From 0185ff568366333582be4b76e18473edd15fd8df Mon Sep 17 00:00:00 2001 From: fumingwei Date: Thu, 24 Jun 2021 10:58:07 +0800 Subject: [PATCH] =?UTF-8?q?bugfix:=E4=BF=AE=E6=94=B9=E5=9B=A0{%=20endraw?= =?UTF-8?q?=20%}=E5=AF=BC=E8=87=B4=E4=B8=A4=E4=B8=AA=E9=85=8D=E7=BD=AE?= =?UTF-8?q?=E9=A1=B9=E5=90=88=E5=B9=B6=E5=88=B0=E4=B8=80=E8=A1=8C=E7=9A=84?= =?UTF-8?q?=E9=94=99=E8=AF=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../certstore/templates/cert_store.ini.j2.j2 | 6 ++++-- .../templates/capture_packet_plug.conf.j2.j2 | 9 ++++++--- ansible/roles/firewall/templates/maat.conf.j2.j2 | 15 ++++++++++----- ansible/roles/firewall/templates/main.conf.j2.j2 | 12 ++++++++---- .../maat-redis/templates/maat-redis.conf.j2.j2 | 9 ++++++--- .../templates/mrglobal.conf.j2.j2.7400MCN0P01R01 | 3 ++- .../templates/mrglobal.conf.j2.j2.9000NPBP01R01 | 3 ++- ...etric_presence_layer.conf.j2.j2.7400MCN0P01R01 | 3 ++- .../templates/conflist.inf.j2.j2.7400MCN0P01R01 | 3 ++- .../necessary_plug_list.conf.j2.j2.7400MCN0P01R01 | 3 ++- ansible/roles/sapp/templates/sapp.toml.j2.j2 | 3 ++- .../vlan_flipping_map.conf.j2.j2.7400MCN0P01R01 | 3 ++- .../templates/telegraf_statistic.conf.j2.j2 | 3 ++- ansible/roles/tfe/templates/pangu_pxy.conf.j2.j2 | 6 ++++-- ansible/roles/tfe/templates/tfe.conf.j2.j2 | 12 ++++++++---- .../templates/tsg_device_tag.json.j2.j2 | 3 ++- 16 files changed, 64 insertions(+), 32 deletions(-) diff --git a/ansible/roles/certstore/templates/cert_store.ini.j2.j2 b/ansible/roles/certstore/templates/cert_store.ini.j2.j2 index e12deb1c..5f1589df 100644 --- a/ansible/roles/certstore/templates/cert_store.ini.j2.j2 +++ b/ansible/roles/certstore/templates/cert_store.ini.j2.j2 @@ -8,7 +8,8 @@ disable_coredump=0 enable_breakpad=1 breakpad_minidump_dir=/tmp/certstore/crashreport enable_breakpad_upload=1 -{% raw %}breakpad_upload_url= {{ sentry_url }}{% endraw %} +{% raw %}breakpad_upload_url= {{ sentry_url }} +{% endraw %} [CONFIG] #Number of running threads thread-nu = 4 @@ -52,7 +53,8 @@ port = 6379 ip = {{ cm_policy_server_ip }} {% raw %}port = {{ cm.policy_server.port_range }} -dbindex = {{ cm.policy_server.db_static }}{% endraw %} +dbindex = {{ cm.policy_server.db_static }} +{% endraw %} [stat] statsd_server=127.0.0.1 statsd_port=8100 diff --git a/ansible/roles/firewall/templates/capture_packet_plug.conf.j2.j2 b/ansible/roles/firewall/templates/capture_packet_plug.conf.j2.j2 index ee637f4b..703adf1a 100644 --- a/ansible/roles/firewall/templates/capture_packet_plug.conf.j2.j2 +++ b/ansible/roles/firewall/templates/capture_packet_plug.conf.j2.j2 @@ -9,17 +9,20 @@ EFFECT_INTERVAL_S=1 REDIS_IP={{ cm_policy_server_ip }} {% raw %}REDIS_PORT_NUM={{ cm.policy_server.port_num }} REDIS_PORT={{ cm.policy_server.port_range }} -REDIS_INDEX={{ cm.policy_server.db_static }}{% endraw %} +REDIS_INDEX={{ cm.policy_server.db_static }} +{% endraw %} JSON_CFG_FILE=conf/capture_packet_maat.json INC_CFG_DIR=capture_packet_rule/inc/index/ FULL_CFG_DIR=capture_packet_rule/full/index/ EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json -{% raw %}ACCEPT_TAGS={"tags":[{"tag":"data_center","value":"{{ data_center.name }}"}]}{% endraw %} +{% raw %}ACCEPT_TAGS={"tags":[{"tag":"data_center","value":"{{ data_center.name }}"}]} +{% endraw %} [LOG] NIC_NAME={{ firewall.capture_packet_plug_conf.LOG.NIC_NAME }} -{% raw %}BROKER_LIST={{ olap.kafka_broker.address_list | join(",") }}{% endraw %} +{% raw %}BROKER_LIST={{ olap.kafka_broker.address_list | join(",") }} +{% endraw %} FIELD_FILE=conf/capture_packet_log_field.conf [SYSTEM] diff --git a/ansible/roles/firewall/templates/maat.conf.j2.j2 b/ansible/roles/firewall/templates/maat.conf.j2.j2 index f9a6f8ce..1aa09f1c 100644 --- a/ansible/roles/firewall/templates/maat.conf.j2.j2 +++ b/ansible/roles/firewall/templates/maat.conf.j2.j2 @@ -9,7 +9,8 @@ EFFECT_INTERVAL_S=1 REDIS_IP={{ cm_policy_server_ip }} {% raw %}REDIS_PORT_NUM={{ cm.policy_server.port_num }} REDIS_PORT={{ cm.policy_server.port_range }} -REDIS_INDEX={{ cm.policy_server.db_static }}{% endraw %} +REDIS_INDEX={{ cm.policy_server.db_static }} +{% endraw %} JSON_CFG_FILE=tsgconf/tsg_maat.json INC_CFG_DIR=tsgrule/inc/index/ FULL_CFG_DIR=tsgrule/full/index/ @@ -26,7 +27,8 @@ EFFECT_INTERVAL_S=1 REDIS_IP={{ cm_policy_server_ip }} {% raw %}REDIS_PORT_NUM={{ cm.policy_server.port_num }} REDIS_PORT={{ cm.policy_server.port_range }} -REDIS_INDEX={{ cm.policy_server.db_dynamic }}{% endraw %} +REDIS_INDEX={{ cm.policy_server.db_dynamic }} +{% endraw %} JSON_CFG_FILE=tsgconf/tsg_maat.json INC_CFG_DIR=tsgrule/inc/index/ FULL_CFG_DIR=tsgrule/full/index/ @@ -42,7 +44,8 @@ EFFECT_INTERVAL_S=1 REDIS_IP={{ cm_policy_server_ip }} {% raw %}REDIS_PORT_NUM={{ cm.policy_server.port_num }} REDIS_PORT={{ cm.policy_server.port_range }} -REDIS_INDEX={{ cm.policy_server.db_static }}{% endraw %} +REDIS_INDEX={{ cm.policy_server.db_static }} +{% endraw %} JSON_CFG_FILE=tsgconf/app_sketch_maat.json INC_CFG_DIR=tsgrule/inc/index/ FULL_CFG_DIR=tsgrule/full/index/ @@ -58,11 +61,13 @@ EFFECT_INTERVAL_S=1 REDIS_IP={{ cm_policy_server_ip }} {% raw %}REDIS_PORT_NUM={{ cm.policy_server.port_num }} REDIS_PORT={{ cm.policy_server.port_range }} -REDIS_INDEX={{ cm.policy_server.db_static }}{% endraw %} +REDIS_INDEX={{ cm.policy_server.db_static }} +{% endraw %} JSON_CFG_FILE=tsgconf/app_sketch_maat.json INC_CFG_DIR=tsgrule/inc/index/ FULL_CFG_DIR=tsgrule/full/index/ EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json [MAAT] -{% raw %}ACCEPT_TAGS={"tags":[{"tag":"data_center","value":"{{ data_center.name }}"}]}{% endraw %} +{% raw %}ACCEPT_TAGS={"tags":[{"tag":"data_center","value":"{{ data_center.name }}"}]} +{% endraw %} diff --git a/ansible/roles/firewall/templates/main.conf.j2.j2 b/ansible/roles/firewall/templates/main.conf.j2.j2 index 754c1290..8c2050b9 100644 --- a/ansible/roles/firewall/templates/main.conf.j2.j2 +++ b/ansible/roles/firewall/templates/main.conf.j2.j2 @@ -43,7 +43,8 @@ NIC_NAME="{{ firewall.main_conf.TSG_LOG.NIC_NAME }}" MAX_SERVICE=1 LOG_LEVEL=30 LOG_PATH="./tsglog/tsglog" -{% raw %}BROKER_LIST="{{ olap.kafka_broker.address_list | join(",") }}"{% endraw %} +{% raw %}BROKER_LIST="{{ olap.kafka_broker.address_list | join(",") }}" +{% endraw %} COMMON_FIELD_FILE="tsgconf/tsg_log_field.conf" [STATISTIC] @@ -62,7 +63,8 @@ APP_NAME="tsg_master" [SYSTEM] NIC_NAME="{{ firewall.main_conf.SYSTEM.NIC_NAME }}" -{% raw %}ENTRANCE_ID={{ data_center.id }}{% endraw %} +{% raw %}ENTRANCE_ID={{ data_center.id }} +{% endraw %} LOG_LEVEL=30 LOG_PATH="./tsglog/tsg_master" POLICY_PRIORITY_LABEL="POLICY_PRIORITY" @@ -79,7 +81,8 @@ live_intervals_time = 30 [HOS_CONF] {% raw %}hos_serverip="{{ olap.hos_server.address }}" -hos_serverport={{ olap.hos_server.port }}{% endraw %} +hos_serverport={{ olap.hos_server.port }} +{% endraw %} hos_accesskeyid="default" hos_secretkey="default" hos_poolsize=100 @@ -97,7 +100,8 @@ QOS=1 PUBLISH_TOPIC="APP_SIGNATURE_ID" #CLIENT_ID= {% raw %}BROKER_IP="{{ app_sketch.broker.address }}" -BROKER_PORT="{{ app_sketch.broker.port }}"{% endraw %} +BROKER_PORT="{{ app_sketch.broker.port }}" +{% endraw %} [APP_PROTO_ENGINE] license_path=/data/app_proto_engine/license \ No newline at end of file diff --git a/ansible/roles/maat-redis/templates/maat-redis.conf.j2.j2 b/ansible/roles/maat-redis/templates/maat-redis.conf.j2.j2 index 5676d263..24b37637 100644 --- a/ansible/roles/maat-redis/templates/maat-redis.conf.j2.j2 +++ b/ansible/roles/maat-redis/templates/maat-redis.conf.j2.j2 @@ -89,7 +89,8 @@ protected-mode no # Accept connections on the specified port, default is 6379 (IANA #815344). # If port 0 is specified Redis will not listen on a TCP socket. -{% raw %}port {{ cm.policy_server.port_range }}{% endraw %} +{% raw %}port {{ cm.policy_server.port_range }} +{% endraw %} # TCP listen() backlog. # # In high requests-per-second environments you need an high backlog in order @@ -154,7 +155,8 @@ supervised no # # Creating a pid file is best effort: if Redis is not able to create it # nothing bad happens, the server will start and run normally. -{% raw %}pidfile /var/run/redis_{{ cm.policy_server.port_range }}.pid{% endraw %} +{% raw %}pidfile /var/run/redis_{{ cm.policy_server.port_range }}.pid +{% endraw %} # Specify the server verbosity level. # This can be one of: # debug (a lot of information, useful for development/testing) @@ -276,7 +278,8 @@ dir /var/lib/redis # network partition slaves automatically try to reconnect to masters # and resynchronize with them. # -{% raw %}slaveof {{ cm_policy_server_ip }} {{ cm.policy_server.port_range }}{% endraw %} +{% raw %}slaveof {{ cm_policy_server_ip }} {{ cm.policy_server.port_range }} +{% endraw %} # If the master is password protected (using the "requirepass" configuration # directive below) it is possible to tell the slave to authenticate before # starting the replication synchronization process, otherwise the master will diff --git a/ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.7400MCN0P01R01 b/ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.7400MCN0P01R01 index d243eb5d..892bdea3 100644 --- a/ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.7400MCN0P01R01 +++ b/ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.7400MCN0P01R01 @@ -19,7 +19,8 @@ vlan-id-allow={{ mrzcpd_vlanid_allow_list | join(",") }},4000,4001 {% endif %} {% if npb_device == 'direct' %} vlan-id-allow=1000,1001,2000,2001,4000,4001 -{% endif %}{% endraw %} +{% endif %} +{% endraw %} jumbo_frame=1 max_rx_pkt_len=15360 clear_tx_flags=1 diff --git a/ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.9000NPBP01R01 b/ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.9000NPBP01R01 index 7fa71c79..9f62c349 100644 --- a/ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.9000NPBP01R01 +++ b/ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.9000NPBP01R01 @@ -8,7 +8,8 @@ mtu=4096 clear_tx_flags=1 hw_strip_crc=1 vlan-strip=1 -{% raw %}in_addr=10.253.{{ keepalive_subnet_ip }}.1{% endraw %} +{% raw %}in_addr=10.253.{{ keepalive_subnet_ip }}.1 +{% endraw %} in_mask=255.255.0.0 rssmode=0 diff --git a/ansible/roles/sapp/templates/asymmetric_presence_layer.conf.j2.j2.7400MCN0P01R01 b/ansible/roles/sapp/templates/asymmetric_presence_layer.conf.j2.j2.7400MCN0P01R01 index 0c1ce6b7..430547fc 100644 --- a/ansible/roles/sapp/templates/asymmetric_presence_layer.conf.j2.j2.7400MCN0P01R01 +++ b/ansible/roles/sapp/templates/asymmetric_presence_layer.conf.j2.j2.7400MCN0P01R01 @@ -3,4 +3,5 @@ {% raw %}{% if npb_device == 'tera' %} mpls ethernet[0] ipv4[1] mpls ethernet[0] ipv6[1] -{% endif %}{% endraw %} +{% endif %} +{% endraw %} diff --git a/ansible/roles/sapp/templates/conflist.inf.j2.j2.7400MCN0P01R01 b/ansible/roles/sapp/templates/conflist.inf.j2.j2.7400MCN0P01R01 index afc260d4..8b6b6161 100644 --- a/ansible/roles/sapp/templates/conflist.inf.j2.j2.7400MCN0P01R01 +++ b/ansible/roles/sapp/templates/conflist.inf.j2.j2.7400MCN0P01R01 @@ -31,4 +31,5 @@ ./plug/business/gtp_signaling_plug/gtp_signaling_plug.inf {% raw %}{% if npb_device == 'tera' %} ./plug/business/http_healthcheck/http_healthcheck.inf -{% endif %}{% endraw %} \ No newline at end of file +{% endif %} +{% endraw %} \ No newline at end of file diff --git a/ansible/roles/sapp/templates/necessary_plug_list.conf.j2.j2.7400MCN0P01R01 b/ansible/roles/sapp/templates/necessary_plug_list.conf.j2.j2.7400MCN0P01R01 index abaa67e1..327adeb0 100644 --- a/ansible/roles/sapp/templates/necessary_plug_list.conf.j2.j2.7400MCN0P01R01 +++ b/ansible/roles/sapp/templates/necessary_plug_list.conf.j2.j2.7400MCN0P01R01 @@ -31,4 +31,5 @@ ./plug/platform/app_proto_engine/app_proto_engine.inf {% raw %}{% if npb_device == 'tera' %} ./plug/business/http_healthcheck/http_healthcheck.inf -{% endif %}{% endraw %} \ No newline at end of file +{% endif %} +{% endraw %} \ No newline at end of file diff --git a/ansible/roles/sapp/templates/sapp.toml.j2.j2 b/ansible/roles/sapp/templates/sapp.toml.j2.j2 index 0d2cd4e4..7a5944db 100644 --- a/ansible/roles/sapp/templates/sapp.toml.j2.j2 +++ b/ansible/roles/sapp/templates/sapp.toml.j2.j2 @@ -196,7 +196,8 @@ dictator_enable=1 enable_breakpad=1 breakpad_minidump_dir="/tmp/crashreport" enable_breakpad_upload=1 -{% raw %} breakpad_upload_url="{{ sentry_url }}"{% endraw %} +{% raw %} breakpad_upload_url="{{ sentry_url }}" +{% endraw %} ### note: ### These configurations format is complex and difficult to describe with toml grammar, diff --git a/ansible/roles/sapp/templates/vlan_flipping_map.conf.j2.j2.7400MCN0P01R01 b/ansible/roles/sapp/templates/vlan_flipping_map.conf.j2.j2.7400MCN0P01R01 index de4a4aab..bd48b108 100644 --- a/ansible/roles/sapp/templates/vlan_flipping_map.conf.j2.j2.7400MCN0P01R01 +++ b/ansible/roles/sapp/templates/vlan_flipping_map.conf.j2.j2.7400MCN0P01R01 @@ -14,5 +14,6 @@ 1000 1001 0 2000 2001 0 {% endif %} -{% endif %}{% endraw %} +{% endif %} +{% endraw %} 4000 4001 0 diff --git a/ansible/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2.j2 b/ansible/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2.j2 index fd2261c0..0d54f1d9 100644 --- a/ansible/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2.j2 +++ b/ansible/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2.j2 @@ -22,7 +22,8 @@ rotation_max_archives = 5 [[outputs.kafka]] -{% raw %} brokers = [ "{{ olap.kafka_broker.address_list | join("\",\"") }}" ]{% endraw %} +{% raw %} brokers = [ "{{ olap.kafka_broker.address_list | join("\",\"") }}" ] +{% endraw %} topic = "TRAFFIC-METRICS-LOG" data_format = "json" [[inputs.tcp_listener]] diff --git a/ansible/roles/tfe/templates/pangu_pxy.conf.j2.j2 b/ansible/roles/tfe/templates/pangu_pxy.conf.j2.j2 index 2fb74eb2..80046448 100644 --- a/ansible/roles/tfe/templates/pangu_pxy.conf.j2.j2 +++ b/ansible/roles/tfe/templates/pangu_pxy.conf.j2.j2 @@ -8,7 +8,8 @@ entrance_id=0 #Addresses of hos, Bucket name in hos. Format is defined by WiredLB. {% raw %}cache_ip_list = {{ cache.hos.address }} -cache_listen_port = {{ cache.hos.port }}{% endraw %} +cache_listen_port = {{ cache.hos.port }} +{% endraw %} cache_bucket_name=hos/proxy_hos_bucket cache_token=c21f969b5f03d33d43e04f8f136e7682 @@ -45,7 +46,8 @@ enable=0 token_name=ratelimit redis_server={{ cm_policy_server_ip }} {% raw %}redis_port={{ cm.policy_server.port_range }} -redis_db_index=6{% endraw %} +redis_db_index=6 +{% endraw %} [tango_cache] enable_cache=0 diff --git a/ansible/roles/tfe/templates/tfe.conf.j2.j2 b/ansible/roles/tfe/templates/tfe.conf.j2.j2 index 136fdf46..8e1be5ce 100644 --- a/ansible/roles/tfe/templates/tfe.conf.j2.j2 +++ b/ansible/roles/tfe/templates/tfe.conf.j2.j2 @@ -8,7 +8,8 @@ enable_kni_v3=1 disable_coredump=0 enable_breakpad=1 enable_breakpad_upload=1 -{% raw %}breakpad_upload_url={{ sentry_url }}{% endraw %} +{% raw %}breakpad_upload_url={{ sentry_url }} +{% endraw %} # must be /run/tfe/crashreport,due to tmpfile limit breakpad_minidump_dir=/run/tfe/crashreport @@ -88,7 +89,8 @@ key_log_file=log/sslkeylog.log # mid cert cache mc_cache_enable=1 mc_cache_eth={{ tfe.tfe_conf.ssl.mc_cache_eth }} -{% raw %}mc_cache_broker_list={{ olap.kafka_broker.address_list | join(",") }}{% endraw %} +{% raw %}mc_cache_broker_list={{ olap.kafka_broker.address_list | join(",") }} +{% endraw %} mc_cache_topic=PXY-EXCH-INTERMEDIA-CERT ssl_ja3_table=PXY_SSL_FINGERPRINT @@ -160,7 +162,8 @@ stat_file=log/traffic_mirror.status [kafka] enable=1 NIC_NAME={{ tfe.tfe_conf.kafka.NIC_NAME }} -{% raw %}kafka_brokerlist={{ olap.kafka_broker.address_list | join(",") }}{% endraw %} +{% raw %}kafka_brokerlist={{ olap.kafka_broker.address_list | join(",") }} +{% endraw %} kafka_topic=PROXY-EVENT-LOG device_id_filepath=/opt/tsg/etc/tsg_sn.json @@ -181,7 +184,8 @@ json_cfg_file=resource/pangu/pangu_http.json # redis mode conf iterm maat_redis_server={{ cm_policy_server_ip }} {% raw %}maat_redis_port_range={{ cm.policy_server.port_range }} -maat_redis_db_index={{ cm.policy_server.db_static }}{% endraw %} +maat_redis_db_index={{ cm.policy_server.db_static }} +{% endraw %} # iris mode conf iterm full_cfg_dir=pangu_policy/full/index/ diff --git a/ansible/roles/tsg_device_tag/templates/tsg_device_tag.json.j2.j2 b/ansible/roles/tsg_device_tag/templates/tsg_device_tag.json.j2.j2 index 85394d80..e76d7168 100644 --- a/ansible/roles/tsg_device_tag/templates/tsg_device_tag.json.j2.j2 +++ b/ansible/roles/tsg_device_tag/templates/tsg_device_tag.json.j2.j2 @@ -1,2 +1,3 @@ [MAAT] -{% raw %}ACCEPT_TAGS={"tags":[{"tag":"data_center","value":"{{ data_center.name }}"}]}{% endraw %} +{% raw %}ACCEPT_TAGS={"tags":[{"tag":"data_center","value":"{{ data_center.name }}"}]} +{% endraw %} \ No newline at end of file