gfwleak/tsg-tsg-os-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature:TSG-18016:删除firewall相关的telegraf_statistic和telegraf_security

Browse Source
This commit is contained in:
fumingwei
2023-12-20 11:54:05 +08:00
parent 532e7b6c2f
commit 2a583fc288
13 changed files with 13 additions and 659 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
ansible/roles/telegraf_statistic/files/telegraf_security.service
View File

@@ -1,16 +0,0 @@
[Unit]
Description=Security information
Documentation=https://github.com/influxdata/telegraf
After=network.target
[Service]
EnvironmentFile=-/etc/default/telegraf
User=telegraf
ExecStart=/usr/bin/telegraf -config /etc/telegraf/telegraf_security.conf -config-directory /etc/telegraf/telegraf_statistic.d $TELEGRAF_OPTS
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
RestartForceExitStatus=SIGPIPE
KillMode=control-group
[Install]
WantedBy=multi-user.target

16
ansible/roles/telegraf_statistic/files/telegraf_shaping.service
View File

@@ -1,16 +0,0 @@
[Unit]
Description=Shaping information
Documentation=https://github.com/influxdata/telegraf
After=network.target
[Service]
EnvironmentFile=-/etc/default/telegraf
User=telegraf
ExecStart=/usr/bin/telegraf -config /etc/telegraf/telegraf_shaping.conf -config-directory /etc/telegraf/telegraf_statistic.d $TELEGRAF_OPTS
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
RestartForceExitStatus=SIGPIPE
KillMode=control-group
[Install]
WantedBy=multi-user.target

16
ansible/roles/telegraf_statistic/files/telegraf_statistic.service
View File

@@ -1,16 +0,0 @@
[Unit]
Description=Statistic information
Documentation=https://github.com/influxdata/telegraf
After=network.target
[Service]
EnvironmentFile=-/etc/default/telegraf
User=telegraf
ExecStart=/usr/bin/telegraf -config /etc/telegraf/telegraf_statistic.conf -config-directory /etc/telegraf/telegraf_statistic.d $TELEGRAF_OPTS
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
RestartForceExitStatus=SIGPIPE
KillMode=control-group
[Install]
WantedBy=multi-user.target

86
ansible/roles/telegraf_statistic/tasks/main.yml
View File

@@ -10,96 +10,46 @@
state: present
disable_gpg_check: yes
- name: "Templates telegraf.conf"
template:
src: "{{role_path}}/templates/telegraf_statistic.conf.j2.j2"
dest: /opt/tsg/tsg-os-provision/templates/telegraf_statistic.conf.j2
tags: template
when: runtime_env != 'TSG-X-P0906'
# - name: "Templates telegraf.conf"
# template:
# src: "{{role_path}}/templates/telegraf_shaping.conf.j2.j2"
# dest: /opt/tsg/tsg-os-provision/templates/telegraf_shaping.conf.j2
# tags: template
# when: runtime_env != 'TSG-X-P0906'
- name: "Templates telegraf_security.conf"
template:
src: "{{role_path}}/templates/telegraf_security.conf.j2.j2"
dest: /opt/tsg/tsg-os-provision/templates/telegraf_security.conf.j2
tags: template
when: runtime_env != 'TSG-X-P0906'
- name: "Templates telegraf_proxy.conf"
template:
src: "{{role_path}}/templates/telegraf_proxy.conf.j2.j2"
dest: /opt/tsg/tsg-os-provision/templates/telegraf_proxy.conf.j2
tags: template
when: runtime_env != 'TSG-X-P0906'
- name: "copy telegraf_statistic.service to destination server"
copy:
src: "{{ role_path }}/files/telegraf_statistic.service"
dest: /usr/lib/systemd/system
mode: 0644
when: runtime_env != 'TSG-X-P0906'
# - name: "copy telegraf_shaping.service to destination server"
# copy:
# src: "{{ role_path }}/files/telegraf_shaping.service"
# dest: /usr/lib/systemd/system
# mode: 0644
- name: "copy telegraf_security.service to destination server"
copy:
src: "{{ role_path }}/files/telegraf_security.service"
dest: /usr/lib/systemd/system
mode: 0644
when: runtime_env != 'TSG-X-P0906'
when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123'
- name: "copy telegraf_proxy.service to destination server"
copy:
src: "{{ role_path }}/files/telegraf_proxy.service"
dest: /usr/lib/systemd/system
mode: 0644
when: runtime_env != 'TSG-X-P0906'
when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123'
- name: "Create /usr/lib/systemd/system/telegraf_statistic.service.d/ and /usr/lib/systemd/system/telegraf_shaping.service.d directory if it does not exist"
- name: "Create service override dictionary"
file:
path: "{{ item }}"
state: directory
mode: '0755'
with_items:
- /usr/lib/systemd/system/telegraf_statistic.service.d
- /usr/lib/systemd/system/telegraf_security.service.d
- /usr/lib/systemd/system/telegraf_proxy.service.d
# - /usr/lib/systemd/system/telegraf_shaping.service.d
when: runtime_env != 'TSG-X-P0906'
when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123'
- name: "copy slice file to telegraf_statistic.service.d"
- name: "Copy slice override file to dest"
copy:
src: "{{ role_path }}/templates/service_override_slice.conf.j2"
dest: "{{ item }}"
mode: 0644
with_items:
- /usr/lib/systemd/system/telegraf_statistic.service.d/service_override_slice.conf
- /usr/lib/systemd/system/telegraf_security.service.d/service_override_slice.conf
- /usr/lib/systemd/system/telegraf_proxy.service.d/service_override_slice.conf
# - /usr/lib/systemd/system/telegraf_shaping.service.d/service_override_slice.conf
when: runtime_env != 'TSG-X-P0906'
when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123'
- name: "replace action: replace service WantedBy from multi-user.target to workload.target"
- name: "Change service WantedBy target"
replace:
path: "{{ item }}"
regexp: 'WantedBy=multi-user.target'
replace: 'WantedBy=workload.target'
with_items:
- /usr/lib/systemd/system/telegraf_statistic.service
- /usr/lib/systemd/system/telegraf_security.service
- /usr/lib/systemd/system/telegraf_proxy.service
# - /usr/lib/systemd/system/telegraf_shaping.service
when: runtime_env != 'TSG-X-P0906'
when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123'
##################### telegraf #####################
@@ -107,26 +57,10 @@
systemd:
name: telegraf.service
enabled: no
when: runtime_env != 'TSG-X-P0906'
- name: "Start telegraf_statistic"
systemd:
name: telegraf_statistic.service
enabled: yes
when: runtime_env != 'TSG-X-P0906'
# - name: "Start telegraf_shaping"
# systemd:
# name: telegraf_shaping.service
# enabled: yes
- name: "Start telegraf_security"
systemd:
name: telegraf_security.service
enabled: yes
when: runtime_env != 'TSG-X-P0906'
when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123'
- name: "Start telegraf_proxy"
systemd:
name: telegraf_proxy.service
enabled: yes
when: runtime_env != 'TSG-X-P0906'
when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123'

77
ansible/roles/telegraf_statistic/templates/telegraf_security.conf.j2.j2
View File

@@ -1,77 +0,0 @@
# Telegraf Configuration
[global_tags]
device_id = "${device_id}"
{% raw %}{% if data_center.name is defined %}
data_center = "{{ data_center.name }}"
{% endif %}
{% if device.tags is defined %}
{% for device_tag in device.tags %}
{% for key,value in device_tag.items() %}
{{ key }} = "{{value}}"
{% endfor %}
{% endfor %}
{% endif %}
{% endraw %}
[agent]
interval = "1s"
round_interval = true
metric_batch_size = 1000
metric_buffer_limit = 100000
collection_jitter = "0s"
flush_interval = "1s"
flush_jitter = "0s"
precision = ""
debug = false
quiet = false
logfile = ""
hostname = ""
omit_hostname = true
[[inputs.socket_listener]]
service_address = "udp://:8400"
data_format = "influx"
read_buffer_size = "32MiB"
[[outputs.kafka]]
sasl_username = "admin"
sasl_password = "galaxy2019"
{% raw %} brokers = [ "{{ olap.kafka_broker.address_list | join("\",\"") }}" ]
{% endraw %}
topic = "POLICY-RULE-METRIC"
data_format = "json"
json_timestamp_units = "1ms"
json_transformation = '''
$merge([$, { "timestamp_ms": timestamp}]) ~> |$|{}, ['timestamp']|
'''
# add rename
[[processors.rename]]
[[processors.rename.replace]]
field = "hit_count_sum"
dest = "hit_count"
[[processors.rename.replace]]
field = "in_bytes_sum"
dest = "in_bytes"
[[processors.rename.replace]]
field = "out_bytes_sum"
dest = "out_bytes"
[[processors.rename.replace]]
field = "in_pkts_sum"
dest = "in_pkts"
[[processors.rename.replace]]
field = "out_pkts_sum"
dest = "out_pkts"
[[aggregators.basicstats]]
period = "1s"
delay = "1s"
grace = "1s"
drop_original = true
stats = ["sum"]
fieldpass = ["hit_count", "in_bytes", "out_bytes", "in_pkts", "out_pkts"]
namepass = ["security_rule_hits", "statistics_rule_hits"] # only "pass" swap metrics through the aggregator.

126
ansible/roles/telegraf_statistic/templates/telegraf_shaping.conf.j2.j2
View File

@@ -1,126 +0,0 @@
# Telegraf Configuration
[global_tags]
device_id = "${device_id}"
{% raw %}{% if data_center.name is defined %}
data_center = "{{ data_center.name }}"
{% endif %}
{% if device.tags is defined %}
{% for device_tag in device.tags %}
{% for key,value in device_tag.items() %}
{{ key }} = "{{value}}"
{% endfor %}
{% endfor %}
{% endif %}
{% endraw %}
[agent]
interval = "1s"
round_interval = true
metric_batch_size = 1000
metric_buffer_limit = 100000
collection_jitter = "0s"
flush_interval = "1s"
flush_jitter = "0s"
precision = ""
debug = false
quiet = false
logfile = ""
hostname = ""
omit_hostname = true
[[inputs.socket_listener]]
service_address = "udp://:8200"
data_format = "influx"
read_buffer_size = "32MiB"
#[[processors.converter]]
# [processors.converter.tags]
# measurement = ["topic"]
[[processors.rename]]
[[processors.rename.replace]]
field = "active_sessions_sum"
dest = "active_sessions"
[[processors.rename.replace]]
field = "in_drop_pkts_sum"
dest = "in_drop_pkts"
[[processors.rename.replace]]
field = "in_max_latency_us_max"
dest = "in_max_latency_us"
[[processors.rename.replace]]
field = "in_queue_len_sum"
dest = "in_queue_len"
[[processors.rename.replace]]
field = "in_rx_bytes_sum"
dest = "in_rx_bytes"
[[processors.rename.replace]]
field = "in_rx_pkts_sum"
dest = "in_rx_pkts"
[[processors.rename.replace]]
field = "in_tx_bytes_sum"
dest = "in_tx_bytes"
[[processors.rename.replace]]
field = "in_tx_pkts_sum"
dest = "in_tx_pkts"
[[processors.rename.replace]]
field = "out_drop_pkts_sum"
dest = "out_drop_pkts"
[[processors.rename.replace]]
field = "out_max_latency_us_max"
dest = "out_max_latency_us"
[[processors.rename.replace]]
field = "out_queue_len_sum"
dest = "out_queue_len"
[[processors.rename.replace]]
field = "out_rx_bytes_sum"
dest = "out_rx_bytes"
[[processors.rename.replace]]
field = "out_rx_pkts_sum"
dest = "out_rx_pkts"
[[processors.rename.replace]]
field = "out_tx_bytes_sum"
dest = "out_tx_bytes"
[[processors.rename.replace]]
field = "out_tx_pkts_sum"
dest = "out_tx_pkts"
[[processors.rename.replace]]
field = "queueing_sessions_sum"
dest = "queueing_sessions"
[[aggregators.basicstats]]
period = "1s"
delay = "1s"
grace = "1s"
drop_original = true
stats = ["sum", "max"]
[[outputs.kafka]]
sasl_username = "admin"
sasl_password = "galaxy2019"
{% raw %} brokers = [ "{{ olap.kafka_broker.address_list | join("\",\"") }}" ]
{% endraw %}
topic = "TRAFFIC-SHAPING-METRICS"
fielddrop = ["*pkts*max", "*bytes*max", "*session*max", "*queue*max", "*latency*sum"]
data_format = "json"
json_timestamp_units = "1ms"
json_transformation = '''
$merge([$, { "timestamp_ms": timestamp}]) ~> |$|{}, ['timestamp']|
'''

97
ansible/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2.j2
View File

@@ -1,97 +0,0 @@
[global_tags]
device_id = "${device_id}"
{% raw %}{% if data_center.name is defined %}
data_center = "{{ data_center.name }}"
{% endif %}
{% if device.tags is defined %}
{% for device_tag in device.tags %}
{% for key,value in device_tag.items() %}
{{ key }} = "{{value}}"
{% endfor %}
{% endfor %}
{% endif %}
{% endraw %}
[agent]
interval = "5s"
round_interval = true
metric_batch_size = 1000
metric_buffer_limit = 100000
collection_jitter = "0s"
flush_interval = "1s"
flush_jitter = "0s"
precision = ""
debug = false
quiet = false
logfile = ""
hostname = ""
omit_hostname = false
[[outputs.kafka]]
sasl_username = "admin"
sasl_password = "galaxy2019"
{% raw %} brokers = [ "{{ olap.kafka_broker.address_list | join("\",\"") }}" ]
{% endraw %}
topic = "NETWORK-TRAFFIC-METRIC"
data_format = "json"
json_timestamp_units = "1ms"
json_transformation = '''
$merge([$, { "timestamp_ms": timestamp}]) ~> |$|{}, ['timestamp']|
'''
[[inputs.socket_listener]]
service_address = "udp://:8100"
data_format = "influx"
read_buffer_size = "32MiB"
[[aggregators.basicstats]]
period = "1s"
delay = "1s"
grace = "1s"
drop_original = true
stats = ["sum"]
fieldpass = ["sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "c2s_pkts", "s2c_pkts", "c2s_bytes", "s2c_bytes", "c2s_fragments", "s2c_fragments",
"c2s_tcp_lost_bytes", "s2c_tcp_lost_bytes", "c2s_tcp_ooorder_pkts", "s2c_tcp_ooorder_pkts", "c2s_tcp_retransmitted_pkts", "s2c_tcp_retransmitted_pkts",
"c2s_tcp_retransmitted_bytes", "s2c_tcp_retransmitted_bytes"]
namepass = ["traffic_application_protocol_stat"] #only "pass" swap metrics through the aggregator.
[[processors.rename]]
[[processors.rename.replace]] field = "sessions_sum" dest = "sessions"
[[processors.rename.replace]] field = "in_bytes_sum" dest = "in_bytes"
[[processors.rename.replace]] field = "out_bytes_sum" dest = "out_bytes"
[[processors.rename.replace]] field = "in_pkts_sum" dest = "in_pkts"
[[processors.rename.replace]] field = "out_pkts_sum" dest = "out_pkts"
[[processors.rename.replace]] field = "c2s_pkts_sum" dest = "c2s_pkts"
[[processors.rename.replace]] field = "s2c_pkts_sum" dest = "s2c_pkts"
[[processors.rename.replace]] field = "c2s_bytes_sum" dest = "c2s_bytes"
[[processors.rename.replace]] field = "s2c_bytes_sum" dest = "s2c_bytes"
[[processors.rename.replace]] field = "c2s_fragments_sum" dest = "c2s_fragments"
[[processors.rename.replace]] field = "s2c_fragments_sum" dest = "s2c_fragments"
[[processors.rename.replace]] field = "c2s_tcp_lost_bytes_sum" dest = "c2s_tcp_lost_bytes"
[[processors.rename.replace]] field = "s2c_tcp_lost_bytes_sum" dest = "s2c_tcp_lost_bytes"
[[processors.rename.replace]] field = "c2s_tcp_ooorder_pkts_sum" dest = "c2s_tcp_ooorder_pkts"
[[processors.rename.replace]] field = "s2c_tcp_ooorder_pkts_sum" dest = "s2c_tcp_ooorder_pkts"
[[processors.rename.replace]] field = "c2s_tcp_retransmitted_pkts_sum" dest = "c2s_tcp_retransmitted_pkts"
[[processors.rename.replace]] field = "s2c_tcp_retransmitted_pkts_sum" dest = "s2c_tcp_retransmitted_pkts"
[[processors.rename.replace]] field = "c2s_tcp_retransmitted_bytes_sum" dest = "c2s_tcp_retransmitted_bytes"
[[processors.rename.replace]] field = "s2c_tcp_retransmitted_bytes_sum" dest = "s2c_tcp_retransmitted_bytes"

70
ansible/roles/traffic-engine/files/helm/conf/telegraf_security.conf
View File

@@ -1,70 +0,0 @@
# Telegraf Configuration
[global_tags]
device_id = "${device_id}"
{{- range .Values.device.tags -}}
{{- range $key,$val := . }}
{{ $key }} = {{ $val | quote }}
{{- end }}
{{- end }}
[agent]
interval = "1s"
round_interval = true
metric_batch_size = 1000
metric_buffer_limit = 100000
collection_jitter = "0s"
flush_interval = "1s"
flush_jitter = "0s"
precision = ""
debug = false
quiet = false
logfile = ""
hostname = ""
omit_hostname = true
[[inputs.socket_listener]]
service_address = "udp://:8400"
data_format = "influx"
read_buffer_size = "32MiB"
[[outputs.kafka]]
sasl_username = "{{ .Values.external_resources.olap.kafka_brokers.sasl_username }}"
sasl_password = "{{ .Values.external_resources.olap.kafka_brokers.sasl_password }}"
brokers = [ "{{- include "traffic-engine.config.olap-address" (list . "\",\"") }}" ]
topic = "POLICY-RULE-METRIC"
data_format = "json"
json_timestamp_units = "1ms"
json_transformation = '''
$merge([$, { "timestamp_ms": timestamp}]) ~> |$|{}, ['timestamp']|
'''
# add rename
[[processors.rename]]
[[processors.rename.replace]]
field = "hit_count_sum"
dest = "hit_count"
[[processors.rename.replace]]
field = "in_bytes_sum"
dest = "in_bytes"
[[processors.rename.replace]]
field = "out_bytes_sum"
dest = "out_bytes"
[[processors.rename.replace]]
field = "in_pkts_sum"
dest = "in_pkts"
[[processors.rename.replace]]
field = "out_pkts_sum"
dest = "out_pkts"
[[aggregators.basicstats]]
period = "1s"
delay = "1s"
grace = "1s"
drop_original = true
stats = ["sum"]
fieldpass = ["hit_count", "in_bytes", "out_bytes", "in_pkts", "out_pkts"]
namepass = ["security_rule_hits", "statistics_rule_hits"] # only "pass" swap metrics through the aggregator.

89
ansible/roles/traffic-engine/files/helm/conf/telegraf_statistic.conf
View File

@@ -1,89 +0,0 @@
[global_tags]
device_id = "${device_id}"
{{- range .Values.device.tags -}}
{{- range $key,$val := . }}
{{ $key }} = {{ $val | quote }}
{{- end }}
{{- end }}
[agent]
interval = "5s"
round_interval = true
metric_batch_size = 1000
metric_buffer_limit = 100000
collection_jitter = "0s"
flush_interval = "1s"
flush_jitter = "0s"
precision = ""
debug = false
quiet = false
logfile = ""
hostname = ""
omit_hostname = false
[[outputs.kafka]]
sasl_username = "{{ .Values.external_resources.olap.kafka_brokers.sasl_username }}"
sasl_password = "{{ .Values.external_resources.olap.kafka_brokers.sasl_password }}"
brokers = [ "{{- include "traffic-engine.config.olap-address" (list . "\",\"") }}" ]
topic = "NETWORK-TRAFFIC-METRIC"
data_format = "json"
json_timestamp_units = "1ms"
json_transformation = '''
$merge([$, { "timestamp_ms": timestamp}]) ~> |$|{}, ['timestamp']|
'''
[[inputs.socket_listener]]
service_address = "udp://:8100"
data_format = "influx"
read_buffer_size = "32MiB"
[[aggregators.basicstats]]
period = "1s"
delay = "1s"
grace = "1s"
drop_original = true
stats = ["sum"]
fieldpass = ["sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "c2s_pkts", "s2c_pkts", "c2s_bytes", "s2c_bytes", "c2s_fragments", "s2c_fragments",
"c2s_tcp_lost_bytes", "s2c_tcp_lost_bytes", "c2s_tcp_ooorder_pkts", "s2c_tcp_ooorder_pkts", "c2s_tcp_retransmitted_pkts", "s2c_tcp_retransmitted_pkts",
"c2s_tcp_retransmitted_bytes", "s2c_tcp_retransmitted_bytes"]
namepass = ["traffic_application_protocol_stat"] #only "pass" swap metrics through the aggregator.
[[processors.rename]]
[[processors.rename.replace]] field = "sessions_sum" dest = "sessions"
[[processors.rename.replace]] field = "in_bytes_sum" dest = "in_bytes"
[[processors.rename.replace]] field = "out_bytes_sum" dest = "out_bytes"
[[processors.rename.replace]] field = "in_pkts_sum" dest = "in_pkts"
[[processors.rename.replace]] field = "out_pkts_sum" dest = "out_pkts"
[[processors.rename.replace]] field = "c2s_pkts_sum" dest = "c2s_pkts"
[[processors.rename.replace]] field = "s2c_pkts_sum" dest = "s2c_pkts"
[[processors.rename.replace]] field = "c2s_bytes_sum" dest = "c2s_bytes"
[[processors.rename.replace]] field = "s2c_bytes_sum" dest = "s2c_bytes"
[[processors.rename.replace]] field = "c2s_fragments_sum" dest = "c2s_fragments"
[[processors.rename.replace]] field = "s2c_fragments_sum" dest = "s2c_fragments"
[[processors.rename.replace]] field = "c2s_tcp_lost_bytes_sum" dest = "c2s_tcp_lost_bytes"
[[processors.rename.replace]] field = "s2c_tcp_lost_bytes_sum" dest = "s2c_tcp_lost_bytes"
[[processors.rename.replace]] field = "c2s_tcp_ooorder_pkts_sum" dest = "c2s_tcp_ooorder_pkts"
[[processors.rename.replace]] field = "s2c_tcp_ooorder_pkts_sum" dest = "s2c_tcp_ooorder_pkts"
[[processors.rename.replace]] field = "c2s_tcp_retransmitted_pkts_sum" dest = "c2s_tcp_retransmitted_pkts"
[[processors.rename.replace]] field = "s2c_tcp_retransmitted_pkts_sum" dest = "s2c_tcp_retransmitted_pkts"
[[processors.rename.replace]] field = "c2s_tcp_retransmitted_bytes_sum" dest = "c2s_tcp_retransmitted_bytes"
[[processors.rename.replace]] field = "s2c_tcp_retransmitted_bytes_sum" dest = "s2c_tcp_retransmitted_bytes"

47
ansible/roles/traffic-engine/files/helm/templates/deployment-firewall.yaml
View File

@@ -99,50 +99,6 @@ spec:
{{ template "traffic-engine.mount.dev-bus-usb" . }}
{{ template "traffic-engine.mount.dev-shm" . }}
- name: telegraf
image: "registry.gdnt-cloud.website/tsg-telegraf:{{ .Chart.AppVersion }}"
imagePullPolicy: Never
command:
- "bash"
- "-ec"
- |
/usr/bin/telegraf -config /etc/telegraf/telegraf_statistic.conf -config-directory /etc/telegraf/telegraf_statistic.d
securityContext:
privileged: true
volumeMounts:
- name: telegraf
mountPath: "/etc/telegraf/telegraf_statistic.conf"
subPath: "telegraf_statistic.conf"
- name: config-volume
mountPath: "/opt/tsg/etc/tsg_sn.json"
subPath: "opt/tsg/etc/tsg_sn.json"
- name: config-volume
mountPath: "/etc/profile.d/device_id.sh"
subPath: "etc/profile.d/device_id.sh"
{{ template "traffic-engine.mount.localtime" . }}
- name: telegraf-security
image: "registry.gdnt-cloud.website/tsg-telegraf:{{ .Chart.AppVersion }}"
imagePullPolicy: Never
command:
- "bash"
- "-ec"
- |
/usr/bin/telegraf -config /etc/telegraf/telegraf_security.conf -config-directory /etc/telegraf/telegraf_statistic.d
securityContext:
privileged: true
volumeMounts:
- name: telegraf
mountPath: "/etc/telegraf/telegraf_security.conf"
subPath: "telegraf_security.conf"
- name: config-volume
mountPath: "/opt/tsg/etc/tsg_sn.json"
subPath: "opt/tsg/etc/tsg_sn.json"
- name: config-volume
mountPath: "/etc/profile.d/device_id.sh"
subPath: "etc/profile.d/device_id.sh"
{{ template "traffic-engine.mount.localtime" . }}
initContainers:
- name: firewall-init
image: "registry.gdnt-cloud.website/tsg-init:{{ .Chart.AppVersion }}"
@@ -167,9 +123,6 @@ spec:
readOnly: true
volumes:
- name: telegraf
configMap:
name: telegraf-{{ .Release.Name }}
- name: sapp
configMap:
name: sapp-{{ .Release.Name }}

2
ansible/roles/traffic-engine/files/helm/templates/telegraf.yaml
View File

@@ -4,8 +4,6 @@ metadata:
name: telegraf-{{ .Release.Name }}
namespace: default
data:
telegraf_statistic.conf: {{ tpl (.Files.Get "conf/telegraf_statistic.conf") . | quote }}
telegraf_shaping.conf: {{ tpl (.Files.Get "conf/telegraf_shaping.conf") . | quote }}
telegraf_sce.conf: {{ tpl (.Files.Get "conf/telegraf_sce.conf") . | quote }}
telegraf_security.conf: {{ tpl (.Files.Get "conf/telegraf_security.conf") . | quote }}
telegraf_proxy.conf: {{ tpl (.Files.Get "conf/telegraf_proxy.conf") . | quote }}

4
ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSG7400
View File

@@ -2,7 +2,7 @@
Description=Tsg os provision
Requires=network.target
After=network.target
Before=tfe-env.service mrenv.service certstore.service telegraf_statistic.service telegraf_proxy.service telegraf_security.service cert-redis.service consul.service
Before=tfe-env.service mrenv.service certstore.service telegraf_proxy.service cert-redis.service consul.service
[Service]
ExecStart=/bin/sh -c "/opt/tsg/tsg-os-provision/scripts/provision.sh 0"
@@ -11,4 +11,4 @@ RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
RequiredBy=tfe-env.service mrenv.service certstore.service telegraf_statistic.service telegraf_proxy.service telegraf_security.service cert-redis.service consul.service
RequiredBy=tfe-env.service mrenv.service certstore.service telegraf_proxy.service cert-redis.service consul.service

26
ansible/roles/tsg-os-provision/files/tasks/provision.yml.7400MCN0P01R01
View File

@@ -170,25 +170,13 @@
src: "../templates/sapp.toml.j2"
dest: /opt/tsg/sapp/etc/sapp.toml
tags: sapp
- name: "tsg-os-provision: Templates telegraf.conf"
template:
src: "../templates/telegraf_statistic.conf.j2"
dest: /etc/telegraf/telegraf_statistic.conf
tags: telegraf_statistic
# - name: "tsg-os-provision: Templates telegraf.conf"
# template:
# src: "../templates/telegraf_shaping.conf.j2"
# dest: /etc/telegraf/telegraf_shaping.conf
# tags: telegraf_shaping
- name: "tsg-os-provision: Templates telegraf_security.conf"
template:
src: "../templates/telegraf_security.conf.j2"
dest: /etc/telegraf/telegraf_security.conf
tags: telegraf_security
- name: "tsg-os-provision: Templates telegraf_proxy.conf"
template:
src: "../templates/telegraf_proxy.conf.j2"
@@ -314,18 +302,6 @@
state: restarted
when: enable_config_apply == '1'
- name: "tsg-os-provision: restart telegraf_statistic"
systemd:
name: telegraf_statistic
state: restarted
when: enable_config_apply == '1'
- name: "tsg-os-provision: restart telegraf_security"
systemd:
name: telegraf_security
state: restarted
when: enable_config_apply == '1'
- name: "tsg-os-provision: restart telegraf_proxy"
systemd:
name: telegraf_proxy