diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index a504c313..d53cdf94 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -48,6 +48,18 @@ feature_branch_build_9000: - /^rel-.*$/i - /^update-.*$/i +feature_branch_build_TSGXP1403: + stage: build + extends: .build_tsg-buildimage + variables: + PROFILE_LIST: TSGXNXR620G40R01P1403 + DALIY_BUILD_VERSION: 1 + except: + - tags + - /^dev-.*$/i + - /^rel-.*$/i + - /^update-.*$/i + feature_branch_build_server_unlocked: stage: build extends: .build_tsg-buildimage @@ -113,6 +125,19 @@ develop_build_9000: only: - /^dev-.*$/i +develop_build_TSGXP1403: + stage: build + extends: .build_tsg-buildimage + variables: + PROFILE_LIST: TSGXNXR620G40R01P1403 + UPLOAD_TO_FILE_REPO: 1 + PULP3_FILE_REPO_NAME: tsg-os-images-develop + PULP3_FILE_DIST_NAME: tsg-os-images-develop + DALIY_BUILD_VERSION: 1 + FILE_REPO_PATH: install/develop/tsg-os-images + only: + - /^dev-.*$/i + develop_build_server_unlocked: stage: build extends: .build_tsg-buildimage @@ -180,6 +205,19 @@ testing_build_9000: only: - /^rel-.*$/i +testing_build_TSGXP1403: + stage: build + extends: .build_tsg-buildimage + variables: + PROFILE_LIST: TSGXNXR620G40R01P1403 + UPLOAD_TO_FILE_REPO: 1 + PULP3_FILE_REPO_NAME: tsg-os-images-testing + PULP3_FILE_DIST_NAME: tsg-os-images-testing + FILE_REPO_PATH: install/testing/tsg-os-images + DALIY_BUILD_VERSION: 1 + only: + - /^rel-.*$/i + testing_build_server_unlocked: stage: build extends: .build_tsg-buildimage @@ -247,6 +285,19 @@ rc_build_9000: only: - /^.*-rc.*$/i +rc_build_TSGXP1403: + stage: build + extends: .build_tsg-buildimage + variables: + PROFILE_LIST: TSGXNXR620G40R01P1403 + UPLOAD_TO_FILE_REPO: 1 + DALIY_BUILD_VERSION: 0 + PULP3_FILE_REPO_NAME: tsg-os-images-rc + PULP3_FILE_DIST_NAME: tsg-os-images-rc + FILE_REPO_PATH: install/rc/tsg-os-images + only: + - /^.*-rc.*$/i + rc_build_server_unlocked: stage: build extends: .build_tsg-buildimage @@ -320,6 +371,21 @@ release_build_9000: except: - /^.*-rc.*$/i +release_build_TSGXP1403: + stage: build + extends: .build_tsg-buildimage + variables: + PROFILE_LIST: TSGXNXR620G40R01P1403 + UPLOAD_TO_FILE_REPO: 1 + DALIY_BUILD_VERSION: 0 + PULP3_FILE_REPO_NAME: tsg-os-images-release + PULP3_FILE_DIST_NAME: tsg-os-images-release + FILE_REPO_PATH: install/release/tsg-os-images + only: + - tags + except: + - /^.*-rc.*$/i + release_build_server_unlocked: stage: build extends: .build_tsg-buildimage diff --git a/ansible/HAL_deploy.yml b/ansible/HAL_deploy.yml index 68dab80d..3b891010 100644 --- a/ansible/HAL_deploy.yml +++ b/ansible/HAL_deploy.yml @@ -86,3 +86,26 @@ - {role: nz-talon, tags: nz-talon} - {role: tsg-os-provision-condition, tags: tsg-os-provision-condition} - {role: hasp, tags: hasp} + +- hosts: TSG-X-NXR620G40-R01-P1403 + remote_user: root + vars_files: + - install_config/group_vars/HAL_TSGXNXR620G40R01P1403.yml + - install_config/group_vars/rpm_version.yml + roles: + - {role: tsg-os-provision, tags: tsg-os-provision} + - {role: tsg_device_tag, tags: tsg_device_tag} + - {role: tsg_sn, tags: tsg_sn} + - {role: framework, tags: framework} + - {role: mrzcpd, tags: mrzcpd} + - {role: sapp, tags: sapp} + - {role: tsg_master, tags: tsg_master} + - {role: firewall, tags: firewall} + - {role: tsg_app, tags: tsg_app} + - {role: telegraf_statistic, tags: telegraf_statistic} + - {role: exporter, tags: exporter} + - {role: system-init-TSG-X-P1403, tags: system-init-TSG-X-P1403} + - {role: system-init, tags: system-init} + - {role: tsg-os-provision-condition, tags: tsg-os-provision-condition} + - {role: hasp, tags: hasp} + - {role: OFED, tags: OFED} diff --git a/ansible/install_config/group_vars/HAL_TSGXNXR620G40R01P1403.yml b/ansible/install_config/group_vars/HAL_TSGXNXR620G40R01P1403.yml new file mode 100644 index 00000000..e611a0ac --- /dev/null +++ b/ansible/install_config/group_vars/HAL_TSGXNXR620G40R01P1403.yml @@ -0,0 +1,36 @@ +control_and_policy: + nic_name: "{% raw %}{{ network_setting.nic_policy_log.name }}{% endraw %}" + +workload_zcpd: + cpu_affinity: "{% raw %}{{ workload_zcpd_cpu_affinity }}{% endraw %}" + hugepage_num_1G: 32 + +workload_firewall: + cpu_affinity: "{% raw %}{{ workload_firewall_cpu_affinity }}{% endraw %}" + worker_threads: "{% raw %}{{ workload_firewall_worker_threads }}{% endraw %}" + send_only_threads_max: 0 + +dp_traffic_mirror: + nic_name: eth_mirr_d + traffic_mirror_vlan_id: 0 + +dp_steering_firewall: + #deloyment value: mirror,inline, transparent. mirror = one arm + mirror, inline = one arm + series, transparent = two arm + series + deployment: inline + #encapsulation value: vlan, vxlan, raw, provision + encapsulation: vxlan + # capture_packet value: pcap, driver + capture_packet: driver + nic_internal: "{% raw %}{{ network_setting.nic_raw.name }}{% endraw %}" + enable_mirror: 0 + +prefix_path: + mrzcpd: /opt/tsg/mrzcpd + framework: /opt/tsg/framework + sapp: /opt/tsg/sapp + +monitor: + enable_redis_exporter: 1 + enable_ipmi_exporter: 1 +### TSG-server, TSG-7400-mcn0 TSG-7400-mcn123 TSG-9140 +runtime_env: TSG-X-P1403 \ No newline at end of file diff --git a/ansible/roles/OFED/files/MLNX_OFED_LINUX-5.5-1.0.3.2-rhel7.9-x86_64-ext.tgz b/ansible/roles/OFED/files/MLNX_OFED_LINUX-5.5-1.0.3.2-rhel7.9-x86_64-ext.tgz new file mode 100644 index 00000000..5c122f64 Binary files /dev/null and b/ansible/roles/OFED/files/MLNX_OFED_LINUX-5.5-1.0.3.2-rhel7.9-x86_64-ext.tgz differ diff --git a/ansible/roles/OFED/tasks/main.yml b/ansible/roles/OFED/tasks/main.yml new file mode 100644 index 00000000..df8ff10b --- /dev/null +++ b/ansible/roles/OFED/tasks/main.yml @@ -0,0 +1,19 @@ +--- +- name: "copy OFED installer package to to destination server" + copy: + src: "{{ role_path }}/files/" + dest: "/tmp/OFED/" + +- name: "create unarchive directory" + file: + path: "/tmp/OFED/unarchived" + state: directory + +- name: "unarchive OFED installer" + unarchive: + src: /tmp/OFED/MLNX_OFED_LINUX-5.5-1.0.3.2-rhel7.9-x86_64-ext.tgz + dest: /tmp/OFED/unarchived/ + remote_src: yes + +- name: "execute OFED installer" + shell: /tmp/OFED/unarchived/MLNX_OFED_LINUX-5.5-1.0.3.2-rhel7.9-x86_64-ext/mlnxofedinstall --add-kernel-support --kernel 3.10.0-1160.59.1.el7.x86_64 --force --without-depcheck \ No newline at end of file diff --git a/ansible/roles/mrzcpd/tasks/main.yml b/ansible/roles/mrzcpd/tasks/main.yml index b5256e9d..b3b27eae 100644 --- a/ansible/roles/mrzcpd/tasks/main.yml +++ b/ansible/roles/mrzcpd/tasks/main.yml @@ -77,6 +77,13 @@ when: - runtime_env == 'TSG-server' +- name: "update mrglobal.conf - TSG-X-P1403" + template: + src: "{{ role_path }}/templates/mrglobal.conf.j2.j2.TSGXNXR620G40R01P1403" + dest: /opt/tsg/tsg-os-provision/templates/mrglobal.conf.j2 + when: + - runtime_env == 'TSG-X-P1403' + - name: "replace action: replace service WantedBy from multi-user.target to workload.target" replace: path: "{{ item }}" diff --git a/ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.TSGXNXR620G40R01P1403 b/ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.TSGXNXR620G40R01P1403 new file mode 100644 index 00000000..44c75615 --- /dev/null +++ b/ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.TSGXNXR620G40R01P1403 @@ -0,0 +1,54 @@ +[device] +device={{ dp_steering_firewall.nic_internal }} +sz_tunnel=8192 +sz_buffer=0 + +[device:{{ dp_steering_firewall.nic_internal }}] +{% raw %}in_addr={{etherfabric_settings.keepalive.ip}} +in_mask={{etherfabric_settings.keepalive.mask}} +{% endraw %} +vlan-filter=1 +vlan-pvid=0 +vlan-pvid-mode=2 +promisc=1 +allmulticast=1 +rssmode=0 +mtu=2048 + +[service] +# lcore id for i/o service, use comma to split +iocore={{ workload_zcpd.cpu_affinity }} +{% raw %}{% if session_distribution_policy.hash_key == 'outer-most-sip-dip' %} +distmode=0 +{% endif %} +{% if session_distribution_policy.hash_key == 'outer-most-sip-dip-sport-dport' %} +distmode=1 +{% endif %} +{% if session_distribution_policy.hash_key == 'inner-most-sip-dip' %} +distmode=2 +{% endif %} +{% if session_distribution_policy.hash_key == 'inner-most-sip-dip-sport-dport' %} +distmode=3 +{% endif %} +{% if session_distribution_policy.hash_key == 'hardware' %} +distmode=4 +{% endif %} +{% endraw %} +hashmode=0 + +[eal] +virtaddr=0x7f40c4a00000 +loglevel=7 + +[keepalive] +check_spinlock=1 + +[ctrlzone] +ctrlzone0=tunnat,64 + +[pool] +create_mode=3 +sz_direct_pktmbuf=4194304 +sz_indirect_pktmbuf=8192 +sz_cache=256 +sz_data=4096 \ No newline at end of file diff --git a/ansible/roles/sapp/tasks/main.yml b/ansible/roles/sapp/tasks/main.yml index 839cb246..df25d78d 100644 --- a/ansible/roles/sapp/tasks/main.yml +++ b/ansible/roles/sapp/tasks/main.yml @@ -56,6 +56,14 @@ src: "{{ role_path }}/templates/send_raw_pkt.conf.j2" dest: /opt/tsg/sapp/etc/send_raw_pkt.conf tags: template + when: runtime_env != 'TSG-X-P1403' + +- name: Template the send_raw_pkt.conf + template: + src: "{{ role_path }}/templates/send_raw_pkt.conf.j2" + dest: /opt/tsg/tsg-os-provision/templates/send_raw_pkt.conf.j2 + tags: template + when: runtime_env == 'TSG-X-P1403' - name: Template the conflist.inf - tsg_server template: @@ -97,6 +105,14 @@ when: - runtime_env == 'TSG-7400-mcn0' +- name: Template the vlan_flipping_map.conf - tsg-x-p1403 + template: + src: "{{ role_path }}/templates/vlan_flipping_map.conf.j2.TSGXNXR620G40R01P1403" + dest: /opt/tsg/sapp/etc/vlan_flipping_map.conf + tags: template + when: + - runtime_env == 'TSG-X-P1403' + - name: Template the sapp_log.conf template: src: "{{ role_path }}/templates/sapp_log.conf.j2" diff --git a/ansible/roles/sapp/templates/vlan_flipping_map.conf.j2.TSGXNXR620G40R01P1403 b/ansible/roles/sapp/templates/vlan_flipping_map.conf.j2.TSGXNXR620G40R01P1403 new file mode 100644 index 00000000..bb4e2eff --- /dev/null +++ b/ansible/roles/sapp/templates/vlan_flipping_map.conf.j2.TSGXNXR620G40R01P1403 @@ -0,0 +1,10 @@ +#for inline a device vlan flipping +#数据包来自C路由器端, 即C2I(I2E)方向, +#数据包来自I路由器端, 即I2C(E2I)方向, +#平台会根据vlan_id,设置当前包route_dir的值, 以便上层业务插件做两个方向的流量统计, +#如果一对vlan_id写反了, 网络是通的, 但是I2E,E2I的流量统计就颠倒了. +#配置文件格式, pattern: +#来自C路由器vlan_id 来自I路由器vlan_id 是否开启mac地址翻转 +#C_router_vlan_id I_router_vlan_id mac_flipping_enable +4000 4001 0 + diff --git a/ansible/roles/system-init-TSG-X-P1403/tasks/main.yml b/ansible/roles/system-init-TSG-X-P1403/tasks/main.yml new file mode 100644 index 00000000..58d85546 --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/tasks/main.yml @@ -0,0 +1,136 @@ +--- +# systemctl set-property user.slice CPUShares=1500 MemoryLimit=13G +# systemctl set-property system.slice CPUShares=1000 MemoryLimit=13G +# systemctl set-property workload.slice CPUShares=7500 MemoryLimit=100G + +# workload.slice +- name: "Create /usr/lib/systemd/system/workload.slice.d/ directory if it does not exist" + file: + path: "{{ item }}" + state: directory + mode: '0755' + with_items: + - /usr/lib/systemd/system/workload.slice.d/ + +- name: "copy 50-CPUShares.conf to workload.slice.d" + copy: + src: "{{ role_path }}/templates/override_workload_slice_cpu.conf.j2" + dest: /usr/lib/systemd/system/workload.slice.d/50-CPUShares.conf + mode: 0644 + +- name: "copy 50-MemoryLimit.conf to workload.slice.d" + copy: + src: "{{ role_path }}/templates/override_workload_slice_mem.conf.j2" + dest: /usr/lib/systemd/system/workload.slice.d/50-MemoryLimit.conf + mode: 0644 + +# user.slice +- name: "Create /usr/lib/systemd/system/user.slice.d/ directory if it does not exist" + file: + path: "{{ item }}" + state: directory + mode: '0755' + with_items: + - /usr/lib/systemd/system/user.slice.d/ + +- name: "copy 50-CPUShares.conf to user.slice.d" + copy: + src: "{{ role_path }}/templates/override_user_slice_cpu.conf.j2" + dest: /usr/lib/systemd/system/user.slice.d/50-CPUShares.conf + mode: 0644 + +- name: "copy 50-MemoryLimit.conf to user.slice.d" + copy: + src: "{{ role_path }}/templates/override_user_slice_mem.conf.j2" + dest: /usr/lib/systemd/system/user.slice.d/50-MemoryLimit.conf + mode: 0644 + +# system.slice +- name: "Create /usr/lib/systemd/system/system.slice.d/ directory if it does not exist" + file: + path: "{{ item }}" + state: directory + mode: '0755' + with_items: + - /usr/lib/systemd/system/system.slice.d/ + +- name: "copy 50-CPUShares.conf to system.slice.d" + copy: + src: "{{ role_path }}/templates/override_system_slice_cpu.conf.j2" + dest: /usr/lib/systemd/system/system.slice.d/50-CPUShares.conf + mode: 0644 + +- name: "copy 50-MemoryLimit.conf to system.slice.d" + copy: + src: "{{ role_path }}/templates/override_system_slice_mem.conf.j2" + dest: /usr/lib/systemd/system/system.slice.d/50-MemoryLimit.conf + mode: 0644 + +# 启用 IPMI +- name: "copy ipmi.conf to /etc/sysconfig/ipmi" + copy: + src: "{{ role_path }}/templates/ipmi.conf.j2" + dest: /etc/sysconfig/ipmi + mode: 0644 + +- name: "enable ipmi" + systemd: + name: ipmi + enabled: yes + +# 启用 Watchdog +- name: "copy watchdog.conf to /etc/watchdog.conf" + copy: + src: "{{ role_path }}/templates/watchdog.conf.j2" + dest: /etc/watchdog.conf + mode: 0644 + +- name: "enable watchdog" + systemd: + name: watchdog + enabled: yes + +- name: "enable irqbalance" + systemd: + name: irqbalance + enabled: yes + +# poweroff guard +- name: "templates poweroff-guard.service.j2" + template: + src: "{{role_path}}/templates/poweroff-guard.service.j2" + dest: /usr/lib/systemd/system/poweroff-guard.service + tags: template + +- name: "templates start-poweroff-guard.service.j2" + template: + src: "{{role_path}}/templates/start-poweroff-guard.service.j2" + dest: /usr/lib/systemd/system/start-poweroff-guard.service + tags: template + +- name: 'poweroff-guard service start' + systemd: + name: poweroff-guard + enabled: yes + +- name: 'start-poweroff-guard service start' + systemd: + name: start-poweroff-guard + enabled: yes +#Set CPU frequency scaling +- name: "copy cpupower.j2 to /etc/sysconfig/cpupower" + copy: + src: "{{ role_path }}/templates/cpupower.j2" + dest: /etc/sysconfig/cpupower + mode: 0644 + +- name: "enable cpupower" + systemd: + name: cpupower + enabled: yes + +#not wanted dev-hugepages.mount +- name: 'do not wanted dev-hugepages.mount' + file: + path: "/usr/lib/systemd/system/sysinit.target.wants/dev-hugepages.mount" + state: absent diff --git a/ansible/roles/system-init-TSG-X-P1403/templates/cpupower.j2 b/ansible/roles/system-init-TSG-X-P1403/templates/cpupower.j2 new file mode 100644 index 00000000..7dcc1ad1 --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/templates/cpupower.j2 @@ -0,0 +1,3 @@ +# See 'cpupower help' and cpupower(1) for more info +CPUPOWER_START_OPTS="frequency-set -g performance" +CPUPOWER_STOP_OPTS="frequency-set -g powersave" \ No newline at end of file diff --git a/ansible/roles/system-init-TSG-X-P1403/templates/ipmi.conf.j2 b/ansible/roles/system-init-TSG-X-P1403/templates/ipmi.conf.j2 new file mode 100644 index 00000000..5634fb41 --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/templates/ipmi.conf.j2 @@ -0,0 +1,69 @@ +## Path: Hardware/IPMI +## Description: Enable standard hardware interfaces (KCS, BT, SMIC) +## Type: yesno +## Default: "yes" +## Config: ipmi +# Enable standard hardware interfaces (KCS, BT, SMIC) +# You probably want this enabled. +# IPMI_SI disabled by OpenIPMI-modalias rpm scriplet +IPMI_SI=no + +## Path: Hardware/IPMI +## Description: Enable /dev/ipmi0 interface, used by ipmitool, ipmicmd, +## Type: yesno +## Default: "yes" +## Config: ipmi +# Enable /dev/ipmi0 interface, used by ipmitool, ipmicmd, +# and other userspace IPMI-using applications. +# You probably want this enabled. +DEV_IPMI=yes + +## Path: Hardware/IPMI +## Description: Enable IPMI_WATCHDOG if you want the IPMI watchdog +## Type: yesno +## Default: "no" +## Config: ipmi +# Enable IPMI_WATCHDOG if you want the IPMI watchdog +# to reboot the system if it hangs +IPMI_WATCHDOG=yes + +## Path: Hardware/IPMI +## Description: Watchdog options - modinfo ipmi_watchdog for details +## Type: string +## Default: "timeout=60" +## Config: ipmi +# Watchdog options - modinfo ipmi_watchdog for details +# watchdog timeout value in seconds +# as there is no userspace ping application that runs during shutdown, +# be sure to give it enough time for any device drivers to +# do their cleanup (e.g. megaraid cache flushes) +# without the watchdog triggering prematurely +IPMI_WATCHDOG_OPTIONS="timeout=600 action=reset" + +## Path: Hardware/IPMI +## Description: Enable IPMI_POWEROFF if you want the IPMI poweroff module to be loaded. +## Type: yesno +## Default: "no" +## Config: ipmi +# Enable IPMI_POWEROFF if you want the IPMI +# poweroff module to be loaded. +IPMI_POWEROFF=no + +## Path: Hardware/IPMI +## Description: Enable IPMI_POWERCYCLE if you want the system to be power-cycled on reboot +## Type: yesno +## Default: "no" +## Config: ipmi +# Enable IPMI_POWERCYCLE if you want the system to be power-cycled (power +# down, delay briefly, power on) rather than power off, on systems +# that support such. IPMI_POWEROFF=yes is also required. +IPMI_POWERCYCLE=no + +## Path: Hardware/IPMI +## Description: Enable "legacy" interfaces for applications +## Type: yesno +## Default: "no" +## Config: ipmi +# Enable "legacy" interfaces for applications +# Intel IMB driver interface +IPMI_IMB=no diff --git a/ansible/roles/system-init-TSG-X-P1403/templates/override_system_slice_cpu.conf.j2 b/ansible/roles/system-init-TSG-X-P1403/templates/override_system_slice_cpu.conf.j2 new file mode 100644 index 00000000..f28071c2 --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/templates/override_system_slice_cpu.conf.j2 @@ -0,0 +1,2 @@ +[Slice] +CPUShares=1000 diff --git a/ansible/roles/system-init-TSG-X-P1403/templates/override_system_slice_mem.conf.j2 b/ansible/roles/system-init-TSG-X-P1403/templates/override_system_slice_mem.conf.j2 new file mode 100644 index 00000000..38c3bf72 --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/templates/override_system_slice_mem.conf.j2 @@ -0,0 +1,2 @@ +[Slice] +MemoryLimit=13G diff --git a/ansible/roles/system-init-TSG-X-P1403/templates/override_user_slice_cpu.conf.j2 b/ansible/roles/system-init-TSG-X-P1403/templates/override_user_slice_cpu.conf.j2 new file mode 100644 index 00000000..bca6bd76 --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/templates/override_user_slice_cpu.conf.j2 @@ -0,0 +1,2 @@ +[Slice] +CPUShares=1500 diff --git a/ansible/roles/system-init-TSG-X-P1403/templates/override_user_slice_mem.conf.j2 b/ansible/roles/system-init-TSG-X-P1403/templates/override_user_slice_mem.conf.j2 new file mode 100644 index 00000000..38c3bf72 --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/templates/override_user_slice_mem.conf.j2 @@ -0,0 +1,2 @@ +[Slice] +MemoryLimit=13G diff --git a/ansible/roles/system-init-TSG-X-P1403/templates/override_workload_slice_cpu.conf.j2 b/ansible/roles/system-init-TSG-X-P1403/templates/override_workload_slice_cpu.conf.j2 new file mode 100644 index 00000000..0ad6b44b --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/templates/override_workload_slice_cpu.conf.j2 @@ -0,0 +1,2 @@ +[Slice] +CPUShares=7500 diff --git a/ansible/roles/system-init-TSG-X-P1403/templates/override_workload_slice_mem.conf.j2 b/ansible/roles/system-init-TSG-X-P1403/templates/override_workload_slice_mem.conf.j2 new file mode 100644 index 00000000..4d9ac358 --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/templates/override_workload_slice_mem.conf.j2 @@ -0,0 +1,2 @@ +[Slice] +MemoryLimit=100G diff --git a/ansible/roles/system-init-TSG-X-P1403/templates/poweroff-guard.service.j2 b/ansible/roles/system-init-TSG-X-P1403/templates/poweroff-guard.service.j2 new file mode 100644 index 00000000..58b04214 --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/templates/poweroff-guard.service.j2 @@ -0,0 +1,6 @@ +[Unit] +Description=Poweroff Guard +[Service] +ExecStart=/bin/true +[Install] +RequiredBy=poweroff.target \ No newline at end of file diff --git a/ansible/roles/system-init-TSG-X-P1403/templates/start-poweroff-guard.service.j2 b/ansible/roles/system-init-TSG-X-P1403/templates/start-poweroff-guard.service.j2 new file mode 100644 index 00000000..994b4385 --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/templates/start-poweroff-guard.service.j2 @@ -0,0 +1,6 @@ +[Unit] +Description=Start Poweroff Guard +[Service] +ExecStart=/bin/systemctl enable poweroff-guard +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/ansible/roles/system-init-TSG-X-P1403/templates/watchdog.conf.j2 b/ansible/roles/system-init-TSG-X-P1403/templates/watchdog.conf.j2 new file mode 100644 index 00000000..978c9ed3 --- /dev/null +++ b/ansible/roles/system-init-TSG-X-P1403/templates/watchdog.conf.j2 @@ -0,0 +1,51 @@ +#ping = 172.31.14.1 +#ping = 172.26.1.255 +#interface = eth0 +#file = /var/log/messages +#change = 1407 + +# Uncomment to enable test. Setting one of these values to '0' disables it. +# These values will hopefully never reboot your machine during normal use +# (if your machine is really hung, the loadavg will go much higher than 25) +#max-load-1 = 24 +#max-load-5 = 18 +#max-load-15 = 12 + +# Note that this is the number of pages! +# To get the real size, check how large the pagesize is on your machine. +#min-memory = 1 + +# With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/ +# or /etc/watchdog.d/ for your test-binary and repair-binary configuration. +#repair-binary = /usr/sbin/repair +#repair-timeout = +#test-binary = +#test-timeout = + +watchdog-device = /dev/watchdog + +# Defaults compiled into the binary +#temperature-device = +#max-temperature = 120 + +# Defaults compiled into the binary +#admin = root +interval = 20 +#logtick = 1 +#log-dir = /var/log/watchdog + +# This greatly decreases the chance that watchdog won't be scheduled before +# your machine is really loaded +realtime = yes +priority = 1 + +# When using custom service pid check with custom service +# systemd unit file please be aware the "Requires=" +# does dependent service deactivation. +# Using "Before=watchdog.service" or "Before=watchdog-ping.service" +# in the custom service unit file may be the desired operation instead. +# See man 5 systemd.unit for more details. +# +# Check if rsyslogd is still running by enabling the following line +#pidfile = /var/run/rsyslogd.pid + diff --git a/ansible/roles/system-init/tasks/main.yml b/ansible/roles/system-init/tasks/main.yml index 09265249..7a91646e 100644 --- a/ansible/roles/system-init/tasks/main.yml +++ b/ansible/roles/system-init/tasks/main.yml @@ -60,4 +60,5 @@ shell: sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config - name: "update initramfs" - shell: dracut --force -v /boot/initramfs-5.4.159-1.el7.elrepo.x86_64.img 5.4.159-1.el7.elrepo.x86_64 \ No newline at end of file + shell: dracut --force -v /boot/initramfs-5.4.159-1.el7.elrepo.x86_64.img 5.4.159-1.el7.elrepo.x86_64 + when: runtime_env != 'TSG-X-P1403' \ No newline at end of file diff --git a/ansible/roles/tsg-os-provision-condition/tasks/main.yml b/ansible/roles/tsg-os-provision-condition/tasks/main.yml index e6ee5ab7..aa139da2 100644 --- a/ansible/roles/tsg-os-provision-condition/tasks/main.yml +++ b/ansible/roles/tsg-os-provision-condition/tasks/main.yml @@ -45,3 +45,17 @@ - tfe-env - tfe when: runtime_env == 'TSG-7400-mcn123' + +- name: "add condition into service depend provision result TSG-X-P1403" + copy: + src: "{{ role_path }}/files/service_add_ConditionPathExists.conf" + dest: "/usr/lib/systemd/system/{{ item }}.service.d/" + mode: 0644 + with_items: + - mrapm_device + - mrapm_stream + - mrenv + - mrzcpd + - sapp + - telegraf_statistic + when: runtime_env == 'TSG-X-P1403' diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403 b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403 new file mode 100644 index 00000000..11a7e0b0 --- /dev/null +++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403 @@ -0,0 +1,83 @@ +feature: + enable_policy_local_cache: 1 + enable_stream_bypass_under_ddos: 0 + +firewall: + enable: 1 + enable_hos: 1 + +proxy: + enable: 0 + enable_hos: 0 + +sessionrecord: + enable: 1 + enable_dns_record: 1 + enable_rtp_record: 1 + +capturepacket: + enable: 1 + +radius: + enable: 1 + +app_behavior: + enable: 0 + +gtp: + enable_gtp_c_record: 1 + +wannat: + enable: 0 + nat_gateway_address: "127.0.0.1" + reachability_test_server_address: "127.0.0.1" + reachability_test_server_port: 8888 + feedback_linkinfo_interval: 30 + nat_gateway_broadcast_session_port: 5671 + reachability_test_server_broadcast_session_port: 5672 + reachability_test_server_tunnel_port: 3542 + wan_gateway_listen_port_range_left_edge: 3545 + nat_gateway_listen_port: 3544 + enable_link_info_recording: 1 + +ddossketch: + enable: 1 + tcp_flood_report_thresh: 0.0008 + udp_flood_report_thresh: 0.0008 + icmp_flood_report_thresh: 0.0008 + dns_flood_report_thresh: 0.0008 + +app: + identify_by: + user_defined_signature: 1 + builtin_app_engine: 1 + +coredump: + format: none + collect: local + sentry_url: http://127.0.0.1:9000/api/2/minidump/ + +advanced_settings: + stream_tcp_max: 50000 + stream_tcp_timeout: 30 + stream_udp_max: 50000 + stream_udp_timeout: 60 + stream_bypass_trigger_cpu_usage: 90 + +cm: + policy_server: + port_num: 1 + db_static: 0 + db_dynamic: 1 + +#####session_distribution_policy.hash_key in [outer-most-sip-dip,outer-most-sip-dip-sport-dport,inner-most-sip-dip,inner-most-sip-dip-sport-dport] +session_distribution_policy: + mode: sym-hash + hash_key: inner-most-sip-dip + +cpu_layouts: + - match: + model_name: "5318Y" + sockets: 2 + sapp_affinity: [4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91] + mrzcpd_affinity: [92,93,94,95] \ No newline at end of file diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P1403 b/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P1403 new file mode 100644 index 00000000..1ba868b1 --- /dev/null +++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P1403 @@ -0,0 +1,70 @@ +version: 1 + +device: + tags: + - key1: value1 + - key2: value2 + +session_id_generator: + snowflake_worker_id_base: 1 + snowflake_worker_id_offset: 1 + +feature: + enable_policy_local_cache: 1 + enable_stream_bypass_under_ddos: 0 + +firewall: + enable: 0/1 + +sessionrecord: + enable: 0/1 + enable_dns_record: 0/1 + enable_rtp_record: 0/1 + +capturepacket: + enable: 0/1 + +radius: + enable: 0/1 + +gtp: + enable_gtp_c_record: 0/1 + +ddossketch: + enable: 0/1 + +app: + identify_by: + user_defined_signature: 0/1 + builtin_app_engine: 0/1 + +cm: + policy_server: + address: "127.0.0.1" + port: 7002 + +olap: + kafka_broker: + address_list: ['1.1.1.1:9092','2.2.2.2:9092'] + hos_server: + address: "127.0.0.1" + port: 9098 + +# npb_device value in [inline_device, tera,direct,etherfabric] +npb_device: etherfabric + +etherfabric_settings: + keepalive: + ip: 127.0.0.1 + mask: 255.255.255.0 + +network_setting: + nic_policy_log: + name: eth0 + nic_raw: + name: eth0 + +coredump: + format: minidump/core/none + collect: local/sentry + sentry_url: http://127.0.0.1:9000/api/2/minidump/?sentry_key=3203b43fd5384a7dbe6a48ecb1f3c595 diff --git a/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSGXP1403 b/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSGXP1403 new file mode 100644 index 00000000..034090fe --- /dev/null +++ b/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSGXP1403 @@ -0,0 +1,13 @@ +[Unit] +Description=Tsg os provision +DefaultDependencies=no +Conflicts=shutdown.target +After=local-fs.target +Before=sysinit.target shutdown.target systemd-update-done.service +ConditionNeedsUpdate=|/etc +ConditionFileNotEmpty=|/usr + +[Service] +ExecStart=/bin/sh -c "/opt/tsg/tsg-os-provision/scripts/provision.sh 0" +Type=oneshot +RemainAfterExit=yes \ No newline at end of file diff --git a/ansible/roles/tsg-os-provision/files/tasks/provision.yml.TSGXNXR620G40R01P1403 b/ansible/roles/tsg-os-provision/files/tasks/provision.yml.TSGXNXR620G40R01P1403 new file mode 100644 index 00000000..8593f615 --- /dev/null +++ b/ansible/roles/tsg-os-provision/files/tasks/provision.yml.TSGXNXR620G40R01P1403 @@ -0,0 +1,180 @@ +--- +- hosts: provision + tasks: + - name: Load default config file variable + include_vars: + file: /opt/tsg/tsg-os-provision/provision.default.yml + + - name: Load general config file variable + include_vars: + file: /data/tsg-os-provision/provision.yml + + - name: Load provision.yml.d config file variable + include_vars: + dir: /data/tsg-os-provision/provision.yml.d/ + ignore_unknown_extensions: yes + extensions: + - 'yml' + - 'yaml' + +######setting cpu affinity start###### + - name: obtain cpu layout info + set_fact: + cpu_layout_obtained: "{{ item }}" + loop: "{{ cpu_layouts }}" + when: + - ansible_facts.processor[2] is search(item.match.model_name) + - ansible_facts.processor_count == item.match.sockets + + - name: set cpu affinity variable + set_fact: + workload_firewall_cpu_affinity: "{{ cpu_layout_obtained.sapp_affinity | join(',') }}" + workload_zcpd_cpu_affinity: "{{ cpu_layout_obtained.mrzcpd_affinity | join(',')}}" + workload_firewall_worker_threads: "{{ cpu_layout_obtained.sapp_affinity | length }}" +######setting cpu affinity end###### + + - name: "set keep_alive_ip" + set_fact: + gdev_conf_keep_alive_ip: "{{ etherfabric_settings.keepalive.ip }}" + + - name: "set cm_policy_server_ip and cm_policy_server_port" + set_fact: + cm_policy_server_ip: "{{cm.policy_server.address}}" + cm_policy_server_port: "{{ cm.policy_server.port }}" + + - name: "tsg-os-provision: Template the conflist.inf" + template: + src: ../templates/conflist.inf.j2 + dest: /opt/tsg/sapp/plug/conflist.inf + tags: sapp + + - name: "tsg-os-provision: template gdev.conf file" + template: + src: "../templates/gdev.conf.j2" + dest: /opt/tsg/sapp/etc/gdev.conf + tags: sapp + + - name: "tsg-os-provision: template mrglobal.conf file" + template: + src: "../templates/mrglobal.conf.j2" + dest: /opt/tsg/mrzcpd/etc/mrglobal.conf + tags: mrzcpd + + - name: "tsg-os-provision: Template the tsgconf/main.conf" + template: + src: "../templates/main.conf.j2" + dest: /opt/tsg/sapp/tsgconf/main.conf + tags: firewall + + - name: "tsg-os-provision: Template the tsgconf/maat.conf" + template: + src: "../templates/maat.conf.j2" + dest: /opt/tsg/sapp/tsgconf/maat.conf + tags: firewall + + - name: "tsg-os-provision: Template the tsg_conn_sketch.inf" + template: + src: "../templates/tsg_conn_sketch.inf.j2" + dest: /opt/tsg/sapp/plug/business/tsg_conn_sketch/tsg_conn_sketch.inf + tags: firewall + + - name: "tsg-os-provision: Template the sapp.toml" + template: + src: "../templates/sapp.toml.j2" + dest: /opt/tsg/sapp/etc/sapp.toml + tags: sapp + + - name: "tsg-os-provision: Template the send_raw_pkt.conf" + template: + src: "../templates/send_raw_pkt.conf.j2" + dest: /opt/tsg/sapp/etc/send_raw_pkt.conf + tags: sapp + + - name: "tsg-os-provision: Templates telegraf.conf" + template: + src: "../templates/telegraf_statistic.conf.j2" + dest: /etc/telegraf/telegraf_statistic.conf + tags: telegraf_statistic + + - name: "mkdir /opt/tsg/etc/" + file: + path: /opt/tsg/etc + state: directory + + - name: "tsg-os-provision: obtain sn and write sn to tsg_sn.json" + shell: /opt/tsg/tsg-os-provision/scripts/obtain_sn.sh + register: result_exec_obtain_sn_and_write_sn_in_file + + - name: "tsg-os-provision: check result_exec_obtain_sn_and_write_sn_in_file" + assert: + that: + - result_exec_obtain_sn_and_write_sn_in_file.rc == 0 + - result_exec_obtain_sn_and_write_sn_in_file.failed == False + fail_msg: "error:{{ result_exec_obtain_sn_and_write_sn_in_file.stderr }},stdout:{{ result_exec_obtain_sn_and_write_sn_in_file.stdout_lines }}" + success_msg: "Successded: obtain the sn and write sn into tsg_sn.json" + + - name: "tsg-os-provision: template the tsg_device_tag" + template: + src: "../templates/tsg_device_tag.json.j2" + dest: /opt/tsg/etc/tsg_device_tag.json + tags: tsg_device_tag + + - name: 'tsg-os-provision: execute command - systemctl daemon-reload' + systemd: + daemon_reload: yes + + - name: "tsg-os-provision: coredump setup override - mkdir" + file: + path: /usr/lib/systemd/coredump.conf.d/ + state: directory + + - name: "tsg-os-provision: coredump setup override - override" + template: + src: "../templates/coredump_setup_override.conf.j2" + dest: /usr/lib/systemd/coredump.conf.d/coredump_setup_override.conf + + - name: "tsg-os-provision: snapshot the stage2 config files" + copy: + src: /data/tsg-os-provision/provision.yml + dest: /data/tsg-os-provision/provision.yml.snapshot + + - name: add porvision successed sign + file: + path: /data/tsg-os-provision/.provision_succeeded + state: touch + + - name: "tsg-os-provision: restart mrenv" + systemd: + name: mrenv + state: restarted + when: enable_config_apply == '1' + + - name: "tsg-os-provision: restart mrzcpd" + systemd: + name: mrzcpd + state: restarted + when: enable_config_apply == '1' + + - name: "tsg-os-provision: restart mrapm_device" + systemd: + name: mrapm_device + state: restarted + when: enable_config_apply == '1' + + - name: "tsg-os-provision: restart mrapm_stream" + systemd: + name: mrapm_stream + state: restarted + when: enable_config_apply == '1' + + - name: "tsg-os-provision: restart telegraf_statistic" + systemd: + name: telegraf_statistic + state: restarted + when: enable_config_apply == '1' + + - name: "tsg-os-provision: restart sapp" + systemd: + name: sapp + state: restarted + when: enable_config_apply == '1' diff --git a/ansible/roles/tsg-os-provision/tasks/main.yml b/ansible/roles/tsg-os-provision/tasks/main.yml index 5109030e..f8d36e79 100644 --- a/ansible/roles/tsg-os-provision/tasks/main.yml +++ b/ansible/roles/tsg-os-provision/tasks/main.yml @@ -70,6 +70,13 @@ mode: 0644 when: runtime_env == 'TSG-7400-mcn123' +- name: "tsg-os-provision: copy tasks file that excutes provision to dest - tsg-x p1403" + copy: + src: "{{ role_path }}/files/tasks/provision.yml.TSGXNXR620G40R01P1403" + dest: /opt/tsg/tsg-os-provision/tasks/provision.yml + mode: 0644 + when: runtime_env == 'TSG-X-P1403' + - name: "tsg-os-provision: copy provision.yml.sample file to dest - tsg9140" copy: src: "{{ role_path }}/files/config_sample/provision.yml.sample.9000NPBP01R01" @@ -105,6 +112,13 @@ mode: 0644 when: runtime_env == 'TSG-server' +- name: "tsg-os-provision: copy provision.default.yml - TSG-X-P1304" + copy: + src: "{{ role_path }}/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403" + dest: /opt/tsg/tsg-os-provision/provision.default.yml + mode: 0644 + when: runtime_env == 'TSG-X-P1403' + - name: "tsg-os-provision: copy provision.yml.sample to dest - tsg7400 mcn0" copy: src: "{{ role_path }}/files/config_sample/provision.yml.sample.7400MCN0P01R01" @@ -126,6 +140,13 @@ mode: 0644 when: runtime_env == 'TSG-server' +- name: "tsg-os-provision: copy provision.yml.sample to dest - TSG-X-P1304" + copy: + src: "{{ role_path }}/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P1403" + dest: /opt/tsg/tsg-os-provision/provision.yml.sample + mode: 0644 + when: runtime_env == 'TSG-X-P1403' + - name: "tsg-os-provision: copy provision.sh file to dest" copy: src: "{{ role_path }}/files/script/{{ item }}" @@ -184,6 +205,30 @@ mode: 0755 when: runtime_env == 'TSG-9140' or runtime_env == 'TSG-server' +######TSG-X-P1403 start###### +- name: "install tsg-os-provision.service -- TSG-X-P1403" + copy: + src: "{{ role_path }}/files/service/{{ item.src }}" + dest: /usr/lib/systemd/system/{{ item.dest }} + mode: 0644 + with_items: + - { "src": tsg-os-provision.service.TSGXP1403, "dest": tsg-os-provision.service } + when: runtime_env == 'TSG-X-P1403' + +- name: "replace action: add service into sysinit.target --TSG-X-P1403" + shell: ln -vfs --relative /usr/lib/systemd/system/{{item}} /usr/lib/systemd/system/sysinit.target.wants/{{item}} + with_items: + - tsg-os-provision.service + when: runtime_env == 'TSG-X-P1403' + +- name: "tsg-os-provision: copy tsg-start.sh to dest - TSG-X-P1403" + copy: + src: "{{ role_path }}/files/script/provision-config-apply" + dest: /opt/tsg/tsg-os-provision/ + mode: 0755 + when: runtime_env == 'TSG-X-P1403' +######TSG-X-P1403 end###### + #- name: "tsg-os-provision: install yaml module using pip3" # pip: # name: PyYAML diff --git a/ansible/roles/tsg_sn/files/obtain_sn.sh.TSGXP1403 b/ansible/roles/tsg_sn/files/obtain_sn.sh.TSGXP1403 new file mode 100644 index 00000000..ed38b215 --- /dev/null +++ b/ansible/roles/tsg_sn/files/obtain_sn.sh.TSGXP1403 @@ -0,0 +1,10 @@ +#!/bin/bash -x + +sn=`ipmitool fru list |grep 'Product Serial' | awk '{ print $4}'` +if [ -z "$sn" ];then + echo "{\"sn\": \"unknown\"}" > /opt/tsg/etc/tsg_sn.json + echo "device_id=\"unknown\"" > /etc/default/telegraf + exit 0 +fi +echo "{\"sn\": \"$sn\"}" > /opt/tsg/etc/tsg_sn.json +echo "device_id=\"$sn\"" > /etc/default/telegraf diff --git a/ansible/roles/tsg_sn/tasks/main.yml b/ansible/roles/tsg_sn/tasks/main.yml index 94fdee53..010ecac9 100644 --- a/ansible/roles/tsg_sn/tasks/main.yml +++ b/ansible/roles/tsg_sn/tasks/main.yml @@ -21,4 +21,11 @@ src: "{{ role_path }}/files/obtain_sn.sh.TSGSERVER" dest: /opt/tsg/tsg-os-provision/scripts/obtain_sn.sh mode: 0755 - when: runtime_env == 'TSG-server' \ No newline at end of file + when: runtime_env == 'TSG-server' + +- name: "deploy obtain sn - tsg-x-p1403" + copy: + src: "{{ role_path }}/files/obtain_sn.sh.TSGXP1403" + dest: /opt/tsg/tsg-os-provision/scripts/obtain_sn.sh + mode: 0755 + when: runtime_env == 'TSG-X-P1403' \ No newline at end of file diff --git a/make/Makefile.7400MCN0P01R01 b/make/Makefile.7400MCN0P01R01 index 19a00a6d..893c1f63 100644 --- a/make/Makefile.7400MCN0P01R01 +++ b/make/Makefile.7400MCN0P01R01 @@ -40,7 +40,7 @@ installer: builddir sed -i '/sapp-pr:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml sysroot-base: builddir - $(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) + $(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) $(PROFILE_ID) sysroot-verfile: sysroot-base sed -i -e "s/^NAME=.*/NAME=\"TSG-OS\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release diff --git a/make/Makefile.7400MCN123P01R01 b/make/Makefile.7400MCN123P01R01 index d21237a1..cd2f4add 100644 --- a/make/Makefile.7400MCN123P01R01 +++ b/make/Makefile.7400MCN123P01R01 @@ -40,7 +40,7 @@ installer: builddir sed -i '/tfe-pr:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml sysroot-base: builddir - $(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) + $(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) $(PROFILE_ID) sysroot-verfile: sysroot-base sed -i -e "s/^NAME=.*/NAME=\"TSG-OS\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release diff --git a/make/Makefile.9000NPBP01R01 b/make/Makefile.9000NPBP01R01 index f0939cf3..d8152fe8 100644 --- a/make/Makefile.9000NPBP01R01 +++ b/make/Makefile.9000NPBP01R01 @@ -40,7 +40,7 @@ installer: builddir sed -i '/sapp-pr:/d;/tfe-pr:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml sysroot-base: builddir - $(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) + $(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) $(PROFILE_ID) sysroot-verfile: sysroot-base sed -i -e "s/^NAME=.*/NAME=\"TSG-OS\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release diff --git a/make/Makefile.TSGXNXR620G40R01P1403 b/make/Makefile.TSGXNXR620G40R01P1403 new file mode 100644 index 00000000..9310134a --- /dev/null +++ b/make/Makefile.TSGXNXR620G40R01P1403 @@ -0,0 +1,71 @@ + +PROFILE_ID := TSG-X-NXR620G40-R01-P1403 +SUPPORTED_MACHINE_ID := TSG-X-NXR620G40-R01-P1403 +KERNEL_ARGS := console=ttyS0,115200n8 crashkernel=512M default_hugepagesz=1G hugepagesz=1G hugepages=16 intel_iommu=on iommu=pt mitigations=off pci=realloc,assign-busses psi=1 isolcpus=4-95 +GRUB_SERIAL_COMMAND := +SIZE_PART_SYSROOT := 16384M +SIZE_PART_UPDATE := 16384M + +PROFILE_ID_IN_SHORT := $(subst -,$e,$(PROFILE_ID)) +CHROOT_PKG := tsg-os-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-chroot.tar.bz2 +CHROOT_BIN := tsg-os-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-ONIE.bin + +TARGET_BUILD_DIR := $(BUILDDIR_BASE)/$(PROFILE_ID) +TARGET_INSTALLER_DIR := $(TARGET_BUILD_DIR)/installer +TARGET_SYSROOT_DIR := $(TARGET_BUILD_DIR)/sysroot + +.PHONY: all builddir installer sysroot-base sysroot-ansible sysroot-cleanup sysroot-archive sysroot-binary clean + +all: sysroot-binary + +builddir: + mkdir -p $(TARGET_BUILD_DIR) + +installer: builddir + rm -rf $(TARGET_INSTALLER_DIR) + mkdir -p $(TARGET_INSTALLER_DIR) + cp $(INSTALLERDIR)/install.sh $(TARGET_INSTALLER_DIR)/install.sh + cp $(INSTALLERDIR)/distro-setup.sh $(TARGET_INSTALLER_DIR)/distro-setup.sh + chmod +x $(TARGET_INSTALLER_DIR)/install.sh + chmod +x $(TARGET_INSTALLER_DIR)/distro-setup.sh + + sed -i -e "s/%%DISTR0_VER%%/$(OS_RELEASE_VER)/" $(TARGET_INSTALLER_DIR)/install.sh + sed -i -e "s/%%MACHINE_ID%%/$(SUPPORTED_MACHINE_ID)/" $(TARGET_INSTALLER_DIR)/install.sh + sed -i -e "s/%%CHROOT_PKG%%/$(CHROOT_PKG)/" $(TARGET_INSTALLER_DIR)/install.sh + sed -i -e "s/%%KERNAL_ARGS%%/$(KERNEL_ARGS)/" $(TARGET_INSTALLER_DIR)/install.sh + sed -i -e "s/%%GRUB_SERIAL_COMMAND%%/$(GRUB_SERIAL_COMMAND)/" $(TARGET_INSTALLER_DIR)/install.sh + sed -i -e "s/%%SIZE_PART_SYSROOT%%/$(SIZE_PART_SYSROOT)/" $(TARGET_INSTALLER_DIR)/install.sh + sed -i -e "s/%%SIZE_PART_UPDATE%%/$(SIZE_PART_UPDATE)/" $(TARGET_INSTALLER_DIR)/install.sh + + sed -i '/sapp:/d;/tfe:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml + +sysroot-base: builddir + $(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) $(PROFILE_ID) + +sysroot-verfile: sysroot-base + sed -i -e "s/^NAME=.*/NAME=\"TSG-OS\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release + sed -i -e "s/^VERSION=.*/VERSION=\"$(OS_RELEASE_VER) ($(PROFILE_ID_IN_SHORT))\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release + sed -i -e "s/^PRETTY_NAME=.*/PRETTY_NAME=\"TSG-OS $(OS_RELEASE_VER) ($(PROFILE_ID_IN_SHORT))\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release + +sysroot-ansible: sysroot-verfile sysroot-base + cp $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR)/tmp/ -r + cp $(CONFDIR)/resolv.conf $(TARGET_SYSROOT_DIR)/etc/ -r + cp $(TARGET_SYSROOT_DIR)/etc/hosts $(TARGET_SYSROOT_DIR)/tmp/ -r + cp /etc/hosts $(TARGET_SYSROOT_DIR)/etc/ -r + $(TOOLSDIR)/ansible-HAL $(PROFILE_ID) $(PROJECTDIR) $(TARGET_SYSROOT_DIR) /tmp/yum.conf + cp $(TARGET_SYSROOT_DIR)/tmp/hosts $(TARGET_SYSROOT_DIR)/etc/ -r + +sysroot-cleanup: + rm -rf $(TARGET_SYSROOT_DIR)/tmp/* + rm -rf $(TARGET_SYSROOT_DIR)/dev/* + +sysroot-archive: installer sysroot-ansible sysroot-cleanup + tar --exclude=*~ --exclude-backups --owner=root --group=root -c -C $(TARGET_SYSROOT_DIR) . | pbzip2 -p9 > $(TARGET_INSTALLER_DIR)/$(CHROOT_PKG) + +sysroot-binary: sysroot-archive + mkdir -p $(TARGET_BUILD_DIR)/cook-bits + $(TOOLSDIR)/cook-bits $(TARGET_BUILD_DIR) $(TARGET_BUILD_DIR)/cook-bits $(IMAGEDIR_BASE)/$(CHROOT_BIN) + sha256sum $(IMAGEDIR_BASE)/$(CHROOT_BIN) | awk '{print $$1}' > $(IMAGEDIR_BASE)/$(CHROOT_BIN).sha256sum.txt + +clean: + rm -rf $(TARGET_BUILD_DIR) \ No newline at end of file diff --git a/tools/mk-base-image b/tools/mk-base-image index 5e7ca125..2c3071c3 100755 --- a/tools/mk-base-image +++ b/tools/mk-base-image @@ -9,7 +9,12 @@ yum_config=$1 target=$2 projectdir=$3 -kernel_version="5.4.159-1.el7.elrepo.x86_64" +profile_id=$4 +if [ $profile_id == "TSG-X-NXR620G40-R01-P1403" ];then + kernel_version="3.10.0-1160.59.1.el7.x86_64" +else + kernel_version="5.4.159-1.el7.elrepo.x86_64" +fi set -ex @@ -24,8 +29,9 @@ setopt="group_package_types=mandatory,default,optional" yum -c "$yum_config" --installroot="$target" -y makecache yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt install $package_to_install -yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt localinstall $locak_package_to_install - +if [ $profile_id != "TSG-X-NXR620G40-R01-P1403" ];then + yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt localinstall $locak_package_to_install +fi #git clone --depth 1 https://github.com/brendangregg/FlameGraph.git /opt/tools/FlameGraph/ #git clone --depth 1 https://github.com/brendangregg/perf-tools.git /opt/tools/perf-tools/ test -d "$target"/opt/tools/ || mkdir -p "$target"/opt/tools/