Commit Graph

2349 Commits

Author SHA1 Message Date
Pavlo Yadvichuk
b0b0862d54 [barefoot]: Add warm-boot feature processing for wedge100bf_32x/65x platforms (#2687) 2019-04-17 00:05:24 -07:00
paavaanan
22d17da09c [devices]: Watchdog enable/disable in DellEMC S6100 (#2730) 2019-04-17 00:04:48 -07:00
pavel-shirshov
1f516920e1
teamd: lacp: update port state according to partner's sync bit (#2793)
Backport of
54f137c105

According to 6.4.15 of IEEE 802.1AX-2014, Figure 6-22, the state that the
port is selected moves MUX state from DETACHED to ATTACHED.

But ATTACHED state does not mean that the port can send and receive user
frames. COLLECTING_DISTRIBUTION state is the state that the port can send
and receive user frames. To move MUX state from ATTACHED to
COLLECTING_DISTRIBUTION, the partner state should be sync as well as the
port selected.

In function lacp_port_actor_update(), only INFO_STATE_SYNCHRONIZATION
should be set to the actor.state when the port is selected.
INFO_STATE_COLLECTING and INFO_STATE_DISTRIBUTING should be set to false
with ATTACHED mode and set to true when INFO_STATE_SYNCHRONIZATION of
partner.state is set.

In function lacp_port_should_be_{enabled, disabled}(), we also need to
check the INFO_STATE_SYNCHRONIZATION bit of partner.state.

Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
2019-04-16 19:11:24 -07:00
Sangita Maity
e798b9389f [dockers]: Upgrade SNMP docker to stretch build (#2620)
* [dockers]: Upgrade SNMP docker to stretch build
* Removed patch-> 0003-CHANGES-BUG-2743-snmpd-crashes-when-receiving-a-GetN.patch
* update platform-common submodule
* adding PyYAML  package to stretch dockerfile
* Installing redis  package via pip in stretch dockerfile
* again updating platform-common submodule
* revert back the snmpd version to 5.7.3+dfsg-1.5
* upgrading the snmpd version to 5.7.3+dfsg-1.7+deb9u1 with openssl backport support
* update sonic-snmpagent submodule
* purge libdpkg-perl package in Dockerfile
* revert back the snmpd version to 5.7.3+dfsg-1.5
* minor change in series file
2019-04-16 18:35:04 -07:00
Stepan Blyshchak
6a4ffef1fd [snmp.service] Make swss.service a requisite (#2790) 2019-04-16 18:32:36 -07:00
Vitaliy Senchyshyn
16927f5844 [snmp] Configure snmp docker hostname from config DB (#2773)
* [snmp] Configure snmp docker hostname from config DB
* Fixed reviewer comments
2019-04-16 11:09:05 -07:00
Mykola F
1aa258d3cb [fw-upgrade] fix issue with fw-upgrade (#2785)
Signed-off-by: Mykola Faryma <mykolaf@mellanox.com>
2019-04-16 10:06:10 -07:00
Andriy Kokhan
d038fd228a [build]: fixed BFN target build (#2784)
Signed-off-by: Andriy Kokhan <akokhan@barefootnetworks.com>
2019-04-15 22:34:56 -07:00
Samuel Angebault
539d4ff6d5 Install python3.6 smbus module in snmp (#2772) 2019-04-15 20:39:43 -07:00
Ying Xie
8bf9247c5e
[tmpfs var/log] mount /var/log as tmpfs for some platforms (#2780)
SONiC is a heavy writer to /var/log partition, we noticed that this
behavior causes certain flash drive to become read-only over time.
To avoid this issue, we mount /var/log parition on these devices as
tmpfs.

- Mount /var/log as tmpfs
- /var/log default size is 128M
- Adjust size according to existing var-log.ext4 file size.
- Adjust size to between 5% to 10% of total memory size.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-14 22:46:26 -07:00
lguohan
893837eca0 [mpdecimal]: upgrade mpdecimal to 2.4.2-2 (#2783)
fix build issue https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887735
2019-04-13 22:43:27 -07:00
Mykola F
c5fecea247 [Mellanox-SAI] update Mellanox SAI submodule pointer (#2777)
Signed-off-by: Mykola Faryma <mykolaf@mellanox.com>
2019-04-13 17:23:21 -07:00
Renuka Manavalan
c846fb9ead [build]: Updated Makefile infrastructure to build debug images. (#2753)
* Updated Makefile infrastructure to build debug images.
As a sample, platform/broadcom/docker-orchagent-brcm.mk is updated to add a docker-orchagent-brcm-dbg.gz target.

Now "BLDENV=stretch make target/docker-orchagent-brcm-dbg.gz" will build the debug image.

This debug image can be used in any linux box to inspect core file. If your module's external dependency can be suitably mocked, you my even manually run it inside.

"docker run -it --entrypoint=/bin/bash e47a8fb8ed38"

You may map the core file path to this docker run.

* Dropped the regular binary using DBG_PACKAGES and a small name change to help readability.

* Tweaked the changes to retain the existing behavior w.r.t INSTALL_DEBUG_TOOLS=y.

When this change ('building debug docker image transparently') is extended to all dockers, this flag would become redundant. Yet, there can be some test based use cases that rely on this flag.

Until after all the dockers gets their debug images by default and we switch all use cases of this flag to use the newly built debug images, we need to maintain the existing behavior.
2019-04-13 17:05:18 -07:00
Qi Luo
83a76916f7
[mgmt] Install passlib in sonic-mgmt docker to support ansible no_log option (#2782) 2019-04-13 09:48:56 -07:00
Ying Xie
f583f57af6
[service] add warmboot finializer service (#2715)
After warm reboot is done, we need to disable warm reboot flag and
tear down anything setup for warm reboot and persisted across.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-12 15:45:58 -07:00
Wenda Ni
9b6a2fb2bf [submodule]: submodule update for PFC watchdog warm reboot commits (#2755)
sonic-sairedis:
e8cb879 Make object list deterministic when iterating (#438)
5486f97 Ignore ACL_COUNTER bytes and packets during comparison logic (#443)
b138ff9 Notify OA about exception and process only restart query events (#437)
0974a43 Set MTU value on created tap device for virtual switch (#436)
e2f50e8 Increase eth buffer size to 16k for virtual switch (#435)
79fb388 [bfn] Ged rid of ld_preload. Link against libsai only (#429)
2e47b78 Remove MAC alignment WA for Mellanox platforms. (#430)
e1354fe Add pre match to comparison logic and unittests (#423)
18a5ebb Drop FDB notifications if they contain invalid OIDs (#428)

sonic-swss-common:
8af58ad sonic-swss-common: Add vxlan macros to schema (#269)
76837bf Make class Select support batch read from selectables (#270)
4cf643e Add multiple fields hdel support (#267)
a710529 Update PFC_WD table name in CONFIG_DB (#266)
3c452c1 Update README.md (#268)

sonic-swss:
e329dbd Survive pfc watchdog storm action across warm-reboot (#794)

sonic-utilities:
6ee0aea (HEAD, origin/master, origin/HEAD) [config]: Change the order of interface commands (#504)
5ae30d2 [show vlan brief] Support 'alias' interface naming mode (#497)
bafebf9 Update neighbor advertiser (#498)
fa90083 [clear/main.py]: clear ndp command. (#450)
65f69e4 [show interface neighbor expected] Support 'alias' interface naming mode (#495)
aae39e7 updated show ipv6 interface for alias mode (#493)
170fed9 [warm-reboot] initialize warm reboot state table before warm rebooting (#492)
06cd99f Allow config shutdown and startup operations on valid PortChannel interface names (#474)
98cdebb [show ip interface] Add support for 'alias' interface naming mode (#486)
5f1de81 [show] Add serial numbers/uptime/hwinfo to 'show version' output (#488)
e78a866 [route_check] Move scripts under scripts/ directory, add to setup.py (#489)
d347527 Change PFC watchdog CONFIG_DB table name from PFC_WD_TABLE to PFC_WD (#475)

Signed-off-by: Wenda Ni <wenni@microsoft.com>
2019-04-12 10:21:32 -07:00
Haiyang Zheng
0af5f0b6b5 [docker-team]: update teamd docker to stretch (#2734)
Signed-off-by: Haiyang Zheng <haiyang.z@alibaba-inc.com>
2019-04-12 10:14:51 -07:00
lguohan
158531b48d
[build]: only build dockers needed by installers (#2771)
Signed-off-by: Guohan Lu <gulv@microsoft.com>
2019-04-11 19:28:41 -07:00
Qi Luo
0a6dd8800f [docker-fpm-frr]: Fix FRR config script to render frr.conf (#2770) 2019-04-11 07:58:05 -07:00
pavel-shirshov
9b1663ce8a [sonic-cfggen]: Output differences for bgp configurations (#2768) 2019-04-10 22:55:54 -07:00
Shuotian Cheng
61760185e1 [config-engine]: Remove unused sample minigraph (#2769)
Signed-off-by: Shu0T1an ChenG <shuche@microsoft.com>
2019-04-10 22:55:30 -07:00
Wirut Getbamrung
27803ec603 [docker-platform-monitor]: Add smartmontools 6.6-1 (#2703) 2019-04-10 21:55:54 -07:00
Mykola F
d993d6f3ac [Mellanox] build one image for Mellanox & Mellanox SimX (#2664)
Signed-off-by: Mykola Faryma <mykolaf@mellanox.com>
2019-04-10 21:55:14 -07:00
pavel-shirshov
602369126c [docker-fpm-quagga]: Add support for PeerAsn and UpdateAddress (#2766) 2019-04-10 21:50:36 -07:00
Wirut Getbamrung
4fcb3321b2 [platform-celestica]: Add new fancontrol service for haliburton device (#2736) 2019-04-10 19:13:30 -07:00
Ying Xie
af64fd66d2 [bgp quagga] increase BGP graceful restart timeout to 240 seconds (#2754)
There are some platforms with less powerful CPU/hard-drive could take
longer to get ready for BGP. For these platforms, 240 seconds would be
a safer threshold.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-10 19:13:03 -07:00
Ying Xie
1af74d5662 [Bcm SAI] ugprade Broadcom SAI to version 3.3.5.4m-1 (#2765)
- Broadcom SAI 3.3 GA release 20190402.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-10 19:11:59 -07:00
lguohan
bd5be5d328
[sonic-mgmt]: install pytest-ansible for running pytests in sonic-mgmt (#2757)
Signed-off-by: Guohan Lu <gulv@microsoft.com>
2019-04-10 12:23:59 -07:00
Stepan Blyshchak
ded4fe27ff [mlnx] fix url inconsistency in fw.mk (#2761)
Signed-off-by: Stepan Blyschak <stepanb@mellanox.com>
2019-04-10 17:57:34 +03:00
randygaulmsft
3add5d46e4 Add note for running out of disk space in /var/lib/docker to README.md (#2758) 2019-04-10 00:02:57 -07:00
pavel-shirshov
d6cf075ca5 [vstest]: Test for quagga livelock fix (#2751)
* Test for quagga livelock fix

* Create /usr/local/etc for the test

* Add more debug info

* Install specific version of exabgp

* Update sonic-quagga
2019-04-09 09:03:25 -07:00
Mykola F
33818d6b26 [pmon]: fix lm-sensors binaries build (#2749)
Signed-off-by: Mykola Faryma <mykolaf@mellanox.com>
2019-04-05 15:10:54 -07:00
Jipan Yang
69ef456efd [swss]: Update to debian python-scapy (2.4.2) to fix scapy crash seen with 2.3.3-1 (#2745)
* Fix scapy crash problem with pip scapy (2.4.2)

Signed-off-by: Jipan Yang <jipan.yang@alibaba-inc.com>
2019-04-04 21:18:38 -07:00
Renuka Manavalan
f3afaea713
Merge pull request #2746 from renukamanavalan/master
[hostcfgd] Default value of fallthrough for authentication set to be False.
2019-04-04 19:06:32 -07:00
Nazarii Hnydyn
ab2c42ea8a Refactored daemon base API: added Logger. (#2672)
* Refactored daemon base API: added Logger.

Signed-off-by: Nazarii Hnydyn <nazariig@mellanox.com>
2019-04-04 16:12:59 +03:00
Kebo Liu
67113ad051 [submodule]: update submodules to pick up pmon refactoring commits (#2710) 2019-04-03 22:02:57 -07:00
Nazarii Hnydyn
6540a248a5 [submodule]: Updated SNMP submodule. (#2744)
Signed-off-by: Nazarii Hnydyn <nazariig@mellanox.com>
2019-04-03 21:50:07 -07:00
Renuka Manavalan
6d7ecc426c [hostcfgd] -- Fix the default for failthrough as false.
This implies that by default, if TACACS is configured properly and it reported auth_err, then don't try fail through to traditional unix authentication through /etc/passwd.

If this failthrough is intended, make it explicit through "sudo config aaa authentication failthrough enable"

Removed an unused variable "aaa.fallback"

Tested manually. Note the presence of 'auth_err=die' in all cases except when failthrough is explicitly enabled.

admin@str-s6000-acs-13:~$ sudo config aaa authentication failthrough default; date
Wed Apr  3 23:05:18 UTC 2019
admin@str-s6000-acs-13:~$ ls -lrt /etc/pam.d/common-auth-sonic ; grep 123 /etc/pam.d/common-auth-sonic
-rw-r--r-- 1 root root 1316 Apr  3 23:05 /etc/pam.d/common-auth-sonic
auth    [success=done new_authtok_reqd=done default=ignore auth_err=die]        pam_tacplus.so server=100.127.20.22:49 secret=testing123 login=login timeout=5 try_first_pass
auth    [success=done new_authtok_reqd=done default=ignore auth_err=die]        pam_tacplus.so server=100.127.20.21:49 secret=testing123 login=login timeout=5 try_first_pass

admin@str-s6000-acs-13:~$ sudo config aaa authentication failthrough enable; date ; h4 "AAA|authentication"
Wed Apr  3 23:06:37 UTC 2019
admin@str-s6000-acs-13:~$ ls -lrt /etc/pam.d/common-auth-sonic ; grep 123 /etc/pam.d/common-auth-sonic
-rw-r--r-- 1 root root 1294 Apr  3 23:06 /etc/pam.d/common-auth-sonic
auth    [success=done new_authtok_reqd=done default=ignore]     pam_tacplus.so server=100.127.20.22:49 secret=testing123 login=login timeout=5 try_first_pass
auth    [success=done new_authtok_reqd=done default=ignore]     pam_tacplus.so server=100.127.20.21:49 secret=testing123 login=login timeout=5 try_first_pass

admin@str-s6000-acs-13:~$ sudo config aaa authentication failthrough disable; date ; h4 "AAA|authentication"
Wed Apr  3 23:07:09 UTC 2019
admin@str-s6000-acs-13:~$ ls -lrt /etc/pam.d/common-auth-sonic ; grep 123 /etc/pam.d/common-auth-sonic
-rw-r--r-- 1 root root 1321 Apr  3 23:07 /etc/pam.d/common-auth-sonic
auth    [success=done new_authtok_reqd=done default=ignore auth_err=die]        pam_tacplus.so server=100.127.20.22:49 secret=testing123 login=login timeout=5 try_first_pass
auth    [success=done new_authtok_reqd=done default=ignore auth_err=die]        pam_tacplus.so server=100.127.20.21:49 secret=testing123 login=login timeout=5 try_first_pass
2019-04-03 23:16:56 +00:00
Renuka Manavalan
e65d9c5c88 Merge remote-tracking branch 'upstream/master'
Sync with upstream
2019-04-03 23:02:08 +00:00
Ying Xie
00a0f22f38
Revert "[teamd service] teamd service should start after syncd (#2724)" (#2733)
This reverts commit 0d1efb131c.
2019-04-03 08:20:44 -07:00
Shuotian Cheng
4791701752 [minigraph]: Mark both ERSPAN and ERSPANv6 as mirror ACL tables (#2732)
- Support ERSPAN and ERSPANv6 two types of ACL tables.
- Update the unit test to cover this case.

Signed-off-by: Shu0T1an ChenG <shuche@microsoft.com>
2019-04-02 16:59:00 -07:00
paavaanan
b56124bf48 removing dhcp- turn- off option from initrd (#2555)
* removing dhcp changes from initrd

* removing mgmt-intf-dhcp file
2019-04-02 15:48:04 -07:00
Ying Xie
fd3f61167d
[teamd] prevent re-entrance of port priv change handler (#2723)
When adding a lag member dynamically after system boots up, teamd
port priv change handler could re-entrant itself and causing adding
operation to fail.

While handling PORT_CHANGE event, teamd_per_port.c port priv change
handler was called, it will then call runner_lacp to add port to lag,
the later causes IFINFO_CHANGE to be notified and calls the priv change
handler again, this re-entrance would cause runner_lacp port_added to
be called again and messes up with the previous adding sequence. Then
fails the lag member adding operation.

Prevent per port priv change handler re-entrance solves the problem.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-01 16:51:30 -07:00
Ying Xie
0d1efb131c
[teamd service] teamd service should start after syncd (#2724)
* [teamd service] teamd service should start after syncd

Signed-off-by: Ying Xie <ying.xie@microsoft.com>

* combine after lines
2019-04-01 15:40:22 -07:00
Renuka Manavalan
e73f86dbd6 Merge remote-tracking branch 'upstream/master' 2019-04-01 20:34:26 +00:00
lguohan
b73f9a5b1d
[swss]: update swss docker to stretch (#2714)
* [swss]: update swss docker to stretch

sonic-swss update:

* aa92326 2019-03-29 | fix c++ 11 build complaint for destructors default to noexcept (#822) (HEAD, origin/master, origin/HEAD) [lguohan]
* a304007 2019-03-28 | Allow ACL entry creation without ACL counter (#818) [Wenda Ni]
* 60a8a0d 2019-03-28 | [orchagent]: Cast enum class variable to int (#819) (HEAD, origin/master, origin/HEAD) [Shuotian Cheng]
* 3dd37a4 2019-03-26 | [vnetorch]: Add VNET/tunnel/route removal flows for Bitmap VNET implementation (#816) [Volodymyr Samotiy]
* a937f92 2019-03-22 | [VS]: fix occasional test_fdb_notifications vs test failure (#813) [Jipan Yang]
* ea54825 2019-03-21 | [portsorch] Fix inconsistent return value in bindAclTable (#791) [yorke]
* 5984e3a 2019-03-07 | Fix orchagent SEGV when PortConfigDone not set (#803) [Ramesh Santhanakrishnan]

Signed-off-by: Guohan Lu <gulv@microsoft.com>
2019-03-30 11:57:25 -07:00
Qi Luo
9c83b5480d
[security] Do not generate ssh server keys for non RSA protocols (#2718) 2019-03-29 15:27:33 -07:00
Ying Xie
9d6bac567b [build] force Linux to drop cache before calling kvm (#2717)
* [vm build] force Linux to drop cache before calling kvm

KVM need to allocate 2G memory for this build. The system memory might
be occupied by cache at the moment and doesn't have 2G chunk to give
out. Forcing Kernel to drop cache to boost the chance of getting 2G
memory.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>

* [make] add option to enable/disable VS build memory preparation

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-03-29 15:25:17 -07:00
Qi Luo
6a9491b55c [submodule]: Update submodule sonic-snmpagent: Remove verbose feature missing logs (#2719)
Signed-off-by: Qi Luo <qiluo-msft@users.noreply.github.com>
2019-03-29 02:58:35 -07:00
Ying Xie
80d65943eb
[teamd] retry creating team_port after interface info changed (#2699)
Race condition has been noticed after warm reboot: sometimes when
port_changed notification was received, the link message didn't
have the device name. Without device name, creating team port
would fail.

Registering to the interface information change notification, so
later when device name becomes available, retry creating team port.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-03-28 09:57:06 -07:00