sonic-snmpagent submodule update
#### Why I did it
sonic-snmpagent submodule update:
```
889e098 2023-12-02 Enable faulthandler to provide more fault information (#301)
```
##### Work item tracking
- Microsoft ADO **(number only)**:17637258
#### How I did it
sonic-snmpagent submodule update
#### How to verify it
Pass all test case.
### Tested branch (Please provide the tested image version)
- [ ] SONiC.202012-15703.306864-1ef589c19
#### Description for the changelog
sonic-snmpagent submodule update
Backport #16937
**Why I did it**
To avoid orchagent crash issue like sonic-net/sonic-swss#2935, disable unsupported counters on SONiC management devices.
**Work item tracking**
Microsoft ADO (number only): 25437720
**How I did it**
Update the minigraph parser to disable unsupported counters on management devices.
**How to verify it**
Verified by unittest.
Manually apply patch to DUT and do config load_minigraph
#### Why I did it
##### Work item tracking
- Microsoft ADO **(number only)**: 24802410
#### How I did it
#### How to verify it
This reverts commit f9d83c6e17.
#### Why I did it
To ease concerns on log2ram raised by Mellanox
##### Work item tracking
- Microsoft ADO **25355843**
#### How I did it
Reverting the aforementioned commit and resolving merge conflicts in Dell's installer.conf file
#### Description for the changelog
Reverted the changes to the installer.conf files in three platforms to remove the log_inram option, thereby ensuring /var/log/ would not be mounted on tmpfs.
Why I did it
Add info syslog for cpu_wdt.service when trigger watchdog arm action.
How I did it
Add info syslog for cpu_wdt.service when trigger watchdog arm action.
### Why I did it
Cherry-pick from https://github.com/sonic-net/sonic-buildimage/pull/15660
Fix some of the patches in .patches folder not applied issue.
The command "quilt applied" only lists the applied patches, if some of the patches have issues, then the patches will not be applied when you run the build command again.
##### Work item tracking
- Microsoft ADO **(number only)**: 24410730
#### How I did it
1. Run the command to apply the patches without any conditions.
2. If failed, check if the failure reason is "series fully applied".
To support iTCO watchdog in Dell S6100.
[Backport PR [DellEMC] S6100 - iTCO watchdog support and reboot cause determination changes #9149]
Microsoft ADO (25153914):
Update installer.conf for initializing the required drivers.
Update the reboot cause determination logic to check for iTCO watchdog reset if the BIOS version supports iTCO watchdog.
### Why I did it
Fast reboot is failing on 202012 after PR https://github.com/sonic-net/sonic-buildimage/pull/15685 was cherrypicked to 202012 as part of https://github.com/sonic-net/sonic-buildimage/pull/16225
The master branch change is good, but the cherry pick to 202012 is bad.
Change was needed on master as the code added here was not effective (as it was unreachable) and not required (as fast-reboot on master uses warm-reboot infra of db dump and reconc).
However, this code was still being used in 202012, and should not have been removed. The DB flag needs to be set to allow services do fast recovery. In the latest 202012 images, fast reboot fails as syncd does cold restart:
Good case on 202012 (before PR 16225)
```
Sep 14 13:25:55.435266 str3-s6100-acs-6 NOTICE syncd#syncd: :- Syncd: command line:
EnableDiagShell=YES EnableTempView=YES DisableExitSleep=NO EnableUnittests=NO EnableConsistencyCheck=NO
EnableSyncMode=YES RedisCommunicationMode=redis_async EnableSaiBulkSuport=NO
StartType=fast <----------------------
ProfileMapFile=/etc/sai.d/sai.profile GlobalContext=0 ContextConfig= BreakConfig=/tmp/break_before_make_objects
```
Bad case on 202012 (after PR 16225)
```
Sep 22 22:00:19.619381 str-s6100-acs-2 NOTICE syncd#syncd: :- Syncd: command line:
EnableDiagShell=YES EnableTempView=YES DisableExitSleep=NO EnableUnittests=NO EnableConsistencyCheck=NO
EnableSyncMode=YES RedisCommunicationMode=redis_async EnableSaiBulkSuport=NO
StartType=cold <----------------------
ProfileMapFile=/etc/sai.d/sai.profile GlobalContext=0 ContextConfig= BreakConfig=/tmp/break_before_make_objects
```
##### Work item tracking
- Microsoft ADO **(number only)**: 25227065
#### How I did it
Set system flag for fast reboot during boot up path
#### How to verify it
Change restores the state as it was before PR 16225, and fast-reboot worked before 16225
Tested locally w/ the change by replacing database.sh on the device.
This is a fix for PR [kernel] Change grub cmdline to set c-states to 0 for "Intel" CPUs by shlomibitton · Pull Request #6051 · sonic-net/sonic-buildimage (github.com)
The original PR will disable intel idle driver but it cannot limit the max c-state to 1 due to system will fall back to acpi idle driver.
Currently intel_idle.max_cstate=0 is already present, which will disable intel idle driver. With the added option, common idle driver will be disabled as well, so there will not be idle management. This is to prevent a bug that can be triggered by idle instruction on intel platform.
Work item tracking
Microsoft ADO (number only): 24867921
#### Why I did it
src/sonic-snmpagent
```
* 64f0def - (HEAD -> 202012, origin/202012) Support interface speed for PortChannels (#262) (2 days ago) [Lukas Stockner]
```
#### Why I did it
src/sonic-dbsyncd
```
* d6b2000 - (HEAD -> 202012, origin/202012) Fix the LLDP_LOC_CHASSIS not getting populated if no remote neighbors are present (#39) (#58) (7 months ago) [abdosi]
* 0f8d503 - Use github code scanning instead of LGTM (#55) (8 months ago) [Liu Shilong]
```
### Why I did it
Upgrade the SAI version to 4.3.12.2 to include the following changes:
- 4.3.10.2: [JIRA SONIC-68535][CSP CS00012273299] sai_query_attribute_capability for obj type SAI_OBJECT_TYPE_SWITCH
- 4.3.11.2: [JIRA SONIC-76883][CSP CS00012303308] SDK-367579: Skip flex port check when in iBodSync context
- 4.3.12.2: [JIRA SONIC-76472][CSP CS00012299690] Source suppressed broadcast packets count on interface TX discard statistics
##### Work item tracking
- Microsoft ADO **(number only)**: 24962692
#### How I did it
Upgrade the SAI version in sai.mk file.
#### How to verify it
Run SONiC basic test in SAI release pipeline: https://dev.azure.com/mssonic/internal/_build/results?buildId=361078&view=results
ADO: 25136360
#### Why I did it
sonic-mgmt component test failed
#### How I did it
Change the order of components in platform file.
#### How to verify it
Run sonic-mgmt component API test scripts
- Why I did it
The recent change #15685 (comment) removed the db migration for non first reboots.
This is problematic for many deployments which doesn't rely on ZTP and push a custom config_db.json
Port to older branches after #15685 is ported back
- How I did it
Re-introduce the logic to run the db_migrator on non-first boots
- How to verify it
Verified reboot and warm-reboot cases
Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
Why I did it
Cherry-Pick #11926 into 202012
Work item tracking
Microsoft ADO (17850717):
How I did it
Create patch file to avoid notify race between io and main pthreads.
How to verify it
PR test, physical DUT for bgp related regression tests.
#### Why I did it
When an exception happens during `get_change_event` it brings the process invoking it down.
##### Work item tracking
- Microsoft ADO **(number only)**: 24599154
#### How I did it
This is a backport of #16112
Handle exceptions gracefully within `get_change_event`
#### Description for the changelog
Ignore poll errors during get_event_change on Arista devices
Cherry pick of #15685
MSFT ADO: 24274591
#### Why I did it
Two changes:
### 1 Fix a day1 issue, where check to wait until `CONFIG_DB_INITIALIZED` is incorrect.
There are multiple places where same incorrect logic is used.
Current logic (`until [[ $($SONIC_DB_CLI CONFIG_DB GET "CONFIG_DB_INITIALIZED") ]];`) will always result in pass, irrespective of the result of GET operation.
```
root@str2-7060cx-32s-29:~# sonic-db-cli CONFIG_DB GET "CONFIG_DB_INITIALIZED"
1
root@str2-7060cx-32s-29:~# until [[ $(sonic-db-cli CONFIG_DB GET "CONFIG_DB_INITIALIZED") ]]; do echo "entered here"; done
root@str2-7060cx-32s-29:~#
root@str2-7060cx-32s-29:~#
root@str2-7060cx-32s-29:~# sonic-db-cli CONFIG_DB GET "CONFIG_DB_INITIALIZED"
0
root@str2-7060cx-32s-29:~# until [[ $(sonic-db-cli CONFIG_DB GET "CONFIG_DB_INITIALIZED") ]]; do echo "entered here"; done
root@str2-7060cx-32s-29:~#
```
Fix this logic by checking for value of flag to be "1".
```
root@str2-7060cx-32s-29:~# until [[ $(sonic-db-cli CONFIG_DB GET "CONFIG_DB_INITIALIZED") -eq 1 ]]; do echo "entered here"; done
entered here
entered here
entered here
```
This gap in logic was highlighted when another fix was merged: https://github.com/sonic-net/sonic-buildimage/pull/14933
The issue being fixed here caused warmboot-finalizer to not wait until config-db is initialized.
### 2 Set and unset CONFIG_DB_INITIALIZED for warm-reboot case
Currently, during warm shutdown `CONFIG_DB_INITIALIZED`'s value is stored in redis db backup. This is restored back when the dump is loaded during warm-recovery.
So the value of `CONFIG_DB_INITIALIZED` does not depend on config db's state, however it remain what it was before reboot.
Fix this by setting `CONFIG_DB_INITIALIZED` to 0 as when the DB is loaded, and set it to 1 after db_migrator is done.
ADO: 24709703
#### Why I did it
sonic-mgmt platform testcases failed.
#### How I did it
Implement platform API 2.0.
#### How to verify it
Run sonic-mgmt tests.
#### Why I did it
src/sonic-utilities
```
* 7fe50faa - (HEAD -> 202012, origin/202012) UT change: for db_migrator test do not check for RESTAPI cert values (#2919) (6 minutes ago) [Vaibhav Hemant Dixit]
```
#### Why I did it
src/linkmgrd
```
* 3f89fce - (HEAD -> 202012, origin/202012) [202012] Use Vlan MAC as src MAC for link prober by default #93 (#209) (6 weeks ago) [Jing Zhang]
```
Why I did it
[E1031] fix pca9548 initializes failed occasionally in stress test.
When failure happened, ismt i2c bus hang up and need power cycle to
recover it.
How I did it
Add 0.5s delay between setuping and configuring pca9548 i2c mux.
How to verify it
Reboot stress test at least 100 times without failure.
Why I did it
Use remote PR test template from sonic-mgmt master to run PR test.
How I did it
Modify PR test azure pipeline yml file.
How to verify it
PR test executing normally.
Signed-off-by: Chun'ang Li <chunangli@microsoft.com>
### Why I did it
On 202012 images, there is an issue that certain reload causes are not cleared after reading and the uncleared causes may confuse the following reboot-cause reading after warm-reboot to master/202305.
##### Work item tracking
- Microsoft ADO **(number only)**: 24378183
#### How I did it
Clear the reload cause even in the case that it is determined as not important.
#### How to verify it
1) Cold-boot to 202012
2) Warm-reboot to master
3) Check the reboot cause is 'warm-reboot' by 'show reboot-cause'
### Why I did it
Upgrade SAI version to 4.3.8.1 to include the following change:
- CS00012288297: Fix TX queue for control packets
##### Work item tracking
- Microsoft ADO **(number only)**: 24669269
#### How I did it
Upgrade the SAI version in sai.mk file
* [Build] Fix the PyYang python package installation issue (#15890)
Why I did it
Fix the armhf build failure.
How to reproduce the issue:
docker run -it debain:bullseye bash
apt-get update && apt-get install -y python3-pip
pip3 install PyYAML==5.4.1
Error message:
Collecting PyYAML==5.4.1
Installing build dependencies ... done
Getting requirements to build wheel ... error
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3 /tmp/tmp6xabslgb_in_process.py get_requires_for_build_wheel /tmp/tmp_er01ztl
....
raise AttributeError(attr)
AttributeError: cython_sources
----------------------------------------
WARNING: Discarding d63f2d7597/PyYAML-5.4.1.tar.gz (sha256)=607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e (from https://pypi.org/simple/pyyaml/) (requires-python:>=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*). Command errored out with exit status 1: /usr/bin/python3 /tmp/tmp6xabslgb_in_process.py get_requires_for_build_wheel /tmp/tmp_er01ztl Check the logs for full command output.
ERROR: Could not find a version that satisfies the requirement PyYAML==5.4.1
ERROR: No matching distribution found for PyYAML==5.4.1
root@fa2fa92edcfd:/#
But if adding the option --no-build-isolation, then it is good, see fix.
install "PyYAML==5.4.1" --no-build-isolation
The same error can be found in the multiple builds.
Work item tracking
Microsoft ADO (number only): 24567457
How I did it
Add a build option --no-build-isolation.
* Fix docker-platform-monitor python2 issue
* Fix wheel dependency issue
* Fix wheel dependency issue
* Fix the pip2 PyYAML in host image
#### Why I did it
cherry pick, #15535
Graceful restart is a key event for bgpd, related log print is debug level. To change it to info level to get more visibilities when this kind of event is triggered.
##### Work item tracking
- Microsoft ADO **(13875291)**:
#### How I did it
To create patch file to change from debug level to info level.
#### How to verify it
To run PR test and capture the print.
Fix libtacsupport.so can't parse tacplus_nss.conf issue and not reset server list before parse config file issue.
##### Work item tracking
- Microsoft ADO **(number only)**: 24433713
#### Why I did it
1. Fix libtacsupport.so can't parse tacplus_nss.conf correctly issue:
Support debug=on setting.
Support put server address and secret in same row.
2. Fix the parse_config_file method not reset server list before parse config file issue.
#### How I did it
Fix libtacsupport.so can't parse tacplus_nss.conf issue and not reset server list before parse config file issue.
#### How to verify it
UT with CUnit cover all code in this plugin.
Also pass all current UT.
#### Which release branch to backport (provide reason below if selected)
N/A
#### Tested branch (Please provide the tested image version)
Extract tacacs support functions into library, this will share TACACS config file parse code with other project.
Also fix memory leak issue in parse config code.
- [ ] SONiC.202012-15723.312602-e230e2d3e
#### Description for the changelog
Fix libtacsupport.so can't parse tacplus_nss.conf issue and not reset server list before parse config file issue.
This pull request integrate audisp-tacplus to SONiC for per-command accounting.
##### Work item tracking
- Microsoft ADO **(number only)**: 24433713
#### Why I did it
To support TACACS per-command accounting, we integrate audisp-tacplus project to sonic.
#### How I did it
1. Add auditd service to SONiC
2. Port and patch audisp-tacplus to SONiC
#### How to verify it
UT with CUnit to cover all new code in usersecret-filter.c
Also pass all current UT.
#### Tested branch (Please provide the tested image version)
Extract tacacs support functions into library, this will share TACACS config file parse code with other project.
Also fix memory leak issue in parse config code.
- [ ] SONiC.202012-15723.312602-e230e2d3e
#### Description for the changelog
Add audisp-tacplus for per-command accounting.
sonic-utilities submodule update
#### Why I did it
sonic-utilities submodule update:
```
399b1e3 2023-07-06 [202012][Show][BGP] Show BGP Change for no neighbor scenario (#2886)
7b47641 2023-07-10 [[202012] [TACACS+] Add config command for AAA authorization and accounting. (#1889)
```
##### Work item tracking
- Microsoft ADO **(number only)**:24433713
#### How I did it
Update sonic-utilities submodule.
#### How to verify it
Pass all test case.
#### Tested branch (Please provide the tested image version)
- [ ] SONiC.202012-15703.306864-1ef589c19
This pull request add Config DB schema and HostCfg Enforcer plugin to support TACACS+ per-command authorization&accounting.
##### Work item tracking
- Microsoft ADO **(number only)**: 24433713
#### Why I did it
Support TACACS per-command authorization&accounting.
#### How I did it
Change ConfigDB schema and HostCfg enforcer.
Add UT to cover changed code.
#### How to verify it
Build following project and pass all UTs:
make target/python-wheels/sonic_host_services-1.0-py3-none-any.whl
#### Which release branch to backport (provide reason below if selected)
N/A
#### Tested branch (Please provide the tested image version)
Extract tacacs support functions into library, this will share TACACS config file parse code with other project.
Also fix memory leak issue in parse config code.
- [ ] SONiC.202012-15723.309781-38d8852cd
#### Description for the changelog
Add Config DB schema and HostCfg Enforcer plugin to support TACACS+ per-command authorization&accounting.
This pull request extract tacacs support functions into library to share TACACS config file parse code with other project. Also fix memory leak issue in parse config code.
#### Why I did it
To support TACACS per command authorization, we need reuse the TACACS config file parse code in bash plugin project.
##### Work item tracking
- Microsoft ADO **(number only)**: 24433713
#### How I did it
Add libtacsupport.pc.in to extract tacacs support functions into library.
Fix memory leak issue in TACACS config parse code by convert the dynamic memory allocation memory to static memory allocation.
#### How to verify it
Pass all current UT.
Check shared library generated manually.
#### Tested branch (Please provide the tested image version)
Extract tacacs support functions into library, this will share TACACS config file parse code with other project.
Also fix memory leak issue in parse config code.
- [ ] SONiC.202012-15703.306864-1ef589c19
#### Description for the changelog
Extract tacacs support functions into library, this will share TACACS config file parse code with other project.
Also fix memory leak issue in parse config code.