2018-08-16 17:54:31 -05:00
|
|
|
###############################################################################
|
|
|
|
## Wrapper for starting make inside sonic-slave container
|
|
|
|
#
|
|
|
|
# Supported parameters:
|
|
|
|
#
|
|
|
|
# * PLATFORM: Specific platform we wish to build images for.
|
|
|
|
# * BUILD_NUMBER: Desired version-number to pass to the building-system.
|
|
|
|
# * ENABLE_DHCP_GRAPH_SERVICE: Enables get-graph service to fetch minigraph files
|
|
|
|
# through http.
|
2019-12-04 06:50:56 -06:00
|
|
|
# * ENABLE_ZTP: Enables zero touch provisioning.
|
2018-08-16 17:54:31 -05:00
|
|
|
# * SHUTDOWN_BGP_ON_START: Sets admin-down state for all bgp peerings after restart.
|
2020-08-05 15:23:12 -05:00
|
|
|
# * INCLUDE_KUBERNETES: Allows including Kubernetes
|
2022-08-13 10:01:35 -05:00
|
|
|
# * INCLUDE_KUBERNETES_MASTER: Allows including Kubernetes master
|
2021-01-25 19:43:56 -06:00
|
|
|
# * INCLUDE_MUX: Include MUX feature/services for TOR switch.
|
2018-08-16 17:54:31 -05:00
|
|
|
# * ENABLE_PFCWD_ON_START: Enable PFC Watchdog (PFCWD) on server-facing ports
|
|
|
|
# * by default for TOR switch.
|
2018-10-21 19:20:27 -05:00
|
|
|
# * ENABLE_SYNCD_RPC: Enables rpc-based syncd builds.
|
2021-03-05 12:22:18 -06:00
|
|
|
# * INSTALL_DEBUG_TOOLS: Install debug tools and debug symbol packages.
|
2018-08-16 17:54:31 -05:00
|
|
|
# * USERNAME: Desired username -- default at rules/config
|
|
|
|
# * PASSWORD: Desired password -- default at rules/config
|
2018-09-12 02:23:00 -05:00
|
|
|
# * KEEP_SLAVE_ON: Keeps slave container up and active after building process concludes.
|
|
|
|
# * Note that rm=true is still set, so once user quits from the docker
|
|
|
|
# * session, the docker will be removed.
|
|
|
|
# * Please note that with current Stretch build structure,
|
|
|
|
# * user of KEEP_SLAVE_ON feature will have to be conscious
|
|
|
|
# * about which docker to stay inside after build is done.
|
|
|
|
# * - If user desires to stay inside Jessie docker, please issue
|
2019-05-27 17:50:51 -05:00
|
|
|
# * make KEEP_SLAVE_ON=yes jessie
|
|
|
|
# * - If user desires to stay inside Stretch docker, please issue
|
|
|
|
# * make NOJESSIE=1 KEEP_SLAVE_ON=yes <any target>
|
2018-08-16 17:54:31 -05:00
|
|
|
# * SOURCE_FOLDER: host path to be mount as /var/$(USER)/src, only effective when KEEP_SLAVE_ON=yes
|
|
|
|
# * SONIC_BUILD_JOBS: Specifying number of concurrent build job(s) to run
|
2019-03-29 17:25:17 -05:00
|
|
|
# * VS_PREPARE_MEM: Prepare memory in VS build (drop cache and compact).
|
|
|
|
# * Default: yes
|
|
|
|
# * Values: yes, no
|
2018-08-16 17:54:31 -05:00
|
|
|
# * KERNEL_PROCURE_METHOD: Specifying method of obtaining kernel Debian package: download or build
|
2022-09-19 01:54:08 -05:00
|
|
|
# * ENABLE_TRANSLIB_WRITE: Enable translib write/config operations via the gNMI interface.
|
2020-06-25 10:04:43 -05:00
|
|
|
# * Default: unset
|
|
|
|
# * Values: y
|
2022-11-29 02:58:27 -06:00
|
|
|
# * ENABLE_NATIVE_WRITE: Enable native write/config operations via the gNMI interface.
|
|
|
|
# * Default: unset
|
|
|
|
# * Values: y
|
[build]: support for DPKG local caching (#4117)
DPKG caching framework provides the infrastructure to cache the sonic module/target .deb files into a local cache by tracking the target dependency files.SONIC build infrastructure is designed as a plugin framework where any new source code can be easily integrated into sonic as a module and that generates output as a .deb file. The source code compilation of a module is completely independent of other modules compilation. Inter module dependency is resolved through build artifacts like header files, libraries, and binaries in the form of Debian packages. For example module A depends on module B. While module A is being built, it uses B's .deb file to install it in the build docker.
The DPKG caching framework provides an infrastructure that caches a module's deb package and restores it back to the build directory if its dependency files are not modified. When a module is compiled for the first time, the generated deb package is stored at the DPKG cache location. On the subsequent build, first, it checks the module dependency file modification. If none of the dependent files is changed, it copies the deb package from the cache location, otherwise, it goes for local compilation and generates the deb package. The modified files should be checked-in to get the newer cache deb package.
This provides a huge improvement in build time and also supports the true incremental build by tracking the dependency files.
- How I did it
It takes two global arguments to enable the DPKG caching, the first one indicates the caching method and the second one describes the location of the cache.
SONIC_DPKG_CACHE_METHOD=cache
SONIC_DPKG_CACHE_SOURCE=
where SONIC_DPKG_CACHE_METHOD - Default method is 'cache' for deb package caching
none: no caching
cache: cache from local directory
Dependency file tracking:
Dependency files are tracked for each target in two levels.
1. Common make infrastructure files - rules/config, rules/functions, slave.mk etc.
2. Per module files - files which are specific to modules, Makefile, debian/rules, patch files, etc.
For example: dependency files for Linux Kernel - src/sonic-linux-kernel,
SPATH := $($(LINUX_HEADERS_COMMON)_SRC_PATH)
DEP_FILES := $(SONIC_COMMON_FILES_LIST) rules/linux-kernel.mk rules/linux-kernel.dep
DEP_FILES += $(SONIC_COMMON_BASE_FILES_LIST)
SMDEP_FILES := $(addprefix $(SPATH)/,$(shell cd $(SPATH) && git ls-files))
DEP_FLAGS := $(SONIC_COMMON_FLAGS_LIST) \
$(KERNEL_PROCURE_METHOD) $(KERNEL_CACHE_PATH)
$(LINUX_HEADERS_COMMON)_CACHE_MODE := GIT_CONTENT_SHA
$(LINUX_HEADERS_COMMON)_DEP_FLAGS := $(DEP_FLAGS)
$(LINUX_HEADERS_COMMON)_DEP_FILES := $(DEP_FILES)
$(LINUX_HEADERS_COMMON)_SMDEP_FILES := $(SMDEP_FILES)
$(LINUX_HEADERS_COMMON)_SMDEP_PATHS := $(SPATH)
Cache file tracking:
The Cache file is a compressed TAR ball of a module's target DEB file and its derived-target DEB files.
The cache filename is formed with the following format
FORMAT:
<module deb filename>.<24 byte of DEP SHA hash >-<24 byte of MOD SHA hash>.tgz
Eg:
linux-headers-4.9.0-9-2-common_4.9.168-1+deb9u3_all.deb-23658712fd21bb776fa16f47-c0b63ef593d4a32643bca228.tgz
< 24-byte DEP SHA value > - the SHA value is derived from all the dependent packages.
< 24-byte MOD SHA value > - the SHA value is derived from either of the following.
GIT_COMMIT_SHA - SHA value of the last git commit ID if it is a submodule
GIT_CONTENT_SHA - SHA value is generated from the content of the target dependency files.
Target Specific rules:
Caching can be enabled/disabled on a global level and also on the per-target level.
$(addprefix $(DEBS_PATH)/, $(SONIC_DPKG_DEBS)) : $(DEBS_PATH)/% : .platform $$(addsuffix -install,$$(addprefix $(DEBS_PATH)/,$$($$*_DEPENDS))) \
$(call dpkg_depend,$(DEBS_PATH)/%.dep )
$(HEADER)
# Load the target deb from DPKG cache
$(call LOAD_CACHE,$*,$@)
# Skip building the target if it is already loaded from cache
if [ -z '$($*_CACHE_LOADED)' ] ; then
.....
# Rules for Generating the target DEB file.
.....
# Save the target deb into DPKG cache
$(call SAVE_CACHE,$*,$@)
fi
$(FOOTER)
The make rule-'$(call dpkg_depend,$(DEBS_PATH)/%.dep )' checks for target dependency file modification. If it is newer than the target, it will go for re-generation of that target.
Two main macros 'LOAD_CACHE' and 'SAVE_CACHE' are used for loading and storing the cache contents.
The 'LOAD_CACHE' macro is used to load the cache file from cache storage and extracts them into the target folder. It is done only if target dependency files are not modified by checking the GIT file status, otherwise, cache loading is skipped and full compilation is performed.
It also updates the target-specific variable to indicate the cache is loaded or not.
The 'SAVE_CACHE' macro generates the compressed tarball of the cache file and saves them into cache storage. Saving into the cache storage is protected with a lock.
- How to verify it
The caching functionality is verified by enabling it in Linux kernel submodule.
It uses the cache directory as 'target/cache' where Linux cache file gets stored on the first-time build and it is picked from the cache location during the subsequent clean build.
- Description for the changelog
The DPKG caching framework provides the infrastructure to save the module-specific deb file to be cached by tracking the module's dependency files.
If the module's dependency files are not changed, it restores the module deb files from the cache storage.
- Description for the changelog
- A picture of a cute animal (not mandatory but encouraged)
DOCUMENT PR:
https://github.com/Azure/SONiC/pull/559
2020-03-11 22:04:52 -05:00
|
|
|
# * SONIC_DPKG_CACHE_METHOD: Specifying method of obtaining the Debian packages from cache: none or cache
|
|
|
|
# * SONIC_DPKG_CACHE_SOURCE: Debian package cache location when cache enabled for debian packages
|
2020-03-23 11:45:43 -05:00
|
|
|
# * BUILD_LOG_TIMESTAMP: Set timestamp in the build log (simple/none)
|
2021-06-08 10:24:35 -05:00
|
|
|
# * DOCKER_EXTRA_OPTS: Extra command line arguments for dockerd running in slave container.
|
2021-11-15 23:56:37 -06:00
|
|
|
# * ENABLE_AUTO_TECH_SUPPORT: Enable the configuration for event-driven techsupport & coredump mgmt feature
|
|
|
|
# * Default: y
|
|
|
|
# * Values: y,n
|
2022-07-06 06:03:31 -05:00
|
|
|
# * INCLUDE_BOOTCHART: Install SONiC bootchart
|
|
|
|
# * Default: y
|
|
|
|
# * Values: y,n
|
|
|
|
# * ENABLE_BOOTCHART: Enable SONiC bootchart
|
|
|
|
# * Default: n
|
|
|
|
# * Values: y,n
|
2022-12-17 16:38:31 -06:00
|
|
|
# * GZ_COMPRESS_PROGRAM: Select pigz to reduce build time
|
|
|
|
# * Default: gzip
|
|
|
|
# * Values: pigz,gzip
|
2018-08-16 17:54:31 -05:00
|
|
|
#
|
|
|
|
###############################################################################
|
|
|
|
|
|
|
|
SHELL = /bin/bash
|
|
|
|
|
|
|
|
USER := $(shell id -un)
|
|
|
|
PWD := $(shell pwd)
|
2020-12-30 06:58:20 -06:00
|
|
|
USER_LC := $(shell echo $(USER) | tr A-Z a-z)
|
Support to build armhf/arm64 platforms on arm based system (#7731)
Why I did it
Support to build armhf/arm64 platforms on arm based system without qemu simulator.
When building the armhf/arm64 on arm based system, it is not necessary to use qemu simulator.
How I did it
Build armhf on armhf system, or build arm64 on arm64 system, by default, qemu simulator will not be used.
When building armhf on arm64, and you have enabled armhf docker, then it will build images without simulator automatically. It is based how the docker service is run.
Docker base image change:
For amd64, change from debian:to amd64/debian:
For arm64, change from multiarch/debian-debootstrap:arm64- to arm64v8/debian:
For armhf, change from multiarch/debian-debootstrap:armhf- to arm32v7/debian:
See https://github.com/docker-library/official-images#architectures-other-than-amd64
The mapping relations:
arm32v6 --- armel
arm32v7 --- armhf
arm64v8 --- arm64
Docker image armhf deprecated info: https://hub.docker.com/r/armhf/debian, using arm32v7 instead.
2021-08-12 09:24:37 -05:00
|
|
|
DOCKER_MACHINE := $(shell docker run --rm debian:buster uname -m)
|
2018-08-16 17:54:31 -05:00
|
|
|
|
2020-08-01 23:59:06 -05:00
|
|
|
comma := ,
|
|
|
|
|
Support to build armhf/arm64 platforms on arm based system (#7731)
Why I did it
Support to build armhf/arm64 platforms on arm based system without qemu simulator.
When building the armhf/arm64 on arm based system, it is not necessary to use qemu simulator.
How I did it
Build armhf on armhf system, or build arm64 on arm64 system, by default, qemu simulator will not be used.
When building armhf on arm64, and you have enabled armhf docker, then it will build images without simulator automatically. It is based how the docker service is run.
Docker base image change:
For amd64, change from debian:to amd64/debian:
For arm64, change from multiarch/debian-debootstrap:arm64- to arm64v8/debian:
For armhf, change from multiarch/debian-debootstrap:armhf- to arm32v7/debian:
See https://github.com/docker-library/official-images#architectures-other-than-amd64
The mapping relations:
arm32v6 --- armel
arm32v7 --- armhf
arm64v8 --- arm64
Docker image armhf deprecated info: https://hub.docker.com/r/armhf/debian, using arm32v7 instead.
2021-08-12 09:24:37 -05:00
|
|
|
ifeq ($(DOCKER_MACHINE), aarch64)
|
2021-04-18 10:17:57 -05:00
|
|
|
COMPILE_HOST_ARCH := arm64
|
Support to build armhf/arm64 platforms on arm based system (#7731)
Why I did it
Support to build armhf/arm64 platforms on arm based system without qemu simulator.
When building the armhf/arm64 on arm based system, it is not necessary to use qemu simulator.
How I did it
Build armhf on armhf system, or build arm64 on arm64 system, by default, qemu simulator will not be used.
When building armhf on arm64, and you have enabled armhf docker, then it will build images without simulator automatically. It is based how the docker service is run.
Docker base image change:
For amd64, change from debian:to amd64/debian:
For arm64, change from multiarch/debian-debootstrap:arm64- to arm64v8/debian:
For armhf, change from multiarch/debian-debootstrap:armhf- to arm32v7/debian:
See https://github.com/docker-library/official-images#architectures-other-than-amd64
The mapping relations:
arm32v6 --- armel
arm32v7 --- armhf
arm64v8 --- arm64
Docker image armhf deprecated info: https://hub.docker.com/r/armhf/debian, using arm32v7 instead.
2021-08-12 09:24:37 -05:00
|
|
|
else ifeq ($(shell echo $(DOCKER_MACHINE) | grep -qE "armv7l|armv8l" && echo y),y)
|
2021-04-18 10:17:57 -05:00
|
|
|
COMPILE_HOST_ARCH := armhf
|
|
|
|
else
|
|
|
|
COMPILE_HOST_ARCH := amd64
|
|
|
|
endif
|
|
|
|
|
|
|
|
|
2018-08-16 17:54:31 -05:00
|
|
|
ifeq ($(USER), root)
|
|
|
|
$(error Add your user account to docker group and use your user account to make. root or sudo are not supported!)
|
|
|
|
endif
|
|
|
|
|
2019-07-26 15:13:33 -05:00
|
|
|
# Check for j2cli availability
|
|
|
|
J2_VER := $(shell j2 --version 2>&1 | grep j2cli | awk '{printf $$2}')
|
|
|
|
ifeq ($(J2_VER),)
|
2020-03-20 01:26:45 -05:00
|
|
|
$(error Please install j2cli (sudo pip install j2cli))
|
2019-07-26 15:13:33 -05:00
|
|
|
endif
|
|
|
|
|
2019-07-13 14:43:45 -05:00
|
|
|
# Check for minimum Docker version on build host
|
|
|
|
# Note: Using the greater of CE (17.05.0) and EE (17.06.1) versions that support ARG before FROM
|
|
|
|
docker_min := 17.06.1
|
|
|
|
docker_min_ver := $(shell echo "$(docker_min)" | awk -F. '{printf("%d%03d%03d\n",$$1,$$2,$$3);}' 2>/dev/null)
|
2019-07-23 09:01:21 -05:00
|
|
|
docker_ver := $(shell docker info 2>/dev/null | grep -i "server version" | rev | cut -d' ' -f1 | rev | awk -F. '{printf("%d%03d%03d\n",$$1,$$2,$$3);}' 2>/dev/null)
|
2019-07-31 17:26:00 -05:00
|
|
|
docker_is_valid := $(shell if [[ "$(docker_ver)" -lt $(docker_min_ver) ]] ; then echo "0"; else echo "1"; fi)
|
2019-07-13 14:43:45 -05:00
|
|
|
ifeq (0,$(docker_is_valid))
|
|
|
|
$(error SONiC requires Docker version $(docker_min) or later)
|
|
|
|
endif
|
|
|
|
|
2018-08-16 17:54:31 -05:00
|
|
|
# Remove lock file in case previous run was forcefully stopped
|
|
|
|
$(shell rm -f .screen)
|
|
|
|
|
|
|
|
MAKEFLAGS += -B
|
|
|
|
|
2019-07-26 00:06:41 -05:00
|
|
|
CONFIGURED_ARCH := $(shell [ -f .arch ] && cat .arch || echo $(PLATFORM_ARCH))
|
2022-04-27 19:39:37 -05:00
|
|
|
CONFIGURED_PLATFORM = $(if $(PLATFORM),$(PLATFORM),$(shell cat .platform 2>/dev/null))
|
2019-07-26 15:13:33 -05:00
|
|
|
ifeq ($(CONFIGURED_ARCH),)
|
|
|
|
override CONFIGURED_ARCH = amd64
|
|
|
|
endif
|
2019-07-26 00:06:41 -05:00
|
|
|
ifeq ($(PLATFORM_ARCH),)
|
|
|
|
override PLATFORM_ARCH = $(CONFIGURED_ARCH)
|
|
|
|
endif
|
|
|
|
|
2022-07-12 17:00:57 -05:00
|
|
|
ifeq ($(CONFIGURED_ARCH),amd64)
|
|
|
|
TARGET_BOOTLOADER = grub
|
|
|
|
else
|
|
|
|
TARGET_BOOTLOADER = uboot
|
|
|
|
endif
|
|
|
|
|
2021-06-30 14:45:40 -05:00
|
|
|
ifeq ($(BLDENV), bullseye)
|
|
|
|
SLAVE_DIR = sonic-slave-bullseye
|
|
|
|
else ifeq ($(BLDENV), buster)
|
2020-02-02 14:03:34 -06:00
|
|
|
SLAVE_DIR = sonic-slave-buster
|
|
|
|
else ifeq ($(BLDENV), stretch)
|
2018-08-16 17:54:31 -05:00
|
|
|
SLAVE_DIR = sonic-slave-stretch
|
|
|
|
else
|
2019-11-21 18:14:32 -06:00
|
|
|
SLAVE_DIR = sonic-slave-jessie
|
2018-08-16 17:54:31 -05:00
|
|
|
endif
|
2020-02-02 14:03:34 -06:00
|
|
|
|
2021-04-30 15:04:15 -05:00
|
|
|
# Define a do-nothing target for rules/config.user so that when
|
|
|
|
# the file is missing, make won't try to rebuld everything.
|
|
|
|
rules/config.user:
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)echo -n ""
|
2021-04-30 15:04:15 -05:00
|
|
|
|
2020-12-21 01:31:10 -06:00
|
|
|
include rules/config
|
2021-04-18 01:00:28 -05:00
|
|
|
-include rules/config.user
|
2020-12-21 01:31:10 -06:00
|
|
|
|
2022-03-14 05:09:20 -05:00
|
|
|
ifneq ($(DEFAULT_CONTAINER_REGISTRY),)
|
|
|
|
override DEFAULT_CONTAINER_REGISTRY := $(DEFAULT_CONTAINER_REGISTRY)/
|
|
|
|
endif
|
|
|
|
|
2020-12-26 12:30:51 -06:00
|
|
|
ifeq ($(ENABLE_DOCKER_BASE_PULL),)
|
|
|
|
override ENABLE_DOCKER_BASE_PULL = n
|
|
|
|
endif
|
|
|
|
|
2022-12-17 16:38:31 -06:00
|
|
|
ifneq ($(GZ_COMPRESS_PROGRAM), pigz)
|
|
|
|
override GZ_COMPRESS_PROGRAM = gzip
|
|
|
|
endif
|
|
|
|
|
2020-12-25 04:21:57 -06:00
|
|
|
ifeq ($(CONFIGURED_ARCH),amd64)
|
2019-11-21 18:14:32 -06:00
|
|
|
SLAVE_BASE_IMAGE = $(SLAVE_DIR)
|
2021-04-18 10:17:57 -05:00
|
|
|
MULTIARCH_QEMU_ENVIRON = n
|
2022-07-21 16:15:16 -05:00
|
|
|
CROSS_BUILD_ENVIRON = n
|
2020-12-25 04:21:57 -06:00
|
|
|
else
|
2021-04-18 10:17:57 -05:00
|
|
|
ifeq ($(CONFIGURED_ARCH), $(COMPILE_HOST_ARCH))
|
|
|
|
SLAVE_BASE_IMAGE = $(SLAVE_DIR)
|
|
|
|
MULTIARCH_QEMU_ENVIRON = n
|
2022-07-21 16:15:16 -05:00
|
|
|
CROSS_BUILD_ENVIRON = n
|
2021-04-18 10:17:57 -05:00
|
|
|
else ifneq ($(CONFIGURED_ARCH),)
|
|
|
|
SLAVE_BASE_IMAGE = $(SLAVE_DIR)-march-$(CONFIGURED_ARCH)
|
2022-07-21 16:15:16 -05:00
|
|
|
ifneq ($(CROSS_BLDENV),)
|
|
|
|
MULTIARCH_QEMU_ENVIRON = n
|
|
|
|
CROSS_BUILD_ENVIRON = y
|
|
|
|
else
|
2021-04-18 10:17:57 -05:00
|
|
|
MULTIARCH_QEMU_ENVIRON = y
|
2022-07-21 16:15:16 -05:00
|
|
|
CROSS_BUILD_ENVIRON = n
|
|
|
|
endif
|
2021-04-18 10:17:57 -05:00
|
|
|
endif
|
2020-12-25 04:21:57 -06:00
|
|
|
endif
|
2020-12-30 06:58:20 -06:00
|
|
|
SLAVE_IMAGE = $(SLAVE_BASE_IMAGE)-$(USER_LC)
|
2022-06-16 01:13:01 -05:00
|
|
|
DOCKER_ROOT = $(PWD)/fsroot.docker.$(BLDENV)
|
2018-08-16 17:54:31 -05:00
|
|
|
|
2022-05-05 18:21:30 -05:00
|
|
|
# Support FIPS feature, armhf not supported yet
|
|
|
|
ifeq ($(PLATFORM_ARCH),armhf)
|
|
|
|
ENABLE_FIPS_FEATURE := n
|
|
|
|
ENABLE_FIPS := n
|
|
|
|
endif
|
|
|
|
|
|
|
|
ifeq ($(ENABLE_FIPS_FEATURE), n)
|
|
|
|
ifeq ($(ENABLE_FIPS), y)
|
|
|
|
$(error Cannot set fips config ENABLE_FIPS=y when ENABLE_FIPS_FEATURE=n)
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2022-12-11 19:20:56 -06:00
|
|
|
SONIC_VERSION_CACHE := $(filter-out none,$(SONIC_VERSION_CACHE_METHOD))
|
|
|
|
SONIC_OVERRIDE_BUILD_VARS += SONIC_VERSION_CACHE=$(SONIC_VERSION_CACHE)
|
|
|
|
SONIC_OVERRIDE_BUILD_VARS += SONIC_VERSION_CACHE_SOURCE=$(SONIC_VERSION_CACHE_SOURCE)
|
|
|
|
export SONIC_VERSION_CACHE SONIC_VERSION_CACHE_SOURCE
|
|
|
|
$(shell test -d $(SONIC_VERSION_CACHE_SOURCE) || \
|
|
|
|
mkdir -p $(SONIC_VERSION_CACHE_SOURCE) && chmod -f 777 $(SONIC_VERSION_CACHE_SOURCE) 2>/dev/null )
|
|
|
|
|
2020-12-21 01:31:10 -06:00
|
|
|
# Generate the version control build info
|
2022-10-04 16:13:40 -05:00
|
|
|
$(shell \
|
|
|
|
SONIC_VERSION_CONTROL_COMPONENTS=$(SONIC_VERSION_CONTROL_COMPONENTS) \
|
|
|
|
TRUSTED_GPG_URLS=$(TRUSTED_GPG_URLS) \
|
|
|
|
PACKAGE_URL_PREFIX=$(PACKAGE_URL_PREFIX) \
|
2022-12-11 19:20:56 -06:00
|
|
|
DISTRO=$(BLDENV) \
|
|
|
|
SONIC_VERSION_CACHE=$(SONIC_VERSION_CACHE) \
|
|
|
|
SONIC_VERSION_CACHE_SOURCE=$(SONIC_VERSION_CACHE_SOURCE) \
|
|
|
|
DBGOPT='$(DBGOPT)' \
|
2023-01-13 02:16:35 -06:00
|
|
|
MIRROR_SNAPSHOT=$(MIRROR_SNAPSHOT) \
|
2022-10-04 16:13:40 -05:00
|
|
|
scripts/generate_buildinfo_config.sh)
|
2020-12-21 01:31:10 -06:00
|
|
|
|
|
|
|
# Generate the slave Dockerfile, and prepare build info for it
|
2022-10-04 16:13:40 -05:00
|
|
|
$(shell CONFIGURED_ARCH=$(CONFIGURED_ARCH) \
|
|
|
|
MULTIARCH_QEMU_ENVIRON=$(MULTIARCH_QEMU_ENVIRON) \
|
|
|
|
CROSS_BUILD_ENVIRON=$(CROSS_BUILD_ENVIRON) \
|
|
|
|
ENABLE_FIPS_FEATURE=$(ENABLE_FIPS_FEATURE) \
|
|
|
|
DOCKER_EXTRA_OPTS=$(DOCKER_EXTRA_OPTS) \
|
|
|
|
DEFAULT_CONTAINER_REGISTRY=$(DEFAULT_CONTAINER_REGISTRY) \
|
2022-12-17 16:38:31 -06:00
|
|
|
GZ_COMPRESS_PROGRAM=$(GZ_COMPRESS_PROGRAM) \
|
2022-10-04 16:13:40 -05:00
|
|
|
j2 $(SLAVE_DIR)/Dockerfile.j2 > $(SLAVE_DIR)/Dockerfile)
|
|
|
|
|
|
|
|
$(shell CONFIGURED_ARCH=$(CONFIGURED_ARCH) \
|
|
|
|
MULTIARCH_QEMU_ENVIRON=$(MULTIARCH_QEMU_ENVIRON) \
|
|
|
|
CROSS_BUILD_ENVIRON=$(CROSS_BUILD_ENVIRON) \
|
|
|
|
j2 $(SLAVE_DIR)/Dockerfile.user.j2 > $(SLAVE_DIR)/Dockerfile.user)
|
|
|
|
|
|
|
|
PREPARE_DOCKER=BUILD_SLAVE=y \
|
|
|
|
DEFAULT_CONTAINER_REGISTRY=$(DEFAULT_CONTAINER_REGISTRY) \
|
2022-12-11 19:20:56 -06:00
|
|
|
SONIC_VERSION_CACHE=$(SONIC_VERSION_CACHE) \
|
|
|
|
DBGOPT='$(DBGOPT)' \
|
2022-10-04 16:13:40 -05:00
|
|
|
scripts/prepare_docker_buildinfo.sh \
|
|
|
|
$(SLAVE_BASE_IMAGE) \
|
|
|
|
$(SLAVE_DIR)/Dockerfile \
|
|
|
|
$(CONFIGURED_ARCH) \
|
|
|
|
"" \
|
|
|
|
$(BLDENV)
|
|
|
|
|
|
|
|
$(shell $(PREPARE_DOCKER) )
|
2020-12-21 01:31:10 -06:00
|
|
|
|
|
|
|
# Add the versions in the tag, if the version change, need to rebuild the slave
|
2022-10-04 16:13:40 -05:00
|
|
|
SLAVE_BASE_TAG = $(shell \
|
|
|
|
cat $(SLAVE_DIR)/Dockerfile \
|
2022-11-14 23:02:34 -06:00
|
|
|
$(SLAVE_DIR)/sources.list.* \
|
2022-12-09 02:12:59 -06:00
|
|
|
$(SLAVE_DIR)/buildinfo/versions/versions-* 2>/dev/null \
|
2022-10-04 16:13:40 -05:00
|
|
|
| sha1sum \
|
|
|
|
| awk '{print substr($$1,0,11);}')
|
2020-12-21 01:31:10 -06:00
|
|
|
|
2022-10-04 16:13:40 -05:00
|
|
|
# Calculate the slave TAG based on $(USER)/$(PWD)/$(CONFIGURED_PLATFORM) to get unique SHA ID
|
|
|
|
SLAVE_TAG = $(shell \
|
|
|
|
(cat $(SLAVE_DIR)/Dockerfile.user \
|
|
|
|
$(SLAVE_DIR)/Dockerfile \
|
|
|
|
$(SLAVE_DIR)/buildinfo/versions/versions-* \
|
|
|
|
&& echo $(USER)/$(PWD)/$(CONFIGURED_PLATFORM)) \
|
|
|
|
| sha1sum \
|
|
|
|
| awk '{print substr($$1,0,11);}')
|
|
|
|
|
|
|
|
COLLECT_DOCKER=DEFAULT_CONTAINER_REGISTRY=$(DEFAULT_CONTAINER_REGISTRY) \
|
2022-12-11 19:20:56 -06:00
|
|
|
SONIC_VERSION_CACHE=$(SONIC_VERSION_CACHE) \
|
|
|
|
DBGOPT='$(DBGOPT)' \
|
2022-10-04 16:13:40 -05:00
|
|
|
scripts/collect_docker_version_files.sh \
|
2022-12-01 18:28:45 -06:00
|
|
|
$(SLAVE_BASE_IMAGE) \
|
|
|
|
target \
|
|
|
|
$(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) \
|
|
|
|
$(SLAVE_DIR) \
|
|
|
|
$(SLAVE_DIR)/Dockerfile
|
|
|
|
|
2019-06-20 11:20:34 -05:00
|
|
|
OVERLAY_MODULE_CHECK := \
|
|
|
|
lsmod | grep -q "^overlay " &>/dev/null || \
|
|
|
|
zgrep -q 'CONFIG_OVERLAY_FS=y' /proc/config.gz &>/dev/null || \
|
|
|
|
grep -q 'CONFIG_OVERLAY_FS=y' /boot/config-$(shell uname -r) &>/dev/null || \
|
|
|
|
(echo "ERROR: Module 'overlay' not loaded. Try running 'sudo modprobe overlay'."; exit 1)
|
2018-09-05 00:32:46 -05:00
|
|
|
|
2018-10-04 23:20:01 -05:00
|
|
|
BUILD_TIMESTAMP := $(shell date +%Y%m%d\.%H%M%S)
|
|
|
|
|
2022-04-27 19:39:37 -05:00
|
|
|
# Create separate Docker lockfiles for saving vs. loading an image.
|
|
|
|
ifeq ($(DOCKER_LOCKDIR),)
|
|
|
|
override DOCKER_LOCKDIR := /tmp/docklock
|
|
|
|
endif
|
|
|
|
DOCKER_LOCKFILE_SAVE := $(DOCKER_LOCKDIR)/docker_save.lock
|
|
|
|
$(shell mkdir -m 0777 -p $(DOCKER_LOCKDIR))
|
|
|
|
$(shell [ -f $(DOCKER_LOCKFILE_SAVE) ] || (touch $(DOCKER_LOCKFILE_SAVE) && chmod 0777 $(DOCKER_LOCKFILE_SAVE)))
|
2022-07-26 00:02:46 -05:00
|
|
|
$(docker run --rm -v $(DOCKER_ROOT)\:/mount alpine sh -c 'rm -rf /mount/')
|
|
|
|
$(mkdir -p $(DOCKER_ROOT))
|
2022-04-27 19:39:37 -05:00
|
|
|
|
2018-11-05 12:44:06 -06:00
|
|
|
ifeq ($(DOCKER_BUILDER_MOUNT),)
|
|
|
|
override DOCKER_BUILDER_MOUNT := "$(PWD):/sonic"
|
|
|
|
endif
|
|
|
|
|
|
|
|
ifeq ($(DOCKER_BUILDER_WORKDIR),)
|
|
|
|
override DOCKER_BUILDER_WORKDIR := "/sonic"
|
|
|
|
endif
|
|
|
|
|
2020-07-29 20:27:44 -05:00
|
|
|
DOCKER_RUN := docker run --rm=true --privileged --init \
|
2018-11-05 12:44:06 -06:00
|
|
|
-v $(DOCKER_BUILDER_MOUNT) \
|
2022-04-27 19:39:37 -05:00
|
|
|
-v "$(DOCKER_LOCKDIR):$(DOCKER_LOCKDIR)" \
|
2018-11-05 12:44:06 -06:00
|
|
|
-w $(DOCKER_BUILDER_WORKDIR) \
|
2018-08-16 17:54:31 -05:00
|
|
|
-e "http_proxy=$(http_proxy)" \
|
|
|
|
-e "https_proxy=$(https_proxy)" \
|
2021-04-16 01:10:19 -05:00
|
|
|
-e "no_proxy=$(no_proxy)" \
|
2020-12-30 06:57:44 -06:00
|
|
|
-i$(shell { if [ -t 0 ]; then echo t; fi }) \
|
2020-09-10 03:21:47 -05:00
|
|
|
$(SONIC_BUILDER_EXTRA_CMDLINE)
|
2018-08-16 17:54:31 -05:00
|
|
|
|
2022-06-16 01:13:01 -05:00
|
|
|
# Mount the $(DOCKER_ROOT) to /var/lib/docker in the slave container, the overlay fs is not supported as dockerd root folder.
|
|
|
|
ifneq ($(filter $(SONIC_SLAVE_DOCKER_DRIVER),overlay overlay2),)
|
|
|
|
DOCKER_RUN += -v $(DOCKER_ROOT):/var/lib/docker
|
|
|
|
endif
|
|
|
|
|
2020-08-01 23:59:06 -05:00
|
|
|
ifneq ($(DOCKER_BUILDER_USER_MOUNT),)
|
|
|
|
DOCKER_RUN += $(foreach mount,$(subst $(comma), ,$(DOCKER_BUILDER_USER_MOUNT)), $(addprefix -v , $(mount)))
|
|
|
|
endif
|
|
|
|
|
2020-09-10 03:21:47 -05:00
|
|
|
ifdef SONIC_BUILD_QUIETER
|
|
|
|
DOCKER_RUN += -e "SONIC_BUILD_QUIETER=$(SONIC_BUILD_QUIETER)"
|
|
|
|
endif
|
|
|
|
|
[build]: support for DPKG local caching (#4117)
DPKG caching framework provides the infrastructure to cache the sonic module/target .deb files into a local cache by tracking the target dependency files.SONIC build infrastructure is designed as a plugin framework where any new source code can be easily integrated into sonic as a module and that generates output as a .deb file. The source code compilation of a module is completely independent of other modules compilation. Inter module dependency is resolved through build artifacts like header files, libraries, and binaries in the form of Debian packages. For example module A depends on module B. While module A is being built, it uses B's .deb file to install it in the build docker.
The DPKG caching framework provides an infrastructure that caches a module's deb package and restores it back to the build directory if its dependency files are not modified. When a module is compiled for the first time, the generated deb package is stored at the DPKG cache location. On the subsequent build, first, it checks the module dependency file modification. If none of the dependent files is changed, it copies the deb package from the cache location, otherwise, it goes for local compilation and generates the deb package. The modified files should be checked-in to get the newer cache deb package.
This provides a huge improvement in build time and also supports the true incremental build by tracking the dependency files.
- How I did it
It takes two global arguments to enable the DPKG caching, the first one indicates the caching method and the second one describes the location of the cache.
SONIC_DPKG_CACHE_METHOD=cache
SONIC_DPKG_CACHE_SOURCE=
where SONIC_DPKG_CACHE_METHOD - Default method is 'cache' for deb package caching
none: no caching
cache: cache from local directory
Dependency file tracking:
Dependency files are tracked for each target in two levels.
1. Common make infrastructure files - rules/config, rules/functions, slave.mk etc.
2. Per module files - files which are specific to modules, Makefile, debian/rules, patch files, etc.
For example: dependency files for Linux Kernel - src/sonic-linux-kernel,
SPATH := $($(LINUX_HEADERS_COMMON)_SRC_PATH)
DEP_FILES := $(SONIC_COMMON_FILES_LIST) rules/linux-kernel.mk rules/linux-kernel.dep
DEP_FILES += $(SONIC_COMMON_BASE_FILES_LIST)
SMDEP_FILES := $(addprefix $(SPATH)/,$(shell cd $(SPATH) && git ls-files))
DEP_FLAGS := $(SONIC_COMMON_FLAGS_LIST) \
$(KERNEL_PROCURE_METHOD) $(KERNEL_CACHE_PATH)
$(LINUX_HEADERS_COMMON)_CACHE_MODE := GIT_CONTENT_SHA
$(LINUX_HEADERS_COMMON)_DEP_FLAGS := $(DEP_FLAGS)
$(LINUX_HEADERS_COMMON)_DEP_FILES := $(DEP_FILES)
$(LINUX_HEADERS_COMMON)_SMDEP_FILES := $(SMDEP_FILES)
$(LINUX_HEADERS_COMMON)_SMDEP_PATHS := $(SPATH)
Cache file tracking:
The Cache file is a compressed TAR ball of a module's target DEB file and its derived-target DEB files.
The cache filename is formed with the following format
FORMAT:
<module deb filename>.<24 byte of DEP SHA hash >-<24 byte of MOD SHA hash>.tgz
Eg:
linux-headers-4.9.0-9-2-common_4.9.168-1+deb9u3_all.deb-23658712fd21bb776fa16f47-c0b63ef593d4a32643bca228.tgz
< 24-byte DEP SHA value > - the SHA value is derived from all the dependent packages.
< 24-byte MOD SHA value > - the SHA value is derived from either of the following.
GIT_COMMIT_SHA - SHA value of the last git commit ID if it is a submodule
GIT_CONTENT_SHA - SHA value is generated from the content of the target dependency files.
Target Specific rules:
Caching can be enabled/disabled on a global level and also on the per-target level.
$(addprefix $(DEBS_PATH)/, $(SONIC_DPKG_DEBS)) : $(DEBS_PATH)/% : .platform $$(addsuffix -install,$$(addprefix $(DEBS_PATH)/,$$($$*_DEPENDS))) \
$(call dpkg_depend,$(DEBS_PATH)/%.dep )
$(HEADER)
# Load the target deb from DPKG cache
$(call LOAD_CACHE,$*,$@)
# Skip building the target if it is already loaded from cache
if [ -z '$($*_CACHE_LOADED)' ] ; then
.....
# Rules for Generating the target DEB file.
.....
# Save the target deb into DPKG cache
$(call SAVE_CACHE,$*,$@)
fi
$(FOOTER)
The make rule-'$(call dpkg_depend,$(DEBS_PATH)/%.dep )' checks for target dependency file modification. If it is newer than the target, it will go for re-generation of that target.
Two main macros 'LOAD_CACHE' and 'SAVE_CACHE' are used for loading and storing the cache contents.
The 'LOAD_CACHE' macro is used to load the cache file from cache storage and extracts them into the target folder. It is done only if target dependency files are not modified by checking the GIT file status, otherwise, cache loading is skipped and full compilation is performed.
It also updates the target-specific variable to indicate the cache is loaded or not.
The 'SAVE_CACHE' macro generates the compressed tarball of the cache file and saves them into cache storage. Saving into the cache storage is protected with a lock.
- How to verify it
The caching functionality is verified by enabling it in Linux kernel submodule.
It uses the cache directory as 'target/cache' where Linux cache file gets stored on the first-time build and it is picked from the cache location during the subsequent clean build.
- Description for the changelog
The DPKG caching framework provides the infrastructure to save the module-specific deb file to be cached by tracking the module's dependency files.
If the module's dependency files are not changed, it restores the module deb files from the cache storage.
- Description for the changelog
- A picture of a cute animal (not mandatory but encouraged)
DOCUMENT PR:
https://github.com/Azure/SONiC/pull/559
2020-03-11 22:04:52 -05:00
|
|
|
ifneq ($(SONIC_DPKG_CACHE_SOURCE),)
|
|
|
|
DOCKER_RUN += -v "$(SONIC_DPKG_CACHE_SOURCE):/dpkg_cache:rw"
|
|
|
|
endif
|
|
|
|
|
2022-12-11 19:20:56 -06:00
|
|
|
ifneq ($(SONIC_VERSION_CACHE_SOURCE),)
|
|
|
|
DOCKER_RUN += -v "$(SONIC_VERSION_CACHE_SOURCE):/vcache:rw"
|
|
|
|
endif
|
|
|
|
|
2022-04-19 00:23:15 -05:00
|
|
|
ifeq ($(SONIC_ENABLE_SECUREBOOT_SIGNATURE), y)
|
|
|
|
ifneq ($(SIGNING_KEY),)
|
|
|
|
DOCKER_SIGNING_SOURCE := $(shell dirname $(SIGNING_KEY))
|
|
|
|
DOCKER_RUN += -v "$(DOCKER_SIGNING_SOURCE):$(DOCKER_SIGNING_SOURCE):ro"
|
|
|
|
endif
|
|
|
|
ifneq ($(SIGNING_CERT),)
|
|
|
|
DOCKER_SIGNING_SOURCE := $(shell dirname $(SIGNING_CERT))
|
|
|
|
DOCKER_RUN += -v "$(DOCKER_SIGNING_SOURCE):$(DOCKER_SIGNING_SOURCE):ro"
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
2022-04-27 19:39:37 -05:00
|
|
|
# User name and tag for "docker-*" images created by native dockerd mode.
|
|
|
|
ifeq ($(strip $(SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD)),y)
|
|
|
|
DOCKER_USERNAME = $(USER_LC)
|
|
|
|
DOCKER_USERTAG = $(SLAVE_TAG)
|
|
|
|
else
|
|
|
|
DOCKER_USERNAME = sonic
|
|
|
|
DOCKER_USERTAG = latest
|
|
|
|
endif
|
|
|
|
|
|
|
|
# Define canned sequence to clean up Docker image cache.
|
|
|
|
# - These are the remnants from building the runtime Docker images using native (host) Docker daemon.
|
|
|
|
# - Image naming convention differs on a shared build system vs. non-shared.
|
|
|
|
# $(docker-image-cleanup)
|
|
|
|
ifeq ($(SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD),y)
|
|
|
|
define docker-image-cleanup
|
|
|
|
@for i in $(shell docker images --quiet --filter 'dangling=true') ; do (docker rmi -f $$i &> /dev/null || true) ; done
|
|
|
|
@for i in $(shell docker images --quiet docker-*$(DOCKER_USERNAME):$(DOCKER_USERTAG)) ; do (docker rmi -f $$i &> /dev/null || true) ; done
|
|
|
|
endef
|
|
|
|
else
|
|
|
|
define docker-image-cleanup
|
|
|
|
@:
|
|
|
|
endef
|
|
|
|
endif
|
|
|
|
|
2018-11-01 20:00:00 -05:00
|
|
|
ifeq ($(SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD), y)
|
2021-12-13 20:20:39 -06:00
|
|
|
ifneq ($(MULTIARCH_QEMU_ENVIRON), y)
|
2018-11-01 20:00:00 -05:00
|
|
|
DOCKER_RUN += -v /var/run/docker.sock:/var/run/docker.sock
|
|
|
|
endif
|
2021-12-13 20:20:39 -06:00
|
|
|
endif
|
2020-12-25 02:10:08 -06:00
|
|
|
|
2022-07-21 16:15:16 -05:00
|
|
|
ifneq ($(filter y, $(MULTIARCH_QEMU_ENVIRON) $(CROSS_BUILD_ENVIRON)),)
|
2020-12-25 02:10:08 -06:00
|
|
|
ifeq ($(DOCKER_DATA_ROOT_FOR_MULTIARCH),)
|
|
|
|
DOCKER_DATA_ROOT_FOR_MULTIARCH := /var/lib/march/docker
|
|
|
|
endif
|
2019-07-26 00:06:41 -05:00
|
|
|
# Multiarch docker cannot start dockerd service due to iptables cannot run over different arch kernel
|
|
|
|
SONIC_SERVICE_DOCKERD_FOR_MULTIARCH=y
|
2023-01-19 11:18:57 -06:00
|
|
|
SONIC_NATIVE_DOCKERD_FOR_MULTIARCH := dockerd --experimental=true --storage-driver=vfs \
|
2020-12-25 02:10:08 -06:00
|
|
|
--data-root=$(DOCKER_DATA_ROOT_FOR_MULTIARCH) --exec-root=/var/run/march/docker/ \
|
|
|
|
-H unix:///var/run/march/docker.sock -p /var/run/march/docker.pid
|
2021-12-10 00:20:38 -06:00
|
|
|
|
|
|
|
ifneq ($(DOCKER_CONFIG_FILE_FOR_MULTIARCH),)
|
2023-01-19 11:18:57 -06:00
|
|
|
SONIC_NATIVE_DOCKERD_FOR_MULTIARCH += --config-file=$(DOCKER_CONFIG_FILE_FOR_MULTIARCH)
|
2021-12-10 00:20:38 -06:00
|
|
|
endif
|
|
|
|
|
2019-07-26 00:06:41 -05:00
|
|
|
DOCKER_RUN += -v /var/run/march/docker.sock:/var/run/docker.sock
|
|
|
|
DOCKER_RUN += -v /var/run/march/docker.pid:/var/run/docker.pid
|
|
|
|
DOCKER_RUN += -v /var/run/march/docker:/var/run/docker
|
2020-12-25 02:10:08 -06:00
|
|
|
DOCKER_RUN += -v $(DOCKER_DATA_ROOT_FOR_MULTIARCH):/var/lib/docker
|
2023-01-19 11:18:57 -06:00
|
|
|
SONIC_USERFACL_DOCKERD_FOR_MULTIARCH := setfacl -m user:$(USER):rw /var/run/march/docker.sock
|
2019-07-26 00:06:41 -05:00
|
|
|
|
|
|
|
#Override Native config to prevent docker service
|
|
|
|
SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD=y
|
|
|
|
|
2022-01-16 20:03:16 -06:00
|
|
|
DOCKER_MULTIARCH_CHECK := docker run --rm --privileged multiarch/qemu-user-static --reset -p yes --credential yes
|
2019-07-26 00:06:41 -05:00
|
|
|
|
2019-10-24 15:50:45 -05:00
|
|
|
DOCKER_SERVICE_SAFE_KILLER := (MARCH_PID=`ps -eo pid,cmd | grep "[0-9] dockerd.*march" | awk '{print $$1}'`; echo "Killing march docker $$MARCH_PID"; [ -z "$$MARCH_PID" ] || sudo kill -9 "$$MARCH_PID";)
|
2023-01-19 11:18:57 -06:00
|
|
|
DOCKER_SERVICE_MULTIARCH_CHECK := ($(DOCKER_SERVICE_SAFE_KILLER); sudo rm -fr /var/run/march/; (echo "Starting docker march service..."; sudo $(SONIC_NATIVE_DOCKERD_FOR_MULTIARCH) &) &>/dev/null ; sleep 2; sudo $(SONIC_USERFACL_DOCKERD_FOR_MULTIARCH);)
|
2019-07-26 00:06:41 -05:00
|
|
|
|
2020-01-23 18:50:17 -06:00
|
|
|
# Docker service to load the compiled dockers-*.gz
|
|
|
|
# docker 19.0 version above has path/length restriction, so replaced it with soft link in /tmp/
|
|
|
|
# Also dockerd does mkdir on the provided softlink, so used two level path "d/d"
|
|
|
|
D_ROOT=/tmp/d/d
|
|
|
|
SONIC_NATIVE_DOCKERD_FOR_DOCKERFS := rm -fr $(PWD)/dockerfs; mkdir -p $(PWD)/dockerfs; sudo rm -fr /tmp/d; mkdir -p /tmp/d; ln -s -f $(PWD)/dockerfs $(D_ROOT); \
|
|
|
|
sudo dockerd --storage-driver=overlay2 --iptables=false \
|
|
|
|
--data-root $(D_ROOT)/var/lib/docker/ --exec-root=$(D_ROOT)/var/run/docker/ \
|
|
|
|
-H unix://$(D_ROOT)/var/run/docker.sock -p $(D_ROOT)/var/run/docker.pid &
|
|
|
|
SONIC_USERFACL_DOCKERD_FOR_DOCKERFS := setfacl -m user:$(USER):rw $(D_ROOT)/var/run/docker.sock
|
|
|
|
DOCKER_SERVICE_DOCKERFS_CHECK := (sudo docker -H unix://$(D_ROOT)/var/run/docker.sock info &> /dev/null && sudo kill -9 `sudo cat $(D_ROOT)/var/run/docker.pid` && false) || (echo "Starting docker build service..."; (sudo $(SONIC_NATIVE_DOCKERD_FOR_DOCKERFS) ) &> /tmp/dockerfs.log ; sleep 1; sudo $(SONIC_USERFACL_DOCKERD_FOR_DOCKERFS);)
|
2019-07-26 00:06:41 -05:00
|
|
|
|
|
|
|
endif
|
2018-11-01 20:00:00 -05:00
|
|
|
|
2022-05-31 11:59:52 -05:00
|
|
|
SPLIT_LOG = | tee
|
|
|
|
|
|
|
|
DOCKER_BASE_LOG = $(SLAVE_DIR)/$(SLAVE_BASE_IMAGE)_$(SLAVE_BASE_TAG).log
|
|
|
|
DOCKER_LOG = $(SLAVE_DIR)/$(SLAVE_IMAGE)_$(SLAVE_TAG).log
|
|
|
|
|
|
|
|
|
2022-10-04 16:13:40 -05:00
|
|
|
DOCKER_SLAVE_BASE_BUILD = docker build --no-cache \
|
2019-07-13 14:43:45 -05:00
|
|
|
-t $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) \
|
2018-08-16 17:54:31 -05:00
|
|
|
--build-arg http_proxy=$(http_proxy) \
|
|
|
|
--build-arg https_proxy=$(https_proxy) \
|
2021-04-16 01:10:19 -05:00
|
|
|
--build-arg no_proxy=$(no_proxy) \
|
2022-12-11 19:20:56 -06:00
|
|
|
--build-arg SONIC_VERSION_CACHE=$(SONIC_VERSION_CACHE) \
|
|
|
|
--build-arg SONIC_VERSION_CONTROL_COMPONENTS=$(SONIC_VERSION_CONTROL_COMPONENTS) \
|
2022-12-01 18:28:45 -06:00
|
|
|
$(SLAVE_DIR) \
|
|
|
|
$(SPLIT_LOG) $(DOCKER_BASE_LOG)
|
2018-08-16 17:54:31 -05:00
|
|
|
|
2020-12-26 12:30:51 -06:00
|
|
|
DOCKER_BASE_PULL = docker pull \
|
|
|
|
$(REGISTRY_SERVER):$(REGISTRY_PORT)/$(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG)
|
|
|
|
|
2022-10-04 16:13:40 -05:00
|
|
|
DOCKER_USER_BUILD = docker build --no-cache \
|
2018-08-16 17:54:31 -05:00
|
|
|
--build-arg user=$(USER) \
|
|
|
|
--build-arg uid=$(shell id -u) \
|
|
|
|
--build-arg guid=$(shell id -g) \
|
|
|
|
--build-arg hostname=$(shell echo $$HOSTNAME) \
|
2019-07-13 14:43:45 -05:00
|
|
|
--build-arg slave_base_tag_ref=$(SLAVE_BASE_TAG) \
|
|
|
|
-t $(SLAVE_IMAGE):$(SLAVE_TAG) \
|
2018-08-16 17:54:31 -05:00
|
|
|
-f $(SLAVE_DIR)/Dockerfile.user \
|
2022-05-31 11:59:52 -05:00
|
|
|
$(SLAVE_DIR) $(SPLIT_LOG) $(DOCKER_LOG)
|
2018-08-16 17:54:31 -05:00
|
|
|
|
2022-10-04 16:13:40 -05:00
|
|
|
|
|
|
|
DOCKER_SLAVE_BASE_INSPECT = \
|
|
|
|
{ \
|
|
|
|
echo Checking sonic-slave-base image: $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG); \
|
|
|
|
docker inspect --type image $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) &> /dev/null; \
|
|
|
|
}
|
|
|
|
|
|
|
|
DOCKER_SLAVE_BASE_PULL_REGISTRY = \
|
|
|
|
[ $(ENABLE_DOCKER_BASE_PULL) == y ] && \
|
|
|
|
{ \
|
|
|
|
echo Image $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) not found. Pulling...; \
|
|
|
|
$(DOCKER_BASE_PULL); \
|
|
|
|
} && \
|
|
|
|
{ \
|
|
|
|
docker tag $(REGISTRY_SERVER):$(REGISTRY_PORT)/$(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) && \
|
|
|
|
$(COLLECT_DOCKER); \
|
|
|
|
}\
|
|
|
|
|
|
|
|
SONIC_SLAVE_BASE_BUILD = \
|
|
|
|
{ \
|
|
|
|
$(DOCKER_SLAVE_BASE_INSPECT); \
|
|
|
|
} || \
|
|
|
|
{ \
|
|
|
|
$(DOCKER_SLAVE_BASE_PULL_REGISTRY); \
|
|
|
|
} || \
|
|
|
|
{ \
|
|
|
|
echo Image $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) not found. Building... ; \
|
|
|
|
$(PREPARE_DOCKER) ; \
|
|
|
|
$(DOCKER_SLAVE_BASE_BUILD) ; \
|
|
|
|
$(COLLECT_DOCKER) ; \
|
|
|
|
}
|
|
|
|
|
|
|
|
DOCKER_SLAVE_USER_INSPECT = \
|
|
|
|
{ \
|
|
|
|
echo Checking sonic-slave-user image: $(SLAVE_IMAGE):$(SLAVE_TAG); \
|
|
|
|
docker inspect --type image $(SLAVE_IMAGE):$(SLAVE_TAG) &> /dev/null; \
|
|
|
|
}
|
|
|
|
|
|
|
|
SONIC_SLAVE_USER_BUILD = \
|
|
|
|
{ $(DOCKER_SLAVE_USER_INSPECT) } || \
|
|
|
|
{ \
|
|
|
|
echo Image $(SLAVE_IMAGE):$(SLAVE_TAG) not found. Building... ; \
|
|
|
|
$(DOCKER_USER_BUILD) ; \
|
|
|
|
}
|
|
|
|
|
|
|
|
SONIC_BUILD_INSTRUCTION := $(MAKE) \
|
2018-08-16 17:54:31 -05:00
|
|
|
-f slave.mk \
|
|
|
|
PLATFORM=$(PLATFORM) \
|
2019-07-26 00:06:41 -05:00
|
|
|
PLATFORM_ARCH=$(PLATFORM_ARCH) \
|
2021-04-18 10:17:57 -05:00
|
|
|
MULTIARCH_QEMU_ENVIRON=$(MULTIARCH_QEMU_ENVIRON) \
|
2022-08-24 18:42:01 -05:00
|
|
|
TARGET_BOOTLOADER=$(TARGET_BOOTLOADER) \
|
2022-07-21 16:15:16 -05:00
|
|
|
CROSS_BUILD_ENVIRON=$(CROSS_BUILD_ENVIRON) \
|
2018-08-16 17:54:31 -05:00
|
|
|
BUILD_NUMBER=$(BUILD_NUMBER) \
|
2018-10-04 23:20:01 -05:00
|
|
|
BUILD_TIMESTAMP=$(BUILD_TIMESTAMP) \
|
2020-09-16 12:47:26 -05:00
|
|
|
SONIC_IMAGE_VERSION=$(SONIC_IMAGE_VERSION) \
|
2022-04-27 19:39:37 -05:00
|
|
|
SLAVE_TAG=$(SLAVE_TAG) \
|
2018-08-16 17:54:31 -05:00
|
|
|
ENABLE_DHCP_GRAPH_SERVICE=$(ENABLE_DHCP_GRAPH_SERVICE) \
|
2019-12-04 06:50:56 -06:00
|
|
|
ENABLE_ZTP=$(ENABLE_ZTP) \
|
2021-07-24 18:24:43 -05:00
|
|
|
INCLUDE_PDE=$(INCLUDE_PDE) \
|
2018-08-16 17:54:31 -05:00
|
|
|
SHUTDOWN_BGP_ON_START=$(SHUTDOWN_BGP_ON_START) \
|
2020-08-05 15:23:12 -05:00
|
|
|
INCLUDE_KUBERNETES=$(INCLUDE_KUBERNETES) \
|
2020-04-13 10:41:18 -05:00
|
|
|
KUBERNETES_VERSION=$(KUBERNETES_VERSION) \
|
|
|
|
K8s_GCR_IO_PAUSE_VERSION=$(K8s_GCR_IO_PAUSE_VERSION) \
|
2022-08-13 10:01:35 -05:00
|
|
|
INCLUDE_KUBERNETES_MASTER=$(INCLUDE_KUBERNETES_MASTER) \
|
2018-08-16 17:54:31 -05:00
|
|
|
SONIC_ENABLE_PFCWD_ON_START=$(ENABLE_PFCWD_ON_START) \
|
2018-10-15 15:49:35 -05:00
|
|
|
SONIC_ENABLE_SYNCD_RPC=$(ENABLE_SYNCD_RPC) \
|
2018-10-21 19:20:27 -05:00
|
|
|
SONIC_INSTALL_DEBUG_TOOLS=$(INSTALL_DEBUG_TOOLS) \
|
2022-02-08 04:56:34 -06:00
|
|
|
SONIC_SAITHRIFT_V2=$(SAITHRIFT_V2) \
|
[build]: support for DPKG local caching (#4117)
DPKG caching framework provides the infrastructure to cache the sonic module/target .deb files into a local cache by tracking the target dependency files.SONIC build infrastructure is designed as a plugin framework where any new source code can be easily integrated into sonic as a module and that generates output as a .deb file. The source code compilation of a module is completely independent of other modules compilation. Inter module dependency is resolved through build artifacts like header files, libraries, and binaries in the form of Debian packages. For example module A depends on module B. While module A is being built, it uses B's .deb file to install it in the build docker.
The DPKG caching framework provides an infrastructure that caches a module's deb package and restores it back to the build directory if its dependency files are not modified. When a module is compiled for the first time, the generated deb package is stored at the DPKG cache location. On the subsequent build, first, it checks the module dependency file modification. If none of the dependent files is changed, it copies the deb package from the cache location, otherwise, it goes for local compilation and generates the deb package. The modified files should be checked-in to get the newer cache deb package.
This provides a huge improvement in build time and also supports the true incremental build by tracking the dependency files.
- How I did it
It takes two global arguments to enable the DPKG caching, the first one indicates the caching method and the second one describes the location of the cache.
SONIC_DPKG_CACHE_METHOD=cache
SONIC_DPKG_CACHE_SOURCE=
where SONIC_DPKG_CACHE_METHOD - Default method is 'cache' for deb package caching
none: no caching
cache: cache from local directory
Dependency file tracking:
Dependency files are tracked for each target in two levels.
1. Common make infrastructure files - rules/config, rules/functions, slave.mk etc.
2. Per module files - files which are specific to modules, Makefile, debian/rules, patch files, etc.
For example: dependency files for Linux Kernel - src/sonic-linux-kernel,
SPATH := $($(LINUX_HEADERS_COMMON)_SRC_PATH)
DEP_FILES := $(SONIC_COMMON_FILES_LIST) rules/linux-kernel.mk rules/linux-kernel.dep
DEP_FILES += $(SONIC_COMMON_BASE_FILES_LIST)
SMDEP_FILES := $(addprefix $(SPATH)/,$(shell cd $(SPATH) && git ls-files))
DEP_FLAGS := $(SONIC_COMMON_FLAGS_LIST) \
$(KERNEL_PROCURE_METHOD) $(KERNEL_CACHE_PATH)
$(LINUX_HEADERS_COMMON)_CACHE_MODE := GIT_CONTENT_SHA
$(LINUX_HEADERS_COMMON)_DEP_FLAGS := $(DEP_FLAGS)
$(LINUX_HEADERS_COMMON)_DEP_FILES := $(DEP_FILES)
$(LINUX_HEADERS_COMMON)_SMDEP_FILES := $(SMDEP_FILES)
$(LINUX_HEADERS_COMMON)_SMDEP_PATHS := $(SPATH)
Cache file tracking:
The Cache file is a compressed TAR ball of a module's target DEB file and its derived-target DEB files.
The cache filename is formed with the following format
FORMAT:
<module deb filename>.<24 byte of DEP SHA hash >-<24 byte of MOD SHA hash>.tgz
Eg:
linux-headers-4.9.0-9-2-common_4.9.168-1+deb9u3_all.deb-23658712fd21bb776fa16f47-c0b63ef593d4a32643bca228.tgz
< 24-byte DEP SHA value > - the SHA value is derived from all the dependent packages.
< 24-byte MOD SHA value > - the SHA value is derived from either of the following.
GIT_COMMIT_SHA - SHA value of the last git commit ID if it is a submodule
GIT_CONTENT_SHA - SHA value is generated from the content of the target dependency files.
Target Specific rules:
Caching can be enabled/disabled on a global level and also on the per-target level.
$(addprefix $(DEBS_PATH)/, $(SONIC_DPKG_DEBS)) : $(DEBS_PATH)/% : .platform $$(addsuffix -install,$$(addprefix $(DEBS_PATH)/,$$($$*_DEPENDS))) \
$(call dpkg_depend,$(DEBS_PATH)/%.dep )
$(HEADER)
# Load the target deb from DPKG cache
$(call LOAD_CACHE,$*,$@)
# Skip building the target if it is already loaded from cache
if [ -z '$($*_CACHE_LOADED)' ] ; then
.....
# Rules for Generating the target DEB file.
.....
# Save the target deb into DPKG cache
$(call SAVE_CACHE,$*,$@)
fi
$(FOOTER)
The make rule-'$(call dpkg_depend,$(DEBS_PATH)/%.dep )' checks for target dependency file modification. If it is newer than the target, it will go for re-generation of that target.
Two main macros 'LOAD_CACHE' and 'SAVE_CACHE' are used for loading and storing the cache contents.
The 'LOAD_CACHE' macro is used to load the cache file from cache storage and extracts them into the target folder. It is done only if target dependency files are not modified by checking the GIT file status, otherwise, cache loading is skipped and full compilation is performed.
It also updates the target-specific variable to indicate the cache is loaded or not.
The 'SAVE_CACHE' macro generates the compressed tarball of the cache file and saves them into cache storage. Saving into the cache storage is protected with a lock.
- How to verify it
The caching functionality is verified by enabling it in Linux kernel submodule.
It uses the cache directory as 'target/cache' where Linux cache file gets stored on the first-time build and it is picked from the cache location during the subsequent clean build.
- Description for the changelog
The DPKG caching framework provides the infrastructure to save the module-specific deb file to be cached by tracking the module's dependency files.
If the module's dependency files are not changed, it restores the module deb files from the cache storage.
- Description for the changelog
- A picture of a cute animal (not mandatory but encouraged)
DOCUMENT PR:
https://github.com/Azure/SONiC/pull/559
2020-03-11 22:04:52 -05:00
|
|
|
MDEBUG=$(MDEBUG) \
|
2018-08-16 17:54:31 -05:00
|
|
|
PASSWORD=$(PASSWORD) \
|
|
|
|
USERNAME=$(USERNAME) \
|
|
|
|
SONIC_BUILD_JOBS=$(SONIC_BUILD_JOBS) \
|
2019-06-20 11:19:33 -05:00
|
|
|
SONIC_USE_DOCKER_BUILDKIT=$(SONIC_USE_DOCKER_BUILDKIT) \
|
2019-03-29 17:25:17 -05:00
|
|
|
VS_PREPARE_MEM=$(VS_PREPARE_MEM) \
|
2018-08-16 17:54:31 -05:00
|
|
|
KERNEL_PROCURE_METHOD=$(KERNEL_PROCURE_METHOD) \
|
[build]: support for DPKG local caching (#4117)
DPKG caching framework provides the infrastructure to cache the sonic module/target .deb files into a local cache by tracking the target dependency files.SONIC build infrastructure is designed as a plugin framework where any new source code can be easily integrated into sonic as a module and that generates output as a .deb file. The source code compilation of a module is completely independent of other modules compilation. Inter module dependency is resolved through build artifacts like header files, libraries, and binaries in the form of Debian packages. For example module A depends on module B. While module A is being built, it uses B's .deb file to install it in the build docker.
The DPKG caching framework provides an infrastructure that caches a module's deb package and restores it back to the build directory if its dependency files are not modified. When a module is compiled for the first time, the generated deb package is stored at the DPKG cache location. On the subsequent build, first, it checks the module dependency file modification. If none of the dependent files is changed, it copies the deb package from the cache location, otherwise, it goes for local compilation and generates the deb package. The modified files should be checked-in to get the newer cache deb package.
This provides a huge improvement in build time and also supports the true incremental build by tracking the dependency files.
- How I did it
It takes two global arguments to enable the DPKG caching, the first one indicates the caching method and the second one describes the location of the cache.
SONIC_DPKG_CACHE_METHOD=cache
SONIC_DPKG_CACHE_SOURCE=
where SONIC_DPKG_CACHE_METHOD - Default method is 'cache' for deb package caching
none: no caching
cache: cache from local directory
Dependency file tracking:
Dependency files are tracked for each target in two levels.
1. Common make infrastructure files - rules/config, rules/functions, slave.mk etc.
2. Per module files - files which are specific to modules, Makefile, debian/rules, patch files, etc.
For example: dependency files for Linux Kernel - src/sonic-linux-kernel,
SPATH := $($(LINUX_HEADERS_COMMON)_SRC_PATH)
DEP_FILES := $(SONIC_COMMON_FILES_LIST) rules/linux-kernel.mk rules/linux-kernel.dep
DEP_FILES += $(SONIC_COMMON_BASE_FILES_LIST)
SMDEP_FILES := $(addprefix $(SPATH)/,$(shell cd $(SPATH) && git ls-files))
DEP_FLAGS := $(SONIC_COMMON_FLAGS_LIST) \
$(KERNEL_PROCURE_METHOD) $(KERNEL_CACHE_PATH)
$(LINUX_HEADERS_COMMON)_CACHE_MODE := GIT_CONTENT_SHA
$(LINUX_HEADERS_COMMON)_DEP_FLAGS := $(DEP_FLAGS)
$(LINUX_HEADERS_COMMON)_DEP_FILES := $(DEP_FILES)
$(LINUX_HEADERS_COMMON)_SMDEP_FILES := $(SMDEP_FILES)
$(LINUX_HEADERS_COMMON)_SMDEP_PATHS := $(SPATH)
Cache file tracking:
The Cache file is a compressed TAR ball of a module's target DEB file and its derived-target DEB files.
The cache filename is formed with the following format
FORMAT:
<module deb filename>.<24 byte of DEP SHA hash >-<24 byte of MOD SHA hash>.tgz
Eg:
linux-headers-4.9.0-9-2-common_4.9.168-1+deb9u3_all.deb-23658712fd21bb776fa16f47-c0b63ef593d4a32643bca228.tgz
< 24-byte DEP SHA value > - the SHA value is derived from all the dependent packages.
< 24-byte MOD SHA value > - the SHA value is derived from either of the following.
GIT_COMMIT_SHA - SHA value of the last git commit ID if it is a submodule
GIT_CONTENT_SHA - SHA value is generated from the content of the target dependency files.
Target Specific rules:
Caching can be enabled/disabled on a global level and also on the per-target level.
$(addprefix $(DEBS_PATH)/, $(SONIC_DPKG_DEBS)) : $(DEBS_PATH)/% : .platform $$(addsuffix -install,$$(addprefix $(DEBS_PATH)/,$$($$*_DEPENDS))) \
$(call dpkg_depend,$(DEBS_PATH)/%.dep )
$(HEADER)
# Load the target deb from DPKG cache
$(call LOAD_CACHE,$*,$@)
# Skip building the target if it is already loaded from cache
if [ -z '$($*_CACHE_LOADED)' ] ; then
.....
# Rules for Generating the target DEB file.
.....
# Save the target deb into DPKG cache
$(call SAVE_CACHE,$*,$@)
fi
$(FOOTER)
The make rule-'$(call dpkg_depend,$(DEBS_PATH)/%.dep )' checks for target dependency file modification. If it is newer than the target, it will go for re-generation of that target.
Two main macros 'LOAD_CACHE' and 'SAVE_CACHE' are used for loading and storing the cache contents.
The 'LOAD_CACHE' macro is used to load the cache file from cache storage and extracts them into the target folder. It is done only if target dependency files are not modified by checking the GIT file status, otherwise, cache loading is skipped and full compilation is performed.
It also updates the target-specific variable to indicate the cache is loaded or not.
The 'SAVE_CACHE' macro generates the compressed tarball of the cache file and saves them into cache storage. Saving into the cache storage is protected with a lock.
- How to verify it
The caching functionality is verified by enabling it in Linux kernel submodule.
It uses the cache directory as 'target/cache' where Linux cache file gets stored on the first-time build and it is picked from the cache location during the subsequent clean build.
- Description for the changelog
The DPKG caching framework provides the infrastructure to save the module-specific deb file to be cached by tracking the module's dependency files.
If the module's dependency files are not changed, it restores the module deb files from the cache storage.
- Description for the changelog
- A picture of a cute animal (not mandatory but encouraged)
DOCUMENT PR:
https://github.com/Azure/SONiC/pull/559
2020-03-11 22:04:52 -05:00
|
|
|
SONIC_DPKG_CACHE_METHOD=$(SONIC_DPKG_CACHE_METHOD) \
|
|
|
|
SONIC_DPKG_CACHE_SOURCE=$(SONIC_DPKG_CACHE_SOURCE) \
|
2018-08-16 17:54:31 -05:00
|
|
|
HTTP_PROXY=$(http_proxy) \
|
|
|
|
HTTPS_PROXY=$(https_proxy) \
|
2021-04-16 01:10:19 -05:00
|
|
|
NO_PROXY=$(no_proxy) \
|
2022-04-27 19:39:37 -05:00
|
|
|
DOCKER_USERNAME=$(DOCKER_USERNAME) \
|
|
|
|
DOCKER_USERTAG=$(DOCKER_USERTAG) \
|
|
|
|
DOCKER_LOCKDIR=$(DOCKER_LOCKDIR) \
|
|
|
|
DOCKER_LOCKFILE_SAVE=$(DOCKER_LOCKFILE_SAVE) \
|
|
|
|
SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD=$(SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD) \
|
2020-08-05 15:23:12 -05:00
|
|
|
SONIC_INCLUDE_SYSTEM_TELEMETRY=$(INCLUDE_SYSTEM_TELEMETRY) \
|
2021-07-15 12:35:56 -05:00
|
|
|
INCLUDE_DHCP_RELAY=$(INCLUDE_DHCP_RELAY) \
|
[docker-macsec]: MACsec CLI Plugin (#9390)
#### Why I did it
To provide MACsec config and show CLI for manipulating MACsec
#### How I did it
Add `config macsec` and `show macsec`.
#### How to verify it
This PR includes unittest for MACsec CLI, check Azp status.
- Add MACsec profile
```
admin@sonic:~$ sudo config macsec profile add --help
Usage: config macsec profile add [OPTIONS] <profile_name>
Add MACsec profile
Options:
--priority <priority> For Key server election. In 0-255 range with
0 being the highest priority. [default:
255]
--cipher_suite <cipher_suite> The cipher suite for MACsec. [default: GCM-
AES-128]
--primary_cak <primary_cak> Primary Connectivity Association Key.
[required]
--primary_ckn <primary_cak> Primary CAK Name. [required]
--policy <policy> MACsec policy. INTEGRITY_ONLY: All traffic,
except EAPOL, will be converted to MACsec
packets without encryption. SECURITY: All
traffic, except EAPOL, will be encrypted by
SecY. [default: security]
--enable_replay_protect / --disable_replay_protect
Whether enable replay protect. [default:
False]
--replay_window <enable_replay_protect>
Replay window size that is the number of
packets that could be out of order. This
field works only if ENABLE_REPLAY_PROTECT is
true. [default: 0]
--send_sci / --no_send_sci Send SCI in SecTAG field of MACsec header.
[default: True]
--rekey_period <rekey_period> The period of proactively refresh (Unit
second). [default: 0]
-?, -h, --help Show this message and exit.
```
- Delete MACsec profile
```
admin@sonic:~$ sudo config macsec profile del --help
Usage: config macsec profile del [OPTIONS] <profile_name>
Delete MACsec profile
Options:
-?, -h, --help Show this message and exit.
```
- Enable MACsec on the port
```
admin@sonic:~$ sudo config macsec port add --help
Usage: config macsec port add [OPTIONS] <port_name> <profile_name>
Add MACsec port
Options:
-?, -h, --help Show this message and exit.
```
- Disable MACsec on the port
```
admin@sonic:~$ sudo config macsec port del --help
Usage: config macsec port del [OPTIONS] <port_name>
Delete MACsec port
Options:
-?, -h, --help Show this message and exit.
```
Show MACsec
```
MACsec port(Ethernet0)
--------------------- -----------
cipher_suite GCM-AES-256
enable true
enable_encrypt true
enable_protect true
enable_replay_protect false
replay_window 0
send_sci true
--------------------- -----------
MACsec Egress SC (5254008f4f1c0001)
----------- -
encoding_an 2
----------- -
MACsec Egress SA (1)
------------------------------------- ----------------------------------------------------------------
auth_key 849B69D363E2B0AA154BEBBD7C1D9487
next_pn 1
sak AE8C9BB36EA44B60375E84BC8E778596289E79240FDFA6D7BA33D3518E705A5E
salt 000000000000000000000000
ssci 0
SAI_MACSEC_SA_ATTR_CURRENT_XPN 179
SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0
SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0
SAI_MACSEC_SA_STAT_OUT_PKTS_ENCRYPTED 0
SAI_MACSEC_SA_STAT_OUT_PKTS_PROTECTED 0
------------------------------------- ----------------------------------------------------------------
MACsec Egress SA (2)
------------------------------------- ----------------------------------------------------------------
auth_key 5A8B8912139551D3678B43DD0F10FFA5
next_pn 1
sak 7F2651140F12C434F782EF9AD7791EE2CFE2BF315A568A48785E35FC803C9DB6
salt 000000000000000000000000
ssci 0
SAI_MACSEC_SA_ATTR_CURRENT_XPN 87185
SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0
SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0
SAI_MACSEC_SA_STAT_OUT_PKTS_ENCRYPTED 0
SAI_MACSEC_SA_STAT_OUT_PKTS_PROTECTED 0
------------------------------------- ----------------------------------------------------------------
MACsec Ingress SC (525400edac5b0001)
MACsec Ingress SA (1)
--------------------------------------- ----------------------------------------------------------------
active true
auth_key 849B69D363E2B0AA154BEBBD7C1D9487
lowest_acceptable_pn 1
sak AE8C9BB36EA44B60375E84BC8E778596289E79240FDFA6D7BA33D3518E705A5E
salt 000000000000000000000000
ssci 0
SAI_MACSEC_SA_ATTR_CURRENT_XPN 103
SAI_MACSEC_SA_STAT_IN_PKTS_DELAYED 0
SAI_MACSEC_SA_STAT_IN_PKTS_INVALID 0
SAI_MACSEC_SA_STAT_IN_PKTS_LATE 0
SAI_MACSEC_SA_STAT_IN_PKTS_NOT_USING_SA 0
SAI_MACSEC_SA_STAT_IN_PKTS_NOT_VALID 0
SAI_MACSEC_SA_STAT_IN_PKTS_OK 0
SAI_MACSEC_SA_STAT_IN_PKTS_UNCHECKED 0
SAI_MACSEC_SA_STAT_IN_PKTS_UNUSED_SA 0
SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0
SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0
--------------------------------------- ----------------------------------------------------------------
MACsec Ingress SA (2)
--------------------------------------- ----------------------------------------------------------------
active true
auth_key 5A8B8912139551D3678B43DD0F10FFA5
lowest_acceptable_pn 1
sak 7F2651140F12C434F782EF9AD7791EE2CFE2BF315A568A48785E35FC803C9DB6
salt 000000000000000000000000
ssci 0
SAI_MACSEC_SA_ATTR_CURRENT_XPN 91824
SAI_MACSEC_SA_STAT_IN_PKTS_DELAYED 0
SAI_MACSEC_SA_STAT_IN_PKTS_INVALID 0
SAI_MACSEC_SA_STAT_IN_PKTS_LATE 0
SAI_MACSEC_SA_STAT_IN_PKTS_NOT_USING_SA 0
SAI_MACSEC_SA_STAT_IN_PKTS_NOT_VALID 0
SAI_MACSEC_SA_STAT_IN_PKTS_OK 0
SAI_MACSEC_SA_STAT_IN_PKTS_UNCHECKED 0
SAI_MACSEC_SA_STAT_IN_PKTS_UNUSED_SA 0
SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0
SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0
--------------------------------------- ----------------------------------------------------------------
MACsec port(Ethernet1)
--------------------- -----------
cipher_suite GCM-AES-256
enable true
enable_encrypt true
enable_protect true
enable_replay_protect false
replay_window 0
send_sci true
--------------------- -----------
MACsec Egress SC (5254008f4f1c0001)
----------- -
encoding_an 1
----------- -
MACsec Egress SA (1)
------------------------------------- ----------------------------------------------------------------
auth_key 35FC8F2C81BCA28A95845A4D2A1EE6EF
next_pn 1
sak 1EC8572B75A840BA6B3833DC550C620D2C65BBDDAD372D27A1DFEB0CD786671B
salt 000000000000000000000000
ssci 0
SAI_MACSEC_SA_ATTR_CURRENT_XPN 4809
SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0
SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0
SAI_MACSEC_SA_STAT_OUT_PKTS_ENCRYPTED 0
SAI_MACSEC_SA_STAT_OUT_PKTS_PROTECTED 0
------------------------------------- ----------------------------------------------------------------
MACsec Ingress SC (525400edac5b0001)
MACsec Ingress SA (1)
--------------------------------------- ----------------------------------------------------------------
active true
auth_key 35FC8F2C81BCA28A95845A4D2A1EE6EF
lowest_acceptable_pn 1
sak 1EC8572B75A840BA6B3833DC550C620D2C65BBDDAD372D27A1DFEB0CD786671B
salt 000000000000000000000000
ssci 0
SAI_MACSEC_SA_ATTR_CURRENT_XPN 5033
SAI_MACSEC_SA_STAT_IN_PKTS_DELAYED 0
SAI_MACSEC_SA_STAT_IN_PKTS_INVALID 0
SAI_MACSEC_SA_STAT_IN_PKTS_LATE 0
SAI_MACSEC_SA_STAT_IN_PKTS_NOT_USING_SA 0
SAI_MACSEC_SA_STAT_IN_PKTS_NOT_VALID 0
SAI_MACSEC_SA_STAT_IN_PKTS_OK 0
SAI_MACSEC_SA_STAT_IN_PKTS_UNCHECKED 0
SAI_MACSEC_SA_STAT_IN_PKTS_UNUSED_SA 0
SAI_MACSEC_SA_STAT_OCTETS_ENCRYPTED 0
SAI_MACSEC_SA_STAT_OCTETS_PROTECTED 0
--------------------------------------- ----------------------------------------------------------------
```
2022-05-19 08:59:37 -05:00
|
|
|
INCLUDE_MACSEC=$(INCLUDE_MACSEC) \
|
2020-08-05 15:23:12 -05:00
|
|
|
SONIC_INCLUDE_RESTAPI=$(INCLUDE_RESTAPI) \
|
2021-01-25 19:43:56 -06:00
|
|
|
SONIC_INCLUDE_MUX=$(INCLUDE_MUX) \
|
2022-09-19 01:54:08 -05:00
|
|
|
ENABLE_TRANSLIB_WRITE=$(ENABLE_TRANSLIB_WRITE) \
|
2022-11-29 02:58:27 -06:00
|
|
|
ENABLE_NATIVE_WRITE=$(ENABLE_NATIVE_WRITE) \
|
2020-02-02 14:04:18 -06:00
|
|
|
EXTRA_DOCKER_TARGETS=$(EXTRA_DOCKER_TARGETS) \
|
2020-03-23 11:45:43 -05:00
|
|
|
BUILD_LOG_TIMESTAMP=$(BUILD_LOG_TIMESTAMP) \
|
2020-06-09 02:25:17 -05:00
|
|
|
SONIC_ENABLE_IMAGE_SIGNATURE=$(ENABLE_IMAGE_SIGNATURE) \
|
2022-04-19 00:23:15 -05:00
|
|
|
SONIC_ENABLE_SECUREBOOT_SIGNATURE=$(SONIC_ENABLE_SECUREBOOT_SIGNATURE) \
|
2022-03-14 05:09:20 -05:00
|
|
|
SONIC_DEFAULT_CONTAINER_REGISTRY=$(DEFAULT_CONTAINER_REGISTRY) \
|
2021-02-08 21:35:08 -06:00
|
|
|
ENABLE_HOST_SERVICE_ON_START=$(ENABLE_HOST_SERVICE_ON_START) \
|
2020-12-21 01:31:10 -06:00
|
|
|
SLAVE_DIR=$(SLAVE_DIR) \
|
2021-11-15 23:56:37 -06:00
|
|
|
ENABLE_AUTO_TECH_SUPPORT=$(ENABLE_AUTO_TECH_SUPPORT) \
|
2021-09-01 19:28:13 -05:00
|
|
|
BUILD_MULTIASIC_KVM=$(BUILD_MULTIASIC_KVM) \
|
2022-02-09 05:29:18 -06:00
|
|
|
ENABLE_ASAN=$(ENABLE_ASAN) \
|
2022-07-06 06:03:31 -05:00
|
|
|
SONIC_INCLUDE_BOOTCHART=$(INCLUDE_BOOTCHART) \
|
|
|
|
SONIC_ENABLE_BOOTCHART=$(ENABLE_BOOTCHART) \
|
2022-05-05 18:21:30 -05:00
|
|
|
ENABLE_FIPS_FEATURE=$(ENABLE_FIPS_FEATURE) \
|
|
|
|
ENABLE_FIPS=$(ENABLE_FIPS) \
|
2022-06-16 01:13:01 -05:00
|
|
|
SONIC_SLAVE_DOCKER_DRIVER=$(SONIC_SLAVE_DOCKER_DRIVER) \
|
2022-11-08 18:09:53 -06:00
|
|
|
MIRROR_URLS=$(MIRROR_URLS) \
|
|
|
|
MIRROR_SECURITY_URLS=$(MIRROR_SECURITY_URLS) \
|
2022-12-17 16:38:31 -06:00
|
|
|
GZ_COMPRESS_PROGRAM=$(GZ_COMPRESS_PROGRAM) \
|
2023-01-13 02:16:35 -06:00
|
|
|
MIRROR_SNAPSHOT=$(MIRROR_SNAPSHOT) \
|
2019-03-27 20:32:25 -05:00
|
|
|
$(SONIC_OVERRIDE_BUILD_VARS)
|
2018-08-16 17:54:31 -05:00
|
|
|
|
|
|
|
.PHONY: sonic-slave-build sonic-slave-bash init reset
|
|
|
|
|
2022-10-04 16:13:40 -05:00
|
|
|
|
2022-12-01 18:28:45 -06:00
|
|
|
COLLECT_BUILD_VERSION = { scripts/collect_build_version_files.sh \$$?; }
|
2022-10-04 16:13:40 -05:00
|
|
|
|
|
|
|
ifdef SOURCE_FOLDER
|
|
|
|
DOCKER_RUN += -v $(SOURCE_FOLDER):/var/$(USER)/src
|
|
|
|
endif
|
|
|
|
|
|
|
|
ifeq "$(KEEP_SLAVE_ON)" "yes"
|
2022-10-13 09:59:09 -05:00
|
|
|
SLAVE_SHELL={ ret=\$$?; /bin/bash; exit \$$ret; }
|
2022-10-04 16:13:40 -05:00
|
|
|
endif
|
|
|
|
|
2018-08-16 17:54:31 -05:00
|
|
|
.DEFAULT_GOAL := all
|
2022-10-13 09:59:09 -05:00
|
|
|
.SHELLFLAGS += -e
|
2018-08-16 17:54:31 -05:00
|
|
|
|
2022-11-08 18:09:53 -06:00
|
|
|
export MIRROR_URLS
|
|
|
|
export MIRROR_SECURITY_URLS
|
|
|
|
|
2022-10-04 16:13:40 -05:00
|
|
|
%:: | sonic-build-hooks
|
2022-07-21 16:15:16 -05:00
|
|
|
ifneq ($(filter y, $(MULTIARCH_QEMU_ENVIRON) $(CROSS_BUILD_ENVIRON)),)
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)$(DOCKER_MULTIARCH_CHECK)
|
2019-10-10 17:11:26 -05:00
|
|
|
ifneq ($(BLDENV), )
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)$(DOCKER_SERVICE_MULTIARCH_CHECK)
|
|
|
|
$(Q)$(DOCKER_SERVICE_DOCKERFS_CHECK)
|
|
|
|
endif
|
2018-08-16 17:54:31 -05:00
|
|
|
endif
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)$(OVERLAY_MODULE_CHECK)
|
|
|
|
$(Q)$(SONIC_SLAVE_BASE_BUILD)
|
|
|
|
$(Q)$(SONIC_SLAVE_USER_BUILD)
|
|
|
|
|
|
|
|
$(Q)$(DOCKER_RUN) \
|
|
|
|
$(SLAVE_IMAGE):$(SLAVE_TAG) \
|
2022-10-13 09:59:09 -05:00
|
|
|
bash -c "$(SONIC_BUILD_INSTRUCTION) $@; $(COLLECT_BUILD_VERSION); $(SLAVE_SHELL)"
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)$(docker-image-cleanup)
|
2018-08-16 17:54:31 -05:00
|
|
|
|
2022-04-27 19:39:37 -05:00
|
|
|
docker-cleanup:
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)$(docker-image-cleanup)
|
2022-04-27 19:39:37 -05:00
|
|
|
|
2022-10-04 16:13:40 -05:00
|
|
|
.PHONY: sonic-build-hooks
|
2020-12-21 01:31:10 -06:00
|
|
|
sonic-build-hooks:
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)pushd src/sonic-build-hooks; TRUSTED_GPG_URLS=$(TRUSTED_GPG_URLS) $(MAKE) all; popd
|
|
|
|
$(Q)mkdir -p $(SLAVE_DIR)/buildinfo
|
|
|
|
$(Q)cp src/sonic-build-hooks/buildinfo/sonic-build-hooks* $(SLAVE_DIR)/buildinfo
|
2022-11-23 19:43:59 -06:00
|
|
|
$(Q)if [ "$(MULTIARCH_QEMU_ENVIRON)" == y ]; then scripts/build_mirror_config.sh $(SLAVE_DIR) amd64 $(BLDENV); fi
|
2022-11-08 18:09:53 -06:00
|
|
|
$(Q)scripts/build_mirror_config.sh $(SLAVE_DIR) $(CONFIGURED_ARCH) $(BLDENV)
|
2020-12-21 01:31:10 -06:00
|
|
|
|
2022-10-04 16:13:40 -05:00
|
|
|
sonic-slave-base-build : | sonic-build-hooks
|
2021-12-13 20:20:39 -06:00
|
|
|
ifeq ($(MULTIARCH_QEMU_ENVIRON), y)
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)$(DOCKER_MULTIARCH_CHECK)
|
|
|
|
endif
|
|
|
|
$(Q)$(OVERLAY_MODULE_CHECK)
|
|
|
|
$(Q)$(SONIC_SLAVE_BASE_BUILD)
|
2020-12-03 18:03:43 -06:00
|
|
|
|
|
|
|
sonic-slave-build : sonic-slave-base-build
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)$(SONIC_SLAVE_USER_BUILD)
|
2020-12-03 18:03:43 -06:00
|
|
|
|
|
|
|
sonic-slave-bash : sonic-slave-build
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)$(DOCKER_RUN) -t $(SLAVE_IMAGE):$(SLAVE_TAG) bash
|
2018-08-16 17:54:31 -05:00
|
|
|
|
2020-12-03 18:03:43 -06:00
|
|
|
sonic-slave-run : sonic-slave-build
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)$(DOCKER_RUN) $(SLAVE_IMAGE):$(SLAVE_TAG) bash -c "$(SONIC_RUN_CMDS)"
|
2020-04-25 12:52:38 -05:00
|
|
|
|
2018-08-16 17:54:31 -05:00
|
|
|
showtag:
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)echo $(SLAVE_IMAGE):$(SLAVE_TAG)
|
|
|
|
$(Q)echo $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG)
|
2018-08-16 17:54:31 -05:00
|
|
|
|
|
|
|
init :
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)git submodule update --init --recursive
|
|
|
|
$(Q)git submodule foreach --recursive '[ -f .git ] && echo "gitdir: $$(realpath --relative-to=. $$(cut -d" " -f2 .git))" > .git'
|
2018-08-16 17:54:31 -05:00
|
|
|
|
2019-08-28 11:33:03 -05:00
|
|
|
.ONESHELL : reset
|
2018-08-16 17:54:31 -05:00
|
|
|
reset :
|
2022-10-04 16:13:40 -05:00
|
|
|
$(Q)echo && echo -n "Warning! All local changes will be lost. Proceed? [y/N]: "
|
|
|
|
$(Q)read ans && (
|
2019-08-28 11:33:03 -05:00
|
|
|
if [ $$ans == y ]; then
|
|
|
|
echo "Resetting local repository. Please wait...";
|
2022-06-08 20:00:37 -05:00
|
|
|
sudo rm -rf fsroot*;
|
Support to build armhf/arm64 platforms on arm based system (#7731)
Why I did it
Support to build armhf/arm64 platforms on arm based system without qemu simulator.
When building the armhf/arm64 on arm based system, it is not necessary to use qemu simulator.
How I did it
Build armhf on armhf system, or build arm64 on arm64 system, by default, qemu simulator will not be used.
When building armhf on arm64, and you have enabled armhf docker, then it will build images without simulator automatically. It is based how the docker service is run.
Docker base image change:
For amd64, change from debian:to amd64/debian:
For arm64, change from multiarch/debian-debootstrap:arm64- to arm64v8/debian:
For armhf, change from multiarch/debian-debootstrap:armhf- to arm32v7/debian:
See https://github.com/docker-library/official-images#architectures-other-than-amd64
The mapping relations:
arm32v6 --- armel
arm32v7 --- armhf
arm64v8 --- arm64
Docker image armhf deprecated info: https://hub.docker.com/r/armhf/debian, using arm32v7 instead.
2021-08-12 09:24:37 -05:00
|
|
|
if [ "$(MULTIARCH_QEMU_ENVIRON)" == y ] && [[ "$(CONFIGURED_ARCH)" == "armhf" || "$(CONFIGURED_ARCH)" == "arm64" ]]; then
|
2019-08-28 11:33:03 -05:00
|
|
|
echo "Stopping march $(CONFIGURED_ARCH) docker"
|
|
|
|
sudo kill -9 `sudo cat /var/run/march/docker.pid` || true
|
|
|
|
sudo rm -f /var/run/march/docker.pid || true
|
|
|
|
fi
|
|
|
|
git clean -xfdf;
|
|
|
|
git reset --hard;
|
2020-06-01 15:28:03 -05:00
|
|
|
git submodule foreach --recursive 'git clean -xfdf || true';
|
|
|
|
git submodule foreach --recursive 'git reset --hard || true';
|
2020-10-09 10:53:05 -05:00
|
|
|
git submodule foreach --recursive 'git remote update || true';
|
2019-08-28 11:33:03 -05:00
|
|
|
git submodule update --init --recursive;
|
|
|
|
echo "Reset complete!";
|
|
|
|
else
|
|
|
|
echo "Reset aborted";
|
|
|
|
fi )
|