syslog changes Multi NPU platforms

[arlakshm]

Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan arlakshm@microsoft.com

- Why I did it
Add changes for syslog support for containers running in namespaces on multi NPU platforms.
On Multi NPU platforms

• Rsyslog service is only running on the host. There is no rsyslog service running in each namespace.
• On multi NPU platforms the rsyslog service on the host will be listening on the docker0 ip address instead of loopback address.
• The rsyslog.conf on the containers is modified to have omfwd target ip to be docker0 ipaddress instead of loopback ip

No change done for single ASIC platforms

- How I did it

• Add new j2 file for the generating the rsyslog.conf inside the containers
• Generate the rsyslog.conf and copy to the containers in the preStartAction function.
• Update the rsyslog-config.sh script to update the rsyslog.conf on the host to listen to docker0 ip address in multi NPU platforms.

- How to verify it
Verify the syslogs are generated properly
Sample logs:

admin@sonic:~$ sudo grep -i orchagent /var/log/syslog.1
Jun  9 16:18:21.902661 sonic INFO swss4[612] 2020-06-09 16:18:21,902 INFO spawned: 'orchagent' with pid 42#015
Jun  9 16:18:22.142771 sonic INFO swss0[612] 2020-06-09 16:18:22,142 INFO spawned: 'orchagent' with pid 42#015
Jun  9 16:18:22.200722 sonic INFO swss1[612] 2020-06-09 16:18:22,200 INFO spawned: 'orchagent' with pid 36#015
Jun  9 16:18:22.234121 sonic INFO swss5[612] 2020-06-09 16:18:22,233 INFO spawned: 'orchagent' with pid 38#015
Jun  9 16:18:22.612859 sonic INFO swss3[612] 2020-06-09 16:18:22,611 INFO spawned: 'orchagent' with pid 36#015
Jun  9 16:18:22.802017 sonic INFO swss2[612] 2020-06-09 16:18:22,801 INFO spawned: 'orchagent' with pid 37#015
Jun  9 16:18:22.915873 sonic INFO swss4[612] 2020-06-09 16:18:22,911 INFO success: orchagent entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)#015
Jun  9 16:18:23.146156 sonic INFO swss0[612] 2020-06-09 16:18:23,145 INFO success: orchagent entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)#015
Jun  9 16:18:23.211117 sonic INFO swss1[612] 2020-06-09 16:18:23,207 INFO success: orchagent entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)#015
Jun  9 16:18:23.240845 sonic INFO swss5[612] 2020-06-09 16:18:23,236 INFO success: orchagent entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)#015
Jun  9 16:18:23.615436 sonic INFO swss3[612] 2020-06-09 16:18:23,615 INFO success: orchagent entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)#015
Jun  9 16:18:23.808437 sonic INFO swss2[612] 2020-06-09 16:18:23,806 INFO success: orchagent entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)#015

- Description for the changelog

- A picture of a cute animal (not mandatory but encouraged)

[SuvarnaMeenakshi]

Should there be a check to make sure docker_image_run_opt does not have--log-driver=json-file ?

[arlakshm]

@SuvarnaMeenakshi syslogs will not work if the log-driver is json on containers running the docker bridge network, so I think we can ignore --log-driver=json-file in this case.

[qiluo-msft]

Could you giver proof or reference that "syslogs will not work if the log-driver is json on containers running the docker bridge network"? #Closed

[arlakshm]

Logs

docker logs for swss running in namespace asic0.

admin@sonic:~$ docker logs swss0 | grep orchagent
2020-06-10 00:45:01,434 INFO spawned: 'orchagent' with pid 36
2020-06-10 00:45:02,439 INFO success: orchagent entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

same logs not available in syslog file

admin@sonic:~$ sudo zgrep -i orchagent /var/log/syslog.*
admin@sonic:~$

[qiluo-msft]

I see your point. Syslogs will not work if the log-driver is json and this is not related to docker bridge network and applicable to previous single ASIC use case.

Do you want to fix both single ASIC and multiple ASIC? #Closed

[arlakshm]

I didnt change the Single ASIC I didnt want to break any backward compatibility for some applications,

[qiluo-msft]

Then you need to check '--log-driver=json-file' in docker_image_run_opt because it will work if user specify it explicitly #Closed

[arlakshm]

Fixed in the latest commit

[qiluo-msft]

As comment

[qiluo-msft]

ip -o -4 addr list $intf [](start = 16, length = 24)

There may be more than one lo interfaces. How do you handle? #Closed

[arlakshm]

fixed in the latest commit

[qiluo-msft]

Suggested change

	syslog_address=$(ip -o -4 addr list docker0 | awk '{print $4}' | cut -d/ -f1)
	syslog_address=$(docker network inspect bridge --format='{{(index .IPAM.Config 0).Gateway}}')
	``` #Closed

[qiluo-msft]

This IP address is actually available in build time. Check files/docker/docker.service.conf

---

In reply to: 439565102 [](ancestors = 439565102)

[arlakshm]

This change has been removed

[qiluo-msft]

[](start = 21, length = 1)

One extra blank #Closed

[arlakshm]

added in the latest commit

[qiluo-msft]

Could you remove the extra blank in

sonic-cfggen  -t

---

In reply to: 439579965 [](ancestors = 439579965)

[arlakshm]

Fixed in the latest commit

[qiluo-msft]

container_name [](start = 116, length = 14)

This field make original code useless.

ARG docker_container_name

Could you remove original related code in Dockerfile(s)? #Pending

[arlakshm]

Agreed. I will do it in a separate PR. Filed this issue to track this.

[qiluo-msft]

TARGET_IP=$(ip -o -4 addr list docker0 | awk '{print $4}' | cut -d/ -f1) [](start = 8, length = 72)

This IP address is actually available in build time. Check files/docker/docker.service.conf #Closed

[arlakshm]

Yes, I didn't want to hard code the ip address here. So using this method to get the docker0 ip address

[qiluo-msft]

I mean docker0 IP address is actually available in build time. Check files/docker/docker.service.conf. You are ok to use ip command, but build time constant may be easier.

---

In reply to: 439581391 [](ancestors = 439581391)

[qiluo-msft]

I see. Your solution is future proof.

---

In reply to: 440542831 [](ancestors = 440542831,439581391)

[qiluo-msft]

TMP_FILE="/tmp/rsyslog.$CONTAINER_NAME.conf" [](start = 8, length = 44)

Could you use Dockerfile ENV and docker create --env to pass the container_name. Then no need to create tmpfile. #Pending

[arlakshm]

The tmp file is created after rendering this template /usr/share/sonic/templates/rsyslog-container.conf.j2, which has updated syslog.conf file. I don't think the tmp file can be avoided even if we pass the ENV to the container.

In Multi-NPU platforms it is possible that multi containers can be started at the same time, to avoid container using wrong syslog.conf files I am using the container name in the tmp filename

[qiluo-msft]

Let's create two ENV:

1. RSYSLOG_SERVER_IP
2. CONTAINER_NAME

Pass the ENV values by command docker create ... --env RSYSLOG_SERVER_IP=AA.BB.CC.DD ...

The benefit:

1. not tmp file management
2. works with multiple containers from single image

---

In reply to: 439583041 [](ancestors = 439583041)

[arlakshm]

@qiluo-msft created a issue to track 4778 to improvements suggested in this comment.

[qiluo-msft]

single NPU systems and container running on the host network continue to use the json-file as log-driver [](start = 8, length = 106)

The different behavior of single NPU vs multiple NPU is confusing and complex deign.

What about moving all use cases to log-driver, or all use cases to json-file as before? #Closed

[arlakshm]

Changed to use json-file for all cases

[qiluo-msft]

No need to change this line #Closed

[arlakshm]

Fixed in latest commit

[qiluo-msft]

No need to change this line #Closed

[arlakshm]

Fixed in latest commit

[qiluo-msft]

Suggested change

	TARGET_IP=$(ip -o -4 addr list docker0 | awk '{print $4}' | cut -d/ -f1)
	TARGET_IP=$(docker network inspect bridge --format='{{(index .IPAM.Config 0).Gateway}}')
	``` #Closed

[arlakshm]

Fixed in the latest commit

[arlakshm]

@qiluo-msft , @SuvarnaMeenakshi , @lguohan
Please help approve if there are no more comments