gfwleak/tsg-tsg-os-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature:TSG-22282:Sync maat support read domain redis address in traffic-engine.

Browse Source
This commit is contained in:
fumingwei
2024-08-12 16:10:52 +08:00
committed by 付明卫
parent ef5f29471d
commit 455f947fa5
5 changed files with 3 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
ansible/roles/traffic-engine/files/helm/templates/_config.tpl
View File

@@ -174,7 +174,7 @@ Requires "traffic-engine.volume.mrzcpd"
{{- if eq .Values.external_resources.cm.connectivity "direct" }}
{{- print .Values.external_resources.cm.direct.address }}
{{- else }}
{{- print "CM_POLICY_LOCAL_CACHE_IP_LOCATION" }}
{{- print .Values.external_resources.cm.local_cache.cache_name "-redis-master.tsg-os-system.svc" }}
{{- end }}
{{- end -}}
@@ -186,23 +186,12 @@ Requires "traffic-engine.volume.mrzcpd"
{{- end }}
{{- end -}}
{{/*
Read cm service ip and set it up as an environment variable.
Requires "public.prepare-access-API"
*/}}
{{- define "traffic-engine.global.cm.read-server-ip" -}}
curl --cacert ${CACERT} --header "Authorization: Bearer ${TOKEN}" -X GET ${APISERVER}/api/v1/namespaces/tsg-os-system/services/{{ .Values.external_resources.cm.local_cache.cache_name }}-redis-master -o /tmp/cm-cache.txt
export CM_POLICY_LOCAL_CACHE_IP=$(cat /tmp/cm-cache.txt | jq -r '.spec.clusterIP')
echo "export CM_POLICY_LOCAL_CACHE_IP=${CM_POLICY_LOCAL_CACHE_IP}" > /etc/profile.d/cm-local-cache.sh
chmod 0755 /etc/profile.d/cm-local-cache.sh
{{- end -}}
{{- define "traffic-engine.global.sd.server-ip" -}}
{{- if eq .Values.external_resources.sd.enable .Values.define_enable_val_yes }}
{{- if eq .Values.external_resources.sd.connectivity "direct" }}
{{- print .Values.external_resources.sd.direct.address }}
{{- else }}
{{- print "SD_POLICY_LOCAL_CACHE_IP_LOCATION" }}
{{- print .Values.external_resources.sd.local_cache.cache_name "-redis-master.tsg-os-system.svc" }}
{{- end }}
{{- end }}
{{- end -}}
@@ -217,17 +206,6 @@ chmod 0755 /etc/profile.d/cm-local-cache.sh
{{- end }}
{{- end -}}
{{/*
Read sd service ip and set it up as an environment variable.
Requires "public.prepare-access-API"
*/}}
{{- define "traffic-engine.global.sd.read-server-ip" -}}
curl --cacert ${CACERT} --header "Authorization: Bearer ${TOKEN}" -X GET ${APISERVER}/api/v1/namespaces/tsg-os-system/services/{{ .Values.external_resources.sd.local_cache.cache_name }}-redis-master -o /tmp/sd-cache.txt
export SD_POLICY_LOCAL_CACHE_IP=$(cat /tmp/sd-cache.txt | jq -r '.spec.clusterIP')
echo "export SD_POLICY_LOCAL_CACHE_IP=${SD_POLICY_LOCAL_CACHE_IP}" > /etc/profile.d/sd-local-cache.sh
chmod 0755 /etc/profile.d/sd-local-cache.sh
{{- end -}}
{{- define "public.sync-host-timezone.volume" -}}
- name: localtime-volume
hostPath:

41
ansible/roles/traffic-engine/files/helm/templates/deployment-firewall.yaml
View File

@@ -47,23 +47,8 @@ spec:
- "-ec"
- |
ldconfig
{{- if or
(eq .Values.external_resources.cm.connectivity "local_cache")
(and (eq .Values.external_resources.sd.enable .Values.define_enable_val_yes) (eq .Values.external_resources.sd.connectivity "local_cache"))
(eq .Values.dos_protector.enable .Values.define_enable_val_yes) }}
{{- include "public.prepare-access-API" . | nindent 12 }}
{{- end }}
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
{{- include "traffic-engine.global.cm.read-server-ip" . | nindent 12 }}
sed -Ei -c "s|CM_POLICY_LOCAL_CACHE_IP_LOCATION|${CM_POLICY_LOCAL_CACHE_IP?}|g" /opt/tsg/sapp/tsgconf/maat.conf
{{- end }}
{{- if eq .Values.external_resources.sd.enable .Values.define_enable_val_yes }}
{{- if eq .Values.external_resources.sd.connectivity "local_cache" }}
{{- include "traffic-engine.global.sd.read-server-ip" . | nindent 12 }}
sed -Ei -c "s|SD_POLICY_LOCAL_CACHE_IP_LOCATION|${SD_POLICY_LOCAL_CACHE_IP?}|g" /opt/tsg/sapp/tsgconf/maat.conf
{{- end }}
{{- end }}
{{- if eq .Values.dos_protector.enable .Values.define_enable_val_yes }}
{{- include "public.prepare-access-API" . | nindent 12 }}
until nslookup ${HOSTNAME}-8551.default.svc; do echo waiting for kubernetes service; sleep 2; done
curl --cacert ${CACERT} --header "Authorization: Bearer ${TOKEN}" -X GET ${APISERVER}/api/v1/namespaces/${NAMESPACE}/services/${HOSTNAME}-8551 -o /tmp/service.txt
export CLUSTER_ANNOUNCE_PORT=$(cat /tmp/service.txt | jq '.spec.ports[] | .nodePort')
@@ -242,30 +227,6 @@ spec:
- |
until nslookup kubernetes.default.svc; do echo waiting for kubernetes service; sleep 2; done
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
- name: init-cm-svc
image: "registry.gdnt-cloud.website/tsg-init:{{ .Chart.AppVersion }}"
imagePullPolicy: Never
command:
- "bash"
- "-ec"
- |
until nslookup {{ .Values.external_resources.cm.local_cache.cache_name }}-redis-master.tsg-os-system.svc; do echo waiting for cm cache service; sleep 2; done
{{- end }}
{{- if eq .Values.external_resources.sd.enable .Values.define_enable_val_yes }}
{{- if eq .Values.external_resources.sd.connectivity "local_cache" }}
- name: init-sd-svc
image: "registry.gdnt-cloud.website/tsg-init:{{ .Chart.AppVersion }}"
imagePullPolicy: Never
command:
- "bash"
- "-ec"
- |
until nslookup {{ .Values.external_resources.sd.local_cache.cache_name }}-redis-master.tsg-os-system.svc; do echo waiting for sd cache service; sleep 2; done
{{- end }}
{{- end }}
- name: init-packet-io-engine-ready
image: "registry.gdnt-cloud.website/tsg-init:{{ .Chart.AppVersion }}"
imagePullPolicy: Never

21
ansible/roles/traffic-engine/files/helm/templates/deployment-proxy.yaml
View File

@@ -46,11 +46,6 @@ spec:
- "-ec"
- |
ldconfig
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
{{- include "public.prepare-access-API" . | nindent 12 }}
{{- include "traffic-engine.global.cm.read-server-ip" . | nindent 12 }}
sed -Ei -c "s|CM_POLICY_LOCAL_CACHE_IP_LOCATION|${CM_POLICY_LOCAL_CACHE_IP?}|g" /opt/tsg/tfe/conf/tfe/tfe.conf
{{- end }}
{{- if eq .Values.debug.proxy.enable_prestart_script .Values.define_enable_val_yes }}
echo WARNING: PRESTART.sh is enable, the commands in PRESTART.sh is:
cat /opt/tsg/scripts/prestart.sh
@@ -131,11 +126,6 @@ spec:
- "bash"
- "-ec"
- |
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
{{- include "public.prepare-access-API" . | nindent 12 }}
{{- include "traffic-engine.global.cm.read-server-ip" . | nindent 12 }}
sed -Ei -c "s|CM_POLICY_LOCAL_CACHE_IP_LOCATION|${CM_POLICY_LOCAL_CACHE_IP?}|g" /opt/tsg/certstore/conf/cert_store.ini
{{- end }}
exec /opt/tsg/certstore/bin/certstore
securityContext:
privileged: true
@@ -193,17 +183,6 @@ spec:
- |
until nslookup kubernetes.default.svc; do echo waiting for kubernetes service; sleep 2; done
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
- name: init-cm-svc
image: "registry.gdnt-cloud.website/tsg-init:{{ .Chart.AppVersion }}"
imagePullPolicy: Never
command:
- "bash"
- "-ec"
- |
until nslookup {{ .Values.external_resources.cm.local_cache.cache_name }}-redis-master.tsg-os-system.svc; do echo waiting for cm cache service; sleep 2; done
{{- end }}
- name: init-packet-io-engine-ready
image: "registry.gdnt-cloud.website/tsg-init:{{ .Chart.AppVersion }}"
imagePullPolicy: Never

16
ansible/roles/traffic-engine/files/helm/templates/deployment-sce.yaml
View File

@@ -46,11 +46,6 @@ spec:
- "-ec"
- |
ldconfig
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
{{- include "public.prepare-access-API" . | nindent 12 }}
{{- include "traffic-engine.global.cm.read-server-ip" . | nindent 12 }}
sed -Ei -c "s|CM_POLICY_LOCAL_CACHE_IP_LOCATION|${CM_POLICY_LOCAL_CACHE_IP?}|g" /opt/tsg/sce/conf/sce.conf
{{- end }}
{{- if eq .Values.debug.service_chaining.enable_prestart_script .Values.define_enable_val_yes }}
echo WARNING: PRESTART.sh is enable, the commands in PRESTART.sh is:
cat /opt/tsg/scripts/prestart.sh
@@ -164,17 +159,6 @@ spec:
- |
until nslookup kubernetes.default.svc; do echo waiting for kubernetes service; sleep 2; done
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
- name: init-cm-svc
image: "registry.gdnt-cloud.website/tsg-init:{{ .Chart.AppVersion }}"
imagePullPolicy: Never
command:
- "bash"
- "-ec"
- |
until nslookup {{ .Values.external_resources.cm.local_cache.cache_name }}-redis-master.tsg-os-system.svc; do echo waiting for cm cache service; sleep 2; done
{{- end }}
- name: init-packet-io-engine-ready
image: "registry.gdnt-cloud.website/tsg-init:{{ .Chart.AppVersion }}"
imagePullPolicy: Never

16
ansible/roles/traffic-engine/files/helm/templates/deployment-shaping.yaml
View File

@@ -48,10 +48,6 @@ spec:
- |
ldconfig
{{- include "public.prepare-access-API" . | nindent 12 }}
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
{{- include "traffic-engine.global.cm.read-server-ip" . | nindent 12 }}
sed -Ei -c "s|CM_POLICY_LOCAL_CACHE_IP_LOCATION|${CM_POLICY_LOCAL_CACHE_IP?}|g" /opt/tsg/shaping_engine/conf/shaping.conf
{{- end }}
until nslookup ${MY_POD_NAME}-8551.default.svc; do echo waiting for kubernetes service; sleep 2; done
curl --cacert ${CACERT} --header "Authorization: Bearer ${TOKEN}" -X GET ${APISERVER}/api/v1/namespaces/${NAMESPACE}/services/${MY_POD_NAME}-8551 -o /tmp/service.txt
export CLUSTER_ANNOUNCE_PORT=$(cat /tmp/service.txt | jq '.spec.ports[] | .nodePort')
@@ -185,18 +181,6 @@ spec:
- |
until nslookup kubernetes.default.svc; do echo waiting for kubernetes service; sleep 2; done
{{- if eq .Values.external_resources.cm.connectivity "local_cache" }}
- name: init-cm-svc
image: "registry.gdnt-cloud.website/tsg-init:{{ .Chart.AppVersion }}"
imagePullPolicy: Never
command:
- "bash"
- "-ec"
- |
until nslookup {{ .Values.external_resources.cm.local_cache.cache_name }}-redis-master.tsg-os-system.svc; do echo waiting for cm cache service; sleep 2; done
{{- end }}
- name: init-packet-io-engine-ready
image: "registry.gdnt-cloud.website/tsg-init:{{ .Chart.AppVersion }}"
imagePullPolicy: Never