a41c15a329
- Create a script in the orchagent docker container which listens for these encapsulated packets which are trapped to CPU (indicating that they cannot be routed/no neighbor info exists for the inner packet). When such a packet is received, the script will issue a ping command to the packet's inner destination IP to start the neighbor learning process. - This script is also resilient to portchannel status changes (i.e. interface going up or down). An interface going down does not affect traffic sniffing on interfaces which are still up. When an interface comes back up, we restart the sniffer to start capturing traffic on that interface again.
81 lines
2.7 KiB
Django/Jinja
Executable File
81 lines
2.7 KiB
Django/Jinja
Executable File
{% from "dockers/dockerfile-macros.j2" import install_debian_packages, install_python_wheels, copy_files %}
|
|
FROM docker-config-engine-buster
|
|
|
|
ARG docker_container_name
|
|
RUN [ -f /etc/rsyslog.conf ] && sed -ri "s/%syslogtag%/$docker_container_name#%syslogtag%/;" /etc/rsyslog.conf
|
|
|
|
# Make apt-get non-interactive
|
|
ENV DEBIAN_FRONTEND=noninteractive
|
|
|
|
RUN apt-get update && \
|
|
apt-get install -f -y \
|
|
ifupdown \
|
|
arping \
|
|
iproute2 \
|
|
ndisc6 \
|
|
tcpdump \
|
|
libelf1 \
|
|
libmnl0 \
|
|
bridge-utils \
|
|
conntrack \
|
|
ndppd \
|
|
# Needed for installing netifaces Python package
|
|
build-essential \
|
|
python3-dev
|
|
|
|
{% if ( CONFIGURED_ARCH == "armhf" or CONFIGURED_ARCH == "arm64" ) %}
|
|
# Fix for gcc/python/iputils-ping not found in arm docker
|
|
RUN apt-get install -f -y python2.7 python2.7-dev
|
|
RUN apt-get install -y \
|
|
gcc-8 \
|
|
iputils-ping
|
|
{% endif %}
|
|
{% if CONFIGURED_ARCH == "armhf" %}
|
|
RUN ln -s -f /usr/bin/gcc-8 /usr/bin/arm-linux-gnueabihf-gcc
|
|
{% endif %}
|
|
{% if CONFIGURED_ARCH == "arm64" %}
|
|
RUN ln -s -f /usr/bin/gcc-8 /usr/bin/aarch64-linux-gnu-gcc
|
|
{% endif %}
|
|
|
|
# Dependencies of restore_neighbors.py
|
|
RUN pip3 install \
|
|
scapy==2.4.4 \
|
|
pyroute2==0.5.14 \
|
|
netifaces==0.10.9
|
|
|
|
{% if ( CONFIGURED_ARCH == "armhf" or CONFIGURED_ARCH == "arm64" ) %}
|
|
# Remove installed gcc
|
|
RUN apt-get remove -y gcc-8
|
|
{% endif %}
|
|
|
|
{% if docker_orchagent_debs.strip() -%}
|
|
# Copy locally-built Debian package dependencies
|
|
{{ copy_files("debs/", docker_orchagent_debs.split(' '), "/debs/") }}
|
|
|
|
# Install locally-built Debian packages and implicitly install their dependencies
|
|
{{ install_debian_packages(docker_orchagent_debs.split(' ')) }}
|
|
{%- endif %}
|
|
|
|
# Clean up
|
|
RUN apt-get purge -y \
|
|
build-essential \
|
|
python3-dev && \
|
|
apt-get clean -y && \
|
|
apt-get autoclean -y && \
|
|
apt-get autoremove -y && \
|
|
rm -rf /debs
|
|
|
|
COPY ["files/arp_update", "/usr/bin"]
|
|
COPY ["arp_update.conf", "files/arp_update_vars.j2", "/usr/share/sonic/templates/"]
|
|
COPY ["ndppd.conf", "/usr/share/sonic/templates/"]
|
|
COPY ["enable_counters.py", "tunnel_packet_handler.py", "/usr/bin/"]
|
|
COPY ["docker-init.sh", "orchagent.sh", "swssconfig.sh", "buffermgrd.sh", "/usr/bin/"]
|
|
COPY ["supervisord.conf", "/etc/supervisor/conf.d/"]
|
|
COPY ["files/supervisor-proc-exit-listener", "/usr/bin"]
|
|
COPY ["critical_processes", "/etc/supervisor/"]
|
|
|
|
# Copy all Jinja2 template files into the templates folder
|
|
COPY ["*.j2", "/usr/share/sonic/templates/"]
|
|
|
|
ENTRYPOINT ["/usr/bin/docker-init.sh"]
|