Add alternate name eth1-midplane to Linux bridge br1 created on supervisor on some chassis platforms.
See description here: #16504
Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
Sfp api can now be called from the host which doesn't have the python_sdk_api installed. Also, sfp api has been migrated to use sysfs instead of sdk handle.
Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
Boot up a switch, if frrcfgd is enabled with frr_mgmt_framework_config being "true",
then "bgpmon" process should not be running after this change. bgpmon should be
running when bgpcfgd is enable with frr_mgmt_framework_config being "false"
Why I did it
Added DPB support for x86_64-dell_z9100_c2538-r0 device
How I did it
Added new SKU folder Force10-Z9100 based on Force10-Z9100-C32
Added platform.json and hwsku.json
Added generic th-z9100-flex-all.config.bcm
How to verify it
On x86_64-dell_z9100_c2538-r0 with changes from this PR
change default SKU to Force10-Z9100
do factory reset
reboot
Signed-off-by: Myron Sosyak <myron.sosyak@plvision.eu>
Co-authored-by: Andriy Kokhan <andriy.kokhan@gmail.com>
* platform/pddf/README.md: Fix typo in *development*
* platform/pddf/README.md: Remove trailing space
* platform/pddf/README.md: Remove leading space from all lines
Fix tcpdump report error when tacacs enabled.
Why I did it
Fix tcpdump report error when tacacs enabled:
Sep 1 09:25:18.189395 vlab-01 ERR tcpdump: nss_tacplus: /etc/tacplus_nss.conf fopen failed
Sep 1 09:25:18.189606 vlab-01 ERR tcpdump: nss_tacplus: bad config or server line for nss_tacplus
This is because debian add a patch create AppArmor profile for resource access control. The profile need update to allow tcpdump access /etc/tacplus_nss.conf.
Work item tracking
Microsoft ADO: 17667308
How I did it
Modify tcpdump AppArmor profile, add new line to allow tcpdump access TACACS config file:
/etc/tacplus_nss.conf r,
#15926 updated the submodule hash to point to a commit on a private branch that included changes for compiling with the 5.10.179 kernel. However, this submodule hash should've pointed to one on the master branch, not on a private branch. Fix this with this PR.
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
#### Why I did it
src/dhcpmon
```
* 7c55e50 - (HEAD -> master, origin/master, origin/HEAD) Merge pull request #13 from jcaiMR/dev/jcai_master_interface_counter (7 days ago) [StormLiangMS]
* 085a087 - refine counting logic (10 days ago) [jcaiMR]
* de96a98 - Merge branch 'master' into dev/jcai_master_interface_counter (11 days ago) [jcaiMR]
* 5cb4468 - dhcp per-interface counter init commit (12 days ago) [jcaiMR]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/dhcprelay
```
* 2b33d76 - (HEAD -> master, origin/master, origin/HEAD) dhcpv6 per interface counter support (#43) (7 days ago) [jcaiMR]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-linux-kernel
```
* 3158031 - (HEAD -> master, origin/master, origin/HEAD) Update to Linux 5.10.179 (#328) (6 days ago) [Saikrishna Arcot]
```
#### How I did it
#### How to verify it
#### Description for the changelog
### Why I did it
##### Work item tracking
- Microsoft ADO **(number only)**:13366345
#### How I did it
Add generic omprog file in all dockers for rsyslog plugin support. Add file to docker-config-engine-bullseye so no need to add individually.
#### How to verify it
UT/Pipeline
Stop installing development packages from telemetry docker images to avoid unnecessary space usage.
### Why I did it
From 202305, libswsscommon-dev and the Boost headers were brought in telemetry docker image incorrectly, which result in unnecessary space usage.
##### Work item tracking
- Microsoft ADO **(number only)**:25176224
#### How I did it
Remove libswsscommon-dev accordingly.
#### How to verify it
Image building.
#### Why I did it
src/sonic-platform-common
```
* 3d3bc1a - (HEAD -> master, origin/master, origin/HEAD) [Credo][Ycable] Fix for displaying 'N/A' firmware version when NIC endpoint is power off (#366) (2 hours ago) [Xinyu Lin]
```
#### How I did it
#### How to verify it
#### Description for the changelog
### Why I did it
syncd events should have tag sonic-events-syncd, not sonic-events-host. Created a new conf file which will have syncd events
##### Work item tracking
- Microsoft ADO **(number only)**:17747466
#### How I did it
Code change
#### How to verify it
Pipeline
Why I did it
sonic-mgmt test failure is seen for update_firmware component API
Microsoft ADO: 25208748
How I did it
Edited API 2.0 to fix this issue.
How to verify it
Run sonic-mgmt test after the fix and verify it passes.
#### Why I did it
src/sonic-mgmt-common
```
* 4cfc882 - (HEAD -> master, origin/master, origin/HEAD) CVL error reporting enhancements (#97) (5 hours ago) [Sachin Holla]
* 4a88fe7 - transformer infra optimization on uri path unmarshaling (#99) (6 hours ago) [Balachandar Mani]
```
#### How I did it
#### How to verify it
#### Description for the changelog
[staticroutebfd] change bfd to singlehop
staticroutebfd should use singlehop bfd. Because of a bug (portchannel+singlehop) in the SDK, we were using multi-hop as a temporary workaround. Now the SDK issue is solved, need to switch to singlehop BFD mode.
Why I did it
Created patches to address two CVEs from FRR CVE-2023-41359 and CVE-2023-41360.
Patch FRR commit CVE fixed
0022-bgpd-Don-t-read-the-first-byte-of-ORF-header-if-we-a.patch FRRouting/frr@3515178 CVE-2023-41360
0023-bgpd-Make-sure-we-have-enough-data-to-read-two-bytes.patch FRRouting/frr@460ee93 CVE-2023-41359
Work item tracking
Microsoft ADO (number only):
How I did it
Porting fixes as patches from FRR.
How to verify it
Azure Pipeline tests should cover the sanity. In addition ran basic tests.
#### Why I did it
Including below commits:
```
2c6ed2e 2023-09-14 | Support interface speed for PortChannels (#262) [Lukas Stockner]
```
##### Work item tracking
- Microsoft ADO **(number only)**: 25085425
Why I did it
ConfigDBConnector in supervisor-proc-exit-listener uses default parameter to connect CONFIG_DB (connect by 127.0.0.1:6379) which would fail at non-host network mode container, because they are not sharing the same network and socket.
How I did it
Add a new parameter use_unix_socket_path to this script to indicate whether to use socket to connect CONFIG_DB.
How to verify it
Build image and install it, kill critical processes in container and container crushed.
#### Why I did it
The sflow debug container does not include the debug symbols of hsflowd.
#### How I did it
Add the hsflowd debug dependency.
#### How to verify it
Build the sflow debug container, get into the container, open gdb to load the hsflowd program. Verified debug symbol is available.
In #15080, there was a command added to re-add 127.0.0.1/8 to the lo
interface when the networking configuration is being brought down.
However, the trigger for that command is `down`, which, looking at
ifupdown2 configuration files, runs immediately after 127.0.0.1/16 is
removed. This means there may be a period of time where there are no
loopback addresses assigned to the lo interface, and redis commands will
fail.
Fix this by changing this to pre-down, which should run well before
127.0.0.1/16 is removed, and should always leave lo with a loopback
address.
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
#### Why I did it
src/sonic-mgmt-common
```
* 14962fe - (HEAD -> master, origin/master, origin/HEAD) CVL database access layer changes (#100) (30 hours ago) [Balachandar Mani]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-host-services
```
* 1a5a0bf - (HEAD -> master, origin/master, origin/HEAD) Remove command to install libhiredis deb file (#74) (8 hours ago) [Saikrishna Arcot]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-platform-common
```
* 0dafb55 - (HEAD -> master, origin/master, origin/HEAD) Remove command to install libhiredis deb file (#398) (9 hours ago) [Saikrishna Arcot]
```
#### How I did it
#### How to verify it
#### Description for the changelog
Why I did it
PTF container needs to use new grpcio package.
Work item tracking
Microsoft ADO (number only):
How I did it
Update versions-py2
How to verify it
Check pipeline artifact
Signed-off-by: anamehra anamehra@cisco.com
Added a check for DEVICE_METADATA before accessing the data. This prevents the j2 failure when var is not available.
This reverts commit 51fb6d7d9f.
The new sonic-mgmt docker image has ansible upgraded. Encountered some issues that are hard to debug to have a quick fix. Let's revert the change for now. The new sonic-mgmt docker image was kept for further debugging and fixing. After all the issues are fixed, we'll need to apply this change again.
### Why I did it
Currently there is only rsyslog plugin support for /var/log/syslog, meaning we do not detect events that occur in frr logs such as BGP Hold Timer Expiry that appears in frr/bgpd.log.
##### Work item tracking
- Microsoft ADO **(number only)**: 13366345
#### How I did it
Add omprog action to frr/bgpd.log and frr/zebra.log. Add appropriate regex for both events.
#### How to verify it
sonic-mgmt test case
Why I did it
This PR is part of sonic-mgmt-docker Python3 migration project.
Work item tracking
Microsoft ADO (number only): 24397943
How I did it
Upgrade Ansible to 6.7.0
Make Python3 as the default interpreter. python is a soft link to python3. If you want to use python2, use the command python2 explicitly.
Upgrade some pip packages to higher version in order to meet security requirement.
How to verify it
Build a private sonic-mgmt-docker successfully.
Verify python is python3.
Verify python2 is working with 202012 and 202205 branch.
Verify python3 is working with master branch.
* [ci] For vstest, make sure kernel modules are built and installed
Make sure that the agent that vstest runs on has the team module
available. If it is not available, then build and install it.
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
* Use version of script that's checked into sonic-swss-common
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
---------
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
Write error message to syslog when add user failed or connect to TACACS server failed.
#### Why I did it
With these messages, we can downgrade TACACS server with issue to lower priority.
##### Work item tracking
- Microsoft ADO: 24667696
#### How I did it
Write error message to syslog when add user failed or connect to TACACS server failed.
#### How to verify it
Pass all UT.
Manually verify error message generated.
### Description for the changelog
Write error message to syslog when add user failed or connect to TACACS server failed.