ironcore-dev
diff --git a/‎PROJECT‎
Lines changed: 9 additions & 0 deletions b/‎PROJECT‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎Tiltfile‎
Lines changed: 32 additions & 27 deletions b/‎Tiltfile‎
Lines changed: 32 additions & 27 deletions
diff --git a/‎api/v1alpha1/nxosvpc_types.go‎
Lines changed: 157 additions & 0 deletions b/‎api/v1alpha1/nxosvpc_types.go‎
Lines changed: 157 additions & 0 deletions
@@ -118,4 +118,13 @@ resources:
   kind: ISIS
   path: github.com/ironcore-dev/network-operator/api/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: cloud.sap
+  group: networking
+  kind: NXOSVPC
+  path: github.com/ironcore-dev/network-operator/api/v1alpha1
+  version: v1alpha1
 version: "3"
@@ -22,7 +22,7 @@ local_resource('controller-gen', 'make generate', ignore=['*/*/zz_generated.deep
 
 docker_build('ghcr.io/ironcore-dev/gnmi-test-server:latest', './test/gnmi')
 
-provider = os.getenv('PROVIDER', 'openconfig')
+provider = os.getenv('PROVIDER', 'cisco-nxos-gnmi')
 
 manager = kustomize('config/develop')
 manager = str(manager).replace('--provider=openconfig', '--provider={}'.format(provider))
@@ -41,42 +41,47 @@ def device_yaml():
 k8s_yaml(device_yaml())
 k8s_resource(new_name='leaf1', objects=['leaf1:device', 'secret-basic-auth:secret'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
-k8s_yaml('./config/samples/v1alpha1_interface.yaml')
-k8s_resource(new_name='lo0', objects=['lo0:interface'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
-k8s_resource(new_name='lo1', objects=['lo1:interface'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
-k8s_resource(new_name='eth1-1', objects=['eth1-1:interface'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
-k8s_resource(new_name='eth1-2', objects=['eth1-2:interface'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
-k8s_resource(new_name='eth1-10', objects=['eth1-10:interface'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_yaml('./config/samples/v1alpha1_interface.yaml')
+# k8s_resource(new_name='lo0', objects=['lo0:interface'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_resource(new_name='lo1', objects=['lo1:interface'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_resource(new_name='eth1-1', objects=['eth1-1:interface'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_resource(new_name='eth1-2', objects=['eth1-2:interface'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_resource(new_name='eth1-10', objects=['eth1-10:interface'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
-k8s_yaml('./config/samples/v1alpha1_banner.yaml')
-k8s_resource(new_name='banner', objects=['banner:banner'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_yaml('./config/samples/v1alpha1_banner.yaml')
+# k8s_resource(new_name='banner', objects=['banner:banner'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
-k8s_yaml('./config/samples/v1alpha1_user.yaml')
-k8s_resource(new_name='user', objects=['user:user', 'user-password:secret', 'user-ssh-key:secret'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_yaml('./config/samples/v1alpha1_user.yaml')
+# k8s_resource(new_name='user', objects=['user:user', 'user-password:secret', 'user-ssh-key:secret'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
-k8s_yaml('./config/samples/v1alpha1_dns.yaml')
-k8s_resource(new_name='dns', objects=['dns:dns'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_yaml('./config/samples/v1alpha1_dns.yaml')
+# k8s_resource(new_name='dns', objects=['dns:dns'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
-k8s_yaml('./config/samples/v1alpha1_ntp.yaml')
-k8s_resource(new_name='ntp', objects=['ntp:ntp'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_yaml('./config/samples/v1alpha1_ntp.yaml')
+# k8s_resource(new_name='ntp', objects=['ntp:ntp'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
-k8s_yaml('./config/samples/v1alpha1_acl.yaml')
-k8s_resource(new_name='acl', objects=['acl:accesscontrollist'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_yaml('./config/samples/v1alpha1_acl.yaml')
+# k8s_resource(new_name='acl', objects=['acl:accesscontrollist'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
-k8s_yaml('./config/samples/v1alpha1_certificate.yaml')
-k8s_resource(new_name='trustpoint', objects=['network-operator:issuer', 'network-operator-ca:certificate', 'trustpoint:certificate'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_yaml('./config/samples/v1alpha1_certificate.yaml')
+# k8s_resource(new_name='trustpoint', objects=['network-operator:issuer', 'network-operator-ca:certificate', 'trustpoint:certificate'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
-k8s_yaml('./config/samples/v1alpha1_snmp.yaml')
-k8s_resource(new_name='snmp', objects=['snmp:snmp'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_yaml('./config/samples/v1alpha1_snmp.yaml')
+# k8s_resource(new_name='snmp', objects=['snmp:snmp'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
-k8s_yaml('./config/samples/v1alpha1_syslog.yaml')
-k8s_resource(new_name='syslog', objects=['syslog:syslog'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_yaml('./config/samples/v1alpha1_syslog.yaml')
+# k8s_resource(new_name='syslog', objects=['syslog:syslog'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
-k8s_yaml('./config/samples/v1alpha1_managementaccess.yaml')
-k8s_resource(new_name='managementaccess', objects=['managementaccess:managementaccess'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+# k8s_yaml('./config/samples/v1alpha1_managementaccess.yaml')
+# k8s_resource(new_name='managementaccess', objects=['managementaccess:managementaccess'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+
+# k8s_yaml('./config/samples/v1alpha1_isis.yaml')
+# k8s_resource(new_name='underlay', objects=['underlay:isis'], resource_deps=['lo0', 'lo1', 'eth1-1', 'eth1-2'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
+
+# TODO: add resource_deps=['po1', 'po2'] when port-channel resource is implemented
+k8s_yaml('./config/samples/v1alpha1_nxosvpc.yaml')
+k8s_resource(new_name='vpc', objects=['nxosvpc:nxosvpc'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
-k8s_yaml('./config/samples/v1alpha1_isis.yaml')
-k8s_resource(new_name='underlay', objects=['underlay:isis'], resource_deps=['lo0', 'lo1', 'eth1-1', 'eth1-2'], trigger_mode=TRIGGER_MODE_MANUAL, auto_init=False)
 
 print('🚀 network-operator development environment')
 print('👉 Edit the code inside the api/, cmd/, or internal/ directories')
 
@@ -0,0 +1,157 @@
+// SPDX-FileCopyrightText: 2025 SAP SE or an SAP affiliate company and IronCore contributors
+// SPDX-License-Identifier: Apache-2.0
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// NXOSVPCSpec defines the desired state of NXOSVPC (Cisco's NXOS Virtual Port Channel)
+type NXOSVPCSpec struct {
+	// DeviceName is the name of the Device this object belongs to. The Device object must exist in the same namespace.
+	// Immutable.
+	// +required
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="DeviceRef is immutable"
+	DeviceRef LocalObjectReference `json:"deviceRef"`
+
+	// DomainID is the vPC domain ID.
+	// +required
+	// +kubebuilder:validation:Minimum=1
+	// +kubebuilder:validation:Maximum=1000
+	DomainID int32 `json:"domainId"`
+
+	// AdminState is the administrative state of the vPC domain.
+	// +required
+	// +kubebuilder:default="enabled"
+	// +kubebuilder:validation:Enum=enabled;disabled
+	AdminState string `json:"adminState,omitempty"`
+
+	// RolePriority is the role priority for this vPC domain.
+	// +required
+	// +kubebuilder:validation:Minimum=1
+	// +kubebuilder:validation:Maximum=65535
+	RolePriority uint16 `json:"rolePriority"`
+
+	// SystemPriority is the system priority for this vPC domain.
+	// +required
+	// +kubebuilder:validation:Minimum=1
+	// +kubebuilder:validation:Maximum=65535
+	SystemPriority uint16 `json:"systemPriority"`
+
+	// DelayRestoreSVI is the delay in bringing up bringing-up the interface-vlan
+	// +required
+	// +kubebuilder:validation:Minimum=1
+	// +kubebuilder:validation:Maximum=3600
+	DelayRestoreSVI uint16 `json:"delayRestoreSVI"`
+
+	// DelayRestoreVPC is the delay in bringing up the vPC links after restoring the peer-link
+	// +required
+	// +kubebuilder:validation:Minimum=1
+	// +kubebuilder:validation:Maximum=3600
+	DelayRestoreVPC uint16 `json:"delayRestoreVPC"`
+
+	// +required
+	FastConvergence AdminSt `json:"fastConvergence"`
+
+	// +required
+	Peer Peer `json:"peer"`
+}
+
+// AdminSt represents administrative state (enabled/disabled)
+type AdminSt struct {
+	// +required
+	Enabled bool `json:"enabled"`
+}
+
+type Peer struct {
+	// +required
+	KeepAlive KeepAlive `json:"keepalive"`
+
+	// +required
+	AutoRecovery AutoRecovery `json:"autoRecovery"`
+
+	// +required
+	Switch AdminSt `json:"switch"`
+
+	// +required
+	Gateway AdminSt `json:"gateway"`
+
+	// Router defines layer3 peer-router settings
+	// +required
+	Router AdminSt `json:"router"`
+}
+
+type KeepAlive struct {
+	// Destination is the destination IP address
+	// +required
+	Destination string `json:"destination"`
+
+	// Source is the source IP address
+	// +required
+	Source string `json:"source"`
+
+	// +optional
+	VRF string `json:"vrf,omitempty"`
+}
+
+// AutoRecovery holds autorecovery settings.
+// +kubebuilder:validation:XValidation:rule="self.enabled ? has(self.reloadDelay) : !has(self.reloadDelay)",message="reloadDelay must be set when enabled and absent when disabled"
+type AutoRecovery struct {
+	// +required
+	Enabled bool `json:"enabled,omitempty"`
+
+	// +optional
+	// +kubebuilder:validation:Minimum=60
+	// +kubebuilder:validation:Maximum=3600
+	ReloadDelay uint32 `json:"reloadDelay,omitempty"`
+}
+
+// NXOSVPCStatus defines the observed state of NXOSVPC.
+type NXOSVPCStatus struct {
+	// The conditions are a list of status objects that describe the state of the VPC.
+	//+listType=map
+	//+listMapKey=type
+	//+patchStrategy=merge
+	//+patchMergeKey=type
+	//+optional
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+// +kubebuilder:resource:path=nxosvpcs
+// +kubebuilder:resource:singular=nxosvpc
+// +kubebuilder:resource:shortName=vpc
+// +kubebuilder:printcolumn:name="Domain",type=string,JSONPath=`.spec.domainId`
+// +kubebuilder:printcolumn:name="AdminState",type=string,JSONPath=`.spec.adminState`
+// +kubebuilder:printcolumn:name="Device",type=string,JSONPath=`.spec.deviceRef.name`
+// +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=`.status.conditions[?(@.type=="Ready")].status`
+// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
+
+// NXOSVPC is the Schema for the nxosvpcs API
+type NXOSVPC struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	// spec defines the desired state of NXOSVPC
+	// +required
+	Spec NXOSVPCSpec `json:"spec,omitempty"`
+
+	// status defines the observed state of NXOSVPC
+	// +optional
+	Status NXOSVPCStatus `json:"status,omitempty,omitzero"`
+}
+
+// +kubebuilder:object:root=true
+
+// NXOSVPCList contains a list of NXOSVPC
+type NXOSVPCList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []NXOSVPC `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&NXOSVPC{}, &NXOSVPCList{})
+}