diff options
20 files changed, 117 insertions, 25 deletions
diff --git a/cec6_env/group_vars/all.yml b/cec6_env/group_vars/all.yml new file mode 100644 index 0000000..cb463e8 --- /dev/null +++ b/cec6_env/group_vars/all.yml @@ -0,0 +1,27 @@ +houyi_global: + sapp: + install: false + packet_io: + inbound_route_dir: 1 + internal_device: "enp175s0f0" + external_device: "enp175s0f1" + packet_io_depolyment: + mode: "mirror" + + houyi: + redis_server_ip: "192.168.70.125" + redis_server_port: 7002 + redis_index: 0 + + rpm_files: + houyi_rpm_file: "houyi-1.2.0.647fcd4-1.el7.x86_64.rpm" + houyi_common_tools_rpm_file: "houyi-common-tools-1.0.0.ed74540-1.el7.x86_64.rpm" + houyi_plug_rpm_file: "houyi-plug-1.2.0.281c7ec-1.el7.x86_64.rpm" + net_flood_rpm_file: "net_flood-2.0.3.8d3d59b-1.el7.x86_64.rpm" + sapp_rpm_file: "sapp-4.0.8.c43dbc1-1.el7.x86_64.rpm" + wire_graft_rpm_file: "wire-graft-1.0.0.d757e02-1.el7.x86_64.rpm" + + kafka: + brokers: "192.168.70.128:9092" + interval: 30 + topic_name: "ACTIVE-DEFENCE-EVENT-LOG"
\ No newline at end of file diff --git a/cec6_env/hosts.xxg b/cec6_env/hosts.xxg new file mode 100644 index 0000000..f4b06af --- /dev/null +++ b/cec6_env/hosts.xxg @@ -0,0 +1,9 @@ +[all:vars] +ansible_user=root + +[sled-mcn0] +192.168.70.203 + +[tsg-all:children] +sled-mcn0 + diff --git a/houyi-uninstall.yml b/houyi-uninstall.yml index 76b53a7..ceb1b4c 100644 --- a/houyi-uninstall.yml +++ b/houyi-uninstall.yml @@ -13,10 +13,10 @@ state: stopped ignore_errors: yes -# - name: "uninstall sapp" -# yum: -# name: "sapp" -# state: absent + - name: "uninstall sapp" + yum: + name: "sapp" + state: absent - name: "uninstall houyi" yum: @@ -37,4 +37,9 @@ yum: name: "net_flood" state: absent + + - name: "uninstall wire_graft" + yum: + name: "wire_graft" + state: absent
\ No newline at end of file diff --git a/roles/sled-mcn0/files/etc/houyi_plug.conf b/roles/sled-mcn0/files/etc/houyi_plug.conf index 3407f6b..8ebec92 100644 --- a/roles/sled-mcn0/files/etc/houyi_plug.conf +++ b/roles/sled-mcn0/files/etc/houyi_plug.conf @@ -6,3 +6,20 @@ log_interval=3 fs2_remote_server_ip=192.168.40.1 fs2_remote_server_port=8152 +[cc] +#因双网卡透明模式下, DNS server安装在internal, 很多时候为了复用方便, nginx也装在了同一台服务器, +#但本来cc模式是要send to external的, 此处加一个配置文件, 便于在不同环境测试. +#正式环境下, 默认肯定是ItoE的 +default_send_dir=EtoI + +[maat] +table_info=./houyi_etc/maat_tableinfo.conf +#json, redis, local_file +#config_src_type=redis +config_src_type=json +json_cfg_file=/opt/houyi/bin/houyi_etc/maat_test.json +inc_dir=./redis_dump/ +full_dir=./redis_dump/ +redis_server_ip=192.168.40.131 +redis_server_port=7002 +redis_index=0
\ No newline at end of file diff --git a/roles/sled-mcn0/files/rpm/houyi-1.2.0.4694576-1.el7.x86_64.rpm b/roles/sled-mcn0/files/rpm/houyi-1.2.0.4694576-1.el7.x86_64.rpm Binary files differnew file mode 100644 index 0000000..81245bd --- /dev/null +++ b/roles/sled-mcn0/files/rpm/houyi-1.2.0.4694576-1.el7.x86_64.rpm diff --git a/roles/sled-mcn0/files/rpm/houyi-1.2.0.647fcd4-1.el7.x86_64.rpm b/roles/sled-mcn0/files/rpm/houyi-1.2.0.647fcd4-1.el7.x86_64.rpm Binary files differdeleted file mode 100644 index 4517741..0000000 --- a/roles/sled-mcn0/files/rpm/houyi-1.2.0.647fcd4-1.el7.x86_64.rpm +++ /dev/null diff --git a/roles/sled-mcn0/files/rpm/houyi-common-tools-1.0.0.ed74540-1.el7.x86_64.rpm b/roles/sled-mcn0/files/rpm/houyi-common-tools-1.0.0.ed74540-1.el7.x86_64.rpm Binary files differdeleted file mode 100644 index 896e198..0000000 --- a/roles/sled-mcn0/files/rpm/houyi-common-tools-1.0.0.ed74540-1.el7.x86_64.rpm +++ /dev/null diff --git a/roles/sled-mcn0/files/rpm/houyi-common-tools-1.0.1.800e146-1.el7.x86_64.rpm b/roles/sled-mcn0/files/rpm/houyi-common-tools-1.0.1.800e146-1.el7.x86_64.rpm Binary files differnew file mode 100644 index 0000000..f206261 --- /dev/null +++ b/roles/sled-mcn0/files/rpm/houyi-common-tools-1.0.1.800e146-1.el7.x86_64.rpm diff --git a/roles/sled-mcn0/files/rpm/houyi-plug-1.1.8.7051ab2-1.el7.x86_64.rpm b/roles/sled-mcn0/files/rpm/houyi-plug-1.1.8.7051ab2-1.el7.x86_64.rpm Binary files differdeleted file mode 100644 index 9b46c0e..0000000 --- a/roles/sled-mcn0/files/rpm/houyi-plug-1.1.8.7051ab2-1.el7.x86_64.rpm +++ /dev/null diff --git a/roles/sled-mcn0/files/rpm/houyi-plug-1.2.0.99bb9d9-1.el7.x86_64.rpm b/roles/sled-mcn0/files/rpm/houyi-plug-1.2.0.99bb9d9-1.el7.x86_64.rpm Binary files differnew file mode 100644 index 0000000..80b91b7 --- /dev/null +++ b/roles/sled-mcn0/files/rpm/houyi-plug-1.2.0.99bb9d9-1.el7.x86_64.rpm diff --git a/roles/sled-mcn0/files/rpm/net_flood-2.0.3.8d3d59b-1.el7.x86_64.rpm b/roles/sled-mcn0/files/rpm/net_flood-2.0.3.8d3d59b-1.el7.x86_64.rpm Binary files differdeleted file mode 100644 index 2a07551..0000000 --- a/roles/sled-mcn0/files/rpm/net_flood-2.0.3.8d3d59b-1.el7.x86_64.rpm +++ /dev/null diff --git a/roles/sled-mcn0/files/rpm/net_flood-2.1.0.a06f126-1.el7.x86_64.rpm b/roles/sled-mcn0/files/rpm/net_flood-2.1.0.a06f126-1.el7.x86_64.rpm Binary files differnew file mode 100644 index 0000000..2f95bf8 --- /dev/null +++ b/roles/sled-mcn0/files/rpm/net_flood-2.1.0.a06f126-1.el7.x86_64.rpm diff --git a/roles/sled-mcn0/files/rpm/sapp-4.0.12.f8435d8-x86_64...rpm b/roles/sled-mcn0/files/rpm/sapp-4.0.12.f8435d8-x86_64...rpm Binary files differnew file mode 100644 index 0000000..aad4d1e --- /dev/null +++ b/roles/sled-mcn0/files/rpm/sapp-4.0.12.f8435d8-x86_64...rpm diff --git a/roles/sled-mcn0/files/rpm/sapp-4.0.8.c43dbc1-1.el7.x86_64.rpm b/roles/sled-mcn0/files/rpm/sapp-4.0.8.c43dbc1-1.el7.x86_64.rpm Binary files differdeleted file mode 100644 index fe357da..0000000 --- a/roles/sled-mcn0/files/rpm/sapp-4.0.8.c43dbc1-1.el7.x86_64.rpm +++ /dev/null diff --git a/roles/sled-mcn0/files/rpm/wire-graft-1.0.0.d757e02-1.el7.x86_64.rpm b/roles/sled-mcn0/files/rpm/wire-graft-1.0.0.d757e02-1.el7.x86_64.rpm Binary files differnew file mode 100644 index 0000000..68d09bd --- /dev/null +++ b/roles/sled-mcn0/files/rpm/wire-graft-1.0.0.d757e02-1.el7.x86_64.rpm diff --git a/roles/sled-mcn0/tasks/main.yml b/roles/sled-mcn0/tasks/main.yml index ecdfcc1..da5c200 100644 --- a/roles/sled-mcn0/tasks/main.yml +++ b/roles/sled-mcn0/tasks/main.yml @@ -18,20 +18,25 @@ synchronize: src: "{{ role_path }}/files/rpm/{{ houyi_global.rpm_files.houyi_common_tools_rpm_file }}" dest: "/tmp/houyi_deploy/" + +- name: "copy wire_graft_rpm_file to destination server" + synchronize: + src: "{{ role_path }}/files/rpm/{{ houyi_global.rpm_files.wire_graft_rpm_file }}" + dest: "/tmp/houyi_deploy/" -#- name: "copy sapp_rpm_file to destination server" -# synchronize: -# src: "{{ role_path }}/files/rpm/{{ houyi_global.rpm_files.sapp_rpm_file }}" -# dest: "/tmp/houyi_deploy/" - -#- name: "install sapp" -# yum: -# name: "{{ packages }}" -# state: present -# vars: -# packages: -# - /tmp/houyi_deploy/{{ houyi_global.rpm_files.sapp_rpm_file }} +- name: "copy sapp_rpm_file to destination server" + synchronize: + src: "{{ role_path }}/files/rpm/{{ houyi_global.rpm_files.sapp_rpm_file }}" + dest: "/tmp/houyi_deploy/" +- name: "install sapp" + yum: + name: "{{ packages }}" + state: present + vars: + packages: + - /tmp/houyi_deploy/{{ houyi_global.rpm_files.sapp_rpm_file }} + - name: "install houyi-common-tools" yum: name: "{{ packages }}" @@ -64,6 +69,15 @@ packages: - /tmp/houyi_deploy/{{ houyi_global.rpm_files.net_flood_rpm_file }} +- name: "install wire_graft" + yum: + name: "{{ packages }}" + state: present + vars: + packages: + - /tmp/houyi_deploy/{{ houyi_global.rpm_files.wire_graft_rpm_file }} + + - name: "Template the sapp.toml" template: src: "{{ role_path }}/templates/sapp.toml.j2" @@ -93,6 +107,12 @@ src: "{{ role_path }}/templates/houyi_send_log.conf.j2" dest: /opt/houyi/bin/houyi_etc/houyi_send_log.conf tags: template + +- name: "Template the houyi_plug_send_log.conf" + template: + src: "{{ role_path }}/templates/houyi_plug_send_log.conf.j2" + dest: /home/mesasoft/sapp_run/houyi_etc/houyi_send_log.conf + tags: template - name: "Template the houyi_plug.conf" template: diff --git a/roles/sled-mcn0/templates/houyi_plug.conf.j2 b/roles/sled-mcn0/templates/houyi_plug.conf.j2 index d51925e..d3f5ecf 100644 --- a/roles/sled-mcn0/templates/houyi_plug.conf.j2 +++ b/roles/sled-mcn0/templates/houyi_plug.conf.j2 @@ -10,7 +10,7 @@ fs2_remote_server_port=8152 #因双网卡透明模式下, DNS server安装在internal, 很多时候为了复用方便, nginx也装在了同一台服务器, #但本来cc模式是要send to external的, 此处加一个配置文件, 便于在不同环境测试. #正式环境下, 默认肯定是ItoE的 -default_send_dir=1 +default_send_dir=E2I [maat] table_info=./houyi_etc/maat_tableinfo.conf diff --git a/roles/sled-mcn0/templates/houyi_plug_send_log.conf.j2 b/roles/sled-mcn0/templates/houyi_plug_send_log.conf.j2 new file mode 100644 index 0000000..038d84d --- /dev/null +++ b/roles/sled-mcn0/templates/houyi_plug_send_log.conf.j2 @@ -0,0 +1,12 @@ +[field_stat2] +Fs2_log_enable=1 +Fs2_log_local_dir_path=./houyi_log +Fs2_server_ip=127.0.0.1 +Fs2_server_port=8125 +Fs2_interval=3 + +[kafka] +Kafka_log_enable=1 +kafka_brokers={{houyi_global.kafka.brokers}} +Kafka_interval={{houyi_global.kafka.interval}} +kafka_topic_name={{houyi_global.kafka.topic_name}} diff --git a/roles/sled-mcn0/templates/houyi_send_log.conf.j2 b/roles/sled-mcn0/templates/houyi_send_log.conf.j2 index df16446..038d84d 100644 --- a/roles/sled-mcn0/templates/houyi_send_log.conf.j2 +++ b/roles/sled-mcn0/templates/houyi_send_log.conf.j2 @@ -1,6 +1,6 @@ [field_stat2] Fs2_log_enable=1 -Fs2_log_local_dir_path=./log +Fs2_log_local_dir_path=./houyi_log Fs2_server_ip=127.0.0.1 Fs2_server_port=8125 Fs2_interval=3 diff --git a/xxg_env/group_vars/all.yml b/xxg_env/group_vars/all.yml index a8a24a9..ff0d33f 100644 --- a/xxg_env/group_vars/all.yml +++ b/xxg_env/group_vars/all.yml @@ -1,11 +1,12 @@ houyi_global: sapp: + install: true packet_io: inbound_route_dir: 1 internal_device: "eth5" external_device: "eth4" packet_io_depolyment: - mode: "mirror" + mode: "transparent" houyi: redis_server_ip: "192.168.40.131" @@ -13,13 +14,14 @@ houyi_global: redis_index: 0 rpm_files: - houyi_rpm_file: "houyi-1.2.0.647fcd4-1.el7.x86_64.rpm" - houyi_common_tools_rpm_file: "houyi-common-tools-1.0.0.ed74540-1.el7.x86_64.rpm" - houyi_plug_rpm_file: "houyi-plug-1.1.8.7051ab2-1.el7.x86_64.rpm" - net_flood_rpm_file: "net_flood-2.0.3.8d3d59b-1.el7.x86_64.rpm" - sapp_rpm_file: "sapp-4.0.8.c43dbc1-1.el7.x86_64.rpm" + houyi_rpm_file: "houyi-1.2.0.4694576-1.el7.x86_64.rpm" + houyi_common_tools_rpm_file: "houyi-common-tools-1.0.1.800e146-1.el7.x86_64.rpm" + houyi_plug_rpm_file: "houyi-plug-1.2.0.99bb9d9-1.el7.x86_64.rpm" + net_flood_rpm_file: "net_flood-2.1.0.a06f126-1.el7.x86_64.rpm" + sapp_rpm_file: "sapp-4.0.12.f8435d8-x86_64...rpm" + wire_graft_rpm_file: "wire-graft-1.0.0.d757e02-1.el7.x86_64.rpm" kafka: brokers: "192.168.40.224:9092" - interval: 10 + interval: 30 topic_name: "ACTIVE-DEFENCE-EVENT-LOG"
\ No newline at end of file |