Move k8s script to docker-config-engine (#14788) (#15768)

Why I did it
To reduce the container's dependency from host system

Work item tracking
Microsoft ADO (number only):
17713469
How I did it
Move the k8s container startup script to config engine container, other than mount it from host.

How to verify it
Check file path(/usr/share/sonic/scripts/container_startup.py) inside config engine container.

Signed-off-by: Yun Li <yunli1@microsoft.com>
Co-authored-by: Qi Luo <qiluo-msft@users.noreply.github.com>

dockers/docker-config-engine-bullseye/Dockerfile.j2

@@ -44,6 +44,7 @@ RUN pip3 install redis==4.5.4
 
 # Copy files
 COPY ["files/swss_vars.j2", "/usr/share/sonic/templates/"]
+COPY ["files/container_startup.py", "/usr/share/sonic/scripts/"]
 
 ## Clean up
 RUN apt-get purge -y               \

dockers/docker-config-engine-buster/Dockerfile.j2

@@ -44,6 +44,7 @@ RUN pip3 install redis==4.5.4
 
 # Copy files
 COPY ["files/swss_vars.j2", "/usr/share/sonic/templates/"]
+COPY ["files/container_startup.py", "/usr/share/sonic/scripts/"]
 
 ## Clean up
 RUN apt-get purge -y               \

files/build_templates/docker_image_ctl.j2

@@ -578,7 +578,6 @@ start() {
 {%- endif -%}
 {%- if docker_container_name == "bgp" %}
         -v /etc/sonic/frr/$DEV:/etc/frr:rw \
-        -v /usr/share/sonic/scripts:/usr/share/sonic/scripts:ro \
 {%- endif %}
 {%- if docker_container_name == "database" %}
         $DB_OPT \

files/build_templates/sonic_debian_extension.j2

@@ -494,12 +494,6 @@ sudo cp {{sonic_ctrmgmt_py3_wheel_path}} $FILESYSTEM_ROOT/$SONIC_CTRMGMT_WHEEL_N
 sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT pip3 install $SONIC_CTRMGMT_WHEEL_NAME
 sudo rm -rf $FILESYSTEM_ROOT/$SONIC_CTRMGMT_WHEEL_NAME
 
-# Copy remote container mangement files
-# File called from each container upon start/stop to record the state
-sudo mkdir -p ${FILESYSTEM_ROOT_USR_SHARE_SONIC_SCRIPTS}
-sudo cp ${files_path}/container_startup.py ${FILESYSTEM_ROOT_USR_SHARE_SONIC_SCRIPTS}/
-sudo chmod a+x ${FILESYSTEM_ROOT_USR_SHARE_SONIC_SCRIPTS}/container_startup.py
-
 # Config file used by container mgmt scripts/service
 fl="${files_path}/remote_ctr.config.json"
 use_k8s_as_http_proxy=$(python3 -c 'import json

rules/docker-config-engine-bullseye.mk

@@ -19,6 +19,7 @@ $(DOCKER_CONFIG_ENGINE_BULLSEYE)_LOAD_DOCKERS += $(DOCKER_BASE_BULLSEYE)
 $(DOCKER_CONFIG_ENGINE_BULLSEYE)_FILES += $(SWSS_VARS_TEMPLATE)
 $(DOCKER_CONFIG_ENGINE_BULLSEYE)_FILES += $(RSYSLOG_PLUGIN_CONF_J2)
 $(DOCKER_CONFIG_ENGINE_BULLSEYE)_FILES += $($(SONIC_CTRMGRD)_CONTAINER_SCRIPT)
+$(DOCKER_CONFIG_ENGINE_BULLSEYE)_FILES += $($(SONIC_CTRMGRD)_STARTUP_SCRIPT)
 
 $(DOCKER_CONFIG_ENGINE_BULLSEYE)_DBG_DEPENDS = $($(DOCKER_BASE_BULLSEYE)_DBG_DEPENDS) \
                                              $(LIBSWSSCOMMON_DBG) \

rules/docker-config-engine-buster.mk

@@ -18,6 +18,7 @@ $(DOCKER_CONFIG_ENGINE_BUSTER)_LOAD_DOCKERS += $(DOCKER_BASE_BUSTER)
 $(DOCKER_CONFIG_ENGINE_BUSTER)_FILES += $(SWSS_VARS_TEMPLATE)
 $(DOCKER_CONFIG_ENGINE_BUSTER)_FILES += $(RSYSLOG_PLUGIN_CONF_J2)
 $(DOCKER_CONFIG_ENGINE_BUSTER)_FILES += $($(SONIC_CTRMGRD)_CONTAINER_SCRIPT)
+$(DOCKER_CONFIG_ENGINE_BUSTER)_FILES += $($(SONIC_CTRMGRD)_STARTUP_SCRIPT)
 
 $(DOCKER_CONFIG_ENGINE_BUSTER)_DBG_DEPENDS = $($(DOCKER_BASE_BUSTER)_DBG_DEPENDS) \
                                              $(LIBSWSSCOMMON_DBG) \

rules/docker-dhcp-relay.mk

@@ -47,7 +47,6 @@ endif
 $(DOCKER_DHCP_RELAY)_CONTAINER_NAME = dhcp_relay
 $(DOCKER_DHCP_RELAY)_CONTAINER_PRIVILEGED = true
 $(DOCKER_DHCP_RELAY)_CONTAINER_VOLUMES += /etc/sonic:/etc/sonic:ro
-$(DOCKER_DHCP_RELAY)_CONTAINER_VOLUMES += /usr/share/sonic/scripts:/usr/share/sonic/scripts:ro
 $(DOCKER_DHCP_RELAY)_CONTAINER_TMPFS += /tmp/
 $(DOCKER_DHCP_RELAY)_CONTAINER_TMPFS += /var/tmp/
 

rules/docker-lldp.mk

@@ -30,7 +30,6 @@ SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_LLDP_DBG)
 $(DOCKER_LLDP)_CONTAINER_NAME = lldp
 $(DOCKER_LLDP)_RUN_OPT += --privileged -t
 $(DOCKER_LLDP)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro
-$(DOCKER_LLDP)_RUN_OPT += -v /usr/share/sonic/scripts:/usr/share/sonic/scripts:ro
 
 $(DOCKER_LLDP)_BASE_IMAGE_FILES += lldpctl:/usr/bin/lldpctl
 $(DOCKER_LLDP)_BASE_IMAGE_FILES += lldpcli:/usr/bin/lldpcli

rules/docker-platform-monitor.mk

@@ -50,7 +50,6 @@ SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_PLATFORM_MONITOR_DBG)
 $(DOCKER_PLATFORM_MONITOR)_CONTAINER_NAME = pmon
 $(DOCKER_PLATFORM_MONITOR)_RUN_OPT += --privileged -t
 $(DOCKER_PLATFORM_MONITOR)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro
-$(DOCKER_PLATFORM_MONITOR)_RUN_OPT += -v /usr/share/sonic/scripts:/usr/share/sonic/scripts:ro
 $(DOCKER_PLATFORM_MONITOR)_RUN_OPT += -v /var/run/platform_cache:/var/run/platform_cache:ro
 $(DOCKER_PLATFORM_MONITOR)_RUN_OPT += -v /usr/share/sonic/device/pddf:/usr/share/sonic/device/pddf:ro
 

rules/docker-router-advertiser.mk

@@ -31,5 +31,4 @@ endif
 $(DOCKER_ROUTER_ADVERTISER)_CONTAINER_NAME = radv
 $(DOCKER_ROUTER_ADVERTISER)_RUN_OPT += --privileged -t
 $(DOCKER_ROUTER_ADVERTISER)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro
-$(DOCKER_ROUTER_ADVERTISER)_RUN_OPT += -v /usr/share/sonic/scripts:/usr/share/sonic/scripts:ro
 $(DOCKER_ROUTER_ADVERTISER)_FILES += $(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT)

rules/docker-snmp.mk

@@ -30,7 +30,6 @@ SONIC_INSTALL_DOCKER_DBG_IMAGES += $(DOCKER_SNMP_DBG)
 $(DOCKER_SNMP)_CONTAINER_NAME = snmp
 $(DOCKER_SNMP)_RUN_OPT += --privileged -t
 $(DOCKER_SNMP)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro
-$(DOCKER_SNMP)_RUN_OPT += -v /usr/share/sonic/scripts:/usr/share/sonic/scripts:ro
 $(DOCKER_SNMP)_FILES += $(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT)
 $(DOCKER_SNMP)_BASE_IMAGE_FILES += monit_snmp:/etc/monit/conf.d
 

rules/docker-telemetry.mk

@@ -30,7 +30,6 @@ endif
 $(DOCKER_TELEMETRY)_CONTAINER_NAME = telemetry
 $(DOCKER_TELEMETRY)_RUN_OPT += --privileged -t
 $(DOCKER_TELEMETRY)_RUN_OPT += -v /etc/sonic:/etc/sonic:ro
-$(DOCKER_TELEMETRY)_RUN_OPT += -v /usr/share/sonic/scripts:/usr/share/sonic/scripts:ro
 ifneq ($(INCLUDE_SYSTEM_GNMI), y)
 $(DOCKER_TELEMETRY)_RUN_OPT += -v /var/run/dbus:/var/run/dbus:rw
 endif

src/sonic-ctrmgrd/ctrmgr/container

@@ -11,7 +11,7 @@ import datetime
 import docker
 from swsscommon import swsscommon
 
-CTR_STATE_SCR_PATH = '/usr/share/sonic/scripts/container_startup.py'
+CTRMGRD_SERVICE_PATH = '/lib/systemd/system/ctrmgrd.service'
 
 state_db = None
 
@@ -62,7 +62,7 @@ def init():
     cfg_db = swsscommon.DBConnector("CONFIG_DB", 0)
     state_db = swsscommon.DBConnector("STATE_DB", 0)
 
-    remote_ctr_enabled = os.path.exists(CTR_STATE_SCR_PATH)
+    remote_ctr_enabled = os.path.exists(CTRMGRD_SERVICE_PATH)
 
 
 def get_config_data(fld, dflt):

src/sonic-ctrmgrd/ctrmgr/container_startup.py

@@ -221,6 +221,9 @@ def container_up(feature, owner, version):
     debug_msg("args: feature={}, owner={}, version={} DB: set_owner={} state_data={}".format(
         feature, owner, version, set_owner, json.dumps(state_data, indent=4)))
 
+    if state_data[SYSTEM_STATE] == '':
+        return
+
     if owner == "local":
         update_state(state_db, feature, owner, version)
     else:

src/sonic-ctrmgrd/tests/container_startup_test.py

@@ -23,6 +23,13 @@ startup_test_data = {
                         "set_owner": "local"
                     }
                 }
+            },
+            common_test.STATE_DB_NO: {
+                common_test.FEATURE_TABLE: {
+                    "snmp": {
+                        "system_state": "up"
+                    }
+                }
             }
         },
         common_test.POST: {

src/sonic-ctrmgrd/tests/container_test.py

@@ -468,7 +468,7 @@ wait_test_data = {
 class TestContainer(object):
 
     def init(self):
-        container.CTR_STATE_SCR_PATH = __file__
+        container.CTRMGRD_SERVICE_PATH = __file__
         container.SONIC_CTR_CONFIG = (
                 common_test.create_remote_ctr_config_json())