Open scoopex opened 6 months ago
@scoopex can you reproduce this with official SONiC image as we are not sure what may be in the Edgecore build that may have cuased this. if it is also reproducible on official sonic image we can ask @qiluo-msft tohelp take a look. Thanks! I will assign this back to you for now.
@gechiang i tried to reproduce the problem using the software switch, but unfortunately the install procedure is broken.
Got help at the matrix chat that the software switch seems to be abandoned.
I performed the following test with a master build. It seems that the problem is still there.
Start a kvm virtual machine: (based on https://sonic.software/)
DIR="$(mktemp -d /tmp/sonic.XXXXX)
cd $DIR
wget https://sonic.software/download-gns3a.sh
bash ./download-gns3a.sh master
qemu-system-x86_64 -machine q35 -m 4096 -smp 4 -hda sonic*.img \
-nographic -netdev user,id=sonic0,hostfwd=tcp::5555-:22 \
-device e1000,netdev=sonic0 -cpu host -accel kvm
# Password admin/YourPaSsWoRd
ssh admin@localhost -p 5555
Reproduced the problem: (the systems does not have a public community as a default, but the problem can be reproduced after adding it)
root@sonic:/home/admin# show runningconfiguration snmp
Location
----------
SNMP_CONTACT SNMP_CONTACT_EMAIL
-------------- --------------------
Community String Community Type
------------------ ----------------
User Permission Type Type Auth Type Auth Password Encryption Type Encryption Password
------ ----------------- ------ ----------- --------------- ----------------- ---------------------
root@sonic:/home/admin# config snmp community add public RO
SNMP community public is already configured
root@sonic:/home/admin# config snmp community replace public Eevaid7xoh4m
SNMP community Eevaid7xoh4m added to configuration
SNMP community Eevaid7xoh4m replace community public
Restarting SNMP service...
root@sonic:/home/admin# show runningconfiguration snmp
Location
----------
public
SNMP_CONTACT SNMP_CONTACT_EMAIL
-------------- --------------------
Community String Community Type
------------------ ----------------
Eevaid7xoh4m RO
public RO
root@sonic:/home/admin# config snmp community del public
SNMP community public removed from configuration
Restarting SNMP service...
root@sonic:/home/admin# show runningconfiguration snmp
Location
----------
public
SNMP_CONTACT SNMP_CONTACT_EMAIL
-------------- --------------------
Community String Community Type
------------------ ----------------
Eevaid7xoh4m RO
public RO
User Permission Type Type Auth Type Auth Password Encryption Type Encryption Password
------ ----------------- ------ ----------- --------------- ----------------- ---------------------
The root cause of the issue appears to be PR #6205. The change was implemented to convert the contents of /etc/sonic/snmp.yml
into the configdb.
However, the conversion script runs every time the SNMP service is started/restarted. This means the file will be reimported into the db and if snmp_rocommunity: public
is not manually removed from /etc/sonic/snmp.yml
it will also be added to the config.
@qiluo-msft - Do we still need to include the snmp.yml
file if it is no longer necessary?
Description
Unable to remove "public" snmp community.
Steps to reproduce the issue:
Review the inital configuration status
Add new communities
Remove it manually
Describe the results you received:
The "public" community is still configured.
Describe the results you expected:
The "public" community should be abandoned.
Output of
show version
:This problem happens with all recent switch type we use and with the community and the enterprise images.