbooks/roles/fpga_provisioning/tasks/main.yml
@@ -10,7 +10,7 @@
 
 - name: Save integer value as a fact
   set_fact:
-    num_pci: "{{ num_pci_functions_output.stdout | int }}"
+    pci_count: "{{ num_pci_functions_output.stdout | int }}"
   when: operation == 'attach'
 
 - name: Save XML to file
@@ -38,7 +38,7 @@
             </source>
             <address type='pci' domain='{{ dest_domain }}' bus='{{ dest_bus }}' slot='{{ dest_slot }}' function='0x0' multifunction='on'/>
           </hostdev>
-          {% for pci_func in range(1, (num_pci | int)) %}
+          {% for pci_func in range(1, (pci_count | int)) %}
           <hostdev mode='subsystem' type='pci' managed='yes'>
             <source>
               <address domain='{{ domain }}' bus='{{ bus }}' slot='{{ slot }}' function='0x0{{ pci_func }}'/>

diff --git a/fabric_am/playbooks/roles/head_switch_provisioning/docker-compose.yml b/fabric_am/playbooks/roles/head_switch_provisioning/docker-compose.yml
@@ -0,0 +1,13 @@
+services:
+  p4_container:
+    image: kthare10/tofino-sde:latest
+    container_name: p4_container
+    volumes:
+      - /usr/src:/usr/src
+      - /lib/modules:/lib/modules
+      - /root/work:/root/work  # Users can put the work in this directory which would be accessible from host as well as container.
+    devices:
+      - /dev/bf0:/dev/bf0
+    privileged: true  # Required to allow the container to access kernel-related files
+    network_mode: host
+    restart: always
diff --git a/fabric_am/playbooks/roles/head_switch_provisioning/tasks/main.yml b/fabric_am/playbooks/roles/head_switch_provisioning/tasks/main.yml
@@ -25,13 +25,25 @@
 # Author: Komal Thareja ([email protected])
 # /tasks/main.yml
 #
+- name: Get boot entries
+  shell: efibootmgr
+  register: boot_entries
+  when: operation == 'create'
 
-- name: Set bootnext with efibootmgr
-  shell: |
-    echo {{ ansible_ssh_pass }} | sudo -S efibootmgr --bootnext 0004
+- name: Extract ONIE boot entry
+  set_fact:
+    onie_entry: "{{ boot_entries.stdout_lines | select('search', 'ONIE:') | map('regex_search', '^Boot([0-9A-F]{4})') | select('string') | first | regex_replace('Boot', '') }}"
+  when: operation == 'create'
+
+- name: Ensure ONIE boot entry is found
+  fail:
+    msg: "ONIE boot entry not found!"
+  when: operation == 'create' and (onie_entry is undefined or onie_entry == "")
+
+- name: Set boot entry to ONIE
+  shell: efibootmgr --bootnext {{ onie_entry }}
   args:
     executable: /bin/bash
-  register: efibootmgr_output
   when: operation == 'create'
 
 - name: Reboot the switch
@@ -49,19 +61,126 @@
     mode: "0600"
   when: operation == 'config'
 
-- name: Copy SDE tarball to the Switch
+# Add your additional tasks for updating the system and installing Docker
+
+- name: Update apt cache
+  shell: apt update -y
+  when: operation == 'config'
+
+- name: Upgrade system packages
+  shell: apt upgrade -y && sudo apt dist-upgrade -y
+  when: operation == 'config'
+
+- name: Remove unnecessary packages
+  shell: apt autoremove -y
+  when: operation == 'config'
+
+- name: Install Linux image and headers
+  shell: apt install -y --allow-change-held-packages linux-image-amd64 linux-headers-amd64
+  when: operation == 'config'
+
+- name: Install dependencies for Docker
+  shell: apt install -y gpg apt-transport-https ca-certificates curl software-properties-common
+  when: operation == 'config'
+
+- name: Add Docker GPG key
+  ansible.builtin.shell: |
+    curl -fsSL https://download.docker.com/linux/debian/gpg -o /tmp/docker.gpg
+    gpg --yes --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg /tmp/docker.gpg
+  args:
+    executable: /bin/bash
+  when: operation == 'config'
+
+- name: Add Docker repository
+  shell: |
+    bash -c 'echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list'
+  when: operation == 'config'
+
+- name: Update apt cache again
+  shell: apt update -y
+  when: operation == 'config'
+
+- name: Install Docker packages
+  shell: apt install -y docker-ce docker-ce-cli containerd.io
+  when: operation == 'config'
+
+- name: Start Docker service
+  shell: systemctl start docker
+  when: operation == 'config'
+
+- name: Enable Docker service
+  shell: systemctl enable docker
+  when: operation == 'config'
+
+- name: Log in to Docker registry
+  shell: docker login -u "{{ docker_username }}" -p "{{ docker_password }}"
+  no_log: true
+  when: operation == 'config'
+
+- name: Pull private Docker image
+  shell: docker pull "{{ docker_image }}"
+  no_log: true
+  when: operation == 'config'
+
+# Optional: Verify the image is pulled successfully
+- name: Verify Docker image is pulled
+  shell: docker images | grep "{{ docker_image }}"
+  register: docker_image_check
+  when: operation == 'config'
+
+# Add Docker logout task to clean up credentials
+- name: Log out from Docker registry
+  shell: docker logout
+  no_log: true
+  when: operation == 'config'
+
+- name: Check if freerouter service exists
+  shell: systemctl list-unit-files | grep freerouter.service
+  register: freerouter_service_check
+  ignore_errors: true
+  when: operation == 'config'
+
+# Stop the freerouter service
+- name: Stop freerouter.service
+  shell: systemctl stop freerouter.service
+  when: operation == 'config' and freerouter_service_check.rc == 0
+
+# Disable the freerouter service
+- name: Disable freerouter.service
+  shell: systemctl disable freerouter.service
+  when: operation == 'config' and freerouter_service_check.rc == 0
+
+- name: Upload docker-compose.yml file to /root directory
   copy:
-    src: "{{ sde_file_name }}"
-    dest: "/home/rare/{{ sde_file_name | basename }}"
+    src: ./docker-compose.yml  # Path to the file on your local machine
+    dest: /root/docker-compose.yml  # Destination path in the /root directory on the target machine
+    owner: root
+    group: root
+    mode: '0644'
   when: operation == 'config'
 
-- name: Extract SDE tarball on the Switch
-  unarchive:
-    src: "/home/rare/{{ sde_file_name | basename }}"
-    dest: /home/rare/
-    remote_src: yes
+- name: Reboot the system after installing Docker
+  shell: reboot
+  ignore_errors: true
   when: operation == 'config'
 
+- name: Bring up Docker containers in detached mode
+  shell: docker compose up -d
+  args:
+    chdir: /root/  # Directory with docker-compose.yml
+  when: operation == 'post-reboot'
+
+- name: Wait for 10 seconds
+  pause:
+    seconds: 10
+  when: operation == 'post-reboot'
+
+- name: Restart the Docker container
+  shell: docker compose restart
+  args:
+    chdir: /root/  # Directory with docker-compose.yml
+  when: operation == 'post-reboot'
+
 - name: Remove SSH key from authorized_keys
   lineinfile:
     path: ~/.ssh/authorized_keys

diff --git a/fabric_am/util/am_constants.py b/fabric_am/util/am_constants.py
@@ -71,6 +71,7 @@ class AmConstants:
     OP_ADDKEY = "addkey"
     OP_REMOVEKEY = "removekey"
     OP_CONFIG = "config"
+    OP_POST_REBOOT = "post-reboot"
 
     PORT_NAME = "portname"
     NETWORK_NAME = "networkname"