software/ors-amarisoft: Push SSH server code into ru/lopcomm/

Because: - ssh server is needed for and used by ru/lopcomm/ only - in general we will need to initialize and setup radio units not only in eNB - for example UEsim will use the same code library to initialize radio units. Thus the proper place to keep everything required for RU to be operational have to be located inside ru/ and activated by that radio-units library. /cc @lu.xu, @tomo, @xavier_thompson, @Daetalus /reviewed-by @jhuge /reviewed-on nexedi/slapos!1510

software/ors-amarisoft: Push SSH server code into ru/lopcomm/
Because: - ssh server is needed for and used by ru/lopcomm/ only - in general we will need to initialize and setup radio units not only in eNB - for example UEsim will use the same code library to initialize radio units. Thus the proper place to keep everything required for RU to be operational have to be located inside ru/ and activated by that radio-units library. /cc @lu.xu, @tomo, @xavier_thompson, @Daetalus /reviewed-by @jhuge /reviewed-on nexedi/slapos!1510
d29ece87 · Kirill Smelkov · 055bdf14 · d29ece87 · d29ece87 · d29ece87
Commit d29ece87 authored Jan 18, 2024 by Kirill Smelkov
6 changed files
--- a/software/ors-amarisoft/buildout.hash.cfg
+++ b/software/ors-amarisoft/buildout.hash.cfg
@@ -32,19 +32,19 @@ md5sum = ab666fdfadbfc7d8a16ace38d295c883

 [ru_libinstance.jinja2.cfg]
 _update_hash_filename_ = ru/libinstance.jinja2.cfg
-md5sum = 6febf4dc601ba5feb30aa402f37265cf
+md5sum = 045c8dc5fb7f81b1a03f0e7f589166b4

 [ru_sdr_libinstance.jinja2.cfg]
 _update_hash_filename_ = ru/sdr/libinstance.jinja2.cfg
-md5sum = c20b620111a4dc4bc2bcae57c2007cbe
+md5sum = de71c63b8df940207409de7e948f7c8c

 [ru_lopcomm_libinstance.jinja2.cfg]
 _update_hash_filename_ = ru/lopcomm/libinstance.jinja2.cfg
-md5sum = abce2deca15b8d7a8c5378e0789f8ce7
+md5sum = b2af1e70141216a4db07cca655aa63a7

 [ru_sunwave_libinstance.jinja2.cfg]
 _update_hash_filename_ = ru/sunwave/libinstance.jinja2.cfg
-md5sum = 0450e9fa50844e4d6e51d608625c57f6
+md5sum = c855ee7a6132899eb53b8d80ec27701a

 [ru_lopcomm_ncclient_common.py]
 _update_hash_filename_ = ru/lopcomm/ncclient_common.py
@@ -80,7 +80,7 @@ md5sum = 52da9fe3a569199e35ad89ae1a44c30e

 [template-enb]
 _update_hash_filename_ = instance-enb.jinja2.cfg
-md5sum = 3b380ac8a44aafc30cc6d87b35860fd6
+md5sum = fe76f78a7c10d4e6080f12d139a40f32

 [template-gnb]
 _update_hash_filename_ = instance-gnb.jinja2.cfg

--- a/software/ors-amarisoft/instance-enb.jinja2.cfg
+++ b/software/ors-amarisoft/instance-enb.jinja2.cfg
@@ -9,11 +9,6 @@ parts =
 {% endif %}
  amarisoft-stats-service
  amarisoft-rf-info-service
-{% if ru == "lopcomm" %}
-  sshd-service
-  sshd-add-authorized-key
-  sshd-promise
-{% endif %}
  check-baseband-latency.py
  check-amarisoft-stats-log.py
  monitor-base
@@ -225,65 +220,6 @@ mode = 0775
 hash-files =
  ${amarisoft-rf-info-template:output}

-[user-info]
-recipe = slapos.cookbook:userinfo
-
-# Deploy openssh-server
-[sshd-port]
-recipe = slapos.cookbook:free_port
-minimum = 22222
-maximum = 22231
-ip = ${slap-configuration:ipv6-random}
-
-[sshd-config]
-recipe = slapos.recipe.template:jinja2
-output = ${directory:etc}/sshd.conf
-path_pid = ${directory:run}/sshd.pid
-inline =
-  PidFile ${:path_pid}
-  Port ${sshd-port:port}
-  ListenAddress ${slap-configuration:ipv6-random}
-  Protocol 2
-  HostKey ${sshd-ssh-host-rsa-key:output}
-  HostKey ${sshd-ssh-host-ecdsa-key:output}
-  PasswordAuthentication no
-  PubkeyAuthentication yes
-  HostKeyAlgorithms ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521
-  AuthorizedKeysFile ${buildout:directory}/.ssh/authorized_keys
-  Subsystem sftp {{ openssh_location }}/libexec/sftp-server
-
-[sshd-service]
-recipe = slapos.cookbook:wrapper
-command-line = {{ openssh_location }}/sbin/sshd -D -e -f ${sshd-config:output}
-wrapper-path = ${directory:service}/sshd
-hash-files = ${sshd-config:output}
-environment =
-  HOME=${directory:home}
-
-[sshd-add-authorized-key]
-recipe = slapos.cookbook:dropbear.add_authorized_key
-home = ${buildout:directory}
-key = {{ slapparameter_dict.get("user-authorized-key", '') }}
-
-[sshd-ssh-keygen-base]
-recipe = plone.recipe.command
-output = ${directory:etc}/${:_buildout_section_name_}
-command = {{ openssh_output_keygen }} -f ${:output} -N '' ${:extra-args}
-
-[sshd-ssh-host-rsa-key]
-<=sshd-ssh-keygen-base
-extra-args=-t rsa
-[sshd-ssh-host-ecdsa-key]
-<=sshd-ssh-keygen-base
-extra-args=-t ecdsa -b 521
-
-[sshd-promise]
-<= monitor-promise-base
-promise = check_socket_listening
-name = sshd.py
-config-host = ${slap-configuration:ipv6-random}
-config-port = ${sshd-port:port}
-
 [config-base]
 recipe = slapos.recipe.template:jinja2
 extensions = jinja2.ext.do
@@ -351,12 +287,6 @@ current-earfcn  = {{ ors_version['current-earfcn'] }}
 amarisoft-version = {{ lte_version }}
 license-expiration = {{ lte_expiration }}
 monitor-gadget-url = ${:monitor-base-url}/gadget/software.cfg.html
-{% if ru == "lopcomm" %}
-ssh-command = ssh ${user-info:pw-name}@${slap-configuration:ipv6-random} -p ${sshd-port:port}
-ssh-url = ssh://${user-info:pw-name}@[${slap-configuration:ipv6-random}]:${sshd-port:port}
-ru-firmware = {{ru_lopcomm_firmware_filename}}
-ru-ipv6 = ${slap-configuration:tap-ipv6-gateway}
-{% endif %}

 [monitor-instance-parameter]
 {% if slapparameter_dict.get("name", None) %}

--- a/software/ors-amarisoft/ru/libinstance.jinja2.cfg
+++ b/software/ors-amarisoft/ru/libinstance.jinja2.cfg
@@ -7,7 +7,7 @@

      {%- import 'slaplte.jinja2'  as slaplte     with context %}

-    NOTE: driver-specific logic is implemented in rudrv.buildout_ru() .
+    NOTE: driver-specific logic is implemented in rudrv .buildout_ru() and .buildout() .
 #}

 {#- cell_list keeps cell registry #}
@@ -39,6 +39,7 @@ config-stats-period = {{ slapparameter_dict.get("enb_stats_fetch_period", 60) }}
 {%-   set rudrv_dict = namespace(sdr=rudrv_sdr,
                                 lopcomm=rudrv_lopcomm,
                                 sunwave=rudrv_sunwave) %}
+{%-   set rudrv_init = {} %}

 {#-   split slapos tap interface for each RU
      fallback to non-split approach for ntap <= 1 to avoid hard-dependecy on setcap/tapsplit
@@ -185,6 +186,10 @@ config-amarisoft-stats-log = ${amarisoft-stats-template:log-output}
 config-max-rx-sample-db = {{ slapparameter_dict.get("max_rx_sample_db", 0) }}

 {#-     driver-specific part #}
+{%-     if not rudrv_init.get(ru_type) %}
+{{        rudrv.buildout()  }}
+{%-       do rudrv_init.update({ru_type: 1}) %}
+{%-     endif %}
 {{      rudrv.buildout_ru(ru_ref, cell) }}
 {%-   endfor %}


--- a/software/ors-amarisoft/ru/lopcomm/libinstance.jinja2.cfg
+++ b/software/ors-amarisoft/ru/lopcomm/libinstance.jinja2.cfg
@@ -18,7 +18,7 @@ extensions = jinja2.ext.do
 _logbase = ${directory:var}/log/{{ru_ref}}-software
 log-output = ${:_logbase}.log
 software-reply-json-log-output = ${:_logbase}-reply.json.log
-remote-file-path = sftp://${user-info:pw-name}@[${slap-configuration:ipv6-random}]:${sshd-port:port}{{ru_lopcomm_firmware_path}}
+remote-file-path = sftp://${user-info:pw-name}@[${sshd-service:ipv6}]:${sshd-service:port}{{ru_lopcomm_firmware_path}}
 is_firmware_updated = ${directory:etc}/{{ru_ref}}.is_firmware_updated
 context =
  section directory directory
@@ -214,4 +214,77 @@ hash-files =

 {%- endif %}

+
+{#- amend published information with Lopcomm-specific bits
+    TODO make it per-RU #}
+[publish-connection-information]
+ssh-command = ssh ${user-info:pw-name}@${sshd-service:ipv6} -p ${sshd-service:port}
+ssh-url = ssh://${user-info:pw-name}@[${sshd-service:ipv6}]:${sshd-service:port}
+ru-firmware = {{ru_lopcomm_firmware_filename}}
+ru-ipv6 = ${slap-configuration:tap-ipv6-gateway}
+
+{%- endmacro  %}
+
+
+{%- macro buildout()  %}
+
+# deploy openssh-server for software upgrade
+[user-info]
+recipe = slapos.cookbook:userinfo
+
+[sshd-port]
+recipe = slapos.cookbook:free_port
+minimum = 22222
+maximum = 22231
+ip = ${slap-configuration:ipv6-random}
+
+[sshd-config]
+recipe = slapos.recipe.template:jinja2
+output = ${directory:etc}/sshd.conf
+path_pid = ${directory:run}/sshd.pid
+inline =
+  PidFile ${:path_pid}
+  Port ${sshd-port:port}
+  ListenAddress ${sshd-port:ip}
+  Protocol 2
+  HostKey ${sshd-ssh-host-rsa-key:output}
+  HostKey ${sshd-ssh-host-ecdsa-key:output}
+  PasswordAuthentication no
+  PubkeyAuthentication yes
+  HostKeyAlgorithms ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521
+  AuthorizedKeysFile ${buildout:directory}/.ssh/authorized_keys
+  Subsystem sftp {{ openssh_location }}/libexec/sftp-server
+
+{{ part('sshd-service') }}
+recipe = slapos.cookbook:wrapper
+command-line = {{ openssh_location }}/sbin/sshd -D -e -f ${sshd-config:output}
+wrapper-path = ${directory:service}/sshd
+hash-files = ${sshd-config:output}
+environment =
+  HOME=${directory:home}
+ipv6 = ${sshd-port:ip}
+port = ${sshd-port:port}
+
+{{ part('sshd-add-authorized-key') }}
+recipe = slapos.cookbook:dropbear.add_authorized_key
+home = ${buildout:directory}
+key = {{ slapparameter_dict.get("user-authorized-key", '') }}
+
+[sshd-ssh-keygen-base]
+recipe = plone.recipe.command
+output = ${directory:etc}/${:_buildout_section_name_}
+command = {{ openssh_output_keygen }} -f ${:output} -N '' ${:extra-args}
+
+[sshd-ssh-host-rsa-key]
+<=sshd-ssh-keygen-base
+extra-args=-t rsa
+[sshd-ssh-host-ecdsa-key]
+<=sshd-ssh-keygen-base
+extra-args=-t ecdsa -b 521
+
+{{ promise('sshd') }}
+promise = check_socket_listening
+config-host = ${sshd-service:ipv6}
+config-port = ${sshd-service:port}
+
 {%- endmacro  %}
--- a/software/ors-amarisoft/ru/sdr/libinstance.jinja2.cfg
+++ b/software/ors-amarisoft/ru/sdr/libinstance.jinja2.cfg
@@ -3,3 +3,7 @@
 {%- macro buildout_ru(ru_ref, cell)  %}
 {#-  nothing SDR-specific #}
 {%- endmacro  %}
+
+{%- macro buildout()  %}
+{#-  nothing SDR-specific #}
+{%- endmacro  %}
--- a/software/ors-amarisoft/ru/sunwave/libinstance.jinja2.cfg
+++ b/software/ors-amarisoft/ru/sunwave/libinstance.jinja2.cfg
@@ -3,3 +3,7 @@
 {%- macro buildout_ru(ru_ref, cell)  %}
 {#-  nothing SunWave-specific #}
 {%- endmacro  %}
+
+{%- macro buildout()  %}
+{#-  nothing SunWave-specific #}
+{%- endmacro  %}