← 返回 Skills 市场
Recommended
729
总下载
0
收藏
2
当前安装
2
版本数
在 OpenClaw 中安装
/install sonic-build
功能描述
Build SONiC (Software for Open Networking in the Cloud) switch images from sonic-buildimage. Use when building VS/ASIC images, configuring build parallelism/...
使用说明 (SKILL.md)
SONiC Image Build
Quick Start
cd sonic-buildimage
make init
make configure PLATFORM=vs # or broadcom, mellanox, etc.
make SONIC_BUILD_JOBS=4 target/sonic-vs.img.gz
For dev builds (skip tests): add BUILD_SKIP_TEST=y.
Build Architecture
Two-phase build via GNU Make → slave.mk → sonic-slave Docker container:
- Bookworm phase — compile all packages (debs, python wheels, Docker images) into
target/debs/bookworm/ - Trixie phase — assemble final image from phase 1 packages into
target/debs/trixie/
Makefile invokes Makefile.work with different BLDENV per phase. The configure target creates per-distro directories.
Configuration
All knobs in rules/config. Override in rules/config.user (gitignored, persists across rebases).
Key Knobs
| Knob | Default | Recommended | Effect |
|---|---|---|---|
SONIC_CONFIG_BUILD_JOBS |
1 | 4 | Parallel top-level package builds |
SONIC_CONFIG_MAKE_JOBS |
$(nproc) |
default | Compiler threads per package |
BUILD_SKIP_TEST |
n | y (dev) | Skip unit tests |
SONIC_BUILD_MEMORY |
unset | 24g | Docker --memory — contains OOM in container |
SONIC_DPKG_CACHE_METHOD |
none | rwcache | Cache .deb packages for incremental builds |
DEFAULT_BUILD_LOG_TIMESTAMP |
none | simple | Timestamps in build logs |
SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD |
unset | y | Host Docker daemon instead of DinD |
Recommended rules/config.user
SONIC_CONFIG_BUILD_JOBS = 4
BUILD_SKIP_TEST = y
SONIC_BUILD_MEMORY = 24g
DEFAULT_BUILD_LOG_TIMESTAMP = simple
Parallelism
Rule of thumb: JOBS × 6GB ≤ available RAM.
- JOBS=1: ~3h VS build, ~10GB RAM
- JOBS=4: significant speedup, ~20GB RAM
- JOBS=8: OOM risk on \x3C48GB RAM
Why JOBS=1 is slow: 64/194 packages depend on libswsscommon (critical path bottleneck). JOBS=1 leaves most cores idle.
Memory Protection
Without limits, parallel builds can trigger the kernel OOM killer on any host process.
# Container-scoped OOM (host stays healthy):
SONIC_BUILD_MEMORY = 24g
# Or via CLI:
make SONIC_BUILDER_EXTRA_CMDLINE="--memory=24g" ...
Caching
DPKG cache (package-level)
SONIC_DPKG_CACHE_METHOD = rwcache
SONIC_DPKG_CACHE_SOURCE = /var/cache/sonic/artifacts
Version cache (downloads)
SONIC_VERSION_CACHE_METHOD = cache
Rebuilding a Single Package
make target/debs/bookworm/sonic-utilities_1.2-1_all.deb
make target/docker-syncd-vs.gz
ls target/debs/bookworm/ | grep \x3Cname>
Clean Builds
When to clean: after branch switch, rebase, or unexplained failures.
rm -rf target/* # always full clean, not selective
make configure PLATFORM=vs
make SONIC_BUILD_JOBS=4 target/sonic-vs.img.gz
Stale artifacts (
.bin, squashfs) confuse make into skipping phases.
Submodules
make init # after clone or pull
git submodule update --init --force src/\x3Cmodule> # fix corrupted submodule
SSH clone is more reliable than HTTPS (HTTPS can give HTTP 500).
Common Pitfalls
For detailed troubleshooting, see references/troubleshooting.md.
Prerequisites
See references/prerequisites.md for host setup (Docker, Python, jinjanator).
VS Platform Notes
See references/vs-platform.md for VS-specific details (TAP devices, port mapping, sai.profile, oper speed).
PR Submission
- Single commit per PR (squash before push)
git commit -sfor DCO sign-off- Rebase to latest master before force-push
- Add tests — run
BUILD_SKIP_TEST=nat least once - Monitor CI after push
安全使用建议
This skill appears to be what it claims: a SONiC build guide plus a host setup script. Before running the prerequisites script, be aware it will: (1) require sudo and will install apt packages and pip packages, (2) add your user to the docker group (this grants broad container privileges on the host), and (3) clone the upstream sonic-buildimage repo from GitHub and fetch Docker GPG keys from download.docker.com. If you have concerns, run the script inside an isolated VM or disposable machine, review the script line-by-line, ensure you are comfortable with adding docker group membership, and provide SSH credentials yourself if you prefer SSH-based repo fetches for submodules. Also note the docs include an example VM password and other convenience guidance — treat defaults as examples, not secure settings.
功能分析
Type: OpenClaw Skill
Name: sonic-build
Version: 1.1.0
The OpenClaw skill bundle is classified as benign. All files, including the `SKILL.md` instructions and the `scripts/prerequisites.sh` script, align with the stated purpose of building SONiC images. The `prerequisites.sh` script performs necessary system-level installations (Python tools, Git, Docker) and clones the official SONiC repository from legitimate sources (download.docker.com, github.com/sonic-net). There is no evidence of prompt injection attempts against the agent, data exfiltration, malicious execution, persistence mechanisms, or obfuscation. All commands and instructions are transparent and directly related to setting up and managing a SONiC build environment.
能力评估
Purpose & Capability
Name/description match the provided files: SKILL.md, platform notes, troubleshooting, and a prerequisites installer for sonic-buildimage. All requested actions (Docker, pip, git, cloning the sonic-buildimage repo, setting build knobs) are expected for this purpose.
Instruction Scope
SKILL.md stays on-topic (build steps, config knobs, caching, cleaning, submodules). It instructs users to run the bundled prerequisites script which performs system-level package installs and repo cloning — expected for preparing a build host but requires elevated privileges and network access. No instructions attempt to read unrelated host files or exfiltrate data.
Install Mechanism
There is no automatic install spec; the skill is instruction-only plus a small included script. The script uses standard, well-known endpoints (download.docker.com, github.com) and standard package tools (apt, pip). No obfuscated downloads or unknown third-party URLs are used.
Credentials
The skill declares no required credentials or config paths. The included script does require sudo to install packages and will add the user to the docker group — a legitimate requirement for running Docker-centric builds but one that elevates the user's ability to control containers on the host.
Persistence & Privilege
always is false and the skill does not request persistent agent privileges or modify other skills. The only host-level change is adding the user to the docker group (performed by the prerequisites script), which is standard for Docker workflows but should be considered a privilege grant on the host.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install sonic-build - 安装完成后,直接呼叫该 Skill 的名称或使用
/sonic-build触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Bundle prerequisites script locally instead of curl-piping from GitHub
v1.0.0
Initial release: build best practices, prerequisites, troubleshooting, VS platform notes. Covers parallelism, memory, caching, clean builds, submodules, and PR workflow.
元数据
常见问题
sonic-build 是什么?
Build SONiC (Software for Open Networking in the Cloud) switch images from sonic-buildimage. Use when building VS/ASIC images, configuring build parallelism/... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 729 次。
如何安装 sonic-build?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install sonic-build」即可一键安装,无需额外配置。
sonic-build 是免费的吗?
是的,sonic-build 完全免费(开源免费),可自由下载、安装和使用。
sonic-build 支持哪些平台?
sonic-build 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 sonic-build?
由 rustiqly(@rustiqly)开发并维护,当前版本 v1.1.0。
推荐 Skills