-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[config] Read AclInterfaces information from minigraph dpg #419
Conversation
@@ -124,6 +124,7 @@ def parse_dpg(dpg, hname): | |||
|
|||
ipintfs = child.find(str(QName(ns, "IPInterfaces"))) | |||
intfs = [] | |||
intfnames = {} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd use set() for intfnames.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it is to align with the other designs, e.g. portchannels, vlans, and aclintfs. I am okay with this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually I'm currently not exposing this. Do you think exposing it might be useful?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think so. in order to get all the interface names, we could use this. the list returned will have duplicates.
if pcs.has_key(member): | ||
acl_intfs.extend(pcs[member]['members']) # For ACL attaching to port channels, we break them into port channel members | ||
elif vlans.has_key(member): | ||
print >> sys.stderr, "Warning: ACL "+aclname+" is attached to a Vlan interface, which is currently not supported" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
when running this via ansible, will print command print out the message on the screen? what about using logging?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If called in systemd systemd will log it into syslog, and if called in containers docker will log it into docker logs.
What's the use case of calling this from ansible?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i just wonder if it happens when we're running ansible using the minigraph_facts.py by any chance of testing the ACLs. It doesn't hurt. But currently there seems to be no other err/warning logics in the minigraph.py file. Later we might be able to align all them.
swss * a6d60f2 2019-02-15 | Create egress ACL table group during the PFCWD stats list installment (sonic-net#787) (HEAD, origin/master, origin/HEAD) [Wenda Ni] * 52de963 2019-02-15 | [fpmsyncd] Add VNET routes support (sonic-net#772) [Wei Bai] * d27f49e 2019-02-13 | Move warm_restart enable/disable config to stateDB WARM_RESTART_ENABLE_TABLE (sonic-net#786) [Jipan Yang] * 6363985 2019-02-08 | [vstest]: Potential fix for timing issue in warm_reboot's routing UT (sonic-net#788) [Rodny Molina] * 6d5424d 2019-02-07 | VNet/Vxlan delete handling (sonic-net#766) [Prince Sunny] * d680ce2 2019-02-07 | [neighsyncd] increase neighbor syncd restore timeout to 110 seconds (sonic-net#745) [Ying Xie] * b78cc8d 2019-02-01 | support 8 lanes for a physical port (sonic-net#778) [lguohan] * 73b620c 2019-02-01 | Increase the watermark polling interval to 10s (sonic-net#777) [Wenda Ni] * a2b987b 2019-02-01 | [vstest]: fix test_speed.py (sonic-net#780) [lguohan] * cef4bd0 2019-02-01 | [vstest]: fix test_port_an_warm.py test (sonic-net#779) [lguohan] * 9f20eda 2019-02-01 | fix a unstable swss egress acl test (sonic-net#776) [Kebo Liu] * 316ae6c 2019-01-30 | portsorch ports init done flag should means buffer, autoneg, speed, m… (sonic-net#747) [Jipan Yang] * 4280036 2019-01-30 | [teammgrd] Fix inconsistent port admin status (sonic-net#755) [Jipan Yang] * cf12bdf 2019-01-30 | Remove AclTableGroup upon removal of port/lag/vlan (sonic-net#751) [Jipan Yang] * 5779c1a 2019-01-29 | [aclorch] Remove L4 port range support limitation on egress ACL table and add new SWSS virtual test. (sonic-net#741) [Kebo Liu] * 36e85eb 2019-01-29 | On a routing vlan, the neighbor entry in the /31 subnet is not added to hardware (sonic-net#771) [Kiran Kumar Kella] * 882ccc6 2019-01-24 | [vnetorch] Change logic for adding VNet interface (sonic-net#761) [Marian Pritsak] * f637557 2019-01-25 | [vrfmgrd] Fix VRF is not set to VRF_TABLE in APP_DB correctly (sonic-net#768) [yorke] * e84a6ab 2019-01-24 | use sai_stat_id_t for new SAI header file (sonic-net#769) [lguohan] sairedis * d685e35 2019-02-15 | Add support for fdb_event MOVE and check fdb event oids (sonic-net#420) (HEAD, origin/master, origin/HEAD) [Kamil Cudnik] * 2b91013 2019-02-15 | [vslib] add missing port attributes for virtual switch (sonic-net#419) [Stepan Blyshchak] * dcc8688 2019-02-14 | Add more specific logic for ingress ACL and buffer profile (sonic-net#421) [Kamil Cudnik] * c0b39ea 2019-02-12 | Move warm_restart enable/disable config to stateDB WARM_RESTART_ENABLE_TABLE (sonic-net#418) [Jipan Yang] * ab35dfa 2019-02-11 | Add support for vlan tagged frames in virtual switch (sonic-net#417) [Kamil Cudnik] * 145ea44 2019-02-02 | [flex counter] handle router interface stats (sonic-net#410) [Mykola F] * c03d639 2019-02-02 | Add more information on failed map sizes (sonic-net#416) [Kamil Cudnik] * 29f1e3c 2019-01-31 | Update SAI pointer (sonic-net#414) [Marian Pritsak] * c0a948d 2019-01-30 | Add WRED specific comparison logic (sonic-net#413) [Kamil Cudnik] * 1b6a661 2019-01-24 | install SAI extension header files into /usr/include/sai (sonic-net#412) [lguohan] * 849525a 2019-01-24 | Initialize notification queue pointer before switch create (sonic-net#411) [Kamil Cudnik] * 02d92f1 2019-01-23 | Add log info for not matching SG/IPG/QUEUES (sonic-net#409) [Kamil Cudnik] * 8793562 2019-01-18 | Update SAI pointer to latest master (sonic-net#408) [Marian Pritsak] swss-common * ec04a5a 2019-02-14 | Add support for WarmStart::setDataCheckState() (sonic-net#242) [Jipan Yang] * 56bd73f 2019-02-13 | Force only supported commands on consumer table (sonic-net#261) [Kamil Cudnik] * 414de0f 2019-02-12 | Move warm_restart enable/disable config to stateDB WARM_RESTART_ENABLE_TABLE (sonic-net#260) [Jipan Yang] * 88de725 2019-02-05 | [pyext] enable types in stdint.h (sonic-net#259) [Ying Xie] * f457ae8 2019-02-05 | Optimized ProducerStateTable set/del notification processing to avoid… (sonic-net#257) [Jipan Yang] * e5286fd 2019-01-30 | [rif counters] Rif counter schema update (sonic-net#256) [Mykola F] sonic-utilities * b44b462 2019-02-14 | Move warm_restart enable/disable config to stateDB WARM_RESTART_ENABL… (sonic-net#458) (HEAD, origin/master, origin/HEAD) [Jipan Yang] * e856b8b 2019-02-11 | [aclshow] output only counters per table/rule (sonic-net#442) [Roman Kachur] Signed-off-by: Guohan Lu <[email protected]>
…g Broadcom SAI build (#2488) * [Broadcom SAI] upgrade Broadcom SAI to 3.3.4.3m-3 This is SAI 3.3.4.3m-3 compiled with SAI header file at commit ID 6ad3382217ec22f64cd268faefcbc2ff7caba4fd of SAI repo. Signed-off-by: Ying Xie <[email protected]> * change libsaithrift version to 0.9.4 Signed-off-by: Guohan Lu <[email protected]> * [submodule]: update swss, sairedis, swss-common, sonic-utilities swss * a6d60f2 2019-02-15 | Create egress ACL table group during the PFCWD stats list installment (#787) (HEAD, origin/master, origin/HEAD) [Wenda Ni] * 52de963 2019-02-15 | [fpmsyncd] Add VNET routes support (#772) [Wei Bai] * d27f49e 2019-02-13 | Move warm_restart enable/disable config to stateDB WARM_RESTART_ENABLE_TABLE (#786) [Jipan Yang] * 6363985 2019-02-08 | [vstest]: Potential fix for timing issue in warm_reboot's routing UT (#788) [Rodny Molina] * 6d5424d 2019-02-07 | VNet/Vxlan delete handling (#766) [Prince Sunny] * d680ce2 2019-02-07 | [neighsyncd] increase neighbor syncd restore timeout to 110 seconds (#745) [Ying Xie] * b78cc8d 2019-02-01 | support 8 lanes for a physical port (#778) [lguohan] * 73b620c 2019-02-01 | Increase the watermark polling interval to 10s (#777) [Wenda Ni] * a2b987b 2019-02-01 | [vstest]: fix test_speed.py (#780) [lguohan] * cef4bd0 2019-02-01 | [vstest]: fix test_port_an_warm.py test (#779) [lguohan] * 9f20eda 2019-02-01 | fix a unstable swss egress acl test (#776) [Kebo Liu] * 316ae6c 2019-01-30 | portsorch ports init done flag should means buffer, autoneg, speed, m… (#747) [Jipan Yang] * 4280036 2019-01-30 | [teammgrd] Fix inconsistent port admin status (#755) [Jipan Yang] * cf12bdf 2019-01-30 | Remove AclTableGroup upon removal of port/lag/vlan (#751) [Jipan Yang] * 5779c1a 2019-01-29 | [aclorch] Remove L4 port range support limitation on egress ACL table and add new SWSS virtual test. (#741) [Kebo Liu] * 36e85eb 2019-01-29 | On a routing vlan, the neighbor entry in the /31 subnet is not added to hardware (#771) [Kiran Kumar Kella] * 882ccc6 2019-01-24 | [vnetorch] Change logic for adding VNet interface (#761) [Marian Pritsak] * f637557 2019-01-25 | [vrfmgrd] Fix VRF is not set to VRF_TABLE in APP_DB correctly (#768) [yorke] * e84a6ab 2019-01-24 | use sai_stat_id_t for new SAI header file (#769) [lguohan] sairedis * d685e35 2019-02-15 | Add support for fdb_event MOVE and check fdb event oids (#420) (HEAD, origin/master, origin/HEAD) [Kamil Cudnik] * 2b91013 2019-02-15 | [vslib] add missing port attributes for virtual switch (#419) [Stepan Blyshchak] * dcc8688 2019-02-14 | Add more specific logic for ingress ACL and buffer profile (#421) [Kamil Cudnik] * c0b39ea 2019-02-12 | Move warm_restart enable/disable config to stateDB WARM_RESTART_ENABLE_TABLE (#418) [Jipan Yang] * ab35dfa 2019-02-11 | Add support for vlan tagged frames in virtual switch (#417) [Kamil Cudnik] * 145ea44 2019-02-02 | [flex counter] handle router interface stats (#410) [Mykola F] * c03d639 2019-02-02 | Add more information on failed map sizes (#416) [Kamil Cudnik] * 29f1e3c 2019-01-31 | Update SAI pointer (#414) [Marian Pritsak] * c0a948d 2019-01-30 | Add WRED specific comparison logic (#413) [Kamil Cudnik] * 1b6a661 2019-01-24 | install SAI extension header files into /usr/include/sai (#412) [lguohan] * 849525a 2019-01-24 | Initialize notification queue pointer before switch create (#411) [Kamil Cudnik] * 02d92f1 2019-01-23 | Add log info for not matching SG/IPG/QUEUES (#409) [Kamil Cudnik] * 8793562 2019-01-18 | Update SAI pointer to latest master (#408) [Marian Pritsak] swss-common * ec04a5a 2019-02-14 | Add support for WarmStart::setDataCheckState() (#242) [Jipan Yang] * 56bd73f 2019-02-13 | Force only supported commands on consumer table (#261) [Kamil Cudnik] * 414de0f 2019-02-12 | Move warm_restart enable/disable config to stateDB WARM_RESTART_ENABLE_TABLE (#260) [Jipan Yang] * 88de725 2019-02-05 | [pyext] enable types in stdint.h (#259) [Ying Xie] * f457ae8 2019-02-05 | Optimized ProducerStateTable set/del notification processing to avoid… (#257) [Jipan Yang] * e5286fd 2019-01-30 | [rif counters] Rif counter schema update (#256) [Mykola F] sonic-utilities * b44b462 2019-02-14 | Move warm_restart enable/disable config to stateDB WARM_RESTART_ENABL… (#458) (HEAD, origin/master, origin/HEAD) [Jipan Yang] * e856b8b 2019-02-11 | [aclshow] output only counters per table/rule (#442) [Roman Kachur] Signed-off-by: Guohan Lu <[email protected]> * [mlnx] update mellanox sai Signed-off-by: Stepan Blyschak <[email protected]>
Submodule src/sonic-sairedis d57222a..54b02a1: > Add support for fdb_event MOVE and check fdb event oids (sonic-net#420) > [vslib] add missing port attributes for virtual switch (sonic-net#419) Submodule src/sonic-swss 584490c..62e2a20: > [fdborch] Store vlan id of FDB entry instead of port pvid into stateD… (sonic-net#759) > [portsorch] Change speed set flow (sonic-net#764) > Create egress ACL table group during the PFCWD stats list installment (sonic-net#787) Submodule src/sonic-swss-common 286ef34..2592b0c: > Add support for WarmStart::setDataCheckState() (sonic-net#242) Submodule src/sonic-utilities b44b462..d409987: > [sonic_installer] Improve error handling (sonic-net#460) > [clock] sync os time to CMOS before rebooting (sonic-net#465) > [intfstat] add intfstat script to output RIF counters (sonic-net#439) Signed-off-by: Ying Xie <[email protected]>
…2594) * [201811 submodules] advance sairedis, swss, swss-common, utilities Submodule src/sonic-sairedis d57222a..54b02a1: > Add support for fdb_event MOVE and check fdb event oids (#420) > [vslib] add missing port attributes for virtual switch (#419) Submodule src/sonic-swss 584490c..62e2a20: > [fdborch] Store vlan id of FDB entry instead of port pvid into stateD… (#759) > [portsorch] Change speed set flow (#764) > Create egress ACL table group during the PFCWD stats list installment (#787) Submodule src/sonic-swss-common 286ef34..2592b0c: > Add support for WarmStart::setDataCheckState() (#242) Submodule src/sonic-utilities b44b462..d409987: > [sonic_installer] Improve error handling (#460) > [clock] sync os time to CMOS before rebooting (#465) > [intfstat] add intfstat script to output RIF counters (#439) Signed-off-by: Ying Xie <[email protected]> * [201811 utilties] add 201811 branch for sonic-utilities repo Submodule src/sonic-utilities d409987...ff1448c: > [sonic_installer] Improve error handling (#460) > [clock] sync os time to CMOS before rebooting (#465) < [sonic_installer] Improve error handling (#460) < [clock] sync os time to CMOS before rebooting (#465) < [intfstat] add intfstat script to output RIF counters (#439) Signed-off-by: Ying Xie <[email protected]>
…onic-net#2594) * [201811 submodules] advance sairedis, swss, swss-common, utilities Submodule src/sonic-sairedis d57222a..54b02a1: > Add support for fdb_event MOVE and check fdb event oids (sonic-net#420) > [vslib] add missing port attributes for virtual switch (sonic-net#419) Submodule src/sonic-swss 584490c..62e2a20: > [fdborch] Store vlan id of FDB entry instead of port pvid into stateD… (sonic-net#759) > [portsorch] Change speed set flow (sonic-net#764) > Create egress ACL table group during the PFCWD stats list installment (sonic-net#787) Submodule src/sonic-swss-common 286ef34..2592b0c: > Add support for WarmStart::setDataCheckState() (#242) Submodule src/sonic-utilities b44b462..d409987: > [sonic_installer] Improve error handling (sonic-net#460) > [clock] sync os time to CMOS before rebooting (sonic-net#465) > [intfstat] add intfstat script to output RIF counters (sonic-net#439) Signed-off-by: Ying Xie <[email protected]> * [201811 utilties] add 201811 branch for sonic-utilities repo Submodule src/sonic-utilities d409987...ff1448c: > [sonic_installer] Improve error handling (sonic-net#460) > [clock] sync os time to CMOS before rebooting (sonic-net#465) < [sonic_installer] Improve error handling (sonic-net#460) < [clock] sync os time to CMOS before rebooting (sonic-net#465) < [intfstat] add intfstat script to output RIF counters (sonic-net#439) Signed-off-by: Ying Xie <[email protected]>
…onic-net#2594) * [201811 submodules] advance sairedis, swss, swss-common, utilities Submodule src/sonic-sairedis d57222a..54b02a1: > Add support for fdb_event MOVE and check fdb event oids (sonic-net#420) > [vslib] add missing port attributes for virtual switch (sonic-net#419) Submodule src/sonic-swss 584490c..62e2a20: > [fdborch] Store vlan id of FDB entry instead of port pvid into stateD… (sonic-net#759) > [portsorch] Change speed set flow (sonic-net#764) > Create egress ACL table group during the PFCWD stats list installment (sonic-net#787) Submodule src/sonic-swss-common 286ef34..2592b0c: > Add support for WarmStart::setDataCheckState() (#242) Submodule src/sonic-utilities b44b462..d409987: > [sonic_installer] Improve error handling (sonic-net#460) > [clock] sync os time to CMOS before rebooting (sonic-net#465) > [intfstat] add intfstat script to output RIF counters (sonic-net#439) Signed-off-by: Ying Xie <[email protected]> * [201811 utilties] add 201811 branch for sonic-utilities repo Submodule src/sonic-utilities d409987...ff1448c: > [sonic_installer] Improve error handling (sonic-net#460) > [clock] sync os time to CMOS before rebooting (sonic-net#465) < [sonic_installer] Improve error handling (sonic-net#460) < [clock] sync os time to CMOS before rebooting (sonic-net#465) < [intfstat] add intfstat script to output RIF counters (sonic-net#439) Signed-off-by: Ying Xie <[email protected]>
…onic-net#2594) * [201811 submodules] advance sairedis, swss, swss-common, utilities Submodule src/sonic-sairedis d57222a..54b02a1: > Add support for fdb_event MOVE and check fdb event oids (sonic-net#420) > [vslib] add missing port attributes for virtual switch (sonic-net#419) Submodule src/sonic-swss 584490c..62e2a20: > [fdborch] Store vlan id of FDB entry instead of port pvid into stateD… (sonic-net#759) > [portsorch] Change speed set flow (sonic-net#764) > Create egress ACL table group during the PFCWD stats list installment (sonic-net#787) Submodule src/sonic-swss-common 286ef34..2592b0c: > Add support for WarmStart::setDataCheckState() (#242) Submodule src/sonic-utilities b44b462..d409987: > [sonic_installer] Improve error handling (sonic-net#460) > [clock] sync os time to CMOS before rebooting (sonic-net#465) > [intfstat] add intfstat script to output RIF counters (sonic-net#439) Signed-off-by: Ying Xie <[email protected]> * [201811 utilties] add 201811 branch for sonic-utilities repo Submodule src/sonic-utilities d409987...ff1448c: > [sonic_installer] Improve error handling (sonic-net#460) > [clock] sync os time to CMOS before rebooting (sonic-net#465) < [sonic_installer] Improve error handling (sonic-net#460) < [clock] sync os time to CMOS before rebooting (sonic-net#465) < [intfstat] add intfstat script to output RIF counters (sonic-net#439) Signed-off-by: Ying Xie <[email protected]>
sonic-net#419) * [warm reboot] add option -x to execute script in -x mode This option is useful when debugging the warm/fast reboot scripts. Signed-off-by: Ying Xie <[email protected]> * [warm reboot] timeout on database related commands Signed-off-by: Ying Xie <[email protected]> * [warm reboot] retry after tiemout Signed-off-by: Ying Xie <[email protected]> * [warm reboot] retry timeout up to 3 times Signed-off-by: Ying Xie <[email protected]> * Print cancel warm-reboot result after error happened
- add default port admin state attribute - add default port mtu attribute Signed-off-by: Stepan Blyschak <[email protected]>
Commits include: * src/sonic-swss-common f143b7f...3d400a9 (3): > ASIC internal temperature sensors support (sonic-net#419) > SWIG functions accept unicode input (sonic-net#422) > Introdcued RESOLVE_NEIGH APP DB table (sonic-net#420)
… automatically (#17450) src/sonic-platform-common * 5d69644 - (HEAD -> 202311, origin/202311) Adding supported vendor PNs for remote CDB FW upgrade (#418) (#419) (5 days ago) [mihirpat1] * 036b2fc - [Credo][Ycable] Correct the lane mapping in the debugdumpregister function for the 50G cable (#417) (11 days ago) [Xinyu Lin] * 2efe97e - Fix VDM freeze and unfreeze needed for PM stats collection (#402) (2 weeks ago) [jaganbal-a] * cb80f17 - Fix issue: QSFP module with id 0x0d can be parsed using 8636 (#412) (3 weeks ago) [Stephen Sun]
No description provided.