Commit Graph

15 Commits

Author SHA1 Message Date
Saikrishna Arcot
4acdc2a81e
Arm64 fixes and optimizations (#9274)
* [arm64]: Fix registration of the qemu interpreters

The current code doesn't properly run the container that registers the
qemu interpreters. It checks to see if the container is "known" by
Docker, but that doesn't indicate whether it's been run or not.
Therefore, just always register the qemu interpreters in the kernel, to
make sure the binary that's in the slave images that we build is used.

* [build]: Reduce the number of python calls

Modify the BLDENV and PROJECT_ROOT variables in slave.mk to be
immediate execution instead of lazy execution. Neither of these
variables should be changing for the duration of the build in each slave
container, so just run it once instead of every time they're referenced.

When running `make configure` for broadcom arm64 (where all of the slave
images are already built) on an amd64 host, this reduces the time spent
in each slave container from 4.5-5 minutes to 2 minutes.

* [sonic-slave]: Upgrade the qemu used for Bullseye arm64 to 6.1.0

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2021-12-13 18:20:39 -08:00
Brian O'Connor
46bcda359c
[PINS] Build P4RT container for PINS (#9083)
- Add INCLUDE_PINS to config to enable/disable container
- Add Docker files and supporting resources
- Add sonic-pins submodule and associated make files

Submission containing materials of a third party:
    Copyright Google LLC; Licensed under Apache 2.0

#### Why I did it

Adds P4RT container to SONiC for PINS

The P4RT app is covered by this HLD:
https://github.com/pins/SONiC/blob/master/doc/pins/p4rt_app_hld.md

#### How I did it

Followed the pattern and templates used for other SONiC applications

#### How to verify it

Build SONiC with INCLUDE_P4RT set to "y".
Verify that the resulting build has a container called "p4rt" running.
You can verify that the service is up by running the following command on the SONiC switch:
```bash
sudo netstat -lpnt | grep p4rt
```
You should see the service listening on TCP port 9559.

#### Which release branch to backport (provide reason below if selected)

None

#### Description for the changelog

Build P4RT container for PINS
2021-12-07 11:11:25 -08:00
liuh-80
739c45645c
[TACACS+] Add audisp-tacplus for per-command accounting. (#8750)
This pull request integrate audisp-tacplus to SONiC for per-command accounting.

#### Why I did it
To support TACACS per-command accounting, we integrate audisp-tacplus project to sonic.

#### How I did it
1. Add auditd service to SONiC
2. Port and patch audisp-tacplus to SONiC

#### How to verify it
UT with CUnit to cover all new code in usersecret-filter.c
Also pass all current UT.

#### Which release branch to backport (provide reason below if selected)
N/A

#### Description for the changelog
Add audisp-tacplus for per-command accounting.

#### A picture of a cute animal (not mandatory but encouraged)
2021-12-01 11:50:09 +08:00
LuiSzee
14fb629ab6
[arm64][qemu] upgrade qemu to 6.1.0-8 for fix systemd-sonic-generator compile error (#9320)
for compile error when build systemd-sonic-generator_1.0.0_arm64.deb on qemu arm64 bullseye.
```
boost::filesystem::copy_file: Function not implemented: "tests/testfiles/single_inst.service", "tests/ssg-test/systemd/single_inst.service"
boost::filesystem::copy_file: Function not implemented: "tests/testfiles/multi_inst_b.service", "tests/ssg-test/systemd/multi_inst_b.service"
boost::filesystem::copy_file: Function not implemented: "tests/testfiles/multi_inst_a.service", "tests/ssg-test/systemd/multi_inst_a.service"
boost::filesystem::copy_file: Function not implemented: "tests/testfiles/multi_inst_b@.service", "tests/ssg-test/systemd/multi_inst_b@.service"
boost::filesystem::copy_file: Function not implemented: "tests/testfiles/multi_inst_a@.service", "tests/ssg-test/systemd/multi_inst_a@.service"
boost::filesystem::copy_file: Function not implemented: "tests/testfiles/test.timer", "tests/ssg-test/systemd/test.timer"
boost::filesystem::copy_file: Function not implemented: "tests/testfiles/test.service", "tests/ssg-test/systemd/test.service"
ssg-test.cc:244: Failure
Expected equality of these values:
  fs::exists(path)
    Which is: false
  expected_result
    Which is: true
Failed validation: "tests/ssg-test/generator/multi-user.target.wants/multi_inst_b.service"
```

Co-authored-by: shil <shil@centecnetworks.com>
2021-11-20 08:46:56 -08:00
Qi Luo
da1503d7be
[sonic-slave]: Fix redis version during pip3 install (#9317)
The recent release of redis 4.0.0 or newer (for python3) breaks sonic-config-engine unit test. Fix to last known good version.
ref: https://pypi.org/project/redis/#history
2021-11-18 17:07:58 -08:00
dflynn-Nokia
df12ac5abd
[build]: marvell-armhf bullseye fixes (#9243)
This commit fixes/avoids the following errors encountered during the
marvell-armhf build for bullseye

- Fix Marvell prestera DMA driver build failure due to kallsyms_lookup_name()
  no longer being exported by the updated bullseye kernel. This is a temporary
  fix that will be replaced by a future version of the DMA driver.

- Update qemu-user-static version to align with the new glibc version included
  in bullseye

- Skip systemd-sonic-generator unit tests to avoid test failures. Root cause is
  still TBD

#### Why I did it
Fix the following build errors observed when building marvell-armhf for bullseye
1. Marvell Prestera DMA driver uses kernel API no longer exported
ERROR: modpost: "kallsyms_lookup_name" [/sonic/platform/marvell-armhf/prestera/mrvl-prestera/cpssEnabler/linuxNoKernelModule/drivers//mvDmaDrv.ko] undefined!

2. Old qemu-user-static version does not support semop() leading to following build failure
semop(1): encountered an error: Function not implemented

3. systemd-sonic-generator unit test failure
ssg-test.cc:217: Failure
Expected equality of these values:
  find_string_in_file(str_t, target, num_asics)
    Which is: false
  expected_result
    Which is: true
Error validating Before=single_inst.service in test.service
[  FAILED  ] SsgMainTest.ssg_main_40_npu (20 ms)
[----------] 4 tests from SsgMainTest (36 ms total)

[----------] Global test environment tear-down
[==========] 10 tests from 3 test suites ran. (54 ms total)
[  PASSED  ] 7 tests.
[  FAILED  ] 3 tests, listed below:
[  FAILED  ] SsgMainTest.ssg_main_single_npu
[  FAILED  ] SsgMainTest.ssg_main_10_npu
[  FAILED  ] SsgMainTest.ssg_main_40_npu

 3 FAILED TESTS
2021-11-13 10:48:58 -08:00
KostiantynYarovyiBf
9894116205 Update Barefoot platform module for Bullseye and 5.10 kernel (#8)
Update Barefoot platform support for Bullseye and 5.10 kernel, and add
python3-venv.
2021-11-10 15:27:22 -08:00
LuiSzee
5b284767f6 Update Centec platform support for Bullseye and 5.10 kernel (#7)
1. Fix build for armhf and arm64
2. upgrade centec tsingma bsp support to 5.10 kernel
3. modify centec platform driver for linux 5.10

Co-authored-by: Shi Lei <shil@centecnetworks.com>
2021-11-10 15:27:22 -08:00
Saikrishna Arcot
97d70e3e8b Update repos for Bullseye slave container
Update the repos for amd64, and add support for at least arm64.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2021-11-06 11:31:42 -07:00
donNewtonAlpha
51c9c98648
[sonic-slave]: Add gmock for sonic-swss-common tests (#8950)
Sonic-swss-common requires gmock for staged unit tests

Signed-off-by: Don Newton <don@opennetworking.org>
2021-10-28 12:14:21 -07:00
Guohan Lu
e6733e96fe [build]: update sonic-slave-bullseye for armhf and arm64
Signed-off-by: Guohan Lu <lguohan@gmail.com>
2021-10-19 12:18:16 +00:00
liuh-80
7d40384c58
[TACACS+] Add plugin support to bash. (#8660)
This pull request add plugin support library to bash.
    And we will create a TACACS+ plugin for bash in an other PR, which will bring per command authorization feature to bash.

Why I did it
    To support TACACS per command authorization, we check user command before execute it.

How I did it
    Add plugin support to bash.

How to verify it
    UT with CUnit under bash project cover all new code in plugin.c.
    Also pass all current UT.

Which release branch to backport (provide reason below if selected)
    N/A

Description for the changelog
    Add plugin support to bash.
2021-10-11 15:20:51 +08:00
Saikrishna Arcot
91f9b6f4e4 Add cron and the python 3 mock packages to the Bullseye slave image
When using dpkg with the --root flag to install a deb package in a
chroot, dpkg checks to see if the users and groups specified in the
/var/lib/dpkg/statoverride file are valid. The problem is, it checks
against the host system's /etc/passwd and /etc/group files, instead of
/etc/passwd and /etc/group inside the chroot.

In the slave image for Buster, cron appears to have been automatically
installed, and so the crontab group existed. This doesn't appear to be
true for Bullseye, so explicitly install it. This makes sure that the
crontab group exists on the slave image itself.

Also install the mock python 3 package, this is needed by some test.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2021-08-12 23:18:01 -07:00
Guohan Lu
fff17563b7 [openssh]: add build dep installation to sonic-slave-bullseye
This is the continuation of PR 8381 and is needed for debian 11 build.

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2021-08-10 01:39:26 -07:00
Saikrishna Arcot
d4261a693b Define the Bullseye-based slave container
This will be used to build our image as well as tools that need to go
into this image.

Notable changes from Buster:
* Python 2/pip2 module installations have been removed, since nothing
besides the main Python 2 binary (and virtualenv support) is now
available through Bullseye.
* In the cases where both the main library package and the development
package are being installed, now, only the dev package is specified. The
main library is typically marked as a dependency of the dev package.
This reduces the number of changes we have to make as SONAMEs change.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
2021-07-15 00:02:18 -07:00