diff --git a/Aktau_install_config/group_vars/adc_global.yml b/Aktau_install_config/group_vars/adc_global.yml index 5a6dcbd..a61e91d 100644 --- a/Aktau_install_config/group_vars/adc_global.yml +++ b/Aktau_install_config/group_vars/adc_global.yml @@ -51,6 +51,7 @@ fw_mail_log_level: 10 fw_http_log_level: 10 fw_dns_log_level: 10 fw_quic_log_level: 10 +app_control_log_level: 10 capture_packet_log_level: 10 tsg_log_level: 10 tsg_master_log_level: 10 diff --git a/Aktau_install_config/group_vars/adc_global.yml-bak b/Aktau_install_config/group_vars/adc_global.yml-bak new file mode 100644 index 0000000..5a6dcbd --- /dev/null +++ b/Aktau_install_config/group_vars/adc_global.yml-bak @@ -0,0 +1,127 @@ +######################################### +#####1: Inline_device; 2: Allot; 3: ADC_Tun_mode; +tsg_access_type: 2 +#####2: ADC; +tsg_running_type: 2 + +######################################## +#Deploy_finished_reboot +Deploy_finished_reboot: 0 + +######################################## +#IP Config +maat_redis_city_server: + address: "10.1.62.253" + port: 7002 + +maat_redis_server: + address: "192.168.100.1" + port: 7002 + port_num: 1 + db: 0 + +dynamic_maat_redis_server: + address: "192.168.100.1" + port: 7002 + port_num: 1 + db: 1 + +cert_store_server: + address: "192.168.100.1" + port: 9991 + +log_kafkabrokers: + address: "10.1.61.4:9092,10.1.61.5:9092,10.1.61.6:9092" + +telegraf_kafkabrokers: + address: "\"10.1.61.4:9092\",\"10.1.61.5:9092\",\"10.1.61.6:9092\"" + +monitor_outputs_influxdb: + url: "http://127.0.0.1:58086" + +log_minio: + address: "10.1.62.253" + port: 9090 + +######################################### +#Log Level Config +#日志等级 10:DEBUG 20:INFO 30:FATAL +fw_ftp_log_level: 10 +fw_mail_log_level: 10 +fw_http_log_level: 10 +fw_dns_log_level: 10 +fw_quic_log_level: 10 +capture_packet_log_level: 10 +tsg_log_level: 10 +tsg_master_log_level: 10 +kni_log_level: 10 + +#日志等级 DEBUG INFO FATAL +tfe_log_level: FATAL +tfe_http_log_level: FATAL +pangu_log_level: FATAL +doh_log_level: FATAL + +certstore_log_level: FATAL +packet_dump_log_level: 10 + +####################################### +#Sapp Performance Config +#Sapp工作在ADC计算板0时,建议使用如下30+8的配置,以保证更高的处理性能 +sapp: + worker_threads: 42 + send_only_threads_max: 1 + bind_mask: 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43 + inbound_route_dir: 1 + +######################################## +#Kni Config +kni: + global: + tfe_node_count: 3 + watch_dog: + switch: 1 + maat: + readconf_mode: 2 + send_logger: + switch: 1 + tfe_nodes: + tfe0_enabled: 1 + tfe1_enabled: 1 + tfe2_enabled: 1 + +######################################## +#Tfe Config +tfe: + nr_threads: 32 + mirror_enable: 1 + +######################################## +#Marsio Config +#marsio工作在ADC计算板时,建议使用如下配置,以保证更高的处理性能 +mrzcpd: + iocore: 52,53,54,55 + +mrtunnat: + lcore_id: 48,49,50,51 + +######################################### +#Tsg_app +tsg_app_enable: 0 +app_global_ip: "1.1.1.1" +applog_level: 10 +app_master_log_level: 10 +app_sketch_local_log_level: 10 +app_control_plug_log_level: 10 + + +breakpad_upload_url: http://10.4.63.4:9000/api/2/minidump/?sentry_key=3556bac347c74585a994eb6823faf5c6 + +data_center: Aktau +tsg_master_entrance_id: 1 +nic_mgr: + name: em1 + +sapp_prometheus_enable: 1 +sapp_prometheus_port: 9273 +sapp_prometheus_url_path: "/metrics" diff --git a/Aktubinsk_install_config/group_vars/adc_global.yml b/Aktubinsk_install_config/group_vars/adc_global.yml index 73ca122..2056c53 100644 --- a/Aktubinsk_install_config/group_vars/adc_global.yml +++ b/Aktubinsk_install_config/group_vars/adc_global.yml @@ -51,6 +51,7 @@ fw_mail_log_level: 10 fw_http_log_level: 10 fw_dns_log_level: 10 fw_quic_log_level: 10 +app_control_log_level: 10 capture_packet_log_level: 10 tsg_log_level: 10 tsg_master_log_level: 10 diff --git a/Almaty_install_config/group_vars/adc_global.yml b/Almaty_install_config/group_vars/adc_global.yml index 4a67259..db9f4ca 100644 --- a/Almaty_install_config/group_vars/adc_global.yml +++ b/Almaty_install_config/group_vars/adc_global.yml @@ -51,6 +51,7 @@ fw_mail_log_level: 10 fw_http_log_level: 10 fw_dns_log_level: 10 fw_quic_log_level: 10 +app_control_log_level: 10 capture_packet_log_level: 10 tsg_log_level: 10 tsg_master_log_level: 10 diff --git a/Atyrau_install_config/group_vars/adc_global.yml b/Atyrau_install_config/group_vars/adc_global.yml index 6bb1de2..4d30ef3 100644 --- a/Atyrau_install_config/group_vars/adc_global.yml +++ b/Atyrau_install_config/group_vars/adc_global.yml @@ -51,6 +51,7 @@ fw_mail_log_level: 10 fw_http_log_level: 10 fw_dns_log_level: 10 fw_quic_log_level: 10 +app_control_log_level: 10 capture_packet_log_level: 10 tsg_log_level: 10 tsg_master_log_level: 10 diff --git a/Deploy_test.yml b/Deploy_test.yml new file mode 100644 index 0000000..c658397 --- /dev/null +++ b/Deploy_test.yml @@ -0,0 +1,165 @@ +- hosts: + - adc_mcn0 + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + - packet_dump_server + remote_user: root + vars_files: + - Almaty_install_config/group_vars/adc_global.yml + roles: + - framework + +- hosts: packet_dump_server + remote_user: root + vars_files: + - Almaty_install_config/group_vars/adc_global.yml + roles: + - packet_dump + +- hosts: adc_mxn + remote_user: root + roles: +# - tsg-env-mxn + +- hosts: adc_mcn0 + remote_user: root + vars_files: + - Almaty_install_config/group_vars/adc_global.yml + - Almaty_install_config/group_vars/adc_mcn0.yml + roles: +# - tsg-env-mcn0 + - kernel-ml + - mrzcpd + - sapp + - tsg_master + - kni + - firewall +# - tsg_app + - http_healthcheck + - redis + - cert-redis + - maat-redis + - certstore + - telegraf_statistic + - app_proto_identify +# - tsg_device_tag + +- hosts: adc_mcn1 + remote_user: root + vars_files: + - Almaty_install_config/group_vars/adc_global.yml + - Almaty_install_config/group_vars/adc_mcn1.yml + roles: +# - tsg-env-mcn1 + - kernel-ml + - mrzcpd + - tfe + +- hosts: adc_mcn2 + remote_user: root + vars_files: + - Almaty_install_config/group_vars/adc_global.yml + - Almaty_install_config/group_vars/adc_mcn2.yml + roles: +# - tsg-env-mcn2 + - kernel-ml + - mrzcpd + - tfe + +- hosts: adc_mcn3 + remote_user: root + vars_files: + - Almaty_install_config/group_vars/adc_global.yml + - Almaty_install_config/group_vars/adc_mcn3.yml + roles: + - kernel-ml +# - tsg-env-mcn3 + - mrzcpd + - tfe + +- hosts: adc_mcn0 + remote_user: root + roles: + - docker-env + - tsg-diagnose + +- hosts: + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + roles: + - tsg-diagnose_sync_ca + +- hosts: adc_mcn0 + remote_user: root + roles: + - tsg-diagnose_stop_sync + +- hosts: + - adc_mcn0 + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + vars_files: + - Almaty_install_config/group_vars/adc_global.yml + roles: + #- reboot + +- hosts: + - adc_mxn + - adc_mcn0 + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + roles: + - adc_exporter + +- hosts: adc_mxn + remote_user: root + roles: + - adc_exporter_proxy + +- hosts: + - adc_mcn0 + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + roles: + - switch_control + +- hosts: server-as-tun-mode + remote_user: root + vars_files: + - Almaty_install_config/group_vars/server_as_tun_mode.yml + roles: + - kernel-ml + - framework + - mrzcpd + - tsg-env-tun-mode + - sapp + - tsg_master + - kni + - firewall + - tsg_app + - http_healthcheck + - certstore + - redis + - cert-redis + - maat-redis + - tfe + - telegraf_statistic + - proxy_status +# - tsg_device_tag + - reboot + +- hosts: app_global + remote_user: root + vars_files: + - Almaty_install_config/group_vars/app_global.yml + roles: + - app_global diff --git a/Karaganda_install_config/group_vars/adc_global.yml b/Karaganda_install_config/group_vars/adc_global.yml index a0861de..b5cc844 100644 --- a/Karaganda_install_config/group_vars/adc_global.yml +++ b/Karaganda_install_config/group_vars/adc_global.yml @@ -51,6 +51,7 @@ fw_mail_log_level: 10 fw_http_log_level: 10 fw_dns_log_level: 10 fw_quic_log_level: 10 +app_control_log_level: 10 capture_packet_log_level: 10 tsg_log_level: 10 tsg_master_log_level: 10 diff --git a/Kyzylorda_install_config/group_vars/adc_global.yml b/Kyzylorda_install_config/group_vars/adc_global.yml index 3e18297..90e368a 100644 --- a/Kyzylorda_install_config/group_vars/adc_global.yml +++ b/Kyzylorda_install_config/group_vars/adc_global.yml @@ -51,6 +51,7 @@ fw_mail_log_level: 10 fw_http_log_level: 10 fw_dns_log_level: 10 fw_quic_log_level: 10 +app_control_log_level: 10 capture_packet_log_level: 10 tsg_log_level: 10 tsg_master_log_level: 10 diff --git a/NurSultan_install_config/hosts.ok b/NurSultan_install_config/hosts.ok new file mode 100644 index 0000000..fbc1a35 --- /dev/null +++ b/NurSultan_install_config/hosts.ok @@ -0,0 +1,59 @@ +################### +# For example # +################### +#变量device_id根据设备序号设置即可 +#变量vvipv4_1、vvipv4_2、vvipv6_1、vvipv6_2为Allot相关配置,其他环境可不填或直接删除变量 +# +#20.09版本新增APP部署 +#[app_global] +#0.0.0.0 + +#[server-as-tun-mode] +#1.1.1.1 device_id=device_1 +# +#[adc_mxn] +#10.3.72.1 +#10.3.72.2 +# +#[adc_mcn0] +#10.3.73.1 device_id=device_1 vvipv4_1=10.3.61.1 vvipv4_2=10.3.62.1 vvipv6_1=fc00::61:1 vvipv6_2=fc00::62:1 +#10.3.73.2 device_id=device_2 vvipv4_1=10.3.61.2 vvipv4_2=10.3.62.2 vvipv6_1=fc00::61:2 vvipv6_2=fc00::62:2 +# +#[adc_mcn1] +#10.3.74.1 device_id=device_1 +#10.3.74.2 device_id=device_2 +# +#[adc_mcn2] +#10.3.75.1 device_id=device_1 +#10.3.75.2 device_id=device_2 +# +#[adc_mcn3] +#10.3.76.1 device_id=device_1 +#10.3.76.2 device_id=device_2 + +#[app_global] +#[server-as-tun-mode] +#broken warning: +#10.4.52.71 +[adc_mxn] +10.4.55.[1:20] +10.4.55.[23:52] +10.4.55.[55:78] +[adc_mcn0] +10.4.51.[1:20] +10.4.51.[23:52] +10.4.51.[55:78] +[adc_mcn1] +10.4.52.[1:20] +10.4.52.[23:52] +10.4.52.[55:78] +[adc_mcn2] +10.4.53.[1:20] +10.4.53.[23:52] +10.4.53.[55:78] +[adc_mcn3] +10.4.54.[1:20] +10.4.54.[23:52] +10.4.54.[55:78] +[packet_dump_server] +10.4.61.3 diff --git a/NurSultan_install_config/hosts.test b/NurSultan_install_config/hosts.test new file mode 100644 index 0000000..180d6e2 --- /dev/null +++ b/NurSultan_install_config/hosts.test @@ -0,0 +1,49 @@ +################### +# For example # +################### +#变量device_id根据设备序号设置即可 +#变量vvipv4_1、vvipv4_2、vvipv6_1、vvipv6_2为Allot相关配置,其他环境可不填或直接删除变量 +# +#20.09版本新增APP部署 +#[app_global] +#0.0.0.0 + +#[server-as-tun-mode] +#1.1.1.1 device_id=device_1 +# +#[adc_mxn] +#10.3.72.1 +#10.3.72.2 +# +#[adc_mcn0] +#10.3.73.1 device_id=device_1 vvipv4_1=10.3.61.1 vvipv4_2=10.3.62.1 vvipv6_1=fc00::61:1 vvipv6_2=fc00::62:1 +#10.3.73.2 device_id=device_2 vvipv4_1=10.3.61.2 vvipv4_2=10.3.62.2 vvipv6_1=fc00::61:2 vvipv6_2=fc00::62:2 +# +#[adc_mcn1] +#10.3.74.1 device_id=device_1 +#10.3.74.2 device_id=device_2 +# +#[adc_mcn2] +#10.3.75.1 device_id=device_1 +#10.3.75.2 device_id=device_2 +# +#[adc_mcn3] +#10.3.76.1 device_id=device_1 +#10.3.76.2 device_id=device_2 + +#[app_global] +#[server-as-tun-mode] +#broken warning: +#10.4.52.71 +[adc_mxn] +10.4.55.19 +[adc_mcn0] +10.4.51.19 +[adc_mcn1] +10.4.52.19 +[adc_mcn2] +10.4.53.19 +[adc_mcn3] +10.4.54.19 +[packet_dump_server] +10.4.61.3 diff --git a/Taldykurgan_install_config/group_vars/adc_global.yml b/Taldykurgan_install_config/group_vars/adc_global.yml index 0795176..cb8f069 100644 --- a/Taldykurgan_install_config/group_vars/adc_global.yml +++ b/Taldykurgan_install_config/group_vars/adc_global.yml @@ -51,6 +51,7 @@ fw_mail_log_level: 10 fw_http_log_level: 10 fw_dns_log_level: 10 fw_quic_log_level: 10 +app_control_log_level: 10 capture_packet_log_level: 10 tsg_log_level: 10 tsg_master_log_level: 10 diff --git a/Uralsk_install_config/group_vars/adc_global.yml b/Uralsk_install_config/group_vars/adc_global.yml index e60bdc0..7deab29 100644 --- a/Uralsk_install_config/group_vars/adc_global.yml +++ b/Uralsk_install_config/group_vars/adc_global.yml @@ -51,6 +51,7 @@ fw_mail_log_level: 10 fw_http_log_level: 10 fw_dns_log_level: 10 fw_quic_log_level: 10 +app_control_log_level: 10 capture_packet_log_level: 10 tsg_log_level: 10 tsg_master_log_level: 10 diff --git a/adc_deploy.yml b/adc_deploy.yml new file mode 100644 index 0000000..78f670c --- /dev/null +++ b/adc_deploy.yml @@ -0,0 +1,172 @@ +- hosts: + - adc_mcn0 + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + - packet_dump_server + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + roles: + - framework + +- hosts: packet_dump_server + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + roles: + - packet_dump + +- hosts: adc_mxn + remote_user: root + roles: +# - tsg-env-mxn + +- hosts: adc_mcn0 + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + - '{{ config_path }}/group_vars/adc_mcn0.yml' + roles: +# - tsg-env-mcn0 + - kernel-ml + - mrzcpd + - sapp + - tsg_master + - kni + - firewall +# - tsg_app + - http_healthcheck + - redis + - cert-redis + - maat-redis + - certstore + - telegraf_statistic + - app_proto_identify +# - tsg_device_tag + +- hosts: adc_mcn1 + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + - '{{ config_path }}/group_vars/adc_mcn1.yml' + roles: +# - tsg-env-mcn1 + - kernel-ml + - mrzcpd + - tfe + +- hosts: adc_mcn2 + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + - '{{ config_path }}/group_vars/adc_mcn2.yml' + roles: +# - tsg-env-mcn2 + - kernel-ml + - mrzcpd + - tfe + +- hosts: adc_mcn3 + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + - '{{ config_path }}/group_vars/adc_mcn3.yml' + roles: + - kernel-ml +# - tsg-env-mcn3 + - mrzcpd + - tfe + +- hosts: adc_mcn0 + remote_user: root + roles: + - docker-env + - tsg-diagnose + +- hosts: + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + roles: + - tsg-diagnose_sync_ca + +- hosts: adc_mcn0 + remote_user: root + roles: + - tsg-diagnose_stop_sync + +- hosts: + - adc_mcn0 + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + roles: + #- reboot + +- hosts: + - adc_mxn + - adc_mcn0 + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + roles: + - adc_exporter + +- hosts: adc_mxn + remote_user: root + roles: + - adc_exporter_proxy + +- hosts: + - adc_mcn0 + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + roles: + - switch_control + +- hosts: server-as-tun-mode + remote_user: root + vars_files: + - '{{ config_path }}/group_vars/server_as_tun_mode.yml' + roles: + - kernel-ml + - framework + - mrzcpd + - tsg-env-tun-mode + - sapp + - tsg_master + - kni + - firewall + - tsg_app + - http_healthcheck + - certstore + - redis + - cert-redis + - maat-redis + - tfe + - telegraf_statistic + - proxy_status +# - tsg_device_tag + - reboot + +- hosts: app_global + remote_user: root + vars_files: + - '{{ config_path }}/group_vars/app_global.yml' + roles: + - app_global diff --git a/adc_deploy.yml.edit b/adc_deploy.yml.edit new file mode 100644 index 0000000..250ee9a --- /dev/null +++ b/adc_deploy.yml.edit @@ -0,0 +1,169 @@ +- hosts: + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + roles: + - framework + +- hosts: packet_dump_server + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + roles: + - framework + - packet_dump + +- hosts: adc_mcn0 + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + - '{{ config_path }}/group_vars/adc_mcn0.yml' + roles: +# - tsg-env-mcn0 + - framework + - kernel-ml + - mrzcpd + - sapp + - tsg_master + - kni + - firewall +# - tsg_app + - http_healthcheck + - redis + - cert-redis + - maat-redis + - certstore + - telegraf_statistic + - app_proto_identify +# - tsg_device_tag + +- hosts: adc_mcn1 + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + - '{{ config_path }}/group_vars/adc_mcn1.yml' + roles: +# - tsg-env-mcn1 + - framework + - kernel-ml + - mrzcpd + - tfe + +- hosts: adc_mcn2 + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + - '{{ config_path }}/group_vars/adc_mcn2.yml' + roles: +# - tsg-env-mcn2 + - kernel-ml + - mrzcpd + - tfe + + +- hosts: adc_mcn3 + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + - '{{ config_path }}/group_vars/adc_mcn3.yml' + roles: + - kernel-ml +# - tsg-env-mcn3 + - mrzcpd + - tfe + +- hosts: adc_mcn0 + remote_user: root + roles: + - docker-env + - tsg-diagnose + +- hosts: + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + roles: + - tsg-diagnose_sync_ca + +- hosts: adc_mcn0 + remote_user: root + roles: + - tsg-diagnose_stop_sync + +- hosts: + - adc_mcn0 + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + vars_files: + - group_vars/adc_global_general.yml + - '{{ config_path }}/group_vars/adc_global.yml' + roles: + #- reboot + +- hosts: + - adc_mxn + - adc_mcn0 + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + roles: + - adc_exporter + +- hosts: adc_mxn + remote_user: root + roles: + - adc_exporter_proxy + +- hosts: + - adc_mcn0 + - adc_mcn1 + - adc_mcn2 + - adc_mcn3 + remote_user: root + roles: + - switch_control + +- hosts: server-as-tun-mode + remote_user: root + vars_files: + - '{{ config_path }}/group_vars/server_as_tun_mode.yml' + roles: + - kernel-ml + - framework + - mrzcpd + - tsg-env-tun-mode + - sapp + - tsg_master + - kni + - firewall + - tsg_app + - http_healthcheck + - certstore + - redis + - cert-redis + - maat-redis + - tfe + - telegraf_statistic + - proxy_status +# - tsg_device_tag + - reboot + +- hosts: app_global + remote_user: root + vars_files: + - '{{ config_path }}/group_vars/app_global.yml' + roles: + - app_global diff --git a/deploy_sapp_firewall_kni.yml b/deploy_sapp_firewall_kni.yml new file mode 100644 index 0000000..884bfe5 --- /dev/null +++ b/deploy_sapp_firewall_kni.yml @@ -0,0 +1,11 @@ +- hosts: adc_mcn0 + remote_user: root + vars_files: + - '{{ config_path }}/group_vars/adc_global.yml' + - '{{ config_path }}/group_vars/adc_mcn0.yml' + roles: + - sapp + - tsg_master + - kni + - firewall + diff --git a/group_vars/adc_global_general.yml b/group_vars/adc_global_general.yml new file mode 100644 index 0000000..16ae27b --- /dev/null +++ b/group_vars/adc_global_general.yml @@ -0,0 +1,93 @@ +######################################### +#####1: Inline_device; 2: Allot; 3: ADC_Tun_mode; +tsg_access_type: 2 +#####2: ADC; +tsg_running_type: 2 + +######################################## +#Deploy_finished_reboot +Deploy_finished_reboot: 0 + +######################################## +#IP Config +maat_redis_server: + address: "192.168.100.1" + port: 7002 + port_num: 1 + db: 0 + +dynamic_maat_redis_server: + address: "192.168.100.1" + port: 7002 + port_num: 1 + db: 1 + +cert_store_server: + address: "192.168.100.1" + port: 9991 + +######################################### +#Log Level Config +#日志等级 10:DEBUG 20:INFO 30:FATAL +fw_ftp_log_level: 10 +fw_mail_log_level: 10 +fw_http_log_level: 10 +fw_dns_log_level: 10 +fw_quic_log_level: 10 +app_control_log_level: 10 +capture_packet_log_level: 10 +tsg_log_level: 10 +tsg_master_log_level: 10 +kni_log_level: 10 + +#日志等级 DEBUG INFO FATAL +tfe_log_level: FATAL +tfe_http_log_level: FATAL +pangu_log_level: FATAL +doh_log_level: FATAL + +certstore_log_level: FATAL +packet_dump_log_level: 10 + +####################################### +#Sapp Performance Config +#Sapp工作在ADC计算板0时,建议使用如下30+8的配置,以保证更高的处理性能 +sapp: + worker_threads: 42 + send_only_threads_max: 1 + bind_mask: 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43 + inbound_route_dir: 1 + +######################################## +#Kni Config +kni: + global: + tfe_node_count: 3 + watch_dog: + switch: 1 + maat: + readconf_mode: 2 + send_logger: + switch: 1 + tfe_nodes: + tfe0_enabled: 1 + tfe1_enabled: 1 + tfe2_enabled: 1 + +######################################## +#Tfe Config +tfe: + nr_threads: 32 + mirror_enable: 1 + +######################################## +#Marsio Config +#marsio工作在ADC计算板时,建议使用如下配置,以保证更高的处理性能 +mrzcpd: + iocore: 52,53,54,55 + +mrtunnat: + lcore_id: 48,49,50,51 + +######################################### +#Tsg_app