更新rpm

deploy.yml

@@ -9,7 +9,6 @@
   roles:
     - framework
     - kernel-ml
-    - telegraf_collect
 
 - hosts: adc_mxn
   remote_user: root
@@ -115,7 +114,6 @@
     - cert-redis
     - tfe
     - telegraf_statistic
-    - telegraf_collect
     - proxy_status
 #    - tsg_device_tag
     - reboot

install_config/group_vars/server_as_tun_mode.yml

@@ -60,7 +60,7 @@ pangu_log_level: DEBUG
 doh_log_level: DEBUG
 
 certstore_log_level: 10
-packet_dump_log_level: 10
+clotho_log_level: 10
 
 #########################################
 #Sapp Performance Config

roles/app_global/tasks/main.yml

@@ -7,7 +7,7 @@
   yum:
     name:
       - /tmp/ansible_deploy/emqx-centos7-v4.1.2.x86_64.rpm
-      - /tmp/ansible_deploy/app-sketch-global-1.0.3.202010.a7b2e40-1.el7.x86_64.rpm
+      - /tmp/ansible_deploy/app-sketch-global-1.0.2.20200918.ab44d17-1.el7.x86_64.rpm
     state: present
 
 - name: "template the app_sketch_global.conf"
@@ -25,12 +25,9 @@
     name: emqx.service
     state: started
     enabled: yes
-    daemon_reload: yes
-    
 
 - name: "Start app-sketch-global"
   systemd:
     name: app-sketch-global.service
     state: started
     enabled: yes
-    daemon_reload: yes

roles/certstore/files/memory.conf

@@ -1,2 +0,0 @@
-[Service]
-MemoryMax=10G

roles/certstore/tasks/main.yml

@@ -10,7 +10,7 @@
 - name: install certstore
   yum:
     name:
-      - /tmp/ansible_deploy/certstore-2.1.3.202010.81eef83-1.el7.x86_64.rpm
+      - /tmp/ansible_deploy/certstore-2.1.2.20200923.a36312c-1.el7.x86_64.rpm
     state: present
 
 - name: template certstore configure file
@@ -23,12 +23,6 @@
     src: "{{ role_path }}/templates/zlog.conf.j2"
     dest: /opt/tsg/certstore/conf/zlog.conf
 
-- name: "copy memory limit file to certstore.service.d"
-  copy:
-    src: "{{ role_path }}/files/memory.conf"
-    dest: /etc/systemd/system/certstore.service.d/
-    mode: 0644
-
 - name: "start certstore"
   systemd:
     name: certstore.service

roles/firewall/tasks/main.yml

@@ -11,7 +11,7 @@
     skip_broken: yes
   vars:
     fw_packages:
-      - /tmp/ansible_deploy/capture_packet_plug-3.0.3.cc6f3cf-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/capture_packet_plug-3.0.4.42574b7-2.el7.x86_64.rpm
       - /tmp/ansible_deploy/conn_telemetry-1.0.2.8d6da43-2.el7.x86_64.rpm
       - /tmp/ansible_deploy/dns-2.0.9.b639626-2.el7.x86_64.rpm
       - /tmp/ansible_deploy/ftp-1.0.8.13d5fda-2.el7.x86_64.rpm

roles/firewall/templates/main.conf.j2

@@ -1,55 +1,57 @@
 [FTP_PLUG]
-LOG_PATH=./tsglog/fw_ftp_plug/fw_ftp_plug
+LOG_PATH="./tsglog/fw_ftp_plug/fw_ftp_plug"
 LOG_LEVEL={{ fw_ftp_log_level }}
 TIMEOUT=600
 
 [MAIL_PLUG]
-LOG_PATH=./tsglog/fw_mail_plug/fw_mail_plug
+LOG_PATH="./tsglog/fw_mail_plug/fw_mail_plug"
 LOG_LEVEL={{ fw_mail_log_level }}
 TIMEOUT=600
 
 [HTTP_PLUG]
-LOG_PATH=./tsglog/fw_http_plug/fw_http_plug
+LOG_PATH="./tsglog/fw_http_plug/fw_http_plug"
 LOG_LEVEL={{ fw_http_log_level }}
 
 [DNS_PLUG]
-LOG_PATH=./tsglog/fw_dns_plug/fw_dns_plug
+LOG_PATH="./tsglog/fw_dns_plug/fw_dns_plug"
 LOG_LEVEL={{ fw_dns_log_level }}
 
 [QUIC_PLUG]
-LOG_PATH=./tsglog/fw_quic_plug/fw_quic_plug
+LOG_PATH="./tsglog/fw_quic_plug/fw_quic_plug"
 LOG_LEVEL={{ fw_quic_log_level }}
 
 [MAAT]
-PROFILE=./tsgconf/maat.conf
-SUBSCRIBER_ID_TABLE=TSG_OBJ_SUBSCRIBER_ID
-CB_SUBSCRIBER_IP_TABLE=TSG_DYN_SUBSCRIBER_IP
-IP_ADDR_TABLE=TSG_SECURITY_ADDR
+PROFILE="./tsgconf/maat.conf"
+SUBSCRIBER_ID_TABLE="TSG_OBJ_SUBSCRIBER_ID"
+CB_SUBSCRIBER_IP_TABLE="TSG_DYN_SUBSCRIBER_IP"
+IP_ADDR_TABLE="TSG_SECURITY_ADDR"
 
 [TSG_LOG]
 MODE=1
-NIC_NAME={{ nic_mgr.name }}
+NIC_NAME="{{ nic_mgr.name }}"
 MAX_SERVICE=1
 LOG_LEVEL={{ tsg_log_level }}
-LOG_PATH=./tsglog/tsglog
-BROKER_LIST={{ log_kafkabrokers.address }}
-COMMON_FIELD_FILE=tsgconf/tsg_log_field.conf
+LOG_PATH="./tsglog/tsglog"
+BROKER_LIST="{{ log_kafkabrokers.address }}"
+COMMON_FIELD_FILE="tsgconf/tsg_log_field.conf"
 
 [STATISTIC]
 CYCLE=5
 TELEGRAF_PORT=8100
-TELEGRAF_IP=127.0.0.1
-OUTPUT_PATH=./tsg_statistic.log
-APP_NAME=statistic
+TELEGRAF_IP="127.0.0.1"
+OUTPUT_PATH="./tsg_statistic.log"
+APP_NAME="statistic"
 
 [FIELD_STAT]
 CYCLE=5
 TELEGRAF_PORT=8100
-TELEGRAF_IP=127.0.0.1
-OUTPUT_PATH=./tsg_stat.log
-APP_NAME=tsg_master
+TELEGRAF_IP="127.0.0.1"
+OUTPUT_PATH="./tsg_stat.log"
+APP_NAME="tsg_master"
 
 [SYSTEM]
+ENTRANCE_ID={{ tsg_master_entrance_id }}
 LOG_LEVEL={{ tsg_master_log_level }}
-LOG_PATH=./tsglog/tsg_master
-POLICY_PRIORITY_LABEL=POLICY_PRIORITY
+LOG_PATH="./tsglog/tsg_master"
+POLICY_PRIORITY_LABEL="POLICY_PRIORITY"
+DEVICE_ID_COMMAND="hostname | awk -F'-' '{print $3}'| awk -F'ADC' '{print $2}'"

roles/framework/tasks/main.yml

@@ -12,7 +12,7 @@
     packages:
       - /tmp/ansible_deploy/libcjson-1.7.10.ab2896f-2.el7.x86_64.rpm
       - /tmp/ansible_deploy/libdocumentanalyze-2.0.6.2d1abe0-2.el7.x86_64.rpm
-      - /tmp/ansible_deploy/libmaatframe-3.1.1.b6ea144-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/libmaatframe-3.1.3.4fbcf21-2.el7.x86_64.rpm
       - /tmp/ansible_deploy/libMESA_field_stat-1.0.2.6d45eed-2.el7.x86_64.rpm
       - /tmp/ansible_deploy/libMESA_field_stat2-2.9.4.4e2dd78-2.el7.x86_64.rpm
       - /tmp/ansible_deploy/libMESA_handle_logger-2.0.7.cb4ad71-2.el7.x86_64.rpm
@@ -24,7 +24,7 @@
       - /tmp/ansible_deploy/libwiredcfg-2.0.6.67ae0ab-2.el7.x86_64.rpm
       - /tmp/ansible_deploy/libWiredLB-2.0.5.4629165-2.el7.x86_64.rpm
       - /tmp/ansible_deploy/lz4-1.7.5-3.el7.x86_64.rpm
-      - /tmp/ansible_deploy/libbreakpad_mini-1.0.1.cb61125-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/libbreakpad_mini-1.0.2.a56ef00-2.el7.x86_64.rpm
 
 - name: "mkdir /etc/ld.so.conf.d/"
   file:

roles/kni/tasks/main.yml

@@ -7,7 +7,7 @@
 - name: "install kni rpms from localhost"
   yum:
     name:
-      - /tmp/ansible_deploy/kni-20.10.20201019.3f20d93-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/kni-20.10.20201014.6d458ba-1.el7.x86_64.rpm
     state: present
 
 - name: Template the kni.conf

roles/mrzcpd/files/memory.conf

@@ -1,2 +0,0 @@
-[Service]
-MemoryMax=100G

roles/mrzcpd/tasks/main.yml

@@ -161,18 +161,12 @@
     daemon_reload: yes
   when: nic_traffic_mirror is defined
 
-- name: "copy memory limit file to tfe.service.d"
-  copy:
-    src: "{{ role_path }}/files/memory.conf"
-    dest: /etc/systemd/system/mrzcpd.service.d/
-    mode: 0644
 
 - name: "mask mrzcpd on server_tun_mode"
   systemd:
     name: mrzcpd
     enabled: no
     masked: yes
-    daemon_reload: yes
   when: 
     - tsg_access_type == 0
 
@@ -181,6 +175,5 @@
     name: mrtunnat
     enabled: no
     masked: yes
-    daemon_reload: yes
   when: 
     - tsg_access_type == 0

roles/packet_dump/files/packet_dump.service

@@ -1,19 +0,0 @@
-[Unit]
-Description=packet dump service
-After=After=network.target
-
-[Service]
-Type=fork
-WorkingDirectory=/home/mesasoft/packet_dump
-ExecStart=/home/mesasoft/packet_dump/packet_dump
-TimeoutSec=60s
-RestartSec=10s
-Restart=always
-LimitNOFILE=524288
-LimitNPROC=infinity
-LimitCORE=infinity
-TasksMax=infinity
-Delegate=yes
-
-[Install]
-WantedBy=multi-user.target

roles/packet_dump/tasks/main.yml

@@ -1,6 +1,6 @@
 - name: "copy packet_dump rpm to destination server"
   copy:
-    src: "{{ role_path }}/files/packet_dump-1.0.3.a3f1a99-2.el7.x86_64.rpm"
+    src: "{{ role_path }}/files/packet_dump-1.0.4.82e85d1-2.el7.x86_64.rpm"
     dest: /tmp/ansible_deploy/
 
 - name: "copy  packet_dump.service to destination server"
@@ -12,7 +12,7 @@
 - name: "install packet_dump rpm from localhost"
   yum:
     name:
-      - /tmp/ansible_deploy/packet_dump-1.0.3.a3f1a99-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/packet_dump-1.0.4.82e85d1-2.el7.x86_64.rpm
     state: present
 
 - name: "Template the packet_dump.conf"

roles/packet_dump/templates/packet_dump.conf.j2

@@ -11,4 +11,4 @@ disable_coredump=0
 enable_breakpad=1
 breakpad_minidump_dir=/tmp/packet_dump/crashreport
 enable_breakpad_upload=0
-breakpad_upload_url={{ breakpad_upload_url }}
+breakpad_upload_url={{ breakpad_upload }}

roles/proxy_status/tasks/main.yml

@@ -14,7 +14,7 @@
   copy:
     src: "{{ role_path }}/files/proxy-status.service"
     dest: "/usr/lib/systemd/system/"   
-    mode: 0644
+    mode: 0755  
 
 - name: "enable proxy-status"
   systemd:

roles/sapp/files/memory.conf

@@ -1,2 +0,0 @@
-[Service]
-MemoryMax=100G

roles/sapp/tasks/main.yml

@@ -13,7 +13,7 @@
 - name: "install sapp rpms from localhost"
   yum:
     name:
-      - /tmp/ansible_deploy/sapp-4.1.12.b8f6ea4-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/sapp-4.1.13.ed89137-2.el7.x86_64.rpm
     state: present
     skip_broken: yes
 
@@ -51,13 +51,7 @@
   template:
     src: "{{ role_path }}/templates/sapp.service.j2"
     dest: /usr/lib/systemd/system/sapp.service
-    mode: 0644
-
-- name: "copy memory limit file to sapp.service.d"
-  copy:
-    src: "{{ role_path }}/files/memory.conf"
-    dest: /etc/systemd/system/sapp.service.d/
-    mode: 0644
+    mode: 0755
 
 - name: "enable sapp"
   systemd:

roles/telegraf_collect/tasks/main.yml

@@ -19,7 +19,7 @@
   copy:
     src: "{{ role_path }}/files/telegraf_collect.service"
     dest: /usr/lib/systemd/system
-    mode: 0644
+    mode: 0755
 
 - name: "Start telegraf_collect"
   systemd:

roles/telegraf_collect/templates/telegraf_collect.conf.j2

@@ -1,5 +1,5 @@
 [global_tags]
-	blade = "{{bladename}}"
+	blade = {{bladename}}
 [agent]
 	interval = "5s"
 	round_interval = true

roles/telegraf_statistic/tasks/main.yml

@@ -19,11 +19,10 @@
   copy:
     src: "{{ role_path }}/files/telegraf_statistic.service"
     dest: /usr/lib/systemd/system
-    mode: 0644
+    mode: 0755
 
 - name: "Start telegraf"
   systemd:
     name: telegraf_statistic.service
     state: started
     enabled: yes
-    daemon_reload: yes

roles/telegraf_statistic/templates/telegraf_statistic.conf.j2

@@ -56,4 +56,4 @@
 
 [[outputs.influxdb]]
    urls = ["{{ monitor_outputs_influxdb.url }}"]
-   database = "tsg_stat"
+   database = "tsg_stat

roles/tfe/files/memory.conf

@@ -1,2 +0,0 @@
-[Service]
-MemoryMax=100G

roles/tfe/tasks/main.yml

@@ -8,13 +8,13 @@
   copy:
     src: "{{ role_path }}/files/tfe.service"
     dest: /usr/lib/systemd/system/
-    mode: 0644
+    mode: 0755
  
 - name: "install tfe rpms from localhost"
   yum:
     name:
       - /tmp/ansible_deploy/tfe-kmod-v1.0.5.20200408-1dkms.noarch.rpm
-      - /tmp/ansible_deploy/tfe-4.3.14.13d2607-1.el7.x86_64.rpm
+      - /tmp/ansible_deploy/tfe-4.3.12.be94218-1.el7.x86_64.rpm
     state: present
 
 - name: "template tfe-env config"
@@ -63,12 +63,6 @@
     src: "{{ role_path }}/templates/require-mrzcpd.conf.j2"
     dest: /etc/systemd/system/tfe.service.d/require-mrzcpd.conf
 
-- name: "copy memory limit file to tfe.service.d"
-  copy:
-    src: "{{ role_path }}/files/memory.conf"
-    dest: /etc/systemd/system/tfe.service.d/
-    mode: 0644
-
 - name: "enable tfe-env"
   systemd:
     name: tfe-env

roles/tsg-diagnose/files/memory.conf

@@ -1,2 +0,0 @@
-[Service]
-MemoryMax=100G

roles/tsg-diagnose/tasks/main.yml

@@ -28,12 +28,6 @@
 - name: "tsg-diagnose init certs"
   shell: /bin/sh /opt/tsg/tsg-diagnose/deploy/init_certs/init_badssl_certs.sh
 
-- name: "copy memory limit file to tsg-diagnose.service.d"
-  copy:
-    src: "{{ role_path }}/files/memory.conf"
-    dest: /etc/systemd/system/tsg-diagnose.service.d/
-    mode: 0644
-
 - name: 'Tsg-diagnose service start'
   systemd:
     name: tsg-diagnose

roles/tsg_app/tasks/main.yml

@@ -13,7 +13,7 @@
     app_packages:
       - /tmp/ansible_deploy/app_master-1.0.5.5a4fb22-2.el7.x86_64.rpm
       - /tmp/ansible_deploy/app_control_plug-1.0.3.447fc53-2.el7.x86_64.rpm
-      - /tmp/ansible_deploy/app_proto_identify-1.0.4.fd3ac1a-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/app_proto_identify-1.0.5.5c5342a-2.el7.x86_64.rpm
       - /tmp/ansible_deploy/app_sketch_local-1.0.4.0edaf58-2.el7.x86_64.rpm
   when: tsg_app_enable == 1
 

roles/tsg_master/tasks/main.yml

@@ -6,6 +6,6 @@
 - name: "install tsg_master from localhost"
   yum:
     name:
-      - /tmp/ansible_deploy/tsg_master-3.3.3.46322d0-2.el7.x86_64.rpm
+      - /tmp/ansible_deploy/tsg_master-3.3.4.d27a197-2.el7.x86_64.rpm
     state: present
     skip_broken: yes

uninstall/roles/packet_dump/tasks/main.yml

@@ -1,16 +0,0 @@
-####################
-#Uninstall packet_dump
-- name: "[uninstall packet_dump] stop packet_dump"
-  systemd:
-    name: packet_dump
-    state: stopped
-    enabled: no
-  when: uninstall.packet_dump == 1
-  ignore_errors: true
-
-- name: "[uninstall packet_dump] uninstall packet_dump"
-  yum:
-    name:
-      - "{{ packet_dump }}"
-    state: absent
-  when: uninstall.packet_dump == 1

uninstall/rpm_list.sh

@@ -41,7 +41,6 @@ tfe=`rpm -qa |grep ^tfe-4`
 tfe_kmod=`rpm -qa |grep ^tfe-kmod`
 http_healthcheck=`rpm -qa |grep ^http_healthcheck`
 clotho=`rpm -qa |grep ^clotho`
-packet_dump=`rpm -qa |grep ^packet_dump`
 certstore=`rpm -qa |grep ^certstore`
 
 
@@ -126,9 +125,6 @@ http_healthcheck: $http_healthcheck
 #clotho
 clotho: $clotho
 
-#packet_dump
-packet_dump: $packet_dump
-
 #####################
 #certstore
 certstore: $certstore

uninstall/uninstall_tsg.yml

@@ -17,7 +17,6 @@
     - certstore
     - cert_redis
     - clotho
-    - packet_dump
     - http_healthcheck
     - framework
     - telegraf_statistic
@@ -46,7 +45,6 @@
     - certstore
     - cert_redis
     - clotho
-    - packet_dump
     - http_healthcheck
     - framework
     - telegraf_statistic