Commit Graph

2520 Commits

Author SHA1 Message Date
Renuka Manavalan
2a41e0f96b
[201811] disk_check.py: Change path to /usr/bin (#9074)
The scripts from sonic-utilities are installed into /usr/bin in 201811.
Hence correct path for disk_check.py to /usr/bin/
2021-10-26 18:22:10 -07:00
Saikrishna Arcot
39e351cacc Fix waiting for interfaces to get set up 2021-10-26 08:52:10 -07:00
kellyyeh
3b56c1ad3e fix dhcpv6 relay counter and cpu 2021-10-26 08:52:10 -07:00
kellyyeh
e134f1592e Incorporate dhcp6relay into dhcp_relay docker 2021-10-26 08:52:10 -07:00
kellyyeh
e5b7b8c05e Changed DHCP table name to DHCP_RELAY 2021-10-26 08:52:10 -07:00
kellyyeh
aa8eecb5ed Add DHCPv6 Relay Agent (#8251)
* Added DHCPv6 Relay

* Added DHCPv6 Counter
2021-10-26 08:52:10 -07:00
kellyyeh
27a2222629 Parse DHCP Table 2021-10-26 08:52:10 -07:00
kellyyeh
139a58be49 [201811] Add DHCPv6 minigraph parsing support (#8970)
* Add DHCPv6 minigraph parsing support

Co-authored-by: shlomibitton <60430976+shlomibitton@users.noreply.github.com>

Logrotate for wtmp and btmp files to fix size getting too large. (#8744)

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

[201811][utilities][swss][snmpagent] advance sub module head

snmpagent
* 187aa10 2021-09-16 | [201811][RFC1213]: Initialize lag oid map in reinit_data (#233) (github/201811) [SuvarnaMeenakshi]

swss:
* 3503705 2021-09-05 | [201811][Cherry-pick] [acl mirror action] Mirror session ref count fix at acl rule attachment (#1898) (HEAD -> 201811, github/201811) [bingwang-ms]

utilities:
* f3f8667 2021-10-15 | [201811] disk_check.py: Allow remote user access when disk is read-only (#1873) (HEAD -> 201811, github/201811) [Renuka Manavalan]
* 6b351c9 2021-10-14 | [201811]  Remove exec from platform_reboot_plugin call to handle any hang issue. (#1880) [Sujin Kang]
* d8d0461 2021-07-29 | [minigraph][port_config] Consume port_config.json while reloading minigraph (#1726) [Blueve]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>

[201811] Invoke disk check periodically (#8951)

* Invoke disk check periodically. (#7374)

Why I did it
Helps with periodic scan of disk for RO state.
If found, this script makes transient fix and raise error message.

Save DB dump after warm/fast reboot (#8913)

Back porting the master branch change - #8803

Save the redis DB dump after warm reboot.

[201811][swss] advance swss submodule head (#9049)

* e0b115a 2021-10-22 | [copp] add dhcpv6 copp rules (#1979) (HEAD -> 201811, github/201811) [Ying Xie]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>

[swssconfig] load dhcpv6 copp rules by default (#9047)

Why I did it
Need to enable DHCPv6 copp rule

How I did it
Add a separate DHCPv6 copp rule config file and load it during cold reboot.

How to verify it
cold reboot, and verify config being loaded and dhcpv6 rules got installed.

Signed-off-by: Ying Xie ying.xie@microsoft.com

[warmboot finalizer] load dhcpv6 copp rules when missing (#9048)

Why I did it
Need to enable DHCPv6 COPP rules.

How I did it
Load the separate DHCPv6 COPP rules after warm reboot if the rules are missing.

How to verify it
Warm reboot from an image doesn't have DHCPv6 COPP rules installed.
Warm reboot from an image have DHCPv6 COPP rules already installed.
In either case, the script did the right thing and only install the COPP rules if it is missing.

Signed-off-by: Ying Xie ying.xie@microsoft.com
2021-10-26 08:52:10 -07:00
shlomibitton
e30d559c5c Fix dhcpmon 2021-10-26 08:52:10 -07:00
shlomibitton
5737c22bea Added DHCPv6 Monitor 2021-10-26 08:52:10 -07:00
Ying Xie
6483bf48f6
[warmboot finalizer] load dhcpv6 copp rules when missing (#9048)
Why I did it
Need to enable DHCPv6 COPP rules.

How I did it
Load the separate DHCPv6 COPP rules after warm reboot if the rules are missing.

How to verify it
Warm reboot from an image doesn't have DHCPv6 COPP rules installed.
Warm reboot from an image have DHCPv6 COPP rules already installed.
In either case, the script did the right thing and only install the COPP rules if it is missing.

Signed-off-by: Ying Xie ying.xie@microsoft.com
2021-10-25 08:05:55 -07:00
Ying Xie
7e4aa6a9f8
[swssconfig] load dhcpv6 copp rules by default (#9047)
Why I did it
Need to enable DHCPv6 copp rule

How I did it
Add a separate DHCPv6 copp rule config file and load it during cold reboot.

How to verify it
cold reboot, and verify config being loaded and dhcpv6 rules got installed.

Signed-off-by: Ying Xie ying.xie@microsoft.com
2021-10-25 08:05:35 -07:00
Ying Xie
5e2018e845
[201811][swss] advance swss submodule head (#9049)
* e0b115a 2021-10-22 | [copp] add dhcpv6 copp rules (#1979) (HEAD -> 201811, github/201811) [Ying Xie]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2021-10-25 08:05:10 -07:00
Vaibhav Hemant Dixit
f1d817ae54
Save DB dump after warm/fast reboot (#8913)
Back porting the master branch change - #8803

Save the redis DB dump after warm reboot.
2021-10-22 10:51:43 -07:00
Renuka Manavalan
52366b099d
[201811] Invoke disk check periodically (#8951)
* Invoke disk check periodically. (#7374)

Why I did it
Helps with periodic scan of disk for RO state.
If found, this script makes transient fix and raise error message.
2021-10-15 19:43:05 -07:00
Ying Xie
e302561736 [201811][utilities][swss][snmpagent] advance sub module head
snmpagent
* 187aa10 2021-09-16 | [201811][RFC1213]: Initialize lag oid map in reinit_data (#233) (github/201811) [SuvarnaMeenakshi]

swss:
* 3503705 2021-09-05 | [201811][Cherry-pick] [acl mirror action] Mirror session ref count fix at acl rule attachment (#1898) (HEAD -> 201811, github/201811) [bingwang-ms]

utilities:
* f3f8667 2021-10-15 | [201811] disk_check.py: Allow remote user access when disk is read-only (#1873) (HEAD -> 201811, github/201811) [Renuka Manavalan]
* 6b351c9 2021-10-14 | [201811]  Remove exec from platform_reboot_plugin call to handle any hang issue. (#1880) [Sujin Kang]
* d8d0461 2021-07-29 | [minigraph][port_config] Consume port_config.json while reloading minigraph (#1726) [Blueve]

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2021-10-15 19:41:43 -07:00
abdosi
f86b028b07 Logrotate for wtmp and btmp files to fix size getting too large. (#8744)
Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
2021-10-15 17:29:38 +00:00
kellyyeh
9ca267445c
[201811] Add DHCPv6 minigraph parsing support (#8970)
* Add DHCPv6 minigraph parsing support

Co-authored-by: shlomibitton <60430976+shlomibitton@users.noreply.github.com>
2021-10-13 22:30:19 -07:00
Ying Xie
1823b853ff
[201811][sai bcm] upgrade Broadcom SAI to version 3.5.3.7-6 (#8902)
- Pick up Broadcom patches for CS00011222060 and CS00012204923.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2021-10-10 20:17:31 -07:00
Ying Xie
3848f50456
[201811][jessie] address Jessie docker cert expiry issue (#8933)
Why I did it
201811 branch image build has been failing due to the certificate expiring: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021. This issue so far only affect Jessie docker because it is using openssl 1.0.

How I did it
Remove the expired cert and refresh the certs bundle.

How to verify it
Build image.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2021-10-08 19:18:25 -07:00
bingwang-ms
00695d918d
Update minigraph parser to support MIRROR_DSCP (#8827)
Signed-off-by: bingwang <bingwang@microsoft.com>
2021-09-24 14:40:27 +08:00
Aravind Mani
54e32c1f30
[201811] Dell S6100:Add serial-getty service to monit (#8410)
Why I did it
serial-getty service exited in Dell S6100 device randomly.

How I did it
Added serial-getty to monit services.

How to verify it
Stop serial-getty in ssh session and check whether the service restarts or not.
2021-08-19 10:14:03 -07:00
Renuka Manavalan
77892832b7
Add service to restore TACACS from old config (#7560) (#8233)
Why I did it
In upgrade scenarios, where config_db.json is not carry forwarded to new image, it could be left w/o TACACS credentials.
Added a service to trigger 5 minutes after boot and restore TACACS, if /etc/sonic/old_config/tacacs.json is present.

How I did it
By adding a service, that would fire 5 mins after boot.
This service apply tacacs if available.

How to verify it
Upgrade and watch status of tacacs.timer & tacacs.service
You may create /etc/sonic/old_config/tacacs.json, with updated credentials
(before 5mins after boot) and see that appears in config & persisted too.
2021-08-02 10:33:55 -07:00
Blueve
22b5ebd792
[port_config] Introduce ad-hoc mport_config.json file (#8275)
Signed-off-by: Jing Kan jika@microsoft.com
2021-07-29 10:41:31 +08:00
Shilong Liu
49ca56dd60 [CI] Fix azp targets for innovium platform (#7870)
There is no rule to build swi target. The correct target is *.bin.
2021-07-19 18:23:49 +00:00
xumia
29311dc44e
Fix CVE-2017-1000487 security alert (#7173) (#7278)
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.
2021-07-08 07:42:07 +08:00
xumia
8cfa9260f3
[ci]: Support PR checks for 201811 (#8114)
Enable PR checks for 201811
Fix target/docker-sonic-vs.gz build break.
2021-07-07 21:59:35 +08:00
xumia
a7725e6480
Fix vtysh shell-ingestion security issue (#7991)
Fix vtysh shell-ingestion security issue
Only expose the limited parameters of the command vtysh show.
2021-06-30 19:32:21 +08:00
Ying Xie
76bef999fd [7050] updating 7050 MMU configurations (#7801)
Why I did it
7050 S4Q31 mmu configuration is missing ALPM configurations, causing not enough memory reserved for routes. Orchagent crashes on a nightly testbed with 6400 route entries.

How I did it
Add the missing ALPM configurations.

How to verify it
Load the configuration on testbed and verified new configuration exists and no more crash.

Signed-off-by: Ying Xie ying.xie@microsoft.com
2021-06-06 04:50:37 +00:00
Neetha John
66dea00c44 Rename AristaQX-32S skus (#7751)
This PR contains the following changes
Original Arista-7050-QX-32S sku (32x40G ports) has been renamed to Arista-7050QX32S-Q32
Arista-7050-QX-32S is symlinked to Arista-7050QX-32S-S4Q31 (4x10G, 31x40G ports)

Signed-off-by: Neetha John <nejo@microsoft.com>
2021-05-29 05:55:58 +00:00
Neetha John
5b7d2651a8 Update MMU and QOS settings for Arista-7050QX-32S-S4Q31 (#7672)
Signed-off-by: Neetha John <nejo@microsoft.com>

Why I did it
Need proper MMU and Qos settings for Arista-7050QX-32S-S4Q31

How I did it
Updated the settings based on Arista-7050-QX-32S
2021-05-29 05:55:40 +00:00
Ying Xie
dfa9913986
[201811] address build error in sonic-config-engine (#7750)
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2021-05-28 13:57:04 -07:00
Neetha John
d4b4257915
Parse bandwidth for DeviceMgmtLinks (#7749)
Why I did it
Backport #7744

How to verify it
Ran sonic-cfggen on a minigraph and verified that interface of type DeviceMgmtLink has speed set in the PORT table from the bandwidth attribute in the minigraph

Signed-off-by: Neetha John <nejo@microsoft.com>
2021-05-28 12:22:17 -07:00
Shilong Liu
7c4aeb694c
adjust official build platform (#7703)
Why I did it
Adjust azp official build artifacts and platform to keep same with Jenkins.
2021-05-27 10:34:40 +08:00
Ying Xie
871c78244a
[201811] upgrace broadcom SAI to version 3.5.3.7-4 (#7722)
- CS00012108770, CS00012115932: Sesto phy WB support + WB recovery + log messages

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2021-05-26 16:59:11 -07:00
Neetha John
4f3d755ece
Update PG profile settings for Arista-7050QX-32S-S4Q31 (#7675)
Why I did it
PG profile settings need to be aligned with Arista-7050-QX-32S

How I did it
Copy over the current settings from Arista-7050-QX-32S and define params for 10G and 1G speeds as well

Signed-off-by: Neetha John <nejo@microsoft.com>
2021-05-25 11:38:56 -07:00
Shilong Liu
1511baf5fb enable official build in release branch
Signed-off-by: Shilong Liu <shilongliu@microsoft.com>
2021-05-24 18:34:11 +08:00
xumia
78f90ac7a9
Support readonly vtysh for sudoers (#7383) (#7573)
* Support readonly vtysh for sudoers (#7383)

Why I did it
Support readonly version of the command vtysh

How I did it
Check if the command starting with "show", and verify only contains single command in script.

* Fix the type issue in rvtysh
2021-05-19 09:02:33 +08:00
Tamer Ahmed
cdca8da7dd
[201811][dhcp-relay]: Launch DHCP Relay On L3 Vlan Only (#7085)
Recent changes brought l2 vlan concept which does not have DHCP
clients behind them and so DHCP relay is not required. Also,
dhcpmon fails to launch on those vlans as their interfaces
lack IP addresses. This PR backposts #6527 that limits launch
of both DHCP relay and dhcpmon to L3 vlans only.

original-pr: #6527
singed-off-by: Tamer Ahmed tamer.ahmed@microsoft.com
2021-05-12 09:21:22 -07:00
Shilong Liu
f5bd97aef1 remove unuse file
Signed-off-by: Shilong Liu <shilongliu@microsoft.com>
2021-05-12 15:44:37 +08:00
shilongliu
a21bd201e7 [CI] Update azp files with master branch
Signed-off-by: shilongliu <shilongliu@microsoft.com>
2021-05-12 15:44:37 +08:00
xumia
59c120c18c Export the azure pipeline build id for SONiC version (#7406)
Improve the SONiC version, fix the "azure pipeline build id" part

<target branch name>-<pullrequest id>.<azure pipelines build id>-<merge commit id>
Example: master-7381.11668-43df5c87
2021-05-12 15:44:37 +08:00
xumia
e01ceffbab [ci]: Fix official build not existing issue (#7408)
When submitting a new official build for broadcom, vs, it prompts a error message, which says the job is not defined.
It was caused by the default option "[]", which is not empty, it is used as the jobGroups parameter.
2021-05-12 15:44:37 +08:00
xumia
0acf6c2f01 Improve the PR build version (#7381)
Why I did it
Improve the version of the Pull Request build by changing the local branch name.

How I did it
Change the default branch name merge to [target_branch_name]-[pullrequestid].

How to verify it
For official build, the version is not changed.
For pull request build, the version as below:
2021-05-12 15:44:37 +08:00
xumia
773ddbf433 [ci] Fix the boolean value case sensitive issue in Azure Pipelines (#7399)
Why I did it
Fix the boolean value case sensitive issue in Azure Pipelines

When passing parameters to a template, the "true" or "false" will have case sensitive issue, it should be a type casting issue.
To fix it, we change the true/false to yes/no, to escape the trap.

Support to override the job groups in the template, so PR build has chance to use different build parameters, only build simple targets. For example, for broadcom, we only build target/sonic-broadcom.bin, the other images, such as swi, debug bin, etc, will not be built.
2021-05-12 15:44:37 +08:00
liushilongbuaa
a8910607a3 [CI] Use the same template in PR-build pipeline and official-build pipeline
Signed-off-by: liushilongbuaa <shilongliu@microsoft.com>
2021-05-12 15:44:37 +08:00
Shilong Liu
c4c9661984 [CI] Support 202012 branch generating version files for reproducible build (#7303)
for reproducible build azp

Signed-off-by: Shilong Liu <shilongliu@microsoft.com>
2021-05-12 15:44:37 +08:00
liushilongbuaa
51bc97e4fc [CI] Fix pipeline template artifacts struct bug and cleanup bug
Signed-off-by: liushilongbuaa <shilongliu@microsoft.com>
2021-05-12 15:44:37 +08:00
xumia
9930ba0df0 [ci] Fix no enough space issue in docker root in multi arch build (#7321)
Why I did it
Failed to build the centec-arm64 for no space in docker data root.

How I did it
Change to use the data root to the folder under /data.
See detail info about DOCKER_DATA_ROOT_FOR_MULTIARCH in the file Makefile.work.

How to verify it
Set the environment variable, then the /data used as docker root.
2021-05-12 15:44:37 +08:00
xumia
2132d16ec4 Fix the SONiC version starting with HEAD issue (#7319) 2021-05-12 15:44:37 +08:00