* [Build][201811] Fix the jessie mirror removed issue
* Fix build break for jessie apt key expiration. (#13328)
The GPG key used for Jessie's official repos has since expired, which means building 201911 images no longer works.
Fake the time to be before the expiry date.
* [build] Fix issues caused by docker.com gpg key update. (#14063)
Why I did it
docker.com's gpg key start to work from 2023-02-23. While debian.org's gpg key expired in 2022-11.
We used a walkaround for security checking for debian gpg keys. Now we need to exclude docker.com's gpg key.
How I did it
Update docker.com's gpg key without faketime.
Update others' gpg key with faketime '2022-11'
How to verify it
* Fix build break for jessie apt key expiration
---------
Co-authored-by: Saikrishna Arcot <sarcot@microsoft.com>
Co-authored-by: Liu Shilong <shilongliu@microsoft.com>
* Restore neighbor table to kernel during system warm-reboot
Added a service: "restore_neighbors" to restore neighbor table into
kernel during system warm reboot. The service is started by supervisord
in swss docker when the docker is started.
In case system warm reboot is enabled, it will try to restore the neighbor
table from appDB into kernel through netlink API calls and update the neighbor
table by sending arp/ns requests to all neighbor entries, then it sets the
stateDB flag for neighsyncd to continue the reconciliation process.
-- Added tcpdump python-scapy debian package into orchagent and vs dockers.
-- Added python module: pyroute2 netifaces into orchagent and vc dockers.
-- Workarounded tcpdump issue in the vs docker
Signed-off-by: Zhenggen Xu <zxu@linkedin.com>
* Move the restore_neighbors.py to sonic-swss submodule
Made changes to makefiles accordingly
Make dockerfile.j2 changes and supervisord config changes
Add python monotonic lib for time access
Signed-off-by: Zhenggen Xu <zxu@linkedin.com>
* Added PYTHON_SWSSCOMMON as swss runtime dependency
Signed-off-by: Zhenggen Xu <zxu@linkedin.com>
Remove the teamd.j2 templates used for starting the teamd. Add
teammgrd instead to manage all port channel related configuration
changes. Remove front panel port related configurations in
interfaces.j2 templates as well.
Remove teamd.sh script and use teammgrd to start all the teamd
processes. Remove all the logics in the start.sh script as well.
Update the sonic-swss submodule.
Signed-off-by: Shu0T1an ChenG <shuche@microsoft.com>
Previously use / to separate container name and program name.
However, in rsyslogd:
Precisely, the programname is terminated by either (whichever occurs first):
end of tag
nonprintable character
‘:’
‘[‘
‘/’
The above definition has been taken from the FreeBSD syslogd sources.
Signed-off-by: Guohan Lu <gulv@microsoft.com>
* Use MAC from EEPROM for PortChannels
Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>
* Use MAC from EEPROM in DEVICE_METADATA
Will affect MAC for VLAN interfaces
Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>
* Get MAC via decode-syseeprom
Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>
* hw-management is now a service
Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>
* Add error handling for MAC fetch process
Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>
* [libteam] Add fallback support for single-member-port LAG
* Allow the port to be selected if the LAG is configured
with fallback and port is in defaulted state due to missing
LACP PDUs from remote end
* Only enable port if LAG is admin up and the member port
is link up
* [team] Add lacp fallback config to teamd.j2 template
* [teamd] Resolve config conflict between fallback and minlink
* Remove min_link config if fallback is configured
* Add support for fallback config in minigraph
* [teamd] Only enable fallback if it is single-member-port LAG
Signed-off-by: Haiyang Zheng <haiyang.z@alibaba-inc.com>
* [teamd] Removing the admin status check in lacp_port_link_update
Will submit another pull request to fix this issue.
Signed-off-by: Haiyang Zheng <haiyang.z@alibaba-inc.com>
This reverts commit a6edef2fa5.
The reason to revert this commit is that it breaks the current nightly test as
no port channel interfaces are get created after boot. teamd failed to start and
complained about 'Cannot allocate memory' possibly due to nlmsg_alloc function
failure.
Will revert this commit to investigate it further before moving to supervisor.
Signed-off-by: Shu0T1an ChenG <shuche@microsoft.com>
With the fixes in /etc/network/interfaces file, host interfaces
could be added into the corresponding LAGs automatically. Thus,
the logic of checking if port initialization is ready is no longer
needed.
Signed-off-by: Shu0T1an ChenG <shuche@microsoft.com>
Modify minigraph parser output format so it fit DB schema
Modify configuration templates to fit new schema
Systemd services dependencies are modified so database starts before any configuration consumer
In Jinja2, '|' cannot be treated directly as piping operator. The
operator precedence of '|' is higher than '*'. The filter only applies
to the value just before it. Group the expression to make sure that the
filter is applied to the outcome of the expression.
Update the unit test to add such case.
* [docker-teamd]: Explicitly set LAG hwaddr
Team device is initially created without any members and has a random HW
address, which is later changed to port's address. This configuration
sets team device's address explicitly to base MAC to avoid reassignment.
Signed-off-by: marian-pritsak <marianp@mellanox.com>
* Update teamd config tests with hwaddr
Signed-off-by: marian-pritsak <marianp@mellanox.com>
* Align HW addr byte for Centec and Mellanox
Signed-off-by: marian-pritsak <marianp@mellanox.com>
* Change HW addr to unicast in config tests
Signed-off-by: marian-pritsak <marianp@mellanox.com>
- Consolidate config.sh and start.sh scripts into one script (start.sh)
- Solve issue #435 - All dockers now run supervisord as their ENTRYPOINT
- All stdout/stderr output from processes managed by supervisord is now sent to syslog instead of their own files
- Supervisord log messages are now also sent to syslog
- Removed unused smartmontools package from docker-platform-monitor
- Add -p --port-config option to feed sonic-cfggen with port_config.ini
file when necessary.
- Update minigraph.py file to accept the -p option
- Add test_j2files.py test to test config.sh and all .j2 templates
* Currently test_teamd is added to test both the config.sh and teamd.j2
file works well with the t0 sample minigraph and sample port config
file
* The sample output is added to the folder sample_output for comparison
Signed-off-by: Shuotian Cheng <shuche@microsoft.com>
- minigraph_portchannel_interfaces and minigraph_vlan_interfaces are lists
of interfaces and the name could duplicate due to multiple IPs
- Add minigraph_portchannels and minigraph_vlans dictionaries to support
querying port channels and vlans via the name
- Update teamd.j2 template and config.sh file in docker-teamd
- Update zebra.conf.j2 template to add port channel interfaces
Signed-off-by: Shuotian Cheng <shuche@microsoft.com>
This change should be temporary because the current teamd cannot
re-create net devices acrosss restart. Basically, it will fail
when there're files in /var/run/teamd/ folder or the previously
created net devices are still there. Thus, the current workaround
is to remove the obsolete files to restart the docker-teamd.
This workaround cannot resolve the swss restart issue. Before
restarting swss, docker teamd needs to be stopped manually. After
swss starts, docker teamd needs to be restarted manually.
This change will only make sure that rebooting the switch will
make the switch at the correct state.
Signed-off-by: Shuotian Cheng <shuche@microsoft.com>
CMD is not longer a file name but a command that needs to be executed,
thus /bin/bash is not enough for the entrypoint and -c is needed.
Signed-off-by: Shuotian Cheng <shuche@microsoft.com>
* [docker-config-engine]: introduce docker sonic config engine
sonic config engine provide the sonic configure engine for all sonic
dockers that rely on the engine to generate runtime configuration.
Add a sonic-config-engine to help generate config file based on minigraph and other data on runtime. Modify fpm, teamd, lldp, snmp, and platform-monitor docker to use sonic-config-engine to generate config in docker upon load.