增加TUN与双臂模式的部署支持

deploy.yml

@@ -32,3 +32,10 @@
   roles:
     - tsg-env-mxn
 
+- hosts: pc-as-tun-mode
+  roles:
+    - mrzcpd
+    - framework
+    - kni
+    - certstore
+    - tfe

env-stage-pc/group_vars/all.yml

@@ -0,0 +1,80 @@
+maat_redis_server:
+  address: "192.168.40.83"
+  port: 7002
+  db: 0
+
+dynamic_maat_redis_server:
+  address: "192.168.40.83"
+  port: 7002
+  db: 0
+
+cert_store_server:
+  address: "127.0.0.1"
+  port: 9991
+
+log_kafkabrokers:
+  address: "192.168.40.85:9092"
+
+log_minio:
+  address: "192.168.40.85;"
+  port: 9000
+
+fs_remote:
+  switch: 1
+  address: "127.0.0.1"
+  port: 8125
+
+kni:
+  global:
+    log_level: 30
+    tfe_node_count: 3
+  watch_dog:
+    switch: 1
+  maat:
+    readconf_mode: 2
+  send_logger:
+    switch: 1
+  tfe_nodes:
+    - tfe0:
+        enabled: 1
+    - tfe1:
+        enabled: 1
+    - tfe2:
+        enabled: 1
+tfe:
+  nr_threads: 32
+  keykeeper:
+    mode: "normal"
+    no_cache: 0
+
+mrzcpd:
+  iocore: 47
+
+mrtunnat:
+  lcore_id: 46
+
+nic_mgr:
+  name: eth0
+nic_data_incoming:
+  name: tun_kni
+  address: 127.0.0.1
+nic_inner_ctrl:
+  name: lo
+nic_to_tfe:
+  tfe0:
+    name: lo
+  tfe1:
+    name: lo
+  tfe2:
+    name: lo
+nic_traffic_mirror:
+  name: lo
+  use_mrzcpd: 0
+
+nic_transparent_mode:
+  enable: 1
+  mode: pcap
+  internel_interface: "enp0s20f0u3"
+  external_interface: "enp0s20f0u4"
+
+run_as_tun_mode: 1

env-stage-pc/hosts

@@ -0,0 +1,6 @@
+[all:vars]
+ansible_user=root
+package_source=local
+
+[pc-as-tun-mode]
+192.168.40.85

env-stage-xxg/hosts

@@ -1,6 +1,6 @@
 [all:vars]
 ansible_user=root
-package_source=local
+package_source=pulp
 
 [blade-mxn]
 192.168.40.25

roles/kni/tasks/main.yml

@@ -13,7 +13,7 @@
 - name: "install kni rpms from localhost"
   yum:
     name:
-      - /tmp/ansible_deploy/kni-2.1.0.b0bbde4-1.el7.centos.x86_64.rpm
+      - /tmp/ansible_deploy/kni-2.1.3.660d2c0-1.el7.centos.x86_64.rpm
     state: present
 
 - name: Template the sapp.toml
@@ -51,4 +51,3 @@
     name: sapp
     enabled: yes
     daemon_reload: yes
-

roles/kni/templates/kni.conf.j2

@@ -3,7 +3,11 @@ log_path = ./log/kni/kni.log
 log_level = {{ kni.global.log_level }}
 tfe_node_count = {{ kni.global.tfe_node_count }}
 manage_eth = {{ nic_mgr.name }}
+{% if run_as_tun_mode %}
+deploy_mode = tun
+{% else %}
 deploy_mode = normal
+{% endif %}
 tun_name = tun_kni
 src_mac_addr = 00:0e:c6:d6:72:c1
 dst_mac_addr = fe:65:b7:03:50:bd

roles/kni/templates/sapp.toml.j2

@@ -20,16 +20,30 @@ BSD_packet_filter=""
    
 ### note, depolyment.mode options: [mirror, inline, transparent]
     [packet_io.depolyment]
+    {% if nic_transparent_mode.enable %}
+    mode=transparent
+    {% else %}
     mode=inline
+    {% endif %}
 
 ### note, interface.type options: [pag,pcap,marsio]
     [packet_io.internal.interface]
+    {% if nic_transparent_mode.enable %}
+    type={{nic_transparent_mode.mode}}
+    name={{nic_transparent_mode.internel_interface}}
+    {% else %}
     type=marsio
     name=vxlan_user
+    {% endif %}
 
     [packet_io.external.interface]
+    {% if nic_transparent_mode.enable %}
+    type={{nic_transparent_mode.mode}}
+    name={{nic_transparent_mode.external_interface}}
+    {% else %}
     type=pcap
     name=lo
+    {% endif %}
 
     [packet_io.polling]
 ### note, polling_priority = call sapp_recv_pkt every call polling_entry times,     

roles/mrzcpd/tasks/main.yml

@@ -37,9 +37,25 @@
     name: mrenv
     enabled: yes
     daemon_reload: yes
+  when: nic_traffic_mirror.use_mrzcpd == 1
+
+- name: "mask mrenv"
+  systemd:
+    name: mrenv
+    masked: yes
+    daemon_reload: yes
+  when: nic_traffic_mirror.use_mrzcpd == 0
 
 - name: "enable mrzcpd"
   systemd:
     name: mrzcpd
     enabled: yes
     daemon_reload: yes
+  when: nic_traffic_mirror.use_mrzcpd == 1
+
+- name: "mask mrzcpd"
+  systemd:
+    name: mrzcpd
+    masked: yes
+    daemon_reload: yes
+  when: nic_traffic_mirror.use_mrzcpd == 0

roles/tfe/tasks/main.yml

@@ -40,6 +40,14 @@
     name: tfe-env
     enabled: yes
     daemon_reload: yes
+  when: not run_as_tun_mode
+
+- name: "enable tfe-env-tun"
+  systemd:
+    name: tfe-env-tun-mode
+    enabled: yes
+    daemon_reload: yes
+  when: run_as_tun_mode
 
 - name: "enable tfe"
   systemd:

roles/tfe/templates/tfe-env-config.j2

@@ -4,3 +4,8 @@ TFE_LOCAL_MAC_DATA_INCOMING=fe:65:b7:03:50:bd
 TFE_PEER_MAC_DATA_INCOMING=aa:bb:cc:dd:ee:ff
 TFE_LOCAL_IP_DATA_INCOMING=172.16.241.2
 TFE_PEER_IP_DATA_INCOMING=172.16.241.1
+
+{% if run_as_tun_mode %}
+TFE_WATCHDOG_DEVICE=lo
+TFE_WATCHDOG_IP=127.0.0.1
+{% endif %}

roles/tfe/templates/tfe.conf.j2

@@ -37,7 +37,7 @@ passthrough_all_tcp=0
 
 [traffic_mirror]
 device= {{ nic_traffic_mirror.name }}
-type = 1
+type = {{ nic_traffic_mirror.use_mrzcpd }}
 
 [ratelimit]
 #read_rate=200000