Campus Network-as-a-Service - Network Management System. Software to automate management of a campus network (LAN). This is an open source software developed as part of SUNETs managed service.
Planned features:
- Zero-touch provisioning of switches
- Automation of common changes for campus LAN
- Automated procedure for firmware upgrades
- Multi-vendor support
Runtime dependencies are specified in [project].dependencies in pyproject.toml.
Development dependencies are in [dependency-groups] with two groups: dev and docs.
pip install . # runtime dependencies
pip install --group dev # test/lint tools (pytest, mypy, ruff, etc.)
pip install --group docs # documentation tools (sphinx)Note: --group requires pip 25.1 or later.
Docker and docker compose or:
- python3.11 or later
pip install .(andpip install --group devfor development)- SQL database, Redis
Build and run the production image:
docker compose -f docker/docker-compose.yaml buildLocal development builds on the test compose (with test data) and adds source mounting:
docker compose -f docker/docker-compose_test.yaml -f docker/docker-compose.dev.yaml build
docker compose -f docker/docker-compose_test.yaml -f docker/docker-compose.dev.yaml up -dThe dev overlay automatically:
- Mounts your local
src/directory with hot reloading (uwsgi auto-reloads on Python file changes) - Generates JWT keypair and CA certificates
- Clones integrationtest templates and settings repositories
Access points:
- API: https://localhost/api/v1.0/
- Swagger UI: https://localhost/api/doc/
Get a dev token for API access:
docker compose -f docker/docker-compose_test.yaml -f docker/docker-compose.dev.yaml exec cnaas_api cat /opt/cnaas/jwtcert/dev-tokenUse the token:
- Swagger UI: Click "Authorize", enter
Bearer <token>, then click "Authorize" - curl:
curl -ks -H "Authorization: Bearer <token>" https://localhost/api/v1.0/devices
Install locally by creating a virtualenv and activate the environment, then:
python3 -m pip install .
cp etc/db_config.yml.sample /etc/cnaas-nms/db_config.yml
Edit db_config.yml to point to your SQL and Redis database.
cd src/
pytest
Two marks can be used for pytest: integration and equipment, that can be be used to do a subset of all tests. Eg
pytest -m "not integration and not equipment"
Note that and must be used to apply filters at the same time.
If the tests should not spin up any containers at all, set the environment variable EXTERNAL_TEST_CONTAINERS, eg
EXTERNAL_TEST_CONTAINERS=1 pytest -m "not equipment"
Currently we can use two styles for the authorization. We can use the original style or use OIDC style. For OIDC we need to define some env variables or add a auth_config.yaml in the config. The needed variables are: OIDC_CONF_WELL_KNOWN_URL, OIDC_CLIENT_SECRET, OIDC_CLIENT_ID, FRONTEND_CALLBACK_URL and OIDC_ENABLED. To use the OIDC style the last variable needs to be set to true.
Copyright (c) 2019 - 2020, SUNET (BSD 2-clause license)
See LICENSE.txt for more info.