diff options
28 files changed, 92 insertions, 10 deletions
@@ -9,6 +9,7 @@ roles: - framework - kernel-ml + - telegraf_collect - hosts: adc_mxn remote_user: root @@ -114,6 +115,7 @@ - cert-redis - tfe - telegraf_statistic + - telegraf_collect - proxy_status # - tsg_device_tag - reboot diff --git a/install_config/group_vars/server_as_tun_mode.yml b/install_config/group_vars/server_as_tun_mode.yml index f3a8d54..f4ef823 100644 --- a/install_config/group_vars/server_as_tun_mode.yml +++ b/install_config/group_vars/server_as_tun_mode.yml @@ -60,7 +60,7 @@ pangu_log_level: DEBUG doh_log_level: DEBUG certstore_log_level: 10 -clotho_log_level: 10 +packet_dump_log_level: 10 ######################################### #Sapp Performance Config diff --git a/roles/app_global/tasks/main.yml b/roles/app_global/tasks/main.yml index bf9c908..acd0b9a 100644 --- a/roles/app_global/tasks/main.yml +++ b/roles/app_global/tasks/main.yml @@ -25,9 +25,12 @@ name: emqx.service state: started enabled: yes + daemon_reload: yes + - name: "Start app-sketch-global" systemd: name: app-sketch-global.service state: started enabled: yes + daemon_reload: yes diff --git a/roles/certstore/files/memory.conf b/roles/certstore/files/memory.conf new file mode 100644 index 0000000..d6411dc --- /dev/null +++ b/roles/certstore/files/memory.conf @@ -0,0 +1,2 @@ +[Service] +MemoryMax=10G
\ No newline at end of file diff --git a/roles/certstore/tasks/main.yml b/roles/certstore/tasks/main.yml index c15e9ea..bc00e5c 100644 --- a/roles/certstore/tasks/main.yml +++ b/roles/certstore/tasks/main.yml @@ -23,6 +23,12 @@ src: "{{ role_path }}/templates/zlog.conf.j2" dest: /opt/tsg/certstore/conf/zlog.conf +- name: "copy memory limit file to certstore.service.d" + copy: + src: "{{ role_path }}/files/memory.conf" + dest: /etc/systemd/system/certstore.service.d/ + mode: 0644 + - name: "start certstore" systemd: name: certstore.service diff --git a/roles/kni/files/kni-20.10.20201014.6d458ba-1.el7.x86_64.rpm b/roles/kni/files/kni-20.10.20201014.6d458ba-1.el7.x86_64.rpm Binary files differdeleted file mode 100644 index d19219b..0000000 --- a/roles/kni/files/kni-20.10.20201014.6d458ba-1.el7.x86_64.rpm +++ /dev/null diff --git a/roles/kni/files/kni-20.10.20201019.3f20d93-2.el7.x86_64.rpm b/roles/kni/files/kni-20.10.20201019.3f20d93-2.el7.x86_64.rpm Binary files differnew file mode 100644 index 0000000..8e8bdd6 --- /dev/null +++ b/roles/kni/files/kni-20.10.20201019.3f20d93-2.el7.x86_64.rpm diff --git a/roles/kni/tasks/main.yml b/roles/kni/tasks/main.yml index 266244a..6be510e 100644 --- a/roles/kni/tasks/main.yml +++ b/roles/kni/tasks/main.yml @@ -7,7 +7,7 @@ - name: "install kni rpms from localhost" yum: name: - - /tmp/ansible_deploy/kni-20.10.20201014.6d458ba-1.el7.x86_64.rpm + - /tmp/ansible_deploy/kni-20.10.20201019.3f20d93-2.el7.x86_64.rpm state: present - name: Template the kni.conf diff --git a/roles/mrzcpd/files/memory.conf b/roles/mrzcpd/files/memory.conf new file mode 100644 index 0000000..f082028 --- /dev/null +++ b/roles/mrzcpd/files/memory.conf @@ -0,0 +1,2 @@ +[Service] +MemoryMax=100G
\ No newline at end of file diff --git a/roles/mrzcpd/tasks/main.yml b/roles/mrzcpd/tasks/main.yml index 9d74ff4..c5c6581 100644 --- a/roles/mrzcpd/tasks/main.yml +++ b/roles/mrzcpd/tasks/main.yml @@ -161,12 +161,18 @@ daemon_reload: yes when: nic_traffic_mirror is defined +- name: "copy memory limit file to tfe.service.d" + copy: + src: "{{ role_path }}/files/memory.conf" + dest: /etc/systemd/system/mrzcpd.service.d/ + mode: 0644 - name: "mask mrzcpd on server_tun_mode" systemd: name: mrzcpd enabled: no masked: yes + daemon_reload: yes when: - tsg_access_type == 0 @@ -175,5 +181,6 @@ name: mrtunnat enabled: no masked: yes + daemon_reload: yes when: - tsg_access_type == 0 diff --git a/roles/packet_dump/files/packet_dump.service b/roles/packet_dump/files/packet_dump.service new file mode 100644 index 0000000..7afe11c --- /dev/null +++ b/roles/packet_dump/files/packet_dump.service @@ -0,0 +1,19 @@ +[Unit] +Description=packet dump service +After=After=network.target + +[Service] +Type=fork +WorkingDirectory=/home/mesasoft/packet_dump +ExecStart=/home/mesasoft/packet_dump/packet_dump +TimeoutSec=60s +RestartSec=10s +Restart=always +LimitNOFILE=524288 +LimitNPROC=infinity +LimitCORE=infinity +TasksMax=infinity +Delegate=yes + +[Install] +WantedBy=multi-user.target diff --git a/roles/packet_dump/templates/packet_dump.conf.j2 b/roles/packet_dump/templates/packet_dump.conf.j2 index 755417c..369ef83 100644 --- a/roles/packet_dump/templates/packet_dump.conf.j2 +++ b/roles/packet_dump/templates/packet_dump.conf.j2 @@ -11,4 +11,4 @@ disable_coredump=0 enable_breakpad=1 breakpad_minidump_dir=/tmp/packet_dump/crashreport enable_breakpad_upload=0 -breakpad_upload_url={{ breakpad_upload }} +breakpad_upload_url={{ breakpad_upload_url }} diff --git a/roles/proxy_status/tasks/main.yml b/roles/proxy_status/tasks/main.yml index 8403fa9..aa4e750 100644 --- a/roles/proxy_status/tasks/main.yml +++ b/roles/proxy_status/tasks/main.yml @@ -14,7 +14,7 @@ copy: src: "{{ role_path }}/files/proxy-status.service" dest: "/usr/lib/systemd/system/" - mode: 0755 + mode: 0644 - name: "enable proxy-status" systemd: diff --git a/roles/sapp/files/memory.conf b/roles/sapp/files/memory.conf new file mode 100644 index 0000000..f082028 --- /dev/null +++ b/roles/sapp/files/memory.conf @@ -0,0 +1,2 @@ +[Service] +MemoryMax=100G
\ No newline at end of file diff --git a/roles/sapp/files/sapp-4.1.12.b8f6ea4-2.el7.x86_64.rpm b/roles/sapp/files/sapp-4.1.12.b8f6ea4-2.el7.x86_64.rpm Binary files differnew file mode 100644 index 0000000..67a2b02 --- /dev/null +++ b/roles/sapp/files/sapp-4.1.12.b8f6ea4-2.el7.x86_64.rpm diff --git a/roles/telegraf_collect/tasks/main.yml b/roles/telegraf_collect/tasks/main.yml index bbf7105..dfc73ac 100644 --- a/roles/telegraf_collect/tasks/main.yml +++ b/roles/telegraf_collect/tasks/main.yml @@ -19,7 +19,7 @@ copy: src: "{{ role_path }}/files/telegraf_collect.service" dest: /usr/lib/systemd/system - mode: 0755 + mode: 0644 - name: "Start telegraf_collect" systemd: diff --git a/roles/telegraf_collect/templates/telegraf_collect.conf.j2 b/roles/telegraf_collect/templates/telegraf_collect.conf.j2 index 56f2734..0eb75f5 100644 --- a/roles/telegraf_collect/templates/telegraf_collect.conf.j2 +++ b/roles/telegraf_collect/templates/telegraf_collect.conf.j2 @@ -1,5 +1,5 @@ [global_tags] - blade = {{bladename}} + blade = "{{bladename}}" [agent] interval = "5s" round_interval = true diff --git a/roles/telegraf_statistic/tasks/main.yml b/roles/telegraf_statistic/tasks/main.yml index 2f85ff7..e2e5c61 100644 --- a/roles/telegraf_statistic/tasks/main.yml +++ b/roles/telegraf_statistic/tasks/main.yml @@ -19,10 +19,11 @@ copy: src: "{{ role_path }}/files/telegraf_statistic.service" dest: /usr/lib/systemd/system - mode: 0755 + mode: 0644 - name: "Start telegraf" systemd: name: telegraf_statistic.service state: started enabled: yes + daemon_reload: yes diff --git a/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2 b/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2 index e2d040b..561e97f 100755 --- a/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2 +++ b/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2 @@ -56,4 +56,4 @@ [[outputs.influxdb]] urls = ["{{ monitor_outputs_influxdb.url }}"] - database = "tsg_stat
\ No newline at end of file + database = "tsg_stat"
\ No newline at end of file diff --git a/roles/tfe/files/memory.conf b/roles/tfe/files/memory.conf new file mode 100644 index 0000000..f082028 --- /dev/null +++ b/roles/tfe/files/memory.conf @@ -0,0 +1,2 @@ +[Service] +MemoryMax=100G
\ No newline at end of file diff --git a/roles/tfe/files/tfe-4.3.12.be94218-1.el7.x86_64.rpm b/roles/tfe/files/tfe-4.3.12.be94218-1.el7.x86_64.rpm Binary files differdeleted file mode 100644 index 6c40b3c..0000000 --- a/roles/tfe/files/tfe-4.3.12.be94218-1.el7.x86_64.rpm +++ /dev/null diff --git a/roles/tfe/files/tfe-4.3.14.13d2607-1.el7.x86_64.rpm b/roles/tfe/files/tfe-4.3.14.13d2607-1.el7.x86_64.rpm Binary files differnew file mode 100644 index 0000000..f2755aa --- /dev/null +++ b/roles/tfe/files/tfe-4.3.14.13d2607-1.el7.x86_64.rpm diff --git a/roles/tfe/tasks/main.yml b/roles/tfe/tasks/main.yml index bb7918d..8039332 100644 --- a/roles/tfe/tasks/main.yml +++ b/roles/tfe/tasks/main.yml @@ -8,13 +8,13 @@ copy: src: "{{ role_path }}/files/tfe.service" dest: /usr/lib/systemd/system/ - mode: 0755 + mode: 0644 - name: "install tfe rpms from localhost" yum: name: - /tmp/ansible_deploy/tfe-kmod-v1.0.5.20200408-1dkms.noarch.rpm - - /tmp/ansible_deploy/tfe-4.3.12.be94218-1.el7.x86_64.rpm + - /tmp/ansible_deploy/tfe-4.3.14.13d2607-1.el7.x86_64.rpm state: present - name: "template tfe-env config" @@ -63,6 +63,12 @@ src: "{{ role_path }}/templates/require-mrzcpd.conf.j2" dest: /etc/systemd/system/tfe.service.d/require-mrzcpd.conf +- name: "copy memory limit file to tfe.service.d" + copy: + src: "{{ role_path }}/files/memory.conf" + dest: /etc/systemd/system/tfe.service.d/ + mode: 0644 + - name: "enable tfe-env" systemd: name: tfe-env diff --git a/roles/tsg-diagnose/files/memory.conf b/roles/tsg-diagnose/files/memory.conf new file mode 100644 index 0000000..f082028 --- /dev/null +++ b/roles/tsg-diagnose/files/memory.conf @@ -0,0 +1,2 @@ +[Service] +MemoryMax=100G
\ No newline at end of file diff --git a/roles/tsg-diagnose/tasks/main.yml b/roles/tsg-diagnose/tasks/main.yml index ce4bde4..e180f1b 100644 --- a/roles/tsg-diagnose/tasks/main.yml +++ b/roles/tsg-diagnose/tasks/main.yml @@ -28,6 +28,12 @@ - name: "tsg-diagnose init certs" shell: /bin/sh /opt/tsg/tsg-diagnose/deploy/init_certs/init_badssl_certs.sh +- name: "copy memory limit file to tsg-diagnose.service.d" + copy: + src: "{{ role_path }}/files/memory.conf" + dest: /etc/systemd/system/tsg-diagnose.service.d/ + mode: 0644 + - name: 'Tsg-diagnose service start' systemd: name: tsg-diagnose diff --git a/uninstall/roles/packet_dump/tasks/main.yml b/uninstall/roles/packet_dump/tasks/main.yml new file mode 100644 index 0000000..74de743 --- /dev/null +++ b/uninstall/roles/packet_dump/tasks/main.yml @@ -0,0 +1,16 @@ +#################### +#Uninstall packet_dump +- name: "[uninstall packet_dump] stop packet_dump" + systemd: + name: packet_dump + state: stopped + enabled: no + when: uninstall.packet_dump == 1 + ignore_errors: true + +- name: "[uninstall packet_dump] uninstall packet_dump" + yum: + name: + - "{{ packet_dump }}" + state: absent + when: uninstall.packet_dump == 1 diff --git a/uninstall/rpm_list.sh b/uninstall/rpm_list.sh index 8b6b11b..fec05cb 100755 --- a/uninstall/rpm_list.sh +++ b/uninstall/rpm_list.sh @@ -41,6 +41,7 @@ tfe=`rpm -qa |grep ^tfe-4` tfe_kmod=`rpm -qa |grep ^tfe-kmod` http_healthcheck=`rpm -qa |grep ^http_healthcheck` clotho=`rpm -qa |grep ^clotho` +packet_dump=`rpm -qa |grep ^packet_dump` certstore=`rpm -qa |grep ^certstore` @@ -125,6 +126,9 @@ http_healthcheck: $http_healthcheck #clotho clotho: $clotho +#packet_dump +packet_dump: $packet_dump + ##################### #certstore certstore: $certstore diff --git a/uninstall/uninstall_tsg.yml b/uninstall/uninstall_tsg.yml index b03ed66..0a3d730 100644 --- a/uninstall/uninstall_tsg.yml +++ b/uninstall/uninstall_tsg.yml @@ -17,6 +17,7 @@ - certstore - cert_redis - clotho + - packet_dump - http_healthcheck - framework - telegraf_statistic @@ -45,6 +46,7 @@ - certstore - cert_redis - clotho + - packet_dump - http_healthcheck - framework - telegraf_statistic |