Campus Network-as-a-Service - Network Management System. Software to automate management of a campus network (LAN). This is an open source software developed as part of SUNETs managed service.
Planned features:
- Zero-touch provisioning of switches
- Automation of common changes for campus LAN
- Automated procedure for firmware upgrades
- Multi-vendor support
Runtime dependencies are specified in [project].dependencies in pyproject.toml.
Development dependencies are in [dependency-groups] with two groups: dev and docs.
pip install . # runtime dependencies
pip install --group dev # test/lint tools (pytest, mypy, ruff, etc.)
pip install --group docs # documentation tools (sphinx)Note: --group requires pip 25.1 or later.
Docker and docker compose or:
- Python 3.13
pip install .(andpip install --group devfor development)- SQL database, Redis
Build and run the production image:
docker compose -f docker/docker-compose.yaml buildLocal development builds on the test compose (with test data) and adds source mounting:
docker compose -f docker/docker-compose_test.yaml -f docker/docker-compose.dev.yaml build
docker compose -f docker/docker-compose_test.yaml -f docker/docker-compose.dev.yaml up -dThe dev overlay automatically:
- Mounts your local
src/directory with hot reloading (uwsgi auto-reloads on Python file changes) - Generates JWT keypair and CA certificates
- Clones integrationtest templates and settings repositories
Access points:
- API: https://localhost/api/v1.0/
- Swagger UI: https://localhost/api/doc/
Get a dev token for API access:
docker compose -f docker/docker-compose_test.yaml -f docker/docker-compose.dev.yaml exec cnaas_api cat /opt/cnaas/jwtcert/dev-tokenUse the token:
- Swagger UI: Click "Authorize", enter
Bearer <token>, then click "Authorize" - curl:
curl -ks -H "Authorization: Bearer <token>" https://localhost/api/v1.0/devices
Tear down containers when done:
docker compose -f docker/docker-compose_test.yaml -f docker/docker-compose.dev.yaml downInstall locally by creating a virtualenv and activate the environment, then:
python3 -m pip install .
cp etc/db_config.yml.sample /etc/cnaas-nms/db_config.yml
Edit db_config.yml to point to your SQL and Redis database.
Run tests locally with pre-provisioned test data:
./docker/run-tests-local.shThis script:
- Starts PostgreSQL and Redis containers if not running
- Clones test templates/settings to
.test-data/(once, reused on subsequent runs) - Runs unit tests first, then integration tests
Currently we can use two styles for the authorization. We can use the original style or use OIDC style. For OIDC we need to define some env variables or add a auth_config.yaml in the config. The needed variables are: OIDC_CONF_WELL_KNOWN_URL, OIDC_CLIENT_SECRET, OIDC_CLIENT_ID, FRONTEND_CALLBACK_URL and OIDC_ENABLED. To use the OIDC style the last variable needs to be set to true.
Copyright (c) 2019 - 2020, SUNET (BSD 2-clause license)
See LICENSE.txt for more info.