Merge commit #2
Merged
Merge commit #2
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…6130) Refactor determine-reboot cause code. Fix errors seen during determine-reboot-cause when sonic_platform package is not installed. Add error handling for healthd service when sonic_platform package is not installed. Tested on KVM where sonic_platform is not present, and the errors are not seen anymore in syslog.
- Why I did it To upgrade brcm syncd to buster - How I did it Updated BCM SAI using kernel version 4.19.0-12 and debian 10 to support buster. Updated syncd docker from stretch to buster in sonic-buildimage - How to verify it Ensured docker is running synd buster. After upgrade, ensured all BGP peers and ip interfaces are up. Ping to BGP neighbors is working fine.
…ostcfgd (#6232) - Why I did it The change is done to make sure the system initialization is done before updating the feature states - How I did it use the command "systemctl is-system-running --wait" to wait till system has finished booting up before updating the feature states
Doxygen https://github.com/opencomputeproject/SAI/blob/master/Makefile#L23 SAI submodule in libsairedis builds meta using doxygen Debian buster doxygen for ARMHF (32bit) fails to recursively read subdirectories to parse the header files. This issue is described at https://bugs.launchpad.net/qemu/+bug/1805913 The solution to this is to add FILE_OFFSET_BITS to 64 as desribed at https://bugzilla.kernel.org/show_bug.cgi?id=205957 This issue is not seen in stretch which has glibc 2.24 and is seen only on buster which has glibc version 2.28. The above bugs needs to be tracked to get rid of this PR change, once debian moves forward to next version. This PR addresses the readdir() issue for 32bit arch, by adding cflag _FILE_OFFSET_BITS=64 through cmake definition to the doxygen source downloaded from the debian buster. Signed-off-by: Antony Rheneus <arheneus@marvell.com>
Upgrading the reference for the Python GNMI tool repository. The commit for the new payload Co-authored-by: Murat Acikgoz <muacikgo@microsoft.com>
The openssh build fails to retrieve dependent debian packages when operating behind a proxy server.
…t path of rootfs (#6040) Certain platform specific packages sonic-platform-xyz, installs files onto rootfs, which would be placed on read-write mount path on /host/image-name/rw/... when ntpd starts it tries to do read access on /usr/bin /usr/sbin/ /usr/local/bin , which inturn links further to the read-write mount path also. Where ntpd would get below Apparmor Warning message LOG:- audit: type=1400 audit(1606226503.240:21): apparmor="DENIED" operation="open" profile="/usr/sbin/ntpd" name="/image-HEAD-dirty-20201111.173951/rw/usr/local/bin/" pid=3733 comm="ntpd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 audit: type=1400 audit(1606226503.240:22): apparmor="DENIED" operation="open" profile="/usr/sbin/ntpd" name="/image-HEAD-dirty-20201111.173951/rw/usr/sbin/" pid=3733 comm="ntpd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 audit: type=1400 audit(1606226503.240:23): apparmor="DENIED" operation="open" profile="/usr/sbin/ntpd" name="/image-HEAD-dirty-20201111.173951/rw/usr/bin/" pid=3733 comm="ntpd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Fix: Add rw/.. mount path similar to root path access provided for ntpd in /etc/apparmor.d/usr.sbin.ntpd Signed-off-by: Antony Rheneus <arheneus@marvell.com>
…lts in orchagent crash (#6244)
- Why I did it In some build machine, it may be not able to run as root during the build, only has root authority in docker containers. - How I did it Remove the sudo in Makefile - How to verify it cd src/sonic-build-hooks make all
This reverts commit 07b4aaf.
)" This reverts commit 55a7075.
To copy telemetry certificate during image upgrade from previous image to new image
Looks like we have redefinition of BUFFER_POOL_WATERMARK_KEY to BUFFER_POOL_WATERMARK, so DPB fall. https://github.com/Azure/sonic-swss/blob/c7ee75f0b92e3bbbd34938fb6ceca50f0491b5f9/orchagent/flexcounterorch.cpp#L18 #define BUFFER_POOL_WATERMARK_KEY "BUFFER_POOL_WATERMARK" unordered_map<string, string> flexCounterGroupMap = { {"PORT", PORT_STAT_COUNTER_FLEX_COUNTER_GROUP}, {"PORT_RATES", PORT_RATE_COUNTER_FLEX_COUNTER_GROUP}, {"PORT_BUFFER_DROP", PORT_STAT_COUNTER_FLEX_COUNTER_GROUP}, {"QUEUE", QUEUE_STAT_COUNTER_FLEX_COUNTER_GROUP}, {"PFCWD", PFC_WD_FLEX_COUNTER_GROUP}, {"QUEUE_WATERMARK", QUEUE_WATERMARK_STAT_COUNTER_FLEX_COUNTER_GROUP}, {"PG_WATERMARK", PG_WATERMARK_STAT_COUNTER_FLEX_COUNTER_GROUP}, {BUFFER_POOL_WATERMARK_KEY, BUFFER_POOL_WATERMARK_STAT_COUNTER_FLEX_COUNTER_GROUP},
Aspell check in sairedis SAI submodule in armhf(32-bit) fails with lang dictionary not found error. (https://github.com/opencomputeproject/SAI/blob/master/meta/style.pm#L58) This issue is described at https://bugs.launchpad.net/qemu/+bug/1805913 and similar to #6239 Re-installing aspell language dictionary in slave docker resolves this issue. Signed-off-by: Sabareesh Kumar Anandan <sanandan@marvell.com>
[vs] Add workaround for clean up macsec ports (#752) [logfile]: Add handling of Sairedis rec filename (#747) Update README.md [meta] Fix stat_mode enums to sai_bulk_op_error_mode_t (#753) [syncd][tests] Add syncd deprecated attribute value test (#751) [vs] Skip MACsec clean up if /sbin/ip is not accessible (#750) Configure enable -Wcast-align=strict when supported by compiler (#749) [syncd] Translate depreacated attr enum values to new ones (#746) [sairedis]vs SAI support for voq neighbor (#725) [syncd] Translate removed RIDs in fdb notification (#734) [syncd] Move syncd classes to syncd namespace (#742) [vs] Use /sbin/ip absolute path for ip command in MACsecManager (#744) [saidiscovery] Update saidiscovery to use VendorSai object and metadata (#736) Remove Winline warning since it depends on external headers (#741) [meta] Enable strict cast-align warning (#738) [vs] Use meta class instead info when using unittests (#740) [vs] Support flush entry type all on virtual switch (#735) [vslib]: Add MACsec state to state base (#722) [README.md] Update installation steps (#730) Switch Capability support (#728) [vs] Fail switch create when warm boot requested and no warm boot state (#739) Dynamic Port breakout fix the crash, port down event processing after<80> (#727) Code clean (#721) Signed-off-by: Sabareesh Kumar Anandan <sanandan@marvell.com>
…anox SDK/SAI (#6218) * [Mellanox] Update SAI to 1.18.0 * [Mellanox] Update SDK to 4.4.2112 * Updated Mellanox SAI to 1.18.0.2 * Updated bcmsai debians to use SAI 1.7.1 * Updated Mellanox to use SAI 1.7.1 * Updated submodule sonic-sairedis using SAI 1.7.1 Co-authored-by: Vineet Mittal <vmittalmittal@microsoft.com> Co-authored-by: Nazarii Hnydyn <nazariig@nvidia.com>
Added source interface support for NTP. Also made NTP start on Mgmt-VRF by default when configured. **- How I did it** 1) Updated hostcfg to listen to global config NTP and NTP_SERVER tables and restart ntp when ever the configuration changes. NTP table includes source interface configuration. 2) The ntp script updated to by default start on Mgmt-VFT when configured. Signed-off-by: Prabhu Sreenivasan <prabhu.sreenivasan@broadcom>
…lable (#6266) - Why I did it Latest master image crashes when loading minigraph Fixing #6265 - How I did it Avoid converting 'None' to ipaddress. - How to verify it On a system crashing with the issue, manually patch minigraph.py with the change in PR and load minigraph succeeded. Signed-off-by: Ying Xie ying.xie@microsoft.com
Updated sai deb version to v1.7.1 for marvell platforms. Signed-off-by: Sabareesh Kumar Anandan <sanandan@marvell.com>
Implementation of sample streaming mode (#49) Co-authored-by: Murat Acikgoz <muacikgo@microsoft.com>
* First cut image update for kubernetes support.
With this,
1) dockers dhcp_relay, lldp, pmon, radv, snmp, telemetry are enabled
for kube management
init_cfg.json configure set_owner as kube for these
2) Each docker's start.sh updated to call container_startup.py to register going up
As part of this call, it registers the current owner as local/kube and its version
The images are built with its version ingrained into image during build
3) Update all docker's bash script to call 'container start/stop/wait' instead of 'docker start/stop/wait'.
For all locally managed containers, it calls docker commands, hence no change for locally managed.
4) Introduced a new ctrmgrd service, that helps with transition between owners as kube & local and carry over any labels update from STATE-DB to API server
5) hostcfgd updated to handle owner change
6) Reboot scripts are updatd to tag kube running images as local, so upon reboot they run the same image.
7) Added kube_commands.py to handle all updates with Kubernetes API serrver -- dedicated for k8s interaction only.
Fix specific version for mmh3 for python2 and python3 and Add pyang for python3
Return 'False' when unsupported led color is requested, preventing an exception. Signed-off-by: Shlomi Bitton <shlomibi@nvidia.com>
[DellEMC-Z9332f] Fix platform issues * Change to optoe driver * fix API 2.0 issues * Support reboot reason
Signed-off-by: Guohan Lu <lguohan@gmail.com>
I notice that I rerun a failed job (not the stages), the nfs store is already cleaned by previous failed jobs.
Signed-off-by: Guohan Lu <lguohan@gmail.com>
azure pipepline does not allow upload same artifacts again. thus, use job.attempt to uniquely name the test artifacts Signed-off-by: Guohan Lu <lguohan@gmail.com>
Some commands used during build will prompt user interactively, but this is not expected during build. Since most output is collected into log file, user could not see the prompt and feel the build process hangs. - How I did it Use mv command in non interactive mode Redirect stdin to null if command output is collected into log file.
…l module to 6.5.21 (#6526) BCMSAI 4.3.0.10, 6.5.21 SDK release with enhancements and fixes for vxlan, TD3 MMU, TD4-X9 EA support, etc.
**- Why I did it** sonic-utilities will become dependent upon sonic-platform-common as of sonic-net/sonic-utilities#1386. **- How I did it** - Add sonic-platform-common as a dependency in docker-sonic-vs.mk - Additionally, no longer install Python 2 packages of swsssdk and sonic-py-common, as they should no longer be needed.
RCE resolved in new version yaml/pyyaml#420
Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com> - Why I did it The command sudo ip netns identify <pid> is used in function get_current_namespace to check in the cli command is running in host context or within a namespace. This function is used for every CLI command and command sudo ip netns identify <pid> needs to be added in sudoer files to allow users with RO access to run show cli commands This problem is not there on single asic platforms. - How I did it Add ip netns identify [0-9]* to sudoers file.
This reverts commit 470ed18.
fixes sonic-net/sonic-utilities#1389 With the recent changes in sudoer files. The show commands fails for the read-only users. The problem here is the 'docker ps' is failing in the function [get_routing_stack()](https://github.com/Azure/sonic-utilities/blob/8a1109ed30576f0287fcd98a4349617f7fb55700/show/main.py#L54) therefore all the CLI commands are failing. Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
* 832815e 2021-01-28 | [orchagent]: Add MACsec Orchagent (#1474) (HEAD, origin/master, origin/HEAD) [Ze Gan] * dd4e409 2021-01-28 | [MACsecMgr]: Add MACsec Manager (#1475) [Ze Gan] * 91e231c 2021-01-28 | [portsorch] Configure hostif tagging for subports (#1573) [Vitaliy Senchyshyn] * 008325c 2021-01-29 | [PortsOrch] Add reference counting to ports for ACL bindings (#1614) [chaoskao] * bbd2ca6 2021-01-28 | [crm]: Ignore unsupported/non-implemented switch attributes (#1613) [Prabhu Sreenivasan] Signed-off-by: Guohan Lu <lguohan@gmail.com>
**- Why I did it** As per https://pypi.org/project/pip/ pip 21.0 does not not support Python 2 from Jan 2021. Most places in the codebase have already been pinned, but this one was missed. **- How I did it** Pin pip2 < version 21 in build_debian.sh
This update includes the following changes > [syncd armhf] Fix syncd crash when running community test suites (#777) > Revert "[tests]:Add unittest for MACsec on p2p establishment (#771)" > [tests]:Add unittest for MACsec on p2p establishment (#771) > [tests] Enable azure pipeline make check to respect unittests (#760)
…Us (#6415) Update Tunnel and ECMP parameters for brcm 7050cx3 48x50G+8x100G and 32x100G SKUs. signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
To improve python3 support of berefoot's sonic_platform Signed-off-by: Volodymyr Boyko <volodymyrx.boiko@intel.com>
…tool: not found (#6615) Starting with BRCM SAI 4.3.1.5 we see the following :ethtool not fount" error in syslog during boot up: ``` Jan 27 07:36:14.712472 str-s6100-acs-1 INFO syncd#/supervisord: syncd sh: 1: Jan 27 07:36:14.712844 str-s6100-acs-1 INFO syncd#/supervisord: syncd ethtool: not found Jan 27 07:36:14.713228 str-s6100-acs-1 INFO syncd#/supervisord: syncd #15 Jan 27 07:36:14.713840 str-s6100-acs-1 INFO syncd#syncd: [0] SAI_API_HOSTIF:_brcm_sai_hostif_speed_set:11894 cmd ethtool -s Ethernet39 speed 40000 rc:32512 Jan 27 07:36:14.717204 str-s6100-acs-1 NOTICE swss#orchagent: :- setHostIntfsOperStatus: Set operation status DOWN to host interface Ethernet39 Jan 27 07:36:14.717204 str-s6100-acs-1 NOTICE swss#orchagent: :- initPort: Initialized port Ethernet39 Jan 27 07:36:14.717204 str-s6100-acs-1 NOTICE swss#orchagent: :- initializePort: Initializing port alias:Ethernet36 pid:1000000000040 Jan 27 07:36:14.726793 str-s6100-acs-1 NOTICE swss#portsyncd: :- onMsg: nlmsg type:16 key:Ethernet36 admin:0 oper:0 addr:4c:76:25:f5:48:80 ifindex:75 master:0 Jan 27 07:36:14.727967 str-s6100-acs-1 NOTICE swss#portsyncd: :- onMsg: Publish Ethernet36(ok) to state db Jan 27 07:36:14.729331 str-s6100-acs-1 NOTICE swss#orchagent: :- addHostIntfs: Create host interface for port Ethernet36 Jan 27 07:36:14.752398 str-s6100-acs-1 INFO syncd#/supervisord: syncd sh: 1: ethtool: not found#015 Jan 27 07:36:14.752689 str-s6100-acs-1 INFO syncd#syncd: [0] SAI_API_HOSTIF:_brcm_sai_hostif_speed_set:11894 cmd ethtool -s Ethernet36 speed 40000 rc:32512 Jan 27 07:36:14.756050 str-s6100-acs-1 NOTICE swss#orchagent: :- setHostIntfsOperStatus: Set operation status DOWN to host interface Ethernet36 Jan 27 07:36:14.757585 str-s6100-acs-1 NOTICE swss#orchagent: :- initPort: Initialized port Ethernet36 ``` It seems that starting with BRCM SAI 4.2.1.5 syncd is using ethtool to set the host interface speed and since this ethtool was not part of the syncd Docker, we observe these "ethtool not found" issue.
Signed-off-by: Guohan Lu <lguohan@gmail.com>
…ware path (#6611) BRCM SDK 6.5.21 includes firmware updates (premier cancun) for TD3 platforms. The firmware update is required on TD3 platforms, which is packaged with BCMSAI 4.3.0.10. **- How I did it** Updated BCM config with a new variable that specifies the firmware package path. SDK uses this path to locate firmware packages and load during cold boot. **- How to verify it** bsv BRCM SAI ver: [4.3.0.10], OCP SAI ver: [1.7.1], SDK ver: [sdk-6.5.21] CANCUN ver: [5.3.3] drivshell> admin@str2-7050cx3-acs-02:~$ bcmsh Press Enter to show prompt. Press Ctrl+C to exit. NOTICE: Only one bcmsh or bcmcmd can connect to the shell at same time. drivshell>cancun stat cancun stat UNIT0 CANCUN: CIH: LOADED Ver: 06.06.01 CMH: LOADED Ver: 06.06.01 SDK Ver: 06.05.21 CCH: LOADED Ver: 06.06.01 SDK Ver: 06.05.21 CEH: LOADED Ver: 06.06.01 SDK Ver: 06.05.21 drivshell>
Signed-off-by: Guohan Lu <lguohan@gmail.com>
Signed-off-by: Guohan Lu <lguohan@gmail.com>
**- Why I did it** In thermalctd, when speed of fan exceeds threshold, the fan status will be saved as "bad". So in system health, it is better to check fan speed before fan status. In this case, if fan speed exceeds threshold, we get more detailed information. **- How I did it** Move fan speed check logic before fan status check **- How to verify it** Manual test
…cd-rpc docker on buster (#6448) - Why I did it Fix issue: ptf_nn_agent isn't able to start in syncd-rpc docker on buster. - How I did it The issue is fixed by installing python-dev, cffi and nnpy for python 2 explicitly. - How to verify it Run copp test on RPC image.
1. BRCM SAI Debian build need not have any Kernel version dependency - Starting with 4.3 BRCM made changes in SAI so that this dependency has been cleaned up. We can now remove the Kernel Version dependency from Azure Pipeline build script. 2. Bypass PEER_MODE p2mp setting causing SYNCd crash on non-TD3 SKUs - Temporarily patch BRCM SAI code to not cause SYNCd crash when Orchagent program SAI_TUNNEL_ATTR_PEER_MODE: SAI_TUNNEL_PEER_MODE_P2MP on Non-TD3 SKUs. Will remove this when BRCM provide proper fix to address this issue.
snmpd's compile is always failed with file truncated on ARM64 arch, the error log is like "/usr/bin/ld: mibgroup/ip-forward-mib/inetCidrRouteTable/.libs/inetCidrRouteTable_interface.o: file not recognized: file truncated" Co-authored-by: Xianghong Gu <xgu@centecnetworks.com>
introduce run-test template Signed-off-by: Guohan Lu <lguohan@gmail.com>
Signed-off-by: Guohan Lu <lguohan@gmail.com>
liat-grozovik
pushed a commit
that referenced
this pull request
Feb 17, 2021
This update brings in the following commits. 86c1108 Enable arm architecture to build in addition to amd64 (sonic-net#37) 4acb2c3 fix bugs and enhance Transformer (sonic-net#35) 49e5a22 ygot related enhancements and fixes (sonic-net#34) 51224de Fix ietf yang search path for cvl schema builds (sonic-net#32) 3c6cdb3 CVL Changes sonic-net#8: 'must' and 'when' expression evaluation (sonic-net#31) dabf231 CVL Changes sonic-net#7: 'leafref' evaluation (sonic-net#28) 6f9535f CVL Changes sonic-net#6: Customized Xpath Engine integration (sonic-net#27) 5e2466b DB-Layer fixes/enhancements (sonic-net#26) 9a27302 CVL Changes sonic-net#4: Implementation of new CVL APIs (sonic-net#22) dbf1093 Translib support for authorization, yang versioning and Delete flag (sonic-net#21) 80f369e CVL Changes sonic-net#5: YParser enhancement (sonic-net#23) 904ce18 CVL Changes #3: Multi-db instance support (sonic-net#20) 9d24a34 CVL Changes #2: YValidator infra changes for evaluating xpath expression (sonic-net#19) f3fc40f CVL Changes #1: Initial CVL code reorganization and common infra changes (sonic-net#18) 4922601 Bulk and RPC API support in translib (sonic-net#16) 1d730df RFC7895 yang module library implementation (sonic-net#15)
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
- What I did
- How I did it
- How to verify it
- Description for the changelog
- A picture of a cute animal (not mandatory but encouraged)