Commit Graph

686 Commits

Author SHA1 Message Date
pavel-shirshov
0931280466 [TSA]: Fix TSC. Avoid 'Not consistent' state (#5968) 2020-12-10 16:43:37 -08:00
pavel-shirshov
9e0ea83cd9
[bgpcfgd]: Use peer commands for BBR, not peer-group (#6048)
* templates: Move 'allowas-in' command from peer-group to instance configuration

* Use peer itself, don't rely on peer-groups
2020-11-26 09:55:24 -08:00
Lawrence Lee
cb32b362f5 Make backend device checking more robust (#5730)
Treat devices that are ToRRouters (ToRRouters and BackEndToRRouters) the same when rendering templates
 Except for BackEndToRRouters belonging to a storage cluster, since these devices have extra sub-interfaces created
Treat devices that are LeafRouters (LeafRouters and BackEndLeafRouters) the same when rendering templates

Signed-off-by: Lawrence Lee <lawlee@microsoft.com>
2020-11-14 08:39:08 -08:00
pavel-shirshov
e9ff96d90e [bgp]: Update TSA functionality (#5906)
Fixed TSA bugs:
1. TSA didn't advertise Loopback ipv6 address
2. TSA and TSB changed BGP dynamic and BGP monitors sessions

**- How to verify it**
Build an image and run on your DUT.
```
admin@str-s6100-acs-1:~$ TSA
System Mode: Normal -> Maintenance
admin@str-s6100-acs-1:~$ vtysh -c 'show bgp ipv4 neighbors 10.0.0.1 advertised-routes'
BGP table version is 6, local router ID is 10.1.0.32, vrf id 0
Default local pref 100, local AS 64601
Status codes:  s suppressed, d damped, h history, * valid, > best, = multipath,
               i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes:  i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.1.0.32/32     0.0.0.0                  0         32768 i

Total number of prefixes 1
admin@str-s6100-acs-1:~$ vtysh -c 'show bgp ipv6 neighbors fc00::a advertised-routes'
BGP table version is 6, local router ID is 10.1.0.32, vrf id 0
Default local pref 100, local AS 64601
Status codes:  s suppressed, d damped, h history, * valid, > best, = multipath,
               i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes:  i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> fc00:1::/64      ::                       0         32768 i

Total number of prefixes 1
admin@str-s6100-acs-1:~$ TSB
System Mode: Maintenance -> Normal
```

Co-authored-by: Pavel Shirshov <pavel.contrib@gmail.com>
2020-11-14 08:35:13 -08:00
judyjoseph
005702ba0e [multi-ASIC] util changes with the BGP_INTERNAL_NEIGHBOR table. (#5760)
- Why I did it
Update the routine is_bgp_session_internal() by checking the BGP_INTERNAL_NEIGHBOR table.
Additionally to address the review comment #5520 (comment)
Add timer settings as will in the internal session templates and keep it minimal as these sessions which will always be up.
Updates to the internal tests data + add all of it to template tests.

- How I did it
Updated the APIs and the template files.

- How to verify it
Verified the internal BGP sessions are displayed correctly with show commands with this API is_bgp_session_internal()
2020-11-10 12:53:49 -08:00
judyjoseph
ce86621399 [multi-ASIC] BGP internal neighbor table support (#5520)
* Initial commit for BGP internal neighbor table support.
  > Add new template named "internal" for the internal BGP sessions
  > Add a new table in database "BGP_INTERNAL_NEIGHBOR"
  > The internal BGP sessions will be stored in this new table "BGP_INTERNAL_NEIGHBOR"

* Changes in template generation tests with the introduction of internal neighbor template files.
2020-11-10 12:52:58 -08:00
abdosi
65cc37cadf [multi-asic] teamdctl support for multi-asic (#5851)
Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
2020-11-09 12:33:41 -08:00
Junchao-Mellanox
1070d024bc [thermalctld] Enlarge startretries value to avoid thermalctld not able to restart during regression test (#5633)
Increase startretires value from default of 10 to 50 to prevent supervisor from placing thermalctld in FATAL state during regression testing. Also ensures supervisord tries hard to get thermalctld running in production, as thermalctld is critical to prevent device from overheating.
2020-11-03 08:19:19 -08:00
abdosi
0fad6bdc7f [monit] Adding patch to enhance syslog error message generation for monit alert action when status is failed. (#5720)
Why/How I did:

Make sure first error syslog is triggered based on FAULT TOLERANCE condition.

Added support of repeat clause with alert action. This is used as trigger
for generation of periodic syslog error messages if error is persistent

Updated the monit conf files with repeat every x cycles for the alert action
2020-11-01 10:27:10 -08:00
shlomibitton
97f2cafe0b [LLDP] Fix for LLDP advertisements being sent with wrong information. (#5493)
* Fix for LLDP advertisments being sent with wrong information.
Since lldpd is starting before lldpmgr, some advertisment packets might sent with default value, mac address as Port ID.
This fix hold the packets from being sent by the lldpd until all interfaces are well configured by the lldpmgrd.

Signed-off-by: Shlomi Bitton <shlomibi@nvidia.com>

* Fix comments

* Fix unit-test output caused a failure during build

* Add 'run_cmd' function and use it

* Resume lldpd even if port init timeout reached
2020-10-30 09:06:23 -07:00
pavel-shirshov
2eec3b3254 [bgpcfgd]: Dynamic BBR support (#5626)
**- Why I did it**
To introduce dynamic support of BBR functionality into bgpcfgd.
BBR is adding  `neighbor PEER_GROUP allowas-in 1' for all BGP peer-groups which points to T0
Now we can add and remove this configuration based on CONFIG_DB entry 

**- How I did it**
I introduced a new CONFIG_DB entry:
 - table name: "BGP_BBR"
 - key value: "all". Currently only "all" is supported, which means that all peer-groups which points to T0s will be updated
 - data value: a dictionary: {"status": "status_value"}, where status_value could be either "enabled" or "disabled"

Initially, when bgpcfgd starts, it reads initial BBR status values from the [constants.yml](https://github.com/Azure/sonic-buildimage/pull/5626/files#diff-e6f2fe13a6c276dc2f3b27a5bef79886f9c103194be4fcb28ce57375edf2c23cR34). Then you can control BBR status by changing "BGP_BBR" table in the CONFIG_DB (see examples below).

bgpcfgd knows what peer-groups to change fron [constants.yml](https://github.com/Azure/sonic-buildimage/pull/5626/files#diff-e6f2fe13a6c276dc2f3b27a5bef79886f9c103194be4fcb28ce57375edf2c23cR39). The dictionary contains peer-group names as keys, and a list of address-families as values. So when bgpcfgd got a request to change the BBR state, it changes the state only for peer-groups listed in the constants.yml dictionary (and only for address families from the peer-group value).

**- How to verify it**
Initially, when we start SONiC FRR has BBR enabled for PEER_V4 and PEER_V6:
```
admin@str-s6100-acs-1:~$ vtysh -c 'show run' | egrep 'PEER_V.? allowas'
  neighbor PEER_V4 allowas-in 1
  neighbor PEER_V6 allowas-in 1
```

Then we apply following configuration to the db:
```
admin@str-s6100-acs-1:~$ cat disable.json                
{
        "BGP_BBR": {
            "all": {
                "status": "disabled"
            }
        }
}


admin@str-s6100-acs-1:~$ sonic-cfggen -j disable.json -w 
```
The log output are:
```
Oct 14 18:40:22.450322 str-s6100-acs-1 DEBUG bgp#bgpcfgd: Received message : '('all', 'SET', (('status', 'disabled'),))'
Oct 14 18:40:22.450620 str-s6100-acs-1 DEBUG bgp#bgpcfgd: execute command '['vtysh', '-f', '/tmp/tmpmWTiuq']'.
Oct 14 18:40:22.681084 str-s6100-acs-1 DEBUG bgp#bgpcfgd: execute command '['vtysh', '-c', 'clear bgp peer-group PEER_V4 soft in']'.
Oct 14 18:40:22.904626 str-s6100-acs-1 DEBUG bgp#bgpcfgd: execute command '['vtysh', '-c', 'clear bgp peer-group PEER_V6 soft in']'.
```

Check FRR configuraiton and see that no allowas parameters are there:
```
admin@str-s6100-acs-1:~$ vtysh -c 'show run' | egrep 'PEER_V.? allowas' 
admin@str-s6100-acs-1:~$
```

Then we apply enabling configuration back:
```
admin@str-s6100-acs-1:~$ cat enable.json 
{
        "BGP_BBR": {
            "all": {
                "status": "enabled"
            }
        }
}

admin@str-s6100-acs-1:~$ sonic-cfggen -j enable.json -w 
```
The log output:
```
Oct 14 18:40:41.074720 str-s6100-acs-1 DEBUG bgp#bgpcfgd: Received message : '('all', 'SET', (('status', 'enabled'),))'
Oct 14 18:40:41.074720 str-s6100-acs-1 DEBUG bgp#bgpcfgd: execute command '['vtysh', '-f', '/tmp/tmpDD6SKv']'.
Oct 14 18:40:41.587257 str-s6100-acs-1 DEBUG bgp#bgpcfgd: execute command '['vtysh', '-c', 'clear bgp peer-group PEER_V4 soft in']'.
Oct 14 18:40:42.042967 str-s6100-acs-1 DEBUG bgp#bgpcfgd: execute command '['vtysh', '-c', 'clear bgp peer-group PEER_V6 soft in']'.
```


Check FRR configuraiton and see that the BBR configuration is back:
```
admin@str-s6100-acs-1:~$ vtysh -c 'show run' | egrep 'PEER_V.? allowas'
  neighbor PEER_V4 allowas-in 1
  neighbor PEER_V6 allowas-in 1
```

*** The test coverage ***
Below is the test coverage
```
---------- coverage: platform linux2, python 2.7.12-final-0 ----------
Name                             Stmts   Miss  Cover
----------------------------------------------------
bgpcfgd/__init__.py                  0      0   100%
bgpcfgd/__main__.py                  3      3     0%
bgpcfgd/config.py                   78     41    47%
bgpcfgd/directory.py                63     34    46%
bgpcfgd/log.py                      15      3    80%
bgpcfgd/main.py                     51     51     0%
bgpcfgd/manager.py                  41     23    44%
bgpcfgd/managers_allow_list.py     385     21    95%
bgpcfgd/managers_bbr.py             76      0   100%
bgpcfgd/managers_bgp.py            193    193     0%
bgpcfgd/managers_db.py               9      9     0%
bgpcfgd/managers_intf.py            33     33     0%
bgpcfgd/managers_setsrc.py          45     45     0%
bgpcfgd/runner.py                   39     39     0%
bgpcfgd/template.py                 64     11    83%
bgpcfgd/utils.py                    32     24    25%
bgpcfgd/vars.py                      1      0   100%
----------------------------------------------------
TOTAL                             1128    530    53%
```

**- Which release branch to backport (provide reason below if selected)**

- [ ] 201811
- [x] 201911
- [x] 202006
2020-10-30 08:58:27 -07:00
pavel-shirshov
84405ab953 [bgp]: Enable next-hop-tracking through default (#5600)
**- Why I did it**
FRR introduced [next hop tracking](http://docs.frrouting.org/projects/dev-guide/en/latest/next-hop-tracking.html) functionality.
That functionality requires resolving BGP neighbors before setting BGP connection (or explicit ebgp-multihop command). Sometimes (BGP MONITORS) our neighbors are not directly connected and sessions are IBGP. In this case current configuration prevents FRR to establish BGP connections.  Reason would be "waiting for NHT". To fix that we need either add static routes for each not-directly connected ibgp neighbor, or enable command `ip nht resolve-via-default`

**- How I did it**
Put `ip nht resolve-via-default` into the config

**- How to verify it**
Build an image. Enable BGP_MONITOR entry and check that entry is Established or Connecting in FRR

Co-authored-by: Pavel Shirshov <pavel.contrib@gmail.com>

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
2020-10-13 22:42:29 -07:00
abdosi
9202b1c7eb
Fix monit complaining of snmp on 201911 branch. (#5612)
There is difference between master and 201911
how sonic_ax_impl is started.

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
2020-10-13 17:17:43 -07:00
Mahesh Maddikayala
f354a20d94 [ECMP][Multi-ASIC] Have different ECMP seed value on each ASIC (#5357)
* Calculate ECMP hash seed based on ASIC ID on multi ASIC platform. Each ASIC will have a unique ECMP hash seed value.

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
2020-10-13 09:48:57 -07:00
pavel-shirshov
437ad95646 [bgp] Add 'allow list' manager feature (#5513)
implements a new feature: "BGP Allow list."

This feature allows us to control which IP prefixes are going to be advertised via ebgp from the routes received from EBGP neighbors.
2020-10-06 11:15:19 -07:00
abdosi
3a29249e04 [Multi-asic] Fixed Default Route to be BGP (#5548)
Learned and not docker default route for multi-asic platforms.

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
2020-10-06 06:04:31 +00:00
Nazarii Hnydyn
f456f1fd03 [monit]: Fix process checker. (#5480)
Signed-off-by: Nazarii Hnydyn <nazariig@nvidia.com>
2020-09-30 00:25:37 +00:00
Stephen Sun
e9c2fdbf4a
[watermark] Fix error: BUFFER_POOL_WATERMARK isn't enabled by default (#4882) (#5455)
* Fix error: watermarkstat -t buffer_pool doesn't work

Signed-off-by: Stephen Sun <stephens@nvidia.com>
2020-09-29 13:59:26 -07:00
arlakshm
c8f92232ef Vtysh support for multi asic (#5479)
Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
2020-09-29 19:40:37 +00:00
Abhishek Dosi
04725bc030 Revert "[bgp] Add 'allow list' manager feature (#5309)"
This reverts commit b5d33b39de.
2020-09-29 15:39:04 +00:00
judyjoseph
4dbe391b9a [multi-Asic] Add support for multi-asic to swssloglevel (#5316)
* Support for multi-asic platform for swssloglevel command

admin@str-acs-1:~$ swssloglevel 
Usage: /usr/bin/swssloglevel -n [0 to 3] [OPTION]... 

* Update to use the env file to get the PLATFORM string.
2020-09-28 21:15:44 +00:00
Tamer Ahmed
2cc98b4bac [platform] Add Support For Environment Variable File (#5010)
* [platform] Add Support For Environment Variable

This PR adds the ability to read environment file from /etc/sonic.
the file contains immutable SONiC config attributes such as platform,
hwsku, version, device_type. The aim is to minimize calls being made
into sonic-cfggen during boot time.

singed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
2020-09-28 21:14:39 +00:00
pavel-shirshov
b5d33b39de [bgp] Add 'allow list' manager feature (#5309)
implements a new feature: "BGP Allow list."

This feature allows us to control which IP prefixes are going to be advertised via ebgp from the routes received from EBGP neighbors.
2020-09-28 16:20:27 +00:00
Sumukha Tumkur Vani
d6856aa424 Update conf DB with CA cert & rename ca_crt field (#5448) 2020-09-28 16:19:27 +00:00
Tamer Ahmed
dd87bf7f7c [swss] Start Restore Neighbor After SWSS Config (#5451)
SWSS config script restore ARP/FDB/Routes. Restore neighbor script
uses config DB ARP information to restore ARP entries and so needs
to be started after swssconfig exits.

signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
2020-09-28 16:15:19 +00:00
Joe LeVeque
b70c6f72b2 [dockers][supervisor] Increase event buffer size for dependent-startup (#5247)
When stopping the swss, pmon or bgp containers, log messages like the following can be seen:

```
Aug 23 22:50:43.789760 sonic-dut INFO swss#supervisord 2020-08-23 22:50:10,061 ERRO pool dependent-startup event buffer overflowed, discarding event 34
Aug 23 22:50:43.789760 sonic-dut INFO swss#supervisord 2020-08-23 22:50:10,063 ERRO pool dependent-startup event buffer overflowed, discarding event 35
Aug 23 22:50:43.789760 sonic-dut INFO swss#supervisord 2020-08-23 22:50:10,064 ERRO pool dependent-startup event buffer overflowed, discarding event 36
Aug 23 22:50:43.789760 sonic-dut INFO swss#supervisord 2020-08-23 22:50:10,066 ERRO pool dependent-startup event buffer overflowed, discarding event 37
```

This is due to the number of programs in the container managed by supervisor, all generating events at the same time. The default event queue buffer size in supervisor is 10. This patch increases that value in all containers in order to eliminate these errors. As more programs are added to the containers, we may need to further adjust these values. I increased all buffer sizes to 25 except for containers with more programs or templated supervisor.conf files which allow for a variable number of programs. In these cases I increased the buffer size to 50. One final exception is the swss container, where the buffer fills up to ~50, so I increased this buffer to 100.

Resolves https://github.com/Azure/sonic-buildimage/issues/5241
2020-09-28 16:12:53 +00:00
yozhao101
7580c846ad
[201911][Monit] Unmonitor processes in disabled containers (#5462)
We want to let Monit to unmonitor the processes in containers which are disabled in `FEATURE` table such that
Monit will not generate false alerting messages into the syslog.

- Backport of https://github.com/Azure/sonic-buildimage/pull/5153 to the 201911 branch

Signed-off-by: Yong Zhao <yozhao@microsoft.com>
2020-09-25 00:30:41 -07:00
gechiang
6ae77f87cc
Renamed sonic-bgpcfgd/bgpmon_proj directory to sonic-bfgcfgd/bgpmon so it is in sync with master branch naming change. Also made bgpmon auto restart enabled (#5453)
synch up the changes from master branch where bgpmon_proj is renamed to bgpmon.
Added bgpmon to be autorestart enabled by supervisord
2020-09-24 08:57:55 -07:00
gechiang
7168fc8c07
Add bgpmon under sonic-bgpcfgd to be started as a new daemon under BGP docker (#5426)
This is to port the same set of changes from master branch to 201911 branch for the bgpmon daemon running under bgp docker.
2020-09-22 12:13:37 -07:00
lguohan
13d28f9d19
[docker-base-stretch]: install rsyslog from stretch-backports (#5411)
Install a newer version of rsyslog from stretch-backports to support -iNONE

Previous backport from master use -iNONE option which is only
available after v8.32.0

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-09-21 02:08:30 -07:00
Prince Sunny
20f627044f Add new DB for Restapi to database config (#5350) 2020-09-19 14:08:36 -07:00
Tamer Ahmed
56cab18501 [dhcpmon] Print Both Snapshot And Current Counters (#5374)
Printing both snapshot and current counter sets will make it easier to pinpoint
which message type(s) is/are not being relayed. This PR prints both counter sets.
Also, this PR defines gnu11 as a C standard to compile with in order to avoid
making changes when porting to 201811 branch.

singed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
2020-09-19 14:06:25 -07:00
Tamer Ahmed
b27ba0630c [dhcpmon] Monitor Mgmt Interface For DHCP Packets (#5317)
When BGP routes are missing, DHCP packets get relayed over mgmt
interface. This results in dhcpmon alerting that DHCP packets are
not being relayed. This is PR include mgmt interface as uplink
device, and so, if DHCP packet gets relayed over mgmt interface,
regular dhcpmon alert will not be issues. Instead, dhcpmon will
check the mgmt interface counts and issue a separate alert regarding
packets travelling through mgmt network.

In addition, this PR includes the following enhancements:
1. Add SIGUSR1 handler that prints out current packet counts
2. Increase alert grace window to 3 minutes from currently 2 minutes
3. Time is now computed more accurately
4. Print vlan name before counters

signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
2020-09-19 14:05:49 -07:00
Joe LeVeque
c3117bc35e [lldpmgrd] Inherit DaemonBase class from sonic-py-common package (#5370)
Eliminate duplicate logging and signal handling code by inheriting from DaemonBase class in sonic-py-common package.
2020-09-19 13:59:01 -07:00
Tamer Ahmed
4f7c346c53 [swss] Start Arp Update Process (#5391)
Arp update process was not being started due to an issue with
the directory name having an extra 'd' in supervisor as in
'/etc/supervisord/conf.d/arp_update.conf'.

signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
2020-09-19 13:52:18 -07:00
Joe LeVeque
1ee4fa5a40 [docker-radv] Fix startup issues (#5230)
**- Why I did it**

PR https://github.com/Azure/sonic-buildimage/pull/4599 introduced two bugs in the startup of the router advertiser container:

1. References to the `wait_for_intf.sh` script were changed to `wait_for_link.sh`, but the actual script was not renamed
2. The `ipv6_found` Jinja2 variable added to the supervisor config file goes out of scope before it is read.

**- How I did it**
1. Rename the `wait_for_intf.sh` script to `wait_for_link.sh`
2. Use the Jinja2 "namespace" construct to fix the scope issue

**- How to verify it**

Ensure all processes in the radv container start properly under the correct conditions (i.e., whether or not there is at least one VLAN with an IPv6 address assigned).
2020-09-04 21:20:08 +00:00
abdosi
e564142df2 Fix the issue as reported in (#5315)
https://github.com/Azure/sonic-buildimage/issues/5255

Root Cause: Waiting on Restore count != 0 can lead to race condition
between orchagent process and swssconfig.sh.

Ideally check of  Restore count != 0 is not needed as the State DB
cannot be flushed as if it was flushed then Warm Restart or swss-restart
should not be true also.
2020-09-04 21:10:39 +00:00
Prince Sunny
b1acfb60a7 Skip vnet-vxlan interfaces from generating networks (#5251)
* Skip Vnet interface from generating networks
2020-09-03 15:49:59 -07:00
arlakshm
15a2195236 [Multi-ASIC]:Update the template to add ipinip entry for Loopback4096 (#5235)
Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
The following changes are done. 
- Multi asic platform have 2 Loopback interfaces, Loopback0 and Loopback4096. IPinIP decap entries need to be added for both of them. Update the ipinip.json.j2 template to add decap entries for Loopback4096.
- Add corressponding unit test
2020-09-03 15:48:39 -07:00
zhenggen-xu
a949cf004e
[Build] pin down setuptools for build issues (#5281)
Pin down setuptools version to fix build issues. See: https://github.com/Azure/sonic-buildimage/issues/5279

Signed-off-by: Zhenggen Xu <zxu@linkedin.com>
2020-08-31 20:44:39 -07:00
pra-moh
c43a994486 [docker-ptf] add gnmi python client (#4928)
For telemetry regression test we need gnmi client to be present on ptfdocker. Gnmi-server will be present on SONiC DuT. Further, we can access gnmi_get from ptfdocker inside pytest to verify gnmi server streaming data successfully or not.
2020-08-27 08:05:41 -07:00
Mykola F
c243b8a9f5
[201911] Update SAI-Implementation submodule and enable port in/out dropped pkts stats (#5093)
- Enable port buffer drops by default
- Update SAI submodule

Signed-off-by: Mykola Faryma <mykolaf@mellanox.com>
2020-08-25 08:20:05 -07:00
RayWang910012
4810db8447 [monit]: monit_telemetry which will have error when telemetry is in secure mode (#4286)
When telemetry is in secure mode ,the monitor will have error log of the match string "--insecure". So I modify to be compatiable with insecure mode and secure mode.

Co-authored-by: Ubuntu <ubuntu@ip-10-5-1-21.ap-south-1.compute.internal>
2020-08-24 10:22:25 -07:00
Tamer Ahmed
9514932ed5 [telemetry] Fix telemetry vars template path (#4938)
The template is referenced relative to the script path and this could
results in errors in case script is run from root. Add explicit
path to the template file name.
Also, moving telemetry_var template to template dir.
And remove double quotes from around json dict.

signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
2020-08-19 16:59:32 -07:00
lguohan
92270544c5 [docker-orchagent]: start portsyncd before orchagent (#4845)
when portsyncd starts, it first enumerates all front panel ports
and marks them as old interfaces. Then, for new front panel ports
it checks if their indexes exist in previous sets. If yes, it will
treats them as old interfaces and ignore them.

The reason we have this check is because broadcom SAI only removes
front panel ports after sai switch init.

So, if portsyncd starts after orchagent, new interfaces could be
created before portsyncd and treated as old interface.

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-08-16 08:25:36 -07:00
Joe LeVeque
802e77c3f1 [docker-pmon] Fix copy of fancontrol config file (#5037)
Copy proper fancontrol config file to the proper destination. Also some minor refactoring for code reuse to help prevent issues like this in the future.

Fixes a bug introduced by #4599
2020-08-15 22:35:02 -07:00
Guohan Lu
42f9be1de3 [docker-database]: do not generate pidfile for rsyslogd
Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-08-15 22:32:25 -07:00
Guohan Lu
569766f698 [docker-snmp-sv2]: use service dependency in supervisord to start services
Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-08-15 22:32:19 -07:00
Guohan Lu
b378b4d249 [docker-dhcp-relay]: use service dependency in supervisord to start services 2020-08-15 22:25:52 -07:00
Guohan Lu
7158ccd30d [docker-teamd]: use service dependency in supervisord to start services 2020-08-15 22:25:46 -07:00
Guohan Lu
1b6b6055e7 [docker-mgmt-framework]: use service dependency in supervisord to start services
Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-08-15 22:25:38 -07:00
Guohan Lu
4d2f9d1245 [docker-telemetry]: use service dependency in supervisord to start services
Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-08-15 22:25:32 -07:00
Guohan Lu
9f5c5c7a4a [docker-restapi]: use service dependency in supervisord to start services 2020-08-15 22:25:24 -07:00
Guohan Lu
763673993e [docker-pmon]: use service dependency in supervisord to start services 2020-08-15 22:23:50 -07:00
Guohan Lu
aa0b875b03 [docker-sflow]: use service dependency in supervisord to start services 2020-08-15 22:22:00 -07:00
Guohan Lu
5be374c746 [docker-orchagent]: use service dependency in supervisord to start services 2020-08-15 22:21:52 -07:00
Guohan Lu
db5a979247 [docker-radvd]: use service dependency in supervisord to start services 2020-08-15 22:21:44 -07:00
Guohan Lu
685041a66a [docker-lldp-sv2]: use service dependency in supervisord to start services 2020-08-15 22:21:33 -07:00
Guohan Lu
eb41fd5df6 [docker-nat]: use service dependency in supervisord to start servicesx
Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-08-15 22:20:35 -07:00
Guohan Lu
397517d449 [docker-base]: remove dummy password for supervisord control
Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-08-15 22:20:23 -07:00
Guohan Lu
ebd1915356 [docker-base]: add supervisord-dependent-startup plugin for supervisord 2020-08-15 22:19:39 -07:00
abdosi
e3eddede1e Changes to add template support for copp.json. (#5053)
* Changes to add template support for copp.json.
This is needed so that we can install differnt type of
Traps based on Device Role (Tor/Leaf/Mgmt/etc...).

Initial use case is to install DHCP/DHCPv6 tarp only
for tor router.

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

* Fixed based on review comments.

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

* Fixed based on review comment.
2020-07-31 17:24:45 -07:00
Nazarii Hnydyn
7fe359747a [orchagent]: Fix platform string export. (#4993)
Signed-off-by: Nazarii Hnydyn <nazariig@mellanox.com>
2020-07-26 11:20:56 -07:00
Tamer Ahmed
755319c37c [docker-orchagent] Call sonic-cfggen Once (#4936)
Optimizing number of calls made to sonic-cfggen during service
start up as it adds to total system boot up time.

signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>

**- Why I did it**
sonic-cfggen call is slow and it adds to system start up time

**- How I did it**
places all required variable into single template and called into sonic-cfggen using this template

**- How to verify it**
***-Test 1***
there is an average saving of .5 to 1 sec between old script and new script
```
root@str-s6000-acs-14:/# time ./orchagent_old.sh
/usr/bin/orchagent -d /var/log/swss -b 8192 -m f4:8e:38:16:bc:8d

real	0m3.546s
user	0m2.365s
sys	0m0.585s

root@str-s6000-acs-14:/# time ./orchagent_new.sh
/usr/bin/orchagent -d /var/log/swss -b 8192 -m f4:8e:38:16:bc:8d

real	0m2.058s
user	0m1.650s
sys	0m0.363s
```
***-Test 2***
Built an image with this change and orchagent is running with intended params:
```
admin@str-s6000-acs-14:~$ ps -ef | grep orchagent
root      2988  1901  1 02:09 pts/0    00:00:02 /usr/bin/orchagent -d /var/log/swss -b 8192 -m f4:8e:38:16:bc:8d
```

signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
2020-07-26 11:19:15 -07:00
Akhilesh Samineni
dd26117bf2 [NAT]: Update the conntrack entries timeout to Max value after warmboot (#4596)
Signed-off-by: Akhilesh Samineni <akhilesh.samineni@broadcom.com>

All new NAT conntrack entries are added to kernel with max entry timeout of 432000 and setting the same timeout during system warm reboot also
2020-07-26 11:18:42 -07:00
anish-n
733f7091ac [bgpcfgd]: Add Vlan prefix list to the FRR templates (#5005)
add the Vlan prefix list to the FRR templates
2020-07-26 11:17:29 -07:00
Danny Allen
0824509373 [docker-ptf] Add support for spytest to ptf container (#4410)
- Install apt and pip dependencies
- Define traffic generator service

Signed-off-by: Danny Allen <daall@microsoft.com>
2020-07-14 22:06:05 -07:00
abdosi
b725572023
Fix the below frr start.sh jija2 exception in 201911 image syslog: (#4958)
File "/usr/local/bin/sonic-cfggen", line 380, in <module>
     main()
   File "/usr/local/bin/sonic-cfggen", line 354, in main
     print(template.render(data))
   File "/usr/local/lib/python2.7/dist-packages/jinja2/environment.py", line 1090, in render
     self.environment.handle_exception()
   File "/usr/local/lib/python2.7/dist-packages/jinja2/environment.py", line 832, in handle_exception
     reraise(*rewrite_traceback_stack(source=source))
   File "<template>", line 1, in top-level template code
   File "/usr/local/lib/python2.7/dist-packages/jinja2/environment.py", line 471, in getattr
     return getattr(obj, attribute)
 jinja2.exceptions.UndefinedError: 'WARM_RESTART' is undefined

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
2020-07-14 08:02:32 -07:00
Ying Xie
6427f1a4f8 [mgmt docker] move pycryptodome installation to the end of the docker building (#4917)
* [mgmt docker] move pycryptodome installation to the end of the docker building

Signed-off-by: Ying Xie <ying.xie@microsoft.com>

* pin down the version to current: 3.9.8

* comment
2020-07-11 09:46:51 -07:00
Tamer Ahmed
1bb3918a55 [telemetry] Call sonic-cfggen Once (#4901)
sonic-cfggen call is slow and this is taking place in the SONiC
boot up process. The change uses templates to assemble all required
vars into single template file. With this change, telemetry now calls
once into sonic-cfggen.

signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
2020-07-11 09:45:22 -07:00
arlakshm
aef3f7dc5a "[config]: Multi ASIC loopback changes (#4895)
Resubmitting the changes for (#4825) with fixes for sonic-bgpcdgd test failures
Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
2020-07-08 09:03:41 -07:00
Shuba Viswanathan
b7b602bb11 [sonic-mgmt]: Support for pytest-html to control logs better (#4791)
The current stdout file which also includes the dut logs are very verbose and noisy.

We have manually installed it in the sonic-mgmt docker in our organization and tuned the pytest settings to produce very helpful and concise logs.

pytest-html plugins can be used to post-process the output in various ways based on our different and unique organizational needs.

Hence proposing to add this pkt to the docker file
2020-07-06 18:33:50 -07:00
Danny Allen
fbdd77594f [mgmt docker] Clean up docker-sonic-mgmt dockerfile (#4759)
- Alphabetize dependencies to prevent duplicates
- Remove unneccesary git clone

Signed-off-by: Danny Allen <daall@microsoft.com>
2020-07-06 18:33:37 -07:00
Arun Saravanan Balachandran
abe2d40cdf [docker-sonic-mgmt]: import patch to support 'become' and 'become_user' arguments in pytest-ansible (#4681) 2020-07-06 18:33:25 -07:00
Ying Xie
8a26951eb2 [sonic-mgmt] upgrade ansible to 2.7.12 (#4751)
Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2020-07-06 18:33:14 -07:00
Ying Xie
3129451239 [sonic-mgmt] upgrade paramilo to version 2.7.1 (#4750)
spytest requires higher paramiko version. Fix it to 2.7.1.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2020-07-06 18:33:00 -07:00
Guohan Lu
86955e2b04 [docker-sonic-mgmt]: fix pip version to 20.1.1
Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-07-06 18:32:48 -07:00
Wei Bai
9b32171664 [docker-sonic-mgmt] Add IxNetwork python client (#4533)
* Add IxNetwork python client to sonic mgmt docker
2020-07-06 18:32:35 -07:00
Danny Allen
1652206852 [docker-sonic-mgmt] Merge spytest dependencies into mgmt docker (#4411)
Signed-off-by: Danny Allen <daall@microsoft.com>
2020-07-06 18:32:23 -07:00
xumia
276310dceb [docker-sonic-mgmt]: Fix virtual environment bug (#4370) 2020-07-06 18:32:11 -07:00
xumia
d28945987c [sonic-mgmt]: Support virtual environment for ansible 2.0.0.2 (#4325)
. env-201811/bin/activate

The ansible 2.0.0.2 will be used.
2020-07-06 18:32:01 -07:00
Xin Wang
db15b88bfc [docker-sonic-mgmt]: Add the snmp tool to the sonic-mgmt docker (#4110)
The snmp tool is required for interacting with certain type
of PDU hosts in platform PSU/power related testing. This
change is to have the snmp tool pre-built in the sonic-mgmt
docker image.

Signed-off-by: Xin Wang <xinw@mellanox.com>
2020-07-06 18:31:46 -07:00
Guohan Lu
5310b0946d [docker-sonic-mgmt]: set wheel version to 0.33.6 to fix sonic-mgmt build break
looks like version 0.42 has build issues

Signed-off-by: Guohan Lu <gulv@microsoft.com>
2020-07-06 18:31:34 -07:00
Guohan Lu
c9e012d327 [docker-sonic-mgmt]: fix installation permission issue 2020-07-06 18:31:14 -07:00
Iris Hsu
3eac616dc4 [sonic-mgmt]: Install python-subnettree to sonic-mgmt container. (#3978)
* Install python-subnettree to sonic-mgmt container.
2020-07-06 18:31:01 -07:00
Myron Sosyak
35e9d5bc72 [docker-sonic-mgmt]: Add docker-ce-cli to sonic-mgmt container (#3868)
In the scope of migration from docker shell plugin to docker connection plugin, we need to have docker-ce-cli installed in docker-sonic-mgmt. Azure/sonic-mgmt#1269

Added docker-ce-cli package to docker-sonic-mgmt.
2020-07-06 18:30:45 -07:00
pavel-shirshov
6958441959 Tests for bgpcfgd templates (#4841)
* Tests for bgpcfgd templates
2020-07-05 15:55:18 -07:00
pavel-shirshov
1930b3ac89 [bgpcfgd]: make a package for bgpcfgd (#4813) 2020-07-05 15:51:05 -07:00
pavel-shirshov
9c62ce9ebb Tests of FRR templates which rendered by sonic-cfggen (#4875)
* Tests of FRR templates which rendered by sonic-cfggen
2020-07-05 15:37:04 -07:00
abdosi
4869fa7173 [sonic-buildimage] Changes to make network specific sysctl common for both host and docker namespace (#4838)
* [sonic-buildimage] Changes to make network specific sysctl
common for both host and docker namespace (in multi-npu).

This change is triggered with issue found in multi-npu platforms
where in docker namespace
net.ipv6.conf.all.forwarding was 0 (should be 1) because of
which RS/RA message were triggered and link-local router were learnt.

Beside this there were some other sysctl.net.ipv6* params whose value
in docker namespace is not same as host namespace.

So to make we are always in sync in host and docker namespace
created common file that list all sysctl.net.* params and used
both by host and docker namespace. Any change will get applied
to both namespace.

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

* Address Review Comments and made sure to invoke augtool
only one and do string concatenation of all set commands

* Address Review Comments.
2020-07-05 15:32:30 -07:00
judyjoseph
a80683dcd1 Support for connecting to DB in namespace via TCP port in multi-asic platform. (#4779)
* Support for connecting to DB in namespace via IP:port ( using docker bridge network ) for applications in multi-asic platform.

* Added the default IP as 127.0.0.1 if the IPaddress derivation from interface fails.
Moved the localhost loopback IP binding logic into the supervisor.j2 file.
2020-07-05 15:27:00 -07:00
abdosi
75d5e30f07 Changes to make default route programming correct in multi-npu platforms (#4774)
* Changes to make default route programming
correct in multi-asic platform where frr is not running
in host namespace. Change is to set correct administrative distance.
Also make NAMESPACE* enviroment variable available for all dockers
so that it can be used when needed.

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

* Fix review comments

* Review comment to check to add default route
only if default route exist and delete is successful.
2020-07-05 15:21:09 -07:00
yozhao101
d32beffed0
[201911][docker-lldp] Correct lldp-syncd program name in critical_processes file (#4863)
The program name in critical_processes file must match the program name defined in supervisord.conf file.

Signed-off-by: Yong Zhao <yozhao@microsoft.com>
2020-06-28 11:09:27 -07:00
Tamer Ahmed
10cd212577 [fast-reboot] Back up FDB/ARP/Default routes (#4795)
FDB/ARP/Default routes files are deleted after swssconfig. This
makes debugging/validation of device conversion hard. This PR
saves those files in order to facilitate debugging of device conversion.

signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
2020-06-28 07:27:55 -07:00
yozhao101
c2364cf03e
[201911][dockers] Update critical_processes file syntax (#4854)
Backport of https://github.com/Azure/sonic-buildimage/pull/4831 to the 201911 branch
2020-06-26 11:37:05 -07:00
arlakshm
c5807c2dd2 [bgp]:Add redistribution connected for ipv6 also for Frontend ASICs (#4767)
* fix redistribution connected for ipv6 also

Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
2020-06-16 08:18:19 -07:00
Junchao-Mellanox
0a70571011
[201911][thermal control] Backport feature from master branch (#4677)
Backport thermal control feature from master branch to 201911 branch by cherry-picking commits and manually resolving conflicts.
2020-06-08 11:20:43 -07:00
judyjoseph
7bd7756129 Adding new BGP peer groups PEER_V4_INT and PEER_V6_INT. (#4620)
* Adding new BGP peer groups PEER_V4_INT and PEER_V6_INT. The internal BGP sessions
will be added to this peer group while the external BGP sessions will be added
to the exising PEER_V4 and PEER_V6 peer group.

* Check for "ASIC" keyword in the hostname to identify the internal neighbors.
2020-05-20 22:44:14 -07:00
arlakshm
321b99b48c Change to enable redistribute connected on Frontend asics instead of backend asics (#4588)
Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
2020-05-20 07:53:50 -07:00
abdosi
9ea746e25f Changes for LLDP docker to support multi-npu platforms (#4530)
* Changes for LLDP for Multi NPU Platoforms:-
a) Enable LLDP for Host namespace for Management Port
b) Make sure Management IP is avaliable in per asic namespace
   needed for LLDP Chassis configuration
c) Make sure chassis mac-address is correct in per asic namespace
d) Do not run lldp on eth0 of per asic namespace and avoid chassis
   configuration for same
e) Use Linux hostname instead from Device Metadata for lldp chassis
   configuration since in multi-npu platforms device metadata hostname
   will be differnt

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

* Address Review Comment with following changes:
a) Use Device Metadata hostname even in per namespace conatiner.
   updated minigraph parsing for same to have hostname as system
   hostname and add new key for asic name

b) Minigraph changes to have MGMT_INTERFACE Key in per asic/namespace
   config also as needed for LLDP for setting chassis management IP.

Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>

* Address Review Comments
2020-05-20 07:51:49 -07:00