)]}'
{"specs/approved/cisco-nexus-poap-driver.rst":[{"author":{"_account_id":7711,"name":"Yuriy Zveryanskyy","email":"yzveryanskyy@mirantis.com","username":"yuriyz"},"change_message_id":"a2b5a247ad86441524c30662e5f6c72d9ae2bf26","unresolved":false,"context_lines":[{"line_number":27,"context_line":"Proposed change"},{"line_number":28,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"Create a new Ironic driver to allow day zero configuration of Nexus switches."},{"line_number":31,"context_line":"Just as you need to provide a new bare metal machine with an image via PXE,"},{"line_number":32,"context_line":"when you are first setting up a Nexus switch you must provide it with an image."},{"line_number":33,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_7bdac84d","line":30,"range":{"start_line":30,"start_character":0,"end_line":30,"end_character":26},"updated":"2017-01-05 00:59:29.000000000","message":"Please provide more detail about interfaces. 1) Power. How to power on switch from remote? By external device like UPS with SNMP? 2) Management. Looks like it is not needed and can be a stub. 3) Boot and deploy interfaces. 4) Console interface. Do you plan to implement console access to the switch? Cleaning: do you plan to implement clean step(s) for configuration? States: if we exit from ACTIVE state via \"deleted\" what should we do with switch?","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":12356,"name":"Vladyslav Drok","email":"vdrok@mirantis.com","username":"vdrok"},"change_message_id":"f6561b6716c24bbd6018217d3e6516ac7c488d44","unresolved":false,"context_lines":[{"line_number":31,"context_line":"Just as you need to provide a new bare metal machine with an image via PXE,"},{"line_number":32,"context_line":"when you are first setting up a Nexus switch you must provide it with an image."},{"line_number":33,"context_line":""},{"line_number":34,"context_line":"Nexus switches have a feature called Power On Auto Provisioning (POAP)[1] which"},{"line_number":35,"context_line":"will allow the installation of images and configuration files onto the switch."},{"line_number":36,"context_line":"It works in a similar manner to PXE in Ironic where it will look for a boot"},{"line_number":37,"context_line":"script from a TFTP server, upload that to the switch and then execute. Because"}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_236abdb3","line":34,"updated":"2017-01-05 15:44:04.000000000","message":"How will it report back to ironic when the provisioning is over?","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":7711,"name":"Yuriy Zveryanskyy","email":"yzveryanskyy@mirantis.com","username":"yuriyz"},"change_message_id":"9051459a60177088af9fe2ec0dfa55ef8f10565c","unresolved":false,"context_lines":[{"line_number":34,"context_line":"Nexus switches have a feature called Power On Auto Provisioning (POAP)[1] which"},{"line_number":35,"context_line":"will allow the installation of images and configuration files onto the switch."},{"line_number":36,"context_line":"It works in a similar manner to PXE in Ironic where it will look for a boot"},{"line_number":37,"context_line":"script from a TFTP server, upload that to the switch and then execute. Because"},{"line_number":38,"context_line":"of these similarities hopefully some of the PXE driver logic can be leveraged."},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"The proposed driver will allow you to boot/update the switch with a new image"}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_cc8bfcc1","line":37,"range":{"start_line":37,"start_character":14,"end_line":37,"end_character":18},"updated":"2017-01-05 02:27:56.000000000","message":"In the cisco doc mentioned ability to download also from http server.","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":7711,"name":"Yuriy Zveryanskyy","email":"yzveryanskyy@mirantis.com","username":"yuriyz"},"change_message_id":"a2b5a247ad86441524c30662e5f6c72d9ae2bf26","unresolved":false,"context_lines":[{"line_number":37,"context_line":"script from a TFTP server, upload that to the switch and then execute. Because"},{"line_number":38,"context_line":"of these similarities hopefully some of the PXE driver logic can be leveraged."},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"The proposed driver will allow you to boot/update the switch with a new image"},{"line_number":41,"context_line":"and set initial configuration options via a provided config file uploaded to"},{"line_number":42,"context_line":"the switch along with the image."},{"line_number":43,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_9b9dac0c","line":40,"range":{"start_line":40,"start_character":43,"end_line":40,"end_character":49},"updated":"2017-01-05 00:59:29.000000000","message":"1) I found in the documentation that switch enables POAP if no configuration found. If it\u0027s true (I\u0027m not a cisco expert), looks like we should set initial credential in ironic for remove configuration if it present. 2) Not sure about switches (I did it for cisco routers), but there is alternative update way that is more simple (if we have admin creds and remote access): a) enable scp on device b) copy all needed files and config to the device FS c) reboot via command line","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":7711,"name":"Yuriy Zveryanskyy","email":"yzveryanskyy@mirantis.com","username":"yuriyz"},"change_message_id":"9051459a60177088af9fe2ec0dfa55ef8f10565c","unresolved":false,"context_lines":[{"line_number":37,"context_line":"script from a TFTP server, upload that to the switch and then execute. Because"},{"line_number":38,"context_line":"of these similarities hopefully some of the PXE driver logic can be leveraged."},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"The proposed driver will allow you to boot/update the switch with a new image"},{"line_number":41,"context_line":"and set initial configuration options via a provided config file uploaded to"},{"line_number":42,"context_line":"the switch along with the image."},{"line_number":43,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_4cf0ec67","line":40,"range":{"start_line":40,"start_character":43,"end_line":40,"end_character":49},"in_reply_to":"ba5201f7_9b9dac0c","updated":"2017-01-05 02:27:56.000000000","message":"For 1) \"POAP can be triggered even when the startup-config is present using the boot poap enable command\" Do you plan to use this command? Also in the doc mentioned \"configuration file based on the switch\u0027s serial number, hostname, MAC address, or location\". Please describe all parameters (mandatory and optional) which should be present in the node\u0027s \"driver_info\" field for deploy.","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":7711,"name":"Yuriy Zveryanskyy","email":"yzveryanskyy@mirantis.com","username":"yuriyz"},"change_message_id":"d7e910c25da985abfde01bbf4b350dbda80d750d","unresolved":false,"context_lines":[{"line_number":43,"context_line":""},{"line_number":44,"context_line":"As a minimum the switch config file will need to provide the following"},{"line_number":45,"context_line":"information:"},{"line_number":46,"context_line":"* SSH/Telnet access Enable/Disable"},{"line_number":47,"context_line":"* Admin Password"},{"line_number":48,"context_line":""},{"line_number":49,"context_line":"Alternatives"}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_11f0bbc8","line":46,"range":{"start_line":46,"start_character":2,"end_line":46,"end_character":12},"updated":"2017-01-05 01:36:43.000000000","message":"SSH should be enabled by default w/o Telnet. Telnet is an option (or maybe I misunderstand something?).","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":7711,"name":"Yuriy Zveryanskyy","email":"yzveryanskyy@mirantis.com","username":"yuriyz"},"change_message_id":"ae6ee19000c9a0fb0bbcde7c5a0df2a182091621","unresolved":false,"context_lines":[{"line_number":44,"context_line":"As a minimum the switch config file will need to provide the following"},{"line_number":45,"context_line":"information:"},{"line_number":46,"context_line":"* SSH/Telnet access Enable/Disable"},{"line_number":47,"context_line":"* Admin Password"},{"line_number":48,"context_line":""},{"line_number":49,"context_line":"Alternatives"},{"line_number":50,"context_line":"------------"}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_b615254a","line":47,"updated":"2017-01-05 01:26:27.000000000","message":"AFAIK password stored in the config (at least by default) in encrypted form. Do you plan to encrypt provided password by cisco-compatible way before put to config? Or use plain text password (it is not good, tftp is not secure)? Or maybe alternative: prepare config that allows access only from conductor host IP and with simple \"initial\" password (the same encrypted string for all deploys), then set provided password via CLI (paramiko/netmiko) and remove IP access rule.","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":7711,"name":"Yuriy Zveryanskyy","email":"yzveryanskyy@mirantis.com","username":"yuriyz"},"change_message_id":"a2b5a247ad86441524c30662e5f6c72d9ae2bf26","unresolved":false,"context_lines":[{"line_number":45,"context_line":"information:"},{"line_number":46,"context_line":"* SSH/Telnet access Enable/Disable"},{"line_number":47,"context_line":"* Admin Password"},{"line_number":48,"context_line":""},{"line_number":49,"context_line":"Alternatives"},{"line_number":50,"context_line":"------------"},{"line_number":51,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_fb76b8d5","line":48,"updated":"2017-01-05 00:59:29.000000000","message":"Maybe also IP address or enable DHCP for \"management\" interface.","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":9927,"name":"Britt Houser","email":"bhouser@cisco.com","username":"britthouser"},"change_message_id":"93f68e16fc187fadb40e41d08ae54aa762b57b6a","unresolved":false,"context_lines":[{"line_number":45,"context_line":"information:"},{"line_number":46,"context_line":"* SSH/Telnet access Enable/Disable"},{"line_number":47,"context_line":"* Admin Password"},{"line_number":48,"context_line":""},{"line_number":49,"context_line":"Alternatives"},{"line_number":50,"context_line":"------------"},{"line_number":51,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"da36d5c6_04f14c01","line":48,"in_reply_to":"ba5201f7_fb76b8d5","updated":"2017-02-23 15:39:08.000000000","message":"When a switch is configured w/o POAP, there is a \u0027default\u0027 config which gets applied, and then the user config gets added on top of that.  The minimum that the user requires to apply is remote access and user authentication.  However with POAP, there is zero default config.  So there are additional configuraitons (CoPP being the most important but there are others) that will need to be applied as well.","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":9927,"name":"Britt Houser","email":"bhouser@cisco.com","username":"britthouser"},"change_message_id":"93f68e16fc187fadb40e41d08ae54aa762b57b6a","unresolved":false,"context_lines":[{"line_number":51,"context_line":""},{"line_number":52,"context_line":"There is a proposed Ironic spec for supporting network switch provisioning"},{"line_number":53,"context_line":"(https://bugs.launchpad.net/ironic/+bug/1583065) using Zero Touch Provisioning"},{"line_number":54,"context_line":"(ZTP). However, ZTP is not supported by Nexus switches."},{"line_number":55,"context_line":""},{"line_number":56,"context_line":"Data model impact"},{"line_number":57,"context_line":"-----------------"}],"source_content_type":"text/x-rst","patch_set":2,"id":"da36d5c6_84bc5c07","line":54,"updated":"2017-02-23 15:39:08.000000000","message":"IIRC, ZTP is Arista\u0027s version of POAP.  Perhaps there is a more general way todo this which would allow POAP and ZTP to just be \"drivers\"?","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":22724,"name":"Galyna Zholtkevych","email":"galynazholtkevych1991@gmail.com","username":"gzholtkevych"},"change_message_id":"892a81533a623bf8e141d684be412c8b0383823b","unresolved":false,"context_lines":[{"line_number":57,"context_line":"-----------------"},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"Instance_info will be used to provide the information required by the driver to"},{"line_number":60,"context_line":"do the provision of the switch. E.g. Switch Image \u0026 Configuration File"},{"line_number":61,"context_line":""},{"line_number":62,"context_line":"State Machine Impact"},{"line_number":63,"context_line":"--------------------"}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_06b787f5","line":60,"range":{"start_line":60,"start_character":70,"end_line":60,"end_character":70},"updated":"2017-01-05 16:10:15.000000000","message":"Thanks for the spec, very nice idea\n\nMay be, also driver_info and properties will be used to provide some information about the switch characteristics and some important notes of its configuration?","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":7711,"name":"Yuriy Zveryanskyy","email":"yzveryanskyy@mirantis.com","username":"yuriyz"},"change_message_id":"a2b5a247ad86441524c30662e5f6c72d9ae2bf26","unresolved":false,"context_lines":[{"line_number":57,"context_line":"-----------------"},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"Instance_info will be used to provide the information required by the driver to"},{"line_number":60,"context_line":"do the provision of the switch. E.g. Switch Image \u0026 Configuration File"},{"line_number":61,"context_line":""},{"line_number":62,"context_line":"State Machine Impact"},{"line_number":63,"context_line":"--------------------"}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_5b2d04fd","line":60,"range":{"start_line":60,"start_character":37,"end_line":60,"end_character":70},"updated":"2017-01-05 00:59:29.000000000","message":"They are http(s) links or something else?","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":12356,"name":"Vladyslav Drok","email":"vdrok@mirantis.com","username":"vdrok"},"change_message_id":"f6561b6716c24bbd6018217d3e6516ac7c488d44","unresolved":false,"context_lines":[{"line_number":109,"context_line":"Other end user impact"},{"line_number":110,"context_line":"---------------------"},{"line_number":111,"context_line":""},{"line_number":112,"context_line":"End user will need to obtain the Nexus boot image to upload to the switch."},{"line_number":113,"context_line":""},{"line_number":114,"context_line":"Scalability impact"},{"line_number":115,"context_line":"------------------"}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_91a81222","line":112,"updated":"2017-01-05 15:44:04.000000000","message":"Is this image going to be anyhow validated on ironic side?","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"},{"author":{"_account_id":7711,"name":"Yuriy Zveryanskyy","email":"yzveryanskyy@mirantis.com","username":"yuriyz"},"change_message_id":"a2b5a247ad86441524c30662e5f6c72d9ae2bf26","unresolved":false,"context_lines":[{"line_number":124,"context_line":"Other deployer impact"},{"line_number":125,"context_line":"---------------------"},{"line_number":126,"context_line":""},{"line_number":127,"context_line":"None"},{"line_number":128,"context_line":""},{"line_number":129,"context_line":"Developer impact"},{"line_number":130,"context_line":"----------------"}],"source_content_type":"text/x-rst","patch_set":2,"id":"ba5201f7_a05ddf7a","line":127,"updated":"2017-01-05 00:59:29.000000000","message":"This will work only in standalone ironic mode. How about DHCP configuration? Looks like static will be used.","commit_id":"c8a5a8b7f31e10172a262284861c0f70ce4ee49f"}]}