matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
5,907 Commits 33 Branches 17 Tags 294 MiB
66fa1920bb
Commit Graph

2034 Commits

Author SHA1 Message Date
Ashok Daparthi-Dell
741d047982 [yang] Fix for sonic-scheduler.yang name pattern (#9873) 
#### Why I did it

PR9611 - sonic-scheduler.yang pattern issue

#### How I did it
Modified the scheduler name pattern string to accept any string 

#### How to verify it

Sonic yang tests
 2022-02-13 18:00:43 -08:00
Alexander Allen
9264db4635
[submodule] Update linux-kernel submodule pointer (#9973) 
Updates include the following changes in order to support new Mellanox platforms and drivers (Azure/sonic-linux-kernel#259)

10ef390 Update kconfig to support / enable newly backported mellanox patches.
6a949e1 Add backported patches for Mellanox hw-mgmt V.7.0020.1300
e1913f7 Rename and reformat patch headers
 2022-02-13 17:12:21 +02:00
Judy Joseph
f08866b668 Update sonic-swss submodule 
05c2c2e [voq] Neighbor entry impose encap index attribute deprecated (#2069)
 2022-02-06 22:54:35 -08:00
Judy Joseph
9b4d80115a Update sonic-utilities submodule 2022-01-30 23:03:16 -08:00
Judy Joseph
29ccb603ae Update sonic-swss submodule 2022-01-30 23:02:18 -08:00
Mohamed Ghoneim
b704c6cc9a [yang] Adding sonic-bgp-monitor to setup.py (#9877) 
#### Why I did it
Include sonic-bgp-monitor to setup.py so it gets included in /usr/local/yang-models when installing the package

#### How I did it

#### How to verify it
install the package

#### Which release branch to backport (provide reason below if selected)

<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106

#### Description for the changelog
<!--
Write a short (one line) summary that describes the changes in this
pull request for inclusion in the changelog:
-->


#### A picture of a cute animal (not mandatory but encouraged)
 2022-01-30 22:49:50 -08:00
Judy Joseph
82e0659dde Update sonic-utilities 
51a9fbf [debug dump] Missing Dict Key handled in the MatchOptimizer (#2014)
ac8fdd3 [Auto Techsupport] Added Event Driven TS to Command Reference  (#1985)
458a0c2 [fdbshow] Adding more options for fdbshow and show mac (#1982)
 2022-01-22 22:53:03 -08:00
Judy Joseph
0fb6c33bfc Update src/sonic-swss 
ad65bd3 Fix the unsafe usage of strncpy in portsorch.cpp (#2110)
 2022-01-22 22:52:30 -08:00
Judy Joseph
2c440dba43 Update sonic-platform-daemons 
c98aba3 [psud] Fix PSU log issue (#235)
60e9682 [ledd] prevent led crash on recirc port event (#232)
 2022-01-22 22:51:32 -08:00
Judy Joseph
41baeef63c Update sonic-platform-common 
937cf1a [ssd] Allow individual vendor parsers to handle errors (#252)
 2022-01-22 22:50:29 -08:00
liuh-80
60e730990e [TACACS] fix src\tacacs\bash_tacplus\debian\rules file mode to 755 because it will be change to 755 by debian build and cause dirty image version. (#9821) 
#### Why I did it
    src\tacacs\bash_tacplus\debian\rules file mode is 644, and debian build will change it to 755, which will cause image version contains 'dirty'

#### How I did it
    Change src\tacacs\bash_tacplus\debian\rules file mode to 755

#### How to verify it
    Check the image version not contains dirty

#### Which release branch to backport (provide reason below if selected)

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106
- [*] 202111

#### Description for the changelog
    Change src\tacacs\bash_tacplus\debian\rules file mode to 755

#### A picture of a cute animal (not mandatory but encouraged)
 2022-01-22 22:42:37 -08:00
ganglv
dcbcb9d0b3 [sonic-cfggen]: Feature should use 'state' to replace 'status' (#9796) 
Why I did it
ConfigDB schema generated by minigraph parser can't pass yang validation.

How I did it
Modify minigraph.py, and use 'state' to replace 'status'.

How to verify it
Run UT for sonic-config-engine.
Use minigraph parser to generate ConfigDB schema, and run yang validation.

Signed-off-by: Gang Lv ganglv@microsoft.com
 2022-01-22 22:42:19 -08:00
ganglv
17707c3a26 [yang]: Add Yang models for BGP monitor (#9752) 
Why I did it
end2end test is blocked by Yang model for BGP monitor.

How I did it
Create new yang files for BGP monitor, and add UT.

How to verify it
Follow the steps in #9711.
Run UT for sonic-yang-models.

Signed-off-by: Gang Lv ganglv@microsoft.com
 2022-01-22 22:42:16 -08:00
ganglv
e8368e6545 [yang]: Update AAA yang models (#9724) 
#### Why I did it
AAA yang model is not up to date.

#### How I did it
Add fallback and trace field, and replace boolean_type

#### How to verify it
Run UT for sonic_yang_models.
Follow the steps from #9710
 2022-01-22 22:42:13 -08:00
ganglv
234c4aa317 [sonic-cfggen]: Add bgp asn for yang validation (#9640) 
Why I did it
Config db schema generated by minigraph can’t pass yang validation, bgp_asn must not be None.

How I did it
Update sampe-voq-graph.xml to add bgp_asn.

How to verify it
Build sonic-config-engine.
Run command 'sonic-cfggen -m tests/sample-voq-graph.xml -p tests/voq-sample-port-config.ini --print-data', and check bgp_asn.

Signed-off-by: Gang Lv ganglv@microsoft.com
 2022-01-22 22:42:04 -08:00
Aravind Mani
1e65be333d [DPB] Fix verbose mode issue (#9772) 2022-01-22 22:40:34 -08:00
nkelapur
907629ed22 Fix IPv4 routes with IPv6 link local next hops installed in FPM (#8740) 
* Description: Currently IPv4 routes with IPv6 link local next hops are
not properly installed in FPM.
Reason is the netlink decoding truncates the ipv6 LL address to 4 byte
ipv4 address.

Ex : fe80:: is directly converted to ipv4 and it results in 254.128.0.0
as next hop for below routes

show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued, r - rejected, b - backup

B>* 2.1.0.0/16 [200/0] via fe80::268a:7ff:fed0:d40, Ethernet0, weight 1,
02:22:26
B>* 5.1.0.0/16 [200/0] via fe80::268a:7ff:fed0:d40, Ethernet0, weight 1,
02:22:26
B>* 10.1.0.2/32 [200/0] via fe80::268a:7ff:fed0:d40, Ethernet0, weight
1, 02:22:26

Hence this fix converts the ipv6-LL address to ipv4-LL (169.254.0.1)
address before sending it to FPM. This is inline with how these types of
routes are currently programmed into kernel.

Signed-off-by: Nikhil Kelapure <nikhil.kelapure@broadcom.com>
 2022-01-22 22:40:22 -08:00
Stepan Blyshchak
ea421c14d7 [sonic-yang] fix the feature state type (#9587) 
- Why I did it
The feature state can be a jinja template, like in this file - https://github.com/Azure/sonic-buildimage/blob/master/files/build_templates/init_cfg.json.j2#L39.
Without this change it is not possible to validate a configuration file.

- How I did it
Relaxes the constraint on feature state. Feature state leaf can be any string.

- How to verify it
Run UT.

Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
 2022-01-22 22:40:16 -08:00
Anish Narsian
20f39ba0a4 [Yang] Add resource_type and downstream_subrole to yang model (#9696) 
#### Why I did it
As a fix for https://github.com/Azure/sonic-buildimage/issues/9574

#### How I did it
Enhance yang model for networking-metadata

#### How to verify it
Unit testing
 2022-01-22 22:40:09 -08:00
Lawrence Lee
69a381affc [YANG]: Add support for dual ToR attributes (#9698) 
Fixes #9561
Fixes #9570 
Fixes #9563
Partial fix for #9556 

#### Why I did it
- Attributes for dual ToR configs lack YANG model support

#### How I did it
- Extend YANG tests to cover dual ToR use cases
- Extend YANG model to cover dual ToR use cases
- Reduce the default log level to warning so only test failures are printed

#### How to verify it
- Run the YANG model unit tests
 2022-01-22 22:39:58 -08:00
Qi Luo
199ba9f99d [minigraph] do not use NULL:NULL explicitly in json (#9703) 
#### Why I did it
It should be handled by `ConfigDBConnector.typed_to_raw()`.

This is a bug for `sonic-cfggen -m --print-data` only
```
    "PORTCHANNEL_MEMBER": {
        "PortChannel0001|Ethernet112": {
            "NULL": "NULL"
        },
        "PortChannel0002|Ethernet116": {
            "NULL": "NULL"
        },
        "PortChannel0003|Ethernet120": {
            "NULL": "NULL"
        },
        "PortChannel0004|Ethernet124": {
            "NULL": "NULL"
        }
    },
```
But not appears in `sonic-cfgen -d --print-data`.
```
    "PORTCHANNEL_MEMBER": {
        "PortChannel0001|Ethernet112": {},
        "PortChannel0002|Ethernet116": {},
        "PortChannel0003|Ethernet120": {},
        "PortChannel0004|Ethernet124": {}
    },
```
Tested in a T0 KVM.
 2022-01-16 22:44:48 -08:00
abdosi
beaeda87f5 [minigraph] Enhanced parser to parse interface name for static route nexthop (#9707) 
What I did:-

Enhanced minigraph parser to parse interface name associated with static route nexthop

Why I did:-

One of the use case to support interface name is Chassis Packet. For Chassis Packet we have Static Routes configured to route traffic across line-card. If the FRR programs static route without the interface name then in case if the ip interface that is associated with the nexthop goes down FRR resolves static route nexthop over the default route as we have FRR config ip nht-resolve-via-default which causes undesired behavior. Having interface name with Static Route prevents recursive lookup on default route.

How I verify:

Updated unit-test cases
Manual verification
 2022-01-16 22:44:41 -08:00
Judy Joseph
4ccde917c1 Update sonic-utilities 
dd71848 [GCU] Show default option for '--format' (#2003)
f296e76 [GCU] Disallowing DeleteInsteadOfReplaceMoveExtender from generating delete whole config move (#2006)
731d643 [flow counter] Fix issue: should not compare str with int (#2001)
e628f01 Support CLI for buffer queue configuration (#1965)
585fd40 Fix show ip bgp nei command rw required issue (#2011)
 2022-01-16 22:43:24 -08:00
Judy Joseph
382efce11a sonic-swss submodule update 
a6d35de Handling Invalid CRM configuration gracefully (#2109)
d6559e6 [Mellanox] '_8lane' not added to Mellanox 5xxx models with 800G (#2090)
45551b2 [vnetorch] Advertise vnet tunnel routes (#2058)
ed58d2f Add initial value for weight in overlay nexthops (#2096)
 2022-01-16 22:37:47 -08:00
Judy Joseph
5e61090758 Update sonic-platform-common 
576f835 [component] Fix typo for FW_AUTO_ERR_UNKNOWN #254
5985388 Add recycle port to the physical ignore list (#251)
 2022-01-16 22:28:06 -08:00
Sudharsan Dhamal Gopalarathnam
a41e0ecb89
[sonic-ztp][202111] Submodule update (#9590) 
Update ztp sub module to include the below fixes:
f7dd3c5 [sonic-ztp]Fixing build failure after bullseye integration (#30)
9218e16 Replace swsssdk.ConfigDBConnector and SonicV2Connector with swsscommon(#28)

Signed-off-by: Sudharsan Dhamal Gopalarathnam <sudharsand@nvidia.com>
 2022-01-16 15:01:22 +02:00
Judy Joseph
3d3b8222cd Update sonic-utilities 
51712aa [build-failure-fix][GCU] Sort referrer paths alphabetically (#2015)
 2022-01-14 22:53:35 -08:00
Mykola Gerasymenko
3d82e6cf67
[DPB][YANG] Fix cases when boolean is used in different literal cases (#9654) 
* Add boolean as typedef to sonic-types
* Fix boolean in sonic-feature yang model
* Fix boolean in sonic-flex_counter yang model

#### Why I did it
It was request to cherry-pick fix from master (#9418) to 202111 branch to fix issue when boolean is used in different literal cases.

#### How I did it
Added boolean to sonic-types as typedef with different literal cases.

#### How to verify it
Run the command config interface breakout <interface_name> <breakout_mode>
 2022-01-10 14:46:04 -08:00
Judy Joseph
ad7d827a5e Update sonic-utilities submodule 
4236bc4 [config reload] Fixing config reload when timer based delayed services are disabled (#1967)
d2514e4 [GCU] Different apply-patch runs should produce same sorted steps (#1988)
2878adb [GCU] Using simulated config instead of target config when validating replace operation in NoDependencyMoveValidator (#1987)
fb8ca98 [GCU] Loading yang-models only once (#1981)
f88ee92 [GCU] Copying config_db before callding sonic_yang.loadData (#1983)
9ed0e91 [GCU] Implementing DryRun by printing patch-sorter steps/imitating config_db (#1973)
b36b5e3 [GCU] Moving PatchSorter unit-test to json file to make it easier to read/maintain (#1977)
c0fa28b [generic-config-updater] Improving CreateOnly validator and marking /LOOPBACK_INTERFACE/LOOPBACK#/vrf_name as create-only (#1969)
0559d04 [generic-config-updater] Adding non-strict mode (#1929)
b07f477 [debug dump util] FDB debug dump util changes (#1968)
6d8757a [warm/fast-reboot] Fix kexec portion to support platforms based on Device Tree (#1966)
cc1409e [Auto Techsupport] Event driven Techsupport Bug Fixes (#1986)
6c48bd5 Fix wrong help message for cable length setting (#1978)
c0bbbe3 [breakout] Fix the check  when port is not present in BREAKOUT_CFG table (#1765)
5bb8cad [doc][DPB] Update DPB related interface breakout command Info (#1438)
e6fd990 [config] Fix 'config reload -l' command to get filename by default (#1611)
bd8f7bb Update swss_ready check to check per namespace swss service (#1974)
5439f94 [soft-reboot] Add support for platforms based on Device Tree (#1963)
7c5810a [config] Add portchannel support  for static route  (#1857)
7cb6a1b preserve old order for config reload (#1964)
20bddbd [Auto-Techsupport] Issues related to Multiple Cores crashing handled (#1948)
 2022-01-08 16:56:55 -08:00
anamehra
7c3dcfe0a7 Cache connection handles to prevent duplicate (#9636) 
On a multi-asic Supervisor card, running commands like
'show interface counter' opens a confid_db connection per
namespace per interface which results in many duplicate connections
exceeding the allowed open file handles. This causes the command to fail.

Caching the connections to prevent duplicate handles.
 2022-01-08 16:43:46 -08:00
ganglv
5026e22333 [sonic-cfggen]: Fix missing vlan interface (#9639) 
Why I did it
Config db schema generated by minigraph can’t pass yang validation, there's no Vlan31 in 'VLAN' table.

How I did it
Update test minigraph to add vlan interface.

How to verify it
Build sonic-yang-models.
Run command 'sonic-cfggen -m tests/fg-ecmp-sample-minigraph.xml -p tests/mellanox-sample-port-config.ini --print-data', and run yang validation.

Signed-off-by: Gang Lv ganglv@microsoft.com
 2022-01-08 16:43:28 -08:00
ganglv
664f6d43cd [sonic-cfggen]: Fix syslog_server output (#9616) 
Why I did it
'SYSLOG_SERVER': {'': {}, '10.0.10.5': {}, '10.0.10.6': {}},
Config db schema generated by minigraph can’t pass yang validation, server address can't be empty.

How I did it
Update test minigraph to remove wrong configuration.

How to verify it
Build sonic-config-engine.
Run command 'sonic-cfggen -m xxx.xml --print-data', and SYSLOG_SERVERS table.

Signed-off-by: Gang Lv ganglv@microsoft.com
 2022-01-08 16:43:20 -08:00
ganglv
ac232a9e95 [sonic-cfggen]: Remove wrong portchannel members (#9614) 
Why I did it
Config db schema generated by minigraph can’t pass yang validation, portchannel_member has invalid port.

How I did it
Update test minigraph to remove invalid port channel.

How to verify it
Build sonic-config-engine.
Run command 'sonic-cfggen -m xxx.xml --print-data', and check port channel member.

Signed-off-by: Gang Lv ganglv@microsoft.com
 2022-01-08 16:43:10 -08:00
ganglv
11ecaedc1e [sonic-cfggen]: Update test minigraph to fix interface (#9601) 
Why I did it
Config db schema generated from test minigraph can't pass yang validation.

How I did it
Update test minigraph to fix interface

How to verify it
Build sonic-config-engine.
Run command 'sonic-cfggen -m xxx.xml --print-data', and check interface table and port table.

Signed-off-by: Gang Lv ganglv@microsoft.com
 2022-01-08 16:43:01 -08:00
ganglv
c1bef313e2 [sonic-cfggen]: Update test minigraph to add deployment_id (#9593) 
Why I did it
Config db schema generated from test minigraph can't pass yang validation.

How I did it
Update minigraph xml to add DeploymentId.

How to verify it
Build sonic-config-engine.
Run command 'sonic-cfggen -m xxx.xml --print-data', and check deployment_id field.

Signed-off-by: Gang Lv ganglv@microsoft.com
 2022-01-08 16:42:53 -08:00
ganglv
c875cc65f5 [yang]: Support VLAN alias (#9615) 
Why I did it
Config db schema generated by minigraph can’t pass yang validation, and there's no 'alias' field in yang model.
Minigraph parser supports 'alias' field for VLAN.

How I did it
Add 'alias' field to sonic-vlan.yang

How to verify it
Build sonic-yang-models.
Run command 'sonic-cfggen -m xxx.xml --print-data', and run yang validation.

Signed-off-by: Gang Lv ganglv@microsoft.com
 2022-01-08 16:42:27 -08:00
Neetha John
3c20bd8441 [yang] Add missing device types to the device_metadata yang (#9464) 
Signed-off-by: Neetha John <nejo@microsoft.com>

Bring back the changes in #9226 that were reverted. Unable to do a revert-revert.

Why I did it
Few device types were missing in the DEVICE_METADATA type field

How I did it
Added missing device types to the device metadata yang
 2022-01-08 16:38:19 -08:00
MaratGubaiev
7988264519 [yang] sonic-bgp-cmn/admin_status fixed (#9429) 
#### Why I did it
fixing https://github.com/Azure/sonic-buildimage/issues/9350 "[yang-models] BGP neighbor admin_status should be up/down"
 2022-01-08 16:38:10 -08:00
ganglyu
98524aef7c [yang]: update Yang models for cloudtype and region (#9425) 
Why I did it
#9122
DEVICE_METADATA does not have cloudtype and region.

How I did it
Add cloudtype and region to DEVICE_METADATA.

How to verify it
Follow the steps in #9122.
Build sonic-yang-model.

Signed-off-by: Gang Lv ganglv@microsoft.com
 2022-01-08 16:38:02 -08:00
arlakshm
a42dc6fc41 [yang] syslog yang model (#9265) 
Why I did it
Add yang model for syslog server

How I did it
Add new file sonic-syslog.yang and new files for tests

How to verify it
Compile target/python-wheels/sonic_yang_mgmt-1.0-py3-none-any.whl

Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan arlakshm@microsoft.com
 2022-01-08 16:37:53 -08:00
Mohamed Ghoneim
9cbdac6ede [sonic-yang-mgmt] Adding flag to disable/enable log printing (#9659) 
#### Why I did it
Fixes https://github.com/Azure/sonic-utilities/issues/1871

From [generic-config-updater](https://github.com/Azure/sonic-utilities/tree/master/generic_config_updater) we call `sonic-yang-mgmt` multiple times in order to check a certain change to ConfigDb is valid or not. It is expected for some changes to be invalid, so always printing errors from `sonic-yang-mgmt` makes the output hard to read.

In this PR, we are adding a way to control if logs should be printed or not.

#### How I did it
- Added `print_log_enabled` flag to sonic_yang ctor
- Converted all `print` statements to `sysLog(..., doPrint=True)`

#### How to verify it
unit-test passing means the change did not break logs.

#### Info about libyang logging
libyang provides an extensive logging logic which can support a lot of scenarios:
- ly_log_level: setting logging level
  - LY_LLERR
  - LY_LLWRN
  - ... 
- ly_set_log_clb: setting log callback to customize the default behavior which is printing the msgs
- ly_log_options: setting logging options 
  - LY_LOLOG: If callback is set use it, otherwise just print. If flag is not set, do nothing.
  - ...

For more info refer to:
- https://netopeer.liberouter.org/doc/libyang/devel/html/group__logopts.html#gaff80501597ed76344a679be2b90a1d0a
- https://netopeer.liberouter.org/doc/libyang/devel/html/group__log.html#gac88b78694dfe9efe0450a69603f7eceb


#### What's next?
Consume the new flag `print_log_enabled` in [generic-config-updater](https://github.com/Azure/sonic-utilities/tree/master/generic_config_updater) to reduce the logging clutter. 

#### Which release branch to backport (provide reason below if selected)

<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106

#### Description for the changelog
<!--
Write a short (one line) summary that describes the changes in this
pull request for inclusion in the changelog:
-->


#### A picture of a cute animal (not mandatory but encouraged)
 2022-01-08 16:37:40 -08:00
Mohamed Ghoneim
013413d9ce [yang-model] Using 'leafref' instead of 'must' for loopback (#9535) 
#### Why I did it
Fix issue https://github.com/Azure/sonic-utilities/issues/1962

The problem is current implementation of [sonic-yang-mgmt::find_data_dependencies](f2774b635d/src/sonic-yang-mgmt/sonic_yang.py (L518)) does not get referrers if they are using `must` statement, it has to use `leafref`.

For now we can convert `must` to `leafref` if possible. In the future we will investigate get referrers by `must` statements as well https://github.com/Azure/sonic-buildimage/issues/9534

#### How I did it
Instead of `must` use `leafref`

#### How to verify it
unit-test

#### Which release branch to backport (provide reason below if selected)

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106
 2022-01-08 16:37:32 -08:00
Mohamed Ghoneim
3af0f6ab0c [yang-models] Validating 'services' exist if ACL type is 'CTRLPLANE' (#9295) 
#### Why I did it
Fixing issue #9294

#### How I did it
Updating ACL yang model

#### How to verify it

Validating issue with `config patch-apply` is fixed.

- Start a KVM
- Add file `add-ctrl-plane-tbl.json-patch ` with content:
```json
[
    {
     "op": "add",
     "path": "/ACL_TABLE/ACTRLPLANETABLE",
     "value": {
      "policy_desc": "ACTRLPLANETABLE",
      "services": [
       "SSH"
      ],
      "stage": "ingress",
      "type": "CTRLPLANE"
     }
    }
]
```
- Run `sudo config apply-patch add-ctrl-plane-tbl.json-patch`


Before:
```
Patch Applier: The patch was sorted into 4 changes:
Patch Applier:   * [{"op": "add", "path": "/ACL_TABLE/ACTRLPLANETABLE", "value": {"type": "CTRLPLANE"}}]
Patch Applier:   * [{"op": "add", "path": "/ACL_TABLE/ACTRLPLANETABLE/policy_desc", "value": "ACTRLPLANETABLE"}]
Patch Applier:   * [{"op": "add", "path": "/ACL_TABLE/ACTRLPLANETABLE/services", "value": ["SSH"]}]
Patch Applier:   * [{"op": "add", "path": "/ACL_TABLE/ACTRLPLANETABLE/stage", "value": "ingress"}]
```

After:
```
Patch Applier: The patch was sorted into 1 change:
Patch Applier:   * [{"op": "add", "path": "/ACL_TABLE/ACTRLPLANETABLE", "value": {"policy_desc": "ACTRLPLANETABLE", "services": ["SSH"], "stage": "ingress", "type": "CTRLPLANE"}}]
```

#### Which release branch to backport (provide reason below if selected)

<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106

#### Description for the changelog
<!--
Write a short (one line) summary that describes the changes in this
pull request for inclusion in the changelog:
-->


#### A picture of a cute animal (not mandatory but encouraged)
 2022-01-08 16:37:21 -08:00
Stephen Sun
6d22c1fda6
[sonic-swss] Submodule update (#9397) (#9685) 
691c37b7 [Route bulk] Fix bugs in case a SET operation follows a DEL operation in the same bulk (Azure/sonic-swss#2086)
a4c80c3d patch for issue Azure/sonic-swss#1971 - enable Rx Drop handling for cisco-8000 (Azure/sonic-swss#2041)
71751d10 [macsec] Support setting IPG by gearbox_config.json (Azure/sonic-swss#2051)
5d5c1692 [bulk mode] Fix bulk conflict when in case there are both remove and set operations (Azure/sonic-swss#2071)
8bbdbd2b Fix SRV6 NHOP CRM object type (Azure/sonic-swss#2072)
ef5b35f3 [vstest] VS test failure fix after fabric port orch PR merge (Azure/sonic-swss#1811)
89ea5385 Supply the missing ingress/egress port profile list in document (Azure/sonic-swss#2064)
81234373 [pfc_detect] fix RedisReply errors (Azure/sonic-swss#2040)
b38f527a [swss][CRM][MPLS] MPLS CRM Nexthop - switch back to using SAI OBJECT rather than SWITCH OBJECT
ae061e55 create debug_shell_enable config to enable debug shell (Azure/sonic-swss#2060)
45e446d9 [cbf] Fix max FC value (Azure/sonic-swss#2049)
b1b5b297 Initial p4orch pytest code. (Azure/sonic-swss#2054)
d352d5a9 Update default route status to state DB (Azure/sonic-swss#2009)
24a64d65 Orchagent: Integrate P4Orch (Azure/sonic-swss#2029)
15a3b6ca Delete the IPv6 link-local Neighbor when ipv6 link-local mode is disabled (Azure/sonic-swss#1897)
ed783e1f [orchagent] Add trap flow counter support (Azure/sonic-swss#1951)
e9b05a31 [vnetorch] ECMP for vnet tunnel routes with endpoint health monitor (Azure/sonic-swss#1955)
bcb7d61a P4Orch: inital add of source (Azure/sonic-swss#1997)
f6f6f867 [mclaglink] fix acl out ports (Azure/sonic-swss#2026)
fd887bf8 [Reclaim buffer] Reclaim unused buffer for dynamic buffer model (Azure/sonic-swss#1910)
92589789 [orchagent, cfgmgr] Add response publisher and state recording (Azure/sonic-swss#1992)
3d862a72 Fixing subport vs test script for subport under VNET (Azure/sonic-swss#2048)
fb0a5fd8 Don't handle buffer pool watermark during warm reboot reconciling (Azure/sonic-swss#1987)
16d4bcdb Routed subinterface enhancements (Azure/sonic-swss#1907)
9639db78 [vstest/subintf] Add vs test to validate sub interface ingress to a vnet (Azure/sonic-swss#1642)

Signed-off-by: Stephen Sun stephens@nvidia.com
 2022-01-06 09:47:08 -08:00
Judy Joseph
3cbfb08689 Update sonic-utilities submodule 
c48c363 Revert "[sonic-package-manager] support sonic-cli-gen and packages with YANG model (#1650)" (#1972)
 2022-01-04 18:36:45 -08:00
rupesh-k
90b74d5280 SONiC Yang model support for Mirror (#7877) 
#### Why I did it
Created SONiC Yang model for Mirror.
Tables: MIRROR_SESSION

#### How I did it

Defined Yang models for COPP based on Guideline doc:
https://github.com/Azure/SONiC/blob/master/doc/mgmt/SONiC_YANG_Model_Guidelines.md
and
https://github.com/Azure/sonic-utilities/blob/master/doc/Command-Reference.md

#### How to verify it
'''
============================= test session starts ==============================
platform linux -- Python 3.7.3, pytest-3.10.1, py-1.7.0, pluggy-0.8.0
rootdir: /sonic/src/sonic-yang-models, inifile:
plugins: cov-2.6.0
collected 3 items

tests/test_sonic_yang_models.py ..                                       [ 66%]
tests/yang_model_tests/test_yang_model.py .                              [100%]

=============================== warnings summary ===============================

module: sonic-mirror-session
  +--rw sonic-mirror-session
     +--rw MIRROR_SESSION
        +--rw MIRROR_SESSION_LIST* [name]
           +--rw name         string
           +--rw type?        string
           +--rw src_ip?      inet:ipv4-address
           +--rw dst_ip?      inet:ipv4-address
           +--rw gre_type?    string
           +--rw dscp?        uint8
           +--rw ttl?         uint8
           +--rw queue?       uint8
           +--rw dst_port?    -> /port:sonic-port/PORT/PORT_LIST/name
           +--rw src_port?    union
           +--rw direction?   string

'''
 2021-12-26 20:58:37 -08:00
Abhishek
6f406b91ba [yang] SONiC MAC ACL Yang model update to add support for Source MAC, Destination MAC, Ethertype pattern update, VLAN_ID, PCP, DEI fields (#7917) 
#### Why I did it
Currently only IP ACL and related model is defined. Support for MAC ACL is missing. Added support for it.

#### How I did it
ACL_RULE table is added with new MAC ACL related fields namely Source MAC, Destination MAC, Ethertype (Pattern updated to match any valid Ethertypes), VLAN, PCP, DEI

#### How to verify it
Yang model tests are attached.
 2021-12-26 20:58:33 -08:00
arlakshm
4e7550e2bd [yang] add set_owner to feature yang (#9075) 
#### Why I did it
Add the configuration for the set_owner in the `feature` yang model

#### How I did it
Add new leaf `set_pwner` to the `feature` yang model

#### How to verify it
compile `sonic_yang_mgmt-1.0-py3-none-any.whl`
 2021-12-26 20:58:27 -08:00
Mykola Gerasymenko
ec46a23bc6 [DPB][YANG] Add POLL_INTERVAL in flex_counter yang model (#9276) 
#### Why I did it
DPB falls due to missing POLL_INTERVAL in sonic-flex_counter yang model.

#### How I did it
Added POLL_INTERVAL leaf to ACL container in sonic-flex_counter yang model.

#### How to verify it
Run the command config interface breakout <interface> <breakout_mode>

**NOTE:**
To verify this fix, a PR ([add set_owner to feature yang](https://github.com/Azure/sonic-buildimage/pull/9075)) that fix another bug in SONiC should be merged to master.
 2021-12-26 20:58:00 -08:00
Oleksandr Ivantsiv
546818f414 [sonic-config-engine]: Improve comparison between default and supported breakout modes. (#9278) 
Closes #7958 

#### Why I did it
The previous implementation of sonic-cfggen did a simple comparison between default breakout mode in
hwsku.json and supported modes in platform.json. To set a different default speed in hwsku.json
it was required to add one more entry to supported modes in platfrom.json file:

1x10G[100G,50G] vs 1x100G[50G,10G]

The new implementation does more intelligent parsing and analysis of supported and default modes. It
allows changing default speed without adding a new entry to platform.json.

#### How I did it
Add more intelligent parsing and analysis of supported and default modes.

#### How to verify it
Run sonic-config-engine unit tests from sonic-config-engine/tests directory
 2021-12-26 20:57:56 -08:00
Stephen Sun
11571cdbf3 [Unit test] Fix sonic config engine unit test failure (#9454) 
- Why I did it
Fix sonic-config-engine unit test failure

- How I did it
 * Do not use pytest fixture in the test since it is not compatible with unittest framework which is used by all of the rest test cases.
 * Supply 2 missing files

- How to verify it
Run unit test or compile the module (when the unit test will run automatically)

Signed-off-by: Stephen Sun <stephens@nvidia.com>
 2021-12-26 20:55:46 -08:00
Aravind Mani
b290b9d10b [Submodule]Update sonic-platform-common submodule (#9466) 2021-12-26 20:55:42 -08:00
Samuel Angebault
65228e39e9 [sonic-py-common] Add recirc_prefix definition (#9471) 
This interface type is used for recirculation on chassis.
The definition is required to prevent this interface from being
considered a physical interface in sonic-platform-common and
sonic-platform-daemon
 2021-12-26 20:55:39 -08:00
liuh-80
4e22831fb1 [TACACS] Fix auditd can't load tacplus plugin issue. (#9481) 
<!--
     Please make sure you've read and understood our contributing guidelines:
     https://github.com/Azure/SONiC/blob/gh-pages/CONTRIBUTING.md

     ** Make sure all your commits include a signature generated with `git commit -s` **

     If this is a bug fix, make sure your description includes "fixes #xxxx", or
     "closes #xxxx" or "resolves #xxxx"

     Please provide the following information:
-->

#### Why I did it
1. Fix auditd log file path, because known issue: https://github.com/Azure/sonic-buildimage/issues/9548

2. When SONiC change to based on bullseye, auditd version upgrade from 2.8.4 to 3.0.2, and in auditd 3.0.2 the plugin file path changed to /etc/audit/plugins.d, however the upstream auditisp-tacplus project not follow-up this change, it still install plugin config file to /etc/audit/audisp.d. so the plugin can't be launch correctly, the code change in src/tacacs/audisp/patches/0001-Porting-to-sonic.patch fix this issue.
#### How I did it
        Fix tacacs plugin config file path.
        Create /var/log/audit folder for auditd.

#### How to verify it
        Pass all UT, also run per-command acccounting UT to validate plugin loaded.

#### Which release branch to backport (provide reason below if selected)

<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106

#### Description for the changelog
<!--
Write a short (one line) summary that describes the changes in this
pull request for inclusion in the changelog:
-->
        Fix tacacs plugin config file path.
        Create /var/log/audit folder for auditd.

#### A picture of a cute animal (not mandatory but encouraged)
 2021-12-26 20:55:30 -08:00
abdosi
f001104b25 [bgp] Enable BGP Graceful Restart based on device role (#9486) 
What I did:
Updated Jinja Template to enable BGP Graceful Restart based on device role. By default it will be enable only if the device role type is TorRouter.

Why I did:-
By default FRR is configured in Graceful Helper mode. Graceful Restart is needed on T0/TorRouter only since the device can go for warm-reboot. For T1/LeafRouter it need to be in Helper mode only
 2021-12-26 20:55:26 -08:00
ganglv
92cfbb270a [yang]: Add constraint for pfcwd (#9513) 
#### Why I did it
POLL_INTERVAL cannot be set if any of the detection/restoration times in this table is less than the POLL_INTERVAL.

#### How I did it
Add "must" constraint to make sure detection/restoration times are greater than POLL_INTERVAL.

#### How to verify it
Use apply-patch command to update POLL_INTERVAL.
Build sonic-yang-model.
 2021-12-26 20:54:39 -08:00
xumia
5314ae0ec5 [Bug][Build]: fix the file not found issue caused by the relative pat… (#9443) 
Fix the nodesource.list cannot read issue, it is cased by the full path not used.

```
2021-12-03T06:59:26.0019306Z Removing intermediate container 77cfe980cd36
2021-12-03T06:59:26.0020872Z  ---> 528fd40e60f6
2021-12-03T06:59:26.0021457Z Step 81/81 : RUN post_run_buildinfo
2021-12-03T06:59:26.0841136Z  ---> Running in d804bd7e1b06
2021-12-03T06:59:29.1626594Z DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.
2021-12-03T06:59:34.2960105Z /usr/bin/sed: can't read nodesource.list: No such file or directory
2021-12-03T06:59:34.5094880Z The command '/bin/sh -c post_run_buildinfo' returned a non-zero code: 2
```

Co-authored-by: Ubuntu <xumia@xumia-vm1.jqzc3g5pdlluxln0vevsg3s20h.xx.internal.cloudapp.net>
 2021-12-08 21:29:50 +00:00
abdosi
e34c2e4a22 Updated BGP Template for Chassis/Multi-asic (#9291) 
Updated BGP Template for the case:
    
   1. For Packet Chassis do not advertise Loopback4096 address into BGP as there is Static Route for same. 
       Having this route in BGP causes two level of recursion in Zebra and cause assert in Zebra 
       when there are many nexthop involved
 
   2. Advertise only P2P Connected IP's into BGP (External Peers). For Packet chassis we have backend IP Interface subnet and if 
        they get advertised into BGP then it also causes recursion
 2021-12-08 21:27:31 +00:00
Brian O'Connor
6bffcb9e71 [PINS] Build P4RT container for PINS (#9083) 
- Add INCLUDE_PINS to config to enable/disable container
- Add Docker files and supporting resources
- Add sonic-pins submodule and associated make files

Submission containing materials of a third party:
    Copyright Google LLC; Licensed under Apache 2.0

#### Why I did it

Adds P4RT container to SONiC for PINS

The P4RT app is covered by this HLD:
https://github.com/pins/SONiC/blob/master/doc/pins/p4rt_app_hld.md

#### How I did it

Followed the pattern and templates used for other SONiC applications

#### How to verify it

Build SONiC with INCLUDE_P4RT set to "y".
Verify that the resulting build has a container called "p4rt" running.
You can verify that the service is up by running the following command on the SONiC switch:
```bash
sudo netstat -lpnt | grep p4rt
```
You should see the service listening on TCP port 9559.

#### Which release branch to backport (provide reason below if selected)

None

#### Description for the changelog

Build P4RT container for PINS
 2021-12-08 20:59:23 +00:00
Abhishek Dosi
181e7b3b6e [Submodule update] sonic-snmpagent 
6f2d8d2110967d813053bcfcd8b34c42c5d0cda2 (HEAD -> 202111, origin/202111) [Voq][Inband] Support the Ethernet-IB port (#228

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
 2021-12-08 20:54:50 +00:00
Abhishek Dosi
501a2336ed [Submodule Update] sonic-utilities 
f81043b1f9ff02196629655f4735b33afd7f0ae1 (HEAD -> 202111, origin/202111) [port2alias]: Fix to get right number of return values (#1906)
bbbf65943ec46e9330eadaed8bcdf1612cb8bd55 [CLI][show bgp] On chassis don't show internal BGP sessions by default (#1927)
e12de7e7bf6cff3ec127f261bf88e4d29776d27b [port] Fix port speed set (#1952)
cae7af752d484956d7fe40e4c3a849ddad460976 Fix invalid output of syslog IPv6 servers (#1933)
6009341ddf790094166be5f0a81b4c114f00220b Routed subinterface enhancements (#1821)
6ab9d67ca6550c592b97afb513804be474f84eb0 Enhance sfputil for CMIS QSFP (#1949)
76cc67ba4f81c69b20efb3341808037c9db8f703 [debug dump] Refactoring Modules and Unit Tests (#1943)
cff58a8171423e4012bc8caf9748996a1e98b7e2 Add command reference for trap flow counters (#1876)
71cf3ee43524d56ad57dd90b937cfbf4bf63ba6a [Reclaim buffer] [Mellanox] Db migrator support reclaiming reserved buffer for unused ports (#1822)
e699b49fb722e6d6fe5a1d2dacd2d39eb085c1e4 Add show command for BFD sessions (#1942)
bb6c5774c843dbfad5f1ba00ee76dae7720902d1 [warm-reboot] Fix failures of warm reboot on disconnect of ssh session (#1529)
2e8bbb308477862a76d2327fcf696875e8f08650 Add trap flow counter support (#1868)
58407c1386ef13772a9a9320a795e380f162ab2c [load_minigraph] Delay pfcwd start until the buffer templates are rendered (#1937)
eb388e0584ba1fe8d8dba58f1c5a148036ffe047 [sonic-package-manager] support sonic-cli-gen and packages with YANG model (#1650)
2371d84e7d281bdb9988b5a1a012498dbbfb89ec generic_config_updater: Filename changed & VLAN validator added (#1919)
7c0718dfaf23289d4ecc3ada9332e465c9a4e56b [config reload] Update command reference (#1941)

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
 2021-12-08 20:43:42 +00:00
Prince George
45afaa9048 [submodule-update] Updating sonic-platform-common submodule (#9412) 
c2aac75 [SFP-Refactor] Fix LP mode API issue (#247)
dba17c8 Firmware upgrade CLI support for QSFP-DD transceivers (#244)
cd69212 [SFP-Refactor] Implement CMIS Low Power mode (#237)
9cea07f Fix RegGroupField decode (#245)
6ae1909 Add CMIS QSFP support (#246)
c1f317d Gracefully handle CMIS APIs for passive modules (#238)
ec7335d fix for firmware functions  (#243)
cf2ebe9 Fix RegBitField decode/encode (#242)
ef4f2c6 Fix SFP_CABLE_TECH_FIELD (#240)
e118644 remove time counting message in functions because function running time could be difficult to predict in unit tests (#241)

Signed-off-by: Prince George <prgeor@microsoft.com>
 2021-12-08 20:28:55 +00:00
xumia
5947406a45
[Build]: Cleanup the reproducible mirrors when build complete (#9132) 
Why I did it
The reproducible build mirrors are only used during the build, the mirrors can be removed after that.
 2021-12-02 09:04:40 +08:00
Saikrishna Arcot
34328f9f56
[sonic-swss-common]: Submodule update (#9395) 
Bring in the following commit:

405f1df Use build profiles instead of distro version for Python 2 binding build (#558)

This change requires a corresponding change in this repo to set a build
profile to not build the python 2 bindings on Bullseye.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
 2021-12-01 10:14:13 -08:00
kellyyeh
f2ee94d201
[dhcp_relay] Update DHCPv6 counter on relayed messages (#9283) 2021-11-30 20:15:30 -08:00
liuh-80
739c45645c
[TACACS+] Add audisp-tacplus for per-command accounting. (#8750) 
This pull request integrate audisp-tacplus to SONiC for per-command accounting.

#### Why I did it
To support TACACS per-command accounting, we integrate audisp-tacplus project to sonic.

#### How I did it
1. Add auditd service to SONiC
2. Port and patch audisp-tacplus to SONiC

#### How to verify it
UT with CUnit to cover all new code in usersecret-filter.c
Also pass all current UT.

#### Which release branch to backport (provide reason below if selected)
N/A

#### Description for the changelog
Add audisp-tacplus for per-command accounting.

#### A picture of a cute animal (not mandatory but encouraged)
 2021-12-01 11:50:09 +08:00
Junchao-Mellanox
06a61dede0
[YANG] Add trap flow counter to yang model (#9353) 
*[YANG] Add trap flow counter to yang model
 2021-11-30 17:52:34 -08:00
vganesan-nokia
78de10713c
[voq-chassis][bgpcfg] VOQ_BGP_CHASSIS_NEIGHBORS timers default (#8455) 
The BGP_VOQ_CHASSIS_NEIGHBOR keepalive and holdtime timers are
configured similar to general neighbors. Changes are done to configure
BGP_VOQ_CHASSIS_NEIGHBOR timers similar to BGP_INTENAL_NEIGBOR since voq
chassis bgp neighbors are similar to bgp internal neighbors in
multi-asic. As it is done for bgp internal neighbors, the keepalive and
holdtime timers are set to 3 and 10 seconds respectively. Also similar
to bgp internal neighbors, connection retry timer is also configured for
voq chassis bgp neighbors.

Signed-off-by: vedganes <vedavinayagam.ganesan@nokia.com>
 2021-11-30 12:10:27 -08:00
Mahesh Maddikayala
bfef686d64
[sonic-py-common][device info] Check for None before accessing the ASIC type (#9290) 2021-11-30 11:12:48 -08:00
noaOrMlnx
0908f9ec49
[CoPP] Add always_enabled field (#9302) 
*Add the "always_enabled" field to copp_cfg.j2 file, in order to allow traps without an entry in features table, to be installed automatically.
 2021-11-30 11:04:15 -08:00
Shi Su
4b357044b3
[bgpcfgd] Add bgpcfgd support to advertise routes (#9197) 
Why I did it
Add bgpcfgd support to advertise routes.

How I did it
Make bgpcfgd subscribe to the ADVERTISE_NETWORK table in STATE_DB and configure route advertisement accordingly.

How to verify it
Added unit tests in bgpcfgd and verify on KVM about route advertisement.
 2021-11-29 23:17:57 -08:00
Preetham
858f430f94
Routed subinterface enhancements (#8761) 
* Routed subinterfae enhancements HLD #833
* Adding python API support to get routed subinterface long name to get correct parent interface for the routed subinterface.
 2021-11-29 09:13:16 -08:00
Stephen Sun
ba853348d5
[Reclaim buffer] Reclaim unused buffers by applying zero buffer profiles (#8768) 
Signed-off-by: Stephen Sun stephens@nvidia.com

Why I did it
Support zero buffer profiles

Add buffer profiles and pool definition for zero buffer profiles
Support applying zero profiles on INACTIVE PORTS
Enable dynamic buffer manager to load zero pools and profiles from a JSON file
Dependency: It depends on Azure/sonic-swss#1910 and submodule advancing PR once the former merged.

How I did it
Add buffer profiles and pool definition for zero buffer profiles

If the buffer model is static:
Apply normal buffer profiles to admin-up ports
Apply zero buffer profiles to admin-down ports
If the buffer model is dynamic:
Apply normal buffer profiles to all ports
buffer manager will take care when a port is shut down
Update buffers_config.j2 to support INACTIVE PORTS by extending the existing macros to generate the various buffer objects, including PGs, queues, ingress/egress profile lists

Originally, all the macros to generate the above buffer objects took active ports only as an argument
Now that buffer items need to be generated on inactive ports as well, an extra argument representing the inactive ports need to be added
To be backward compatible, a new series of macros are introduced to take both active and inactive ports as arguments
The original version (with active ports only) will be checked first. If it is not defined, then the extended version will be called
Only vendors who support zero profiles need to change their buffer templates
Enable buffer manager to load zero pools and profiles from a JSON file:

The JSON file is provided on a per-platform basis
It is copied from platform/<vendor> folder to /usr/share/sonic/temlates folder in compiling time and rendered when the swss container is being created.
To make code clean and reduce redundant code, extract common macros from buffer_defaults_t{0,1}.j2 of all SKUs to two common files:

One in Mellanox-SN2700-D48C8 for single ingress pool mode
The other in ACS-MSN2700 for double ingress pool mode
Those files of all other SKUs will be symbol link to the above files

Update sonic-cfggen test accordingly:

Adjust example output file of JSON template for unit test
Add unit test in for Mellanox's new buffer templates.

How to verify it
Regression test.
Unit test in sonic-cfggen
Run regression test and manually test.
 2021-11-29 08:04:01 -08:00
vdahiya12
7077474b54
[sonic-platform-daemons] submodule update (#9361) 
[xcvrd] Fix Typo for initialization of post_sfp and deinit for xcvrd (#224)

Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>
 2021-11-26 06:33:18 +05:30
Ze Gan
ada0e50218
[iproute2]: Add macsec-xpn-support iproute2 in syncd (#8702) 
* Add macsec-xpn-support iproute2 in syncd

Signed-off-by: Ze Gan <ganze718@gmail.com>

* Polish code

Signed-off-by: Ze Gan <ganze718@gmail.com>

* Remove useless files

Signed-off-by: Ze Gan <ganze718@gmail.com>

* Add self-compiled iproute2 to docker sonic vs

Signed-off-by: Ze Gan <ganze718@gmail.com>

* Enhance apt install for iproute2 dependencies

Signed-off-by: Ze Gan <ganze718@gmail.com>
 2021-11-25 21:38:17 +08:00
Jing Zhang
879c18417a
[sonic-linkmgrd] submodule update (#9338) 
Submodule update for sonic-linkmgrd
Incorporates:

c11a576 (2021-11-22 09:38:46) [ci]: show code coverage in azure pipeline (#4)
4ceb01d (2021-11-18 20:24:20) Fix MUX toggling issue (#1)
d640527 (2021-11-12 22:31:44) [ci]: fix artifact download
b9f247d (2021-11-12 22:31:44) [ci]: use native arm64/armhf build
3059122 (2021-09-27 11:32:23) [linkgrd] Add Missing Apache License Header
 2021-11-24 23:55:17 -08:00
ganglyu
adf1990dd2
[yang]: Add admin_status to BGP_NEIGHBOR_TEMPLATE_LIST. (#9341) 
Add admin_status to BGP_NEIGHBOR_TEMPLATE_LIST.

Signed-off-by: Gang Lv ganglv@microsoft.com
 2021-11-24 23:54:19 -08:00
arlakshm
5830852832
remove staticd.conf.j2 (#9182) 
Why I did it
resolves #8979 and #9055

How I did it
Remove the file static.conf.j2,which adds the default route on eth0 from bgp docker

Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
 2021-11-24 15:32:16 -08:00
Junchao-Mellanox
a5336e123a
[submodule] Update submodule for sonic-sairedis (#9354) 
sai-redis submodule update:

69517ba [lgtm] Add gmock libs to lgtm (#973)
a7c8cfa [FlexCounter] Add trap flow counter support (#954)
3304daa [vslib]: Add MACsec xpn support (#924)
a3143da Add ACL_TABLE object to break-before-make list (#970)
05a06a4 Update SAI with saiserver fix (#966)
e4180e0 [VS test] Increase test timeout (#967)
70e6491 Fix hung issue when installing linux kernel modules (#969)
 2021-11-24 15:17:47 -08:00
Vivek Reddy
80dfbc85c8
update sonic-utilities submodule (#9360) 
a0bff26a [acl-loader] modify acl-loader with change in STATE DB ACL capability table (#1896)
a395e284 [debug dump util] Changes for EVPN and VxLAN dump module (#1892)
02a98ef1 [debug dump util] Route Module added (#1913)
ac8382fd [generic-config-updater] Logging change just before applying it (#1934)
9ab6c515 [flex counter] Flex counter threads consume too much CPU resources. #9202 (#1925)
2ec47a59 [generic-config-updater] Handling empty tables while sorting a patch (#1923)
fdedcbf6 [fdbshow]: Handle FDB cleanup gracefully. (#1926)
e7535ae3 [sonic-cli-gen] first phase implementation of the SONiC CLI Auto-generation tool (#1644)

Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
 2021-11-24 11:11:31 -08:00
abdosi
950ec3e68b
Added option to enable/disable Static Route Advertisement (#9298) 
What I did:

Added option 'advertise':'true'/'false' to STATIC_TALE to control whether given route need to be advertise into BGP.

How I did:

Add a route in FRR with tag (1 for advertise and 2 for not advertise)
Create Route Map to match on tag as 1 and permit
Attach route-map to redistribute static.
Minigraph option to parse advertise option of Static Route.
 2021-11-24 09:43:37 -08:00
Stephen Sun
9c4b787d91
[sonic-swss] Advance submodule (#9288) 
bb0733aa [aclorch] Add ACL_TABLE_TYPE configuration  (#1982)
59cab5d9 Support for setting switch level DSCP to TC QoS map (#2023)
da21172e [aclorch] add generic AclOrch::updateAclRule() method (#1993)
4f6cb055 [Reclaiming buffer] Support reclaiming buffer in traditional model (#2011)
32d7a69e [Reclaiming buffer] Common code update (#1996)
b91d8ba7 [swss] L2 Forwarding Enhancements (#1716)
797dab41 [muxorch] Bind all ports to drop ACL table (#2027)
99929cd7 [lgtm.yml] add libgmock-dev (#2035)
8727ae5c [flex counter] Flex counter threads consume too much CPU resources #9202 (#2031)
103fdf05 Remove redundant calls to get child scheduler group during initialization (#1965)
18ea8404 [macsec]: MACsec statistics support (#1867)
0c462420 [orchagent] Flush pipeline every 1 second, not only when select will timeout (#2003)
339101cf [cbf] Add class-based forwarding support (#1963)
24a615bd Fix issue: accumulative headroom can exceed limit in rare scenario (#2020)
708e232a Test divide by zero processing path (#2028)
8f1d035c [macsecmgr]: Wait for port up before enabling macsec (#2032)
4912a770 Remove buffer drop counter when port is removed (#1860)
f9462c49 [Dynamic buffer] [Mellanox] Calculate the peer response time according to the speed (#1930)
8b5a401e Routed subinterface enhancements (#2017)
cdea5e9b Fix next hop compilation (#2025)
37c197d0 [SRV6] Sonic-swss changes for SRV6 (#1964)
f502c320 [vnetorch] Add ECMP support for vnet tunnel routes (#1960)

Signed-off-by: Stephen Sun <stephens@nvidia.com>
 2021-11-24 11:00:42 +02:00
Junchao-Mellanox
11a93d2f92
[system-health] No longer check critical process/service status via monit (#9068) 
HLD updated here: https://github.com/Azure/SONiC/pull/887

#### Why I did it

Command `monit summary -B` can no longer display the status for each critical process, system-health should not depend on it and need find a way to monitor the status of critical processes. The PR is to address that. monit is still used by system-health to do file system check as well as customize check.

#### How I did it

1.	Get container names from FEATURE table
2.	For each container, collect critical process names from file critical_processes
3.	Use “docker exec -it <container_name> bash -c ‘supervisorctl status’” to get processes status inside container, parse the output and check if any critical processes exit

#### How to verify it

1. Add unit test case to cover it
2. Adjust sonic-mgmt cases to cover it
3. Manual test
 2021-11-23 15:47:48 -08:00
Prince George
2bf2e870fd
[submodule-update]: Update sonic-platform-common (#9352) 
Signed-off-by: Prince George <prgeor@microsoft.com>
 2021-11-23 20:46:02 +05:30
donNewtonAlpha
d063c7dec9
[sonic-swss-common] submodule update (#9322) 
[sonic-swss-common] submodule update:
95aec72 2021-11-19 [PINS] Add Bazel support for external projects (#557)
1dfe06f 2021-11-18 P4Runtime : Status Code additions (#545)
8c93532 2021-11-18 Ported Marvell armhf build on amd64 host for debian buster to use cross-comp… (#501)
74264d9 2021-11-17 [PINS] Add AppDB ACL schema values shared between the P4RT app and P4Orch (#556)
a18618f 2021-11-15 [schema] Add vnet route tunnel and advertise network tables for state db (#560)
155770e 2021-11-12 [VS test] Increase test timeout (#559)
2b11dea 2021-11-08 [PINS] Update Redis schema to match P4Orch (#548)
be7d483 2021-11-08 [schema] add ACL_TABLE_TYPE table (#546)

Signed-off-by: Don Newton <don@opennetworking.org>
 2021-11-23 07:11:49 -08:00
Mayank Maheshwari
5f235a9638
[yang_models]: Update extension yang and types yang with new yang ext… (#6861) 
* [yang_models]: Update extension yang and types yang with new yang extensions and types respectively.
* [YANG] Added CVL specific type and moved sonic-types to j2 template.
 2021-11-22 19:45:13 -08:00
Stepan Blyshchak
368b038b75
[sonic-acl] add ACL_TABLE_TYPE table (#9052) 
* [sonic-acl] add ACL_TABLE_TYPE table

I implemented ACL table type concept. Till this change, there are predefined ACL table types orchagent knows about (L3, L3V6, etc.) and if other orch requires a custom table a new table type needs to be defined in aclorch.
This PR addresses this limitation by introducing AclTableType which can be constructed from a set of matches, actions and bpoint types user needs. There is also a new handler for ACL_TABLE_TYPE table which is used for user to define table types.
Currently, some of built-in ACL table types that requires special handling are distinguished from others by their names (TABLE_TYPE_MIRROR, TABLE_TYPE_MIRRORV6) and a special handling is performed by an AclOrch.
Signed-off-by: Stepan Blyshchak <stepanb@nvidia.com>
 2021-11-23 10:33:42 +08:00
xumia
848a1710b0
[Build]: Fix the version not found issue (#9331) 
When we update the a sai package downing from a remote server, we need to update the version file as well currently, but the reproducible build feature is not enabled in master, it can only be detected when merging the code into the release branches, such as 202106, 202012, etc.
The reproducible feature is to reduce the build failure, not need to break the build when the version not specified. If version not specified, the best choice is to accept the version from remote server.

Co-authored-by: Ubuntu <xumia@xumia-vm1.jqzc3g5pdlluxln0vevsg3s20h.xx.internal.cloudapp.net>
 2021-11-22 12:18:32 -08:00
Vivek Reddy
01b239a761
[sonic-utilities] update sonic-utilities submodule (#9268) 
a3e34e30 [Auto Techsupport] Event driven Techsupport Changes (#1796)
efa2ff62 [show][platform summary] Add chassis type in the platform summary output(#1922)
a39350c6 [aclshow] enhance ACL counters to work with FC infrastructure (#1858)
ed880131 [sonic-package-manager] fix registry requests failing when no service field in Bearer fields (#1921)
00b60455 [VS test] Increase test timeout (#1924)
 2021-11-22 10:40:54 -08:00
Alexander Allen
d39d1a31ba
[yang] fix yang model tests to run on installed models (#9316) 
Previously the Yang model unit tests pulled directly from the Yang model source code for their models. This worked up to a point where we had jinja templates which needed to be rendered before they could be tested on. Now we need to reference the install location of the rendered templates for the unit tests.

Additionally, PBH yang was never added to the list of models to install onto a switch so I have resolved that (another example why pulling directly from the source was not correct)

My best explanation for why we only saw this failing on mellanox was that these tests could not have possibly been running on the broadcom build (I have not investigated this specifically). There was no way for these tests to pass recently given they were referencing Yang models which did not exist in the source (ACL).
 2021-11-19 21:16:14 -08:00
Qi Luo
06bf76b5bc
[minigraph] No longer generate the “members” field on the VLAN table in ConfigDB (#9237) 
#### Why I did it
This field is deprecated.
Fixes https://github.com/Azure/sonic-buildimage/issues/8306
Fixes https://github.com/Azure/sonic-buildimage/issues/9121
 2021-11-18 18:03:11 -08:00
Guohan Lu
c2595189e4
[config-engine]: add option to print verbose debug info in unit tests (#9303) 
add option to print verbose debug info in unit tests

Signed-off-by: Guohan Lu <lguohan@gmail.com>
 2021-11-18 09:34:28 -08:00
pettershao-ragilenetworks
0e0772596e
[ragile] support 32c and 4s platform (#8824) 
Signed-off-by: pettershao-ragilenetworks pettershao@ragilenetworks.com

What I did it

Add new platform x86_64-ragile_ra-b6510-32c-r0 (Trident 3)
ASIC Vendor: Broadcom
Switch ASIC: Trident 3
Port Config: 32x100G

Add new platform x86_64-ragile_ra-b6920-4s-r0 (Tomahawk 3)
ASIC Vendor: Broadcom
Switch ASIC: Tomahawk 3
Port Config: 128x100G

-How I did it
Provide device and platform related files.

-How to verify it
show platform fan
show platform ssdhealth
show platform psustatus
show platform summary
show platform syseeprom
show platform temperature
show interface status
 2021-11-17 23:49:06 -08:00
Mahesh Maddikayala
3025a1f8cb
[sonic-py-common][chassis] Include chassis platform when checking for internal connections (#9264) 2021-11-16 14:13:19 -08:00
Prince George
c302f490ff
[submodule]:Update sonic-platform-common submodule (#9256) 
c8eceec 400zr initial support (#228)
ef55364 SSD Health: Retrieve SSD health and temperature values from generic SSD info (#229)
26c8346 Fix cmis cable length issue (#225)
671927d Fix typo in the simulated y_cable driver (#226)
51a9aca [sfp-refactor] Add initial support for CMIS in sonic_xcvr (#220)

Signed-off-by: Prince George <prgeor@microsoft.com>
 2021-11-16 09:15:05 -08:00
Shi Su
7f45af9710
[YANG] Add YANG model for synchronous mode (#9194) 
Add YANG model leaf for synchronous mode and default value
 2021-11-15 21:57:12 -08:00
Vivek Reddy
ff32ac3ed4
[Auto Techsupport] Event driven Techsupport Changes (#8670) 
#### Why I did it

Changes required for feature "Event Driven TechSupport Invocation & CoreDump Mgmt". [HLD](https://github.com/Azure/SONiC/pull/818 )

Requires: https://github.com/Azure/sonic-utilities/pull/1796.
Merging in any order would be fine.

Summary of the changes:

- Added the YANG Models for the new tables introduces as a part of this feature.
- Enhanced init_cfg.json with the default config required
- Added a compile Time flag which enables/disables the config required for this feature inside the init_cfg.json
- Enhanced the supervisor-proc-exit-listener script to populate `<feature>:<critical_proc> = <comm>:<pid>` info in the STATE_DB when it observes an proc exit notification for the critical processes running inside the docker.
 2021-11-15 21:56:37 -08:00
Mahesh Maddikayala
2680491c03
[sonic_py_common][device info] APIs to return chassis type (voq or packet) (#9227) 2021-11-15 09:19:44 -08:00
Stepan Blyshchak
ca3a034e6f
[sonic-sairedis] update submodule (#9233) 
6f1a0ea (HEAD, origin/master, origin/HEAD, master) [FlexCounter] Add support for ACL counters (#953)
67b3136 [vslib] fill aclcapability.is_action_list_mandatory field (#957)
eba6a1b [ci]: use native armhf and arm64 pool (#965)
04793b1 [az] Set diff coverage threshold to 50% (#963)
6092d50 [syncd] Add workaround for warm boot new objects (#960)
88b62ce Added Flex Counters support for tunnel counters (#886)
a718226 [Counters] Query Counters Stats Capabilities (#952)
 2021-11-15 08:30:29 -08:00
Stepan Blyshchak
0e057a4bb1
[sonic-swss] update submodule (#9232) 
```
5f8ebfa (HEAD, origin/master, origin/HEAD, master) [AclOrch] move ACL counters to flex counter infrastructure (#1943)
8119ec0 [bfdorch] Orchagent support hardware BFD (#1883)
15074ac [sonic-swss]:enable unconfiguring PFC on last TC on a port (#1962)
05c7c05 [Mux orch] set default as standby, change mux orch priority (#2010)
fe5b2a9 [pytest]: Ignore errors deleting host ifs (#2005)
70da9af [ci]: use native arm64 and armhf pool (#2013)
e14a071 [qos] Add EXP to TC map support (#1954)
c91a7f2 [switchorch] Implement VXLAN src port range feature  (#1959)
b20f0f4 Gcov for swss daemon (#1737)
01c243a [CRM][MPLS] Fix the mpls nexthop CRM attribute (#2008)
```

Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
 2021-11-15 07:56:35 -08:00
Guohan Lu
db0b789b73
[submodule]: update sonic-linux-kernel (#9254) 
* 6aa8d00 2021-11-12 | marvell-armhf]: add kconfig force inclusion for CONFIG_ARCH_NR_GPIO (#245) (HEAD, origin/master, origin/HEAD) [dflynn-Nokia]
* 39c7d18 2021-11-06 | [arm64]: add kconfig force inclusion for COMPAT_VSDO [Guohan Lu]
* fafaaea 2021-11-06 | [backport] kernel-compat-always-include-linux-compat.h-from-net-compat.patch [Guohan Lu]
* 6ac9b48 2021-10-19 | [ci]: use native arm64/armhf pool to build kernel [Guohan Lu]

Signed-off-by: Guohan Lu <lguohan@gmail.com>
 2021-11-14 12:01:39 -08:00
dflynn-Nokia
df12ac5abd
[build]: marvell-armhf bullseye fixes (#9243) 
This commit fixes/avoids the following errors encountered during the
marvell-armhf build for bullseye

- Fix Marvell prestera DMA driver build failure due to kallsyms_lookup_name()
  no longer being exported by the updated bullseye kernel. This is a temporary
  fix that will be replaced by a future version of the DMA driver.

- Update qemu-user-static version to align with the new glibc version included
  in bullseye

- Skip systemd-sonic-generator unit tests to avoid test failures. Root cause is
  still TBD

#### Why I did it
Fix the following build errors observed when building marvell-armhf for bullseye
1. Marvell Prestera DMA driver uses kernel API no longer exported
ERROR: modpost: "kallsyms_lookup_name" [/sonic/platform/marvell-armhf/prestera/mrvl-prestera/cpssEnabler/linuxNoKernelModule/drivers//mvDmaDrv.ko] undefined!

2. Old qemu-user-static version does not support semop() leading to following build failure
semop(1): encountered an error: Function not implemented

3. systemd-sonic-generator unit test failure
ssg-test.cc:217: Failure
Expected equality of these values:
  find_string_in_file(str_t, target, num_asics)
    Which is: false
  expected_result
    Which is: true
Error validating Before=single_inst.service in test.service
[  FAILED  ] SsgMainTest.ssg_main_40_npu (20 ms)
[----------] 4 tests from SsgMainTest (36 ms total)

[----------] Global test environment tear-down
[==========] 10 tests from 3 test suites ran. (54 ms total)
[  PASSED  ] 7 tests.
[  FAILED  ] 3 tests, listed below:
[  FAILED  ] SsgMainTest.ssg_main_single_npu
[  FAILED  ] SsgMainTest.ssg_main_10_npu
[  FAILED  ] SsgMainTest.ssg_main_40_npu

 3 FAILED TESTS
 2021-11-13 10:48:58 -08:00
Guohan Lu
19f878f591
Revert "[yang] Add missing device types to the device_metadata yang (#9226)" (#9251) 
This reverts commit 2dc94b30bb.
 2021-11-12 22:08:58 -08:00
liuh-80
ff09b8b8ed
[TACACS+] Add Bash TACACS+ plugin for per-command authorization. (#8715) 
This pull request add a bash plugin for TACACS+ per-command authorization

#### Why I did it
1. To support TACACS per command authorization, we check user command before execute it.
2. Fix libtacsupport.so can't parse tacplus_nss.conf correctly issue:
            Support debug=on setting.
            Support put server address and secret in same row.
3. Fix the parse_config_file method not reset server list before parse config file issue.

#### How I did it
The bash plugin will be called before every user command, and check user command with remote TACACS+ server for per-command authorization.

#### How to verify it
UT with CUnit cover all code in this plugin.
Also pass all current UT.

#### Which release branch to backport (provide reason below if selected)
N/A

#### Description for the changelog
Add Bash TACACS+ plugin.


#### A picture of a cute animal (not mandatory but encouraged)
 2021-11-13 09:57:30 +08:00
tjchadaga
645173307a
sonic-platform-daemons submodule update (#9223) 2021-11-12 13:23:12 -08:00
Neetha John
2dc94b30bb
[yang] Add missing device types to the device_metadata yang (#9226) 
* Add missing device types to the DEVICE_METADATA type field

Signed-off-by: Neetha John <nejo@microsoft.com>
 2021-11-11 19:41:24 -08:00
kellyyeh
a86320a773
DHCPv6 Relay multivlan functionality support (#9178) 
Fix support for DHCPV6 Relay multi vlan functionality. Make sure the relayed packet is received at correct interface.

How I did it
Bind a socket to each vlan interface's global and link-local address.
Socket binded to global address is used for relaying data from client to server and receiving data from servers.
Socket binded to link-local address is used for relaying data received from server back to the client.
 2021-11-11 17:49:04 -08:00
Vivek Reddy
5826a5c4e7
[submodule] Update sonic-utilities submodule (#9229) 
4bcaa602 [generic-config-updater] Adding logging to config-{replace, rollback, checkpoint, list-checkpoints} (#1885)
5e95fc34 [debug dump util] Vlan Module Added (#1877)
7f0bbd99 [debug dump util] Portchannel module added (#1853)
50bbfa0f Removed -t option and other missing fixes (#1884)

update sonic-utilties submodule

Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
 2021-11-11 09:22:33 -08:00
Renuka Manavalan
bb92e98bb8
TACACS: Don't send sshd's bad password to AAA (#9123) 
When sshd realizes that this login can't succeed due to internal device state
or configuration, instead of failing right there, it proceeds to prompt for
password, so as the user does not get any clue on where is the failure point.

Yet to ensure that this login does not proceed, sshd replaces user provided password
with a specific pattern of characters matching length of user provided password.
This pattern is "INCORRECT", which is bound to fail.

If user provided length is smaller/equal, the substring of pattern is overwritten.
If user provided length is greater, the pattern is repeated until length is exhausted.

But if the PAM-tacacs plugin would send this password to AAA, the user could get
locked out by AAA, for providing incorrect value.

How I did it
Hence this fix, matches obtained password against the pattern. If match, fail just before
reaching AAA server.
 2021-11-11 07:46:52 -08:00
Stepan Blyshchak
b8eb9f2769
[sonic-yang-models] add ACL flex counter group (#8909) 
Why I did it
To add ACL FC to the YANG model.

How I did it
Added to the YANG model and added a UT.

How to verify it
Together with depends PRs. Run ACL/Everflow test suite.

Signed-off-by: Stepan Blyshchak <stepanb@nvidia.com>
 2021-11-11 09:09:36 +08:00
Stepan Blyshchak
a2c2d67098
[ACL] enable ACL FC when genereting config from minigraph but disable by default (#8908) 
* [ACL] enable ACL FC when genereting config from minigraph but disable by default
Why I did it
To support ACL counters on Flex Counter Infrastructure.

How I did it
Enable ACL FC in init_cfg and minigraph. Disable when genereting configuration from preset.

How to verify it
Together with depends PRs. Run ACL/Everflow test suite.

Signed-off-by: Stepan Blyshchak <stepanb@nvidia.com>
 2021-11-11 09:07:54 +08:00
Guohan Lu
5f11eb320e Revert "sysready (#8889)" 
This reverts commit d7e5372e54.
 2021-11-10 15:36:20 -08:00
Kiran Kumar Kella
b4dda1c18d Ported iptables patch to 5.10 kernel (#4) 
Ported Iptables patch for supporting fullcone NAT option to 5.10 kernel.

Signed-off-by: Kiran Kella <kiran.kella@broadcom.com>
 2021-11-10 15:27:22 -08:00
Saikrishna Arcot
91f6800500 Upgrade to ntp 4.2.8p15 for Bullseye 
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
 2021-11-10 15:27:22 -08:00
Saikrishna Arcot
2b0ad74db6 Update kdump-tools for bullseye 
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
 2021-11-10 15:27:22 -08:00
Saikrishna Arcot
06d793e985 sonic-frr: Add patch to skip installing png files 
In the build in Bullseye, there are no png files available in the
specified installation source directory. For now, don't bother
installing those files.

This may end up being reverted later if there are indeed png files that
need to be installed for documentation.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
 2021-11-10 15:27:22 -08:00
Saikrishna Arcot
c923310b8c Update snmpd to 5.9, as part of the Bullseye upgrade 
Debian actually did a binNMU for snmpd, so to match the package version
we're building with the version in the offiical repos, that version
needs to be manually specified in the changelog.

Buster still needs 5.7.3, because there's a ABI change between 5.7.3 and
5.9 for libsnmp, so for Buster, make sure that 5.7.3 is built, and for
Bullseye, make sure that 5.9 is built.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
 2021-11-10 15:27:22 -08:00
Saikrishna Arcot
da9f72910a Update monit build for Bullseye 
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
 2021-11-10 15:27:22 -08:00
Saikrishna Arcot
a1d30e3aa0 Python 2 removal/cleanup 
Remove Python 2 package installation from the base image. For container
builds, reference Python 2 packages only if we're not building for
Bullseye.

For libyang, don't build Python 2 bindings at all, since they don't seem
to be used.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
 2021-11-10 15:27:22 -08:00
Saikrishna Arcot
b0b9bb0d68 openssh: Upgrade from 7.9 to 8.4, to match version in Bullseye 
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
 2021-11-10 15:27:22 -08:00
Saikrishna Arcot
371f496340 Update initramfs-tools from 0.133 to 0.140 
Also update the patch to add support for booting from squashfs to fix a
shellcheck warning.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
 2021-11-10 15:27:22 -08:00
Saikrishna Arcot
20598f3019 Update src/sonic-linux-kernel to point to the 5.10 kernel 
Some patches have been enabled at this point, others need more rework.

Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
 2021-11-10 15:27:22 -08:00
Senthil Kumar Guruswamy
d7e5372e54
sysready (#8889) 2021-11-10 14:52:52 -08:00
Arun Saravanan Balachandran
8219975d6f
[test] Include chassis fields validation in platform.json unit test (#8820) 
Why I did it
Include validation of chassis dict in platform.json unit test
Based on: Azure/SONiC#768

How I did it
Update platform_json_checker to validate fields in chassis dict.

How to verify it
Verified that the unit test reports success for correct values of existing and capabilities fields in platform.json
 2021-11-10 12:08:20 -08:00
AmitKaushik7
13bb747398
Adding mmu buffer yang files (#7838) 
Why I did it
Added Buffer yang files derived from sonic/mgmt-cvl/testdata/schema from sonic-mgmt-common,  used by mgmt-framework.

Updated BUFFER_PG|({ifname},)*|{pg_num} to BUFFER_PG|{ifname}|{pg_num} in sonic-buffer-pg.yang.
This change is required for configuration migration for dynamic port breakout operation.

Added sonic-buffer-queue.yang for BUFFER_QUEUE

Tables: BUFFER_POOL, BUFFER_PROFILE, BUFFER_PG, BUFFER_QUEUE.

How I did it
Defined Yang models for BUFFER tables based on Guideline doc:
https://github.com/Azure/SONiC/blob/master/doc/mgmt/SONiC_YANG_Model_Guidelines.md
and
https://github.com/Azure/sonic-utilities/blob/master/doc/Command-Reference.md

How to verify it
sonic_yang_models package build.

Description for the changelog
MMU Buffer yang files (BUFFER_POOL/BUFFER_PROFILE/BUFFER_PG/BUFFER_QUEUE)
 2021-11-10 10:23:18 -08:00
liuh-80
e2bffdf9e7
[sonic-utilities] submodule update (#9203) 
Updating sonic-utilities sub module with the following commits

63a5257 [TACACS+] Add config command for AAA authorization and accounting. (#1889)
8a8577b [dump] [copp] Fixed the NameError Exception for copp dump module (#1911)
84be8b4 Dump media_settings from appDB during fast-reboot (#1910)
563c416 Allow interface type value none (#1902)
095bf54 generic_updater: Fix service validator related issues (#1901)
efbe1f4 [chassis][supervisor][show][interfaces]show interfaces command warning on Supervisor card (#1771)
487b3b7 Add CRM CLIs for SRV6 nexthop and my_sid_entry (#1883)
 2021-11-09 12:19:35 -08:00
gechiang
ef457ab13f
Disable ALPM distributed hitbit thread that is used for debug purpose only but interfered with Other functional operations (#9199) 2021-11-09 07:21:57 -08:00
Ze Gan
07038a0223
[submodule]: update for swss-common (#9192) 
52b7a47 (HEAD, origin/master, origin/HEAD) [schema]: MACsec statistics support (#520)
48d7d8a [ci]: use native arm64 and armhf pool to build (#552)

Signed-off-by: Ze Gan <ganze718@gmail.com>
 2021-11-09 09:49:38 +08:00
trzhang-msft
de3a928c7c
caclmgrd: support packet mark in DHCP chain (#9131) 
* caclmgrd: support packet mark in DHCP chain
 2021-11-08 14:54:16 -08:00
Raphael Tryster
e8d316de61
[submodule] Update snmpagent (#9102) 
Why I did it
Update pointer to this commit in sonic-snmpagent:

a07da53 2021-10-26 Removed unused variables in rfc2863.py (#237)
 2021-11-08 09:55:24 -08:00
Guohan Lu
a2d0dbe604
[sonic-yang]: introduce yang template for cvl yang (#8880) 
Signed-off-by: Guohan Lu <lguohan@gmail.com>
 2021-11-06 11:35:55 -07:00
Junchao-Mellanox
68dfbfaf2a
Allow interface type value none (#9098) 
This PR allow user to set none value to interface type. So there is a way to achieve the goal via CLI:

config interface type XXX none
config interface speed XXX 10000
config interface type XXX CR
 2021-11-05 19:09:14 -07:00
Sudharsan Dhamal Gopalarathnam
4f00b86502
[swss] Update Submodule (#9174) 
Including the below commits to update swss submodule
8448a60 [vs tests]Migrating sonic-swss tests to use hwsku instead of fakeplatform (#1978)
faa26db Fix random failure in PR/CI build. (#2006)
e03edb6 Allow interface type value none (#1991)
71b9650 [orchagent] Fix group name of port-buffer-drop in flexcounterorch.cpp (#1967)
facdef5 [VS test] Skip flaky virtual chassis test (#2004)
8261c1f [pytest]: Increase timeout when checking services (#2000)
67278be [teammgrd]: Handle LAGs cleanup gracefully on Warm/Fast reboot. (#1934)
e92c1df Enable FEC statistics collection for Ethernet ports (#1994)
9f30ca1 VxLAN Tunnel Counters and Rates implementation (#1859)

Signed-off-by: Sudharsan Dhamal Gopalarathnam <sudharsand@nvidia.com>
 2021-11-05 11:39:45 -07:00
Prince Sunny
02902078ee
[Submodule] update for swss-common (#9180) 
d23cf88 - 2021-10-28 : [schema] Add ACL_COUNTER_ATTR_ID_LIST (#533) [Stepan Blyshchak]
53b84c7 - 2021-10-26 : Add default route table name to State DB (#543) [Prince Sunny]
 2021-11-05 08:24:35 -07:00
liuh-80
a61ffcd92c
[TACACS+] Add Config DB schema and HostCfg Enforcer plugin to support TACACS+ per-command authorization&accounting. (#9029) 
[TACACS+] Add Config DB schema and HostCfg Enforcer plugin to support TACACS+ per-command authorization&accounting. (#9029)

#### Why I did it
    Support TACACS per-command authorization&accounting.

#### How I did it
    Change ConfigDB schema and HostCfg enforcer.
    Add UT to cover changed code.

#### How to verify it
    Build following project and pass all UTs:
    make target/python-wheels/sonic_host_services-1.0-py3-none-any.whl

#### Which release branch to backport (provide reason below if selected)
    N/A

#### Description for the changelog
    Add Config DB schema and HostCfg Enforcer plugin to support TACACS+ per-command authorization&accounting.

#### A picture of a cute animal (not mandatory but encouraged)
 2021-11-05 12:39:48 +08:00
Akhilesh Samineni
2c801ef442
[yang]: SONiC Yang model for DHCP-Relay parameters (#8946) 
SONiC Yang model for DHCP-Relay parameters

What I did
Added DHCPv6 Servers.
Tables: VLAN, DHCP_RELAY.

How I did it
Defined Yang model for Relay based on Guideline doc:
https://github.com/Azure/SONiC/blob/master/doc/mgmt/SONiC_YANG_Model_Guidelines.md

How to verify it
Added test cases to verify it.

Signed-off-by: Akhilesh Samineni akhilesh.samineni@broadcom.com
 2021-11-04 10:44:04 -07:00
anamehra
fed19e3fb5
Added get_system_mac support for cisco-8000 device (#9104) 
Added get_system_mac support for cisco-8000 device

Why I did it
This is required to assign unique MACs to namespaces on Backend and Frontend asics
for cisco-8000 platforms

How I did it
Add vendor specific hook in get_system_mac. The MAC address are read from /profile.ini
file

How to verify it
config load_minigraph on a multi-asic system
config save
check mac addresses in DEVICE_METADATA section in each config_db json file
 2021-11-04 08:27:55 -07:00
kellyyeh
1067bc8fd3
Fix invalid destination address error (#9143) 2021-11-02 12:36:32 -07:00
Vivek Reddy
05b6207849
[hostcfgd] Missing comment added (#9113) 
Missing comment change which is supposed to arrive with #8861 is added here

Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
 2021-11-02 07:39:05 -07:00
Stepan Blyshchak
9a143aeb4b
[sonic-utilities] update submodule (#9137) 
```
ca728b8 [config] fix interface IPv6 address removal. (#1819)
0665d6f VxLAN Tunnel Counters and Rates implementation (#1748)
80a10dc Fix log_ssd_health hang issue (#1904)
ea4a730 [config][cbf] Added config commands for CBF (#1799)
02ce8d6 [sonic-package-manager] update FEATURE entries on upgrade (#1803)
9f123c0 [generate_dump] remove secrets from dump files (#1886)
3a8ab73 [fwutil] Add `fwutil update all` to support the automatic platform component fw updates (#1242)
776fddf [sonic-package-manager] code style fixes and enhancements (#1802)
f53baac [watermarkstat] Fix for error in processing empty array from couters db (#1810)
0b2536b Generic_upater: Apply JSON change (#1856)
```

Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
 2021-11-02 08:56:08 +02:00
Praveen Chaudhary
021b7dcb04
[sonic-breakout_cfg.yang]: Remove pattern from sonic-breakout_cfg.yang. (#6801) 
Changes:
-- Remove pattern from sonic-breakout_cfg.yang, it is redundant.
-- test changes.

Signed-off-by: Praveen Chaudhary <pchaudhary@linkedin.com>
 2021-11-01 08:26:27 -07:00
Sudharsan Dhamal Gopalarathnam
9661f10d0c
[swss] Update sub module (#9124) 
The submodule update includes the following commits
ac3103a Add missing neighbor resolution for MPLS route programming (#1968)
bfba0ad [vlanmgr]Fix for STATE_DB port check logic (#1980)
9ef2ba4 Update VLAN removal code to work with 5.10 kernel and new
41fb26c Handle setting unknown mux state (#1984)
ac09bde Increase timeout for VS tests (#1988)
da8a43e Check if appl DB exists before deleting (#1983)
553d75a Change tunnel orch order (#1977)
7444e96 Add rekey period in macsec mgr (#1958)
d95823d [Buffermgr]Graceful handling of buffer model change (#1956)
b0aa6a0 EVPN VxLAN enhancement to support P2MP tunnel based programming for L
85bdf54 Fix the option missing in kernel config issue (#1973)
6b15584 Orchagent validates mirror session queue parameter against maximum va
fc9ffb9 [copp] Add ISIS, LDP and micro-BFD trap types to CoPP manager (#1890)
452cbc1 [macsecorch]: Add IPG adjusting for MACsec gearbox model (#1925)

Signed-off-by: Sudharsan Dhamal Gopalarathnam <sudharsand@nvidia.com>
 2021-11-01 08:23:11 -07:00
abdosi
919b3e5cdf
[chassis-packet] Fixed BGP Internal Peer template (#9106) 
What I did:

Fix the typo in Internal Peer Group template for Packet-based Chassis.
Address Review comments of PR: [chassis-packet] minigraph parsing and BGP template changes #8966
- Static Route Parsing for Host
- Formatting of chassis port_config.ini
 2021-10-29 11:02:38 -07:00
Qi Luo
1c07d39cda
[sonic-snmpagent] Update submodule (#9076) 
#### Why I did it
Includes below commits
```
c2d4945 2021-09-17 | [snmp] Allow system with no ports in config db run without errors (#221) [Lior Avramov]
fccb21b 2021-08-30 | [RFC1213]: Initialize lag oid map in reinit_data instead of (#232) [SuvarnaMeenakshi]
```
 2021-10-29 07:15:00 -07:00
thomas.cappleman@metaswitch.com
aab689e961
[swss-common] Update swss-common submodule (#9073) 
[schema] Add EXP to TC map config table (#537)
[CI]: Swap the python code coverage report with the cpp report (#544)
Remove SWIG generated files from coverage report (#542)
Update database defintions for PINs / P4Runtime (#536)
[ci]: Support code coverage (#539)
Fix the option missing in kernel config issue (#541)
Add SRV6 APP tables (#538)
[schema] Rename CBF config tables (#535)
 2021-10-28 09:39:34 -07:00
Vivek Reddy
37882942c9
[hostcfgd] Fixed the brief blackout in hostcfgd using SubscriberStateTable (#8861) 
#### Why I did it

Fixes https://github.com/Azure/sonic-buildimage/issues/8619

#### How I did it

1) Listening to CFG_DB notifications was migrated from ConfigDBConnector to SubscriberStateTable & Select
2) This change in design helped me to remove `update_all_features_config` which was roughly taking a 5-10 sec time to execute and thus the reason for blackout
3) Edited FeatureHandler, Feature & NtpCfgd classes to suit this design  
4) Added corresponding mocks and UT's

**Changes made to classes other than HostConfigDaemon:**
With the previous design, the initially read data from the config db was applied by using hardcoded methods even before the config_db.listen() was called. For Eg: `update_all_features_config` for FeatureHandler and load() named methods for NtpCfgd etc

But with this design, since the existing data is read and given out as a notification by SubscriberStateTable, i've pretty much removed these hardcoded methods. Thus changes made to these class will be around adapting them to the new design and no change in the actual functionality .


#### How to verify it

UT's:
```
tests/determine-reboot-cause_test.py .........                                                                                                                                                                                        [ 29%]
tests/procdockerstatsd_test.py .                                                                                                                                                                                                      [ 32%]
tests/caclmgrd/caclmgrd_dhcp_test.py ......                                                                                                                                                                                           [ 51%]
tests/hostcfgd/hostcfgd_radius_test.py ..                                                                                                                                                                                             [ 58%]
tests/hostcfgd/hostcfgd_test.py .............                                                                                                                                                                                         [100%]
```
Verified manually, 

```
Sep 10 22:53:25.662621 sonic INFO systemd[1]: hostcfgd.service: Succeeded.
Sep 10 22:55:04.127719 sonic INFO /hostcfgd: ConfigDB connect success
Sep 10 22:55:04.128108 sonic INFO /hostcfgd: KdumpCfg init ...
Sep 10 22:55:04.148819 sonic INFO /hostcfgd: Waiting for systemctl to finish initialization
Sep 10 22:55:04.163452 sonic INFO /hostcfgd: systemctl has finished initialization -- proceeding ...
Sep 10 22:55:04.163834 sonic INFO /hostcfgd: Kdump handler...
Sep 10 22:55:04.164019 sonic INFO /hostcfgd: Kdump global configuration update
Sep 10 22:55:04.758784 sonic INFO hostcfgd[184471]: kdump is already disabled
Sep 10 22:55:04.758876 sonic INFO hostcfgd[184471]: Kdump is already disabled
Sep 10 22:55:05.182021 sonic INFO hostcfgd[184511]: Kdump configuration has been updated in the startup configuration
Sep 10 22:55:05.596919 sonic INFO hostcfgd[184528]: Kdump configuration has been updated in the startup configuration
Sep 10 22:55:06.140627 sonic INFO /hostcfgd: Feature nat is stopped and disabled
Sep 10 22:55:06.642629 sonic INFO /hostcfgd: Feature telemetry is enabled and started
Sep 10 22:55:07.101297 sonic INFO /hostcfgd: Feature pmon is enabled and started
Sep 10 22:55:07.554366 sonic INFO /hostcfgd: Feature database is enabled and started
Sep 10 22:55:08.009329 sonic INFO /hostcfgd: Feature mgmt-framework is enabled and started
Sep 10 22:55:08.394952 sonic INFO /hostcfgd: Feature macsec is stopped and disabled
Sep 10 22:55:08.782853 sonic INFO /hostcfgd: Feature snmp is enabled and started
Sep 10 22:55:09.205381 sonic INFO /hostcfgd: Feature teamd is enabled and started
Sep 10 22:55:09.224877 sonic INFO /hostcfgd: Feature what-just-happened is enabled and started
Sep 10 22:55:09.627929 sonic INFO /hostcfgd: Feature lldp is enabled and started
Sep 10 22:55:10.086993 sonic INFO /hostcfgd: Feature swss is enabled and started
Sep 10 22:55:10.170312 sonic INFO /hostcfgd: cmd - service aaastatsd stop
Sep 10 22:55:11.012236 sonic INFO /hostcfgd: cmd - service aaastatsd stop
Sep 10 22:55:12.225946 sonic INFO /hostcfgd: Feature bgp is enabled and started
Sep 10 22:55:12.712792 sonic INFO /hostcfgd: Feature dhcp_relay is enabled and started
Sep 10 22:55:13.166656 sonic INFO /hostcfgd: Feature sflow is stopped and disabled
Sep 10 22:55:13.593639 sonic INFO /hostcfgd: Feature radv is enabled and started
Sep 10 22:55:14.034106 sonic INFO /hostcfgd: Feature syncd is enabled and started
Sep 10 22:55:14.113064 sonic INFO /hostcfgd: cmd - service aaastatsd stop
Sep 10 22:55:14.863601 sonic INFO /hostcfgd: RADIUS_SERVER update: key: 10.10.10.1, op: SET, data: {'auth_type': 'pap', 'passkey': 'p*****', 'retransmit': '1', 'timeout': '1'}
Sep 10 22:55:14.938605 sonic INFO /hostcfgd: cmd - service aaastatsd stop
Sep 10 22:55:15.667545 sonic INFO /hostcfgd: RADIUS_SERVER update: key: 10.10.10.3, op: SET, data: {'auth_type': 'chap', 'passkey': 'p*****', 'retransmit': '2', 'timeout': '2'}
Sep 10 22:55:15.667801 sonic INFO /hostcfgd: RADIUS (NAS) IP change - key:eth0, current global info {}
Sep 10 22:55:15.746531 sonic INFO /hostcfgd: cmd - service aaastatsd stop
Sep 10 23:04:47.435340 sonic INFO /hostcfgd: ntp server update key 0.debian.pool.ntp.org
Sep 10 23:04:47.435661 sonic INFO /hostcfgd: ntp server update, restarting ntp-config, ntp servers configured {'0.debian.pool.ntp.org'}
Sep 10 23:04:47.866394 sonic INFO /hostcfgd: NTP GLOBAL Update
Sep 10 23:04:47.866557 sonic INFO /hostcfgd: ntp global update for source intf old {''} new {'eth0', 'Loopback0'}, restarting ntp-config
Sep 10 23:16:25.157600 sonic INFO /hostcfgd: Running cmd: 'sudo systemctl unmask sflow.service'
Sep 10 23:16:25.178472 sonic INFO hostcfgd[192106]: Removed /etc/systemd/system/sflow.service.
Sep 10 23:16:25.582018 sonic INFO /hostcfgd: Running cmd: 'sudo systemctl enable sflow.service'
Sep 10 23:16:25.604534 sonic INFO hostcfgd[192123]: Created symlink /etc/systemd/system/sonic.target.wants/sflow.service → /lib/systemd/system/sflow.service.
Sep 10 23:16:26.029416 sonic INFO /hostcfgd: Running cmd: 'sudo systemctl start sflow.service'
Sep 10 23:16:26.691927 sonic INFO /hostcfgd: Feature sflow is enabled and started
```
 2021-10-28 07:18:07 -07:00
Neetha John
d35b50b116
[minigraph] Add tagged vlan member support for storage backend (#9045) 
Signed-off-by: Neetha John <nejo@microsoft.com>

Why I did it
Storage T0's have all vlan members as tagged

How I did it
Since currently minigraph does not have a unique way to identify if a vlan member is tagged/untagged and to ensure other scenarios are not broken, the logic used is to just update the vlan member type as 'tagged' when we determine that it is a storage backend device. This change will apply only to storage backend T0's since storage backend T1's will not have vlan member information

How to verify it
Updated the storage backend T0 testcases to check for tagged vlan members
Added testcase to check if a T1 and backend T1 device generates an empty vlan member table
Existing vlan member testcases are good enough for checking if any regression has been caused for regular T0's
Build sonic_config_engine-1.0-py3-none-any.whl successfully
 2021-10-27 09:27:18 -07:00
Qi Luo
4bda0a921f
[build] Use pip to install setup.py dependency instead of python setup.py install (#8997) 
#### Why I did it
Fix a recent build error introduced by a pre-release redis-py. This is a general issue because `python setup.py install` (ie `easy_instal`) does not ignore pre-release versions. The fix is suggested by https://github.com/pypa/setuptools/issues/855#issuecomment-583803959
 2021-10-26 21:12:45 -07:00
jingwenxie
b0c73d9a73
[submodule] Update submodule for sonic-utilities (#9051) 
8ea834b [sonic_installer] Change sonic_installer check ASIC mismatch by platforms list (#1836)
9017d99 Fix the option missing in kernel config issue (#1888)
6595ad4 [mlag] fix log print sequence (#1730)
e600e1c CLI command to load config in Yang format (#1781)
00948d0 Fix the target db version of portchannel-key test (#1842)
6412fea [sonic-package-manager] remove make_python_identifier (#1801)
f738818 [sonic-package-manager] stop service explicitelly before uninstalling package (#1805)
d8ee5e9 Remove exec from platform_reboot_plugin call to handle any hang issue. (#1879)
827fcee [chassis][routecheck]filter out the chassis internal interfaces (#1798)
4d732c6 [generic_config_updater] Logging (#1864)
25bb184 [config]: Add loopback interfaces to interface name checker (#1869)
c950a55 Validate input of config mirror_session add (#1825)
9ab20fd [show][config] fix the muxcable commands for interface naming mode (#1862)
476b3a4 [multi-asic][cli][chassis-db] Avoid connecting to chassis db for cli commands executed from linecard (#1707)
 2021-10-26 15:09:24 +08:00
Ze Gan
d051bc4eb7
Update wpa supplicant (#8998) 
Signed-off-by: Ze Gan <ganze718@gmail.com>

986a835153b3df3a37492fbd3a83fc8e38a40c10 Proactively rekey https://github.com/Azure/sonic-wpa-supplicant/pull/36
b84dd21ac7b76686caf53f2e9a2c8eb80519ab31 Fix azurepieline download sonic swss common deb pakcage https://github.com/Azure/sonic-wpa-supplicant/pull/37
66002de9d5e3165ccdbed40451db86ae0a8b3944 [macsec_sonic] driver support for macsec_include_sci https://github.com/Azure/sonic-wpa-supplicant/pull/35
dae8f59cb54c90bc9011bd675806a75dd0808d27 MACsec XPN changes https://github.com/Azure/sonic-wpa-supplicant/pull/34
c2271b2879ed157718edb51e842a3e33debeab7f Move SSCI from SC to SA and change packet number field name to adapt sai 1.7.1 https://github.com/Azure/sonic-wpa-supplicant/pull/26
1bbc8f1ef463dd21428ce80b72da107f3bd2f3f0 Fix for CP state machine issues https://github.com/Azure/sonic-wpa-supplicant/pull/33
 2021-10-25 10:14:29 +08:00