From 1347f29178d363b68bbb24e9e884f19e9c49bda2 Mon Sep 17 00:00:00 2001 From: Kwan Date: Wed, 2 Jun 2021 19:38:21 -0700 Subject: [PATCH] [docker-mgmt-framework]: update mgmt framework docker to support sonic-cli cmd (#6148) - Why I did it migrate to python3 support add dependent packages for Klish allow login as non-root user - How I did it update sonic-cli script to start Klish with user name, system name and timeout update the Dockerfile.j2 to resolve dependent packages add python3-dev for Klish use - How to verify it Incremental buster build with Azure/sonic-mgmt-framework#76 and verify the sonic-cli - Description for the changelog Migrate to python3.7 support, update sonic-cli script and resolve package dependencies --- .../docker-sonic-mgmt-framework/Dockerfile.j2 | 23 ++++--------------- .../base_image_files/sonic-cli | 21 +++++++++++++++-- sonic-slave-buster/Dockerfile.j2 | 2 ++ 3 files changed, 26 insertions(+), 20 deletions(-) diff --git a/dockers/docker-sonic-mgmt-framework/Dockerfile.j2 b/dockers/docker-sonic-mgmt-framework/Dockerfile.j2 index 5ee8cae844..50854949c8 100644 --- a/dockers/docker-sonic-mgmt-framework/Dockerfile.j2 +++ b/dockers/docker-sonic-mgmt-framework/Dockerfile.j2 @@ -7,21 +7,7 @@ RUN [ -f /etc/rsyslog.conf ] && sed -ri "s/%syslogtag%/$docker_container_name#%s ENV DEBIAN_FRONTEND=noninteractive RUN apt-get update && \ - apt-get install -y g++ python3-dev libxml2 - -# TODO: Remove these lines once we no longer need Python 2 -RUN apt-get install -f -y python-dev python-pip -RUN pip2 install --upgrade 'pip<21' -RUN apt-get purge -y python-pip -RUN pip2 install setuptools==40.8.0 -RUN pip2 install wheel==0.35.1 -RUN pip2 install connexion==1.1.15 \ - setuptools==21.0.0 \ - grpcio-tools==1.20.0 \ - certifi==2017.4.17 \ - python-dateutil==2.6.0 \ - six==1.11.0 \ - urllib3==1.21.1 + apt-get install -y g++ python3-dev libxml2 libcurl3-gnutls libcjson-dev RUN pip3 install connexion==2.7.0 \ setuptools==21.0.0 \ @@ -46,11 +32,12 @@ COPY ["start.sh", "rest-server.sh", "/usr/bin/"] COPY ["mgmt_vars.j2", "/usr/share/sonic/templates/"] COPY ["supervisord.conf", "/etc/supervisor/conf.d/"] -# TODO: Remove this line once we no longer need Python 2 -RUN apt-get purge -y python-dev - RUN apt-get remove -y g++ python3-dev RUN apt-get clean -y; apt-get autoclean -y; apt-get autoremove -y RUN rm -rf /debs +## TODO: symbolic links will be removed when AAA improvements get merged +RUN ln -sf /host_etc/passwd /etc/passwd +RUN ln -sf /host_etc/group /etc/group + ENTRYPOINT ["/usr/local/bin/supervisord"] diff --git a/dockers/docker-sonic-mgmt-framework/base_image_files/sonic-cli b/dockers/docker-sonic-mgmt-framework/base_image_files/sonic-cli index 6675e3badb..12a2270959 100755 --- a/dockers/docker-sonic-mgmt-framework/base_image_files/sonic-cli +++ b/dockers/docker-sonic-mgmt-framework/base_image_files/sonic-cli @@ -1,4 +1,21 @@ #!/bin/bash -docker exec -it mgmt-framework /usr/sbin/cli/clish_start "$@" - +# Disallow CLI for the root user, since we don't have auth certs for root +if [[ "$(id -u)" == 0 ]] +then + echo "FATAL: root cannot launch CLI" >&2 + exit 1 +fi +TIMEOUT=605 +if [[ "$1" =~ "prompt=" ]] +then + SYSTEM_NAME=`echo $1 | cut -d"=" -f2` + shift + docker exec -e SYSTEM_NAME=$SYSTEM_NAME -e CLI_USER="$USER" -u $(id -u):$(id -g) -it mgmt-framework /usr/sbin/cli/clish_start -t "$TIMEOUT" "$@" +else + docker exec -e CLI_USER="$USER" -e SYSTEM_NAME=$HOSTNAME -u $(id -u):$(id -g) -it mgmt-framework /usr/sbin/cli/clish_start -t "$TIMEOUT" "$@" +fi +ret=$? +if [ $ret -ne 0 ]; then + [[ -e /tmp/fast-reboot-progress || -e /tmp/reboot-progress ]] && sleep infinity +fi diff --git a/sonic-slave-buster/Dockerfile.j2 b/sonic-slave-buster/Dockerfile.j2 index 316007c404..a503515bcd 100644 --- a/sonic-slave-buster/Dockerfile.j2 +++ b/sonic-slave-buster/Dockerfile.j2 @@ -302,6 +302,8 @@ RUN apt-get update && apt-get install -y \ xsltproc \ python-lxml \ libexpat1-dev \ + libcurl3-gnutls \ + libcjson-dev \ # For WPA supplication qtbase5-dev \ aspell-en \