Skip to content

Commit 6d39f70

Browse files
authored
[dhcp_server] Add rsyslog support for dhcp_server (#19303)
Why I did it Fix issue that dhcp_server doesn't create syslog into host #18472 Work item tracking Microsoft ADO (number only): 28396389 How I did it Modify rsyslog config template How to verify it UTs passed Buildimage and install in testbed to verify
1 parent 1a2e7d1 commit 6d39f70

File tree

10 files changed

+147
-64
lines changed

10 files changed

+147
-64
lines changed

dockers/docker-dhcp-server/Dockerfile.j2

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,6 @@ FROM docker-config-engine-bookworm-{{DOCKER_USERNAME}}:{{DOCKER_USERTAG}}
33

44
ARG docker_container_name
55
ARG image_version
6-
RUN [ -f /etc/rsyslog.conf ] && sed -ri "s/%syslogtag%/$docker_container_name#%syslogtag%/;" /etc/rsyslog.conf
76

87
## Make apt-get non-interactive
98
ENV DEBIAN_FRONTEND=noninteractive
@@ -21,8 +20,6 @@ RUN apt-get update && \
2120
RUN mkdir -p /var/run/kea
2221

2322
RUN pip3 install psutil
24-
# TODO issue on remote rsyslog server in non-host container
25-
RUN rm -f /etc/supervisor/conf.d/containercfgd.conf
2623

2724
{% if docker_dhcp_server_debs.strip() -%}
2825
# Copy locally-built Debian package dependencies
@@ -52,11 +49,10 @@ RUN apt-get clean -y && \
5249
COPY ["docker_init.sh", "start.sh", "/usr/bin/"]
5350
COPY ["supervisord.conf", "/etc/supervisor/conf.d/"]
5451
COPY ["files/supervisor-proc-exit-listener", "/usr/bin"]
55-
COPY ["rsyslog/rsyslog.conf.j2", "kea-dhcp4.conf.j2", "/usr/share/sonic/templates/"]
52+
COPY ["kea-dhcp4.conf.j2", "/usr/share/sonic/templates/"]
5653
COPY ["critical_processes", "/etc/supervisor/"]
5754
COPY ["lease_update.sh", "/etc/kea/"]
5855
COPY ["kea-dhcp4-init.conf", "/etc/kea/kea-dhcp4.conf"]
5956
COPY ["cli", "/cli/"]
60-
COPY ["rsyslog/default.conf", "/etc/rsyslog.d"]
6157

6258
ENTRYPOINT ["/usr/bin/docker_init.sh"]

dockers/docker-dhcp-server/docker_init.sh

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -7,11 +7,6 @@ mkdir -p /etc/supervisor/conf.d/
77
mkdir -p /etc/kea/
88
udp_server_ip=$(ip -j -4 addr list lo scope host | jq -r -M '.[0].addr_info[0].local')
99
hostname=$(hostname)
10-
# Generate the following files from templates:
11-
# port-to-alias name map
12-
sonic-cfggen -d -t /usr/share/sonic/templates/rsyslog.conf.j2 \
13-
-a "{\"udp_server_ip\": \"$udp_server_ip\", \"hostname\": \"$hostname\"}" \
14-
> /etc/rsyslog.conf
1510

1611
# Make the script that waits for all interfaces to come up executable
1712
chmod +x /etc/kea/lease_update.sh /usr/bin/start.sh

dockers/docker-dhcp-server/rsyslog/default.conf

Lines changed: 0 additions & 27 deletions
This file was deleted.

files/build_templates/docker_image_ctl.j2

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -346,7 +346,11 @@ start() {
346346
fi
347347

348348
# Default rsyslog target IP for single ASIC platform
349+
{%- if docker_container_name == "dhcp_server" %}
350+
SYSLOG_TARGET_IP=$(docker network inspect bridge --format={{ "'{{(index .IPAM.Config 0).Gateway}}'" }})
351+
{%- else %}
349352
SYSLOG_TARGET_IP=127.0.0.1
353+
{%- endif %}
350354
if [[ ($NUM_ASIC -gt 1) ]]; then
351355
SYSLOG_TARGET_IP=$(docker network inspect bridge --format={{ "'{{(index .IPAM.Config 0).Gateway}}'" }})
352356
fi

files/image_config/rsyslog/rsyslog-config.sh

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,10 +17,16 @@ if [[ ($NUM_ASIC -gt 1) ]]; then
1717
else
1818
udp_server_ip=$(ip -j -4 addr list lo scope host | jq -r -M '.[0].addr_info[0].local')
1919
fi
20+
21+
contain_dhcp_server=$(sonic-db-cli CONFIG_DB keys "FEATURE|dhcp_server")
22+
if [ $contain_dhcp_server ]; then
23+
docker0_ip=$(ip -o -4 addr list docker0 | awk '{print $4}' | cut -d/ -f1)
24+
fi
25+
2026
hostname=$(hostname)
2127

2228
sonic-cfggen -d -t /usr/share/sonic/templates/rsyslog.conf.j2 \
23-
-a "{\"udp_server_ip\": \"$udp_server_ip\", \"hostname\": \"$hostname\"}" \
29+
-a "{\"udp_server_ip\": \"$udp_server_ip\", \"hostname\": \"$hostname\", \"docker0_ip\": \"$docker0_ip\"}" \
2430
> /etc/rsyslog.conf
2531

2632
systemctl restart rsyslog

files/image_config/rsyslog/rsyslog.conf.j2

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,10 @@ $ModLoad imklog # provides kernel logging support
3333
$ModLoad imudp
3434
$UDPServerAddress {{udp_server_ip}} #bind to localhost before udp server run
3535
$UDPServerRun 514
36+
{% if docker0_ip and docker0_ip != "" %}
37+
$UDPServerAddress {{docker0_ip}}
38+
$UDPServerRun 514
39+
{% endif%}
3640

3741
# provides TCP syslog reception
3842
#$ModLoad imtcp

src/sonic-config-engine/tests/data/rsyslog/config_db.json

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -207,22 +207,22 @@
207207
"DEVICE_NEIGHBOR_METADATA": {
208208
"ARISTA01T1": {
209209
"hwsku": "Arista-VM",
210-
"mgmt_addr": "172.16.190.114",
210+
"mgmt_addr": "3.3.3.14",
211211
"type": "LeafRouter"
212212
},
213213
"ARISTA02T1": {
214214
"hwsku": "Arista-VM",
215-
"mgmt_addr": "172.16.190.115",
215+
"mgmt_addr": "3.3.3.15",
216216
"type": "LeafRouter"
217217
},
218218
"ARISTA03T1": {
219219
"hwsku": "Arista-VM",
220-
"mgmt_addr": "172.16.190.116",
220+
"mgmt_addr": "3.3.3.16",
221221
"type": "LeafRouter"
222222
},
223223
"ARISTA04T1": {
224224
"hwsku": "Arista-VM",
225-
"mgmt_addr": "172.16.190.117",
225+
"mgmt_addr": "3.3.3.17",
226226
"type": "LeafRouter"
227227
}
228228
},
@@ -411,11 +411,11 @@
411411
"Loopback0|FC00:1::32/128": {}
412412
},
413413
"MGMT_INTERFACE": {
414-
"eth0|10.150.22.115/23": {
415-
"gwaddr": "10.150.22.1"
414+
"eth0|1.1.1.15/23": {
415+
"gwaddr": "1.1.1.10"
416416
},
417-
"eth0|2404:f801:10:2200::a96:1673/64": {
418-
"gwaddr": "2404:f801:10:2200::1"
417+
"eth0|2404:::2/64": {
418+
"gwaddr": "2404::1"
419419
}
420420
},
421421
"MGMT_PORT": {
@@ -867,7 +867,7 @@
867867
}
868868
},
869869
"SYSLOG_SERVER": {
870-
"10.150.22.222": {}
870+
"3.3.3.3": {}
871871
},
872872
"VERSIONS": {
873873
"DATABASE": {

dockers/docker-dhcp-server/rsyslog/rsyslog.conf.j2 renamed to src/sonic-config-engine/tests/sample_output/py3/rsyslog.conf

Lines changed: 9 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -15,23 +15,14 @@
1515

1616
$ModLoad imuxsock # provides support for local system logging
1717

18-
{% set gconf = (SYSLOG_CONFIG | d({})).get('GLOBAL', {}) -%}
19-
{% set rate_limit_interval = gconf.get('rate_limit_interval') %}
20-
{% set rate_limit_burst = gconf.get('rate_limit_burst') %}
2118

22-
{% if rate_limit_interval is not none %}
23-
$SystemLogRateLimitInterval {{ rate_limit_interval }}
24-
{% endif %}
25-
{% if rate_limit_burst is not none %}
26-
$SystemLogRateLimitBurst {{ rate_limit_burst }}
27-
{% endif %}
2819

2920
$ModLoad imklog # provides kernel logging support
3021
#$ModLoad immark # provides --MARK-- message capability
3122

3223
# provides UDP syslog reception
3324
$ModLoad imudp
34-
$UDPServerAddress {{udp_server_ip}} #bind to localhost before udp server run
25+
$UDPServerAddress 1.1.1.1 #bind to localhost before udp server run
3526
$UDPServerRun 514
3627

3728
# provides TCP syslog reception
@@ -42,21 +33,21 @@ $UDPServerRun 514
4233
###########################
4334
#### GLOBAL DIRECTIVES ####
4435
###########################
45-
{% set format = gconf.get('format', 'standard') -%}
46-
{% set fw_name = gconf.get('welf_firewall_name', hostname) -%}
4736
#
4837
# Use traditional timestamp format.
4938
# To enable high precision timestamps, comment out the following line.
5039
#
5140
#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
5241

5342
# Define a custom template
54-
$template SONiCFileFormat,"%TIMESTAMP%.%timestamp:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% dhcp_server#%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
43+
$template SONiCFileFormat,"%timegenerated:::date-year% %timegenerated%.%timegenerated:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
5544
$ActionFileDefaultTemplate SONiCFileFormat
45+
$template SONiCForwardFormat,"<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogseverity-text:::uppercase% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
46+
$ActionForwardDefaultTemplate SONiCForwardFormat
5647

5748
template(name="WelfRemoteFormat" type="string" string="%TIMESTAMP% id=firewall time=\"%timereported\
5849
:::date-year%-%timereported:::date-month%-%timereported:::date-day% %timereported:::date-hour%:%timereported:::date-minute%:%timereported\
59-
:::date-second%\" fw=\"{{ fw_name }}\" pri=%syslogpriority% msg=\"%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\"\n")
50+
:::date-second%\" fw=\"kvm-host\" pri=%syslogpriority% msg=\"%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\"\n")
6051

6152
#
6253
# Set the default permissions for all log files.
@@ -93,4 +84,7 @@ $RepeatedMsgReduction on
9384
# The omfwd plug-in provides the core functionality of traditional message
9485
# forwarding via UDP and plain TCP. It is a built-in module that does not need
9586
# to be loaded.
96-
# TODO rsyslog issue in bridge mode container, don't update to remote server for now
87+
88+
*.*
89+
action(type="omfwd" Target="3.3.3.3" Port="514" Protocol="udp" Template="SONiCForwardFormat")
90+
Lines changed: 92 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,92 @@
1+
###############################################################################
2+
# Managed by Ansible
3+
# file: ansible/roles/acs/templates/rsyslog.conf.j2
4+
###############################################################################
5+
#
6+
# /etc/rsyslog.conf Configuration file for rsyslog.
7+
#
8+
# For more information see
9+
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
10+
11+
12+
#################
13+
#### MODULES ####
14+
#################
15+
16+
$ModLoad imuxsock # provides support for local system logging
17+
18+
19+
20+
$ModLoad imklog # provides kernel logging support
21+
#$ModLoad immark # provides --MARK-- message capability
22+
23+
# provides UDP syslog reception
24+
$ModLoad imudp
25+
$UDPServerAddress 1.1.1.1 #bind to localhost before udp server run
26+
$UDPServerRun 514
27+
$UDPServerAddress 2.2.2.2
28+
$UDPServerRun 514
29+
30+
# provides TCP syslog reception
31+
#$ModLoad imtcp
32+
#$InputTCPServerRun 514
33+
34+
35+
###########################
36+
#### GLOBAL DIRECTIVES ####
37+
###########################
38+
#
39+
# Use traditional timestamp format.
40+
# To enable high precision timestamps, comment out the following line.
41+
#
42+
#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
43+
44+
# Define a custom template
45+
$template SONiCFileFormat,"%timegenerated:::date-year% %timegenerated%.%timegenerated:::date-subseconds% %HOSTNAME% %syslogseverity-text:::uppercase% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
46+
$ActionFileDefaultTemplate SONiCFileFormat
47+
$template SONiCForwardFormat,"<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogseverity-text:::uppercase% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n"
48+
$ActionForwardDefaultTemplate SONiCForwardFormat
49+
50+
template(name="WelfRemoteFormat" type="string" string="%TIMESTAMP% id=firewall time=\"%timereported\
51+
:::date-year%-%timereported:::date-month%-%timereported:::date-day% %timereported:::date-hour%:%timereported:::date-minute%:%timereported\
52+
:::date-second%\" fw=\"kvm-host\" pri=%syslogpriority% msg=\"%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\"\n")
53+
54+
#
55+
# Set the default permissions for all log files.
56+
#
57+
$FileOwner root
58+
$FileGroup adm
59+
$FileCreateMode 0640
60+
$DirCreateMode 0755
61+
$Umask 0022
62+
63+
#
64+
# Where to place spool and state files
65+
#
66+
$WorkDirectory /var/spool/rsyslog
67+
68+
#
69+
# Include all config files in /etc/rsyslog.d/
70+
#
71+
$IncludeConfig /etc/rsyslog.d/*.conf
72+
73+
#
74+
# Suppress duplicate messages and report "message repeated n times"
75+
#
76+
$RepeatedMsgReduction on
77+
78+
###############
79+
#### RULES ####
80+
###############
81+
82+
#
83+
# Remote syslog logging
84+
#
85+
86+
# The omfwd plug-in provides the core functionality of traditional message
87+
# forwarding via UDP and plain TCP. It is a built-in module that does not need
88+
# to be loaded.
89+
90+
*.*
91+
action(type="omfwd" Target="3.3.3.3" Port="514" Protocol="udp" Template="SONiCForwardFormat")
92+

src/sonic-config-engine/tests/test_j2files.py

Lines changed: 21 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -759,16 +759,35 @@ def test_rsyslog_conf(self):
759759
# Skip on python2 as the change will not be backported to previous version
760760
return
761761

762-
conf_template = os.path.join(self.test_dir, '..', '..', '..', 'files', 'image_config', 'rsyslog', 'rsyslog.conf.j2')
762+
conf_template = os.path.join(self.test_dir, '..', '..', '..', 'files', 'image_config', 'rsyslog',
763+
'rsyslog.conf.j2')
763764
config_db_json = os.path.join(self.test_dir, "data", "rsyslog", "config_db.json")
764-
additional_data = "{\"udp_server_ip\": \"10.150.22.222\", \"hostname\": \"kvm-host\"}"
765+
additional_data = "{\"udp_server_ip\": \"1.1.1.1\", \"hostname\": \"kvm-host\"}"
765766

766767
argument = ['-j', config_db_json, '-t', conf_template, '-a', additional_data]
767768
self.run_script(argument, output_file=self.output_file)
768769
with open(self.output_file) as file:
769770
pattern = r'^action.*Device="eth0".*'
770771
for line in file:
771772
assert not bool(re.match(pattern, line.strip())), "eth0 is not allowed in Mgfx device"
773+
self.assertTrue(utils.cmp(os.path.join(self.test_dir, 'sample_output', utils.PYvX_DIR, 'rsyslog.conf'),
774+
self.output_file))
775+
776+
def test_rsyslog_conf_docker0_ip(self):
777+
if utils.PYvX_DIR != 'py3':
778+
# Skip on python2 as the change will not be backported to previous version
779+
return
780+
781+
conf_template = os.path.join(self.test_dir, '..', '..', '..', 'files', 'image_config', 'rsyslog',
782+
'rsyslog.conf.j2')
783+
config_db_json = os.path.join(self.test_dir, "data", "rsyslog", "config_db.json")
784+
additional_data = "{\"udp_server_ip\": \"1.1.1.1\", \"hostname\": \"kvm-host\", " + \
785+
"\"docker0_ip\": \"2.2.2.2\"}"
786+
787+
argument = ['-j', config_db_json, '-t', conf_template, '-a', additional_data]
788+
self.run_script(argument, output_file=self.output_file)
789+
self.assertTrue(utils.cmp(os.path.join(self.test_dir, 'sample_output', utils.PYvX_DIR,
790+
'rsyslog_with_docker0.conf'), self.output_file))
772791

773792
def tearDown(self):
774793
os.environ["CFGGEN_UNIT_TESTING"] = ""

0 commit comments

Comments
 (0)