Commit Graph

34 Commits

Author SHA1 Message Date
Guohan Lu
b8da6c3588 [docker-orchagent]: use service dependency in supervisord to start services 2020-05-22 11:01:28 -07:00
lguohan
60b16495cc
[docker-base-stretch]: move common packages into docker-base-stretch (#4371)
libpython2.7, libdaemon0, libdbus-1-3, libjansson4 are common
across different containers. move them into docker-base-stretch

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-04-05 13:29:34 -07:00
Kiran Kumar Kella
97165a0d69
Changes in sonic-buildimage to support the NAT feature (#3494)
* Changes in sonic-buildimage for the NAT feature
- Docker for NAT
- installing the required tools iptables and conntrack for nat

Signed-off-by: kiran.kella@broadcom.com

* Add redis-tools dependencies in the docker nat compilation

* Addressed review comments

* add natsyncd to warm-boot finalizer list

* addressed review comments

* using swsscommon.DBConnector instead of swsssdk.SonicV2Connector

* Enable NAT application in docker-sonic-vs
2020-01-29 17:40:43 -08:00
pavel-shirshov
1848fb262b [fast-reboot]: Save fast-reboot state into the db (#3741)
Put a flag for fast-reboot to the db using EXPIRE feature. Using this flag in other part of SONiC to start in Fast-reboot mode. If we reload a config, the state in the db will be removed.
2019-12-04 14:10:19 -08:00
arheneus@marvell.com
11258e5db4 [build]: sonic arm64 changes (#3419)
Marvell arm64 changes over sonic

Signed-off-by: Antony Rheneus <arheneus@marvell.com>
2019-09-11 09:41:38 -07:00
arheneus@marvell.com
50fe458592 [build]: SONiC buildimage ARM arch support (#2980)
ARM Architecture support in SONIC

make configure platform=[ASIC_VENDOR_ARCH] PLATFORM_ARCH=[ARM_ARCH]
SONIC_ARCH: default amd64
armhf - arm32bit
arm64 - arm64bit

Signed-off-by: Antony Rheneus <arheneus@marvell.com>
2019-07-25 22:06:41 -07:00
Jipan Yang
9a8202a39d [database]: Update redis to 5.0.3 (#3066)
Signed-off-by: Jipan Yang <jipan.yang@alibaba-inc.com>
2019-07-03 22:16:09 -07:00
Stepan Blyshchak
81cf33231f [build]: Improve dockerfile instructions (#3048)
- create a dockerfile-marcros.j2 file with all common operations
  written as j2 macro
- use single dockerfile instruction for COPY and RUN commands
  when possible to improve build time
- reorganize dockerfile instructions to make more cache friendly
  (in case someday we will remove --no-cache to build docker images)

Signed-off-by: Stepan Blyschak <stepanb@mellanox.com>
2019-06-22 11:26:23 -07:00
Joe LeVeque
6eca27e564 [services] Restart SwSS service upon unexpected critical process exit (#2845)
* [service] Restart SwSS Docker container if orchagent exits unexpectedly

* Configure systemd to stop restarting swss if it attempts to restart more than 3 times in 20 minutes

* Move supervisor-proc-exit-listener script

* [docker-dhcp-relay] Enhance wait_for_intf.sh.j2 to utilize STATEDB

* Ensure dependent services stop/start/restart with SwSS

* Change 'StartLimitInterval' to 'StartLimitIntervalSec', as Stretch installs systemd 232 (>= v230)

* Also update journald.conf options

* Remove 'PartOf' option from unit files

* Add '$(SUPERVISOR_PROC_EXIT_LISTENER_SCRIPT)' to new shared docker-orchagent makefile

* Make supervisor-proc-exit-listener script read from 'critical_processes' file inside container

* Update critical_processes file for swss container
2019-05-01 08:02:38 -07:00
Jipan Yang
69ef456efd [swss]: Update to debian python-scapy (2.4.2) to fix scapy crash seen with 2.3.3-1 (#2745)
* Fix scapy crash problem with pip scapy (2.4.2)

Signed-off-by: Jipan Yang <jipan.yang@alibaba-inc.com>
2019-04-04 21:18:38 -07:00
lguohan
b73f9a5b1d
[swss]: update swss docker to stretch (#2714)
* [swss]: update swss docker to stretch

sonic-swss update:

* aa92326 2019-03-29 | fix c++ 11 build complaint for destructors default to noexcept (#822) (HEAD, origin/master, origin/HEAD) [lguohan]
* a304007 2019-03-28 | Allow ACL entry creation without ACL counter (#818) [Wenda Ni]
* 60a8a0d 2019-03-28 | [orchagent]: Cast enum class variable to int (#819) (HEAD, origin/master, origin/HEAD) [Shuotian Cheng]
* 3dd37a4 2019-03-26 | [vnetorch]: Add VNET/tunnel/route removal flows for Bitmap VNET implementation (#816) [Volodymyr Samotiy]
* a937f92 2019-03-22 | [VS]: fix occasional test_fdb_notifications vs test failure (#813) [Jipan Yang]
* ea54825 2019-03-21 | [portsorch] Fix inconsistent return value in bindAclTable (#791) [yorke]
* 5984e3a 2019-03-07 | Fix orchagent SEGV when PortConfigDone not set (#803) [Ramesh Santhanakrishnan]

Signed-off-by: Guohan Lu <gulv@microsoft.com>
2019-03-30 11:57:25 -07:00
Pterosaur
1127e8096d [docker-orchagent]: Add bridge-utils to orchagent image (#2605)
Vxlan need the brctl tool to manage bridge for it

Signed-off-by: Pterosaur <ganze718@gmail.com>
2019-02-27 19:50:41 -08:00
zhenggen-xu
51a76614a3 Restore neighbor table to kernel during system warm-reboot (#2213)
* Restore neighbor table to kernel during system warm-reboot

Added a service: "restore_neighbors" to restore neighbor table into
kernel during system warm reboot. The service is started by supervisord
in swss docker when the docker is started.

In case system warm reboot is enabled, it will try to restore the neighbor
table from appDB into kernel through netlink API calls and update the neighbor
table by sending arp/ns requests to all neighbor entries, then it sets the
stateDB flag for neighsyncd to continue the reconciliation process.

-- Added tcpdump python-scapy debian package into orchagent and vs dockers.
-- Added python module: pyroute2 netifaces into orchagent and vc dockers.
-- Workarounded tcpdump issue in the vs docker

Signed-off-by: Zhenggen Xu <zxu@linkedin.com>

* Move the restore_neighbors.py to sonic-swss submodule
Made changes to makefiles accordingly

Make dockerfile.j2 changes and supervisord config changes

Add python monotonic lib for time access

Signed-off-by: Zhenggen Xu <zxu@linkedin.com>

* Added PYTHON_SWSSCOMMON as swss runtime dependency

Signed-off-by: Zhenggen Xu <zxu@linkedin.com>
2018-11-09 17:06:09 -08:00
Marian Pritsak
51a8d8ecfa [docker-orchagent]: Upgrade iproute2 to v4.9 (#2052)
Signed-off-by: Marian Pritsak <marianp@mellanox.com>
2018-09-16 17:10:03 -07:00
lguohan
f3ca7c422f
[rsyslog]: use # to separate container name and program name in syslog message (#1918)
Previously use / to separate container name and program name.

However, in rsyslogd:

Precisely, the programname is terminated by either (whichever occurs first):

end of tag
nonprintable character
‘:’
‘[‘
‘/’
The above definition has been taken from the FreeBSD syslogd sources.

Signed-off-by: Guohan Lu <gulv@microsoft.com>
2018-08-12 22:23:58 -07:00
zhenggen-xu
d761630f73 Fix potential blackholing/looping traffic when link-local was used and refresh ipv6 neighbor to avoid CPU hit (#1904)
* Fix potential blackholing/looping traffic and refresh ipv6 neighbor to avoid CPU hit

In case ipv6 global addresses were configured on L3 interfaces and used for peering,
and routing protocol was using link-local addresses on the same interfaces as prefered nexthops,
the link-local addresses could be aged out after a while due to no activities towards the link-local
addresses themselves. And when we receive new routes with the link-local nexthops, SONiC won't insert
them to the HW, and thus cause looping or blackholing traffic.

Global ipv6 addresses on L3 interfaces between switches are refreshed by BGP keeplive and other messages.

On server facing side, traffic may hit fowarding plane only, and no refresh for the ipv6 neighbor entries regularly.
This could age-out the linux kernel ipv6 neighbor entries, and HW neighbor table entries could be removed,
and thus traffic going to those neighbors would hit CPU, and cause traffic drop and temperary CPU high load.

Also, if link-local addresses were not learned, we may not get them at all later.

It is intended to fix all above issues.

Changes:
Add ndisc6 package in swss docker and use it for ipv6 ndp ping to update the neighbors' state on Vlan interfaces
Change the default ipv6 neighbor reachable timer to 30mins
Add periodical ipv6 multicast ping to ff02::11 to get/refresh link-local neighbor info.

* Fix review comments:
Add PORTCHANNEL_INTERFACE interface for ipv6 multicast ping
format issue

* Combine regular L3 interface and portchannel interface for looping

* Add ndisc6 package to vs docker
2018-08-12 03:14:55 -07:00
pavel-shirshov
10b4bbcae8 [swss]: Start counter from swss container (#1875)
* sonic-quagga update. Don't spam with 'Vtysh connected from' message

* Enable counters inside swss container. systemd is not flexible enough to follow our business rules
2018-07-26 13:39:08 -07:00
Qi Luo
7ba08e5bf6
Prefix docker container name to syslog syslogtag (program name) (#1810) 2018-06-25 10:48:42 -07:00
lguohan
b907e4e9f5
[vs]: add vlan configuration support in virtual switch (#1200) 2017-11-30 14:59:25 -08:00
Shuotian Cheng
1a81715275
[swss]: Add switch.json.j2 to set the hash seed according to the switch type (#1089)
Set the ECMP/LAG hash seed to 10 when the switch is a ToR, 20 when the switch
is a Leaf, 0 otherwise.

Signed-off-by: Shu0T1an ChenG <shuche@microsoft.com>
2017-10-29 11:50:57 -07:00
Shuotian Cheng
2a56479187 [sonic-cfggen]: Add DEVICE_NEIGHBOR_METADATA field and move msn27xx template (#1025)
This field contains all neighbor devices information using the device
hostname as the key and having lo_addr, mgmt_addr, hwsku, type as the
attributes.

Move the file msn27xx.32ports.buffers.json.j2 from sonic-swss repository to
this repository so that we could add unit test for this file.

Unit test is added for platform ACS-MSN2700.

Signed-off-by: Shu0T1an ChenG <shuche@microsoft.com>
2017-10-19 00:38:25 -07:00
Andriy Moroz
48b0beb7ff Port speed (#879)
* Add port speed configuration

* Add DeviceInfos support in minigraph parser

* Add cfggen test 'test_minigraph_ethernet_interfaces'

* Fixed PR comments

* Update sonic-swss submodule reference
2017-08-23 19:41:14 -07:00
Joe LeVeque
f49cac086f Remove extra trailing newlines at EOF (#804)
Files now end with a single newline
2017-07-12 20:54:37 -07:00
Shuotian Cheng
8af03fd0f9 [orchagent]: Add ARP update script to maintain VLAN neighbors (#401)
- Extend ARP reachable time to 30min
- Add arping to docker-swss
- Add arp_update script to routinely probe neighbors

Signed-off-by: Shuotian Cheng <shuche@microsoft.com>
2017-05-15 17:06:19 -07:00
Joe LeVeque
6e45307a49 [docker-orchagent]: Properly manage with supervisord (#589) 2017-05-11 11:18:10 -07:00
Joe LeVeque
8f348399f5 [Dockers]: Manage all Docker containers with Supervisord (#573)
- Consolidate config.sh and start.sh scripts into one script (start.sh)
 - Solve issue #435 - All dockers now run supervisord as their ENTRYPOINT
 - All stdout/stderr output from processes managed by supervisord is now sent to syslog instead of their own files
 - Supervisord log messages are now also sent to syslog
 - Removed unused smartmontools package from docker-platform-monitor
2017-05-08 15:43:31 -07:00
Oleksandr Ivantsiv
c7ea3470ed [swss]: Generate config files for Everflow and IPinIP from minigraph (#507)
[swss]: Generate config files for Everflow and IPinIP from minigraph
 - Add Everflow DST IP to minigraph file
 - Extend minigraph.py to support Everflow
 - Add templates file for Everflow and IPinIP configuration
 - Add config.sh for swss docker to generate config files
2017-04-21 14:28:29 -07:00
Shuotian Cheng
6a6bc88dcb [interfaces]: Remove bridge-utils from swss docker and add it to base image (#417)
The reason is that /etc/network/interfaces file is in base image. After booting,
docker-swss is not ready and thus the empty VLAN interfaces cannot be created
when the brctl is pointing to the binary inside the swss docker.

Add the bridge-utils into the base image and add bridge_ports none to the
/etc/network/interfaces file so that after boot-up the empty VLAN interfaces
will be created to let the members to join later.

Signed-off-by: Shuotian Cheng <shuche@microsoft.com>
2017-03-20 21:39:09 -07:00
pavel-shirshov
a845740543 [All Dockerfiles]: Prevent apt asking questions on the console (#300)
Add noninteractive setting into every Dockerfile in the repo

Signed-off-by: Pavel Shirshov pavelsh@microsoft.com
2017-02-16 21:48:49 -08:00
lguohan
b6753e7960 [docker-config-engine]: introduce docker sonic config engine (#274)
* [docker-config-engine]: introduce docker sonic config engine

sonic config engine provide the sonic configure engine for all sonic
dockers that rely on the engine to generate runtime configuration.
2017-02-07 18:11:19 -08:00
Shuotian Cheng
00fe0784b4 [Broadcom]: Update Broadcom debian packages and m3000-r0 m3000-r1 config.bcm files (#251)
Signed-off-by: Shuotian Cheng <shuche@microsoft.com>
2017-02-03 19:44:00 -08:00
Taoyu Li
60e1fc3c98 ONEImage - Read all platform dependent information from sonic-config-engine (#238)
Read all platform dependent information from sonic-config-engine
2017-02-02 20:34:34 -08:00
Oleksandr Ivantsiv
80d0d2d43b Reduce docker images size. (#196)
* Reduce docker images size.

Install only required dependencies.

* Update Dockerfile.j2
2017-01-19 12:19:21 -08:00
Marian Pritsak
66aebb329c [docker]: Change templating method to jinja2 (#115) (#153)
Move from sed to jinja2 for more readability.
2016-12-23 15:22:06 -08:00