From fb02a023d3e63c1544011f4202addd2182cc337c Mon Sep 17 00:00:00 2001 From: trvanduy Date: Fri, 4 Dec 2020 15:28:47 -0800 Subject: [PATCH 01/10] updated to support snmp config from redis configdb --- dockers/docker-snmp/snmpd.conf.j2 | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/dockers/docker-snmp/snmpd.conf.j2 b/dockers/docker-snmp/snmpd.conf.j2 index 7d4022501fbb..e20cb5d3805d 100644 --- a/dockers/docker-snmp/snmpd.conf.j2 +++ b/dockers/docker-snmp/snmpd.conf.j2 @@ -44,6 +44,28 @@ rocommunity {{ snmp_rocommunity }} rocommunity6 {{ snmp_rocommunity }} {% endif %} +{% for community in SNMP_COMMUNITY.keys() %} +{% if SNMP_COMMUNITY[community]['TYPE'] == 'RO' %} +rocommunity {{ community }} +rocommunity6 {{ community }} +{% else %} +rwcommunity {{ community }} +rwcommunity6 {{ community }} +{% endif %} +{% endfor %} + + +{% for user in SNMP_USER.keys() %} +{% if SNMP_USER[user]['SNMP_USER_PERMISSION'] == 'RO' %} +rouser {{ user }} {{ SNMP_USER[user]['SNMP_USER_TYPE'] }} +CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_AUTH_PASSWORD'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_PASSWORD'] }} +{% else %} +rwuser {{ user }} {{ SNMP_USER[user]['SNMP_USER_TYPE'] }} +CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_AUTH_PASSWORD'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_PASSWORD'] }} +{% endif %} +{% endfor %} + + ############################################################################### # # SYSTEM INFORMATION @@ -52,7 +74,7 @@ rocommunity6 {{ snmp_rocommunity }} # Note that setting these values here, results in the corresponding MIB objects being 'read-only' # See snmpd.conf(5) for more details sysLocation {{ snmp_location }} -sysContact Azure Cloud Switch vteam +sysContact {{ SNMP.CONTACT.keys()[0] }} {{ SNMP.CONTACT.values()[0] }} # Application + End-to-End layers sysServices 72 From 98aca9d2aeebadd6d84ab8a541f6d8a27fa64d78 Mon Sep 17 00:00:00 2001 From: trvanduy Date: Fri, 4 Dec 2020 17:03:00 -0800 Subject: [PATCH 02/10] updated for cases when configdb is empty --- dockers/docker-snmp/snmpd.conf.j2 | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/dockers/docker-snmp/snmpd.conf.j2 b/dockers/docker-snmp/snmpd.conf.j2 index e20cb5d3805d..6593571cefc3 100644 --- a/dockers/docker-snmp/snmpd.conf.j2 +++ b/dockers/docker-snmp/snmpd.conf.j2 @@ -44,6 +44,7 @@ rocommunity {{ snmp_rocommunity }} rocommunity6 {{ snmp_rocommunity }} {% endif %} +{% if SNMP_COMMUNITY is defined %} {% for community in SNMP_COMMUNITY.keys() %} {% if SNMP_COMMUNITY[community]['TYPE'] == 'RO' %} rocommunity {{ community }} @@ -53,8 +54,11 @@ rwcommunity {{ community }} rwcommunity6 {{ community }} {% endif %} {% endfor %} +{% else %} +{% endif %} +{% if SNMP_USER is defined %} {% for user in SNMP_USER.keys() %} {% if SNMP_USER[user]['SNMP_USER_PERMISSION'] == 'RO' %} rouser {{ user }} {{ SNMP_USER[user]['SNMP_USER_TYPE'] }} @@ -64,6 +68,8 @@ rwuser {{ user }} {{ SNMP_USER[user]['SNMP_USER_TYPE'] }} CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_AUTH_PASSWORD'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_PASSWORD'] }} {% endif %} {% endfor %} +{% else %} +{% endif %} ############################################################################### @@ -74,7 +80,10 @@ CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[ # Note that setting these values here, results in the corresponding MIB objects being 'read-only' # See snmpd.conf(5) for more details sysLocation {{ snmp_location }} +{% if SNMP_CONTACT is defined %} sysContact {{ SNMP.CONTACT.keys()[0] }} {{ SNMP.CONTACT.values()[0] }} +{% else %} +{% endif %} # Application + End-to-End layers sysServices 72 From f2271733d8f8ed0e5c40f7b8a689f89485018d79 Mon Sep 17 00:00:00 2001 From: trvanduy Date: Thu, 10 Dec 2020 16:22:46 -0800 Subject: [PATCH 03/10] updated per PR comments --- dockers/docker-snmp/snmpd.conf.j2 | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/dockers/docker-snmp/snmpd.conf.j2 b/dockers/docker-snmp/snmpd.conf.j2 index 6593571cefc3..2c970f4cc5f0 100644 --- a/dockers/docker-snmp/snmpd.conf.j2 +++ b/dockers/docker-snmp/snmpd.conf.j2 @@ -43,23 +43,20 @@ rocommunity6 {{ community }} rocommunity {{ snmp_rocommunity }} rocommunity6 {{ snmp_rocommunity }} {% endif %} - -{% if SNMP_COMMUNITY is defined %} -{% for community in SNMP_COMMUNITY.keys() %} -{% if SNMP_COMMUNITY[community]['TYPE'] == 'RO' %} -rocommunity {{ community }} -rocommunity6 {{ community }} -{% else %} + +{% if snmp_rwcommunities is defined %} +{% for community in snmp_rwcommunities %} rwcommunity {{ community }} rwcommunity6 {{ community }} -{% endif %} {% endfor %} +{% elif snmp_rwcommunity is defined %} +rwcommunity {{ snmp_rwcommunity }} +rwcommunity6 {{ snmp_rwcommunity }} {% else %} {% endif %} - {% if SNMP_USER is defined %} -{% for user in SNMP_USER.keys() %} +{% for user in SNMP_USER %} {% if SNMP_USER[user]['SNMP_USER_PERMISSION'] == 'RO' %} rouser {{ user }} {{ SNMP_USER[user]['SNMP_USER_TYPE'] }} CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_AUTH_PASSWORD'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_PASSWORD'] }} @@ -71,7 +68,6 @@ CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[ {% else %} {% endif %} - ############################################################################### # # SYSTEM INFORMATION @@ -83,6 +79,7 @@ sysLocation {{ snmp_location }} {% if SNMP_CONTACT is defined %} sysContact {{ SNMP.CONTACT.keys()[0] }} {{ SNMP.CONTACT.values()[0] }} {% else %} +sysContact Azure Cloud Switch vteam {% endif %} # Application + End-to-End layers sysServices 72 From df113e104f489e9389d7d86616845e3007848029 Mon Sep 17 00:00:00 2001 From: trvanduy Date: Fri, 11 Dec 2020 13:32:26 -0800 Subject: [PATCH 04/10] updated snmp jinja2 file to use ConfigDB as main source and snmp.yml on if it does not exist in the ConfigDB --- dockers/docker-snmp/snmpd.conf.j2 | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/dockers/docker-snmp/snmpd.conf.j2 b/dockers/docker-snmp/snmpd.conf.j2 index 2c970f4cc5f0..88b9fff459be 100644 --- a/dockers/docker-snmp/snmpd.conf.j2 +++ b/dockers/docker-snmp/snmpd.conf.j2 @@ -34,25 +34,41 @@ view systemonly included .1.3.6.1.2.1.1 view systemonly included .1.3.6.1.2.1.25.1 # Default access to basic system info -{% if snmp_rocommunities %} +{% if SNMP_COMMUNITY is defined %} + +{% for community in SNMP_COMMUNITY %} +{% if SNMP_COMMUNITY[community]['TYPE'] == 'RO' %} +rocommunity {{ community }} +rocommunity6 {{ community }} +{% elif SNMP_COMMUNITY[community]['TYPE'] == 'RW' %} +rwcommunity {{ community }} +rwcommunity6 {{ community }} +{% endif %} +{% endfor %} +{% endif %} + +{% if SNMP_COMMUNITY is defined and snmp_rocommunities is defined %} {% for community in snmp_rocommunities %} +{% if community not in SNMP_COMMUNITY %} rocommunity {{ community }} rocommunity6 {{ community }} +{% endif %} {% endfor %} -{% else %} +{% elif community not in SNMP_COMMUNITY %} rocommunity {{ snmp_rocommunity }} rocommunity6 {{ snmp_rocommunity }} {% endif %} - -{% if snmp_rwcommunities is defined %} + +{% if SNMP_COMMUNITY is defined and snmp_rocommunities is defined %} {% for community in snmp_rwcommunities %} +{% if community not in SNMP_COMMUNITY %} rwcommunity {{ community }} rwcommunity6 {{ community }} +{% endif %} {% endfor %} -{% elif snmp_rwcommunity is defined %} +{% elif community not in SNMP_COMMUNITY %} rwcommunity {{ snmp_rwcommunity }} rwcommunity6 {{ snmp_rwcommunity }} -{% else %} {% endif %} {% if SNMP_USER is defined %} @@ -84,7 +100,6 @@ sysContact Azure Cloud Switch vteam # Application + End-to-End layers sysServices 72 - # # Process Monitoring # From 0b749eb684936189d2629b7a8247c8dca3276b87 Mon Sep 17 00:00:00 2001 From: trvanduy Date: Tue, 29 Dec 2020 11:42:00 -0800 Subject: [PATCH 05/10] updated jinja file to get info from only configdb. The snmp.yml file will already be add via the snmp_yml_to_configdb.py --- dockers/docker-snmp/snmpd.conf.j2 | 40 ++++++++++++------------------- 1 file changed, 15 insertions(+), 25 deletions(-) diff --git a/dockers/docker-snmp/snmpd.conf.j2 b/dockers/docker-snmp/snmpd.conf.j2 index 88b9fff459be..9245985fb6d5 100644 --- a/dockers/docker-snmp/snmpd.conf.j2 +++ b/dockers/docker-snmp/snmpd.conf.j2 @@ -32,43 +32,28 @@ agentAddress udp6:161 # system + hrSystem groups only view systemonly included .1.3.6.1.2.1.1 view systemonly included .1.3.6.1.2.1.25.1 - # Default access to basic system info -{% if SNMP_COMMUNITY is defined %} +{% if SNMP_COMMUNITY is defined %} {% for community in SNMP_COMMUNITY %} {% if SNMP_COMMUNITY[community]['TYPE'] == 'RO' %} rocommunity {{ community }} rocommunity6 {{ community }} -{% elif SNMP_COMMUNITY[community]['TYPE'] == 'RW' %} -rwcommunity {{ community }} -rwcommunity6 {{ community }} -{% endif %} -{% endfor %} -{% endif %} - -{% if SNMP_COMMUNITY is defined and snmp_rocommunities is defined %} -{% for community in snmp_rocommunities %} -{% if community not in SNMP_COMMUNITY %} -rocommunity {{ community }} -rocommunity6 {{ community }} +{% else %} {% endif %} {% endfor %} -{% elif community not in SNMP_COMMUNITY %} -rocommunity {{ snmp_rocommunity }} -rocommunity6 {{ snmp_rocommunity }} +{% else %} {% endif %} -{% if SNMP_COMMUNITY is defined and snmp_rocommunities is defined %} -{% for community in snmp_rwcommunities %} -{% if community not in SNMP_COMMUNITY %} +{% if SNMP_COMMUNITY is defined %} +{% for community in SNMP_COMMUNITY %} +{% if SNMP_COMMUNITY[community]['TYPE'] == 'RW' %} rwcommunity {{ community }} rwcommunity6 {{ community }} +{% else %} {% endif %} {% endfor %} -{% elif community not in SNMP_COMMUNITY %} -rwcommunity {{ snmp_rwcommunity }} -rwcommunity6 {{ snmp_rwcommunity }} +{% else %} {% endif %} {% if SNMP_USER is defined %} @@ -91,8 +76,12 @@ CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[ # Note that setting these values here, results in the corresponding MIB objects being 'read-only' # See snmpd.conf(5) for more details -sysLocation {{ snmp_location }} -{% if SNMP_CONTACT is defined %} +{% if SNMP.LOCATION is defined %} +sysLocation {{ SNMP.LOCATION.Location }} +{% else %} +sysLocation public +{% endif %} +{% if SNMP.CONTACT is defined %} sysContact {{ SNMP.CONTACT.keys()[0] }} {{ SNMP.CONTACT.values()[0] }} {% else %} sysContact Azure Cloud Switch vteam @@ -100,6 +89,7 @@ sysContact Azure Cloud Switch vteam # Application + End-to-End layers sysServices 72 + # # Process Monitoring # From fabc562cd42f6c0a3d24923b13c24170dd6e2216 Mon Sep 17 00:00:00 2001 From: trvanduy Date: Tue, 29 Dec 2020 11:43:55 -0800 Subject: [PATCH 06/10] removing snmp.yml file from SONIC_CFGGEN_ARGS as it was already picked up via snmp_yml_to_configdb.py --- dockers/docker-snmp/start.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/dockers/docker-snmp/start.sh b/dockers/docker-snmp/start.sh index 70f139bec45e..aefd0bfc3db6 100755 --- a/dockers/docker-snmp/start.sh +++ b/dockers/docker-snmp/start.sh @@ -20,7 +20,6 @@ SONIC_CFGGEN_ARGS=" \ -d \ -y /etc/sonic/sonic_version.yml \ -t /usr/share/sonic/templates/sysDescription.j2,/etc/ssw/sysDescription \ - -y /etc/sonic/snmp.yml \ -t /usr/share/sonic/templates/snmpd.conf.j2,/etc/snmp/snmpd.conf \ " From def1c1532dc6396863ed730225e41a6bc7457f3d Mon Sep 17 00:00:00 2001 From: trvanduy Date: Tue, 29 Dec 2020 14:20:53 -0800 Subject: [PATCH 07/10] updated to check if SNMP location and contact are not configured --- dockers/docker-snmp/snmpd.conf.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dockers/docker-snmp/snmpd.conf.j2 b/dockers/docker-snmp/snmpd.conf.j2 index 9245985fb6d5..8059c0f3baf0 100644 --- a/dockers/docker-snmp/snmpd.conf.j2 +++ b/dockers/docker-snmp/snmpd.conf.j2 @@ -76,12 +76,12 @@ CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[ # Note that setting these values here, results in the corresponding MIB objects being 'read-only' # See snmpd.conf(5) for more details -{% if SNMP.LOCATION is defined %} +{% if SNMP is defined and SNMP.LOCATION is defined %} sysLocation {{ SNMP.LOCATION.Location }} {% else %} sysLocation public {% endif %} -{% if SNMP.CONTACT is defined %} +{% if SNMP is defined and SNMP.CONTACT is defined %} sysContact {{ SNMP.CONTACT.keys()[0] }} {{ SNMP.CONTACT.values()[0] }} {% else %} sysContact Azure Cloud Switch vteam From e05110f793458755887aff4cb3cb98615d8bd48f Mon Sep 17 00:00:00 2001 From: trvanduy Date: Wed, 30 Dec 2020 13:38:35 -0800 Subject: [PATCH 08/10] removed unneeded else per PR comments --- dockers/docker-snmp/snmpd.conf.j2 | 2 -- 1 file changed, 2 deletions(-) diff --git a/dockers/docker-snmp/snmpd.conf.j2 b/dockers/docker-snmp/snmpd.conf.j2 index 8059c0f3baf0..75a3eef2bdbf 100644 --- a/dockers/docker-snmp/snmpd.conf.j2 +++ b/dockers/docker-snmp/snmpd.conf.j2 @@ -39,7 +39,6 @@ view systemonly included .1.3.6.1.2.1.25.1 {% if SNMP_COMMUNITY[community]['TYPE'] == 'RO' %} rocommunity {{ community }} rocommunity6 {{ community }} -{% else %} {% endif %} {% endfor %} {% else %} @@ -50,7 +49,6 @@ rocommunity6 {{ community }} {% if SNMP_COMMUNITY[community]['TYPE'] == 'RW' %} rwcommunity {{ community }} rwcommunity6 {{ community }} -{% else %} {% endif %} {% endfor %} {% else %} From fbe5d36180d95f9a9a3515452cd6c1d2bc66800f Mon Sep 17 00:00:00 2001 From: trvanduy Date: Wed, 30 Dec 2020 14:37:26 -0800 Subject: [PATCH 09/10] updated to removed unneeded 'else' in template --- dockers/docker-snmp/snmpd.conf.j2 | 2 -- 1 file changed, 2 deletions(-) diff --git a/dockers/docker-snmp/snmpd.conf.j2 b/dockers/docker-snmp/snmpd.conf.j2 index 75a3eef2bdbf..308b5999f753 100644 --- a/dockers/docker-snmp/snmpd.conf.j2 +++ b/dockers/docker-snmp/snmpd.conf.j2 @@ -41,7 +41,6 @@ rocommunity {{ community }} rocommunity6 {{ community }} {% endif %} {% endfor %} -{% else %} {% endif %} {% if SNMP_COMMUNITY is defined %} @@ -51,7 +50,6 @@ rwcommunity {{ community }} rwcommunity6 {{ community }} {% endif %} {% endfor %} -{% else %} {% endif %} {% if SNMP_USER is defined %} From 9b1d5975e62b419cccf24ac4477681f3a9f8ec65 Mon Sep 17 00:00:00 2001 From: trvanduy Date: Mon, 4 Jan 2021 10:04:05 -0800 Subject: [PATCH 10/10] updated jinja template to fix spacing issues and update else to be elif 'RW' --- dockers/docker-snmp/snmpd.conf.j2 | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/dockers/docker-snmp/snmpd.conf.j2 b/dockers/docker-snmp/snmpd.conf.j2 index 308b5999f753..b83fbffda025 100644 --- a/dockers/docker-snmp/snmpd.conf.j2 +++ b/dockers/docker-snmp/snmpd.conf.j2 @@ -32,8 +32,10 @@ agentAddress udp6:161 # system + hrSystem groups only view systemonly included .1.3.6.1.2.1.1 view systemonly included .1.3.6.1.2.1.25.1 + # Default access to basic system info + {% if SNMP_COMMUNITY is defined %} {% for community in SNMP_COMMUNITY %} {% if SNMP_COMMUNITY[community]['TYPE'] == 'RO' %} @@ -56,15 +58,16 @@ rwcommunity6 {{ community }} {% for user in SNMP_USER %} {% if SNMP_USER[user]['SNMP_USER_PERMISSION'] == 'RO' %} rouser {{ user }} {{ SNMP_USER[user]['SNMP_USER_TYPE'] }} -CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_AUTH_PASSWORD'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_PASSWORD'] }} -{% else %} +CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_AUTH_PASSWORD'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_PASSWORD'] }} +{% elif SNMP_USER[user]['SNMP_USER_PERMISSION'] == 'RW' %} rwuser {{ user }} {{ SNMP_USER[user]['SNMP_USER_TYPE'] }} -CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_AUTH_PASSWORD'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_PASSWORD'] }} +CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_AUTH_PASSWORD'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_TYPE'] }} {{ SNMP_USER[user]['SNMP_USER_ENCRYPTION_PASSWORD'] }} {% endif %} {% endfor %} {% else %} {% endif %} + ############################################################################### # # SYSTEM INFORMATION @@ -72,6 +75,7 @@ CreateUser {{ user }} {{ SNMP_USER[user]['SNMP_USER_AUTH_TYPE'] }} {{ SNMP_USER[ # Note that setting these values here, results in the corresponding MIB objects being 'read-only' # See snmpd.conf(5) for more details + {% if SNMP is defined and SNMP.LOCATION is defined %} sysLocation {{ SNMP.LOCATION.Location }} {% else %} @@ -82,6 +86,7 @@ sysContact {{ SNMP.CONTACT.keys()[0] }} {{ SNMP.CONTACT.values()[0] }} {% else %} sysContact Azure Cloud Switch vteam {% endif %} + # Application + End-to-End layers sysServices 72