[docker-orchagent]: Add NDP Proxy Daemon (#5517)

* Install ndppd during image build, and copy config files to image * Configure proxy settings based on config DB at container start * Pipe ndppd output to logger inside container to log output in syslog
2020-10-05 08:48:13 -07:00 · 2020-10-05 08:48:13 -07:00 · 8c344095a8
commit 8c344095a8
parent 6b0690adbb
9 changed files with 133 additions and 2 deletions
--- a/dockers/docker-orchagent/Dockerfile.j2
+++ b/dockers/docker-orchagent/Dockerfile.j2
@ -17,7 +17,8 @@ RUN apt-get update &&       \
        libelf1             \
        libmnl0             \
        bridge-utils        \
-        conntrack
+        conntrack           \
+        ndppd

 {% if ( CONFIGURED_ARCH == "armhf" or CONFIGURED_ARCH == "arm64" ) %}
 ## Fix for gcc/python not found in arm docker
@ -60,6 +61,7 @@ RUN apt-get clean -y        && \

 COPY ["files/arp_update", "/usr/bin"]
 COPY ["arp_update.conf", "files/arp_update_vars.j2", "/usr/share/sonic/templates/"]
+COPY ["ndppd.conf", "/usr/share/sonic/templates/"]
 COPY ["enable_counters.py", "/usr/bin"]
 COPY ["docker-init.sh", "orchagent.sh", "swssconfig.sh", "/usr/bin/"]
 COPY ["supervisord.conf", "/etc/supervisor/conf.d/"]
--- a/dockers/docker-orchagent/docker-init.sh
+++ b/dockers/docker-orchagent/docker-init.sh
@ -10,6 +10,7 @@ CFGGEN_PARAMS=" \
    -t /usr/share/sonic/templates/ports.json.j2,/etc/swss/config.d/ports.json \
    -t /usr/share/sonic/templates/copp.json.j2,/etc/swss/config.d/00-copp.config.json \
    -t /usr/share/sonic/templates/vlan_vars.j2 \
+    -t /usr/share/sonic/templates/ndppd.conf.j2,/etc/ndppd.conf \
 "
 VLAN=$(sonic-cfggen $CFGGEN_PARAMS)

@ -18,9 +19,10 @@ if [ -x /usr/share/sonic/hwsku/hwsku-init ]; then
    /usr/share/sonic/hwsku/hwsku-init
 fi

-# Start arp_update when VLAN exists
+# Start arp_update and NDP proxy daemon when VLAN exists
 if [ "$VLAN" != "" ]; then
    cp /usr/share/sonic/templates/arp_update.conf /etc/supervisor/conf.d/
+    cp /usr/share/sonic/templates/ndppd.conf /etc/supervisor/conf.d/
 fi

 exec /usr/bin/supervisord
--- a/dockers/docker-orchagent/ndppd.conf
+++ b/dockers/docker-orchagent/ndppd.conf
@ -0,0 +1,9 @@
+[program:ndppd]
+command=bash -c "/usr/sbin/ndppd | /usr/bin/logger"
+priority=7
+autostart=false
+autorestart=unexpected
+stdout_logfile=syslog
+stderr_logfile=syslog
+dependent_startup=true
+dependent_startup_wait_for=swssconfig:exited
--- a/dockers/docker-orchagent/ndppd.conf.j2
+++ b/dockers/docker-orchagent/ndppd.conf.j2
@ -0,0 +1,37 @@
+{% block banner %}
+# =========== Managed by sonic-cfggen -- DO NOT edit manually! ====================
+# Generated by /usr/share/sonic/templates/ndppd.conf.j2 using config DB data
+# File: /etc/ndppd.conf
+#
+{% endblock banner %}
+# Config file for ndppd, the NDP Proxy Daemon
+# See man page for ndppd.conf.5 for descriptions of all available options
+{%  if VLAN_INTERFACE and VLAN_INTERFACE|pfx_filter|length > 0%}
+{#      Get all VLAN interfaces that have proxy_arp enabled #}
+{%      set proxy_interfaces = {} %}
+{%      for intf in VLAN_INTERFACE %}
+{%          if "proxy_arp" in VLAN_INTERFACE[intf] and VLAN_INTERFACE[intf]["proxy_arp"] == "enabled" %}
+{%              set _x = proxy_interfaces.update({intf: []}) %}
+{%          endif %}
+{%      endfor -%}
+
+{#      Add each IPv6 prefix from each proxy_arp interface #}
+{%      for (intf, prefix) in VLAN_INTERFACE|pfx_filter %}
+{%          if intf in proxy_interfaces and prefix | ipv6 %}
+{%              set _x = proxy_interfaces[intf].append(prefix) %}
+{%          endif %}
+{%      endfor -%}
+
+{%      for intf, prefix_list in proxy_interfaces.items() %}
+{%          if prefix_list %}
+
+proxy {{ intf }} {
+{%              for prefix in prefix_list %}
+    rule {{ prefix | network }}/{{ prefix | prefixlen }} {
+        static
+    }
+{%              endfor %}
+}
+{%          endif %}
+{%      endfor %}
+{%  endif %}
--- a/src/sonic-config-engine/tests/data/ndppd/vlan_interfaces.json
+++ b/src/sonic-config-engine/tests/data/ndppd/vlan_interfaces.json
@ -0,0 +1,20 @@
+{
+    "VLAN_INTERFACE": {
+        "Vlan1000": {
+            "proxy_arp": "enabled"
+        },
+        "Vlan1000|192.168.0.1/21": {},
+        "Vlan1000|fc01:1000::1/64": {},
+        "Vlan1000|fc02:1000::1/64": {},
+        "Vlan1000|fc03:1000::1/64": {},
+        "Vlan2000": {
+            "proxy_arp": "enabled"
+        },
+        "Vlan2000|fc01:2000::1/64": {},
+        "Vlan3000|fc01:3000::1/64": {},
+        "Vlan4000": {
+            "proxy_arp": "disabled"
+        },
+        "Vlan4000|fc01:4000::1/64": {}
+    }
+}
--- a/src/sonic-config-engine/tests/ndppd.conf.j2
+++ b/src/sonic-config-engine/tests/ndppd.conf.j2
@ -0,0 +1 @@
+../../../dockers/docker-orchagent/ndppd.conf.j2
--- a/src/sonic-config-engine/tests/sample_output/py2/ndppd.conf
+++ b/src/sonic-config-engine/tests/sample_output/py2/ndppd.conf
@ -0,0 +1,25 @@
+# =========== Managed by sonic-cfggen -- DO NOT edit manually! ====================
+# Generated by /usr/share/sonic/templates/ndppd.conf.j2 using config DB data
+# File: /etc/ndppd.conf
+#
+# Config file for ndppd, the NDP Proxy Daemon
+# See man page for ndppd.conf.5 for descriptions of all available options
+
+proxy Vlan1000 {
+    rule fc02:1000::/64 {
+        static
+    }
+    rule fc03:1000::/64 {
+        static
+    }
+    rule fc01:1000::/64 {
+        static
+    }
+}
+
+proxy Vlan2000 {
+    rule fc01:2000::/64 {
+        static
+    }
+}
+
--- a/src/sonic-config-engine/tests/sample_output/py3/ndppd.conf
+++ b/src/sonic-config-engine/tests/sample_output/py3/ndppd.conf
@ -0,0 +1,25 @@
+# =========== Managed by sonic-cfggen -- DO NOT edit manually! ====================
+# Generated by /usr/share/sonic/templates/ndppd.conf.j2 using config DB data
+# File: /etc/ndppd.conf
+#
+# Config file for ndppd, the NDP Proxy Daemon
+# See man page for ndppd.conf.5 for descriptions of all available options
+
+proxy Vlan1000 {
+    rule fc01:1000::/64 {
+        static
+    }
+    rule fc02:1000::/64 {
+        static
+    }
+    rule fc03:1000::/64 {
+        static
+    }
+}
+
+proxy Vlan2000 {
+    rule fc01:2000::/64 {
+        static
+    }
+}
+
--- a/src/sonic-config-engine/tests/test_j2files.py
+++ b/src/sonic-config-engine/tests/test_j2files.py
@ -171,6 +171,16 @@ class TestJ2Files(TestCase):
        sample_output_file = os.path.join(self.test_dir, 'multi_npu_data', utils.PYvX_DIR, 'ipinip.json')
        assert filecmp.cmp(sample_output_file, self.output_file)

+    def test_ndppd_conf(self):
+        conf_template = os.path.join(self.test_dir, "ndppd.conf.j2")
+        vlan_interfaces_json = os.path.join(self.test_dir, "data", "ndppd", "vlan_interfaces.json")
+        expected = os.path.join(self.test_dir, "sample_output", utils.PYvX_DIR, "ndppd.conf")
+
+        argument = '-j {} -t {} > {}'.format(vlan_interfaces_json, conf_template, self.output_file)
+        self.run_script(argument)
+        assert filecmp.cmp(expected, self.output_file), self.run_diff(expected, self.output_file)
+
+
    def tearDown(self):
        try:
            os.remove(self.output_file)
				`@ -0,0 +1 @@`
				`../../../dockers/docker-orchagent/ndppd.conf.j2`