1、将sapp的配置文件分成两步作用于container,第一步作用于dockerfile的执行，第二步作用于镜像启动时文件的映射

2、增加docker-compose 执行时生成镜像的操作
2021-03-11 11:51:33 +08:00
parent 103ba64265
commit 4118b841f2
19 changed files with 716 additions and 83 deletions
--- a/config/framework/framework.conf
+++ b/config/framework/framework.conf
@@ -1 +0,0 @@
-/opt/MESA/lib/
--- a/config/sapp_run/conf/capture_packet_plug.conf
+++ b/config/sapp_run/conf/capture_packet_plug.conf
@@ -0,0 +1,28 @@
+[MAAT]
+MAAT_MODE=2
+#EFFECTIVE_FLAG=
+STAT_SWITCH=1
+PERF_SWITCH=1
+TABLE_INFO=conf/capture_packet_tableinfo.conf
+STAT_FILE=capture_packet_maat.status
+EFFECT_INTERVAL_S=1
+REDIS_IP=192.168.4.72
+REDIS_PORT_NUM=1
+REDIS_PORT=7002
+REDIS_INDEX=0
+JSON_CFG_FILE=conf/capture_packet_maat.json
+INC_CFG_DIR=capture_packet_rule/inc/index/
+FULL_CFG_DIR=capture_packet_rule/full/index/
+EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
+
+ACCEPT_TAGS={"tags":[{"tag":"data_center","value":"beijing"}]}
+
+[LOG]
+NIC_NAME=eth0
+BROKER_LIST="127.0.0.1"
+FIELD_FILE=conf/capture_packet_log_field.conf
+
+[SYSTEM]
+LOG_LEVEL=10
+LOG_PATH=./tsglog/capture_packet_plug/capture_packet
+
--- a/config/sapp_run/etc/sapp.toml
+++ b/config/sapp_run/etc/sapp.toml
@@ -0,0 +1,145 @@
+###################################################################################################
+# NOTE:
+#    The format of this file is toml (https://github.com/cktan/tomlc99)
+#    to make vim editor display colorful easier to read, 
+#    you can create a symbolic links named sapp.ini to sapp.toml, ln -sf sapp.toml sapp.ini
+###################################################################################################
+
+[SYSTEM]
+instance_name = "sapp_v4.0"
+
+[CPU]
+worker_threads=4
+### note, bind_mask, if you do not want to bind thread to special CPU core, keep it empty as []
+bind_mask=[1,2,3,4]
+[MEM]
+dictator_enable=1
+
+[PACKET_IO]
+    [overlay_tunnel_definition]
+    l2_l3_tunnel_support=1
+    [packet_io.feature]
+    inbound_route_dir=1
+#inject_mode_inline_device_sport=54789
+### note, depolyment.mode options: [mirror, inline, transparent, dumpfile]
+  [packet_io.depolyment]
+  mode=mirror
+
+### note, interface.type options: [pag,pcap,marsio]
+  [packet_io.internal.interface]
+  type=pcap
+  name=eth0
+
+  [packet_io.external.interface]
+  type=pcap
+  name=eth0
+
+[STREAM]
+### note, stream_id_base_time format is "%Y-%m-%d %H:%M:%S" 
+stream_id_base_time="2018-08-08 08:08:08"
+    [stream.tcp]
+max=10000
+timeout=60
+syn_mandatory=1
+reorder_pkt_max=50
+    analyse_option_enabled=1
+tuple4_reuse_time_interval=10
+
+meaningful_statistics_minimum_pkt=3
+meaningful_statistics_minimum_byte=5
+    
+        [stream.tcp.inject]
+        link_mss=1460
+	  
+        [stream.tcp.inject.rst]
+auto_remedy=0
+number=1
+        signature_enabled=1
+        signature_seed1=65535
+        signature_seed2=13
+        remedy_kill_tcp_by_inline_device=0
+	
+    [stream.udp]
+max=10000
+timeout=30
+meaningful_statistics_minimum_pkt=3
+meaningful_statistics_minimum_byte=5
+    
+
+[PROFILING]
+[profiling.pkt_latency]
+enabled=0
+### note, threshold unit is microseconds (us)
+    threshold=1000000
+	
+    [profiling.sanity_check]
+    raw_pkt_broken_enabled=0
+    symbol_conflict_enabled=0
+  
+    [profiling.log]
+    level=30
+    interval=5
+    
+        [profiling.log.local]
+enabled=1
+### note, if "file_truncate_open_enabled=1", file will be truncated, otherwise open the file for appending.	 
+        file_truncate_enabled = 1
+        log_file_name = "fs2_sysinfo.log"
+        log_conf_name = "etc/sapp_log.conf"
+     
+        [profiling.log.remote]
+enabled=0
+        server_ip="192.168.11.90"
+        server_port=8126
+
+        [profiling.log.remote.field_stat2]
+### note, is valid when "remote_send_out_type=field_stat2"	 
+### note, metric_type option value: [default, json]
+        metric_type = default
+        app_name=sapp
+
+		[profiling.log.prometheus]
+		prometheus_enabled=1
+        prometheus_port=9273
+        prometheus_url_path="/metrics"
+     
+[TOOLS]
+[tools.pkt_dump]
+enabled=1
+### note, mode options value:[storage, udp_socket]
+mode=udp_socket
+    BSD_packet_filter=""
+   
+        [tools.pkt_dump.threads]
+### note, if you want enable pkt dump in all thread, set dump_thread_all_enabled=1, then 'dump_thread_id' is obsoleted.
+###       if dump_thread_all_enabled=0, then use dump_thread_id to specify separate specified thread index.
+        all_threads_enabled=1
+   
+### note, dump_thread_id start from 0, max is CPU.worker_threads-1
+        dump_thread_id=[0,1,2,3,4]
+   
+        [tools.pkt_dump.udp]
+        command_port=12345
+
+        [tools.pkt_dump.storage]
+### note, file path must be double quotation mark extension, for example,  path="/dev/shm/pkt_dump"
+        path="/dev/shm/pkt_dump"
+### note, file size unit: MB
+        file_size_max_per_thread=10000 
+
+### note:
+### These configurations format is complex and difficult to describe with toml grammar,
+### so, create a Independent config file to description specific information.
+[SPECIAL_CONFIG_LINK]	 
+    project_list_path="./etc/project_list.conf"
+    plugin_path="./etc/plugin.conf"
+    entrylist_path="./etc/entrylist.conf"
+    send_raw_pkt_path="./etc/send_raw_pkt.conf"
+    vxlan_sport_service_map_path="./etc/vxlan_sport_service_map.conf"
+
+[breakpad]
+    disable_coredump=0
+    enable_breakpad=0
+    breakpad_minidump_dir="/tmp/crashreport"
+    enable_breakpad_upload=0
+    breakpad_upload_url="http://127.0.0.1/"
--- a/config/sapp_run/etc/sapp_log.conf
+++ b/config/sapp_run/etc/sapp_log.conf
@@ -0,0 +1,14 @@
+[global]
+default format = "%d(%c), %V, %U, %m%n"
+[levels]
+DEBUG=10
+INFO=20
+FATAL=30
+[formats]
+other = "%d(%c), %V, %F, %U, %m%n"
+plugin = "%d(%c), %m%n"
+[rules]
+__log_runtimelog.info    "./log/runtimelog.%d(%F)"
+__log_runtimelog_plugin.fatal    >stdout; plugin
+__log_runtimelog_plugin.info    "./log/plugin.log.%d(%F)"; plugin
+!.*    "./log/%c.%d(%F)"; other
--- a/config/sapp_run/tsgconf/maat.conf
+++ b/config/sapp_run/tsgconf/maat.conf
@@ -0,0 +1,50 @@
+[STATIC]
+MAAT_MODE=2
+STAT_SWITCH=1
+PERF_SWITCH=1
+TABLE_INFO=tsgconf/tsg_static_tableinfo.conf
+STAT_FILE=tsg_static_maat.status
+EFFECT_INTERVAL_S=1
+REDIS_IP=192.168.44.72
+REDIS_PORT_NUM=1
+REDIS_PORT=7002
+REDIS_INDEX=0
+JSON_CFG_FILE=tsgconf/tsg_maat.json
+INC_CFG_DIR=tsgrule/inc/index/
+FULL_CFG_DIR=tsgrule/full/index/
+EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
+
+[DYNAMIC]
+MAAT_MODE=2
+STAT_SWITCH=1
+PERF_SWITCH=1
+TABLE_INFO=tsgconf/tsg_dynamic_tableinfo.conf
+STAT_FILE=tsg_dynamic_maat.status
+EFFECT_INTERVAL_S=1
+REDIS_IP=192.168.44.72
+REDIS_PORT_NUM=1
+REDIS_PORT=7002
+REDIS_INDEX=1
+JSON_CFG_FILE=tsgconf/tsg_maat.json
+INC_CFG_DIR=tsgrule/inc/index/
+FULL_CFG_DIR=tsgrule/full/index/
+EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
+
+[APP_SIGNATURE_MAAT]
+MAAT_MODE=2
+STAT_SWITCH=1
+PERF_SWITCH=1
+TABLE_INFO=tsgconf/app_sketch_tableinfo.conf
+STAT_FILE=app_sketch_maat.status
+EFFECT_INTERVAL_S=1
+REDIS_IP=192.168.44.72
+REDIS_PORT_NUM=1
+REDIS_PORT=7002
+REDIS_INDEX=0
+JSON_CFG_FILE=tsgconf/app_sketch_maat.json
+INC_CFG_DIR=tsgrule/inc/index/
+FULL_CFG_DIR=tsgrule/full/index/
+EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
+
+[MAAT]
+ACCEPT_TAGS={"tags":[{"tag":"device_id","value":"device_1"}]}
--- a/config/sapp_run/tsgconf/main.conf
+++ b/config/sapp_run/tsgconf/main.conf
@@ -0,0 +1,100 @@
+[VOIP_PLUG]
+TABLE_TO=TSG_FIELD_SIP_TO
+TABLE_FROM=TSG_FIELD_SIP_FROM
+TIMEOUT=300
+LOG_PATH=./tsglog/fw_voip_plug/fw_voip_plug
+LOG_LEVEL=10
+[HTTP_PLUG]
+LOG_PATH=./tsglog/fw_http_plug/fw_http_plug
+LOG_LEVEL=10
+
+[DNS_PLUG]
+LOG_PATH=./tsglog/fw_dns_plug/fw_dns_plug
+LOG_LEVEL=10
+
+[FTP_PLUG]
+TIMEOUT=600
+LOG_PATH=./tsglog/fw_ftp_plug/fw_ftp_plug
+LOG_LEVEL=10
+
+[MAIL_PLUG]
+TIMEOUT=3600
+LOG_PATH=./tsglog/fw_mail_plug/fw_mail_plug
+LOG_LEVEL=10
+
+[QUIC_PLUG]
+LOG_PATH=./tsglog/fw_quic_plug/fw_quic_plug
+LOG_LEVEL=10
+
+[CONTROL_PLUG]
+LOG_PATH=./tsglog/app_control_plug/app_control_plug
+LOG_LEVEL=10
+
+[TSG_CONN_SKETCH]
+log_service=2
+min_pkts=0
+min_bytes=0
+sendlog_in_tcp_close=0
+local_binary_prefix=./tsglog/
+local_url_ip=192.168.40.161
+record_http_session_num=0
+record_http_content_type_num = 1
+record_http_content_type=["text"]
+
+[MAAT]
+PROFILE=./tsgconf/maat.conf
+IP_ADDR_TABLE=TSG_SECURITY_ADDR
+SUBSCRIBER_ID_TABLE=TSG_OBJ_SUBSCRIBER_ID
+CB_SUBSCRIBER_IP_TABLE=TSG_DYN_SUBSCRIBER_IP
+
+[TSG_LOG]
+MODE=1
+NIC_NAME=eth0
+LOG_LEVEL=10
+LOG_PATH=./tsglog/tsglog
+BROKER_LIST=192.168.44.11:9092,192.168.44.14:9092,192.168.44.15:9092
+COMMON_FIELD_FILE=tsgconf/tsg_log_field.conf
+
+[STATISTIC]
+CYCLE=5
+TELEGRAF_PORT=8100
+TELEGRAF_IP=127.0.0.1
+OUTPUT_PATH=./tsg_statistic.log
+APP_NAME=statistic
+
+[FIELD_STAT]
+CYCLE=5
+TELEGRAF_PORT=8100
+TELEGRAF_IP=127.0.0.1
+OUTPUT_PATH=./tsg_stat.log
+APP_NAME=tsg_master
+
+[SYSTEM]
+ENTRANCE_ID=4
+LOG_LEVEL=10
+LOG_PATH=./tsglog/tsg_master
+POLICY_PRIORITY_LABEL=POLICY_PRIORITY
+DEVICE_ID_COMMAND=hostname | awk -F'-' '{print $3}'| awk -F'ADC' '{print $2}'
+
+[HOS_CONF]
+hos_serverip=192.168.40.223
+hos_serverport=9098
+hos_accesskeyid="default"
+hos_secretkey="default"
+hos_poolsize=100
+hos_thread_sum=64
+hos_cache_size=102400
+hos_fs2_serverip=127.0.0.1
+hos_fs2_serverport=10086
+
+[APP_SKETCH_LOCAL]
+LOG_LEVEL=10
+LOG_PATH="./tsglog/app_sketch_local/app_sketch_local"
+L7_PROTOCOL_LABEL="BASIC_PROTO_LABEL"
+
+[APP_SKETCH_FEEDBACK]
+QOS=1
+PUBLISH_TOPIC=APP_SIGNATURE_ID
+#CLIENT_ID=
+BROKER_LIST=tcp://192.168.40.161:1883
+