Commit Graph

390 Commits

Author SHA1 Message Date
Wenda Ni
8788f4f783 cherry-picking diff between #3628 and #3561
Revert "Configure buffer profile to all ports (#3561)" (#3628)
Configure buffer profile to all ports (#3561)

This reverts commit 8861cbe98e.

Signed-off-by: Wenda Ni <wenni@microsoft.com>
2019-11-08 03:12:59 +00:00
Neetha John
6d23e4c8d7 [pfcwd]: Do not start pfc watchdog on Management Tor (#3719)
Signed-off-by: Neetha John <nejo@microsoft.com>
2019-11-07 21:41:32 +00:00
lguohan
9167f9da46 [aboot]: preserve snmp.yml and acl.json for eos to sonic fast reboot (#3716) 2019-11-07 21:40:20 +00:00
Wenda Ni
0ea82d8735 Fix syntax error for qos_config template (#3619)
Signed-off-by: Wenda Ni <wenni@microsoft.com>
2019-11-07 00:22:50 +00:00
Wenda Ni
f616cec7f4 Adopt per-port buffer and qos profile (#3542)
Signed-off-by: Wenda Ni <wenni@microsoft.com>
2019-11-07 00:21:52 +00:00
lguohan
d16dbbb1d3
[bgp]: start bgp service after interfaces-config service (#3702)
interfaces-config service configures lo address. If bgp service
starts before lo address is configured, then following config
in zebra will not be applied.

route-map RM_SET_SRC permit 10
 set src 10.1.0.32

The adds a few seconds delay in bgp service start
2019-11-04 22:09:00 -08:00
Ying Xie
f764a167ac [hostname-config] improve hostname-config process (#3676)
We noticed in tests/production that there is a low probability failure
where /etc/hosts could have some garbage characters before the entry for
local host name. The consequence is that all sudo command would be very
slow. In extreme cases it would prevent some services from starting
properly.

I suspect that the /etc/hosts file might be opened by some process causing
the issue. Editing contents with new file level and replace the whole file
should be safer.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-10-29 15:42:23 +00:00
Prabhu Sreenivasan
ff137a8e56 [baseimage]: Avoid removing localhost entry from /etc/hosts file (#2452)
- What I did
This fix removes the possibility of 'localhost' entry getting removed from /etc/hosts file by hostname-config service.

Without this change, whenever we change the hostname from 'localhost' to any other name on the config_db.json and reload the config, /etc/hosts file will only have the new hostname on it. But there are multiple sonic utilities (eg: swssconfig) which relies on the hard coded 'localhost' name and they tend to stop working.

- How I did it
Added a new check on hostname-config.sh script to avid blindly deleting the line containing the old hostname from /etc/hosts file. Now it will delete the old hostname only if its not localhost or when the hostname is not changing.

- How to verify it

Bring up SONiC on a device with hostname as localhost
Edit /etc/sonic/config_db.json to update the 'hostname' filed under DEVICE_METADATA from "hostname" : "localhost" --> "hostname" : "sonic"
run config reload -y to reflect the hostname change done on config_db.json file.
cat /etc/hosts and check whether both 127.0.0.1 localhost and 127.0.0.1 sonic entry are present on the file.
ping localhost should work fine.
- Description for the changelog
Make hostname-config service more robust in handling SONiC hostname change from localhost to anything else.
2019-10-29 15:42:04 +00:00
Danny Allen
818ab7fdaa [core_cleanup] Fix issue where core_cleanup job runs too frequently (#3659)
Signed-off-by: Danny Allen <daall@microsoft.com>
2019-10-24 17:04:16 +00:00
Ying Xie
c7a096b6b9
[201811][ntp] removed undefined filter (#3594)
pfx_filter is not defined in 201811 branch.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-10-11 19:46:14 -07:00
Nazarii Hnydyn
41ce07e75c [mellanox]: Add CPLD update for SN2700 (#3570)
* [mellanox]: Add CPLD update for SN2700.

Signed-off-by: Nazarii Hnydyn <nazariig@mellanox.com>
2019-10-09 17:36:45 -07:00
pavel-shirshov
53ec9124bc [ntp]: Use loopback address when we don't have MGMT interface (#3566)
Added configuration to use Loopback ip if a switch doesn't have MGMT_PORT.
2019-10-07 16:56:00 +00:00
Ying Xie
37b78826ee [updategraph] enhance update graph handling (#3549)
- after reloading minigraph, write latest version string in the DB.
- if old config_db.json file exists, use it and migrate to latest version.
- only reload minigraph when config_db.json doesn't exist and minigraph
  exists.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-10-02 21:04:39 +00:00
Ying Xie
e4f8a3946c [first boot] sync file system after moving/copying files (#3550)
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-10-02 21:04:39 +00:00
Renuka Manavalan
0493b6274e
Map /src & /debug for debug docker containers (#3470)
* Add debug docker for SNMP.

* Removed a redundant install of debug packages.
Propagate the debug flag to template file to mount /dbg & /src to debug containers.

* Revert the last change to retain the original
2019-09-19 09:09:25 -07:00
Prince Sunny
4ef5ce74e4 Install Iptables rules to set TCPMSS for 'lo' interface (#3452)
* Install Iptables rules to set TCPMSS for lo interface
* Moved implementation to hostcfgd to maintain at one place
2019-09-19 01:08:44 +00:00
Danny Allen
ba77de12ac [cron.d] Add cron job to periodically clean-up core files (#3449)
* [cron.d] Create cron job to periodically clean-up core files
* Create script to scan /var/core and clean-up older core files
* Create cron job to run clean-up script

Signed-off-by: Danny Allen <daall@microsoft.com>

* Update interval for running cron job

* Respond to feedback

* Change syslog id
2019-09-13 17:52:10 +00:00
lguohan
87cb1e307e [baseimage]: fix monit configuration (#3448)
- monit config broke by one monit upgrade
- abandon sed approach since it is suspestible to monit config changes
- use unixsocket instead of httpd due to a bug in 5.20.0
2019-09-13 06:08:30 +00:00
sridhar-ravindran
d4758afdde [DELL] S6100 Add PowerCycle Support for Last Reset Reason (#3402)
* [DELL] S6100 Add PowerCycle Support for Last Reset Reason

* handle first time boot properly

* S6000 Last Reboot Reason Fix
2019-09-09 22:33:32 -07:00
Danny Allen
541208fca2 [build_debian] Include checksum of ASIC config files in SONiC filesystem (#3384)
[build_debian] Generate checksum of ASIC config files

* Adds script to generate checksums for ASIC config files
* Adds step to build_debian that copies ASIC config checksum into SONiC filesystem

Signed-off-by: Danny Allen daall@microsoft.com
2019-09-09 18:53:15 +00:00
Joe LeVeque
aee7d86fc9 [201811] Log message containing SONiC version to syslog at boot (#3417) 2019-09-08 12:33:08 -07:00
pavel-shirshov
b715ec89c4 [Fast-Reboot]: FR mode is active only first 3 minutes after start. (#3352)
* Fast reboot mode should be enabled only 3 minutes after restart

* Advance sonic-quagga submodule
2019-08-21 21:48:33 +00:00
Ying Xie
d821cb84b8 [radv service] radv service should be a cold only dependent of swss (#3348)
radv should be left alone during warm restart of swss. Otherwise it will
announce departure and cause hosts to lose default gateway.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-08-16 19:46:37 +00:00
Ying Xie
2b8eca5ebb [control plane assistant] stop control plane assistant after warm reboot (#3337)
Delay saving configuration so that the control assistant configurations
won't be persisted.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-08-15 20:28:42 +00:00
Renuka Manavalan
b80d60c277 Fix to ensure that tacacs servers are ordered (reverse) by priority in pam.d's config. (#3322)
Present: Servers are listed in the same order as in redis-db
Fix: Save the sort o/p, hence use sorted list to write into pam.d's conf.
     As well convert priority to integer for use by sort.
2019-08-14 21:20:01 +00:00
Ying Xie
a41d9a5d3f [service dependent] describe non-warm-reboot dependency outside systemd (#3311)
* [service dependent] describe non-warm-reboot dependency outside systemctl

When dependency was described with systemctl, it will kick in all the time,
including under warm reboot/restart scenarios. This is not what we always
want. For components that are capable of warm reboot/start, they need to
describe dependency in service files.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>

* [service] teamd service should not require swss service

Adding require swss will cause teamd to be killed by systemctl when swss
stops. This is not what we want in warm reboot.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>

* refactoring code

* rename functions to match other functions in the file
2019-08-08 22:46:06 +00:00
lguohan
36c9d99434 [build]: enable docker in ram option for small disk device (#3279)
when device disk is small, do not unzip dockerfs.tar.gz on disk.
keep the tar file on the disk, unzip to tmpfs in the initrd phase.

enabled this for 7050-qx32

Signed-off-by: Guohan Lu <gulv@microsoft.com>
2019-08-07 06:07:46 +00:00
Joe LeVeque
da57e8db36 Revert back to 'import sonic_platform' (#3249) 2019-07-31 16:44:17 -07:00
Joe LeVeque
29bbd86862
[services] Restart SwSS service upon unexpected critical process exit (#2845) (#2852) 2019-07-29 18:10:26 -07:00
Ying Xie
7cf90ec441 [warm reboot] save configuration after warm reboot (#3200)
* [warm reboot] save configuration after warm reboot

After warm reboot, save a copy of in memory database to config_db.json,
upgrade procedure might have removed config_db.json to force new image
to reload minigraph. However, reload minigraph is skipped during warm
reboot. Missing config_db.json would cause device to fault in next
non-upgrading cold/fast reboot.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>

* Update finalize-warmboot.sh
2019-07-24 17:45:07 +00:00
Stephen Sun
7a9d04ee73 [Mellanox] Backporting reboot cause to 201811 (#3198)
* backport new platform api to 201811, reboot cause part

* install new platform api on host

* 1. remove chassis's dependency on sonic_platform_daemon.
2. add some mellanox-specific hardware reboot causes.
3. fix typo in files/image_config/process-reboot-cause/process-reboot-cause.

* 1. add dependency of sonic_platform for base image
2. handle the case of reboot cause file not found

* adjust log message.
2019-07-23 07:05:35 -07:00
Ying Xie
f1478818a1 Revert "[database] save configuration after DB migration (#3143)" (#3199)
This reverts commit b5a4527cb0.
2019-07-23 01:59:46 +00:00
zzhiyuan
0869fd3925 [baseimage]: Fix process-reboot-cause possibly throwing OSError (#3159)
In case of going from previous iteration of SONiC, and the last reboot
was hardware, REBOOT_CAUSE_FILE may not be present and the service may
throw an error.
2019-07-16 21:38:46 +00:00
lguohan
094f7ed9e0
Merge pull request #3015 : add kvm image support for all skus
[kvm]: add kvm image support for all skus
2019-07-16 08:26:29 -07:00
Ying Xie
a79dd716c4 [database] save configuration after DB migration (#3143)
- Make sure that migrated DB contents persisted for next boot
- Make sure that db saved after warm reboot.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-07-16 03:54:14 +00:00
lguohan
6b42f753c6 [vs]: Force10-S6000 buffer settings for virtual switch (#2515)
Signed-off-by: Guohan Lu <gulv@microsoft.com>
2019-07-13 19:49:50 +00:00
Joe LeVeque
c3932e501b [process-reboot-cause] Handle case if platform does not yet have sonic_platform implementation (#3126) 2019-07-10 23:06:43 +00:00
Stepan Blyshchak
4b5abd048b [swss.sh]: Cleanup LAG entries in STATE DB (#3114)
Signed-off-by: Stepan Blyschak <stepanb@mellanox.com>
2019-07-10 23:04:33 +00:00
Joe LeVeque
1115c8431d [reboot-cause]: Move reboot cause processing to its own service, 'process-reboot-cause' (#3102) 2019-07-10 23:02:57 +00:00
Stepan Blyshchak
c932302892 fix fast reboot compatibility (#3083)
* fix fast reboot compatibility

We should handle both cases for backward-compatible with 201803:
 - fast-reboot
 - SONIC_BOOT_TYPE=fast-reboot

* handle review comments
* add a comment that getBootType code snippet is shared between two files
2019-07-10 22:53:47 +00:00
Qi Luo
588c687a27
[fast-reboot] fix fast reboot compatibility (#3083) and advance sai-redis/201811 point (#3089)
* fix fast reboot compatibility (#3083) and advance sai-redis/201811 point
* Repoint the submodule
2019-06-26 22:02:21 -07:00
Qi Luo
0ea679e297
[submodule] update sonic-linux-kernel (#3038)
* [submodule] update sonic-linux-kernel (#2985)
* Fix many version strings
* Update minor version
* Update arista-drivers submodule (#9)
* Rebuild SDK on new kernel (#10)
2019-06-20 21:21:36 -07:00
Joe LeVeque
02fc1306b0 [baseimage]: Increase TMOUT for serial port connections to 15 minutes (#3032)
Increase TMOUT value in order to close inactive serial console connections after 900 seconds (15 minutes) of inactivity
2019-06-19 19:07:36 +00:00
Joe LeVeque
8ae67c4c5d [logrotate] Enhance robustness (#2942)
* [logrotate] Decrease frequency to every 10 minutes; kill any lingering logrotate processes

* [logrotate] Delete all *.1.gz files as firstaction; Remove note about init-system-helpers < 1.47 workaround

However, continue to send SIGHUP directly to rsyslogd process
because 'service rsyslog rotate' still doesn't work properly with
init-system-helpers version 1.48
2019-05-29 00:53:13 +00:00
Stepan Blyshchak
fae35536c3 [swss.sh] flush FDB table during cold start (#2933)
Signed-off-by: Stepan Blyschak <stepanb@mellanox.com>
2019-05-29 00:51:09 +00:00
Ying Xie
5975a9c25b [updategraph] set DB version after minigraph reload (#2917)
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-05-20 19:05:29 +00:00
Renuka Manavalan
238db1e06a [tacacs]: skip accessing tacacs servers for local non-tacacs users (#2843)
* Switch the nss look up order as "compat" followed by "tacplus".
This helps use the legacy passwd file for user info and go to tacacs only if not found.
This means, we never contact tacacs for local users like "admin".
This isolates local users from any issues with tacacs servers.
W/o this fix, the sudo commands by local users could take <count of servers> * <tacacs timeout> seconds, if the tacacs servers are unreachable.

* Skip tacacs server access for local non-tacacs users.
Revert the order of 'compat tacplus' to original 'tacplus compat' as tacplus
access is required for all tacacs users, who also get created locally.
2019-05-20 18:59:26 +00:00
Ying Xie
dc2fb747a5 [ebtables] install ebtables in base image and install filter rules
- Add ebtables package, and install some filter rules:
  1. ebtables -A FORWARD -d BGA -j DROP
  2. ebtables -A FORWARD -p ARP -j DROP

Basically, we let the ARP packets in the VLAN being forwarded by the ASIC,
kernel gets a copy of these ARP packets and the forwarding from Kenerl gets
dropped. So there is always only one copy of ARP/response in the VLAN.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-05-06 22:13:03 +00:00
Joe LeVeque
cc90d7f5ee [sudoers] Add /usr/bin/teamshow to READ_ONLY_CMDS (#2846) 2019-05-01 15:51:13 +00:00
Ying Xie
3b02eec933 [db migrator] migrate the DB to latest schema when needed (#2808)
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-04-30 23:43:52 +00:00