matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
0de051ab9f
sonic-buildimage/dockers/docker-sonic-telemetry/telemetry.sh
lguohan 8969b7c06f [telemetry]: move default certs location from device metadata to telemetry (#4307) 
maintains backward compatibility to search original x509 location
when telemetry table does not have certs

Signed-off-by: Guohan Lu <lguohan@gmail.com>
2020-03-24 15:14:40 -07:00

63 lines
2.0 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# Try to read telemetry and certs config from ConfigDB.
# Use default value if no valid config exists
X509=`sonic-cfggen -d -v "DEVICE_METADATA['x509']"`
gnmi=`sonic-cfggen -d -v "TELEMETRY['gnmi']"`
certs=`sonic-cfggen -d -v "TELEMETRY['certs']"`
TELEMETRY_ARGS=" -logtostderr"
export CVL_SCHEMA_PATH=/usr/sbin/schema
if [ -n "$certs" ]; then
SERVER_CRT=`sonic-cfggen -d -v "TELEMETRY['certs']['server_crt']"`
SERVER_KEY=`sonic-cfggen -d -v "TELEMETRY['certs']['server_key']"`
if [ -z $SERVER_CRT ] || [ -z $SERVER_KEY ]; then
TELEMETRY_ARGS+=" --insecure"
else
TELEMETRY_ARGS+=" --server_crt $SERVER_CRT --server_key $SERVER_KEY "
fi
CA_CRT=`sonic-cfggen -d -v "TELEMETRY['certs']['ca_crt']"`
if [ ! -z $CA_CRT ]; then
TELEMETRY_ARGS+=" --ca_crt $CA_CRT"
fi
elif [ -n "$X509" ]; then
SERVER_CRT=`sonic-cfggen -d -v "DEVICE_METADATA['x509']['server_crt']"`
SERVER_KEY=`sonic-cfggen -d -v "DEVICE_METADATA['x509']['server_key']"`
if [ -z $SERVER_CRT ] || [ -z $SERVER_KEY ]; then
TELEMETRY_ARGS+=" --insecure"
else
TELEMETRY_ARGS+=" --server_crt $SERVER_CRT --server_key $SERVER_KEY "
fi
CA_CRT=`sonic-cfggen -d -v "DEVICE_METADATA['x509']['ca_crt']"`
if [ ! -z $CA_CRT ]; then
TELEMETRY_ARGS+=" --ca_crt $CA_CRT"
fi
else
TELEMETRY_ARGS+=" --insecure"
fi
# If no configuration entry exists for TELEMETRY, create one default port
if [ -z "$gnmi" ]; then
sonic-db-cli CONFIG_DB hset "TELEMETRY|gnmi" port 8080
fi
PORT=`sonic-cfggen -d -v "TELEMETRY['gnmi']['port']"`
TELEMETRY_ARGS+=" --port $PORT"
CLIENT_AUTH=`sonic-cfggen -d -v "TELEMETRY['gnmi']['client_auth']"`
if [ -z $CLIENT_AUTH ] || [ $CLIENT_AUTH == "false" ]; then
TELEMETRY_ARGS+=" --allow_no_client_auth"
fi
LOG_LEVEL=`sonic-cfggen -d -v "TELEMETRY['gnmi']['log_level']"`
if [ ! -z $LOG_LEVEL ]; then
TELEMETRY_ARGS+=" -v=$LOG_LEVEL"
else
TELEMETRY_ARGS+=" -v=2"
fi
exec /usr/sbin/telemetry ${TELEMETRY_ARGS}
Reference in New Issue View Git Blame Copy Permalink