Commit Graph

5609 Commits

Author SHA1 Message Date
Shilong Liu
36d866002a
[build] Fix docker-sonic-mgmt pylint dependency lazy-object-proxy version (#9596) 2021-12-24 10:42:37 +08:00
xumia
faab7d5991
[Build]: Support reproducible build for release branches (#9426)
[Build]: Support reproducible build for release branches #9426
2021-12-23 16:16:55 +08:00
ganglv
48a648c943
[sonic-cfggen]: Fix syslog_server output (#9616)
Why I did it
'SYSLOG_SERVER': {'': {}, '10.0.10.5': {}, '10.0.10.6': {}},
Config db schema generated by minigraph can’t pass yang validation, server address can't be empty.

How I did it
Update test minigraph to remove wrong configuration.

How to verify it
Build sonic-config-engine.
Run command 'sonic-cfggen -m xxx.xml --print-data', and SYSLOG_SERVERS table.

Signed-off-by: Gang Lv ganglv@microsoft.com
2021-12-23 10:03:28 +08:00
ganglv
3aec72879d
[sonic-cfggen]: Update test minigraph to fix interface (#9601)
Why I did it
Config db schema generated from test minigraph can't pass yang validation.

How I did it
Update test minigraph to fix interface

How to verify it
Build sonic-config-engine.
Run command 'sonic-cfggen -m xxx.xml --print-data', and check interface table and port table.

Signed-off-by: Gang Lv ganglv@microsoft.com
2021-12-21 19:08:15 +08:00
ganglv
67e40b5531
[sonic-cfggen]: Update test minigraph to add deployment_id (#9593)
Why I did it
Config db schema generated from test minigraph can't pass yang validation.

How I did it
Update minigraph xml to add DeploymentId.

How to verify it
Build sonic-config-engine.
Run command 'sonic-cfggen -m xxx.xml --print-data', and check deployment_id field.

Signed-off-by: Gang Lv ganglv@microsoft.com
2021-12-21 09:14:44 +08:00
Stephen Sun
34be53a22e
Fix typo and missing files in SN3800 and SN4600C's buffer templates (#9537)
Why I did it
Fix typo and missing files in SN3800 and SN4600C's buffer templates

How I did it
ingress_lossless_xoff_size => ingress_lossless_pool_xoff add missing files for SN4600C-D100C12S2

How to verify it
Deploy the fix and verify whether the device can be up.

Signed-off-by: Stephen Sun <stephens@nvidia.com>
2021-12-20 13:31:45 -08:00
ganglv
dfddd55cbf
[yang]: Add constraint for pfcwd (#9513)
#### Why I did it
POLL_INTERVAL cannot be set if any of the detection/restoration times in this table is less than the POLL_INTERVAL.

#### How I did it
Add "must" constraint to make sure detection/restoration times are greater than POLL_INTERVAL.

#### How to verify it
Use apply-patch command to update POLL_INTERVAL.
Build sonic-yang-model.
2021-12-20 11:15:39 -08:00
Oleksandr Ivantsiv
3af4a9619e
[sonic-config-engine]: Improve comparison between default and supported breakout modes. (#9278)
Closes #7958 

#### Why I did it
The previous implementation of sonic-cfggen did a simple comparison between default breakout mode in
hwsku.json and supported modes in platform.json. To set a different default speed in hwsku.json
it was required to add one more entry to supported modes in platfrom.json file:

1x10G[100G,50G] vs 1x100G[50G,10G]

The new implementation does more intelligent parsing and analysis of supported and default modes. It
allows changing default speed without adding a new entry to platform.json.

#### How I did it
Add more intelligent parsing and analysis of supported and default modes.

#### How to verify it
Run sonic-config-engine unit tests from sonic-config-engine/tests directory
2021-12-20 08:56:08 -08:00
Qi Luo
0d327abe93
[sonic-utilities] submodule update (#9315)
#### Why I did it
Including below commits:
```
fe00bbf 2021-12-17 | Revert "[sonic-package-manager] support sonic-cli-gen and packages with YANG model (#1650)" (#1972) [Prince George]
5fe6d92 2021-12-16 | [warm/fast-reboot] Fix kexec portion to support platforms based on Device Tree (#1966) [dflynn-Nokia]
74d2a09 2021-12-17 | [portstat] check TX/RX utilization calculation correctness (#1840) [Andriy Yurkiv]
e44c3f6 2021-12-16 | [generic-config-updater] Improving CreateOnly validator and marking /LOOPBACK_INTERFACE/LOOPBACK#/vrf_name as create-only (#1969) [Mohamed Ghoneim]
0067cc4 2021-12-15 | [build] adapt for upstream target path change (#1971) [Qi Luo]
96143ee 2021-12-09 | preserve old order for config reload (#1964) [arlakshm]
f08c81d 2021-12-10 | [vxlan] remove unnecessary whitespace for show commands (#1792) [Gord Chen]
14889ce 2021-12-09 | [soft-reboot] Add support for platforms based on Device Tree (#1963) [dflynn-Nokia]
7ceccd7 2021-12-08 | [generic-config-updater] Adding non-strict mode (#1929) [Mohamed Ghoneim]
2e462ef 2021-12-07 | [sfputil] Firmware download/upgrade CLI support for QSFP-DD (#1947) [Prince George]
7c34b79 2021-12-07 | [config] Add portchannel support  for static route  (#1857) [Dmytro]
54cc370 2021-12-06 | [doc] Refine doc on show loopback/mgmt ports (#1958) [Qi Luo]
3714f63 2021-12-06 | [port2alias]: Fix to get right number of return values (#1906) [SuvarnaMeenakshi]
3fa0854 2021-12-06 | [CLI][show bgp] On chassis don't show internal BGP sessions by default (#1927) [Mahesh Maddikayala]
6de91af 2021-12-06 | [Auto-Techsupport] Issues related to Multiple Cores crashing handled (#1948) [Vivek Reddy]
656ade1 2021-12-06 | SFP-Refactor: Vendor revision is not displayed properly (#1950) [Aravind Mani]
67466cb 2021-12-05 | [port] Fix port speed set (#1952) [Mykola Gerasymenko]
5172972 2021-12-04 | Fix invalid output of syslog IPv6 servers (#1933) [jingwenxie]
290ff5f 2021-12-03 | Routed subinterface enhancements (#1821) [Preetham]
1ea88e2 2021-12-01 | Enhance sfputil for CMIS QSFP (#1949) [andywongarista]
4e132c1 2021-11-30 | [debug dump] Refactoring Modules and Unit Tests (#1943) [Vivek Reddy]
b550c44 2021-11-30 | Add command reference for trap flow counters (#1876) [Junchao-Mellanox]
67a267b 2021-11-30 | [Reclaim buffer] [Mellanox] Db migrator support reclaiming reserved buffer for unused ports (#1822) [Stephen Sun]
30e4654 2021-11-25 | Add show command for BFD sessions (#1942) [Shi Su]
e63f47e 2021-11-25 | [warm-reboot] Fix failures of warm reboot on disconnect of ssh session (#1529) [maksymbelei95]
c05845d 2021-11-25 | Add trap flow counter support (#1868) [Junchao-Mellanox]
ef82f00 2021-11-24 | [load_minigraph] Delay pfcwd start until the buffer templates are rendered (#1937) [Neetha John]
f5e5a56 2021-11-24 | [sonic-package-manager] support sonic-cli-gen and packages with YANG model (#1650) [Stepan Blyshchak]
64777a4 2021-11-23 | generic_config_updater: Filename changed & VLAN validator added (#1919) [Renuka Manavalan]
1f8f6ab 2021-11-23 | [config reload] Update command reference (#1941) [Sudharsan Dhamal Gopalarathnam]
```
2021-12-19 23:06:25 -08:00
LuiSzee
9e19a9a7cf
[centec] support v682-48y8c and v682-48x8c (#9349)
Why I did it
Adding platform support for centec v682-48y8c and v682-48x8c.
V682-48y8c switch has 48 SFP+ (1G/10G/25G) ports, 8 QSFP28 (40G/100G) ports on CENTEC TsingMa.MX.
V682-48y8c is different from V682-48y8c_d in that:

transceiver is managed by cpu smbus rather than TsingMa.MX i2c bus.
port led is managed by mcu inside TsingMa.MX.
fan, psu, sensors, leds are managed by cpu smbus other than the cpu board vendor's close sourse driver.
V682-48x8c switch has 48 SFP+ (1G/10G) ports, 8 QSFP28 (40G/100G) ports on CENTEC TsingMa.MX.
CPU used in v682-48y8c and v682-48x8c is Intel(R) Xeon(R) CPU D-1527.

How I did it
Modify related code in platform and device directory.
Upgrade centec sai to v1.9.
upgrade python to python3 and kernel version to 5.0 for V682-48y8c_d.
How to verify it
Build centec amd64 sonic image, verify platform functions (port, sfp, led etc) on centec v682-48y8c and v682-48x8c board.

Co-authored-by: shil <shil@centecnetworks.com>
2021-12-17 15:20:27 -08:00
Sumukha Tumkur Vani
17c2949d31
[RESTAPI] Update submodule (#9547) 2021-12-17 09:21:32 -08:00
zzhiyuan
a6d0a27a18
[Arista] Increase switch PCIe timeout for 7060-cx32s (#9248)
Co-authored-by: Zhi Yuan (Carl) Zhao <zyzhao@arista.com>
Why I did it
Arista 7060 platform has a rare and unreproduceable PCIe timeout that could possibly be solved with increasing the switch PCIe timeout value. To do this we'll call a script for this platform to increase the PCIe timeout on boot-up.

No issues would be expected from the setpci command. From the PCIe spec:

"Software is permitted to change the value in this field at any
time. For Requests already pending when the Completion
Timeout Value is changed, hardware is permitted to use either
the new or the old value for the outstanding Requests, and is
permitted to base the start time for each Request either on when
this value was changed or on when each request was issued. "

How I did it
Add "platform-init" support in swss docker similar to how "hwsku-init" is called, only this would be for any device belonging to a platform. Then the script would reside in device data folder.

Additionally, add pciutils dependency to docker-orchagent so it can run the setpci commands.

How to verify it
On bootup of an Arista 7060, can execute:
lspci -vv -s 01:00.0 | grep -i "devctl2"
In order to check that the timeout has changed.
2021-12-17 08:43:25 -08:00
mohan-selvaraj
36673c135c
[yang] sonic yang changes for BUM storm control (#7355)
#### Why I did it
Sonic yang model for BUM storm control

#### How I did it
Added yang model and the corresponding test cases. 

#### How to verify it
yang model test case for storm control
2021-12-16 10:14:47 -08:00
Stepan Blyshchak
f3df6e2f1b
[Mellanox] fix hw-mgmt patches (#9539)
- Why I did it
To fix an issue that hw-mgmt patches were not applied. One patch was already in upstream hw-mgmt package thus applying it again caused an error and no other patches were applied. Also, I did it to improve the Makefile, so that the make will fail in case patches fail to apply.

- How I did it
Removed obsolete patch, made applying patches a hard failure in the build.

- How to verify it
Run the make and verify patches are applied.

Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
2021-12-16 16:02:03 +02:00
liuh-80
734b1bfee6
[TACACS] Fix auditd can't load tacplus plugin issue. (#9481)
<!--
     Please make sure you've read and understood our contributing guidelines:
     https://github.com/Azure/SONiC/blob/gh-pages/CONTRIBUTING.md

     ** Make sure all your commits include a signature generated with `git commit -s` **

     If this is a bug fix, make sure your description includes "fixes #xxxx", or
     "closes #xxxx" or "resolves #xxxx"

     Please provide the following information:
-->

#### Why I did it
1. Fix auditd log file path, because known issue: https://github.com/Azure/sonic-buildimage/issues/9548

2. When SONiC change to based on bullseye, auditd version upgrade from 2.8.4 to 3.0.2, and in auditd 3.0.2 the plugin file path changed to /etc/audit/plugins.d, however the upstream auditisp-tacplus project not follow-up this change, it still install plugin config file to /etc/audit/audisp.d. so the plugin can't be launch correctly, the code change in src/tacacs/audisp/patches/0001-Porting-to-sonic.patch fix this issue.
#### How I did it
        Fix tacacs plugin config file path.
        Create /var/log/audit folder for auditd.

#### How to verify it
        Pass all UT, also run per-command acccounting UT to validate plugin loaded.

#### Which release branch to backport (provide reason below if selected)

<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106

#### Description for the changelog
<!--
Write a short (one line) summary that describes the changes in this
pull request for inclusion in the changelog:
-->
        Fix tacacs plugin config file path.
        Create /var/log/audit folder for auditd.

#### A picture of a cute animal (not mandatory but encouraged)
2021-12-16 11:02:58 +08:00
Qi Luo
c5bcbd55ff
[sonic-slave]: Upgrade python lxml library version to 4.6.5 (#9529)
Bumps lxml from 4.6.5.
2021-12-15 17:55:55 -08:00
Mohamed Ghoneim
2c5794f62d
[yang-model] Using 'leafref' instead of 'must' for loopback (#9535)
#### Why I did it
Fix issue https://github.com/Azure/sonic-utilities/issues/1962

The problem is current implementation of [sonic-yang-mgmt::find_data_dependencies](f2774b635d/src/sonic-yang-mgmt/sonic_yang.py (L518)) does not get referrers if they are using `must` statement, it has to use `leafref`.

For now we can convert `must` to `leafref` if possible. In the future we will investigate get referrers by `must` statements as well https://github.com/Azure/sonic-buildimage/issues/9534

#### How I did it
Instead of `must` use `leafref`

#### How to verify it
unit-test

#### Which release branch to backport (provide reason below if selected)

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106
2021-12-15 17:19:57 -08:00
tomer-israel
6a0bb3a2af
[LLDPD] fix to port remove and immediately create problem (#9519)
[LLDPD] fix to port remove and immediately create a problem - on delete link events it will immediately execute delete without using aggregate events mechanism.

This patch was added to LLDPD on this PR:
lldpd/lldpd#492

Signed-off-by: tomeri <tomeri@nvidia.com>
2021-12-15 13:06:40 -08:00
Vadym Hlushko
727a94634c
[Mellanox] [SN4410] Fixed capability files - port_config.ini, hwsku.json, platform.json (#9538)
- Why I did it
The capability files were incorrect in comparison to the marketing spec of the SN4410 platform.

- How I did it
Aligned the capability files according to the marketing spec.

- How to verify it
Basic manual sanity checks:
1. Check if critical docker containers were UP
2. Check if interfaces were created and were UP
3. Check if interfaces created in the syncd docker container by executing – sx_api_ports_dump.py script
4. Check the logs from the start of the switch – everything was OK
5. Verified the port breakout

Signed-off-by: Vadym Hlushko <vadymh@nvidia.com>
2021-12-15 19:25:20 +02:00
Junchao-Mellanox
d05afb5dbd
[Mellanox] Rename platform x86_64-mlnx_msn4800 to x86_64-nvidia_sn4800 (#9512)
- Why I did it
Rename platform x86_64-mlnx_msn4800 to x86_64-nvidia_msn4800

- How I did it
Rename platform folder as well as all code that reference the platform name

- How to verify it
Manual test
2021-12-15 09:08:04 +02:00
Lawrence Lee
7bd0a2ad11
[swss]: Listen for undeliverable tunnel packets (#9348)
- Create a script in the orchagent docker container which listens for these encapsulated packets which are trapped to CPU (indicating that they cannot be routed/no neighbor info exists for the inner packet). When such a packet is received, the script will issue a ping command to the packet's inner destination IP to start the neighbor learning process.
- This script is also resilient to portchannel status changes (i.e. interface going up or down). An interface going down does not affect traffic sniffing on interfaces which are still up. When an interface comes back up, we restart the sniffer to start capturing traffic on that interface again.
2021-12-14 14:45:23 -08:00
Shi Su
f2774b635d
Add openbfdd to ptf docker (#9488)
Why I did it
To enable test support for BFD-related features, the PTF docker needs to have the proper support for BFD. This PR aims to add BFD support in ptf docker.

How I did it
Clone and build OpenBFDD for PTF docker.

How to verify it
Build locally and verify BFD is supported.
2021-12-14 11:46:48 -08:00
Stepan Blyshchak
c3008c3ce7
[Mellanox][SDK] Build SDK with PRM sniffer support (#9500)
- Why I did it
To have an ability to use PRM sniffer.

- How I did it
Enabled the option in configure flags.

- How to verify it
Built and ran on switch. Enabled the feature in runtime and checked the sniffer recording.
Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
2021-12-14 10:56:19 +02:00
dependabot[bot]
2a467f8eb4
Bump lxml from 4.6.3 to 4.6.5 in /src/sonic-config-engine (#9522)
Bumps [lxml](https://github.com/lxml/lxml) from 4.6.3 to 4.6.5.
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/lxml/lxml/compare/lxml-4.6.3...lxml-4.6.5)

---
updated-dependencies:
- dependency-name: lxml
  dependency-type: direct:production
2021-12-13 20:20:48 -08:00
Saikrishna Arcot
4acdc2a81e
Arm64 fixes and optimizations (#9274)
* [arm64]: Fix registration of the qemu interpreters

The current code doesn't properly run the container that registers the
qemu interpreters. It checks to see if the container is "known" by
Docker, but that doesn't indicate whether it's been run or not.
Therefore, just always register the qemu interpreters in the kernel, to
make sure the binary that's in the slave images that we build is used.

* [build]: Reduce the number of python calls

Modify the BLDENV and PROJECT_ROOT variables in slave.mk to be
immediate execution instead of lazy execution. Neither of these
variables should be changing for the duration of the build in each slave
container, so just run it once instead of every time they're referenced.

When running `make configure` for broadcom arm64 (where all of the slave
images are already built) on an amd64 host, this reduces the time spent
in each slave container from 4.5-5 minutes to 2 minutes.

* [sonic-slave]: Upgrade the qemu used for Bullseye arm64 to 6.1.0

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2021-12-13 18:20:39 -08:00
Marty Y. Lok
04a4b8dcb1
[multiasic][database]database.sh failed to create the database for namespace (#9502)
Why I did it
database.sh failed to create the database for namespace in multiasic platform.
The latest code Docker version 20.10.x, command "docker create" no longer takes optional "NET=" with empty value. Syntax error show with current docker create command in database.sh. Issue #9503

How I did it
Modify the docker_image_ctl.j2 to set default network setting NET="bridge" instead of empty for namespace database.
2021-12-13 10:17:05 -08:00
abdosi
6c0da4bcf0
[bgp] Enable BGP Graceful Restart based on device role (#9486)
What I did:
Updated Jinja Template to enable BGP Graceful Restart based on device role. By default it will be enable only if the device role type is TorRouter.

Why I did:-
By default FRR is configured in Graceful Helper mode. Graceful Restart is needed on T0/TorRouter only since the device can go for warm-reboot. For T1/LeafRouter it need to be in Helper mode only
2021-12-13 10:14:50 -08:00
Shilong Liu
6402a02261
[build] Remove dulplicated DOCKER_SYNCD_BASE target. (#9378) 2021-12-13 11:06:10 +08:00
Samuel Angebault
6cf06637f6
[sonic-py-common] Add recirc_prefix definition (#9471)
This interface type is used for recirculation on chassis.
The definition is required to prevent this interface from being
considered a physical interface in sonic-platform-common and
sonic-platform-daemon
2021-12-12 18:09:51 -08:00
Qi Luo
cf4011d526
Revert "CRM init config for SRV6 Nexthop and MY_SID resource (#9238)" (#9506)
This reverts commit 8187d473af.
2021-12-12 12:16:39 -08:00
Saikrishna Arcot
4803847e5e
Remove the rw folder from the image after installing in KVM (#8746)
* Remove the rw folder from the image after installing in KVM

When the image is installed from within KVM and then loaded, some files
(such as timer stamp files) are created as part of that bootup that then
get into the final image. This can cause some side effects, such as
systemd thinking that some persistent timers need to run because the
last trigger time got missed.

Therefore, at the end of the check_install.py script, remove the rw
folder so that it doesn't exist in the image, and that when this image
is started up in a KVM setup for the first time, it starts with a truly
clean slate.

Without this change, the issue seen was that for fstrim.timer, a stamp
file would be present in /var/lib/systemd/timers (and for other timers
that are marked as persistent). This would then cause fstrim.service to
get started immediately when starting a QEMU setup if the timer for that
service missed a trigger, and not wait 10 minutes after bootup. In the
case of fstrim.timer, that means if the image was started in QEMU after
next Monday, since that timer is scheduled to be triggered weekly.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>

* Split installation of SONiC and test bootup into two separate scripts

Just removing the rw directory causes other issues, since the first boot
tasks no longer run since that file isn't present. Also, just recreating
that file doesn't completely help, because there are some files that are
moved from the /host folder into the base filesystem layer, and so are
no longer available.

Instead, split the installation of SONiC and doing the test bootup into
two separate scripts and two separate KVM instances. The first KVM
instance is the one currently being run, while the second one has the
`-snapshot` flag added in, which means any changes to the disk image
don't take effect.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2021-12-10 13:13:35 -08:00
Mykola Gerasymenko
afd40984fc
[DPB][YANG] Fix cases when boolean is used in different literal cases (#9418)
Fixes #9326

#### Why I did it
When we try execute DPB from CLI we have error:
`libyang[0]: Invalid value "False" in "has_global_scope" element. (path: /sonic-feature:sonic-feature/FEATURE/FEATURE_LIST[name='bgp']/has_global_scope)`
The reason for this issue is that has_global_scope and other have been stored in redis database with value False or True form capital letter:
```
   "FEATURE":{
      "bgp":{
         "auto_restart":"enabled",
         "has_global_scope":"False",
         "has_per_asic_scope":"True",
         "has_timer":"False",
         "high_mem_alert":"disabled",
         "state":"enabled"
      }
```
But yang model support boolean just in lowercase letters (https://datatracker.ietf.org/doc/html/rfc6020#section-9.5.1).
#### How I did it
Added boolean to sonic-types as typedef with different literal cases.

#### How to verify it
Run the command config interface breakout <breakout_mode>

**NOTE:**
To verify this fix, the following PRs that fix other problems in SONiC must be merged into master:
1) Azure/sonic-buildimage/pull/9075
2) Azure/sonic-buildimage/pull/9276
2021-12-10 10:34:02 -08:00
Neetha John
5384b30d3c
[yang] Add missing device types to the device_metadata yang (#9464)
Signed-off-by: Neetha John <nejo@microsoft.com>

Bring back the changes in #9226 that were reverted. Unable to do a revert-revert.

Why I did it
Few device types were missing in the DEVICE_METADATA type field

How I did it
Added missing device types to the device metadata yang
2021-12-10 09:26:08 -08:00
Mohamed Ghoneim
02d273274f
[yang-models] Validating 'services' exist if ACL type is 'CTRLPLANE' (#9295)
#### Why I did it
Fixing issue #9294

#### How I did it
Updating ACL yang model

#### How to verify it

Validating issue with `config patch-apply` is fixed.

- Start a KVM
- Add file `add-ctrl-plane-tbl.json-patch ` with content:
```json
[
    {
     "op": "add",
     "path": "/ACL_TABLE/ACTRLPLANETABLE",
     "value": {
      "policy_desc": "ACTRLPLANETABLE",
      "services": [
       "SSH"
      ],
      "stage": "ingress",
      "type": "CTRLPLANE"
     }
    }
]
```
- Run `sudo config apply-patch add-ctrl-plane-tbl.json-patch`


Before:
```
Patch Applier: The patch was sorted into 4 changes:
Patch Applier:   * [{"op": "add", "path": "/ACL_TABLE/ACTRLPLANETABLE", "value": {"type": "CTRLPLANE"}}]
Patch Applier:   * [{"op": "add", "path": "/ACL_TABLE/ACTRLPLANETABLE/policy_desc", "value": "ACTRLPLANETABLE"}]
Patch Applier:   * [{"op": "add", "path": "/ACL_TABLE/ACTRLPLANETABLE/services", "value": ["SSH"]}]
Patch Applier:   * [{"op": "add", "path": "/ACL_TABLE/ACTRLPLANETABLE/stage", "value": "ingress"}]
```

After:
```
Patch Applier: The patch was sorted into 1 change:
Patch Applier:   * [{"op": "add", "path": "/ACL_TABLE/ACTRLPLANETABLE", "value": {"policy_desc": "ACTRLPLANETABLE", "services": ["SSH"], "stage": "ingress", "type": "CTRLPLANE"}}]
```

#### Which release branch to backport (provide reason below if selected)

<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106

#### Description for the changelog
<!--
Write a short (one line) summary that describes the changes in this
pull request for inclusion in the changelog:
-->


#### A picture of a cute animal (not mandatory but encouraged)
2021-12-10 08:04:41 -08:00
arlakshm
327ad41bee
[yang] add set_owner to feature yang (#9075)
#### Why I did it
Add the configuration for the set_owner in the `feature` yang model

#### How I did it
Add new leaf `set_pwner` to the `feature` yang model

#### How to verify it
compile `sonic_yang_mgmt-1.0-py3-none-any.whl`
2021-12-09 23:18:45 -08:00
Alexander Allen
325276a917
[Mellanox] Add copyright headers to Mellanox-SN4600C-D100C12S2 SKU (#9345)
Missing NVIDIA copyright header from some files.
2021-12-10 08:23:26 +02:00
Oleksandr Ivantsiv
d2bc825db6
[build]: Add possibility to override dockerd config file for multiarch builds. (#9325)
- Why I did it
Fixes #8898

Dockerd for multiarch build by default use host OS config file ("/etc/docker/daemon.json").
Default configuration used on host OS may not work for containers run inside sonic-slave.
"DOCKER_CONFIG_FILE_FOR_MULTIARCH" variable allows overriding path to the
config file that will be used for multiarch dockerd.

- How I did it
Added "DOCKER_CONFIG_FILE_FOR_MULTIARCH" to Makefile.work file that allow to
override path to dockerd config file through environment variable:

DOCKER_CONFIG_FILE_FOR_MULTIARCH=${path_to_file}/daemon.json   make ...
If the env variable is not set build the system preserves its default behavior.

- How to verify it
Set DOCKER_CONFIG_FILE_FOR_MULTIARCH env variable
Run build
While build is running execute ps -eo pid,cmd | grep "[0-9] dockerd.*march" command
Verify that --config-file parameter is set to the same path that was specified in DOCKER_CONFIG_FILE_FOR_MULTIARCH variable.
2021-12-10 08:20:38 +02:00
xumia
49dd5db94d
[Build]: Fix docker images built multiple times issue (#9253)
The same docker image is built multiple times after upgrading to bullseye, the build time is increased to about 15 hours from 6 hours.
See log: https://dev.azure.com/mssonic/be1b070f-be15-4154-aade-b1d3bfb17054/_apis/build/builds/50390/logs/9
Line 1437: 2021-11-11T11:15:02.7094923Z [ building ] [ target/docker-sonic-telemetry.gz ]
Line 1446: 2021-11-11T11:37:41.1073304Z [ finished ] [ target/docker-sonic-telemetry.gz ]
Line 1459: 2021-11-11T11:38:20.6293007Z [ building ] [ target/docker-sonic-telemetry.gz-load ]
Line 1462: 2021-11-11T11:38:28.1250201Z [ finished ] [ target/docker-sonic-telemetry.gz-load ]
Line 2906: 2021-11-11T18:57:42.8207365Z [ building ] [ target/docker-sonic-telemetry.gz ]
Line 2917: 2021-11-11T19:43:47.1860961Z [ finished ] [ target/docker-sonic-telemetry.gz ]
Line 3997: 2021-11-11T22:49:35.0196252Z [ building ] [ target/docker-sonic-telemetry.gz ]
Line 4002: 2021-11-11T23:14:00.4127728Z [ finished ] [ target/docker-sonic-telemetry.gz ]

How I did it
Place the python wheels in another folder relative to the build distribution.

Co-authored-by: Ubuntu <xumia@xumia-vm1.jqzc3g5pdlluxln0vevsg3s20h.xx.internal.cloudapp.net>
2021-12-09 15:42:44 -08:00
Abhishek
adf52c2581
[yang] SONiC MAC ACL Yang model update to add support for Source MAC, Destination MAC, Ethertype pattern update, VLAN_ID, PCP, DEI fields (#7917)
#### Why I did it
Currently only IP ACL and related model is defined. Support for MAC ACL is missing. Added support for it.

#### How I did it
ACL_RULE table is added with new MAC ACL related fields namely Source MAC, Destination MAC, Ethertype (Pattern updated to match any valid Ethertypes), VLAN, PCP, DEI

#### How to verify it
Yang model tests are attached.
2021-12-09 11:19:16 -08:00
MaratGubaiev
4562b82bf2
[yang] sonic-bgp-cmn/admin_status fixed (#9429)
#### Why I did it
fixing https://github.com/Azure/sonic-buildimage/issues/9350 "[yang-models] BGP neighbor admin_status should be up/down"
2021-12-09 10:19:05 -08:00
Longxiang Lyu
b88f68b1d6
[YANG] add YANG model support for CABLE_LENGTH (#9273)
Why I did it
Add YANG model support for table CABLE_LENGTH

How I did it
Add the YANG model file
Add the test description file and config file
add list CABLE_LENGTH_LIST to the qos_maps_model list in sonic-yang-ext, as it has an inner list.

How to verify it
Build sonic-yang-model and sonic-yang-mgmt
2021-12-09 09:34:01 -08:00
Raphael Tryster
e3c0a888c9
[Mellanox] Add support of SN5600 platform on top of Nvidia ASIC simulation (#9392)
- Why I did it
Add new Spectrum-4 system support SN5600 on top of Nvidia ASIC simulator.

- How I did it
Add all relevant system and simulator SKU.
Updated syseeprom.hex and related directories to reflect Nvidia SN5600 brand name.

- How to verify it
Tested init flow, basic show commands, up interfaces, traffic test.

Signed-off-by: Raphael Tryster <raphaelt@nvidia.com>
2021-12-09 17:46:24 +02:00
Stephen Sun
5ac4d42c44
[Unit test] Fix sonic config engine unit test failure (#9454)
- Why I did it
Fix sonic-config-engine unit test failure

- How I did it
 * Do not use pytest fixture in the test since it is not compatible with unittest framework which is used by all of the rest test cases.
 * Supply 2 missing files

- How to verify it
Run unit test or compile the module (when the unit test will run automatically)

Signed-off-by: Stephen Sun <stephens@nvidia.com>
2021-12-09 17:39:28 +02:00
Volodymyr Samotiy
3f00b5df84
[Mellanox] Update SAI to v1.20.1.1 and SDK/FW to v4.5.1158/v2010.1154 (#9474)
- Why I did it
To include latest fixes.

SAI
1. Reclaim buffers for port which is admin down
2. Support for Spectrum-4 os Nvidia ASIC simulation
3. Support for SN2201
4. Fix host interface table entry, one channel per trap (fix sflow double registration)
5. 2 new queue counters - ecn marked packets + shared current occupancy
6. Fix storm policer unknown unicast
7. Add key/value for accuflow counters
8. Add MAC move
9. Add mirror congestion mode attribute

SDK
1. Under various circumstances, Ethernet ports falsely showed that InfiniBand cables were connected.
2. In SN4600C, at times, the link up time in both DAC and optics cables may, in the worst case, take up to 15 seconds.
3. Using SN4600C with copper or optics loopback cables in NRZ speeds, link may raise in long link up times
4. When ECMP has high amount of next-hops based on VLAN interfaces, in some rare cases, packets will get a wrong VLAN tag and will be dropped.
5. When connecting Spectrum devices with optical transceivers that support RXLOS, remote side port down might cause the switch firmware to get stuck and cause unexpected switch behavior.
6. Aggregation event is missing for WJH L2 drop reason 'Unicast egress port list is empty'.
7. Tying the SCL and SDA of the optical modules to 3.3V causes errors.
8. On SN4600, there was a delay of more than 10 seconds from the time a data packet is sent from CPU until it is transmitted through one of the switch ports.
9. While using SN4600C system with Finisar FTLC1157RGPL 100GbE CWDM4 modules, intermittent link flaps across multiple ports may be observed.
10. In Spectrum-2 and Spectrum-3 systems, link did not work in auto-negotiation when connected to Marvell PHY. KR mechanism has been enhanced to integrate with Marvell PHY.
11. The tunnel counter counts the drop packets now for Spectrum-2 and Spectrum-3 and consistent with Spectrum behavior and count the ECN dropped packets as well.
12. When connecting SN3800 to Cisco-9000, fast-linkup flow will fail and will rise in the normal flow.
13. Race condition in WJH library: when multiple threads load the LAG shared memory concurrently, the program may crash.
14. Add WJH L2 drop reason 'Unicast egress port list is empty' as a new drop reason.
15. Fixed a memory leak in sx_api_port_sflow_statistics_get API.
16. During initialization flow, the command interface that is used by the minimal driver and SDK caused the collision in the firmware since the same buffer is used in the firmware for the two interfaces.
17. Fix route issue on Kernel 5.10

- How I did it
Updated SDK/SAI submodule and relevant makefiles with the required versions.

- How to verify it
Build an image and run tests from "sonic-mgmt".

Signed-off-by: Volodymyr Samotiy <volodymyrs@nvidia.com>
2021-12-09 14:52:18 +02:00
Aravind Mani
fc91dae023
submodule platform daemon update (#9461) 2021-12-09 12:41:17 +05:30
Aravind Mani
ac2885a988
[SFP-Refactor] Modify transceiver key name (#9447)
* Modify transceiever key name

* fix alignment
2021-12-09 12:38:45 +05:30
Aravind Mani
66d55757c0
[Submodule]Update sonic-platform-common submodule (#9466) 2021-12-09 12:38:21 +05:30
ganglyu
3c1770b7cb
[yang]: update Yang models for cloudtype and region (#9425)
Why I did it
#9122
DEVICE_METADATA does not have cloudtype and region.

How I did it
Add cloudtype and region to DEVICE_METADATA.

How to verify it
Follow the steps in #9122.
Build sonic-yang-model.

Signed-off-by: Gang Lv ganglv@microsoft.com
2021-12-09 09:04:52 +08:00
Marty Y. Lok
1fb347ab4f
Update submodule sonic-pmon for Nokia platform (#9210)
Update Nokia platform sonic-pmon submoduel to the latest with the following commits

c41c823 Fix transceiver module dynamic insertion/removal operations
21a1df6 Fixed pcied process FATAl issue
7fc1fd4 Fix midplane status nokia_cmd
a14ee1c Override get_module() api in chassis
8a457fc SON-326: Watchdog logger changes and file scrubbing
7250eb1 SON-410: Fix missing eeprom access routine
7a70c42 Allow only reboot of self card for OC API test
6ab5d96 Fixed the flake8 compliant issues
807de95 APIs to set thermal threshold to return false
9b38265 SON-382: platform-dump with common techsupport
3f83a67 Add model, base_mac, system_eeprom and serial number support in moduel.py
848d311 SFP: Add get_error_description and fix return status for set_lpmode
1fcb5de PSU check presence of psu instance for APIs
7c68da3 Fixed the eagle and hornet card description
0c01d07 Module support for reboot API
2021-12-08 13:31:19 -08:00
Junchao-Mellanox
ae0989784d
[Mellanox] Allow user to set LED to orange (#9259)
Why I did it
Nvidia platform API does not support set LED to orange

How I did it
Allow user to set LED to orange

How to verify it
Added unit test
Manual test
2021-12-08 13:05:10 -08:00