matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-03-20. You can view files and clone it, but cannot push or open issues or pull requests.
a582c13e98
sonic-buildimage/files/build_templates
History
Ze Gan 4068944202
[MACsec]: Set MACsec feature to be auto-start (#6678) 
1. Add supervisord as the entrypoint of docker-macsec
2. Add wpa_supplicant conf into docker-macsec
3. Set the macsecmgrd as the critical_process
4. Configure supervisor to monitor macsecmgrd
5. Set macsec in the features list
6. Add config variable `INCLUDE_MACSEC`
7. Add macsec.service

**- How to verify it**

Change the `/etc/sonic/config_db.json` as follow
```
{
    "PORT": {
        "Ethernet0": {
            ...
            "macsec": "test"
         }
    }
    ...
    "MACSEC_PROFILE": {
        "test": {
            "priority": 64,
            "cipher_suite": "GCM-AES-128",
            "primary_cak": "0123456789ABCDEF0123456789ABCDEF",
            "primary_ckn": "6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435",
            "policy": "security"
        }
    }
}
```
To execute `sudo config reload -y`, We should find the following new items were inserted in app_db of redis
```
127.0.0.1:6379> keys *MAC*
1) "MACSEC_EGRESS_SC_TABLE:Ethernet0:72152375678227538"
2) "MACSEC_PORT_TABLE:Ethernet0"
127.0.0.1:6379> hgetall "MACSEC_EGRESS_SC_TABLE:Ethernet0:72152375678227538"
1) "ssci"
2) ""
3) "encoding_an"
4) "0"
127.0.0.1:6379> hgetall "MACSEC_PORT_TABLE:Ethernet0"
 1) "enable"
 2) "false"
 3) "cipher_suite"
 4) "GCM-AES-128"
 5) "enable_protect"
 6) "true"
 7) "enable_encrypt"
 8) "true"
 9) "enable_replay_protect"
10) "false"
11) "replay_window"
12) "0"
```

Signed-off-by: Ze Gan <ganze718@gmail.com>
2021-02-23 13:22:45 -08:00
..
per_namespace [swss]: Clear MUX-related state DB tables on start (#6759) 2021-02-14 12:43:49 -08:00
share_image [ChassisDB]: bring up ChassisDB service (#5283) 2020-10-14 15:15:24 -07:00
arp_update_vars.j2 [swss] Enhance ARP Update to Call Sonic Cfggen Once (#5398) 2020-09-18 18:44:23 -07:00
buffers_config.j2 [Dynamic buffer calc] Support dynamic buffer calculation (#6194) 2020-12-13 11:35:39 -08:00
config-chassisdb.service.j2 [ChassisDB]: bring up ChassisDB service (#5283) 2020-10-14 15:15:24 -07:00
config-setup.service.j2 [config-setup]: create a SONiC configuration management service (#3227) 2019-12-04 07:15:58 -08:00
database.service.j2 Multi-ASIC implementation (#3888) 2020-03-31 10:06:19 -07:00
dhcp_relay.service.j2 [services] Remove explicit dependencies from dhcp_relay service file, control in swss.sh (#3823) 2019-11-26 16:59:45 -08:00
docker_image_ctl.j2 [baseimage]: Updates for Ebtables and support for multi-asic (#6542) 2021-01-27 08:36:10 -08:00
gbsyncd.service.j2 Add gearbox phy device files and a new physyncd docker to support VS gearbox phy feature (#4851) 2020-09-25 08:32:44 -07:00
iccpd.service.j2 MCLAG feature for SONIC (#2514) 2020-04-04 15:24:06 -07:00
init_cfg.json.j2 [MACsec]: Set MACsec feature to be auto-start (#6678) 2021-02-23 13:22:45 -08:00
kube_cni.10-flannel.conflist First cut image update for kubernetes support. (#5421) 2020-12-22 08:01:33 -08:00
lldp.service.j2 Changes for LLDP docker to support multi-npu platforms (#4530) 2020-05-11 11:05:44 -07:00
macsec.service.j2 [MACsec]: Set MACsec feature to be auto-start (#6678) 2021-02-23 13:22:45 -08:00
mgmt-framework.service.j2 [services][mgmt-framework] delay mgmt-framework service on boot (#5226) 2020-08-27 21:53:58 +03:00
mgmt-framework.timer [services][mgmt-framework] delay mgmt-framework service on boot (#5226) 2020-08-27 21:53:58 +03:00
nat.service.j2 [services] remove swss from WantedBy for nat service (#4991) 2020-07-19 21:50:26 -07:00
organization_extensions.sh Framework to plugin Organization specific scripts during ONIE Image build (#951) 2017-09-19 16:23:31 -07:00
pmon.service.j2 [psud]: Fix for psud crash because of database connection reset (#3647) 2020-01-10 13:26:04 -08:00
qos_config.j2 Make backend device checking more robust (#5730) 2020-11-10 15:06:35 -08:00
radv.service.j2 Move RADV fastboot handling to a service script (#5108) 2020-08-11 13:13:13 -07:00
restapi.service.j2 Start RestAPI container when sonic boots (#4140) 2020-02-12 16:38:45 -08:00
sflow.service.j2 [sflow] Fix race-condition seen with mVRF configured (#6102) 2020-12-03 01:33:10 -08:00
snmp.service.j2 [services] make snmp.timer work again and delay telemetry.service (#3742) 2019-12-16 09:07:05 -08:00
snmp.timer [build_templates]: Start SNMP timer after SWSS service (#6195) 2020-12-16 16:39:14 -08:00
sonic_debian_extension.j2 [pcie.yaml] Move pcie configuration file path to platform directory (#6475) 2021-02-21 08:27:37 -08:00
swss_vars.j2 Enable synchronous mode by default and add in minigraph parser (#5735) 2020-10-29 09:15:12 -07:00
telemetry.service.j2 [services] make snmp.timer work again and delay telemetry.service (#3742) 2019-12-16 09:07:05 -08:00
telemetry.timer [services] make snmp.timer work again and delay telemetry.service (#3742) 2019-12-16 09:07:05 -08:00
updategraph.service.j2 [config-setup]: create a SONiC configuration management service (#3227) 2019-12-04 07:15:58 -08:00