3197c2dfac
Optimizing number of calls made to sonic-cfggen during service start up as it adds to total system boot up time. ***-Test 1*** there is an average saving of 1 to 1.5 sec between old script and new script ``` root@str-s6000-acs-14:/# time /usr/bin/rest-server-old.sh Generating temporary TLS server certificate ... 2020/07/09 19:03:33 wrote cert.pem 2020/07/09 19:03:33 wrote key.pem REST_SERVER_ARGS = -ui /rest_ui -logtostderr -cert /tmp/cert.pem -key /tmp/key.pem /usr/sbin/rest_server -ui /rest_ui -logtostderr -cert /tmp/cert.pem -key /tmp/key.pem real 0m8.790s user 0m7.993s sys 0m0.584s root@str-s6000-acs-14:/# time /usr/bin/rest-server-new.sh Generating temporary TLS server certificate ... 2020/07/09 19:03:45 wrote cert.pem 2020/07/09 19:03:45 wrote key.pem REST_SERVER_ARGS = -ui /rest_ui -logtostderr -cert /tmp/cert.pem -key /tmp/key.pem /usr/sbin/rest_server -ui /rest_ui -logtostderr -cert /tmp/cert.pem -key /tmp/key.pem real 0m6.940s user 0m5.670s sys 0m0.386s ``` ***-Test 2*** Built an image with this change and rest server is running with params as described in test 1 above ``` admin@str-s6000-acs-14:~$ ps -ef | grep rest_server root 3301 2866 2 02:09 pts/0 00:00:10 /usr/sbin/rest_server -ui /rest_ui -logtostderr -cert /tmp/cert.pem -key /tmp/key.pem ``` signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
62 lines
2.0 KiB
Bash
Executable File
62 lines
2.0 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# Startup script for SONiC Management REST Server
|
|
EXIT_MGMT_VARS_FILE_NOT_FOUND=1
|
|
MGMT_VARS_FILE=/usr/share/sonic/templates/mgmt_vars.j2
|
|
|
|
if [ ! -f "$MGMT_VARS_FILE" ]; then
|
|
echo "Mgmt vars template file not found"
|
|
exit $EXIT_MGMT_VARS_FILE_NOT_FOUND
|
|
fi
|
|
|
|
# Read basic server settings from mgmt vars entries
|
|
MGMT_VARS=$(sonic-cfggen -d -t $MGMT_VARS_FILE)
|
|
MGMT_VARS=${MGMT_VARS//[\']/\"}
|
|
|
|
REST_SERVER=$(echo $MGMT_VARS | jq -r '.rest_server')
|
|
|
|
if [ -n "$REST_SERVER" ]; then
|
|
SERVER_PORT=$(echo $REST_SERVER | jq -r '.port')
|
|
CLIENT_AUTH=$(echo $REST_SERVER | jq -r '.client_auth')
|
|
LOG_LEVEL=$(echo $REST_SERVER | jq -r '.log_level')
|
|
|
|
SERVER_CRT=$(echo $REST_SERVER | jq -r '.server_crt')
|
|
SERVER_KEY=$(echo $REST_SERVER | jq -r '.server_key')
|
|
CA_CRT=$(echo $REST_SERVER | jq -r '.ca_crt')
|
|
fi
|
|
|
|
if [[ -z $SERVER_CRT ]] && [[ -z $SERVER_KEY ]] && [[ -z $CA_CRT ]]; then
|
|
X509=$(echo $MGMT_VARS | jq -r '.x509')
|
|
fi
|
|
|
|
# Read certificate file paths from DEVICE_METADATA|x509 entry.
|
|
if [ -n "$X509" ]; then
|
|
SERVER_CRT=$(echo $X509 | jq -r '.server_crt')
|
|
SERVER_KEY=$(echo $X509 | jq -r '.server_key')
|
|
CA_CRT=$(echo $X509 | jq -r '.ca_crt')
|
|
fi
|
|
|
|
# Create temporary server certificate if they not configured in ConfigDB
|
|
if [ -z $SERVER_CRT ] && [ -z $SERVER_KEY ]; then
|
|
echo "Generating temporary TLS server certificate ..."
|
|
(cd /tmp && /usr/sbin/generate_cert --host="localhost,127.0.0.1")
|
|
SERVER_CRT=/tmp/cert.pem
|
|
SERVER_KEY=/tmp/key.pem
|
|
fi
|
|
|
|
|
|
REST_SERVER_ARGS="-ui /rest_ui -logtostderr"
|
|
[ ! -z $SERVER_PORT ] && REST_SERVER_ARGS+=" -port $SERVER_PORT"
|
|
[ ! -z $LOG_LEVEL ] && REST_SERVER_ARGS+=" -v $LOG_LEVEL"
|
|
[ ! -z $CLIENT_AUTH ] && REST_SERVER_ARGS+=" -client_auth $CLIENT_AUTH"
|
|
[ ! -z $SERVER_CRT ] && REST_SERVER_ARGS+=" -cert $SERVER_CRT"
|
|
[ ! -z $SERVER_KEY ] && REST_SERVER_ARGS+=" -key $SERVER_KEY"
|
|
[ ! -z $CA_CRT ] && REST_SERVER_ARGS+=" -cacert $CA_CRT"
|
|
|
|
echo "REST_SERVER_ARGS = $REST_SERVER_ARGS"
|
|
|
|
|
|
export CVL_SCHEMA_PATH=/usr/sbin/schema
|
|
|
|
exec /usr/sbin/rest_server ${REST_SERVER_ARGS}
|