From bf19af2abf1523b26e0511ae0516024cc67c0f04 Mon Sep 17 00:00:00 2001 From: Quentin Monnet Date: Wed, 15 Jan 2025 11:31:06 +0000 Subject: [PATCH 1/2] frr: Remove FRR container creation The container is not used at the moment. Remove related files and definitions from the repository. Signed-off-by: Quentin Monnet --- Dockerfile | 5 - default.nix | 58 -------- justfile | 12 +- nix/frr/bin/init.sh | 8 -- nix/frr/clippy-helper.nix | 66 --------- nix/frr/default.nix | 281 ------------------------------------- nix/frr/etc/frr/daemons | 54 ------- nix/frr/etc/frr/frr.conf | 32 ----- nix/frr/etc/frr/vtysh.conf | 0 nix/frr/etc/group | 3 - nix/frr/etc/passwd | 2 - 11 files changed, 1 insertion(+), 520 deletions(-) delete mode 100755 nix/frr/bin/init.sh delete mode 100644 nix/frr/clippy-helper.nix delete mode 100644 nix/frr/default.nix delete mode 100644 nix/frr/etc/frr/daemons delete mode 100644 nix/frr/etc/frr/frr.conf delete mode 100644 nix/frr/etc/frr/vtysh.conf delete mode 100644 nix/frr/etc/group delete mode 100644 nix/frr/etc/passwd diff --git a/Dockerfile b/Dockerfile index 734d36e..cc9a563 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,4 @@ ARG IMAGE=scratch -FROM ${IMAGE} AS frr -# size reduction hack -RUN for frr in /nix/store/*-frr-*; do \ - ln -s "${frr}" "$(sed 's|/nix/store/.*-\(.*-frr-.*\)|/nix/store/\1|' <<<"${frr}")"; \ -done FROM ${IMAGE} AS doc-env FROM ${IMAGE} AS compile-env diff --git a/default.nix b/default.nix index d3286a4..59dc172 100644 --- a/default.nix +++ b/default.nix @@ -270,22 +270,6 @@ rec { "--disable-shared" ]; }); - frr = - (buildWithMyFlags ( - self.callPackage ./nix/frr { - stdenv = fancy.stdenvDynamic; - json_c = json_c.dev; - } - )).overrideAttrs - (orig: { - nativeBuildInputs = (orig.nativeBuildInputs or [ ]) ++ [ - self.fancy.pcre2 - self.protobufc - ]; - LDFLAGS = - (orig.LDFLAGS or "") - + " -L${self.protobufc}/lib -Wl,-lprotobuf-c -L${self.fancy.pcre2}/lib -Wl,-lpcre2-8"; - }); }; pkgs.dev = @@ -538,49 +522,7 @@ rec { maxLayers = 120; - initfrr = toolchainPkgs.stdenv.mkDerivation { - name = "${project-name}-initfrr"; - src = ./nix/frr/bin; - dontUnpack = true; - installPhase = '' - mkdir -p $out/bin - cp $src/init.sh $out/bin/init.sh - chmod +x $out/bin/init.sh - ''; - }; - - frrContainerContents = ( - with pkgs.release.gnu64; - [ - bash - coreutils - frr - glibc.bin - glibc.out - gnugrep - gnused - initfrr - libxcrypt - ncurses - readline - tmpdir - ] - ); - container = { - frr = toolchainPkgs.dockerTools.buildLayeredImage { - name = "${contianer-repo}/frr"; - tag = "${image-tag}"; - contents = map clearDeps frrContainerContents; - config = { - Env = [ - "LD_LIBRARY_PATH=/lib" - "PATH=/bin:/libexec/frr" - ]; - Entrypoint = [ "/bin/init.sh" ]; - }; - inherit maxLayers; - }; compile-env = toolchainPkgs.dockerTools.buildLayeredImage { name = "${contianer-repo}/compile-env"; tag = "${image-tag}"; diff --git a/justfile b/justfile index f1e71b2..8158058 100644 --- a/justfile +++ b/justfile @@ -70,8 +70,6 @@ _doc_env_container_name := container_repo + "/doc-env" _compile_env_container_name := container_repo + "/compile-env" -_frr_container_name := container_repo + "/frr" - # This is a unique identifier for the build. # We temporarily tag our containers with this id so that we can be certain that we are # not retagging or pushing some other container. @@ -127,9 +125,6 @@ build-sysroot: \ # Build doc env packages build-docEnvPackageList: (_nix_build "docEnvPackageList") -# Build FRR -build-frr-contents: (_nix_build "frrContainerContents") - # Builds and post processes a container from the nix build [private] [script] @@ -193,11 +188,8 @@ build-doc-env-container: build-docEnvPackageList (_build-container "doc-env" _do # Build and tag the compile-env container build-compile-env-container: build-sysroot (_build-container "compile-env" _compile_env_container_name) -# Build and tag the frr container -build-frr-container: build-frr-contents (_build-container "frr" _frr_container_name) - # Build the sysroot, and compile-env containers -build: build-sysroot build-frr-container build-compile-env-container build-doc-env-container +build: build-sysroot build-compile-env-container build-doc-env-container # Push the compile-env and doc-env containers to the container registry [script] @@ -207,8 +199,6 @@ push: build docker push "{{ _compile_env_container_name }}:{{ _commit }}.rust-{{ rust }}" docker push "{{ _doc_env_container_name }}:{{ _slug }}.rust-{{ rust }}" docker push "{{ _doc_env_container_name }}:{{ _commit }}.rust-{{ rust }}" - docker push "{{ _frr_container_name }}:{{ _slug }}.rust-{{ rust }}" - docker push "{{ _frr_container_name }}:{{ _commit }}.rust-{{ rust }}" # Delete all the old generations of the nix store and run the garbage collector [script] diff --git a/nix/frr/bin/init.sh b/nix/frr/bin/init.sh deleted file mode 100755 index 122e75c..0000000 --- a/nix/frr/bin/init.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash - -set -euo pipefail - -sleep infinity & -frrinit.sh start & - -wait diff --git a/nix/frr/clippy-helper.nix b/nix/frr/clippy-helper.nix deleted file mode 100644 index 608716b..0000000 --- a/nix/frr/clippy-helper.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ - lib, - stdenv, - frrSource, - frrVersion, - - # build time - autoreconfHook, - flex, - bison, - pkg-config, - elfutils, - perl, - python3, - -}: - -stdenv.mkDerivation rec { - pname = "frr-clippy-helper"; - version = frrVersion; - - src = frrSource; - - nativeBuildInputs = [ - autoreconfHook - bison - flex - perl - pkg-config - ]; - - buildInputs = - [ - python3 - ] - ++ lib.optionals (lib.meta.availableOn stdenv.hostPlatform elfutils) [ - elfutils - ]; - - configureFlags = [ - "--enable-clippy-only" - ]; - - installPhase = '' - mkdir -p $out/bin - cp lib/clippy $out/bin - ''; - - enableParallelBuilding = true; - - meta = with lib; { - homepage = "https://frrouting.org/"; - description = "FRR routing daemon suite: CLI helper tool clippy"; - longDescription = '' - This small tool is used to support generating CLI code for FRR. It is split out here, - to support cross-compiling, because it needs to be compiled with the build system toolchain - and not the target host one. - ''; - license = with licenses; [ - gpl2Plus - lgpl21Plus - ]; - maintainers = with maintainers; [ thillux ]; - platforms = platforms.unix; - }; -} diff --git a/nix/frr/default.nix b/nix/frr/default.nix deleted file mode 100644 index 8eb4d9b..0000000 --- a/nix/frr/default.nix +++ /dev/null @@ -1,281 +0,0 @@ -{ - lib, - stdenv, - fetchFromGitHub, - fetchpatch, - - # build time - autoreconfHook, - flex, - bison, - perl, - pkg-config, - texinfo, - buildPackages, - - # runtime - c-ares, - json_c, - libcap, - elfutils, - #, libunwind - libyang, - net-snmp, - #, pam - pcre2, - python3, - readline, - rtrlib, - protobufc, - #, zeromq - - # tests - nettools, - nixosTests, - - # FRR's configure.ac gets SNMP options by executing net-snmp-config on the build host - # This leads to compilation errors when cross compiling. - # E.g. net-snmp-config for x86_64 does not return the ARM64 paths. - # - # SNMP_LIBS="`${NETSNMP_CONFIG} --agent-libs`" - # SNMP_CFLAGS="`${NETSNMP_CONFIG} --base-cflags`" - snmpSupport ? false, - - # other general options besides snmp support - rpkiSupport ? false, - numMultipath ? 8, - watchfrrSupport ? true, - cumulusSupport ? false, - rtadvSupport ? true, - irdpSupport ? false, - mgmtdSupport ? false, - - # routing daemon options - bgpdSupport ? true, - bfddSupport ? true, - staticdSupport ? true, - - ripdSupport ? false, - ripngdSupport ? false, - ospfdSupport ? false, - ospf6dSupport ? false, - ldpdSupport ? false, - nhrpdSupport ? false, - eigrpdSupport ? false, - babeldSupport ? false, - isisdSupport ? false, - pimdSupport ? false, - pim6dSupport ? false, - sharpdSupport ? false, - fabricdSupport ? false, - vrrpdSupport ? false, - pathdSupport ? false, - pbrdSupport ? false, - - # BGP options - bgpAnnounce ? true, - bgpBmp ? false, - bgpVnc ? false, - - # OSPF options - ospfApi ? false, -}: - -lib.warnIf (!(stdenv.buildPlatform.canExecute stdenv.hostPlatform)) - "cannot enable SNMP support due to cross-compilation issues with net-snmp-config" - - stdenv.mkDerivation - (finalAttrs: { - pname = "frr"; - version = "10.2"; - dontPatchShebangs = true; - dontFixup = true; - dontPatchElf = true; - - src = fetchFromGitHub { - owner = "FRRouting"; - repo = finalAttrs.pname; - rev = "${finalAttrs.pname}-${finalAttrs.version}"; - hash = "sha256-X0pyV7pvFcSyrBM2c3wQyBfGoZBtTBB31zIJoyBKEsY="; - }; - - nativeBuildInputs = [ - autoreconfHook - bison - flex - perl - pkg-config - protobufc - python3 - texinfo - ]; - - buildInputs = - [ - # libunwind - # pam - # python3 - # zeromq - c-ares - json_c - libyang - pcre2 - protobufc - readline - rtrlib - ] - ++ lib.optionals stdenv.hostPlatform.isLinux [ - libcap - ] - ++ lib.optionals snmpSupport [ - net-snmp - ] - ++ lib.optionals (lib.meta.availableOn stdenv.hostPlatform elfutils) [ - elfutils - ]; - - # otherwise in cross-compilation: "configure: error: no working python version found" - depsBuildBuild = [ - # buildPackages.python3 - ]; - - # cross-compiling: clippy is compiled with the build host toolchain, split it out to ease - # navigation in dependency hell - clippy-helper = buildPackages.callPackage ./clippy-helper.nix { - frrVersion = finalAttrs.version; - frrSource = finalAttrs.src; - }; - - configureFlags = [ - "--disable-grpc" - "--disable-protobuf" - "--disable-python-runtime" - "--disable-scripting" - "--disable-sysrepo" - "--disable-zeromq" - "--with-libpam=no" - "--enable-shared" - "--enable-static" - "--enable-static-bin" - "--with-crypto=internal" - "--disable-doc" - - "--disable-silent-rules" - "--enable-configfile-mask=0640" - "--enable-group=frr" - "--enable-logfile-mask=0640" - "--enable-multipath=${toString numMultipath}" - "--localstatedir=/run/frr" - "--sbindir=${placeholder "out"}/libexec/frr" - "--sysconfdir=/etc/frr" - "--with-clippy=${finalAttrs.clippy-helper}/bin/clippy" - # general options - (lib.strings.enableFeature snmpSupport "snmp") - (lib.strings.enableFeature rpkiSupport "rpki") - (lib.strings.enableFeature watchfrrSupport "watchfrr") - (lib.strings.enableFeature rtadvSupport "rtadv") - (lib.strings.enableFeature irdpSupport "irdp") - (lib.strings.enableFeature mgmtdSupport "mgmtd") - - # routing protocols - (lib.strings.enableFeature bgpdSupport "bgpd") - (lib.strings.enableFeature ripdSupport "ripd") - (lib.strings.enableFeature ripngdSupport "ripngd") - (lib.strings.enableFeature ospfdSupport "ospfd") - (lib.strings.enableFeature ospf6dSupport "ospf6d") - (lib.strings.enableFeature ldpdSupport "ldpd") - (lib.strings.enableFeature nhrpdSupport "nhrpd") - (lib.strings.enableFeature eigrpdSupport "eigrpd") - (lib.strings.enableFeature babeldSupport "babeld") - (lib.strings.enableFeature isisdSupport "isisd") - (lib.strings.enableFeature pimdSupport "pimd") - (lib.strings.enableFeature pim6dSupport "pim6d") - (lib.strings.enableFeature sharpdSupport "sharpd") - (lib.strings.enableFeature fabricdSupport "fabricd") - (lib.strings.enableFeature vrrpdSupport "vrrpd") - (lib.strings.enableFeature pathdSupport "pathd") - (lib.strings.enableFeature bfddSupport "bfdd") - (lib.strings.enableFeature pbrdSupport "pbrd") - (lib.strings.enableFeature staticdSupport "staticd") - # BGP options - (lib.strings.enableFeature bgpAnnounce "bgp-announce") - (lib.strings.enableFeature bgpBmp "bgp-bmp") - (lib.strings.enableFeature bgpVnc "bgp-vnc") - # OSPF options - (lib.strings.enableFeature ospfApi "ospfapi") - # Cumulus options - (lib.strings.enableFeature cumulusSupport "cumulus") - ]; - - postPatch = '' - substituteInPlace tools/frr-reload \ - --replace-quiet /usr/lib/frr/ $out/libexec/frr/ - sed -i '/^PATH=/ d' tools/frr.in tools/frrcommon.sh.in - ''; - - buildPhase = '' - ls -lah - make CFLAGS="$CFLAGS" LDFLAGS="$LDFLAGS" -j32 - cd zebra - ls -lah - $CC $CFLAGS $LDFLAGS \ - -I /build/source \ - -I /build/source/lib \ - -I /build/source/lib/zebra \ - -o sample_plugin.so \ - -shared \ - -fPIC \ - sample_plugin.c - mkdir -p $out/lib/frr/modules - cp sample_plugin.so $out/lib/frr/modules - cd .. - ''; - - doCheck = false; - - nativeCheckInputs = [ - nettools - #python3.pkgs.pytest - ]; - - enableParallelBuilding = true; - - meta = with lib; { - homepage = "https://frrouting.org/"; - description = "FRR BGP/OSPF/ISIS/RIP/RIPNG routing daemon suite"; - longDescription = '' - FRRouting (FRR) is a free and open source Internet routing protocol suite - for Linux and Unix platforms. It implements BGP, OSPF, RIP, IS-IS, PIM, - LDP, BFD, Babel, PBR, OpenFabric and VRRP, with alpha support for EIGRP - and NHRP. - - FRR’s seamless integration with native Linux/Unix IP networking stacks - makes it a general purpose routing stack applicable to a wide variety of - use cases including connecting hosts/VMs/containers to the network, - advertising network services, LAN switching and routing, Internet access - routers, and Internet peering. - - FRR has its roots in the Quagga project. In fact, it was started by many - long-time Quagga developers who combined their efforts to improve on - Quagga’s well-established foundation in order to create the best routing - protocol stack available. We invite you to participate in the FRRouting - community and help shape the future of networking. - - Join the ranks of network architects using FRR for ISPs, SaaS - infrastructure, web 2.0 businesses, hyperscale services, and Fortune 500 - private clouds. - ''; - license = with licenses; [ - gpl2Plus - lgpl21Plus - ]; - maintainers = with maintainers; [ - woffs - thillux - ]; - # adapt to platforms stated in http://docs.frrouting.org/en/latest/overview.html#supported-platforms - platforms = (platforms.linux ++ platforms.freebsd ++ platforms.netbsd ++ platforms.openbsd); - }; - - passthru.tests = { inherit (nixosTests) frr; }; - }) diff --git a/nix/frr/etc/frr/daemons b/nix/frr/etc/frr/daemons deleted file mode 100644 index 7742d57..0000000 --- a/nix/frr/etc/frr/daemons +++ /dev/null @@ -1,54 +0,0 @@ -zebra=yes -bgpd=yes -ospfd=no -ospf6d=no -ripd=no -ripngd=no -isisd=no -pimd=no -pim6d=no -ldpd=no -nhrpd=no -eigrpd=no -babeld=no -sharpd=no -staticd=yes -pbrd=no -bfdd=yes -fabricd=no - -# -# If this option is set the /etc/init.d/frr script automatically loads -# the config via "vtysh -b" when the servers are started. -# Check /etc/pam.d/frr if you intend to use "vtysh"! -# -vtysh_enable=yes -zebra_options=" --daemon -A 127.0.0.1 --v6-rr-semantics -M /lib/frr/modules/sample_plugin.so" -bgpd_options=" --daemon -A 127.0.0.1 -F datacenter" -ospfd_options=" --daemon -A 127.0.0.1" -ospf6d_options=" --daemon -A ::1" -ripd_options=" --daemon -A 127.0.0.1" -ripngd_options=" --daemon -A ::1" -isisd_options=" --daemon -A 127.0.0.1" -pimd_options=" --daemon -A 127.0.0.1" -pim6d_options=" --daemon -A 127.0.0.1" -ldpd_options=" --daemon -A 127.0.0.1" -nhrpd_options=" --daemon -A 127.0.0.1" -eigrpd_options=" --daemon -A 127.0.0.1" -babeld_options=" --daemon -A 127.0.0.1" -sharpd_options=" --daemon -A 127.0.0.1" -staticd_options=" --daemon -A 127.0.0.1" -pbrd_options=" --daemon -A 127.0.0.1" -bfdd_options=" --daemon -A 127.0.0.1" -fabricd_options=" --daemon -A 127.0.0.1" - -#MAX_FDS=1024 -# The list of daemons to watch is automatically generated by the init script. -#watchfrr_options="-r '/usr/lib/frr/watchfrr.sh restart %s' -s '/usr/lib/frr/watchfrr.sh start %s' -k '/usr/lib/frr/watchfrr.sh stop %s'" - -# for debugging purposes, you can specify a "wrap" command to start instead -# of starting the daemon directly, e.g. to use valgrind on ospfd: -# ospfd_wrap="/usr/bin/valgrind" -# or you can use "all_wrap" for all daemons, e.g. to use perf record: -# all_wrap="/usr/bin/perf record --call-graph -" -# the normal daemon command is added to this at the end. diff --git a/nix/frr/etc/frr/frr.conf b/nix/frr/etc/frr/frr.conf deleted file mode 100644 index 21ef0a4..0000000 --- a/nix/frr/etc/frr/frr.conf +++ /dev/null @@ -1,32 +0,0 @@ -! frr defaults traditional log syslog informational ipv6 forwarding -service integrated-vtysh-config - -log file /frr.log debugging - -ip prefix-list ANY seq 10 permit 0.0.0.0/0 le 32 - -ipv6 prefix-list ANY6 seq 10 permit any - -route-map SET_LOOPBACK_SRC permit 10 - match ip address prefix-list ANY - set src ${LOOPBACK_IP} - -route-map SET_LOOPBACK6_SRC permit 10 - match ipv6 address prefix-list ANY6 - set src ${LOOPBACK_IP6} - -ip protocol bgp route-map SET_LOOPBACK_SRC - -ipv6 protocol bgp route-map SET_LOOPBACK6_SRC - -! BGP Configuration -router bgp 65000 - neighbor 10.0.0.2 remote-as 65001 - address-family ipv4 unicast - neighbor 10.0.0.2 activate - neighbor 10.0.0.2 send-community extended - neighbor 10.0.0.2 route-map BGP_EXPORT out - -! Route Map for BGP Filtering -route-map BGP_EXPORT permit 10 - match ip address 10.0.0.0 mask 255.255.255.0 diff --git a/nix/frr/etc/frr/vtysh.conf b/nix/frr/etc/frr/vtysh.conf deleted file mode 100644 index e69de29..0000000 diff --git a/nix/frr/etc/group b/nix/frr/etc/group deleted file mode 100644 index 64871cb..0000000 --- a/nix/frr/etc/group +++ /dev/null @@ -1,3 +0,0 @@ -root:x:0: -frr:x:99: -frrvty:x:999:frr diff --git a/nix/frr/etc/passwd b/nix/frr/etc/passwd deleted file mode 100644 index 60a58f8..0000000 --- a/nix/frr/etc/passwd +++ /dev/null @@ -1,2 +0,0 @@ -root:x:0:0::/root:/bin/bash -frr:x:99:99::/home/frr:/bin/bash From ab38d9e05b18dd09e14934c6a6cbc29470ec75fb Mon Sep 17 00:00:00 2001 From: Daniel Noland Date: Tue, 21 Jan 2025 21:36:01 -0700 Subject: [PATCH 2/2] remove remaining FRR deps --- default.nix | 53 ----------------------------------------------------- 1 file changed, 53 deletions(-) diff --git a/default.nix b/default.nix index 59dc172..da601be 100644 --- a/default.nix +++ b/default.nix @@ -217,59 +217,6 @@ rec { } ) ); - libyang = - ((optimizedBuild super.libyang).override { pcre2 = self.fancy.pcre2; }).overrideAttrs - (orig: { - cmakeFlags = (orig.cmakeFlags or [ ]) ++ [ - "-DENABLE_STATIC=1" - "-DBUILD_SHARED_LIBS=ON" - ]; - }); - libcap = - ((optimizedBuild super.libcap).override { - usePam = false; - }).overrideAttrs - (orig: { - nativeBuildInputs = (orig.nativeBuildInputs or [ ]) ++ [ self.llvmPackages.bintools ]; - LD = "lld"; - configureFlags = (orig.configureFlags or [ ]) ++ [ "--enable-static" ]; - makeFlags = orig.makeFlags ++ [ "GOLANG=no" ]; - postInstall = - orig.postInstall - + '' - # extant postInstall removes .a files for no reason - rm $lib/lib/*.so*; - cp ./libcap/*.a $lib/lib; - ''; - }); - json_c = (optimizedBuild super.json_c).overrideAttrs (orig: { - cmakeFlags = (orig.cmakeFlags or [ ]) ++ [ "-DENABLE_STATIC=1" ]; - postInstall = - (orig.postInstall or "") - + '' - mkdir -p $dev/lib - cp libjson-c.a $dev/lib; - ''; - }); - rtrlib = (optimizedBuild super.rtrlib).overrideAttrs (orig: { - cmakeFlags = (orig.cmakeFlags or [ ]) ++ [ "-DENABLE_STATIC=1" ]; - }); - abseil-cpp = (optimizedBuild super.abseil-cpp); - protobuf_25 = (optimizedBuild super.protobuf_25).overrideAttrs (orig: { - cmakeFlags = (orig.cmakeFlags or [ ]) ++ [ "-Dprotobuf_BUILD_SHARED_LIBS=OFF" ]; - }); - protobufc = (optimizedBuild super.protobufc).overrideAttrs (orig: { - configureFlags = (orig.configureFlags or [ ]) ++ [ - "--enable-static" - "--disable-shared" - ]; - }); - fancy.pcre2 = (optimizedBuild super.pcre2).overrideAttrs (orig: { - configureFlags = (orig.configureFlags or [ ]) ++ [ - "--enable-static" - "--disable-shared" - ]; - }); }; pkgs.dev =