summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author崔一鸣 <[email protected]>2020-01-08 20:02:59 +0800
committer崔一鸣 <[email protected]>2020-01-08 20:07:38 +0800
commit04e3ef7f33a298ac7b7abd557cf960608e879817 (patch)
tree7e0df003705a1cf2cf6f893d50a23444a9c36242
parent90077d70eda589df5b738b7eb11080e7e3ee6154 (diff)
兼容Firewall版本, sapp和kni拆开
Diffstat
-rw-r--r--env-prod-astana/group_vars/all.yml2
-rw-r--r--env-stage-hy/group_vars/all.yml4
-rw-r--r--env-stage-pc/group_vars/all.yml4
-rw-r--r--env-stage-xxg/group_vars/all.yml9
-rw-r--r--roles/framework/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpmbin49649456 -> 0 bytes
-rw-r--r--roles/framework/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpmbin13079596 -> 0 bytes
-rw-r--r--roles/kernel-ml/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpmbin49649456 -> 0 bytes
-rw-r--r--roles/kernel-ml/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpmbin13079596 -> 0 bytes
-rw-r--r--roles/kni/files/kni-2.1.5.9e42ae3-1.el7.centos.x86_64.rpmbin185424 -> 0 bytes
-rw-r--r--roles/kni/files/kni-3.0.0.4484554-1.el7.x86_64.rpmbin0 -> 87832 bytes
-rw-r--r--roles/kni/files/kni-debuginfo-3.0.0.4484554-1.el7.x86_64.rpmbin0 -> 34360 bytes
-rw-r--r--roles/kni/files/sapp-4.0.4.d31932a-1.el7.x86_64.rpmbin388192 -> 0 bytes
-rw-r--r--roles/kni/tasks/main.yml40
-rw-r--r--roles/kni/templates/conflist.inf.j28
-rw-r--r--roles/kni/templates/kni.conf.j229
-rw-r--r--roles/sapp/files/sapp-4.0.5.3385992-1.el7.x86_64.rpmbin0 -> 329836 bytes
-rw-r--r--roles/sapp/tasks/main.yml41
-rw-r--r--roles/sapp/templates/conflist.inf.j219
-rw-r--r--roles/sapp/templates/gdev.conf.j2 (renamed from roles/kni/templates/gdev.conf.j2)0
-rw-r--r--roles/sapp/templates/project_list.conf.j2 (renamed from roles/kni/templates/project_list.conf.j2)2
-rw-r--r--roles/sapp/templates/sapp.toml.j2 (renamed from roles/kni/templates/sapp.toml.j2)0
-rw-r--r--roles/tfe/files/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpmbin18264 -> 0 bytes
22 files changed, 70 insertions, 88 deletions
diff --git a/env-prod-astana/group_vars/all.yml b/env-prod-astana/group_vars/all.yml
index b16150a..cf790d0 100644
--- a/env-prod-astana/group_vars/all.yml
+++ b/env-prod-astana/group_vars/all.yml
@@ -36,8 +36,6 @@ kni:
tfe_node_count: 3
watch_dog:
switch: 1
- maat:
- readconf_mode: 2
send_logger:
switch: 1
tfe_nodes:
diff --git a/env-stage-hy/group_vars/all.yml b/env-stage-hy/group_vars/all.yml
index 87d0c65..226f13f 100644
--- a/env-stage-hy/group_vars/all.yml
+++ b/env-stage-hy/group_vars/all.yml
@@ -30,10 +30,6 @@ kni:
tfe_node_count: 3
watch_dog:
switch: 1
- maat:
- readconf_mode: 2
- send_logger:
- switch: 1
tfe_nodes:
- tfe0:
enabled: 1
diff --git a/env-stage-pc/group_vars/all.yml b/env-stage-pc/group_vars/all.yml
index 7e97e2b..0bedd4f 100644
--- a/env-stage-pc/group_vars/all.yml
+++ b/env-stage-pc/group_vars/all.yml
@@ -30,10 +30,6 @@ kni:
tfe_node_count: 3
watch_dog:
switch: 1
- maat:
- readconf_mode: 2
- send_logger:
- switch: 1
tfe_nodes:
- tfe0:
enabled: 1
diff --git a/env-stage-xxg/group_vars/all.yml b/env-stage-xxg/group_vars/all.yml
index b29f208..45bad5d 100644
--- a/env-stage-xxg/group_vars/all.yml
+++ b/env-stage-xxg/group_vars/all.yml
@@ -24,16 +24,15 @@ fs_remote:
address: "192.168.100.1"
port: 8125
+nic_transparent_mode:
+ enable: 0
+
kni:
global:
log_level: 30
tfe_node_count: 3
watch_dog:
switch: 1
- maat:
- readconf_mode: 2
- send_logger:
- switch: 1
tfe_nodes:
- tfe0:
enabled: 1
@@ -52,3 +51,5 @@ mrzcpd:
mrtunnat:
lcore_id: 46
+
+run_as_tun_mode: 1
diff --git a/roles/framework/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm b/roles/framework/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm
deleted file mode 100644
index 6fefdec..0000000
--- a/roles/framework/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm
+++ /dev/null
Binary files differ
diff --git a/roles/framework/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm b/roles/framework/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm
deleted file mode 100644
index 1dd97ca..0000000
--- a/roles/framework/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm
+++ /dev/null
Binary files differ
diff --git a/roles/kernel-ml/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm b/roles/kernel-ml/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm
deleted file mode 100644
index 6fefdec..0000000
--- a/roles/kernel-ml/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm
+++ /dev/null
Binary files differ
diff --git a/roles/kernel-ml/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm b/roles/kernel-ml/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm
deleted file mode 100644
index 1dd97ca..0000000
--- a/roles/kernel-ml/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm
+++ /dev/null
Binary files differ
diff --git a/roles/kni/files/kni-2.1.5.9e42ae3-1.el7.centos.x86_64.rpm b/roles/kni/files/kni-2.1.5.9e42ae3-1.el7.centos.x86_64.rpm
deleted file mode 100644
index a9bec57..0000000
--- a/roles/kni/files/kni-2.1.5.9e42ae3-1.el7.centos.x86_64.rpm
+++ /dev/null
Binary files differ
diff --git a/roles/kni/files/kni-3.0.0.4484554-1.el7.x86_64.rpm b/roles/kni/files/kni-3.0.0.4484554-1.el7.x86_64.rpm
new file mode 100644
index 0000000..e7a226a
--- /dev/null
+++ b/roles/kni/files/kni-3.0.0.4484554-1.el7.x86_64.rpm
Binary files differ
diff --git a/roles/kni/files/kni-debuginfo-3.0.0.4484554-1.el7.x86_64.rpm b/roles/kni/files/kni-debuginfo-3.0.0.4484554-1.el7.x86_64.rpm
new file mode 100644
index 0000000..c5c4159
--- /dev/null
+++ b/roles/kni/files/kni-debuginfo-3.0.0.4484554-1.el7.x86_64.rpm
Binary files differ
diff --git a/roles/kni/files/sapp-4.0.4.d31932a-1.el7.x86_64.rpm b/roles/kni/files/sapp-4.0.4.d31932a-1.el7.x86_64.rpm
deleted file mode 100644
index 265b32d..0000000
--- a/roles/kni/files/sapp-4.0.4.d31932a-1.el7.x86_64.rpm
+++ /dev/null
Binary files differ
diff --git a/roles/kni/tasks/main.yml b/roles/kni/tasks/main.yml
index 694fb23..7e366fb 100644
--- a/roles/kni/tasks/main.yml
+++ b/roles/kni/tasks/main.yml
@@ -1,53 +1,17 @@
---
-- name: "copy sapp and kni to destination server"
+- name: "copy kni to destination server"
copy:
src: "{{ role_path }}/files/"
dest: /tmp/ansible_deploy/
-- name: "install sapp rpms from localhost"
- yum:
- name:
- - /tmp/ansible_deploy/sapp-4.0.4.d31932a-1.el7.x86_64.rpm
- state: present
-
- name: "install kni rpms from localhost"
yum:
name:
- - /tmp/ansible_deploy/kni-2.1.5.9e42ae3-1.el7.centos.x86_64.rpm
+ - /tmp/ansible_deploy/kni-3.0.0.4484554-1.el7.x86_64.rpm
state: present
-- name: Template the sapp.toml
- template:
- src: "{{ role_path }}/templates/sapp.toml.j2"
- dest: /home/mesasoft/sapp_run/etc/sapp.toml
- tags: template
-
-- name: Template the project_list.conf
- template:
- src: "{{ role_path }}/templates/project_list.conf.j2"
- dest: /home/mesasoft/sapp_run/etc/project_list.conf
- tags: template
-
-- name: Template the conflist.inf
- template:
- src: "{{ role_path }}/templates/conflist.inf.j2"
- dest: /home/mesasoft/sapp_run/plug/conflist.inf
- tags: template
-
-- name: Template the gdev.conf
- template:
- src: "{{ role_path }}/templates/gdev.conf.j2"
- dest: /home/mesasoft/sapp_run/etc/gdev.conf
- tags: template
-
- name: Template the kni.conf
template:
src: "{{ role_path }}/templates/kni.conf.j2"
dest: /home/mesasoft/sapp_run/etc/kni/kni.conf
tags: template
-
-- name: "enable sapp"
- systemd:
- name: sapp
- enabled: yes
- daemon_reload: yes
diff --git a/roles/kni/templates/conflist.inf.j2 b/roles/kni/templates/conflist.inf.j2
deleted file mode 100644
index 098ab6e..0000000
--- a/roles/kni/templates/conflist.inf.j2
+++ /dev/null
@@ -1,8 +0,0 @@
-[platform]
-./plug/platform/g_device_plug/g_device_plug.inf
-
-[protocol]
-./plug/protocol/http/http.inf
-
-[business]
-./plug/business/kni/kni.inf \ No newline at end of file
diff --git a/roles/kni/templates/kni.conf.j2 b/roles/kni/templates/kni.conf.j2
index fbf7a20..af5ee96 100644
--- a/roles/kni/templates/kni.conf.j2
+++ b/roles/kni/templates/kni.conf.j2
@@ -39,35 +39,9 @@ keepalive_idle = 2
keepalive_intvl = 1
keepalive_cnt = 3
-[static_maat]
-readconf_mode = {{ kni.maat.readconf_mode }}
-tableinfo_path = ./etc/kni/static_maat_tableinfo.conf
-maatjson_path = ./etc/kni/maat_test.json
-redis_ip = {{ maat_redis_server.address }}
-redis_port = {{ maat_redis_server.port }}
-redis_index = {{ maat_redis_server.db }}
-
-[dynamic_maat]
-readconf_mode = {{ kni.maat.readconf_mode }}
-tableinfo_path = ./etc/kni/dynamic_maat_tableinfo.conf
-maatjson_path = ./etc/kni/maat_test.json
-redis_ip = {{ dynamic_maat_redis_server.address }}
-redis_port = {{ dynamic_maat_redis_server.port }}
-redis_index = {{ dynamic_maat_redis_server.db }}
-
-[send_logger]
-switch = {{ kni.send_logger.switch }}
-kafka_topic = SESSION-RECORD-LOG
-kafka_brokerlist = {{ log_kafkabrokers.address }}
-
[marsio]
appsym = knifw
-[kafka]
-queue.buffering.max.messages = 1000000
-topic.metadata.refresh.interval.ms = 600000
-security.protocol = MG
-
[dup_traffic]
switch = 1
action = 2
@@ -99,4 +73,5 @@ remote_switch = {{ fs_remote.switch }}
remote_ip = {{ fs_remote.address }}
remote_port = {{ fs_remote.port }}
local_path = ./fs2_kni.status
-stat_cycle = 2
+stat_cycle = 1
+print_mode = 1
diff --git a/roles/sapp/files/sapp-4.0.5.3385992-1.el7.x86_64.rpm b/roles/sapp/files/sapp-4.0.5.3385992-1.el7.x86_64.rpm
new file mode 100644
index 0000000..1c10718
--- /dev/null
+++ b/roles/sapp/files/sapp-4.0.5.3385992-1.el7.x86_64.rpm
Binary files differ
diff --git a/roles/sapp/tasks/main.yml b/roles/sapp/tasks/main.yml
new file mode 100644
index 0000000..4e4224c
--- /dev/null
+++ b/roles/sapp/tasks/main.yml
@@ -0,0 +1,41 @@
+---
+- name: "copy sapp to destination server"
+ copy:
+ src: "{{ role_path }}/files/"
+ dest: /tmp/ansible_deploy/
+
+- name: "install sapp rpms from localhost"
+ yum:
+ name:
+ - /tmp/ansible_deploy/sapp-4.0.5.3385992-1.el7.x86_64.rpm
+ state: present
+
+- name: Template the sapp.toml
+ template:
+ src: "{{ role_path }}/templates/sapp.toml.j2"
+ dest: /home/mesasoft/sapp_run/etc/sapp.toml
+ tags: template
+
+- name: Template the project_list.conf
+ template:
+ src: "{{ role_path }}/templates/project_list.conf.j2"
+ dest: /home/mesasoft/sapp_run/etc/project_list.conf
+ tags: template
+
+- name: Template the conflist.inf
+ template:
+ src: "{{ role_path }}/templates/conflist.inf.j2"
+ dest: /home/mesasoft/sapp_run/plug/conflist.inf
+ tags: template
+
+- name: Template the gdev.conf
+ template:
+ src: "{{ role_path }}/templates/gdev.conf.j2"
+ dest: /home/mesasoft/sapp_run/etc/gdev.conf
+ tags: template
+
+- name: "enable sapp"
+ systemd:
+ name: sapp
+ enabled: yes
+ daemon_reload: yes
diff --git a/roles/sapp/templates/conflist.inf.j2 b/roles/sapp/templates/conflist.inf.j2
new file mode 100644
index 0000000..34f8339
--- /dev/null
+++ b/roles/sapp/templates/conflist.inf.j2
@@ -0,0 +1,19 @@
+[platform]
+./plug/platform/g_device_plug/g_device_plug.inf
+./plug/platform/tsg_master/tsg_master.inf
+
+[protocol]
+./plug/protocol/ssl/ssl.inf
+./plug/protocol/http/http.inf
+./plug/protocol/dns/dns.inf
+./plug/protocol/mail/mail.inf
+./plug/protocol/ftp/ftp.inf
+
+[business]
+./plug/business/kni/kni.inf
+./plug/business/fw_ssl/fw_ssl.inf
+./plug/business/fw_http_plug/fw_http_plug.inf
+./plug/business/fw_dns_plug/fw_dns_plug.inf
+./plug/business/fw_mail_plug/fw_mail_plug.inf
+./plug/business/fw_ftp_plug/fw_ftp_plug.inf
+./plug/business/tsg_conn_record/tsg_conn_record.inf \ No newline at end of file
diff --git a/roles/kni/templates/gdev.conf.j2 b/roles/sapp/templates/gdev.conf.j2
index bb1bd30..bb1bd30 100644
--- a/roles/kni/templates/gdev.conf.j2
+++ b/roles/sapp/templates/gdev.conf.j2
diff --git a/roles/kni/templates/project_list.conf.j2 b/roles/sapp/templates/project_list.conf.j2
index c123d0b..c712a15 100644
--- a/roles/kni/templates/project_list.conf.j2
+++ b/roles/sapp/templates/project_list.conf.j2
@@ -1,4 +1,4 @@
tcp_flow_stat struct
udp_flow_stat struct
tcp_deduce_flow_stat struct
-kni_http_tag struct \ No newline at end of file
+POLICY_PRIORITY struct \ No newline at end of file
diff --git a/roles/kni/templates/sapp.toml.j2 b/roles/sapp/templates/sapp.toml.j2
index 6548df4..6548df4 100644
--- a/roles/kni/templates/sapp.toml.j2
+++ b/roles/sapp/templates/sapp.toml.j2
diff --git a/roles/tfe/files/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpm b/roles/tfe/files/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpm
deleted file mode 100644
index da6096a..0000000
--- a/roles/tfe/files/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpm
+++ /dev/null
Binary files differ
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 16:02:37 +0000