Commit Graph

7948 Commits

Author SHA1 Message Date
Zain Budhwani
382d68fe42
Move syncd events to syncd.conf (#15950)
### Why I did it

syncd events should have tag sonic-events-syncd, not sonic-events-host. Created a new conf file which will have syncd events

##### Work item tracking
- Microsoft ADO **(number only)**:17747466

#### How I did it

Code change

#### How to verify it

Pipeline
2023-09-19 17:29:49 -07:00
Aravind Mani
2f3f28691a
[devices]: Dell S6100 API 2.0 fix (#16363)
Why I did it
sonic-mgmt test failure is seen for update_firmware component API

Microsoft ADO: 25208748

How I did it
Edited API 2.0 to fix this issue.

How to verify it
Run sonic-mgmt test after the fix and verify it passes.
2023-09-19 10:24:05 -07:00
mssonicbld
cdb7293491
[submodule] Update submodule sonic-mgmt-common to the latest HEAD automatically (#16586)
#### Why I did it
src/sonic-mgmt-common
```
* 4cfc882 - (HEAD -> master, origin/master, origin/HEAD) CVL error reporting enhancements (#97) (5 hours ago) [Sachin Holla]
* 4a88fe7 - transformer infra optimization on uri path unmarshaling (#99) (6 hours ago) [Balachandar Mani]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-09-19 16:33:47 +08:00
Qi Luo
72341a7ee5
[doc] add pipeline link into README (#16347)
#### Why I did it
add pipeline link into README
2023-09-18 17:53:58 -07:00
Baorong Liu
4b0b27d79a
[staticroutebfd] change bfd to singlehop
[staticroutebfd] change bfd to singlehop

staticroutebfd should use singlehop bfd. Because of a bug (portchannel+singlehop) in the SDK, we were using multi-hop as a temporary workaround. Now the SDK issue is solved, need to switch to singlehop BFD mode.
2023-09-18 14:00:30 -07:00
Sudharsan Dhamal Gopalarathnam
734dac1677
[FRR] Adding patches for CVE-2023-41360 and CVE-2023-41359 (#16528)
Why I did it
Created patches to address two CVEs from FRR CVE-2023-41359 and CVE-2023-41360.

Patch	FRR commit	CVE fixed
0022-bgpd-Don-t-read-the-first-byte-of-ORF-header-if-we-a.patch	FRRouting/frr@3515178	CVE-2023-41360
0023-bgpd-Make-sure-we-have-enough-data-to-read-two-bytes.patch	FRRouting/frr@460ee93	CVE-2023-41359
Work item tracking
Microsoft ADO (number only):
How I did it
Porting fixes as patches from FRR.

How to verify it
Azure Pipeline tests should cover the sanity. In addition ran basic tests.
2023-09-18 16:59:32 +08:00
mssonicbld
238f88e4f1
[submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (#16577)
#### Why I did it
src/sonic-snmpagent
```
* 00d8363 - (HEAD -> master, origin/master, origin/HEAD) Fix pipeline build break caused by libhredis remove from sonic-buildimage artifect.  (#293) (22 hours ago) [Hua Liu]
```
2023-09-17 07:53:26 +00:00
Qi Luo
93af5dd052
[sonic-snmpagent] Update submodule (#16563)
#### Why I did it
Including below commits:
```
2c6ed2e 2023-09-14 | Support interface speed for PortChannels (#262) [Lukas Stockner]
```

##### Work item tracking
- Microsoft ADO **(number only)**: 25085425
2023-09-15 22:20:49 -07:00
mssonicbld
7d66e517b8
[submodule] Update submodule sonic-snmpagent to the latest HEAD automatically (#16568) 2023-09-16 10:22:11 +08:00
vdahiya12
45a852233b
[pmon] update gRPC version to 1.57.0 (#16257)
Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>
2023-09-15 16:41:51 -07:00
Yaqiang Zhu
d11e0a214e
Add use_unix_socket_path to supervisor-proc-exit-listener (#16548)
Why I did it
ConfigDBConnector in supervisor-proc-exit-listener uses default parameter to connect CONFIG_DB (connect by 127.0.0.1:6379) which would fail at non-host network mode container, because they are not sharing the same network and socket.

How I did it
Add a new parameter use_unix_socket_path to this script to indicate whether to use socket to connect CONFIG_DB.

How to verify it
Build image and install it, kill critical processes in container and container crushed.
2023-09-15 16:23:25 -07:00
mssonicbld
bb22c0309b
[submodule] Update submodule sonic-platform-daemons to the latest HEAD automatically (#16567) 2023-09-15 15:26:23 +08:00
mssonicbld
35dc1736e8
[submodule] Update submodule sonic-platform-daemons to the latest HEAD automatically (#16554) 2023-09-15 10:42:12 +08:00
mint570
0cb63f7860
Fix sflow dbg container build rule to include hsflowd debug symbols. (#15912)
#### Why I did it
The sflow debug container does not include the debug symbols of hsflowd.

#### How I did it
Add the hsflowd debug dependency.

#### How to verify it
Build the sflow debug container, get into the container, open gdb to load the hsflowd program. Verified debug symbol is available.
2023-09-14 16:30:25 -07:00
Saikrishna Arcot
f207a9b0e0
Fix potentially not having any loopback address on lo interface (#16490)
In #15080, there was a command added to re-add 127.0.0.1/8 to the lo
interface when the networking configuration is being brought down.
However, the trigger for that command is `down`, which, looking at
ifupdown2 configuration files, runs immediately after 127.0.0.1/16 is
removed. This means there may be a period of time where there are no
loopback addresses assigned to the lo interface, and redis commands will
fail.

Fix this by changing this to pre-down, which should run well before
127.0.0.1/16 is removed, and should always leave lo with a loopback
address.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-09-14 12:55:50 -07:00
mssonicbld
82dd4d4a10
[submodule] Update submodule sonic-mgmt-common to the latest HEAD automatically (#16531)
#### Why I did it
src/sonic-mgmt-common
```
* 14962fe - (HEAD -> master, origin/master, origin/HEAD) CVL database access layer changes (#100) (30 hours ago) [Balachandar Mani]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-09-14 16:32:43 +08:00
mssonicbld
cba4fe3f5f
[submodule] Update submodule sonic-host-services to the latest HEAD automatically (#16551)
#### Why I did it
src/sonic-host-services
```
* 1a5a0bf - (HEAD -> master, origin/master, origin/HEAD) Remove command to install libhiredis deb file (#74) (8 hours ago) [Saikrishna Arcot]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-09-14 16:32:37 +08:00
mssonicbld
d522329624
[submodule] Update submodule sonic-platform-common to the latest HEAD automatically (#16553)
#### Why I did it
src/sonic-platform-common
```
* 0dafb55 - (HEAD -> master, origin/master, origin/HEAD) Remove command to install libhiredis deb file (#398) (9 hours ago) [Saikrishna Arcot]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-09-14 16:32:31 +08:00
ganglv
ce7145475d
Fix grpc package for ptf container (#16536)
Why I did it
PTF container needs to use new grpcio package.

Work item tracking
Microsoft ADO (number only):
How I did it
Update versions-py2

How to verify it
Check pipeline artifact
2023-09-14 08:27:32 +08:00
Gokulnath Raja
de2f7bd7b9
Upgrading hsflowd version from 2.0.35 to 2.0.51-26 to address for [sflow]ERR sflow#hsflowd: device Loopback0 Get SIOCGIFFLAGS failed : No such device #13407 (#15362)
Signed-off-by: Gokulnath-Raja <Gokulnath_R@dell.com>
Co-authored-by: mohanapriya-meganathan <mohanapriya.m1@dell.com>
2023-09-13 17:18:34 -07:00
anamehra
78981d93b8
Chassis: fix pmon docker failure when DEVICE_METADATA is not available (#16527)
Signed-off-by: anamehra anamehra@cisco.com

Added a check for DEVICE_METADATA before accessing the data. This prevents the j2 failure when var is not available.
2023-09-13 14:10:56 -07:00
ShiyanWangMS
42126ccf7d
Revert "Upgrade Ansible to 6.7.0 and make Python3 as the default interpreter in sonic-mgmt-docker (#15836)" (#16537)
This reverts commit 51fb6d7d9f.

The new sonic-mgmt docker image has ansible upgraded. Encountered some issues that are hard to debug to have a quick fix. Let's revert the change for now. The new sonic-mgmt docker image was kept for further debugging and fixing. After all the issues are fixed, we'll need to apply this change again.
2023-09-13 16:20:17 +08:00
Zain Budhwani
337a9dbcf4
Add rsyslog plugin support for frr log (#16192)
### Why I did it

Currently there is only rsyslog plugin support for /var/log/syslog, meaning we do not detect events that occur in frr logs such as BGP Hold Timer Expiry that appears in frr/bgpd.log. 

##### Work item tracking
- Microsoft ADO **(number only)**: 13366345

#### How I did it

Add omprog action to frr/bgpd.log and frr/zebra.log. Add appropriate regex for both events.

#### How to verify it

sonic-mgmt test case
2023-09-12 16:53:45 -07:00
ShiyanWangMS
51fb6d7d9f
Upgrade Ansible to 6.7.0 and make Python3 as the default interpreter in sonic-mgmt-docker (#15836)
Why I did it
This PR is part of sonic-mgmt-docker Python3 migration project.

Work item tracking
Microsoft ADO (number only): 24397943

How I did it
Upgrade Ansible to 6.7.0
Make Python3 as the default interpreter. python is a soft link to python3. If you want to use python2, use the command python2 explicitly.
Upgrade some pip packages to higher version in order to meet security requirement.

How to verify it
Build a private sonic-mgmt-docker successfully.
Verify python is python3.
Verify python2 is working with 202012 and 202205 branch.
Verify python3 is working with master branch.
2023-09-12 17:34:57 +08:00
Saikrishna Arcot
f27aac7f0b
[ci] For vstest, make sure kernel modules are built and installed (#16479)
* [ci] For vstest, make sure kernel modules are built and installed

Make sure that the agent that vstest runs on has the team module
available. If it is not available, then build and install it.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>

* Use version of script that's checked into sonic-swss-common

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>

---------

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2023-09-11 21:54:40 -07:00
Hua Liu
b0be5824f8
Write error message to syslog when add user failed or connect to TACACS server failed. (#16240)
Write error message to syslog when add user failed or connect to TACACS server failed.

#### Why I did it
With these messages, we can downgrade TACACS server with issue to lower priority.

##### Work item tracking
- Microsoft ADO: 24667696

#### How I did it
Write error message to syslog when add user failed or connect to TACACS server failed.

#### How to verify it
Pass all UT.
Manually verify error message generated.

### Description for the changelog
Write error message to syslog when add user failed or connect to TACACS server failed.
2023-09-11 15:35:54 -07:00
Liu Shilong
78415800a5
[ci] Disable building broadcom raw image because of S6100 device disk space limit. (#16516)
* [ci] Disable building broadcom raw image because of S6100 device disk space limit.
2023-09-11 15:10:03 -07:00
Christian Svensson
566fe1eb1b
[pddf] Enable deselect logic for CPLDMUX (#14631)
This feature was meant to be enabled but was accidentally left disabled.

Also downgrades the select/deselect messages to KERN_INFO to reduce log
spam.

Fixes #14546.

Signed-off-by: Christian Svensson <blue@cmd.nu>
2023-09-11 11:36:39 -07:00
Yaqiang Zhu
76b7cb8b64
[dhcp_server] Add dhcp_server container (#14031)
Why I did it
Add dhcp_server ipv4 feature to SONiC.
HLD: sonic-net/SONiC#1282

How I did it
To be clarify: This container is disabled by INCLUDE_DHCP_SERVER = n for now, which would cause container not build.

Add INCLUDE_DHCP_SERVER to indicate whether to build dhcp_server container
Add docker file for dhcp_server, build and install kea-dhcp4 inside container
Add template file for dhcp_server container services.
Add entry for dhcp_server to FEATURE table in config_db.
How to verify it
Build image with INCLUDE_DHCP_SERVER = y to verify:

Image can be install successfully without crush.
By config feature state dhcp_server enabled to enable dhcp_server.
2023-09-11 09:15:56 -07:00
vganesan-nokia
b13b41fc22
[swss] Chassis db clean up optimization and bug fixes (#16454)
* [swss] Chassis db clean up optimization and bug fixes

This commit includes the following changes:
    - Fix for regression failure due to error in finding CHASSIS_APP_DB in
    pizzabox (#PR 16451)
    - After attempting to delete the system neighbor entries from
    chassis db, before starting clearing the system interface entries,
    wait for sometime only if some system neighbors were deleted.
    If there are no system neighbors entries deleted for the asic coming up,
    no need to wait.
    - Similar changes for system lag delete. Before deleting the
    system lag, wait for some time only if some system lag memebers were
    deleted. If there are no system lag members deleted no need to wait.
    - Flush the SYSTEM_NEIGH_TABLE from the local STATE_DB. While asic
    is coming up, when system neigh entries are deleted from chassis ap
    db (as part of chassis db clean up), there is no orchs/process running to
    process the delete messages from chassis redis. Because of this, stale system
    neigh are entries present in the local STATE_DB. The stale entries result in
    creation of orphan (no corresponding data path/asic db entry) kernel neigh
    entries during STATE_DB:SYSTEM_NEIGH_TABLE entries processing by nbrmgr (after
    the swss serive came up). This is avoided by flushing the SYSTEM_NEIGH_TABLE from
    the local STATE_DB when sevice comes up.

Signed-off-by: vedganes <veda.ganesan@nokia.com>

* [swss] Chassis db clean up bug fixes review comment fix - 1

Debug logs added for deletion of other tables (SYSTEM_INTERFACE and SYSTEM_LAG_TABLE)

Signed-off-by: vedganes <veda.ganesan@nokia.com>

---------

Signed-off-by: vedganes <veda.ganesan@nokia.com>
2023-09-11 08:28:27 -07:00
jcaiMR
9c1c82e9ff
add show dhcp_relay ipv4 counter entry, fix interface name offset issue (#16507)
Why I did it
Add another cli entry: show dhcp_relay ipv4 counter
Fix get all interface offset issue

Work item tracking
Microsoft ADO (17271822):
How I did it
show dhcp_relay ipv4 counter -i [ifname]
show dhcp4relay_counters counts -i [ifname]

How to verify it
show dhcp4relay_counters counts | more 10
Message Type Ethernet144(RX)
2023-09-11 21:08:06 +08:00
Yakiv Huryk
2b1c39e6f6
[vs] support for ARM build (#15692)
- Why I did it
To support the building of ARM-based docker-sonic-vs.gz

- How I did it
Fixed SYNCD_VS build rule to be architecture-specific.

- How to verify it
make configure PLATFORM=vs PLATFORM_ARCH=arm64
make target/docker-sonic-vs.gz

Signed-off-by: Yakiv Huryk <yhuryk@nvidia.com>
2023-09-10 18:27:04 +03:00
mssonicbld
6f2f28975b
[submodule] Update submodule sonic-platform-common to the latest HEAD automatically (#16496) 2023-09-09 10:25:38 +08:00
ganglv
666879b867
Upgrade gnxi to support dash (#16498)
### Why I did it
Need new gnmi client for dash test.

### How I did it
I have updated gnxi repo, and this PR is used to get latest change.

#### How to verify it
Run end2end test for DASH.
2023-09-08 08:56:51 -07:00
mssonicbld
dae7022920
[submodule] Update submodule sonic-mgmt-common to the latest HEAD automatically (#16495)
#### Why I did it
src/sonic-mgmt-common
```
* ee3029d - (HEAD -> master, origin/master, origin/HEAD) DB Access Layer Merges: (#96) (11 hours ago) [a-barboza]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-09-08 18:32:54 +08:00
mssonicbld
084a6e1a3e
[submodule] Update submodule sonic-linux-kernel to the latest HEAD automatically (#16494)
#### Why I did it
src/sonic-linux-kernel
```
* fa40db7 - (HEAD -> master, origin/master, origin/HEAD) Change the system.map file permission only readable by root (#329) (21 hours ago) [xumia]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-09-08 16:32:40 +08:00
mssonicbld
7986aba097
[submodule] Update submodule sonic-platform-daemons to the latest HEAD automatically (#16497) 2023-09-08 14:57:35 +08:00
lixiaoyuner
4f53819efa
Install parted package for k8s master (#16484)
### Why I did it
Need a tool to extend disk size
##### Work item tracking
- Microsoft ADO **(number only)**: 25094467
#### How I did it
Install parted package
#### How to verify it
Use apt list parted command to check if it's installed
2023-09-07 23:22:47 -07:00
snider-nokia
2f69a0eaa6
[Nokia][sonic-platform] Update Nokia sonic-platform submodule (#16348)
This likely fixes Nokia-ION/ndk#21

To fix a failure that results when edge condition results in MDIPC channel being freed with mismatched ownership.
2023-09-07 11:20:06 -07:00
Mai Bui
e07d435553
[telemetry] limit privileged flag for telemetry container (#16350)
Signed-off-by: Mai Bui <maibui@microsoft.com>
2023-09-07 11:04:11 -07:00
Arun Saravanan Balachandran
154c0c628b
[build] Change raw image disk size to 1700MB (#16463)
Maximum RAM availability for NOS to SONiC migration using raw image in Dell S6100 is 1700MB.
Raw images larger than that cannot be used for NOS to SONiC migration.
2023-09-07 09:19:54 -07:00
Arun Saravanan Balachandran
d04e3523cd
[build] Remove compression of raw image (#16462) 2023-09-07 09:19:17 -07:00
Arun Saravanan Balachandran
d758e44c2c
[build] Make the build to fail if raw image generation is not successful (#16461) 2023-09-07 09:15:03 -07:00
Dror Prital
d7b85af18b
[Mellanox] Update SDK/FW to 4.6.1062/2012.1062 Update SDK/FW/SAI to 4.6.1062/2012.1062/SAIBuild2211.25.1.4 (#16478)
- Why I did it
SAI bug Fixes
1. When creating an ACL rule with SAI_ACL_ENTRY_ATTR_FIELD_SRC_IP/SAI_ACL_ENTRY_ATTR_FIELD_DST_IP enabled, and then disabling the field by setting enable=false, a match on L3_type=IPv4 will remain programmed for the rule Issue resolved after the fix
2. Allow the max scale of virtual routers to be configure for SPC-1, SPC-2, SPC-3 which is 255 when fastboot enable and 511 when fastboot disable
3. Remove default hash key of SRC_MAC, DST_MAC and ETH_TYPE

SAI features
1. Port init profile
2. Dual ToR Active-Standby | Additional MAC support

SDK/FW bug fixes
1. When preforming fast boot from an old SDK version (currently installed) to a newer one (target version), and the system was initially loaded with a new SDK version (past version), and the system has not been wiped, under specific conditions, the fast boot would use the past version's data and may fail.

- How I did it
Update SAI version to SAIBuild2211.25.1.4
Update SDK/FW version to 4.6.1062/2012.1062
2023-09-07 14:05:33 +03:00
mssonicbld
92d20cc9a3
[submodule] Update submodule sonic-gnmi to the latest HEAD automatically (#16480)
#### Why I did it
src/sonic-gnmi
```
* 6fd461c - (HEAD -> master, origin/master, origin/HEAD) Get origin from prefix (#149) (17 hours ago) [ganglv]
```
#### How I did it
#### How to verify it
#### Description for the changelog
2023-09-07 18:34:19 +08:00
Aman Singhal
e22136dd9f
[cisco]: Enable Kdump config by default for cisco-8000 (#16224)
Why I did it
Enabling kdump by default for cisco-8000 by setting crashkernel cmdline arg in device installer.conf.
After bootup, sonic-kdump-config wipes crashkernel arg from /host/grub/grub.cfg, and resets USE_KDUMP in /etc/default/kdump-tools, so kdump will not be enabled on subsequent reboot.

How I did it
Setting kdump enable config as part of init_cfg.json for cisco-8000 platforms.

How to verify it
Install SONiC image with kdump enabled by default (device/hwsku/installer.conf), then reboot.
Kdump config should persist on subsequent reboots and kdump loaded during bootup

Signed-off-by: Aman Singhal <amans@cisco.com>
2023-09-07 01:30:24 -07:00
Liu Shilong
52568ceab0
[action] Update workflow to parse & monitor pending automation PRs. (#16446)
Why I did it
There are many automation PRs pending for PR checker failure issue.
As PR number grows, github api to list prs comes to its limit.
We need to monitor and send alert for these PRs.

Work item tracking
Microsoft ADO (number only): 25064441
How I did it
For auto-cherry pick PRs:
- more than 3 days, comment @author to check
- more than 10 days, stop comment.
- more than 28 days, comment @author PR will be closed
- more than 30 days, close PR

For submodule update HEAD PRs:
- more than 3 days, send alert(submodule PR)

How to verify it
Which release bra
2023-09-07 13:34:34 +08:00
judyjoseph
7d2e3cb011
Update macsec CAK keys in profile for tests to change to type7 encoded format (#16388)
* Change the CAK key length check in config plugin, macsec test profile changes

* Fix the format in add_profile api

The changes needed in various macsec unit tests and config plugin when we move to accept the type 7 encoded key format for macsec. This goes along with PR : sonic-net/sonic-swss#2892 raised earlier.
2023-09-06 21:11:02 -07:00
Saikrishna Arcot
065c35cc34
Add nlohmann-json3-dev package into the slave container (#16308)
### Why I did it

The json.hpp header file from that package is used in the sonic-swss-common build. An old version of that header file (from 2016) has been checked into the sonic-swss-common repo. However, since then, there have been changes to that header file, and starting with GCC 12 in Bookworm, generates some errors about variables being possibly uninitialized before use.

##### Work item tracking
- Microsoft ADO **(number only)**: 25027439

#### How I did it

To fix this, install the nlohmann-json3-dev package, and allow using the header file from the Debian package instead of a static checked-in version. The version in Debian Bullseye is much newer than this version.

#### How to verify it

With this change alone, sonic-swss-common will still be using the json.hpp file in its own codebase. The change to actually use the system header file instead of the local header file will happen in a separate PR in the necessary repoes.
2023-09-06 19:23:07 -07:00
Saikrishna Arcot
24ae0a9606
Don't build libhiredis anymore (#15633)
### Why I did it

We're not adding any patch on top of hiredis, and there's no apparent reason to build this. Remove the build step here, and just install the package from the Debian repos.

##### Work item tracking
- Microsoft ADO **(number only)**: 24381590

#### How to verify it

Build the SONiC image, and load it. Verify that services come up.
2023-09-06 16:23:34 -07:00