[submodule] Update submodule for sonic-mgmt-common #10665
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fix support for DHCPV6 Relay multi vlan functionality. Make sure the relayed packet is received at correct interface. How I did it Bind a socket to each vlan interface's global and link-local address. Socket binded to global address is used for relaying data from client to server and receiving data from servers. Socket binded to link-local address is used for relaying data received from server back to the client.
- add a new service "mark_dhcp_packet" to mux container - apply packet marks on a per-interface basis in ebtables - write packet marks to "DHCP_PACKET_MARK" table in state_db
- update DHCP_PACKET_MARK schema in state_db - this is an update over PR: Add service mark_dhcp_packet to mux container sonic-net#9015
9dd3025 2021-05-11 | [Command-Reference.md] Document new SNMP show and config commands (sonic-net#1600) [Travis Van Duyn] be40767 2021-05-05 | [show][config] Add new snmp commands (sonic-net#1347) [Travis Van Duyn]
…y triggered/restored when pause frames are sent continuously to both queues of a port (sonic-net#9296) 1. CS00012211718 [4.3] Pfcwd getting continuously triggered/restored when pause frames are sent continuously to both queues of a port (TD2/Th/Th2/TD3) MSFT Default Preliminary tests look fine. BGP neighbors were all up with proper routes programmed interfaces are all up Manually ran the following test cases on 7050CX3 (TD3) T0 DUT and all passed: ``` fib/test_fib.py vxlan/test_vxlan_decap.py fdb/test_fdb.py decap/test_decap.py ipfwd/test_dip_sip.py ipfwd/test_dir_bcast.py acl/test_acl.py vlan/test_vlan.py platform_tests/test_reboot.py ```
6f198d0 (HEAD -> 202012, origin/202012) [Y-Cable][Broadcom] upgrade to support Broadcom Y-Cable API to release (sonic-net#230) 1c3e422 SSD Health: Retrieve SSD health and temperature values from generic SSD info (sonic-net#229) Signed-off-by: vaibhav-dahiya <vdahiya@microsoft.com>
c31a362 - 2021-11-18 : [202012][Mux orch] set default as standby, change mux orch priority (sonic-net#2015) [Prince Sunny] 9a9e8e6 - 2021-11-18 : [202012] Check VS test failure (sonic-net#2033) [Prince Sunny] 7eaabca - 2021-11-11 : [202012] Fix random failure in PR/CI build. (sonic-net#2016) [Shilong Liu] 85230fe - 2021-11-04 : [orchagent] Fix group name of port-buffer-drop in flexcounterorch.cpp (sonic-net#1967) [Junchao-Mellanox] a55c2ca - 2021-11-03 : [teammgrd]: Handle LAGs cleanup gracefully on Warm/Fast reboot. (sonic-net#1934) [Nazarii Hnydyn]
In azure pipeline template 'set -e' not works as expected.
[cherry-pick PR sonic-net#9123 ] Why I did it When sshd realizes that this login can't succeed due to internal device state or configuration, instead of failing right there, it proceeds to prompt for password, so as the user does not get any clue on where is the failure point. Yet to ensure that this login does not proceed, sshd replaces user provided password with a specific pattern of characters matching length of user provided password. This pattern is "<BS><LF><CR><DEL>INCORRECT", which is bound to fail. If user provided length is smaller/equal, the substring of pattern is overwritten. If user provided length is greater, the pattern is repeated until length is exhausted. But if the PAM-tacacs plugin would send this password to AAA, the user could get locked out by AAA, for providing incorrect value. How I did it Hence this fix, matches obtained password against the pattern. If match, fail just before reaching AAA server. How to verify it Make sure tacacs is properly configured. Try logging in as, say "user-A"; ensure it succeeds Pick another user, say user-B and ensure this user has not logged into this device before (look into /etc/passed & folders under /home) Disable monit service (as that could fix the issue using disk_check.py) Start TCP dump for all TACACS servers. Simulate Read-only disk Try logging in using user-B. Verify it fails, after 3 attempts Stop tcp dump. TCP dump should show "authentication" for user-A only
Submodule update for sonic-utilities with following change: ec9e5ee Backport [generate_dump] remove secrets from dump files sonic-net#1886 to 202012 (sonic-net#1938) ce3b856 [fdbshow]: Handle FDB cleanup gracefully. (sonic-net#1926) 1437bf2 [202012] Add DHCPv6 Relay counter and ipv6 helper CLI (sonic-net#1917)
The recent release of redis 4.0.0 or newer (for python3) breaks sonic-config-engine unit test. Fix to last known good version. ref: https://pypi.org/project/redis/#history
…iberStateTable (sonic-net#9228) #### Why I did it Backporting sonic-net#8861 to 202012
…nit activation delay (sonic-net#8896) #### Why I did it With current code the delay will take place even if simple 'config reload' command executed and this is not desired. This delay should be used only when fast-rebooting. #### How I did it Change the type of delay to OnBootSec instead of OnActiveSec. #### How to verify it Fast-reboot with this PR and observe the delay. Run 'config-reload' command and observe no delay is running.
When we update the a sai package downing from a remote server, we need to update the version file as well currently, but the reproducible build feature is not enabled in master, it can only be detected when merging the code into the release branches, such as 202106, 202012, etc. The reproducible feature is to reduce the build failure, not need to break the build when the version not specified. If version not specified, the best choice is to accept the version from remote server. Co-authored-by: Ubuntu <xumia@xumia-vm1.jqzc3g5pdlluxln0vevsg3s20h.xx.internal.cloudapp.net>
Update sonic-sairedis submodule to get the below fixes: 7389704 [202012] Add ACL_TABLE object to break before make list (sonic-net/sonic-sairedis#971) f334349 Fix hung issue when installing linux kernel modules (sonic-net/sonic-sairedis#969)
Submodule update for sonic-linkmgrd Incorporates: c11a576 (2021-11-22 09:38:46) [ci]: show code coverage in azure pipeline (#4) 4ceb01d (2021-11-18 20:24:20) Fix MUX toggling issue (#1) d640527 (2021-11-12 22:31:44) [ci]: fix artifact download b9f247d (2021-11-12 22:31:44) [ci]: use native arm64/armhf build 3059122 (2021-09-27 11:32:23) [linkgrd] Add Missing Apache License Header signed-off-by: Jing Zhang zhangjing@microsoft.com
…tus via monit (sonic-net#9367) Backport sonic-net#9068 to 202012 #### Why I did it Command `monit summary -B` can no longer display the status for each critical process, system-health should not depend on it and need find a way to monitor the status of critical processes. The PR is to address that. monit is still used by system-health to do file system check as well as customize check. #### How I did it 1. Get container names from FEATURE table 2. For each container, collect critical process names from file critical_processes 3. Use “docker exec -it <container_name> bash -c ‘supervisorctl status’” to get processes status inside container, parse the output and check if any critical processes exit #### How to verify it 1. Add unit test case to cover it 2. Adjust sonic-mgmt cases to cover it 3. Manual test
Why I did it Support marvell-armhf dpkg cache
…c-net#9258) - Why I did it When PSU is powered off, the PSU is still on the switch and the air flow is still the same. In this case, it is not necessary to set FAN speed to 100%. - How I did it When PSU is powered of, don't treat it as absent. - How to verify it Adjust existing unit test case Add new case in sonic-mgmt
…onic-net#9133) - Why I did it This is to update the common sonic-buildimage infra for reclaiming buffer. - How I did it Render zero_profiles.j2 to zero_profiles.json for vendors that support reclaiming buffer The zero profiles will be referenced in PR [Reclaim buffer] Reclaim unused buffers by applying zero buffer profiles sonic-net#8768 on Mellanox platforms and there will be test cases to verify the behavior there. Rendering is done here for passing azure pipeline. Load zero_profiles.json when the dynamic buffer manager starts Generate inactive port list to reclaim buffer Signed-off-by: Stephen Sun <stephens@nvidia.com>
Why I did it resolves sonic-net#8979 and sonic-net#9055 How I did it Remove the file static.conf.j2,which adds the default route on eth0 from bgp docker Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
- Consolidate the two [Service] sections by moving the ExecStartPre line for mark_dhcp_packet.py to the first section and removing the second.
- Make the mark_dhcp_packet.py file executable
- Also clean up mark_dhcp_packet.py
- Remove unused imports
- Fix spacing and line lengths to conform to PEP8
Signed-off-by: Lawrence Lee <lawlee@microsoft.com>
Why I did it Fix some of the version files not used issue. One of example version file version-py3-all-armhf, when building marvell-armhf, the version is used as expected, but it not use.
Support marvell-armhf dpkg cache and the azp check. Waiting for merging PR sonic-net#9381 to 202012 branch, so only azp template change in this PR. Move the VS build to a new stage BuildVS, change the Test stage only depending on BuildVS, running the BuildVS and the other platform's build in parallel. The Test stage do not has dependency on the marvel-armhf build, reduce the overall build time caused by longer build time of marvel-armhf build.
- Why I did it To include latest fixes. 1. On CMIS modules, after low power configuration, the firmware waited for the module state to be ModuleReady instead of ModuleLowPower causing delays. 2. When connecting Spectrum devices with optical transceivers that support RXLOS, remote side port down might cause the switch firmware to get stuck and cause unexpected switch behavior. 3. On rare occasions, when working with port rates of 1GbE or 10GbE and congestion occurs, packets may get stuck in the chip and may cause switch to hang. 4. When ECMP has high amount of next-hops based on VLAN interfaces, in some rare cases, packets will get a wrong VLAN tag and will be dropped. 5. Using SN4600C with copper or optics loopback cables in NRZ speeds, link may raise in long link up times ( up to 70 seconds). 6. When connecting SN4600C to SN4600C after Fastboot in 50GbE No_FEC mode with a copper cable, the link up time may take ~20 seconds. - How I did it Updated SDK submodule and relevant makefiles with the required versions. - How to verify it Build an image and run tests from "soni-mgmt". Signed-off-by: Volodymyr Samotiy <volodymyrs@nvidia.com>
Why I did it [Ci]: check if there is a sonic dirty version issue If there is a dirty version issue in PR build, the build will be failed.
…onic-net#10341)" (sonic-net#10535) This reverts commit f4bbcd1. The original one was missing one file ".azure-pipelines/azure-pipelines-repd-build-variables.yml" and break the Azure pipeline.
Includes the below commits f3b2873 [BFD]Retry create BFD with different source UDP port on failure Signed-off-by: Sudharsan Dhamal Gopalarathnam <sudharsand@nvidia.com>
… disabled (sonic-net#9986) Why I did it During warm-reboot and fast-reboot the below error logs appear Feb 3 22:05:15.187408 r-lionfish-13 ERR container: docker cmd: kill for nat failed with 404 Client Error for http+docker://localhost/v1.41/containers/nat/json: Not Found ("No such container: nat") The container command when called for local mode doesn't check if it is enabled before calling docker kill which throws the above errors. https://github.com/Azure/sonic-utilities/blob/b6ca76b4821453171d9607383b808385968eeeeb/scripts/fast-reboot#L699 How I did it Checking feature state if local mode and returning error exit code along with valid debug message. How to verify it Manually tested with warm-reboot and fast-reboot Added UT to verify it.
…-net#10558) If it is run during image install, it's not guaranteed that the installation environment will have tune2fs available. Therefore, run it during initramfs instead. Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
sonic-net#10554) * [CG-Fix-CVE-2021-44906] Patching on thrift.0.13.0 for package minimist Signed-off-by: richardyu-ms <richard.yu@microsoft.com> * add more information in patch Signed-off-by: richardyu-ms <richard.yu@microsoft.com>
[202012][sonic-linkmgrd]Submodule update 8507629 Jing Zhang Mon Apr 4 10:25:22 2022 -0700 Lower unsolicited MUX state change notification log level to WARNING #57 17d217d Longxiang Lyu Mon Mar 21 12:15:19 2022 +0800 Enhance clang format (#46) c72fa2a Jing Zhang Fri Apr 1 12:23:29 2022 -0700 Disable the feature that decreases link probe interval for measuring switch overhead #49 (#54) 256b01b Jing Zhang Thu Mar 31 16:20:00 2022 -0700 Update link prober metrics posting logics #50 #53 dfd48d0 Jing Zhang Wed Mar 23 16:27:45 2022 -0700 Decrease link probing interval after switchover to better determine the overhead of a toggle #43 (#48) sign-off: Jing Zhang zhangjing@microsoft.com
…net#10582) * [copp cfg] enable copp trap for a couple more devices Signed-off-by: Ying Xie <ying.xie@microsoft.com>
414692f LLDPLocalSystemDataUpdater Exception Log Handled (sonic-net#249) Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
To optimize stop on warm boot, added kill for containers Use service "kill" in the shutdown path for fast and warm reboot. For all other reload methods, service "stop" is used. This is done to save time in shutdown path, and to overall improve the time spent in warm and fast reload. How - Use service_mgmt.sh to trigger common logic to initiate kill (fast/warm) or stop (cold) for database.sh, radv.sh, snmp.sh, telemetry.sh, mgmt-framework.sh Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>, Vaibhav H D <vaibhav.dixit@microsoft.com>
…0596) Signed-off-by: Jing Kan jika@microsoft.com
Signed-off-by: Jing Kan jika@microsoft.com
The interface renaming logic fails if one interface is missing. Because of the `set -e` the whole initramfs hook would abort early on error. This change fixes the current behavior to make sure missing interfaces are properly skipped and ensure existing interface are renamed.
Reproducible build script breaks docker-sonic-mgmt build.
Why I did it [Build]: Fix pip version constraint conflict issue When a version is specified in the constraint file, if upgrading the version in build script, it will have conflict issue. How I did it If a specified version has specified in pip command line, then the version constraint will be skipped.
…D3 based platforms (sonic-net#10587)
…onic-net#10288) Signed-off-by: Yong Zhao <yozhao@microsoft.com> Why I did it This PR aims to fix the Monit issue which shows Monit can't reset its counter when monitoring memory usage of telemetry container. Specifically the Monit configuration file related to monitoring memory usage of telemetry container is as following: check program container_memory_telemetry with path "/usr/bin/memory_checker telemetry 419430400" if status == 3 for 10 times within 20 cycles then exec "/usr/bin/restart_service telemetry" If memory usage of telemetry container is larger than 400MB for 10 times within 20 cycles (minutes), then it will be restarted. Recently we observed, after telemetry container was restarted, its memory usage continuously increased from 400MB to 11GB within 1 hour, but it was not restarted anymore during this 1 hour sliding window. The reason is Monit can't reset its counter to count again and Monit can reset its counter if and only if the status of monitored service was changed from Status failed to Status ok. However, during this 1 hour sliding window, the status of monitored service was not changed from Status failed to Status ok. Currently for each service monitored by Monit, there will be an entry showing the monitoring status, monitoring mode etc. For example, the following output from command sudo monit status shows the status of monitored service to monitor memory usage of telemetry: Program 'container_memory_telemetry' status Status ok monitoring status Monitored monitoring mode active on reboot start last exit value 0 last output - data collected Sat, 19 Mar 2022 19:56:26 Every 1 minute, Monit will run the script to check the memory usage of telemetry and update the counter if memory usage is larger than 400MB. If Monit checked the counter and found memory usage of telemetry is larger than 400MB for 10 times within 20 minutes, then telemetry container was restarted. Following is an example status of monitored service: Program 'container_memory_telemetry' status Status failed monitoring status Monitored monitoring mode active on reboot start last exit value 0 last output - data collected Tue, 01 Feb 2022 22:52:55 After telemetry container was restarted. we found memory usage of telemetry increased rapidly from around 100MB to more than 400MB during 1 minute and status of monitored service did not have a chance to be changed from Status failed to Status ok. How I did it In order to provide a workaround for this issue, Monit recently introduced another syntax format repeat every <n> cycles related to exec. This new syntax format will enable Monit repeat executing the background script if the error persists for a given number of cycles. How to verify it I verified this change on lab device str-s6000-acs-12. Another pytest PR (sonic-net/sonic-mgmt#5492) is submitted in sonic-mgmt repo for review.
…t#10616) Why I did it [Ci]: Support to sign image for cisco-8000 uefi secure boot
…et#10652) Why I did it When a failed job retry. Publish artifact will fail for duplicated name
…-net#10533) Incorrect high-threshold and critical-high-threshold values are displayed for some of the temperature sensors. This commit fixes that. Co-authored-by: Qi Luo <qiluo-msft@users.noreply.github.com> Co-authored-by: Jing Kan <jika@microsoft.com>
liushilongbuaa
requested review from
qiluo-msft,
xumia,
lguohan,
sujinmkang,
prgeor and
vdahiya12
as code owners
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Why I did it
submodule update, includes:
9824a3a CVE-2020-25614: Update xmlquery, jsonquery and xpath packages. (#58)
How I did it
How to verify it
Which release branch to backport (provide reason below if selected)
Description for the changelog
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)