修改自检部署脚本位置

添加自检安装部署
更新tsg_master，sapp，libmaatframe，tfe，app_control_plug，app_master
2021-02-08 09:23:58 +08:00 · 2021-02-08 09:21:47 +08:00 · 2021-02-07 19:47:38 +08:00
32 changed files with 338 additions and 7 deletions
--- a/adc_deploy.yml
+++ b/adc_deploy.yml
@@ -29,6 +29,8 @@
    - {role: adc_exporter, tags: adc_exporter}
 #    - {role: switch_control, tags: switch_control}
    - {role: tsg-env-patch, tags: tsg-env-patch}
+    - {role: docker-env, tags: docker-env}
+    - {role: tsg-diagnose, tags: tsg-diagnose}

 - hosts: adc_mcn1
  remote_user: root
@@ -44,6 +46,7 @@
    - {role: adc_exporter, tags: adc_exporter}
 #    - {role: switch_control, tags: switch_control}
    - {role: tsg-env-patch, tags: tsg-env-patch}
+    - {role: tsg-diagnose_sync_ca, tags: tsg-diagnose_sync_ca}

 - hosts: adc_mcn2
  remote_user: root
@@ -59,6 +62,7 @@
    - {role: adc_exporter, tags: adc_exporter}
 #    - {role: switch_control, tags: switch_control}
    - {role: tsg-env-patch, tags: tsg-env-path}
+    - {role: tsg-diagnose_sync_ca, tags: tsg-diagnose_sync_ca}

 - hosts: adc_mcn3
  remote_user: root
@@ -73,7 +77,13 @@
 #    - {role: adc_exporter, tags: adc_exporter}
    - {role: switch_control, tags: switch_control}
    - {role: tsg-env-patch, tags: tsg-env-patch}
-    
+    - {role: tsg-diagnose_sync_ca, tags: tsg-diagnose_sync_ca}
+
+- hosts: adc_mcn0
+  remote_user: root
+  roles:
+    - {role: tsg-diagnose_stop_sync, tags: tsg-diagnose_stop_sync}
+
 - hosts: packet_dump_server
  remote_user: root
  vars_files:
--- a/roles/docker-env/files/docker-ce.zip
+++ b/roles/docker-env/files/docker-ce.zip
--- a/roles/docker-env/files/docker-compose.zip
+++ b/roles/docker-env/files/docker-compose.zip
--- a/roles/docker-env/files/python3.zip
+++ b/roles/docker-env/files/python3.zip
--- a/roles/docker-env/tasks/docker-ce.yml
+++ b/roles/docker-env/tasks/docker-ce.yml
@@ -0,0 +1,38 @@
+---
+- name: "docker-ce: copy docker-ce.zip to dest device"
+  copy:
+    src: '{{ role_path }}/files/docker-ce.zip'
+    dest: /tmp/ansible_deploy/
+    
+- name: "docker-ce: unarchive docker-ce.zip"
+  unarchive:
+    src: /tmp/ansible_deploy/docker-ce.zip
+    dest: /tmp/ansible_deploy/
+    remote_src: yes
+
+- name: "docker-ce: install docker-ce rpm package and dependencies"
+  yum:
+    name:
+      - /tmp/ansible_deploy/docker-ce/container-selinux-2.119.2-1.911c772.el7_8.noarch.rpm
+      - /tmp/ansible_deploy/docker-ce/docker-ce-19.03.13-3.el7.x86_64.rpm
+      - /tmp/ansible_deploy/docker-ce/docker-ce-cli-19.03.13-3.el7.x86_64.rpm
+      - /tmp/ansible_deploy/docker-ce/containerd.io-1.3.7-3.1.el7.x86_64.rpm
+      - /tmp/ansible_deploy/docker-ce/selinux-policy-targeted-3.13.1-266.el7_8.1.noarch.rpm
+      - /tmp/ansible_deploy/docker-ce/selinux-policy-3.13.1-266.el7_8.1.noarch.rpm
+      - /tmp/ansible_deploy/docker-ce/policycoreutils-python-2.5-34.el7.x86_64.rpm
+      - /tmp/ansible_deploy/docker-ce/policycoreutils-2.5-34.el7.x86_64.rpm
+      - /tmp/ansible_deploy/docker-ce/libselinux-utils-2.5-15.el7.x86_64.rpm
+      - /tmp/ansible_deploy/docker-ce/libselinux-python-2.5-15.el7.x86_64.rpm
+      - /tmp/ansible_deploy/docker-ce/libselinux-2.5-15.el7.x86_64.rpm
+      - /tmp/ansible_deploy/docker-ce/setools-libs-3.3.8-4.el7.x86_64.rpm
+      - /tmp/ansible_deploy/docker-ce/libsepol-2.5-10.el7.x86_64.rpm
+      - /tmp/ansible_deploy/docker-ce/libsemanage-python-2.5-14.el7.x86_64.rpm
+      - /tmp/ansible_deploy/docker-ce/libsemanage-2.5-14.el7.x86_64.rpm
+    state: present
+
+- name: "docker-ce: systemctl start docker and enabled docker"
+  systemd:
+    name: docker
+    enabled: yes
+    daemon_reload: yes
+    state: started
--- a/roles/docker-env/tasks/docker-compose.yml
+++ b/roles/docker-env/tasks/docker-compose.yml
@@ -0,0 +1,18 @@
+---
+- name: "docker-compose: copy docker-compose.zip to dest device"
+  copy:
+    src: '{{ role_path }}/files/docker-compose.zip'
+    dest: /tmp/ansible_deploy/
+
+- name: "docker-compose: unarchive docker-compose.zip"
+  unarchive:
+    src: /tmp/ansible_deploy/docker-compose.zip
+    dest: /tmp/ansible_deploy/
+    remote_src: yes
+
+- name: "docker-compose: install docker-compose using pip3"
+  pip:
+    requirements: /tmp/ansible_deploy/docker-compose/requirements.txt
+    extra_args: "--no-index --find-links=file:///tmp/ansible_deploy/docker-compose"
+    state: forcereinstall
+    executable: pip3
--- a/roles/docker-env/tasks/main.yml
+++ b/roles/docker-env/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+- include: docker-ce.yml
+- include: python3.yml 
+- include: docker-compose.yml 
--- a/roles/docker-env/tasks/python3.yml
+++ b/roles/docker-env/tasks/python3.yml
@@ -0,0 +1,21 @@
+---
+- name: "python3: copy python3.zip to dest device"
+  copy:
+    src: '{{ role_path }}/files/python3.zip'
+    dest: /tmp/ansible_deploy/
+    
+- name: "python3: unarchive python3.zip"
+  unarchive:
+    src: /tmp/ansible_deploy/python3.zip
+    dest: /tmp/ansible_deploy/
+    remote_src: yes
+
+- name: "python3: install python3 rpm package and dependencies"
+  yum:
+    name:
+      - /tmp/ansible_deploy/python3/python3-libs-3.6.8-13.el7.x86_64.rpm
+      - /tmp/ansible_deploy/python3/python3-3.6.8-13.el7.x86_64.rpm
+      - /tmp/ansible_deploy/python3/python3-pip-9.0.3-7.el7_7.noarch.rpm
+      - /tmp/ansible_deploy/python3/python3-setuptools-39.2.0-10.el7.noarch.rpm
+      - /tmp/ansible_deploy/python3/libtirpc-0.2.4-0.16.el7.x86_64.rpm
+    state: present
--- a/roles/framework/files/libmaatframe-3.1.10.653727e-2.el7.x86_64.rpm
+++ b/roles/framework/files/libmaatframe-3.1.10.653727e-2.el7.x86_64.rpm
--- a/roles/framework/files/libmaatframe-3.1.11.593cb23-2.el7.x86_64.rpm
+++ b/roles/framework/files/libmaatframe-3.1.11.593cb23-2.el7.x86_64.rpm
--- a/roles/framework/tasks/main.yml
+++ b/roles/framework/tasks/main.yml
@@ -12,7 +12,7 @@
    packages:
      - /tmp/ansible_deploy/libcjson-1.7.10.ab2896f-2.el7.x86_64.rpm
      - /tmp/ansible_deploy/libdocumentanalyze-2.0.6.2d1abe0-2.el7.x86_64.rpm
-      - /tmp/ansible_deploy/libmaatframe-3.1.10.653727e-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/libmaatframe-3.1.11.593cb23-2.el7.x86_64.rpm
      - /tmp/ansible_deploy/libMESA_field_stat-1.0.2.6d45eed-2.el7.x86_64.rpm
      - /tmp/ansible_deploy/libMESA_field_stat2-2.9.10.72ac4f1-2.el7.x86_64.rpm
      - /tmp/ansible_deploy/libMESA_handle_logger-2.0.7.cb4ad71-2.el7.x86_64.rpm
--- a/roles/sapp/files/sapp-4.2.25.893d15d-2.el7.x86_64.rpm
+++ b/roles/sapp/files/sapp-4.2.25.893d15d-2.el7.x86_64.rpm
--- a/roles/sapp/files/sapp-4.2.26.fc1a6aa-2.el7.x86_64.rpm
+++ b/roles/sapp/files/sapp-4.2.26.fc1a6aa-2.el7.x86_64.rpm
--- a/roles/sapp/tasks/main.yml
+++ b/roles/sapp/tasks/main.yml
@@ -13,7 +13,7 @@
 - name: "install sapp rpms from localhost"
  yum:
    name:
-      - /tmp/ansible_deploy/sapp-4.2.25.893d15d-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/sapp-4.2.26.fc1a6aa-2.el7.x86_64.rpm
    state: present
 
 - name: "install tcpdump_mesa rpms from localhost"
--- a/roles/tfe/files/tfe-4.3.28.ce28c42-1.el7.x86_64.rpm
+++ b/roles/tfe/files/tfe-4.3.28.ce28c42-1.el7.x86_64.rpm
--- a/roles/tfe/files/tfe-4.3.29.5ce3dcf-1.el7.x86_64.rpm
+++ b/roles/tfe/files/tfe-4.3.29.5ce3dcf-1.el7.x86_64.rpm
--- a/roles/tfe/tasks/main.yml
+++ b/roles/tfe/tasks/main.yml
@@ -14,7 +14,7 @@
  yum:
    name:
      - /tmp/ansible_deploy/tfe-kmod-v1.0.5.20200408-1dkms.noarch.rpm
-      - /tmp/ansible_deploy/tfe-4.3.28.ce28c42-1.el7.x86_64.rpm
+      - /tmp/ansible_deploy/tfe-4.3.29.5ce3dcf-1.el7.x86_64.rpm
    state: present

 - name: "tfe:copy cert file to device"
--- a/roles/tsg-diagnose/files/tsg-diagnose-20.10.03.31f1c1f-1.el7.x86_64.rpm
+++ b/roles/tsg-diagnose/files/tsg-diagnose-20.10.03.31f1c1f-1.el7.x86_64.rpm
--- a/roles/tsg-diagnose/files/tsg-diagnose-certs.tgz
+++ b/roles/tsg-diagnose/files/tsg-diagnose-certs.tgz
--- a/roles/tsg-diagnose/tasks/main.yml
+++ b/roles/tsg-diagnose/tasks/main.yml
@@ -0,0 +1,38 @@
+- name: "Tsg-diagnose:copy file to device"
+  copy:
+    src: '{{ role_path }}/files/'
+    dest: /tmp/ansible_deploy/
+    
+- name: "Install tsg-diagnose rpm package"
+  yum:
+    name:
+      - "/tmp/ansible_deploy/tsg-diagnose-20.10.03.31f1c1f-1.el7.x86_64.rpm"
+    state: present
+
+- name: "Templates tsg-diagnose.config"
+  template:
+    src: "{{role_path}}/templates/tsg-diagnose.config.j2"
+    dest: /opt/tsg/tsg-diagnose/etc/tsg-diagnose.config
+  tags: template
+
+- name: "tsg-diagnose:mkdir -p .badssl_cert_dict"
+  file:
+    path: /opt/tsg/tsg-diagnose/.badssl_cert_dict
+    state: directory
+
+
+- name: "tsg-diagnose: unarchive certs"
+  unarchive:
+    src: /tmp/ansible_deploy/tsg-diagnose-certs.tgz
+    dest: /opt/tsg/tsg-diagnose/.badssl_cert_dict
+    remote_src: yes
+
+- name: 'Tsg-diagnose service start'
+  systemd:
+    name: tsg-diagnose
+    enabled: yes
+    daemon_reload: yes
+    state: started
+
+- name: "tsg-diagnose init rsync deamon"
+  shell: /bin/sh /opt/tsg/tsg-diagnose/deploy/rsync/init_rsyncd.sh
--- a/roles/tsg-diagnose/templates/tsg-diagnose.config.j2
+++ b/roles/tsg-diagnose/templates/tsg-diagnose.config.j2
@@ -0,0 +1,135 @@
+[test_securityPolicy_bypass]
+# enabled = 1 run this case
+enabled = 1
+#Connection TIMEOUT, in seconds
+conn_timeout = 1
+#max_recv_speed_large  byte/s
+max_recv_speed_large = 6553600
+
+[test_securityPolicy_intercept]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_securityPolicy_intercept_certerrExpired]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_securityPolicy_intercept_certerrSelf_signed]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_securityPolicy_intercept_certerrUntrusted_root]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_proxyPolicy_ssl_redirect]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_proxyPolicy_ssl_block]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_proxyPolicy_ssl_replace]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_proxyPolicy_ssl_hijack]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_proxyPolicy_ssl_insert]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_proxyPolicy_http_redirect]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_proxyPolicy_http_block]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_proxyPolicy_http_replace]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_proxyPolicy_http_hijack]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_proxyPolicy_http_insert]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_https_con_traffic_1k]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_https_con_traffic_4k]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_https_con_traffic_16k]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_https_con_traffic_64k]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_https_con_traffic_256k]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_https_con_traffic_1M]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_https_con_traffic_4M]
+enabled = 1
+conn_timeout = 1
+max_recv_speed_large = 6553600
+
+[test_https_con_traffic_16M]
+enabled = 1
+conn_timeout = 4
+max_recv_speed_large = 6553600
+
+[test_https_con_traffic_64M]
+enabled = 1
+conn_timeout = 12
+max_recv_speed_large = 6553600
+
+[start_time_random_delay_range]
+enabled = 1
+#Left_edge is the left edge of the randomly generated time in seconds
+left_edge = 0
+#Left_edge is the right edge of the randomly generated time in seconds
+right_edge = 30
+
+[telegraf]
+host = 192.51.100.1
+port = 58100
+tags_key = app_name
+tags_value = tsg-diagnose
--- a/roles/tsg-diagnose_stop_sync/tasks/main.yml
+++ b/roles/tsg-diagnose_stop_sync/tasks/main.yml
@@ -0,0 +1,3 @@
+- name: "tsg-diagnose:  stop rsync deamon process"
+  shell: killall -9 rsync
+
--- a/roles/tsg-diagnose_sync_ca/files/tsg_diagnose_ca.pem
+++ b/roles/tsg-diagnose_sync_ca/files/tsg_diagnose_ca.pem
@@ -0,0 +1,49 @@
+-----BEGIN CERTIFICATE-----
+MIIGWzCCBEOgAwIBAgIJAMimxpHS+4hRMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp
+c2NvMQ8wDQYDVQQKDAZCYWRTU0wxKjAoBgNVBAMMIUJhZFNTTCBSb290IENlcnRp
+ZmljYXRlIEF1dGhvcml0eTAeFw0yMDEwMjYwODQ3NDZaFw00MDEwMjEwODQ3NDZa
+MHcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1T
+YW4gRnJhbmNpc2NvMQ8wDQYDVQQKDAZCYWRTU0wxKjAoBgNVBAMMIUJhZFNTTCBS
+b290IENlcnRpZmljYXRlIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAKnefEvaekYAdlfFtpnaPaKYgl+X3FOXUEiYLHuX9YZjuhjVAf/I
+19iW7+k6mln3jSxD05YZQk/jUVTTVjYgQftHzlZiJG086AGhG86QwDIPb9nQIGy8
+3DscFFQGGOoYPdV9E+s1cFDTIFGqqqlJ5T5jpjnAL/3WR2LxrgzPVkBjcOTJnkU6
+Gv2jqwQYGSz8+A6FYsGLqO6Pv7uKY1OPELNcTGnSwD1uctsMHn/Xqx4nMaBoMuSc
+TZQEneSagGDgF1dVqEFhVEPo4VXiVthhS82xA3xK69UKfKLFkjjy+icH8LllKUFo
+Psu+w/9V3OZ4xfzjEdpoRwRUmOesS5wlEkd3rLKEWXG/A8Uul5iCZ2Dez9nE6wi7
+w7JD7R1InPoD+7KXtT2JWS+9sj+Vre7XIjSEQuBRGiTOXnDcuYjFOkvCqS7OToUc
+fOJAlKHCndqBnzLoLJHU2ozrqgz8SU0Iv1CPW6YXLtRFFX3K9WUvX7XNTonh+oWS
+6IGifWnVcYh2N5peUuNVT4heD4QfIDpCvjwUAp2IWr1GnEjvjhPaHialRotHhfCi
+t3T0F58IhFQ6+CLQwE57Yd+7zGbc7osqTe1hbiK2wcciTuajmGZyfev8atFey+Y5
+N/7jD3U0a6u4Z+DyGcc08Pj94cM5AJ7SA45LKwt6xhmGLzhemmdGLJLNAgMBAAGj
+gekwgeYwHQYDVR0OBBYEFMGs0F0ycvMIQgM6oTyOBrxzjCPKMIGpBgNVHSMEgaEw
+gZ6AFMGs0F0ycvMIQgM6oTyOBrxzjCPKoXukeTB3MQswCQYDVQQGEwJVUzETMBEG
+A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEPMA0GA1UE
+CgwGQmFkU1NMMSowKAYDVQQDDCFCYWRTU0wgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRo
+b3JpdHmCCQDIpsaR0vuIUTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAgEAeZzR9GKvTRiKfRqCzjhylk+7IbymWjxNTc2LQ3+O6lww
+kw6Z2ybzvR3i/IZ7Hw+DBo1MXku9qHW/1uKR2BssoLHU1p1iHCBrZ1nw9MXxqXa3
+PhgxUZZu39NdXFc12fY/SYP8XQkNVzQCNouOvb75hj087ZDHvGztHIaB3VNUs1p+
+qMvGm8RVUGfDDqynUBZ814N32eCu+13N+dGL7yxASzD6Y3/myhVjixUuoUG3zFTW
+NnIWspbC8MxhP/3QUMYi4KJM4KDiJQxPhGkMBwlhgAz/QPEJApKq0Cl0Reez7Gyd
+KdnrqvCKhf8K53Su8L1GeRvzzKb7Hi+kMWIZVJPGz2DHgOymP5RCsIuWG6cDgx5E
+3LfZYEPG63ezj+qMZmkdEMnD9SVBi85dOTOJ+OJgxxX2OahUKPUdDP89ZmHdOjR9
+CqUxnA+eqRNz1TajnjRFXir3/20SoBtrHBck3bxpmZwsF7A6Sg5RdlvQjK2Oy6g0
+9LrkPUgu9O/sBfz8uyG/HlQD7EuUNo0NQHqznnde3T+w5wY2vL3XUAl39qcpNPF6
+auCS8+aygYYmCUooZVzKlXGU3VUPGwcfmLE4gnPLT0+pnHtBS8tKLOzXAJjYQ3s+
+QpP3aO4lJvoZ6Oes/JRxNPW8dmaLxTKPqsaPEWWuoSYr0higPTBXQNg+++PYRY4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB8jCCAVugAwIBAgIJAP3GpXchIMWHMA0GCSqGSIb3DQEBCwUAMBExDzANBgNV
+BAsMBkdFRURHRTAgFw0yMDAzMDkxNjEyNTlaGA8yMDUwMDMwMjE2MTI1OVowETEP
+MA0GA1UECwwGR0VFREdFMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCraZpH
+Fca2Iu+9E9HzKbEi2Akdk4RrUJxkQjB2Tr7fGxwPDXqdGvSoXDdgnSA0I0bbNqMs
+drgiCWimjnGiWfY0sssKg7plNTQ4i7Zz7P9Isyf6TuxvB09CzdhH2FQ3lLRTb8pv
+BA0E28CCYiZhtX1/3RlDSvxaRKOM3yEt0q+FRQIDAQABo1AwTjAdBgNVHQ4EFgQU
+NqrpSlpCuMBJlCLZEE/D5ZpBy8swHwYDVR0jBBgwFoAUNqrpSlpCuMBJlCLZEE/D
+5ZpBy8swDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQBsybFxUAjzhJ5H
+VbSLhyillxtAJ3vEKtLrMVnAgRUEwamyu1JQGndF9kh8RapSmHhmuZM9iTc+NsNb
+DKGKmEOY0vQMw83xE7EGYj4Nhww9UMyGglmTLbd3yB+uJA97beNVduU2mifDHGmN
+4buMiPl3AozGRl9p5UCzZM5XxMMw1A==
+-----END CERTIFICATE-----
--- a/roles/tsg-diagnose_sync_ca/tasks/main.yml
+++ b/roles/tsg-diagnose_sync_ca/tasks/main.yml
@@ -0,0 +1,15 @@
+- name: "tsg-diagnose: rsync badssl ca certs"
+  shell: rsync -avzP --delete 192.168.100.1::blade0toother /tmp/sync/
+  ignore_errors: true
+
+- name: "tsg-diagnose: add badssl ca file to tfe tls-ca-bundle"
+  shell: cat /tmp/sync/ca-root.crt > /opt/tsg/tfe/resource/tfe/tsg_diagnose_ca.pem && cat /tmp/sync/wpr_cert.pem >> /opt/tsg/tfe/resource/tfe/tsg_diagnose_ca.pem
+  ignore_errors: true
+  register: result_tsg_diagnose_sync_cert_shell
+
+- name: "Tsg-diagnose:copy cert file to device"
+  copy:
+    src: '{{ role_path }}/files/tsg_diagnose_ca.pem'
+    dest: /opt/tsg/tfe/resource/tfe/
+  when: result_tsg_diagnose_sync_cert_shell.rc==1
+
--- a/roles/tsg_app/files/app_control_plug-1.0.10.8f8be82-2.el7.x86_64.rpm
+++ b/roles/tsg_app/files/app_control_plug-1.0.10.8f8be82-2.el7.x86_64.rpm
--- a/roles/tsg_app/files/app_control_plug-1.0.3.447fc53-2.el7.x86_64.rpm
+++ b/roles/tsg_app/files/app_control_plug-1.0.3.447fc53-2.el7.x86_64.rpm
--- a/roles/tsg_app/files/app_master-1.0.5.5a4fb22-2.el7.x86_64.rpm
+++ b/roles/tsg_app/files/app_master-1.0.5.5a4fb22-2.el7.x86_64.rpm
--- a/roles/tsg_app/files/app_master-1.0.9.2a34d9e-2.el7.x86_64.rpm
+++ b/roles/tsg_app/files/app_master-1.0.9.2a34d9e-2.el7.x86_64.rpm
--- a/roles/tsg_app/tasks/main.yml
+++ b/roles/tsg_app/tasks/main.yml
@@ -11,8 +11,8 @@
    skip_broken: yes
  vars:
    app_packages:
-      - /tmp/ansible_deploy/app_master-1.0.5.5a4fb22-2.el7.x86_64.rpm
-      - /tmp/ansible_deploy/app_control_plug-1.0.3.447fc53-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/app_master-1.0.9.2a34d9e-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/app_control_plug-1.0.10.8f8be82-2.el7.x86_64.rpm
      - /tmp/ansible_deploy/app_proto_identify-1.0.5.5c5342a-2.el7.x86_64.rpm
      - /tmp/ansible_deploy/app_sketch_local-1.0.4.0edaf58-2.el7.x86_64.rpm
  when: tsg_app_enable == 1
--- a/roles/tsg_master/files/tsg_master-3.3.15.7ddb2f1-2.el7.x86_64.rpm
+++ b/roles/tsg_master/files/tsg_master-3.3.15.7ddb2f1-2.el7.x86_64.rpm
--- a/roles/tsg_master/files/tsg_master-3.3.17.d56c559-2.el7.x86_64.rpm
+++ b/roles/tsg_master/files/tsg_master-3.3.17.d56c559-2.el7.x86_64.rpm
--- a/roles/tsg_master/tasks/main.yml
+++ b/roles/tsg_master/tasks/main.yml
@@ -6,6 +6,6 @@
 - name: "install tsg_master from localhost"
  yum:
    name:
-      - /tmp/ansible_deploy/tsg_master-3.3.15.7ddb2f1-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/tsg_master-3.3.17.d56c559-2.el7.x86_64.rpm
    state: present
    skip_broken: yes
Author	SHA1	Message	Date
fumingwei	f8d24abd4c	修改自检部署脚本位置	2021-02-08 09:23:58 +08:00
fumingwei	bd3bcd1e91	添加自检安装部署	2021-02-08 09:21:47 +08:00
fumingwei	41f8a0c8da	更新tsg_master，sapp，libmaatframe，tfe，app_control_plug，app_master rpm包	2021-02-07 19:47:38 +08:00