sonic-buildimage/dockers/docker-orchagent/Dockerfile.j2
Lawrence Lee a41c15a329 [swss]: Listen for undeliverable tunnel packets (#9348)
- Create a script in the orchagent docker container which listens for these encapsulated packets which are trapped to CPU (indicating that they cannot be routed/no neighbor info exists for the inner packet). When such a packet is received, the script will issue a ping command to the packet's inner destination IP to start the neighbor learning process.
- This script is also resilient to portchannel status changes (i.e. interface going up or down). An interface going down does not affect traffic sniffing on interfaces which are still up. When an interface comes back up, we restart the sniffer to start capturing traffic on that interface again.
2021-12-16 11:59:34 -08:00

81 lines
2.7 KiB
Django/Jinja
Executable File

{% from "dockers/dockerfile-macros.j2" import install_debian_packages, install_python_wheels, copy_files %}
FROM docker-config-engine-buster
ARG docker_container_name
RUN [ -f /etc/rsyslog.conf ] && sed -ri "s/%syslogtag%/$docker_container_name#%syslogtag%/;" /etc/rsyslog.conf
# Make apt-get non-interactive
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
apt-get install -f -y \
ifupdown \
arping \
iproute2 \
ndisc6 \
tcpdump \
libelf1 \
libmnl0 \
bridge-utils \
conntrack \
ndppd \
# Needed for installing netifaces Python package
build-essential \
python3-dev
{% if ( CONFIGURED_ARCH == "armhf" or CONFIGURED_ARCH == "arm64" ) %}
# Fix for gcc/python/iputils-ping not found in arm docker
RUN apt-get install -f -y python2.7 python2.7-dev
RUN apt-get install -y \
gcc-8 \
iputils-ping
{% endif %}
{% if CONFIGURED_ARCH == "armhf" %}
RUN ln -s -f /usr/bin/gcc-8 /usr/bin/arm-linux-gnueabihf-gcc
{% endif %}
{% if CONFIGURED_ARCH == "arm64" %}
RUN ln -s -f /usr/bin/gcc-8 /usr/bin/aarch64-linux-gnu-gcc
{% endif %}
# Dependencies of restore_neighbors.py
RUN pip3 install \
scapy==2.4.4 \
pyroute2==0.5.14 \
netifaces==0.10.9
{% if ( CONFIGURED_ARCH == "armhf" or CONFIGURED_ARCH == "arm64" ) %}
# Remove installed gcc
RUN apt-get remove -y gcc-8
{% endif %}
{% if docker_orchagent_debs.strip() -%}
# Copy locally-built Debian package dependencies
{{ copy_files("debs/", docker_orchagent_debs.split(' '), "/debs/") }}
# Install locally-built Debian packages and implicitly install their dependencies
{{ install_debian_packages(docker_orchagent_debs.split(' ')) }}
{%- endif %}
# Clean up
RUN apt-get purge -y \
build-essential \
python3-dev && \
apt-get clean -y && \
apt-get autoclean -y && \
apt-get autoremove -y && \
rm -rf /debs
COPY ["files/arp_update", "/usr/bin"]
COPY ["arp_update.conf", "files/arp_update_vars.j2", "/usr/share/sonic/templates/"]
COPY ["ndppd.conf", "/usr/share/sonic/templates/"]
COPY ["enable_counters.py", "tunnel_packet_handler.py", "/usr/bin/"]
COPY ["docker-init.sh", "orchagent.sh", "swssconfig.sh", "buffermgrd.sh", "/usr/bin/"]
COPY ["supervisord.conf", "/etc/supervisor/conf.d/"]
COPY ["files/supervisor-proc-exit-listener", "/usr/bin"]
COPY ["critical_processes", "/etc/supervisor/"]
# Copy all Jinja2 template files into the templates folder
COPY ["*.j2", "/usr/share/sonic/templates/"]
ENTRYPOINT ["/usr/bin/docker-init.sh"]