diff options
21 files changed, 262 insertions, 97 deletions
diff --git a/deploy.yml b/adc_deploy.yml index 55e93fb..6e0a93f 100644 --- a/deploy.yml +++ b/adc_deploy.yml @@ -17,18 +17,12 @@ roles: - packet_dump -- hosts: adc_mxn - remote_user: root - roles: -# - tsg-env-mxn - - hosts: adc_mcn0 remote_user: root vars_files: - install_config/group_vars/adc_global.yml - install_config/group_vars/adc_mcn0.yml roles: -# - tsg-env-mcn0 - telegraf_collect - kernel-ml - mrzcpd @@ -51,7 +45,6 @@ - install_config/group_vars/adc_global.yml - install_config/group_vars/adc_mcn1.yml roles: -# - tsg-env-mcn1 - telegraf_collect - kernel-ml - mrzcpd @@ -63,7 +56,6 @@ - install_config/group_vars/adc_global.yml - install_config/group_vars/adc_mcn2.yml roles: -# - tsg-env-mcn2 - telegraf_collect - kernel-ml - mrzcpd @@ -75,9 +67,8 @@ - install_config/group_vars/adc_global.yml - install_config/group_vars/adc_mcn3.yml roles: - - kernel-ml -# - tsg-env-mcn3 - telegraf_collect + - kernel-ml - mrzcpd - tfe @@ -99,6 +90,7 @@ roles: - tsg-diagnose_stop_sync + - hosts: - adc_mcn0 - adc_mcn1 @@ -110,32 +102,6 @@ roles: #- reboot -- hosts: server-as-tun-mode - remote_user: root - vars_files: - - install_config/group_vars/server_as_tun_mode.yml - roles: - - kernel-ml - - framework - - mrzcpd - - tsg-env-tun-mode - - sapp - - tsg_master - - kni - - firewall - - tsg_app - - http_healthcheck - - certstore - - redis - - cert-redis - - maat-redis - - tfe - - telegraf_statistic - - telegraf_collect - - proxy_status -# - tsg_device_tag - - reboot - - hosts: app_global remote_user: root vars_files: diff --git a/install_config/group_vars/adc_global.yml b/install_config/group_vars/adc_global.yml index 3b03699..3977194 100644 --- a/install_config/group_vars/adc_global.yml +++ b/install_config/group_vars/adc_global.yml @@ -9,6 +9,10 @@ tsg_running_type: 2 Deploy_finished_reboot: 0 ######################################## +#TSG Cluster Mode +tsg_cluster_mode: 0 + +######################################## #IP Config maat_redis_city_server: address: "10.9.62.253" diff --git a/install_config/group_vars/adc_mcn0.yml b/install_config/group_vars/adc_mcn0.yml index 60bfaf0..d0d8227 100644 --- a/install_config/group_vars/adc_mcn0.yml +++ b/install_config/group_vars/adc_mcn0.yml @@ -37,5 +37,5 @@ AllotAccess: virturlID_4: 1302 #vvipv4_mask: 24 #vvipv6_mask: 64 - + bladename: mcn0 diff --git a/install_config/group_vars/adc_mcn2.yml b/install_config/group_vars/adc_mcn2.yml index ff33049..10d00df 100644 --- a/install_config/group_vars/adc_mcn2.yml +++ b/install_config/group_vars/adc_mcn2.yml @@ -15,5 +15,5 @@ nic_inner_ctrl: nic_traffic_mirror: name: ens8f2 use_mrzcpd: 1 - + bladename: mcn2
\ No newline at end of file diff --git a/install_config/group_vars/adc_mcn3.yml b/install_config/group_vars/adc_mcn3.yml index 51b1e09..df3846c 100644 --- a/install_config/group_vars/adc_mcn3.yml +++ b/install_config/group_vars/adc_mcn3.yml @@ -15,5 +15,5 @@ nic_inner_ctrl: nic_traffic_mirror: name: ens8f2 use_mrzcpd: 1 - + bladename: mcn3
\ No newline at end of file diff --git a/install_config/group_vars/server_as_tun_mode.yml b/install_config/group_vars/server_as_tun_mode.yml index f4ef823..21bc996 100644 --- a/install_config/group_vars/server_as_tun_mode.yml +++ b/install_config/group_vars/server_as_tun_mode.yml @@ -1,12 +1,16 @@ ######################################### #####0: Pcap; 1: Inline_device; 4: ATCA_Vlan_Flipping; 5:ATCA_VXLAN; -tsg_access_type: 1 +tsg_access_type: 0 #####0: Tun_mode; 1: normal; -tsg_running_type: 1 +tsg_running_type: 0 ######################################## #Deploy_finished_reboot -Deploy_finished_reboot: 1 +Deploy_finished_reboot: 0 + +######################################## +#TSG Cluster Mode +tsg_cluster_mode: 0 ######################################## #Server Basic Config @@ -18,27 +22,39 @@ nic_inner_ctrl: ######################################### #IP Config +#maat_redis_city_serve相关配置只在部署集群模式时使用 +maat_redis_city_server: + address: "" + port: + maat_redis_server: - address: "192.168.40.168" + address: "#Bifang IP#" port: 7002 + port_num: 1 db: 0 dynamic_maat_redis_server: - address: "192.168.40.168" + address: "#Bifang IP#" port: 7002 - db: 0 + port_num: 1 + db: 1 cert_store_server: address: "192.168.100.1" port: 9991 log_kafkabrokers: - address: "1.1.1.1:9092,2.2.2.2:9092" + address: "10.9.61.4:9092,10.9.61.5:9092,10.9.61.6:9092" + +telegraf_kafkabrokers: + address: "\"10.9.61.4:9092\",\"10.9.61.5:9092\",\"10.9.61.6:9092\"" + +monitor_outputs_influxdb: + url: "http://127.0.0.1:58086" log_minio: - address: "192.168.40.168;" + address: "10.9.62.253" port: 9090 - ######################################### #Log Level Config #日志等级 10:DEBUG 20:INFO 30:FATAL @@ -52,12 +68,11 @@ tsg_log_level: 10 tsg_master_log_level: 10 kni_log_level: 10 - #日志等级 DEBUG INFO FATAL -tfe_log_level: DEBUG -tfe_http_log_level: DEBUG -pangu_log_level: DEBUG -doh_log_level: DEBUG +tfe_log_level: FATAL +tfe_http_log_level: FATAL +pangu_log_level: FATAL +doh_log_level: FATAL certstore_log_level: 10 packet_dump_log_level: 10 @@ -143,3 +158,10 @@ inline_device_config: keepalive_ip: 192.168.1.30 keepalive_mask: 255.255.255.252 data_incoming: eth5 + +######################################### +#新增配置项,均为默认值不用改 +breakpad_upload_url: http://127.0.0.1:9000/api/2/minidump/?sentry_key=3556bac347c74585a994eb6823faf5c6 + +data_center: Beijing +tsg_master_entrance_id: 0 diff --git a/install_config/hosts b/install_config/hosts index 870fdfc..8715518 100644 --- a/install_config/hosts +++ b/install_config/hosts @@ -7,7 +7,6 @@ #20.09版本新增APP部署 #[app_global] #0.0.0.0 - #[server-as-tun-mode] #1.1.1.1 device_id=device_1 # @@ -30,8 +29,8 @@ #[adc_mcn3] #10.3.76.1 device_id=device_1 #10.3.76.2 device_id=device_2 - #[app_global] + #[server-as-tun-mode] #p #[adc_mxn] @@ -45,3 +44,4 @@ 10.9.54.[1:14] [packet_dump_server] 10.9.61.3 + diff --git a/roles/certstore/tasks/main.yml b/roles/certstore/tasks/main.yml index d970488..33b0b5a 100644 --- a/roles/certstore/tasks/main.yml +++ b/roles/certstore/tasks/main.yml @@ -3,22 +3,22 @@ src: "{{ role_path }}/files/" dest: "/tmp/ansible_deploy/" -- name: Ensures /opt/tsg exists +- name: "Ensures /opt/tsg exists" file: path=/opt/tsg state=directory tags: mkdir -- name: install certstore +- name: "install certstore" yum: name: - /tmp/ansible_deploy/certstore-2.1.3.202010.81eef83-1.el7.x86_64.rpm state: present -- name: template certstore configure file +- name: "template certstore configure file" template: src: "{{ role_path }}/templates/cert_store.ini.j2" dest: /opt/tsg/certstore/conf/cert_store.ini -- name: template certstore zlog file +- name: "template certstore zlog file" template: src: "{{ role_path }}/templates/zlog.conf.j2" dest: /opt/tsg/certstore/conf/zlog.conf diff --git a/roles/firewall/templates/maat.conf.j2 b/roles/firewall/templates/maat.conf.j2 index bf88863..baa29f6 100644 --- a/roles/firewall/templates/maat.conf.j2 +++ b/roles/firewall/templates/maat.conf.j2 @@ -24,9 +24,9 @@ TABLE_INFO=tsgconf/tsg_dynamic_tableinfo.conf STAT_FILE=tsg_dynamic_maat.status EFFECT_INTERVAL_S=1 REDIS_IP={{ dynamic_maat_redis_server.address }} -REDIS_PORT_NUM={{ maat_redis_server.port_num }} -REDIS_PORT={{ maat_redis_server.port }} -REDIS_INDEX={{ maat_redis_server.db }} +REDIS_PORT_NUM={{ dynamic_maat_redis_server.port_num }} +REDIS_PORT={{ dynamic_maat_redis_server.port }} +REDIS_INDEX={{ dynamic_maat_redis_server.db }} JSON_CFG_FILE=tsgconf/tsg_maat.json INC_CFG_DIR=tsgrule/inc/index/ FULL_CFG_DIR=tsgrule/full/index/ diff --git a/roles/maat-redis/tasks/main.yml b/roles/maat-redis/tasks/main.yml index 3cf437c..a20f36c 100644 --- a/roles/maat-redis/tasks/main.yml +++ b/roles/maat-redis/tasks/main.yml @@ -3,12 +3,14 @@ src: "{{ role_path }}/files/maat-redis.service" dest: "/usr/lib/systemd/system" mode: 0644 + when: tsg_cluster_mode == 1 -- name: "Template the kni.conf" +- name: "Template the maat-redis.conf" template: src: "{{ role_path }}/templates/maat-redis.conf.j2" dest: /etc/maat-redis.conf tags: template + when: tsg_cluster_mode == 1 - name: "start maat-redis" systemd: @@ -16,3 +18,4 @@ state: started daemon_reload: yes enabled: yes + when: tsg_cluster_mode == 1 diff --git a/roles/reboot/tasks/main.yml b/roles/reboot/tasks/main.yml index 777560a..a9bb686 100644 --- a/roles/reboot/tasks/main.yml +++ b/roles/reboot/tasks/main.yml @@ -1,3 +1,3 @@ - name: "reboot" reboot: -# when: Deploy_finished_reboot == 1 + when: Deploy_finished_reboot == 1 diff --git a/roles/telegraf_collect/tasks/main.yml b/roles/telegraf_collect/tasks/main.yml index dfc73ac..a18f43f 100644 --- a/roles/telegraf_collect/tasks/main.yml +++ b/roles/telegraf_collect/tasks/main.yml @@ -11,9 +11,17 @@ - name: "Templates telegraf_collect.conf" template: - src: "{{role_path}}/templates/telegraf_collect.conf.j2" + src: "{{role_path}}/templates/telegraf_collect.conf_adc.j2" dest: /etc/telegraf/telegraf_collect.conf tags: template + when: tsg_running_type == 2 + +- name: "Templates telegraf_collect.conf" + template: + src: "{{role_path}}/templates/telegraf_collect.conf_server.j2" + dest: /etc/telegraf/telegraf_collect.conf + tags: template + when: tsg_running_type != 2 - name: "copy telegraf_collect.service to destination server" copy: diff --git a/roles/telegraf_collect/templates/telegraf_collect.conf_adc.j2 b/roles/telegraf_collect/templates/telegraf_collect.conf_adc.j2 new file mode 100644 index 0000000..0eb75f5 --- /dev/null +++ b/roles/telegraf_collect/templates/telegraf_collect.conf_adc.j2 @@ -0,0 +1,73 @@ +[global_tags] + blade = "{{bladename}}" +[agent] + interval = "5s" + round_interval = true + metric_batch_size = 1000000 + metric_buffer_limit = 1000000 + collection_jitter = "0s" + flush_interval = "1s" + flush_jitter = "0s" + precision = "" + debug = false + quiet = false + logfile = "" + hostname = "" + omit_hostname = false + +[[outputs.file]] + files = ["stdout", "/tmp/collect.out"] + data_format = "json" + rotation_interval = "1h" + rotation_max_size = "100MB" + rotation_max_archives = 5 + +[[outputs.socket_writer]] + address = "udp://192.168.100.1:8100" + + +{% if bladename == "mcn0" %} +[[inputs.procstat]] + exe= "sapp" +[[inputs.procstat]] + exe="certstore" +{% else %} +[[inputs.procstat]] + exe= "tfe" +{% endif %} + +[[inputs.systemd_units]] + unittype = "service" + timeout = "1s" + +[[inputs.cpu]] + percpu = false + totalcpu = true + collect_cpu_time = false + report_active = false + fieldpass = ["usage_idle", "usage_iowait", "usage_system", "usage_user"] + +[[inputs.system]] + fieldpass = ["load1", "load5", "load15"] + +[[inputs.mem]] + fieldpass = ["available"] + +[[inputs.disk]] + fieldpass = ["free", "inodes_free", "used_percent"] + ignore_fs = ["tmpfs", "devtmpfs", "devfs", "overlay", "aufs", "squashfs"] + +[[inputs.diskio]] + fieldpass = ["read_bytes", "write_bytes", "reads","writes"] + +[[inputs.netstat]] + +[[inputs.net]] + ignore_protocol_stats = false + interfaces = ["ens*"] + +[[inputs.kernel]] + +[[inputs.udp_listener]] + ServiceAddress= ":58100" + data_format = "influx"
\ No newline at end of file diff --git a/roles/telegraf_collect/templates/telegraf_collect.conf_server.j2 b/roles/telegraf_collect/templates/telegraf_collect.conf_server.j2 new file mode 100644 index 0000000..b2699a4 --- /dev/null +++ b/roles/telegraf_collect/templates/telegraf_collect.conf_server.j2 @@ -0,0 +1,70 @@ +[global_tags] + blade = "server" +[agent] + interval = "5s" + round_interval = true + metric_batch_size = 1000000 + metric_buffer_limit = 1000000 + collection_jitter = "0s" + flush_interval = "1s" + flush_jitter = "0s" + precision = "" + debug = false + quiet = false + logfile = "" + hostname = "" + omit_hostname = false + +[[outputs.file]] + files = ["stdout", "/tmp/collect.out"] + data_format = "json" + rotation_interval = "1h" + rotation_max_size = "100MB" + rotation_max_archives = 5 + +[[outputs.socket_writer]] + address = "udp://192.168.100.1:8100" + + +[[inputs.procstat]] + exe= "sapp" +[[inputs.procstat]] + exe="certstore" +[[inputs.procstat]] + exe= "tfe" + +[[inputs.systemd_units]] + unittype = "service" + timeout = "1s" + +[[inputs.cpu]] + percpu = false + totalcpu = true + collect_cpu_time = false + report_active = false + fieldpass = ["usage_idle", "usage_iowait", "usage_system", "usage_user"] + +[[inputs.system]] + fieldpass = ["load1", "load5", "load15"] + +[[inputs.mem]] + fieldpass = ["available"] + +[[inputs.disk]] + fieldpass = ["free", "inodes_free", "used_percent"] + ignore_fs = ["tmpfs", "devtmpfs", "devfs", "overlay", "aufs", "squashfs"] + +[[inputs.diskio]] + fieldpass = ["read_bytes", "write_bytes", "reads","writes"] + +[[inputs.netstat]] + +[[inputs.net]] + ignore_protocol_stats = false + interfaces = ["ens*"] + +[[inputs.kernel]] + +[[inputs.udp_listener]] + ServiceAddress= ":58100" + data_format = "influx" diff --git a/roles/tsg-diagnose-uninstall/tasks/main.yml b/roles/tsg-diagnose-uninstall/tasks/main.yml deleted file mode 100644 index 39e16ba..0000000 --- a/roles/tsg-diagnose-uninstall/tasks/main.yml +++ /dev/null @@ -1,9 +0,0 @@ -- name: stop tsg-diagnose - systemd: - name: tsg-diagnose - state: stopped - -- name: remove the tsg-diagnose - yum: - name: tsg-diagnose - state: absent diff --git a/roles/tsg-diagnose-verify-succ/tasks/main.yml b/roles/tsg-diagnose-verify-succ/tasks/main.yml deleted file mode 100644 index e84c503..0000000 --- a/roles/tsg-diagnose-verify-succ/tasks/main.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: "register tsg-diagnose exec result" - shell: docker exec -it unittest_tsg-diagnose /bin/sh -c 'python3 /root/unittest/tsg_diagnose.py' - register: tsgdiagnoseresults - -- name: assert - assert: - that: - - tsgdiagnoseresults.stdout.find('FAIL') == -1 - fail_msg: "FAIL" - success_msg: "PASS" diff --git a/roles/tsg-diagnose-verify-succ/tasks/main.yml.bak b/roles/tsg-diagnose-verify-succ/tasks/main.yml.bak deleted file mode 100644 index c217f50..0000000 --- a/roles/tsg-diagnose-verify-succ/tasks/main.yml.bak +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: "register tsg-diagnose exec result" - shell: docker exec -it unittest_tsg-diagnose /bin/sh -c 'python3 /root/unittest/tsg_diagnose.py' - register: tsgdiagnoseresults - -- name: "check the results" - fail: - msg: fail - when: tsgdiagnoseresults.stdout.find('FAIL') != -1 diff --git a/roles/tsg_device_tag/tasks/main.yml b/roles/tsg_device_tag/tasks/main.yml index 28f7ac7..21e4217 100644 --- a/roles/tsg_device_tag/tasks/main.yml +++ b/roles/tsg_device_tag/tasks/main.yml @@ -3,7 +3,12 @@ path: /opt/tsg/etc state: directory -- name: "Template tsg_device_tag.json" +- name: "Template tsg_sn.json" template: - src: "{{ role_path }}/templates/tsg_device_tag.json.j2" - dest: /opt/tsg/etc/tsg_device_tag.json + src: "{{ role_path }}/templates/tsg_sn.json.j2" + dest: /opt/tsg/etc/tsg_sn.json + +- name: "Template tsg_tag.json" + template: + src: "{{ role_path }}/templates/tsg_tags.json.j2" + dest: /opt/tsg/etc/tsg_tags.json diff --git a/roles/tsg_device_tag/templates/tsg_sn.json.j2 b/roles/tsg_device_tag/templates/tsg_sn.json.j2 new file mode 100644 index 0000000..a88f0a5 --- /dev/null +++ b/roles/tsg_device_tag/templates/tsg_sn.json.j2 @@ -0,0 +1,3 @@ +{ + "sn": "GN202000000000000000" +} diff --git a/roles/tsg_device_tag/templates/tsg_tags.json.j2 b/roles/tsg_device_tag/templates/tsg_tags.json.j2 new file mode 100644 index 0000000..c275588 --- /dev/null +++ b/roles/tsg_device_tag/templates/tsg_tags.json.j2 @@ -0,0 +1 @@ +{"tags":[{"tag":"data_center","value":"Beijing"}]} diff --git a/server_deploy.yml b/server_deploy.yml new file mode 100644 index 0000000..e8721f7 --- /dev/null +++ b/server_deploy.yml @@ -0,0 +1,39 @@ +- hosts: server_as_tun_mode + remote_user: root + vars_files: + - install_config/group_vars/server_as_tun_mode.yml + roles: + - kernel-ml + - framework + - mrzcpd + - tsg-env-tun-mode + - sapp + - tsg_master + - kni + - firewall + - tsg_app + - http_healthcheck + - certstore + - redis + - cert-redis + - maat-redis + - tfe + - telegraf_statistic + - telegraf_collect + - tsg_device_tag + - reboot + +- hosts: packet_dump_server + remote_user: root + vars_files: + - install_config/group_vars/server_as_tun_mode.yml + roles: + - framework + - packet_dump + +- hosts: app_global + remote_user: root + vars_files: + - install_config/group_vars/app_global.yml + roles: + - app_global |