Instead of updating hostname manualy on Config DB hostname change,
simply share containers UTS namespace with host OS.
Ideally, instead of setting `--uts=host` for every container in SONiC,
this setting can be set per container if feature requires.
One behaviour change is introduced in this commit, when `--privileged`
or `--cap-add=CAP_SYS_ADMIN` and `--uts=host` are combined, container
has privilege to change host OS and every other container hostname.
Such privilege should be fixed by limiting containers capabilities.
Signed-off-by: Stepan Blyschak <stepanb@mellanox.com>
- What I did
Add configuration to avoid ntpd from panic and exit if the drift between new time and current system time is large.
- How I did it
Added "tinker panic 0" in ntp.conf file.
- How to verify it
[this assumes that there is a valid NTP server IP in config_db/ntp.conf]
Change the current system time to a bad time with a large drift from time in ntp server; drift should be greater than 1000s.
Reboot the device.
Before the fix:
3. upon reboot, ntp-config service comes up fine, ntp service goes to active(exited) state without any error message. This is because the offset between new time (from ntp server) and the current system time is very large, ntpd goes to panic mode and exits. The system continues to show the bad time.
After the fix:
3. Upon reboot, ntp-config comes up fine, ntp services comes up from and stays in active (running) state. The system clock gets synced with the ntp server time.
We believe that the supervisord issue in face of clock rolling backwards
has been addressed. Therefore reverting change 2598 to allow ntp sync
to right clock at the start up time.
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
Brief:
The community code for has been updated, which mismatched with the existing sonic-mgmt-framework. Hence it broke the build.
Submodule-PR: #43
Details:
The SONiC mgmt Framework, pulls down the community modules in two steps.
Pull the existing; This does a transparent compile too.
Then checkout the specific commit-id for each and do the final compile.
The community code change broke in the compilation phase of step-1.
Fix: For the two affected modules, do download only.
Proper fix:
As part of the next phase of changes, the mgmt-framework is moving go-submodule mode, which will ensure the download happens for the assigned commit-ids only.
e.g. Refer go.mod in sonic-telemetry
Master and 201911 use the same version of hw-mgmt 2f65914 , but the hw-mgmt patch was cherry-picked to 201911 badly, the file contents have some diff, and it does not apply on 201911
Signed-off-by: Mykola Faryma <mykolaf@mellanox.com>
Removing explicit libyang plugin path settings. Libyang debian package installs the extensions in standard location.
Libyang debian package installs the extensions in standard location as per build time configuration (install prefix is set in patch/libyang.patch). If plugin directory is not set, libyang explicitly searches the plugins in LYEXT_PLUGINS_DIR which is populated during build. The plugins are installed in LYEXT_PLUGINS_DIR itself through debian package installation.
$ grep -nr LYEXT_PLUGINS_DIR src/
src/plugin_config.h.in:18:#define LYEXT_PLUGINS_DIR "@EXTENSIONS_PLUGINS_DIR_MACRO@" /**< directory with YANG extension plugins */
src/plugins.c:420: pluginsdir = LYEXT_PLUGINS_DIR;
Multi-Db changes for NAT feature. (#1202)
[cfgmgr] clear loopback and vrf in kernel if not warmstart (#1141)
upon cold reboot, skip remove mgmt vrf table from the kernel (#1214)
Multi-Db changes for NAT feature. (#1202)
[cfgmgr] clear loopback and vrf in kernel if not warmstart (#1141)
upon cold reboot, skip remove mgmt vrf table from the kernel (#1214)
* [Mellanox]Integrate hw-mgmt 7.0000.3012
* [sonic-linux-kernel]Advance the submodule head
Advance the sonic-linux-kernel
[sFlow]: Patch to fix skb_over_panic in psample driver (#120)
Added support in the kernel for fullcone 3-tuple unique nat. (#100)
Adding support to compile ARM architecture (#102)
[ixgbe] Support bcm54616s external phy in ixgbe (#122)
Fix i2c ISMT DMA buffer alignment issue (#123)
[mellanox]: Add SN4700 patches. (#126)
This patch upgrade the kernel from version
4.9.0-9-2 (4.9.168-1+deb9u3) to 4.9.0-11-2 (4.9.189-3+deb9u2)
Co-authored-by: rajendra-dendukuri <47423477+rajendra-dendukuri@users.noreply.github.com>
Take advantage of an SDK environment variable to customize the location where sdk_socket exists.
In the latest SDK sdk_socket has been moved from /tmp to /var/run which is a better place to contain this kind of file.
However, this prevents the subdirs under /var/run from being mapped to different volumes. To resolve this, we take advantage of an SDK variable to designate the location of sdk_socket.
This requires every process that requires to access sdk_socket have this environment variable defined. However, to define environment variable for each process is less scalable. We take advantage of the docker scope environment variable to avoid that.
It depends on PR 4227
Enable m_isCombinedMirrorV6Table for BFN platform (#1212)
[vnet]: Update VNET route table size to 40K for BITMAP implementation (#1132)
Default action for Egress ACL Table not poulated. (#1208)
Add/Del lag_name_map item according to lag adding and removing (#1124)
Increase ip2me CIR/CBR for faster in-band file transfers (#1000)
* ZTP infrastructure changes to support DHCP discovery provisioning data
- Dynamically generate DHCP client configuration based on current ZTP state
- Added support to request and process hostname when using DHCPv6
- Do not process graphservice url dhcp option if ZTP is enabled, ZTP service
will process it
- Generate /e/n/i file with all active interfaces seeking address assignment
via DHCP. Only interfaces that are created in Linux will be added to /e/n/i.
Also DHCP is started only on linked up in-band interfaces.
Signed-off-by: Rajendra Dendukuri <rajendra.dendukuri@broadcom.com>
If sonic-cfggen is passed the -m argument (to load the minigraph file) along with one or more -j <json_file> arguments, load the JSON files before loading the minigraph file.
This ensures that the init_cfg.json file is loaded before the minigraph, therefore the minigraph can override any default configuration options specified in init_cfg.json. Currently, the behavior is reversed.
Note: This is not an issue if loading loading multiple JSON files, because sonic-cfggen loads them in the left-to-right order they were specified on the command line, therefore providing flexibility for loading JSON files in a specific order. As long as init_cfg.json is specified before config_db.json, the values specified in config_db.json will take precedence.
* Build sonic-ztp package
- Add changes in make rules to conditionally include sonic-ztp package
Signed-off-by: Rajendra Dendukuri <rajendra.dendukuri@broadcom.com>
Following PR have been CHerry-picked:
* [portsorch] fix wrong orchagent behaviour when LAG member gets
disabled
* [team sync/mgr] Add debug message before cleaning up LAGs
* Made Change to have Configurable option to enable/disable docker image
* [Submodule-Update] sonic-utilities .
Following PR has been merged tp 201911
* Platform Driver Development Framework (PDDF): Adding PDDF CLI utils
* [config] Add 'feature' subcommand
* [fwutil]: Command-line utility for interacting with platform components
* [show] Add subcommand to display the status of auto-restart feature
for each container
* [config] Add subcommand to configure the status of auto-restart
feature for each
container
* [Command Reference] Document CLI commands related to container
auto-restart feature
* [config/main.py] Modify reload() function to load configuration from
init_cfg.json
* Fix for dhcp_relay deletion on a VLAN
* [config] Check if service exists before start/stop/restart of service
* Multi-Db changes for NAT feature
* [reboot] make sure the reboot happens even if platform reboot failed
* Add new CIG device CS6436-54P and CS5435-54P, also update code for CS6436-56P
* security kernel update to 4.9.189 for CIG devices
* security kernel update to 4.9.189 for CIG devices
* Update rules
Update rule file
update FW to xx_2000_3298
update SAI to 1.16.0
update Spectrum-1 and Spectrum-2 buffer pool size according to the new SDK default config change.
modified: ../../device/mellanox/x86_64-mlnx_msn2700-r0/ACS-MSN2700/buffers_defaults_t0.j2
modified: ../../device/mellanox/x86_64-mlnx_msn2700-r0/ACS-MSN2700/buffers_defaults_t1.j2
modified: ../../device/mellanox/x86_64-mlnx_msn3700-r0/ACS-MSN3700/buffers_defaults_t0.j2
modified: ../../device/mellanox/x86_64-mlnx_msn3700-r0/ACS-MSN3700/buffers_defaults_t1.j2
modified: fw.mk
modified: mlnx-sai.mk
modified: mlnx-sai/SAI-Implementation
modified: sdk-src/sx-kernel/Switch-SDK-drivers
modified: sdk.mk
signed-off by kebol@mellanox.com