Commit Graph

27 Commits

Author SHA1 Message Date
Ye Jianquan
5204bfb5e5
Revert "Remove privileged flag for database and snmp docker (#13783)" (#16210)
This reverts commit cf72683f12.
2023-08-19 21:03:42 +03:00
Andriy Dobush
cf72683f12
Remove privileged flag for database and snmp docker (#13783)
#### Why I did it
Reduce docker privilege 
This is part of HLD https://github.com/sonic-net/SONiC/pull/1364

#### How I did it
Remove flag --privileged
#### How to verify it
docker exec -it database bash
root@0048b82b460b:/# ip link add dummy0 type dummy
RTNETLINK answers: Operation not permitted
2023-08-15 11:18:50 -07:00
nmoray
f978b2bb53
Timezone sync issue between the host and containers (#14000)
#### Why I did it
To fix the timezone sync issue between the containers and the host. If a certain timezone has been configured on the host (SONIC) then the expectation is to reflect the same across all the containers.

This will fix [Issue:13046](https://github.com/sonic-net/sonic-buildimage/issues/13046).

For instance, a PST timezone has been set on the host and if the user checks the link flap logs (inside the FRR), it shows the UTC timestamp. Ideally, it should be PST.
2023-06-25 16:36:09 -07:00
Hua Liu
96954f0134
[swsscommon] Add c++ version sonic-db-cli from sonic-swss-common (#10825)
#### Why I did it
    Fix sonic-db-cli high CPU usage on SONiC startup issue: https://github.com/Azure/sonic-buildimage/issues/10218
    ETA of this issue will be 2022/05/31

#### How I did it
    Re-write sonic-cli with c++ in sonic-swss-common: https://github.com/Azure/sonic-swss-common/pull/607
    Modify swss-common rules and slave.mk to install c++ version sonic-db-cli.
    

#### How to verify it
    Pass all E2E test scenario.

#### Which release branch to backport (provide reason below if selected)

<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106
- [ ] 202111

#### Description for the changelog
    Build and install c++ version sonic-db-cli from swss-common.

#### Link to config_db schema for YANG module changes
<!--
Provide a link to config_db schema for the table for which YANG model
is defined
Link should point to correct section on https://github.com/Azure/SONiC/wiki/Configuration.
-->

#### A picture of a cute animal (not mandatory but encouraged)
2022-06-01 08:05:53 +08:00
Jason Lyu
b023c29a1e
[redis] Upgrade redis version (#9757)
#### Why I did it

The current redis version of SONiC is `6.0.6`, which contains many high-risky security issues like CVEs that are fixed in the latest version. The Redis release notes also highly recommend to upgrade with SECURITY urgency.

```
================================================================================
Redis 6.0.16 Released Mon Oct 4 12:00:00 IDT 2021
================================================================================

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:
* (CVE-2021-41099) Integer to heap buffer overflow handling certain string
  commands and network payloads, when proto-max-bulk-len is manually configured
  to a non-default, very large value [reported by yiyuaner].
* (CVE-2021-32762) Integer to heap buffer overflow issue in redis-cli and
  redis-sentinel parsing large multi-bulk replies on some older and less common
  platforms [reported by Microsoft Vulnerability Research].
* (CVE-2021-32687) Integer to heap buffer overflow with intsets, when
  set-max-intset-entries is manually configured to a non-default, very large
  value [reported by Pawel Wieczorkiewicz, AWS].
* (CVE-2021-32675) Denial Of Service when processing RESP request payloads with
  a large number of elements on many connections.
* (CVE-2021-32672) Random heap reading issue with Lua Debugger [reported by
  Meir Shpilraien].
* (CVE-2021-32628) Integer to heap buffer overflow handling ziplist-encoded
  data types, when configuring a large, non-default value for
  hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries
  or zset-max-ziplist-value [reported by sundb].
* (CVE-2021-32627) Integer to heap buffer overflow issue with streams, when
  configuring a non-default, large value for proto-max-bulk-len and
  client-query-buffer-limit [reported by sundb].
* (CVE-2021-32626) Specially crafted Lua scripts may result with Heap buffer
  overflow [reported by Meir Shpilraien].

Other bug fixes:
* Fix appendfsync to always guarantee fsync before reply, on MacOS and FreeBSD (kqueue) (#9416)
* Fix the wrong mis-detection of sync_file_range system call, affecting performance (#9371)
* Fix replication issues when repl-diskless-load is used (#9280)
```

#### How I did it

Edit `Dockerfile.j2` file

#### How to verify it

Check redis version

#### Description for the changelog
This PR will upgrade redis-server version to `6.0.16`.
2022-02-15 16:43:01 -08:00
Saikrishna Arcot
6105684b9e Add infra to support building Bullseye base image with Buster containers
All docker containers will be built as Buster containers, from a Buster
slave. The base image and remaining packages that are installed onto the
host system will be built for Bullseye, from a Bullseye slave.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2021-11-10 15:27:22 -08:00
yozhao101
1a3cab43ac
[Monit] Deprecate the feature of monitoring the critical processes by Monit (#7676)
Signed-off-by: Yong Zhao yozhao@microsoft.com

Why I did it
Currently we leveraged the Supervisor to monitor the running status of critical processes in each container and it is more reliable and flexible than doing the monitoring by Monit. So we removed the functionality of monitoring the critical processes by Monit.

How I did it
I removed the script process_checker and corresponding Monit configuration entries of critical processes.

How to verify it
I verified this on the device str-7260cx3-acs-1.
2021-06-04 10:16:53 -07:00
Stepan Blyshchak
cd2c86eab6
[dockers] label SONiC Docker with manifest (#5939)
Signed-off-by: Stepan Blyschak stepanb@nvidia.com

This PR is part of SONiC Application Extension

Depends on #5938

- Why I did it
To provide an infrastructure change in order to support SONiC Application Extension feature.

- How I did it
Label every installable SONiC Docker with a minimal required manifest and auto-generate packages.json file based on
installed SONiC images.

- How to verify it
Build an image, execute the following command:

admin@sonic:~$ docker inspect docker-snmp:1.0.0 | jq '.[0].Config.Labels["com.azure.sonic.manifest"]' -r | jq
Cat /var/lib/sonic-package-manager/packages.json file to verify all dockers are listed there.
2021-04-26 13:51:50 -07:00
BrynXu
a2e3d2fcea
[ChassisDB]: bring up ChassisDB service (#5283)
bring up chassisdb service on sonic switch according to the design in
Distributed Forwarding in VoQ Arch HLD

Signed-off-by: Honggang Xu <hxu@arista.com>

**- Why I did it**
To bring up new ChassisDB service in sonic as designed in ['Distributed forwarding in a VOQ architecture HLD' ](90c1289eaf/doc/chassis/architecture.md). 

**- How I did it**
Implement the section 2.3.1 Global DB Organization of the VOQ architecture HLD.

**- How to verify it**
ChassisDB service won't start without chassisdb.conf file on the existing platforms.
ChassisDB service is accessible with global.conf file in the distributed arichitecture.

Signed-off-by: Honggang Xu <hxu@arista.com>
2020-10-14 15:15:24 -07:00
abdosi
fc6bcff52b [sonic-buildimage] Changes to make network specific sysctl common for both host and docker namespace (#4838)
* [sonic-buildimage] Changes to make network specific sysctl
common for both host and docker namespace (in multi-npu).

This change is triggered with issue found in multi-npu platforms
where in docker namespace
net.ipv6.conf.all.forwarding was 0 (should be 1) because of
which RS/RA message were triggered and link-local router were learnt.

Beside this there were some other sysctl.net.ipv6* params whose value
in docker namespace is not same as host namespace.

So to make we are always in sync in host and docker namespace
created common file that list all sysctl.net.* params and used
both by host and docker namespace. Any change will get applied
to both namespace.

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

* Address Review Comments and made sure to invoke augtool
only one and do string concatenation of all set commands

* Address Review Comments.
2020-07-12 18:08:51 +00:00
Qi Luo
6849a0351c
[redis] Install vanilla redis packages for Buster and Stretch; upgrade Buster to 6.0.5 (#4732)
upgrade redis server to 5:6.0.5-1~bpo10+1
2020-06-27 01:17:20 -07:00
joyas-joseph
cae67728f5
[docker-database]: Upgrade docker-database to buster (#4665)
Signed-off-by: Joyas Joseph <joyas_joseph@dell.com>
2020-05-29 03:29:49 -07:00
yozhao101
729f343f77
[Services] Restart database service upon unexpected critical process exit. (#4138)
* [database] Implement the auto-restart feature for database container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [database] Remove the duplicate dependency in service files. Since we
already have updategraph ---> config_setup ---> database, we do not need
explicitly add database.service in all other container service files.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [event listener] Reorganize the line 73 in event listener script.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [database] update the file sflow.service.j2 to remove the duplicate
dependency.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [event listener] Add comments in event listener.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [event listener] Update the comments in line 56.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [event listener] Add parentheses for if statement in line 76 in event listener.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>
2020-02-11 14:03:02 -08:00
SuvarnaMeenakshi
c9483796dc [baseimage]: support building multi-asic component (#3856)
- move single instance services into their own folder
- generate Systemd templates for any multi-instance service files in slave.mk
- detect single or multi-instance platform in systemd-sonic-generator based on asic.conf platform specific file.
- update container hostname after creation instead of during creation (docker_image_ctl)
- run Docker containers in a network namespace if specified
- add a service to create a simulated multi-ASIC topology on the virtual switch platform

Signed-off-by: Lawrence Lee <t-lale@microsoft.com>
Signed-off-by: Suvarna Meenakshi <Suvarna.Meenaksh@microsoft.com>
2020-01-26 13:56:42 -08:00
yozhao101
b7e48b422f [Services] Allow monit system tool to monitor the critical processes status running in various SONiC containers. (#3940)
* Add a monit config file for teamd container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* Add a copy mechanism to put the monit config file in teamd container
into base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* Add a monit config file for snmp container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* Add a copy mechanism to put the monit config file of snmp container into
the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* Add a monit config file for dhcp_relay container in the dir
base_image_files.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* Add a copy mechanism to put the monit config file of dhcp_relay
container into base image under /etc/monit/conf.d.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* Add a monit config file for router advertiser container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* Add a copy mechanism to put the monit config file of router advertiser
contianer into base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-Pmon] Add a monit config file for pmon container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-Pmon] Add a copy mechanism to put the monit config file into the
base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-lldp] Add a monit config file for lldp container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-lldp] Add a copy mechanism to put the monit config file into the
base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-bgp] Add a monit config file for BGP container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-bgp] Add a copy mechanism to put monit config file into the base
image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-swss] Add a monit config file for the swss container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-swss] Add a copy mechanism to put monit config file into the
base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a monit config file for syncd container on barefoot
platform.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a copy mechanism to put the monit config file into
the base image on barefoot.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a monit config file for syncd container on broadcom.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a copy mechanism to put the monit config file into
the base image on broadcom.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a monit config file for syncd container on cavium.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a copy mechanism to put the monit config file into
the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-centec] Add a monit config file for syncd container on centen
platform.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a copy mechanism to put the monit config file into
the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a monit config file for syncd container on centen
platform.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a copy mechanism to put the monit config file into
the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a monit config file for syncd container on marvell.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a copy mechanism to put the monit conifg file into
the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a monit config file for syncd container on
marvell-arm64.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a copy mechanism to put the monit config file into
the base image on marvell-arm64.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a monit config file for syncd container on
marvell-armhf.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a copy mechanism to put the monit config file into
the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a monit config file for syncd container on mellanox.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a copy mechanism to put the monit config file into
the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a monit config file for syncd container on nephos.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Add a copy mechanism to put the monit config file into
the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-sflow] Add a monit config file for sflow container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-sflow] Add a copy mechanism to put the monit conifg file into
the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-telemetry] Add a monit config file for telemetry container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-telemetry] Add a copy mechanism to put the monit config file
into the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-database] Add a monit config file for database container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-database] Add a copy mechanism to put the monit config file into
the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-Dhcprelay] Change a typo.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-Dhcprelay] Change the process name in monit config file to
dhcrelay.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] There is no desserve process in syncd container on
barefoot.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] There is no process desserve in syncd container on
cavium.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] There is no process named desserve in syncd on centec.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] There is no process named desserve in syncd on marvell.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Should not delete the process desserve in syncd container
on marvell.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Delete the process dsserve in syncd on marvell.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Delete the process dsserve in syncd container on
marvell-arm64.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Delete the process dsserve in syncd container on
marvell-armhf.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Delete the process dsserve in syncd container on
mellanox.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-Radv] Change the process name to radvd.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-telemetry] Correct a typo in monit_telemetry.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-teamd] Delete the monit config file for teamd.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-teamd] Delete the mechanism to copy the monit config file into
base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-dhcprelay] Delete the monit config file for dhcp_relay
container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-dhcprelay] Delete the mechanism to copy the monit config file
into the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-radv] Delete the monit config file foe radv container.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-radv] Delete the mechanism to copy the monit config file into
the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-bgp] change the monit config file for BGP container such that
monit only generates alert if the process is not running for 5 minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-snmp] Change the monit config file for snmp container such that
monit only generates alret if the process is not running for 5 minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-pmon] Change the monit config file for pmon container such that
monit only generates alert if the processes are not running for 5
minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-lldp] Change the monit config file for lldp container such that
monit only generates alerts if some processes are not running for 5
minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-pmon] Delete the monit config file for pmon container since some
of processes are not running depended on the type of box.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-pmon] Delete the copy mechanism to copy the monit config file
into the base image.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-lldp] Change the matching name for the process lldpd.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-swss] Change the monit config file for swss container such that
monit only generates alerts if the processes are not running for 5
minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Change the monit config file for syncd container on
barefoot such that monit only generates alerts if the process is not
running for 5 minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Correct a typo in monit config file.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Change the monit config file for syncd container on
broadcom such that monit only generates alerts if the processes are not
running for 5 minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Change the monit config file for syncd container on
cavium such that monit only generates alerts if the process is not
running for 5 minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Change the monit config file for syncd container such
that monit only generates alerts if the process is not running for 5
minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Change the monit config file for syncd container on
marvell such that monit only generates alerts if the process is not
running for 5 minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Change the monit config file for syncd container on
marvell-arm64 such that monit only generates alerts if the process is
not running for 5 minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Change the monit config file for syncd container on
marvell-armhf such that monit will generate alert if the process is not
running for 5 minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Change the monit config file for syncd container on
mellanox such that monit only generates alerts if the process is not
running for 5 minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-sycnd] Change the monit config file for syncd container such
that monit only generates alerts if the processes are not running for 5
minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-sflow] Change the monit config file for sflow container such
that monit only generates alerts if the process is not running for 5
minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-telemetry] Change the monit config file for telemetry container
such that monit only generates alerts if the processes are not running
for 5 minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-database] Change the monit config file for database container
such that monit only generates alerts if the process is not running for
5 minutes.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-database] Use 4 spaces to replace 2 spaces in monit config file.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-bgp] Use 4 spcess to replace 2 spaces in monit config file.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-lldp] Use 4 spaces to replace 2 spaces in monit config file.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-swss] Use 4 spaces to replace 2 space in monit config file.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-sflow] Use 4 spaces to replace 2 spaces in monit config file.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-snmp] Use 4 spaces to replace 2 spaces in monit config file.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-telemetry] Use 4 spaces to replace 2 spaces in monit config
file.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Use 4 spaces to replace 2 spaces in the monit config file
on barefoot.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Use 4 spaces to replace 2 spaces in the monit config file
on broadcom.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Use 4 spaces to replace 2 spaces in the monit config file
on cavium.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Use 4 spaces to replace 2 spaces in the monit config file
on centec.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Use 4 spaces to replace 2 spaces in the monit config file
on marvell.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Use 4 spaces to replace 2 spaces in the monit config file
on mellanox.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-syncd] Use 4 spaces to repalce 2 spaces in the monit config file
on nephos.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>

* [Docker-bgp] Remove the trailing extra spaces in monit config file.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>
2020-01-10 16:21:02 -08:00
lguohan
cf063bd3af
[redis]: build redis-tools-dbgsym instead of redis-server-dbgsym (#3125)
redis-server-dbgsym is not available since redis server 4
2019-07-05 11:00:01 -07:00
Renuka Manavalan
76bf5a0bc4 [build]: Added debug symbols to many debug dockers. (#3098)
* Added debug symbols to many debug dockers.

* For debug images *only*:
1) Archive source files into debug image
2) Archived source is copied into /src
3) Created an empty dir /debug
4) Mount both /src as ro & /debug as rw into every docker
5) Login banner will give some details on /src & /debug
6) Devs can copy core file into /debug and view it from inside a container.
7) Dev may create all gdb logs and other data directly into /debug.

* Dropped redundant REDIS_TOOLS per review comments.

* Added debug symbols to frr package and hence FRR based BGP docker.

* 1) Moved dbg_files.sh to scripts/
2) Src directories to archive are now collected from individual Makefiles.
3) Added few more debug symbols
4) Added few more debug dockers.

Here after no more changes except per review comments.

To debug:
Install required version of debug image in Switch or VM.
Copy core file into /debug of host
Get into Docker
gdb /usr/bin/<daemon> -c /debug/<your core file>
set directory /src/... <-- inside gdb to get the source

For non-in-depth debugging:

Download corresponding debug Docker image (docker-...-dbg.gz) to your VM
Load the image
Run image with entrypoint as 'bash' with dir containing core mapped in.
Run gdb on the core.
2019-07-03 22:13:55 -07:00
Renuka Manavalan
ba0ca01ee0 [build]: Makefile: Extend to build debug docker images for all stretch dockers (#2789)
Overall goal: Build debug images for every stretch docker.

An earlier PR (#2789) made the first cut, by transforming broadcom/orchagent to build target/docker-orhagent-dbg.gz.

Changes in this PR:

Made docker-orchagent build to be platform independent.
1.1) Created rules/docker_orchagent.mk
1.2) Removed platform//docker-orchagent-*.mk
1.3) Removed the corresponding entry from platform//rules.mk

Extended the debug docker image build to stretch based syncd dockers.
2.1) For now, only mellanox & barefoot are stretch based.
2.2) All the common variable definitions are put in one place platform/template/docker-syncd-base.mk
2.3) platform/[mellanox, bfn]/docker-syncd-[mlnx, bfn].mk are updated as detailed below.
2.3.1) Set platform code and include template base file
2.3.2) Add the dependencies & debug dependencies and any update over what base template offers.

Extended all stretch based non-platform dockers to build debug dockers too.
3.1) Affected are:
docker-database.mk,
docker-platform-monitor.mk,
docker-router-advertiser.mk,
docker-teamd.mk,
docker-telemetry.mk

Next: Build debug flavor of final images with regular dockers replaced with debug dockers where available.
2019-04-19 18:49:21 -07:00
Jipan Yang
7b81d4ddd6 [dockers]: Upgrade database and telemetry docker to stretch build (#2541)
* Upgrade database and telemetry docker to stretch build

Signed-off-by: Jipan Yang <jipan.yang@alibaba-inc.com>

* Remove SONIC_STRETCH_DEBS list add for redis and telemetry

Signed-off-by: Jipan Yang <jipan.yang@alibaba-inc.com>
2019-02-08 22:05:38 -08:00
Qi Luo
c2ae736f2e [warmboot] Load database from redis-cli save (#2287)
* [warmboot] Load database from `redis-cli save`

Signed-off-by: Qi Luo <qiluo-msft@users.noreply.github.com>

* Add trivial statement to make bash function valid

Signed-off-by: Qi Luo <qiluo-msft@users.noreply.github.com>

* Update submodule sonic-utilities: Use 'redis-cli save' to dump database to file

Signed-off-by: Qi Luo <qiluo-msft@users.noreply.github.com>

* Move configdb-load.sh outside docker, and only run in cold

Signed-off-by: Qi Luo <qiluo-msft@users.noreply.github.com>

* Fix for more strict warm check

Signed-off-by: Qi Luo <qiluo-msft@users.noreply.github.com>
2018-11-22 15:13:35 -08:00
Joe LeVeque
832be7b8f4
[dockers] Prevent apt-get from installing suggested and recommended packages by default (#1666)
* [docker-base] Instruct apt-get to NOT install 'recommended' or 'suggested' packages

* Modify docker-fpm-quagga, docker-snmp-sv2 and docker-sonic-vs Dockerfile templates in order to properly install .deb dependencies

* REDIS_SERVER depends on REDIS_TOOLS; ensure REDIS_TOOLS is always installed before REDIS_SERVER
2018-05-02 11:46:21 -07:00
lguohan
b907e4e9f5
[vs]: add vlan configuration support in virtual switch (#1200) 2017-11-30 14:59:25 -08:00
Taoyu Li
b6efe438b5 Introduce ConfigDB (#808)
* [cfggen] Support reading from and writing to configdb
* [bgp] Move bgp_admin_state to configdb, support dynamic admin state change
* [sonic-utilities] Adapt configDB for admin status, support config save and config load
2017-08-01 19:02:00 -07:00
Shuotian Cheng
e2cc409f8a [database]: Mount /var/run/redis/ folder from host for all dockers (#418)
- Create /var/run/redis/ folder on the host
- Install Python client for Redis on the host
- Mount /var/run/redis/ as read/write from host for all dockers
- Enable accessing the database everywhere including on the host and from remote

Signed-off-by: Shuotian Cheng <shuche@microsoft.com>
2017-03-23 12:18:52 -07:00
Joe LeVeque
5dafa907b2 [dockers]: Add base image files to syncd-brcm, database and teamd (#380) 2017-03-06 12:22:42 -08:00
Oleksandr Ivantsiv
34ea91349c one image implementation (#215)
* Single image

* Fix review comments

* Update syncd service. Add HW mgmt to Mellanox single image.

* Add single image template for Broadcom platform.

SKU should be provided during configure:
make configure PLATFORM=broadcom SKU=Force10-S6000

* Add single image template for Cavium platform.

SKU should be provided during configure:
make configure PLATFORM=cavium SKU=AS7512

* Add description to sonic_debian_extension.j2 file.
2017-01-29 11:33:33 -08:00
Marian Pritsak
e9098b99fb Build improvements (#80)
* Build improvements

Fix dependencies
Add configuration options
Automatically build sonic-slave

* Set default number of jobs to 1

* Auto generate target/debs directory

Signed-off-by: marian-pritsak <marianp@mellanox.com>

* Automatically remove sonic-slave container after exit

* Silence clean-logs

* Add SONIC_CLEAN_TARGETS to clean

* Use second expansion for clean dependencies

* Avoid creating empty log files

Remove log file on flush instead of writing empty string

* Put dpkg install inside lock

Use same lock as debian install targets do to avoid
race condition in dpkg installation

* Remove redirect to log from docker save

* Add .platform dependency to all and clean targets

* Remove header and footer from clean targets

* Disable messages for SONIC_CLEAN_TARGETS

* Exit with error if dpkg-buildpackage fails

* Set new location for debs in build_debian.sh

* Add recipe for docker-database

* Update redis version to 3.2.4

* Add support for p4 platform

* Add recipe for snmpd

* Add slave targets to phony and make all target default

* Remove build.sh from thrift

* Add versioning to team, nl, hiredis and initramfs

* Change sonic-slave to support snmpd build from sources

* Remove src/tenjin

* Add recipe for lldpd

* Add recipe for mpdecimal

* Remove hiredis directory on rebuild

* Add recipe for Mellanox hw management

* Remove generic image from all targets for Mellanox

* Add support for python wheels

* Add lldp and snmp dockers

* Sync docker-database to include libjemalloc

* Fix asyncsnmp variable name

* Change default build configuration

Redirect output to log files by default
Set number of jobs to nproc value
Do not print dependencies
Fix logging to print log of failed job into console

* Use docker inspect to check if sonic-slave image exists

* Use config in slave.mk directly

* Disable color output by default

* Remove sswsdk dependency from lldp and snmp dockers

* Fix comment in py wheels install targets

* Add dependency between two versions of sswsdk

* Add containers to mellanox platform

lldp, snmp and database containers

* Add recipe for team docker

* Add team docker to mellanox platform

* Encrypt password passed to build_debian.sh

* Update mellanox SAI version

Make version and revision setting only in main recipe

* Fix error handling in makefiles

As makefiles use .ONESHELL we should add -e
option to shell options in order to exit after any command fails

* Add recipe for platform monitor image

* Add platfotm monitor to mellanox targets

* Ignore submodules when building base image
2016-12-05 11:12:19 -08:00