sonic-buildimage/files/build_templates/init_cfg.json.j2
Junchao-Mellanox e631f426f4
[infra] Support syslog rate limit configuration (#12490) (#13535)
Backport of https://github.com/sonic-net/sonic-buildimage/pull/12490 into 202211

- Why I did it
Support syslog rate limit configuration feature

- How I did it
Remove unused rsyslog.conf from containers
Modify docker startup script to generate rsyslog.conf from template files
Add metadata/init data for syslog rate limit configuration

- How to verify it
Manual test
New sonic-mgmt regression cases
2023-01-30 20:11:44 +02:00

138 lines
7.3 KiB
Django/Jinja

{
"DEVICE_METADATA": {
"localhost": {
"buffer_model": {% if default_buffer_model == "dynamic" %}"dynamic"{% else %}"traditional"{% endif %},
{%- if include_p4rt == "y" %}"synchronous_mode":"enable",{% endif %}
"default_bgp_status": {% if shutdown_bgp_on_start == "y" %}"down"{% else %}"up"{% endif %},
"default_pfcwd_status": {% if enable_pfcwd_on_start == "y" %}"enable"{% else %}"disable"{% endif %}
}
},
"CRM": {
"Config": {
"polling_interval": "300",
{%- for crm_res in ["ipv4_route", "ipv6_route", "ipv4_nexthop", "ipv6_nexthop", "ipv4_neighbor",
"ipv6_neighbor", "nexthop_group_member", "nexthop_group", "acl_table",
"acl_group", "acl_entry", "acl_counter", "fdb_entry", "snat_entry", "dnat_entry",
"ipmc_entry", "mpls_inseg", "mpls_nexthop"] %}
"{{crm_res}}_threshold_type": "percentage",
"{{crm_res}}_low_threshold": "70",
"{{crm_res}}_high_threshold": "85"{% if not loop.last %},{% endif -%}
{% endfor %}
}
},
"FLEX_COUNTER_TABLE": {
"ACL": {
"FLEX_COUNTER_STATUS": "enable",
"FLEX_COUNTER_DELAY_STATUS": "true",
"POLL_INTERVAL": "10000"
}
},
"BGP_DEVICE_GLOBAL": {
"STATE": {
"tsa_enabled": "false"
}
},
{%- set features = [("bgp", "{% if not DEVICE_RUNTIME_METADATA['ETHERNET_PORTS_PRESENT'] or ('CHASSIS_METADATA' in DEVICE_RUNTIME_METADATA and DEVICE_RUNTIME_METADATA['CHASSIS_METADATA']['module_type'] in ['supervisor']) %}disabled{% else %}enabled{% endif %}", false, "enabled"),
("database", "always_enabled", false, "always_enabled"),
("lldp", "enabled", true, "enabled"),
("pmon", "enabled", true, "enabled"),
("pmon", "enabled", false, "enabled"),
("radv", "enabled", false, "enabled"),
("snmp", "enabled", true, "enabled"),
("eventd", "enabled", false, "enabled"),
("swss", "enabled", false, "enabled"),
("syncd", "enabled", false, "enabled"),
("teamd", "{% if not DEVICE_RUNTIME_METADATA['ETHERNET_PORTS_PRESENT'] %}disabled{% else %}enabled{% endif %}", false, "enabled")] %}
{% do features.append(("dhcp_relay", "{% if not (DEVICE_METADATA is defined and DEVICE_METADATA['localhost'] is defined and DEVICE_METADATA['localhost']['type'] is defined and DEVICE_METADATA['localhost']['type'] is not in ['ToRRouter', 'EPMS', 'MgmtTsToR', 'MgmtToRRouter', 'BmcMgmtToRRouter']) %}enabled{% else %}disabled{% endif %}", false, "enabled")) %}
{%- if sonic_asic_platform == "vs" %}{% do features.append(("gbsyncd", "enabled", false, "enabled")) %}{% endif %}
{%- if include_iccpd == "y" %}{% do features.append(("iccpd", "disabled", false, "enabled")) %}{% endif %}
{%- if include_mgmt_framework == "y" %}{% do features.append(("mgmt-framework", "enabled", true, "enabled")) %}{% endif %}
{%- if include_mux == "y" %}{% do features.append(("mux", "{% if 'subtype' in DEVICE_METADATA['localhost'] and DEVICE_METADATA['localhost']['subtype'] == 'DualToR' %}enabled{% else %}always_disabled{% endif %}", false, "enabled")) %}{% endif %}
{%- if include_nat == "y" %}{% do features.append(("nat", "disabled", false, "enabled")) %}{% endif %}
{%- if include_p4rt == "y" %}{% do features.append(("p4rt", "disabled", false, "enabled")) %}{% endif %}
{%- if include_restapi == "y" %}{% do features.append(("restapi", "enabled", false, "enabled")) %}{% endif %}
{%- if include_sflow == "y" %}{% do features.append(("sflow", "disabled", false, "enabled")) %}{% endif %}
{%- if include_macsec == "y" %}{% do features.append(("macsec", "{% if 'type' in DEVICE_METADATA['localhost'] and DEVICE_METADATA['localhost']['type'] == 'SpineRouter' and DEVICE_RUNTIME_METADATA['MACSEC_SUPPORTED'] %}enabled{% else %}disabled{% endif %}", false, "enabled")) %}{% endif %}
{%- if include_system_telemetry == "y" %}{% do features.append(("telemetry", "enabled", true, "enabled")) %}{% endif %}
"FEATURE": {
{# has_timer field if set, will start the feature systemd .timer unit instead of .service unit #}
{%- for feature, state, has_timer, autorestart in features %}
"{{feature}}": {
"state": "{{state}}",
"has_timer" : {{has_timer | lower()}},
"has_global_scope": {% if feature + '.service' in installer_services.split(' ') %}true{% else %}false{% endif %},
{%- if feature in ["lldp"] %}
"has_per_asic_scope": {% raw %}"{% if not DEVICE_RUNTIME_METADATA['ETHERNET_PORTS_PRESENT'] or ('CHASSIS_METADATA' in DEVICE_RUNTIME_METADATA and DEVICE_RUNTIME_METADATA['CHASSIS_METADATA']['module_type'] in ['supervisor']) %}False{% else %}True{% endif %}"{% endraw %},
{%- else %}
"has_per_asic_scope": {% if feature + '@.service' in installer_services.split(' ') %}"True"{% else %}"False"{% endif %},
{%- endif %}
"auto_restart": "{{autorestart}}",
"support_syslog_rate_limit" : "true",
{# Set check_up_status to true here when app readiness will be marked in state db #}
{# For now, to support the infrastrucure, setting the check_up_status to false for bgp,swss,pmon #}
{# Once apps like bgp,synd supports app readiness, then bgp,syncd can set check_up_status to true #}
{%- if feature in ["bgp", "swss", "pmon"] %}
"check_up_status" : "false",
{%- endif %}
{%- if include_kubernetes == "y" %}
{%- if feature in ["lldp", "pmon", "radv", "eventd", "snmp", "telemetry"] %}
"set_owner": "kube", {% else %}
"set_owner": "local", {% endif %} {% endif %}
"high_mem_alert": "disabled"
}{% if not loop.last %},{% endif -%}
{% endfor %}
},
"AUTO_TECHSUPPORT": {
"GLOBAL": {
{%- if enable_auto_tech_support == "y" %}
"state" : "enabled", {% else %}
"state" : "disabled", {% endif %}
"rate_limit_interval" : "180",
"max_techsupport_limit" : "10.0",
"max_core_limit" : "5.0",
"available_mem_threshold": "10.0",
"min_available_mem": "200",
"since" : "2 days ago"
}
},
"AUTO_TECHSUPPORT_FEATURE": {
{%- for feature, _, _, _ in features %}
"{{feature}}": {
{%- if enable_auto_tech_support == "y" %}
"state" : "enabled", {% else %}
"state" : "disabled", {% endif %}
"rate_limit_interval" : "600",
"available_mem_threshold": "10.0"
}{%if not loop.last %},{% endif -%}
{% endfor %}
},
"SYSLOG_CONFIG": {
"GLOBAL": {
"rate_limit_interval" : "0",
"rate_limit_burst" : "0"
}
},
"SYSLOG_CONFIG_FEATURE": {
{%- for feature, _, _, _ in features %}
"{{feature}}": {
"rate_limit_interval" : "300",
"rate_limit_burst": "20000"
}{%if not loop.last %},{% endif -%}
{% endfor %}
},
"PASSW_HARDENING": {
"POLICIES":{
"state": "disabled",
"expiration": "180",
"expiration_warning": "15",
"history_cnt": "10",
"len_min": "8",
"reject_user_passw_match": "true",
"lower_class": "true",
"upper_class": "true",
"digits_class": "true",
"special_class": "true"
}
}
}