diff --git a/roles/docker-env/files/daemon.json b/roles/docker-env/files/daemon.json new file mode 100644 index 0000000..c34d29f --- /dev/null +++ b/roles/docker-env/files/daemon.json @@ -0,0 +1 @@ +{"iptables":false,"bridge": "none"} diff --git a/roles/docker-env/tasks/docker-ce.yml b/roles/docker-env/tasks/docker-ce.yml index ee8ed47..bd6b8cc 100644 --- a/roles/docker-env/tasks/docker-ce.yml +++ b/roles/docker-env/tasks/docker-ce.yml @@ -30,6 +30,11 @@ - /tmp/ansible_deploy/docker-ce/libsemanage-2.5-14.el7.x86_64.rpm state: present +- name: "docker-ce: copy daemon.json to target" + copy: + src: '{{ role_path }}/files/daemon.json' + dest: /etc/docker/ + - name: "docker-ce: systemctl start docker and enabled docker" systemd: name: docker diff --git a/roles/tfe/files/tfe-4.4.01.3e020b9-1.el7.x86_64.rpm b/roles/tfe/files/tfe-4.4.01.3e020b9-1.el7.x86_64.rpm deleted file mode 100644 index 019cc81..0000000 Binary files a/roles/tfe/files/tfe-4.4.01.3e020b9-1.el7.x86_64.rpm and /dev/null differ diff --git a/roles/tfe/files/tfe-4.5.01.91facad-1.el7.x86_64.rpm b/roles/tfe/files/tfe-4.5.01.91facad-1.el7.x86_64.rpm new file mode 100644 index 0000000..edf6923 Binary files /dev/null and b/roles/tfe/files/tfe-4.5.01.91facad-1.el7.x86_64.rpm differ diff --git a/roles/tfe/tasks/main.yml b/roles/tfe/tasks/main.yml index e45664d..4ff64ea 100644 --- a/roles/tfe/tasks/main.yml +++ b/roles/tfe/tasks/main.yml @@ -13,8 +13,7 @@ - name: "install tfe rpms from localhost" yum: name: - - /tmp/ansible_deploy/tfe-kmod-v1.0.5.20200408-1dkms.noarch.rpm - - /tmp/ansible_deploy/tfe-4.4.01.3e020b9-1.el7.x86_64.rpm + - /tmp/ansible_deploy/tfe-4.5.01.91facad-1.el7.x86_64.rpm state: present - name: "tfe:copy cert file to device" diff --git a/roles/tfe/templates/tfe.conf.j2 b/roles/tfe/templates/tfe.conf.j2 index 6aa98dc..219b23d 100644 --- a/roles/tfe/templates/tfe.conf.j2 +++ b/roles/tfe/templates/tfe.conf.j2 @@ -1,7 +1,8 @@ [system] nr_worker_threads={{ tfe.nr_threads }} enable_kni_v1=0 -enable_kni_v2=1 +enable_kni_v2=0 +enable_kni_v3=1 # Only when (disable_coredump == 1 || (enable_breakpad == 1 && enable_breakpad_upload == 1)) is satisfied, the core will not be generated locally disable_coredump=0 @@ -19,6 +20,12 @@ cpu_affinity_mask=1-9 # LEAST_CONN = 0; ROUND_ROBIN = 1 load_balance=1 +[nfq] +queue_id=1 +queue_maxlen=655350 +queue_rcvbufsiz=983025000 +queue_no_enobufs=1 + [kni] # kni v1 #uxdomain=/var/run/.tfe_kni_acceptor_handler diff --git a/roles/tfe/templates/tfe_kmod.conf.j2 b/roles/tfe/templates/tfe_kmod.conf.j2 deleted file mode 100644 index 50f1517..0000000 --- a/roles/tfe/templates/tfe_kmod.conf.j2 +++ /dev/null @@ -1,2 +0,0 @@ -# load tfe_kmod at boot -tfe_kmod