sonic-buildimage/dockers/docker-sonic-mgmt-framework/rest-server.sh

#!/usr/bin/env bash

# Startup script for SONiC Management REST Server

SERVER_PORT=
LOG_LEVEL=
CLIENT_AUTH=
SERVER_CRT=
SERVER_KEY=
CA_CERT=

# Read basic server settings from REST_SERVER|default entry
HAS_REST_CONFIG=$(sonic-cfggen -d -v "1 if REST_SERVER and REST_SERVER['default']")
if [ "$HAS_REST_CONFIG" == "1" ]; then
    SERVER_PORT=$(sonic-cfggen -d -v "REST_SERVER['default']['port']")
    CLIENT_AUTH=$(sonic-cfggen -d -v "REST_SERVER['default']['client_auth']")
    LOG_LEVEL=$(sonic-cfggen -d -v "REST_SERVER['default']['log_level']")
fi

# Read certificate file paths from DEVICE_METADATA|x509 entry.
HAS_X509_CONFIG=$(sonic-cfggen -d -v "1 if DEVICE_METADATA and DEVICE_METADATA['x509']")
if [ "$HAS_X509_CONFIG" == "1" ]; then
    SERVER_CRT=$(sonic-cfggen -d -v "DEVICE_METADATA['x509']['server_crt']")
    SERVER_KEY=$(sonic-cfggen -d -v "DEVICE_METADATA['x509']['server_key']")
    CA_CRT=$(sonic-cfggen -d -v "DEVICE_METADATA['x509']['ca_crt']")
fi

# Create temporary server certificate if they not configured in ConfigDB
if [ -z $SERVER_CRT ] && [ -z $SERVER_KEY ]; then
    echo "Generating temporary TLS server certificate ..."
    (cd /tmp && /usr/sbin/generate_cert --host="localhost,127.0.0.1")
    SERVER_CRT=/tmp/cert.pem
    SERVER_KEY=/tmp/key.pem
fi


REST_SERVER_ARGS="-ui /rest_ui -logtostderr"
[ ! -z $SERVER_PORT ] && REST_SERVER_ARGS+=" -port $SERVER_PORT"
[ ! -z $LOG_LEVEL   ] && REST_SERVER_ARGS+=" -v $LOG_LEVEL"
[ ! -z $CLIENT_AUTH ] && REST_SERVER_ARGS+=" -client_auth $CLIENT_AUTH"
[ ! -z $SERVER_CRT  ] && REST_SERVER_ARGS+=" -cert $SERVER_CRT"
[ ! -z $SERVER_KEY  ] && REST_SERVER_ARGS+=" -key $SERVER_KEY"
[ ! -z $CA_CRT      ] && REST_SERVER_ARGS+=" -cacert $CA_CRT"

echo "REST_SERVER_ARGS = $REST_SERVER_ARGS"


export CVL_SCHEMA_PATH=/usr/sbin/schema

exec /usr/sbin/rest_server ${REST_SERVER_ARGS}
SONiC Management Framework Release 1.0 (#3488) * Added sonic-mgmt-framework as submodule / docker * fix build issues * update sonic-mgmt-framework submodule branch to master * Merged changes 70007e6d2ba3a4c0b371cd693ccc63e0a8906e77..00d4fcfed6a759e40d7b92120ea0ee1f08300fc6 00d4fcfed6a759e40d7b92120ea0ee1f08300fc6 Modified environemnt variables * Changes to build sonic-mgmt-framework docker * bumped up sonic-mgmt-framework commit-id * version bump for sonic-mgmt-framework commit-it * bumped up sonic-mgmt-framework commit-id * Add python packages to docker * Build fix for docker with python packages * added libyang as dependent package * Allow building images on NFS-mounted clones Prior to this change, `build_debian.sh` would generate a Debian filesystem in `./fsroot`. This needs root permissions, and one of the tests that is performed is whether the user can create a character special file in the filesystem (using mknod). On most NFS deployments, `root` is the least privileged user, and cannot run mknod. Also, attempting to run commands like rm or mv as root would fail due to permission errors, since the root user gets mapped to an unprivileged user like `nobody`. This commit changes the location of the Debian filesystem to `/fsroot`, which is a tmpfs mount within the slave Docker. The default squashfs, docker tarball and zip files are also created within /tmp, before being copied back to /sonic as the regular user. The side effect of this change is that the contents of `/fsroot` are no longer available once the slave container exits, however they are available within the squashfs image. Signed-off-by: Nirenjan Krishnan <Nirenjan.Krishnan@dell.com> * bumped up sonc-mgmt-framework commit to include PR #18 * REST Server startup script is enahnced to read the settings from ConfigDB. Below table provides mapping of db field to command line argument name. ============================================================ ConfigDB entry key Field name REST Server argument ============================================================ REST_SERVER\|default port -port REST_SERVER\|default client_auth -client_auth REST_SERVER\|default log_level -v DEVICE_METADATA\|x509 server_crt -cert DEVICE_METADATA\|x509 server_key -key DEVICE_METADATA\|x509 ca_crt -cacert ============================================================ * Replace src/telemetry as submodule to sonic-telemetry * Update telemetry commit HEAD * Update sonic-telemetry commit HEAD * libyang env path update * Add libyang dependency to telemetry * Add scripts to create JSON files for CLI backend Scripts to create /var/platform/syseeprom and /var/platform/system, which are back-end files for CLI, for system EEPROM and system information. Signed-off-by: Howard Persh <Howard_Persh@dell.com> * In startup script, create directory where CLI back-end files live Signed-off-by: Howard Persh <Howard_Persh@dell.com> * build dependency pkgs added to docker for build failure fix * Changes to fix build issue for mgmt framework * Fix exec path issue with telemetry * s5232[device] PSU detecttion and default led state support * Processing of first boot in rc.local should not have premature exit Signed-off-by: Howard Persh <Howard_Persh@dell.com> * docker mount options added for platform, system features * bumped up sonic-mgmt-framework commit id to pick 23rd July 2019 changes * Added mount options for telemetry docker to get access for system and platform info. * Update commit for sonic-utilities * [dell]: Corrected dport map and renamed config files for S5232F * Fix telemetry submodule commit * added support for sonic-cli console * [Dell S5232F, Z9264F] Harden FPGA driver kernel module For Dell S5232F and Z9264F platforms, be more strict when checking state in ISR of FPGA driver, to harden against spurious interrupts. Signed-off-by: Howard Persh <Howard_Persh@dell.com> * update mgmt-framework submodule to 27th Aug commit. * remove changes not related to mgmt-framework and sonic-telemetry * Revert "Replace src/telemetry as submodule to sonic-telemetry" This reverts commit 11c31929759a17122782d4944066a6ac8453b78d. * Revert "Replace src/telemetry as submodule to sonic-telemetry" This reverts commit 11c31929759a17122782d4944066a6ac8453b78d. * make submodule changes and remove a change not related to PR * more changes * Update .gitmodules * Update Dockerfile.j2 * Update .gitmodules * Update .gitmodules * Update .gitmodules reverting experimental change * Removed syspoll for release_1.0 Signed-off-by: Jeff Yin <29264773+jeff-yin@users.noreply.github.com> * Update docker-sonic-mgmt-framework.mk * Update sonic-mgmt-framework.mk * Update sonic-mgmt-framework.mk * Update docker-sonic-mgmt-framework.mk * Update docker-sonic-mgmt-framework.mk * Revert "Processing of first boot in rc.local should not have premature exit" This reverts commit e99a91ffc28a0fd13f4ad458719d2511c3665431. * Remove old telemetry directory * Update docker-sonic-mgmt-framework.mk * Resolving merge conflict with Azure * Reverting the wrong merge * Use CVL_SCHEMA_PATH instead of changing directory for telemetry startup * Add missing export * Add python mmh3 to slave dockerfile * Remove sonic-mgmt-framework build dep for telemetry, fix dialout startup issues * Provided flag to disable compiling mgmt-framework * Update sonic-utilites point latest commit id * Point sonic-utilities to Azure accepted SHA * Updating mgmt framework to right sha * Add sonic-telemetry submodule * Update the mgmt-framework commit id Co-authored-by: jghalam <joe.ghalam@gmail.com> Co-authored-by: Partha Dutta <51353699+dutta-partha@users.noreply.github.com> Co-authored-by: srideepDell <srideep_devireddy@dell.com> Co-authored-by: nirenjan <nirenjan@users.noreply.github.com> Co-authored-by: Sachin Holla <51310506+sachinholla@users.noreply.github.com> Co-authored-by: Eric Seifert <seiferteric@gmail.com> Co-authored-by: Howard Persh <hpersh@yahoo.com> Co-authored-by: Jeff Yin <29264773+jeff-yin@users.noreply.github.com> Co-authored-by: Arunsundar Kannan <31632515+arunsundark@users.noreply.github.com> Co-authored-by: rvasanthm <51932293+rvasanthm@users.noreply.github.com> Co-authored-by: Ashok Daparthi-Dell <Ashok_Daparthi@Dell.com> Co-authored-by: anand-kumar-subramanian <51383315+anand-kumar-subramanian@users.noreply.github.com> 2019-12-23 23:47:16 -06:00			`#!/usr/bin/env bash`

			`# Startup script for SONiC Management REST Server`

			`SERVER_PORT=`
			`LOG_LEVEL=`
			`CLIENT_AUTH=`
			`SERVER_CRT=`
			`SERVER_KEY=`
			`CA_CERT=`

			`# Read basic server settings from REST_SERVER\|default entry`
			`HAS_REST_CONFIG=$(sonic-cfggen -d -v "1 if REST_SERVER and REST_SERVER['default']")`
			`if [ "$HAS_REST_CONFIG" == "1" ]; then`
			`SERVER_PORT=$(sonic-cfggen -d -v "REST_SERVER['default']['port']")`
			`CLIENT_AUTH=$(sonic-cfggen -d -v "REST_SERVER['default']['client_auth']")`
			`LOG_LEVEL=$(sonic-cfggen -d -v "REST_SERVER['default']['log_level']")`
			`fi`

			`# Read certificate file paths from DEVICE_METADATA\|x509 entry.`
			`HAS_X509_CONFIG=$(sonic-cfggen -d -v "1 if DEVICE_METADATA and DEVICE_METADATA['x509']")`
			`if [ "$HAS_X509_CONFIG" == "1" ]; then`
			`SERVER_CRT=$(sonic-cfggen -d -v "DEVICE_METADATA['x509']['server_crt']")`
			`SERVER_KEY=$(sonic-cfggen -d -v "DEVICE_METADATA['x509']['server_key']")`
			`CA_CRT=$(sonic-cfggen -d -v "DEVICE_METADATA['x509']['ca_crt']")`
			`fi`

			`# Create temporary server certificate if they not configured in ConfigDB`
			`if [ -z $SERVER_CRT ] && [ -z $SERVER_KEY ]; then`
			`echo "Generating temporary TLS server certificate ..."`
			`(cd /tmp && /usr/sbin/generate_cert --host="localhost,127.0.0.1")`
			`SERVER_CRT=/tmp/cert.pem`
			`SERVER_KEY=/tmp/key.pem`
			`fi`


			`REST_SERVER_ARGS="-ui /rest_ui -logtostderr"`
			`[ ! -z $SERVER_PORT ] && REST_SERVER_ARGS+=" -port $SERVER_PORT"`
			`[ ! -z $LOG_LEVEL ] && REST_SERVER_ARGS+=" -v $LOG_LEVEL"`
			`[ ! -z $CLIENT_AUTH ] && REST_SERVER_ARGS+=" -client_auth $CLIENT_AUTH"`
			`[ ! -z $SERVER_CRT ] && REST_SERVER_ARGS+=" -cert $SERVER_CRT"`
			`[ ! -z $SERVER_KEY ] && REST_SERVER_ARGS+=" -key $SERVER_KEY"`
			`[ ! -z $CA_CRT ] && REST_SERVER_ARGS+=" -cacert $CA_CRT"`

			`echo "REST_SERVER_ARGS = $REST_SERVER_ARGS"`


			`export CVL_SCHEMA_PATH=/usr/sbin/schema`

			`exec /usr/sbin/rest_server ${REST_SERVER_ARGS}`