增加TUN与双臂模式的部署支持

2019-09-26 16:10:41 +08:00
parent f123e488f8
commit 0885700e69
11 changed files with 190 additions and 51 deletions
--- a/roles/kni/tasks/main.yml
+++ b/roles/kni/tasks/main.yml
@@ -13,7 +13,7 @@
 - name: "install kni rpms from localhost"
  yum:
    name:
-      - /tmp/ansible_deploy/kni-2.1.0.b0bbde4-1.el7.centos.x86_64.rpm
+      - /tmp/ansible_deploy/kni-2.1.3.660d2c0-1.el7.centos.x86_64.rpm
    state: present

 - name: Template the sapp.toml
@@ -51,4 +51,3 @@
    name: sapp
    enabled: yes
    daemon_reload: yes
-
--- a/roles/kni/templates/kni.conf.j2
+++ b/roles/kni/templates/kni.conf.j2
@@ -3,7 +3,11 @@ log_path = ./log/kni/kni.log
 log_level = {{ kni.global.log_level }}
 tfe_node_count = {{ kni.global.tfe_node_count }}
 manage_eth = {{ nic_mgr.name }}
+{% if run_as_tun_mode %}
+deploy_mode = tun
+{% else %}
 deploy_mode = normal
+{% endif %}
 tun_name = tun_kni
 src_mac_addr = 00:0e:c6:d6:72:c1
 dst_mac_addr = fe:65:b7:03:50:bd
--- a/roles/kni/templates/sapp.toml.j2
+++ b/roles/kni/templates/sapp.toml.j2
@@ -20,16 +20,30 @@ BSD_packet_filter=""
   
 ### note, depolyment.mode options: [mirror, inline, transparent]
    [packet_io.depolyment]
+    {% if nic_transparent_mode.enable %}
+    mode=transparent
+    {% else %}
    mode=inline
+    {% endif %}

 ### note, interface.type options: [pag,pcap,marsio]
    [packet_io.internal.interface]
+    {% if nic_transparent_mode.enable %}
+    type={{nic_transparent_mode.mode}}
+    name={{nic_transparent_mode.internel_interface}}
+    {% else %}
    type=marsio
    name=vxlan_user
+    {% endif %}

    [packet_io.external.interface]
+    {% if nic_transparent_mode.enable %}
+    type={{nic_transparent_mode.mode}}
+    name={{nic_transparent_mode.external_interface}}
+    {% else %}
    type=pcap
    name=lo
+    {% endif %}

    [packet_io.polling]
 ### note, polling_priority = call sapp_recv_pkt every call polling_entry times,     
--- a/roles/mrzcpd/tasks/main.yml
+++ b/roles/mrzcpd/tasks/main.yml
@@ -1,45 +1,61 @@
---
- name: "copy mrzcpd to destination server"
-  synchronize:
-    src: "{{ role_path }}/files/"
-    dest: "/tmp/ansible_deploy/"
-
- name: "install mrzcpd"
-  yum:
-    name: /tmp/ansible_deploy/mrzcpd-4.3.14.79e262c-1.el7.x86_64.rpm
-    state: present
-
- name: "update sysconfig/mrzcpd"
-  template:
-    src: "{{ role_path }}/templates/mrzcpd.j2"
-    dest: /etc/sysconfig/mrzcpd
-
- name: "update mrglobal.conf - slave blade"
-  template:
-    src: "{{ role_path }}/templates/mrglobal.conf.traffic_mirror.j2"
-    dest: /opt/mrzcpd/etc/mrglobal.conf
-  when: nic_traffic_mirror is defined
-
- name: "update mrglobal.conf - master blade"
-  template:
-    src: "{{ role_path }}/templates/mrglobal.conf.inline.j2"
-    dest: /opt/mrzcpd/etc/mrglobal.conf
-  when: nic_traffic_mirror is not defined
-
- name: "update mrtunnat.conf - master blade"
-  template:
-    src: "{{ role_path }}/templates/mrtunnat.conf.inline.j2"
-    dest: /opt/mrzcpd/etc/mrtunnat.conf
-  when: nic_traffic_mirror is not defined
-
- name: "enable mrenv"
-  systemd:
-    name: mrenv
-    enabled: yes
-    daemon_reload: yes
-
- name: "enable mrzcpd"
-  systemd:
-    name: mrzcpd
-    enabled: yes
-    daemon_reload: yes
+---
+- name: "copy mrzcpd to destination server"
+  synchronize:
+    src: "{{ role_path }}/files/"
+    dest: "/tmp/ansible_deploy/"
+
+- name: "install mrzcpd"
+  yum:
+    name: /tmp/ansible_deploy/mrzcpd-4.3.14.79e262c-1.el7.x86_64.rpm
+    state: present
+
+- name: "update sysconfig/mrzcpd"
+  template:
+    src: "{{ role_path }}/templates/mrzcpd.j2"
+    dest: /etc/sysconfig/mrzcpd
+
+- name: "update mrglobal.conf - slave blade"
+  template:
+    src: "{{ role_path }}/templates/mrglobal.conf.traffic_mirror.j2"
+    dest: /opt/mrzcpd/etc/mrglobal.conf
+  when: nic_traffic_mirror is defined
+
+- name: "update mrglobal.conf - master blade"
+  template:
+    src: "{{ role_path }}/templates/mrglobal.conf.inline.j2"
+    dest: /opt/mrzcpd/etc/mrglobal.conf
+  when: nic_traffic_mirror is not defined
+
+- name: "update mrtunnat.conf - master blade"
+  template:
+    src: "{{ role_path }}/templates/mrtunnat.conf.inline.j2"
+    dest: /opt/mrzcpd/etc/mrtunnat.conf
+  when: nic_traffic_mirror is not defined
+
+- name: "enable mrenv"
+  systemd:
+    name: mrenv
+    enabled: yes
+    daemon_reload: yes
+  when: nic_traffic_mirror.use_mrzcpd == 1
+
+- name: "mask mrenv"
+  systemd:
+    name: mrenv
+    masked: yes
+    daemon_reload: yes
+  when: nic_traffic_mirror.use_mrzcpd == 0
+
+- name: "enable mrzcpd"
+  systemd:
+    name: mrzcpd
+    enabled: yes
+    daemon_reload: yes
+  when: nic_traffic_mirror.use_mrzcpd == 1
+
+- name: "mask mrzcpd"
+  systemd:
+    name: mrzcpd
+    masked: yes
+    daemon_reload: yes
+  when: nic_traffic_mirror.use_mrzcpd == 0
--- a/roles/tfe/tasks/main.yml
+++ b/roles/tfe/tasks/main.yml
@@ -40,6 +40,14 @@
    name: tfe-env
    enabled: yes
    daemon_reload: yes
+  when: not run_as_tun_mode
+
+- name: "enable tfe-env-tun"
+  systemd:
+    name: tfe-env-tun-mode
+    enabled: yes
+    daemon_reload: yes
+  when: run_as_tun_mode

 - name: "enable tfe"
  systemd:
--- a/roles/tfe/templates/tfe-env-config.j2
+++ b/roles/tfe/templates/tfe-env-config.j2
@@ -3,4 +3,9 @@ TFE_DEVICE_DATA_INCOMING={{nic_data_incoming.name}}
 TFE_LOCAL_MAC_DATA_INCOMING=fe:65:b7:03:50:bd
 TFE_PEER_MAC_DATA_INCOMING=aa:bb:cc:dd:ee:ff
 TFE_LOCAL_IP_DATA_INCOMING=172.16.241.2
-TFE_PEER_IP_DATA_INCOMING=172.16.241.1
+TFE_PEER_IP_DATA_INCOMING=172.16.241.1
+
+{% if run_as_tun_mode %}
+TFE_WATCHDOG_DEVICE=lo
+TFE_WATCHDOG_IP=127.0.0.1
+{% endif %}
--- a/roles/tfe/templates/tfe.conf.j2
+++ b/roles/tfe/templates/tfe.conf.j2
@@ -37,7 +37,7 @@ passthrough_all_tcp=0

 [traffic_mirror]
 device= {{ nic_traffic_mirror.name }}
-type = 1
+type = {{ nic_traffic_mirror.use_mrzcpd }}

 [ratelimit]
 #read_rate=200000