Optimize syslog rate limit feature for fast and warm boot (#17458)

- Why I did it
Optimize syslog rate limit feature for fast and warm boot

- How I did it
Optimize redis start time
Don't render rsyslog.conf in container startup script
Disable containercfgd by default. There is a new CLI to enable it (in another PR)

- How to verify it
Manual test
Regression test
This commit is contained in:
Junchao-Mellanox 2023-12-20 15:12:03 +08:00 committed by GitHub
parent 885f1629dd
commit f3f2972512
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
21 changed files with 454 additions and 78 deletions

View File

@ -119,10 +119,10 @@ RUN apt-get clean -y && \
apt-get autoremove -y && \ apt-get autoremove -y && \
rm -rf /var/lib/apt/lists/* /tmp/* ~/.cache rm -rf /var/lib/apt/lists/* /tmp/* ~/.cache
COPY ["etc/rsyslog.conf", "/etc/rsyslog.conf"]
COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"] COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"]
COPY ["root/.vimrc", "/root/.vimrc"] COPY ["root/.vimrc", "/root/.vimrc"]
RUN ln /usr/bin/vim.tiny /usr/bin/vim RUN ln /usr/bin/vim.tiny /usr/bin/vim
COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"] COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"]
COPY ["etc/supervisor/containercfgd.conf", "/etc/supervisor/conf.d/"]

View File

@ -0,0 +1,78 @@
#
# /etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
#
# Set a rate limit on messages from the container
#
$SystemLogRateLimitInterval 300
$SystemLogRateLimitBurst 20000
#$ModLoad imklog # provides kernel logging support
#$ModLoad immark # provides --MARK-- message capability
# provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514
# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
###########################
#### GLOBAL DIRECTIVES ####
###########################
set $.CONTAINER_NAME=getenv("CONTAINER_NAME");
# Set remote syslog server
template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%")
*.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer")
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Define a custom template
$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
$ActionFileDefaultTemplate SONiCFileFormat
#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
#
# Suppress duplicate messages and report "message repeated n times"
#
$RepeatedMsgReduction on
###############
#### RULES ####
###############

View File

@ -118,10 +118,10 @@ RUN apt-get clean -y && \
apt-get autoremove -y && \ apt-get autoremove -y && \
rm -rf /var/lib/apt/lists/* /tmp/* ~/.cache/ rm -rf /var/lib/apt/lists/* /tmp/* ~/.cache/
COPY ["etc/rsyslog.conf", "/etc/rsyslog.conf"]
COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"] COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"]
COPY ["root/.vimrc", "/root/.vimrc"] COPY ["root/.vimrc", "/root/.vimrc"]
RUN ln /usr/bin/vim.tiny /usr/bin/vim RUN ln /usr/bin/vim.tiny /usr/bin/vim
COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"] COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"]
COPY ["etc/supervisor/containercfgd.conf", "/etc/supervisor/conf.d/"]

View File

@ -0,0 +1,78 @@
#
# /etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
#
# Set a rate limit on messages from the container
#
$SystemLogRateLimitInterval 300
$SystemLogRateLimitBurst 20000
#$ModLoad imklog # provides kernel logging support
#$ModLoad immark # provides --MARK-- message capability
# provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514
# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
###########################
#### GLOBAL DIRECTIVES ####
###########################
set $.CONTAINER_NAME=getenv("CONTAINER_NAME");
# Set remote syslog server
template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%")
*.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer")
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Define a custom template
$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
$ActionFileDefaultTemplate SONiCFileFormat
#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
#
# Suppress duplicate messages and report "message repeated n times"
#
$RepeatedMsgReduction on
###############
#### RULES ####
###############

View File

@ -1,9 +0,0 @@
[program:containercfgd]
command=python3 /usr/local/bin/containercfgd
priority=99
autostart=false
autorestart=unexpected
stdout_logfile=syslog
stderr_logfile=syslog
dependent_startup=true
dependent_startup_wait_for=rsyslogd:running

View File

@ -114,10 +114,10 @@ RUN apt-get clean -y && \
apt-get autoremove -y && \ apt-get autoremove -y && \
rm -rf /var/lib/apt/lists/* /tmp/* rm -rf /var/lib/apt/lists/* /tmp/*
COPY ["etc/rsyslog.conf", "/etc/rsyslog.conf"]
COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"] COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"]
COPY ["root/.vimrc", "/root/.vimrc"] COPY ["root/.vimrc", "/root/.vimrc"]
RUN ln /usr/bin/vim.tiny /usr/bin/vim RUN ln /usr/bin/vim.tiny /usr/bin/vim
COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"] COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"]
COPY ["etc/supervisor/containercfgd.conf", "/etc/supervisor/conf.d/"]

View File

@ -0,0 +1,78 @@
#
# /etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
#
# Set a rate limit on messages from the container
#
$SystemLogRateLimitInterval 300
$SystemLogRateLimitBurst 20000
#$ModLoad imklog # provides kernel logging support
#$ModLoad immark # provides --MARK-- message capability
# provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514
# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
###########################
#### GLOBAL DIRECTIVES ####
###########################
set $.CONTAINER_NAME=getenv("CONTAINER_NAME");
# Set remote syslog server
template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%")
*.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer")
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Define a custom template
$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
$ActionFileDefaultTemplate SONiCFileFormat
#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
#
# Suppress duplicate messages and report "message repeated n times"
#
$RepeatedMsgReduction on
###############
#### RULES ####
###############

View File

@ -1,9 +0,0 @@
[program:containercfgd]
command=python /usr/local/bin/containercfgd
priority=99
autostart=false
autorestart=unexpected
stdout_logfile=syslog
stderr_logfile=syslog
dependent_startup=true
dependent_startup_wait_for=rsyslogd:running

View File

@ -50,6 +50,7 @@ RUN apt-get -y install \
rsyslog \ rsyslog \
less less
COPY ["etc/rsyslog.conf", "/etc/rsyslog.conf"]
COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"] COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"]
COPY ["root/.vimrc", "/root/.vimrc"] COPY ["root/.vimrc", "/root/.vimrc"]
@ -68,7 +69,6 @@ RUN mkdir -p /etc/supervisor/conf.d
RUN mkdir -p /var/log/supervisor RUN mkdir -p /var/log/supervisor
COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"] COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"]
COPY ["etc/supervisor/containercfgd.conf", "/etc/supervisor/conf.d/"]
RUN apt-get -y purge \ RUN apt-get -y purge \
exim4 \ exim4 \

View File

@ -0,0 +1,78 @@
#
# /etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
#
# Set a rate limit on messages from the container
#
$SystemLogRateLimitInterval 300
$SystemLogRateLimitBurst 20000
#$ModLoad imklog # provides kernel logging support
#$ModLoad immark # provides --MARK-- message capability
# provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514
# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
###########################
#### GLOBAL DIRECTIVES ####
###########################
set $.CONTAINER_NAME=getenv("CONTAINER_NAME");
# Set remote syslog server
template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%")
*.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer")
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Define a custom template
$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
$ActionFileDefaultTemplate SONiCFileFormat
#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
#
# Suppress duplicate messages and report "message repeated n times"
#
$RepeatedMsgReduction on
###############
#### RULES ####
###############

View File

@ -1,9 +0,0 @@
[program:containercfgd]
command=python /usr/local/bin/containercfgd
priority=99
autostart=false
autorestart=unexpected
stdout_logfile=syslog
stderr_logfile=syslog
dependent_startup=true
dependent_startup_wait_for=rsyslogd:running

View File

@ -39,12 +39,10 @@ dependent_startup=true
command=/bin/bash -c "{ [[ -s /var/lib/{{ redis_inst }}/dump.rdb ]] || rm -f /var/lib/{{ redis_inst }}/dump.rdb; } && mkdir -p /var/lib/{{ redis_inst }} && exec /usr/bin/redis-server /etc/redis/redis.conf --bind {{ LOOPBACK_IP }} {{ redis_items['hostname'] }} --port {{ redis_items['port'] }} --unixsocket {{ redis_items['unix_socket_path'] }} --pidfile /var/run/redis/{{ redis_inst }}.pid --dir /var/lib/{{ redis_inst }}" command=/bin/bash -c "{ [[ -s /var/lib/{{ redis_inst }}/dump.rdb ]] || rm -f /var/lib/{{ redis_inst }}/dump.rdb; } && mkdir -p /var/lib/{{ redis_inst }} && exec /usr/bin/redis-server /etc/redis/redis.conf --bind {{ LOOPBACK_IP }} {{ redis_items['hostname'] }} --port {{ redis_items['port'] }} --unixsocket {{ redis_items['unix_socket_path'] }} --pidfile /var/run/redis/{{ redis_inst }}.pid --dir /var/lib/{{ redis_inst }}"
priority=2 priority=2
user=redis user=redis
autostart=false autostart=true
autorestart=false autorestart=false
stdout_logfile=syslog stdout_logfile=syslog
stderr_logfile=syslog stderr_logfile=syslog
dependent_startup=true
dependent_startup_wait_for=rsyslogd:running
{% endfor %} {% endfor %}
{% endif %} {% endif %}

View File

@ -89,6 +89,7 @@ COPY ["docker-pmon.supervisord.conf.j2", "docker_init.j2", "/usr/share/sonic/tem
COPY ["ssd_tools/*", "/usr/bin/"] COPY ["ssd_tools/*", "/usr/bin/"]
COPY ["files/supervisor-proc-exit-listener", "/usr/bin"] COPY ["files/supervisor-proc-exit-listener", "/usr/bin"]
COPY ["critical_processes", "/etc/supervisor"] COPY ["critical_processes", "/etc/supervisor"]
COPY ["etc/rsyslog.conf", "/etc/rsyslog.conf"]
RUN sonic-cfggen -a "{\"CONFIGURED_PLATFORM\":\"{{CONFIGURED_PLATFORM}}\"}" -t /usr/share/sonic/templates/docker_init.j2 > /usr/bin/docker_init.sh RUN sonic-cfggen -a "{\"CONFIGURED_PLATFORM\":\"{{CONFIGURED_PLATFORM}}\"}" -t /usr/share/sonic/templates/docker_init.j2 > /usr/bin/docker_init.sh
RUN rm -f /usr/share/sonic/templates/docker_init.j2 RUN rm -f /usr/share/sonic/templates/docker_init.j2

View File

@ -0,0 +1,88 @@
#
# /etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
#
# Set a rate limit on messages from the container
#
$SystemLogRateLimitInterval 300
$SystemLogRateLimitBurst 20000
#$ModLoad imklog # provides kernel logging support
#$ModLoad immark # provides --MARK-- message capability
# provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514
# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
###########################
#### GLOBAL DIRECTIVES ####
###########################
set $.PLATFORM=getenv("PLATFORM");
set $.CONTAINER_NAME=getenv("CONTAINER_NAME");
if ($.PLATFORM == "x86_64-mlnx_msn2700-r0" or $.PLATFORM == "x86_64-mlnx_msn2700a1-r0" or $.PLATFORM == "x86_64-mlnx_msn2410-r0") then {
# This rsyslog configuration is intended to resolve the following error message that only appears on the MSN2700 and MSN2410 platforms:
# "ERR pmon#sensord: Error getting sensor data: dps460/#10: Can't read"
# This error is because of firmware issue with some type of PSU, we are not able to upgrade the FW online.
# Since there is no functional impact, this error log can be ignored safely.
if $programname contains "sensord" and $msg contains "Error getting sensor data: dps460/#" then stop
}
# Set remote syslog server
template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%")
*.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer")
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Define a custom template
$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
$ActionFileDefaultTemplate SONiCFileFormat
#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
#
# Suppress duplicate messages and report "message repeated n times"
#
$RepeatedMsgReduction on
###############
#### RULES ####
###############

View File

@ -34,27 +34,16 @@ function updateSyslogConf()
# Also update the container name # Also update the container name
if [[ ($NUM_ASIC -gt 1) ]]; then if [[ ($NUM_ASIC -gt 1) ]]; then
TARGET_IP=$(docker network inspect bridge --format={{ "'{{(index .IPAM.Config 0).Gateway}}'" }}) TARGET_IP=$(docker network inspect bridge --format={{ "'{{(index .IPAM.Config 0).Gateway}}'" }})
else
if [ "$CONTAINER_EXISTS" = "yes" ]; then
# database configuration has been synced to /etc/rsyslog.conf
# no need generate it to save boot time
return
fi
TARGET_IP="127.0.0.1"
fi
CONTAINER_NAME="$DOCKERNAME" CONTAINER_NAME="$DOCKERNAME"
TMP_FILE="/tmp/rsyslog.$CONTAINER_NAME.conf" TMP_FILE="/tmp/rsyslog.$CONTAINER_NAME.conf"
{%- if docker_container_name == "database" %} {%- if docker_container_name == "database" %}
python -c "import jinja2, os; paths=['/usr/share/sonic/templates']; loader = jinja2.FileSystemLoader(paths); env = jinja2.Environment(loader=loader, trim_blocks=True); template_file='/usr/share/sonic/templates/rsyslog-container.conf.j2'; template = env.get_template(os.path.basename(template_file)); data=template.render({\"target_ip\":\"$TARGET_IP\",\"container_name\":\"$CONTAINER_NAME\"}); print(data)" > $TMP_FILE python -c "import jinja2, os; paths=['/usr/share/sonic/templates']; loader = jinja2.FileSystemLoader(paths); env = jinja2.Environment(loader=loader, trim_blocks=True); template_file='/usr/share/sonic/templates/rsyslog-container.conf.j2'; template = env.get_template(os.path.basename(template_file)); data=template.render({\"target_ip\":\"$TARGET_IP\",\"container_name\":\"$CONTAINER_NAME\"}); print(data)" > $TMP_FILE
{%- else %} {%- else %}
sonic-cfggen -d -t /usr/share/sonic/templates/rsyslog-container.conf.j2 -a "{\"target_ip\": \"$TARGET_IP\", \"container_name\": \"$CONTAINER_NAME\", \"platform\": \"$PLATFORM\" }" > $TMP_FILE sonic-cfggen -t /usr/share/sonic/templates/rsyslog-container.conf.j2 -a "{\"target_ip\": \"$TARGET_IP\", \"container_name\": \"$CONTAINER_NAME\" }" > $TMP_FILE
if [ $? -ne 0 ]; then
echo "Error: Execute sonic-cfggen -d failed. Execute without '-d'."
sonic-cfggen -t /usr/share/sonic/templates/rsyslog-container.conf.j2 -a "{\"target_ip\": \"$TARGET_IP\", \"container_name\": \"$CONTAINER_NAME\", \"platform\": \"$PLATFORM\" }" > $TMP_FILE
fi
{%- endif %} {%- endif %}
docker cp $TMP_FILE ${DOCKERNAME}:/etc/rsyslog.conf docker cp $TMP_FILE ${DOCKERNAME}:/etc/rsyslog.conf
rm -rf $TMP_FILE rm -rf $TMP_FILE
fi
} }
function ebtables_config() function ebtables_config()
{ {
@ -326,13 +315,18 @@ start() {
# Obtain our platform as we will mount directories with these names in each docker # Obtain our platform as we will mount directories with these names in each docker
PLATFORM=${PLATFORM:-`$SONIC_CFGGEN -H -v DEVICE_METADATA.localhost.platform`} PLATFORM=${PLATFORM:-`$SONIC_CFGGEN -H -v DEVICE_METADATA.localhost.platform`}
# Parse the device specific asic conf file, if it exists # Parse the device specific asic conf file, if it exists
ASIC_CONF=/usr/share/sonic/device/$PLATFORM/asic.conf ASIC_CONF=/usr/share/sonic/device/$PLATFORM/asic.conf
if [ -f "$ASIC_CONF" ]; then if [ -f "$ASIC_CONF" ]; then
source $ASIC_CONF source $ASIC_CONF
fi fi
# Default rsyslog target IP for single ASIC platform
SYSLOG_TARGET_IP=127.0.0.1
if [[ ($NUM_ASIC -gt 1) ]]; then
SYSLOG_TARGET_IP=$(docker network inspect bridge --format={{ "'{{(index .IPAM.Config 0).Gateway}}'" }})
fi
PLATFORM_ENV_CONF=/usr/share/sonic/device/$PLATFORM/platform_env.conf PLATFORM_ENV_CONF=/usr/share/sonic/device/$PLATFORM/platform_env.conf
if [ -f "$PLATFORM_ENV_CONF" ]; then if [ -f "$PLATFORM_ENV_CONF" ]; then
source $PLATFORM_ENV_CONF source $PLATFORM_ENV_CONF
@ -646,6 +640,8 @@ start() {
--env "NAMESPACE_COUNT"="$NUM_ASIC" \ --env "NAMESPACE_COUNT"="$NUM_ASIC" \
--env "DEV"="$DEV" \ --env "DEV"="$DEV" \
--env "CONTAINER_NAME"=$DOCKERNAME \ --env "CONTAINER_NAME"=$DOCKERNAME \
--env "SYSLOG_TARGET_IP"=$SYSLOG_TARGET_IP \
--env "PLATFORM"=$PLATFORM \
--name=$DOCKERNAME \ --name=$DOCKERNAME \
{%- if docker_container_name == "gbsyncd" %} {%- if docker_container_name == "gbsyncd" %}
-v /var/run/docker-syncd$DEV:/var/run/sswsyncd \ -v /var/run/docker-syncd$DEV:/var/run/sswsyncd \

View File

@ -407,6 +407,9 @@ sudo cp $IMAGE_CONFIGS/rsyslog/rsyslog-container.conf.j2 $FILESYSTEM_ROOT_USR_SH
sudo cp $IMAGE_CONFIGS/rsyslog/rsyslog.d/* $FILESYSTEM_ROOT/etc/rsyslog.d/ sudo cp $IMAGE_CONFIGS/rsyslog/rsyslog.d/* $FILESYSTEM_ROOT/etc/rsyslog.d/
echo "rsyslog-config.service" | sudo tee -a $GENERATED_SERVICE_FILE echo "rsyslog-config.service" | sudo tee -a $GENERATED_SERVICE_FILE
# Copy containercfgd configuration files
sudo cp $IMAGE_CONFIGS/containercfgd/containercfgd.conf $FILESYSTEM_ROOT_USR_SHARE_SONIC_TEMPLATES/
# Copy syslog override files # Copy syslog override files
sudo mkdir -p $FILESYSTEM_ROOT/etc/systemd/system/syslog.socket.d sudo mkdir -p $FILESYSTEM_ROOT/etc/systemd/system/syslog.socket.d
sudo cp $IMAGE_CONFIGS/syslog/override.conf $FILESYSTEM_ROOT/etc/systemd/system/syslog.socket.d/override.conf sudo cp $IMAGE_CONFIGS/syslog/override.conf $FILESYSTEM_ROOT/etc/systemd/system/syslog.socket.d/override.conf

View File

@ -52,21 +52,26 @@ $SystemLogRateLimitBurst 20000
########################### ###########################
#### GLOBAL DIRECTIVES #### #### GLOBAL DIRECTIVES ####
########################### ###########################
set $.PLATFORM=getenv("PLATFORM");
set $.CONTAINER_NAME=getenv("CONTAINER_NAME");
{% if container_name == 'pmon' %} {% if container_name == 'pmon' %}
{% if platform == 'x86_64-mlnx_msn2700-r0' or platform == 'x86_64-mlnx_msn2700a1-r0' or platform == 'x86_64-mlnx_msn2410-r0' %}
# This rsyslog configuration is intended to resolve the following error message that only appears on the MSN2700 and MSN2410 platforms: # This rsyslog configuration is intended to resolve the following error message that only appears on the MSN2700 and MSN2410 platforms:
# "ERR pmon#sensord: Error getting sensor data: dps460/#10: Can't read" # "ERR pmon#sensord: Error getting sensor data: dps460/#10: Can't read"
# This error is because of firmware issue with some type of PSU, we are not able to upgrade the FW online. # This error is because of firmware issue with some type of PSU, we are not able to upgrade the FW online.
# Since there is no functional impact, this error log can be ignored safely. # Since there is no functional impact, this error log can be ignored safely.
if $programname contains "sensord" and $msg contains "Error getting sensor data: dps460/#" then stop if ($.PLATFORM == "x86_64-mlnx_msn2700-r0" or $.PLATFORM == "x86_64-mlnx_msn2700a1-r0" or $.PLATFORM == "x86_64-mlnx_msn2410-r0") then {
if $programname contains "sensord" and $msg contains "Error getting sensor data: dps460/#" then stop
}
{% endif %} {% endif %}
{% endif %}
# Set remote syslog server # Set remote syslog server
template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% {{container_name}}#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%") template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg%")
*.* action(type="omfwd" target="{{target_ip}}" port="514" protocol="udp" Template="ForwardFormatInContainer") *.* action(type="omfwd" target=`echo $SYSLOG_TARGET_IP` port="514" protocol="udp" Template="ForwardFormatInContainer")
# #
# Use traditional timestamp format. # Use traditional timestamp format.
@ -75,7 +80,7 @@ template (name="ForwardFormatInContainer" type="string" string="<%PRI%>%TIMESTAM
#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat #$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Define a custom template # Define a custom template
$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% {{container_name}}#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n" $template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %$.CONTAINER_NAME%#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
$ActionFileDefaultTemplate SONiCFileFormat $ActionFileDefaultTemplate SONiCFileFormat
# #

View File

@ -1,3 +1,6 @@
from swsscommon.swsscommon import RestartWaiter
RestartWaiter.waitAdvancedBootDone()
import os import os
import re import re
import signal import signal
@ -5,7 +8,7 @@ import subprocess
import sys import sys
from sonic_py_common import daemon_base, logger from sonic_py_common import daemon_base, logger
from swsscommon.swsscommon import ConfigDBConnector, RestartWaiter from swsscommon.swsscommon import ConfigDBConnector
SYSLOG_IDENTIFIER = "containercfgd" SYSLOG_IDENTIFIER = "containercfgd"
logger = logger.Logger(SYSLOG_IDENTIFIER) logger = logger.Logger(SYSLOG_IDENTIFIER)
@ -101,10 +104,9 @@ class SyslogHandler:
# Regular expressions to extract value from rsyslog.conf # Regular expressions to extract value from rsyslog.conf
INTERVAL_PATTERN = '.*SystemLogRateLimitInterval\s+(\d+).*' INTERVAL_PATTERN = '.*SystemLogRateLimitInterval\s+(\d+).*'
BURST_PATTERN = '.*SystemLogRateLimitBurst\s+(\d+).*' BURST_PATTERN = '.*SystemLogRateLimitBurst\s+(\d+).*'
TARGET_IP_PATTERN = '.*target="(.*?)".*'
def __init__(self): def __init__(self):
self.current_interval, self.current_burst, self.target_ip = self.parse_syslog_conf() self.current_interval, self.current_burst = self.parse_syslog_conf()
def handle_config(self, table, key, data): def handle_config(self, table, key, data):
"""Handle CONFIG DB change. Callback by ConfigDBConnector. """Handle CONFIG DB change. Callback by ConfigDBConnector.
@ -149,7 +151,7 @@ class SyslogHandler:
if os.path.exists(self.TMP_SYSLOG_CONF_PATH): if os.path.exists(self.TMP_SYSLOG_CONF_PATH):
os.remove(self.TMP_SYSLOG_CONF_PATH) os.remove(self.TMP_SYSLOG_CONF_PATH)
with open(self.TMP_SYSLOG_CONF_PATH, 'w+') as f: with open(self.TMP_SYSLOG_CONF_PATH, 'w+') as f:
json_args = f'{{"target_ip": "{self.target_ip}", "container_name": "{container_name}" }}' json_args = f'{{"container_name": "{container_name}" }}'
output = run_command(['sonic-cfggen', '-d', '-t', '/usr/share/sonic/templates/rsyslog-container.conf.j2', '-a', json_args]) output = run_command(['sonic-cfggen', '-d', '-t', '/usr/share/sonic/templates/rsyslog-container.conf.j2', '-a', json_args])
f.write(output) f.write(output)
run_command(['cp', self.TMP_SYSLOG_CONF_PATH, self.SYSLOG_CONF_PATH]) run_command(['cp', self.TMP_SYSLOG_CONF_PATH, self.SYSLOG_CONF_PATH])
@ -161,11 +163,10 @@ class SyslogHandler:
"""Passe existing syslog conf and extract config values """Passe existing syslog conf and extract config values
Returns: Returns:
tuple: interval,burst,target_ip tuple: interval,burst
""" """
interval = '0' interval = '0'
burst = '0' burst = '0'
target_ip = None
with open(self.SYSLOG_CONF_PATH, 'r') as f: with open(self.SYSLOG_CONF_PATH, 'r') as f:
content = f.read() content = f.read()
@ -179,15 +180,10 @@ class SyslogHandler:
burst = match.group(1) burst = match.group(1)
break break
pattern = re.compile(self.TARGET_IP_PATTERN) return interval, burst
for match in pattern.finditer(content):
target_ip = match.group(1)
break
return interval, burst, target_ip
def main(): def main():
RestartWaiter.waitAdvancedBootDone()
global container_name global container_name
container_name = os.environ['CONTAINER_NAME'] container_name = os.environ['CONTAINER_NAME']
daemon = ContainerConfigDaemon() daemon = ContainerConfigDaemon()

View File

@ -2,6 +2,9 @@ import os
import sys import sys
from unittest import mock from unittest import mock
from swsscommon import swsscommon
swsscommon.RestartWaiter = mock.MagicMock()
test_path = os.path.dirname(os.path.abspath(__file__)) test_path = os.path.dirname(os.path.abspath(__file__))
modules_path = os.path.dirname(test_path) modules_path = os.path.dirname(test_path)
sys.path.insert(0, modules_path) sys.path.insert(0, modules_path)

View File

@ -2,6 +2,9 @@ import os
import sys import sys
from unittest import mock from unittest import mock
from swsscommon import swsscommon
swsscommon.RestartWaiter = mock.MagicMock()
test_path = os.path.dirname(os.path.abspath(__file__)) test_path = os.path.dirname(os.path.abspath(__file__))
modules_path = os.path.dirname(test_path) modules_path = os.path.dirname(test_path)
sys.path.insert(0, modules_path) sys.path.insert(0, modules_path)
@ -49,7 +52,7 @@ def test_handle_init_data():
@mock.patch('containercfgd.containercfgd.run_command') @mock.patch('containercfgd.containercfgd.run_command')
@mock.patch('containercfgd.containercfgd.SyslogHandler.parse_syslog_conf', mock.MagicMock(return_value=('100', '200', '127.0.0.1'))) @mock.patch('containercfgd.containercfgd.SyslogHandler.parse_syslog_conf', mock.MagicMock(return_value=('100', '200')))
def test_update_syslog_config(mock_run_cmd): def test_update_syslog_config(mock_run_cmd):
mock_run_cmd.return_value = "" mock_run_cmd.return_value = ""
handler = containercfgd.SyslogHandler() handler = containercfgd.SyslogHandler()
@ -69,13 +72,11 @@ def test_update_syslog_config(mock_run_cmd):
def test_parse_syslog_conf(): def test_parse_syslog_conf():
handler = containercfgd.SyslogHandler() handler = containercfgd.SyslogHandler()
handler.SYSLOG_CONF_PATH = os.path.join(test_path, 'mock_rsyslog.conf') handler.SYSLOG_CONF_PATH = os.path.join(test_path, 'mock_rsyslog.conf')
interval, burst, target_ip = handler.parse_syslog_conf() interval, burst = handler.parse_syslog_conf()
assert interval == '50' assert interval == '50'
assert burst == '10002' assert burst == '10002'
assert target_ip == '127.0.0.1'
handler.SYSLOG_CONF_PATH = os.path.join(test_path, 'mock_empty_rsyslog.conf') handler.SYSLOG_CONF_PATH = os.path.join(test_path, 'mock_empty_rsyslog.conf')
interval, burst, target_ip = handler.parse_syslog_conf() interval, burst = handler.parse_syslog_conf()
assert interval == '0' assert interval == '0'
assert burst == '0' assert burst == '0'
assert target_ip is None