Commit Graph

3318 Commits

Author SHA1 Message Date
xumia
76a395cdbf
[secure boot] Support rw files allowlist (#4585)
* Support rw files allowlist for Sonic Secure Boot
* Improve the performance
* fix bug
* Move the config description into a md file
* Change to use a simple way to remove the blank line
* Support chmod a-x in rw folder
* Change function name
* Change some unnecessary words
2020-06-13 00:10:13 -07:00
Renuka Manavalan
edeb40ffcf
[k8s]: switching to Flannel from Calico. (#4768)
Switching to Flannel from Calico which brings down the image size by around 500+MB.
2020-06-12 18:06:08 -07:00
Arun Saravanan Balachandran
a748daeaed
[docker-sonic-mgmt]: import patch to support 'become' and 'become_user' arguments in pytest-ansible (#4681) 2020-06-12 16:21:10 -07:00
Joe LeVeque
4e482c16ba
[build] Enable telemetry service by default (#4760)
**- Why I did it**
To ensure telemetry service is enabled by default after installing a fresh SONiC image

**- How I did it**
Set telemetry feature status to "enabled" when generating init_cfg.json file
2020-06-12 16:20:31 -07:00
joyas-joseph
1714e621be
[docker-radv]: Convert radv docker to buster (#4727)
* Set radvd version to match buster version(2.17-2)

Signed-off-by: Joyas Joseph <joyas_joseph@dell.com>
2020-06-12 16:10:23 -07:00
shlomibitton
ea63f3e4b2
[mellanox]: Fix for MSN4600C sensors (#4754)
Signed-off-by: Shlomi Bitton <shlomibi@mellanox.com>
2020-06-12 16:08:27 -07:00
Andriy Kokhan
6acd64d005
[BFN] Updated SDK packages to SAI v1.6.1 (#4744)
Signed-off-by: Andriy Kokhan <akokhan@barefootnetworks.com>
2020-06-11 23:24:49 -07:00
Ying Xie
4b39193a13
[sonic-mgmt] upgrade ansible to 2.7.12 (#4751)
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2020-06-11 23:23:27 -07:00
Joe LeVeque
5d5d5739c2
[dockers] Rename 'docker-snmp-sv2' to 'docker-snmp' (#4699)
The `-sv2` suffix was used to differentiate SNMP Dockers when we transitioned from "SONiCv1" to "SONiCv2", about four years ago. The old Docker materials were removed long ago; there is no need to keep this suffix. Removing it aligns the name with all the other Dockers.

Also edit Monit configuration to detect proper snmp-subagent command line in Buster, and make snmpd command line matching more robust.
2020-06-11 16:04:23 -07:00
Ying Xie
2e93a92bd9
[sonic-mgmt] upgrade paramilo to version 2.7.1 (#4750)
spytest requires higher paramiko version. Fix it to 2.7.1.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2020-06-11 14:04:51 -07:00
Ying Xie
ae7bf3db52
[ntp] disable ntp long jump (#4748)
Found another syncd timing issue related to clock going backwards.
To be safe disable the ntp long jump.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2020-06-11 13:01:21 -07:00
Dong Zhang
ddd60bfec1
[MultiDB] Add REDIS_TIMEOUT_MSECS back which is removed by mistake (#4757) 2020-06-11 12:51:42 -07:00
Junchao-Mellanox
4da4955b2f
[Mellanox] Upgrade mft to 4.14.1-8 (#4701) 2020-06-11 09:02:44 +03:00
noaOrMlnx
36419978b7
[Mellanox] Update SAI, SDK 4.4.0928 and FW xx.2007.1208 - master branch (#4723)
Signed-off-by: Noa Or <noaor@mellanox.com>
2020-06-11 09:01:01 +03:00
Danny Allen
814cbe0066
[submodule] Update swss submodule (#4737)
Signed-off-by: Danny Allen <daall@microsoft.com>
2020-06-10 16:39:06 -07:00
taochengyi
830c9eabd4
[centec]: update SAI to v1.6.1 for centec x86 platform (#4730) 2020-06-10 01:32:08 -07:00
Joe LeVeque
c6365e7abe
Reorganize .gitignore files (#4707)
- Add .gitignore files in each subdirectory of src/, so as to reduce the size of the .gitignore file in the project root, and also make it easier to maintain (i.e., if a directory in src/ is removed, there will not be outdated entries in the root .gitignore file.

- Also add missing .gitignore entries and remove outdated entries and duplicates.
2020-06-09 21:04:55 -07:00
Aravind Mani
f31eabb5ee
[Dell] Force10-S6000-Q24S32 new HWSKU support (#4680)
**Why I did it**

- Added support for S6000 new HWSKU-Q24S32

**How I did it**

- Modified port_config.ini, TD2 settings to bring the ports UP.

**How to verify it**

- Check LLDP neighbors,LLDP table, interface status,EEPROM and other show commands.
- Do OIR, LED, Traffic testings.
2020-06-09 10:07:14 -07:00
Aravind Mani
7f07865ac2
[Dell] Force10-S6000-Q28S16 new HWSKU support (#4679)
**How I did it**

- Modified port_config.ini, TD2 settings to bring the ports UP.

**How to verify it**

- Check LLDP neighbors,LLDP table, interface status,EEPROM and other show commands.
- Do OIR, LED, Traffic testings.
2020-06-09 10:05:52 -07:00
chihhan123
23ddfb866e
[accton]: Update AS7312-54X, AS7312-54XS, AS7315-27XB config.bcm file (#4702)
Update AS7312-54X,AS7312-54XS,AS7315-27XB config.bcm file to make sure there is no the following error message.

configuration: format error in /usr/share/sonic/hwsku/th-as7312-48x25G+6x100G.config.bcm on line 110 (ignored)#15
2020-06-09 09:56:53 -07:00
Sabareesh-Kumar-Anandan
9f94572abe
[marvell] skip thermal control daemon for marvell device (#4703)
Signed-off-by: Sabareesh Kumar Anandan <sanandan@marvell.com>
2020-06-09 09:20:51 -07:00
YaoTien
e2ebe99665
[devices]: Fixed OSW1800 build problem (#4647)
* Enable to build osw1800
* Modify wnc-eeprom which base on debian buster's eeprom.c

Co-authored-by: Brand.huang <brand.huang@wnc.com.tw>
2020-06-09 09:19:45 -07:00
Joe LeVeque
9b27efdcc2
[dockers] Rename 'docker-lldp-sv2' to 'docker-lldp' (#4700)
The -sv2 suffix was used to differentiate SNMP Dockers when we transitioned from "SONiCv1" to "SONiCv2", about four years ago. The old Docker materials were removed long ago; there is no need to keep this suffix. Removing it aligns the name with all the other Dockers.
2020-06-09 09:09:56 -07:00
SuvarnaMeenakshi
95d51bd4a0
[submodule update]: Advance sonic-snmpagent and sonic-py-swsssdk (#4713)
Update sonic-snmpagent submodule with PRs:
89b7b2c  [Multi-asic]: Namespace support for LLDP and Sensor tables (#131)
fcb8955 Simplify test code (#132)
a677876 [Multi-asic]: Support multi-asic platform (#126)

update sonic-py-swsssdk submodule with PRs:
132f8d5  [MultiDB]: use python class composition to avoid confusion in base class (#74)

Signed-off-by: SuvarnaMeenakshi <sumeenak@microsoft.com>
2020-06-09 09:09:14 -07:00
Arun Saravanan Balachandran
54b284f4b0
[DellEMC]: EEPROM decoder for S6000, S6000-ON (#4718)
**- Why I did it**

For decoding system EEPROM of S6000 based on Dell offset format and S6000-ON’s system EEPROM in ONIE TLV format.

**- How I did it**

- Differentiate between S6000 and S6000-ON using the product name available in ‘dmi’  ( “/sys/class/dmi/id/product_name” )
- For decoding S6000 system EEPROM in Dell offset format and updating the redis DB with the EEPROM contents, added a new class ‘EepromS6000’ in eeprom.py, 
- Renamed certain methods in both Eeprom, EepromS6000 classes to accommodate the plugin-specific methods.

**- How to verify it**

- Use 'decode-syseeprom' command to list the system EEPROM details.
- Wrote a python script to load chassis class and call the appropriate methods.

UT Logs: [S6000_eeprom_logs.txt](https://github.com/Azure/sonic-buildimage/files/4735515/S6000_eeprom_logs.txt), [S6000-ON_eeprom_logs.txt](https://github.com/Azure/sonic-buildimage/files/4735461/S6000-ON_eeprom_logs.txt)
Test script: [eeprom_test_py.txt](https://github.com/Azure/sonic-buildimage/files/4735509/eeprom_test_py.txt)
2020-06-09 09:08:15 -07:00
joyas-joseph
9505bdb910
[docker-syncd-vs]: Convert syncd-vs docker to buster (#4726)
Signed-off-by: Joyas Joseph <joyas_joseph@dell.com>
2020-06-09 09:07:25 -07:00
xumia
e28cb8f58e
[Secure Boot] Support to sign swi image (#4627)
* [secure boot] Support to sign swi image

* Fix build issue

* fix tab format issue

* Fix typing issue

* Change the sign_image.sh command line

* Remove SONIC_CETIFICATE_PATH

* Fix bugs
2020-06-09 15:25:17 +08:00
Mahesh Maddikayala
af81b8ebcd
[libsaibcm] Update pointer to Broadcom SAI debian package (#4725) 2020-06-08 17:03:09 -07:00
Dong Zhang
7525fea666
[MultiDB] daemon base should use multiDB DBConnector (#4549)
* [MultiDB] daemon base should use multiDB DBConnector
* [sonic-platform-daemon] update submodule for multiDB changes
2020-06-08 13:36:56 -07:00
Mahesh Maddikayala
d491c02294
[submodule]: update submodules sonic-sairedis, sonic-swss-common (#4722)
[sonic-sairedis]
* 322dd01 2020-06-05 | Fix debian/rules makefile: use shell commands instead of dollar replacements (#621) (HEAD -> master, origin/master, origin/HEAD) [Qi Luo]
* 6d55a75 2020-06-04 | Update SAI pointer to 1.6.1 (#620) [Mahesh Maddikayala]
* d6c40e5 2020-06-01 | [MultiDB] use get API to obtain dbid instead of hardcode value (#618) [Dong Zhang]
* bd132ec 2020-06-01 | Add synchronous mode to sairedis library (#617) [Kamil Cudnik]
* 0a77a09 2020-06-01 | [meta] Fix tests to be backward compatible (#619) [Kamil Cudnik]

[sonic-swss-common]
* 35bc01a 2020-06-05 | EVPN VXLAN DB support (#339) (HEAD -> master, origin/master, origin/HEAD) [Rajesh Sankaran]
* 2c7354b 2020-05-30 | Add modifyRedis flag to consumer table object (#344) [Kamil Cudnik]
* 5a32636 2020-05-27 | Fix memory leak in pyext when Selectable is returned to Python (#343) [pavel-shirshov]
2020-06-08 09:48:10 -07:00
taochengyi
6b332f74a0
[centec_syncd_rpc] fix build failure when set ENABLE_SYNCD_RPC=y (#4690) 2020-06-05 12:56:35 -07:00
Sangita Maity
65fa874ec5
[test] Adding platform.json configuration file unit test (#3911)
- What I did
In order to allow the SONiC community to check in platform capability file i.e. platform.json
file directly under device folder. We need to add this test to make sure the contents of the this file is compliant with platform capability design specified in DPB HLD doc

- How I did it
Added platformJson_checker.py file in Test folder.

Signed-off-by: Sangita Maity <sangitamaity0211@gmail.com>
2020-06-04 16:11:15 -07:00
yozhao101
4ea2e5e6dc
[docker-syncd] Add timeout to force stop syncd container (#4617)
**- Why I did it**
When I tested auto-restart feature of swss container by manually killing one of critical processes in it, swss will be stopped. Then syncd container as the peer container should also be
stopped as expected. However, I found sometimes syncd container can be stopped, sometimes
it can not be stopped. The reason why syncd container can not be stopped is the process
(/usr/local/bin/syncd.sh stop) to execute the stop() function will be stuck between the lines 164 –167. Systemd will wait for 90 seconds and then kill this process.

164 # wait until syncd quit gracefully
165 while docker top syncd$DEV | grep -q /usr/bin/syncd; do
166 sleep 0.1
167 done

The first thing I did is to profile how long this while loop will spin if syncd container can be
normally stopped after swss container is stopped. The result is 5 seconds or 6 seconds. If syncd
container can be normally stopped, two messages will be written into syslog:

str-a7050-acs-3 NOTICE syncd#dsserve: child /usr/bin/syncd exited status: 134
str-a7050-acs-3 INFO syncd#supervisord: syncd [5] child /usr/bin/syncd exited status: 134

The second thing I did was to add a timer in the condition of while loop to ensure this while loop will be forced to exit after 20 seconds:

After that, the testing result is that syncd container can be normally stopped if swss is stopped
first. One more thing I want to mention is that if syncd container is stopped during 5 seconds or 6 seconds, then the two log messages can be still seen in syslog. However, if the execution 
time of while loop is longer than 20 seconds and is forced to exit, although syncd container can be stopped, I did not see these two messages in syslog. Further, although I observed the auto-restart feature of swss container can work correctly right now, I can not make sure the issue which syncd container can not stopped will occur in future.

**- How I did it**
I added a timer around the while loop in stop() function. This while loop will exit after spinning
20 seconds.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>
2020-06-04 15:17:28 -07:00
Samuel Angebault
c8bd640ae5
[arista] Update drivers submodules (#4693)
- Sensor and Fan information added to primary platforms for thermal API.
- Refactors involving better abstractions, code reuse and dead code removal.
- Improvements to the diag capabilities
- Pylintrc added to improve code quality. Will become fatal at a later time.

Co-authored-by: Baptiste Covolato <baptiste@arista.com>
2020-06-04 13:33:33 -07:00
Masaru OKI
3a0de981ca
[kvmimae]: Update sonic-gns3a.sh (#4694)
Cleanup description string
First port (management port) are excluded from general port naming scheme.

Management port are excluded from general port naming scheme.

before:
|on GNS3  |in SONiC |
|---------|---------|
|Ethernet0|eth0     |
|Ethernet1|Ethernet0|
|Ethernet2|Ethernet4|
|Ethernet3|Ethernet8|

after:
|on GNS3  |in SONiC |
|---------|---------|
|eth0   |eth0       |
|Ethernet0|Ethernet0|
|Ethernet1|Ethernet4|
|Ethernet2|Ethernet8|

Signed-off-by: Masaru OKI <masaru.oki@gmail.com>
2020-06-04 13:29:36 -07:00
Mykola F
49a93743a4
[enable counters] enable RIF flex counter by default (#4655)
**- Why I did it**
We need RIF counters to be enabled by default. Flex Counter does probe for supported counters. If a platform does not support RIF counters, SAI will return NOT_SUPPORTED and Flex Counter will stop polling the counter.

**- How to verify it**
After fresh install rif counter gropup is enabled by default:

    $ counterpoll show
    Type                  Interval (in ms)    Status
    --------------------  ------------------  --------
    QUEUE_STAT            default (10000)     enable
    PORT_STAT             default (1000)      enable
    RIF_STAT              default (1000)      enable
    QUEUE_WATERMARK_STAT  default (10000)     enable
    PG_WATERMARK_STAT     default (10000)     enable

Signed-off-by: Mykola Faryma <mykolaf@mellanox.com>
2020-06-04 09:52:43 -07:00
Sumukha Tumkur Vani
3e110fb0c1
Update sonic-restapi (#4692)
Auto restart restapi server after cert rollover
2020-06-02 15:35:26 -07:00
Joe LeVeque
7b8037770d
[caclmgrd] Get first VLAN host IP address via next() (#4685)
I found that with IPv4Network types, calling list(ip_ntwrk.hosts()) is reliable. However, when doing the same with an IPv6Network, I found that the conversion to a list can hang indefinitely. This appears to me to be a bug in the ipaddress.IPv6Network implementation. However, I could not find any other reports on the web.

This patch changes the behavior to call next() on the ip_ntwrk.hosts() generator instead, which returns the IP address of the first host.
2020-06-02 02:11:21 -07:00
Joe LeVeque
eff8a89523
[hostcfgd] Get service enable/disable feature working (#4676)
Fix hostcfgd so that changes to the "FEATURE" table in ConfigDB are properly handled. Three changes here:

1. Fix indenting such that the handling of each key actually occurs in the for key in status_data.keys(): loop
2. Add calls to sudo systemctl mask and sudo systemctl unmask as appropriate to ensure changes persist across reboots
3. Substitute returns with continues so that even if one service fails, we still try to handle the others

Note that the masking is persistent, even if the configuration is not saved. We may want to consider only calling systemctl enable/disable in hostcfgd when the DB table changes, and only call systemctl mask/unmask upon calling config save.
2020-06-02 02:07:22 -07:00
Joe LeVeque
336cf2a3c5
[build] 'make reset' target will continue recursive operations if any fail (#4675)
This change allows the recursive `git clean` and `git reset` commands to continue even if they encounter an error in one of the submodules. Previously, if an error was encountered, the operation would terminate with a message similar to the following:

Stopping at 'src/sonic-mgmt-framework'; script returned non-zero status.
2020-06-01 13:28:03 -07:00
taochengyi
ccd08f10dd
[build]: fix mgmt-framework build failure on ARM64 (#4674)
PIP installs grpcio-tools via source code

Co-authored-by: taocy <taocy2@centecnetworks.com>
2020-05-31 03:09:39 -07:00
Srideep
8863a11bfb
[DellEmc] Changes to suppot new portmap for s5232f t0 config (#4670)
To support t0 config
2020-05-31 01:58:05 -07:00
Mahesh Maddikayala
fb6916f88b
Update packages and pointers to use SAI1.6 headers. (#4597)
* Update sonic-sairedis (sairedis with SAI 1.6 headers)

* Update SAIBCM to 3.7.4.2, which is built upon SAI1.6 headers

* missed updating BRCM_SAI variable, fixed it

* Update SAIBCM to 3.7.4.2, updated link to libsaibcm

* [Mellanox] Update SAI (release:v1.16.3; API:v1.6)

Signed-off-by: Volodymyr Samotiy <volodymyrs@mellanox.com>

* Update sonic-sairedis pointer to include SAI1.6 headers

* [Mellanox] Update SDK to 4.4.0914 and FW to xx.2007.1112 to match SAI 1.16.3 (API:v1.6)

Signed-off-by: Volodymyr Samotiy <volodymyrs@mellanox.com>

* ensure the veth link is up in docker VS container

* ensure the veth link is up in docker VS container

* [Mellanox] Update SAI (release:v1.16.3.2; API:v1.6)

Signed-off-by: Volodymyr Samotiy <volodymyrs@mellanox.com>

* use 'config interface startup' instead of using ifconfig command, also undid the previous change'

Co-authored-by: Volodymyr Samotiy <volodymyrs@mellanox.com>
2020-05-30 14:23:34 -07:00
Guohan Lu
c37c949342 Revert "install crossbuild in buster slave for arm arch kernel compile"
This reverts commit dc0f010066.
2020-05-30 21:17:22 +00:00
Joe LeVeque
1e369b0998
[systemd] Relocate all SONiC unit files to /usr/lib/systemd/system (#4673)
This will allow us to disable services and have it persist across reboots by using the `systemctl mask` operation
2020-05-30 13:46:44 -07:00
abdosi
59db60bd8e
[sonic-slave]: add debian packages needed to compile BRCM SAI3.7 (#4672)
both for sonic-slave-stretch and sonic-slave-buster
2020-05-30 13:44:19 -07:00
Qi Luo
65e7a84509
[baseimage]: Build and install redis-dump-load Python 3 package in host image (#4661)
Fix #4656
2020-05-30 05:52:27 -07:00
Praveen Chaudhary
d86af98930
[rules/libyang.mk]: Fix the dependencies among libyang PKGs. (#4669)
This changes is needed to support parallel build Jobs.

Made LIBYANG_PY2 and LIBYANG_PY3 depend on LIBYANG and LIBYANG_CPP. Also LIBYANG_CPP depends on LIBYANG.

Signed-off-by: Praveen Chaudhary pchaudhary@linkedin.com
2020-05-29 16:49:20 -07:00
joyas-joseph
cae67728f5
[docker-database]: Upgrade docker-database to buster (#4665)
Signed-off-by: Joyas Joseph <joyas_joseph@dell.com>
2020-05-29 03:29:49 -07:00
Joe LeVeque
9863b76fc8
[build] Increase size of dockerfs ramdisk to accomodate more containers (#4666)
Images built from master branch and installed on devices where we mount /var/lib/docker in RAM (because the HDD is small) were failing to boot properly. The Docker service failed to start because /var/lib/docker was filled to 100%. This is due to the increase in total number of containers in the image.

As of today, /var/lib/docker contains 1.3 GB of data. Therefore, this PR increases the size of the ramdisk to 1.5 GB to accommodate all the containers. Example output below from an Arista-7050-QX32 SKU:

```
admin@sonic:~$ df -h
Filesystem      Size  Used Avail Use% Mounted on
...
tmpfs           1.5G  1.3G  172M  89% /var/lib/docker
...
```
2020-05-29 03:29:21 -07:00