From 0fbefc770965e9de1d26565ea603c5e08860f7d3 Mon Sep 17 00:00:00 2001 From: fumingwei Date: Sun, 25 Jun 2023 18:57:29 +0800 Subject: [PATCH] =?UTF-8?q?refactor:mrzcpd-exporter=E4=BD=BF=E7=94=A8?= =?UTF-8?q?=E5=9B=BA=E5=AE=9A=E9=95=9C=E5=83=8F=EF=BC=8C=E4=B8=8D=E5=86=8D?= =?UTF-8?q?=E4=BD=BF=E7=94=A8tsg-init=E9=95=9C=E5=83=8F,TSG-13281:?= =?UTF-8?q?=E9=87=8D=E6=96=B0=E6=9E=84=E9=80=A0traffic-engine=E5=8D=87?= =?UTF-8?q?=E7=BA=A7=E5=8C=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ansible/HAL_deploy.yml | 2 +- .../mrzcpd/exporter-mrzcpd-crd.yaml} | 2 +- .../files/mrzcpd/helm/values.yaml | 4 +- ansible/roles/k3s-exporter/tasks/main.yml | 26 ++- ansible/roles/traffic-engine/tasks/main.yml | 31 +-- installer/app_bundle_install.sh | 90 +++++++++ installer/install.sh | 17 +- make/Makefile.TSGXBUILDCONTAINERP0906 | 185 ++++-------------- make/Makefile.TSGXNXR620G40R01P0906 | 4 +- tools/app-bundle-cook-bits | 54 +++++ tools/app_bundle_body.sh | 114 +++++++++++ tools/build_container_images.sh | 87 ++++++++ tools/build_helm_charts.sh | 17 ++ tools/mk-base-image | 4 +- tools/upload.sh | 4 +- 15 files changed, 442 insertions(+), 199 deletions(-) rename ansible/roles/k3s-exporter/{templates/exporter-mrzcpd-crd.yaml.j2 => files/mrzcpd/exporter-mrzcpd-crd.yaml} (92%) create mode 100644 installer/app_bundle_install.sh create mode 100644 tools/app-bundle-cook-bits create mode 100644 tools/app_bundle_body.sh create mode 100644 tools/build_container_images.sh create mode 100644 tools/build_helm_charts.sh diff --git a/ansible/HAL_deploy.yml b/ansible/HAL_deploy.yml index 93a78c5e..807029a0 100644 --- a/ansible/HAL_deploy.yml +++ b/ansible/HAL_deploy.yml @@ -261,7 +261,7 @@ roles: - {role: rpm_download, tags: rpm_download} -- hosts: TSG-X-NXR620G40-R01-P0906-tools +- hosts: TSG-X-NXR620G40-R01-P0906-base remote_user: root vars_files: - install_config/group_vars/HAL_TSGXNXR620G40R01P0906.yml diff --git a/ansible/roles/k3s-exporter/templates/exporter-mrzcpd-crd.yaml.j2 b/ansible/roles/k3s-exporter/files/mrzcpd/exporter-mrzcpd-crd.yaml similarity index 92% rename from ansible/roles/k3s-exporter/templates/exporter-mrzcpd-crd.yaml.j2 rename to ansible/roles/k3s-exporter/files/mrzcpd/exporter-mrzcpd-crd.yaml index 005266a1..8425a498 100644 --- a/ansible/roles/k3s-exporter/templates/exporter-mrzcpd-crd.yaml.j2 +++ b/ansible/roles/k3s-exporter/files/mrzcpd/exporter-mrzcpd-crd.yaml @@ -4,7 +4,7 @@ metadata: name: exporter-mrzcpd namespace: kube-system spec: - chart: https://%{KUBERNETES_API}%/static/charts/exporter-mrzcpd-{{helm_chart_ver}}.tgz + chart: https://%{KUBERNETES_API}%/static/charts/exporter-mrzcpd-1.0.1.tgz targetNamespace: tsg-os-system valuesContent: |- service: diff --git a/ansible/roles/k3s-exporter/files/mrzcpd/helm/values.yaml b/ansible/roles/k3s-exporter/files/mrzcpd/helm/values.yaml index 33c12cc8..a5afef7b 100644 --- a/ansible/roles/k3s-exporter/files/mrzcpd/helm/values.yaml +++ b/ansible/roles/k3s-exporter/files/mrzcpd/helm/values.yaml @@ -1,9 +1,9 @@ mrzcpdExporter: image: - repository: registry.gdnt-cloud.website/tsg-init + repository: registry.gdnt-cloud.website/mrzcpd-exporter pullPolicy: Never -# tag: "" + tag: "1.0.1" replicaCount: 1 mergeExporter: diff --git a/ansible/roles/k3s-exporter/tasks/main.yml b/ansible/roles/k3s-exporter/tasks/main.yml index 2eee6e54..27d27297 100644 --- a/ansible/roles/k3s-exporter/tasks/main.yml +++ b/ansible/roles/k3s-exporter/tasks/main.yml @@ -49,13 +49,22 @@ src: "{{ role_path }}/files/mrzcpd/helm" dest: /tmp/exporter-mrzcpd/ +#### mrzcpd exporter start - name: "create charts packages" - shell: helm package --app-version {{os_release_ver}} --version {{helm_chart_ver}} -d /var/lib/rancher/k3s/server/static/charts/ /tmp/exporter-mrzcpd/helm + shell: helm package --app-version 1.0.1 --version 1.0.1 -d /var/lib/rancher/k3s/server/static/charts/ /tmp/exporter-mrzcpd/helm -- name: "copy prometheus crd file to dest" - template: - src: "{{ role_path }}/templates/exporter-mrzcpd-crd.yaml.j2" - dest: /var/lib/rancher/k3s/server/manifests/exporter-mrzcpd-crd.yaml +# The image build by the the follow command +# Command 1: docker pull rockylinux:8 +# Command 2: docker run --name build-mrzcpd-exporter -it rockylinux:8 bash +# Comanad 3: (In container) yum install python2 && pip2 install PrettyTable==0.7.2 +# Command 4: docker commit build-mrzcpd-exporter mrzcpd-exporter.1.0.1.tar +# The container image tag will be upload to file repo.(https://repo.geedge.net/filerepo/install/release/tsg-container-images/) +- name: "Pull mrzcpd-exporter image tar to chroot directory" + get_url: + url: https://repo.geedge.net/filerepo/install/release/tsg-container-images/mrzcpd-exporter.1.0.1.tar + dest: /var/lib/rancher/k3s/agent/images/mrzcpd-exporter.1.0.1.tar + url_username: "{{ lookup('env', 'PULP_REPO_USERNAME') }}" + url_password: "{{ lookup('env', 'PULP_REPO_PASSWORD') }}" - name: "get merge-exporter images to dest" get_url: @@ -63,3 +72,10 @@ dest: /var/lib/rancher/k3s/agent/images/exporter-merger.tar url_username: "{{ lookup('env', 'PULP_REPO_USERNAME') }}" url_password: "{{ lookup('env', 'PULP_REPO_PASSWORD') }}" + +- name: "copy prometheus crd file to dest" + copy: + src: "{{ role_path }}/files/mrzcpd/exporter-mrzcpd-crd.yaml" + dest: /var/lib/rancher/k3s/server/manifests/exporter-mrzcpd-crd.yaml + +#### mrzcpd exporter end \ No newline at end of file diff --git a/ansible/roles/traffic-engine/tasks/main.yml b/ansible/roles/traffic-engine/tasks/main.yml index ea0ca231..c7b8d7e2 100644 --- a/ansible/roles/traffic-engine/tasks/main.yml +++ b/ansible/roles/traffic-engine/tasks/main.yml @@ -4,16 +4,12 @@ path: /var/lib/rancher/k3s/server/static/charts/ state: directory +#install helm binary start - name: "create unarchive directory" file: path: "/tmp/helm/" state: directory -- name: "copy chart directory to dest" - copy: - src: "{{ role_path }}/files/helm" - dest: /tmp/traffic-engine/ - - name: "install helm: unarchive helm tar package" unarchive: src: "{{ role_path }}/files/helm-linux-amd64.tar.gz" @@ -25,9 +21,7 @@ dest: /usr/bin/helm mode: 0755 remote_src: yes - -- name: "create charts packages" - shell: helm package --app-version {{os_release_ver}} --version {{helm_chart_ver}} -d /var/lib/rancher/k3s/server/static/charts/ /tmp/traffic-engine/helm +#install helm binary end - name: "copy kubeconfig.sh to destination" copy: @@ -45,27 +39,6 @@ src: "{{ role_path }}/files/sudoers.d/00-kubconfig" dest: /etc/sudoers.d/ -- name: "mkdir hotfix directory" - file: - path: "{{ item }}" - state: directory - with_items: - - /etc/traffic-engine/hotfix/firewall/scripts - - /etc/traffic-engine/hotfix/firewall/files - - /etc/traffic-engine/hotfix/proxy/scripts - - /etc/traffic-engine/hotfix/proxy/files - - /etc/traffic-engine/hotfix/certstore/scripts - - /etc/traffic-engine/hotfix/certstore/files - -- name: "copy prestart.sh" - copy: - src: '{{ role_path }}/files/hotfix/prestart.sh' - dest: '{{ item }}' - with_items: - - /etc/traffic-engine/hotfix/firewall/scripts/ - - /etc/traffic-engine/hotfix/proxy/scripts/ - - /etc/traffic-engine/hotfix/certstore/scripts/ - - name: "copy clusterrole file to dest" copy: src: "{{ role_path }}/files/service-read-role.yaml" diff --git a/installer/app_bundle_install.sh b/installer/app_bundle_install.sh new file mode 100644 index 00000000..d8547374 --- /dev/null +++ b/installer/app_bundle_install.sh @@ -0,0 +1,90 @@ +#!/bin/sh + +CONTAINER_IMAGES_TAR="%%CONTAINER_IMAGES_TAR%%" +HELM_CHART_TAR="%%HELM_CHART_TAR%%" + +charts_dest_dir="/var/lib/rancher/k3s/server/static/charts" +images_dest_dir="/var/lib/rancher/k3s/agent/images" +clixon_conf_path="/opt/tsg/clixon/etc/mgnt-srv.conf" +load_images_switch="on" + +src_dir=$(dirname $0) + +#function define start +function read_charts_dest_dir_from_env() +{ + if [ ! -z "${APP_BUNDLE_CHARTS_DEST_DIR}" ]; then + charts_dest_dir="${APP_BUNDLE_CHARTS_DEST_DIR}" + fi +} + +function read_images_dest_dir_from_env() +{ + if [ ! -z "${APP_BUNDLE_IMAGES_DEST_DIR}" ]; then + images_dest_dir="${APP_BUNDLE_IMAGES_DEST_DIR}" + fi +} + +function read_clixon_conf_path_from_env() +{ + if [ ! -z "${APP_BUNDLE_CLIXON_CONF_PATH}" ]; then + clixon_conf_path="${APP_BUNDLE_CLIXON_CONF_PATH}" + fi +} + +function read_load_images_switch_from_env() +{ + if [ ! -z "${APP_BUNDLE_LOAD_IMAGES_SWITCH}" ]; then + load_images_switch="${APP_BUNDLE_LOAD_IMAGES_SWITCH}" + fi +} + +function copy_charts_to_dest() +{ + if [ -d "${charts_dest_dir}" ]; then + mkdir -p "${charts_dest_dir}" + fi + + cp -r ${src_dir}/${HELM_CHART_TAR} ${charts_dest_dir} +} + +function copy_images_to_dest() +{ + if [ -d "${images_dest_dir}" ]; then + mkdir -p "${images_dest_dir}" + fi + + cp -r ${src_dir}/${CONTAINER_IMAGES_TAR} ${images_dest_dir} +} + + +function replace_clixon_chart_name() +{ + if [ ! -f "${clixon_conf_path}" ]; then + echo "Error: ${clixon_conf_path} is not exist!" + exit 1 + fi + + sed -ie "s/chart_name=.*/chart_name=${HELM_CHART_TAR}/g" ${clixon_conf_path} +} + +function load_images() +{ + if [ "${load_images_switch}" = "on" ]; then + /usr/bin/k3s ctr image import ${images_dest_dir}/${CONTAINER_IMAGES_TAR} + fi +} + +#function define end + +#function exec start +read_charts_dest_dir_from_env +read_images_dest_dir_from_env +read_clixon_conf_path_from_env +read_load_images_switch_from_env + +copy_charts_to_dest +copy_images_to_dest +replace_clixon_chart_name +load_images +#function exec end diff --git a/installer/install.sh b/installer/install.sh index aa9496af..07cf6f39 100755 --- a/installer/install.sh +++ b/installer/install.sh @@ -31,7 +31,9 @@ grub_serial_command="%%GRUB_SERIAL_COMMAND%%" DISTR0_VER="%%DISTR0_VER%%" MACHINE_ID="%%MACHINE_ID%%" CHROOT_PKG="%%CHROOT_PKG%%" -CONTAINER_IMAGES_PKG="%%CONTAINER_IMAGES_PKG%%" +APP_BUNDLE_BIN="%%APP_BUNDLE_BIN%%" +HELM_CHART_TAR_GLOB="%%HELM_CHART_TAR_GLOB%%" +CONTAINER_IMAGES_TAR_GLOB="%%CONTAINER_IMAGES_TAR_GLOB%%" size_part_tsg_os_update="%%SIZE_PART_UPDATE%%" size_part_tsg_os_sysroot="%%SIZE_PART_SYSROOT%%" @@ -283,10 +285,17 @@ chroot ${distro_mnt} /distro-setup.sh ${blk_dev} umount ${distro_mnt}/dev/pts } -if [ -f ${CONTAINER_IMAGES_PKG} ]; then +if [ -f ${APP_BUNDLE_BIN} ]; then mkdir -p ${distro_mnt}/data/var/lib/rancher/k3s/agent/images - rm -rf ${distro_mnt}/data/var/lib/rancher/k3s/agent/images/tsg-*-docker.tar - tar -xf ${CONTAINER_IMAGES_PKG} -C ${distro_mnt}/data/var/lib/rancher/k3s/agent/images + mkdir -p ${distro_mnt}/data/var/lib/rancher/k3s/server/static/charts + rm -rf ${distro_mnt}/data/var/lib/rancher/k3s/agent/images/${CONTAINER_IMAGES_TAR_GLOB} + rm -rf ${distro_mnt}/data/var/lib/rancher/k3s/server/static/charts/${HELM_CHART_TAR_GLOB} + chmod 0755 ${APP_BUNDLE_BIN} + export APP_BUNDLE_CHARTS_DEST_DIR="${distro_mnt}/data/var/lib/rancher/k3s/server/static/charts" + export APP_BUNDLE_IMAGES_DEST_DIR="${distro_mnt}/data/var/lib/rancher/k3s/agent/images" + export APP_BUNDLE_CLIXON_CONF_PATH="${distro_mnt}/opt/tsg/clixon/etc/mgnt-srv.conf" + export APP_BUNDLE_LOAD_IMAGES_SWITCH="off" + ./${APP_BUNDLE_BIN} -i ${distro_mnt}/data/var/lib/rancher/k3s/agent/images -c ${distro_mnt}/data/var/lib/rancher/k3s/server/static/charts fi umount ${distro_mnt}/proc diff --git a/make/Makefile.TSGXBUILDCONTAINERP0906 b/make/Makefile.TSGXBUILDCONTAINERP0906 index f08464d9..17cb8909 100644 --- a/make/Makefile.TSGXBUILDCONTAINERP0906 +++ b/make/Makefile.TSGXBUILDCONTAINERP0906 @@ -1,176 +1,61 @@ -PROFILE_ID := TSG-X-NXR620G40-R01-P0906 +PROFILE_ID := TSG-X-NXR620G40-R01-P0906 +PROFILE_ID_IN_SHORT := $(subst -,$e,$(PROFILE_ID)) -PROFILE_ID_IN_SHORT := $(subst -,$e,$(PROFILE_ID)) -CONTAINER_IMAGES_PKG := tsg-os-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-container-images.tar.bz2 -TRAFFIC_ENGINE_TAR := tsg-os-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-traffic-engine.tar.gz +CONTAINER_IMAGES_TAR := traffic-engine-${OS_RELEASE_VER}-docker.tar +HELM_CHART_TAR := traffic-engine-$(HELM_CHART_VER).tgz +APP_BUNDLE_BIN := tsg-os-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-APP-BUNDLE.bin -TARGET_SYSROOT_DIR := $(TARGET_BUILD_DIR)/sysroot +CONTAINER_IMAGES_TAR_GLOB := traffic-engine-*-docker.tar +HELM_CHART_TAR_GLOB := traffic-engine-*.tgz -TARGET_CONTAINER_IMAGE_TAR_DIR := $(TARGET_BUILD_DIR)/container_images/tar -TOOLS_INSTALL_IMAGE_NAME_TAG := 8-base-tools-installed-${OS_RELEASE_VER} -TOOLS_INSTALL_CONTAINER_NAME := rockylinux-8-base-tools-install-${OS_RELEASE_VER} -TOOLS_COMPONENT_NAME := tools - -FIREWALL_COMPONENT_NAME := firewall -FIREWALL_INSTALL_CONTAINER_NAME := tsg-$(FIREWALL_COMPONENT_NAME)-install-${OS_RELEASE_VER} - -PROXY_COMPONENT_NAME := proxy -PROXY_INSTALL_CONTAINER_NAME := tsg-$(PROXY_COMPONENT_NAME)-install-${OS_RELEASE_VER} - -CERTSTORE_COMPONENT_NAME := certstore -CERTSTORE_INSTALL_CONTAINER_NAME := tsg-$(CERTSTORE_COMPONENT_NAME)-install-${OS_RELEASE_VER} - -TELEGRAF_COMPONENT_NAME := telegraf -TELEGRAF_INSTALL_CONTAINER_NAME := tsg-$(TELEGRAF_COMPONENT_NAME)-install-${OS_RELEASE_VER} - -INIT_COMPONENT_NAME := init -INIT_INSTALL_CONTAINER_NAME := tsg-$(INIT_COMPONENT_NAME)-install-${OS_RELEASE_VER} - -SCE_COMPONENT_NAME := sce -SCE_INSTALL_CONTAINER_NAME := tsg-$(SCE_COMPONENT_NAME)-install-${OS_RELEASE_VER} - -BFDD_COMPONENT_NAME := bfdd -BFDD_INSTALL_CONTAINER_NAME := tsg-$(BFDD_COMPONENT_NAME)-install-${OS_RELEASE_VER} +TARGET_BUILD_DIR := $(BUILDDIR_BASE)/$(PROFILE_ID)/containers +TARGET_INSTALLER_DIR := $(TARGET_BUILD_DIR)/installer -SHAPING_COMPONENT_NAME := shaping -SHAPING_INSTALL_CONTAINER_NAME := tsg-$(SHAPING_COMPONENT_NAME)-install-${OS_RELEASE_VER} +.PHONY: all build_dir installer clean_installer_dir prebuild_container_images build_container_images build_helm_charts build_app_bundle_bin +all: build_app_bundle_bin -TRAFFIC_ENGINE_IMAGES_TAR := tsg-traffic-engine-${OS_RELEASE_VER}-docker.tar +build_dir: + mkdir -p $(TARGET_BUILD_DIR) + mkdir -p $(TARGET_INSTALLER_DIR) -CONTAINER_IMAGE_REPO_PREFIX := registry.gdnt-cloud.website +clean_installer_dir: + rm -rf $(TARGET_INSTALLER_DIR) -.PHONY: all builddir installer container-tar container-images-generate clean +installer: build_dir + cp $(INSTALLERDIR)/app_bundle_install.sh $(TARGET_INSTALLER_DIR)/install.sh + chmod +x $(TARGET_INSTALLER_DIR)/install.sh -all: container-tar + sed -i -e "s/%%CONTAINER_IMAGES_TAR%%/$(CONTAINER_IMAGES_TAR)/" $(TARGET_INSTALLER_DIR)/install.sh + sed -i -e "s/%%HELM_CHART_TAR%%/$(HELM_CHART_TAR)/" $(TARGET_INSTALLER_DIR)/install.sh + sed -i -e "s/%%CONTAINER_IMAGES_TAR_GLOB%%/$(CONTAINER_IMAGES_TAR_GLOB)/" $(TARGET_INSTALLER_DIR)/install.sh + sed -i -e "s/%%HELM_CHART_TAR_GLOB%%/$(HELM_CHART_TAR_GLOB)/" $(TARGET_INSTALLER_DIR)/install.sh -builddir: - mkdir -p $(TARGET_CONTAINER_IMAGE_TAR_DIR) - mkdir -p /tmp/helm - tar -zxvf $(PROJECTDIR)/ansible/roles/traffic-engine/files/helm-linux-amd64.tar.gz -C /tmp/helm - -installer: builddir +prebuild_container_images: ifeq ($(ENABLE_LICENSE_PROTECTED),1) sed -i '/sapp:/d;/tfe-pr:/d;/mrzcpd:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml else sed -i '/sapp-pr:/d;/tfe-pr:/d;/mrzcpd:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml endif - ifeq ($(ENABLE_ALIYUN_INTERNAL_DOMAIN),1) sed -i -e "s/mirrors.aliyun.com/mirrors.cloud.aliyuncs.com/" $(CONFDIR)/yum-RockyLinux-8.conf endif -container-images-generate: builddir - podman load < $(PROJECTDIR)/package/rockylinux8.tar - buildah from --name $(TOOLS_INSTALL_CONTAINER_NAME) rockylinux:8 - buildah copy $(TOOLS_INSTALL_CONTAINER_NAME) $(CONFDIR)/yum-RockyLinux-8.conf /tmp/ - buildah copy $(TOOLS_INSTALL_CONTAINER_NAME) /etc/hosts /tmp/ - buildah run $(TOOLS_INSTALL_CONTAINER_NAME) -- bash -c "cp /etc/hosts /tmp/hosts.bak;cp /tmp/hosts /etc/hosts" - $(TOOLSDIR)/ansible-HAL-CONTAINER $(PROFILE_ID)-$(TOOLS_COMPONENT_NAME) $(PROJECTDIR) /tmp/empty/container /tmp/yum-RockyLinux-8.conf $(OS_RELEASE_VER) $(TOOLS_INSTALL_CONTAINER_NAME) - buildah run $(TOOLS_INSTALL_CONTAINER_NAME) -- bash -c "yum clean all -y; yum -c /tmp/yum-RockyLinux-8.conf clean all -y" - buildah run $(TOOLS_INSTALL_CONTAINER_NAME) -- bash -c "cp /tmp/ks-script-* /; cp /tmp/hosts.bak /etc/hosts; rm -rf /tmp/*; mv /ks-script-* /tmp" - buildah commit $(TOOLS_INSTALL_CONTAINER_NAME) rockylinux:$(TOOLS_INSTALL_IMAGE_NAME_TAG) - buildah rm $(TOOLS_INSTALL_CONTAINER_NAME) +build_container_images: prebuild_container_images + chmod 0755 $(PROJECTDIR)/tools/build_container_images.sh + $(PROJECTDIR)/tools/build_container_images.sh $(PROJECTDIR) $(CONFDIR) $(TOOLSDIR) $(OS_RELEASE_VER) $(PROFILE_ID) $(IMAGEDIR_BASE) $(TARGET_INSTALLER_DIR) $(CONTAINER_IMAGES_TAR) - buildah from --name $(FIREWALL_INSTALL_CONTAINER_NAME) rockylinux:$(TOOLS_INSTALL_IMAGE_NAME_TAG) - buildah copy $(FIREWALL_INSTALL_CONTAINER_NAME) $(CONFDIR)/yum-RockyLinux-8.conf /tmp/ - buildah copy $(FIREWALL_INSTALL_CONTAINER_NAME) /etc/hosts /tmp/ - buildah run $(FIREWALL_INSTALL_CONTAINER_NAME) -- bash -c "cp /etc/hosts /tmp/hosts.bak;cp /tmp/hosts /etc/hosts" - $(TOOLSDIR)/ansible-HAL-CONTAINER $(PROFILE_ID)-$(FIREWALL_COMPONENT_NAME) $(PROJECTDIR) /tmp/empty/container /tmp/yum-RockyLinux-8.conf $(OS_RELEASE_VER) $(FIREWALL_INSTALL_CONTAINER_NAME) - buildah run $(FIREWALL_INSTALL_CONTAINER_NAME) -- bash -c "yum clean all -y; yum -c /tmp/yum-RockyLinux-8.conf clean all -y" - buildah run $(FIREWALL_INSTALL_CONTAINER_NAME) -- bash -c "cp /tmp/ks-script-* /; cp /tmp/hosts.bak /etc/hosts; rm -rf /tmp/*; mv /ks-script-* /tmp" - buildah commit $(FIREWALL_INSTALL_CONTAINER_NAME) $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(FIREWALL_COMPONENT_NAME):$(OS_RELEASE_VER) - buildah rm $(FIREWALL_INSTALL_CONTAINER_NAME) - - buildah from --name $(PROXY_INSTALL_CONTAINER_NAME) rockylinux:$(TOOLS_INSTALL_IMAGE_NAME_TAG) - buildah copy $(PROXY_INSTALL_CONTAINER_NAME) $(CONFDIR)/yum-RockyLinux-8.conf /tmp/ - buildah copy $(PROXY_INSTALL_CONTAINER_NAME) /etc/hosts /tmp/ - buildah run $(PROXY_INSTALL_CONTAINER_NAME) -- bash -c "cp /etc/hosts /tmp/hosts.bak;cp /tmp/hosts /etc/hosts" - $(TOOLSDIR)/ansible-HAL-CONTAINER $(PROFILE_ID)-$(PROXY_COMPONENT_NAME) $(PROJECTDIR) /tmp/empty/container /tmp/yum-RockyLinux-8.conf $(OS_RELEASE_VER) $(PROXY_INSTALL_CONTAINER_NAME) - buildah run $(PROXY_INSTALL_CONTAINER_NAME) -- bash -c "cat /etc/sysctl.d/80-tfe.conf" > $(IMAGEDIR_BASE)/80-tfe.conf - buildah run $(PROXY_INSTALL_CONTAINER_NAME) -- bash -c "yum clean all -y; yum -c /tmp/yum-RockyLinux-8.conf clean all -y" - buildah run $(PROXY_INSTALL_CONTAINER_NAME) -- bash -c "cp /tmp/ks-script-* /; cp /tmp/hosts.bak /etc/hosts; rm -rf /tmp/*; mv /ks-script-* /tmp" - buildah commit $(PROXY_INSTALL_CONTAINER_NAME) $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(PROXY_COMPONENT_NAME):$(OS_RELEASE_VER) - buildah rm $(PROXY_INSTALL_CONTAINER_NAME) +build_helm_charts: build_dir + chmod 0755 $(PROJECTDIR)/tools/build_helm_charts.sh + $(PROJECTDIR)/tools/build_helm_charts.sh $(PROJECTDIR) $(OS_RELEASE_VER) $(HELM_CHART_VER) $(TARGET_INSTALLER_DIR) - buildah from --name $(CERTSTORE_INSTALL_CONTAINER_NAME) rockylinux:$(TOOLS_INSTALL_IMAGE_NAME_TAG) - buildah copy $(CERTSTORE_INSTALL_CONTAINER_NAME) $(CONFDIR)/yum-RockyLinux-8.conf /tmp/ - buildah copy $(CERTSTORE_INSTALL_CONTAINER_NAME) /etc/hosts /tmp/ - buildah run $(CERTSTORE_INSTALL_CONTAINER_NAME) -- bash -c "cp /etc/hosts /tmp/hosts.bak;cp /tmp/hosts /etc/hosts" - $(TOOLSDIR)/ansible-HAL-CONTAINER $(PROFILE_ID)-$(CERTSTORE_COMPONENT_NAME) $(PROJECTDIR) /tmp/empty/container /tmp/yum-RockyLinux-8.conf $(OS_RELEASE_VER) $(CERTSTORE_INSTALL_CONTAINER_NAME) - buildah run $(CERTSTORE_INSTALL_CONTAINER_NAME) -- bash -c "yum clean all -y; yum -c /tmp/yum-RockyLinux-8.conf clean all -y" - buildah run $(CERTSTORE_INSTALL_CONTAINER_NAME) -- bash -c "cp /tmp/ks-script-* /; cp /tmp/hosts.bak /etc/hosts; rm -rf /tmp/*; mv /ks-script-* /tmp" - buildah commit $(CERTSTORE_INSTALL_CONTAINER_NAME) $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(CERTSTORE_COMPONENT_NAME):$(OS_RELEASE_VER) - buildah rm $(CERTSTORE_INSTALL_CONTAINER_NAME) - - buildah from --name $(TELEGRAF_INSTALL_CONTAINER_NAME) rockylinux:$(TOOLS_INSTALL_IMAGE_NAME_TAG) - buildah copy $(TELEGRAF_INSTALL_CONTAINER_NAME) $(CONFDIR)/yum-RockyLinux-8.conf /tmp/ - buildah copy $(TELEGRAF_INSTALL_CONTAINER_NAME) /etc/hosts /tmp/ - buildah run $(TELEGRAF_INSTALL_CONTAINER_NAME) -- bash -c "cp /etc/hosts /tmp/hosts.bak;cp /tmp/hosts /etc/hosts" - $(TOOLSDIR)/ansible-HAL-CONTAINER $(PROFILE_ID)-$(TELEGRAF_COMPONENT_NAME) $(PROJECTDIR) /tmp/empty/container /tmp/yum-RockyLinux-8.conf $(OS_RELEASE_VER) $(TELEGRAF_INSTALL_CONTAINER_NAME) - buildah run $(TELEGRAF_INSTALL_CONTAINER_NAME) -- bash -c "yum clean all -y; yum -c /tmp/yum-RockyLinux-8.conf clean all -y" - buildah run $(TELEGRAF_INSTALL_CONTAINER_NAME) -- bash -c "cp /tmp/ks-script-* /; cp /tmp/hosts.bak /etc/hosts; rm -rf /tmp/*; mv /ks-script-* /tmp" - buildah commit $(TELEGRAF_INSTALL_CONTAINER_NAME) $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(TELEGRAF_COMPONENT_NAME):$(OS_RELEASE_VER) - buildah rm $(TELEGRAF_INSTALL_CONTAINER_NAME) - - buildah from --name $(INIT_INSTALL_CONTAINER_NAME) rockylinux:$(TOOLS_INSTALL_IMAGE_NAME_TAG) - buildah copy $(INIT_INSTALL_CONTAINER_NAME) $(CONFDIR)/yum-RockyLinux-8.conf /tmp/ - buildah copy $(INIT_INSTALL_CONTAINER_NAME) /etc/hosts /tmp/ - buildah run $(INIT_INSTALL_CONTAINER_NAME) -- bash -c "cp /etc/hosts /tmp/hosts.bak;cp /tmp/hosts /etc/hosts" - $(TOOLSDIR)/ansible-HAL-CONTAINER $(PROFILE_ID)-$(INIT_COMPONENT_NAME) $(PROJECTDIR) /tmp/empty/container /tmp/yum-RockyLinux-8.conf $(OS_RELEASE_VER) $(INIT_INSTALL_CONTAINER_NAME) - buildah run $(INIT_INSTALL_CONTAINER_NAME) -- bash -c "yum clean all -y; yum -c /tmp/yum-RockyLinux-8.conf clean all -y" - buildah run $(INIT_INSTALL_CONTAINER_NAME) -- bash -c "cp /tmp/ks-script-* /; cp /tmp/hosts.bak /etc/hosts; rm -rf /tmp/*; mv /ks-script-* /tmp" - buildah commit $(INIT_INSTALL_CONTAINER_NAME) $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(INIT_COMPONENT_NAME):$(OS_RELEASE_VER) - buildah rm $(INIT_INSTALL_CONTAINER_NAME) - - buildah from --name $(SCE_INSTALL_CONTAINER_NAME) rockylinux:$(TOOLS_INSTALL_IMAGE_NAME_TAG) - buildah copy $(SCE_INSTALL_CONTAINER_NAME) $(CONFDIR)/yum-RockyLinux-8.conf /tmp/ - buildah copy $(SCE_INSTALL_CONTAINER_NAME) /etc/hosts /tmp/ - buildah run $(SCE_INSTALL_CONTAINER_NAME) -- bash -c "cp /etc/hosts /tmp/hosts.bak;cp /tmp/hosts /etc/hosts" - $(TOOLSDIR)/ansible-HAL-CONTAINER $(PROFILE_ID)-$(SCE_COMPONENT_NAME) $(PROJECTDIR) /tmp/empty/container /tmp/yum-RockyLinux-8.conf $(OS_RELEASE_VER) $(SCE_INSTALL_CONTAINER_NAME) - buildah run $(SCE_INSTALL_CONTAINER_NAME) -- bash -c "yum clean all -y; yum -c /tmp/yum-RockyLinux-8.conf clean all -y" - buildah run $(SCE_INSTALL_CONTAINER_NAME) -- bash -c "cp /tmp/ks-script-* /; cp /tmp/hosts.bak /etc/hosts; rm -rf /tmp/*; mv /ks-script-* /tmp" - buildah commit $(SCE_INSTALL_CONTAINER_NAME) $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(SCE_COMPONENT_NAME):$(OS_RELEASE_VER) - buildah rm $(SCE_INSTALL_CONTAINER_NAME) - - buildah from --name $(BFDD_INSTALL_CONTAINER_NAME) rockylinux:$(TOOLS_INSTALL_IMAGE_NAME_TAG) - buildah copy $(BFDD_INSTALL_CONTAINER_NAME) $(CONFDIR)/yum-RockyLinux-8.conf /tmp/ - buildah copy $(BFDD_INSTALL_CONTAINER_NAME) /etc/hosts /tmp/ - buildah run $(BFDD_INSTALL_CONTAINER_NAME) -- bash -c "cp /etc/hosts /tmp/hosts.bak;cp /tmp/hosts /etc/hosts" - $(TOOLSDIR)/ansible-HAL-CONTAINER $(PROFILE_ID)-$(BFDD_COMPONENT_NAME) $(PROJECTDIR) /tmp/empty/container /tmp/yum-RockyLinux-8.conf $(OS_RELEASE_VER) $(BFDD_INSTALL_CONTAINER_NAME) - buildah run $(BFDD_INSTALL_CONTAINER_NAME) -- bash -c "yum clean all -y; yum -c /tmp/yum-RockyLinux-8.conf clean all -y" - buildah run $(BFDD_INSTALL_CONTAINER_NAME) -- bash -c "cp /tmp/ks-script-* /; cp /tmp/hosts.bak /etc/hosts; rm -rf /tmp/*; mv /ks-script-* /tmp" - buildah commit $(BFDD_INSTALL_CONTAINER_NAME) $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(BFDD_COMPONENT_NAME):$(OS_RELEASE_VER) - buildah rm $(BFDD_INSTALL_CONTAINER_NAME) - - buildah from --name $(SHAPING_INSTALL_CONTAINER_NAME) rockylinux:$(TOOLS_INSTALL_IMAGE_NAME_TAG) - buildah copy $(SHAPING_INSTALL_CONTAINER_NAME) $(CONFDIR)/yum-RockyLinux-8.conf /tmp/ - buildah copy $(SHAPING_INSTALL_CONTAINER_NAME) /etc/hosts /tmp/ - buildah run $(SHAPING_INSTALL_CONTAINER_NAME) -- bash -c "cp /etc/hosts /tmp/hosts.bak;cp /tmp/hosts /etc/hosts" - $(TOOLSDIR)/ansible-HAL-CONTAINER $(PROFILE_ID)-$(SHAPING_COMPONENT_NAME) $(PROJECTDIR) /tmp/empty/container /tmp/yum-RockyLinux-8.conf $(OS_RELEASE_VER) $(SHAPING_INSTALL_CONTAINER_NAME) - buildah run $(SHAPING_INSTALL_CONTAINER_NAME) -- bash -c "yum clean all -y; yum -c /tmp/yum-RockyLinux-8.conf clean all -y" - buildah run $(SHAPING_INSTALL_CONTAINER_NAME) -- bash -c "cp /tmp/ks-script-* /; cp /tmp/hosts.bak /etc/hosts; rm -rf /tmp/*; mv /ks-script-* /tmp" - buildah commit $(SHAPING_INSTALL_CONTAINER_NAME) $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(SHAPING_COMPONENT_NAME):$(OS_RELEASE_VER) - buildah rm $(SHAPING_INSTALL_CONTAINER_NAME) - -container-tar: installer container-images-generate - podman save -o $(TARGET_CONTAINER_IMAGE_TAR_DIR)/$(TRAFFIC_ENGINE_IMAGES_TAR) -m \ - $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(FIREWALL_COMPONENT_NAME):$(OS_RELEASE_VER) \ - $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(PROXY_COMPONENT_NAME):$(OS_RELEASE_VER) \ - $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(CERTSTORE_COMPONENT_NAME):$(OS_RELEASE_VER) \ - $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(TELEGRAF_COMPONENT_NAME):$(OS_RELEASE_VER) \ - $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(INIT_COMPONENT_NAME):$(OS_RELEASE_VER) \ - $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(SCE_COMPONENT_NAME):$(OS_RELEASE_VER) \ - $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(BFDD_COMPONENT_NAME):$(OS_RELEASE_VER) \ - $(CONTAINER_IMAGE_REPO_PREFIX)/tsg-$(SHAPING_COMPONENT_NAME):$(OS_RELEASE_VER) - tar --exclude=*~ --exclude-backups --owner=root --group=root -c -C $(TARGET_CONTAINER_IMAGE_TAR_DIR) . | pbzip2 -p9 > $(IMAGEDIR_BASE)/$(CONTAINER_IMAGES_PKG) - /tmp/helm/linux-amd64/helm package --app-version $(OS_RELEASE_VER) --version $(HELM_CHART_VER) -d $(IMAGEDIR_BASE) $(PROJECTDIR)/ansible/roles/traffic-engine/files/helm - /tmp/helm/linux-amd64/helm package --app-version $(OS_RELEASE_VER) --version $(HELM_CHART_VER) -d $(IMAGEDIR_BASE) $(PROJECTDIR)/ansible/roles/k3s-exporter/files/mrzcpd/helm - tar -zcvf /tmp/$(TRAFFIC_ENGINE_TAR) -C $(IMAGEDIR_BASE) traffic-engine-$(HELM_CHART_VER).tgz exporter-mrzcpd-$(HELM_CHART_VER).tgz $(CONTAINER_IMAGES_PKG) - mv /tmp/$(TRAFFIC_ENGINE_TAR) $(IMAGEDIR_BASE) - sha256sum $(IMAGEDIR_BASE)/$(TRAFFIC_ENGINE_TAR) | awk '{print $$1}' > $(IMAGEDIR_BASE)/$(TRAFFIC_ENGINE_TAR).sha256sum.txt +build_app_bundle_bin: clean_installer_dir installer build_helm_charts build_container_images + mkdir -p $(TARGET_BUILD_DIR)/app-bundle-cook-bits + chmod 0755 $(TOOLSDIR)/app-bundle-cook-bits + $(TOOLSDIR)/app-bundle-cook-bits $(TARGET_BUILD_DIR) $(TARGET_BUILD_DIR)/app-bundle-cook-bits $(IMAGEDIR_BASE)/$(APP_BUNDLE_BIN) + sha256sum $(IMAGEDIR_BASE)/$(APP_BUNDLE_BIN) | awk '{print $$1}' > $(IMAGEDIR_BASE)/$(APP_BUNDLE_BIN).sha256sum.txt clean: rm -rf $(TARGET_BUILD_DIR) diff --git a/make/Makefile.TSGXNXR620G40R01P0906 b/make/Makefile.TSGXNXR620G40R01P0906 index ce797c51..732c8e9a 100644 --- a/make/Makefile.TSGXNXR620G40R01P0906 +++ b/make/Makefile.TSGXNXR620G40R01P0906 @@ -9,7 +9,7 @@ SIZE_PART_UPDATE := 16384M PROFILE_ID_IN_SHORT := $(subst -,$e,$(PROFILE_ID)) CHROOT_PKG := tsg-os-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-chroot.tar.bz2 CHROOT_BIN := tsg-os-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-ONIE.bin -CONTAINER_IMAGES_PKG := tsg-os-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-container-images.tar.bz2 +APP_BUNDLE_BIN := tsg-os-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-APP-BUNDLE.bin TARGET_BUILD_DIR := $(BUILDDIR_BASE)/$(PROFILE_ID) TARGET_INSTALLER_DIR := $(TARGET_BUILD_DIR)/installer @@ -38,7 +38,7 @@ installer: builddir sed -i -e "s/%%GRUB_SERIAL_COMMAND%%/$(GRUB_SERIAL_COMMAND)/" $(TARGET_INSTALLER_DIR)/install.sh sed -i -e "s/%%SIZE_PART_SYSROOT%%/$(SIZE_PART_SYSROOT)/" $(TARGET_INSTALLER_DIR)/install.sh sed -i -e "s/%%SIZE_PART_UPDATE%%/$(SIZE_PART_UPDATE)/" $(TARGET_INSTALLER_DIR)/install.sh - sed -i -e "s/%%CONTAINER_IMAGES_PKG%%/$(CONTAINER_IMAGES_PKG)/" $(TARGET_INSTALLER_DIR)/install.sh + sed -i -e "s/%%APP_BUNDLE_BIN%%/$(APP_BUNDLE_BIN)/" $(TARGET_INSTALLER_DIR)/install.sh sed -i '/sapp-pr:/d;/tfe-pr:/d;/mrzcpd:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml ifeq ($(ENABLE_ALIYUN_INTERNAL_DOMAIN),1) diff --git a/tools/app-bundle-cook-bits b/tools/app-bundle-cook-bits new file mode 100644 index 00000000..e9003dff --- /dev/null +++ b/tools/app-bundle-cook-bits @@ -0,0 +1,54 @@ +#!/bin/bash + +# +# Copyright (C) 2017 Rajendra Dendukuri +# +# SPDX-License-Identifier: GPL-2.0 +# + +# Make an ONIE installer using CentOS 7 chroot environment +# +# inputs: cento7 chroot package +# output: ONIE compatible OS installer image +# +# Comments: This script expects that yumbootsstrap is installed on +# on the Linux host where it is executed. + +#!/bin/sh + +set -e + +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" +INPUT_DIR=$1 +WORK_DIR=$2 +TARGET_BINARY=$3 + +echo -n "Creating $TARGET_BINARY: ." + +# Repackage $INSTALLDIR into a self-extracting installer image +sharch="$WORK_DIR/sharch.tar" +tar --exclude=*~ --exclude-backups --owner=root --group=root -C $INPUT_DIR -jcf $sharch installer || { + echo "Error: Problems creating $sharch archive" + exit 1 +} + +[ -f "$sharch" ] || { + echo "Error: $sharch not found" + exit 1 +} + +echo -n "." + +sha1=$(cat $sharch | sha1sum | awk '{print $1}') +echo -n "." + +cp $SCRIPT_DIR/app_bundle_body.sh $TARGET_BINARY || { + echo "Error: Problems copying app_bundle_body.sh" + exit 1 +} + +# Replace variables in the sharch template +sed -i -e "s/%%IMAGE_SHA1%%/$sha1/" $TARGET_BINARY +echo -n "." +cat $sharch >> $TARGET_BINARY +echo " Done." \ No newline at end of file diff --git a/tools/app_bundle_body.sh b/tools/app_bundle_body.sh new file mode 100644 index 00000000..39ac3aee --- /dev/null +++ b/tools/app_bundle_body.sh @@ -0,0 +1,114 @@ +#!/bin/sh +PAYLOAD_SHA1=%%IMAGE_SHA1%% +tmp_dir= +extract=no + +args=$(getopt -a -o hx -l extract,help -- "$@") +eval set -- "${args}" + +#function define start +function usage() +{ + echo 'Usage:' + echo ' -x, --extract Extract files from app-bundle bin to tmp file and exit' + echo ' -h, --help Give this help' + echo ' Using ENV [$APP_BUNDLE_CHARTS_DEST_DIR] to change the helm charts dest directory' + echo ' Using ENV [$APP_BUNDLE_IMAGES_DEST_DIR] to change the container images dest directory' + echo ' Using ENV [$APP_BUNDLE_CLIXON_CONF_PATH] to set the clixon mgnt-srv.conf path' + echo ' Using ENV [$APP_BUNDLE_LOAD_IMAGES_SWITCH] to set the load images switch' + echo 'example: '$0' -x' + echo 'example: '$0' -h' + exit 0 +} + +#[ $? -ne 0 ] && usage +function read_option() +{ + while true + do + case "$1" in + -x|--extract) + extract=yes + shift + ;; + -h|--help) + usage + shift + ;; + --) + shift + break + ;; + *) + usage + shift + ;; + esac + done +} + + +function verify_checksum() +{ + echo -n "Verifying app-bundle bin checksum ..." + + sha1=$(sed -e '1,/^exit_marker$/d' "$0" | sha1sum | awk '{ print $1 }') + + if [ "$sha1" != "$PAYLOAD_SHA1" ] ; then + echo + echo "ERROR: Unable to verify archive checksum" + echo "Expected: $PAYLOAD_SHA1" + echo "Found : $sha1" + exit 1 + fi + + echo " OK." +} + +function clean_up() +{ + if [ "$(id -u)" = "0" ] ; then + umount $tmp_dir > /dev/null 2>&1 + fi + rm -rf $tmp_dir + exit $1 +} + +function extract_file() +{ + cur_wd=$(pwd) + archive_path=$(realpath "$0") + tmp_dir=$(mktemp -d) + if [ "$(id -u)" = "0" ] ; then + mount -t tmpfs tmpfs-installer $tmp_dir || clean_up 1 + fi + cd $tmp_dir + echo -n "Preparing image archive ..." + sed -e '1,/^exit_marker$/d' $archive_path | tar jxf - || clean_up 1 + echo " OK." + cd $cur_wd +} + +function is_extract_and_exit() +{ + if [ "$extract" = "yes" ] ; then + # stop here + echo "Image extracted to: $tmp_dir" + if [ "$(id -u)" = "0" ] ; then + echo "To un-mount the tmpfs when finished type: umount $tmp_dir" + fi + exit 0 + fi +} + +read_option $@ +verify_checksum +extract_file +is_extract_and_exit + +$tmp_dir/installer/install.sh $@ +rc="$?" + +clean_up $rc + +exit_marker diff --git a/tools/build_container_images.sh b/tools/build_container_images.sh new file mode 100644 index 00000000..663285e5 --- /dev/null +++ b/tools/build_container_images.sh @@ -0,0 +1,87 @@ +#!/bin/sh -e +CODE_PROJECT_DIR=$1 +CODE_CONF_DIR=$2 +CODE_TOOTS_DIR=$3 + +OS_RELEASE_VER=$4 +PROFILE_ID=$5 +IMAGE_CACHE_DIR=$6 + +EXPORT_IMAGES_DIR=$7 +EXPORT_IMAGES_NAME=$8 + + +IMAGE_REPO_PREFIX="registry.gdnt-cloud.website" + +BASE_IMAGE_NAME="${IMAGE_REPO_PREFIX}/tsg-base:${OS_RELEASE_VER}" + +##function define start +function load_rockylinux_image() +{ + podman load < ${CODE_PROJECT_DIR}/package/rockylinux8.tar +} + +function build_image() +{ + local component_name=$1 + local source_image_name=$2 + local target_image_name=$3 + + local container_name="tsg-${component_name}-install-${OS_RELEASE_VER}" + #create container + buildah from --name ${container_name} ${source_image_name} + + #copy /etc/hosts into container + buildah copy ${container_name} ${CODE_CONF_DIR}/yum-RockyLinux-8.conf /tmp/ + buildah copy ${container_name} /etc/hosts /tmp/ + buildah run ${container_name} -- bash -c "cp /etc/hosts /tmp/hosts.bak;cp /tmp/hosts /etc/hosts" + + #deploy the traffic engine into container + ${CODE_TOOTS_DIR}/ansible-HAL-CONTAINER ${PROFILE_ID}-${component_name} ${CODE_PROJECT_DIR} /tmp/empty/container /tmp/yum-RockyLinux-8.conf ${OS_RELEASE_VER} ${container_name} + + #clean install fine in container + buildah run ${container_name} -- bash -c "yum clean all -y; yum -c /tmp/yum-RockyLinux-8.conf clean all -y" + buildah run ${container_name} -- bash -c "cp /tmp/ks-script-* /; cp /tmp/hosts.bak /etc/hosts; rm -rf /tmp/*; mv /ks-script-* /tmp" + + ## + if [ "proxy" == "${component_name}" ]; then + buildah run ${container_name} -- bash -c "cat /etc/sysctl.d/80-tfe.conf" > ${IMAGE_CACHE_DIR}/80-tfe.conf + fi + + #commit container + buildah commit ${container_name} ${target_image_name} + + #delete container + buildah rm ${container_name} +} + +function export_images() +{ + podman save -o ${EXPORT_IMAGES_DIR}/${EXPORT_IMAGES_NAME} -m \ + ${IMAGE_REPO_PREFIX}/tsg-firewall:${OS_RELEASE_VER} \ + ${IMAGE_REPO_PREFIX}/tsg-proxy:${OS_RELEASE_VER} \ + ${IMAGE_REPO_PREFIX}/tsg-certstore:${OS_RELEASE_VER} \ + ${IMAGE_REPO_PREFIX}/tsg-telegraf:${OS_RELEASE_VER} \ + ${IMAGE_REPO_PREFIX}/tsg-init:${OS_RELEASE_VER} \ + ${IMAGE_REPO_PREFIX}/tsg-sce:${OS_RELEASE_VER} \ + ${IMAGE_REPO_PREFIX}/tsg-bfdd:${OS_RELEASE_VER} \ + ${IMAGE_REPO_PREFIX}/tsg-shaping:${OS_RELEASE_VER} +} +##function define end + + +load_rockylinux_image + +build_image "base" "rockylinux:8" "${BASE_IMAGE_NAME}" + +build_image "firewall" "${BASE_IMAGE_NAME}" "${IMAGE_REPO_PREFIX}/tsg-firewall:${OS_RELEASE_VER}" +build_image "proxy" "${BASE_IMAGE_NAME}" "${IMAGE_REPO_PREFIX}/tsg-proxy:${OS_RELEASE_VER}" +build_image "certstore" "${BASE_IMAGE_NAME}" "${IMAGE_REPO_PREFIX}/tsg-certstore:${OS_RELEASE_VER}" +build_image "telegraf" "${BASE_IMAGE_NAME}" "${IMAGE_REPO_PREFIX}/tsg-telegraf:${OS_RELEASE_VER}" +build_image "init" "${BASE_IMAGE_NAME}" "${IMAGE_REPO_PREFIX}/tsg-init:${OS_RELEASE_VER}" +build_image "sce" "${BASE_IMAGE_NAME}" "${IMAGE_REPO_PREFIX}/tsg-sce:${OS_RELEASE_VER}" +build_image "bfdd" "${BASE_IMAGE_NAME}" "${IMAGE_REPO_PREFIX}/tsg-bfdd:${OS_RELEASE_VER}" +build_image "shaping" "${BASE_IMAGE_NAME}" "${IMAGE_REPO_PREFIX}/tsg-shaping:${OS_RELEASE_VER}" + +export_images + diff --git a/tools/build_helm_charts.sh b/tools/build_helm_charts.sh new file mode 100644 index 00000000..c25516ce --- /dev/null +++ b/tools/build_helm_charts.sh @@ -0,0 +1,17 @@ +#!/bin/sh -e +CODE_PROJECT_DIR=$1 +OS_RELEASE_VER=$2 +WRITE_HELM_CHART_VER=$3 +WRITE_HELM_CHART_DIR=$4 + +##function define start +function build_helm_charts() +{ + mkdir -p /tmp/helm + tar -zxvf ${CODE_PROJECT_DIR}/ansible/roles/traffic-engine/files/helm-linux-amd64.tar.gz -C /tmp/helm + /tmp/helm/linux-amd64/helm package --app-version ${OS_RELEASE_VER} --version ${WRITE_HELM_CHART_VER} -d ${WRITE_HELM_CHART_DIR} ${CODE_PROJECT_DIR}/ansible/roles/traffic-engine/files/helm + rm -rf /tmp/helm +} +##function define end + +build_helm_charts diff --git a/tools/mk-base-image b/tools/mk-base-image index ba078fa6..4672e016 100755 --- a/tools/mk-base-image +++ b/tools/mk-base-image @@ -148,9 +148,7 @@ case $profile_id in esac # ansible-playbook -i tsg-9140-scripts/install_config/tsg_9140_host tsg-9140-scripts/tsg_9140_deploy.yml yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt clean all -mkdir -p /etc/NetworkManager/conf.d -echo "[ifupdown]" > /etc/NetworkManager/conf.d/01-update-ifupdown.conf -echo "managed=true" >> /etc/NetworkManager/conf.d/01-update-ifupdown.conf + rm -rf $target/tmp/* rm -rf $target/core.* #rm -rf $target/etc/machine-id diff --git a/tools/upload.sh b/tools/upload.sh index 94729df1..e1a96256 100644 --- a/tools/upload.sh +++ b/tools/upload.sh @@ -12,8 +12,8 @@ function upload_kvm_glob_file() function upload_app_bundle_glob_file() { - python3 ~/file_upload_tools_to_share_repo.py ${FILE_REPO_PATH} ./images/*.tar.gz.sha256sum.txt - python3 ~/file_upload_tools_to_share_repo.py ${FILE_REPO_PATH} ./images/*.tar.gz + python3 ~/file_upload_tools_to_share_repo.py ${FILE_REPO_PATH} ./images/*-APP-BUNDLE.bin + python3 ~/file_upload_tools_to_share_repo.py ${FILE_REPO_PATH} ./images/*-APP-BUNDLE.bin.sha256sum.txt } function upload_onie_glob_file()