bookworm container upgrade for lldp, net-snmp #18150
Conversation
mohan-selvaraj
requested review from
qiluo-msft,
xumia and
lguohan
as code owners
|
|
|
The PR build is failing because of build failures in net-snmp. Please look into these failures. The package may need to be updated to 5.9.3+dfsg-2 (similar to the upgrade done for Bullseye). |
mohan-selvaraj
changed the title
5.9.3+dfsg-2 wasn't available in the sonicblob. Hence download failed. Used the existing package 5.9+dfsg-4 for net-snmp. Now following errors are seen for bookworm build but not seen for bullseye build. Any inputs on resolving this ? |
|
5.9.3+dfsg-2 should now be available from sonicblob, can you test it? |
Makefile.work
Outdated
| @@ -311,8 +311,8 @@ endif | |||
| ifeq ($(DOCKER_BUILDER_WORKDIR),) | |||
| override DOCKER_BUILDER_WORKDIR := "/sonic" | |||
| endif | |||
|
|
|||
| DOCKER_RUN := docker run --rm=true --privileged --init \ | |||
There was a problem hiding this comment.
It looks like there are a lot of changes here, are these meant to be local/debug changes?
There was a problem hiding this comment.
These changes are automatically added after rebase with master branch.
There was a problem hiding this comment.
You may need to recheck the branch rebases, there are changes in this PR that shouldn't be here.
There was a problem hiding this comment.
@maipbui to keep eyes on it.
There was a problem hiding this comment.
Those changes were done to do a local build. Got pushed by mistake. Have removed those changes in the latest commit.
There was a problem hiding this comment.
Build went through fine. Failure seen in kvmtest->Prepare testbed step. Unable to access the detailed logs. Do you have any inputs on this.
There was a problem hiding this comment.
I thought the issue of not being able to see the test logs was fixed. At any rate, here is the failure:
12:54:21 recover.adaptive_recover L0169 WARNING| Restoring {'failed': True, 'check_item': 'processes', 'host': 'vlab-01', 'processes_status': {'pmon': {'status': True, 'exited_critical_process': [], 'running_critical_process': []}, 'snmp': {'status': False, 'exited_critical_process': ['snmp-subagent'], 'running_critical_process': ['snmpd']}, 'lldp': {'status': True, 'exited_critical_process': [], 'running_critical_process': ['lldp-syncd', 'lldpd', 'lldpmgrd']}, 'database': {'status': True, 'exited_critical_process': [], 'running_critical_process': ['redis']}, 'bgp': {'status': True, 'exited_critical_process': [], 'running_critical_process': ['bgpcfgd', 'bgpd', 'fpmsyncd', 'staticd', 'zebra']}, 'swss': {'status': True, 'exited_critical_process': [], 'running_critical_process': ['buffermgrd', 'coppmgrd', 'fabricmgrd', 'fdbsyncd', 'intfmgrd', 'nbrmgrd', 'neighsyncd', 'orchagent', 'portmgrd', 'portsyncd', 'tunnelmgrd', 'vlanmgrd', 'vrfmgrd', 'vxlanmgrd']}, 'syncd': {'status': True, 'exited_critical_process': [], 'running_critical_process': ['syncd']}, 'teamd': {'status': True, 'exited_critical_process': [], 'running_critical_process': ['teammgrd', 'teamsyncd', 'tlm_teamd']}}, 'services_status': {'pmon': True, 'snmp': False, 'lldp': True, 'database': True, 'bgp': True, 'swss': True, 'syncd': True, 'teamd': True}} with proposed action: config_reload, final action: config_reload
snmp-subagent process is supposed to be running, but doesn't appear to be running.
There was a problem hiding this comment.
Following patches are available in 5.9.3 codebase. They need not be included.
0001-SNMP-Stop-spamming-logs-with-statfs-permission-denie.patch
0002-at.c-properly-check-return-status-from-realloc.-Than.patch
0003-CHANGES-BUG-2743-snmpd-crashes-when-receiving-a-GetN.patch
0006-From-Jiri-Cervenka-snmpd-Fixed-agentx-crashing-and-or-freezing-on-timeout.patch
0009-Makefile.in-agent-Makefile.in-Fix-parallel-compilati.patch
0010-Makefile.in-Make-sure-that-sedscript-is-built-before.patch
0011-agent-Makefile.in-Build-the-MIB-module-code-once.patch
Following patch looks specific to 5.7.3 version. Will not add this.
0007-Linux-VRF-5.7.3-Support.patch
Following patch is described as "Enable macro DEB_BUILD_ARCH_OS in order to build ipv6 feature". But it doesn't apply.
0008-Enable-macro-DEB_BUILD_ARCH_OS-in-order-to-build-ipv.patch
Following patch is required but doesn't apply
cross-compile-changes.patch
Following patches are required.
0012-agent-Makefile.in-Unbreak-the-enable-minimalist-buil.patch
0013-enable-parallel-build-for-net-snmp.patch
Next step is to add the following patches to 5.9.3.
0008-Enable-macro-DEB_BUILD_ARCH_OS-in-order-to-build-ipv.patch
0012-agent-Makefile.in-Unbreak-the-enable-minimalist-buil.patch
0013-enable-parallel-build-for-net-snmp.patch
cross-compile-changes.patch
There was a problem hiding this comment.
snmp-subagent still isn't up. How to access the process logs?
"docker exec snmp supervisorctl status"
dependent-startup RUNNING pid 7, uptime 0:00:10
rsyslogd RUNNING pid 20, uptime 0:00:08
snmp-subagent BACKOFF Exited too quickly (process log may have details)
snmpd RUNNING pid 24, uptime 0:00:08
start EXITED Mar 15 11:03 AM
supervisor-proc-exit-listener RUNNING pid 8, uptime 0:00:10
There was a problem hiding this comment.
@qiluo-msft ,
Need your help to understand what exactly the failure is because of which snmp-subagent is exiting.
sure. will try and update |
added the patch directory for snmpd
|
/azpw run |
|
/AzurePipelines run |
|
You have several pipelines (over 10) configured to build pull requests in this repository. Specify which pipelines you would like to run by using /azp run [pipelines] command. You can specify multiple pipelines using a comma separated list. |
|
Have added the patches in snmpd based on code comparison. Need your help to understand what exactly the failure is because of which snmp-subagent is exiting. |
|
@mohan-selvaraj, you should be able to see this issue when loading the image on a setup (either KVM or physical). After the image is loaded, check |
|
Additional pull request is created for changes in src/snmp-agent With the changes in snmpagent, following is the process status syslogs |
|
/azpw run |
1 similar comment
|
/azpw run |
|
/AzurePipelines run |
|
Commenter does not have sufficient privileges for PR 18150 in repo sonic-net/sonic-buildimage |
|
/azpw run Azure.sonic-buildimage |
|
/AzurePipelines run Azure.sonic-buildimage |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
@mohan-selvaraj Until the snmpagent submodule gets merged, it doesn't make sense to rerun the pipeline here. |
|
Blocked on #313, expecting build test to pass after the merge of snmp subagent change |
|
@mohan-selvaraj could you trigger a rebuild when you get a chance? |
| @@ -0,0 +1,4 @@ | |||
| 0008-Enable-macro-DEB_BUILD_ARCH_OS-in-order-to-build-ipv.patch | |||
There was a problem hiding this comment.
I see 0001-SNMP-Stop-spamming-logs-with-statfs-permission-denie.patch, 0009-Makefile.in-agent-Makefile.in-Fix-parallel-compilati.patch, 0010-Makefile.in-Make-sure-that-sedscript-is-built-before.patch, 0011-agent-Makefile.in-Build-the-MIB-module-code-once.patch, and 0012-agent-Makefile.in-Unbreak-the-enable-minimalist-buil.patch were dropped. But it doesn't seem like the changes in those patches are in 5.9.3. Is there a reason these patches were dropped?
There was a problem hiding this comment.
Can you confirm if the code in the dropped patches aren't present in the 5.9.3 codebase.
I had an earlier comment on which patches were required and which can be ignored.
There was a problem hiding this comment.
0001-SNMP-Stop-spamming-logs-with-statfs-permission-denie.patch is needed, 0008-Enable-macro-DEB_BUILD_ARCH_OS-in-order-to-build-ipv.patch can be optionally dropped (since that logic is now coming from include /usr/share/dpkg/architecture.mk in debian/rules), 0012-agent-Makefile.in-Unbreak-the-enable-minimalist-buil.patch is needed. The others are correct.
There was a problem hiding this comment.
@saiarcot895
As I understand, the only reason why we build snmp packages (libsnmp-base, snmptrapd, snmp, snmpd, libsnmp40, libsnmp-dev, libsnmp-perl, tkmib) from source is 0001-SNMP-Stop-spamming-logs-with-statfs-permission-denie.patch. Maybe it's possible to find another solution without modifyng source code.
There was a problem hiding this comment.
Good point. Based on what's in sonic-net/sonic-snmpagent#22, there might not be any changes needed at all. For now, I prefer to let this get merged in, and then look at removing the snmp build (either in time for 202405 release or after the branch cutoff).
There was a problem hiding this comment.
We should remove 0001-SNMP-Stop-spamming-logs-with-statfs-permission-denie.patch
fsys_mntctl.c is for AIX: https://github.com/net-snmp/net-snmp/blob/59acd6e6fcfccfd3456ec8a65816ca76036e142f/agent/mibgroup/hardware/fsys.h#L2
Original bug in fsys_mntent.c has been already fixed in upstream: bvanassche/net-snmp@5f1986c
Why I did it
Update LLDP, net-snmp containers to Bookworm
Work item tracking
How I did it
How to verify it
Which release branch to backport (provide reason below if selected)
Tested branch (Please provide the tested image version)
Description for the changelog
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)