From 3eb2e99b0c8fb6824b877c20c44c75120e5e5cc2 Mon Sep 17 00:00:00 2001 From: fumingwei Date: Fri, 14 May 2021 10:18:03 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9service=20systemd=E6=96=87?= =?UTF-8?q?=E4=BB=B6=E8=B7=AF=E5=BE=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../roles/certstore/tasks/main.yml | 2 +- .../roles/certstore/tasks/main.yml | 32 -------- .../roles/firewall/tasks/main.yml | 63 --------------- .../init_runtime/roles/sapp/tasks/main.yml | 72 ----------------- .../roles/telegraf_statistic/tasks/main.yml | 22 ------ .../init_runtime/roles/tfe/tasks/main.yml | 77 ------------------- tsg-9140-scripts/roles/sapp/tasks/main.yml | 8 +- .../roles/sapp/templates/adapt_runtimes.j2 | 9 +++ .../roles/sapp/templates/sapp.service.j2 | 21 ----- tsg-9140-scripts/roles/tfe/tasks/main.yml | 6 +- 10 files changed, 17 insertions(+), 295 deletions(-) delete mode 100644 tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/certstore/tasks/main.yml delete mode 100644 tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/firewall/tasks/main.yml delete mode 100644 tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/sapp/tasks/main.yml delete mode 100644 tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/telegraf_statistic/tasks/main.yml delete mode 100644 tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/tfe/tasks/main.yml create mode 100644 tsg-9140-scripts/roles/sapp/templates/adapt_runtimes.j2 delete mode 100755 tsg-9140-scripts/roles/sapp/templates/sapp.service.j2 diff --git a/tsg-9140-scripts/roles/certstore/tasks/main.yml b/tsg-9140-scripts/roles/certstore/tasks/main.yml index 1fd990f1..10fb4b3a 100644 --- a/tsg-9140-scripts/roles/certstore/tasks/main.yml +++ b/tsg-9140-scripts/roles/certstore/tasks/main.yml @@ -22,5 +22,5 @@ - name: "copy memory limit file to certstore.service.d" copy: src: "{{ role_path }}/files/memory.conf" - dest: /etc/systemd/system/certstore.service.d/ + dest: /usr/lib/systemd/system/certstore.service.d/ mode: 0644 diff --git a/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/certstore/tasks/main.yml b/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/certstore/tasks/main.yml deleted file mode 100644 index 21802c9c..00000000 --- a/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/certstore/tasks/main.yml +++ /dev/null @@ -1,32 +0,0 @@ -- name: "copy certstore rpm to destination" - copy: - src: "{{ role_path }}/files/" - dest: "/tmp/ansible_deploy/" - -- name: Ensures /opt/tsg exists - file: path=/opt/tsg state=directory - tags: mkdir - -- name: install certstore - yum: - name: - - /tmp/ansible_deploy/certstore-2.1.6.20201215.f2e9ba7-1.el7.x86_64.rpm - state: present - -- name: template certstore configure file - template: - src: "{{ role_path }}/templates/cert_store.ini.j2.j2" - dest: /opt/tsg/init_runtime/roles/certstore/templates/cert_store.ini.j2 - -- name: template certstore zlog file - template: - src: "{{ role_path }}/templates/zlog.conf.j2" - dest: /opt/tsg/certstore/conf/zlog.conf - -- name: "copy memory limit file to certstore.service.d" - copy: - src: "{{ role_path }}/files/memory.conf" - dest: /etc/systemd/system/certstore.service.d/ - mode: 0644 - - diff --git a/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/firewall/tasks/main.yml b/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/firewall/tasks/main.yml deleted file mode 100644 index 5f77520a..00000000 --- a/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/firewall/tasks/main.yml +++ /dev/null @@ -1,63 +0,0 @@ ---- -- name: "copy firewall rpms to destination server" - copy: - src: "{{ role_path }}/files/" - dest: /tmp/ansible_deploy/ - -- name: "install firewall packages" - yum: - name: "{{ fw_packages }}" - state: present - skip_broken: yes - vars: - fw_packages: - - /tmp/ansible_deploy/capture_packet_plug-3.0.6.a2db4a4-2.el7.x86_64.rpm - - /tmp/ansible_deploy/conn_telemetry-1.0.2.8d6da43-2.el7.x86_64.rpm - - /tmp/ansible_deploy/dns-2.0.11.2265b5c-2.el7.x86_64.rpm - - /tmp/ansible_deploy/ftp-1.0.8.13d5fda-2.el7.x86_64.rpm - - /tmp/ansible_deploy/fw_dns_plug-3.0.2.dab58fa-2.el7.x86_64.rpm - - /tmp/ansible_deploy/fw_ftp_plug-3.0.1.0a78573-2.el7.x86_64.rpm - - /tmp/ansible_deploy/fw_http_plug-3.1.5.69f6482-2.el7.x86_64.rpm - - /tmp/ansible_deploy/fw_mail_plug-3.0.2.7401550-2.el7.x86_64.rpm - - /tmp/ansible_deploy/fw_quic_plug-3.0.4.947ef77-2.el7.x86_64.rpm - - /tmp/ansible_deploy/fw_ssl_plug-3.0.6.a121701-2.el7.x86_64.rpm - - /tmp/ansible_deploy/http-2.0.5.c61ad9a-2.el7.x86_64.rpm - - /tmp/ansible_deploy/mail-1.0.9.c1d3bde-2.el7.x86_64.rpm - - /tmp/ansible_deploy/quic-1.1.17.8c22b4d-2.el7.x86_64.rpm - - /tmp/ansible_deploy/ssl-1.0.12.16b8fb5-2.el7.x86_64.rpm - - /tmp/ansible_deploy/tsg_conn_sketch-2.1.4.f333054-2.el7.x86_64.rpm - - /tmp/ansible_deploy/rtp-1.0.4.91b4ab7-2.el7.x86_64.rpm - - /tmp/ansible_deploy/mesa_sip-1.0.9.ede6893-2.el7.x86_64.rpm - - /tmp/ansible_deploy/fw_voip_plug-1.0.2.090e5da-2.el7.x86_64.rpm - - /tmp/ansible_deploy/app_proto_identify-1.0.9.a6581a6-2.el7.x86_64.rpm - -- name: "Template the tsgconf/main.conf" - template: - src: "{{ role_path }}/templates/main.conf.j2.j2" - dest: /opt/tsg/init_runtime/roles/firewall/templates/main.conf.j2 - tags: template - - -- name: "Template the tsgconf/maat.conf" - template: - src: "{{ role_path }}/templates/maat.conf.j2.j2" - dest: /opt/tsg/init_runtime/roles/firewall/templates/maat.conf.j2 - tags: template - -- name: "Template the conf/capture_packet_plug.conf.j2" - template: - src: "{{ role_path }}/templates/capture_packet_plug.conf.j2" - dest: /home/mesasoft/sapp_run/conf/capture_packet_plug.conf - tags: template - -- name: "Template the tsgconf/app_l7_proto_id.conf" - template: - src: "{{ role_path }}/templates/app_l7_proto_id.conf.j2" - dest: /home/mesasoft/sapp_run/tsgconf/app_l7_proto_id.conf - -- name: "Template the /home/mesasoft/sapp_run/plug/business/tsg_conn_sketch/tsg_conn_sketch.inf" - template: - src: "{{ role_path }}/templates/tsg_conn_sketch.inf.j2" - dest: /home/mesasoft/sapp_run/plug/business/tsg_conn_sketch/tsg_conn_sketch.inf - tags: template - diff --git a/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/sapp/tasks/main.yml b/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/sapp/tasks/main.yml deleted file mode 100644 index c2f4b696..00000000 --- a/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/sapp/tasks/main.yml +++ /dev/null @@ -1,72 +0,0 @@ ---- -- name: "copy sapp to destination server" - copy: - src: "{{ role_path }}/files/" - dest: /tmp/ansible_deploy/ - -- name: "copy maat_redis_tool to destination server" - copy: - src: "{{ role_path }}/files/maat_redis_tool" - dest: /usr/local/bin - mode: 0755 - -- name: "install sapp rpms from localhost" - yum: - name: - - /tmp/ansible_deploy/sapp-4.2.26.fc1a6aa-2.el7.x86_64.rpm - state: present - -- name: "install tcpdump_mesa rpms from localhost" - yum: - name: - - /tmp/ansible_deploy/tcpdump_mesa-1.0.2.0c5a950-2.el7.x86_64.rpm - state: present - skip_broken: yes - -- name: "mkdir tsgconf" - file: - path: /home/mesasoft/sapp_run/tsgconf - state: directory - -- name: Template the sapp.toml - template: - src: "{{ role_path }}/templates/sapp.toml.j2.j2" - dest: /opt/tsg/init_runtime/roles/sapp/templates/sapp.toml.j2 - tags: template - -- name: Template the project_list.conf - template: - src: "{{ role_path }}/templates/project_list.conf.j2" - dest: /home/mesasoft/sapp_run/etc/project_list.conf - tags: template - -- name: Template the conflist.inf - template: - src: "{{ role_path }}/templates/conflist.inf.j2" - dest: /home/mesasoft/sapp_run/plug/conflist.inf - tags: template - -- name: Template the sapp_log.conf - template: - src: "{{ role_path }}/templates/sapp_log.conf.j2" - dest: /home/mesasoft/sapp_run/etc/sapp_log.conf - tags: template - -- name: Template the sapp_tmpfile.conf - template: - src: "{{ role_path }}/templates/sapp_tmpfile.conf.j2" - dest: /etc/tmpfiles.d/sapp_tmpfile.conf - tags: template - -- name: "Template sapp.service destination server" - template: - src: "{{ role_path }}/templates/sapp.service.j2" - dest: /usr/lib/systemd/system/sapp.service - mode: 0755 - -- name: "copy memory limit file to sapp.service.d" - copy: - src: "{{ role_path }}/files/memory.conf" - dest: /etc/systemd/system/sapp.service.d/ - mode: 0644 - diff --git a/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/telegraf_statistic/tasks/main.yml b/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/telegraf_statistic/tasks/main.yml deleted file mode 100644 index 05df5fee..00000000 --- a/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/telegraf_statistic/tasks/main.yml +++ /dev/null @@ -1,22 +0,0 @@ -- name: "copy telegraf.rpm to destination server" - copy: - src: "{{ role_path }}/files/telegraf-1.13.0-1.x86_64.rpm" - dest: /tmp - -- name: "install telegraf" - yum: - name: - - /tmp/telegraf-1.13.0-1.x86_64.rpm - state: present - -- name: "Templates telegraf.conf" - template: - src: "{{role_path}}/templates/telegraf_statistic.conf.j2.j2" - dest: /opt/tsg/init_runtime/roles/telegraf_statistic/templates/telegraf_statistic.conf.j2 - tags: template - -- name: "copy telegraf_statistic.service to destination server" - copy: - src: "{{ role_path }}/files/telegraf_statistic.service" - dest: /usr/lib/systemd/system - mode: 0644 diff --git a/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/tfe/tasks/main.yml b/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/tfe/tasks/main.yml deleted file mode 100644 index bf727c76..00000000 --- a/tsg-9140-scripts/roles/init_runtime/files/init_runtime/roles/tfe/tasks/main.yml +++ /dev/null @@ -1,77 +0,0 @@ ---- -- name: "copy tfe program to destination server" - copy: - src: "{{ role_path }}/files/" - dest: /tmp/ansible_deploy/ - -- name: "copy tfe.service to destination server" - copy: - src: "{{ role_path }}/files/tfe.service" - dest: /usr/lib/systemd/system/ - mode: 0644 - -- name: "install tfe rpms from localhost" - yum: - name: - #- /tmp/ansible_deploy/tfe-kmod-v1.0.5.20200408-1dkms.noarch.rpm - - /tmp/ansible_deploy/tfe-4.3.30.62dde9e-1.el7.x86_64.rpm - state: present - -- name: "tfe:copy cert file to device" - copy: - src: '{{ role_path }}/files/tsg_diagnose_ca.pem' - dest: /opt/tsg/tfe/resource/tfe/ - -- name: "template tfe-env config" - template: - src: "{{ role_path }}/templates/tfe-env-config.j2" - dest: /etc/sysconfig/tfe-env-config - -- name: "template the tfe.conf" - template: - src: "{{ role_path }}/templates/tfe.conf.j2.j2" - dest: /opt/tsg/init_runtime/roles/tfe/templates/tfe.conf.j2 - -- name: "template the zlog.conf" - template: - src: "{{ role_path }}/templates/zlog.conf.j2" - dest: /opt/tsg/tfe/conf/tfe/zlog.conf - -- name: "template the future.conf" - template: - src: "{{ role_path }}/templates/future.conf.j2" - dest: /opt/tsg/tfe/conf/tfe/future.conf - -- name: "template the pangu_pxy.conf" - template: - src: "{{ role_path }}/templates/pangu_pxy.conf.j2.j2" - dest: /opt/tsg/init_runtime/roles/tfe/templates/pangu_pxy.conf.j2 - -- name: "create conf/doh/" - file: - path: /opt/tsg/tfe/conf/doh/ - state: directory - -- name: "template the doh.conf" - template: - src: "{{ role_path }}/templates/doh.conf.j2" - dest: /opt/tsg/tfe/conf/doh/doh.conf - -- name: "create a override conf - first step, create dir" - file: - path: /etc/systemd/system/tfe.service.d/ - state: directory - mode: '0755' - -- name: "create a override conf - second step, copy a override service file" - template: - src: "{{ role_path }}/templates/require-mrzcpd.conf.j2" - dest: /etc/systemd/system/tfe.service.d/require-mrzcpd.conf - -- name: "copy memory limit file to tfe.service.d" - copy: - src: "{{ role_path }}/files/memory.conf" - dest: /etc/systemd/system/tfe.service.d/ - mode: 0644 - - diff --git a/tsg-9140-scripts/roles/sapp/tasks/main.yml b/tsg-9140-scripts/roles/sapp/tasks/main.yml index 20fd0961..7f2acc4f 100644 --- a/tsg-9140-scripts/roles/sapp/tasks/main.yml +++ b/tsg-9140-scripts/roles/sapp/tasks/main.yml @@ -52,15 +52,15 @@ dest: /etc/tmpfiles.d/sapp_tmpfile.conf tags: template -- name: "Template sapp.service destination server" +- name: "sapp: service adapts runtimes" template: src: "{{ role_path }}/templates/sapp.service.j2" - dest: /usr/lib/systemd/system/sapp.service - mode: 0755 + dest: /usr/lib/systemd/system/sapp.service.d/ + mode: 0644 - name: "copy memory limit file to sapp.service.d" copy: src: "{{ role_path }}/files/memory.conf" - dest: /etc/systemd/system/sapp.service.d/ + dest: /usr/lib/systemd/system/sapp.service.d/ mode: 0644 diff --git a/tsg-9140-scripts/roles/sapp/templates/adapt_runtimes.j2 b/tsg-9140-scripts/roles/sapp/templates/adapt_runtimes.j2 new file mode 100644 index 00000000..f5e4013e --- /dev/null +++ b/tsg-9140-scripts/roles/sapp/templates/adapt_runtimes.j2 @@ -0,0 +1,9 @@ +[Unit] +Requires=mrzcpd.service +After=mrzcpd.service +[Service] +TimeoutSec=900s +RestartSec=10s +LimitNOFILE=524288 +LimitCORE=0 +WatchdogSec=10s \ No newline at end of file diff --git a/tsg-9140-scripts/roles/sapp/templates/sapp.service.j2 b/tsg-9140-scripts/roles/sapp/templates/sapp.service.j2 deleted file mode 100755 index 451d892b..00000000 --- a/tsg-9140-scripts/roles/sapp/templates/sapp.service.j2 +++ /dev/null @@ -1,21 +0,0 @@ -[Unit] -Description=sapp service -Requires=mrzcpd.service -After=mrzcpd.service -[Service] -Type=notify -WorkingDirectory=/home/mesasoft/sapp_run -ExecStart=/home/mesasoft/sapp_run/sapp -TimeoutSec=900s -RestartSec=10s -Restart=always -LimitNOFILE=524288 -LimitNPROC=infinity -LimitCORE=0 -TasksMax=infinity -Delegate=yes -KillMode=process -WatchdogSec=10s - -[Install] -WantedBy=multi-user.target diff --git a/tsg-9140-scripts/roles/tfe/tasks/main.yml b/tsg-9140-scripts/roles/tfe/tasks/main.yml index 16f15dc1..a782149c 100644 --- a/tsg-9140-scripts/roles/tfe/tasks/main.yml +++ b/tsg-9140-scripts/roles/tfe/tasks/main.yml @@ -59,19 +59,19 @@ - name: "create a override conf - first step, create dir" file: - path: /etc/systemd/system/tfe.service.d/ + path: /usr/lib/systemd/system/tfe.service.d/ state: directory mode: '0755' - name: "create a override conf - second step, copy a override service file" template: src: "{{ role_path }}/templates/require-mrzcpd.conf.j2" - dest: /etc/systemd/system/tfe.service.d/require-mrzcpd.conf + dest: /usr/lib/systemd/system/tfe.service.d/require-mrzcpd.conf - name: "copy memory limit file to tfe.service.d" copy: src: "{{ role_path }}/files/memory.conf" - dest: /etc/systemd/system/tfe.service.d/ + dest: /usr/lib/system/tfe.service.d/ mode: 0644