Replace Capirca dependency with latest Aerleon (new PR)

[loulecrivain]

Closes #236

What's Changed

• Removed capirca from dependencies
• Added aerleon as a dependency
• Replaced all references of capirca with aerleon

• Bumped aerleon to latest release.
• Added changes for documentation, which was not addressed by previous PR
• More renaming, previous PR missed some variables
• Added Fortigate and Proxmox firewall hints (newly supported by Aerleon 1.10.0)

Rebased upon latest develop and solved conflicts.

I had to do some minor changes from previous PR (JSON Schema and some class property defaults which were different).

I'll test this in our lab and report if we have any issues for config generation from the app.

cc @ankenyr

[ankenyr]

Wow, surprised to see this in my inbox this morning. It looks good but I am not overly familiar with the code base.
@itdependsnetworks if there are things we can do to help support more development or make things better let us know.

[loulecrivain]

Summary of supplementary changes:

• Added changes for documentation, which was not addressed by previous PR
• More renaming, previous PR missed some variables

Forward and backward database migrations are OK as far as I can see (tested today with small non-prod data set).

[loulecrivain]

Edited PR description to reflect new changes

[loulecrivain]

cc @johannwagner

[itdependsnetworks]

Finally looked into this. This would be a breaking change.. which I am okay with. That being said need to consider to following for a smooth transition:

• Setting helpers, to note in code and fail before startup that there is capirca configs that should be removed.
• Custom driver helpers, to note in code and fail before startup that the old custom driver no longer works
• The transition documentation

Also, it would be good to understand what type of testing you have done.

[loulecrivain]

Also, it would be good to understand what type of testing you have done.

Regarding testing, we did the following things:

• Test this PR in a lab environment. We are using Nautobot in production, and in Lab.
• Test firewall configuration generation for iptables, fortigate and proxmox in the lab environment.
• Test forward and backward migrations (contained in this PR) in the lab environment.

Currently we're still in the testing phase for Firewall Models App, and we do not have any live, production deployments built on top of it atm. This change is part of work we're doing to adapt it to our specific requirements. I have already contributed at Aerleon for Proxmox firewall support and helped Rob (Aerleon maintainer) for Fortigate support (part of our requirements).

[johannwagner]

@itdependsnetworks

I just added the configuration checks for leftover capirca configuration.

Would you mind explaining Custom driver helpers, to note in code and fail before startup that the old custom driver no longer works a bit more? I assume, I am missing experience to understand the requirement?

[itdependsnetworks]

The code changes look sane. I think need to consider id we make the name generic? I somewhat regret calling it Capirca to begin with, for this exact reason.

For custom integration, see the below from these docs

[loulecrivain]

The code changes look sane. I think need to consider id we make the name generic? I somewhat regret calling it Capirca to begin with, for this exact reason.

We could make it generic but also I don't think we're that likely to change backend again soon(?). And I would consider it ok having to do a big refactor/renaming only one time.

The reason we proposed Aerleon was because, for us, it was way easier to get features upstreamed compared to Capirca. With the Aerleon backend under NTC umbrella maintenance should be easier IMO. I'll let you decide.

For custom integration, see the below from these docs

Thanks!

[itdependsnetworks]

Spoke with @jdrew82 we have some thoughts. Just need to finalize with @cmsirbu, which I will setup time to meet next week. In the meantime:

• I will create a next branch and point this PR to that branch
• May prepare some other changes (specifically NautobotUIViewSet and UI Component changes) with the 3.0 release.

[loulecrivain]

ok thx @itdependsnetworks. do you know if there will be room to also squeeze #316 in the next release?

[itdependsnetworks]

Before a major release will for sure get that in.

[itdependsnetworks]

Finally got around to it, but internally we decided to support both capirca and aerleon in a generic model, defaulting to Aerleon. Both will be able to co-exists before we sunset the current way of doing it.

Appreciate all of your efforts and it was helpful to review this PR as making all of the changes

See PR: #337.

[loulecrivain]

Ok, I understand wanting to let the users choose rather than deciding for them. I'll check if we can still provide work on #316 (which is still open on your side afaik), given it was dependent on this exact PR and will very likely require rework.