From 1d0943fdb069889cdbb3387270c45d16f80a10d0 Mon Sep 17 00:00:00 2001 From: zhangzhihan Date: Thu, 10 Sep 2020 20:12:17 +0800 Subject: [PATCH] update --- deploy.yml | 8 ++ install_config/group_vars/adc_global.yml | 37 ++++---- install_config/group_vars/adc_mcn0.yml | 4 +- .../group_vars/server_as_tun_mode.yml | 21 +++-- install_config/hosts | 35 ++++++-- roles/clotho/templates/clotho.conf.j2 | 2 +- roles/kernel-ml/tasks/main.yml | 8 +- roles/kni/templates/kni.conf.j2 | 4 +- roles/mrzcpd/tasks/main.yml | 85 +++++++++++++++---- .../ATCA_VXLAN/mrglobal.conf.ATCA_VXLAN.j2 | 57 +++++++++++++ .../ATCA_VXLAN/mrtunnat.conf.ATCA_VXLAN.j2 | 20 +++++ .../mrglobal.conf.ATCA_Vlan_Flipping.j2} | 18 ++-- .../mrtunnat.conf.ATCA_Vlan_Flipping.j2} | 11 ++- .../mrglobal.conf.adc_inline.j2} | 4 +- .../mrtunnat.conf.adc_inline.j2} | 0 roles/mrzcpd/templates/mrapp.sapp4.conf | 2 + .../mrglobal.conf.server_inline.j2 | 47 ++++++++++ .../mrtunnat.conf.server_inline.j2 | 18 ++++ roles/sapp/tasks/main.yml | 8 +- roles/sapp/templates/gdev.conf.j2 | 6 ++ .../sapp.service.j2} | 2 + roles/tfe/files/tfe.service | 2 +- roles/tfe/templates/tfe-env-config.j2 | 6 +- roles/tfe/templates/tfe.conf.j2 | 2 +- roles/tsg-env-tun-mode/templates/setup.j2 | 24 +++--- .../templates/tsg-env_stop.j2 | 2 +- roles/tsg_device_tag/tasks/main.yml | 2 +- 27 files changed, 339 insertions(+), 96 deletions(-) create mode 100644 roles/mrzcpd/templates/ATCA_VXLAN/mrglobal.conf.ATCA_VXLAN.j2 create mode 100644 roles/mrzcpd/templates/ATCA_VXLAN/mrtunnat.conf.ATCA_VXLAN.j2 rename roles/mrzcpd/templates/{ATCA_40G/mrglobal.conf.ATCA_40G.j2 => ATCA_Vlan_Flipping/mrglobal.conf.ATCA_Vlan_Flipping.j2} (51%) rename roles/mrzcpd/templates/{ATCA_40G/mrtunnat.conf.ATCA_40G.j2 => ATCA_Vlan_Flipping/mrtunnat.conf.ATCA_Vlan_Flipping.j2} (56%) rename roles/mrzcpd/templates/{inline_device/mrglobal.conf.inline_device.j2 => adc_inline/mrglobal.conf.adc_inline.j2} (94%) rename roles/mrzcpd/templates/{inline_device/mrtunnat.conf.inline_device.j2 => adc_inline/mrtunnat.conf.adc_inline.j2} (100%) create mode 100644 roles/mrzcpd/templates/mrapp.sapp4.conf create mode 100644 roles/mrzcpd/templates/server_inline/mrglobal.conf.server_inline.j2 create mode 100644 roles/mrzcpd/templates/server_inline/mrtunnat.conf.server_inline.j2 rename roles/sapp/{files/sapp.service => templates/sapp.service.j2} (84%) diff --git a/deploy.yml b/deploy.yml index bc614cd..d8933fb 100644 --- a/deploy.yml +++ b/deploy.yml @@ -1,8 +1,10 @@ - hosts: adc_mxn + remote_user: root roles: # - tsg-env-mxn - hosts: adc_mcn0 + remote_user: root vars_files: - install_config/group_vars/adc_global.yml - install_config/group_vars/adc_mcn0.yml @@ -20,8 +22,10 @@ - certstore - cert-redis - telegraf_statistic + - tsg_device_tag - hosts: adc_mcn1 + remote_user: root vars_files: - install_config/group_vars/adc_global.yml - install_config/group_vars/adc_mcn1.yml @@ -33,6 +37,7 @@ - tfe - hosts: adc_mcn2 + remote_user: root vars_files: - install_config/group_vars/adc_global.yml - install_config/group_vars/adc_mcn2.yml @@ -44,6 +49,7 @@ - tfe - hosts: adc_mcn3 + remote_user: root vars_files: - install_config/group_vars/adc_global.yml - install_config/group_vars/adc_mcn3.yml @@ -55,6 +61,7 @@ - tfe - hosts: server-as-tun-mode + remote_user: root vars_files: - install_config/group_vars/server_as_tun_mode.yml roles: @@ -73,3 +80,4 @@ - tfe - telegraf_statistic - proxy_status + - tsg_device_tag diff --git a/install_config/group_vars/adc_global.yml b/install_config/group_vars/adc_global.yml index cd6e96a..5e754be 100644 --- a/install_config/group_vars/adc_global.yml +++ b/install_config/group_vars/adc_global.yml @@ -1,6 +1,6 @@ ######################################### #####1: Inline_device; 2: Allot; 3: ADC_Tun_mode; -tsg_access_type: 2 +tsg_access_type: 3 #####2: ADC; tsg_running_type: 2 @@ -30,20 +30,21 @@ log_minio: ######################################### #Log Level Config #日志等级 10:DEBUG 20:INFO 30:FATAL -fw_ftp_log_level: 10 -fw_mail_log_level: 10 -fw_http_log_level: 10 -fw_dns_log_level: 10 -fw_quic_log_level: 10 -capture_packet_log_level: 10 -tsg_log_level: 10 -tsg_master_log_level: 10 -kni_log_level: 10 -tfe_log_level: 10 -tfe_http_log_level: 10 -pangu_log_level: 10 -doh_log_level: 10 -certstore_log_level: 10 +fw_ftp_log_level: 30 +fw_mail_log_level: 30 +fw_http_log_level: 30 +fw_dns_log_level: 30 +fw_quic_log_level: 30 +capture_packet_log_level: 30 +tsg_log_level: 30 +tsg_master_log_level: 30 +kni_log_level: 30 +tfe_log_level: 30 +tfe_http_log_level: 30 +pangu_log_level: 30 +doh_log_level: 30 +certstore_log_level: 30 +clotho_log_level: 10 ####################################### #Sapp Performance Config @@ -58,7 +59,7 @@ sapp: #Kni Config kni: global: - tfe_node_count: 3 + tfe_node_count: 1 watch_dog: switch: 1 maat: @@ -67,8 +68,8 @@ kni: switch: 1 tfe_nodes: tfe0_enabled: 1 - tfe1_enabled: 1 - tfe2_enabled: 1 + tfe1_enabled: 0 + tfe2_enabled: 0 ######################################## #Tfe Config diff --git a/install_config/group_vars/adc_mcn0.yml b/install_config/group_vars/adc_mcn0.yml index fa3998e..4d6d266 100644 --- a/install_config/group_vars/adc_mcn0.yml +++ b/install_config/group_vars/adc_mcn0.yml @@ -23,8 +23,8 @@ nic_to_tfe: ######################################### #串联设备接入相关配置 inline_device_config: - ip: 192.168.1.30 - mask: 255.255.255.252 + keepalive_ip: 192.168.1.30 + keepalive_mask: 255.255.255.252 ######################################### #Allot接入相关配置 diff --git a/install_config/group_vars/server_as_tun_mode.yml b/install_config/group_vars/server_as_tun_mode.yml index 41d584b..a77a646 100644 --- a/install_config/group_vars/server_as_tun_mode.yml +++ b/install_config/group_vars/server_as_tun_mode.yml @@ -1,8 +1,8 @@ ######################################### -#####0: Pcap; 1: Inline_device; 4: ATCA; -tsg_access_type: 0 +#####0: Pcap; 1: Inline_device; 4: ATCA_Vlan_Flipping; 5:ATCA_VXLAN; +tsg_access_type: 1 #####0: Tun_mode; 1: normal; -tsg_running_type: 0 +tsg_running_type: 1 ######################################## #Server Basic Config @@ -52,6 +52,7 @@ tfe_http_log_level: 10 pangu_log_level: 10 doh_log_level: 10 certstore_log_level: 10 +clotho_log_level: 10 ######################################### #Sapp Performance Config @@ -104,20 +105,26 @@ mrtunnat: ######################################### #ATCA Config #下列配置只在tsg_access_type=4时生效 -nic_data_incoming: +ATCA_data_incoming: ethname: enp1s0 vf0_name: enp1s2 vf1_name: enp1s2f1 vf2_name: enp1s2f2 -VlanFlipping: +ATCA_VlanFlipping: vlanID_1: 100 vlanID_2: 101 vlanID_3: 103 vlanID_4: 104 +#下列配置只在tsg_access_type=5时生效 +ATCA_VXLAN: + keepalive_ip: "10.254.19.1" + keepalive_mask: "255.255.255.252" + ######################################### #Inline Device Config inline_device_config: - ip: 192.168.1.30 - mask: 255.255.255.252 + keepalive_ip: 192.168.1.30 + keepalive_mask: 255.255.255.252 + data_incoming: eth5 diff --git a/install_config/hosts b/install_config/hosts index 0c36bd9..c96c98b 100644 --- a/install_config/hosts +++ b/install_config/hosts @@ -1,17 +1,34 @@ -[all:vars] -ansible_user=root -package_source=local +################### +# For example # +################### +# +#[server-as-tun-mode] +#1.1.1.1 device_id=device_1 +# +#[adc_mxn] +#10.3.72.1 +#10.3.72.2 +# +#[adc_mcn0] +#10.3.73.1 device_id=device_1 vvipv4_1=10.3.61.1 vvipv4_2=10.3.62.1 vvipv6_1=fc00::61:1 vvipv6_2=fc00::62:1 +#10.3.73.2 device_id=device_2 vvipv4_1=10.3.61.2 vvipv4_2=10.3.62.2 vvipv6_1=fc00::61:2 vvipv6_2=fc00::62:2 +# +#[adc_mcn1] +#10.3.74.1 device_id=device_1 +#10.3.74.2 device_id=device_2 +# +#[adc_mcn2] +#10.3.75.1 device_id=device_1 +#10.3.75.2 device_id=device_2 +# +#[adc_mcn3] +#10.3.76.1 device_id=device_1 +#10.3.76.2 device_id=device_2 [server-as-tun-mode] - [adc_mxn] - [adc_mcn0] - [adc_mcn1] - [adc_mcn2] - [adc_mcn3] - diff --git a/roles/clotho/templates/clotho.conf.j2 b/roles/clotho/templates/clotho.conf.j2 index b85c316..95c5ca2 100644 --- a/roles/clotho/templates/clotho.conf.j2 +++ b/roles/clotho/templates/clotho.conf.j2 @@ -3,5 +3,5 @@ BROKER_LIST={{ log_kafkabrokers.address }} [SYSTEM] NIC_NAME={{ nic_mgr.name }} -LOG_LEVEL=10 +LOG_LEVEL={{ clotho_log_level }} LOG_PATH=log/clotho diff --git a/roles/kernel-ml/tasks/main.yml b/roles/kernel-ml/tasks/main.yml index c71c257..1f13b0f 100644 --- a/roles/kernel-ml/tasks/main.yml +++ b/roles/kernel-ml/tasks/main.yml @@ -28,12 +28,18 @@ - tsg_access_type == 4 - t_kernel_ml.changed -- name: "grub2-mkconfig" +- name: "BIOS:grub2-mkconfig" shell: grub2-mkconfig -o /boot/grub2/grub.cfg when: - tsg_access_type == 4 - t_kernel_ml.changed +- name: "UEFI:grub2-mkconfig" + shell: grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg + when: + - tsg_access_type == 4 + - t_kernel_ml.changed + - name: "reboot" reboot: when: t_kernel_ml.changed diff --git a/roles/kni/templates/kni.conf.j2 b/roles/kni/templates/kni.conf.j2 index a812b8b..034d319 100644 --- a/roles/kni/templates/kni.conf.j2 +++ b/roles/kni/templates/kni.conf.j2 @@ -3,7 +3,7 @@ log_path = ./log/kni/kni.log log_level = {{ kni_log_level }} tfe_node_count = {{ kni.global.tfe_node_count }} manage_eth = {{ nic_mgr.name }} -{% if tsg_running_type == 0 %} +{% if tsg_running_type != 2 %} deploy_mode = tun {% else %} deploy_mode = normal @@ -14,7 +14,7 @@ dst_mac_addr = fe:65:b7:03:50:bd {% if tsg_access_type == 4 %} [tfe0] enabled = 1 -dev_eth_symbol = {{ nic_data_incoming.vf1_name }} +dev_eth_symbol = {{ ATCA_data_incoming.vf1_name }} ip_addr = 192.168.100.1 {% elif tsg_running_type == 2 %} [tfe0] diff --git a/roles/mrzcpd/tasks/main.yml b/roles/mrzcpd/tasks/main.yml index 1a34666..90f9981 100644 --- a/roles/mrzcpd/tasks/main.yml +++ b/roles/mrzcpd/tasks/main.yml @@ -21,20 +21,30 @@ when: nic_traffic_mirror is defined -#- name: "update mrglobal.conf.tun_mode - tun_server" -# template: -# src: "{{ role_path }}/templates//mrglobal.conf.tun_mode.j2" -# dest: /opt/mrzcpd/etc/mrglobal.conf -# when: -# - tsg_access_type == 0 - -- name: "update mrglobal.conf.inline - mcn0" +- name: "copy mrapp.sapp4.conf to destination server" template: - src: "{{ role_path }}/templates/inline_device/mrglobal.conf.inline_device.j2" + src: "{{ role_path }}/templates/mrapp.sapp4.conf " + dest: /opt/mrzcpd/etc/mrapp.sapp4.conf + when: + - tsg_access_type == 4 + +- name: "update mrglobal.conf.adc_inline" + template: + src: "{{ role_path }}/templates/adc_inline/mrglobal.conf.adc_inline.j2" dest: /opt/mrzcpd/etc/mrglobal.conf when: - nic_traffic_mirror is not defined - tsg_access_type == 1 + - tsg_running_type == 2 + +- name: "update mrglobal.conf.server_inline" + template: + src: "{{ role_path }}/templates/server_inline/mrglobal.conf.server_inline.j2" + dest: /opt/mrzcpd/etc/mrglobal.conf + when: + - nic_traffic_mirror is not defined + - tsg_access_type == 1 + - tsg_running_type != 2 - name: "update mrglobal.conf.allot - mcn0" template: @@ -53,21 +63,39 @@ - tsg_access_type == 3 -- name: "update mrglobal.conf.ATCA_40G - mcn0" +- name: "update mrglobal.conf.ATCA_Vlan_Flipping" template: - src: "{{ role_path }}/templates/ATCA_40G/mrglobal.conf.ATCA_40G.j2" + src: "{{ role_path }}/templates/ATCA_Vlan_Flipping/mrglobal.conf.ATCA_Vlan_Flipping.j2" dest: /opt/mrzcpd/etc/mrglobal.conf when: - nic_traffic_mirror is not defined - - tsg_access_type == 4 + - tsg_access_type == 4 -- name: "update mrtunnat.conf.inline - mcn0" +- name: "update mrglobal.conf.ATCA_VXLAN" template: - src: "{{ role_path }}/templates/inline_device/mrtunnat.conf.inline_device.j2" + src: "{{ role_path }}/templates/ATCA_VXLAN/mrglobal.conf.ATCA_VXLAN.j2" + dest: /opt/mrzcpd/etc/mrglobal.conf + when: + - nic_traffic_mirror is not defined + - tsg_access_type == 5 + +- name: "update mrtunnat.conf.adc_inline" + template: + src: "{{ role_path }}/templates/adc_inline/mrtunnat.conf.adc_inline.j2" dest: /opt/mrzcpd/etc/mrtunnat.conf when: - nic_traffic_mirror is not defined - tsg_access_type == 1 + - tsg_running_type == 2 + +- name: "update mrtunnat.conf.server_inline" + template: + src: "{{ role_path }}/templates/server_inline/mrtunnat.conf.server_inline.j2" + dest: /opt/mrzcpd/etc/mrtunnat.conf + when: + - nic_traffic_mirror is not defined + - tsg_access_type == 1 + - tsg_running_type != 2 - name: "update mrtunnat.conf.allot_access - mcn0" template: @@ -85,14 +113,22 @@ - nic_traffic_mirror is not defined - tsg_access_type == 3 -- name: "update mrtunnat.conf.ATCA_40G - mcn0" +- name: "update mrtunnat.conf.ATCA_Vlan_Flipping" template: - src: "{{ role_path }}/templates/ATCA_40G/mrtunnat.conf.ATCA_40G.j2" + src: "{{ role_path }}/templates/ATCA_Vlan_Flipping/mrtunnat.conf.ATCA_Vlan_Flipping.j2" dest: /opt/mrzcpd/etc/mrtunnat.conf when: - nic_traffic_mirror is not defined - tsg_access_type == 4 +- name: "update mrtunnat.conf.ATCA_VXLAN" + template: + src: "{{ role_path }}/templates/ATCA_VXLAN/mrtunnat.conf.ATCA_VXLAN.j2" + dest: /opt/mrzcpd/etc/mrtunnat.conf + when: + - nic_traffic_mirror is not defined + - tsg_access_type == 5 + - name: "enable mrenv" systemd: name: mrenv @@ -124,3 +160,20 @@ enabled: no daemon_reload: yes when: nic_traffic_mirror is defined + + +- name: "mask mrzcpd on server_tun_mode" + systemd: + name: mrzcpd + enabled: no + masked: yes + when: + - tsg_access_type == 0 + +- name: "mask mrtunnat on server_tun_mode" + systemd: + name: mrtunnat + enabled: no + masked: yes + when: + - tsg_access_type == 0 diff --git a/roles/mrzcpd/templates/ATCA_VXLAN/mrglobal.conf.ATCA_VXLAN.j2 b/roles/mrzcpd/templates/ATCA_VXLAN/mrglobal.conf.ATCA_VXLAN.j2 new file mode 100644 index 0000000..f012661 --- /dev/null +++ b/roles/mrzcpd/templates/ATCA_VXLAN/mrglobal.conf.ATCA_VXLAN.j2 @@ -0,0 +1,57 @@ +[device] +device={{ATCA_data_incoming.vf0_name}},{{ ATCA_data_incoming.vf1_name }},vxlan_user,vxlan_fwd +sz_tunnel=8192 +sz_buffer=32 + +[device:{{ATCA_data_incoming.vf0_name}}] +mtu=4096 +clear_tx_flags=1 +hw_strip_crc=1 +in_addr={{ ATCA_VXLAN.keepalive_ip }} +in_mask={{ ATCA_VXLAN.keepalive_mask }} +#rssmode=3 + +[device:{{ ATCA_data_incoming.vf1_name }}] +mtu=4096 +clear_tx_flags=1 +vlan-filter=1 +vlan-strip=1 +vlan-id-allow=4095 +vlan-pvid=0 +vlan-pvid-mode=2 +hw_strip_crc=1 +sz_tunnel=8192 +sz_buffer=0 + +[service] +# lcore id for i/o service, use comma to split +iocore={{ mrzcpd.iocore }} +distmode=1 +hashmode=0 +idle_threshold=10000 + +[eal] +virtaddr=0x7f40c4a00000 +loglevel=7 + +[keepalive] +check_spinlock=0 + +[ctrlzone] +ctrlzone0=tunnat,64 + +[pool] +create_mode=3 +sz_direct_pktmbuf=4194304 +sz_indirect_pktmbuf=8192 +sz_cache=256 +sz_data=4096 + +[forward] +nr_forward_rule=6 +forward_rule_0=pv,{{ATCA_data_incoming.vf0_name}},{{ATCA_data_incoming.vf0_name}} +forward_rule_1=vp,{{ATCA_data_incoming.vf0_name}},{{ATCA_data_incoming.vf0_name}} +forward_rule_2=vv,vxlan_fwd,vxlan_user +forward_rule_3=vv,vxlan_user,vxlan_fwd +forward_rule_4=pv,{{ ATCA_data_incoming.vf1_name }},{{ ATCA_data_incoming.vf1_name }} +forward_rule_5=vp,{{ ATCA_data_incoming.vf1_name }},{{ ATCA_data_incoming.vf1_name }} diff --git a/roles/mrzcpd/templates/ATCA_VXLAN/mrtunnat.conf.ATCA_VXLAN.j2 b/roles/mrzcpd/templates/ATCA_VXLAN/mrtunnat.conf.ATCA_VXLAN.j2 new file mode 100644 index 0000000..ac710dd --- /dev/null +++ b/roles/mrzcpd/templates/ATCA_VXLAN/mrtunnat.conf.ATCA_VXLAN.j2 @@ -0,0 +1,20 @@ +[tunnat] +lcore_id={{ mrtunnat.lcore_id }} +appsym=tunnat +phydev={{ATCA_data_incoming.vf0_name}} +virtdev=vxlan_fwd +nr_max_sessions=524280 +nr_slots=1048576 +expire_time=60 +reverse_tunnel=0 +use_recent_tunnel=0 +use_link_info_table=1 +use_tuple4_as_sskey=0 +ctrlzone_addr_info_type=2 +idle_threshold=10000 + +[vlan_flipping] +enable=0 +c_router_vlan_id_0=1000 +i_router_vlan_id_0=1001 +en_mac_flipping_0=0 diff --git a/roles/mrzcpd/templates/ATCA_40G/mrglobal.conf.ATCA_40G.j2 b/roles/mrzcpd/templates/ATCA_Vlan_Flipping/mrglobal.conf.ATCA_Vlan_Flipping.j2 similarity index 51% rename from roles/mrzcpd/templates/ATCA_40G/mrglobal.conf.ATCA_40G.j2 rename to roles/mrzcpd/templates/ATCA_Vlan_Flipping/mrglobal.conf.ATCA_Vlan_Flipping.j2 index 96c417b..01e6543 100644 --- a/roles/mrzcpd/templates/ATCA_40G/mrglobal.conf.ATCA_40G.j2 +++ b/roles/mrzcpd/templates/ATCA_Vlan_Flipping/mrglobal.conf.ATCA_Vlan_Flipping.j2 @@ -1,20 +1,20 @@ [device] -device={{nic_data_incoming.vf0_name}},{{ nic_data_incoming.vf1_name }},vxlan_user,vxlan_fwd +device={{ATCA_data_incoming.vf0_name}},{{ ATCA_data_incoming.vf1_name }},vxlan_user,vxlan_fwd sz_tunnel=8192 sz_buffer=32 -[device:{{nic_data_incoming.vf0_name}}] +[device:{{ATCA_data_incoming.vf0_name}}] mtu=4096 clear_tx_flags=1 vlan-filter=1 vlan-strip=1 -vlan-id-allow={{ VlanFlipping.vlanID_1 }},{{ VlanFlipping.vlanID_2 }},{{ VlanFlipping.vlanID_3 }},{{ VlanFlipping.vlanID_4 }} +vlan-id-allow={{ ATCA_VlanFlipping.vlanID_1 }},{{ ATCA_VlanFlipping.vlanID_2 }},{{ ATCA_VlanFlipping.vlanID_3 }},{{ ATCA_VlanFlipping.vlanID_4 }} vlan-pvid=0 vlan-pvid-mode=2 hw_strip_crc=1 -rssmode=3 +#rssmode=3 -[device:{{ nic_data_incoming.vf1_name }}] +[device:{{ ATCA_data_incoming.vf1_name }}] mtu=4096 clear_tx_flags=1 vlan-filter=1 @@ -52,9 +52,9 @@ sz_data=4096 [forward] nr_forward_rule=6 -forward_rule_0=pv,{{nic_data_incoming.vf0_name}},{{nic_data_incoming.vf0_name}} -forward_rule_1=vp,{{nic_data_incoming.vf0_name}},{{nic_data_incoming.vf0_name}} +forward_rule_0=pv,{{ATCA_data_incoming.vf0_name}},{{ATCA_data_incoming.vf0_name}} +forward_rule_1=vp,{{ATCA_data_incoming.vf0_name}},{{ATCA_data_incoming.vf0_name}} forward_rule_2=vv,vxlan_fwd,vxlan_user forward_rule_3=vv,vxlan_user,vxlan_fwd -forward_rule_4=pv,{{ nic_data_incoming.vf1_name }},{{ nic_data_incoming.vf1_name }} -forward_rule_5=vp,{{ nic_data_incoming.vf1_name }},{{ nic_data_incoming.vf1_name }} +forward_rule_4=pv,{{ ATCA_data_incoming.vf1_name }},{{ ATCA_data_incoming.vf1_name }} +forward_rule_5=vp,{{ ATCA_data_incoming.vf1_name }},{{ ATCA_data_incoming.vf1_name }} diff --git a/roles/mrzcpd/templates/ATCA_40G/mrtunnat.conf.ATCA_40G.j2 b/roles/mrzcpd/templates/ATCA_Vlan_Flipping/mrtunnat.conf.ATCA_Vlan_Flipping.j2 similarity index 56% rename from roles/mrzcpd/templates/ATCA_40G/mrtunnat.conf.ATCA_40G.j2 rename to roles/mrzcpd/templates/ATCA_Vlan_Flipping/mrtunnat.conf.ATCA_Vlan_Flipping.j2 index 4663143..95f1734 100644 --- a/roles/mrzcpd/templates/ATCA_40G/mrtunnat.conf.ATCA_40G.j2 +++ b/roles/mrzcpd/templates/ATCA_Vlan_Flipping/mrtunnat.conf.ATCA_Vlan_Flipping.j2 @@ -1,7 +1,7 @@ [tunnat] lcore_id={{ mrtunnat.lcore_id }} appsym=tunnat -phydev={{nic_data_incoming.vf0_name}} +phydev={{ATCA_data_incoming.vf0_name}} virtdev=vxlan_fwd nr_max_sessions=524280 nr_slots=1048576 @@ -15,10 +15,9 @@ idle_threshold=10000 [vlan_flipping] enable=1 -c_router_vlan_id_0={{ VlanFlipping.vlanID_1 }} -i_router_vlan_id_0={{ VlanFlipping.vlanID_2 }} +c_router_vlan_id_0={{ ATCA_VlanFlipping.vlanID_1 }} +i_router_vlan_id_0={{ ATCA_VlanFlipping.vlanID_2 }} en_mac_flipping_0=0 -en_mac_flipping_0=0 -c_router_vlan_id_1={{ VlanFlipping.vlanID_3 }} -i_router_vlan_id_1={{ VlanFlipping.vlanID_4 }} +c_router_vlan_id_1={{ ATCA_VlanFlipping.vlanID_3 }} +i_router_vlan_id_1={{ ATCA_VlanFlipping.vlanID_4 }} en_mac_flipping_1=0 diff --git a/roles/mrzcpd/templates/inline_device/mrglobal.conf.inline_device.j2 b/roles/mrzcpd/templates/adc_inline/mrglobal.conf.adc_inline.j2 similarity index 94% rename from roles/mrzcpd/templates/inline_device/mrglobal.conf.inline_device.j2 rename to roles/mrzcpd/templates/adc_inline/mrglobal.conf.adc_inline.j2 index 662f13e..0b724a5 100644 --- a/roles/mrzcpd/templates/inline_device/mrglobal.conf.inline_device.j2 +++ b/roles/mrzcpd/templates/adc_inline/mrglobal.conf.adc_inline.j2 @@ -4,8 +4,8 @@ sz_tunnel=8192 sz_buffer=0 [device:{{nic_data_incoming.name}}] -in_addr={{inline_device_config.ip}} -in_mask={{inline_device_config.mask}} +in_addr={{inline_device_config.keepalive_ip}} +in_mask={{inline_device_config.keepalive_mask}} jumbo_frame=1 max_rx_pkt_len=15360 clear_tx_flags=1 diff --git a/roles/mrzcpd/templates/inline_device/mrtunnat.conf.inline_device.j2 b/roles/mrzcpd/templates/adc_inline/mrtunnat.conf.adc_inline.j2 similarity index 100% rename from roles/mrzcpd/templates/inline_device/mrtunnat.conf.inline_device.j2 rename to roles/mrzcpd/templates/adc_inline/mrtunnat.conf.adc_inline.j2 diff --git a/roles/mrzcpd/templates/mrapp.sapp4.conf b/roles/mrzcpd/templates/mrapp.sapp4.conf new file mode 100644 index 0000000..6f6c944 --- /dev/null +++ b/roles/mrzcpd/templates/mrapp.sapp4.conf @@ -0,0 +1,2 @@ +[bpfdump:vxlan_user] +enable=1 diff --git a/roles/mrzcpd/templates/server_inline/mrglobal.conf.server_inline.j2 b/roles/mrzcpd/templates/server_inline/mrglobal.conf.server_inline.j2 new file mode 100644 index 0000000..b5cef2d --- /dev/null +++ b/roles/mrzcpd/templates/server_inline/mrglobal.conf.server_inline.j2 @@ -0,0 +1,47 @@ +[device] +device={{inline_device_config.data_incoming}},vxlan_user,vxlan_fwd +sz_tunnel=8192 +sz_buffer=0 + +[device:{{inline_device_config.data_incoming}}] +in_addr={{inline_device_config.keepalive_ip}} +in_mask={{inline_device_config.keepalive_mask}} +jumbo_frame=1 +max_rx_pkt_len=15360 +clear_tx_flags=1 + +#[device:] +#jumbo_frame=1 +#max_rx_pkt_len=15360 +#clear_tx_flags=1 +#promisc=1 + +[service] +# lcore id for i/o service, use comma to split +iocore={{ mrzcpd.iocore }} +distmode=2 +hashmode=0 + +[eal] +virtaddr=0x7f40c4a00000 +loglevel=7 + +[keepalive] +check_spinlock=0 + +[ctrlzone] +ctrlzone0=tunnat,64 + +[pool] +create_mode=3 +sz_direct_pktmbuf=4194304 +sz_indirect_pktmbuf=8192 +sz_cache=256 +sz_data=4096 + +[forward] +nr_forward_rule=4 +forward_rule_0=pv,{{inline_device_config.data_incoming}},{{inline_device_config.data_incoming}} +forward_rule_1=vp,{{inline_device_config.data_incoming}},{{inline_device_config.data_incoming}} +forward_rule_2=vv,vxlan_fwd,vxlan_user +forward_rule_3=vv,vxlan_user,vxlan_fwd diff --git a/roles/mrzcpd/templates/server_inline/mrtunnat.conf.server_inline.j2 b/roles/mrzcpd/templates/server_inline/mrtunnat.conf.server_inline.j2 new file mode 100644 index 0000000..8062df4 --- /dev/null +++ b/roles/mrzcpd/templates/server_inline/mrtunnat.conf.server_inline.j2 @@ -0,0 +1,18 @@ +[tunnat] +lcore_id={{ mrtunnat.lcore_id }} +appsym=tunnat +phydev={{inline_device_config.data_incoming}} +virtdev=vxlan_fwd +nr_max_sessions=524280 +nr_slots=1048576 +expire_time=60 +reverse_tunnel=0 +use_recent_tunnel=0 +use_tuple4_as_sskey=1 +ctrlzone_addr_info_type=2 + +[vlan_flipping] +enable=0 +c_router_vlan_id_0=1000 +i_router_vlan_id_0=1001 +en_mac_flipping_0=0 diff --git a/roles/sapp/tasks/main.yml b/roles/sapp/tasks/main.yml index 64ffe65..cdbdbe7 100644 --- a/roles/sapp/tasks/main.yml +++ b/roles/sapp/tasks/main.yml @@ -41,10 +41,10 @@ when: tsg_access_type == 1 -- name: "copy sapp.service destination server" - copy: - src: "{{ role_path }}/files/sapp.service" - dest: /usr/lib/systemd/system/ +- name: "Template sapp.service destination server" + template: + src: "{{ role_path }}/templates/sapp.service.j2" + dest: /usr/lib/systemd/system/sapp.service mode: 0755 - name: "enable sapp" diff --git a/roles/sapp/templates/gdev.conf.j2 b/roles/sapp/templates/gdev.conf.j2 index e5ce624..f395dff 100644 --- a/roles/sapp/templates/gdev.conf.j2 +++ b/roles/sapp/templates/gdev.conf.j2 @@ -1,5 +1,11 @@ [Module] +{% if tsg_running_type == 2 %} pcapdevice={{ nic_data_incoming.name }} sendto_gdev_card={{ nic_data_incoming.name }} sendto_gdev_ip={{ inline_device_config.ip }} +{% else %} +pcapdevice={{ inline_device_config.data_incoming }} +sendto_gdev_card={{ inline_device_config.data_incoming }} +sendto_gdev_ip={{ inline_device_config.keepalive_ip }} +{% endif %} gdev_status_switch=1 diff --git a/roles/sapp/files/sapp.service b/roles/sapp/templates/sapp.service.j2 similarity index 84% rename from roles/sapp/files/sapp.service rename to roles/sapp/templates/sapp.service.j2 index db84b61..e55f2fc 100755 --- a/roles/sapp/files/sapp.service +++ b/roles/sapp/templates/sapp.service.j2 @@ -1,7 +1,9 @@ [Unit] Description=sapp service +{% if tsg_running_type != 0 %} Requires=mrzcpd.service After=mrzcpd.service +{% endif %} [Service] WorkingDirectory=/home/mesasoft/sapp_run ExecStart=/home/mesasoft/sapp_run/sapp diff --git a/roles/tfe/files/tfe.service b/roles/tfe/files/tfe.service index c64a43d..86f2d11 100755 --- a/roles/tfe/files/tfe.service +++ b/roles/tfe/files/tfe.service @@ -8,7 +8,7 @@ After=tfe-env.service Type=notify ExecStart=/opt/tsg/tfe/bin/tfe WorkingDirectory=/opt/tsg/tfe/ -TimeoutSec=3600s +TimeoutSec=7200s RestartSec=10s Restart=always LimitNOFILE=524288 diff --git a/roles/tfe/templates/tfe-env-config.j2 b/roles/tfe/templates/tfe-env-config.j2 index 500e25f..4a35445 100644 --- a/roles/tfe/templates/tfe-env-config.j2 +++ b/roles/tfe/templates/tfe-env-config.j2 @@ -1,6 +1,6 @@ {% if tsg_access_type == 4 %} -TFE_DEVICE_DATA_INCOMING={{ nic_data_incoming.vf2_name }} -{% elif tsg_running_type == 0 %} +TFE_DEVICE_DATA_INCOMING={{ ATCA_data_incoming.vf2_name }} +{% elif tsg_running_type != 2 %} TFE_DEVICE_DATA_INCOMING=tun_kni {% else %} TFE_DEVICE_DATA_INCOMING={{ nic_data_incoming.name }} @@ -14,7 +14,7 @@ TFE_PEER_MAC_DATA_INCOMING=aa:bb:cc:dd:ee:ff TFE_LOCAL_IP_DATA_INCOMING=172.16.241.2 TFE_PEER_IP_DATA_INCOMING=172.16.241.1 -{% if tsg_running_type == 0 %} +{% if tsg_running_type != 2 %} TFE_WATCHDOG_DEVICE={{ nic_inner_ctrl.name }} TFE_WATCHDOG_IP=192.168.100.1 {% endif %} diff --git a/roles/tfe/templates/tfe.conf.j2 b/roles/tfe/templates/tfe.conf.j2 index a8770a3..390c621 100644 --- a/roles/tfe/templates/tfe.conf.j2 +++ b/roles/tfe/templates/tfe.conf.j2 @@ -55,7 +55,7 @@ enable_health_check=1 passthrough_all_tcp=0 [traffic_mirror] -{% if tsg_running_type == 0 %} +{% if tsg_running_type != 2 %} device=lo type=0 {% else %} diff --git a/roles/tsg-env-tun-mode/templates/setup.j2 b/roles/tsg-env-tun-mode/templates/setup.j2 index c0f0d51..4ac57d9 100644 --- a/roles/tsg-env-tun-mode/templates/setup.j2 +++ b/roles/tsg-env-tun-mode/templates/setup.j2 @@ -11,17 +11,17 @@ ethtool -K {{ packet_io.external_interface }} tso off ethtool -K {{ packet_io.external_interface }} gso off ethtool -K {{ packet_io.external_interface }} gro off {% elif tsg_access_type == 4 %} -echo 3 > /sys/class/net/{{ nic_data_incoming.ethname }}/device/sriov_numvfs -ip link set {{ nic_data_incoming.ethname }} vf 1 vlan 4095 -ip link set {{ nic_data_incoming.ethname }} vf 2 vlan 4095 -ip link set {{ nic_data_incoming.ethname }} vf 0 trust on -ip link set {{ nic_data_incoming.ethname }} vf 1 trust on -ip link set {{ nic_data_incoming.ethname }} vf 2 trust on -ip link set {{ nic_data_incoming.ethname }} vf 1 mac 00:0e:c6:d6:72:c1 -ip link set {{ nic_data_incoming.ethname }} vf 2 mac fe:65:b7:03:50:bd -ip link set {{ nic_data_incoming.ethname }} vf 0 spoofchk off -ip link set {{ nic_data_incoming.vf0_name }} up -ip link set {{ nic_data_incoming.vf1_name }} up -ip link set {{ nic_data_incoming.vf2_name }} up +echo 3 > /sys/class/net/{{ ATCA_data_incoming.ethname }}/device/sriov_numvfs +ip link set {{ ATCA_data_incoming.ethname }} vf 1 vlan 4095 +ip link set {{ ATCA_data_incoming.ethname }} vf 2 vlan 4095 +ip link set {{ ATCA_data_incoming.ethname }} vf 0 trust on +ip link set {{ ATCA_data_incoming.ethname }} vf 1 trust on +ip link set {{ ATCA_data_incoming.ethname }} vf 2 trust on +ip link set {{ ATCA_data_incoming.ethname }} vf 1 mac 00:0e:c6:d6:72:c1 +ip link set {{ ATCA_data_incoming.ethname }} vf 2 mac fe:65:b7:03:50:bd +ip link set {{ ATCA_data_incoming.ethname }} vf 0 spoofchk off +ip link set {{ ATCA_data_incoming.vf0_name }} up +ip link set {{ ATCA_data_incoming.vf1_name }} up +ip link set {{ ATCA_data_incoming.vf2_name }} up {% endif %} diff --git a/roles/tsg-env-tun-mode/templates/tsg-env_stop.j2 b/roles/tsg-env-tun-mode/templates/tsg-env_stop.j2 index a227ebd..67a5de5 100644 --- a/roles/tsg-env-tun-mode/templates/tsg-env_stop.j2 +++ b/roles/tsg-env-tun-mode/templates/tsg-env_stop.j2 @@ -4,5 +4,5 @@ echo 0 >/sys/class/net/{{ nic_mgr.name }}/device/sriov_numvfs ifconfig {{ nic_mgr.name }}.100 down vconfig rem {{ nic_mgr.name }}.100 {% if tsg_access_type == 4 %} -echo 0 >/sys/class/net/{{ nic_data_incoming.ethname }}/device/sriov_numvfs +echo 0 >/sys/class/net/{{ ATCA_data_incoming.ethname }}/device/sriov_numvfs {% endif %} diff --git a/roles/tsg_device_tag/tasks/main.yml b/roles/tsg_device_tag/tasks/main.yml index ebe91d2..28f7ac7 100644 --- a/roles/tsg_device_tag/tasks/main.yml +++ b/roles/tsg_device_tag/tasks/main.yml @@ -1,6 +1,6 @@ - name: "create /opt/tsg/etc/" file: - path: /opt/proxy_status + path: /opt/tsg/etc state: directory - name: "Template tsg_device_tag.json"