gfwleak/tsg-tsg-os-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature:TSG-18563:优化traffic-engine hotfix的实现

Browse Source
This commit is contained in:
fumingwei
2024-01-09 11:42:56 +08:00
parent e83d8c6b8a
commit 0568f4657d
5 changed files with 241 additions and 444 deletions
Download Patch File Download Diff File Expand all files Collapse all files

410
ansible/roles/traffic-engine/files/helm/templates/_config.tpl
View File

@@ -122,14 +122,6 @@ enable_breakpad_upload=0
{{- end }}
{{- end -}}
{{- define "traffic-engine.bfdd.prestart" -}}
if [ -f "/etc/traffic-engine/hotfix/bfdd/scripts/prestart.sh" ]; then chmod 0755 /etc/traffic-engine/hotfix/bfdd/scripts/prestart.sh; /etc/traffic-engine/hotfix/bfdd/scripts/prestart.sh;fi
{{- end -}}
{{- define "traffic-engine.certstore.prestart" -}}
if [ -f "/etc/traffic-engine/hotfix/certstore/scripts/prestart.sh" ]; then chmod 0755 /etc/traffic-engine/hotfix/certstore/scripts/prestart.sh; /etc/traffic-engine/hotfix/certstore/scripts/prestart.sh;fi
{{- end -}}
{{- define "public.prepare-access-API" -}}
export APISERVER=https://kubernetes.default.svc
@@ -147,332 +139,43 @@ echo "{\"sn\": \"$DEVICE_SN\"}" > /opt/tsg/shared-configs/tsg_sn.json
echo "export device_id=${DEVICE_SN}" > /opt/tsg/shared-configs/device_id.sh
{{- end -}}
{{/*
#tfe-env-stop.sh
#!/bin/bash -ex
/usr/sbin/ip6tables -D INPUT -i tap0 -m bpf --bytecode '17,48 0 0 0,84 0 0 240,21 0 13 96,48 0 0 6,21 0 11 6,40 0 0 4,37 0 9 24,48 0 0 52,84 0 0 240,116 0 0 2,53 0 5 24,48 0 0 60,21 0 3 88,48 0 0 61,21 0 1 4,6 0 0 65535,6 0 0 0' -j NFQUEUE --queue-num 1
/usr/sbin/iptables -D INPUT -i tap0 -m bpf --bytecode '18,48 0 0 0,84 0 0 240,21 0 14 64,48 0 0 9,21 0 12 6,40 0 0 6,69 10 0 8191,177 0 0 0,80 0 0 12,84 0 0 240,116 0 0 2,53 0 5 24,80 0 0 20,21 0 3 88,80 0 0 21,21 0 1 4,6 0 0 65535,6 0 0 0' -j NFQUEUE --queue-num 1
/usr/sbin/ip rule del iif tap0 tab 100
/usr/sbin/ip route del local default dev lo table 100
/usr/sbin/ip rule del fwmark 0x65 lookup 101
/usr/sbin/ip route del default dev tap0 via 172.16.241.1 table 101
/usr/sbin/ip -6 rule del iif tap0 tab 102
/usr/sbin/ip -6 route del default via fd00::01
/usr/sbin/ip -6 route del local default dev lo table 102
/usr/sbin/ip addr del fd00::02/64 dev tap0
/usr/sbin/ip link set tap0 down
*/}}
{{- define "traffic-engine.shaping.set-shaping-config" -}}
sed -Ei "s|NODE_IP_LOCATION|${NODE_IP?}|g" /opt/tsg/shaping_engine/conf/shaping.conf
sed -Ei "s|CLUSTER_ANNOUNCE_PORT_LOCATION|${CLUSTER_ANNOUNCE_PORT?}|g" /opt/tsg/shaping_engine/conf/shaping.conf
sed -Ei "s|HEALTH_CHECK_ANNOUNCE_PORT_LOCATION|${HEALTH_CHECK_ANNOUNCE_PORT?}|g" /opt/tsg/shaping_engine/conf/shaping.conf
{{- end -}}
{{- define "traffic-engine.volume.hostpath" -}}
- name: host-root
hostPath:
path: /
{{- end -}}
{{- define "traffic-engine.firewall.mount.hostpath" -}}
{{- if eq .Values.debug.firewall.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
mountPath: /host
{{- end }}
{{- end -}}
{{- define "traffic-engine.firewall.start" -}}
{{- if eq .Values.debug.firewall.enable_interactive_startup .Values.define_enable_val_yes -}}
while true; do sleep 10;done
{{- else -}}
exec /opt/tsg/sapp/sapp
{{- end }}
{{- end -}}
{{- define "traffic-engine.firewall.volume.prestart" -}}
{{- if eq .Values.debug.firewall.enable_prestart_script .Values.define_enable_val_yes }}
- name: firewall-prestart
hostPath:
{{- if .Values.debug.firewall.prestart_script }}
path: {{ .Values.debug.firewall.prestart_script }}
{{- else }}
path: /etc/tsg-os/{{ .Release.Name }}/firewall_prestart_script.sh
{{- end }}
type: FileOrCreate
{{- end }}
{{- end -}}
{{- define "traffic-engine.firewall.mount.prestart" -}}
{{- if eq .Values.debug.firewall.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
mountPath: /tmp/prestart
- name: firewall-prestart
mountPath: /opt/tsg/scripts/prestart.sh
{{- end }}
{{- end -}}
{{- define "traffic-engine.firewall.prestart" -}}
{{- if eq .Values.debug.firewall.enable_prestart_script .Values.define_enable_val_yes }}
chmod 0755 /opt/tsg/scripts/prestart.sh
/opt/tsg/scripts/prestart.sh
{{- end }}
{{- end -}}
{{- define "traffic-engine.proxy.start" -}}
{{- if eq .Values.debug.proxy.enable_interactive_startup .Values.define_enable_val_yes -}}
while true; do sleep 10;done
{{- else -}}
exec /opt/tsg/tfe/bin/tfe
{{- end }}
{{- end -}}
{{- define "traffic-engine.proxy.volume.prestart" -}}
{{- if eq .Values.debug.proxy.enable_prestart_script .Values.define_enable_val_yes }}
- name: proxy-prestart
hostPath:
{{- if .Values.debug.proxy.prestart_script }}
path: {{ .Values.debug.proxy.prestart_script }}
{{- else }}
path: /etc/tsg-os/{{ .Release.Name }}/proxy_prestart_script.sh
{{- end }}
type: FileOrCreate
{{- end }}
{{- end -}}
{{- define "traffic-engine.proxy.mount.prestart" -}}
{{- if eq .Values.debug.proxy.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
mountPath: /tmp/prestart
- name: proxy-prestart
mountPath: /opt/tsg/scripts/prestart.sh
{{- end }}
{{- end -}}
{{- define "traffic-engine.proxy.prestart" -}}
{{- if eq .Values.debug.proxy.enable_prestart_script .Values.define_enable_val_yes }}
chmod 0755 /opt/tsg/scripts/prestart.sh
/opt/tsg/scripts/prestart.sh
{{- end }}
{{- end -}}
{{- define "traffic-engine.proxy.mount.hostpath" -}}
{{- if eq .Values.debug.proxy.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
mountPath: /host
{{- end }}
{{- end -}}
{{- define "traffic-engine.service-chaining.start" -}}
{{- if eq .Values.debug.service_chaining.enable_interactive_startup .Values.define_enable_val_yes -}}
while true; do sleep 10;done
{{- else -}}
exec /opt/tsg/sce/bin/sce
{{- end }}
{{- end -}}
{{- define "traffic-engine.service-chaining.volume.prestart" -}}
{{- if eq .Values.debug.service_chaining.enable_prestart_script .Values.define_enable_val_yes }}
- name: service-chaining-prestart
hostPath:
{{- if .Values.debug.service_chaining.prestart_script }}
path: {{ .Values.debug.service_chaining.prestart_script }}
{{- else }}
path: /etc/tsg-os/{{ .Release.Name }}/service_chaining_prestart_script.sh
{{- end }}
type: FileOrCreate
{{- end }}
{{- end -}}
{{- define "traffic-engine.service-chaining.mount.prestart" -}}
{{- if eq .Values.debug.service_chaining.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
mountPath: /tmp/prestart
- name: service-chaining-prestart
mountPath: /opt/tsg/scripts/prestart.sh
{{- end }}
{{- end -}}
{{- define "traffic-engine.service-chaining.prestart" -}}
{{- if eq .Values.debug.service_chaining.enable_prestart_script .Values.define_enable_val_yes }}
chmod 0755 /opt/tsg/scripts/prestart.sh
/opt/tsg/scripts/prestart.sh
{{- end }}
{{- end -}}
{{- define "traffic-engine.service-chaining.mount.hostpath" -}}
{{- if eq .Values.debug.service_chaining.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
mountPath: /host
{{- end }}
{{- end -}}
{{- define "traffic-engine.inject_adapter.copy-config-to-dest" -}}
cp /opt/tsg/config/packet_adapter.conf /opt/tsg/packet_adapter/conf
{{- end -}}
{{- define "traffic-engine.inject_adapter.mount.hostpath" -}}
{{- if eq .Values.debug.inject_adapter.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
mountPath: /host
{{- end }}
{{- end -}}
{{- define "traffic-engine.inject_adapter.start" -}}
{{- if eq .Values.debug.inject_adapter.enable_interactive_startup .Values.define_enable_val_yes -}}
while true; do sleep 10;done
{{- else -}}
exec /opt/tsg/packet_adapter/bin/packet_adapter
{{- end }}
{{- end -}}
{{- define "traffic-engine.inject_adapter.volume.prestart" -}}
{{- if eq .Values.debug.inject_adapter.enable_prestart_script .Values.define_enable_val_yes }}
- name: inject-adapter-prestart
hostPath:
{{- if .Values.debug.inject_adapter.prestart_script }}
path: {{ .Values.debug.inject_adapter.prestart_script }}
{{- else }}
path: /etc/tsg-os/{{ .Release.Name }}/inject_adapter_prestart_script.sh
{{- end }}
type: FileOrCreate
{{- end }}
{{- end -}}
{{- define "traffic-engine.inject_adapter.mount.prestart" -}}
{{- if eq .Values.debug.inject_adapter.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
mountPath: /tmp/prestart
- name: inject-adapter-prestart
mountPath: /opt/tsg/scripts/prestart.sh
{{- end }}
{{- end -}}
{{- define "traffic-engine.inject_adapter.prestart" -}}
{{- if eq .Values.debug.inject_adapter.enable_prestart_script .Values.define_enable_val_yes }}
chmod 0755 /opt/tsg/scripts/prestart.sh
/opt/tsg/scripts/prestart.sh
{{- end }}
{{- end -}}
{{- define "traffic-engine.shaping.start" -}}
{{- if eq .Values.debug.shaping.enable_interactive_startup .Values.define_enable_val_yes -}}
while true; do sleep 10;done
{{- else -}}
exec /opt/tsg/shaping_engine/bin/shaping_engine
{{- end }}
{{- end -}}
{{- define "traffic-engine.shaping.volume.prestart" -}}
{{- if eq .Values.debug.shaping.enable_prestart_script .Values.define_enable_val_yes }}
- name: shaping-prestart
hostPath:
{{- if .Values.debug.shaping.prestart_script }}
path: {{ .Values.debug.shaping.prestart_script }}
{{- else }}
path: /etc/tsg-os/{{ .Release.Name }}/shaping_prestart_script.sh
{{- end }}
type: FileOrCreate
{{- end }}
{{- end -}}
{{- define "traffic-engine.shaping.mount.prestart" -}}
{{- if eq .Values.debug.shaping.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
mountPath: /tmp/prestart
- name: shaping-prestart
mountPath: /opt/tsg/scripts/prestart.sh
{{- end }}
{{- end -}}
{{- define "traffic-engine.shaping.prestart" -}}
{{- if eq .Values.debug.shaping.enable_prestart_script .Values.define_enable_val_yes }}
chmod 0755 /opt/tsg/scripts/prestart.sh
/opt/tsg/scripts/prestart.sh
{{- end }}
{{- end -}}
{{- define "traffic-engine.shaping.mount.hostpath" -}}
{{- if eq .Values.debug.shaping.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
mountPath: /host
{{- end }}
{{- end -}}
{{- define "traffic-engine.volume.mrzcpd" -}}
- name: opt-tsg-mrzcpd
hostPath:
path: /opt/tsg/mrzcpd
- name: var-run-mrzcpd
hostPath:
path: /var/run/mrzcpd
- name: var-run-dpdk
hostPath:
path: /var/run/dpdk
- name: root-sys
hostPath:
path: /root/sys
- name: profile-mrzcpd
hostPath:
path: /etc/profile.d/mrzcpd.sh
type: File
- name: ldconfig-mrzcpd
hostPath:
path: /etc/ld.so.conf.d/mrzcpd.conf
type: File
- name: opt-tsg-mrzcpd
hostPath:
path: /opt/tsg/mrzcpd
- name: var-run-mrzcpd
hostPath:
path: /var/run/mrzcpd
- name: var-run-dpdk
hostPath:
path: /var/run/dpdk
- name: profile-mrzcpd
hostPath:
path: /etc/profile.d/mrzcpd.sh
type: File
- name: ldconfig-mrzcpd
hostPath:
path: /etc/ld.so.conf.d/mrzcpd.conf
type: File
{{- end -}}
{{- define "traffic-engine.mount.mrzcpd" -}}
- name: opt-tsg-mrzcpd
mountPath: /opt/tsg/mrzcpd
mountPropagation: HostToContainer
readOnly: false
- name: var-run-mrzcpd
mountPath: /var/run/mrzcpd
readOnly: false
- name: var-run-dpdk
mountPath: /var/run/dpdk
readOnly: false
- name: root-sys
mountPath: /root/sys
readOnly: false
- name: profile-mrzcpd
mountPath: /etc/profile.d/mrzcpd.sh
readOnly: true
- name: ldconfig-mrzcpd
mountPath: /etc/ld.so.conf.d/mrzcpd.conf
readOnly: true
{{- end -}}
{{- define "traffic-engine.volume.localtime" -}}
- name: localtime-node
hostPath:
path: /etc/localtime
{{- end -}}
{{- define "traffic-engine.mount.localtime" -}}
- name: localtime-node
mountPath: /etc/localtime
readOnly: true
{{- end -}}
{{- define "traffic-engine.volume.dev-bus-usb" -}}
- name: dev-bus-usb-node
hostPath:
path: /dev/bus/usb
{{- end -}}
{{- define "traffic-engine.mount.dev-bus-usb" -}}
- name: dev-bus-usb-node
mountPath: /dev/bus/usb
readOnly: true
- name: opt-tsg-mrzcpd
mountPath: /opt/tsg/mrzcpd
mountPropagation: HostToContainer
readOnly: false
- name: var-run-mrzcpd
mountPath: /var/run/mrzcpd
readOnly: false
- name: var-run-dpdk
mountPath: /var/run/dpdk
readOnly: false
- name: profile-mrzcpd
mountPath: /etc/profile.d/mrzcpd.sh
readOnly: true
- name: ldconfig-mrzcpd
mountPath: /etc/ld.so.conf.d/mrzcpd.conf
readOnly: true
{{- end -}}
{{- define "traffic-engine.global.cm.server-ip" -}}
@@ -501,18 +204,6 @@ chmod 0755 /etc/profile.d/cm-local-cache.sh
{{- end }}
{{- end -}}
{{- define "traffic-engine.volume.dev-shm" -}}
- name: dev-shm
hostPath:
path: /dev/shm
{{- end -}}
{{- define "traffic-engine.mount.dev-shm" -}}
- name: dev-shm
mountPath: /dev/shm
{{- end -}}
{{- define "traffic-engine.global.sd.server-ip" -}}
{{- if eq .Values.external_resources.sd.enable .Values.define_enable_val_yes }}
{{- if eq .Values.external_resources.sd.connectivity "direct" }}
@@ -544,3 +235,38 @@ chmod 0755 /etc/profile.d/sd-local-cache.sh
{{- end }}
{{- end }}
{{- end -}}
{{- define "public.sync-host-timezone.volume" -}}
- name: localtime-volume
hostPath:
path: /etc/localtime
{{- end -}}
{{- define "public.sync-host-timezone.volume-mount" -}}
- name: localtime-volume
mountPath: /etc/localtime
readOnly: true
{{- end -}}
{{- define "public.license-support.dev-shm-volume" -}}
- name: dev-shm-volume
hostPath:
path: /dev/shm
{{- end -}}
{{- define "public.license-support.dev-shm-volume-mount" -}}
- name: dev-shm-volume
mountPath: /dev/shm
{{- end -}}
{{- define "public.license-support.dev-bus-usb-volume" -}}
- name: dev-bus-usb-node
hostPath:
path: /dev/bus/usb
{{- end -}}
{{- define "public.license-support.dev-bus-usb-volume-mount" -}}
- name: dev-bus-usb-node
mountPath: /dev/bus/usb
readOnly: true
{{- end -}}

67
ansible/roles/traffic-engine/files/helm/templates/deployment-firewall.yaml
View File

@@ -52,8 +52,15 @@ spec:
{{- if eq .Values.external_resources.sd.connectivity "local_cache" }}
sed -Ei "s|SD_POLICY_LOCAL_CACHE_IP_LOCATION|${SD_POLICY_LOCAL_CACHE_IP?}|g" /opt/tsg/sapp/tsgconf/maat.conf
{{- end }}
{{ template "traffic-engine.firewall.prestart" . }}
{{ template "traffic-engine.firewall.start" . }}
{{- if eq .Values.debug.firewall.enable_prestart_script .Values.define_enable_val_yes }}
chmod 0755 /opt/tsg/scripts/prestart.sh
/opt/tsg/scripts/prestart.sh
{{- end }}
{{- if eq .Values.debug.firewall.enable_interactive_startup .Values.define_enable_val_yes }}
while true; do sleep 10;done
{{- else }}
exec /opt/tsg/sapp/sapp
{{- end }}
ports:
- containerPort: 9273
env:
@@ -140,18 +147,24 @@ spec:
- name: shared-configs-volume
mountPath: "/opt/tsg/sapp/stellar_plugin/spec.toml"
subPath: "sapp/spec.toml"
- name: firewall-minidump
mountPath: /run/sapp/crashreport
- name: firewall-log
mountPath: /opt/tsg/sapp/log
- name: metrics-json-dir
mountPath: "/opt/tsg/sapp/metrics"
{{ template "traffic-engine.mount.mrzcpd" . }}
{{ template "traffic-engine.mount.localtime" . }}
{{ template "traffic-engine.firewall.mount.prestart" . }}
{{ template "traffic-engine.firewall.mount.hostpath" . }}
{{ template "traffic-engine.mount.dev-bus-usb" . }}
{{ template "traffic-engine.mount.dev-shm" . }}
{{- if eq .Values.debug.firewall.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
mountPath: /tmp/prestart
- name: firewall-prestart
mountPath: /opt/tsg/scripts/prestart.sh
{{- end }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
{{- if eq .Values.debug.firewall.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
mountPath: /host
{{- end }}
{{- include "traffic-engine.mount.mrzcpd" . | nindent 8 }}
{{- include "public.license-support.dev-bus-usb-volume-mount" . | nindent 8 }}
{{- include "public.license-support.dev-shm-volume-mount" . | nindent 8 }}
- name: fieldstat-exporter
image: "registry.gdnt-cloud.website/tsg-firewall:{{ .Chart.AppVersion }}"
@@ -179,7 +192,7 @@ spec:
volumeMounts:
- name: metrics-json-dir
mountPath: "/opt/tsg/sapp/metrics"
{{ template "traffic-engine.mount.localtime" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
- name: merged-exporter
image: "quay.io/rebuy/exporter-merger:v0.2.0"
@@ -233,9 +246,7 @@ spec:
mountPath: /opt/tsg/shared-configs
- name: sapp-configs-volume
mountPath: /opt/tsg/configs/sapp
- name: localtime-node
mountPath: /etc/localtime
readOnly: true
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
volumes:
- name: sapp-configs-volume
@@ -245,19 +256,29 @@ spec:
emptyDir: {}
- name: metrics-json-dir
emptyDir: {}
- name: firewall-minidump
hostPath:
path: /var/crashreport/traffic-engine/traffic-engine-{{ .Release.Name }}/tsg-firewall:{{ .Chart.AppVersion }}/
- name: firewall-log
hostPath:
path: /var/log/traffic-engine/traffic-engine-{{ .Release.Name }}/sapp/
{{- if eq .Values.debug.firewall.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
hostPath:
path: /etc/tsg-os/{{ .Release.Name }}/
type: DirectoryOrCreate
{{ template "traffic-engine.volume.mrzcpd" . }}
{{ template "traffic-engine.volume.localtime" . }}
{{ template "traffic-engine.firewall.volume.prestart" . }}
{{ template "traffic-engine.volume.hostpath" . }}
{{ template "traffic-engine.volume.dev-bus-usb" . }}
{{ template "traffic-engine.volume.dev-shm" . }}
- name: firewall-prestart
hostPath:
{{- if .Values.debug.firewall.prestart_script }}
path: {{ .Values.debug.firewall.prestart_script }}
{{- else }}
path: /etc/tsg-os/{{ .Release.Name }}/firewall_prestart_script.sh
{{- end }}
type: FileOrCreate
{{- end }}
{{- include "traffic-engine.volume.mrzcpd" . | nindent 6 }}
{{- include "public.sync-host-timezone.volume" . | nindent 6 }}
{{- if eq .Values.debug.firewall.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
hostPath:
path: /
{{- end }}
{{- include "public.license-support.dev-bus-usb-volume" . | nindent 6 }}
{{- include "public.license-support.dev-shm-volume" . | nindent 6 }}

76
ansible/roles/traffic-engine/files/helm/templates/deployment-proxy.yaml
View File

@@ -50,8 +50,15 @@ spec:
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
sed -Ei "s|CM_POLICY_LOCAL_CACHE_IP_LOCATION|${CM_POLICY_LOCAL_CACHE_IP?}|g" /opt/tsg/tfe/conf/tfe/tfe.conf
{{- end }}
{{ template "traffic-engine.proxy.prestart" . }}
{{ template "traffic-engine.proxy.start" . }}
{{- if eq .Values.debug.proxy.enable_prestart_script .Values.define_enable_val_yes }}
chmod 0755 /opt/tsg/scripts/prestart.sh
/opt/tsg/scripts/prestart.sh
{{- end }}
{{- if eq .Values.debug.proxy.enable_interactive_startup .Values.define_enable_val_yes }}
while true; do sleep 10;done
{{- else }}
exec /opt/tsg/tfe/bin/tfe
{{- end }}
ports:
- containerPort: 9001
env:
@@ -91,15 +98,21 @@ spec:
- name: shared-configs-volume
mountPath: "/opt/tsg/etc/tsg_device_tag.json"
subPath: "tfe/tsg_device_tag.json"
- name: proxy-minidump
mountPath: /run/tfe/crashreport
- name: proxy-log
mountPath: /opt/tsg/tfe/log
{{ template "traffic-engine.mount.mrzcpd" . }}
{{ template "traffic-engine.mount.localtime" . }}
{{ template "traffic-engine.proxy.mount.prestart" . }}
{{ template "traffic-engine.proxy.mount.hostpath" . }}
{{ template "traffic-engine.mount.dev-bus-usb" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
{{- if eq .Values.debug.proxy.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
mountPath: /tmp/prestart
- name: proxy-prestart
mountPath: /opt/tsg/scripts/prestart.sh
{{- end }}
{{- if eq .Values.debug.proxy.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
mountPath: /host
{{- end }}
{{- include "traffic-engine.mount.mrzcpd" . | nindent 8 }}
{{- include "public.license-support.dev-bus-usb-volume-mount" . | nindent 8 }}
- name: certstore
image: "registry.gdnt-cloud.website/tsg-certstore:{{ .Chart.AppVersion }}"
@@ -113,7 +126,6 @@ spec:
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
sed -Ei "s|CM_POLICY_LOCAL_CACHE_IP_LOCATION|${CM_POLICY_LOCAL_CACHE_IP?}|g" /opt/tsg/certstore/conf/cert_store.ini
{{- end }}
{{ template "traffic-engine.certstore.prestart" . }}
exec /opt/tsg/certstore/bin/certstore
securityContext:
privileged: true
@@ -129,7 +141,6 @@ spec:
value: {{ .Values.external_resources.cm.local_cache.cache_name }}-redis-master
{{- end }}
volumeMounts:
{{ template "traffic-engine.mount.localtime" . }}
- name: shared-configs-volume
mountPath: "/opt/tsg/etc/tsg_sn.json"
subPath: "tsg_sn.json"
@@ -139,12 +150,9 @@ spec:
- name: shared-configs-volume
mountPath: "/opt/tsg/etc/tsg_device_tag.json"
subPath: "certstore/tsg_device_tag.json"
- name: certstore-minidump
mountPath: /run/certstore/crashreport
- name: certstore-log
mountPath: /opt/tsg/certstore/logs
- name: hotfix-certstore
mountPath: /etc/traffic-engine/hotfix/certstore
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
- name: cert-redis
image: "registry.gdnt-cloud.website/tsg-certstore:{{ .Chart.AppVersion }}"
@@ -153,7 +161,7 @@ spec:
securityContext:
privileged: true
volumeMounts:
{{ template "traffic-engine.mount.localtime" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
- name: telegraf-proxy
image: "registry.gdnt-cloud.website/tsg-telegraf:{{ .Chart.AppVersion }}"
@@ -175,7 +183,7 @@ spec:
- name: shared-configs-volume
mountPath: "/etc/profile.d/device_id.sh"
subPath: "device_id.sh"
{{ template "traffic-engine.mount.localtime" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
- name: log-dir-hook
image: "registry.gdnt-cloud.website/tsg-proxy:{{ .Chart.AppVersion }}"
@@ -312,7 +320,7 @@ spec:
mountPath: /opt/tsg/configs/certstore
- name: tfe-configs-volume
mountPath: /opt/tsg/configs/tfe
{{ template "traffic-engine.mount.localtime" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
volumes:
- name: certstore-configs-volume
@@ -326,29 +334,33 @@ spec:
name: telegraf-{{ .Release.Name }}
- name: shared-configs-volume
emptyDir: {}
- name: proxy-minidump
hostPath:
path: /var/crashreport/traffic-engine/traffic-engine-{{ .Release.Name }}/tsg-proxy:{{ .Chart.AppVersion }}/
- name: certstore-minidump
hostPath:
path: /var/crashreport/traffic-engine/traffic-engine-{{ .Release.Name }}/tsg-certstore:{{ .Chart.AppVersion }}/
- name: proxy-log
hostPath:
path: /var/log/traffic-engine/traffic-engine-{{ .Release.Name }}/tfe/
- name: certstore-log
hostPath:
path: /var/log/traffic-engine/traffic-engine-{{ .Release.Name }}/certstore/
- name: hotfix-certstore
hostPath:
path: /etc/traffic-engine/hotfix/certstore
{{- include "traffic-engine.volume.mrzcpd" . | nindent 6 }}
{{- include "public.sync-host-timezone.volume" . | nindent 6 }}
{{- if eq .Values.debug.proxy.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
hostPath:
path: /etc/tsg-os/{{ .Release.Name }}/
type: DirectoryOrCreate
{{ template "traffic-engine.volume.mrzcpd" . }}
{{ template "traffic-engine.volume.localtime" . }}
{{ template "traffic-engine.proxy.volume.prestart" . }}
{{ template "traffic-engine.volume.hostpath" . }}
{{ template "traffic-engine.volume.dev-bus-usb" . }}
- name: proxy-prestart
hostPath:
{{- if .Values.debug.proxy.prestart_script }}
path: {{ .Values.debug.proxy.prestart_script }}
{{- else }}
path: /etc/tsg-os/{{ .Release.Name }}/proxy_prestart_script.sh
{{- end }}
type: FileOrCreate
{{- end }}
{{- if eq .Values.debug.proxy.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
hostPath:
path: /
{{- end }}
{{- include "public.license-support.dev-bus-usb-volume" . | nindent 6 }}
{{- end }}

70
ansible/roles/traffic-engine/files/helm/templates/deployment-service-chaining.yaml
View File

@@ -50,8 +50,15 @@ spec:
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
sed -Ei "s|CM_POLICY_LOCAL_CACHE_IP_LOCATION|${CM_POLICY_LOCAL_CACHE_IP?}|g" /opt/tsg/sce/conf/sce.conf
{{- end }}
{{ template "traffic-engine.service-chaining.prestart" . }}
{{ template "traffic-engine.service-chaining.start" . }}
{{- if eq .Values.debug.service_chaining.enable_prestart_script .Values.define_enable_val_yes }}
chmod 0755 /opt/tsg/scripts/prestart.sh
/opt/tsg/scripts/prestart.sh
{{- end }}
{{- if eq .Values.debug.service_chaining.enable_interactive_startup .Values.define_enable_val_yes }}
while true; do sleep 10;done
{{- else }}
exec /opt/tsg/sce/bin/sce
{{- end }}
ports:
- containerPort: 9006
env:
@@ -91,16 +98,22 @@ spec:
- name: shared-configs-volume
mountPath: "/opt/tsg/etc/tsg_device_tag.json"
subPath: "sce/tsg_device_tag.json"
- name: sce-minidump
mountPath: /run/sce/crashreport
- name: sce-log
mountPath: /opt/tsg/sce/log
- name: bfdd-unix-socket
mountPath: /run/frr
{{ template "traffic-engine.mount.mrzcpd" . }}
{{ template "traffic-engine.mount.localtime" . }}
{{ template "traffic-engine.service-chaining.mount.prestart" . }}
{{ template "traffic-engine.service-chaining.mount.hostpath" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
{{- if eq .Values.debug.service_chaining.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
mountPath: /tmp/prestart
- name: service-chaining-prestart
mountPath: /opt/tsg/scripts/prestart.sh
{{- end }}
{{- if eq .Values.debug.service_chaining.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
mountPath: /host
{{- end }}
{{- include "traffic-engine.mount.mrzcpd" . | nindent 8 }}
- name: bfdd
image: "registry.gdnt-cloud.website/tsg-bfdd:{{ .Chart.AppVersion }}"
@@ -110,7 +123,6 @@ spec:
- "bash"
- "-ec"
- |
{{ template "traffic-engine.bfdd.prestart" . }}
exec /opt/tsg/bfdd/bfdd -u root -g root
env:
- name: MRZCPD_CTRLMSG_LISTEN_ADDR
@@ -127,15 +139,11 @@ spec:
- name: shared-configs-volume
mountPath: "/opt/tsg/etc/tsg_sn.json"
subPath: "tsg_sn.json"
- name: bfdd-minidump
mountPath: /run/bfdd/crashreport
- name: bfdd-log
mountPath: /opt/tsg/bfdd/log
- name: hotfix-bfdd
mountPath: /etc/traffic-engine/hotfix/bfdd
- name: bfdd-unix-socket
mountPath: /run/frr
{{ template "traffic-engine.mount.localtime" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
- name: telegraf-sce
image: "registry.gdnt-cloud.website/tsg-telegraf:{{ .Chart.AppVersion }}"
@@ -157,7 +165,7 @@ spec:
- name: shared-configs-volume
mountPath: "/etc/profile.d/device_id.sh"
subPath: "device_id.sh"
{{ template "traffic-engine.mount.localtime" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
- name: log-dir-hook
image: "registry.gdnt-cloud.website/tsg-sce:{{ .Chart.AppVersion }}"
@@ -212,7 +220,7 @@ spec:
mountPath: /opt/tsg/shared-configs
- name: sce-configs-volume
mountPath: /opt/tsg/configs/sce
{{ template "traffic-engine.mount.localtime" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
volumes:
- name: telegraf-configs-volume
@@ -223,29 +231,33 @@ spec:
name: sce-{{ .Release.Name }}
- name: shared-configs-volume
emptyDir: {}
- name: sce-minidump
hostPath:
path: /var/crashreport/traffic-engine/traffic-engine-{{ .Release.Name }}/tsg-sce:{{ .Chart.AppVersion }}/
- name: bfdd-minidump
hostPath:
path: /var/crashreport/traffic-engine/traffic-engine-{{ .Release.Name }}/tsg-bfdd:{{ .Chart.AppVersion }}/
- name: sce-log
hostPath:
path: /var/log/traffic-engine/traffic-engine-{{ .Release.Name }}/sce/
- name: bfdd-log
hostPath:
path: /var/log/traffic-engine/traffic-engine-{{ .Release.Name }}/bfdd/
- name: hotfix-bfdd
hostPath:
path: /etc/traffic-engine/hotfix/bfdd
- name: bfdd-unix-socket
emptyDir: {}
{{- include "traffic-engine.volume.mrzcpd" . | nindent 6 }}
{{- include "public.sync-host-timezone.volume" . | nindent 6 }}
{{- if eq .Values.debug.service_chaining.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
hostPath:
path: /etc/tsg-os/{{ .Release.Name }}/
type: DirectoryOrCreate
{{ template "traffic-engine.volume.mrzcpd" . }}
{{ template "traffic-engine.volume.localtime" . }}
{{ template "traffic-engine.service-chaining.volume.prestart" . }}
{{ template "traffic-engine.volume.hostpath" . }}
- name: service-chaining-prestart
hostPath:
{{- if .Values.debug.service_chaining.prestart_script }}
path: {{ .Values.debug.service_chaining.prestart_script }}
{{- else }}
path: /etc/tsg-os/{{ .Release.Name }}/service_chaining_prestart_script.sh
{{- end }}
type: FileOrCreate
{{- end }}
{{- if eq .Values.debug.service_chaining.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
hostPath:
path: /
{{- end }}
{{- end }}

62
ansible/roles/traffic-engine/files/helm/templates/deployment-shaping.yaml
View File

@@ -57,9 +57,19 @@ spec:
echo "export CLUSTER_ANNOUNCE_PORT=${CLUSTER_ANNOUNCE_PORT}" > /etc/profile.d/announceinfo.sh
echo "export HEALTH_CHECK_ANNOUNCE_PORT=${HEALTH_CHECK_ANNOUNCE_PORT}" >> /etc/profile.d/announceinfo.sh
chmod 0755 /etc/profile.d/announceinfo.sh
{{ template "traffic-engine.shaping.set-shaping-config" . }}
{{ template "traffic-engine.shaping.prestart" . }}
{{ template "traffic-engine.shaping.start" . }}
sed -Ei "s|NODE_IP_LOCATION|${NODE_IP?}|g" /opt/tsg/shaping_engine/conf/shaping.conf
sed -Ei "s|CLUSTER_ANNOUNCE_PORT_LOCATION|${CLUSTER_ANNOUNCE_PORT?}|g" /opt/tsg/shaping_engine/conf/shaping.conf
sed -Ei "s|HEALTH_CHECK_ANNOUNCE_PORT_LOCATION|${HEALTH_CHECK_ANNOUNCE_PORT?}|g" /opt/tsg/shaping_engine/conf/shaping.conf
{{- if eq .Values.debug.shaping.enable_prestart_script .Values.define_enable_val_yes }}
chmod 0755 /opt/tsg/scripts/prestart.sh
/opt/tsg/scripts/prestart.sh
{{- end }}
{{- if eq .Values.debug.shaping.enable_interactive_startup .Values.define_enable_val_yes }}
while true; do sleep 10;done
{{- else }}
exec /opt/tsg/shaping_engine/bin/shaping_engine
{{- end }}
ports:
- containerPort: 8551
- containerPort: 8552
@@ -107,14 +117,20 @@ spec:
- name: shared-configs-volume
mountPath: "/opt/tsg/etc/tsg_device_tag.json"
subPath: "shaping/tsg_device_tag.json"
- name: shaping-minidump
mountPath: /run/shaping/crashreport
- name: shaping-log
mountPath: /opt/tsg/shaping/log
{{ template "traffic-engine.mount.mrzcpd" . }}
{{ template "traffic-engine.mount.localtime" . }}
{{ template "traffic-engine.shaping.mount.prestart" . }}
{{ template "traffic-engine.shaping.mount.hostpath" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
{{- if eq .Values.debug.shaping.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
mountPath: /tmp/prestart
- name: shaping-prestart
mountPath: /opt/tsg/scripts/prestart.sh
{{- end }}
{{- if eq .Values.debug.shaping.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
mountPath: /host
{{- end }}
{{- include "traffic-engine.mount.mrzcpd" . | nindent 8 }}
- name: telegraf-shaping
image: "registry.gdnt-cloud.website/tsg-telegraf:{{ .Chart.AppVersion }}"
@@ -136,7 +152,7 @@ spec:
- name: shared-configs-volume
mountPath: "/etc/profile.d/device_id.sh"
subPath: "device_id.sh"
{{ template "traffic-engine.mount.localtime" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
- name: log-dir-hook
image: "registry.gdnt-cloud.website/tsg-shaping:{{ .Chart.AppVersion }}"
@@ -180,7 +196,7 @@ spec:
mountPath: /opt/tsg/shared-configs
- name: shaping-configs-volume
mountPath: /opt/tsg/configs/shaping
{{ template "traffic-engine.mount.localtime" . }}
{{- include "public.sync-host-timezone.volume-mount" . | nindent 8 }}
volumes:
- name: telegraf-configs-volume
@@ -191,18 +207,28 @@ spec:
name: shaping-{{ .Release.Name }}
- name: shared-configs-volume
emptyDir: {}
- name: shaping-minidump
hostPath:
path: /var/crashreport/traffic-engine/traffic-engine-{{ .Release.Name }}/tsg-shaping:{{ .Chart.AppVersion }}/
- name: shaping-log
hostPath:
path: /var/log/traffic-engine/traffic-engine-{{ .Release.Name }}/shaping/
{{- include "traffic-engine.volume.mrzcpd" . | nindent 6 }}
{{- include "public.sync-host-timezone.volume" . | nindent 6 }}
{{- if eq .Values.debug.shaping.enable_prestart_script .Values.define_enable_val_yes }}
- name: prestart-dir
hostPath:
path: /etc/tsg-os/{{ .Release.Name }}/
type: DirectoryOrCreate
{{ template "traffic-engine.volume.mrzcpd" . }}
{{ template "traffic-engine.volume.localtime" . }}
{{ template "traffic-engine.shaping.volume.prestart" . }}
{{ template "traffic-engine.volume.hostpath" . }}
- name: shaping-prestart
hostPath:
{{- if .Values.debug.shaping.prestart_script }}
path: {{ .Values.debug.shaping.prestart_script }}
{{- else }}
path: /etc/tsg-os/{{ .Release.Name }}/shaping_prestart_script.sh
{{- end }}
type: FileOrCreate
{{- end }}
{{- if eq .Values.debug.shaping.enable_mount_host_filesystem .Values.define_enable_val_yes }}
- name: host-root
hostPath:
path: /
{{- end }}
{{- end }}