Commit Graph

410 Commits

Author SHA1 Message Date
Ze Gan
4068944202
[MACsec]: Set MACsec feature to be auto-start (#6678)
1. Add supervisord as the entrypoint of docker-macsec
2. Add wpa_supplicant conf into docker-macsec
3. Set the macsecmgrd as the critical_process
4. Configure supervisor to monitor macsecmgrd
5. Set macsec in the features list
6. Add config variable `INCLUDE_MACSEC`
7. Add macsec.service

**- How to verify it**

Change the `/etc/sonic/config_db.json` as follow
```
{
    "PORT": {
        "Ethernet0": {
            ...
            "macsec": "test"
         }
    }
    ...
    "MACSEC_PROFILE": {
        "test": {
            "priority": 64,
            "cipher_suite": "GCM-AES-128",
            "primary_cak": "0123456789ABCDEF0123456789ABCDEF",
            "primary_ckn": "6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435",
            "policy": "security"
        }
    }
}
```
To execute `sudo config reload -y`, We should find the following new items were inserted in app_db of redis
```
127.0.0.1:6379> keys *MAC*
1) "MACSEC_EGRESS_SC_TABLE:Ethernet0:72152375678227538"
2) "MACSEC_PORT_TABLE:Ethernet0"
127.0.0.1:6379> hgetall "MACSEC_EGRESS_SC_TABLE:Ethernet0:72152375678227538"
1) "ssci"
2) ""
3) "encoding_an"
4) "0"
127.0.0.1:6379> hgetall "MACSEC_PORT_TABLE:Ethernet0"
 1) "enable"
 2) "false"
 3) "cipher_suite"
 4) "GCM-AES-128"
 5) "enable_protect"
 6) "true"
 7) "enable_encrypt"
 8) "true"
 9) "enable_replay_protect"
10) "false"
11) "replay_window"
12) "0"
```

Signed-off-by: Ze Gan <ganze718@gmail.com>
2021-02-23 13:22:45 -08:00
Shi Su
951ce675f1
[frr]: upgrade frr to frr-7.5-s3 tag (#6807)
Update FRR 7.5 head. The following is a list of new commits.

```
e2f17ae47ad047e66923c2ff1e84c9ba10d4ad38 Merge pull request #8096 from idryzhov/7.5-backports-2021-02-16
380341362ced8e317c18b7395acb012de1f23acd ospf6d: Don't send hellos on loopback interface
7fa78b659f8e720466e0df62689327ea4b9ff867 bgpd: send correct BMP down message when nht fails
385faf6c079a41def1e6eb882cbfd50047559644 [filter]: change return code for errors
d9a0e9a2934f2f75c64496fe4c724a18aa581fcb bfdd: fix session lookup
08afa0a75311a4e8cb2a18116384b603f7f2d751 ospf6d : fix issue in ecmp inter area  route
2299afa1a9128d87d5169742b993c0ada575eb83 ospfd:  Prevent duplicate packet read in certain vrf situations
ff42a28af659ee61c0efb877b10738a5812f4bc2 vrf: use wrappers to change VRF_CONFIGURED flag
2bdc59ca21da2d67b77ec70a2fadffbca60690cd vrf: mark vrf as configured when entering vrf node
b9611f65a71adc0b8fa14a5a4d1a8f44e04dcd85 ospf6d: Fix LSA formatting out-of-bounds access
610ebf56913fa56167b0a2a127b07afe020a1efe bfdd: Prevent use after free ( again )
35b0cd5d753dda9aa70ea1c06db61a8d4b8671e3 *: Fix usage of bfd_adj_event
95b8915d0f4de3eae5438632ecd0827061ef48e8 ospf6d: Fix LSA formatting inconsistent retvals
49d73d8be84dbd23d767697474019165e511786c pimd: SGRpt prune received during prune didn't override holdtime
1d0d19afa9bb7cd4bc476d00c887876bc04eee95 eigrpd: Correctly set the mtu for eigrp packets sent
bbb08db69f8eb554d23b4920c1c1e3982d8d2a91 zebra: Prevent sending of unininted data
0813d650a8120458ab7d9317061f3864dbc6f2f7 ospf6d: prevent use after free
2f2e981d967b36b240fca82fea8a961d927ef43c lib: Prevent unininted usage of data
6171becdb391ea5b88916a3a28b04b555e1fc518 bfdd: Prevent storage of ifp pointer that has been deleted
9ebb41cf4bb51e0872796530bf8c7a4d819053db bfdd: Prevent unininited data transmittal
72e16db6fea3629111537f9eb10c86f2d275adcb eigrpd: Prevent uninitialized value from being used
72b61a5bb09d59c3cc0d1d401d51de96949dff52 zebra: disallow resolution to duplicate nexthops
1083bae40b00c0ed2c9f3521ae1ab9675a87202e bgpd: Initialize bgp_notify.raw_data before passing to bgp_notify_receive()
31df7314310416f10c133dcfe9c4586edadf3fbb doc: ebgp-requires-policy requires manuall session clearing
ecc8ec678d2d8a1c3d1d50a22732f9fc4bad689c watchfrr: fix SA warning
9d9365d161979a031de817c1fbcab6508dfee013 watchfrr: fix crash on missing optional argument
907e600d63c1c5b6bda40b0a08344a72533b1787 pimd: Prevent use after free
b47374f0e95d99c93bfe2d14afe55219a9fda455 doc: Update bgp doc for more rfc-8212 talk
4fbeef60cc8dc5362ff84fc91d1a4e343e4e32c7 docker: centos 7, 8 yang bump and repo fixes
808e6d731f330df4a91fdfd6df6a3c8dce1651a6 docker: prefer alpine:latest for building
91b3c471f1c48818370a0f218add917f0d46aa47 Merge pull request #8092 from donaldsharp/7.5_track
60be43c0bf63c16ca42008fa802d0a2050f3fce2 Merge pull request #8090 from ton31337/fix/static_network_vrf_7.5
1f6785aa60cc57a5c8d5de98c9c09a344a0c9262 ospf6d: Track wait_timer and disable when needed
c89e326be91312bed066eb2447ea8944e25a225e bgpd: Check for peer->su_remote if not NULL when handling IPv6 nexthop
15e070f6448870c98c030b6b5013ad8750d8918b Merge pull request #8047 from pguibert6WIND/nhrp_shortcut_routes_75
912994efec94082ae7d8c5e014c410964bea19f4 Merge pull request #8034 from qlyoung/fix-gnu-readline-bracketed-paste-7.5.1
9f50536993f1eb900fbfbe98d21b8c072bbd9c15 nhrpd: replace nhrp route nexthop with onlink route when prefix=nh
8c185008246db31c34574d7b79358001ac411f84 nhrpd: shortcut routes installed with nexthop.
c46c87d19758040bc3f3902ab8e4a0f1bb908721 vtysh: disable bracketed paste in readline
20b35e4c3386de798f3b0cb9f2a7e6b04d995485 Merge pull request #8018 from ton31337/fix/drop_aggregate_as_attribute_if_malformed_7.5
fa25d7327fd64613cc7530aba2edfcde038da074 bgpd: Unset only aggregator flag when AGGREGATOR_AS is 0
3ee9a3726fe1a526d946c1978487a4509fe98f29 bgpd: Drop aggregator_as attribute if malformed in case of BGP_AS_ZERO
be88595c6a2011f0e882bfa663baa61c86ede14e Merge pull request #8005 from opensourcerouting/snap-libyang1-fix-75
fd840ad37f2e836b210c6e60fc6325a4c3e495ce snapcraft: Update rtrlib to 0.7.0
3d00552fa9aedb96acd7ea773bc14fd2b77e7e0f snapcraft: Fix passthrough path for Libyang 1.x
```
2021-02-17 23:03:19 -08:00
judyjoseph
ad88700912
[docker-fpm-frr]: TSA/B/C changes for multi-asic (#6510)
- Introduced TS common file in docker as well and moved common functions.
- TSA/B/C scripts run only in BGP instances for front end ASICs.
       In addition skip enforcing it on route maps used between internal BGP sessions.

admin@str--acs-1:~$ sudo /usr/bin/TSA
System Mode: Normal -> Maintenance

and in case of Multi-ASIC
admin@str--acs-1:~$ sudo /usr/bin/TSA
BGP0 : System Mode: Normal -> Maintenance
BGP1 : System Mode: Normal -> Maintenance
BGP2 : System Mode: Normal -> Maintenance
2021-02-12 10:56:44 -08:00
lguohan
a24235bd26
[linux-kernel]: correct kernel package name for armhf (#6751)
armhf kernel package name does not have `unsigned` string

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2021-02-10 23:07:22 -08:00
Sumukha Tumkur Vani
c427e72b49
Disable port 8090 (#6764) 2021-02-10 22:10:19 -08:00
Arun Saravanan Balachandran
3015de1dd0
[sonic-host-service] Move to sonic-host-services package (#6273)
- Why I did it

To move ‘sonic-host-service’ which is currently built as a separate package to ‘sonic-host-services' package. 

- How I did it

- Moved 'sonic-host-server' to 'src/sonic-host-services' and included it as part of the python3 wheel.
- Other files were moved to 'src/sonic-host-services-data' and included as part of the deb package.
- Changed build option ‘INCLUDE_HOST_SERVICE’ to ‘ENABLE_HOST_SERVICE_ON_START’ for enabling sonic-hostservice at boot-up by default.
2021-02-08 19:35:08 -08:00
lguohan
834347b8f7
[sonic-linux-kernel]: security update to kernel 4.19.152 (#6490)
Signed-off-by: Guohan Lu <lguohan@gmail.com>
2021-02-06 21:02:06 -08:00
Joe LeVeque
10324d0998
[sonic-utilities] Depend on sonic-platform-common (#6703)
sonic-utilities will become dependent upon sonic-platform-common as of Azure/sonic-utilities#1386.
2021-02-06 13:35:19 -08:00
abdosi
d2b8b94a64
Remove makefile and dependency for python2 of dbsyncd. (#6702)
* Remove makefile and 
As part of #6046 we have moved to python3 of dbsyncd.
Cleanup the python2 makefile and dependency.
Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

* Revert "Remove makefile and dependency for python2 of dbsyncd."

This reverts commit ceaa4f8dd9.

* Fix

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
2021-02-06 10:28:05 -08:00
Garrick He
bb5b77ba39
[sFlow] - Fix memory leak (#6662)
* Bump version number to 2.0.32-1 to include a fix for a memory-leak
  found during testing. A wrong API is used to free the cJSON
  data-structure, which only frees the first pointed-to structure.
  The proper API should recursively free all structures.

Signed-off-by: Garrick He <garrick_he@dell.com>
2021-02-03 20:32:13 -08:00
Qi Luo
9bf01cb65b
[build]: Fix dependency: asyncsnmp should not depend on PYTHON_SWSSCOMMON (#6672)
Add dependency: dbsyncd will depend on PYTHON3_SWSSCOMMON
2021-02-03 20:17:34 -08:00
lguohan
5c8b70eace
[frr]: upgrade frr to frr-7.5-s2 tag (#6628)
pick-up upstream fixes. important ones

- bgpd: Removing "neighbor <peer-group> allowas-in"

complete lists

*   6b2b5cce3 2021-01-29 | Merge pull request #7977 from ton31337/fix/allowas_in_reset_value_7.5 (HEAD -> frr/7.5, tag: frr-7.5-s2, upstream/stable/7.5, origin/frr/7.5, stable/7.5) [Donald Sharp]
|\
| * f403534df 2021-01-28 | bgpd: Removing "neighbor <peer-group> allowas-in" [Kishore Kunal]
* |   86e2f106c 2021-01-28 | Merge pull request #7962 from ton31337/fix/bgpd_validate_community_7.5 [Donald Sharp]
|\ \
| |/
|/|
| * e182af45c 2021-01-05 | bgpd: separate lcommunity validation from tokenizer [Wesley Coakley]
| * 2cf37d594 2020-12-30 | bgpd: Validate community list if they are not malformed [Donatas Abraitis]
|/
*   a4af08a19 2021-01-22 | Merge pull request #7912 from idryzhov/7.5-backports-2021-01 [Donald Sharp]
|\
| * 160021013 2021-01-12 | bgpd : multiple memory leak fixes in show commands [Sarita Patra]
| * 46a2b560f 2021-01-19 | tools: fix frr-reload BFD profile support [Rafael Zalamena]
| * 7f6c81fca 2020-12-02 | ospfd: fix area removal at interface level [ckishimo]
| * f7db4dfb1 2021-01-08 | bfdd: update vrf of received packet [Philippe Guibert]
| * 4d470f3ef 2021-01-08 | bfdd: enable bfd session if vrf interface available [Philippe Guibert]
| * c656985fb 2021-01-08 | bfdd: socket should be bound to vrf interface by default [Philippe Guibert]
| * f30c002b8 2021-01-15 | bgpd: Allow peer-groups to have `ttl-security hops` configured [Donald Sharp]
| * 85ff76513 2021-01-15 | configure.ac: Correct library name for sysrepo [Bo Zhang]
| * d00c543f1 2020-12-04 | bgpd: Handle IPv6 prefixes with IPv4 nexthops for zebra [Donatas Abraitis]
| * 87b9b2973 2021-01-06 | zebra: zebra route-map delay-timer is global not per vrf [Donald Sharp]
| * 91e1adec9 2021-01-05 | bgpd: Fix default-originate clearing from peer-groups. [zyxwvu Shi]
| * 0f2f32fa1 2021-01-05 | isisd: When last area address is removed, resign if we were DR [Karen Schoener]
| * 842e99d49 2021-01-02 | vrrpd.yang bug fix: modify augment path to comply with rfc 7950 [Bo Zhang]
| * 9616ef937 2020-12-24 | ospfd: fix no show database output when selecting vrf [Louis Scalbert]
| * 4c4764e36 2020-11-30 | ospf6d: ospfv3 disable on the interface, but interface prefix still shown in the output [Yash Ranjan]
| * 1870dbd86 2020-12-14 | ospf6d: Link LSA is not updated when router priority is modified [Mobashshera Rasool]
| * 4883a06c3 2020-12-10 | bgpd: fix evpn route-map vni filter at origin [Chirag Shah]
|/
*   9c087052a 2021-01-15 | Merge pull request #7877 from vishaldhingra/static_7_5 [Mark Stapp]
|\
| * a687b6b27 2021-01-15 | staticd: Backend cofiguration code to fix table-id problem [vdhingra]
| * 52370b494 2021-01-15 | staticd: autogenerated code modifications due to yang changes [vdhingra]
| * f9d6511f2 2021-01-15 | staticd: make table-id as the key for path-list [vdhingra]
|/

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2021-02-01 12:02:37 -08:00
Qi Luo
e623c903bb
Revert "[build]: disable unit tests for sonic-utilities" (#6598)
This reverts commit 470ed18a6b.
2021-01-29 02:08:56 -08:00
Qi Luo
0e7287856c
[build]: stop prompt during build (#6585)
Some commands used during build will prompt user interactively, but this is not expected during build. Since most output is collected into log file, user could not see the prompt and feel the build process hangs.

- How I did it

Use mv command in non interactive mode
Redirect stdin to null if command output is collected into log file.
2021-01-28 02:21:38 -08:00
dflynn-Nokia
1f2797a56d
[docker-config-engine-stretch]: Fix dependency typo PYTHON2_SWSSCOMMON (#6568)
This commit fixes a typo in the fix delivered in PR #6538

syncd fails on the armhf platform within sonic-config-engine/portconfig.py when importing the following
'from swsscommon.swsscommon import ConfigDBConnector'
2021-01-27 12:27:41 -08:00
Guohan Lu
ca0e8cbe0e [docker-ptf]: build docker ptf
- combine docker-ptf-saithrift into docker-ptf docker
- build docker-ptf under platform vs
- remove docker-ptf for other platforms

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2021-01-27 08:28:21 -08:00
Zhenhong Zhao
a171e6c5e4
[frrcfgd] introduce frrcfgd to manage frr config when frr_mgmt_framework_config is true (#5142)
- Support for non-template based FRR configurations (BGP, route-map, OSPF, static route..etc) using config DB schema.
- Support for save & restore - Jinja template based config-DB data read and apply to FRR during startup

**- How I did it**

- add frrcfgd service
- when frr_mgmg_framework_config is set, frrcfgd starts in bgp container
- when user changed the BGP or other related table entries in config DB, frrcfgd will run corresponding VTYSH commands to program on FRR.
- add jinja template to generate FRR config file to be used by FRR daemons while bgp container restarted

**- How to verify it**
1. Add/delete data on config DB and then run VTYSH "show running-config" command to check if FRR configuration changed.
1. Restart bgp container and check if generated FRR config file is correct and run VTYSH "show running-config" command to check if FRR configuration is consistent with attributes in config DB

Co-authored-by: Zhenhong Zhao <zhenhong.zhao@dell.com>
2021-01-24 17:57:03 -08:00
Qi Luo
1c13340f8e
[docker-config-engine-stretch]: Add missing dependency PYTHON2_SWSSCOMMON (#6538)
Otherwise all the docker image derived from docker-config-engine-stretch will have broken SONIC_CONFIG_ENGINE_PY2
The bug is introduced in #6406
2021-01-23 00:25:11 -08:00
Qi Luo
3c16f80382
sonic-config-engine uses libswsscommon instead of swsssdk (#6406)
**- Why I did it**
swsssdk will be deprecated. Migrate sonic-config-engine to use libswsscommon library instead

**- How to verify it**
Unit test
2021-01-20 12:06:08 -08:00
Joe LeVeque
419c10bf97
[sonic-platform-common] Enable pytest during build for Python 3 package (#6442)
**- Why I did it**

To enable running Pytest unit tests before building the Python 3 sonic-platform-common package

**- How I did it**

- Add Python 3 sonic-config-engine package as a dependency of Python 3 sonic-platform-common package (needed for both runtime and unit tests)
- No longer disable unit tests when building Python 3 sonic-platform-common package
2021-01-14 10:26:15 -08:00
Joe LeVeque
4612f680e6
[swss] Depend on Python 3 version of swsscommon rather than Python 2 (#6432)
The only Python code in the SwSS package, restore_neighbors.py, was recently converted to Python 3 and most dependencies were updated as part of #6207. However, the SwSS makefile still listed the Python 2 version of the swsscommon package as a dependency. This caused Python 2-related packages to be installed in containers unnecessarily.
2021-01-14 00:29:21 -08:00
Kalimuthu-Velappan
18350a5dd9
[build]: Fix for missing dependencies in the DPKG framework (#6393)
1. Fixes the missing DPKG file for gbsyncd-vs package
2. Fixes the softlink issue on the Platform-common and ztp package
3. Fixes the PYTHNON_DEBS list is missing for DBG dockers.
2021-01-13 10:32:42 -08:00
lguohan
ab2ae41212
[build]: fix dpkg admindir corruption issue in parallel build (#6408)
Fix #119

when parallel build is enable, multiple dpkg-buildpackage
instances are running at the same time. /var/lib/dpkg is shared
by all instances and the /var/lib/dpkg/updates could be corrupted
and cause the build failure.

the fix is to use overlay fs to mount separate /var/lib/dpkg
for each dpkg-buildpackage instance so that they are not affecting
each other.

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2021-01-12 06:03:12 -08:00
Ze Gan
c22575218a
[docker-macsec]: MACsec container and wpa_supplicant component (#5700)
The HLD about MACsec feature is at :

https://github.com/Azure/SONiC/blob/master/doc/macsec/MACsec_hld.md

- How to verify it
This PR doesn't set MACsec container automatically start, You should manually start the container by docker run docker-macsec
wpa_supplicant binary can be found at MACsec container.
This PR depends on the PR, WPA_SUPPLICANT, and The MACsec container will be set as automatically start by later PR.

Signed-off-by: zegan <zegan@microsoft.com>
2021-01-10 10:39:59 -08:00
Junchao-Mellanox
4460076db1
[xcvrd] Remove dependency on SONIC_PLATFORM_API_PY2 and SONIC_PLATFORM_API_PY3 (#6344)
Remove the build time dependency on SONIC_PLATFORM_API_PY2 and SONIC_PLATFORM_API_PY3 from xcvrd make rule
2021-01-05 09:39:52 -08:00
lguohan
ae5caee515
[frr]: change frr debug package to extra to avoid build break for dbg image (#6340)
build frr dbg image force to install frr in the build process
which breaks the current build and is uneccessary.

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2021-01-03 17:06:05 -08:00
Guohan Lu
ae2cb47091 [build]: add artifical dependency between libyang and frr
frr build requires libyang 1.0.184 which conflicts with
libyang 1.0.73. Solution here is to compile frr and libyang 1.0.184
first, and then uninstall libyang 1.0.184 after frr build.
Then, compile libyang 1.0.73 and all packages depend on it later.

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2021-01-02 12:45:32 -08:00
Guohan Lu
f2c418e78b [frr]: remove dependency betwee frr and frr-snmp
no instalation of frr during the build process

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2021-01-02 12:45:32 -08:00
Guohan Lu
30a51c1ff7 [build]: fix dpkg uninstall bug
fix a bug when there are multiple debian packages to be uninstalled

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2021-01-02 12:45:32 -08:00
Joe LeVeque
566ea4f601
[system-health] Convert to Python 3 (#5886)
- Convert system-health scripts to Python 3
- Build and install system-health as a Python 3 wheel
- Also convert newlines from DOS to UNIX
2020-12-29 14:04:09 -08:00
Pavel Shirshov
a7b8f8914e Patch libyang1.0.184 so version and let frr 7.5 use the patched version 2020-12-29 03:44:49 -08:00
Ubuntu
273846a412 FRR 7.5
Build libyang1 which is required for frr 7.5
2020-12-29 03:44:49 -08:00
Junchao-Mellanox
51f896b33e
Add pmon daemons python3 build support (#6176)
**- Why I did it**

python2 is end of life and SONiC is going to support python3. This PR is going to support:

1. Build pmon daemons with python3
2. Install and run python3 version pmon daemons

**- How I did it**

1. Change pmon daemons make files to build bothe python2 and python3 whl
2. Change docker-platform-monitor make files to install both python2 and python3 whl
3. Change pmon docker startup files to start pmon daemons according to the supported platform API version
2020-12-28 10:19:24 -08:00
Guohan Lu
470ed18a6b [build]: disable unit tests for sonic-utilities
unit tests are running for sonic utilitie repo

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-12-27 20:06:18 -08:00
lguohan
a79fcb49d4
[build]: add option to pull sonic-slave docker from registry (#6300)
- add config option ENABLE_DOCKER_BASE_PULL to pull sonic-slave docker from registry
- use REGISTRY_PORT, REGISTRY_SERVER to specify docker registry

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-12-26 10:30:51 -08:00
Joe LeVeque
d40c9a1e8d
[docker-base-buster][docker-config-engine-buster] No longer install Python 2 (#6162)
**- Why I did it**

As part of migrating SONiC codebase from Python 2 to Python 3

**- How I did it**

- No longer install Python 2 in docker-base-buster or docker-config-engine-buster.
- Install Python 2 and pip2 in the following containers until we can completely eliminate it there:
    - docker-platform-monitor
    - docker-sonic-mgmt-framework
    - docker-sonic-vs
- Pin pip2 version <21 where it is still temporarily needed, as pip version 21 will drop support for Python 2
- Also preform some other cleanup, ensuring that pip3, setuptools and wheel packages are installed in docker-base-buster, and then removing any attempts to re-install them in derived containers
2020-12-25 21:29:25 -08:00
lguohan
aa1cc848e2
[sonic-yang-mgmt-py2]: remove sonic-yang-mgmt py2 (#6262)
No longer needed as sonic-utilties has been moved python3

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-12-22 21:05:33 -08:00
Renuka Manavalan
ba02209141
First cut image update for kubernetes support. (#5421)
* First cut image update for kubernetes support.
With this,
    1)  dockers dhcp_relay, lldp, pmon, radv, snmp, telemetry are enabled
        for kube management
        init_cfg.json configure set_owner as kube for these

    2)  Each docker's start.sh updated to call container_startup.py to register going up
          As part of this call, it registers the current owner as local/kube and its version
          The images are built with its version ingrained into image during build

    3)  Update all docker's bash script to call 'container start/stop/wait' instead of 'docker start/stop/wait'.
         For all locally managed containers, it calls docker commands, hence no change for locally managed.
        
    4)  Introduced a new ctrmgrd service, that helps with transition between owners as  kube & local and carry over any labels update from STATE-DB to API server

    5)  hostcfgd updated to handle owner change

    6) Reboot scripts are updatd to tag kube running images as local, so upon reboot they run the same image.

   7) Added kube_commands.py to handle all updates with Kubernetes API serrver -- dedicated for k8s interaction only.
2020-12-22 08:01:33 -08:00
xumia
0a36de3a89
Recover "Support SONiC Reproduceable Build-debian/pip/web packages (#6255)
* Revert "Revert "Support SONiC Reproduceable Build-debian/pip/web packages (#5718)""

This reverts commit 17497a65e3.

* Revert "Revert "Remove unnecessary sudo authority in build Makefile (#6237)""

This reverts commit 163b7111b5.
2020-12-21 15:31:10 +08:00
Guohan Lu
17497a65e3 Revert "Support SONiC Reproduceable Build-debian/pip/web packages (#5718)"
This reverts commit 55a707586b.
2020-12-18 23:37:27 -08:00
xumia
55a707586b
Support SONiC Reproduceable Build-debian/pip/web packages (#5718)
* Support SONiC reproduceable build for deb/py2/py3/web

* Remove j2 files

* Fix bug

* Fix some issues

1. Change some code format issues
2. Fix curl calling wget command, pip2 calling pip3 issue
3. Fix wget/curl downloading multiple urls issue

* Fix some code format issue

* Fix bug

* Fix bug

* Fix command path hard code in build info scripts issue

* Add debian package sonic-build-tools

* Fix auto debian package removed issue

* Change build debian package name, and change the folder

* Collect the pre-versions and post-versions

* Change to use debian:buster

* Remove apt-mark and improve code

* Remove set_build_hooks

* Change docker trusted gpg files

* Fix docker build COPY directory name issue

* Move the trusted gpg files into the sonic-build-hooks package
2020-12-17 13:06:53 +08:00
mprabhu-nokia
00cea080af
Chassisd to monitor cards in a modular chassis (#5523)
HLD: Azure/SONiC#646

Introducing chassisd process to monitor status of the control, line and fabric cards in a modular chassis.

- Why I did it
Modular Chassis has control-cards, line-cards and fabric-cards along with other peripherals. Chassisd will be a central entity that has visibility of the entire chassis.

- How I did it
Chassisd process will monitor cards in the main thread. Another configuation_handling_task is created to listen to CONFIG_DB for admin_status up/down events. The monitored status is persisted in REDIS-DB.
2020-12-15 16:28:58 -08:00
Sabareesh-Kumar-Anandan
9f4ca01388
[sonic-config-engine] Adding dependent pkgs needed for arm compilation (#6186)
libxslt-dev and libz-dev are dependencies for lxml==4.6.1 which is required for pyangbind==0.8.1

lxml-4.6.2-cp37-cp37m-manylinux1_x86_64.whl is directly downloaded in amd64 whereas in arm this is built from lxml-4.6.2.tar.gz

Signed-off-by: Sabareesh Kumar Anandan <sanandan@marvell.com>
2020-12-15 08:44:46 -08:00
Junchao-Mellanox
51c77b179f
[Mellanox] Add python3 support for Mellanox platform API (#6175)
python2 is end of life and SONiC is going to support python3. This PR is going to support:

1. Mellanox SONiC platform API python3 support
2. Install both python2 and python3 verson of Mellanox SONiC platform API or pmon and host side
2020-12-11 10:51:31 -08:00
Qi Luo
0e554e09ce
[makefile] Remove python-netsnmp deb package from makefile (#6161)
Because no one is using it in buildimage repo
2020-12-09 17:40:07 -08:00
Joe LeVeque
83f0d8240e
[pmon]: Install vanilla 'thrift' Python 2 and 3 packages for Barefoot in host and PMon (#6080)
Barefoot platform vendors' sonic_platform packages import the Python 'thrift' library. Previously, our custom-built package was being installed in the PMon container and host OS. However, we are only building a Python 2 version of that package, which was only intended for use with saithrift.

Fixes #6077
2020-12-04 08:41:17 -08:00
Kalimuthu-Velappan
7bcb18fd92
[frr]: Fix for missing dependency in frr module (#6094)
The soinc-frr module has src/sonic-frr/frr submodule. The FRR sub module dependency files are not added to the DPKG file tracking. The patch includes the following.

- Included the submodule dependency files
- Removes the symbolic files.
2020-12-03 02:35:21 -08:00
lguohan
4812953468
[ntp]: build ntp with various fixes (#6037)
- NTP Bug 1970 (UNLINK_EXPR_SLIST empty list) Fix
- ENOBUFS log message level set to WARN
- Fix audit message seen on console apparmor
- add force-confold option when install ntp

Signed-off-by: Guohan Lu <lguohan@gmail.com>
Co-authored-by: Prabhu Sreenivasan <prabhu.sreenivasan@broadcom>
2020-12-02 15:02:50 -08:00
Kalimuthu-Velappan
61419f5468
[build]: Fixes: fatal: not a git repository error during build (#6090)
It fixes the following error during build.

>>> fatal: not a git repository (or any of the parent directories): .git
        "SONIC_DPKG_CACHE_METHOD"         : "cache"
        "DPKG_CACHE_PATH"                 : "/var/cache/sonic/artifacts"
2020-12-02 10:34:05 -08:00
abdosi
872c85d8e7
[lldp]: Lldp docker to use python3 version of sonic-db-syncd package. (#6046)
Made changes so that Lldp docker start using py3 of sonic-db-syncd

submodule update sonic-db-syncd
5cc29a1b32d8d1f4dfbc967bfea2727c50a49c76 (HEAD -> master, origin/master, origin/HEAD) Changes to convert sonic-dbsyncd from python 2 to 3

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
2020-11-30 10:44:40 -08:00