Skip to content

Cisco NXOS vPC Domain #96

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
nikatza wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

Cisco NXOS vPC Domain #96

nikatza wants to merge 4 commits into from

Conversation

@nikatza
Copy link
Contributor

@nikatza nikatza commented Oct 21, 2025
edited
Loading

Multi-Chassis Link Aggregation (MC-LAG) is quite vendor and platform
specific. We don't see much intersection in their respective
configuration to justify a common API type. Instead, we move forward
with a platform specific API exclusive to Cisco NXOS devices.

In this PR we add types, controller, and provider code to configure
virtual Port Channels (vPCs) via the operator as:

feature vpc

vpc domain 5
  peer-switch
  role priority 100
  system-priority 10
  peer-keepalive destination 10.1.1.2 source 10.1.1.1 vrf VPC_KEEPALIVE
  delay restore 150
  peer-gateway
  layer3 peer-router
  auto-recovery reload-delay 360
  delay restore interface-vlan 140
  fast-convergence

interface port-channel1
  vpc peer-link

The vpcdomain controller ensures that the vpc peer-link is configured.
This is because on gNMI this property is configured at the vpcDom (sub-)containers.
Having this property as a provider-specific resource does not seem a good
option and the moment as it complicates the code base.

The operational status of the resource is UP if the peer is alive and the remote
device returns a positive uptime value for the peer.

@hardikdr hardikdr added the area/metal-automation Automation processes within the Metal project. label Oct 22, 2025
@hardikdr hardikdr added this to Roadmap Oct 22, 2025
@nikatza nikatza force-pushed the cisco-nxos-vpc branch 2 times, most recently from 0b789b3 to 52078ca Compare October 22, 2025 16:31
@nikatza nikatza changed the title Enable Cisco vPC feat: Enable Cisco vPC Oct 22, 2025
@nikatza nikatza changed the title feat: Enable Cisco vPC feat: Cisco NXOS vPCs Oct 22, 2025
@nikatza nikatza force-pushed the cisco-nxos-vpc branch 11 times, most recently from 218ebd5 to 2f2cd99 Compare October 23, 2025 16:55
@nikatza nikatza force-pushed the cisco-nxos-vpc branch 10 times, most recently from f6fb13c to b3fd3db Compare November 28, 2025 10:16
@nikatza nikatza mentioned this pull request Dec 3, 2025
Merged
@github-actions
Copy link

github-actions bot commented Dec 4, 2025

Merging this branch changes the coverage (2 decrease, 1 increase)

Impacted Packages Coverage Δ 🤖
github.com/ironcore-dev/network-operator/api/cisco/nx/v1alpha1 0.00% (ø)
github.com/ironcore-dev/network-operator/api/core/v1alpha1 0.00% (ø)
github.com/ironcore-dev/network-operator/cmd 0.00% (ø)
github.com/ironcore-dev/network-operator/internal/controller/cisco/nx 62.36% (-3.92%) 👎
github.com/ironcore-dev/network-operator/internal/controller/core 69.71% (+0.07%) 👍
github.com/ironcore-dev/network-operator/internal/provider 20.00% (ø)
github.com/ironcore-dev/network-operator/internal/provider/cisco/gnmiext/v2 91.48% (ø)
github.com/ironcore-dev/network-operator/internal/provider/cisco/nxos 11.93% (-0.51%) 👎
Coverage by file

Changed files (no unit tests)

Changed File Coverage Δ Total Covered Missed 🤖
github.com/ironcore-dev/network-operator/api/cisco/nx/v1alpha1/groupversion_info.go 0.00% (ø) 0 0 0
github.com/ironcore-dev/network-operator/api/cisco/nx/v1alpha1/vpc_types.go 0.00% (ø) 0 0 0
github.com/ironcore-dev/network-operator/api/cisco/nx/v1alpha1/zz_generated.deepcopy.go 0.00% (ø) 0 0 0
github.com/ironcore-dev/network-operator/api/core/v1alpha1/vrf_types.go 0.00% (ø) 0 0 0
github.com/ironcore-dev/network-operator/cmd/main.go 0.00% (ø) 0 0 0
github.com/ironcore-dev/network-operator/internal/controller/cisco/nx/provider.go 0.00% (ø) 0 0 0
github.com/ironcore-dev/network-operator/internal/controller/cisco/nx/vpc_controller.go 58.92% (+58.92%) 185 (+185) 109 (+109) 76 (+76) 🌟
github.com/ironcore-dev/network-operator/internal/controller/core/interface_controller.go 79.77% (+0.41%) 346 (+2) 276 (+3) 70 (-1) 👍
github.com/ironcore-dev/network-operator/internal/provider/cisco/gnmiext/v2/client.go 89.36% (ø) 141 126 15
github.com/ironcore-dev/network-operator/internal/provider/cisco/nxos/intf.go 11.11% (ø) 90 10 80
github.com/ironcore-dev/network-operator/internal/provider/cisco/nxos/provider.go 0.09% (-0.01%) 1125 (+65) 1 1124 (+65) 👎
github.com/ironcore-dev/network-operator/internal/provider/cisco/nxos/vpc.go 17.65% (-10.92%) 17 (+10) 3 (+1) 14 (+9) 💀
github.com/ironcore-dev/network-operator/internal/provider/provider.go 20.00% (ø) 25 5 20

Please note that the "Total", "Covered", and "Missed" counts above refer to code statements instead of lines of code. The value in brackets refers to the test coverage of that file in the old version of the code.

Changed unit test files

  • github.com/ironcore-dev/network-operator/internal/controller/cisco/nx/suite_test.go
  • github.com/ironcore-dev/network-operator/internal/controller/cisco/nx/vpc_controller_test.go
  • github.com/ironcore-dev/network-operator/internal/controller/core/suite_test.go
  • github.com/ironcore-dev/network-operator/internal/provider/cisco/nxos/vpc_test.go

@nikatza nikatza force-pushed the cisco-nxos-vpc branch 2 times, most recently from 6ca2278 to 9ed1ed3 Compare December 5, 2025 10:11
@nikatza nikatza changed the title feat: Cisco NXOS vPCs Cisco NXOS vPC Domain Dec 17, 2025
@github-advanced-security
Copy link

github-advanced-security bot commented Dec 17, 2025

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@nikatza nikatza force-pushed the cisco-nxos-vpc branch 8 times, most recently from 4893d5c to 6edce96 Compare December 23, 2025 16:09
@nikatza
[NX-OS] Enable virtual port channels (vPCs)
eaa0673 
Multi-Chassis Link Aggregation (MC-LAG) is quite vendor and platform
specific. We don't see much intersection in their respective
configuration to justify a common API type. Instead, we move forward
with a platform specific API exclusive to Cisco NXOS devices.

This commit adds new types, controller, and provider to configure
virtual Port Channels (vPCs) via the operator.

Implementation note: Consider the following information about the YANG
model for configuring a vPC:
* each vPC configured in the domain appears in the tree in this
  location: `vpc-items/inst-items/dom-items/if-items/If-list[id=30]`
(where `30` is the vPC ID)
* the peer-link interface is configured here:
  `vpc-items/inst-items/dom-items/keepalive-items/peerlink-items[id=po10]`

The interfaces will be added to the vPC config by the LAG provider and
not by this controller.  Hence, if we apply a gNMI Replace operation on
the xpath returned by VPC.XPath() we would remove any existing vPC
interfaces. A gNMI Update operation will not modify the configuration
introduced by the LAG provider.
@nikatza
[NX-OS] Remove vPC creation via annotation
ec6685e
@nikatza
[NXOS] Add annotation to force members on interface aggregates
cb86bf5 
Use `nx.cisco.networking.metal.ironcore.dev/channel-group-force` to tag
an interface of type `Aggregate` on a Cisco NX device and force the
addition of member interfaces to the port-channel. The value of the
annotation is ignored.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/metal-automation Automation processes within the Metal project.

Projects

Roadmap
Status: No status

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@nikatza @hardikdr