From 6a4d512650901b0900b0805fc68bd349c47e39cb Mon Sep 17 00:00:00 2001 From: Arvindsrinivasan Lakshmi Narasimhan Date: Tue, 16 Jun 2020 08:05:45 -0700 Subject: [PATCH 01/29] Changes to support bcmsh and swss logs on multi npu platforms Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan --- files/build_templates/docker_image_ctl.j2 | 8 ++++++++ platform/broadcom/docker-syncd-brcm.mk | 2 +- rules/docker-orchagent.mk | 2 +- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/files/build_templates/docker_image_ctl.j2 b/files/build_templates/docker_image_ctl.j2 index 90a234c009eb..d180aee4fa5c 100644 --- a/files/build_templates/docker_image_ctl.j2 +++ b/files/build_templates/docker_image_ctl.j2 @@ -282,6 +282,14 @@ start() { --tmpfs /tmp \ {%- endif %} {%- endif %} +{%- if sonic_asic_platform == "broadcom" %} +{%- if docker_container_name == "syncd" %} + -v /var/run/docker-syncd$DEV:/var/run/sswsyncd \ +{%- endif %} +{%- endif %} +{% -if docker_container_name == "swss" %} + -v /var/log/swss$DEV:/var/log/swss:rw \ +{% -endif %} {%- if docker_container_name == "bgp" %} -v /etc/sonic/frr/$DEV:/etc/frr:rw \ {%- endif %} diff --git a/platform/broadcom/docker-syncd-brcm.mk b/platform/broadcom/docker-syncd-brcm.mk index d3a6d67c5cbc..b9849f724a91 100644 --- a/platform/broadcom/docker-syncd-brcm.mk +++ b/platform/broadcom/docker-syncd-brcm.mk @@ -12,7 +12,7 @@ $(DOCKER_SYNCD_BASE)_DBG_DEPENDS += $(SYNCD_DBG) \ $(LIBSAIREDIS_DBG) $(DOCKER_SYNCD_BASE)_RUN_OPT += -v /host/warmboot:/var/warmboot -$(DOCKER_SYNCD_BASE)_RUN_OPT += -v /var/run/docker-syncd:/var/run/sswsyncd + $(DOCKER_SYNCD_BASE)_BASE_IMAGE_FILES += bcmcmd:/usr/bin/bcmcmd $(DOCKER_SYNCD_BASE)_BASE_IMAGE_FILES += bcmsh:/usr/bin/bcmsh diff --git a/rules/docker-orchagent.mk b/rules/docker-orchagent.mk index bab1a3a29920..52201ac74fb0 100644 --- a/rules/docker-orchagent.mk +++ b/rules/docker-orchagent.mk @@ -31,7 +31,7 @@ $(DOCKER_ORCHAGENT)_RUN_OPT += -v /etc/network/interfaces:/etc/network/interface $(DOCKER_ORCHAGENT)_RUN_OPT += -v /etc/network/interfaces.d/:/etc/network/interfaces.d/:ro $(DOCKER_ORCHAGENT)_RUN_OPT += -v /host/machine.conf:/host/machine.conf:ro $(DOCKER_ORCHAGENT)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro -$(DOCKER_ORCHAGENT)_RUN_OPT += -v /var/log/swss:/var/log/swss:rw + $(DOCKER_ORCHAGENT)_BASE_IMAGE_FILES += swssloglevel:/usr/bin/swssloglevel $(DOCKER_ORCHAGENT)_BASE_IMAGE_FILES += monit_swss:/etc/monit/conf.d From ea3607fbb89f30b31904315e00ad8098e336923e Mon Sep 17 00:00:00 2001 From: Arvindsrinivasan Lakshmi Narasimhan Date: Tue, 16 Jun 2020 15:17:47 -0700 Subject: [PATCH 02/29] minor fix Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan --- files/build_templates/docker_image_ctl.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/files/build_templates/docker_image_ctl.j2 b/files/build_templates/docker_image_ctl.j2 index d180aee4fa5c..8d62fb9c0370 100644 --- a/files/build_templates/docker_image_ctl.j2 +++ b/files/build_templates/docker_image_ctl.j2 @@ -287,9 +287,9 @@ start() { -v /var/run/docker-syncd$DEV:/var/run/sswsyncd \ {%- endif %} {%- endif %} -{% -if docker_container_name == "swss" %} +{%- if docker_container_name == "swss" %} -v /var/log/swss$DEV:/var/log/swss:rw \ -{% -endif %} +{%- endif %} {%- if docker_container_name == "bgp" %} -v /etc/sonic/frr/$DEV:/etc/frr:rw \ {%- endif %} From 8db1174f576a69f11e5be5ec1ee6c18bcbe47376 Mon Sep 17 00:00:00 2001 From: Arvindsrinivasan Lakshmi Narasimhan Date: Tue, 16 Jun 2020 17:02:25 -0700 Subject: [PATCH 03/29] minor fix and bcmsh changes Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan --- platform/broadcom/docker-syncd-brcm.mk | 1 - .../docker-syncd-brcm/base_image_files/bcmcmd | 28 ++++++++++++++++++- .../docker-syncd-brcm/base_image_files/bcmsh | 27 +++++++++++++++++- 3 files changed, 53 insertions(+), 3 deletions(-) diff --git a/platform/broadcom/docker-syncd-brcm.mk b/platform/broadcom/docker-syncd-brcm.mk index b9849f724a91..4150658f33e0 100644 --- a/platform/broadcom/docker-syncd-brcm.mk +++ b/platform/broadcom/docker-syncd-brcm.mk @@ -13,7 +13,6 @@ $(DOCKER_SYNCD_BASE)_DBG_DEPENDS += $(SYNCD_DBG) \ $(DOCKER_SYNCD_BASE)_RUN_OPT += -v /host/warmboot:/var/warmboot - $(DOCKER_SYNCD_BASE)_BASE_IMAGE_FILES += bcmcmd:/usr/bin/bcmcmd $(DOCKER_SYNCD_BASE)_BASE_IMAGE_FILES += bcmsh:/usr/bin/bcmsh $(DOCKER_SYNCD_BASE)_BASE_IMAGE_FILES += monit_syncd:/etc/monit/conf.d diff --git a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd index 7903db6ed6a3..2899510f9e46 100755 --- a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd +++ b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd @@ -1,3 +1,29 @@ #!/bin/bash +function print_error() { + echo "No such container $NS" + echo "usage bcmcmd " + exit +} +PLATFORM=`sonic-cfggen -H -v DEVICE_METADATA.localhost.platform` + +# Parse the device specific asic conf file, if it exists +ASIC_CONF=/usr/share/sonic/device/$PLATFORM/asic.conf +if [ -f "$ASIC_CONF" ]; then + source $ASIC_CONF +fi +NS_PREFIX="syncd" +if [[ ($NUM_ASIC -gt 1) ]]; then + NS=$1 + shift + if [[ $NS == $NS_PREFIX* ]]; then + DEV=${NS#"$NS_PREFIX"} + if [ "$DEV" -ge $NUM_ASIC ] && [ "$DEV" -lt 0 ]; then + print_error + fi + else + print_error + fi +fi + +docker exec -i syncd$DEV bcmcmd "$@" -docker exec -i syncd bcmcmd "$@" diff --git a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh index 3bb78b0da796..9f0cb3d58ab1 100755 --- a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh +++ b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh @@ -1,3 +1,28 @@ #!/bin/bash +function print_error() { + echo "No such container $NS" + echo "usage bcmsh " + exit +} +PLATFORM=`sonic-cfggen -H -v DEVICE_METADATA.localhost.platform` -docker exec -it syncd bcmsh "$@" +# Parse the device specific asic conf file, if it exists +ASIC_CONF=/usr/share/sonic/device/$PLATFORM/asic.conf +if [ -f "$ASIC_CONF" ]; then + source $ASIC_CONF +fi +NS_PREFIX="syncd" +if [[ ($NUM_ASIC -gt 1) ]]; then + NS=$1 + shift + if [[ $NS == $NS_PREFIX* ]]; then + DEV=${NS#"$NS_PREFIX"} + if [ "$DEV" -ge $NUM_ASIC ] && [ "$DEV" -lt 0 ]; then + print_error + fi + else + print_error + fi +fi + +docker exec -it syncd bcmsh$DEV "$@" From c660fc9a6d8f190fb816bc02d3d09813e75ea5dc Mon Sep 17 00:00:00 2001 From: Arvindsrinivasan Lakshmi Narasimhan Date: Tue, 16 Jun 2020 17:33:35 -0700 Subject: [PATCH 04/29] minor fixes Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan --- platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd | 2 +- platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh | 4 ++-- rules/docker-orchagent.mk | 1 - 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd index 2899510f9e46..2e64cdd63834 100755 --- a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd +++ b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd @@ -17,7 +17,7 @@ if [[ ($NUM_ASIC -gt 1) ]]; then shift if [[ $NS == $NS_PREFIX* ]]; then DEV=${NS#"$NS_PREFIX"} - if [ "$DEV" -ge $NUM_ASIC ] && [ "$DEV" -lt 0 ]; then + if [ "$DEV" -ge $NUM_ASIC ] || [ "$DEV" -lt 0 ]; then print_error fi else diff --git a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh index 9f0cb3d58ab1..e2d705ada9fa 100755 --- a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh +++ b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh @@ -17,7 +17,7 @@ if [[ ($NUM_ASIC -gt 1) ]]; then shift if [[ $NS == $NS_PREFIX* ]]; then DEV=${NS#"$NS_PREFIX"} - if [ "$DEV" -ge $NUM_ASIC ] && [ "$DEV" -lt 0 ]; then + if [ "$DEV" -ge $NUM_ASIC ] || [ "$DEV" -lt 0 ]; then print_error fi else @@ -25,4 +25,4 @@ if [[ ($NUM_ASIC -gt 1) ]]; then fi fi -docker exec -it syncd bcmsh$DEV "$@" +docker exec -it syncd$DEV bcmsh "$@" diff --git a/rules/docker-orchagent.mk b/rules/docker-orchagent.mk index 52201ac74fb0..7fc062280bdb 100644 --- a/rules/docker-orchagent.mk +++ b/rules/docker-orchagent.mk @@ -32,7 +32,6 @@ $(DOCKER_ORCHAGENT)_RUN_OPT += -v /etc/network/interfaces.d/:/etc/network/interf $(DOCKER_ORCHAGENT)_RUN_OPT += -v /host/machine.conf:/host/machine.conf:ro $(DOCKER_ORCHAGENT)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro - $(DOCKER_ORCHAGENT)_BASE_IMAGE_FILES += swssloglevel:/usr/bin/swssloglevel $(DOCKER_ORCHAGENT)_BASE_IMAGE_FILES += monit_swss:/etc/monit/conf.d $(DOCKER_ORCHAGENT)_FILES += $(ARP_UPDATE_SCRIPT) $(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT) From 5f16e9622f938b64a98e6bb1c2882742ab854821 Mon Sep 17 00:00:00 2001 From: xumia <59720581+xumia@users.noreply.github.com> Date: Tue, 30 Jun 2020 06:01:20 +0800 Subject: [PATCH 05/29] Add the test signing certificates for secure boot (#4866) * Add the test signing certificates for secure boot * Remove unnecessary ca key file * Regenerate the certificates to not expose the ca key --- build_image.sh | 10 +++- .../secureboot/test-certs/ca.cert | 32 ++++++++++++ .../secureboot/test-certs/signing.cert | 30 +++++++++++ .../secureboot/test-certs/signing.key | 51 +++++++++++++++++++ 4 files changed, 122 insertions(+), 1 deletion(-) create mode 100644 files/image_config/secureboot/test-certs/ca.cert create mode 100644 files/image_config/secureboot/test-certs/signing.cert create mode 100644 files/image_config/secureboot/test-certs/signing.key diff --git a/build_image.sh b/build_image.sh index 4fd9f7315a25..2cd3d98fb82f 100755 --- a/build_image.sh +++ b/build_image.sh @@ -150,7 +150,15 @@ elif [ "$IMAGE_TYPE" = "aboot" ]; then if [ "$SONIC_ENABLE_IMAGE_SIGNATURE" = "y" ]; then TARGET_CA_CERT="$TARGET_PATH/ca.cert" rm -f "$TARGET_CA_CERT" - [ -f "$CA_CERT" ] && cp "$CA_CERT" "$TARGET_CA_CERT" + + # If the ca certificate does not exist, the test certificate will be used to sign the image + if [ ! -f "$CA_CERT" ]; then + TEST_CERT_PATH=files/image_config/secureboot/test-certs + CA_CERT="${TEST_CERT_PATH}/ca.cert" + SIGNING_KEY="${TEST_CERT_PATH}/signing.key" + SIGNING_CERT="${TEST_CERT_PATH}/signing.cert" + fi + cp "$CA_CERT" "$TARGET_CA_CERT" ./scripts/sign_image.sh -i "$OUTPUT_ABOOT_IMAGE" -k "$SIGNING_KEY" -c "$SIGNING_CERT" -a "$TARGET_CA_CERT" fi else diff --git a/files/image_config/secureboot/test-certs/ca.cert b/files/image_config/secureboot/test-certs/ca.cert new file mode 100644 index 000000000000..9cf0586edd61 --- /dev/null +++ b/files/image_config/secureboot/test-certs/ca.cert @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFdTCCA12gAwIBAgIUL2kglpzjw8n7sLr41bLDrLU8CcswDQYJKoZIhvcNAQEL +BQAwSTELMAkGA1UEBhMCVVMxDTALBgNVBAgMBFRlc3QxDTALBgNVBAcMBFRlc3Qx +DTALBgNVBAoMBFRlc3QxDTALBgNVBAMMBFRlc3QwIBcNMjAwNjI5MDYyNzE4WhgP +MjEyMDA2MDUwNjI3MThaMEkxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARUZXN0MQ0w +CwYDVQQHDARUZXN0MQ0wCwYDVQQKDARUZXN0MQ0wCwYDVQQDDARUZXN0MIICIjAN +BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA32NtDS/zojvq37VlzMQYUXY58OWZ +hrgGnuq5j5bUWZlRGxjiRyRjYgeTC+gCFsT0u3Mgat1Kwo1rsOLCf62KArOUssMR +xGWEdubvYlIInC4RyuTq0a7lLxQH1q+mwHPpJHQ3Iv7Vj8cwmtwM/uAru6uOy+YN +Dl3Y+VCtbJ/3OB5u4W7toAmfPfoO/JNOxYQAYMNqMwFfK7MMh8HPjm5hQ9j+K+Df +yAlePFgnp8v4o3SdYzzW7rkV+q7ZfGM4VlPnNHgS2wcbI5NoFgpe86k3JSF6aFSh +p+fEQss/Kz2JXrfvR7TbpS/HpeoPRvUF7kSgCVfaMPdoOOwGtVkmIPlTN1y5xpyu +LH/v62TmNp3NOlbQ4oxgIrYfaYDXTByuFSlXft6VcJg7bJvGL8J1QqU7A040jSPn +45GaLm9nJpl//ik/MjU+qau8O7lvmz/2OjIwEDElAYTDnLoYYDeax9vJjcEni5/s +xi/fc7IyHtOgOpb5+bLumvvBy7qCM0sRuFliXAAFzwK1zn1WxwUMBuMjZjioCNPW +zfJ9jrmbBB2KJk/hyJ6mAVSE/tTL2vJsgjB3RabfS5ECr/ZXZXbNb3FUiFea5oUe +XKkzC6oUGfUb63ZwQ1oSX1q4ECt/OecAmujL3ATLILrptko3FgURjwYUTtPn5DyL +gYnc6CvZ3Tl70DECAwEAAaNTMFEwHQYDVR0OBBYEFFSMKiWUTzg7rggKQ95BbgCR +ZCxeMB8GA1UdIwQYMBaAFFSMKiWUTzg7rggKQ95BbgCRZCxeMA8GA1UdEwEB/wQF +MAMBAf8wDQYJKoZIhvcNAQELBQADggIBAI3N1xeBqtSy5/aOBPM3MG6WTfWaIwA2 +G7axvE9HLmOZ2jbNaV/is5ZTclgVocdYmg77MhhIzK7smPehUpimAntsk94E/zFA +K9sol4tPzWi+aVzf0fvEkOk+4WdPUMWkgyqFoiZ4n+ARJdN6Ef0Dcoue3DFbYu+M +94yOUD1KSXMDhknIwTCAtnCMDiFCv2f++LYOPs71ttJWnBGGtdYEibsAkFI9gOQ6 +ianw12D5ZWaF88jQt83B+gxw2QYRfpvW7enD1N7+kBfZV9BXa9IjVQ4kxi/DkEFM +ib1WR8zCmhb3wRkD0PVI6OE7XLjCjvGIhdsd3r+qHlHyzHJAJuuGxrLoenAe7T/P +eJ52mNtKGwASd/mShQpM+EbkGKnxKAp3ZJRMemeMboFk6WnPRZ7VYddHeXN57aGl +Yfg43cYfGACOHNfbs2X7zzNuqxpj1oLpDOHBD8UnYhGNWqfHAzmEDkxrReE/uO9R ++7NP3FFFx908OS7vgBSaUsYA9WX1VsJsyZjC/njHIPwZvKBRTvyTYfskSey1JA/O +YMp7NTL+LxSthab3Zgpe7ziYe+lQ/PkTBpy2UB0ntnUj2AER75VH3S8TBdIzlzCp +45+/TXbLOm+PO6iCIh/gHviCy5ua+txgZeG+/1sGrlYT0Je04e/HpVA7+aRzZF4+ +yxGRZsO7Ztjz +-----END CERTIFICATE----- diff --git a/files/image_config/secureboot/test-certs/signing.cert b/files/image_config/secureboot/test-certs/signing.cert new file mode 100644 index 000000000000..91b544cc5eb8 --- /dev/null +++ b/files/image_config/secureboot/test-certs/signing.cert @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFGzCCAwMCFEzTPYLASoyMuK7LFp0mFz/fWFKYMA0GCSqGSIb3DQEBCwUAMEkx +CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARUZXN0MQ0wCwYDVQQHDARUZXN0MQ0wCwYD +VQQKDARUZXN0MQ0wCwYDVQQDDARUZXN0MCAXDTIwMDYyOTA2MjcxOVoYDzIwNzAw +NjE3MDYyNzE5WjBJMQswCQYDVQQGEwJVUzENMAsGA1UECAwEVGVzdDENMAsGA1UE +BwwEVGVzdDENMAsGA1UECgwEVGVzdDENMAsGA1UEAwwEVGVzdDCCAiIwDQYJKoZI +hvcNAQEBBQADggIPADCCAgoCggIBAMl+lKW0Kjdy2xpXIrIr+0DZ+hWACR1Lp2By +5ovSqHXrpndPJrP/rtPwC0wOIry8iEHPrUc9oez+G9q+hMGcQR+O9un55huWoqlg +/KoCDuyP7QtraBzwQmihrnEtsWyF9KKFnEHTRgkMNqH+JKBWQQmfBouMq7QmZ0oL +IQ2zIt/3fJzBTr70WH3xIhrIujjAoy10dAxsg4CA49KREpj72lrb1IAEdFj57HCm +MYGA85qq6M+Qz97Zd9F4IoNrTg+7WLMRBRJEnsC20rfKQdEDIBPuwAMCC6j1Q9Jc +HIKu4StCVo693lCjPV4RhhiHd1Y1+TezX7UM7Wt2XEM/Z0gMZ2Z42p8ByfsxFtVO +QdsWoyrA79n6VlU0237AwgyAYdTopU5alErTrYwhwbcZNLb0mpLijGnf0jwWr4uu +7nbgozKVAMrpJZufPYhG5dG6lBOODcMpbkDfHi9yPcoGIbZYV41IGJhLaYejecry +B56vgd2jGU7bnIB3Mth3t+Vsx1y67EW/8IopmGwL2MyTV4Z5Hq59wnR53Z1hQLB6 +twTgPJjo+n39YTt/I6pkYzV0ptpJb6BS8NTvADoYw5TQy3mW/HR0LayRwkzB+8Ii +GDwC6k+IXcmHjeyov0OXeieFXwZMDPlc0yoCzZ1sywQNG8EDOSisu9R/zMW8sJjD +b+lItF9jAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAJqb9dChpXaOCdHKtcKbTgkm +Sf2HRN8lA7gszDQMXvenog+YinFO72bNzrRcmA2zYcpwutBLLBqZ6BccuSKc6F4Z +6Hv609mBTEWL64VqeQlsqADGS1+gzQGQm2AoFqNGdqCzx2EfoyXKIbmg4bik0INF +jQN0YsXsULMa4DSV/Cif3H3++e7kEa1/JxoqndTasrP9/YFJup3+90F1Q3ib0wql +W4kUVKpFxx0Qyi/zn8vrDsM2NfOur9rD7k9gv8GaN8PshPIGj0rzrIGf8QebugJ3 +0NsOaqLsR4+8KGGjT6ckcNDun1ajrRfMyKoNtxdI8l8zl80mQQtsbvIO5hmhUMy9 +AW+8QzBzgc/TJAAHlElxOYHwypcsNGbkIVczUy48gp4DhQtfs1q8HqzTwHtK+HTN +JzeQJtDnpAJARiCXr67+QTwAVszefqVK8N2UntuTzOhhs8PdP1jVv5g6gQpFfgI8 +IyniS46+mTO+FXYCkk2Ner2Jr6p3r2pMAQPSr28TEr75H2gUVufYSBUgrVDwPlio +SEk6Iccg/2KgWXPCj2/LmGcJZqCc8Z8L8CbT1z+5plpp+WcMVRxgbH/FHSQBkMsw +P2SSOVjJEkSYV5I6bYA97BBFpjovZS+7k6NmW1Lj1n33awdMrm1UXQRDTSKXOzVu +U/rAEWO3JyUeTNCL37Ec +-----END CERTIFICATE----- diff --git a/files/image_config/secureboot/test-certs/signing.key b/files/image_config/secureboot/test-certs/signing.key new file mode 100644 index 000000000000..9c16e80641b7 --- /dev/null +++ b/files/image_config/secureboot/test-certs/signing.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAyX6UpbQqN3LbGlcisiv7QNn6FYAJHUunYHLmi9Kodeumd08m +s/+u0/ALTA4ivLyIQc+tRz2h7P4b2r6EwZxBH4726fnmG5aiqWD8qgIO7I/tC2to +HPBCaKGucS2xbIX0ooWcQdNGCQw2of4koFZBCZ8Gi4yrtCZnSgshDbMi3/d8nMFO +vvRYffEiGsi6OMCjLXR0DGyDgIDj0pESmPvaWtvUgAR0WPnscKYxgYDzmqroz5DP +3tl30Xgig2tOD7tYsxEFEkSewLbSt8pB0QMgE+7AAwILqPVD0lwcgq7hK0JWjr3e +UKM9XhGGGId3VjX5N7NftQzta3ZcQz9nSAxnZnjanwHJ+zEW1U5B2xajKsDv2fpW +VTTbfsDCDIBh1OilTlqUStOtjCHBtxk0tvSakuKMad/SPBavi67uduCjMpUAyukl +m589iEbl0bqUE44NwyluQN8eL3I9ygYhtlhXjUgYmEtph6N5yvIHnq+B3aMZTtuc +gHcy2He35WzHXLrsRb/wiimYbAvYzJNXhnkern3CdHndnWFAsHq3BOA8mOj6ff1h +O38jqmRjNXSm2klvoFLw1O8AOhjDlNDLeZb8dHQtrJHCTMH7wiIYPALqT4hdyYeN +7Ki/Q5d6J4VfBkwM+VzTKgLNnWzLBA0bwQM5KKy71H/MxbywmMNv6Ui0X2MCAwEA +AQKCAgEAuMZ2hDpimHSgTlhnveItR3xdJMhEE3RkKkNT/hcRWwndnv2brWckKMCx +a25vFosBnPBYo8L2MgGZA5DA51dmNQ2CinAbP2N1CUSijzjR/MfDhjxZvmfpTlAu +SyWu1alF/J/v+kFHsVZc51LKvao7fBo0A1bdwpeREsp/5jNHIQGwaYOvtdcXK28s +akl21EJ7oVxwa1A7i2UnBtr4pggXZki/ZyIum8WcuHT/YxYgzs46LtZKeb8NbK7x +X3jQngacwaEy+FyrBGjjdZ1pm8V07jJ8LIX8sVUxe7/yeTjrziLIg5/ENkhsJ06E +nQvlOM7IGvdIJhyTwH9K/nQvP1f4nNP+3RQSc8ubP5QqGGnlryhOvvV7QG8Y+ZN4 +mV1FOoyqiZdxFs/6PxKJfmNDoma8oz3pGQ810OnxtCu2kcxT54WBJdKxcQFxSxjS +8YVRoakmU6noUTqw6BaG9QwQnbLytXckXQDQlxqGd4WbL1nlCxZF25SxRCX2/mHd +7BUpW6OfxL/pEOcUBV0HO/ELm51xWMaZyGfZPkQRpbnpGgfXojuOnxdfiUbqkHy/ +/dV98pfgT+qy4FXn/zeGLnh6Q/JPcCQp6QeyUbC9jHvrkVLwuA8ugg9ilGvMSX8Q +vmVNe9UjkNVywoeiB5/Dc5CzgmG9hdsf2r+5BZNG3GilwsCAArECggEBAOzNasRY +j6mB47FJsxJDW0I16dBugLcenFTO70UzLeTGgsREzba6/ItnsH9ZPRRxmQoKC5a6 +yK+63DZo9YCOit8lSxx6otUev4RpDhsmnrG7ILQzXb3BO2bqbP+Xm1CNWkaZxRSZ +HKLwXAvKp+YLMJ7qAZRe5+E4c5i+9NdJWAFMHcVTIUdnJ2bPC1lwhCqC9zeuMj+j +U7U0Rt9sgy9azExK4/O8pvcYFS8JCpw5Kot/c+5C6F91Zj437k8hoSZhVIJgsvTF +PnEE+pt84p9vcd1CHKWRbB4QU92JpniJk2ZjNC184niG5bPbfJJrQda0xFKwLD8G +HYgr7rrfz6mNWqkCggEBANnUYmouBTVmgjnjJkq+OaUuyHv0LvBXdr+4DhSIMe03 +mEenRBj4AA9J9XCg0WnzX21gvistO+rJ+lHCiQjaY18LCz1KpDKnnliTVrlXsa9Y +Zyd8yZou0oX29fsEwjS/o0lJv9T+RxAjMXMTaDvLeybUIioFKBEHqUxkiMFCFygY ++8UA/PGXZB5ysgOJ3W1JTcNCTixM15+ItsJRjnqGtfm77jvTyGHPuG4VlJfYQg2B +HfP7p19RSJhqzNPhPpioXs5DJj0nVvbSDC4/ukJV5GltI87csjup/naSgBzhXvfH +F/4CBQdKPCsQVv27je/OEGzzd6B2E4IoIz5ZPzzJHSsCggEAVCKD/bENkgdRU+tA +kYuXAAZRxbmNSAK7PrKrdqXBd5hEW+GqSXNUSV+U6RpWxk26N0PsbCh/J1i35ykR +mRSMKM6CSmMUOa6ME0qUNXdaSQGYlA3wD3x5U46VHZbLGyqt2YnG6ROhhg7qVVIy +p1xwcPXpi8LQlkfNYobuTROFDijyJurrVwhCipeji6qbetM/bOwadFveYPJq//T5 +Azk6fxzYsv/jPsWyuRx4RZtWD2xAT3Y8Q7Zdllue80Sakh1gvlYHH0p5bgR72gTc +LBOXnCpiLT1m8aOReJPwrsEKuwUiQ8ssV/Bt6qJgN1Geed+OJWbswZO1qG0bjA/7 +I13SyQKCAQAeLgbUnzupgmJYktgjUue5sxmj0tkOA5A4T8/jmFsSerlmdA5DR1j6 +xUx0JlPdUhLOnLC8WrAKf6Fm4oUJ7PgHmwgbndPSENcnfoJte3Dq0ly4Y9mquwH/ +/Y9nD+m4VTTSWp1xbSl7WuTnBLFUV4TghFOXbs92TJFwPB2WaQm8THnVeaWR81+z +uEBhrSA4nAdiHjWmfZ8CQ3bOxW3wG+nqh9ciAt2ob5cl6WeFAjlklZcIzr0Jv8FH +HMT0NijuDaXU/gi2QFUULVXysnGj7zKOSMjFSF6JVawj0Xheh/sYaUUxtCXuNKLR +dJoY3Xt01iAAeFsCqFlblyQK52KTkWmxAoIBAQCDFtaLIp+gJ4kKCmUT30abaXXe +tb0D9CnXT1EQSpKqio9Soad1a9PZ6IkJU0Dhks2mJWX6CHR3mWpmXR31aWM/iP+u +X+/amrHPhzxyFCmbo+Vb96ZuelFvdZ0x4l6eM+qd9SxF+SnSyfdtnwOThLI7bZFc +L6rbYlTFdH3j6nksITAW1lp1W59jtkYQVIBl8rpiwNfgRFBf5FE9PKDjbG2WHx3a +kv81Ok5z6PV4BarViZ6hV2tP4b96/TbrXn08J6M4Gcn7KOn7UfYSP/2p7sIE+pC4 +EMO3sAR6IUU/utmknwY0Ou/enuzsq3RvpA/8kE4ZdRBMLUQeZZ4yzX0pyfSz +-----END RSA PRIVATE KEY----- From ef994a176c394bb290c972bb99f03741d65a7365 Mon Sep 17 00:00:00 2001 From: arlakshm <55814491+arlakshm@users.noreply.github.com> Date: Tue, 30 Jun 2020 06:29:20 -0700 Subject: [PATCH 06/29] syslog changes Multi ASIC platforms (#4738) Add changes for syslog support for containers running in namespaces on multi ASIC platforms. On Multi ASIC platforms Rsyslog service is only running on the host. There is no rsyslog service running in each namespace. On multi ASIC platforms the rsyslog service on the host will be listening on the docker0 ip address instead of loopback address. The rsyslog.conf on the containers is modified to have omfwd target ip to be docker0 ipaddress instead of loopback ip Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan --- files/build_templates/docker_image_ctl.j2 | 17 +++++ .../build_templates/sonic_debian_extension.j2 | 1 + files/image_config/rsyslog/rsyslog-config.sh | 21 ++++- .../rsyslog/rsyslog-container.conf.j2 | 76 +++++++++++++++++++ files/image_config/rsyslog/rsyslog.conf.j2 | 2 +- 5 files changed, 115 insertions(+), 2 deletions(-) create mode 100644 files/image_config/rsyslog/rsyslog-container.conf.j2 diff --git a/files/build_templates/docker_image_ctl.j2 b/files/build_templates/docker_image_ctl.j2 index 381480123f67..0a0461795944 100644 --- a/files/build_templates/docker_image_ctl.j2 +++ b/files/build_templates/docker_image_ctl.j2 @@ -27,6 +27,22 @@ link_namespace() { } {%- endif %} +function updateSyslogConf() +{ + # On multiNPU platforms, change the syslog target ip to docker0 ip to allow logs from containers + # running on the namespace to reach the rsyslog service running on the host + # Also update the container name + if [[ ($NUM_ASIC -gt 1) ]]; then + TARGET_IP=$(docker network inspect bridge --format={{ "'{{(index .IPAM.Config 0).Gateway}}'" }}) + CONTAINER_NAME="{{docker_container_name}}$DEV" + TMP_FILE="/tmp/rsyslog.$CONTAINER_NAME.conf" + + sonic-cfggen -t /usr/share/sonic/templates/rsyslog-container.conf.j2 -a "{\"target_ip\": \"$TARGET_IP\", \"container_name\": \"$CONTAINER_NAME\" }" > $TMP_FILE + docker cp $TMP_FILE {{docker_container_name}}$DEV:/etc/rsyslog.conf + rm -rf $TMP_FILE + fi +} + function getMountPoint() { echo $1 | python -c "import sys, json, os; mnts = [x for x in json.load(sys.stdin)[0]['Mounts'] if x['Destination'] == '/usr/share/sonic/hwsku']; print '' if len(mnts) == 0 else os.path.basename(mnts[0]['Source'])" 2>/dev/null @@ -68,6 +84,7 @@ function preStartAction() {%- else %} : # nothing {%- endif %} + updateSyslogConf } function postStartAction() diff --git a/files/build_templates/sonic_debian_extension.j2 b/files/build_templates/sonic_debian_extension.j2 index 925998f0aef9..737ce1271fa6 100644 --- a/files/build_templates/sonic_debian_extension.j2 +++ b/files/build_templates/sonic_debian_extension.j2 @@ -241,6 +241,7 @@ echo "warmboot-finalizer.service" | sudo tee -a $GENERATED_SERVICE_FILE sudo cp $IMAGE_CONFIGS/rsyslog/rsyslog-config.service $FILESYSTEM_ROOT_USR_LIB_SYSTEMD_SYSTEM sudo cp $IMAGE_CONFIGS/rsyslog/rsyslog-config.sh $FILESYSTEM_ROOT/usr/bin/ sudo cp $IMAGE_CONFIGS/rsyslog/rsyslog.conf.j2 $FILESYSTEM_ROOT_USR_SHARE_SONIC_TEMPLATES/ +sudo cp $IMAGE_CONFIGS/rsyslog/rsyslog-container.conf.j2 $FILESYSTEM_ROOT_USR_SHARE_SONIC_TEMPLATES/ sudo cp $IMAGE_CONFIGS/rsyslog/rsyslog.d/* $FILESYSTEM_ROOT/etc/rsyslog.d/ echo "rsyslog-config.service" | sudo tee -a $GENERATED_SERVICE_FILE diff --git a/files/image_config/rsyslog/rsyslog-config.sh b/files/image_config/rsyslog/rsyslog-config.sh index c8ba7b99453c..26767d84fbe0 100755 --- a/files/image_config/rsyslog/rsyslog-config.sh +++ b/files/image_config/rsyslog/rsyslog-config.sh @@ -1,4 +1,23 @@ #!/bin/bash -sonic-cfggen -d -t /usr/share/sonic/templates/rsyslog.conf.j2 >/etc/rsyslog.conf +PLATFORM=`sonic-cfggen -H -v DEVICE_METADATA.localhost.platform` + +# Parse the device specific asic conf file, if it exists +ASIC_CONF=/usr/share/sonic/device/$PLATFORM/asic.conf +if [ -f "$ASIC_CONF" ]; then + source $ASIC_CONF +fi + +# On Multi NPU platforms we need to start the rsyslog server on the docker0 ip address +# for the syslogs from the containers in the namespaces to work. +# on Single NPU platforms we continue to use loopback adddres + +if [[ ($NUM_ASIC -gt 1) ]]; then + udp_server_ip=$(ip -o -4 addr list docker0 | awk '{print $4}' | cut -d/ -f1) +else + udp_server_ip=$(ip -o -4 addr list lo scope host | awk '{print $4}' | cut -d/ -f1) +fi + +sonic-cfggen -d -t /usr/share/sonic/templates/rsyslog.conf.j2 -a "{\"udp_server_ip\": \"$udp_server_ip\"}" >/etc/rsyslog.conf + systemctl restart rsyslog diff --git a/files/image_config/rsyslog/rsyslog-container.conf.j2 b/files/image_config/rsyslog/rsyslog-container.conf.j2 new file mode 100644 index 000000000000..d17fbb6767ba --- /dev/null +++ b/files/image_config/rsyslog/rsyslog-container.conf.j2 @@ -0,0 +1,76 @@ +# +# /etc/rsyslog.conf Configuration file for rsyslog. +# +# For more information see +# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html + + +################# +#### MODULES #### +################# + +$ModLoad imuxsock # provides support for local system logging + +# +# Set a rate limit on messages from the container +# +$SystemLogRateLimitInterval 300 +$SystemLogRateLimitBurst 20000 + +#$ModLoad imklog # provides kernel logging support +#$ModLoad immark # provides --MARK-- message capability + +# provides UDP syslog reception +#$ModLoad imudp +#$UDPServerRun 514 + +# provides TCP syslog reception +#$ModLoad imtcp +#$InputTCPServerRun 514 + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +# Set remote syslog server +template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% {{container_name}}#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%") +*.* action(type="omfwd" target="{{target_ip}}" port="514" protocol="udp" Template="ForwardFormatInContainer") + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# Define a custom template +$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% {{container_name}}#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n" +$ActionFileDefaultTemplate SONiCFileFormat + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# +# Where to place spool and state files +# +$WorkDirectory /var/spool/rsyslog + +# +# Include all config files in /etc/rsyslog.d/ +# +$IncludeConfig /etc/rsyslog.d/*.conf + +# +# Suppress duplicate messages and report "message repeated n times" +# +$RepeatedMsgReduction on + +############### +#### RULES #### +############### diff --git a/files/image_config/rsyslog/rsyslog.conf.j2 b/files/image_config/rsyslog/rsyslog.conf.j2 index fbf8bf20160a..37410293a45f 100644 --- a/files/image_config/rsyslog/rsyslog.conf.j2 +++ b/files/image_config/rsyslog/rsyslog.conf.j2 @@ -19,7 +19,7 @@ $ModLoad imklog # provides kernel logging support # provides UDP syslog reception $ModLoad imudp -$UDPServerAddress 127.0.0.1 # bind to localhost before udp server run +$UDPServerAddress {{udp_server_ip}} #bind to localhost before udp server run $UDPServerRun 514 # provides TCP syslog reception From 22bf545bb6d1285caee1a3fd620a55464b894c86 Mon Sep 17 00:00:00 2001 From: Volodymyr Boiko <66446128+vboykox@users.noreply.github.com> Date: Tue, 30 Jun 2020 19:07:37 +0300 Subject: [PATCH 07/29] [sonic-platform-common] Update submodule (#4871) * src/sonic-platform-common 82bbeab...42781ff (1): > [SfpBase] Fix key name typo in docstring (#99) Signed-off-by: Volodymyr Boyko --- src/sonic-platform-common | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sonic-platform-common b/src/sonic-platform-common index 82bbeabc59b7..42781ff90413 160000 --- a/src/sonic-platform-common +++ b/src/sonic-platform-common @@ -1 +1 @@ -Subproject commit 82bbeabc59b78886b5cadffe0998c8fe67031343 +Subproject commit 42781ff90413efe2ff709908a5318c85ca67f058 From ba234abd2b6f0d3a7deb8073b6c4b349cec1a3e7 Mon Sep 17 00:00:00 2001 From: Kebo Liu Date: Tue, 30 Jun 2020 21:32:56 +0300 Subject: [PATCH 08/29] [mellanox]: Update SAI to 1.16.5 (#4873) 1. Upgrade SAI headers to v1.6.3 2. Fix traffic lost during FFB related to buffer config + optimize buffer config timing for FB 3. Add ACL fields BTH, IP flags 4. Add ACL infrastructure of different fields per ASIC type --- platform/mellanox/mlnx-sai.mk | 2 +- platform/mellanox/mlnx-sai/SAI-Implementation | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/platform/mellanox/mlnx-sai.mk b/platform/mellanox/mlnx-sai.mk index ba954beb7ae0..a978926f33e1 100644 --- a/platform/mellanox/mlnx-sai.mk +++ b/platform/mellanox/mlnx-sai.mk @@ -1,6 +1,6 @@ # Mellanox SAI -MLNX_SAI_VERSION = SAIRel1.16.4.1-sai16 +MLNX_SAI_VERSION = SAIRel1.16.5-sai16 export MLNX_SAI_VERSION diff --git a/platform/mellanox/mlnx-sai/SAI-Implementation b/platform/mellanox/mlnx-sai/SAI-Implementation index b318bb380ac1..0ddcb4e6d12e 160000 --- a/platform/mellanox/mlnx-sai/SAI-Implementation +++ b/platform/mellanox/mlnx-sai/SAI-Implementation @@ -1 +1 @@ -Subproject commit b318bb380ac13dba98c94b163fbe644ab7eb236e +Subproject commit 0ddcb4e6d12efdd5255529ed53cc785351e8b3b3 From 6e1ae359f32a6dfd568c5767df4567f531718edb Mon Sep 17 00:00:00 2001 From: judyjoseph <53951155+judyjoseph@users.noreply.github.com> Date: Tue, 30 Jun 2020 14:32:04 -0700 Subject: [PATCH 09/29] Support for connecting to DB in namespace via TCP port in multi-asic platform. (#4779) * Support for connecting to DB in namespace via IP:port ( using docker bridge network ) for applications in multi-asic platform. * Added the default IP as 127.0.0.1 if the IPaddress derivation from interface fails. Moved the localhost loopback IP binding logic into the supervisor.j2 file. --- .../docker-database/database_config.json.j2 | 2 +- .../docker-database/docker-database-init.sh | 19 ++++++++++++++++++- dockers/docker-database/supervisord.conf.j2 | 7 ++++++- 3 files changed, 25 insertions(+), 3 deletions(-) diff --git a/dockers/docker-database/database_config.json.j2 b/dockers/docker-database/database_config.json.j2 index 3383ec161144..6d116b5e1ae0 100644 --- a/dockers/docker-database/database_config.json.j2 +++ b/dockers/docker-database/database_config.json.j2 @@ -1,7 +1,7 @@ { "INSTANCES": { "redis":{ - "hostname" : "127.0.0.1", + "hostname" : "{{HOST_IP}}", "port" : 6379, "unix_socket_path" : "/var/run/redis{{NAMESPACE_ID}}/redis.sock", "persistence_for_warm_boot" : "yes" diff --git a/dockers/docker-database/docker-database-init.sh b/dockers/docker-database/docker-database-init.sh index 5dae34d8f616..645a7d99272a 100755 --- a/dockers/docker-database/docker-database-init.sh +++ b/dockers/docker-database/docker-database-init.sh @@ -1,12 +1,29 @@ #!/usr/bin/env bash +# For linux host namespace, in both single and multi ASIC platform use the loopback interface +# For other namespaces, use eth0 interface which is connected to the docker0 bridge in the host. +if [[ $NAMESPACE_ID == "" ]] +then + INTFC=lo +else + INTFC=eth0 +fi + +# Get the ip address of the interface +# if the ip address was not retrieved correctly, put localhost(127.0.0.1) as the default. +host_ip=$(ip -4 -o addr show $INTFC | awk '{print $4}' | cut -d'/' -f1 | head -1) +if [[ $host_ip == "" ]] +then + host_ip=127.0.0.1 +fi + REDIS_DIR=/var/run/redis$NAMESPACE_ID mkdir -p $REDIS_DIR/sonic-db if [ -f /etc/sonic/database_config$NAMESPACE_ID.json ]; then cp /etc/sonic/database_config$NAMESPACE_ID.json $REDIS_DIR/sonic-db/database_config.json else - j2 /usr/share/sonic/templates/database_config.json.j2 > $REDIS_DIR/sonic-db/database_config.json + HOST_IP=$host_ip j2 /usr/share/sonic/templates/database_config.json.j2 > $REDIS_DIR/sonic-db/database_config.json fi mkdir -p /etc/supervisor/conf.d/ diff --git a/dockers/docker-database/supervisord.conf.j2 b/dockers/docker-database/supervisord.conf.j2 index 44268274cdad..6d4557dab705 100644 --- a/dockers/docker-database/supervisord.conf.j2 +++ b/dockers/docker-database/supervisord.conf.j2 @@ -20,7 +20,12 @@ stderr_logfile=syslog {% if INSTANCES %} {% for redis_inst, redis_items in INSTANCES.iteritems() %} [program: {{ redis_inst }}] -command=/bin/bash -c "{ [[ -s /var/lib/{{ redis_inst }}/dump.rdb ]] || rm -f /var/lib/{{ redis_inst }}/dump.rdb; } && mkdir -p /var/lib/{{ redis_inst }} && exec /usr/bin/redis-server /etc/redis/redis.conf --port {{ redis_items['port'] }} --unixsocket {{ redis_items['unix_socket_path'] }} --pidfile /var/run/redis/{{ redis_inst }}.pid --dir /var/lib/{{ redis_inst }}" +{% if redis_items['hostname'] != '127.0.0.1' %} +{%- set LOOPBACK_IP = '127.0.0.1' -%} +{%- else -%} +{%- set LOOPBACK_IP = '' -%} +{%- endif -%} +command=/bin/bash -c "{ [[ -s /var/lib/{{ redis_inst }}/dump.rdb ]] || rm -f /var/lib/{{ redis_inst }}/dump.rdb; } && mkdir -p /var/lib/{{ redis_inst }} && exec /usr/bin/redis-server /etc/redis/redis.conf --bind {{ LOOPBACK_IP }} {{ redis_items['hostname'] }} --port {{ redis_items['port'] }} --unixsocket {{ redis_items['unix_socket_path'] }} --pidfile /var/run/redis/{{ redis_inst }}.pid --dir /var/lib/{{ redis_inst }}" priority=2 autostart=true autorestart=false From ed7fafce7741f4641d128f8c053eabfeaac7de80 Mon Sep 17 00:00:00 2001 From: Mahesh Maddikayala <10645050+smaheshm@users.noreply.github.com> Date: Tue, 30 Jun 2020 16:29:47 -0700 Subject: [PATCH 10/29] [sonic-sairedis] sonic-sairedis submodule update (#4847) * sonic-sairedis submodule update * Update BRCM SAI to 3.7.5.1 --- platform/broadcom/sai.mk | 8 ++++---- src/sonic-sairedis | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/platform/broadcom/sai.mk b/platform/broadcom/sai.mk index 572ae0a70f68..8599e712a3ff 100644 --- a/platform/broadcom/sai.mk +++ b/platform/broadcom/sai.mk @@ -1,8 +1,8 @@ -BRCM_SAI = libsaibcm_3.7.4.2-2_amd64.deb -$(BRCM_SAI)_URL = "https://sonicstorage.blob.core.windows.net/packages/bcmsai/3.7/libsaibcm_3.7.4.2-2_amd64.deb?sv=2015-04-05&sr=b&sig=sl819d71a%2BcgrDtOt%2BmywfSL9N2EQS58qMJFq0aKqo8%3D&se=2034-02-11T20%3A28%3A46Z&sp=r" -BRCM_SAI_DEV = libsaibcm-dev_3.7.4.2-2_amd64.deb +BRCM_SAI = libsaibcm_3.7.5.1_amd64.deb +$(BRCM_SAI)_URL = "https://sonicstorage.blob.core.windows.net/packages/bcmsai/3.7/libsaibcm_3.7.5.1_amd64.deb?sv=2015-04-05&sr=b&sig=hZLFA8GbuY83MW9g2ggfe53ATx9riuyL1JYXIe1Bib4%3D&se=2034-03-04T00%3A08%3A23Z&sp=r" +BRCM_SAI_DEV = libsaibcm-dev_3.7.5.1_amd64.deb $(eval $(call add_derived_package,$(BRCM_SAI),$(BRCM_SAI_DEV))) -$(BRCM_SAI_DEV)_URL = "https://sonicstorage.blob.core.windows.net/packages/bcmsai/3.7/libsaibcm-dev_3.7.4.2-2_amd64.deb?sv=2015-04-05&sr=b&sig=cvOpP0PWFVmBNeYLMkxyI4BFBQf1DopD32t%2B3AkJHRg%3D&se=2034-02-11T20%3A27%3A46Z&sp=r" +$(BRCM_SAI_DEV)_URL = "https://sonicstorage.blob.core.windows.net/packages/bcmsai/3.7/libsaibcm-dev_3.7.5.1_amd64.deb?sv=2015-04-05&sr=b&sig=i5GcJ8ATr4NL5iLth6DrX8YXxe7ir5OsXN7fxJISvCE%3D&se=2034-03-04T00%3A09%3A48Z&sp=r" SONIC_ONLINE_DEBS += $(BRCM_SAI) $(BRCM_SAI_DEV)_DEPENDS += $(BRCM_SAI) diff --git a/src/sonic-sairedis b/src/sonic-sairedis index 322dd01db434..ef721595520d 160000 --- a/src/sonic-sairedis +++ b/src/sonic-sairedis @@ -1 +1 @@ -Subproject commit 322dd01db434d00394898d4d1ac34433e95447cd +Subproject commit ef721595520d827277610d11e24082934afc4df8 From 218714441b35f9188aea1d204f71de4d12c75967 Mon Sep 17 00:00:00 2001 From: Akhilesh Samineni <47657796+AkhileshSamineni@users.noreply.github.com> Date: Wed, 1 Jul 2020 15:22:52 +0530 Subject: [PATCH 11/29] [docker-nat]: Updated the NAT iptables patch for 4.19 buster (#4843) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updated the NAT iptables patch for 4.19 buster Depends on PR : Azure/sonic-linux-kernel#147 1 Known issue: With both NAT patch files for 4.19 buster kernel, seeing 1 display issue in iptables like explained below On Docker NAT, iptables supported version is 1.6.0 and on base OS it’s 1.8.2. So seeing an display issue of which fullcone option is not showing in version 1.8.2 iptables output and no issues in functionality. Display issue – For example of comparsion: NAT Docker: root@sonic:/home/admin# docker exec -it nat bash root@sonic:/# iptables -t nat -nvL Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 DNAT all -- * * 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1 fullcone Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 30 packets, 2749 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 30 packets, 2749 bytes) pkts bytes target prot opt in out source destination root@sonic:/# Base OS: root@sonic:/home/admin# iptables-legacy -t nat -nvL Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 1 36 DNAT all -- * * 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1 Chain INPUT (policy ACCEPT 1 packets, 36 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 41 packets, 3572 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 41 packets, 3572 bytes) pkts bytes target prot opt in out source destination root@sonic:/home/admin# To fix this issue, iptables need to update from 1.6.0 to 1.8.2 version and have to update the NAT docker from stretch to buster. Will raise a new PR with this. Signed-off-by: Akhilesh Samineni akhilesh.samineni@broadcom.com Signed-off-by: Akhilesh Samineni --- .../0001-Passing-fullcone-option-for-SNAT-and-DNAT.patch | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/iptables/patch/0001-Passing-fullcone-option-for-SNAT-and-DNAT.patch b/src/iptables/patch/0001-Passing-fullcone-option-for-SNAT-and-DNAT.patch index f7fba85a270b..528ce8edea2d 100644 --- a/src/iptables/patch/0001-Passing-fullcone-option-for-SNAT-and-DNAT.patch +++ b/src/iptables/patch/0001-Passing-fullcone-option-for-SNAT-and-DNAT.patch @@ -19,7 +19,7 @@ index a14d16f..4bfab98 100644 +/* Temporarily defining here, need to be picked up from the + * new kernel header linux/netfilter/nf_nat.h */ -+#define NF_NAT_RANGE_FULLCONE (1 << 5) ++#define NF_NAT_RANGE_FULLCONE (1 << 6) + enum { O_TO_DEST = 0, @@ -106,7 +106,7 @@ index b7b5fc7..88ff650 100644 +/* Temporarily defining here, need to be picked up from the + * new kernel header linux/netfilter/nf_nat.h */ -+#define NF_NAT_RANGE_FULLCONE (1 << 5) ++#define NF_NAT_RANGE_FULLCONE (1 << 6) + enum { O_TO_PORTS = 0, @@ -181,7 +181,7 @@ index e92d811..9634ba9 100644 +/* Temporarily defining here, need to be picked up from the + * new kernel header linux/netfilter/nf_nat.h */ -+#define NF_NAT_RANGE_FULLCONE (1 << 5) ++#define NF_NAT_RANGE_FULLCONE (1 << 6) + enum { O_TO_SRC = 0, From 243268f11c202a5f2140c5312136b8fd1ceb8e68 Mon Sep 17 00:00:00 2001 From: Mahesh Maddikayala <10645050+smaheshm@users.noreply.github.com> Date: Wed, 1 Jul 2020 09:08:21 -0700 Subject: [PATCH 12/29] Fix in libsaibcm for high CPU utilization of syncd (#4874) --- platform/broadcom/sai.mk | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/platform/broadcom/sai.mk b/platform/broadcom/sai.mk index 8599e712a3ff..bda1231bf2a9 100644 --- a/platform/broadcom/sai.mk +++ b/platform/broadcom/sai.mk @@ -1,8 +1,8 @@ -BRCM_SAI = libsaibcm_3.7.5.1_amd64.deb -$(BRCM_SAI)_URL = "https://sonicstorage.blob.core.windows.net/packages/bcmsai/3.7/libsaibcm_3.7.5.1_amd64.deb?sv=2015-04-05&sr=b&sig=hZLFA8GbuY83MW9g2ggfe53ATx9riuyL1JYXIe1Bib4%3D&se=2034-03-04T00%3A08%3A23Z&sp=r" -BRCM_SAI_DEV = libsaibcm-dev_3.7.5.1_amd64.deb +BRCM_SAI = libsaibcm_3.7.5.1-1_amd64.deb +$(BRCM_SAI)_URL = "https://sonicstorage.blob.core.windows.net/packages/bcmsai/3.7/master/libsaibcm_3.7.5.1-1_amd64.deb?sv=2015-04-05&sr=b&sig=vSaGIDz2fHBtQXmwJ8OrulAF1N%2Bwk%2B51CkqwNiZFx6I%3D&se=2034-03-10T00%3A45%3A39Z&sp=r" +BRCM_SAI_DEV = libsaibcm-dev_3.7.5.1-1_amd64.deb $(eval $(call add_derived_package,$(BRCM_SAI),$(BRCM_SAI_DEV))) -$(BRCM_SAI_DEV)_URL = "https://sonicstorage.blob.core.windows.net/packages/bcmsai/3.7/libsaibcm-dev_3.7.5.1_amd64.deb?sv=2015-04-05&sr=b&sig=i5GcJ8ATr4NL5iLth6DrX8YXxe7ir5OsXN7fxJISvCE%3D&se=2034-03-04T00%3A09%3A48Z&sp=r" +$(BRCM_SAI_DEV)_URL = "https://sonicstorage.blob.core.windows.net/packages/bcmsai/3.7/master/libsaibcm-dev_3.7.5.1-1_amd64.deb?sv=2015-04-05&sr=b&sig=XpczZg8q3b2z3754wXdc4faOXOFofdlydJKEQaed01o%3D&se=2034-03-10T00%3A46%3A38Z&sp=r" SONIC_ONLINE_DEBS += $(BRCM_SAI) $(BRCM_SAI_DEV)_DEPENDS += $(BRCM_SAI) From e66cb47ac1096bf1e37dc77a52f02426ab833cd9 Mon Sep 17 00:00:00 2001 From: abdosi <58047199+abdosi@users.noreply.github.com> Date: Wed, 1 Jul 2020 15:58:53 -0700 Subject: [PATCH 13/29] [sonic-buildimage] Changes to make network specific sysctl common for both host and docker namespace (#4838) * [sonic-buildimage] Changes to make network specific sysctl common for both host and docker namespace (in multi-npu). This change is triggered with issue found in multi-npu platforms where in docker namespace net.ipv6.conf.all.forwarding was 0 (should be 1) because of which RS/RA message were triggered and link-local router were learnt. Beside this there were some other sysctl.net.ipv6* params whose value in docker namespace is not same as host namespace. So to make we are always in sync in host and docker namespace created common file that list all sysctl.net.* params and used both by host and docker namespace. Any change will get applied to both namespace. Signed-off-by: Abhishek Dosi * Address Review Comments and made sure to invoke augtool only one and do string concatenation of all set commands * Address Review Comments. --- build_debian.sh | 57 +++++------------------ dockers/docker-database/Dockerfile.j2 | 1 + files/build_templates/docker_image_ctl.j2 | 2 +- files/image_config/sysctl/sysctl-net.conf | 39 ++++++++++++++++ rules/docker-database.mk | 2 +- rules/scripts.mk | 8 ++-- 6 files changed, 58 insertions(+), 51 deletions(-) create mode 100644 files/image_config/sysctl/sysctl-net.conf diff --git a/build_debian.sh b/build_debian.sh index 550585c176ec..be973ea4a83c 100755 --- a/build_debian.sh +++ b/build_debian.sh @@ -389,61 +389,26 @@ rm /files/lib/systemd/system/rsyslog.service/Service/ExecStart/arguments set /files/lib/systemd/system/rsyslog.service/Service/ExecStart/arguments/1 -n " -## Config sysctl sudo mkdir -p $FILESYSTEM_ROOT/var/core + +# Config sysctl sudo augtool --autosave " set /files/etc/sysctl.conf/kernel.core_pattern '|/usr/bin/coredump-compress %e %t %p' - set /files/etc/sysctl.conf/kernel.softlockup_panic 1 set /files/etc/sysctl.conf/kernel.panic 10 set /files/etc/sysctl.conf/vm.panic_on_oom 2 set /files/etc/sysctl.conf/fs.suid_dumpable 2 +" -r $FILESYSTEM_ROOT -set /files/etc/sysctl.conf/net.ipv4.conf.default.forwarding 1 -set /files/etc/sysctl.conf/net.ipv4.conf.all.forwarding 1 -set /files/etc/sysctl.conf/net.ipv4.conf.eth0.forwarding 0 - -set /files/etc/sysctl.conf/net.ipv4.conf.default.arp_accept 0 -set /files/etc/sysctl.conf/net.ipv4.conf.default.arp_announce 0 -set /files/etc/sysctl.conf/net.ipv4.conf.default.arp_filter 0 -set /files/etc/sysctl.conf/net.ipv4.conf.default.arp_notify 0 -set /files/etc/sysctl.conf/net.ipv4.conf.default.arp_ignore 0 -set /files/etc/sysctl.conf/net.ipv4.conf.all.arp_accept 0 -set /files/etc/sysctl.conf/net.ipv4.conf.all.arp_announce 1 -set /files/etc/sysctl.conf/net.ipv4.conf.all.arp_filter 0 -set /files/etc/sysctl.conf/net.ipv4.conf.all.arp_notify 1 -set /files/etc/sysctl.conf/net.ipv4.conf.all.arp_ignore 2 - -set /files/etc/sysctl.conf/net.ipv4.neigh.default.base_reachable_time_ms 1800000 -set /files/etc/sysctl.conf/net.ipv6.neigh.default.base_reachable_time_ms 1800000 -set /files/etc/sysctl.conf/net.ipv4.neigh.default.gc_thresh1 1024 -set /files/etc/sysctl.conf/net.ipv6.neigh.default.gc_thresh1 1024 -set /files/etc/sysctl.conf/net.ipv4.neigh.default.gc_thresh2 2048 -set /files/etc/sysctl.conf/net.ipv6.neigh.default.gc_thresh2 2048 -set /files/etc/sysctl.conf/net.ipv4.neigh.default.gc_thresh3 4096 -set /files/etc/sysctl.conf/net.ipv6.neigh.default.gc_thresh3 4096 - -set /files/etc/sysctl.conf/net.ipv6.conf.default.forwarding 1 -set /files/etc/sysctl.conf/net.ipv6.conf.all.forwarding 1 -set /files/etc/sysctl.conf/net.ipv6.conf.eth0.forwarding 0 - -set /files/etc/sysctl.conf/net.ipv6.conf.default.accept_dad 0 -set /files/etc/sysctl.conf/net.ipv6.conf.all.accept_dad 0 -set /files/etc/sysctl.conf/net.ipv6.conf.eth0.accept_dad 0 - -set /files/etc/sysctl.conf/net.ipv6.conf.default.keep_addr_on_down 1 -set /files/etc/sysctl.conf/net.ipv6.conf.all.keep_addr_on_down 1 -set /files/etc/sysctl.conf/net.ipv6.conf.eth0.keep_addr_on_down 1 - -set /files/etc/sysctl.conf/net.ipv4.tcp_l3mdev_accept 1 -set /files/etc/sysctl.conf/net.ipv4.udp_l3mdev_accept 1 - -set /files/etc/sysctl.conf/net.core.rmem_max 2097152 -set /files/etc/sysctl.conf/net.core.wmem_max 2097152 - -set /files/etc/sysctl.conf/net.core.somaxconn 512 +sysctl_net_cmd_string="" +while read line; do + [[ "$line" =~ ^#.*$ ]] && continue + sysctl_net_conf_key=`echo $line | awk -F '=' '{print $1}'` + sysctl_net_conf_value=`echo $line | awk -F '=' '{print $2}'` + sysctl_net_cmd_string=$sysctl_net_cmd_string"set /files/etc/sysctl.conf/$sysctl_net_conf_key $sysctl_net_conf_value"$'\n' +done < files/image_config/sysctl/sysctl-net.conf -" -r $FILESYSTEM_ROOT +sudo augtool --autosave "$sysctl_net_cmd_string" -r $FILESYSTEM_ROOT ## docker Python API package is needed by Ansible docker module sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT pip install 'docker==4.1.0' diff --git a/dockers/docker-database/Dockerfile.j2 b/dockers/docker-database/Dockerfile.j2 index e14be96e8592..cf62d6868dd8 100644 --- a/dockers/docker-database/Dockerfile.j2 +++ b/dockers/docker-database/Dockerfile.j2 @@ -40,6 +40,7 @@ COPY ["docker-database-init.sh", "/usr/local/bin/"] COPY ["database_config.json.j2", "/usr/share/sonic/templates/"] COPY ["database_global.json.j2", "/usr/share/sonic/templates/"] COPY ["files/supervisor-proc-exit-listener", "/usr/bin"] +COPY ["files/sysctl-net.conf", "/etc/sysctl.d/"] COPY ["critical_processes", "/etc/supervisor"] ENTRYPOINT ["/usr/local/bin/docker-database-init.sh"] diff --git a/files/build_templates/docker_image_ctl.j2 b/files/build_templates/docker_image_ctl.j2 index 0a0461795944..2ddc18a8ce9b 100644 --- a/files/build_templates/docker_image_ctl.j2 +++ b/files/build_templates/docker_image_ctl.j2 @@ -91,7 +91,7 @@ function postStartAction() { {%- if docker_container_name == "database" %} if [ "$DEV" ]; then - docker exec -i database$DEV sysctl -w net.ipv6.conf.all.disable_ipv6=0 + docker exec -i database$DEV sysctl --system -e link_namespace $DEV fi diff --git a/files/image_config/sysctl/sysctl-net.conf b/files/image_config/sysctl/sysctl-net.conf new file mode 100644 index 000000000000..62fda3a8ca91 --- /dev/null +++ b/files/image_config/sysctl/sysctl-net.conf @@ -0,0 +1,39 @@ +# All the sysctl for ipv4/ipv6 network. +# Same will be used in host or docker namespace +# It should be provided as key=value format for parsing +net.ipv6.conf.all.disable_ipv6=0 +net.ipv4.conf.default.forwarding=1 +net.ipv4.conf.all.forwarding=1 +net.ipv4.conf.eth0.forwarding=0 +net.ipv4.conf.default.arp_accept=0 +net.ipv4.conf.default.arp_announce=0 +net.ipv4.conf.default.arp_filter=0 +net.ipv4.conf.default.arp_notify=0 +net.ipv4.conf.default.arp_ignore=0 +net.ipv4.conf.all.arp_accept=0 +net.ipv4.conf.all.arp_announce=1 +net.ipv4.conf.all.arp_filter=0 +net.ipv4.conf.all.arp_notify=1 +net.ipv4.conf.all.arp_ignore=2 +net.ipv4.neigh.default.base_reachable_time_ms=1800000 +net.ipv6.neigh.default.base_reachable_time_ms=1800000 +net.ipv4.neigh.default.gc_thresh1=1024 +net.ipv6.neigh.default.gc_thresh1=1024 +net.ipv4.neigh.default.gc_thresh2=2048 +net.ipv6.neigh.default.gc_thresh2=2048 +net.ipv4.neigh.default.gc_thresh3=4096 +net.ipv6.neigh.default.gc_thresh3=4096 +net.ipv6.conf.default.forwarding=1 +net.ipv6.conf.all.forwarding=1 +net.ipv6.conf.eth0.forwarding=0 +net.ipv6.conf.default.accept_dad=0 +net.ipv6.conf.all.accept_dad=0 +net.ipv6.conf.eth0.accept_dad=0 +net.ipv6.conf.default.keep_addr_on_down=1 +net.ipv6.conf.all.keep_addr_on_down=1 +net.ipv6.conf.eth0.keep_addr_on_down=1 +net.ipv4.tcp_l3mdev_accept=1 +net.ipv4.udp_l3mdev_accept=1 +net.core.rmem_max=2097152 +net.core.wmem_max=2097152 +net.core.somaxconn=512 diff --git a/rules/docker-database.mk b/rules/docker-database.mk index 8062c3b147a5..7cfd8f0bf21e 100644 --- a/rules/docker-database.mk +++ b/rules/docker-database.mk @@ -24,4 +24,4 @@ $(DOCKER_DATABASE)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro $(DOCKER_DATABASE)_BASE_IMAGE_FILES += redis-cli:/usr/bin/redis-cli $(DOCKER_DATABASE)_BASE_IMAGE_FILES += monit_database:/etc/monit/conf.d -$(DOCKER_DATABASE)_FILES += $(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT) +$(DOCKER_DATABASE)_FILES += $(SYSCTL_NET_CONFIG) $(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT) diff --git a/rules/scripts.mk b/rules/scripts.mk index 8c6d0324fc0e..b3ed0cab95f8 100644 --- a/rules/scripts.mk +++ b/rules/scripts.mk @@ -14,10 +14,12 @@ $(QOS_CONFIG_TEMPLATE)_PATH = files/build_templates SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT = supervisor-proc-exit-listener $(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT)_PATH = files/scripts +SYSCTL_NET_CONFIG = sysctl-net.conf +$(SYSCTL_NET_CONFIG)_PATH = files/image_config/sysctl + SONIC_COPY_FILES += $(CONFIGDB_LOAD_SCRIPT) \ $(ARP_UPDATE_SCRIPT) \ $(BUFFERS_CONFIG_TEMPLATE) \ $(QOS_CONFIG_TEMPLATE) \ - $(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT) - - + $(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT) \ + $(SYSCTL_NET_CONFIG) From 2e0aa4f1442327a358f2f6a85c2325ffc5f2f72b Mon Sep 17 00:00:00 2001 From: pavel-shirshov Date: Thu, 2 Jul 2020 00:22:58 -0700 Subject: [PATCH 14/29] [pfx_filter]: Add a prefix mask by default in pfx_filter, when there is no one (#4860) If some table with a list of tuples (interface name, ip prefix) has ip prefixes without a mask length, it will cause issues in SONiC. For example quagga and frr will treat ipv4 address without a mask, so "10.20.30.40" address will be treated as "10.0.0.0/8", which is dangerous. The fix here is that when pfx_filter get a tuple (interface name, ip prefix), where the ip prefix doesn't have prefix mask length, add a mask by default: "/32 for ipv4 addresses, /128 for ipv6 addresses". Co-authored-by: Pavel Shirshov --- src/sonic-bgpcfgd/app/template.py | 12 +- src/sonic-bgpcfgd/tests/test_pfx_filter.py | 139 ++++++++++++++++++ src/sonic-config-engine/sonic-cfggen | 12 +- .../tests/data/pfx_filter/param_1.json | 12 ++ .../tests/data/pfx_filter/result_1.txt | 5 + .../tests/data/pfx_filter/tmpl_1.txt.j2 | 3 + .../tests/test_cfggen_pfx_filter.py | 15 ++ 7 files changed, 196 insertions(+), 2 deletions(-) create mode 100644 src/sonic-bgpcfgd/tests/test_pfx_filter.py create mode 100644 src/sonic-config-engine/tests/data/pfx_filter/param_1.json create mode 100644 src/sonic-config-engine/tests/data/pfx_filter/result_1.txt create mode 100644 src/sonic-config-engine/tests/data/pfx_filter/tmpl_1.txt.j2 create mode 100644 src/sonic-config-engine/tests/test_cfggen_pfx_filter.py diff --git a/src/sonic-bgpcfgd/app/template.py b/src/sonic-bgpcfgd/app/template.py index 5c8a4ed810bd..e88073881171 100644 --- a/src/sonic-bgpcfgd/app/template.py +++ b/src/sonic-bgpcfgd/app/template.py @@ -4,6 +4,7 @@ import jinja2 import netaddr +from .log import log_err class TemplateFabric(object): """ Fabric for rendering jinja2 templates """ @@ -94,5 +95,14 @@ def pfx_filter(value): for key, val in value.items(): if not isinstance(key, tuple): continue - table[key] = val + intf, ip_address = key + if '/' not in ip_address: + if TemplateFabric.is_ipv4(ip_address): + table[(intf, "%s/32" % ip_address)] = val + elif TemplateFabric.is_ipv6(ip_address): + table[(intf, "%s/128" % ip_address)] = val + else: + log_err("'%s' is invalid ip address" % ip_address) + else: + table[key] = val return table \ No newline at end of file diff --git a/src/sonic-bgpcfgd/tests/test_pfx_filter.py b/src/sonic-bgpcfgd/tests/test_pfx_filter.py new file mode 100644 index 000000000000..3eebd3951f7b --- /dev/null +++ b/src/sonic-bgpcfgd/tests/test_pfx_filter.py @@ -0,0 +1,139 @@ +from app.template import TemplateFabric +from collections import OrderedDict +import pytest + + +def test_pfx_filter_none(): + res = TemplateFabric.pfx_filter(None) + assert isinstance(res, OrderedDict) and len(res) == 0 + +def test_pfx_filter_empty_tuple(): + res = TemplateFabric.pfx_filter(()) + assert isinstance(res, OrderedDict) and len(res) == 0 + +def test_pfx_filter_empty_list(): + res = TemplateFabric.pfx_filter([]) + assert isinstance(res, OrderedDict) and len(res) == 0 + +def test_pfx_filter_empty_dict(): + res = TemplateFabric.pfx_filter({}) + assert isinstance(res, OrderedDict) and len(res) == 0 + +def test_pfx_filter_strings(): + src = { + 'Loopback0': {}, + 'Loopback1': {}, + } + expected = OrderedDict([]) + res = TemplateFabric.pfx_filter(src) + assert res == expected + +def test_pfx_filter_mixed_keys(): + src = { + 'Loopback0': {}, + ('Loopback0', '11.11.11.11/32'): {}, + 'Loopback1': {}, + ('Loopback1', '55.55.55.55/32'): {}, + } + expected = OrderedDict( + [ + (('Loopback1', '55.55.55.55/32'), {}), + (('Loopback0', '11.11.11.11/32'), {}), + ] + ) + res = TemplateFabric.pfx_filter(src) + assert res == expected + + +def test_pfx_filter_pfx_v4_w_mask(): + src = { + ('Loopback0', '11.11.11.11/32'): {}, + ('Loopback1', '55.55.55.55/32'): {}, + } + expected = OrderedDict( + [ + (('Loopback1', '55.55.55.55/32'), {}), + (('Loopback0', '11.11.11.11/32'), {}), + ] + ) + res = TemplateFabric.pfx_filter(src) + assert res == expected + +def test_pfx_filter_pfx_v6_w_mask(): + src = { + ('Loopback0', 'fc00::/128'): {}, + ('Loopback1', 'fc00::1/128'): {}, + } + expected = OrderedDict( + [ + (('Loopback0', 'fc00::/128'), {}), + (('Loopback1', 'fc00::1/128'), {}), + ] + ) + res = TemplateFabric.pfx_filter(src) + assert res == expected + +def test_pfx_filter_pfx_v4_no_mask(): + src = { + ('Loopback0', '11.11.11.11'): {}, + ('Loopback1', '55.55.55.55'): {}, + } + expected = OrderedDict( + [ + (('Loopback1', '55.55.55.55/32'), {}), + (('Loopback0', '11.11.11.11/32'), {}), + ] + ) + res = TemplateFabric.pfx_filter(src) + assert res == expected + +def test_pfx_filter_pfx_v6_no_mask(): + src = { + ('Loopback0', 'fc00::'): {}, + ('Loopback1', 'fc00::1'): {}, + } + expected = OrderedDict( + [ + (('Loopback0', 'fc00::/128'), {}), + (('Loopback1', 'fc00::1/128'), {}), + ] + ) + res = TemplateFabric.pfx_filter(src) + assert res == expected + + +def test_pfx_filter_pfx_comprehensive(): + src = { + 'Loopback0': {}, + ('Loopback0', 'fc00::'): {}, + 'Loopback1': {}, + ('Loopback1', 'fc00::1/128'): {}, + ('Loopback2', '11.11.11.11/32'): {}, + ('Loopback3', '55.55.55.55'): {}, + 'Loopback2': {}, + 'Loopback3': {}, + ('Loopback5', '22.22.22.1/24'): {}, + ('Loopback6', 'fc00::55/64'): {}, + } + expected = OrderedDict( + [ + (('Loopback1', 'fc00::1/128'), {}), + (('Loopback3', '55.55.55.55/32'), {}), + (('Loopback6', 'fc00::55/64'), {}), + (('Loopback2', '11.11.11.11/32'), {}), + (('Loopback0', 'fc00::/128'), {}), + (('Loopback5', '22.22.22.1/24'), {}), + ] + ) + res = TemplateFabric.pfx_filter(src) + assert res == expected + +@pytest.fixture +def test_pfx_filter_wrong_ip(caplog): + src = { + ('Loopback0', 'wrong_ip'): {}, + } + res = TemplateFabric.pfx_filter(src) + assert "'wrong_ip' is invalid ip address" in caplog.text + assert isinstance(res, OrderedDict) and len(res) == 0 + diff --git a/src/sonic-config-engine/sonic-cfggen b/src/sonic-config-engine/sonic-cfggen index c0f61d8a95f9..8528f828c8a7 100755 --- a/src/sonic-config-engine/sonic-cfggen +++ b/src/sonic-config-engine/sonic-cfggen @@ -113,7 +113,17 @@ def pfx_filter(value): for key,val in value.items(): if not isinstance(key, tuple): continue - table[key] = val + intf, ip_address = key + if '/' not in ip_address: + if is_ipv4(ip_address): + new_ip_address = "%s/32" % ip_address + elif is_ipv6(ip_address): + new_ip_address = "%s/128" % ip_address + else: + raise ValueError("'%s' is invalid ip address" % ip_address) + table[(intf, new_ip_address)] = val + else: + table[key] = val return table def ip_network(value): diff --git a/src/sonic-config-engine/tests/data/pfx_filter/param_1.json b/src/sonic-config-engine/tests/data/pfx_filter/param_1.json new file mode 100644 index 000000000000..ce6cd21886a2 --- /dev/null +++ b/src/sonic-config-engine/tests/data/pfx_filter/param_1.json @@ -0,0 +1,12 @@ +{ + "VLAN_INTERFACE": { + "Vlan1": {}, + "Vlan1|1.1.1.1/32": {}, + "Vlan2": {}, + "Vlan2|2.2.2.2": {}, + "Vlan3": {}, + "Vlan3|fc00::1": {}, + "Vlan4": {}, + "Vlan4|fc00::2/64": {} + } +} diff --git a/src/sonic-config-engine/tests/data/pfx_filter/result_1.txt b/src/sonic-config-engine/tests/data/pfx_filter/result_1.txt new file mode 100644 index 000000000000..d8ea7d304222 --- /dev/null +++ b/src/sonic-config-engine/tests/data/pfx_filter/result_1.txt @@ -0,0 +1,5 @@ +"Vlan1"="1.1.1.1/32" +"Vlan2"="2.2.2.2/32" +"Vlan3"="fc00::1/128" +"Vlan4"="fc00::2/64" + diff --git a/src/sonic-config-engine/tests/data/pfx_filter/tmpl_1.txt.j2 b/src/sonic-config-engine/tests/data/pfx_filter/tmpl_1.txt.j2 new file mode 100644 index 000000000000..2612fe4a2936 --- /dev/null +++ b/src/sonic-config-engine/tests/data/pfx_filter/tmpl_1.txt.j2 @@ -0,0 +1,3 @@ +{% for intf, addr in VLAN_INTERFACE|pfx_filter %} +"{{ intf }}"="{{ addr }}" +{% endfor %} diff --git a/src/sonic-config-engine/tests/test_cfggen_pfx_filter.py b/src/sonic-config-engine/tests/test_cfggen_pfx_filter.py new file mode 100644 index 000000000000..8ffd72907b21 --- /dev/null +++ b/src/sonic-config-engine/tests/test_cfggen_pfx_filter.py @@ -0,0 +1,15 @@ +from unittest import TestCase +import subprocess + +class TestPfxFilter(TestCase): + def test_comprehensive(self): + # Generate output + data_dir = "tests/data/pfx_filter" + cmd = "./sonic-cfggen -j %s/param_1.json -t %s/tmpl_1.txt.j2 > /tmp/result_1.txt" % (data_dir, data_dir) + subprocess.check_output(cmd, shell=True) + # Compare outputs + cmd = "diff -u tests/data/pfx_filter/result_1.txt /tmp/result_1.txt" + try: + res = subprocess.check_output(cmd, shell=True) + except subprocess.CalledProcessError as e: + assert False, "Wrong output. return code: %d, Diff: %s" % (e.returncode, e.output) From b72fed7ed019c03689c27db1835ad43c0a2fc978 Mon Sep 17 00:00:00 2001 From: pavel-shirshov Date: Thu, 2 Jul 2020 07:35:45 -0700 Subject: [PATCH 15/29] Tests of FRR templates which rendered by sonic-cfggen (#4875) * Tests of FRR templates which rendered by sonic-cfggen --- .../docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 | 1 + .../data/sonic-cfggen/bgpd.conf.j2/all.conf | 76 ++++++++++ .../data/sonic-cfggen/bgpd.conf.j2/all.json | 33 +++++ .../sonic-cfggen/bgpd.main.conf.j2/all.conf | 56 ++++++++ .../sonic-cfggen/bgpd.main.conf.j2/all.json | 32 +++++ .../sonic-cfggen/bgpd.main.conf.j2/base.conf | 22 +++ .../sonic-cfggen/bgpd.main.conf.j2/base.json | 19 +++ .../bgpd.main.conf.j2/defaults.conf | 56 ++++++++ .../bgpd.main.conf.j2/defaults.json | 29 ++++ .../base.conf | 39 +++++ .../base.json | 42 ++++++ .../sonic-cfggen/common/daemons.common.conf | 10 ++ .../common/daemons.common.conf.json | 7 + .../data/sonic-cfggen/common/functions.conf | 1 + .../sonic-cfggen/common/functions.conf.json | 1 + .../data/sonic-cfggen/frr.conf.j2/all.conf | 91 ++++++++++++ .../data/sonic-cfggen/frr.conf.j2/all.json | 46 ++++++ .../tests/data/sonic-cfggen/isolate/isolate | 17 +++ .../data/sonic-cfggen/isolate/isolate.json | 11 ++ .../tests/data/sonic-cfggen/isolate/unisolate | 17 +++ .../data/sonic-cfggen/isolate/unisolate.json | 11 ++ .../data/sonic-cfggen/staticd/staticd.conf | 19 +++ .../sonic-cfggen/staticd/staticd.conf.json | 12 ++ .../staticd/staticd.default_route.conf | 4 + .../staticd/staticd.default_route.conf.json | 7 + .../tests/data/sonic-cfggen/tsa/isolate.conf | 5 + .../tests/data/sonic-cfggen/tsa/isolate.json | 9 ++ .../data/sonic-cfggen/tsa/unisolate.conf | 3 + .../data/sonic-cfggen/tsa/unisolate.json | 3 + .../data/sonic-cfggen/zebra/interfaces.conf | 14 ++ .../data/sonic-cfggen/zebra/interfaces.json | 10 ++ .../data/sonic-cfggen/zebra/set_src.conf | 8 ++ .../data/sonic-cfggen/zebra/set_src.json | 5 + .../tests/data/sonic-cfggen/zebra/zebra.conf | 36 +++++ .../data/sonic-cfggen/zebra/zebra.conf.json | 23 +++ src/sonic-bgpcfgd/tests/test_sonic-cfggen.py | 133 ++++++++++++++++++ src/sonic-config-engine/sonic-cfggen | 2 + 37 files changed, 910 insertions(+) create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.conf.j2/all.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.conf.j2/all.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/all.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/all.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/base.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/base.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/defaults.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/defaults.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.spine_chassis_frontend_router.conf.j2/base.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.spine_chassis_frontend_router.conf.j2/base.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/daemons.common.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/daemons.common.conf.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/functions.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/functions.conf.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/frr.conf.j2/all.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/frr.conf.j2/all.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/isolate create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/isolate.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/unisolate create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/unisolate.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.conf.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.default_route.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.default_route.conf.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/interfaces.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/interfaces.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/set_src.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/set_src.json create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/zebra.conf create mode 100644 src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/zebra.conf.json create mode 100644 src/sonic-bgpcfgd/tests/test_sonic-cfggen.py diff --git a/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 index 051cfa4e9dd9..ef98dcf9f16a 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 @@ -1,3 +1,4 @@ +{% from "common/functions.conf.j2" import get_ipv4_loopback_address, get_ipv6_loopback_address %} ! ! template: bgpd/bgpd.main.conf.j2 ! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.conf.j2/all.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.conf.j2/all.conf new file mode 100644 index 000000000000..166a5c64752c --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.conf.j2/all.conf @@ -0,0 +1,76 @@ +! +! template: bgpd/bgpd.conf.j2 +! +! =========== Managed by sonic-cfggen DO NOT edit manually! ==================== +! generated by templates/quagga/bgpd.conf.j2 with config DB data +! file: bgpd.conf +! +! template: common/daemons.common.conf.j2 +! +hostname new_hostname +password zebra +enable password zebra +! +log syslog informational +log facility local4 +! +! end of template: common/daemons.common.conf.j2! +agentx +! +! template: bgpd/bgpd.main.conf.j2 +! +! bgp multiple-instance +! +! BGP configuration +! +! TSA configuration +! +ip prefix-list PL_LoopbackV4 permit 55.55.55.55/32 +! +ipv6 prefix-list PL_LoopbackV6 permit fc00::/64 +! +route-map HIDE_INTERNAL permit 10 + set community local-AS +! +router bgp 55555 +! + bgp log-neighbor-changes + no bgp default ipv4-unicast +! + bgp bestpath as-path multipath-relax +! + bgp graceful-restart restart-time 480 + bgp graceful-restart + bgp graceful-restart preserve-fw-state +! + bgp router-id 55.55.55.55 +! + network 55.55.55.55/32 +! + address-family ipv6 + network fc00::1/64 + exit-address-family +! + network 10.10.10.1/24 + address-family ipv6 + network fc01::1/64 + exit-address-family +! + address-family ipv4 + redistribute connected route-map HIDE_INTERNAL + exit-address-family + address-family ipv6 + redistribute connected route-map HIDE_INTERNAL + exit-address-family +! + address-family ipv4 + maximum-paths 32 + exit-address-family + address-family ipv6 + maximum-paths 32 + exit-address-family +! +! end of template: bgpd/bgpd.main.conf.j2 +!! +! end of template: bgpd/bgpd.conf.j2 +! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.conf.j2/all.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.conf.j2/all.json new file mode 100644 index 000000000000..17e32589d84c --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.conf.j2/all.json @@ -0,0 +1,33 @@ +{ + "DEVICE_METADATA": { + "localhost": { + "hostname": "new_hostname", + "bgp_asn": "55555", + "sub_role": "FrontEnd" + } + }, + "LOOPBACK_INTERFACE": { + "Loopback0|55.55.55.55/32": {}, + "Loopback0|fc00::1/128": {} + }, + "VLAN_INTERFACE": { + "Vlan10|10.10.10.1/24": {}, + "Vlan10|fc01::1/64": {} + }, + "constants": { + "bgp": { + "multipath_relax": { + "enabled": true + }, + "graceful_restart": { + "enabled": true, + "restart_time": 480 + }, + "maximum_paths": { + "enabled": true, + "ipv4": 32, + "ipv6": 32 + } + } + } +} diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/all.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/all.conf new file mode 100644 index 000000000000..8edbdb60a613 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/all.conf @@ -0,0 +1,56 @@ +! +! template: bgpd/bgpd.main.conf.j2 +! +! bgp multiple-instance +! +! BGP configuration +! +! TSA configuration +! +ip prefix-list PL_LoopbackV4 permit 55.55.55.55/32 +! +ipv6 prefix-list PL_LoopbackV6 permit fc00::/64 +! +route-map HIDE_INTERNAL permit 10 + set community local-AS +! +router bgp 55555 +! + bgp log-neighbor-changes + no bgp default ipv4-unicast +! + bgp bestpath as-path multipath-relax +! + bgp graceful-restart restart-time 480 + bgp graceful-restart + bgp graceful-restart preserve-fw-state +! + bgp router-id 55.55.55.55 +! + network 55.55.55.55/32 +! + address-family ipv6 + network fc00::1/64 + exit-address-family +! + network 10.10.10.1/24 + address-family ipv6 + network fc01::1/64 + exit-address-family +! + address-family ipv4 + redistribute connected route-map HIDE_INTERNAL + exit-address-family + address-family ipv6 + redistribute connected route-map HIDE_INTERNAL + exit-address-family +! + address-family ipv4 + maximum-paths 32 + exit-address-family + address-family ipv6 + maximum-paths 32 + exit-address-family +! +! end of template: bgpd/bgpd.main.conf.j2 +! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/all.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/all.json new file mode 100644 index 000000000000..36099674ac4e --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/all.json @@ -0,0 +1,32 @@ +{ + "DEVICE_METADATA": { + "localhost": { + "bgp_asn": "55555", + "sub_role": "FrontEnd" + } + }, + "LOOPBACK_INTERFACE": { + "Loopback0|55.55.55.55/32": {}, + "Loopback0|fc00::1/128": {} + }, + "VLAN_INTERFACE": { + "Vlan10|10.10.10.1/24": {}, + "Vlan10|fc01::1/64": {} + }, + "constants": { + "bgp": { + "multipath_relax": { + "enabled": true + }, + "graceful_restart": { + "enabled": true, + "restart_time": 480 + }, + "maximum_paths": { + "enabled": true, + "ipv4": 32, + "ipv6": 32 + } + } + } +} diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/base.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/base.conf new file mode 100644 index 000000000000..97159456b6f9 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/base.conf @@ -0,0 +1,22 @@ +! +! template: bgpd/bgpd.main.conf.j2 +! +! bgp multiple-instance +! +! BGP configuration +! +! TSA configuration +! +ip prefix-list PL_LoopbackV4 permit 55.55.55.55/32 +! +router bgp 55555 +! + bgp log-neighbor-changes + no bgp default ipv4-unicast +! + bgp router-id 55.55.55.55 +! + network 55.55.55.55/32 +! +! end of template: bgpd/bgpd.main.conf.j2 +! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/base.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/base.json new file mode 100644 index 000000000000..692d4c78f0b9 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/base.json @@ -0,0 +1,19 @@ +{ + "DEVICE_METADATA": { + "localhost": { + "bgp_asn": "55555", + "sub_role": "" + } + }, + "LOOPBACK_INTERFACE": { + "Loopback0|55.55.55.55/32": {}, + "Loopback1|fc00::1/128": {} + }, + "constants": { + "bgp": { + "multipath_relax": {}, + "graceful_restart": {}, + "maximum_paths": {} + } + } +} diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/defaults.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/defaults.conf new file mode 100644 index 000000000000..b444fcd7e559 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/defaults.conf @@ -0,0 +1,56 @@ +! +! template: bgpd/bgpd.main.conf.j2 +! +! bgp multiple-instance +! +! BGP configuration +! +! TSA configuration +! +ip prefix-list PL_LoopbackV4 permit 55.55.55.55/32 +! +ipv6 prefix-list PL_LoopbackV6 permit fc00::/64 +! +route-map HIDE_INTERNAL permit 10 + set community local-AS +! +router bgp 55555 +! + bgp log-neighbor-changes + no bgp default ipv4-unicast +! + bgp bestpath as-path multipath-relax +! + bgp graceful-restart restart-time 240 + bgp graceful-restart + bgp graceful-restart preserve-fw-state +! + bgp router-id 55.55.55.55 +! + network 55.55.55.55/32 +! + address-family ipv6 + network fc00::1/64 + exit-address-family +! + network 10.10.10.1/24 + address-family ipv6 + network fc01::1/64 + exit-address-family +! + address-family ipv4 + redistribute connected route-map HIDE_INTERNAL + exit-address-family + address-family ipv6 + redistribute connected route-map HIDE_INTERNAL + exit-address-family +! + address-family ipv4 + maximum-paths 64 + exit-address-family + address-family ipv6 + maximum-paths 64 + exit-address-family +! +! end of template: bgpd/bgpd.main.conf.j2 +! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/defaults.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/defaults.json new file mode 100644 index 000000000000..2db9bd771c84 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.main.conf.j2/defaults.json @@ -0,0 +1,29 @@ +{ + "DEVICE_METADATA": { + "localhost": { + "bgp_asn": "55555", + "sub_role": "FrontEnd" + } + }, + "LOOPBACK_INTERFACE": { + "Loopback0|55.55.55.55/32": {}, + "Loopback0|fc00::1/128": {} + }, + "VLAN_INTERFACE": { + "Vlan10|10.10.10.1/24": {}, + "Vlan10|fc01::1/64": {} + }, + "constants": { + "bgp": { + "multipath_relax": { + "enabled": true + }, + "graceful_restart": { + "enabled": true + }, + "maximum_paths": { + "enabled": true + } + } + } +} diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.spine_chassis_frontend_router.conf.j2/base.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.spine_chassis_frontend_router.conf.j2/base.conf new file mode 100644 index 000000000000..581eb107ec23 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.spine_chassis_frontend_router.conf.j2/base.conf @@ -0,0 +1,39 @@ +! +! Vnet BGP instance +router bgp 555 vrf First + no bgp default ipv4-unicast + bgp log-neighbor-changes + bgp bestpath as-path multipath-relax + no bgp default ipv4-unicast + bgp graceful-restart restart-time 240 + bgp graceful-restart + bgp router-id 10.20.30.40 + neighbor 10.10.10.1 remote-as 10 + neighbor 10.10.10.1 description session1 + address-family ipv4 unicast + neighbor 10.10.10.1 activate + neighbor 10.10.10.1 soft-reconfiguration inbound + maximum-paths 64 + exit-address-family + address-family l2vpn evpn + advertise ipv4 unicast + exit-address-family +router bgp 555 vrf Second + no bgp default ipv4-unicast + bgp log-neighbor-changes + bgp bestpath as-path multipath-relax + no bgp default ipv4-unicast + bgp graceful-restart restart-time 240 + bgp graceful-restart + bgp router-id 10.20.30.40 + neighbor 20.20.20.1 remote-as 20 + neighbor 20.20.20.1 description session2 + address-family ipv4 unicast + neighbor 20.20.20.1 activate + neighbor 20.20.20.1 soft-reconfiguration inbound + maximum-paths 64 + exit-address-family + address-family l2vpn evpn + advertise ipv4 unicast + exit-address-family +! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.spine_chassis_frontend_router.conf.j2/base.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.spine_chassis_frontend_router.conf.j2/base.json new file mode 100644 index 000000000000..d6f09fb1139e --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/bgpd.spine_chassis_frontend_router.conf.j2/base.json @@ -0,0 +1,42 @@ +{ + "DEVICE_METADATA": { + "localhost": { + "bgp_asn": "555" + } + }, + "LOOPBACK_INTERFACE": { + "Loopback0|10.20.30.40/32": {} + }, + "VNET": { + "First": { + "vni": 10 + }, + "Second": { + "vni": 20 + } + }, + "INTERFACE": { + "Ethernet0": { + "vnet_name": "First" + }, + "Ethernet0|10.10.10.10/24": {}, + "Ethernet8": { + "vnet_name": "Second" + }, + "Ethernet8|20.20.20.20/24": {}, + "Ethernet10": {}, + "Ethernet10|20.20.20.20/24": {} + }, + "BGP_NEIGHBOR": { + "10.10.10.1": { + "asn": "10", + "name": "session1", + "local_addr": "10.10.10.10" + }, + "20.20.20.1": { + "asn": "20", + "name": "session2", + "local_addr": "20.20.20.20" + } + } +} \ No newline at end of file diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/daemons.common.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/daemons.common.conf new file mode 100644 index 000000000000..14d7b99d07ed --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/daemons.common.conf @@ -0,0 +1,10 @@ +! template: common/daemons.common.conf.j2 +! +hostname test_hostname +password zebra +enable password zebra +! +log syslog informational +log facility local4 +! +! end of template: common/daemons.common.conf.j2 diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/daemons.common.conf.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/daemons.common.conf.json new file mode 100644 index 000000000000..8ef3e43694a7 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/daemons.common.conf.json @@ -0,0 +1,7 @@ +{ + "DEVICE_METADATA": { + "localhost": { + "hostname": "test_hostname" + } + } +} diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/functions.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/functions.conf new file mode 100644 index 000000000000..8b137891791f --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/functions.conf @@ -0,0 +1 @@ + diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/functions.conf.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/functions.conf.json new file mode 100644 index 000000000000..9e26dfeeb6e6 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/common/functions.conf.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/frr.conf.j2/all.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/frr.conf.j2/all.conf new file mode 100644 index 000000000000..4c5e81f4f90d --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/frr.conf.j2/all.conf @@ -0,0 +1,91 @@ +! +! =========== Managed by sonic-cfggen DO NOT edit manually! ==================== +! generated by templates/frr.conf.j2 with config DB data +! file: frr.conf +! +! template: common/daemons.common.conf.j2 +! +hostname test_hostname +password zebra +enable password zebra +! +log syslog informational +log facility local4 +! +! end of template: common/daemons.common.conf.j2! +agentx +! +! Enable link-detect (default disabled) +interface Ethernet0 +link-detect +! +interface Ethernet4 +link-detect +! +interface PortChannel10 +link-detect +! +interface PortChannel20 +link-detect +! +!! +! +! set static default route to mgmt gateway as a backup to learned default +ip route 0.0.0.0/0 10.10.10.1 200 +!! +! +! template: bgpd/bgpd.main.conf.j2 +! +! bgp multiple-instance +! +! BGP configuration +! +! TSA configuration +! +ip prefix-list PL_LoopbackV4 permit 55.55.55.55/32 +! +ipv6 prefix-list PL_LoopbackV6 permit fc00::/64 +! +route-map HIDE_INTERNAL permit 10 + set community local-AS +! +router bgp 55555 +! + bgp log-neighbor-changes + no bgp default ipv4-unicast +! + bgp bestpath as-path multipath-relax +! + bgp graceful-restart restart-time 480 + bgp graceful-restart + bgp graceful-restart preserve-fw-state +! + bgp router-id 55.55.55.55 +! + network 55.55.55.55/32 +! + address-family ipv6 + network fc00::1/64 + exit-address-family +! + network 10.10.10.1/24 + address-family ipv6 + network fc01::1/64 + exit-address-family +! + address-family ipv4 + redistribute connected route-map HIDE_INTERNAL + exit-address-family + address-family ipv6 + redistribute connected route-map HIDE_INTERNAL + exit-address-family +! + address-family ipv4 + maximum-paths 32 + exit-address-family + address-family ipv6 + maximum-paths 32 + exit-address-family +! +! end of template: bgpd/bgpd.main.conf.j2 +!! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/frr.conf.j2/all.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/frr.conf.j2/all.json new file mode 100644 index 000000000000..d81eba2b0fe6 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/frr.conf.j2/all.json @@ -0,0 +1,46 @@ +{ + "DEVICE_METADATA": { + "localhost": { + "bgp_asn": "55555", + "hostname": "test_hostname", + "sub_role": "FrontEnd" + } + }, + "INTERFACE": { + "Ethernet0|10.20.30.40/24": {}, + "Ethernet4|20.20.30.40/24": {} + }, + "PORTCHANNEL": { + "PortChannel10": {}, + "PortChannel20": {} + }, + "MGMT_INTERFACE": { + "eth0|10.10.10.10/24": { + "gwaddr": "10.10.10.1" + } + }, + "LOOPBACK_INTERFACE": { + "Loopback0|55.55.55.55/32": {}, + "Loopback0|fc00::1/128": {} + }, + "VLAN_INTERFACE": { + "Vlan10|10.10.10.1/24": {}, + "Vlan10|fc01::1/64": {} + }, + "constants": { + "bgp": { + "multipath_relax": { + "enabled": true + }, + "graceful_restart": { + "enabled": true, + "restart_time": 480 + }, + "maximum_paths": { + "enabled": true, + "ipv4": 32, + "ipv6": 32 + } + } + } +} \ No newline at end of file diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/isolate b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/isolate new file mode 100644 index 000000000000..74f107495298 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/isolate @@ -0,0 +1,17 @@ +#!/bin/bash +## vtysh only accepts script in stdin, so cannot be directly used in shebang +## Cut the tail of this script and feed vtysh stdin +sed -n -e '9,$p' < "$0" | vtysh "$@" +## Exit with vtysh return code +exit $? +## vtysh script start from next line, which line number MUST equal in 'sed' command above +configure terminal + router bgp 12345 + neighbor 10.20.30.40 route-map ISOLATE out + address-family ipv6 + neighbor fc00::1 route-map ISOLATE out + exit-address-family + exit +exit +clear ip bgp 10.20.30.40 soft out +clear ip bgp fc00::1 soft out diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/isolate.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/isolate.json new file mode 100644 index 000000000000..012b69ef3036 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/isolate.json @@ -0,0 +1,11 @@ +{ + "DEVICE_METADATA": { + "localhost": { + "bgp_asn": "12345" + } + }, + "BGP_NEIGHBOR": { + "10.20.30.40": {}, + "fc00::1": {} + } +} diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/unisolate b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/unisolate new file mode 100644 index 000000000000..b9476d0b7107 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/unisolate @@ -0,0 +1,17 @@ +#!/bin/bash +## vtysh only accepts script in stdin, so cannot be directly used in shebang +## Cut the tail of this script and feed vtysh stdin +sed -n -e '9,$p' < "$0" | vtysh "$@" +## Exit with vtysh return code +exit $? +## vtysh script start from next line, which line number MUST equal in 'sed' command above +configure terminal + router bgp 12345 + no neighbor 10.20.30.40 route-map ISOLATE out + address-family ipv6 + no neighbor fc00::1 route-map ISOLATE out + exit-address-family + exit +exit +clear ip bgp 10.20.30.40 soft out +clear ip bgp fc00::1 soft out diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/unisolate.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/unisolate.json new file mode 100644 index 000000000000..012b69ef3036 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/isolate/unisolate.json @@ -0,0 +1,11 @@ +{ + "DEVICE_METADATA": { + "localhost": { + "bgp_asn": "12345" + } + }, + "BGP_NEIGHBOR": { + "10.20.30.40": {}, + "fc00::1": {} + } +} diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.conf new file mode 100644 index 000000000000..522c0d36f296 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.conf @@ -0,0 +1,19 @@ +! +! =========== Managed by sonic-cfggen DO NOT edit manually! ==================== +! generated by templates/frr/staticd.conf.j2 using config DB data +! file: staticd.conf +! +! template: common/daemons.common.conf.j2 +! +hostname new_hostname +password zebra +enable password zebra +! +log syslog informational +log facility local4 +! +! end of template: common/daemons.common.conf.j2! +! +! set static default route to mgmt gateway as a backup to learned default +ip route 0.0.0.0/0 10.10.10.1 200 +!! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.conf.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.conf.json new file mode 100644 index 000000000000..37f660d101d6 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.conf.json @@ -0,0 +1,12 @@ +{ + "DEVICE_METADATA": { + "localhost": { + "hostname": "new_hostname" + } + }, + "MGMT_INTERFACE": { + "eth0|10.10.10.10/24": { + "gwaddr": "10.10.10.1" + } + } +} diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.default_route.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.default_route.conf new file mode 100644 index 000000000000..11adb98ebc3c --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.default_route.conf @@ -0,0 +1,4 @@ +! +! set static default route to mgmt gateway as a backup to learned default +ip route 0.0.0.0/0 10.10.10.1 200 +! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.default_route.conf.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.default_route.conf.json new file mode 100644 index 000000000000..80cd218a790e --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/staticd/staticd.default_route.conf.json @@ -0,0 +1,7 @@ +{ + "MGMT_INTERFACE": { + "eth0|10.10.10.10/24": { + "gwaddr": "10.10.10.1" + } + } +} diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.conf new file mode 100644 index 000000000000..7bd155fcdb64 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.conf @@ -0,0 +1,5 @@ +route-map test_rm_name permit 2 + match ip address prefix-list PL_LoopbackV4 + set community 12345:555 +route-map test_rm_name deny 3 +! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.json new file mode 100644 index 000000000000..708e4013f131 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/isolate.json @@ -0,0 +1,9 @@ +{ + "constants": { + "bgp": { + "traffic_shift_community": "12345:555" + } + }, + "route_map_name": "test_rm_name", + "ip_version": "V4" +} \ No newline at end of file diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.conf new file mode 100644 index 000000000000..db53a69e7ec4 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.conf @@ -0,0 +1,3 @@ +no route-map test_rm permit 2 +no route-map test_rm deny 3 +! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.json new file mode 100644 index 000000000000..da070431493d --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/tsa/unisolate.json @@ -0,0 +1,3 @@ +{ + "route_map_name": "test_rm" +} \ No newline at end of file diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/interfaces.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/interfaces.conf new file mode 100644 index 000000000000..919c35085b5c --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/interfaces.conf @@ -0,0 +1,14 @@ +! +! Enable link-detect (default disabled) +interface Ethernet0 +link-detect +! +interface Ethernet4 +link-detect +! +interface PortChannel10 +link-detect +! +interface PortChannel20 +link-detect +! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/interfaces.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/interfaces.json new file mode 100644 index 000000000000..e9c1bcba418d --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/interfaces.json @@ -0,0 +1,10 @@ +{ + "INTERFACE": { + "Ethernet0|10.20.30.40/24": {}, + "Ethernet4|20.20.30.40/24": {} + }, + "PORTCHANNEL": { + "PortChannel10": {}, + "PortChannel20": {} + } +} \ No newline at end of file diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/set_src.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/set_src.conf new file mode 100644 index 000000000000..b543d24e0023 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/set_src.conf @@ -0,0 +1,8 @@ +! +! Set ip source to loopback for bgp learned routes +! +route-map new_rm_name permit 10 + set src 10.20.30.40 +! +ipv4 protocol bgp route-map new_rm_name +! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/set_src.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/set_src.json new file mode 100644 index 000000000000..2e76d46fd106 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/set_src.json @@ -0,0 +1,5 @@ +{ + "rm_name": "new_rm_name", + "lo_ip": "10.20.30.40", + "ip_proto": "v4" +} \ No newline at end of file diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/zebra.conf b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/zebra.conf new file mode 100644 index 000000000000..f7b30f214d4d --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/zebra.conf @@ -0,0 +1,36 @@ +! +! =========== Managed by sonic-cfggen DO NOT edit manually! ==================== +! generated by templates/zebra/zebra.conf.j2 using config DB data +! file: zebra.conf +! +! template: common/daemons.common.conf.j2 +! +hostname new_hostname +password zebra +enable password zebra +! +log syslog informational +log facility local4 +! +! end of template: common/daemons.common.conf.j2! +! +vrf First +vni 10 +! +vrf Second +vni 20 +! +! Enable link-detect (default disabled) +interface Ethernet0 +link-detect +! +interface Ethernet4 +link-detect +! +interface PortChannel10 +link-detect +! +interface PortChannel20 +link-detect +! +!! diff --git a/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/zebra.conf.json b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/zebra.conf.json new file mode 100644 index 000000000000..9b63ff526fb9 --- /dev/null +++ b/src/sonic-bgpcfgd/tests/data/sonic-cfggen/zebra/zebra.conf.json @@ -0,0 +1,23 @@ +{ + "DEVICE_METADATA": { + "localhost": { + "hostname": "new_hostname" + } + }, + "VNET": { + "First": { + "vni": 10 + }, + "Second": { + "vni": 20 + } + }, + "INTERFACE": { + "Ethernet0|10.20.30.40/24": {}, + "Ethernet4|20.20.30.40/24": {} + }, + "PORTCHANNEL": { + "PortChannel10": {}, + "PortChannel20": {} + } +} \ No newline at end of file diff --git a/src/sonic-bgpcfgd/tests/test_sonic-cfggen.py b/src/sonic-bgpcfgd/tests/test_sonic-cfggen.py new file mode 100644 index 000000000000..065ecb815ccb --- /dev/null +++ b/src/sonic-bgpcfgd/tests/test_sonic-cfggen.py @@ -0,0 +1,133 @@ +import os +import subprocess + + +from app.config import ConfigMgr +from .test_templates import compress_comments, write_result + + +TEMPLATE_PATH = os.path.abspath('../../dockers/docker-fpm-frr/frr') +DATA_PATH = "tests/data/sonic-cfggen/" +CONSTANTS_PATH = os.path.abspath('../../files/image_config/constants/constants.yml') + + +def run_test(name, template_path, json_path, match_path): + template_path = os.path.join(TEMPLATE_PATH, template_path) + json_path = os.path.join(DATA_PATH, json_path) + cfggen = os.path.abspath("../sonic-config-engine/sonic-cfggen") + command = [cfggen, "-T", TEMPLATE_PATH, "-t", template_path, "-y", json_path] + p = subprocess.Popen(command, shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + stdout, stderr = p.communicate() + assert p.returncode == 0, "sonic-cfggen for %s test returned %d code. stderr='%s'" % (name, p.returncode, stderr) + raw_generated_result = stdout + assert "None" not in raw_generated_result, "Test %s" % name + canonical_generated_result = ConfigMgr.to_canonical(raw_generated_result) + match_path = os.path.join(DATA_PATH, match_path) + # only for development write_result(match_path, raw_generated_result) + with open(match_path) as result_fp: + raw_saved_result = result_fp.read() + canonical_saved_result = ConfigMgr.to_canonical(raw_saved_result) + assert canonical_saved_result == canonical_generated_result, "Test %s" % name + + +def test_bgpd_main_conf_base(): + run_test("Base bgpd.main.conf.j2", + "bgpd/bgpd.main.conf.j2", + "bgpd.main.conf.j2/base.json", + "bgpd.main.conf.j2/base.conf") + +def test_bgpd_main_conf_comprehensive(): + run_test("Comprehensive bgpd.main.conf.j2", + "bgpd/bgpd.main.conf.j2", + "bgpd.main.conf.j2/all.json", + "bgpd.main.conf.j2/all.conf") + +def test_bgpd_main_conf_defaults(): + run_test("Defaults bgpd.main.conf.j2", + "bgpd/bgpd.main.conf.j2", + "bgpd.main.conf.j2/defaults.json", + "bgpd.main.conf.j2/defaults.conf") + +def test_tsa_isolate(): + run_test("tsa/bgpd.tsa.isolate.conf.j2", + "bgpd/tsa/bgpd.tsa.isolate.conf.j2", + "tsa/isolate.json", + "tsa/isolate.conf") + +def test_tsa_unisolate(): + run_test("tsa/bgpd.tsa.unisolate.conf.j2", + "bgpd/tsa/bgpd.tsa.unisolate.conf.j2", + "tsa/unisolate.json", + "tsa/unisolate.conf") + +def test_common_daemons(): + run_test("daemons.common.conf.j2", + "common/daemons.common.conf.j2", + "common/daemons.common.conf.json", + "common/daemons.common.conf") + +def test_common_functions(): + run_test("functions.conf.j2", + "common/functions.conf.j2", + "common/functions.conf.json", + "common/functions.conf") + +def test_staticd_default_route(): + run_test("staticd.default_route.conf.j2", + "staticd/staticd.default_route.conf.j2", + "staticd/staticd.default_route.conf.json", + "staticd/staticd.default_route.conf") + +def test_staticd(): + run_test("staticd.conf.j2", + "staticd/staticd.conf.j2", + "staticd/staticd.conf.json", + "staticd/staticd.conf") + +def test_zebra_interfaces(): + run_test("zebra.interfaces.conf.j2", + "zebra/zebra.interfaces.conf.j2", + "zebra/interfaces.json", + "zebra/interfaces.conf") + +def test_zebra_set_src(): + run_test("zebra.set_src.conf.j2", + "zebra/zebra.set_src.conf.j2", + "zebra/set_src.json", + "zebra/set_src.conf") + +def test_zebra(): + run_test("zebra.conf.j2", + "zebra/zebra.conf.j2", + "zebra/zebra.conf.json", + "zebra/zebra.conf") + +def test_isolate(): + run_test("isolate.j2", + "isolate.j2", + "isolate/isolate.json", + "isolate/isolate") + +def test_unisolate(): + run_test("unisolate.j2", + "unisolate.j2", + "isolate/unisolate.json", + "isolate/unisolate") + +def test_frr_conf(): + run_test("frr.conf.j2", + "frr.conf.j2", + "frr.conf.j2/all.json", + "frr.conf.j2/all.conf") + +def test_l3vpn_base(): + run_test("bgpd spine_chassis_frontend_router.conf.j2", + "bgpd/bgpd.spine_chassis_frontend_router.conf.j2", + "bgpd.spine_chassis_frontend_router.conf.j2/base.json", + "bgpd.spine_chassis_frontend_router.conf.j2/base.conf") + +def test_bgp_conf_all(): + run_test("bgpd/bgpd.conf", + "bgpd/bgpd.conf.j2", + "bgpd.conf.j2/all.json", + "bgpd.conf.j2/all.conf") diff --git a/src/sonic-config-engine/sonic-cfggen b/src/sonic-config-engine/sonic-cfggen index 8528f828c8a7..1118703458db 100755 --- a/src/sonic-config-engine/sonic-cfggen +++ b/src/sonic-config-engine/sonic-cfggen @@ -16,6 +16,8 @@ See usage string for detail description for arguments. """ from __future__ import print_function +import sys +sys.path.insert(0, "/usr/local/lib/python2.7/dist-packages") # monkey patch re.compile to do lazy regular expression compilation. # This is done to improve import time of jinja2, yaml, natsort modules, because they From cae65a451c6408cf932f8c8316c6747937c7f562 Mon Sep 17 00:00:00 2001 From: arlakshm <55814491+arlakshm@users.noreply.github.com> Date: Thu, 2 Jul 2020 11:37:40 -0700 Subject: [PATCH 16/29] [config]: Loopback Interface changes for multi ASIC devices (#4825) * Loopback IP changes for multi ASIC devices multi ASIC will have 2 Loopback Interfaces - Loopback0 has globally unique IP address, which is advertised by the multi ASIC device to its peers. This way all the external devices will see this device as a single device. - Loopback4096 is assigned an IP address which has a scope is within the device. Each ASIC has a different ip address for Loopback4096. This ip address will be used as Router-Id by the bgp instance on multi ASIC devices. This PR implements this change for multi ASIC devices Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan --- .../docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 | 16 +++++++- src/sonic-config-engine/minigraph.py | 32 +++++++++++---- src/sonic-config-engine/sonic-cfggen | 3 ++ src/sonic-config-engine/sonic_device_util.py | 16 ++++++-- .../tests/multi_npu_data/sample-minigraph.xml | 40 +++++++++++++++++-- .../tests/test_multinpu_cfggen.py | 29 ++++++++++++++ 6 files changed, 120 insertions(+), 16 deletions(-) diff --git a/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 index ef98dcf9f16a..0199b254d149 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 @@ -15,7 +15,7 @@ ipv6 prefix-list PL_LoopbackV6 permit {{ get_ipv6_loopback_address(LOOPBACK_INTE {% endif %} ! ! -{% if DEVICE_METADATA['localhost']['sub_role'] == 'FrontEnd' %} +{% if multi_asic() %} route-map HIDE_INTERNAL permit 10 set community local-AS ! @@ -38,16 +38,30 @@ router bgp {{ DEVICE_METADATA['localhost']['bgp_asn'] }} {% endif %} ! {# set router-id #} +{% if multi_asic() %} + bgp router-id {{ get_ipv4_loopback_address(LOOPBACK_INTERFACE, "Loopback4096") | ip }} +{% else %} bgp router-id {{ get_ipv4_loopback_address(LOOPBACK_INTERFACE, "Loopback0") | ip }} +{% endif %} ! {# advertise loopback #} network {{ get_ipv4_loopback_address(LOOPBACK_INTERFACE, "Loopback0") | ip }}/32 +{% if multi_asic() %} + network {{ get_ipv4_loopback_address(LOOPBACK_INTERFACE, "Loopback4096") | ip }}/32 route-map HIDE_INTERNAL +{% endif %} ! {% if get_ipv6_loopback_address(LOOPBACK_INTERFACE, "Loopback0") != 'None' %} address-family ipv6 network {{ get_ipv6_loopback_address(LOOPBACK_INTERFACE, "Loopback0") | ip }}/64 exit-address-family {% endif %} +{% if multi_asic() %} +{% if get_ipv6_loopback_address(LOOPBACK_INTERFACE, "Loopback4096") != 'None' %} + address-family ipv6 + network {{ get_ipv6_loopback_address(LOOPBACK_INTERFACE, "Loopback4096") | ip }}/64 route-map HIDE_INTERNAL + exit-address-family +{% endif %} +{% endif %} {% endblock bgp_init %} ! {% block vlan_advertisement %} diff --git a/src/sonic-config-engine/minigraph.py b/src/sonic-config-engine/minigraph.py index 79e553e0191d..2fe699987279 100644 --- a/src/sonic-config-engine/minigraph.py +++ b/src/sonic-config-engine/minigraph.py @@ -251,6 +251,15 @@ def parse_asic_png(png, asic_name, hostname): devices[name] = device_data return (neighbors, devices, port_speeds) +def parse_loopback_intf(child): + lointfs = child.find(str(QName(ns, "LoopbackIPInterfaces"))) + lo_intfs = {} + for lointf in lointfs.findall(str(QName(ns1, "LoopbackIPInterface"))): + intfname = lointf.find(str(QName(ns, "AttachTo"))).text + ipprefix = lointf.find(str(QName(ns1, "PrefixStr"))).text + lo_intfs[(intfname, ipprefix)] = {} + return lo_intfs + def parse_dpg(dpg, hname): aclintfs = None mgmtintfs = None @@ -269,7 +278,6 @@ def parse_dpg(dpg, hname): """ if mgmtintfs is None and child.find(str(QName(ns, "ManagementIPInterfaces"))) is not None: mgmtintfs = child.find(str(QName(ns, "ManagementIPInterfaces"))) - hostname = child.find(str(QName(ns, "Hostname"))) if hostname.text.lower() != hname.lower(): continue @@ -290,12 +298,7 @@ def parse_dpg(dpg, hname): ipprefix = ipintf.find(str(QName(ns, "Prefix"))).text intfs[(intfname, ipprefix)] = {} - lointfs = child.find(str(QName(ns, "LoopbackIPInterfaces"))) - lo_intfs = {} - for lointf in lointfs.findall(str(QName(ns1, "LoopbackIPInterface"))): - intfname = lointf.find(str(QName(ns, "AttachTo"))).text - ipprefix = lointf.find(str(QName(ns1, "PrefixStr"))).text - lo_intfs[(intfname, ipprefix)] = {} + lo_intfs = parse_loopback_intf(child) mvrfConfigs = child.find(str(QName(ns, "MgmtVrfConfigs"))) mvrf = {} @@ -452,6 +455,13 @@ def parse_dpg(dpg, hname): return intfs, lo_intfs, mvrf, mgmt_intf, vlans, vlan_members, pcs, pc_members, acls, vni return None, None, None, None, None, None, None, None, None, None +def parse_host_loopback(dpg, hname): + for child in dpg: + hostname = child.find(str(QName(ns, "Hostname"))) + if hostname.text.lower() != hname.lower(): + continue + lo_intfs = parse_loopback_intf(child) + return lo_intfs def parse_cpg(cpg, hname): bgp_sessions = {} @@ -826,6 +836,7 @@ def parse_xml(filename, platform=None, port_config_file=None, asic_name=None, hw cloudtype = None hostname = None linkmetas = {} + host_lo_intfs = None # hostname is the asic_name, get the asic_id from the asic_name if asic_name is not None: @@ -867,6 +878,7 @@ def parse_xml(filename, platform=None, port_config_file=None, asic_name=None, hw else: if child.tag == str(QName(ns, "DpgDec")): (intfs, lo_intfs, mvrf, mgmt_intf, vlans, vlan_members, pcs, pc_members, acls, vni) = parse_dpg(child, asic_name) + host_lo_intfs = parse_host_loopback(child, hostname) elif child.tag == str(QName(ns, "CpgDec")): (bgp_sessions, bgp_asn, bgp_peers_with_range, bgp_monitors) = parse_cpg(child, asic_name) enable_internal_bgp_session(bgp_sessions, filename, asic_name) @@ -930,6 +942,12 @@ def parse_xml(filename, platform=None, port_config_file=None, asic_name=None, hw for lo_intf in lo_intfs: results['LOOPBACK_INTERFACE'][lo_intf] = lo_intfs[lo_intf] results['LOOPBACK_INTERFACE'][lo_intf[0]] = {} + + if host_lo_intfs is not None: + for host_lo_intf in host_lo_intfs: + results['LOOPBACK_INTERFACE'][host_lo_intf] = host_lo_intfs[host_lo_intf] + results['LOOPBACK_INTERFACE'][host_lo_intf[0]] = {} + results['MGMT_VRF_CONFIG'] = mvrf phyport_intfs = {} diff --git a/src/sonic-config-engine/sonic-cfggen b/src/sonic-config-engine/sonic-cfggen index 1118703458db..9bda72071937 100755 --- a/src/sonic-config-engine/sonic-cfggen +++ b/src/sonic-config-engine/sonic-cfggen @@ -45,6 +45,7 @@ from sonic_device_util import get_machine_info from sonic_device_util import get_platform_info from sonic_device_util import get_system_mac from sonic_device_util import get_npu_id_from_name +from sonic_device_util import is_multi_npu from config_samples import generate_sample_config from config_samples import get_available_config from swsssdk import SonicV2Connector, ConfigDBConnector, SonicDBConfig @@ -344,6 +345,8 @@ def main(): env.filters['ip_network'] = ip_network for attr in ['ip', 'network', 'prefixlen', 'netmask', 'broadcast']: env.filters[attr] = partial(prefix_attr, attr) + # Pass the is_multi_npu function as global + env.globals['multi_asic'] = is_multi_npu template = env.get_template(template_file) print(template.render(sort_data(data))) diff --git a/src/sonic-config-engine/sonic_device_util.py b/src/sonic-config-engine/sonic_device_util.py index 5984a7047fe7..ddfa751250c5 100644 --- a/src/sonic-config-engine/sonic_device_util.py +++ b/src/sonic-config-engine/sonic_device_util.py @@ -44,12 +44,20 @@ def get_npu_id_from_name(npu_name): else: return None +def get_asic_conf_file_path(platform): + asic_conf_path_candidates = [] + asic_conf_path_candidates.append(os.path.join('/usr/share/sonic/platform', ASIC_CONF_FILENAME)) + if platform is not None: + asic_conf_path_candidates.append(os.path.join(SONIC_DEVICE_PATH, platform, ASIC_CONF_FILENAME)) + for asic_conf_file_path in asic_conf_path_candidates: + if os.path.isfile(asic_conf_file_path): + return asic_conf_file_path + return None + def get_num_npus(): platform = get_platform_info(get_machine_info()) - if not platform: - return 1 - asic_conf_file_path = os.path.join(SONIC_DEVICE_PATH, platform, ASIC_CONF_FILENAME) - if not os.path.isfile(asic_conf_file_path): + asic_conf_file_path = get_asic_conf_file_path(platform) + if asic_conf_file_path is None: return 1 with open(asic_conf_file_path) as asic_conf_file: for line in asic_conf_file: diff --git a/src/sonic-config-engine/tests/multi_npu_data/sample-minigraph.xml b/src/sonic-config-engine/tests/multi_npu_data/sample-minigraph.xml index 8ca17925c6ec..412262315b4e 100644 --- a/src/sonic-config-engine/tests/multi_npu_data/sample-minigraph.xml +++ b/src/sonic-config-engine/tests/multi_npu_data/sample-minigraph.xml @@ -387,12 +387,20 @@ LoopbackInterface HostIP - Loopback0 + Loopback4096 8.0.0.0/32 8.0.0.0/32 + + HostIP1 + Loopback4096 + + FD00:1::32/128 + + FD00:1::32/128 + @@ -457,12 +465,20 @@ LoopbackInterface HostIP - Loopback0 + Loopback4096 8.0.0.1/32 8.0.0.1/32 + + HostIP1 + Loopback4096 + + FD00:2::32/128 + + FD00:2::32/128 + @@ -526,12 +542,20 @@ LoopbackInterface HostIP - Loopback0 + Loopback4096 8.0.0.4/32 8.0.0.4/32 + + HostIP1 + Loopback4096 + + FD00:3::32/128 + + FD00:3::32/128 + @@ -580,12 +604,20 @@ LoopbackInterface HostIP - Loopback0 + Loopback4096 8.0.0.5/32 8.0.0.5/32 + + HostIP1 + Loopback4096 + + FD00:4::32/128 + + FD00:4::32/128 + diff --git a/src/sonic-config-engine/tests/test_multinpu_cfggen.py b/src/sonic-config-engine/tests/test_multinpu_cfggen.py index c3307b482b79..7511ce9bcdd1 100644 --- a/src/sonic-config-engine/tests/test_multinpu_cfggen.py +++ b/src/sonic-config-engine/tests/test_multinpu_cfggen.py @@ -245,3 +245,32 @@ def test_back_end_asic_acl(self): argument = "-m {} -p {} -n asic3 --var-json \"ACL_TABLE\"".format(self.sample_graph, self.port_config[3]) output = json.loads(self.run_script(argument)) self.assertDictEqual(output, {}) + + def test_loopback_intfs(self): + argument = "-m {} --var-json \"LOOPBACK_INTERFACE\"".format(self.sample_graph) + output = json.loads(self.run_script(argument)) + self.assertDictEqual(output, {\ + "Loopback0": {}, + "Loopback0|10.1.0.32/32": {}, + "Loopback0|FC00:1::32/128": {}}) + + # The asic configuration should have 2 loopback interfaces + argument = "-m {} -n asic0 --var-json \"LOOPBACK_INTERFACE\"".format(self.sample_graph) + output = json.loads(self.run_script(argument)) + self.assertDictEqual(output, { \ + "Loopback0": {}, + "Loopback4096": {}, + "Loopback0|10.1.0.32/32": {}, + "Loopback0|FC00:1::32/128": {}, + "Loopback4096|8.0.0.0/32": {}, + "Loopback4096|FD00:1::32/128": {}}) + + argument = "-m {} -n asic3 --var-json \"LOOPBACK_INTERFACE\"".format(self.sample_graph) + output = json.loads(self.run_script(argument)) + self.assertDictEqual(output, {\ + "Loopback0": {}, + "Loopback4096": {}, + "Loopback0|10.1.0.32/32": {}, + "Loopback0|FC00:1::32/128": {}, + "Loopback4096|8.0.0.5/32": {}, + "Loopback4096|FD00:4::32/128": {}}) From a4253afcda2f3ffa376f54a4aa9d81b8604236da Mon Sep 17 00:00:00 2001 From: Renuka Manavalan <47282725+renukamanavalan@users.noreply.github.com> Date: Thu, 2 Jul 2020 11:43:35 -0700 Subject: [PATCH 17/29] Added new pip packages, required by kube.py (kubernetes CLI). (#4884) --- platform/vs/docker-sonic-vs/Dockerfile.j2 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/platform/vs/docker-sonic-vs/Dockerfile.j2 b/platform/vs/docker-sonic-vs/Dockerfile.j2 index 89abf3cd6351..b58f7828187c 100644 --- a/platform/vs/docker-sonic-vs/Dockerfile.j2 +++ b/platform/vs/docker-sonic-vs/Dockerfile.j2 @@ -53,6 +53,9 @@ RUN pip install py2_ipaddress RUN pip install six RUN pip install pyroute2==0.5.3 netifaces==0.10.7 RUN pip install monotonic==1.5 +RUN pip install urllib3 +RUN pip install requests +RUN pip install crontab {% if docker_sonic_vs_debs.strip() -%} # Copy locally-built Debian package dependencies From 5f318426163f4769145d5127af7a66d7fd7a943f Mon Sep 17 00:00:00 2001 From: Guohan Lu Date: Fri, 3 Jul 2020 00:06:17 +0000 Subject: [PATCH 18/29] Revert "[config]: Loopback Interface changes for multi ASIC devices (#4825)" This reverts commit cae65a451c6408cf932f8c8316c6747937c7f562. --- .../docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 | 16 +------- src/sonic-config-engine/minigraph.py | 32 ++++----------- src/sonic-config-engine/sonic-cfggen | 3 -- src/sonic-config-engine/sonic_device_util.py | 16 ++------ .../tests/multi_npu_data/sample-minigraph.xml | 40 ++----------------- .../tests/test_multinpu_cfggen.py | 29 -------------- 6 files changed, 16 insertions(+), 120 deletions(-) diff --git a/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 index 0199b254d149..ef98dcf9f16a 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/bgpd.main.conf.j2 @@ -15,7 +15,7 @@ ipv6 prefix-list PL_LoopbackV6 permit {{ get_ipv6_loopback_address(LOOPBACK_INTE {% endif %} ! ! -{% if multi_asic() %} +{% if DEVICE_METADATA['localhost']['sub_role'] == 'FrontEnd' %} route-map HIDE_INTERNAL permit 10 set community local-AS ! @@ -38,30 +38,16 @@ router bgp {{ DEVICE_METADATA['localhost']['bgp_asn'] }} {% endif %} ! {# set router-id #} -{% if multi_asic() %} - bgp router-id {{ get_ipv4_loopback_address(LOOPBACK_INTERFACE, "Loopback4096") | ip }} -{% else %} bgp router-id {{ get_ipv4_loopback_address(LOOPBACK_INTERFACE, "Loopback0") | ip }} -{% endif %} ! {# advertise loopback #} network {{ get_ipv4_loopback_address(LOOPBACK_INTERFACE, "Loopback0") | ip }}/32 -{% if multi_asic() %} - network {{ get_ipv4_loopback_address(LOOPBACK_INTERFACE, "Loopback4096") | ip }}/32 route-map HIDE_INTERNAL -{% endif %} ! {% if get_ipv6_loopback_address(LOOPBACK_INTERFACE, "Loopback0") != 'None' %} address-family ipv6 network {{ get_ipv6_loopback_address(LOOPBACK_INTERFACE, "Loopback0") | ip }}/64 exit-address-family {% endif %} -{% if multi_asic() %} -{% if get_ipv6_loopback_address(LOOPBACK_INTERFACE, "Loopback4096") != 'None' %} - address-family ipv6 - network {{ get_ipv6_loopback_address(LOOPBACK_INTERFACE, "Loopback4096") | ip }}/64 route-map HIDE_INTERNAL - exit-address-family -{% endif %} -{% endif %} {% endblock bgp_init %} ! {% block vlan_advertisement %} diff --git a/src/sonic-config-engine/minigraph.py b/src/sonic-config-engine/minigraph.py index 2fe699987279..79e553e0191d 100644 --- a/src/sonic-config-engine/minigraph.py +++ b/src/sonic-config-engine/minigraph.py @@ -251,15 +251,6 @@ def parse_asic_png(png, asic_name, hostname): devices[name] = device_data return (neighbors, devices, port_speeds) -def parse_loopback_intf(child): - lointfs = child.find(str(QName(ns, "LoopbackIPInterfaces"))) - lo_intfs = {} - for lointf in lointfs.findall(str(QName(ns1, "LoopbackIPInterface"))): - intfname = lointf.find(str(QName(ns, "AttachTo"))).text - ipprefix = lointf.find(str(QName(ns1, "PrefixStr"))).text - lo_intfs[(intfname, ipprefix)] = {} - return lo_intfs - def parse_dpg(dpg, hname): aclintfs = None mgmtintfs = None @@ -278,6 +269,7 @@ def parse_dpg(dpg, hname): """ if mgmtintfs is None and child.find(str(QName(ns, "ManagementIPInterfaces"))) is not None: mgmtintfs = child.find(str(QName(ns, "ManagementIPInterfaces"))) + hostname = child.find(str(QName(ns, "Hostname"))) if hostname.text.lower() != hname.lower(): continue @@ -298,7 +290,12 @@ def parse_dpg(dpg, hname): ipprefix = ipintf.find(str(QName(ns, "Prefix"))).text intfs[(intfname, ipprefix)] = {} - lo_intfs = parse_loopback_intf(child) + lointfs = child.find(str(QName(ns, "LoopbackIPInterfaces"))) + lo_intfs = {} + for lointf in lointfs.findall(str(QName(ns1, "LoopbackIPInterface"))): + intfname = lointf.find(str(QName(ns, "AttachTo"))).text + ipprefix = lointf.find(str(QName(ns1, "PrefixStr"))).text + lo_intfs[(intfname, ipprefix)] = {} mvrfConfigs = child.find(str(QName(ns, "MgmtVrfConfigs"))) mvrf = {} @@ -455,13 +452,6 @@ def parse_dpg(dpg, hname): return intfs, lo_intfs, mvrf, mgmt_intf, vlans, vlan_members, pcs, pc_members, acls, vni return None, None, None, None, None, None, None, None, None, None -def parse_host_loopback(dpg, hname): - for child in dpg: - hostname = child.find(str(QName(ns, "Hostname"))) - if hostname.text.lower() != hname.lower(): - continue - lo_intfs = parse_loopback_intf(child) - return lo_intfs def parse_cpg(cpg, hname): bgp_sessions = {} @@ -836,7 +826,6 @@ def parse_xml(filename, platform=None, port_config_file=None, asic_name=None, hw cloudtype = None hostname = None linkmetas = {} - host_lo_intfs = None # hostname is the asic_name, get the asic_id from the asic_name if asic_name is not None: @@ -878,7 +867,6 @@ def parse_xml(filename, platform=None, port_config_file=None, asic_name=None, hw else: if child.tag == str(QName(ns, "DpgDec")): (intfs, lo_intfs, mvrf, mgmt_intf, vlans, vlan_members, pcs, pc_members, acls, vni) = parse_dpg(child, asic_name) - host_lo_intfs = parse_host_loopback(child, hostname) elif child.tag == str(QName(ns, "CpgDec")): (bgp_sessions, bgp_asn, bgp_peers_with_range, bgp_monitors) = parse_cpg(child, asic_name) enable_internal_bgp_session(bgp_sessions, filename, asic_name) @@ -942,12 +930,6 @@ def parse_xml(filename, platform=None, port_config_file=None, asic_name=None, hw for lo_intf in lo_intfs: results['LOOPBACK_INTERFACE'][lo_intf] = lo_intfs[lo_intf] results['LOOPBACK_INTERFACE'][lo_intf[0]] = {} - - if host_lo_intfs is not None: - for host_lo_intf in host_lo_intfs: - results['LOOPBACK_INTERFACE'][host_lo_intf] = host_lo_intfs[host_lo_intf] - results['LOOPBACK_INTERFACE'][host_lo_intf[0]] = {} - results['MGMT_VRF_CONFIG'] = mvrf phyport_intfs = {} diff --git a/src/sonic-config-engine/sonic-cfggen b/src/sonic-config-engine/sonic-cfggen index 9bda72071937..1118703458db 100755 --- a/src/sonic-config-engine/sonic-cfggen +++ b/src/sonic-config-engine/sonic-cfggen @@ -45,7 +45,6 @@ from sonic_device_util import get_machine_info from sonic_device_util import get_platform_info from sonic_device_util import get_system_mac from sonic_device_util import get_npu_id_from_name -from sonic_device_util import is_multi_npu from config_samples import generate_sample_config from config_samples import get_available_config from swsssdk import SonicV2Connector, ConfigDBConnector, SonicDBConfig @@ -345,8 +344,6 @@ def main(): env.filters['ip_network'] = ip_network for attr in ['ip', 'network', 'prefixlen', 'netmask', 'broadcast']: env.filters[attr] = partial(prefix_attr, attr) - # Pass the is_multi_npu function as global - env.globals['multi_asic'] = is_multi_npu template = env.get_template(template_file) print(template.render(sort_data(data))) diff --git a/src/sonic-config-engine/sonic_device_util.py b/src/sonic-config-engine/sonic_device_util.py index ddfa751250c5..5984a7047fe7 100644 --- a/src/sonic-config-engine/sonic_device_util.py +++ b/src/sonic-config-engine/sonic_device_util.py @@ -44,20 +44,12 @@ def get_npu_id_from_name(npu_name): else: return None -def get_asic_conf_file_path(platform): - asic_conf_path_candidates = [] - asic_conf_path_candidates.append(os.path.join('/usr/share/sonic/platform', ASIC_CONF_FILENAME)) - if platform is not None: - asic_conf_path_candidates.append(os.path.join(SONIC_DEVICE_PATH, platform, ASIC_CONF_FILENAME)) - for asic_conf_file_path in asic_conf_path_candidates: - if os.path.isfile(asic_conf_file_path): - return asic_conf_file_path - return None - def get_num_npus(): platform = get_platform_info(get_machine_info()) - asic_conf_file_path = get_asic_conf_file_path(platform) - if asic_conf_file_path is None: + if not platform: + return 1 + asic_conf_file_path = os.path.join(SONIC_DEVICE_PATH, platform, ASIC_CONF_FILENAME) + if not os.path.isfile(asic_conf_file_path): return 1 with open(asic_conf_file_path) as asic_conf_file: for line in asic_conf_file: diff --git a/src/sonic-config-engine/tests/multi_npu_data/sample-minigraph.xml b/src/sonic-config-engine/tests/multi_npu_data/sample-minigraph.xml index 412262315b4e..8ca17925c6ec 100644 --- a/src/sonic-config-engine/tests/multi_npu_data/sample-minigraph.xml +++ b/src/sonic-config-engine/tests/multi_npu_data/sample-minigraph.xml @@ -387,20 +387,12 @@ LoopbackInterface HostIP - Loopback4096 + Loopback0 8.0.0.0/32 8.0.0.0/32 - - HostIP1 - Loopback4096 - - FD00:1::32/128 - - FD00:1::32/128 - @@ -465,20 +457,12 @@ LoopbackInterface HostIP - Loopback4096 + Loopback0 8.0.0.1/32 8.0.0.1/32 - - HostIP1 - Loopback4096 - - FD00:2::32/128 - - FD00:2::32/128 - @@ -542,20 +526,12 @@ LoopbackInterface HostIP - Loopback4096 + Loopback0 8.0.0.4/32 8.0.0.4/32 - - HostIP1 - Loopback4096 - - FD00:3::32/128 - - FD00:3::32/128 - @@ -604,20 +580,12 @@ LoopbackInterface HostIP - Loopback4096 + Loopback0 8.0.0.5/32 8.0.0.5/32 - - HostIP1 - Loopback4096 - - FD00:4::32/128 - - FD00:4::32/128 - diff --git a/src/sonic-config-engine/tests/test_multinpu_cfggen.py b/src/sonic-config-engine/tests/test_multinpu_cfggen.py index 7511ce9bcdd1..c3307b482b79 100644 --- a/src/sonic-config-engine/tests/test_multinpu_cfggen.py +++ b/src/sonic-config-engine/tests/test_multinpu_cfggen.py @@ -245,32 +245,3 @@ def test_back_end_asic_acl(self): argument = "-m {} -p {} -n asic3 --var-json \"ACL_TABLE\"".format(self.sample_graph, self.port_config[3]) output = json.loads(self.run_script(argument)) self.assertDictEqual(output, {}) - - def test_loopback_intfs(self): - argument = "-m {} --var-json \"LOOPBACK_INTERFACE\"".format(self.sample_graph) - output = json.loads(self.run_script(argument)) - self.assertDictEqual(output, {\ - "Loopback0": {}, - "Loopback0|10.1.0.32/32": {}, - "Loopback0|FC00:1::32/128": {}}) - - # The asic configuration should have 2 loopback interfaces - argument = "-m {} -n asic0 --var-json \"LOOPBACK_INTERFACE\"".format(self.sample_graph) - output = json.loads(self.run_script(argument)) - self.assertDictEqual(output, { \ - "Loopback0": {}, - "Loopback4096": {}, - "Loopback0|10.1.0.32/32": {}, - "Loopback0|FC00:1::32/128": {}, - "Loopback4096|8.0.0.0/32": {}, - "Loopback4096|FD00:1::32/128": {}}) - - argument = "-m {} -n asic3 --var-json \"LOOPBACK_INTERFACE\"".format(self.sample_graph) - output = json.loads(self.run_script(argument)) - self.assertDictEqual(output, {\ - "Loopback0": {}, - "Loopback4096": {}, - "Loopback0|10.1.0.32/32": {}, - "Loopback0|FC00:1::32/128": {}, - "Loopback4096|8.0.0.5/32": {}, - "Loopback4096|FD00:4::32/128": {}}) From c4b5b002c32aceb4ee3af2cb1bea3809373e9aef Mon Sep 17 00:00:00 2001 From: lguohan Date: Thu, 2 Jul 2020 22:03:50 -0700 Subject: [PATCH 19/29] [docker-orchagent]: make build depends only on sairedis package (#4880) make swss build depends only on libsairedis instead of syncd. This allows to build swss without depending on vendor sai library. Currently, libsairedis build also buils syncd which requires vendor SAI lib. This makes difficult to build swss docker in buster while still keeping syncd docker in stretch, as swss requires libsairedis which also build syncd and requires vendor to provide SAI for buster. As swss docker does not really contain syncd binary, so it is not necessary to build syncd for swss docker. * [submodule]: update sonic-sairedis * ccbb3bc 2020-06-28 | add option to build without syncd (HEAD, origin/master, origin/HEAD) [Guohan Lu] * 4247481 2020-06-28 | install saidiscovery into syncd package [Guohan Lu] * 61b8e8e 2020-06-26 | Revert "sonic-sairedis: Add support to sonic-sairedis for gearbox phys (#624)" (#630) [Danny Allen] * 85e543c 2020-06-26 | add a README to tests directory to describe how to run 'make check' (#629) [Syd Logan] * 2772f15 2020-06-26 | sonic-sairedis: Add support to sonic-sairedis for gearbox phys (#624) [Syd Logan] Signed-off-by: Guohan Lu --- platform/barefoot/bfn-sai.mk | 1 + platform/barefoot/rules.mk | 8 ++++---- platform/broadcom/rules.mk | 6 +++--- platform/broadcom/sai.mk | 1 + platform/cavium/rules.mk | 6 +++--- platform/centec/rules.mk | 6 +++--- platform/centec/sdk.mk | 1 + platform/innovium/invm-sai.mk | 2 ++ platform/innovium/rules.mk | 4 ++-- platform/marvell-arm64/rules.mk | 6 +++--- platform/marvell-arm64/sai.mk | 1 + platform/marvell-armhf/rules.mk | 6 +++--- platform/marvell-armhf/sai.mk | 1 + platform/marvell/rules.mk | 6 +++--- platform/marvell/sai.mk | 2 ++ platform/mellanox/mlnx-sai.mk | 1 + platform/mellanox/rules.mk | 6 +++--- platform/nephos/rules.mk | 6 +++--- platform/nephos/sai.mk | 3 ++- platform/p4/rules.mk | 6 +++--- platform/vs/syncd-vs.mk | 3 --- rules/sairedis.mk | 35 +------------------------------- rules/swss.mk | 4 +++- rules/syncd.dep | 20 ++++++++++++++++++ rules/syncd.mk | 36 +++++++++++++++++++++++++++++++++ slave.mk | 23 ++++++++++++++++++++- src/sonic-sairedis | 2 +- 27 files changed, 128 insertions(+), 74 deletions(-) create mode 100644 rules/syncd.dep create mode 100644 rules/syncd.mk diff --git a/platform/barefoot/bfn-sai.mk b/platform/barefoot/bfn-sai.mk index 39b8f3691811..3ba95162032e 100644 --- a/platform/barefoot/bfn-sai.mk +++ b/platform/barefoot/bfn-sai.mk @@ -6,3 +6,4 @@ $(BFN_SAI)_RDEPENDS += $(LIBNL_GENL3) SONIC_ONLINE_DEBS += $(BFN_SAI) $(BFN_SAI_DEV)_DEPENDS += $(BFN_SAI) +$(BFN_SAI_DEV)_CONFLICTS += $(LIBSAIVS_DEV) diff --git a/platform/barefoot/rules.mk b/platform/barefoot/rules.mk index 2e45dce8e78b..e223d02c0552 100644 --- a/platform/barefoot/rules.mk +++ b/platform/barefoot/rules.mk @@ -19,12 +19,12 @@ include $(PLATFORM_PATH)/bfn-modules.mk SONIC_ALL += $(SONIC_ONE_IMAGE) $(SONIC_ONE_ABOOT) \ $(DOCKER_FPM) -# Inject sai into sairedis -#$(LIBSAIREDIS)_DEPENDS += $(BFN_SAI) $(WNC_OSW1800_PLATFORM) $(BFN_INGRASYS_PLATFORM) $(BFN_PLATFORM) -$(LIBSAIREDIS)_DEPENDS += $(BFN_SAI) $(BFN_INGRASYS_PLATFORM) $(BFN_PLATFORM) +# Inject sai into syncd +#$(SYNCD)_DEPENDS += $(BFN_SAI) $(WNC_OSW1800_PLATFORM) $(BFN_INGRASYS_PLATFORM) $(BFN_PLATFORM) +$(SYNCD)_DEPENDS += $(BFN_SAI) $(BFN_INGRASYS_PLATFORM) $(BFN_PLATFORM) ifeq ($(ENABLE_SYNCD_RPC),y) -$(LIBSAIREDIS)_DEPENDS += $(LIBSAITHRIFT_DEV) +$(SYNCD)_DEPENDS += $(LIBSAITHRIFT_DEV) endif # Runtime dependency on sai is set only for syncd diff --git a/platform/broadcom/rules.mk b/platform/broadcom/rules.mk index 8dd7b2c8cbb2..afcec34a73de 100644 --- a/platform/broadcom/rules.mk +++ b/platform/broadcom/rules.mk @@ -32,10 +32,10 @@ SONIC_ONLINE_FILES += $(BCMCMD) $(DSSERVE) SONIC_ALL += $(SONIC_ONE_IMAGE) $(SONIC_ONE_ABOOT_IMAGE) \ $(DOCKER_FPM) -# Inject brcm sai into sairedis -$(LIBSAIREDIS)_DEPENDS += $(BRCM_SAI) $(BRCM_SAI_DEV) +# Inject brcm sai into syncd +$(SYNCD)_DEPENDS += $(BRCM_SAI) $(BRCM_SAI_DEV) ifeq ($(ENABLE_SYNCD_RPC),y) -$(LIBSAIREDIS)_DEPENDS += $(LIBSAITHRIFT_DEV) +$(SYNCD)_DEPENDS += $(LIBSAITHRIFT_DEV) endif # Runtime dependency on brcm sai is set only for syncd diff --git a/platform/broadcom/sai.mk b/platform/broadcom/sai.mk index bda1231bf2a9..95a97d7b1b91 100644 --- a/platform/broadcom/sai.mk +++ b/platform/broadcom/sai.mk @@ -6,3 +6,4 @@ $(BRCM_SAI_DEV)_URL = "https://sonicstorage.blob.core.windows.net/packages/bcmsa SONIC_ONLINE_DEBS += $(BRCM_SAI) $(BRCM_SAI_DEV)_DEPENDS += $(BRCM_SAI) +$(BRCM_SAI_DEV)_CONFLICTS += $(LIBSAIVS_DEV) diff --git a/platform/cavium/rules.mk b/platform/cavium/rules.mk index 2da9f5cca9f6..acdd7477fd29 100644 --- a/platform/cavium/rules.mk +++ b/platform/cavium/rules.mk @@ -12,10 +12,10 @@ SONIC_ALL += $(SONIC_ONE_IMAGE) \ $(DOCKER_PTF_CAVM) \ $(DOCKER_SYNCD_CAVM_RPC) -# Inject cavium sai into sairedis -$(LIBSAIREDIS)_DEPENDS += $(CAVM_SAI) $(CAVM_LIBSAI) +# Inject cavium sai into syncd +$(SYNCD)_DEPENDS += $(CAVM_SAI) $(CAVM_LIBSAI) ifeq ($(ENABLE_SYNCD_RPC),y) -$(LIBSAIREDIS)_DEPENDS += $(LIBSAITHRIFT_DEV_CAVM) +$(SYNCD)_DEPENDS += $(LIBSAITHRIFT_DEV_CAVM) endif # Runtime dependency on cavium sai is set only for syncd diff --git a/platform/centec/rules.mk b/platform/centec/rules.mk index 6f3ac98ecab4..0c9f5a0309ee 100644 --- a/platform/centec/rules.mk +++ b/platform/centec/rules.mk @@ -9,10 +9,10 @@ include $(PLATFORM_PATH)/docker-ptf-centec.mk SONIC_ALL += $(SONIC_ONE_IMAGE) -# Inject centec sai into sairedis -$(LIBSAIREDIS)_DEPENDS += $(CENTEC_SAI) +# Inject centec sai into syncd +$(SYNCD)_DEPENDS += $(CENTEC_SAI) ifeq ($(ENABLE_SYNCD_RPC),y) -$(LIBSAIREDIS)_DEPENDS += $(LIBSAITHRIFT_DEV) +$(SYNCD)_DEPENDS += $(LIBSAITHRIFT_DEV) endif # Runtime dependency on centec sai is set only for syncd diff --git a/platform/centec/sdk.mk b/platform/centec/sdk.mk index 5a5c888e0b09..724c15735675 100644 --- a/platform/centec/sdk.mk +++ b/platform/centec/sdk.mk @@ -1,5 +1,6 @@ # Centec SAI CENTEC_SAI = libsai_1.6.1_amd64.deb $(CENTEC_SAI)_URL = https://github.com/CentecNetworks/sonic-binaries/raw/master/amd64/libsai_1.6.1-1.0_amd64.deb +$(CENTEC_SAI)_CONFLICTS += $(LIBSAIVS_DEV) SONIC_ONLINE_DEBS += $(CENTEC_SAI) diff --git a/platform/innovium/invm-sai.mk b/platform/innovium/invm-sai.mk index 9f013208201b..c375572b1d41 100755 --- a/platform/innovium/invm-sai.mk +++ b/platform/innovium/invm-sai.mk @@ -10,4 +10,6 @@ $(INVM_LIBSAI)_URL = $(INVM_SAI_ONLINE)/$(INVM_LIBSAI) $(INVM_HSAI)_URL = $(INVM_SAI_ONLINE)/$(INVM_HSAI) $(INVM_DRV)_URL = $(INVM_SAI_ONLINE)/$(INVM_DRV) +$(INVM_HSAI)_CONFLICTS += $(LIBSAIVS_DEV) + SONIC_ONLINE_DEBS += $(INVM_LIBSAI) $(INVM_HSAI) $(INVM_DRV) diff --git a/platform/innovium/rules.mk b/platform/innovium/rules.mk index 68a9dbb41040..69b29afb98ca 100755 --- a/platform/innovium/rules.mk +++ b/platform/innovium/rules.mk @@ -13,8 +13,8 @@ SONIC_ALL += $(SONIC_INVM_ONE_IMAGE) \ $(DOCKER_PTF_INVM) \ $(DOCKER_SYNCD_INVM_RPC) -# Inject invm sai into sairedis -$(LIBSAIREDIS)_DEPENDS += $(INVM_HSAI) $(INVM_LIBSAI) $(LIBSAITHRIFT_DEV_INVM) +# Inject invm sai into syncd +$(SYNCD)_DEPENDS += $(INVM_HSAI) $(INVM_LIBSAI) $(LIBSAITHRIFT_DEV_INVM) # Runtime dependency on invm sai is set only for syncd $(SYNCD)_RDEPENDS += $(INVM_HSAI) diff --git a/platform/marvell-arm64/rules.mk b/platform/marvell-arm64/rules.mk index bf4667a46d41..5c63392de974 100644 --- a/platform/marvell-arm64/rules.mk +++ b/platform/marvell-arm64/rules.mk @@ -15,10 +15,10 @@ SONIC_ALL += $(SONIC_ONE_IMAGE) \ $(DOCKER_PTF_MRVL) \ $(DOCKER_SYNCD_MRVL_RPC) -# Inject mrvl sai into sairedis -$(LIBSAIREDIS)_DEPENDS += $(MRVL_SAI) +# Inject mrvl sai into syncd +$(SYNCD)_DEPENDS += $(MRVL_SAI) ifeq ($(ENABLE_SYNCD_RPC),y) -$(LIBSAIREDIS)_DEPENDS += $(LIBSAITHRIFT_DEV) +$(SYNCD)_DEPENDS += $(LIBSAITHRIFT_DEV) endif # Runtime dependency on mrvl sai is set only for syncd diff --git a/platform/marvell-arm64/sai.mk b/platform/marvell-arm64/sai.mk index ebdd7030a3d4..1de18debe615 100644 --- a/platform/marvell-arm64/sai.mk +++ b/platform/marvell-arm64/sai.mk @@ -4,4 +4,5 @@ export MRVL_SAI_VERSION = 1.5.1 export MRVL_SAI = mrvllibsai_$(PLATFORM_ARCH)_$(MRVL_SAI_VERSION).deb $(MRVL_SAI)_SRC_PATH = $(PLATFORM_PATH)/sai +$(MRVL_SAI)_CONFLICTS = $(LIBSAIVS_DEV) SONIC_MAKE_DEBS += $(MRVL_SAI) diff --git a/platform/marvell-armhf/rules.mk b/platform/marvell-armhf/rules.mk index 05ca4788069e..bb4c3f0d4f4f 100644 --- a/platform/marvell-armhf/rules.mk +++ b/platform/marvell-armhf/rules.mk @@ -16,10 +16,10 @@ SONIC_ALL += $(SONIC_ONE_IMAGE) \ $(DOCKER_FPM) #$(DOCKER_SYNCD_MRVL_RPC) -# Inject mrvl sai into sairedis -$(LIBSAIREDIS)_DEPENDS += $(MRVL_SAI) +# Inject mrvl sai into syncd +$(SYNCD)_DEPENDS += $(MRVL_SAI) ifeq ($(ENABLE_SYNCD_RPC),y) -$(LIBSAIREDIS)_DEPENDS += $(LIBSAITHRIFT_DEV) +$(SYNCD)_DEPENDS += $(LIBSAITHRIFT_DEV) endif # Runtime dependency on mrvl sai is set only for syncd diff --git a/platform/marvell-armhf/sai.mk b/platform/marvell-armhf/sai.mk index ebdd7030a3d4..1de18debe615 100644 --- a/platform/marvell-armhf/sai.mk +++ b/platform/marvell-armhf/sai.mk @@ -4,4 +4,5 @@ export MRVL_SAI_VERSION = 1.5.1 export MRVL_SAI = mrvllibsai_$(PLATFORM_ARCH)_$(MRVL_SAI_VERSION).deb $(MRVL_SAI)_SRC_PATH = $(PLATFORM_PATH)/sai +$(MRVL_SAI)_CONFLICTS = $(LIBSAIVS_DEV) SONIC_MAKE_DEBS += $(MRVL_SAI) diff --git a/platform/marvell/rules.mk b/platform/marvell/rules.mk index c01e1e491803..442af4cbe99f 100644 --- a/platform/marvell/rules.mk +++ b/platform/marvell/rules.mk @@ -8,10 +8,10 @@ SONIC_ALL += $(SONIC_ONE_IMAGE) \ $(DOCKER_FPM) \ $(DOCKER_SYNCD_MRVL_RPC) -# Inject mrvl sai into sairedis -$(LIBSAIREDIS)_DEPENDS += $(MRVL_FPA) $(MRVL_SAI) +# Inject mrvl sai into syncd +$(SYNCD)_DEPENDS += $(MRVL_FPA) $(MRVL_SAI) ifeq ($(ENABLE_SYNCD_RPC),y) -$(LIBSAIREDIS)_DEPENDS += $(LIBSAITHRIFT_DEV) +$(SYNCD)_DEPENDS += $(LIBSAITHRIFT_DEV) endif # Runtime dependency on mrvl sai is set only for syncd diff --git a/platform/marvell/sai.mk b/platform/marvell/sai.mk index 553188100045..9e09627c98f5 100644 --- a/platform/marvell/sai.mk +++ b/platform/marvell/sai.mk @@ -4,4 +4,6 @@ export MRVL_SAI_VERSION = 1.5.1 export MRVL_SAI = mrvllibsai_amd64_$(MRVL_SAI_VERSION).deb $(MRVL_SAI)_SRC_PATH = $(PLATFORM_PATH)/sai +$(MRVL_SAI)_CONFLICTS = $(LIBSAIVS_DEV) + SONIC_MAKE_DEBS += $(MRVL_SAI) diff --git a/platform/mellanox/mlnx-sai.mk b/platform/mellanox/mlnx-sai.mk index a978926f33e1..9e9075a6eb3d 100644 --- a/platform/mellanox/mlnx-sai.mk +++ b/platform/mellanox/mlnx-sai.mk @@ -8,6 +8,7 @@ MLNX_SAI = mlnx-sai_1.mlnx.$(MLNX_SAI_VERSION)_amd64.deb $(MLNX_SAI)_SRC_PATH = $(PLATFORM_PATH)/mlnx-sai $(MLNX_SAI)_DEPENDS += $(MLNX_SDK_DEBS) $(MLNX_SAI)_RDEPENDS += $(MLNX_SDK_RDEBS) $(MLNX_SDK_DEBS) +$(MLNX_SAI)_CONFLICTS += $(LIBSAIVS_DEV) MLNX_SAI_DBGSYM = mlnx-sai-dbgsym_1.mlnx.$(MLNX_SAI_VERSION)_amd64.deb $(eval $(call add_derived_package,$(MLNX_SAI),$(MLNX_SAI_DBGSYM))) SONIC_MAKE_DEBS += $(MLNX_SAI) diff --git a/platform/mellanox/rules.mk b/platform/mellanox/rules.mk index 1270579e2942..74a87bdb29e1 100644 --- a/platform/mellanox/rules.mk +++ b/platform/mellanox/rules.mk @@ -18,10 +18,10 @@ include $(PLATFORM_PATH)/mlnx-ssd-fw-update.mk SONIC_ALL += $(SONIC_ONE_IMAGE) \ $(DOCKER_FPM) -# Inject mlnx sai into sairedis -$(LIBSAIREDIS)_DEPENDS += $(MLNX_SAI) +# Inject mlnx sai into syncd +$(SYNCD)_DEPENDS += $(MLNX_SAI) ifeq ($(ENABLE_SYNCD_RPC),y) -$(LIBSAIREDIS)_DEPENDS += $(LIBSAITHRIFT_DEV) +$(SYNCD)_DEPENDS += $(LIBSAITHRIFT_DEV) endif # Runtime dependency on mlnx sai is set only for syncd diff --git a/platform/nephos/rules.mk b/platform/nephos/rules.mk index 5c115eeaf8d0..727f6ab4610e 100644 --- a/platform/nephos/rules.mk +++ b/platform/nephos/rules.mk @@ -22,10 +22,10 @@ SONIC_ONLINE_FILES += $(NPX_DIAG) $(WARM_VERIFIER) $(DSSERVE) SONIC_ALL += $(SONIC_ONE_IMAGE) $(DOCKER_FPM) -# Inject nephos sai into sairedis -$(LIBSAIREDIS)_DEPENDS += $(NEPHOS_SAI) $(NEPHOS_SAI_DEV) +# Inject nephos sai into syncd +$(SYNCD)_DEPENDS += $(NEPHOS_SAI) $(NEPHOS_SAI_DEV) ifeq ($(ENABLE_SYNCD_RPC),y) -$(LIBSAIREDIS)_DEPENDS += $(LIBSAITHRIFT_DEV) +$(SYNCD)_DEPENDS += $(LIBSAITHRIFT_DEV) endif # Runtime dependency on nephos sai is set only for syncd diff --git a/platform/nephos/sai.mk b/platform/nephos/sai.mk index 5f7c4a23ae95..2f457e6ecb4b 100644 --- a/platform/nephos/sai.mk +++ b/platform/nephos/sai.mk @@ -3,7 +3,7 @@ SAI_VERSION = 1.5.0 SAI_COMMIT_ID = 06a67d # Place here URL where SAI deb exist -NEPHOS_SAI_DEB_LOCAL_URL = +NEPHOS_SAI_DEB_LOCAL_URL = export NEPHOS_SAI_DEB_LOCAL_URL # ifneq ($(NEPHOS_SAI_DEB_LOCAL_URL), ) @@ -33,3 +33,4 @@ else SONIC_ONLINE_DEBS += $(NEPHOS_SAI) $(NEPHOS_SAI_DEV) endif $(NEPHOS_SAI_DEV)_DEPENDS += $(NEPHOS_SAI) +$(NEPHOS_SAI_DEV)_CONFLICTS += $(LIBSAIVS_DEV) diff --git a/platform/p4/rules.mk b/platform/p4/rules.mk index 975dbb82ec8c..b33b04f43d41 100644 --- a/platform/p4/rules.mk +++ b/platform/p4/rules.mk @@ -10,8 +10,8 @@ include $(PLATFORM_PATH)/libsaithrift-dev.mk SONIC_ALL += $(DOCKER_SONIC_P4) -$(LIBSAIREDIS)_DEPENDS += $(P4_SWITCH) +$(SYNCD)_DEPENDS += $(P4_SWITCH) ifeq ($(ENABLE_SYNCD_RPC),y) -$(LIBSAIREDIS)_DEPENDS += $(LIBSAITHRIFT_DEV_P4) +$(SYNCD)_DEPENDS += $(LIBSAITHRIFT_DEV_P4) endif -$(LIBSAIREDIS)_RDEPENDS += $(P4_SWITCH) +$(SYNCD)_RDEPENDS += $(P4_SWITCH) diff --git a/platform/vs/syncd-vs.mk b/platform/vs/syncd-vs.mk index 49035aaf958b..22b34fbcaae3 100644 --- a/platform/vs/syncd-vs.mk +++ b/platform/vs/syncd-vs.mk @@ -1,8 +1,5 @@ $(LIBSAIREDIS)_DPKG_TARGET = binary-syncd-vs -# inject libsaivs and libsaivs_dev to swss build dependency -$(SWSS)_DEPENDS += $(LIBSAIVS) $(LIBSAIVS_DEV) - SYNCD_VS = syncd-vs_1.0.0_amd64.deb $(SYNCD_VS)_RDEPENDS += $(LIBSAIREDIS) $(LIBSAIMETADATA) $(LIBSAIVS) $(eval $(call add_derived_package,$(LIBSAIREDIS),$(SYNCD_VS))) diff --git a/rules/sairedis.mk b/rules/sairedis.mk index fd026541a4fb..8e6aff2f7ddb 100644 --- a/rules/sairedis.mk +++ b/rules/sairedis.mk @@ -1,16 +1,10 @@ # sairedis package LIBSAIREDIS = libsairedis_1.0.0_$(CONFIGURED_ARCH).deb +$(LIBSAIREDIS)_DPKG_TARGET = binary-sairedis $(LIBSAIREDIS)_SRC_PATH = $(SRC_PATH)/sonic-sairedis $(LIBSAIREDIS)_DEPENDS += $(LIBSWSSCOMMON_DEV) $(LIBSAIREDIS)_RDEPENDS += $(LIBSWSSCOMMON) -ifneq ($(ENABLE_SYNCD_RPC),y) -$(LIBSAIREDIS)_DPKG_TARGET = binary-syncd -else -# Inject libthrift build dependency for RPC build -$(LIBSAIREDIS)_DEPENDS += $(LIBSWSSCOMMON_DEV) $(LIBTHRIFT_DEV) -$(LIBSAIREDIS)_DPKG_TARGET = binary-syncd-rpc -endif $(LIBSAIREDIS)_DEB_BUILD_OPTIONS = nocheck SONIC_DPKG_DEBS += $(LIBSAIREDIS) @@ -23,18 +17,6 @@ $(eval $(call add_derived_package,$(LIBSAIREDIS),$(LIBSAIVS))) LIBSAIVS_DEV = libsaivs-dev_1.0.0_$(CONFIGURED_ARCH).deb $(eval $(call add_derived_package,$(LIBSAIREDIS),$(LIBSAIVS_DEV))) -ifneq ($(CONFIGURED_PLATFORM),vs) -SYNCD = syncd_1.0.0_$(CONFIGURED_ARCH).deb -$(SYNCD)_RDEPENDS += $(LIBSAIREDIS) $(LIBSAIMETADATA) -$(eval $(call add_derived_package,$(LIBSAIREDIS),$(SYNCD))) - -ifeq ($(ENABLE_SYNCD_RPC),y) -SYNCD_RPC = syncd-rpc_1.0.0_$(CONFIGURED_ARCH).deb -$(SYNCD_RPC)_RDEPENDS += $(LIBSAIREDIS) $(LIBSAIMETADATA) -$(eval $(call add_derived_package,$(LIBSAIREDIS),$(SYNCD_RPC))) -endif -endif - LIBSAIMETADATA = libsaimetadata_1.0.0_$(CONFIGURED_ARCH).deb $(eval $(call add_derived_package,$(LIBSAIREDIS),$(LIBSAIMETADATA))) @@ -52,20 +34,6 @@ $(LIBSAIVS_DBG)_DEPENDS += $(LIBSAIVS) $(LIBSAIVS_DBG)_RDEPENDS += $(LIBSAIVS) $(eval $(call add_derived_package,$(LIBSAIREDIS),$(LIBSAIVS_DBG))) -ifneq ($(CONFIGURED_PLATFORM),vs) -SYNCD_DBG = syncd-dbg_1.0.0_$(CONFIGURED_ARCH).deb -$(SYNCD_DBG)_DEPENDS += $(SYNCD) -$(SYNCD_DBG)_RDEPENDS += $(SYNCD) -$(eval $(call add_derived_package,$(LIBSAIREDIS),$(SYNCD_DBG))) - -ifeq ($(ENABLE_SYNCD_RPC),y) -SYNCD_RPC_DBG = syncd-rpc-dbg_1.0.0_$(CONFIGURED_ARCH).deb -$(SYNCD_RPC_DBG)_DEPENDS += $(SYNCD_RPC) -$(SYNCD_RPC_DBG)_RDEPENDS += $(SYNCD_RPC) -$(eval $(call add_derived_package,$(LIBSAIREDIS),$(SYNCD_RPC_DBG))) -endif -endif - LIBSAIMETADATA_DBG = libsaimetadata-dbg_1.0.0_$(CONFIGURED_ARCH).deb $(LIBSAIMETADATA_DBG)_DEPENDS += $(LIBSAIMETADATA) $(LIBSAIMETADATA_DBG)_RDEPENDS += $(LIBSAIMETADATA) @@ -75,4 +43,3 @@ $(eval $(call add_derived_package,$(LIBSAIREDIS),$(LIBSAIMETADATA_DBG))) # are archived into debug one image to facilitate debugging. # DBG_SRC_ARCHIVE += sonic-sairedis - diff --git a/rules/swss.mk b/rules/swss.mk index b8106757ac66..bb4293c2d9bb 100644 --- a/rules/swss.mk +++ b/rules/swss.mk @@ -3,7 +3,9 @@ SWSS = swss_1.0.0_$(CONFIGURED_ARCH).deb $(SWSS)_SRC_PATH = $(SRC_PATH)/sonic-swss $(SWSS)_DEPENDS += $(LIBSAIREDIS_DEV) $(LIBSAIMETADATA_DEV) $(LIBTEAM_DEV) \ - $(LIBTEAMDCTL) $(LIBTEAM_UTILS) $(LIBSWSSCOMMON_DEV) + $(LIBTEAMDCTL) $(LIBTEAM_UTILS) $(LIBSWSSCOMMON_DEV) \ + $(LIBSAIVS) $(LIBSAIVS_DEV) + $(SWSS)_RDEPENDS += $(LIBSAIREDIS) $(LIBSAIMETADATA) $(LIBTEAM) \ $(LIBTEAMDCTL) $(LIBSWSSCOMMON) $(PYTHON_SWSSCOMMON) SONIC_DPKG_DEBS += $(SWSS) diff --git a/rules/syncd.dep b/rules/syncd.dep new file mode 100644 index 000000000000..d9f40a8a0210 --- /dev/null +++ b/rules/syncd.dep @@ -0,0 +1,20 @@ + +ifneq ($(CONFIGURED_PLATFORM),vs) + +#DPKG FRK +SPATH := $($(SYNCD)_SRC_PATH) +DEP_FILES := $(SONIC_COMMON_FILES_LIST) rules/syncd.mk rules/syncd.dep +DEP_FILES += $(SONIC_COMMON_BASE_FILES_LIST) + +SMDEP_PATHS := $(SPATH) $(SPATH)/SAI $(SPATH)/SAI/bm/behavioral-model $(SPATH)/SAI/test/ptf $(SPATH)/SAI/test/saithrift/ctypesgen +$(foreach path, $(SMDEP_PATHS), $(eval $(path) :=$(filter-out $(SMDEP_PATHS),$(addprefix $(path)/, \ + $(shell cd $(path) && git ls-files | grep -v " "))))) + + +$(SYNCD)_CACHE_MODE := GIT_CONTENT_SHA +$(SYNCD)_DEP_FLAGS := $(SONIC_COMMON_FLAGS_LIST) +$(SYNCD)_DEP_FILES := $(DEP_FILES) +$(SYNCD)_SMDEP_FILES := $(foreach path, $(SMDEP_PATHS), $($(path))) +$(SYNCD)_SMDEP_PATHS := $(SMDEP_PATHS) + +endif diff --git a/rules/syncd.mk b/rules/syncd.mk new file mode 100644 index 000000000000..2b7007d84d5b --- /dev/null +++ b/rules/syncd.mk @@ -0,0 +1,36 @@ +# only used for non-vs platforms + +ifneq ($(CONFIGURED_PLATFORM),vs) + +SYNCD = syncd_1.0.0_$(CONFIGURED_ARCH).deb +$(SYNCD)_RDEPENDS += $(LIBSAIREDIS) $(LIBSAIMETADATA) +$(SYNCD)_DPKG_TARGET = binary-syncd +$(SYNCD)_SRC_PATH = $(SRC_PATH)/sonic-sairedis +$(SYNCD)_DEPENDS += $(LIBSWSSCOMMON_DEV) $(LIBSAIREDIS) +$(SYNCD)_RDEPENDS += $(LIBSWSSCOMMON) +$(SYNCD)_DEB_BUILD_OPTIONS = nocheck +SONIC_DPKG_DEBS += $(SYNCD) + +ifeq ($(ENABLE_SYNCD_RPC),y) +SYNCD_RPC = syncd-rpc_1.0.0_$(CONFIGURED_ARCH).deb +$(SYNCD_RPC)_RDEPENDS += $(LIBSAIREDIS) $(LIBSAIMETADATA) +$(eval $(call add_derived_package,$(SYNCD),$(SYNCD_RPC))) + +# Inject libthrift build dependency for RPC build +$(SYNCD)_DEPENDS += $(LIBSWSSCOMMON_DEV) $(LIBTHRIFT_DEV) +$(SYNCD)_DPKG_TARGET = binary-syncd-rpc +endif + +SYNCD_DBG = syncd-dbg_1.0.0_$(CONFIGURED_ARCH).deb +$(SYNCD_DBG)_DEPENDS += $(SYNCD) +$(SYNCD_DBG)_RDEPENDS += $(SYNCD) +$(eval $(call add_derived_package,$(SYNCD),$(SYNCD_DBG))) + +ifeq ($(ENABLE_SYNCD_RPC),y) +SYNCD_RPC_DBG = syncd-rpc-dbg_1.0.0_$(CONFIGURED_ARCH).deb +$(SYNCD_RPC_DBG)_DEPENDS += $(SYNCD_RPC) +$(SYNCD_RPC_DBG)_RDEPENDS += $(SYNCD_RPC) +$(eval $(call add_derived_package,$(SYNCD),$(SYNCD_RPC_DBG))) +endif + +endif diff --git a/slave.mk b/slave.mk index a03c28f44867..cd22d665cfb8 100644 --- a/slave.mk +++ b/slave.mk @@ -479,7 +479,7 @@ SONIC_INSTALL_TARGETS = $(addsuffix -install,$(addprefix $(DEBS_PATH)/, \ $(SONIC_PYTHON_STDEB_DEBS) \ $(SONIC_DERIVED_DEBS) \ $(SONIC_EXTRA_DEBS))) -$(SONIC_INSTALL_TARGETS) : $(DEBS_PATH)/%-install : .platform $$(addsuffix -install,$$(addprefix $(DEBS_PATH)/,$$($$*_DEPENDS))) $(DEBS_PATH)/$$* +$(SONIC_INSTALL_TARGETS) : $(DEBS_PATH)/%-install : .platform $$(addsuffix -install,$$(addprefix $(DEBS_PATH)/,$$($$*_DEPENDS))) $(DEBS_PATH)/$$* $$(addsuffix -uninstall,$$(addprefix $(DEBS_PATH)/,$$($$*_CONFLICTS))) $(HEADER) [ -f $(DEBS_PATH)/$* ] || { echo $(DEBS_PATH)/$* does not exist $(LOG) && false $(LOG) } # put a lock here because dpkg does not allow installing packages in parallel @@ -490,6 +490,27 @@ $(SONIC_INSTALL_TARGETS) : $(DEBS_PATH)/%-install : .platform $$(addsuffix -inst done $(FOOTER) +# Targets for installing debian packages prior to build one that depends on them +SONIC_UNINSTALL_TARGETS = $(addsuffix -uninstall,$(addprefix $(DEBS_PATH)/, \ + $(SONIC_ONLINE_DEBS) \ + $(SONIC_COPY_DEBS) \ + $(SONIC_MAKE_DEBS) \ + $(SONIC_DPKG_DEBS) \ + $(SONIC_PYTHON_STDEB_DEBS) \ + $(SONIC_DERIVED_DEBS) \ + $(SONIC_EXTRA_DEBS))) + +$(SONIC_UNINSTALL_TARGETS) : $(DEBS_PATH)/%-uninstall : .platform + $(HEADER) + [ -f $(DEBS_PATH)/$* ] || { echo $(DEBS_PATH)/$* does not exist $(LOG) && false $(LOG) } + # put a lock here because dpkg does not allow installing packages in parallel + while true; do + if mkdir $(DEBS_PATH)/dpkg_lock &> /dev/null; then + { sudo DEBIAN_FRONTEND=noninteractive dpkg -P $(firstword $(subst _, ,$(basename $*))) $(LOG) && rm -d $(DEBS_PATH)/dpkg_lock && break; } || { rm -d $(DEBS_PATH)/dpkg_lock && exit 1 ; } + fi + done + $(FOOTER) + ############################################################################### ## Python packages ############################################################################### diff --git a/src/sonic-sairedis b/src/sonic-sairedis index ef721595520d..ccbb3bcc877c 160000 --- a/src/sonic-sairedis +++ b/src/sonic-sairedis @@ -1 +1 @@ -Subproject commit ef721595520d827277610d11e24082934afc4df8 +Subproject commit ccbb3bcc877cff271104ed428d9aadc4438dd73a From eebca9103ccbdfcff739226acd19c8cb55dbad5c Mon Sep 17 00:00:00 2001 From: paavaanan Date: Fri, 3 Jul 2020 10:38:04 +0530 Subject: [PATCH 20/29] [Dell]: DellEMC S6100 disable pericom/xlinx chipset (#4868) - Xilinx/pericom peripherals are not actively used in DellEMC S6100 switch. - These peripherals are throwing PCIE corrected messages in some of the units and filling syslog. - Since it is not usable disabling it at startup. --- .../s6100/scripts/s6100_platform.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/platform/broadcom/sonic-platform-modules-dell/s6100/scripts/s6100_platform.sh b/platform/broadcom/sonic-platform-modules-dell/s6100/scripts/s6100_platform.sh index 34dc0daa4ff0..1f65045bd315 100755 --- a/platform/broadcom/sonic-platform-modules-dell/s6100/scripts/s6100_platform.sh +++ b/platform/broadcom/sonic-platform-modules-dell/s6100/scripts/s6100_platform.sh @@ -18,6 +18,8 @@ remove_python_api_package() { if [[ "$1" == "init" ]]; then + + pericom="/sys/bus/pci/devices/0000:08:00.0" modprobe i2c-dev modprobe i2c-mux-pca954x force_deselect_on_exit=1 modprobe dell_ich @@ -26,6 +28,10 @@ if [[ "$1" == "init" ]]; then modprobe nvram systemctl start s6100-reboot-cause.service + # Disable pericom/xilinx + echo 1 > /sys/bus/pci/devices/0000:02:00.0/remove + [ -d $pericom ] && echo 1 > $pericom/remove + # Disable Watchdog Timer if [[ -e /usr/local/bin/platform_watchdog_disable.sh ]]; then /usr/local/bin/platform_watchdog_disable.sh From 4240c8c22d962dd25747931e3a35710b05a03c51 Mon Sep 17 00:00:00 2001 From: Joe LeVeque Date: Thu, 2 Jul 2020 22:38:31 -0700 Subject: [PATCH 21/29] [sonic-platform-daemons] Update submodule (#4887) * src/sonic-platform-daemons abe115e...9b8bfa1 (1): > [xcvrd] Update key names in 'get_media_settings_value()' (#63) --- src/sonic-platform-daemons | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sonic-platform-daemons b/src/sonic-platform-daemons index abe115e6a680..9b8bfa10b2ba 160000 --- a/src/sonic-platform-daemons +++ b/src/sonic-platform-daemons @@ -1 +1 @@ -Subproject commit abe115e6a680c76d09dea04e6aab1d16876aed7a +Subproject commit 9b8bfa10b2ba57129edfe5447880afea02b5692d From 0a260b7edadaac647f6a47844499d59a43f874d2 Mon Sep 17 00:00:00 2001 From: lguohan Date: Fri, 3 Jul 2020 14:31:31 -0700 Subject: [PATCH 22/29] [docker-orchagent]: upgrade docker-orchagent to buster (#4889) also update submodule * 01f810f 2020-07-02 | fix compiling issue for gcc8.3 (#1339) [lguohan] * 9b13120 2020-07-03 | Fix in script to avoid orchagent crash when port down followed by fdb delete (#1340) [rupesh-k] * 9b01844 2020-07-01 | [qosorch] Update QoS scheduler params for shaping features (#1296) [Michael Li] * 86b5e99 2020-07-02 | [mirrororch] Port Mirroring implementation (#1314) [rupesh-k] * c05601c 2020-06-24 | [portsyncd]: add debug message if a port cannot be found in port able (#1328) [lguohan] * a0b6412 2020-06-23 | COPP_DEL_fix: DEL for one trap group from SONIC is resetting all the trap IDs (#1273) [SinghMinu] Signed-off-by: Guohan Lu --- dockers/docker-orchagent/Dockerfile.j2 | 2 +- rules/docker-orchagent.mk | 8 +++----- src/sonic-swss | 2 +- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/dockers/docker-orchagent/Dockerfile.j2 b/dockers/docker-orchagent/Dockerfile.j2 index d08ecdb49d48..2584a34e1e31 100755 --- a/dockers/docker-orchagent/Dockerfile.j2 +++ b/dockers/docker-orchagent/Dockerfile.j2 @@ -1,5 +1,5 @@ {% from "dockers/dockerfile-macros.j2" import install_debian_packages, install_python_wheels, copy_files %} -FROM docker-config-engine-stretch +FROM docker-config-engine-buster ARG docker_container_name RUN [ -f /etc/rsyslog.conf ] && sed -ri "s/%syslogtag%/$docker_container_name#%syslogtag%/;" /etc/rsyslog.conf diff --git a/rules/docker-orchagent.mk b/rules/docker-orchagent.mk index 4d63502ebb44..e60bc8191461 100644 --- a/rules/docker-orchagent.mk +++ b/rules/docker-orchagent.mk @@ -6,23 +6,21 @@ DOCKER_ORCHAGENT_DBG = $(DOCKER_ORCHAGENT_STEM)-$(DBG_IMAGE_MARK).gz $(DOCKER_ORCHAGENT)_DEPENDS += $(SWSS) -$(DOCKER_ORCHAGENT)_DBG_DEPENDS = $($(DOCKER_CONFIG_ENGINE_STRETCH)_DBG_DEPENDS) +$(DOCKER_ORCHAGENT)_DBG_DEPENDS = $($(DOCKER_CONFIG_ENGINE_BUSTER)_DBG_DEPENDS) $(DOCKER_ORCHAGENT)_DBG_DEPENDS += $(SWSS_DBG) \ $(LIBSWSSCOMMON_DBG) \ $(LIBSAIREDIS_DBG) -$(DOCKER_ORCHAGENT)_DBG_IMAGE_PACKAGES = $($(DOCKER_CONFIG_ENGINE_STRETCH)_DBG_IMAGE_PACKAGES) +$(DOCKER_ORCHAGENT)_DBG_IMAGE_PACKAGES = $($(DOCKER_CONFIG_ENGINE_BUSTER)_DBG_IMAGE_PACKAGES) $(DOCKER_ORCHAGENT)_PATH = $(DOCKERS_PATH)/$(DOCKER_ORCHAGENT_STEM) -$(DOCKER_ORCHAGENT)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE_STRETCH) +$(DOCKER_ORCHAGENT)_LOAD_DOCKERS += $(DOCKER_CONFIG_ENGINE_BUSTER) SONIC_DOCKER_IMAGES += $(DOCKER_ORCHAGENT) -SONIC_STRETCH_DOCKERS += $(DOCKER_ORCHAGENT) SONIC_INSTALL_DOCKER_IMAGES += $(DOCKER_ORCHAGENT) SONIC_DOCKER_DBG_IMAGES += $(DOCKER_ORCHAGENT_DBG) -SONIC_STRETCH_DBG_DOCKERS += $(DOCKER_ORCHAGENT_DBG) SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_ORCHAGENT_DBG) $(DOCKER_ORCHAGENT)_CONTAINER_NAME = swss diff --git a/src/sonic-swss b/src/sonic-swss index 17a2f93a545b..01f810f43e71 160000 --- a/src/sonic-swss +++ b/src/sonic-swss @@ -1 +1 @@ -Subproject commit 17a2f93a545b8669e44a62231c340ba518272ed7 +Subproject commit 01f810f43e71a570f7821c63f8ac030c03f88150 From 90dcbe13f21ce76e95402b2a02a1d5854cb00163 Mon Sep 17 00:00:00 2001 From: Volodymyr Boiko <66446128+vboykox@users.noreply.github.com> Date: Sat, 4 Jul 2020 00:33:12 +0300 Subject: [PATCH 23/29] [barefoot][SAI v1.6.3] Update SAI and platform packages to 20200701 (#4890) Signed-off-by: Volodymyr Boyko --- platform/barefoot/bfn-platform.mk | 2 +- platform/barefoot/bfn-sai.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/platform/barefoot/bfn-platform.mk b/platform/barefoot/bfn-platform.mk index 99ee7592f372..d563db67454e 100644 --- a/platform/barefoot/bfn-platform.mk +++ b/platform/barefoot/bfn-platform.mk @@ -1,4 +1,4 @@ -BFN_PLATFORM = bfnplatform_20200618_deb9.deb +BFN_PLATFORM = bfnplatform_20200701_deb9.deb $(BFN_PLATFORM)_URL = "https://github.com/barefootnetworks/sonic-release-pkgs/raw/dev/$(BFN_PLATFORM)" SONIC_ONLINE_DEBS += $(BFN_PLATFORM) diff --git a/platform/barefoot/bfn-sai.mk b/platform/barefoot/bfn-sai.mk index 3ba95162032e..05e70282ddb9 100644 --- a/platform/barefoot/bfn-sai.mk +++ b/platform/barefoot/bfn-sai.mk @@ -1,4 +1,4 @@ -BFN_SAI = bfnsdk_20200618_deb9.deb +BFN_SAI = bfnsdk_20200701_deb9.deb $(BFN_SAI)_URL = "https://github.com/barefootnetworks/sonic-release-pkgs/raw/dev/$(BFN_SAI)" $(BFN_SAI)_DEPENDS += $(LIBNL_GENL3_DEV) From 405033b0a0d55ab7172870d65670f47b930d61d3 Mon Sep 17 00:00:00 2001 From: xumia <59720581+xumia@users.noreply.github.com> Date: Sat, 4 Jul 2020 21:40:02 +0800 Subject: [PATCH 24/29] Fix dpkg cache hash value relative to file path issue (#4894) --- Makefile.cache | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.cache b/Makefile.cache index fb79e51e7f1d..5422b595929a 100644 --- a/Makefile.cache +++ b/Makefile.cache @@ -68,7 +68,7 @@ # Run the 'touch cache.skip.common' command in the base directory to exclude the common files from caching SONIC_COMMON_FILES_LIST := $(if $(wildcard cache.skip.common),, .platform slave.mk rules/functions Makefile.cache) SONIC_COMMON_FLAGS_LIST := $(CONFIGURED_PLATFORM) \ - $(SONIC_DPKG_CACHE_SOURCE) $(SONIC_DEBUGGING_ON) \ + $(SONIC_DEBUGGING_ON) \ $(SONIC_PROFILING_ON) $(SONIC_ENABLE_SYNCD_RPC) SONIC_COMMON_DPKG_LIST := debian/control debian/changelog debian/rules \ debian/compat debian/install debian/copyright From 20698aa57b05ec490b14c6b0addc1bd71b03e650 Mon Sep 17 00:00:00 2001 From: zzhiyuan Date: Sun, 5 Jul 2020 00:11:42 -0700 Subject: [PATCH 25/29] Skip thermalctld for arista platforms (#4893) thermalctld throwing error messages because it is not yet fully configured, disabling it for now on arista platforms. Co-authored-by: Zhi Yuan Carl Zhao --- .../arista/x86_64-arista_7050_qx32/pmon_daemon_control.json | 1 + .../arista/x86_64-arista_7050_qx32s/pmon_daemon_control.json | 1 + .../arista/x86_64-arista_7050cx3_32s/pmon_daemon_control.json | 1 + .../arista/x86_64-arista_7060_cx32s/pmon_daemon_control.json | 1 + .../arista/x86_64-arista_7060cx2_32s/pmon_daemon_control.json | 1 + .../arista/x86_64-arista_7060px4_32/pmon_daemon_control.json | 1 + device/arista/x86_64-arista_7170_32c/pmon_daemon_control.json | 1 + .../arista/x86_64-arista_7170_32cd/pmon_daemon_control.json | 1 + device/arista/x86_64-arista_7170_64c/pmon_daemon_control.json | 1 + .../arista/x86_64-arista_7260cx3_64/pmon_daemon_control.json | 1 + .../x86_64-arista_7280cr3_32p4/pmon_daemon_control.json | 1 + .../pmon_daemon_control_skip_thermalctld.json | 4 ++++ 12 files changed, 15 insertions(+) create mode 120000 device/arista/x86_64-arista_7050_qx32/pmon_daemon_control.json create mode 120000 device/arista/x86_64-arista_7050_qx32s/pmon_daemon_control.json create mode 120000 device/arista/x86_64-arista_7050cx3_32s/pmon_daemon_control.json create mode 120000 device/arista/x86_64-arista_7060_cx32s/pmon_daemon_control.json create mode 120000 device/arista/x86_64-arista_7060cx2_32s/pmon_daemon_control.json create mode 120000 device/arista/x86_64-arista_7060px4_32/pmon_daemon_control.json create mode 120000 device/arista/x86_64-arista_7170_32c/pmon_daemon_control.json create mode 120000 device/arista/x86_64-arista_7170_32cd/pmon_daemon_control.json create mode 120000 device/arista/x86_64-arista_7170_64c/pmon_daemon_control.json create mode 120000 device/arista/x86_64-arista_7260cx3_64/pmon_daemon_control.json create mode 120000 device/arista/x86_64-arista_7280cr3_32p4/pmon_daemon_control.json create mode 100644 device/arista/x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json diff --git a/device/arista/x86_64-arista_7050_qx32/pmon_daemon_control.json b/device/arista/x86_64-arista_7050_qx32/pmon_daemon_control.json new file mode 120000 index 000000000000..2322ef7a22d8 --- /dev/null +++ b/device/arista/x86_64-arista_7050_qx32/pmon_daemon_control.json @@ -0,0 +1 @@ +../x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json \ No newline at end of file diff --git a/device/arista/x86_64-arista_7050_qx32s/pmon_daemon_control.json b/device/arista/x86_64-arista_7050_qx32s/pmon_daemon_control.json new file mode 120000 index 000000000000..2322ef7a22d8 --- /dev/null +++ b/device/arista/x86_64-arista_7050_qx32s/pmon_daemon_control.json @@ -0,0 +1 @@ +../x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json \ No newline at end of file diff --git a/device/arista/x86_64-arista_7050cx3_32s/pmon_daemon_control.json b/device/arista/x86_64-arista_7050cx3_32s/pmon_daemon_control.json new file mode 120000 index 000000000000..2322ef7a22d8 --- /dev/null +++ b/device/arista/x86_64-arista_7050cx3_32s/pmon_daemon_control.json @@ -0,0 +1 @@ +../x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json \ No newline at end of file diff --git a/device/arista/x86_64-arista_7060_cx32s/pmon_daemon_control.json b/device/arista/x86_64-arista_7060_cx32s/pmon_daemon_control.json new file mode 120000 index 000000000000..2322ef7a22d8 --- /dev/null +++ b/device/arista/x86_64-arista_7060_cx32s/pmon_daemon_control.json @@ -0,0 +1 @@ +../x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json \ No newline at end of file diff --git a/device/arista/x86_64-arista_7060cx2_32s/pmon_daemon_control.json b/device/arista/x86_64-arista_7060cx2_32s/pmon_daemon_control.json new file mode 120000 index 000000000000..2322ef7a22d8 --- /dev/null +++ b/device/arista/x86_64-arista_7060cx2_32s/pmon_daemon_control.json @@ -0,0 +1 @@ +../x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json \ No newline at end of file diff --git a/device/arista/x86_64-arista_7060px4_32/pmon_daemon_control.json b/device/arista/x86_64-arista_7060px4_32/pmon_daemon_control.json new file mode 120000 index 000000000000..2322ef7a22d8 --- /dev/null +++ b/device/arista/x86_64-arista_7060px4_32/pmon_daemon_control.json @@ -0,0 +1 @@ +../x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json \ No newline at end of file diff --git a/device/arista/x86_64-arista_7170_32c/pmon_daemon_control.json b/device/arista/x86_64-arista_7170_32c/pmon_daemon_control.json new file mode 120000 index 000000000000..2322ef7a22d8 --- /dev/null +++ b/device/arista/x86_64-arista_7170_32c/pmon_daemon_control.json @@ -0,0 +1 @@ +../x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json \ No newline at end of file diff --git a/device/arista/x86_64-arista_7170_32cd/pmon_daemon_control.json b/device/arista/x86_64-arista_7170_32cd/pmon_daemon_control.json new file mode 120000 index 000000000000..2322ef7a22d8 --- /dev/null +++ b/device/arista/x86_64-arista_7170_32cd/pmon_daemon_control.json @@ -0,0 +1 @@ +../x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json \ No newline at end of file diff --git a/device/arista/x86_64-arista_7170_64c/pmon_daemon_control.json b/device/arista/x86_64-arista_7170_64c/pmon_daemon_control.json new file mode 120000 index 000000000000..2322ef7a22d8 --- /dev/null +++ b/device/arista/x86_64-arista_7170_64c/pmon_daemon_control.json @@ -0,0 +1 @@ +../x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json \ No newline at end of file diff --git a/device/arista/x86_64-arista_7260cx3_64/pmon_daemon_control.json b/device/arista/x86_64-arista_7260cx3_64/pmon_daemon_control.json new file mode 120000 index 000000000000..2322ef7a22d8 --- /dev/null +++ b/device/arista/x86_64-arista_7260cx3_64/pmon_daemon_control.json @@ -0,0 +1 @@ +../x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json \ No newline at end of file diff --git a/device/arista/x86_64-arista_7280cr3_32p4/pmon_daemon_control.json b/device/arista/x86_64-arista_7280cr3_32p4/pmon_daemon_control.json new file mode 120000 index 000000000000..2322ef7a22d8 --- /dev/null +++ b/device/arista/x86_64-arista_7280cr3_32p4/pmon_daemon_control.json @@ -0,0 +1 @@ +../x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json \ No newline at end of file diff --git a/device/arista/x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json b/device/arista/x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json new file mode 100644 index 000000000000..75db6d97558a --- /dev/null +++ b/device/arista/x86_64-arista_common/pmon_daemon_control_skip_thermalctld.json @@ -0,0 +1,4 @@ +{ + "skip_thermalctld": true +} + From 969a9147bcb24955a8f03efea7e51c83d310a432 Mon Sep 17 00:00:00 2001 From: Arvindsrinivasan Lakshmi Narasimhan Date: Sun, 5 Jul 2020 22:16:45 -0700 Subject: [PATCH 26/29] Address review comments. Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan --- .../build_templates/sonic_debian_extension.j2 | 2 +- .../logrotate/logrotate-rsyslog.j2 | 110 ++++++++++++++++++ files/image_config/rsyslog/rsyslog-config.sh | 3 + platform/broadcom/docker-syncd-brcm.mk | 1 + .../base_image_files/bcm_common | 41 +++++++ .../docker-syncd-brcm/base_image_files/bcmcmd | 27 +---- .../docker-syncd-brcm/base_image_files/bcmsh | 26 +---- 7 files changed, 162 insertions(+), 48 deletions(-) create mode 100644 files/image_config/logrotate/logrotate-rsyslog.j2 create mode 100644 platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common diff --git a/files/build_templates/sonic_debian_extension.j2 b/files/build_templates/sonic_debian_extension.j2 index 737ce1271fa6..2da286e54c40 100644 --- a/files/build_templates/sonic_debian_extension.j2 +++ b/files/build_templates/sonic_debian_extension.j2 @@ -252,7 +252,7 @@ sudo cp $IMAGE_CONFIGS/syslog/host_umount.sh $FILESYSTEM_ROOT/usr/bin/ # Copy logrotate.d configuration files sudo cp -f $IMAGE_CONFIGS/logrotate/logrotate.d/* $FILESYSTEM_ROOT/etc/logrotate.d/ - +sudo cp $IMAGE_CONFIGS/logrotate/logrotate-rsyslog.j2 $FILESYSTEM_ROOT_USR_SHARE_SONIC_TEMPLATES/ # Copy systemd-journald configuration files sudo cp -f $IMAGE_CONFIGS/systemd/journald.conf $FILESYSTEM_ROOT/etc/systemd/ diff --git a/files/image_config/logrotate/logrotate-rsyslog.j2 b/files/image_config/logrotate/logrotate-rsyslog.j2 new file mode 100644 index 000000000000..b28d2d811167 --- /dev/null +++ b/files/image_config/logrotate/logrotate-rsyslog.j2 @@ -0,0 +1,110 @@ +# These logs should no longer get created. However, in case they do get created, +# we should keep them to a small size and rotate them also. +/var/log/mail.info +/var/log/mail.warn +/var/log/mail.err +/var/log/mail.log +/var/log/daemon.log +/var/log/kern.log +/var/log/user.log +/var/log/lpr.log +/var/log/debug +/var/log/messages +{ + size 10k + rotate 1 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + /bin/kill -HUP $(cat /var/run/rsyslogd.pid) + endscript +} + +/var/log/auth.log +/var/log/cron.log +/var/log/syslog +/var/log/teamd.log +/var/log/telemetry.log +/var/log/quagga/bgpd.log +/var/log/quagga/zebra.log +{% if namespaces > 1 %} +{% for ns in range(namespaces) %} +/var/log/swss{{ns}}/sairedis.rec +/var/log/swss{{ns}}/swss.rec +{% endfor %} +{% else %} +/var/log/swss/sairedis.rec +/var/log/swss/swss.rec +{% endif %} +{ + size 1M + rotate 5000 + missingok + notifempty + compress + delaycompress + nosharedscripts + firstaction + # Adjust NUM_LOGS_TO_ROTATE to reflect number of log files that trigger this block specified above + NUM_LOGS_TO_ROTATE=8 + + # Adjust LOG_FILE_ROTATE_SIZE_KB to reflect the "size" parameter specified above, in kB + LOG_FILE_ROTATE_SIZE_KB=1024 + + # Reserve space for btmp, wtmp, dpkg.log, monit.log, etc., as well as logs that + # should be disabled, just in case they get created and rotated + RESERVED_SPACE_KB=4096 + + VAR_LOG_SIZE_KB=$(df -k /var/log | sed -n 2p | awk '{ print $2 }') + + # Limit usable space to 90% of the partition minus the reserved space for other logs + USABLE_SPACE_KB=$(( (VAR_LOG_SIZE_KB * 90 / 100) - RESERVED_SPACE_KB)) + + # Set our threshold so as to maintain enough space to write all logs from empty to full + # Most likely, some logs will have non-zero size when this is called, so this errs on the side + # of caution, giving us a bit of a cushion if a log grows quickly and passes its rotation size + THRESHOLD_KB=$((USABLE_SPACE_KB - (NUM_LOGS_TO_ROTATE * LOG_FILE_ROTATE_SIZE_KB * 2))) + + # First, delete any *.1.gz files that might be left around from a prior incomplete + # logrotate execution, otherwise logrotate will fail to do its job + find /var/log/ -name '*.1.gz' -type f -exec rm -f {} + + + while true; do + USED_KB=$(du -s /var/log | awk '{ print $1; }') + + if [ $USED_KB -lt $THRESHOLD_KB ]; then + break + else + OLDEST_ARCHIVE_FILE=$(find /var/log -type f -printf '%T+ %p\n' | grep -E '.+\.[0-9]+(\.gz)?$' | sort | head -n 1 | awk '{ print $2; }') + + if [ -z "$OLDEST_ARCHIVE_FILE" ]; then + logger -p syslog.err -t "logrotate" "No archive file to delete -- potential for filling up /var/log partition!" + break + fi + + logger -p syslog.info -t "logrotate" "Deleting archive file $OLDEST_ARCHIVE_FILE to free up space" + rm -rf "$OLDEST_ARCHIVE_FILE" + fi + done + endscript + postrotate +{% if namespaces > 1 %} +{% for ns in range(namespaces) %} + if [ $(echo $1 | grep -c "/var/log/swss{{ns}}/") -gt 0 ]; then + pgrep -x orchagent | xargs /bin/kill -HUP 2>/dev/null || true + else + /bin/kill -HUP $(cat /var/run/rsyslogd.pid) + fi +{% endfor %} +{% else %} + if [ $(echo $1 | grep -c "/var/log/swss/") -gt 0 ]; then + pgrep -x orchagent | xargs /bin/kill -HUP 2>/dev/null || true + else + /bin/kill -HUP $(cat /var/run/rsyslogd.pid) + fi +{% endif %} + endscript +} diff --git a/files/image_config/rsyslog/rsyslog-config.sh b/files/image_config/rsyslog/rsyslog-config.sh index 26767d84fbe0..6f43e562fd78 100755 --- a/files/image_config/rsyslog/rsyslog-config.sh +++ b/files/image_config/rsyslog/rsyslog-config.sh @@ -20,4 +20,7 @@ fi sonic-cfggen -d -t /usr/share/sonic/templates/rsyslog.conf.j2 -a "{\"udp_server_ip\": \"$udp_server_ip\"}" >/etc/rsyslog.conf +#render the logrotate config files for rsyslog as well. +sonic-cfggen -d -t /usr/share/sonic/templates/logrotate-rsyslog.j2 -a "{\"namespaces\": $NUM_ASIC}" > /etc/logrotate.d/rsyslog + systemctl restart rsyslog diff --git a/platform/broadcom/docker-syncd-brcm.mk b/platform/broadcom/docker-syncd-brcm.mk index c919813ba53d..b1b412fc9edd 100644 --- a/platform/broadcom/docker-syncd-brcm.mk +++ b/platform/broadcom/docker-syncd-brcm.mk @@ -18,4 +18,5 @@ $(DOCKER_SYNCD_BASE)_RUN_OPT += -v /host/warmboot:/var/warmboot $(DOCKER_SYNCD_BASE)_BASE_IMAGE_FILES += bcmcmd:/usr/bin/bcmcmd $(DOCKER_SYNCD_BASE)_BASE_IMAGE_FILES += bcmsh:/usr/bin/bcmsh +$(DOCKER_SYNCD_BASE)_BASE_IMAGE_FILES += bcm_common:/usr/bin/bcm_common $(DOCKER_SYNCD_BASE)_BASE_IMAGE_FILES += monit_syncd:/etc/monit/conf.d diff --git a/platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common b/platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common new file mode 100644 index 000000000000..ec6246b4f216 --- /dev/null +++ b/platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common @@ -0,0 +1,41 @@ +#!/bin/bash + +function help() +{ + echo "Usage: $0 -n [0 to $(($NUM_ASIC-1))]" 1>&2; exit 1; +} + + +DEV="" + +PLATFORM=`sonic-cfggen -H -v DEVICE_METADATA.localhost.platform` + +# Parse the device specific asic conf file, if it exists + +ASIC_CONF=/usr/share/sonic/device/$PLATFORM/asic.conf +if [ -f "$ASIC_CONF" ]; then + source $ASIC_CONF +fi + + +if [[ ($NUM_ASIC -gt 1) ]]; then + OPTIND=1 + + while getopts ":n:h:" opt; do + case "${opt}" in + h) help + exit 0 + ;; + n) DEV=${OPTARG} + echo $DEV + [ $DEV -lt $NUM_ASIC -a $DEV -ge 0 ] || help + ;; + esac + done + shift "$((OPTIND-1))" + + if [ -z "${DEV}" ]; then + help + fi +fi + diff --git a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd index 2e64cdd63834..3f4731ba3f0c 100755 --- a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd +++ b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmcmd @@ -1,29 +1,8 @@ #!/bin/bash -function print_error() { - echo "No such container $NS" - echo "usage bcmcmd " - exit -} -PLATFORM=`sonic-cfggen -H -v DEVICE_METADATA.localhost.platform` -# Parse the device specific asic conf file, if it exists -ASIC_CONF=/usr/share/sonic/device/$PLATFORM/asic.conf -if [ -f "$ASIC_CONF" ]; then - source $ASIC_CONF +BCM_COMMON="bcm_common" +if [ -f "BCM_COMMON" ]; then + source $BCM_COMMON fi -NS_PREFIX="syncd" -if [[ ($NUM_ASIC -gt 1) ]]; then - NS=$1 - shift - if [[ $NS == $NS_PREFIX* ]]; then - DEV=${NS#"$NS_PREFIX"} - if [ "$DEV" -ge $NUM_ASIC ] || [ "$DEV" -lt 0 ]; then - print_error - fi - else - print_error - fi -fi - docker exec -i syncd$DEV bcmcmd "$@" diff --git a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh index e2d705ada9fa..508dbd6396b7 100755 --- a/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh +++ b/platform/broadcom/docker-syncd-brcm/base_image_files/bcmsh @@ -1,28 +1,8 @@ #!/bin/bash -function print_error() { - echo "No such container $NS" - echo "usage bcmsh " - exit -} -PLATFORM=`sonic-cfggen -H -v DEVICE_METADATA.localhost.platform` -# Parse the device specific asic conf file, if it exists -ASIC_CONF=/usr/share/sonic/device/$PLATFORM/asic.conf -if [ -f "$ASIC_CONF" ]; then - source $ASIC_CONF -fi -NS_PREFIX="syncd" -if [[ ($NUM_ASIC -gt 1) ]]; then - NS=$1 - shift - if [[ $NS == $NS_PREFIX* ]]; then - DEV=${NS#"$NS_PREFIX"} - if [ "$DEV" -ge $NUM_ASIC ] || [ "$DEV" -lt 0 ]; then - print_error - fi - else - print_error - fi +BCM_COMMON="bcm_common" +if [ -f "BCM_COMMON" ]; then + source $BCM_COMMON fi docker exec -it syncd$DEV bcmsh "$@" From eb90fa0da4bc1556fafc3e3a76e4fd35a855f165 Mon Sep 17 00:00:00 2001 From: Arvindsrinivasan Lakshmi Narasimhan Date: Mon, 6 Jul 2020 12:41:00 -0700 Subject: [PATCH 27/29] address review comment Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan --- .../base_image_files/bcm_common | 39 +++++++++---------- 1 file changed, 19 insertions(+), 20 deletions(-) diff --git a/platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common b/platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common index ec6246b4f216..335a7da1f144 100644 --- a/platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common +++ b/platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common @@ -1,8 +1,8 @@ #!/bin/bash -function help() +function help() { - echo "Usage: $0 -n [0 to $(($NUM_ASIC-1))]" 1>&2; exit 1; + echo "Usage: $0 -n [0 to $(($NUM_ASIC-1))]" 1>&2; exit 1; } @@ -19,23 +19,22 @@ fi if [[ ($NUM_ASIC -gt 1) ]]; then - OPTIND=1 - - while getopts ":n:h:" opt; do - case "${opt}" in - h) help - exit 0 - ;; - n) DEV=${OPTARG} - echo $DEV - [ $DEV -lt $NUM_ASIC -a $DEV -ge 0 ] || help - ;; - esac - done - shift "$((OPTIND-1))" - - if [ -z "${DEV}" ]; then - help - fi + OPTIND=1 + + while getopts ":n:h:" opt; do + case "${opt}" in + h) help + exit 0 + ;; + n) DEV=${OPTARG} + [ $DEV -lt $NUM_ASIC -a $DEV -ge 0 ] || help + ;; + esac + done + shift "$((OPTIND-1))" + + if [ -z "${DEV}" ]; then + help + fi fi From afa4f1a16d336f8a6b9a1b01659979d1dfe0ff7d Mon Sep 17 00:00:00 2001 From: Arvindsrinivasan Lakshmi Narasimhan Date: Mon, 6 Jul 2020 13:46:42 -0700 Subject: [PATCH 28/29] address review comment Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan --- .../logrotate/logrotate.d/rsyslog | 93 ------------------- files/image_config/rsyslog/rsyslog-config.sh | 2 +- 2 files changed, 1 insertion(+), 94 deletions(-) delete mode 100644 files/image_config/logrotate/logrotate.d/rsyslog diff --git a/files/image_config/logrotate/logrotate.d/rsyslog b/files/image_config/logrotate/logrotate.d/rsyslog deleted file mode 100644 index 76737ba14420..000000000000 --- a/files/image_config/logrotate/logrotate.d/rsyslog +++ /dev/null @@ -1,93 +0,0 @@ -# These logs should no longer get created. However, in case they do get created, -# we should keep them to a small size and rotate them also. -/var/log/mail.info -/var/log/mail.warn -/var/log/mail.err -/var/log/mail.log -/var/log/daemon.log -/var/log/kern.log -/var/log/user.log -/var/log/lpr.log -/var/log/debug -/var/log/messages -{ - size 10k - rotate 1 - missingok - notifempty - compress - delaycompress - sharedscripts - postrotate - /bin/kill -HUP $(cat /var/run/rsyslogd.pid) - endscript -} - -/var/log/auth.log -/var/log/cron.log -/var/log/syslog -/var/log/teamd.log -/var/log/telemetry.log -/var/log/quagga/bgpd.log -/var/log/quagga/zebra.log -/var/log/swss/sairedis.rec -/var/log/swss/swss.rec -{ - size 1M - rotate 5000 - missingok - notifempty - compress - delaycompress - nosharedscripts - firstaction - # Adjust NUM_LOGS_TO_ROTATE to reflect number of log files that trigger this block specified above - NUM_LOGS_TO_ROTATE=8 - - # Adjust LOG_FILE_ROTATE_SIZE_KB to reflect the "size" parameter specified above, in kB - LOG_FILE_ROTATE_SIZE_KB=1024 - - # Reserve space for btmp, wtmp, dpkg.log, monit.log, etc., as well as logs that - # should be disabled, just in case they get created and rotated - RESERVED_SPACE_KB=4096 - - VAR_LOG_SIZE_KB=$(df -k /var/log | sed -n 2p | awk '{ print $2 }') - - # Limit usable space to 90% of the partition minus the reserved space for other logs - USABLE_SPACE_KB=$(( (VAR_LOG_SIZE_KB * 90 / 100) - RESERVED_SPACE_KB)) - - # Set our threshold so as to maintain enough space to write all logs from empty to full - # Most likely, some logs will have non-zero size when this is called, so this errs on the side - # of caution, giving us a bit of a cushion if a log grows quickly and passes its rotation size - THRESHOLD_KB=$((USABLE_SPACE_KB - (NUM_LOGS_TO_ROTATE * LOG_FILE_ROTATE_SIZE_KB * 2))) - - # First, delete any *.1.gz files that might be left around from a prior incomplete - # logrotate execution, otherwise logrotate will fail to do its job - find /var/log/ -name '*.1.gz' -type f -exec rm -f {} + - - while true; do - USED_KB=$(du -s /var/log | awk '{ print $1; }') - - if [ $USED_KB -lt $THRESHOLD_KB ]; then - break - else - OLDEST_ARCHIVE_FILE=$(find /var/log -type f -printf '%T+ %p\n' | grep -E '.+\.[0-9]+(\.gz)?$' | sort | head -n 1 | awk '{ print $2; }') - - if [ -z "$OLDEST_ARCHIVE_FILE" ]; then - logger -p syslog.err -t "logrotate" "No archive file to delete -- potential for filling up /var/log partition!" - break - fi - - logger -p syslog.info -t "logrotate" "Deleting archive file $OLDEST_ARCHIVE_FILE to free up space" - rm -rf "$OLDEST_ARCHIVE_FILE" - fi - done - endscript - postrotate - if [ $(echo $1 | grep -c "/var/log/swss/") -gt 0 ]; then - pgrep -x orchagent | xargs /bin/kill -HUP 2>/dev/null || true - else - /bin/kill -HUP $(cat /var/run/rsyslogd.pid) - fi - endscript -} diff --git a/files/image_config/rsyslog/rsyslog-config.sh b/files/image_config/rsyslog/rsyslog-config.sh index 6f43e562fd78..87808e320902 100755 --- a/files/image_config/rsyslog/rsyslog-config.sh +++ b/files/image_config/rsyslog/rsyslog-config.sh @@ -20,7 +20,7 @@ fi sonic-cfggen -d -t /usr/share/sonic/templates/rsyslog.conf.j2 -a "{\"udp_server_ip\": \"$udp_server_ip\"}" >/etc/rsyslog.conf -#render the logrotate config files for rsyslog as well. +#Render the logrotate config files for rsyslog as well. sonic-cfggen -d -t /usr/share/sonic/templates/logrotate-rsyslog.j2 -a "{\"namespaces\": $NUM_ASIC}" > /etc/logrotate.d/rsyslog systemctl restart rsyslog From 32a34f9541ccf16789468e944d4507bda1d6d296 Mon Sep 17 00:00:00 2001 From: Arvindsrinivasan Lakshmi Narasimhan Date: Mon, 6 Jul 2020 15:18:01 -0700 Subject: [PATCH 29/29] address review comment Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan --- platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common b/platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common index 335a7da1f144..0e98b9b53edd 100644 --- a/platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common +++ b/platform/broadcom/docker-syncd-brcm/base_image_files/bcm_common @@ -27,7 +27,7 @@ if [[ ($NUM_ASIC -gt 1) ]]; then exit 0 ;; n) DEV=${OPTARG} - [ $DEV -lt $NUM_ASIC -a $DEV -ge 0 ] || help + [ $DEV -lt $NUM_ASIC -a $DEV -ge 0 ] || help ;; esac done