add Aktau deploy file

Aktau_deploy.yml

@@ -0,0 +1,145 @@
+- hosts:
+    - adc_mcn0
+    - adc_mcn1
+    - adc_mcn2
+    - adc_mcn3
+    - packet_dump_server
+  remote_user: root
+  vars_files:
+    - Aktau_install_config/group_vars/adc_global.yml
+  roles:
+    - framework
+
+- hosts: packet_dump_server
+  remote_user: root
+  vars_files:
+    - Aktau_install_config/group_vars/adc_global.yml
+  roles:
+    - packet_dump
+
+- hosts: adc_mxn
+  remote_user: root
+  roles:
+#    - tsg-env-mxn
+
+- hosts: adc_mcn0
+  remote_user: root
+  vars_files:
+    - Aktau_install_config/group_vars/adc_global.yml
+    - Aktau_install_config/group_vars/adc_mcn0.yml
+  roles:
+#    - tsg-env-mcn0
+    - telegraf_collect
+    - kernel-ml
+    - mrzcpd
+    - sapp
+    - tsg_master
+    - kni
+    - firewall
+#    - tsg_app
+    - http_healthcheck
+    - redis
+    - cert-redis
+    - maat-redis
+    - certstore
+    - telegraf_statistic
+#    - tsg_device_tag
+
+- hosts: adc_mcn1
+  remote_user: root
+  vars_files:
+    - Aktau_install_config/group_vars/adc_global.yml
+    - Aktau_install_config/group_vars/adc_mcn1.yml
+  roles:
+#    - tsg-env-mcn1
+    - telegraf_collect
+    - kernel-ml
+    - mrzcpd
+    - tfe
+
+- hosts: adc_mcn2
+  remote_user: root
+  vars_files:
+    - Aktau_install_config/group_vars/adc_global.yml
+    - Aktau_install_config/group_vars/adc_mcn2.yml
+  roles:
+#    - tsg-env-mcn2
+    - telegraf_collect
+    - kernel-ml
+    - mrzcpd
+    - tfe
+
+- hosts: adc_mcn3
+  remote_user: root
+  vars_files:
+    - Aktau_install_config/group_vars/adc_global.yml
+    - Aktau_install_config/group_vars/adc_mcn3.yml
+  roles:
+    - kernel-ml
+#    - tsg-env-mcn3
+    - telegraf_collect
+    - mrzcpd
+    - tfe
+
+- hosts: adc_mcn0
+  remote_user: root
+  roles:
+    - docker-env
+    - tsg-diagnose
+
+- hosts: 
+    - adc_mcn1
+    - adc_mcn2
+    - adc_mcn3
+  remote_user: root
+  roles:
+    - tsg-diagnose_sync_ca
+    
+- hosts: adc_mcn0
+  remote_user: root
+  roles:
+    - tsg-diagnose_stop_sync
+
+- hosts:
+    - adc_mcn0
+    - adc_mcn1
+    - adc_mcn2
+    - adc_mcn3
+  remote_user: root
+  vars_files:
+    - Aktau_install_config/group_vars/adc_global.yml
+  roles:
+    #- reboot
+
+- hosts: server-as-tun-mode
+  remote_user: root
+  vars_files:
+    - Aktau_install_config/group_vars/server_as_tun_mode.yml
+  roles:
+    - kernel-ml
+    - framework
+    - mrzcpd
+    - tsg-env-tun-mode
+    - sapp
+    - tsg_master
+    - kni
+    - firewall
+    - tsg_app
+    - http_healthcheck
+    - certstore
+    - redis
+    - cert-redis
+    - maat-redis
+    - tfe
+    - telegraf_statistic
+    - telegraf_collect
+    - proxy_status
+#    - tsg_device_tag
+    - reboot
+
+- hosts: app_global
+  remote_user: root
+  vars_files:
+    - Aktau_install_config/group_vars/app_global.yml
+  roles:
+    - app_global

Aktau_install_config/group_vars/adc_global.yml

@@ -0,0 +1,123 @@
+#########################################
+#####1: Inline_device;  2: Allot;  3: ADC_Tun_mode;
+tsg_access_type: 2
+#####2: ADC;
+tsg_running_type: 2
+
+########################################
+#Deploy_finished_reboot
+Deploy_finished_reboot: 0
+
+########################################
+#IP Config
+maat_redis_city_server:
+  address: "10.1.62.253"
+  port: 7002
+
+maat_redis_server:
+  address: "192.168.100.1"
+  port: 7002
+  port_num: 1
+  db: 0
+
+dynamic_maat_redis_server:
+  address: "192.168.100.1"
+  port: 7002
+  port_num: 1
+  db: 1
+
+cert_store_server:
+  address: "192.168.100.1"
+  port: 9991
+
+log_kafkabrokers:
+  address: "10.1.61.4:9092,10.1.61.5:9092,10.1.61.6:9092"
+
+telegraf_kafkabrokers:
+  address: "\"10.1.61.4:9092\",\"10.1.61.5:9092\",\"10.1.61.6:9092\""
+
+monitor_outputs_influxdb:
+  url: "http://127.0.0.1:58086"
+
+log_minio:
+  address: "10.1.62.253"
+  port: 9090
+
+#########################################
+#Log Level Config
+#日志等级 10:DEBUG 20:INFO 30:FATAL
+fw_ftp_log_level: 10
+fw_mail_log_level: 10
+fw_http_log_level: 10
+fw_dns_log_level: 10
+fw_quic_log_level: 10
+capture_packet_log_level: 10
+tsg_log_level: 10
+tsg_master_log_level: 10
+kni_log_level: 10
+
+#日志等级 DEBUG INFO FATAL
+tfe_log_level: FATAL
+tfe_http_log_level: FATAL
+pangu_log_level: FATAL
+doh_log_level: FATAL
+
+certstore_log_level: 30
+packet_dump_log_level: 10
+
+#######################################
+#Sapp Performance Config
+#Sapp工作在ADC计算板0时，建议使用如下30+8的配置，以保证更高的处理性能
+sapp:
+  worker_threads: 42
+  send_only_threads_max: 1
+  bind_mask: 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43
+  inbound_route_dir: 1
+
+########################################
+#Kni Config
+kni:
+  global:
+    tfe_node_count: 3
+  watch_dog:
+    switch: 1
+  maat:
+    readconf_mode: 2
+  send_logger:
+    switch: 1
+  tfe_nodes:
+    tfe0_enabled: 1
+    tfe1_enabled: 1
+    tfe2_enabled: 1
+
+########################################
+#Tfe Config
+tfe:
+  nr_threads: 32
+  mirror_enable: 1
+
+########################################
+#Marsio Config
+#marsio工作在ADC计算板时，建议使用如下配置，以保证更高的处理性能
+mrzcpd:
+  iocore: 52,53,54,55
+
+mrtunnat:
+  lcore_id: 48,49,50,51 
+
+#########################################
+#Tsg_app
+tsg_app_enable: 0
+app_global_ip: "1.1.1.1"
+applog_level: 10
+app_master_log_level: 10
+app_sketch_local_log_level: 10
+app_control_plug_log_level: 10
+
+
+breakpad_upload_url: http://10.4.63.4:9000/api/2/minidump/?sentry_key=3556bac347c74585a994eb6823faf5c6
+
+data_center: Aktau
+tsg_master_entrance_id: 1
+nic_mgr: 
+   name: em1

Aktau_install_config/group_vars/adc_mcn0.yml

@@ -0,0 +1,41 @@
+#########################################
+#Mcn0管理口网卡名
+nic_mgr:
+  name: ens1f3
+
+#########################################
+#Mcn0流量接入网卡，固定配置
+nic_data_incoming:
+  name: ens1f4
+
+#########################################
+#Mcn0其他数据口网卡名配置，固定配置
+nic_inner_ctrl:
+  name: ens1.100
+nic_to_tfe:
+  tfe0:
+      name: ens1f5
+  tfe1:
+      name: ens1f6
+  tfe2:
+      name: ens1f7
+
+#########################################
+#串联设备接入相关配置
+inline_device_config:
+  keepalive_ip: 192.168.1.30
+  keepalive_mask: 255.255.255.252
+
+#########################################
+#Allot接入相关配置
+AllotAccess:
+  #virturlInterface_1: ens1f2.103
+  #virturlInterface_2: ens1f2.104
+  virturlID_1: 1201
+  virturlID_2: 1202
+  virturlID_3: 1301
+  virturlID_4: 1302
+  #vvipv4_mask: 24
+  #vvipv6_mask: 64
+
+bladename: mcn0

Aktau_install_config/group_vars/adc_mcn1.yml

@@ -0,0 +1,19 @@
+#########################################
+#Mcn1管理口网卡名
+nic_mgr:
+  name: ens1f3
+
+#########################################
+#Mcn1流量接入网卡，固定配置
+nic_data_incoming:
+  name: ens1f1
+
+#########################################
+#Mcn1其他数据口网卡名配置，固定配置
+nic_inner_ctrl:
+  name: ens1.100
+nic_traffic_mirror:
+  name: ens1f2
+  use_mrzcpd: 1
+
+bladename: mcn1

Aktau_install_config/group_vars/adc_mcn2.yml

@@ -0,0 +1,19 @@
+#########################################
+#Mcn2管理口网卡名
+nic_mgr:
+  name: ens8f3
+
+#########################################
+#Mcn2流量接入网卡，固定配置
+nic_data_incoming:
+  name: ens8f1
+
+#########################################
+#Mcn2其他数据口网卡名配置，固定配置
+nic_inner_ctrl:
+  name: ens8.100
+nic_traffic_mirror:
+  name: ens8f2
+  use_mrzcpd: 1
+  
+bladename: mcn2

Aktau_install_config/group_vars/adc_mcn3.yml

@@ -0,0 +1,19 @@
+#########################################
+#Mcn3管理口网卡名
+nic_mgr:
+  name: ens8f3
+
+#########################################
+#Mcn3流量接入网卡，固定配置
+nic_data_incoming:
+  name: ens8f1
+
+#########################################
+#Mcn3其他数据口网卡名配置，固定配置
+nic_inner_ctrl:
+  name: ens8.100
+nic_traffic_mirror:
+  name: ens8f2
+  use_mrzcpd: 1
+  
+bladename: mcn3

Aktau_install_config/group_vars/app_global.yml

@@ -0,0 +1,10 @@
+#########################################
+app_sketch_global_log_level: 10
+
+maat_redis_server:
+  address: "192.168.40.168"
+  port: 7002
+  db: 0
+
+file_stat_ip: "1.1.1.1"
+  

Aktau_install_config/group_vars/server_as_tun_mode.yml

@@ -0,0 +1,145 @@
+#########################################
+#####0: Pcap;  1: Inline_device;  4: ATCA_Vlan_Flipping;  5:ATCA_VXLAN;
+tsg_access_type: 1
+#####0: Tun_mode;  1: normal;
+tsg_running_type: 1
+
+########################################
+#Deploy_finished_reboot
+Deploy_finished_reboot: 1
+
+########################################
+#Server Basic Config
+nic_mgr:
+  name: eth0
+
+nic_inner_ctrl:
+  name: eth0.100
+
+#########################################
+#IP Config
+maat_redis_server:
+  address: "192.168.40.168"
+  port: 7002
+  db: 0
+
+dynamic_maat_redis_server:
+  address: "192.168.40.168"
+  port: 7002
+  db: 0
+
+cert_store_server:
+  address: "192.168.100.1"
+  port: 9991
+
+log_kafkabrokers:
+  address: "1.1.1.1:9092,2.2.2.2:9092"
+
+log_minio:
+  address: "192.168.40.168;"
+  port: 9090
+
+#########################################
+#Log Level Config
+#日志等级 10:DEBUG 20:INFO 30:FATAL
+fw_ftp_log_level: 10
+fw_mail_log_level: 10
+fw_http_log_level: 10
+fw_dns_log_level: 10
+fw_quic_log_level: 10
+capture_packet_log_level: 10
+tsg_log_level: 10
+tsg_master_log_level: 10
+kni_log_level: 10
+
+
+#日志等级 DEBUG INFO FATAL
+tfe_log_level: DEBUG
+tfe_http_log_level: DEBUG
+pangu_log_level: DEBUG
+doh_log_level: DEBUG
+
+certstore_log_level: 10
+packet_dump_log_level: 10
+
+#########################################
+#Sapp Performance Config
+#如果tsg_access_type=0，sapp跑在pcap模式，则以下配置可忽略
+sapp:
+  worker_threads: 23
+  send_only_threads_max: 1
+  bind_mask: 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
+  inbound_route_dir: 1
+
+#########################################
+#Sapp Double-Arm Config
+packet_io:
+  internal_interface: eth2
+  external_interface: eth3
+
+
+#########################################
+#Kni Config
+kni:
+  global:
+    tfe_node_count: 1
+  watch_dog:
+    switch: 1
+  maat:
+    readconf_mode: 2
+  send_logger:
+    switch: 1
+  tfe_nodes:
+    tfe0_enabled: 1
+    tfe1_enabled: 0
+    tfe2_enabled: 0
+
+#########################################
+#Tfe Config
+tfe:
+  nr_threads: 32
+  mirror_enable: 1
+
+#########################################
+#Marsio Config
+mrzcpd:
+  iocore: 39
+
+mrtunnat:
+  lcore_id: 38
+
+#########################################
+#Tsg_app
+tsg_app_enable: 1
+app_global_ip: "1.1.1.1"
+applog_level: 10
+app_master_log_level: 10
+app_sketch_local_log_level: 10
+app_control_plug_log_level: 10
+
+#########################################
+#ATCA Config
+#下列配置只在tsg_access_type=4时生效
+ATCA_data_incoming:
+  ethname: enp1s0
+  vf0_name: enp1s2
+  vf1_name: enp1s2f1
+  vf2_name: enp1s2f2
+
+ATCA_VlanFlipping:
+  vlanID_1: 100
+  vlanID_2: 101
+  vlanID_3: 103
+  vlanID_4: 104
+
+#下列配置只在tsg_access_type=5时生效
+ATCA_VXLAN:
+  keepalive_ip: "10.254.19.1"
+  keepalive_mask: "255.255.255.252"
+
+#########################################
+#Inline Device Config
+inline_device_config:
+  keepalive_ip: 192.168.1.30
+  keepalive_mask: 255.255.255.252
+  data_incoming: eth5

Aktau_install_config/hosts

@@ -0,0 +1,52 @@
+###################
+#   For example   #
+###################
+#变量device_id根据设备序号设置即可
+#变量vvipv4_1、vvipv4_2、vvipv6_1、vvipv6_2为Allot相关配置，其他环境可不填或直接删除变量
+#
+#20.09版本新增APP部署
+#[app_global]
+#0.0.0.0
+
+#[server-as-tun-mode]
+#1.1.1.1 device_id=device_1
+#
+#[adc_mxn]
+#10.3.72.1
+#10.3.72.2
+#
+#[adc_mcn0]
+#10.3.73.1 device_id=device_1 vvipv4_1=10.3.61.1 vvipv4_2=10.3.62.1 vvipv6_1=fc00::61:1 vvipv6_2=fc00::62:1
+#10.3.73.2 device_id=device_2 vvipv4_1=10.3.61.2 vvipv4_2=10.3.62.2 vvipv6_1=fc00::61:2 vvipv6_2=fc00::62:2
+#
+#[adc_mcn1]
+#10.3.74.1 device_id=device_1
+#10.3.74.2 device_id=device_2
+#
+#[adc_mcn2]
+#10.3.75.1 device_id=device_1
+#10.3.75.2 device_id=device_2
+#
+#[adc_mcn3]
+#10.3.76.1 device_id=device_1
+#10.3.76.2 device_id=device_2
+
+#[app_global]
+#[server-as-tun-mode]
+
+# aktau city device 15
+# device 15 is broken !!!
+# device 15 is broken !!!
+# device 15 is broken !!!
+[adc_mxn]
+10.1.55.[1:14]
+[adc_mcn0]
+10.1.51.[1:14]
+[adc_mcn1]
+10.1.52.[1:14]
+[adc_mcn2]
+10.1.53.[1:14]
+[adc_mcn3]
+10.1.54.[1:14]
+[packet_dump_server]
+10.1.61.3