Commit Graph

3386 Commits

Author SHA1 Message Date
xumia
5f16e9622f
Add the test signing certificates for secure boot (#4866)
* Add the test signing certificates for secure boot
* Remove unnecessary ca key file
* Regenerate the certificates to not expose the ca key
2020-06-29 15:01:20 -07:00
Praveen Chaudhary
0f4460e7ad
[rules/sonic-utilities.mk]: Add sonic_yang_models as dep to sonic utils (#4869)
Since we can not refer a dir in sonic-buildimage while jenkins testing of sonic-utilities.
We need to create build dependency on sonic_yang_models PKG too.

Signed-off-by: Praveen Chaudhary pchaudhary@linkedin.com
2020-06-29 14:44:52 -07:00
abdosi
15440b6e43
Changes to make default route programming correct in multi-npu platforms (#4774)
* Changes to make default route programming
correct in multi-asic platform where frr is not running
in host namespace. Change is to set correct administrative distance.
Also make NAMESPACE* enviroment variable available for all dockers
so that it can be used when needed.

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

* Fix review comments

* Review comment to check to add default route
only if default route exist and delete is successful.
2020-06-29 11:38:46 -07:00
SuvarnaMeenakshi
ab2177b4a9
[systemd-generator]: Fix dependency update for multi-asic platform (#4820)
* [systemd-generator]: Fix the code to make sure that dependencies
of host services are generated correctly for multi-asic platforms.
Add code to make sure that systemd timer files are also modified
to add the correct service dependency for multi-asic platforms.

Signed-off-by: SuvarnaMeenakshi <sumeenak@microsoft.com>

* [systemd-generator]: Minor fix, remove debug code and
remove unused variable.
2020-06-29 09:39:23 -07:00
Junchao-Mellanox
ce391645f2
[Mellanox] add ASIC temperature support to platform API (#4828)
**- Why I did it**

System health feature requires to read ASIC temperature and threshold from platform API

**- How I did it**

Implement Chassis.get_asic_temperature and Chassis.get_asic_temperature_threshold by getting value from system fs.
2020-06-28 17:54:28 -07:00
ciju-juniper
dd4cf912a6
[Juniper][QFX5210] Fixing a few platform issues (#4857)
This patch addresses the following issues:
 1) Platform drivers were not loading in the latest images. Fixed
    the intialization script to make sure that all the drivers are
    loaded.
 2) Getting rid of "pstore: crypto_comp_decompress failed, ret = -22!"
    messages during the kernel boot, after moving to 4.19 kernel. The
    solution is to remove the files under '/sys/fs/pstore' directory.

Signed-off-by: Ciju Rajan K <crajank@juniper.net>
2020-06-28 11:11:34 -07:00
yozhao101
1c32933c7d
[docker] Correct the lldp-syncd program name in critical_process file. (#4862)
The program name in critical_processes file must match the program name defined in supervisord.conf file.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>
2020-06-28 11:08:30 -07:00
Praveen Chaudhary
07930c39ba
[build] Add essential PY PKGs on host for sonic-utilities/config/config_mgmt.py (#4740)
Add essential PY PKGs on host by installing them in sonic_debian_extension.j2

Signed-off-by: Praveen Chaudhary pchaudhary@linkedin.com
2020-06-28 11:03:48 -07:00
Joe LeVeque
ced0f7ba3d
[sonic-platform-common][sonic-platform-daemons][sonic-utilities] Update submodules (#4852)
* src/sonic-platform-common 75698a8...82bbeab (9):
  > [sfputil] Make SfpUtilHelper.get_physical_to_logical noexcept as in SfpUtilBase (#96)
  > [sfp_base] Update return value documentation of channel-specific methods (#98)
  > [sfp] Tweak key names of some transceiver info fields (#97)
  > fix typo:  portconfig.ini to port_config.ini (#94)
  > [chassis_base] Add platform API support for system LED (#91)
  > Add PCIe check commad  (#64)
  > [sfputilbase.py] Don't try to print EEPROM sysfs file name if we failed to read from it (#81)                                                                                    
  > [sfputilbase | sfputilhelper] Add support of platform.json (#72)
  > [eeprom] Add try-except to catch the IOError (#85)

* src/sonic-platform-daemons 0f4fd83...abe115e (2):
  > [xcvrd] Tweak some transceiver info key names (#62)
  > [psud][thermalctld] Always get fan/PSU LED status from platform API to avoid status inconsistencies (#59)                                                                        

* src/sonic-utilities fd7781b...16a33f2 (9):
  > [config] Fix syntax error (#966)
  > [config] Fix indentation level in _get_disabled_services_list() (#965)
  > a4e64d1 [sonic_installer] Refactor sonic_installer code (#953)
  > 90efd62 [Show | Command Reference] Add Port breakout Show Command (#859)
  > [sfpshow][mock_state_db] Tweak key names of some transceiver info fields (#958)
  > [show] Add missing verbose option to "show line" (#961)
  > [filter-fdb] Check VLAN Presence When Filter FDB (#957)
  > [master]fix #4716 show ipv6 interfaces neighbor_ip is N/A issue (#948)
  > Fix for command. show interface transceiver eeprom -d Ethernet (#955)

Note: sonic-utilities update fixes #4716
2020-06-27 22:57:26 -07:00
Aravind Mani
0c3ec0e644
[DellEMC] S52xx fix SFP reset in 1.0 API (#4858)
Issue: Port with AOC cable does not come up when "sfputil reset <port_name>" is executed.

Modified the incorrect mask used in reset API to resolve the issue.
2020-06-27 12:02:53 -07:00
pavel-shirshov
1eb3dfe541
[docker-teamd]: Introducing tlm_teamd: telemetry for teamd (#4824)
**- What I did**
1. Updated submodule sonic-swss to bring tlm_teamd to the buildimage.
2. Updated supervisord for the teamd
3. Updated critical process list (not sure that tlm_teamd is critical for now)

**- How to verify it**
Build an image and run. Check that tlm_teamd is running and STATE_DB has information in the LAG_INTERFACE, and :LAG_MEMBER_INTERFACE
```
admin@sonic:~$ redis-cli -n 6 hgetall 'LAG_TABLE|PortChannel16'
 1) "state"
 2) "ok"
 3) "team_device.ifinfo.dev_addr"
 4) "4c:76:25:f5:48:80"
 5) "setup.kernel_team_mode_name"
 6) "loadbalance"
 7) "team_device.ifinfo.ifindex"
 8) "6"
 9) "runner.fast_rate"
10) "false"
11) "runner.active"
12) "true"
13) "setup.pid"
14) "35"
15) "runner.fallback"
16) "false"
```

```
admin@sonic:~$ redis-cli -n 6 hgetall 'LAG_MEMBER_TABLE|PortChannel16|Ethernet16'
 1) "runner.selected"
 2) "true"
 3) "runner.aggregator.selected"
 4) "true"
 5) "runner.aggregator.id"
 6) "26"
 7) "runner.actor_lacpdu_info.state"
 8) "61"
 9) "runner.state"
10) "current"
11) "runner.actor_lacpdu_info.system"
12) "4c:76:25:f5:48:80"
13) "runner.partner_lacpdu_info.state"
14) "61"
15) "link.up"
16) "true"
17) "ifinfo.dev_addr"
18) "4c:76:25:f5:48:80"
19) "ifinfo.ifindex"
20) "26"
21) "link_watches.list.link_watch_0.up"
22) "true"
23) "runner.actor_lacpdu_info.port"
24) "17"
25) "runner.partner_lacpdu_info.port"
26) "1"
27) "runner.partner_lacpdu_info.system"
28) "52:54:00:ff:34:1b"
```
2020-06-27 01:22:23 -07:00
Qi Luo
6849a0351c
[redis] Install vanilla redis packages for Buster and Stretch; upgrade Buster to 6.0.5 (#4732)
upgrade redis server to 5:6.0.5-1~bpo10+1
2020-06-27 01:17:20 -07:00
lguohan
c79783003d
[submodule]: update sonic-linux-kernel (#4856)
* c60b1f4 2020-06-26 | e1000: Do not perform reset in reset_task if we are already down (#148) (HEAD -> master, origin/master, origin/HEAD) [lguohan]
* c6aeedd 2020-06-25 | Updated NAT kernel patch for 4.19 buster (#147) [Akhilesh Samineni]

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-06-26 23:59:22 -07:00
Praveen Chaudhary
94d448e9bd
[slave.mk]: Adding support to specify debs dependencies for python-debs package. (#4849)
**- How I did it**
added below line:
$$(addsuffix -install,$$(addprefix $(DEBS_PATH)/,$$($$*_DEBS_DEPENDS))) \

**- How to verify it**
Added below dependencies in sonic-utils
```
SONIC_UTILS = python-sonic-utilities_1.2-1_all.deb
$(SONIC_UTILS)_SRC_PATH = $(SRC_PATH)/sonic-utilities
$(SONIC_UTILS)_DEBS_DEPENDS = $(LIBYANG) $(LIBYANG_CPP) $(LIBYANG_PY2) \  <<<<<<<<<<<
                                     $(LIBYANG_PY3)
$(SONIC_UTILS)_WHEEL_DEPENDS = $(SONIC_CONFIG_ENGINE) $(SONIC_YANG_MGMT_PY)
SONIC_PYTHON_STDEB_DEBS += $(SONIC_UTILS)
```
Build the PKGs successfully.

Signed-off-by: Praveen Chaudhary pchaudhary@linkedin.com
2020-06-26 11:32:35 -07:00
Kebo Liu
88bbcbf246
[Mellanox] Update SDK to 4.4.0952, FW to *.2007.1280 (#4842) 2020-06-26 13:44:21 +03:00
yozhao101
4fa81b4f8d
[dockers] Update critical_processes file syntax (#4831)
**- Why I did it**
Initially, the critical_processes file contains either the name of critical process or the name of group.
For example, the critical_processes file in the dhcp_relay container contains a single group name
`isc-dhcp-relay`. When testing the autorestart feature of each container, we need get all the critical
processes and test whether a  container can be restarted correctly if one of its critical processes is
killed. However, it will be difficult to differentiate whether the names in the critical_processes file are
the critical processes or group names. At the same time, changing the syntax in this file will separate the individual process from the groups and also makes it clear to the user.

Right now the critical_processes file contains two different kind of entries. One is "program:xxx" which indicates a critical process. Another is "group:xxx" which indicates a group of critical processes
managed by supervisord using the name "xxx". At the same time, I also updated the logic to
parse the file critical_processes in supervisor-proc-event-listener script.

**- How to verify it**
We can first enable the autorestart feature of a specified container for example `dhcp_relay` by running the comman `sudo config container feature autorestart dhcp_relay enabled` on DUT. Then we can select a critical process from the command `docker top dhcp_relay` and use the command `sudo kill -SIGKILL <pid>` to kill that critical process. Final step is to check whether the container is restarted correctly or not.
2020-06-25 21:18:21 -07:00
Shuba Viswanathan
921d132a32
[sonic-mgmt]: Support for pytest-html to control logs better (#4791)
The current stdout file which also includes the dut logs are very verbose and noisy.

We have manually installed it in the sonic-mgmt docker in our organization and tuned the pytest settings to produce very helpful and concise logs.

pytest-html plugins can be used to post-process the output in various ways based on our different and unique organizational needs.

Hence proposing to add this pkt to the docker file
2020-06-25 17:45:16 -07:00
yozhao101
b8ad0ed4e4
[Monit] Use the string "/usr/bin/syncd\s" to monitor the syncd process (#4706)
**- Why I did it**
After discussed with Joe, we use the string "/usr/bin/syncd\s" in Monit configuration file to monitor 
syncd process on Broadcom and Mellanox. Due to my careless, I did not find this bug during the 
previous testing. If we use the string "/usr/bin/syncd" in Monit configuration file to monitor the 
syncd process, Monit will not detect whether syncd process is running or not. 

If we ran the command  `sudo monit procmactch “/usr/bin/syncd”` on Broadcom, there will be three 
processes in syncd container which matched this "/usr/bin/syncd": `/bin/bash /usr/bin/syncd.sh
wait`, `/usr/bin/dsserve /usr/bin/syncd –diag -u -p /etc/sai.d/sai.profile` and `/usr/bin/syncd –diag -
u -p /etc/sai.d/said.profile`. Monit will select the processes with the highest uptime (at there 
`/bin/bash /usr/bin/syncd.sh wait`) to match and did not select `/usr/bin/syncd –diag -u -p
/etc/sai.d/said.profile` to match. 

Similarly, On Mellanox Monit will also select the process with the highest uptime (at there 
`/bin/bash /usr/bin/syncd.sh wait`) to match and did not select `/usr/bin/syncd –diag -u -p
/etc/sai.d/said.profile` to match.

That is why Monit is unable to detect whether syncd process is running or not if we use the string “/usr/bin/syncd” in Monit configuration file. If we use the string "/usr/bin/syncd\s" in Monit configuration file, Monit can filter out the process `/bin/bash /usr/bin/syncd.sh wait` and thus can correctly monitor the syncd process.

**- How I did it**

**- How to verify it**

Signed-off-by: Yong Zhao <yozhao@microsoft.com>
2020-06-25 17:03:14 -07:00
Praveen Chaudhary
ddf8c8bb3c
[rules/sonic-utilities.mk]: Add libyang as build time dependencies for sonic-utilities. (#4850)
sonic-utils has sonic-yang-mgmt as build time deps, which inturn installs libyang.
libyang is needed to run newly added test.
If sonic-yang-mgmt is already built then libyang will not be installed in slave docker
without this PR and test will not run.

Signed-off-by: Praveen Chaudhary pchaudhary@linkedin.com
2020-06-25 16:46:27 -07:00
carycelestica
b88770a67b
add PCIe config file (#4724) 2020-06-25 15:02:21 -07:00
pavel-shirshov
d592e9b0f8
Tests for bgpcfgd templates (#4841)
* Tests for bgpcfgd templates
2020-06-25 14:54:02 -07:00
Qi Luo
719c8e68c8
[secureboot] only remove exec bit in secureboot (#4836)
Address issue #4832
2020-06-25 10:07:50 -07:00
Eric Seifert
de07029352
Add TELEMETRY_WRITABLE build option to enable telemetry write mode (default read-only) (#4209)
Add build flag TELEMETRY_WRITABLE. When set to "y" it will add a go build flag in the telemetry build that will enable telemetry write mode to allow configuration via gNMI Set RPC as well as operations via the gNOI RPC's. The default for TELEMETRY_WRITABLE is unset in which case telemetry is read-only. In read-only mode the Set RPC and all gNOI RPC's are disabled and will return an "Unsupported" error when called.

authored-by: Eric Seifert <eric@seifert.casa>
2020-06-25 08:04:43 -07:00
lguohan
cebb85b161
[docker-orchagent]: start portsyncd before orchagent (#4845)
when portsyncd starts, it first enumerates all front panel ports
and marks them as old interfaces. Then, for new front panel ports
it checks if their indexes exist in previous sets. If yes, it will
treats them as old interfaces and ignore them.

The reason we have this check is because broadcom SAI only removes
front panel ports after sai switch init.

So, if portsyncd starts after orchagent, new interfaces could be
created before portsyncd and treated as old interface.

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-06-24 22:48:37 -07:00
Joe LeVeque
63d2efbe03
[build][systemd] Mask disabled services by default (#4721)
When building the SONiC image, used systemd to mask all services which are set to "disabled" in init_cfg.json.

This PR depends on https://github.com/Azure/sonic-utilities/pull/944, otherwise `config load_minigraph will fail when trying to restart disabled services.
2020-06-24 15:25:16 -07:00
Danny Allen
c50b431747
[dvs] Install libteamdctl runtime dependency in VS docker (#4837)
* Add libteamdctl dependency to VS docker
* Reorder dependencies and rename libteamctl

Signed-off-by: Danny Allen <daall@microsoft.com>
2020-06-24 14:07:22 -07:00
padmanarayana
5cacc2004c
Add a port index mapper service for sFlow (#4794)
* Add a port index mapper service for sFlow
2020-06-23 22:23:08 -07:00
Junchao-Mellanox
563a0fd21e
[Mellanox] Change port index in port_config.ini to 1-based (#4781)
* Change port index in port_config.ini to 1-based
* Add default port index to port_config.ini, change platform plugins to accept 1-based port index
* fix port index in sfp_event.py
2020-06-23 17:21:36 -07:00
kktheballer
8339d5f4b1
[minigraph.py]: Add Tagged Vlan support in Minigraph (#4731)
To enable tagged vlan support by minigraph parser. This enables us to generate a config_db file that will enable SONiC device to operate using tagged and untagged vlan.
2020-06-23 16:36:47 -07:00
Samuel Angebault
f7d43173a2 [secureboot] only remove exec bit in secureboot
Address issue #4832
2020-06-23 11:34:07 -07:00
lguohan
1e81e1da8e
[submodule]: update sonic-swss-common (#4826)
* 77d3417 2020-06-22 | [sonic-swss-common] ARMHF warning fixes (#352) (HEAD -> master, origin/master, origin/HEAD) [arheneus@marvell.com]
* da8e264 2020-06-21 | [python3]: build python3-swsscommon for python3 support (#355) [lguohan]
* 292b08a 2020-06-16 | Changes to support SONiC Gearbox Manager (#347) [Syd Logan]
* 58ca4d9 2020-06-10 | Add missed BGP tables into the schema (#351) [pavel-shirshov]
* cddfc4e 2020-06-09 | [loglevel] Avoid accessing null ptr in swssloglevel (#349) [Stephen Sun]
* 8fce898 2020-06-08 | [schema] update schema with rates and utilization table names (#330) [Mykola F]

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-06-22 19:46:52 -07:00
Sachin Holla
0d809d0d59
Mgmt reorg -- submodule and build rules for sonic-mgmt-common (#4765)
- Why I did it
New repo sonic-mgmt-common is introduced for the common translib related code. This commit adds build rules for this new repo.

- How I did it

Added sonic-mgmt-common submodule
Added build rules for the new sonic-mgmt-common repo. It creates two deb packages -- sonic-mgmt-common_1.0.0_{arch}.deb and sonic-mgmt-common-codegen_1.0.0_{arch}.deb. Package cache is enabled.
Added dependency on sonic-mgmt-common for mgmt-framework and telemetry debs and dockers.
- How to verify it
Full build and incremental builds
Basic ACL and interface opreations through REST, KLISH CLI and gNMI

- Description for the changelog
Git submodule and build rules for the new sonic-mgmt-common repo.
2020-06-22 16:01:55 -07:00
Praveen Chaudhary
c6dcd7d9a1
[docker-sonic-vs/Dockerfile.j2]: Install new YANG PKGs in VS docker. (#4684)
Changes:
. Install new YANG PKGs in VS docker.
. Install fixed version on other PY PKGs.

Signed-off-by: Praveen Chaudhary pchaudhary@linkedin.com
2020-06-22 15:38:36 -07:00
joyas-joseph
b48d274f69
[docker-dhcp-relay]: convert dhcp-relay docker to buster (#4671)
Upgrade isc-dhcp to 4.4.1-2 (buster version)
Update libevent dependency for dhcpmon to 2.1-6

Signed-off-by: Joyas Joseph <joyas_joseph@dell.com>
2020-06-22 15:34:21 -07:00
Samuel Angebault
67987e9c0e
[secureboot] Add secureboot support for Arista devices (#4741)
* Add secureboot support in boot0
* Initramfs changes for secureboot on Aboot devices
* Do not compress squashfs and gz in fs.zip
It doesn't make much sense to do so since these files are already
compressed.
Also not compressing the squashfs has the advantage of making it
mountable via a loop device.
* Add loopoffset parameter to initramfs-tools
2020-06-22 09:30:31 -07:00
madhanmellanox
d2366d4ff7
added files to create SKU Mellanox-SN3800-C64 (#4812)
* added files to create SKU Mellanox-SN3800-C64
Co-authored-by: Madhan Babu <madhan@arc-build-server.mtr.labs.mlnx>
2020-06-22 08:42:30 -07:00
madhanmellanox
b5f1b37386
added files to create SKU Mellanox-SN3800-D24C52 (#4808)
* added files to create SKU Mellanox-SN3800-D24C52

Co-authored-by: Madhan Babu <madhan@arc-build-server.mtr.labs.mlnx>
2020-06-21 12:19:11 -07:00
madhanmellanox
5efd1e7527
added files to create SKU Mellanox-SN3800-D28C50 (#4809)
* added files to create SKU Mellanox-SN3800-D28C50

Co-authored-by: Madhan Babu <madhan@arc-build-server.mtr.labs.mlnx>
2020-06-21 12:17:56 -07:00
madhanmellanox
b5d0bada19
modified files relevant to SKU Mellanox-SN3800-D112C8 (#4810)
* modified files relevant to SKU Mellanox-SN3800-D112C8

Co-authored-by: Madhan Babu <madhan@arc-build-server.mtr.labs.mlnx>
2020-06-21 12:16:16 -07:00
madhanmellanox
2c830f4074
Modified SKU based utils to Platform based utils (#4786)
Co-authored-by: Madhan Babu <madhan@arc-build-server.mtr.labs.mlnx>
2020-06-21 12:15:23 -07:00
Olivier Singla
68576bc2f9
[kerne]: kernel update from 4.19.0-6 to 4.19.0-6-2 (#4711) 2020-06-21 06:41:23 -07:00
Kebo Liu
2b568ec136
Add with_i2cdev for mst start to have I2C device loaded properly (#4790) 2020-06-21 16:27:05 +03:00
Nazarii Hnydyn
697193543f
[submodule]: Advance sonic-utilities submodule. (#4785)
Signed-off-by: Nazarii Hnydyn <nazariig@mellanox.com>
2020-06-21 15:51:29 +03:00
pavel-shirshov
0d863c39ac
[bgpcfgd]: make a package for bgpcfgd (#4813) 2020-06-20 21:01:24 -07:00
Tamer Ahmed
211d1e7e2e
[fast-reboot] Back up FDB/ARP/Default routes (#4795)
FDB/ARP/Default routes files are deleted after swssconfig. This
makes debugging/validation of device conversion hard. This PR
saves those files in order to facilitate debugging of device conversion.

signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
2020-06-20 15:30:53 -07:00
Joe LeVeque
4d2d95e8e6
[hostcfgd] Synchronize all feature statuses once upon start (#4714)
- Ensure all features (services) are in the configured state when hostcfgd starts
- Better functionalization of code
- Also replace calls to deprecated `has_key()` method in `tacacs_server_handler()` and `tacacs_global_handler()` with `in` keyword.

This PR depends on https://github.com/Azure/sonic-utilities/pull/944, otherwise `config load_minigraph` will fail when trying to restart disabled services.
2020-06-20 12:09:29 -07:00
abdosi
531d1ad89a
[Submodule update] sonic-dbsyncd (#4801)
lldp: For multi-npu platforms make sure to add Backplane Interface also
as Interface Match List.
2020-06-19 11:03:02 -07:00
padmanarayana
95e3cda5da
[DELL]: FTOS to SONiC fast conversion fixes (#4807)
While migrating to SONiC 20181130, identified a couple of issues:
1. union-mount needs /host/machine.conf parameters for vendor specific checks : however, in case of migration, the /host/machine.conf is extracted from ONIE only in https://github.com/Azure/sonic-buildimage/blob/master/files/image_config/platform/rc.local#L127. 
2. Since grub.cfg is updated to have net.ifnames=0 biosdevname=0, 70-persistent-net.rules changes are no longer required.
2020-06-19 11:02:08 -07:00
Volodymyr Boiko
603b2955e6
[BFN] Update SAI and platform packages to 20200618 (#4817)
Signed-off-by: Volodymyr Boyko <volodymyrx.boiko@intel.com>
2020-06-19 11:00:44 -07:00
Joe LeVeque
1f8a78cef1
[build] No longer install Python 'click-default-group' package (#4811)
All dependencies upon the Python 'click-default-group' package have been removed from sonic-utilities as of https://github.com/Azure/sonic-utilities/pull/903. The submodule was updated to include this patch as of https://github.com/Azure/sonic-buildimage/pull/4601, therefore we no longer need to install this package in the SONiC image.
2020-06-19 10:54:10 -07:00