From 2a583fc2888cd726ca5f46dcae37bc96cd6f5d08 Mon Sep 17 00:00:00 2001 From: fumingwei Date: Wed, 20 Dec 2023 11:54:05 +0800 Subject: [PATCH] =?UTF-8?q?feature:TSG-18016:=E5=88=A0=E9=99=A4firewall?= =?UTF-8?q?=E7=9B=B8=E5=85=B3=E7=9A=84telegraf=5Fstatistic=E5=92=8Ctelegra?= =?UTF-8?q?f=5Fsecurity?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../files/telegraf_security.service | 16 --- .../files/telegraf_shaping.service | 16 --- .../files/telegraf_statistic.service | 16 --- .../roles/telegraf_statistic/tasks/main.yml | 86 ++---------- .../templates/telegraf_security.conf.j2.j2 | 77 ----------- .../templates/telegraf_shaping.conf.j2.j2 | 126 ------------------ .../templates/telegraf_statistic.conf.j2.j2 | 97 -------------- .../files/helm/conf/telegraf_security.conf | 70 ---------- .../files/helm/conf/telegraf_statistic.conf | 89 ------------- .../helm/templates/deployment-firewall.yaml | 47 ------- .../files/helm/templates/telegraf.yaml | 2 - .../service/tsg-os-provision.service.TSG7400 | 4 +- .../files/tasks/provision.yml.7400MCN0P01R01 | 26 +--- 13 files changed, 13 insertions(+), 659 deletions(-) delete mode 100644 ansible/roles/telegraf_statistic/files/telegraf_security.service delete mode 100644 ansible/roles/telegraf_statistic/files/telegraf_shaping.service delete mode 100755 ansible/roles/telegraf_statistic/files/telegraf_statistic.service delete mode 100644 ansible/roles/telegraf_statistic/templates/telegraf_security.conf.j2.j2 delete mode 100644 ansible/roles/telegraf_statistic/templates/telegraf_shaping.conf.j2.j2 delete mode 100644 ansible/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2.j2 delete mode 100644 ansible/roles/traffic-engine/files/helm/conf/telegraf_security.conf delete mode 100644 ansible/roles/traffic-engine/files/helm/conf/telegraf_statistic.conf diff --git a/ansible/roles/telegraf_statistic/files/telegraf_security.service b/ansible/roles/telegraf_statistic/files/telegraf_security.service deleted file mode 100644 index b27cb2be..00000000 --- a/ansible/roles/telegraf_statistic/files/telegraf_security.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Security information -Documentation=https://github.com/influxdata/telegraf -After=network.target - -[Service] -EnvironmentFile=-/etc/default/telegraf -User=telegraf -ExecStart=/usr/bin/telegraf -config /etc/telegraf/telegraf_security.conf -config-directory /etc/telegraf/telegraf_statistic.d $TELEGRAF_OPTS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure -RestartForceExitStatus=SIGPIPE -KillMode=control-group - -[Install] -WantedBy=multi-user.target diff --git a/ansible/roles/telegraf_statistic/files/telegraf_shaping.service b/ansible/roles/telegraf_statistic/files/telegraf_shaping.service deleted file mode 100644 index c89cc5e5..00000000 --- a/ansible/roles/telegraf_statistic/files/telegraf_shaping.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Shaping information -Documentation=https://github.com/influxdata/telegraf -After=network.target - -[Service] -EnvironmentFile=-/etc/default/telegraf -User=telegraf -ExecStart=/usr/bin/telegraf -config /etc/telegraf/telegraf_shaping.conf -config-directory /etc/telegraf/telegraf_statistic.d $TELEGRAF_OPTS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure -RestartForceExitStatus=SIGPIPE -KillMode=control-group - -[Install] -WantedBy=multi-user.target diff --git a/ansible/roles/telegraf_statistic/files/telegraf_statistic.service b/ansible/roles/telegraf_statistic/files/telegraf_statistic.service deleted file mode 100755 index 5d67868b..00000000 --- a/ansible/roles/telegraf_statistic/files/telegraf_statistic.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Statistic information -Documentation=https://github.com/influxdata/telegraf -After=network.target - -[Service] -EnvironmentFile=-/etc/default/telegraf -User=telegraf -ExecStart=/usr/bin/telegraf -config /etc/telegraf/telegraf_statistic.conf -config-directory /etc/telegraf/telegraf_statistic.d $TELEGRAF_OPTS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure -RestartForceExitStatus=SIGPIPE -KillMode=control-group - -[Install] -WantedBy=multi-user.target diff --git a/ansible/roles/telegraf_statistic/tasks/main.yml b/ansible/roles/telegraf_statistic/tasks/main.yml index 1cb44832..b2a12bdd 100644 --- a/ansible/roles/telegraf_statistic/tasks/main.yml +++ b/ansible/roles/telegraf_statistic/tasks/main.yml @@ -10,96 +10,46 @@ state: present disable_gpg_check: yes -- name: "Templates telegraf.conf" - template: - src: "{{role_path}}/templates/telegraf_statistic.conf.j2.j2" - dest: /opt/tsg/tsg-os-provision/templates/telegraf_statistic.conf.j2 - tags: template - when: runtime_env != 'TSG-X-P0906' - -# - name: "Templates telegraf.conf" -# template: -# src: "{{role_path}}/templates/telegraf_shaping.conf.j2.j2" -# dest: /opt/tsg/tsg-os-provision/templates/telegraf_shaping.conf.j2 -# tags: template -# when: runtime_env != 'TSG-X-P0906' - -- name: "Templates telegraf_security.conf" - template: - src: "{{role_path}}/templates/telegraf_security.conf.j2.j2" - dest: /opt/tsg/tsg-os-provision/templates/telegraf_security.conf.j2 - tags: template - when: runtime_env != 'TSG-X-P0906' - - name: "Templates telegraf_proxy.conf" template: src: "{{role_path}}/templates/telegraf_proxy.conf.j2.j2" dest: /opt/tsg/tsg-os-provision/templates/telegraf_proxy.conf.j2 tags: template - when: runtime_env != 'TSG-X-P0906' - -- name: "copy telegraf_statistic.service to destination server" - copy: - src: "{{ role_path }}/files/telegraf_statistic.service" - dest: /usr/lib/systemd/system - mode: 0644 - when: runtime_env != 'TSG-X-P0906' - -# - name: "copy telegraf_shaping.service to destination server" -# copy: -# src: "{{ role_path }}/files/telegraf_shaping.service" -# dest: /usr/lib/systemd/system -# mode: 0644 - -- name: "copy telegraf_security.service to destination server" - copy: - src: "{{ role_path }}/files/telegraf_security.service" - dest: /usr/lib/systemd/system - mode: 0644 - when: runtime_env != 'TSG-X-P0906' + when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123' - name: "copy telegraf_proxy.service to destination server" copy: src: "{{ role_path }}/files/telegraf_proxy.service" dest: /usr/lib/systemd/system mode: 0644 - when: runtime_env != 'TSG-X-P0906' + when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123' -- name: "Create /usr/lib/systemd/system/telegraf_statistic.service.d/ and /usr/lib/systemd/system/telegraf_shaping.service.d directory if it does not exist" +- name: "Create service override dictionary" file: path: "{{ item }}" state: directory mode: '0755' with_items: - - /usr/lib/systemd/system/telegraf_statistic.service.d - - /usr/lib/systemd/system/telegraf_security.service.d - /usr/lib/systemd/system/telegraf_proxy.service.d -# - /usr/lib/systemd/system/telegraf_shaping.service.d - when: runtime_env != 'TSG-X-P0906' + when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123' -- name: "copy slice file to telegraf_statistic.service.d" +- name: "Copy slice override file to dest" copy: src: "{{ role_path }}/templates/service_override_slice.conf.j2" dest: "{{ item }}" mode: 0644 with_items: - - /usr/lib/systemd/system/telegraf_statistic.service.d/service_override_slice.conf - - /usr/lib/systemd/system/telegraf_security.service.d/service_override_slice.conf - /usr/lib/systemd/system/telegraf_proxy.service.d/service_override_slice.conf -# - /usr/lib/systemd/system/telegraf_shaping.service.d/service_override_slice.conf - when: runtime_env != 'TSG-X-P0906' + when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123' -- name: "replace action: replace service WantedBy from multi-user.target to workload.target" +- name: "Change service WantedBy target" replace: path: "{{ item }}" regexp: 'WantedBy=multi-user.target' replace: 'WantedBy=workload.target' with_items: - - /usr/lib/systemd/system/telegraf_statistic.service - - /usr/lib/systemd/system/telegraf_security.service - /usr/lib/systemd/system/telegraf_proxy.service -# - /usr/lib/systemd/system/telegraf_shaping.service - when: runtime_env != 'TSG-X-P0906' + when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123' ##################### telegraf ##################### @@ -107,26 +57,10 @@ systemd: name: telegraf.service enabled: no - when: runtime_env != 'TSG-X-P0906' - -- name: "Start telegraf_statistic" - systemd: - name: telegraf_statistic.service - enabled: yes - when: runtime_env != 'TSG-X-P0906' - -# - name: "Start telegraf_shaping" -# systemd: -# name: telegraf_shaping.service -# enabled: yes -- name: "Start telegraf_security" - systemd: - name: telegraf_security.service - enabled: yes - when: runtime_env != 'TSG-X-P0906' + when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123' - name: "Start telegraf_proxy" systemd: name: telegraf_proxy.service enabled: yes - when: runtime_env != 'TSG-X-P0906' \ No newline at end of file + when: runtime_env == 'TSG-7400-mcn0' or runtime_env == 'TSG-7400-mcn123' \ No newline at end of file diff --git a/ansible/roles/telegraf_statistic/templates/telegraf_security.conf.j2.j2 b/ansible/roles/telegraf_statistic/templates/telegraf_security.conf.j2.j2 deleted file mode 100644 index 88d266fa..00000000 --- a/ansible/roles/telegraf_statistic/templates/telegraf_security.conf.j2.j2 +++ /dev/null @@ -1,77 +0,0 @@ -# Telegraf Configuration -[global_tags] - device_id = "${device_id}" -{% raw %}{% if data_center.name is defined %} - data_center = "{{ data_center.name }}" -{% endif %} -{% if device.tags is defined %} -{% for device_tag in device.tags %} -{% for key,value in device_tag.items() %} - {{ key }} = "{{value}}" -{% endfor %} -{% endfor %} -{% endif %} -{% endraw %} -[agent] - interval = "1s" - round_interval = true - metric_batch_size = 1000 - metric_buffer_limit = 100000 - collection_jitter = "0s" - flush_interval = "1s" - flush_jitter = "0s" - precision = "" - debug = false - quiet = false - logfile = "" - hostname = "" - omit_hostname = true - - -[[inputs.socket_listener]] - service_address = "udp://:8400" - data_format = "influx" - read_buffer_size = "32MiB" - -[[outputs.kafka]] - sasl_username = "admin" - sasl_password = "galaxy2019" -{% raw %} brokers = [ "{{ olap.kafka_broker.address_list | join("\",\"") }}" ] -{% endraw %} - topic = "POLICY-RULE-METRIC" - data_format = "json" - json_timestamp_units = "1ms" - json_transformation = ''' - $merge([$, { "timestamp_ms": timestamp}]) ~> |$|{}, ['timestamp']| - ''' - -# add rename -[[processors.rename]] - [[processors.rename.replace]] - field = "hit_count_sum" - dest = "hit_count" - - [[processors.rename.replace]] - field = "in_bytes_sum" - dest = "in_bytes" - - [[processors.rename.replace]] - field = "out_bytes_sum" - dest = "out_bytes" - - [[processors.rename.replace]] - field = "in_pkts_sum" - dest = "in_pkts" - - [[processors.rename.replace]] - field = "out_pkts_sum" - dest = "out_pkts" - -[[aggregators.basicstats]] - period = "1s" - delay = "1s" - grace = "1s" - drop_original = true - stats = ["sum"] - fieldpass = ["hit_count", "in_bytes", "out_bytes", "in_pkts", "out_pkts"] - namepass = ["security_rule_hits", "statistics_rule_hits"] # only "pass" swap metrics through the aggregator. diff --git a/ansible/roles/telegraf_statistic/templates/telegraf_shaping.conf.j2.j2 b/ansible/roles/telegraf_statistic/templates/telegraf_shaping.conf.j2.j2 deleted file mode 100644 index c6fd9cd8..00000000 --- a/ansible/roles/telegraf_statistic/templates/telegraf_shaping.conf.j2.j2 +++ /dev/null @@ -1,126 +0,0 @@ -# Telegraf Configuration -[global_tags] - device_id = "${device_id}" -{% raw %}{% if data_center.name is defined %} - data_center = "{{ data_center.name }}" -{% endif %} -{% if device.tags is defined %} -{% for device_tag in device.tags %} -{% for key,value in device_tag.items() %} - {{ key }} = "{{value}}" -{% endfor %} -{% endfor %} -{% endif %} -{% endraw %} - - -[agent] - interval = "1s" - round_interval = true - metric_batch_size = 1000 - metric_buffer_limit = 100000 - collection_jitter = "0s" - flush_interval = "1s" - flush_jitter = "0s" - precision = "" - debug = false - quiet = false - logfile = "" - hostname = "" - omit_hostname = true - - -[[inputs.socket_listener]] - service_address = "udp://:8200" - data_format = "influx" - read_buffer_size = "32MiB" - -#[[processors.converter]] -# [processors.converter.tags] -# measurement = ["topic"] - -[[processors.rename]] - [[processors.rename.replace]] - field = "active_sessions_sum" - dest = "active_sessions" - - [[processors.rename.replace]] - field = "in_drop_pkts_sum" - dest = "in_drop_pkts" - - [[processors.rename.replace]] - field = "in_max_latency_us_max" - dest = "in_max_latency_us" - - [[processors.rename.replace]] - field = "in_queue_len_sum" - dest = "in_queue_len" - - [[processors.rename.replace]] - field = "in_rx_bytes_sum" - dest = "in_rx_bytes" - - [[processors.rename.replace]] - field = "in_rx_pkts_sum" - dest = "in_rx_pkts" - - [[processors.rename.replace]] - field = "in_tx_bytes_sum" - dest = "in_tx_bytes" - - [[processors.rename.replace]] - field = "in_tx_pkts_sum" - dest = "in_tx_pkts" - - [[processors.rename.replace]] - field = "out_drop_pkts_sum" - dest = "out_drop_pkts" - - [[processors.rename.replace]] - field = "out_max_latency_us_max" - dest = "out_max_latency_us" - - [[processors.rename.replace]] - field = "out_queue_len_sum" - dest = "out_queue_len" - - [[processors.rename.replace]] - field = "out_rx_bytes_sum" - dest = "out_rx_bytes" - - [[processors.rename.replace]] - field = "out_rx_pkts_sum" - dest = "out_rx_pkts" - - [[processors.rename.replace]] - field = "out_tx_bytes_sum" - dest = "out_tx_bytes" - - [[processors.rename.replace]] - field = "out_tx_pkts_sum" - dest = "out_tx_pkts" - - [[processors.rename.replace]] - field = "queueing_sessions_sum" - dest = "queueing_sessions" - -[[aggregators.basicstats]] - period = "1s" - delay = "1s" - grace = "1s" - drop_original = true - stats = ["sum", "max"] - - -[[outputs.kafka]] - sasl_username = "admin" - sasl_password = "galaxy2019" -{% raw %} brokers = [ "{{ olap.kafka_broker.address_list | join("\",\"") }}" ] -{% endraw %} - topic = "TRAFFIC-SHAPING-METRICS" - fielddrop = ["*pkts*max", "*bytes*max", "*session*max", "*queue*max", "*latency*sum"] - data_format = "json" - json_timestamp_units = "1ms" - json_transformation = ''' - $merge([$, { "timestamp_ms": timestamp}]) ~> |$|{}, ['timestamp']| - ''' diff --git a/ansible/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2.j2 b/ansible/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2.j2 deleted file mode 100644 index 48e0ccd2..00000000 --- a/ansible/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2.j2 +++ /dev/null @@ -1,97 +0,0 @@ -[global_tags] - device_id = "${device_id}" -{% raw %}{% if data_center.name is defined %} - data_center = "{{ data_center.name }}" -{% endif %} -{% if device.tags is defined %} -{% for device_tag in device.tags %} -{% for key,value in device_tag.items() %} - {{ key }} = "{{value}}" -{% endfor %} -{% endfor %} -{% endif %} -{% endraw %} - -[agent] - interval = "5s" - round_interval = true - metric_batch_size = 1000 - metric_buffer_limit = 100000 - collection_jitter = "0s" - flush_interval = "1s" - flush_jitter = "0s" - precision = "" - debug = false - quiet = false - logfile = "" - hostname = "" - omit_hostname = false - -[[outputs.kafka]] - sasl_username = "admin" - sasl_password = "galaxy2019" -{% raw %} brokers = [ "{{ olap.kafka_broker.address_list | join("\",\"") }}" ] -{% endraw %} - topic = "NETWORK-TRAFFIC-METRIC" - data_format = "json" - json_timestamp_units = "1ms" - json_transformation = ''' - $merge([$, { "timestamp_ms": timestamp}]) ~> |$|{}, ['timestamp']| - ''' - -[[inputs.socket_listener]] - service_address = "udp://:8100" - data_format = "influx" - read_buffer_size = "32MiB" - -[[aggregators.basicstats]] - period = "1s" - delay = "1s" - grace = "1s" - drop_original = true - stats = ["sum"] - fieldpass = ["sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "c2s_pkts", "s2c_pkts", "c2s_bytes", "s2c_bytes", "c2s_fragments", "s2c_fragments", - "c2s_tcp_lost_bytes", "s2c_tcp_lost_bytes", "c2s_tcp_ooorder_pkts", "s2c_tcp_ooorder_pkts", "c2s_tcp_retransmitted_pkts", "s2c_tcp_retransmitted_pkts", - "c2s_tcp_retransmitted_bytes", "s2c_tcp_retransmitted_bytes"] - - namepass = ["traffic_application_protocol_stat"] #only "pass" swap metrics through the aggregator. - -[[processors.rename]] - - [[processors.rename.replace]] field = "sessions_sum" dest = "sessions" - - [[processors.rename.replace]] field = "in_bytes_sum" dest = "in_bytes" - - [[processors.rename.replace]] field = "out_bytes_sum" dest = "out_bytes" - - [[processors.rename.replace]] field = "in_pkts_sum" dest = "in_pkts" - - [[processors.rename.replace]] field = "out_pkts_sum" dest = "out_pkts" - - [[processors.rename.replace]] field = "c2s_pkts_sum" dest = "c2s_pkts" - - [[processors.rename.replace]] field = "s2c_pkts_sum" dest = "s2c_pkts" - - [[processors.rename.replace]] field = "c2s_bytes_sum" dest = "c2s_bytes" - - [[processors.rename.replace]] field = "s2c_bytes_sum" dest = "s2c_bytes" - - [[processors.rename.replace]] field = "c2s_fragments_sum" dest = "c2s_fragments" - - [[processors.rename.replace]] field = "s2c_fragments_sum" dest = "s2c_fragments" - - [[processors.rename.replace]] field = "c2s_tcp_lost_bytes_sum" dest = "c2s_tcp_lost_bytes" - - [[processors.rename.replace]] field = "s2c_tcp_lost_bytes_sum" dest = "s2c_tcp_lost_bytes" - - [[processors.rename.replace]] field = "c2s_tcp_ooorder_pkts_sum" dest = "c2s_tcp_ooorder_pkts" - - [[processors.rename.replace]] field = "s2c_tcp_ooorder_pkts_sum" dest = "s2c_tcp_ooorder_pkts" - - [[processors.rename.replace]] field = "c2s_tcp_retransmitted_pkts_sum" dest = "c2s_tcp_retransmitted_pkts" - - [[processors.rename.replace]] field = "s2c_tcp_retransmitted_pkts_sum" dest = "s2c_tcp_retransmitted_pkts" - - [[processors.rename.replace]] field = "c2s_tcp_retransmitted_bytes_sum" dest = "c2s_tcp_retransmitted_bytes" - - [[processors.rename.replace]] field = "s2c_tcp_retransmitted_bytes_sum" dest = "s2c_tcp_retransmitted_bytes" diff --git a/ansible/roles/traffic-engine/files/helm/conf/telegraf_security.conf b/ansible/roles/traffic-engine/files/helm/conf/telegraf_security.conf deleted file mode 100644 index dbc64cc4..00000000 --- a/ansible/roles/traffic-engine/files/helm/conf/telegraf_security.conf +++ /dev/null @@ -1,70 +0,0 @@ -# Telegraf Configuration -[global_tags] - device_id = "${device_id}" -{{- range .Values.device.tags -}} -{{- range $key,$val := . }} - {{ $key }} = {{ $val | quote }} -{{- end }} -{{- end }} -[agent] - interval = "1s" - round_interval = true - metric_batch_size = 1000 - metric_buffer_limit = 100000 - collection_jitter = "0s" - flush_interval = "1s" - flush_jitter = "0s" - precision = "" - debug = false - quiet = false - logfile = "" - hostname = "" - omit_hostname = true - - -[[inputs.socket_listener]] - service_address = "udp://:8400" - data_format = "influx" - read_buffer_size = "32MiB" - -[[outputs.kafka]] - sasl_username = "{{ .Values.external_resources.olap.kafka_brokers.sasl_username }}" - sasl_password = "{{ .Values.external_resources.olap.kafka_brokers.sasl_password }}" - brokers = [ "{{- include "traffic-engine.config.olap-address" (list . "\",\"") }}" ] - topic = "POLICY-RULE-METRIC" - data_format = "json" - json_timestamp_units = "1ms" - json_transformation = ''' - $merge([$, { "timestamp_ms": timestamp}]) ~> |$|{}, ['timestamp']| - ''' - -# add rename -[[processors.rename]] - [[processors.rename.replace]] - field = "hit_count_sum" - dest = "hit_count" - - [[processors.rename.replace]] - field = "in_bytes_sum" - dest = "in_bytes" - - [[processors.rename.replace]] - field = "out_bytes_sum" - dest = "out_bytes" - - [[processors.rename.replace]] - field = "in_pkts_sum" - dest = "in_pkts" - - [[processors.rename.replace]] - field = "out_pkts_sum" - dest = "out_pkts" - -[[aggregators.basicstats]] - period = "1s" - delay = "1s" - grace = "1s" - drop_original = true - stats = ["sum"] - fieldpass = ["hit_count", "in_bytes", "out_bytes", "in_pkts", "out_pkts"] - namepass = ["security_rule_hits", "statistics_rule_hits"] # only "pass" swap metrics through the aggregator. diff --git a/ansible/roles/traffic-engine/files/helm/conf/telegraf_statistic.conf b/ansible/roles/traffic-engine/files/helm/conf/telegraf_statistic.conf deleted file mode 100644 index 7d3fc33c..00000000 --- a/ansible/roles/traffic-engine/files/helm/conf/telegraf_statistic.conf +++ /dev/null @@ -1,89 +0,0 @@ -[global_tags] - device_id = "${device_id}" -{{- range .Values.device.tags -}} -{{- range $key,$val := . }} - {{ $key }} = {{ $val | quote }} -{{- end }} -{{- end }} -[agent] - interval = "5s" - round_interval = true - metric_batch_size = 1000 - metric_buffer_limit = 100000 - collection_jitter = "0s" - flush_interval = "1s" - flush_jitter = "0s" - precision = "" - debug = false - quiet = false - logfile = "" - hostname = "" - omit_hostname = false - -[[outputs.kafka]] - sasl_username = "{{ .Values.external_resources.olap.kafka_brokers.sasl_username }}" - sasl_password = "{{ .Values.external_resources.olap.kafka_brokers.sasl_password }}" - brokers = [ "{{- include "traffic-engine.config.olap-address" (list . "\",\"") }}" ] - topic = "NETWORK-TRAFFIC-METRIC" - data_format = "json" - json_timestamp_units = "1ms" - json_transformation = ''' - $merge([$, { "timestamp_ms": timestamp}]) ~> |$|{}, ['timestamp']| - ''' -[[inputs.socket_listener]] - service_address = "udp://:8100" - data_format = "influx" - read_buffer_size = "32MiB" - -[[aggregators.basicstats]] - period = "1s" - delay = "1s" - grace = "1s" - drop_original = true - stats = ["sum"] - fieldpass = ["sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "c2s_pkts", "s2c_pkts", "c2s_bytes", "s2c_bytes", "c2s_fragments", "s2c_fragments", - "c2s_tcp_lost_bytes", "s2c_tcp_lost_bytes", "c2s_tcp_ooorder_pkts", "s2c_tcp_ooorder_pkts", "c2s_tcp_retransmitted_pkts", "s2c_tcp_retransmitted_pkts", - "c2s_tcp_retransmitted_bytes", "s2c_tcp_retransmitted_bytes"] - - namepass = ["traffic_application_protocol_stat"] #only "pass" swap metrics through the aggregator. - - -[[processors.rename]] - - [[processors.rename.replace]] field = "sessions_sum" dest = "sessions" - - [[processors.rename.replace]] field = "in_bytes_sum" dest = "in_bytes" - - [[processors.rename.replace]] field = "out_bytes_sum" dest = "out_bytes" - - [[processors.rename.replace]] field = "in_pkts_sum" dest = "in_pkts" - - [[processors.rename.replace]] field = "out_pkts_sum" dest = "out_pkts" - - [[processors.rename.replace]] field = "c2s_pkts_sum" dest = "c2s_pkts" - - [[processors.rename.replace]] field = "s2c_pkts_sum" dest = "s2c_pkts" - - [[processors.rename.replace]] field = "c2s_bytes_sum" dest = "c2s_bytes" - - [[processors.rename.replace]] field = "s2c_bytes_sum" dest = "s2c_bytes" - - [[processors.rename.replace]] field = "c2s_fragments_sum" dest = "c2s_fragments" - - [[processors.rename.replace]] field = "s2c_fragments_sum" dest = "s2c_fragments" - - [[processors.rename.replace]] field = "c2s_tcp_lost_bytes_sum" dest = "c2s_tcp_lost_bytes" - - [[processors.rename.replace]] field = "s2c_tcp_lost_bytes_sum" dest = "s2c_tcp_lost_bytes" - - [[processors.rename.replace]] field = "c2s_tcp_ooorder_pkts_sum" dest = "c2s_tcp_ooorder_pkts" - - [[processors.rename.replace]] field = "s2c_tcp_ooorder_pkts_sum" dest = "s2c_tcp_ooorder_pkts" - - [[processors.rename.replace]] field = "c2s_tcp_retransmitted_pkts_sum" dest = "c2s_tcp_retransmitted_pkts" - - [[processors.rename.replace]] field = "s2c_tcp_retransmitted_pkts_sum" dest = "s2c_tcp_retransmitted_pkts" - - [[processors.rename.replace]] field = "c2s_tcp_retransmitted_bytes_sum" dest = "c2s_tcp_retransmitted_bytes" - - [[processors.rename.replace]] field = "s2c_tcp_retransmitted_bytes_sum" dest = "s2c_tcp_retransmitted_bytes" diff --git a/ansible/roles/traffic-engine/files/helm/templates/deployment-firewall.yaml b/ansible/roles/traffic-engine/files/helm/templates/deployment-firewall.yaml index 3e3ef828..f9e370b5 100644 --- a/ansible/roles/traffic-engine/files/helm/templates/deployment-firewall.yaml +++ b/ansible/roles/traffic-engine/files/helm/templates/deployment-firewall.yaml @@ -99,50 +99,6 @@ spec: {{ template "traffic-engine.mount.dev-bus-usb" . }} {{ template "traffic-engine.mount.dev-shm" . }} - - name: telegraf - image: "registry.gdnt-cloud.website/tsg-telegraf:{{ .Chart.AppVersion }}" - imagePullPolicy: Never - command: - - "bash" - - "-ec" - - | - /usr/bin/telegraf -config /etc/telegraf/telegraf_statistic.conf -config-directory /etc/telegraf/telegraf_statistic.d - securityContext: - privileged: true - volumeMounts: - - name: telegraf - mountPath: "/etc/telegraf/telegraf_statistic.conf" - subPath: "telegraf_statistic.conf" - - name: config-volume - mountPath: "/opt/tsg/etc/tsg_sn.json" - subPath: "opt/tsg/etc/tsg_sn.json" - - name: config-volume - mountPath: "/etc/profile.d/device_id.sh" - subPath: "etc/profile.d/device_id.sh" - {{ template "traffic-engine.mount.localtime" . }} - - - name: telegraf-security - image: "registry.gdnt-cloud.website/tsg-telegraf:{{ .Chart.AppVersion }}" - imagePullPolicy: Never - command: - - "bash" - - "-ec" - - | - /usr/bin/telegraf -config /etc/telegraf/telegraf_security.conf -config-directory /etc/telegraf/telegraf_statistic.d - securityContext: - privileged: true - volumeMounts: - - name: telegraf - mountPath: "/etc/telegraf/telegraf_security.conf" - subPath: "telegraf_security.conf" - - name: config-volume - mountPath: "/opt/tsg/etc/tsg_sn.json" - subPath: "opt/tsg/etc/tsg_sn.json" - - name: config-volume - mountPath: "/etc/profile.d/device_id.sh" - subPath: "etc/profile.d/device_id.sh" - {{ template "traffic-engine.mount.localtime" . }} - initContainers: - name: firewall-init image: "registry.gdnt-cloud.website/tsg-init:{{ .Chart.AppVersion }}" @@ -167,9 +123,6 @@ spec: readOnly: true volumes: - - name: telegraf - configMap: - name: telegraf-{{ .Release.Name }} - name: sapp configMap: name: sapp-{{ .Release.Name }} diff --git a/ansible/roles/traffic-engine/files/helm/templates/telegraf.yaml b/ansible/roles/traffic-engine/files/helm/templates/telegraf.yaml index a23a1a7c..c90c17bf 100644 --- a/ansible/roles/traffic-engine/files/helm/templates/telegraf.yaml +++ b/ansible/roles/traffic-engine/files/helm/templates/telegraf.yaml @@ -4,8 +4,6 @@ metadata: name: telegraf-{{ .Release.Name }} namespace: default data: - telegraf_statistic.conf: {{ tpl (.Files.Get "conf/telegraf_statistic.conf") . | quote }} telegraf_shaping.conf: {{ tpl (.Files.Get "conf/telegraf_shaping.conf") . | quote }} telegraf_sce.conf: {{ tpl (.Files.Get "conf/telegraf_sce.conf") . | quote }} - telegraf_security.conf: {{ tpl (.Files.Get "conf/telegraf_security.conf") . | quote }} telegraf_proxy.conf: {{ tpl (.Files.Get "conf/telegraf_proxy.conf") . | quote }} \ No newline at end of file diff --git a/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSG7400 b/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSG7400 index c19c8582..072d1827 100644 --- a/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSG7400 +++ b/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSG7400 @@ -2,7 +2,7 @@ Description=Tsg os provision Requires=network.target After=network.target -Before=tfe-env.service mrenv.service certstore.service telegraf_statistic.service telegraf_proxy.service telegraf_security.service cert-redis.service consul.service +Before=tfe-env.service mrenv.service certstore.service telegraf_proxy.service cert-redis.service consul.service [Service] ExecStart=/bin/sh -c "/opt/tsg/tsg-os-provision/scripts/provision.sh 0" @@ -11,4 +11,4 @@ RemainAfterExit=yes [Install] WantedBy=multi-user.target -RequiredBy=tfe-env.service mrenv.service certstore.service telegraf_statistic.service telegraf_proxy.service telegraf_security.service cert-redis.service consul.service +RequiredBy=tfe-env.service mrenv.service certstore.service telegraf_proxy.service cert-redis.service consul.service diff --git a/ansible/roles/tsg-os-provision/files/tasks/provision.yml.7400MCN0P01R01 b/ansible/roles/tsg-os-provision/files/tasks/provision.yml.7400MCN0P01R01 index 469b3737..fec5f42b 100644 --- a/ansible/roles/tsg-os-provision/files/tasks/provision.yml.7400MCN0P01R01 +++ b/ansible/roles/tsg-os-provision/files/tasks/provision.yml.7400MCN0P01R01 @@ -170,25 +170,13 @@ src: "../templates/sapp.toml.j2" dest: /opt/tsg/sapp/etc/sapp.toml tags: sapp - - - name: "tsg-os-provision: Templates telegraf.conf" - template: - src: "../templates/telegraf_statistic.conf.j2" - dest: /etc/telegraf/telegraf_statistic.conf - tags: telegraf_statistic - + # - name: "tsg-os-provision: Templates telegraf.conf" # template: # src: "../templates/telegraf_shaping.conf.j2" # dest: /etc/telegraf/telegraf_shaping.conf # tags: telegraf_shaping - - name: "tsg-os-provision: Templates telegraf_security.conf" - template: - src: "../templates/telegraf_security.conf.j2" - dest: /etc/telegraf/telegraf_security.conf - tags: telegraf_security - - name: "tsg-os-provision: Templates telegraf_proxy.conf" template: src: "../templates/telegraf_proxy.conf.j2" @@ -314,18 +302,6 @@ state: restarted when: enable_config_apply == '1' - - name: "tsg-os-provision: restart telegraf_statistic" - systemd: - name: telegraf_statistic - state: restarted - when: enable_config_apply == '1' - - - name: "tsg-os-provision: restart telegraf_security" - systemd: - name: telegraf_security - state: restarted - when: enable_config_apply == '1' - - name: "tsg-os-provision: restart telegraf_proxy" systemd: name: telegraf_proxy