diff --git a/adc_inline_device_access/group_vars/all.yml b/adc_inline_device_access/group_vars/all.yml deleted file mode 100644 index 2bff0fe..0000000 --- a/adc_inline_device_access/group_vars/all.yml +++ /dev/null @@ -1,74 +0,0 @@ -maat_redis_server: - address: "192.168.41.206" - port: 7002 - db: 0 - -dynamic_maat_redis_server: - address: "192.168.41.206" - port: 7002 - db: 1 - -cert_store_server: - address: "192.168.100.1" - port: 9991 - -log_kafkabrokers: - address: "192.168.41.204:9092" - -log_minio: - address: "192.168.41.206" - port: 9090 - -fs_remote: - switch: 1 - address: "192.168.100.1" - port: 58125 - -nic_transparent_mode: - enable: 0 - -run_as_tun_mode: 0 -package_source: "local" - -install_dns_debug: "yes" -install_ftp_debug: "yes" -install_http_debug: "yes" -install_mail_debug: "yes" -install_ssl_debug: "yes" -install_fw_dns_plug_debug: "yes" -install_fw_ftp_plug_debug: "yes" -install_fw_http_plug_debug: "yes" -install_fw_mail_plug_debug: "yes" -install_tsg_master: "yes" - -kni: - global: - log_level: 10 - tfe_node_count: 3 - watch_dog: - switch: 1 - maat: - readconf_mode: 2 - send_logger: - switch: 1 - tfe_nodes: - - tfe0: - enabled: 1 - - tfe1: - enabled: 1 - - tfe2: - enabled: 1 -tfe: - nr_threads: 16 - mc_cache_eth: ens1.100 - keykeeper: - mode: "normal" - no_cache: 0 - -mrzcpd: - iocore: 47 - -mrtunnat: - lcore_id: 46 - - diff --git a/adc_inline_device_access/group_vars/blade-00.yml b/adc_inline_device_access/group_vars/blade-00.yml deleted file mode 100644 index 31bb245..0000000 --- a/adc_inline_device_access/group_vars/blade-00.yml +++ /dev/null @@ -1,15 +0,0 @@ -nic_mgr: - name: enp6s0 -nic_data_incoming: - name: ens1f4 - ip: 192.168.1.30 - mask: 255.255.255.252 -nic_inner_ctrl: - name: ens1.100 -nic_to_tfe: - tfe0: - name: ens1f5 - tfe1: - name: ens1f6 - tfe2: - name: ens1f7 diff --git a/adc_inline_device_access/group_vars/blade-01.yml b/adc_inline_device_access/group_vars/blade-01.yml deleted file mode 100644 index baec084..0000000 --- a/adc_inline_device_access/group_vars/blade-01.yml +++ /dev/null @@ -1,11 +0,0 @@ -nic_mgr: - name: enp6s0 -nic_data_incoming: - name: ens1f1 - mac: AA:BB:CC:DD:EE:FF - address: 127.0.0.1 -nic_inner_ctrl: - name: ens1.100 -nic_traffic_mirror: - name: ens1f2 - use_mrzcpd: 1 diff --git a/adc_inline_device_access/group_vars/blade-02.yml b/adc_inline_device_access/group_vars/blade-02.yml deleted file mode 100644 index 0d98ac5..0000000 --- a/adc_inline_device_access/group_vars/blade-02.yml +++ /dev/null @@ -1,10 +0,0 @@ -nic_mgr: - name: enp6s0 -nic_data_incoming: - name: ens8f1 - mac: AA:BB:CC:DD:EE:FF -nic_inner_ctrl: - name: ens8.100 -nic_traffic_mirror: - name: ens8f2 - use_mrzcpd: 1 diff --git a/adc_inline_device_access/group_vars/blade-03.yml b/adc_inline_device_access/group_vars/blade-03.yml deleted file mode 100644 index 0d98ac5..0000000 --- a/adc_inline_device_access/group_vars/blade-03.yml +++ /dev/null @@ -1,10 +0,0 @@ -nic_mgr: - name: enp6s0 -nic_data_incoming: - name: ens8f1 - mac: AA:BB:CC:DD:EE:FF -nic_inner_ctrl: - name: ens8.100 -nic_traffic_mirror: - name: ens8f2 - use_mrzcpd: 1 diff --git a/adc_inline_device_access/hosts b/adc_inline_device_access/hosts deleted file mode 100644 index 716f709..0000000 --- a/adc_inline_device_access/hosts +++ /dev/null @@ -1,24 +0,0 @@ -[all:vars] -ansible_user=root -package_source=local - -[blade-mxn] -192.168.40.170 - -[blade-00] -192.168.40.166 - -[blade-01] -192.168.40.167 - -[blade-02] -192.168.40.168 - -[blade-03] -192.168.40.169 - -[Functional_Host:children] -blade-00 -blade-01 -blade-02 -blade-03 diff --git a/adc_tera_access/group_vars/all.yml b/adc_tera_access/group_vars/all.yml deleted file mode 100644 index 86c83d7..0000000 --- a/adc_tera_access/group_vars/all.yml +++ /dev/null @@ -1,73 +0,0 @@ -maat_redis_server: - address: "192.168.41.206" - port: 7002 - db: 0 - -dynamic_maat_redis_server: - address: "192.168.41.206" - port: 7002 - db: 1 - -cert_store_server: - address: "192.168.100.1" - port: 9991 - -log_kafkabrokers: - address: "192.168.41.204:9092" - -log_minio: - address: "192.168.41.206" - port: 9090 - -fs_remote: - switch: 1 - address: "192.168.100.1" - port: 58125 - -nic_transparent_mode: - enable: 0 - -run_as_tun_mode: 0 -package_source: "local" - -install_dns_debug: "yes" -install_ftp_debug: "yes" -install_http_debug: "yes" -install_mail_debug: "yes" -install_ssl_debug: "yes" -install_fw_dns_plug_debug: "yes" -install_fw_ftp_plug_debug: "yes" -install_fw_http_plug_debug: "yes" -install_fw_mail_plug_debug: "yes" -install_tsg_master: "yes" - -kni: - global: - log_level: 10 - tfe_node_count: 3 - watch_dog: - switch: 1 - maat: - readconf_mode: 2 - send_logger: - switch: 1 - tfe_nodes: - - tfe0: - enabled: 1 - - tfe1: - enabled: 1 - - tfe2: - enabled: 1 -tfe: - nr_threads: 16 - keykeeper: - mode: "normal" - no_cache: 0 - -mrzcpd: - iocore: 47 - -mrtunnat: - lcore_id: 46 - - diff --git a/adc_tera_access/group_vars/blade-00.yml b/adc_tera_access/group_vars/blade-00.yml deleted file mode 100644 index 5bc0bf8..0000000 --- a/adc_tera_access/group_vars/blade-00.yml +++ /dev/null @@ -1,14 +0,0 @@ -nic_mgr: - name: enp6s0 -nic_data_incoming: - name: ens1f4 - address: 127.0.0.1 -nic_inner_ctrl: - name: ens1.100 -nic_to_tfe: - tfe0: - name: ens1f5 - tfe1: - name: ens1f6 - tfe2: - name: ens1f7 diff --git a/adc_tera_access/group_vars/blade-01.yml b/adc_tera_access/group_vars/blade-01.yml deleted file mode 100644 index baec084..0000000 --- a/adc_tera_access/group_vars/blade-01.yml +++ /dev/null @@ -1,11 +0,0 @@ -nic_mgr: - name: enp6s0 -nic_data_incoming: - name: ens1f1 - mac: AA:BB:CC:DD:EE:FF - address: 127.0.0.1 -nic_inner_ctrl: - name: ens1.100 -nic_traffic_mirror: - name: ens1f2 - use_mrzcpd: 1 diff --git a/adc_tera_access/group_vars/blade-02.yml b/adc_tera_access/group_vars/blade-02.yml deleted file mode 100644 index 0d98ac5..0000000 --- a/adc_tera_access/group_vars/blade-02.yml +++ /dev/null @@ -1,10 +0,0 @@ -nic_mgr: - name: enp6s0 -nic_data_incoming: - name: ens8f1 - mac: AA:BB:CC:DD:EE:FF -nic_inner_ctrl: - name: ens8.100 -nic_traffic_mirror: - name: ens8f2 - use_mrzcpd: 1 diff --git a/adc_tera_access/group_vars/blade-03.yml b/adc_tera_access/group_vars/blade-03.yml deleted file mode 100644 index 0d98ac5..0000000 --- a/adc_tera_access/group_vars/blade-03.yml +++ /dev/null @@ -1,10 +0,0 @@ -nic_mgr: - name: enp6s0 -nic_data_incoming: - name: ens8f1 - mac: AA:BB:CC:DD:EE:FF -nic_inner_ctrl: - name: ens8.100 -nic_traffic_mirror: - name: ens8f2 - use_mrzcpd: 1 diff --git a/adc_tera_access/hosts b/adc_tera_access/hosts deleted file mode 100644 index d56ee31..0000000 --- a/adc_tera_access/hosts +++ /dev/null @@ -1,30 +0,0 @@ -[all:vars] -ansible_user=root -package_source=local - -[blade-mxn] -192.168.40.170 - -[blade-00] -192.168.40.166 - -[blade-01] -192.168.40.167 - -[blade-02] -192.168.40.168 - -[blade-03] -192.168.40.169 - - -[Functional_Host:children] -blade-00 -blade-01 -blade-02 -blade-03 - -[Slave_Host:children] -blade-01 -blade-02 -blade-03 diff --git a/clear_redis_cache.yml b/clear_redis_cache.yml deleted file mode 100644 index 64599e8..0000000 --- a/clear_redis_cache.yml +++ /dev/null @@ -1,6 +0,0 @@ -- hosts: blade-00 - tasks: - - name: "killall certstore" - command: "killall certstore" - - name: "clear redis cache" - command: "redis-cli flushdb" diff --git a/deploy.yml b/deploy.yml index 2f4312d..b924829 100644 --- a/deploy.yml +++ b/deploy.yml @@ -10,6 +10,8 @@ - sapp - kni - firewall + - http_healthcheck + - clotho - certstore - cert-redis @@ -44,6 +46,8 @@ - sapp - kni - firewall + - http_healthcheck + - clotho - certstore - cert-redis - tfe diff --git a/pc_double_arm_access/group_vars/all.yml b/pc_double_arm_access/group_vars/all.yml deleted file mode 100644 index ed4df19..0000000 --- a/pc_double_arm_access/group_vars/all.yml +++ /dev/null @@ -1,88 +0,0 @@ -maat_redis_server: - address: "192.168.40.168" - port: 7002 - db: 0 - -dynamic_maat_redis_server: - address: "192.168.40.168" - port: 7002 - db: 0 - -cert_store_server: - address: "127.0.0.1" - port: 9991 - -log_kafkabrokers: - address: "192.168.40.169:9092" - -log_minio: - address: "192.168.40.168;" - port: 9090 - -fs_remote: - switch: 1 - address: "127.0.0.1" - port: 8125 - -install_dns_debug: "yes" -install_ftp_debug: "yes" -install_http_debug: "yes" -install_mail_debug: "yes" -install_ssl_debug: "yes" -install_fw_dns_plug_debug: "yes" -install_fw_ftp_plug_debug: "yes" -install_fw_http_plug_debug: "yes" -install_fw_mail_plug_debug: "yes" -install_tsg_master: "yes" - -sapp: - worker_threads: 16 - -kni: - global: - log_level: 30 - tfe_node_count: 3 - watch_dog: - switch: 1 - maat: - readconf_mode: 2 - send_logger: - switch: 1 - tfe_nodes: - - tfe0: - enabled: 1 - - tfe1: - enabled: 1 - - tfe2: - enabled: 1 -tfe: - nr_threads: 32 - mc_cache_eth: lo - keykeeper: - mode: "normal" - no_cache: 0 - -mrzcpd: - iocore: 39 - -mrtunnat: - lcore_id: 38 - -nic_mgr: - name: eth0 -nic_data_incoming: - name: tun_kni - address: 127.0.0.1 -nic_inner_ctrl: - name: eth0.100 -nic_traffic_mirror: - name: lo - use_mrzcpd: 0 - -nic_transparent_mode: - enable: 1 - mode: pcap - internel_interface: "eth2" - external_interface: "eth3" - -run_as_tun_mode: 1 diff --git a/pc_double_arm_access/hosts b/pc_double_arm_access/hosts deleted file mode 100644 index 7cc25b6..0000000 --- a/pc_double_arm_access/hosts +++ /dev/null @@ -1,6 +0,0 @@ -[all:vars] -ansible_user=root -package_source=local - -[pc-as-tun-mode] -192.168.40.138 diff --git a/pulp-install.yml b/pulp-install.yml deleted file mode 100644 index 222235f..0000000 --- a/pulp-install.yml +++ /dev/null @@ -1,3 +0,0 @@ -- hosts: blade-0* - roles: - - pulp-consumer diff --git a/roles/certstore/files/certstore-base-online-20200119.tar.gz b/roles/certstore/files/certstore-base-online-20200119.tar.gz deleted file mode 100644 index ec52dc1..0000000 Binary files a/roles/certstore/files/certstore-base-online-20200119.tar.gz and /dev/null differ diff --git a/roles/certstore/files/jemalloc-3.6.0-1.el7.x86_64.rpm b/roles/certstore/files/jemalloc-3.6.0-1.el7.x86_64.rpm deleted file mode 100644 index 506a429..0000000 Binary files a/roles/certstore/files/jemalloc-3.6.0-1.el7.x86_64.rpm and /dev/null differ diff --git a/roles/certstore/tasks/main.yml b/roles/certstore/tasks/main.yml index c6425cf..f18b623 100644 --- a/roles/certstore/tasks/main.yml +++ b/roles/certstore/tasks/main.yml @@ -1,5 +1,4 @@ ---- -- name: "copy redis and dependency to destination" +- name: "copy certstore rpm to destination" synchronize: src: "{{ role_path }}/files/" dest: "/tmp/ansible_deploy/" @@ -9,18 +8,19 @@ tags: mkdir - name: install certstore - unarchive: - src: "{{ role_path }}/files/certstore-base-online-20200119.tar.gz" - dest: /home/tsg + yum: + name: + - /tmp/ansible_deploy/certstore-v20.04.3989072-1.el7.x86_64.rpm + state: present - name: template certstore configure file template: src: "{{ role_path }}/templates/cert_store.ini.j2" dest: /home/tsg/certstore-base/conf/cert_store.ini -- name: bootup certstore - blockinfile: - marker: "## {mark} bootstrap certstore" - path: /etc/rc.d/rc.local - block: | - cd /home/tsg/certstore-base; ./r2_certstore +- name: "start certstore" + systemd: + name: certstore.service + state: started + enabled: yes + daemon_reload: yes diff --git a/roles/certstore/templates/cert_store.ini.j2 b/roles/certstore/templates/cert_store.ini.j2 index 94cd358..0a30c8c 100644 --- a/roles/certstore/templates/cert_store.ini.j2 +++ b/roles/certstore/templates/cert_store.ini.j2 @@ -2,7 +2,7 @@ #1:print on screen, 0:don't DEBUG_SWITCH = 1 #10:DEBUG, 20:INFO, 30:FATAL -RUN_LOG_LEVEL = 30 +RUN_LOG_LEVEL = 10 RUN_LOG_PATH = ./logs [CONFIG] #Number of running threads @@ -42,4 +42,4 @@ port = 6379 #Maat monitors the Redsi server IP address and port number ip = {{ maat_redis_server.address }} port = {{ maat_redis_server.port }} -dbindex = {{ maat_redis_server.db }} \ No newline at end of file +dbindex = {{ maat_redis_server.db }} diff --git a/roles/firewall/files/fw_dns_plug-debug-1.0.2.1c9d36d-1.el7.centos.x86_64.rpm b/roles/firewall/files/fw_dns_plug-debug-1.0.2.1c9d36d-1.el7.centos.x86_64.rpm deleted file mode 100644 index 91adde1..0000000 Binary files a/roles/firewall/files/fw_dns_plug-debug-1.0.2.1c9d36d-1.el7.centos.x86_64.rpm and /dev/null differ diff --git a/roles/firewall/files/fw_ftp_plug-debug-1.0.0.bd656e4-1.el7.centos.x86_64.rpm b/roles/firewall/files/fw_ftp_plug-debug-1.0.0.bd656e4-1.el7.centos.x86_64.rpm deleted file mode 100644 index 4d32c33..0000000 Binary files a/roles/firewall/files/fw_ftp_plug-debug-1.0.0.bd656e4-1.el7.centos.x86_64.rpm and /dev/null differ diff --git a/roles/firewall/files/fw_http_plug-debug-1.0.3.3c95e78-1.el7.centos.x86_64.rpm b/roles/firewall/files/fw_http_plug-debug-1.0.3.3c95e78-1.el7.centos.x86_64.rpm deleted file mode 100644 index 16a9e48..0000000 Binary files a/roles/firewall/files/fw_http_plug-debug-1.0.3.3c95e78-1.el7.centos.x86_64.rpm and /dev/null differ diff --git a/roles/firewall/files/fw_mail_plug-debug-1.0.1.8792ed8-1.el7.centos.x86_64.rpm b/roles/firewall/files/fw_mail_plug-debug-1.0.1.8792ed8-1.el7.centos.x86_64.rpm deleted file mode 100644 index f2e818f..0000000 Binary files a/roles/firewall/files/fw_mail_plug-debug-1.0.1.8792ed8-1.el7.centos.x86_64.rpm and /dev/null differ diff --git a/roles/firewall/files/mail-debug-1.0.0.-1.el7.x86_64.rpm b/roles/firewall/files/mail-debug-1.0.0.-1.el7.x86_64.rpm index 97a26b6..44b1dea 100644 Binary files a/roles/firewall/files/mail-debug-1.0.0.-1.el7.x86_64.rpm and b/roles/firewall/files/mail-debug-1.0.0.-1.el7.x86_64.rpm differ diff --git a/roles/firewall/files/tsg_master-debug-1.0.1.f624b67-1.el7.centos.x86_64.rpm b/roles/firewall/files/tsg_master-debug-1.0.1.f624b67-1.el7.centos.x86_64.rpm deleted file mode 100644 index 7412272..0000000 Binary files a/roles/firewall/files/tsg_master-debug-1.0.1.f624b67-1.el7.centos.x86_64.rpm and /dev/null differ diff --git a/roles/firewall/tasks/main.yml b/roles/firewall/tasks/main.yml index df9a0af..4622349 100644 --- a/roles/firewall/tasks/main.yml +++ b/roles/firewall/tasks/main.yml @@ -4,86 +4,41 @@ src: "{{ role_path }}/files/" dest: /tmp/ansible_deploy/ -- name: "install dns-debug rpms from localhost" +- name: "install firewall packages" yum: - name: + name: "{{ fw_packages }}" + state: present + vars: + fw_packages: - /tmp/ansible_deploy/dns-debug-1.0.0.-1.el7.x86_64.rpm - state: present - when: install_dns_debug == "yes" - -- name: "install ftp-debug rpms from localhost" - yum: - name: - /tmp/ansible_deploy/ftp-debug-1.0.0.-1.el7.x86_64.rpm - state: present - when: install_ftp_debug == "yes" - -- name: "install http-debug rpms from localhost" - yum: - name: - /tmp/ansible_deploy/http-debug-1.0.0.-1.el7.x86_64.rpm - state: present - when: install_http_debug == "yes" - -- name: "install mail-debug rpms from localhost" - yum: - name: - /tmp/ansible_deploy/mail-debug-1.0.0.-1.el7.x86_64.rpm - state: present - when: install_mail_debug == "yes" - -- name: "install ssl-debug rpms from localhost" - yum: - name: - /tmp/ansible_deploy/ssl-debug-1.0.0.-1.el7.x86_64.rpm - state: present - when: install_ssl_debug == "yes" + - /tmp/ansible_deploy/tsg_conn_record-1.0.0.2155660-1.el7.centos.x86_64.rpm + - /tmp/ansible_deploy/fw_dns_plug-debug-1.0.3.ea8e0f6-1.el7.centos.x86_64.rpm + - /tmp/ansible_deploy/fw_ftp_plug-debug-1.0.1.a5c1e05-1.el7.centos.x86_64.rpm + - /tmp/ansible_deploy/fw_http_plug-debug-1.0.6.7b34485-1.el7.centos.x86_64.rpm + - /tmp/ansible_deploy/fw_mail_plug-debug-1.0.2.f513698-1.el7.centos.x86_64.rpm + - /tmp/ansible_deploy/fw_ssl_plug-1.0.1.d232f96-1.el7.centos.x86_64.rpm + - /tmp/ansible_deploy/capture_packet_plug-debug-1.0.0.-1.el7.x86_64.rpm + - /tmp/ansible_deploy/clotho-debug-1.0.0.-1.el7.x86_64.rpm -- name: "install fw_dns_plug-debug rpms from localhost" - yum: - name: - - /tmp/ansible_deploy/fw_dns_plug-debug-1.0.2.1c9d36d-1.el7.centos.x86_64.rpm - state: present - when: install_fw_dns_plug_debug == "yes" - -- name: "install fw_ftp_plug-debug rpms from localhost" - yum: - name: - - /tmp/ansible_deploy/fw_ftp_plug-debug-1.0.0.bd656e4-1.el7.centos.x86_64.rpm - state: present - when: install_fw_ftp_plug_debug == "yes" - -- name: "install fw_http_plug-debug rpms from localhost" - yum: - name: - - /tmp/ansible_deploy/fw_http_plug-debug-1.0.3.3c95e78-1.el7.centos.x86_64.rpm - state: present - when: install_fw_http_plug_debug == "yes" - -- name: "install fw_mail_plug-debug rpms from localhost" - yum: - name: - - /tmp/ansible_deploy/fw_mail_plug-debug-1.0.1.8792ed8-1.el7.centos.x86_64.rpm - state: present - when: install_fw_mail_plug_debug == "yes" - -- name: "install tsg-master rpms from localhost" - yum: - name: - - /tmp/ansible_deploy/tsg_master-debug-1.0.1.f624b67-1.el7.centos.x86_64.rpm - state: present - when: install_tsg_master == "yes" - -- name: Template the tsgconf/main.conf +- name: "Template the tsgconf/main.conf" template: src: "{{ role_path }}/templates/main.conf.j2" dest: /home/mesasoft/sapp_run/tsgconf/main.conf tags: template -- name: Template the tsgconf/maat.conf +- name: "Template the tsgconf/maat.conf" template: src: "{{ role_path }}/templates/maat.conf.j2" dest: /home/mesasoft/sapp_run/tsgconf/maat.conf tags: template +- name: "Template the conf/capture_packet_plug.conf.j2" + template: + src: "{{ role_path }}/templates/capture_packet_plug.conf.j2" + dest: /home/mesasoft/sapp_run/conf/capture_packet_plug.conf + tags: template diff --git a/roles/firewall/templates/main.conf.j2 b/roles/firewall/templates/main.conf.j2 index 2e3b994..87f561c 100644 --- a/roles/firewall/templates/main.conf.j2 +++ b/roles/firewall/templates/main.conf.j2 @@ -2,21 +2,25 @@ LOG_PATH=./tsglog/fw_ftp_plug/fw_ftp_plug LOG_LEVEL=10 TIMEOUT=600 + [MAIL_PLUG] LOG_PATH=./tsglog/fw_mail_plug/fw_mail_plug LOG_LEVEL=10 TIMEOUT=600 + [HTTP_PLUG] LOG_PATH=./tsglog/fw_http_plug/fw_http_plug LOG_LEVEL=10 + [DNS_PLUG] LOG_PATH=./tsglog/fw_dns_plug/fw_dns_plug LOG_LEVEL=10 + [MAAT] PROFILE=./tsgconf/maat.conf -IP_ADDR_TABLE=TSG_OBJ_IP_ADDR SUBSCRIBER_ID_TABLE=TSG_OBJ_SUBSCRIBER_ID CB_SUBSCRIBER_IP_TABLE=TSG_DYN_SUBSCRIBER_IP +IP_ADDR_TABLE=TSG_SECURITY_ADDR [TSG_LOG] MODE=1 diff --git a/roles/framework/files/dkms/dkms-2.7.1-1.el7.noarch.rpm b/roles/framework/files/dkms/dkms-2.7.1-1.el7.noarch.rpm deleted file mode 100644 index e5a68ba..0000000 Binary files a/roles/framework/files/dkms/dkms-2.7.1-1.el7.noarch.rpm and /dev/null differ diff --git a/roles/framework/files/framework/framework-2.0.11.aad8b7e-1.el7.centos.x86_64.rpm b/roles/framework/files/framework/framework-2.0.11.aad8b7e-1.el7.centos.x86_64.rpm deleted file mode 100644 index dc287be..0000000 Binary files a/roles/framework/files/framework/framework-2.0.11.aad8b7e-1.el7.centos.x86_64.rpm and /dev/null differ diff --git a/roles/framework/files/framework/framework.conf b/roles/framework/files/framework/framework.conf deleted file mode 100644 index 446277c..0000000 --- a/roles/framework/files/framework/framework.conf +++ /dev/null @@ -1 +0,0 @@ -/opt/MESA/lib/ diff --git a/roles/framework/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm b/roles/framework/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm deleted file mode 100644 index 6fefdec..0000000 Binary files a/roles/framework/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm and /dev/null differ diff --git a/roles/framework/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm b/roles/framework/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm deleted file mode 100644 index 1dd97ca..0000000 Binary files a/roles/framework/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm and /dev/null differ diff --git a/roles/framework/files/maat/lib/libmaatframe.so.2.8 b/roles/framework/files/maat/lib/libmaatframe.so.2.8 deleted file mode 100644 index 2f85e1c..0000000 Binary files a/roles/framework/files/maat/lib/libmaatframe.so.2.8 and /dev/null differ diff --git a/roles/framework/files/rulescan/librulescan.so b/roles/framework/files/rulescan/librulescan.so deleted file mode 100755 index 2901da9..0000000 Binary files a/roles/framework/files/rulescan/librulescan.so and /dev/null differ diff --git a/roles/framework/tasks/main.yml b/roles/framework/tasks/main.yml index 02fbb6c..e442bbd 100644 --- a/roles/framework/tasks/main.yml +++ b/roles/framework/tasks/main.yml @@ -1,4 +1,3 @@ ---- - name: "copy framework rpms to destination server" synchronize: src: "{{ role_path }}/files/" @@ -10,35 +9,13 @@ state: present vars: packages: - - /tmp/ansible_deploy/dkms/dkms-2.7.1-1.el7.noarch.rpm - - /tmp/ansible_deploy/framework/framework-2.0.11.aad8b7e-1.el7.centos.x86_64.rpm + - /tmp/ansible_deploy/framework-debug-2.0.17.1e678c4-1.el7.centos.x86_64.rpm + - /tmp/ansible_deploy/libmaatframe-2.8.0.5a450d2-1.el7.x86_64.rpm/ - name: "install framework ld.conf" synchronize: src: "{{ role_path }}/files/framework/framework.conf" dest: /etc/ld.so.conf.d/framework.conf -- name: "install/update rulescan library" - synchronize: - src: "{{ role_path }}/files/rulescan/librulescan.so" - dest: /opt/MESA/lib/librulescan.so - -- name: "install/update maat library files" - synchronize: - src: "{{ role_path }}/files/maat/lib/" - dest: /opt/MESA/lib/ - -- name: "create maat library symbol links - A" - file: - src: "libmaatframe.so.2.8" - path: /opt/MESA/lib/libmaatframe.so.2 - state: link - -- name: "create maat library symbol links - B" - file: - src: "libmaatframe.so.2" - path: /opt/MESA/lib/libmaatframe.so - state: link - - name: "update ld" command: ldconfig diff --git a/roles/kernel-ml/tasks/main.yml b/roles/kernel-ml/tasks/main.yml index 5b36a07..c89215b 100644 --- a/roles/kernel-ml/tasks/main.yml +++ b/roles/kernel-ml/tasks/main.yml @@ -9,6 +9,7 @@ name: - /tmp/ansible_deploy/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm - /tmp/ansible_deploy/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm + - /tmp/ansible_deploy/dkms-2.7.1-1.el7.noarch.rpm state: present register: t_kernel_ml diff --git a/roles/kni/files/kni-3.0.2.57bfa41-1.el7.x86_64.rpm b/roles/kni/files/kni-3.0.2.57bfa41-1.el7.x86_64.rpm deleted file mode 100644 index be015b2..0000000 Binary files a/roles/kni/files/kni-3.0.2.57bfa41-1.el7.x86_64.rpm and /dev/null differ diff --git a/roles/kni/files/kni-debug-3.0.1.f81dd69-1.el7.x86_64.rpm b/roles/kni/files/kni-debug-3.0.1.f81dd69-1.el7.x86_64.rpm deleted file mode 100644 index 0e9c9ea..0000000 Binary files a/roles/kni/files/kni-debug-3.0.1.f81dd69-1.el7.x86_64.rpm and /dev/null differ diff --git a/roles/kni/files/kni-debug-debuginfo-3.0.1.f81dd69-1.el7.x86_64.rpm b/roles/kni/files/kni-debug-debuginfo-3.0.1.f81dd69-1.el7.x86_64.rpm deleted file mode 100644 index 2290e12..0000000 Binary files a/roles/kni/files/kni-debug-debuginfo-3.0.1.f81dd69-1.el7.x86_64.rpm and /dev/null differ diff --git a/roles/kni/files/kni-debuginfo-3.0.2.57bfa41-1.el7.x86_64.rpm b/roles/kni/files/kni-debuginfo-3.0.2.57bfa41-1.el7.x86_64.rpm deleted file mode 100644 index 9ce70fa..0000000 Binary files a/roles/kni/files/kni-debuginfo-3.0.2.57bfa41-1.el7.x86_64.rpm and /dev/null differ diff --git a/roles/kni/tasks/main.yml b/roles/kni/tasks/main.yml index 31543b5..2d6c8bd 100644 --- a/roles/kni/tasks/main.yml +++ b/roles/kni/tasks/main.yml @@ -7,7 +7,7 @@ - name: "install kni rpms from localhost" yum: name: - - /tmp/ansible_deploy/kni-3.0.2.57bfa41-1.el7.x86_64.rpm + - /tmp/ansible_deploy/kni-20.04-1.el7.x86_64.rpm state: present - name: Template the kni.conf diff --git a/roles/kni/templates/kni.conf.j2 b/roles/kni/templates/kni.conf.j2 index 7f86908..680d767 100644 --- a/roles/kni/templates/kni.conf.j2 +++ b/roles/kni/templates/kni.conf.j2 @@ -3,7 +3,7 @@ log_path = ./log/kni/kni.log log_level = {{ kni.global.log_level }} tfe_node_count = {{ kni.global.tfe_node_count }} manage_eth = {{ nic_mgr.name }} -{% if run_as_tun_mode %} +{% if tsg_access_type == 0 %} deploy_mode = tun {% else %} deploy_mode = normal @@ -11,7 +11,7 @@ deploy_mode = normal tun_name = tun_kni src_mac_addr = 00:0e:c6:d6:72:c1 dst_mac_addr = fe:65:b7:03:50:bd -{% if run_as_tun_mode %} +{% if tsg_access_type == 0 %} {% else %} [tfe0] enabled = 1 diff --git a/roles/mrzcpd/files/mrzcpd-4.3.14.79e262c-1.el7.x86_64.rpm b/roles/mrzcpd/files/mrzcpd-4.3.14.79e262c-1.el7.x86_64.rpm deleted file mode 100644 index cb587bd..0000000 Binary files a/roles/mrzcpd/files/mrzcpd-4.3.14.79e262c-1.el7.x86_64.rpm and /dev/null differ diff --git a/roles/mrzcpd/files/mrzcpd-4.3.15.7b8ad9e-1.el7.x86_64.rpm b/roles/mrzcpd/files/mrzcpd-4.3.15.7b8ad9e-1.el7.x86_64.rpm deleted file mode 100644 index 4efb1cd..0000000 Binary files a/roles/mrzcpd/files/mrzcpd-4.3.15.7b8ad9e-1.el7.x86_64.rpm and /dev/null differ diff --git a/roles/mrzcpd/tasks/main.yml b/roles/mrzcpd/tasks/main.yml index 6d7a116..77cbf44 100644 --- a/roles/mrzcpd/tasks/main.yml +++ b/roles/mrzcpd/tasks/main.yml @@ -6,7 +6,7 @@ - name: "install mrzcpd" yum: - name: /tmp/ansible_deploy/mrzcpd-4.3.15.7b8ad9e-1.el7.x86_64.rpm + name: /tmp/ansible_deploy/mrzcpd-4.3.17.f543325-1.el7.x86_64.rpm state: present - name: "update sysconfig/mrzcpd" @@ -20,17 +20,37 @@ dest: /opt/mrzcpd/etc/mrglobal.conf when: nic_traffic_mirror is defined -- name: "update mrglobal.conf - master blade" +- name: "update mrglobal.conf.inline - blade00" template: src: "{{ role_path }}/templates/mrglobal.conf.inline.j2" dest: /opt/mrzcpd/etc/mrglobal.conf - when: nic_traffic_mirror is not defined + when: + - nic_traffic_mirror is not defined + - tsg_access_type == 1 -- name: "update mrtunnat.conf - master blade" +- name: "update mrglobal.conf.allot - blade00" + template: + src: "{{ role_path }}/templates/mrglobal.conf.allot_access.j2" + dest: /opt/mrzcpd/etc/mrglobal.conf + when: + - nic_traffic_mirror is not defined + - tsg_access_type == 2 + +- name: "update mrtunnat.conf.inline - blade00" template: src: "{{ role_path }}/templates/mrtunnat.conf.inline.j2" dest: /opt/mrzcpd/etc/mrtunnat.conf - when: nic_traffic_mirror is not defined + when: + - nic_traffic_mirror is not defined + - tsg_access_type == 1 + +- name: "update mrtunnat.conf.allot_access - blade00" + template: + src: "{{ role_path }}/templates/mrtunnat.conf.allot_access.j2" + dest: /opt/mrzcpd/etc/mrtunnat.conf + when: + - nic_traffic_mirror is not defined + - tsg_access_type == 2 - name: "enable mrenv" systemd: @@ -38,13 +58,6 @@ enabled: yes daemon_reload: yes -#- name: "mask mrenv" -# systemd: -# name: mrenv -# masked: yes -# daemon_reload: yes -# when: nic_traffic_mirror.use_mrzcpd == 0 - - name: "enable mrzcpd" systemd: name: mrzcpd @@ -64,11 +77,3 @@ enabled: 0 daemon_reload: yes when: nic_traffic_mirror is defined - - -#- name: "mask mrzcpd" -# systemd: -# name: mrzcpd -# masked: yes -# daemon_reload: yes -# when: nic_traffic_mirror.use_mrzcpd == 0 diff --git a/roles/pulp-consumer/tasks/main.yml b/roles/pulp-consumer/tasks/main.yml deleted file mode 100644 index 0c3cb26..0000000 --- a/roles/pulp-consumer/tasks/main.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -- name: "Install EPEL" - yum: - name: http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm - state: present - -- name: "Install Pulp Consumer Tools Repo" - get_url: - url: https://repos.fedorapeople.org/repos/pulp/pulp/rhel-pulp.repo - dest: /etc/yum.repos.d/rhel-pulp.repo - -- name: "Install Pulp Consumer Tools" - yum: - name: - - pulp-admin-client - - pulp-rpm-admin-extensions - - pulp-consumer-client - - pulp-rpm-consumer-extensions - - pulp-agent - - pulp-rpm-handlers - - pulp-rpm-yumplugins - - python-gofer-qpid - state: present - update_cache: yes - -- name: "Start Pulp Message Service" - systemd: - state: started - name: goferd diff --git a/roles/sapp/tasks/main.yml b/roles/sapp/tasks/main.yml index 54b70b4..6b16d3e 100644 --- a/roles/sapp/tasks/main.yml +++ b/roles/sapp/tasks/main.yml @@ -8,6 +8,7 @@ yum: name: - /tmp/ansible_deploy/sapp-4.0.5.3385992-1.el7.x86_64.rpm + - /tmp/ansible_deploy/tsg_master-debug-1.0.3.a4e2a7c-1.el7.centos.x86_64.rpm state: present - name: make dir @@ -37,7 +38,7 @@ template: src: "{{ role_path }}/templates/gdev.conf.j2" dest: /home/mesasoft/sapp_run/etc/gdev.conf - tags: template + when: tsg_access_type == 1 - name: "enable sapp" systemd: diff --git a/roles/sapp/templates/conflist.inf.j2 b/roles/sapp/templates/conflist.inf.j2 index 34f8339..7c17291 100644 --- a/roles/sapp/templates/conflist.inf.j2 +++ b/roles/sapp/templates/conflist.inf.j2 @@ -1,5 +1,9 @@ [platform] +{% if tsg_access_type == 1 %} ./plug/platform/g_device_plug/g_device_plug.inf +{% else %} +#./plug/platform/g_device_plug/g_device_plug.inf +{% endif %} ./plug/platform/tsg_master/tsg_master.inf [protocol] @@ -16,4 +20,5 @@ ./plug/business/fw_dns_plug/fw_dns_plug.inf ./plug/business/fw_mail_plug/fw_mail_plug.inf ./plug/business/fw_ftp_plug/fw_ftp_plug.inf -./plug/business/tsg_conn_record/tsg_conn_record.inf \ No newline at end of file +./plug/business/tsg_conn_record/tsg_conn_record.inf +./plug/business/capture_packet_plug/capture_packet_plug.inf diff --git a/roles/sapp/templates/gdev.conf.j2 b/roles/sapp/templates/gdev.conf.j2 index bb1bd30..245bff5 100644 --- a/roles/sapp/templates/gdev.conf.j2 +++ b/roles/sapp/templates/gdev.conf.j2 @@ -1,5 +1,5 @@ [Module] pcapdevice={{ nic_data_incoming.name }} sendto_gdev_card={{ nic_data_incoming.name }} -sendto_gdev_ip={{ nic_data_incoming.address }} -gdev_status_switch=1 \ No newline at end of file +sendto_gdev_ip={{ nic_data_incoming.ip }} +gdev_status_switch=1 diff --git a/roles/sapp/templates/project_list.conf.j2 b/roles/sapp/templates/project_list.conf.j2 index c712a15..e7b42ff 100644 --- a/roles/sapp/templates/project_list.conf.j2 +++ b/roles/sapp/templates/project_list.conf.j2 @@ -1,4 +1,7 @@ tcp_flow_stat struct udp_flow_stat struct tcp_deduce_flow_stat struct -POLICY_PRIORITY struct \ No newline at end of file +POLICY_PRIORITY struct +ESTABLISH_LATENCY long +MAIL_IDENTIFY int + diff --git a/roles/sapp/templates/sapp.toml.j2 b/roles/sapp/templates/sapp.toml.j2 index e31e223..b65494d 100644 --- a/roles/sapp/templates/sapp.toml.j2 +++ b/roles/sapp/templates/sapp.toml.j2 @@ -9,16 +9,16 @@ instance_name = "sapp4" [CPU] -{% if run_as_tun_mode %} +{% if tsg_access_type == 0 %} worker_threads=1 {% else %} worker_threads={{ sapp.worker_threads }} {% endif %} ### note, bind_mask, if you do not want to bind thread to special CPU core, keep it empty as [] -{% if run_as_tun_mode %} +{% if tsg_access_type == 0 %} bind_mask=[] {% else %} -bind_mask=[1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16] +bind_mask=[{{ sapp.bind_mask }}] {% endif %} [PACKET_IO] @@ -27,7 +27,7 @@ BSD_packet_filter="" ### note, depolyment.mode options: [mirror, inline, transparent] [packet_io.depolyment] - {% if nic_transparent_mode.enable %} + {% if nic_transparent_mode.enable == 1 %} mode=transparent {% else %} mode=inline @@ -35,7 +35,7 @@ BSD_packet_filter="" ### note, interface.type options: [pag,pcap,marsio] [packet_io.internal.interface] - {% if nic_transparent_mode.enable %} + {% if nic_transparent_mode.enable == 1 %} type={{nic_transparent_mode.mode}} name={{nic_transparent_mode.internel_interface}} {% else %} diff --git a/roles/tfe/files/tfe-4.3.0.202001081429550800.92060ee-1.el7.x86_64.rpm b/roles/tfe/files/tfe-4.3.0.202001081429550800.92060ee-1.el7.x86_64.rpm deleted file mode 100644 index e91b3c0..0000000 Binary files a/roles/tfe/files/tfe-4.3.0.202001081429550800.92060ee-1.el7.x86_64.rpm and /dev/null differ diff --git a/roles/tfe/files/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpm b/roles/tfe/files/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpm deleted file mode 100644 index da6096a..0000000 Binary files a/roles/tfe/files/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpm and /dev/null differ diff --git a/roles/tfe/tasks/main.yml b/roles/tfe/tasks/main.yml index 79aa928..5d3b9a3 100644 --- a/roles/tfe/tasks/main.yml +++ b/roles/tfe/tasks/main.yml @@ -7,18 +7,9 @@ - name: "install tfe rpms from localhost" yum: name: - - /tmp/ansible_deploy/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpm - - /tmp/ansible_deploy/tfe-4.3.0.202001081429550800.92060ee-1.el7.x86_64.rpm + - /tmp/ansible_deploy/tfe-kmod-v1.0.5.20200408-1dkms.noarch.rpm + - /tmp/ansible_deploy/tfe-4.3.1.cc89b5b-1.el7.x86_64.rpm state: present - when: package_source == "local" - -- name: "install tfe rpms from pulp" - yum: - name: - - /tmp/ansible_deploy/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpm - - tfe - state: latest - when: package_source == "pulp" - name: "template tfe-env config" template: @@ -56,14 +47,6 @@ name: tfe-env enabled: yes daemon_reload: yes - when: not run_as_tun_mode - -- name: "enable tfe-env-tun" - systemd: - name: tfe-env-tun-mode - enabled: yes - daemon_reload: yes - when: run_as_tun_mode - name: "enable tfe" systemd: diff --git a/roles/tfe/templates/tfe-env-config.j2 b/roles/tfe/templates/tfe-env-config.j2 index e00dff2..2874c27 100644 --- a/roles/tfe/templates/tfe-env-config.j2 +++ b/roles/tfe/templates/tfe-env-config.j2 @@ -5,7 +5,7 @@ TFE_PEER_MAC_DATA_INCOMING=aa:bb:cc:dd:ee:ff TFE_LOCAL_IP_DATA_INCOMING=172.16.241.2 TFE_PEER_IP_DATA_INCOMING=172.16.241.1 -{% if run_as_tun_mode %} +{% if tsg_access_type == 0 %} TFE_WATCHDOG_DEVICE={{ nic_inner_ctrl.name }} TFE_WATCHDOG_IP=192.168.100.1 {% endif %} diff --git a/roles/tsg-env-mcn0/tasks/main.yml b/roles/tsg-env-mcn0/tasks/main.yml index 18a52b1..7c9ecea 100644 --- a/roles/tsg-env-mcn0/tasks/main.yml +++ b/roles/tsg-env-mcn0/tasks/main.yml @@ -2,8 +2,16 @@ - name: "copy setup script" copy: src: "{{ role_path }}/files/setup" - dest: "/opt/tsg/env/" + dest: /opt/tsg/env/ mode: 0755 + when: tsg_access_type == 1 + +- name: "Template setup script" + template: + src: "{{ role_path }}/templates/setup.AllotAccess.j2" + dest: /opt/tsg/env/setup + mode: 0755 + when: tsg_access_type == 2 - name: "copy switch_control_client_non_block" copy: diff --git a/roles/tsg-env-mxn/tasks/main.yml b/roles/tsg-env-mxn/tasks/main.yml index ccc658e..15760a2 100644 --- a/roles/tsg-env-mxn/tasks/main.yml +++ b/roles/tsg-env-mxn/tasks/main.yml @@ -23,3 +23,10 @@ enabled: yes daemon_reload: yes +- name: "Template PM1.13_vlan_mac_flipping_saved_startup" + template: + src: "{{ role_path }}/templates/PM1.13_vlan_mac_flipping_saved_startup" + dest: /usr/local/testpoint/perl/Config/libertyTrail/saved_startup + when: tsg_access_type == 2 + + diff --git a/tsg-clear-coredumps.yml b/tsg-clear-coredumps.yml deleted file mode 100644 index 5eec48e..0000000 --- a/tsg-clear-coredumps.yml +++ /dev/null @@ -1,30 +0,0 @@ -- hosts: blade-00 - tasks: - - name: "blade incpt - find corefiles to delete" - find: - paths: - - / - - /home/tsg/certstore-base/ - - /home/mesasoft/sapp_run/ - patterns: core.* - register: blade_incpt_corefiles_to_delete - - - name: "blade incpt cleanup coredump" - file: - state: absent - path: '{{ item.path }}' - with_items: "{{ blade_incpt_corefiles_to_delete.files }}" - -- hosts: blade-01:blade-02:blade-03 - tasks: - - name: "find corefiles to delete" - find: - paths: /opt/tsg/tfe/ - patterns: core.* - register: ctrl_corefiles_to_delete - - - name: "cleanup coredump" - file: - state: absent - path: '{{ item.path }}' - with_items: "{{ ctrl_corefiles_to_delete.files }}" diff --git a/tsg-reboot.yml b/tsg-reboot.yml deleted file mode 100644 index 2999e5f..0000000 --- a/tsg-reboot.yml +++ /dev/null @@ -1,9 +0,0 @@ -#- hosts: all -# tasks: -# - name: "reboot all" -# reboot: - -- hosts: Functional_Host - tasks: - - name: "reboot all compute blade" - reboot: