summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLu Qiuwen <[email protected]>2021-03-10 16:14:15 +0800
committerLu Qiuwen <[email protected]>2021-03-11 10:05:32 +0800
commit103ba64265c2b0363460ae5d6a51c5a88f26a999 (patch)
treea39b15e5c49b23092f47d86a0a571408f5fbf5bd
yInitial commit
Diffstat
-rw-r--r--config/framework/framework.conf1
-rw-r--r--config/mrzcpd/etc/mrapm.conf4
-rw-r--r--config/mrzcpd/etc/mrapp.sapp4.conf2
-rw-r--r--config/mrzcpd/etc/mrglobal.conf34
-rw-r--r--config/mrzcpd/mrzcpd3
-rw-r--r--docker-compose.yml28
-rw-r--r--dockerfile/sapp/Dockerfile63
-rw-r--r--dockerfile/sapp/MESA-Framework.repo56
-rw-r--r--dockerfile/sapp/framework.conf1
-rw-r--r--dockerfile/sapp/supervisord.conf155
-rw-r--r--dockerfile/tfe/Dockerfile39
-rw-r--r--dockerfile/tfe/MESA-Framework.repo56
12 files changed, 442 insertions, 0 deletions
diff --git a/config/framework/framework.conf b/config/framework/framework.conf
new file mode 100644
index 0000000..28152a9
--- /dev/null
+++ b/config/framework/framework.conf
@@ -0,0 +1 @@
+/opt/MESA/lib/
diff --git a/config/mrzcpd/etc/mrapm.conf b/config/mrzcpd/etc/mrapm.conf
new file mode 100644
index 0000000..d4ae4f1
--- /dev/null
+++ b/config/mrzcpd/etc/mrapm.conf
@@ -0,0 +1,4 @@
+[sendlog_apm]
+apm_device_server=udp://127.0.0.1:8100
+apm_stream_server=udp://127.0.0.1:8100
+apm_send_interval=15 \ No newline at end of file
diff --git a/config/mrzcpd/etc/mrapp.sapp4.conf b/config/mrzcpd/etc/mrapp.sapp4.conf
new file mode 100644
index 0000000..2dbbe6c
--- /dev/null
+++ b/config/mrzcpd/etc/mrapp.sapp4.conf
@@ -0,0 +1,2 @@
+[bpfdump:vxlan_user]
+enable=0
diff --git a/config/mrzcpd/etc/mrglobal.conf b/config/mrzcpd/etc/mrglobal.conf
new file mode 100644
index 0000000..75b3599
--- /dev/null
+++ b/config/mrzcpd/etc/mrglobal.conf
@@ -0,0 +1,34 @@
+[device]
+device=eth0,vxlan_user,vxlan_fwd
+sz_tunnel=8192
+sz_buffer=0
+
+[device:eth0]
+jumbo_frame=1
+max_rx_pkt_len=15360
+clear_tx_flags=1
+promisc=1
+
+[service]
+# lcore id for i/o service, use comma to split
+iocore=46,47
+distmode=2
+hashmode=0
+
+[eal]
+virtaddr=0x7f40c4a00000
+loglevel=7
+
+[keepalive]
+check_spinlock=0
+
+[ctrlzone]
+ctrlzone0=tunnat,64
+
+[pool]
+create_mode=3
+sz_direct_pktmbuf=4194304
+sz_indirect_pktmbuf=8192
+sz_cache=256
+sz_data=4096
+
diff --git a/config/mrzcpd/mrzcpd b/config/mrzcpd/mrzcpd
new file mode 100644
index 0000000..ef7fc2f
--- /dev/null
+++ b/config/mrzcpd/mrzcpd
@@ -0,0 +1,3 @@
+MRZCPD_ROOT=/opt/mrzcpd
+HUGEPAGE_NUM_2M=16384
+DEFAULT_UIO_MODULE="igb_uio" \ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..dff68bf
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,28 @@
+version: '2.2'
+services:
+ badssl_server:
+ image: "centos7:sappInstalled"
+ container_name: "sapp"
+# security_opt:
+# - seccomp:unconfined
+ privileged: true
+ volumes:
+ - ./config/mrzcpd/etc/mrapp.sapp4.conf:/opt/mrzcpd/etc/mrapp.sapp4.conf
+ - ./config/mrzcpd/etc/mrapm.conf:/opt/mrzcpd/etc/mrapm.conf
+ - ./config/mrzcpd/etc/mrglobal.conf:/opt/mrzcpd/etc/mrglobal.conf
+# - ./config/etc/tmpfiles.d/sapp_tmpfile.conf:/etc/tmpfiles.d/sapp_tmpfile.conf
+ - ./config/sapp_run/etc/sapp.toml:/home/mesasoft/sapp_run/etc/sapp.toml
+ - ./config/sapp_run/etc/project_list.conf:/home/mesasoft/sapp_run/etc/project_list.conf
+ - ./config/sapp_run/etc/sapp_log.conf:/home/mesasoft/sapp_run/etc/sapp_log.conf:rw
+ - ./config/sapp_run/etc/kni/kni.conf:/home/mesasoft/sapp_run/etc/kni/kni.conf
+ - ./config/sapp_run/tsgconf/main.conf:/home/mesasoft/sapp_run/tsgconf/main.conf
+ - ./config/sapp_run/tsgconf/maat.conf:/home/mesasoft/sapp_run/tsgconf/maat.conf
+ - ./config/sapp_run/conf/capture_packet_plug.conf:/home/mesasoft/sapp_run/conf/capture_packet_plug.conf
+ - ./config/sapp_run/tsgconf/app_l7_proto_id.conf:/home/mesasoft/sapp_run/tsgconf/app_l7_proto_id.conf
+ - ./config/sapp_run/plug/business/tsg_conn_sketch/tsg_conn_sketch.inf:/home/mesasoft/sapp_run/plug/business/tsg_conn_sketch/tsg_conn_sketch.inf
+ - ./config/sapp_run/plug/conflist.inf:/home/mesasoft/sapp_run/plug/conflist.inf
+ - ./config/sapp_run/etc/entrylist.conf:/home/mesasoft/sapp_run/etc/entrylist.conf
+# - ./config/framework/framework.conf:/etc/ld.so.conf.d/framework.conf
+ - /etc/localtime:/etc/localtime:ro
+# command: >
+# bash -c "ldconfig && tail -f /dev/null"
diff --git a/dockerfile/sapp/Dockerfile b/dockerfile/sapp/Dockerfile
new file mode 100644
index 0000000..091571e
--- /dev/null
+++ b/dockerfile/sapp/Dockerfile
@@ -0,0 +1,63 @@
+FROM centos:7
+
+COPY MESA-Framework.repo /etc/yum.repos.d/
+COPY framework.conf /etc/ld.so.conf.d/
+COPY supervisord.conf /etc/
+
+RUN yum makecache && yum install -y \
+ libcjson \
+ libdocumentanalyze \
+ libmaatframe \
+ libMESA_field_stat \
+ libMESA_field_stat2 \
+ libMESA_handle_logger \
+ libMESA_htable\
+ libMESA_prof_load \
+ librdkafka \
+ librulescan \
+ libtsglua \
+ libwiredcfg \
+ libWiredLB \
+ lz4 \
+ libbreakpad_mini \
+ mrzcpd \
+ sapp \
+ tcpdump_mesa \
+ tsg_master \
+ kni \
+ capture_packet_plug \
+ conn_telemetry \
+ dns \
+ ftp \
+ fw_dns_plug \
+ #fw_ftp_plug \
+ fw_http_plug \
+ fw_mail_plug \
+ fw_quic_plug \
+ fw_ssl_plug \
+ http \
+ mail \
+ quic \
+ ssl \
+ tsg_conn_sketch \
+ app_control_plug \
+ tcpdump \
+ net-tools \
+ vim
+
+RUN yum install -y fw_ftp_plug \
+ epel-release \
+ python3 \
+ gdb \
+ numactl \
+ && pip3 install supervisor \
+ && yum clean all \
+ && ldconfig
+
+RUN yum install -y strace
+
+
+WORKDIR /home/mesasoft/sapp_run/
+ENTRYPOINT ["/usr/local/bin/supervisord" ,"-n","-c", "/etc/supervisord.conf"]
+
+#CMD tail -f /dev/null
diff --git a/dockerfile/sapp/MESA-Framework.repo b/dockerfile/sapp/MESA-Framework.repo
new file mode 100644
index 0000000..b74d481
--- /dev/null
+++ b/dockerfile/sapp/MESA-Framework.repo
@@ -0,0 +1,56 @@
+# CentOS-Base.repo
+#
+# The mirror system uses the connecting IP address of the client and the
+# update status of each mirror to pick mirrors that are updated to and
+# geographically close to the client. You should use this for CentOS updates
+# unless you are manually picking other mirrors.
+#
+# If the mirrorlist= does not work for you, as a fall back you can try the
+# remarked out baseurl= line instead.
+#
+#
+
+#[MESA_framework]
+#name=MESA_framework
+#baseurl=ftp://192.168.41.182/pub/framework
+#gpgcheck=0
+
+[framework]
+name=framework
+baseurl=https://repo.geedge.net/pulp/content/7/x86_64/stable/framework/
+enabled=1
+gpgcheck=0
+username=liuxueli
+password=LXL@repo
+
+[platform]
+name=platform
+baseurl=https://repo.geedge.net/pulp/content/7/x86_64/stable/platform/
+enabled=1
+gpgcheck=0
+username=liuxueli
+password=LXL@repo
+
+[protocol]
+name=protocol
+baseurl=https://repo.geedge.net/pulp/content/7/x86_64/stable/protocol/
+enabled=1
+gpgcheck=0
+username=liuxueli
+password=LXL@repo
+
+[tsg]
+name=tsg
+baseurl=https://repo.geedge.net/pulp/content/7/x86_64/stable/tsg/
+enabled=1
+gpgcheck=0
+username=liuxueli
+password=LXL@repo
+
+[AppSketch]
+name=AppSketch
+baseurl=https://repo.geedge.net/pulp/content/7/x86_64/stable/AppSketch/
+enabled=1
+gpgcheck=0
+username=liuxueli
+password=LXL@repo
diff --git a/dockerfile/sapp/framework.conf b/dockerfile/sapp/framework.conf
new file mode 100644
index 0000000..28152a9
--- /dev/null
+++ b/dockerfile/sapp/framework.conf
@@ -0,0 +1 @@
+/opt/MESA/lib/
diff --git a/dockerfile/sapp/supervisord.conf b/dockerfile/sapp/supervisord.conf
new file mode 100644
index 0000000..56e1e1c
--- /dev/null
+++ b/dockerfile/sapp/supervisord.conf
@@ -0,0 +1,155 @@
+; Sample supervisor config file.
+;
+; For more information on the config file, please see:
+; http://supervisord.org/configuration.html
+;
+; Notes:
+; - Shell expansion ("~" or "$HOME") is not supported. Environment
+; variables can be expanded using this syntax: "%(ENV_HOME)s".
+; - Quotes around values are not supported, except in the case of
+; the environment= options as shown below.
+; - Comments must have a leading space: "a=b ;comment" not "a=b;comment".
+; - Command will be truncated if it looks like a config file comment, e.g.
+; "command=bash -c 'foo ; bar'" will truncate to "command=bash -c 'foo ".
+
+[unix_http_server]
+file=/tmp/supervisor.sock ; the path to the socket file
+;chmod=0700 ; socket file mode (default 0700)
+;chown=nobody:nogroup ; socket file uid:gid owner
+;username=user ; default is no username (open server)
+;password=123 ; default is no password (open server)
+
+;[inet_http_server] ; inet (TCP) server disabled by default
+;port=127.0.0.1:9001 ; ip_address:port specifier, *:port for all iface
+;username=user ; default is no username (open server)
+;password=123 ; default is no password (open server)
+
+[supervisord]
+logfile=/tmp/supervisord.log ; main log file; default $CWD/supervisord.log
+logfile_maxbytes=50MB ; max main logfile bytes b4 rotation; default 50MB
+logfile_backups=10 ; # of main logfile backups; 0 means none, default 10
+loglevel=info ; log level; default info; others: debug,warn,trace
+pidfile=/tmp/supervisord.pid ; supervisord pidfile; default supervisord.pid
+nodaemon=false ; start in foreground if true; default false
+minfds=1024 ; min. avail startup file descriptors; default 1024
+minprocs=200 ; min. avail process descriptors;default 200
+;umask=022 ; process file creation umask; default 022
+;user=supervisord ; setuid to this UNIX account at startup; recommended if root
+;identifier=supervisor ; supervisord identifier, default is 'supervisor'
+;directory=/tmp ; default is not to cd during start
+;nocleanup=true ; don't clean up tempfiles at start; default false
+;childlogdir=/tmp ; 'AUTO' child log dir, default $TEMP
+;environment=KEY="value" ; key value pairs to add to environment
+;strip_ansi=false ; strip ansi escape codes in logs; def. false
+
+; The rpcinterface:supervisor section must remain in the config file for
+; RPC (supervisorctl/web interface) to work. Additional interfaces may be
+; added by defining them in separate [rpcinterface:x] sections.
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+; The supervisorctl section configures how supervisorctl will connect to
+; supervisord. configure it match the settings in either the unix_http_server
+; or inet_http_server section.
+
+[supervisorctl]
+serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket
+;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket
+;username=chris ; should be same as in [*_http_server] if set
+;password=123 ; should be same as in [*_http_server] if set
+;prompt=mysupervisor ; cmd line prompt (default "supervisor")
+;history_file=~/.sc_history ; use readline history if available
+
+; The sample program section below shows all possible program subsection values.
+; Create one or more 'real' program: sections to be able to control them under
+; supervisor.
+
+;[program:theprogramname]
+;command=/bin/cat ; the program (relative uses PATH, can take args)
+;process_name=%(program_name)s ; process_name expr (default %(program_name)s)
+;numprocs=1 ; number of processes copies to start (def 1)
+;directory=/tmp ; directory to cwd to before exec (def no cwd)
+;umask=022 ; umask for process (default None)
+;priority=999 ; the relative start priority (default 999)
+;autostart=true ; start at supervisord start (default: true)
+;startsecs=1 ; # of secs prog must stay up to be running (def. 1)
+;startretries=3 ; max # of serial start failures when starting (default 3)
+;autorestart=unexpected ; when to restart if exited after running (def: unexpected)
+;exitcodes=0,2 ; 'expected' exit codes used with autorestart (default 0,2)
+;stopsignal=QUIT ; signal used to kill process (default TERM)
+;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)
+;stopasgroup=false ; send stop signal to the UNIX process group (default false)
+;killasgroup=false ; SIGKILL the UNIX process group (def false)
+;user=chrism ; setuid to this UNIX account to run the program
+;redirect_stderr=true ; redirect proc stderr to stdout (default false)
+;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO
+;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
+;stdout_logfile_backups=10 ; # of stdout logfile backups (0 means none, default 10)
+;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)
+;stdout_events_enabled=false ; emit events on stdout writes (default false)
+;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO
+;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
+;stderr_logfile_backups=10 ; # of stderr logfile backups (0 means none, default 10)
+;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)
+;stderr_events_enabled=false ; emit events on stderr writes (default false)
+;environment=A="1",B="2" ; process environment additions (def no adds)
+;serverurl=AUTO ; override serverurl computation (childutils)
+
+; The sample eventlistener section below shows all possible eventlistener
+; subsection values. Create one or more 'real' eventlistener: sections to be
+; able to handle event notifications sent by supervisord.
+
+;[eventlistener:theeventlistenername]
+;command=/bin/eventlistener ; the program (relative uses PATH, can take args)
+;process_name=%(program_name)s ; process_name expr (default %(program_name)s)
+;numprocs=1 ; number of processes copies to start (def 1)
+;events=EVENT ; event notif. types to subscribe to (req'd)
+;buffer_size=10 ; event buffer queue size (default 10)
+;directory=/tmp ; directory to cwd to before exec (def no cwd)
+;umask=022 ; umask for process (default None)
+;priority=-1 ; the relative start priority (default -1)
+;autostart=true ; start at supervisord start (default: true)
+;startsecs=1 ; # of secs prog must stay up to be running (def. 1)
+;startretries=3 ; max # of serial start failures when starting (default 3)
+;autorestart=unexpected ; autorestart if exited after running (def: unexpected)
+;exitcodes=0,2 ; 'expected' exit codes used with autorestart (default 0,2)
+;stopsignal=QUIT ; signal used to kill process (default TERM)
+;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)
+;stopasgroup=false ; send stop signal to the UNIX process group (default false)
+;killasgroup=false ; SIGKILL the UNIX process group (def false)
+;user=chrism ; setuid to this UNIX account to run the program
+;redirect_stderr=false ; redirect_stderr=true is not allowed for eventlisteners
+;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO
+;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
+;stdout_logfile_backups=10 ; # of stdout logfile backups (0 means none, default 10)
+;stdout_events_enabled=false ; emit events on stdout writes (default false)
+;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO
+;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
+;stderr_logfile_backups=10 ; # of stderr logfile backups (0 means none, default 10)
+;stderr_events_enabled=false ; emit events on stderr writes (default false)
+;environment=A="1",B="2" ; process environment additions
+;serverurl=AUTO ; override serverurl computation (childutils)
+
+; The sample group section below shows all possible group values. Create one
+; or more 'real' group: sections to create "heterogeneous" process groups.
+
+;[group:thegroupname]
+;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions
+;priority=999 ; the relative start priority (default 999)
+
+; The [include] section can just contain the "files" setting. This
+; setting can list multiple files (separated by whitespace or
+; newlines). It can also contain wildcards. The filenames are
+; interpreted as relative to this file. Included files *cannot*
+; include files themselves.
+
+;[include]
+;files = relative/directory/*.ini
+
+[program:sapp]
+command=/home/mesasoft/sapp_run/sapp
+autostart=true
+directory=/home/mesasoft/sapp_run
+stdout_logfile=/tmp/sapp_stdout.log
+stderr_logfile=/tmp/sapp_stderr.log
diff --git a/dockerfile/tfe/Dockerfile b/dockerfile/tfe/Dockerfile
new file mode 100644
index 0000000..3bba4df
--- /dev/null
+++ b/dockerfile/tfe/Dockerfile
@@ -0,0 +1,39 @@
+FROM centos:7
+
+COPY MESA-Framework.repo /etc/yum.repos.d/
+
+RUN yum makecache && yum install -y \
+ libcjson \
+ libdocumentanalyze \
+ libmaatframe \
+ libMESA_field_stat \
+ libMESA_field_stat2 \
+ libMESA_handle_logger \
+ libMESA_htable\
+ libMESA_prof_load \
+ librdkafka \
+ librulescan \
+ libtsglua \
+ libwiredcfg \
+ libWiredLB \
+ lz4 \
+ libbreakpad_mini \
+ mrzcpd \
+ tfe
+
+RUN yum install -y \
+ epel-release \
+ python3 \
+ gdb \
+ numactl \
+ tcpdump \
+ net-tools \
+ vim \
+ && pip3 install supervisor \
+ && yum clean all
+
+CMD tail -f /dev/null
+
+
+#ENTRYPOINT ["cat","/root/test.txt"]
+
diff --git a/dockerfile/tfe/MESA-Framework.repo b/dockerfile/tfe/MESA-Framework.repo
new file mode 100644
index 0000000..b74d481
--- /dev/null
+++ b/dockerfile/tfe/MESA-Framework.repo
@@ -0,0 +1,56 @@
+# CentOS-Base.repo
+#
+# The mirror system uses the connecting IP address of the client and the
+# update status of each mirror to pick mirrors that are updated to and
+# geographically close to the client. You should use this for CentOS updates
+# unless you are manually picking other mirrors.
+#
+# If the mirrorlist= does not work for you, as a fall back you can try the
+# remarked out baseurl= line instead.
+#
+#
+
+#[MESA_framework]
+#name=MESA_framework
+#baseurl=ftp://192.168.41.182/pub/framework
+#gpgcheck=0
+
+[framework]
+name=framework
+baseurl=https://repo.geedge.net/pulp/content/7/x86_64/stable/framework/
+enabled=1
+gpgcheck=0
+username=liuxueli
+password=LXL@repo
+
+[platform]
+name=platform
+baseurl=https://repo.geedge.net/pulp/content/7/x86_64/stable/platform/
+enabled=1
+gpgcheck=0
+username=liuxueli
+password=LXL@repo
+
+[protocol]
+name=protocol
+baseurl=https://repo.geedge.net/pulp/content/7/x86_64/stable/protocol/
+enabled=1
+gpgcheck=0
+username=liuxueli
+password=LXL@repo
+
+[tsg]
+name=tsg
+baseurl=https://repo.geedge.net/pulp/content/7/x86_64/stable/tsg/
+enabled=1
+gpgcheck=0
+username=liuxueli
+password=LXL@repo
+
+[AppSketch]
+name=AppSketch
+baseurl=https://repo.geedge.net/pulp/content/7/x86_64/stable/AppSketch/
+enabled=1
+gpgcheck=0
+username=liuxueli
+password=LXL@repo
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 14:13:14 +0000