From a8ad19d4ac91881c10083d632088bf9226bd20f9 Mon Sep 17 00:00:00 2001 From: Junchao-Mellanox <57339448+Junchao-Mellanox@users.noreply.github.com> Date: Thu, 28 Dec 2023 20:53:49 +0800 Subject: [PATCH] [202305] Optimize syslog rate limit feature for fast and warm boot (#17478) Backport PR #17458 due to conflict. Why I did it Optimize syslog rate limit feature for fast and warm boot Work item tracking Microsoft ADO (number only): How I did it Optimize redis start time Don't render rsyslog.conf in container startup script Disable containercfgd by default. There is a new CLI to enable it (in another PR) How to verify it Manual test Regression test --- dockers/docker-base-bullseye/Dockerfile.j2 | 2 +- dockers/docker-base-bullseye/etc/rsyslog.conf | 78 ++++++++++++++++ dockers/docker-base-buster/Dockerfile.j2 | 2 +- dockers/docker-base-buster/etc/rsyslog.conf | 78 ++++++++++++++++ .../etc/supervisor/containercfgd.conf | 9 -- dockers/docker-base-stretch/Dockerfile.j2 | 2 +- dockers/docker-base-stretch/etc/rsyslog.conf | 78 ++++++++++++++++ .../etc/supervisor/containercfgd.conf | 9 -- dockers/docker-base/Dockerfile.j2 | 2 +- dockers/docker-base/etc/rsyslog.conf | 78 ++++++++++++++++ .../etc/supervisor/containercfgd.conf | 9 -- dockers/docker-database/supervisord.conf.j2 | 4 +- dockers/docker-platform-monitor/Dockerfile.j2 | 1 + .../docker-platform-monitor/etc/rsyslog.conf | 89 +++++++++++++++++++ files/build_templates/docker_image_ctl.j2 | 38 ++++---- .../build_templates/sonic_debian_extension.j2 | 3 + .../containercfgd}/containercfgd.conf | 0 .../rsyslog/rsyslog-container.conf.j2 | 17 ++-- .../containercfgd/containercfgd.py | 20 ++--- .../tests/test_config_daemon.py | 3 + .../tests/test_syslog_config.py | 11 +-- 21 files changed, 455 insertions(+), 78 deletions(-) create mode 100644 dockers/docker-base-bullseye/etc/rsyslog.conf create mode 100644 dockers/docker-base-buster/etc/rsyslog.conf delete mode 100644 dockers/docker-base-buster/etc/supervisor/containercfgd.conf create mode 100644 dockers/docker-base-stretch/etc/rsyslog.conf delete mode 100644 dockers/docker-base-stretch/etc/supervisor/containercfgd.conf create mode 100644 dockers/docker-base/etc/rsyslog.conf delete mode 100644 dockers/docker-base/etc/supervisor/containercfgd.conf create mode 100644 dockers/docker-platform-monitor/etc/rsyslog.conf rename {dockers/docker-base-bullseye/etc/supervisor => files/image_config/containercfgd}/containercfgd.conf (100%) diff --git a/dockers/docker-base-bullseye/Dockerfile.j2 b/dockers/docker-base-bullseye/Dockerfile.j2 index 1fa7196ea67c..b31e986e770d 100644 --- a/dockers/docker-base-bullseye/Dockerfile.j2 +++ b/dockers/docker-base-bullseye/Dockerfile.j2 @@ -119,10 +119,10 @@ RUN apt-get clean -y && \ apt-get autoremove -y && \ rm -rf /var/lib/apt/lists/* /tmp/* ~/.cache +COPY ["etc/rsyslog.conf", "/etc/rsyslog.conf"] COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"] COPY ["root/.vimrc", "/root/.vimrc"] RUN ln /usr/bin/vim.tiny /usr/bin/vim COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"] -COPY ["etc/supervisor/containercfgd.conf", "/etc/supervisor/conf.d/"] diff --git a/dockers/docker-base-bullseye/etc/rsyslog.conf b/dockers/docker-base-bullseye/etc/rsyslog.conf new file mode 100644 index 000000000000..7a6667d68a13 --- /dev/null +++ b/dockers/docker-base-bullseye/etc/rsyslog.conf @@ -0,0 +1,78 @@ +# +# /etc/rsyslog.conf Configuration file for rsyslog. +# +# For more information see +# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html + + +################# +#### MODULES #### +################# + +$ModLoad imuxsock # provides support for local system logging + +# +# Set a rate limit on messages from the container +# +$SystemLogRateLimitInterval 300 +$SystemLogRateLimitBurst 20000 + +#$ModLoad imklog # provides kernel logging support +#$ModLoad immark # provides --MARK-- message capability + +# provides UDP syslog reception +#$ModLoad imudp +#$UDPServerRun 514 + +# provides TCP syslog reception +#$ModLoad imtcp +#$InputTCPServerRun 514 + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +set $.CONTAINER_NAME=getenv("CONTAINER_NAME"); + +# Set remote syslog server +template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%") +*.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer") + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# Define a custom template +$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n" +$ActionFileDefaultTemplate SONiCFileFormat + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# +# Where to place spool and state files +# +$WorkDirectory /var/spool/rsyslog + +# +# Include all config files in /etc/rsyslog.d/ +# +$IncludeConfig /etc/rsyslog.d/*.conf + +# +# Suppress duplicate messages and report "message repeated n times" +# +$RepeatedMsgReduction on + +############### +#### RULES #### +############### \ No newline at end of file diff --git a/dockers/docker-base-buster/Dockerfile.j2 b/dockers/docker-base-buster/Dockerfile.j2 index 3b76ef691718..30be76bc902d 100644 --- a/dockers/docker-base-buster/Dockerfile.j2 +++ b/dockers/docker-base-buster/Dockerfile.j2 @@ -117,10 +117,10 @@ RUN apt-get clean -y && \ apt-get autoremove -y && \ rm -rf /var/lib/apt/lists/* /tmp/* ~/.cache/ +COPY ["etc/rsyslog.conf", "/etc/rsyslog.conf"] COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"] COPY ["root/.vimrc", "/root/.vimrc"] RUN ln /usr/bin/vim.tiny /usr/bin/vim COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"] -COPY ["etc/supervisor/containercfgd.conf", "/etc/supervisor/conf.d/"] diff --git a/dockers/docker-base-buster/etc/rsyslog.conf b/dockers/docker-base-buster/etc/rsyslog.conf new file mode 100644 index 000000000000..7a6667d68a13 --- /dev/null +++ b/dockers/docker-base-buster/etc/rsyslog.conf @@ -0,0 +1,78 @@ +# +# /etc/rsyslog.conf Configuration file for rsyslog. +# +# For more information see +# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html + + +################# +#### MODULES #### +################# + +$ModLoad imuxsock # provides support for local system logging + +# +# Set a rate limit on messages from the container +# +$SystemLogRateLimitInterval 300 +$SystemLogRateLimitBurst 20000 + +#$ModLoad imklog # provides kernel logging support +#$ModLoad immark # provides --MARK-- message capability + +# provides UDP syslog reception +#$ModLoad imudp +#$UDPServerRun 514 + +# provides TCP syslog reception +#$ModLoad imtcp +#$InputTCPServerRun 514 + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +set $.CONTAINER_NAME=getenv("CONTAINER_NAME"); + +# Set remote syslog server +template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%") +*.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer") + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# Define a custom template +$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n" +$ActionFileDefaultTemplate SONiCFileFormat + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# +# Where to place spool and state files +# +$WorkDirectory /var/spool/rsyslog + +# +# Include all config files in /etc/rsyslog.d/ +# +$IncludeConfig /etc/rsyslog.d/*.conf + +# +# Suppress duplicate messages and report "message repeated n times" +# +$RepeatedMsgReduction on + +############### +#### RULES #### +############### \ No newline at end of file diff --git a/dockers/docker-base-buster/etc/supervisor/containercfgd.conf b/dockers/docker-base-buster/etc/supervisor/containercfgd.conf deleted file mode 100644 index 704b5490c3fb..000000000000 --- a/dockers/docker-base-buster/etc/supervisor/containercfgd.conf +++ /dev/null @@ -1,9 +0,0 @@ -[program:containercfgd] -command=python3 /usr/local/bin/containercfgd -priority=99 -autostart=false -autorestart=unexpected -stdout_logfile=syslog -stderr_logfile=syslog -dependent_startup=true -dependent_startup_wait_for=rsyslogd:running diff --git a/dockers/docker-base-stretch/Dockerfile.j2 b/dockers/docker-base-stretch/Dockerfile.j2 index 5db96e37ba0b..dcdde00fb358 100644 --- a/dockers/docker-base-stretch/Dockerfile.j2 +++ b/dockers/docker-base-stretch/Dockerfile.j2 @@ -113,10 +113,10 @@ RUN apt-get clean -y && \ apt-get autoremove -y && \ rm -rf /var/lib/apt/lists/* /tmp/* +COPY ["etc/rsyslog.conf", "/etc/rsyslog.conf"] COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"] COPY ["root/.vimrc", "/root/.vimrc"] RUN ln /usr/bin/vim.tiny /usr/bin/vim COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"] -COPY ["etc/supervisor/containercfgd.conf", "/etc/supervisor/conf.d/"] diff --git a/dockers/docker-base-stretch/etc/rsyslog.conf b/dockers/docker-base-stretch/etc/rsyslog.conf new file mode 100644 index 000000000000..7a6667d68a13 --- /dev/null +++ b/dockers/docker-base-stretch/etc/rsyslog.conf @@ -0,0 +1,78 @@ +# +# /etc/rsyslog.conf Configuration file for rsyslog. +# +# For more information see +# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html + + +################# +#### MODULES #### +################# + +$ModLoad imuxsock # provides support for local system logging + +# +# Set a rate limit on messages from the container +# +$SystemLogRateLimitInterval 300 +$SystemLogRateLimitBurst 20000 + +#$ModLoad imklog # provides kernel logging support +#$ModLoad immark # provides --MARK-- message capability + +# provides UDP syslog reception +#$ModLoad imudp +#$UDPServerRun 514 + +# provides TCP syslog reception +#$ModLoad imtcp +#$InputTCPServerRun 514 + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +set $.CONTAINER_NAME=getenv("CONTAINER_NAME"); + +# Set remote syslog server +template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%") +*.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer") + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# Define a custom template +$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n" +$ActionFileDefaultTemplate SONiCFileFormat + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# +# Where to place spool and state files +# +$WorkDirectory /var/spool/rsyslog + +# +# Include all config files in /etc/rsyslog.d/ +# +$IncludeConfig /etc/rsyslog.d/*.conf + +# +# Suppress duplicate messages and report "message repeated n times" +# +$RepeatedMsgReduction on + +############### +#### RULES #### +############### \ No newline at end of file diff --git a/dockers/docker-base-stretch/etc/supervisor/containercfgd.conf b/dockers/docker-base-stretch/etc/supervisor/containercfgd.conf deleted file mode 100644 index 8d938e6f0ff3..000000000000 --- a/dockers/docker-base-stretch/etc/supervisor/containercfgd.conf +++ /dev/null @@ -1,9 +0,0 @@ -[program:containercfgd] -command=python /usr/local/bin/containercfgd -priority=99 -autostart=false -autorestart=unexpected -stdout_logfile=syslog -stderr_logfile=syslog -dependent_startup=true -dependent_startup_wait_for=rsyslogd:running diff --git a/dockers/docker-base/Dockerfile.j2 b/dockers/docker-base/Dockerfile.j2 index cd839e6075e0..7b812e28b13a 100644 --- a/dockers/docker-base/Dockerfile.j2 +++ b/dockers/docker-base/Dockerfile.j2 @@ -49,6 +49,7 @@ RUN apt-get -y install \ rsyslog \ less +COPY ["etc/rsyslog.conf", "/etc/rsyslog.conf"] COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"] COPY ["root/.vimrc", "/root/.vimrc"] @@ -67,7 +68,6 @@ RUN mkdir -p /etc/supervisor/conf.d RUN mkdir -p /var/log/supervisor COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"] -COPY ["etc/supervisor/containercfgd.conf", "/etc/supervisor/conf.d/"] RUN apt-get -y purge \ exim4 \ diff --git a/dockers/docker-base/etc/rsyslog.conf b/dockers/docker-base/etc/rsyslog.conf new file mode 100644 index 000000000000..7a6667d68a13 --- /dev/null +++ b/dockers/docker-base/etc/rsyslog.conf @@ -0,0 +1,78 @@ +# +# /etc/rsyslog.conf Configuration file for rsyslog. +# +# For more information see +# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html + + +################# +#### MODULES #### +################# + +$ModLoad imuxsock # provides support for local system logging + +# +# Set a rate limit on messages from the container +# +$SystemLogRateLimitInterval 300 +$SystemLogRateLimitBurst 20000 + +#$ModLoad imklog # provides kernel logging support +#$ModLoad immark # provides --MARK-- message capability + +# provides UDP syslog reception +#$ModLoad imudp +#$UDPServerRun 514 + +# provides TCP syslog reception +#$ModLoad imtcp +#$InputTCPServerRun 514 + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +set $.CONTAINER_NAME=getenv("CONTAINER_NAME"); + +# Set remote syslog server +template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%") +*.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer") + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# Define a custom template +$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n" +$ActionFileDefaultTemplate SONiCFileFormat + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# +# Where to place spool and state files +# +$WorkDirectory /var/spool/rsyslog + +# +# Include all config files in /etc/rsyslog.d/ +# +$IncludeConfig /etc/rsyslog.d/*.conf + +# +# Suppress duplicate messages and report "message repeated n times" +# +$RepeatedMsgReduction on + +############### +#### RULES #### +############### \ No newline at end of file diff --git a/dockers/docker-base/etc/supervisor/containercfgd.conf b/dockers/docker-base/etc/supervisor/containercfgd.conf deleted file mode 100644 index 8d938e6f0ff3..000000000000 --- a/dockers/docker-base/etc/supervisor/containercfgd.conf +++ /dev/null @@ -1,9 +0,0 @@ -[program:containercfgd] -command=python /usr/local/bin/containercfgd -priority=99 -autostart=false -autorestart=unexpected -stdout_logfile=syslog -stderr_logfile=syslog -dependent_startup=true -dependent_startup_wait_for=rsyslogd:running diff --git a/dockers/docker-database/supervisord.conf.j2 b/dockers/docker-database/supervisord.conf.j2 index c73c6e783e81..37af0220bb1e 100644 --- a/dockers/docker-database/supervisord.conf.j2 +++ b/dockers/docker-database/supervisord.conf.j2 @@ -38,12 +38,10 @@ dependent_startup=true {%- endif -%} command=/bin/bash -c "{ [[ -s /var/lib/{{ redis_inst }}/dump.rdb ]] || rm -f /var/lib/{{ redis_inst }}/dump.rdb; } && mkdir -p /var/lib/{{ redis_inst }} && exec /usr/bin/redis-server /etc/redis/redis.conf --bind {{ LOOPBACK_IP }} {{ redis_items['hostname'] }} --port {{ redis_items['port'] }} --unixsocket {{ redis_items['unix_socket_path'] }} --pidfile /var/run/redis/{{ redis_inst }}.pid --dir /var/lib/{{ redis_inst }}" priority=2 -autostart=false +autostart=true autorestart=false stdout_logfile=syslog stderr_logfile=syslog -dependent_startup=true -dependent_startup_wait_for=rsyslogd:running {% endfor %} {% endif %} diff --git a/dockers/docker-platform-monitor/Dockerfile.j2 b/dockers/docker-platform-monitor/Dockerfile.j2 index 1c6b484814c7..446c145a6df6 100755 --- a/dockers/docker-platform-monitor/Dockerfile.j2 +++ b/dockers/docker-platform-monitor/Dockerfile.j2 @@ -88,6 +88,7 @@ COPY ["docker-pmon.supervisord.conf.j2", "docker_init.j2", "/usr/share/sonic/tem COPY ["ssd_tools/*", "/usr/bin/"] COPY ["files/supervisor-proc-exit-listener", "/usr/bin"] COPY ["critical_processes", "/etc/supervisor"] +COPY ["etc/rsyslog.conf", "/etc/rsyslog.conf"] RUN sonic-cfggen -a "{\"CONFIGURED_PLATFORM\":\"{{CONFIGURED_PLATFORM}}\"}" -t /usr/share/sonic/templates/docker_init.j2 > /usr/bin/docker_init.sh RUN rm -f /usr/share/sonic/templates/docker_init.j2 diff --git a/dockers/docker-platform-monitor/etc/rsyslog.conf b/dockers/docker-platform-monitor/etc/rsyslog.conf new file mode 100644 index 000000000000..977c29a5d99d --- /dev/null +++ b/dockers/docker-platform-monitor/etc/rsyslog.conf @@ -0,0 +1,89 @@ +# +# /etc/rsyslog.conf Configuration file for rsyslog. +# +# For more information see +# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html + + +################# +#### MODULES #### +################# + +$ModLoad imuxsock # provides support for local system logging + +# +# Set a rate limit on messages from the container +# +$SystemLogRateLimitInterval 300 +$SystemLogRateLimitBurst 20000 + +#$ModLoad imklog # provides kernel logging support +#$ModLoad immark # provides --MARK-- message capability + +# provides UDP syslog reception +#$ModLoad imudp +#$UDPServerRun 514 + +# provides TCP syslog reception +#$ModLoad imtcp +#$InputTCPServerRun 514 + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +set $.PLATFORM=getenv("PLATFORM"); +set $.CONTAINER_NAME=getenv("CONTAINER_NAME"); + +if ($.PLATFORM == "x86_64-mlnx_msn2700-r0" or $.PLATFORM == "x86_64-mlnx_msn2700a1-r0" or $.PLATFORM == "x86_64-mlnx_msn2410-r0") then { + +# This rsyslog configuration is intended to resolve the following error message that only appears on the MSN2700 and MSN2410 platforms: +# "ERR pmon#sensord: Error getting sensor data: dps460/#10: Can't read" +# This error is because of firmware issue with some type of PSU, we are not able to upgrade the FW online. +# Since there is no functional impact, this error log can be ignored safely. +if $programname contains "sensord" and $msg contains "Error getting sensor data: dps460/#" then stop + +} + +# Set remote syslog server +template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%") +*.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer") + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# Define a custom template +$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n" +$ActionFileDefaultTemplate SONiCFileFormat + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# +# Where to place spool and state files +# +$WorkDirectory /var/spool/rsyslog + +# +# Include all config files in /etc/rsyslog.d/ +# +$IncludeConfig /etc/rsyslog.d/*.conf + +# +# Suppress duplicate messages and report "message repeated n times" +# +$RepeatedMsgReduction on + +############### +#### RULES #### +############### \ No newline at end of file diff --git a/files/build_templates/docker_image_ctl.j2 b/files/build_templates/docker_image_ctl.j2 index 8eabcf08d824..146f697cff34 100644 --- a/files/build_templates/docker_image_ctl.j2 +++ b/files/build_templates/docker_image_ctl.j2 @@ -34,27 +34,16 @@ function updateSyslogConf() # Also update the container name if [[ ($NUM_ASIC -gt 1) ]]; then TARGET_IP=$(docker network inspect bridge --format={{ "'{{(index .IPAM.Config 0).Gateway}}'" }}) - else - if [ "$CONTAINER_EXISTS" = "yes" ]; then - # database configuration has been synced to /etc/rsyslog.conf - # no need generate it to save boot time - return - fi - TARGET_IP="127.0.0.1" - fi - CONTAINER_NAME="$DOCKERNAME" - TMP_FILE="/tmp/rsyslog.$CONTAINER_NAME.conf" - {%- if docker_container_name == "database" %} - python -c "import jinja2, os; paths=['/usr/share/sonic/templates']; loader = jinja2.FileSystemLoader(paths); env = jinja2.Environment(loader=loader, trim_blocks=True); template_file='/usr/share/sonic/templates/rsyslog-container.conf.j2'; template = env.get_template(os.path.basename(template_file)); data=template.render({\"target_ip\":\"$TARGET_IP\",\"container_name\":\"$CONTAINER_NAME\"}); print(data)" > $TMP_FILE - {%- else %} - sonic-cfggen -d -t /usr/share/sonic/templates/rsyslog-container.conf.j2 -a "{\"target_ip\": \"$TARGET_IP\", \"container_name\": \"$CONTAINER_NAME\", \"platform\": \"$PLATFORM\" }" > $TMP_FILE - if [ $? -ne 0 ]; then - echo "Error: Execute sonic-cfggen -d failed. Execute without '-d'." - sonic-cfggen -t /usr/share/sonic/templates/rsyslog-container.conf.j2 -a "{\"target_ip\": \"$TARGET_IP\", \"container_name\": \"$CONTAINER_NAME\", \"platform\": \"$PLATFORM\" }" > $TMP_FILE + CONTAINER_NAME="$DOCKERNAME" + TMP_FILE="/tmp/rsyslog.$CONTAINER_NAME.conf" + {%- if docker_container_name == "database" %} + python -c "import jinja2, os; paths=['/usr/share/sonic/templates']; loader = jinja2.FileSystemLoader(paths); env = jinja2.Environment(loader=loader, trim_blocks=True); template_file='/usr/share/sonic/templates/rsyslog-container.conf.j2'; template = env.get_template(os.path.basename(template_file)); data=template.render({\"target_ip\":\"$TARGET_IP\",\"container_name\":\"$CONTAINER_NAME\"}); print(data)" > $TMP_FILE + {%- else %} + sonic-cfggen -t /usr/share/sonic/templates/rsyslog-container.conf.j2 -a "{\"target_ip\": \"$TARGET_IP\", \"container_name\": \"$CONTAINER_NAME\" }" > $TMP_FILE + {%- endif %} + docker cp $TMP_FILE ${DOCKERNAME}:/etc/rsyslog.conf + rm -rf $TMP_FILE fi - {%- endif %} - docker cp $TMP_FILE ${DOCKERNAME}:/etc/rsyslog.conf - rm -rf $TMP_FILE } function ebtables_config() { @@ -326,13 +315,18 @@ start() { # Obtain our platform as we will mount directories with these names in each docker PLATFORM=${PLATFORM:-`$SONIC_CFGGEN -H -v DEVICE_METADATA.localhost.platform`} - # Parse the device specific asic conf file, if it exists ASIC_CONF=/usr/share/sonic/device/$PLATFORM/asic.conf if [ -f "$ASIC_CONF" ]; then source $ASIC_CONF fi + # Default rsyslog target IP for single ASIC platform + SYSLOG_TARGET_IP=127.0.0.1 + if [[ ($NUM_ASIC -gt 1) ]]; then + SYSLOG_TARGET_IP=$(docker network inspect bridge --format={{ "'{{(index .IPAM.Config 0).Gateway}}'" }}) + fi + PLATFORM_ENV_CONF=/usr/share/sonic/device/$PLATFORM/platform_env.conf if [ -f "$PLATFORM_ENV_CONF" ]; then source $PLATFORM_ENV_CONF @@ -632,6 +626,8 @@ start() { --env "NAMESPACE_PREFIX"="$NAMESPACE_PREFIX" \ --env "NAMESPACE_COUNT"=$NUM_ASIC \ --env "CONTAINER_NAME"=$DOCKERNAME \ + --env "SYSLOG_TARGET_IP"=$SYSLOG_TARGET_IP \ + --env "PLATFORM"=$PLATFORM \ --name=$DOCKERNAME \ {%- if docker_container_name == "gbsyncd" %} -v /var/run/docker-syncd$DEV:/var/run/sswsyncd \ diff --git a/files/build_templates/sonic_debian_extension.j2 b/files/build_templates/sonic_debian_extension.j2 index 748a1bf9e65e..3b4b1f28c7bc 100644 --- a/files/build_templates/sonic_debian_extension.j2 +++ b/files/build_templates/sonic_debian_extension.j2 @@ -391,6 +391,9 @@ sudo cp $IMAGE_CONFIGS/rsyslog/rsyslog-container.conf.j2 $FILESYSTEM_ROOT_USR_SH sudo cp $IMAGE_CONFIGS/rsyslog/rsyslog.d/* $FILESYSTEM_ROOT/etc/rsyslog.d/ echo "rsyslog-config.service" | sudo tee -a $GENERATED_SERVICE_FILE +# Copy containercfgd configuration files +sudo cp $IMAGE_CONFIGS/containercfgd/containercfgd.conf $FILESYSTEM_ROOT_USR_SHARE_SONIC_TEMPLATES/ + # Copy syslog override files sudo mkdir -p $FILESYSTEM_ROOT/etc/systemd/system/syslog.socket.d sudo cp $IMAGE_CONFIGS/syslog/override.conf $FILESYSTEM_ROOT/etc/systemd/system/syslog.socket.d/override.conf diff --git a/dockers/docker-base-bullseye/etc/supervisor/containercfgd.conf b/files/image_config/containercfgd/containercfgd.conf similarity index 100% rename from dockers/docker-base-bullseye/etc/supervisor/containercfgd.conf rename to files/image_config/containercfgd/containercfgd.conf diff --git a/files/image_config/rsyslog/rsyslog-container.conf.j2 b/files/image_config/rsyslog/rsyslog-container.conf.j2 index bb786eacd4ec..04dc3f8a17ec 100644 --- a/files/image_config/rsyslog/rsyslog-container.conf.j2 +++ b/files/image_config/rsyslog/rsyslog-container.conf.j2 @@ -52,21 +52,26 @@ $SystemLogRateLimitBurst 20000 ########################### #### GLOBAL DIRECTIVES #### ########################### + +set $.PLATFORM=getenv("PLATFORM"); +set $.CONTAINER_NAME=getenv("CONTAINER_NAME"); + {% if container_name == 'pmon' %} -{% if platform == 'x86_64-mlnx_msn2700-r0' or platform == 'x86_64-mlnx_msn2700a1-r0' %} # This rsyslog configuration is intended to resolve the following error message that only appears on the MSN2700 platform: # "ERR pmon#sensord: Error getting sensor data: dps460/#10: Can't read" # This error is because of firmware issue with some type of PSU, we are not able to upgrade the FW online. # Since there is no functional impact, this error log can be ignored safely. -if $programname contains "sensord" and $msg contains "Error getting sensor data: dps460/#" then stop +if ($.PLATFORM == "x86_64-mlnx_msn2700-r0" or $.PLATFORM == "x86_64-mlnx_msn2700a1-r0" or $.PLATFORM == "x86_64-mlnx_msn2410-r0") then { + if $programname contains "sensord" and $msg contains "Error getting sensor data: dps460/#" then stop +} {% endif %} -{% endif %} + # Set remote syslog server -template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% {{container_name}}#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%") -*.* action(type="omfwd" target="{{target_ip}}" port="514" protocol="udp" Template="ForwardFormatInContainer") +template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%") +*.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer") # # Use traditional timestamp format. @@ -75,7 +80,7 @@ template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAM #$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat # Define a custom template -$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% {{container_name}}#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n" +$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n" $ActionFileDefaultTemplate SONiCFileFormat # diff --git a/src/sonic-containercfgd/containercfgd/containercfgd.py b/src/sonic-containercfgd/containercfgd/containercfgd.py index 4eda8a6d8b40..f604034fc3d7 100644 --- a/src/sonic-containercfgd/containercfgd/containercfgd.py +++ b/src/sonic-containercfgd/containercfgd/containercfgd.py @@ -1,3 +1,6 @@ +from swsscommon.swsscommon import RestartWaiter +RestartWaiter.waitAdvancedBootDone() + import os import re import signal @@ -5,7 +8,7 @@ import sys from sonic_py_common import daemon_base, logger -from swsscommon.swsscommon import ConfigDBConnector, RestartWaiter +from swsscommon.swsscommon import ConfigDBConnector SYSLOG_IDENTIFIER = "containercfgd" logger = logger.Logger(SYSLOG_IDENTIFIER) @@ -101,10 +104,9 @@ class SyslogHandler: # Regular expressions to extract value from rsyslog.conf INTERVAL_PATTERN = '.*SystemLogRateLimitInterval\s+(\d+).*' BURST_PATTERN = '.*SystemLogRateLimitBurst\s+(\d+).*' - TARGET_IP_PATTERN = '.*target="(.*?)".*' def __init__(self): - self.current_interval, self.current_burst, self.target_ip = self.parse_syslog_conf() + self.current_interval, self.current_burst = self.parse_syslog_conf() def handle_config(self, table, key, data): """Handle CONFIG DB change. Callback by ConfigDBConnector. @@ -149,7 +151,7 @@ def update_syslog_config(self, data): if os.path.exists(self.TMP_SYSLOG_CONF_PATH): os.remove(self.TMP_SYSLOG_CONF_PATH) with open(self.TMP_SYSLOG_CONF_PATH, 'w+') as f: - json_args = f'{{"target_ip": "{self.target_ip}", "container_name": "{container_name}" }}' + json_args = f'{{"container_name": "{container_name}" }}' output = run_command(['sonic-cfggen', '-d', '-t', '/usr/share/sonic/templates/rsyslog-container.conf.j2', '-a', json_args]) f.write(output) run_command(['cp', self.TMP_SYSLOG_CONF_PATH, self.SYSLOG_CONF_PATH]) @@ -161,11 +163,10 @@ def parse_syslog_conf(self): """Passe existing syslog conf and extract config values Returns: - tuple: interval,burst,target_ip + tuple: interval,burst """ interval = '0' burst = '0' - target_ip = None with open(self.SYSLOG_CONF_PATH, 'r') as f: content = f.read() @@ -179,15 +180,10 @@ def parse_syslog_conf(self): burst = match.group(1) break - pattern = re.compile(self.TARGET_IP_PATTERN) - for match in pattern.finditer(content): - target_ip = match.group(1) - break - return interval, burst, target_ip + return interval, burst def main(): - RestartWaiter.waitAdvancedBootDone() global container_name container_name = os.environ['CONTAINER_NAME'] daemon = ContainerConfigDaemon() diff --git a/src/sonic-containercfgd/tests/test_config_daemon.py b/src/sonic-containercfgd/tests/test_config_daemon.py index 3604a32ab2d8..05014d397306 100644 --- a/src/sonic-containercfgd/tests/test_config_daemon.py +++ b/src/sonic-containercfgd/tests/test_config_daemon.py @@ -2,6 +2,9 @@ import sys from unittest import mock +from swsscommon import swsscommon +swsscommon.RestartWaiter = mock.MagicMock() + test_path = os.path.dirname(os.path.abspath(__file__)) modules_path = os.path.dirname(test_path) sys.path.insert(0, modules_path) diff --git a/src/sonic-containercfgd/tests/test_syslog_config.py b/src/sonic-containercfgd/tests/test_syslog_config.py index 23e5887b9d26..a823d9f9aea6 100644 --- a/src/sonic-containercfgd/tests/test_syslog_config.py +++ b/src/sonic-containercfgd/tests/test_syslog_config.py @@ -2,6 +2,9 @@ import sys from unittest import mock +from swsscommon import swsscommon +swsscommon.RestartWaiter = mock.MagicMock() + test_path = os.path.dirname(os.path.abspath(__file__)) modules_path = os.path.dirname(test_path) sys.path.insert(0, modules_path) @@ -49,7 +52,7 @@ def test_handle_init_data(): @mock.patch('containercfgd.containercfgd.run_command') -@mock.patch('containercfgd.containercfgd.SyslogHandler.parse_syslog_conf', mock.MagicMock(return_value=('100', '200', '127.0.0.1'))) +@mock.patch('containercfgd.containercfgd.SyslogHandler.parse_syslog_conf', mock.MagicMock(return_value=('100', '200'))) def test_update_syslog_config(mock_run_cmd): mock_run_cmd.return_value = "" handler = containercfgd.SyslogHandler() @@ -69,13 +72,11 @@ def test_update_syslog_config(mock_run_cmd): def test_parse_syslog_conf(): handler = containercfgd.SyslogHandler() handler.SYSLOG_CONF_PATH = os.path.join(test_path, 'mock_rsyslog.conf') - interval, burst, target_ip = handler.parse_syslog_conf() + interval, burst = handler.parse_syslog_conf() assert interval == '50' assert burst == '10002' - assert target_ip == '127.0.0.1' handler.SYSLOG_CONF_PATH = os.path.join(test_path, 'mock_empty_rsyslog.conf') - interval, burst, target_ip = handler.parse_syslog_conf() + interval, burst = handler.parse_syslog_conf() assert interval == '0' assert burst == '0' - assert target_ip is None