############################################################################### ## Configuration parameters for SONiC build system ############################################################################### # SONIC_CONFIG_PRINT_DEPENDENCIES - show dependencies for each invoked target. # Before executing rule for each target its dependencies are printed to console. # Uncomment next line to enable: # SONIC_CONFIG_PRINT_DEPENDENCIES = y # SONIC_CONFIG_BUILD_JOBS - set number of jobs for parallel build. # Corresponding -j argument will be passed to make command inside docker # container. SONIC_CONFIG_BUILD_JOBS = 1 # SONIC_CONFIG_MAKE_JOBS - set number of parallel make jobs per package. # Corresponding -j argument will be passed to make/dpkg commands that build separate packages SONIC_CONFIG_MAKE_JOBS = $(shell nproc) # DEFAULT_BUILD_LOG_TIMESTAMP - add timestamp in build log # Supported format: simple, none DEFAULT_BUILD_LOG_TIMESTAMP = none # SONIC_USE_DOCKER_BUILDKIT - use docker buildkit for build. # If set to y SONiC build system will set environment variable DOCKER_BUILDKIT=1 # to enable docker buildkit. # This options will speed up docker image build time. # NOTE: SONIC_USE_DOCKER_BUILDKIT will produce larger installable SONiC image # because of a docker bug (more details: https://github.com/moby/moby/issues/38903) # SONIC_USE_DOCKER_BUILDKIT = y # SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD - use native dockerd for build. # If set to y SONiC build container will use native dockerd instead of dind for faster build. # Special handling of the docker image file names is needed to avoid conflicts with # other SONiC build jobs on the same server. This requires changes to the Dockerfile.j2 FROM statement # in the dockers/ and platform/ subdirs to use a variable reference instead of an explicit image name. # SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD = y # SONIC_CONFIG_ENABLE_COLORS - enable colored output in build system. # Comment next line to disable: # SONIC_CONFIG_ENABLE_COLORS = y # CHANGE_DEFAULT_PASSWORD - enforce default user/users to change password on 1st login CHANGE_DEFAULT_PASSWORD ?= n # DEFAULT_USERNAME - default username for installer build DEFAULT_USERNAME = admin # DEFAULT_PASSWORD - default password for installer build DEFAULT_PASSWORD = YourPaSsWoRd # ENABLE_DHCP_GRAPH_SERVICE - specify the source of minigraph to generate configuration file. # If set to y SONiC will get the minigraph from graph service. Graph service URL need to be # passed through DHCP option 225. # If not set (default behavior) the default minigraph built into the image will be used. # ENABLE_DHCP_GRAPH_SERVICE = y # ENABLE_ZTP - installs Zero Touch Provisioning support. # ENABLE_ZTP = y # INCLUDE_PDE - Enable platform development enviroment # INCLUDE_PDE = y # SHUTDOWN_BGP_ON_START - if set to y all bgp sessions will be in admin down state when # bgp service starts. # SHUTDOWN_BGP_ON_START = y # ENABLE_PFCWD_ON_START - if set to y PFC Watchdog (PFCWD) will be enabled all server-facing ports # by default for TOR switch # ENABLE_PFCWD_ON_START = y # INSTALL_DEBUG_TOOLS - installs debugging tools in baseline docker # Uncomment next line to enable: # INSTALL_DEBUG_TOOLS = y # SONIC_USE_PDDF_FRAMEWORK - Use PDDF generic drivers and plugins # Uncomment next line to enable: SONIC_USE_PDDF_FRAMEWORK = y # SONIC_ROUTING_STACK - specify the routing-stack being elected to drive SONiC's control-plane. # Supported routing stacks on SONiC are: # routing-stacks: frr. SONIC_ROUTING_STACK = frr # ENABLE_SYNCD_RPC - build docker-syncd with rpc packages for testing purposes. # Uncomment to enable: # ENABLE_SYNCD_RPC = y # Enable Origanization Extensions - Specific to the deployment scenarios of the Organization ENABLE_ORGANIZATION_EXTENSIONS = y # Debugging option allows sonic debian packages to get built including symbols # information. Profiling option, disables compiler optimizations (-O0) as well # as includes symbols information. Given that 'profiling' option is a superset # of 'debugging' one, user should only enable either one option or the other -- # if both options are enabled, the 'profiling' one will prevail. #SONIC_DEBUGGING_ON = y #SONIC_PROFILING_ON = y # DEFAULT_KERNEL_PROCURE_METHOD - default method for obtaining kernel # build: build kernel from source # download: download pre-built kernel from Azure storage. DEFAULT_KERNEL_PROCURE_METHOD = build # FRR user and group id values. These only take effect when SONIC_ROUTING_STACK is frr. # Note: these values match the admin uid/gid of the host's admin account. If these values # change and user doesn't want the frr uid/gid to potentially match a random user on the # host, then either the appropriate account and group will need to be created on the host # manually or changes need to be made when the image is built to create the account and # group during installation. FRR_USER_UID = 300 FRR_USER_GID = 300 # DPKG cache allows the .deb files to be stored in the cache path. This allows the submodules # package to be cached and restored back if its commit hash is not modified and its dependencies are not modified. # SONIC_DPKG_CACHE_METHOD - Default method of deb package caching # none : no caching # rwcache : Use cache if exists else build the source and update the cache # wcache : Dont use the cache and just build the source and update the cache # rcache : Use cache if exists, but dont update the cache # cache : Same as rwcache # SONIC_DPKG_CACHE_SOURCE - Stores the cache location details SONIC_DPKG_CACHE_METHOD ?= none SONIC_DPKG_CACHE_SOURCE ?= /var/cache/sonic/artifacts # Default VS build memory preparation DEFAULT_VS_PREPARE_MEM = yes # INCLUDE_SYSTEM_GNMI - build docker-sonic-gnmi for system gnmi support INCLUDE_SYSTEM_GNMI = y # INCLUDE_SYSTEM_TELEMETRY - build docker-sonic-telemetry for system telemetry support INCLUDE_SYSTEM_TELEMETRY = n # INCLUDE_ICCPD - build docker-iccpd for mclag support INCLUDE_ICCPD = n # INCLUDE_SFLOW - build docker-sflow for sFlow support INCLUDE_SFLOW = y # INCLUDE_MGMT_FRAMEWORK - build docker-sonic-mgmt-framework for CLI and REST server support INCLUDE_MGMT_FRAMEWORK = y # ENABLE_HOST_SERVICE_ON_START - enable sonic-host-server for mgmt-framework and/or # gnmi containers to access host functionality by default ENABLE_HOST_SERVICE_ON_START = y # INCLUDE_RESTAPI - build docker-sonic-restapi for configuring the switch using REST APIs INCLUDE_RESTAPI = n # INCLUDE_NAT - build docker-nat for nat support INCLUDE_NAT = y # INCLUDE_DHCP_RELAY - build and install dhcp-relay package INCLUDE_DHCP_RELAY = y # INCLUDE_DHCP_SERVER - build and install dhcp-server package INCLUDE_DHCP_SERVER ?= n # INCLUDE_P4RT - build docker-p4rt for P4RT support INCLUDE_P4RT = n # ENABLE_AUTO_TECH_SUPPORT - Enable the configuration for event-driven techsupport & coredump mgmt feature ENABLE_AUTO_TECH_SUPPORT = y # ENABLE_TRANSLIB_WRITE - Enable translib write/config operations via the gNMI interface. # Uncomment to enable: # ENABLE_TRANSLIB_WRITE = y # ENABLE_NATIVE_WRITE - Enable native write/config operations via the gNMI interface. ENABLE_NATIVE_WRITE = y # INCLUDE_MACSEC - build docker-macsec for macsec support INCLUDE_MACSEC = y # INCLUDE_GBSYNCD - build docker-gbsyncd-* for gearbox support INCLUDE_GBSYNCD ?= y # INCLUDE_TEAMD - build docker-teamd for LAG protocol support INCLUDE_TEAMD ?= y # INCLUDE_ROUTER_ADVERTISER - build docker-router-advertiser for router advertisements support INCLUDE_ROUTER_ADVERTISER ?= y # INCLUDE_KUBERNETES - if set to y kubernetes packages are installed to be able to # run as worker node in kubernetes cluster. INCLUDE_KUBERNETES ?= n KUBE_DOCKER_PROXY = http://172.16.1.1:3128/ # KUBERNETES_VERSION - Set to the required version. # K8s_GCR_IO_PAUSE_VERSION - Version of k8s universal pause container image # These are Used *only* when INCLUDE_KUBERNETES=y # NOTE: As a worker node it has to run version compatible to kubernetes master. # KUBERNETES_VERSION = 1.22.2-00 KUBERNETES_CNI_VERSION = 0.8.7-00 K8s_GCR_IO_PAUSE_VERSION = 3.5 # INCLUDE_KUBERNETES_MASTER - if set to y kubernetes packages are installed o be able # to run as master node in kubernetes cluster INCLUDE_KUBERNETES_MASTER ?= n # MASTER_KUBERNETES_VERSION - version of k8s components # MASTER_PAUSE_VERSION - version of pause container image # MASTER_COREDNS_VERSION - version of coredns container image # MASTER_ETCD_VERSION = version of etcd container image # MASTER_CRI_DOCKERD = version of cri-dockerd container image # MASTER_UI_METRIC_VERSION = version of k8s metrics server container image # MASTER_UI_DASH_VERSION = version of k8s dashboard container image # MASTER_MDM_VERSION = version of mdm container image # MASTER_MDS_VERSION = version of mds container image # MASTER_FLUENTD_VERSION = version of fluentd container image MASTER_KUBERNETES_VERSION = 1.22.2-00 MASTER_KUBERNETES_CONTAINER_IMAGE_VERSION = v1.22.2 MASTER_PAUSE_VERSION = 3.5 MASTER_COREDNS_VERSION = v1.8.4 MASTER_ETCD_VERSION = 3.5.0-0 MASTER_CRI_DOCKERD = 0.3.1 MASTER_UI_METRIC_VERSION = v1.0.8 MASTER_UI_DASH_VERSION = v2.7.0 MASTER_MDM_VERSION = 2.2023.505.1124-45da18-20230505t1700 MASTER_MDS_VERSION = mariner_20230517.1 MASTER_FLUENTD_VERSION = mariner_20230517.1 # SONIC_ENABLE_IMAGE_SIGNATURE - enable image signature # To not use the auto-generated self-signed certificate, the required files to sign the image as below: # SIGNING_KEY = # SIGNING_CERT = # CA_CERT = # The relative path is build root folder. SONIC_ENABLE_IMAGE_SIGNATURE ?= n # SONIC_ENABLE_SECUREBOOT_SIGNATURE - enable SONiC kernel signing to support UEFI secureboot # To support UEFI secureboot chain of trust requires EFI kernel to be signed as a PE binary # SIGNING_KEY = # SIGNING_CERT = # The absolute path should be provided. SONIC_ENABLE_SECUREBOOT_SIGNATURE ?= n # Full Secure Boot feature flags. # SECURE_UPGRADE_DEV_SIGNING_KEY - path to development signing key, used for image signing during build # SECURE_UPGRADE_SIGNING_CERT - path to development signing certificate, used for image signing during build # SECURE_UPGRADE_MODE - enum value for secure upgrade mode, valid options are "dev", "prod" and "no_sign" # SECURE_UPGRADE_PROD_SIGNING_TOOL - path to a vendor signing tool for production flow. # SECURE_UPGRADE_PROD_TOOL_ARGS - Extra arguments options for vendor to use to run his specific prod signing script SECURE_UPGRADE_DEV_SIGNING_KEY ?= SECURE_UPGRADE_SIGNING_CERT ?= SECURE_UPGRADE_MODE = "no_sign" SECURE_UPGRADE_PROD_SIGNING_TOOL ?= SECURE_UPGRADE_PROD_TOOL_ARGS ?= # PACKAGE_URL_PREFIX - the package url prefix PACKAGE_URL_PREFIX ?= https://packages.trafficmanager.net/public/packages # TRUSTED_GPG_URLS - the trusted gpgs, separated by comma TRUSTED_GPG_URLS = https://packages.trafficmanager.net/debian/public_key.gpg,https://packages.microsoft.com/keys/microsoft.asc # SONIC_VERSION_CONTROL_COMPONENTS - Valid values: none|all|components..., the components consist of one or multiple: deb,py2,py3,web,git,docker, seperated by comma # none : disable the version control # all : enable the version control for all components # deb : debian packages # py2 : python2 packages # py3 : python3 pakcages # web : web packages, downloaded by wget, curl # git : git repositories, donloaded by git clone # docker: docker base images SONIC_VERSION_CONTROL_COMPONENTS ?= none # MIRROR_SNAPSHOT - support mirror snapshot flag MIRROR_SNAPSHOT ?= n # SONIC_VERSION_CACHE allows the .deb,.py, wget, git, docker and go files to be stored in the cache path. This allows the submodules to # cache standard installation package and restored back to avoid the package download every time. # SONIC_VERSION_CACHE - Method of deb package caching # none : no caching # cache : Use cache if exists else build the source and update the cache # SONIC_VERSION_CACHE_SOURCE - Defines the version cache location details SONIC_VERSION_CACHE_METHOD ?= none SONIC_VERSION_CACHE_SOURCE ?= $(SONIC_DPKG_CACHE_SOURCE)/vcache # SONiC docker registry # # Set the env variable ENABLE_DOCKER_BASE_PULL = y to enable pulling sonic-slave docker from registry REGISTRY_PORT ?= 443 REGISTRY_SERVER ?= sonicdev-microsoft.azurecr.io REGISTRY_SERVER_PATH ?= # BUILD_MULTIASIC_KVM - if set to y multi-asic KVM images will be generated. BUILD_MULTIASIC_KVM = n # INCLUDE_MUX - build docker-mux for dual ToR (Gemini) INCLUDE_MUX = y # ENABLE_ASAN - enable address sanitizer ENABLE_ASAN ?= n # reset default container registry from dockerhub to other DEFAULT_CONTAINER_REGISTRY ?= # INCLUDE_BOOTCHART - install systemd-bootchart INCLUDE_BOOTCHART = y # ENABLE_BOOTCHART - whether to enable systemd-bootchart on boot ENABLE_BOOTCHART = n # INCLUDE_FIPS - support FIPS feature, only for amd64 or arm64, armhf not supported yet # ENABLE_FIPS - support FIPS flag, if enabled, no additional config requred for the image to support FIPS INCLUDE_FIPS ?= y ENABLE_FIPS ?= n # SONIC_SLAVE_DOCKER_DRIVER - set the sonic slave docker storage driver SONIC_SLAVE_DOCKER_DRIVER ?= vfs # GZ_COMPRESS_PROGRAM - select pigz (a parallel implementation of gzip) to reduce a build time # and speed up a decompression of docker images on target system GZ_COMPRESS_PROGRAM ?= gzip # SONIC_OS_VERSION - sonic os version SONIC_OS_VERSION ?= 12 # PIP timeout for http connection PIP_HTTP_TIMEOUT ?= 60 # BUILD_REDUCE_IMAGE_SIZE - reduce the image size as much as possbible BUILD_REDUCE_IMAGE_SIZE = n