gfwleak/tsg-tsg-os-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature:TSG-9946:tsg os适配 TSG-X-P1403平台

Browse Source
This commit is contained in:
fumingwei
2022-03-14 11:39:17 +08:00
parent ab30a458fe
commit 50f563b6a6
35 changed files with 1022 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
.gitlab-ci.yml
View File

@@ -48,6 +48,18 @@ feature_branch_build_9000:
- /^rel-.*$/i - /^rel-.*$/i
- /^update-.*$/i - /^update-.*$/i
feature_branch_build_TSGXP1403:
stage: build
extends: .build_tsg-buildimage
variables:
PROFILE_LIST: TSGXNXR620G40R01P1403
DALIY_BUILD_VERSION: 1
except:
- tags
- /^dev-.*$/i
- /^rel-.*$/i
- /^update-.*$/i
feature_branch_build_server_unlocked: feature_branch_build_server_unlocked:
stage: build stage: build
extends: .build_tsg-buildimage extends: .build_tsg-buildimage
@@ -113,6 +125,19 @@ develop_build_9000:
only: only:
- /^dev-.*$/i - /^dev-.*$/i
develop_build_TSGXP1403:
stage: build
extends: .build_tsg-buildimage
variables:
PROFILE_LIST: TSGXNXR620G40R01P1403
UPLOAD_TO_FILE_REPO: 1
PULP3_FILE_REPO_NAME: tsg-os-images-develop
PULP3_FILE_DIST_NAME: tsg-os-images-develop
DALIY_BUILD_VERSION: 1
FILE_REPO_PATH: install/develop/tsg-os-images
only:
- /^dev-.*$/i
develop_build_server_unlocked: develop_build_server_unlocked:
stage: build stage: build
extends: .build_tsg-buildimage extends: .build_tsg-buildimage
@@ -180,6 +205,19 @@ testing_build_9000:
only: only:
- /^rel-.*$/i - /^rel-.*$/i
testing_build_TSGXP1403:
stage: build
extends: .build_tsg-buildimage
variables:
PROFILE_LIST: TSGXNXR620G40R01P1403
UPLOAD_TO_FILE_REPO: 1
PULP3_FILE_REPO_NAME: tsg-os-images-testing
PULP3_FILE_DIST_NAME: tsg-os-images-testing
FILE_REPO_PATH: install/testing/tsg-os-images
DALIY_BUILD_VERSION: 1
only:
- /^rel-.*$/i
testing_build_server_unlocked: testing_build_server_unlocked:
stage: build stage: build
extends: .build_tsg-buildimage extends: .build_tsg-buildimage
@@ -247,6 +285,19 @@ rc_build_9000:
only: only:
- /^.*-rc.*$/i - /^.*-rc.*$/i
rc_build_TSGXP1403:
stage: build
extends: .build_tsg-buildimage
variables:
PROFILE_LIST: TSGXNXR620G40R01P1403
UPLOAD_TO_FILE_REPO: 1
DALIY_BUILD_VERSION: 0
PULP3_FILE_REPO_NAME: tsg-os-images-rc
PULP3_FILE_DIST_NAME: tsg-os-images-rc
FILE_REPO_PATH: install/rc/tsg-os-images
only:
- /^.*-rc.*$/i
rc_build_server_unlocked: rc_build_server_unlocked:
stage: build stage: build
extends: .build_tsg-buildimage extends: .build_tsg-buildimage
@@ -320,6 +371,21 @@ release_build_9000:
except: except:
- /^.*-rc.*$/i - /^.*-rc.*$/i
release_build_TSGXP1403:
stage: build
extends: .build_tsg-buildimage
variables:
PROFILE_LIST: TSGXNXR620G40R01P1403
UPLOAD_TO_FILE_REPO: 1
DALIY_BUILD_VERSION: 0
PULP3_FILE_REPO_NAME: tsg-os-images-release
PULP3_FILE_DIST_NAME: tsg-os-images-release
FILE_REPO_PATH: install/release/tsg-os-images
only:
- tags
except:
- /^.*-rc.*$/i
release_build_server_unlocked: release_build_server_unlocked:
stage: build stage: build
extends: .build_tsg-buildimage extends: .build_tsg-buildimage

23
ansible/HAL_deploy.yml
View File

@@ -86,3 +86,26 @@
- {role: nz-talon, tags: nz-talon} - {role: nz-talon, tags: nz-talon}
- {role: tsg-os-provision-condition, tags: tsg-os-provision-condition} - {role: tsg-os-provision-condition, tags: tsg-os-provision-condition}
- {role: hasp, tags: hasp} - {role: hasp, tags: hasp}
- hosts: TSG-X-NXR620G40-R01-P1403
remote_user: root
vars_files:
- install_config/group_vars/HAL_TSGXNXR620G40R01P1403.yml
- install_config/group_vars/rpm_version.yml
roles:
- {role: tsg-os-provision, tags: tsg-os-provision}
- {role: tsg_device_tag, tags: tsg_device_tag}
- {role: tsg_sn, tags: tsg_sn}
- {role: framework, tags: framework}
- {role: mrzcpd, tags: mrzcpd}
- {role: sapp, tags: sapp}
- {role: tsg_master, tags: tsg_master}
- {role: firewall, tags: firewall}
- {role: tsg_app, tags: tsg_app}
- {role: telegraf_statistic, tags: telegraf_statistic}
- {role: exporter, tags: exporter}
- {role: system-init-TSG-X-P1403, tags: system-init-TSG-X-P1403}
- {role: system-init, tags: system-init}
- {role: tsg-os-provision-condition, tags: tsg-os-provision-condition}
- {role: hasp, tags: hasp}
- {role: OFED, tags: OFED}

36
ansible/install_config/group_vars/HAL_TSGXNXR620G40R01P1403.yml Normal file
View File

@@ -0,0 +1,36 @@
control_and_policy:
nic_name: "{% raw %}{{ network_setting.nic_policy_log.name }}{% endraw %}"
workload_zcpd:
cpu_affinity: "{% raw %}{{ workload_zcpd_cpu_affinity }}{% endraw %}"
hugepage_num_1G: 32
workload_firewall:
cpu_affinity: "{% raw %}{{ workload_firewall_cpu_affinity }}{% endraw %}"
worker_threads: "{% raw %}{{ workload_firewall_worker_threads }}{% endraw %}"
send_only_threads_max: 0
dp_traffic_mirror:
nic_name: eth_mirr_d
traffic_mirror_vlan_id: 0
dp_steering_firewall:
#deloyment value: mirror,inline, transparent. mirror = one arm + mirror, inline = one arm + series, transparent = two arm + series
deployment: inline
#encapsulation value: vlan, vxlan, raw, provision
encapsulation: vxlan
# capture_packet value: pcap, driver
capture_packet: driver
nic_internal: "{% raw %}{{ network_setting.nic_raw.name }}{% endraw %}"
enable_mirror: 0
prefix_path:
mrzcpd: /opt/tsg/mrzcpd
framework: /opt/tsg/framework
sapp: /opt/tsg/sapp
monitor:
enable_redis_exporter: 1
enable_ipmi_exporter: 1
### TSG-server, TSG-7400-mcn0 TSG-7400-mcn123 TSG-9140
runtime_env: TSG-X-P1403

BIN
ansible/roles/OFED/files/MLNX_OFED_LINUX-5.5-1.0.3.2-rhel7.9-x86_64-ext.tgz Normal file
View File

Binary file not shown.

19
ansible/roles/OFED/tasks/main.yml Normal file
View File

@@ -0,0 +1,19 @@
---
- name: "copy OFED installer package to to destination server"
copy:
src: "{{ role_path }}/files/"
dest: "/tmp/OFED/"
- name: "create unarchive directory"
file:
path: "/tmp/OFED/unarchived"
state: directory
- name: "unarchive OFED installer"
unarchive:
src: /tmp/OFED/MLNX_OFED_LINUX-5.5-1.0.3.2-rhel7.9-x86_64-ext.tgz
dest: /tmp/OFED/unarchived/
remote_src: yes
- name: "execute OFED installer"
shell: /tmp/OFED/unarchived/MLNX_OFED_LINUX-5.5-1.0.3.2-rhel7.9-x86_64-ext/mlnxofedinstall --add-kernel-support --kernel 3.10.0-1160.59.1.el7.x86_64 --force --without-depcheck

7
ansible/roles/mrzcpd/tasks/main.yml
View File

@@ -77,6 +77,13 @@
when: when:
- runtime_env == 'TSG-server' - runtime_env == 'TSG-server'
- name: "update mrglobal.conf - TSG-X-P1403"
template:
src: "{{ role_path }}/templates/mrglobal.conf.j2.j2.TSGXNXR620G40R01P1403"
dest: /opt/tsg/tsg-os-provision/templates/mrglobal.conf.j2
when:
- runtime_env == 'TSG-X-P1403'
- name: "replace action: replace service WantedBy from multi-user.target to workload.target" - name: "replace action: replace service WantedBy from multi-user.target to workload.target"
replace: replace:
path: "{{ item }}" path: "{{ item }}"

54
ansible/roles/mrzcpd/templates/mrglobal.conf.j2.j2.TSGXNXR620G40R01P1403 Normal file
View File

@@ -0,0 +1,54 @@
[device]
device={{ dp_steering_firewall.nic_internal }}
sz_tunnel=8192
sz_buffer=0
[device:{{ dp_steering_firewall.nic_internal }}]
{% raw %}in_addr={{etherfabric_settings.keepalive.ip}}
in_mask={{etherfabric_settings.keepalive.mask}}
{% endraw %}
vlan-filter=1
vlan-pvid=0
vlan-pvid-mode=2
promisc=1
allmulticast=1
rssmode=0
mtu=2048
[service]
# lcore id for i/o service, use comma to split
iocore={{ workload_zcpd.cpu_affinity }}
{% raw %}{% if session_distribution_policy.hash_key == 'outer-most-sip-dip' %}
distmode=0
{% endif %}
{% if session_distribution_policy.hash_key == 'outer-most-sip-dip-sport-dport' %}
distmode=1
{% endif %}
{% if session_distribution_policy.hash_key == 'inner-most-sip-dip' %}
distmode=2
{% endif %}
{% if session_distribution_policy.hash_key == 'inner-most-sip-dip-sport-dport' %}
distmode=3
{% endif %}
{% if session_distribution_policy.hash_key == 'hardware' %}
distmode=4
{% endif %}
{% endraw %}
hashmode=0
[eal]
virtaddr=0x7f40c4a00000
loglevel=7
[keepalive]
check_spinlock=1
[ctrlzone]
ctrlzone0=tunnat,64
[pool]
create_mode=3
sz_direct_pktmbuf=4194304
sz_indirect_pktmbuf=8192
sz_cache=256
sz_data=4096

16
ansible/roles/sapp/tasks/main.yml
View File

@@ -56,6 +56,14 @@
src: "{{ role_path }}/templates/send_raw_pkt.conf.j2" src: "{{ role_path }}/templates/send_raw_pkt.conf.j2"
dest: /opt/tsg/sapp/etc/send_raw_pkt.conf dest: /opt/tsg/sapp/etc/send_raw_pkt.conf
tags: template tags: template
when: runtime_env != 'TSG-X-P1403'
- name: Template the send_raw_pkt.conf
template:
src: "{{ role_path }}/templates/send_raw_pkt.conf.j2"
dest: /opt/tsg/tsg-os-provision/templates/send_raw_pkt.conf.j2
tags: template
when: runtime_env == 'TSG-X-P1403'
- name: Template the conflist.inf - tsg_server - name: Template the conflist.inf - tsg_server
template: template:
@@ -97,6 +105,14 @@
when: when:
- runtime_env == 'TSG-7400-mcn0' - runtime_env == 'TSG-7400-mcn0'
- name: Template the vlan_flipping_map.conf - tsg-x-p1403
template:
src: "{{ role_path }}/templates/vlan_flipping_map.conf.j2.TSGXNXR620G40R01P1403"
dest: /opt/tsg/sapp/etc/vlan_flipping_map.conf
tags: template
when:
- runtime_env == 'TSG-X-P1403'
- name: Template the sapp_log.conf - name: Template the sapp_log.conf
template: template:
src: "{{ role_path }}/templates/sapp_log.conf.j2" src: "{{ role_path }}/templates/sapp_log.conf.j2"

10
ansible/roles/sapp/templates/vlan_flipping_map.conf.j2.TSGXNXR620G40R01P1403 Normal file
View File

@@ -0,0 +1,10 @@
#for inline a device vlan flipping
#数据包来自C路由器端, 即C2I(I2E)方向,
#数据包来自I路由器端, 即I2C(E2I)方向,
#平台会根据vlan_id,设置当前包route_dir的值, 以便上层业务插件做两个方向的流量统计,
#如果一对vlan_id写反了, 网络是通的, 但是I2E,E2I的流量统计就颠倒了.
#配置文件格式, pattern:
#来自C路由器vlan_id 来自I路由器vlan_id 是否开启mac地址翻转
#C_router_vlan_id I_router_vlan_id mac_flipping_enable
4000 4001 0

136
ansible/roles/system-init-TSG-X-P1403/tasks/main.yml Normal file
View File

@@ -0,0 +1,136 @@
---
# systemctl set-property user.slice CPUShares=1500 MemoryLimit=13G
# systemctl set-property system.slice CPUShares=1000 MemoryLimit=13G
# systemctl set-property workload.slice CPUShares=7500 MemoryLimit=100G
# workload.slice
- name: "Create /usr/lib/systemd/system/workload.slice.d/ directory if it does not exist"
file:
path: "{{ item }}"
state: directory
mode: '0755'
with_items:
- /usr/lib/systemd/system/workload.slice.d/
- name: "copy 50-CPUShares.conf to workload.slice.d"
copy:
src: "{{ role_path }}/templates/override_workload_slice_cpu.conf.j2"
dest: /usr/lib/systemd/system/workload.slice.d/50-CPUShares.conf
mode: 0644
- name: "copy 50-MemoryLimit.conf to workload.slice.d"
copy:
src: "{{ role_path }}/templates/override_workload_slice_mem.conf.j2"
dest: /usr/lib/systemd/system/workload.slice.d/50-MemoryLimit.conf
mode: 0644
# user.slice
- name: "Create /usr/lib/systemd/system/user.slice.d/ directory if it does not exist"
file:
path: "{{ item }}"
state: directory
mode: '0755'
with_items:
- /usr/lib/systemd/system/user.slice.d/
- name: "copy 50-CPUShares.conf to user.slice.d"
copy:
src: "{{ role_path }}/templates/override_user_slice_cpu.conf.j2"
dest: /usr/lib/systemd/system/user.slice.d/50-CPUShares.conf
mode: 0644
- name: "copy 50-MemoryLimit.conf to user.slice.d"
copy:
src: "{{ role_path }}/templates/override_user_slice_mem.conf.j2"
dest: /usr/lib/systemd/system/user.slice.d/50-MemoryLimit.conf
mode: 0644
# system.slice
- name: "Create /usr/lib/systemd/system/system.slice.d/ directory if it does not exist"
file:
path: "{{ item }}"
state: directory
mode: '0755'
with_items:
- /usr/lib/systemd/system/system.slice.d/
- name: "copy 50-CPUShares.conf to system.slice.d"
copy:
src: "{{ role_path }}/templates/override_system_slice_cpu.conf.j2"
dest: /usr/lib/systemd/system/system.slice.d/50-CPUShares.conf
mode: 0644
- name: "copy 50-MemoryLimit.conf to system.slice.d"
copy:
src: "{{ role_path }}/templates/override_system_slice_mem.conf.j2"
dest: /usr/lib/systemd/system/system.slice.d/50-MemoryLimit.conf
mode: 0644
# 启用 IPMI
- name: "copy ipmi.conf to /etc/sysconfig/ipmi"
copy:
src: "{{ role_path }}/templates/ipmi.conf.j2"
dest: /etc/sysconfig/ipmi
mode: 0644
- name: "enable ipmi"
systemd:
name: ipmi
enabled: yes
# 启用 Watchdog
- name: "copy watchdog.conf to /etc/watchdog.conf"
copy:
src: "{{ role_path }}/templates/watchdog.conf.j2"
dest: /etc/watchdog.conf
mode: 0644
- name: "enable watchdog"
systemd:
name: watchdog
enabled: yes
- name: "enable irqbalance"
systemd:
name: irqbalance
enabled: yes
# poweroff guard
- name: "templates poweroff-guard.service.j2"
template:
src: "{{role_path}}/templates/poweroff-guard.service.j2"
dest: /usr/lib/systemd/system/poweroff-guard.service
tags: template
- name: "templates start-poweroff-guard.service.j2"
template:
src: "{{role_path}}/templates/start-poweroff-guard.service.j2"
dest: /usr/lib/systemd/system/start-poweroff-guard.service
tags: template
- name: 'poweroff-guard service start'
systemd:
name: poweroff-guard
enabled: yes
- name: 'start-poweroff-guard service start'
systemd:
name: start-poweroff-guard
enabled: yes
#Set CPU frequency scaling
- name: "copy cpupower.j2 to /etc/sysconfig/cpupower"
copy:
src: "{{ role_path }}/templates/cpupower.j2"
dest: /etc/sysconfig/cpupower
mode: 0644
- name: "enable cpupower"
systemd:
name: cpupower
enabled: yes
#not wanted dev-hugepages.mount
- name: 'do not wanted dev-hugepages.mount'
file:
path: "/usr/lib/systemd/system/sysinit.target.wants/dev-hugepages.mount"
state: absent

3
ansible/roles/system-init-TSG-X-P1403/templates/cpupower.j2 Normal file
View File

@@ -0,0 +1,3 @@
# See 'cpupower help' and cpupower(1) for more info
CPUPOWER_START_OPTS="frequency-set -g performance"
CPUPOWER_STOP_OPTS="frequency-set -g powersave"

69
ansible/roles/system-init-TSG-X-P1403/templates/ipmi.conf.j2 Normal file
View File

@@ -0,0 +1,69 @@
## Path: Hardware/IPMI
## Description: Enable standard hardware interfaces (KCS, BT, SMIC)
## Type: yesno
## Default: "yes"
## Config: ipmi
# Enable standard hardware interfaces (KCS, BT, SMIC)
# You probably want this enabled.
# IPMI_SI disabled by OpenIPMI-modalias rpm scriplet
IPMI_SI=no
## Path: Hardware/IPMI
## Description: Enable /dev/ipmi0 interface, used by ipmitool, ipmicmd,
## Type: yesno
## Default: "yes"
## Config: ipmi
# Enable /dev/ipmi0 interface, used by ipmitool, ipmicmd,
# and other userspace IPMI-using applications.
# You probably want this enabled.
DEV_IPMI=yes
## Path: Hardware/IPMI
## Description: Enable IPMI_WATCHDOG if you want the IPMI watchdog
## Type: yesno
## Default: "no"
## Config: ipmi
# Enable IPMI_WATCHDOG if you want the IPMI watchdog
# to reboot the system if it hangs
IPMI_WATCHDOG=yes
## Path: Hardware/IPMI
## Description: Watchdog options - modinfo ipmi_watchdog for details
## Type: string
## Default: "timeout=60"
## Config: ipmi
# Watchdog options - modinfo ipmi_watchdog for details
# watchdog timeout value in seconds
# as there is no userspace ping application that runs during shutdown,
# be sure to give it enough time for any device drivers to
# do their cleanup (e.g. megaraid cache flushes)
# without the watchdog triggering prematurely
IPMI_WATCHDOG_OPTIONS="timeout=600 action=reset"
## Path: Hardware/IPMI
## Description: Enable IPMI_POWEROFF if you want the IPMI poweroff module to be loaded.
## Type: yesno
## Default: "no"
## Config: ipmi
# Enable IPMI_POWEROFF if you want the IPMI
# poweroff module to be loaded.
IPMI_POWEROFF=no
## Path: Hardware/IPMI
## Description: Enable IPMI_POWERCYCLE if you want the system to be power-cycled on reboot
## Type: yesno
## Default: "no"
## Config: ipmi
# Enable IPMI_POWERCYCLE if you want the system to be power-cycled (power
# down, delay briefly, power on) rather than power off, on systems
# that support such. IPMI_POWEROFF=yes is also required.
IPMI_POWERCYCLE=no
## Path: Hardware/IPMI
## Description: Enable "legacy" interfaces for applications
## Type: yesno
## Default: "no"
## Config: ipmi
# Enable "legacy" interfaces for applications
# Intel IMB driver interface
IPMI_IMB=no

2
ansible/roles/system-init-TSG-X-P1403/templates/override_system_slice_cpu.conf.j2 Normal file
View File

@@ -0,0 +1,2 @@
[Slice]
CPUShares=1000

2
ansible/roles/system-init-TSG-X-P1403/templates/override_system_slice_mem.conf.j2 Normal file
View File

@@ -0,0 +1,2 @@
[Slice]
MemoryLimit=13G

2
ansible/roles/system-init-TSG-X-P1403/templates/override_user_slice_cpu.conf.j2 Normal file
View File

@@ -0,0 +1,2 @@
[Slice]
CPUShares=1500

2
ansible/roles/system-init-TSG-X-P1403/templates/override_user_slice_mem.conf.j2 Normal file
View File

@@ -0,0 +1,2 @@
[Slice]
MemoryLimit=13G

2
ansible/roles/system-init-TSG-X-P1403/templates/override_workload_slice_cpu.conf.j2 Normal file
View File

@@ -0,0 +1,2 @@
[Slice]
CPUShares=7500

2
ansible/roles/system-init-TSG-X-P1403/templates/override_workload_slice_mem.conf.j2 Normal file
View File

@@ -0,0 +1,2 @@
[Slice]
MemoryLimit=100G

6
ansible/roles/system-init-TSG-X-P1403/templates/poweroff-guard.service.j2 Normal file
View File

@@ -0,0 +1,6 @@
[Unit]
Description=Poweroff Guard
[Service]
ExecStart=/bin/true
[Install]
RequiredBy=poweroff.target

6
ansible/roles/system-init-TSG-X-P1403/templates/start-poweroff-guard.service.j2 Normal file
View File

@@ -0,0 +1,6 @@
[Unit]
Description=Start Poweroff Guard
[Service]
ExecStart=/bin/systemctl enable poweroff-guard
[Install]
WantedBy=multi-user.target

51
ansible/roles/system-init-TSG-X-P1403/templates/watchdog.conf.j2 Normal file
View File

@@ -0,0 +1,51 @@
#ping = 172.31.14.1
#ping = 172.26.1.255
#interface = eth0
#file = /var/log/messages
#change = 1407
# Uncomment to enable test. Setting one of these values to '0' disables it.
# These values will hopefully never reboot your machine during normal use
# (if your machine is really hung, the loadavg will go much higher than 25)
#max-load-1 = 24
#max-load-5 = 18
#max-load-15 = 12
# Note that this is the number of pages!
# To get the real size, check how large the pagesize is on your machine.
#min-memory = 1
# With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/
# or /etc/watchdog.d/ for your test-binary and repair-binary configuration.
#repair-binary = /usr/sbin/repair
#repair-timeout =
#test-binary =
#test-timeout =
watchdog-device = /dev/watchdog
# Defaults compiled into the binary
#temperature-device =
#max-temperature = 120
# Defaults compiled into the binary
#admin = root
interval = 20
#logtick = 1
#log-dir = /var/log/watchdog
# This greatly decreases the chance that watchdog won't be scheduled before
# your machine is really loaded
realtime = yes
priority = 1
# When using custom service pid check with custom service
# systemd unit file please be aware the "Requires="
# does dependent service deactivation.
# Using "Before=watchdog.service" or "Before=watchdog-ping.service"
# in the custom service unit file may be the desired operation instead.
# See man 5 systemd.unit for more details.
#
# Check if rsyslogd is still running by enabling the following line
#pidfile = /var/run/rsyslogd.pid

3
ansible/roles/system-init/tasks/main.yml
View File

@@ -60,4 +60,5 @@
shell: sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config shell: sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
- name: "update initramfs" - name: "update initramfs"
shell: dracut --force -v /boot/initramfs-5.4.159-1.el7.elrepo.x86_64.img 5.4.159-1.el7.elrepo.x86_64 shell: dracut --force -v /boot/initramfs-5.4.159-1.el7.elrepo.x86_64.img 5.4.159-1.el7.elrepo.x86_64
when: runtime_env != 'TSG-X-P1403'

14
ansible/roles/tsg-os-provision-condition/tasks/main.yml
View File

@@ -45,3 +45,17 @@
- tfe-env - tfe-env
- tfe - tfe
when: runtime_env == 'TSG-7400-mcn123' when: runtime_env == 'TSG-7400-mcn123'
- name: "add condition into service depend provision result TSG-X-P1403"
copy:
src: "{{ role_path }}/files/service_add_ConditionPathExists.conf"
dest: "/usr/lib/systemd/system/{{ item }}.service.d/"
mode: 0644
with_items:
- mrapm_device
- mrapm_stream
- mrenv
- mrzcpd
- sapp
- telegraf_statistic
when: runtime_env == 'TSG-X-P1403'

83
ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403 Normal file
View File

@@ -0,0 +1,83 @@
feature:
enable_policy_local_cache: 1
enable_stream_bypass_under_ddos: 0
firewall:
enable: 1
enable_hos: 1
proxy:
enable: 0
enable_hos: 0
sessionrecord:
enable: 1
enable_dns_record: 1
enable_rtp_record: 1
capturepacket:
enable: 1
radius:
enable: 1
app_behavior:
enable: 0
gtp:
enable_gtp_c_record: 1
wannat:
enable: 0
nat_gateway_address: "127.0.0.1"
reachability_test_server_address: "127.0.0.1"
reachability_test_server_port: 8888
feedback_linkinfo_interval: 30
nat_gateway_broadcast_session_port: 5671
reachability_test_server_broadcast_session_port: 5672
reachability_test_server_tunnel_port: 3542
wan_gateway_listen_port_range_left_edge: 3545
nat_gateway_listen_port: 3544
enable_link_info_recording: 1
ddossketch:
enable: 1
tcp_flood_report_thresh: 0.0008
udp_flood_report_thresh: 0.0008
icmp_flood_report_thresh: 0.0008
dns_flood_report_thresh: 0.0008
app:
identify_by:
user_defined_signature: 1
builtin_app_engine: 1
coredump:
format: none
collect: local
sentry_url: http://127.0.0.1:9000/api/2/minidump/
advanced_settings:
stream_tcp_max: 50000
stream_tcp_timeout: 30
stream_udp_max: 50000
stream_udp_timeout: 60
stream_bypass_trigger_cpu_usage: 90
cm:
policy_server:
port_num: 1
db_static: 0
db_dynamic: 1
#####session_distribution_policy.hash_key in [outer-most-sip-dip,outer-most-sip-dip-sport-dport,inner-most-sip-dip,inner-most-sip-dip-sport-dport]
session_distribution_policy:
mode: sym-hash
hash_key: inner-most-sip-dip
cpu_layouts:
- match:
model_name: "5318Y"
sockets: 2
sapp_affinity: [4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91]
mrzcpd_affinity: [92,93,94,95]

70
ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P1403 Normal file
View File

@@ -0,0 +1,70 @@
version: 1
device:
tags:
- key1: value1
- key2: value2
session_id_generator:
snowflake_worker_id_base: 1
snowflake_worker_id_offset: 1
feature:
enable_policy_local_cache: 1
enable_stream_bypass_under_ddos: 0
firewall:
enable: 0/1
sessionrecord:
enable: 0/1
enable_dns_record: 0/1
enable_rtp_record: 0/1
capturepacket:
enable: 0/1
radius:
enable: 0/1
gtp:
enable_gtp_c_record: 0/1
ddossketch:
enable: 0/1
app:
identify_by:
user_defined_signature: 0/1
builtin_app_engine: 0/1
cm:
policy_server:
address: "127.0.0.1"
port: 7002
olap:
kafka_broker:
address_list: ['1.1.1.1:9092','2.2.2.2:9092']
hos_server:
address: "127.0.0.1"
port: 9098
# npb_device value in [inline_device, tera,direct,etherfabric]
npb_device: etherfabric
etherfabric_settings:
keepalive:
ip: 127.0.0.1
mask: 255.255.255.0
network_setting:
nic_policy_log:
name: eth0
nic_raw:
name: eth0
coredump:
format: minidump/core/none
collect: local/sentry
sentry_url: http://127.0.0.1:9000/api/2/minidump/?sentry_key=3203b43fd5384a7dbe6a48ecb1f3c595

13
ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSGXP1403 Normal file
View File

@@ -0,0 +1,13 @@
[Unit]
Description=Tsg os provision
DefaultDependencies=no
Conflicts=shutdown.target
After=local-fs.target
Before=sysinit.target shutdown.target systemd-update-done.service
ConditionNeedsUpdate=|/etc
ConditionFileNotEmpty=|/usr
[Service]
ExecStart=/bin/sh -c "/opt/tsg/tsg-os-provision/scripts/provision.sh 0"
Type=oneshot
RemainAfterExit=yes

180
ansible/roles/tsg-os-provision/files/tasks/provision.yml.TSGXNXR620G40R01P1403 Normal file
View File

@@ -0,0 +1,180 @@
---
- hosts: provision
tasks:
- name: Load default config file variable
include_vars:
file: /opt/tsg/tsg-os-provision/provision.default.yml
- name: Load general config file variable
include_vars:
file: /data/tsg-os-provision/provision.yml
- name: Load provision.yml.d config file variable
include_vars:
dir: /data/tsg-os-provision/provision.yml.d/
ignore_unknown_extensions: yes
extensions:
- 'yml'
- 'yaml'
######setting cpu affinity start######
- name: obtain cpu layout info
set_fact:
cpu_layout_obtained: "{{ item }}"
loop: "{{ cpu_layouts }}"
when:
- ansible_facts.processor[2] is search(item.match.model_name)
- ansible_facts.processor_count == item.match.sockets
- name: set cpu affinity variable
set_fact:
workload_firewall_cpu_affinity: "{{ cpu_layout_obtained.sapp_affinity | join(',') }}"
workload_zcpd_cpu_affinity: "{{ cpu_layout_obtained.mrzcpd_affinity | join(',')}}"
workload_firewall_worker_threads: "{{ cpu_layout_obtained.sapp_affinity | length }}"
######setting cpu affinity end######
- name: "set keep_alive_ip"
set_fact:
gdev_conf_keep_alive_ip: "{{ etherfabric_settings.keepalive.ip }}"
- name: "set cm_policy_server_ip and cm_policy_server_port"
set_fact:
cm_policy_server_ip: "{{cm.policy_server.address}}"
cm_policy_server_port: "{{ cm.policy_server.port }}"
- name: "tsg-os-provision: Template the conflist.inf"
template:
src: ../templates/conflist.inf.j2
dest: /opt/tsg/sapp/plug/conflist.inf
tags: sapp
- name: "tsg-os-provision: template gdev.conf file"
template:
src: "../templates/gdev.conf.j2"
dest: /opt/tsg/sapp/etc/gdev.conf
tags: sapp
- name: "tsg-os-provision: template mrglobal.conf file"
template:
src: "../templates/mrglobal.conf.j2"
dest: /opt/tsg/mrzcpd/etc/mrglobal.conf
tags: mrzcpd
- name: "tsg-os-provision: Template the tsgconf/main.conf"
template:
src: "../templates/main.conf.j2"
dest: /opt/tsg/sapp/tsgconf/main.conf
tags: firewall
- name: "tsg-os-provision: Template the tsgconf/maat.conf"
template:
src: "../templates/maat.conf.j2"
dest: /opt/tsg/sapp/tsgconf/maat.conf
tags: firewall
- name: "tsg-os-provision: Template the tsg_conn_sketch.inf"
template:
src: "../templates/tsg_conn_sketch.inf.j2"
dest: /opt/tsg/sapp/plug/business/tsg_conn_sketch/tsg_conn_sketch.inf
tags: firewall
- name: "tsg-os-provision: Template the sapp.toml"
template:
src: "../templates/sapp.toml.j2"
dest: /opt/tsg/sapp/etc/sapp.toml
tags: sapp
- name: "tsg-os-provision: Template the send_raw_pkt.conf"
template:
src: "../templates/send_raw_pkt.conf.j2"
dest: /opt/tsg/sapp/etc/send_raw_pkt.conf
tags: sapp
- name: "tsg-os-provision: Templates telegraf.conf"
template:
src: "../templates/telegraf_statistic.conf.j2"
dest: /etc/telegraf/telegraf_statistic.conf
tags: telegraf_statistic
- name: "mkdir /opt/tsg/etc/"
file:
path: /opt/tsg/etc
state: directory
- name: "tsg-os-provision: obtain sn and write sn to tsg_sn.json"
shell: /opt/tsg/tsg-os-provision/scripts/obtain_sn.sh
register: result_exec_obtain_sn_and_write_sn_in_file
- name: "tsg-os-provision: check result_exec_obtain_sn_and_write_sn_in_file"
assert:
that:
- result_exec_obtain_sn_and_write_sn_in_file.rc == 0
- result_exec_obtain_sn_and_write_sn_in_file.failed == False
fail_msg: "error:{{ result_exec_obtain_sn_and_write_sn_in_file.stderr }},stdout:{{ result_exec_obtain_sn_and_write_sn_in_file.stdout_lines }}"
success_msg: "Successded: obtain the sn and write sn into tsg_sn.json"
- name: "tsg-os-provision: template the tsg_device_tag"
template:
src: "../templates/tsg_device_tag.json.j2"
dest: /opt/tsg/etc/tsg_device_tag.json
tags: tsg_device_tag
- name: 'tsg-os-provision: execute command - systemctl daemon-reload'
systemd:
daemon_reload: yes
- name: "tsg-os-provision: coredump setup override - mkdir"
file:
path: /usr/lib/systemd/coredump.conf.d/
state: directory
- name: "tsg-os-provision: coredump setup override - override"
template:
src: "../templates/coredump_setup_override.conf.j2"
dest: /usr/lib/systemd/coredump.conf.d/coredump_setup_override.conf
- name: "tsg-os-provision: snapshot the stage2 config files"
copy:
src: /data/tsg-os-provision/provision.yml
dest: /data/tsg-os-provision/provision.yml.snapshot
- name: add porvision successed sign
file:
path: /data/tsg-os-provision/.provision_succeeded
state: touch
- name: "tsg-os-provision: restart mrenv"
systemd:
name: mrenv
state: restarted
when: enable_config_apply == '1'
- name: "tsg-os-provision: restart mrzcpd"
systemd:
name: mrzcpd
state: restarted
when: enable_config_apply == '1'
- name: "tsg-os-provision: restart mrapm_device"
systemd:
name: mrapm_device
state: restarted
when: enable_config_apply == '1'
- name: "tsg-os-provision: restart mrapm_stream"
systemd:
name: mrapm_stream
state: restarted
when: enable_config_apply == '1'
- name: "tsg-os-provision: restart telegraf_statistic"
systemd:
name: telegraf_statistic
state: restarted
when: enable_config_apply == '1'
- name: "tsg-os-provision: restart sapp"
systemd:
name: sapp
state: restarted
when: enable_config_apply == '1'

45
ansible/roles/tsg-os-provision/tasks/main.yml
View File

@@ -70,6 +70,13 @@
mode: 0644 mode: 0644
when: runtime_env == 'TSG-7400-mcn123' when: runtime_env == 'TSG-7400-mcn123'
- name: "tsg-os-provision: copy tasks file that excutes provision to dest - tsg-x p1403"
copy:
src: "{{ role_path }}/files/tasks/provision.yml.TSGXNXR620G40R01P1403"
dest: /opt/tsg/tsg-os-provision/tasks/provision.yml
mode: 0644
when: runtime_env == 'TSG-X-P1403'
- name: "tsg-os-provision: copy provision.yml.sample file to dest - tsg9140" - name: "tsg-os-provision: copy provision.yml.sample file to dest - tsg9140"
copy: copy:
src: "{{ role_path }}/files/config_sample/provision.yml.sample.9000NPBP01R01" src: "{{ role_path }}/files/config_sample/provision.yml.sample.9000NPBP01R01"
@@ -105,6 +112,13 @@
mode: 0644 mode: 0644
when: runtime_env == 'TSG-server' when: runtime_env == 'TSG-server'
- name: "tsg-os-provision: copy provision.default.yml - TSG-X-P1304"
copy:
src: "{{ role_path }}/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403"
dest: /opt/tsg/tsg-os-provision/provision.default.yml
mode: 0644
when: runtime_env == 'TSG-X-P1403'
- name: "tsg-os-provision: copy provision.yml.sample to dest - tsg7400 mcn0" - name: "tsg-os-provision: copy provision.yml.sample to dest - tsg7400 mcn0"
copy: copy:
src: "{{ role_path }}/files/config_sample/provision.yml.sample.7400MCN0P01R01" src: "{{ role_path }}/files/config_sample/provision.yml.sample.7400MCN0P01R01"
@@ -126,6 +140,13 @@
mode: 0644 mode: 0644
when: runtime_env == 'TSG-server' when: runtime_env == 'TSG-server'
- name: "tsg-os-provision: copy provision.yml.sample to dest - TSG-X-P1304"
copy:
src: "{{ role_path }}/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P1403"
dest: /opt/tsg/tsg-os-provision/provision.yml.sample
mode: 0644
when: runtime_env == 'TSG-X-P1403'
- name: "tsg-os-provision: copy provision.sh file to dest" - name: "tsg-os-provision: copy provision.sh file to dest"
copy: copy:
src: "{{ role_path }}/files/script/{{ item }}" src: "{{ role_path }}/files/script/{{ item }}"
@@ -184,6 +205,30 @@
mode: 0755 mode: 0755
when: runtime_env == 'TSG-9140' or runtime_env == 'TSG-server' when: runtime_env == 'TSG-9140' or runtime_env == 'TSG-server'
######TSG-X-P1403 start######
- name: "install tsg-os-provision.service -- TSG-X-P1403"
copy:
src: "{{ role_path }}/files/service/{{ item.src }}"
dest: /usr/lib/systemd/system/{{ item.dest }}
mode: 0644
with_items:
- { "src": tsg-os-provision.service.TSGXP1403, "dest": tsg-os-provision.service }
when: runtime_env == 'TSG-X-P1403'
- name: "replace action: add service into sysinit.target --TSG-X-P1403"
shell: ln -vfs --relative /usr/lib/systemd/system/{{item}} /usr/lib/systemd/system/sysinit.target.wants/{{item}}
with_items:
- tsg-os-provision.service
when: runtime_env == 'TSG-X-P1403'
- name: "tsg-os-provision: copy tsg-start.sh to dest - TSG-X-P1403"
copy:
src: "{{ role_path }}/files/script/provision-config-apply"
dest: /opt/tsg/tsg-os-provision/
mode: 0755
when: runtime_env == 'TSG-X-P1403'
######TSG-X-P1403 end######
#- name: "tsg-os-provision: install yaml module using pip3" #- name: "tsg-os-provision: install yaml module using pip3"
# pip: # pip:
# name: PyYAML # name: PyYAML

10
ansible/roles/tsg_sn/files/obtain_sn.sh.TSGXP1403 Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/bash -x
sn=`ipmitool fru list |grep 'Product Serial' | awk '{ print $4}'`
if [ -z "$sn" ];then
echo "{\"sn\": \"unknown\"}" > /opt/tsg/etc/tsg_sn.json
echo "device_id=\"unknown\"" > /etc/default/telegraf
exit 0
fi
echo "{\"sn\": \"$sn\"}" > /opt/tsg/etc/tsg_sn.json
echo "device_id=\"$sn\"" > /etc/default/telegraf

9
ansible/roles/tsg_sn/tasks/main.yml
View File

@@ -21,4 +21,11 @@
src: "{{ role_path }}/files/obtain_sn.sh.TSGSERVER" src: "{{ role_path }}/files/obtain_sn.sh.TSGSERVER"
dest: /opt/tsg/tsg-os-provision/scripts/obtain_sn.sh dest: /opt/tsg/tsg-os-provision/scripts/obtain_sn.sh
mode: 0755 mode: 0755
when: runtime_env == 'TSG-server' when: runtime_env == 'TSG-server'
- name: "deploy obtain sn - tsg-x-p1403"
copy:
src: "{{ role_path }}/files/obtain_sn.sh.TSGXP1403"
dest: /opt/tsg/tsg-os-provision/scripts/obtain_sn.sh
mode: 0755
when: runtime_env == 'TSG-X-P1403'

2
make/Makefile.7400MCN0P01R01
View File

@@ -40,7 +40,7 @@ installer: builddir
sed -i '/sapp-pr:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml sed -i '/sapp-pr:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml
sysroot-base: builddir sysroot-base: builddir
$(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) $(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) $(PROFILE_ID)
sysroot-verfile: sysroot-base sysroot-verfile: sysroot-base
sed -i -e "s/^NAME=.*/NAME=\"TSG-OS\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release sed -i -e "s/^NAME=.*/NAME=\"TSG-OS\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release

2
make/Makefile.7400MCN123P01R01
View File

@@ -40,7 +40,7 @@ installer: builddir
sed -i '/tfe-pr:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml sed -i '/tfe-pr:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml
sysroot-base: builddir sysroot-base: builddir
$(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) $(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) $(PROFILE_ID)
sysroot-verfile: sysroot-base sysroot-verfile: sysroot-base
sed -i -e "s/^NAME=.*/NAME=\"TSG-OS\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release sed -i -e "s/^NAME=.*/NAME=\"TSG-OS\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release

2
make/Makefile.9000NPBP01R01
View File

@@ -40,7 +40,7 @@ installer: builddir
sed -i '/sapp-pr:/d;/tfe-pr:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml sed -i '/sapp-pr:/d;/tfe-pr:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml
sysroot-base: builddir sysroot-base: builddir
$(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) $(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) $(PROFILE_ID)
sysroot-verfile: sysroot-base sysroot-verfile: sysroot-base
sed -i -e "s/^NAME=.*/NAME=\"TSG-OS\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release sed -i -e "s/^NAME=.*/NAME=\"TSG-OS\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release

71
make/Makefile.TSGXNXR620G40R01P1403 Normal file
View File

@@ -0,0 +1,71 @@
PROFILE_ID := TSG-X-NXR620G40-R01-P1403
SUPPORTED_MACHINE_ID := TSG-X-NXR620G40-R01-P1403
KERNEL_ARGS := console=ttyS0,115200n8 crashkernel=512M default_hugepagesz=1G hugepagesz=1G hugepages=16 intel_iommu=on iommu=pt mitigations=off pci=realloc,assign-busses psi=1 isolcpus=4-95
GRUB_SERIAL_COMMAND :=
SIZE_PART_SYSROOT := 16384M
SIZE_PART_UPDATE := 16384M
PROFILE_ID_IN_SHORT := $(subst -,$e,$(PROFILE_ID))
CHROOT_PKG := tsg-os-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-chroot.tar.bz2
CHROOT_BIN := tsg-os-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-ONIE.bin
TARGET_BUILD_DIR := $(BUILDDIR_BASE)/$(PROFILE_ID)
TARGET_INSTALLER_DIR := $(TARGET_BUILD_DIR)/installer
TARGET_SYSROOT_DIR := $(TARGET_BUILD_DIR)/sysroot
.PHONY: all builddir installer sysroot-base sysroot-ansible sysroot-cleanup sysroot-archive sysroot-binary clean
all: sysroot-binary
builddir:
mkdir -p $(TARGET_BUILD_DIR)
installer: builddir
rm -rf $(TARGET_INSTALLER_DIR)
mkdir -p $(TARGET_INSTALLER_DIR)
cp $(INSTALLERDIR)/install.sh $(TARGET_INSTALLER_DIR)/install.sh
cp $(INSTALLERDIR)/distro-setup.sh $(TARGET_INSTALLER_DIR)/distro-setup.sh
chmod +x $(TARGET_INSTALLER_DIR)/install.sh
chmod +x $(TARGET_INSTALLER_DIR)/distro-setup.sh
sed -i -e "s/%%DISTR0_VER%%/$(OS_RELEASE_VER)/" $(TARGET_INSTALLER_DIR)/install.sh
sed -i -e "s/%%MACHINE_ID%%/$(SUPPORTED_MACHINE_ID)/" $(TARGET_INSTALLER_DIR)/install.sh
sed -i -e "s/%%CHROOT_PKG%%/$(CHROOT_PKG)/" $(TARGET_INSTALLER_DIR)/install.sh
sed -i -e "s/%%KERNAL_ARGS%%/$(KERNEL_ARGS)/" $(TARGET_INSTALLER_DIR)/install.sh
sed -i -e "s/%%GRUB_SERIAL_COMMAND%%/$(GRUB_SERIAL_COMMAND)/" $(TARGET_INSTALLER_DIR)/install.sh
sed -i -e "s/%%SIZE_PART_SYSROOT%%/$(SIZE_PART_SYSROOT)/" $(TARGET_INSTALLER_DIR)/install.sh
sed -i -e "s/%%SIZE_PART_UPDATE%%/$(SIZE_PART_UPDATE)/" $(TARGET_INSTALLER_DIR)/install.sh
sed -i '/sapp:/d;/tfe:/d' $(PROJECTDIR)/ansible/install_config/group_vars/rpm_version.yml
sysroot-base: builddir
$(TOOLSDIR)/mk-base-image $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR) $(PROJECTDIR) $(PROFILE_ID)
sysroot-verfile: sysroot-base
sed -i -e "s/^NAME=.*/NAME=\"TSG-OS\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release
sed -i -e "s/^VERSION=.*/VERSION=\"$(OS_RELEASE_VER) ($(PROFILE_ID_IN_SHORT))\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release
sed -i -e "s/^PRETTY_NAME=.*/PRETTY_NAME=\"TSG-OS $(OS_RELEASE_VER) ($(PROFILE_ID_IN_SHORT))\"/" $(TARGET_SYSROOT_DIR)/usr/lib/os-release
sysroot-ansible: sysroot-verfile sysroot-base
cp $(CONFDIR)/yum.conf $(TARGET_SYSROOT_DIR)/tmp/ -r
cp $(CONFDIR)/resolv.conf $(TARGET_SYSROOT_DIR)/etc/ -r
cp $(TARGET_SYSROOT_DIR)/etc/hosts $(TARGET_SYSROOT_DIR)/tmp/ -r
cp /etc/hosts $(TARGET_SYSROOT_DIR)/etc/ -r
$(TOOLSDIR)/ansible-HAL $(PROFILE_ID) $(PROJECTDIR) $(TARGET_SYSROOT_DIR) /tmp/yum.conf
cp $(TARGET_SYSROOT_DIR)/tmp/hosts $(TARGET_SYSROOT_DIR)/etc/ -r
sysroot-cleanup:
rm -rf $(TARGET_SYSROOT_DIR)/tmp/*
rm -rf $(TARGET_SYSROOT_DIR)/dev/*
sysroot-archive: installer sysroot-ansible sysroot-cleanup
tar --exclude=*~ --exclude-backups --owner=root --group=root -c -C $(TARGET_SYSROOT_DIR) . | pbzip2 -p9 > $(TARGET_INSTALLER_DIR)/$(CHROOT_PKG)
sysroot-binary: sysroot-archive
mkdir -p $(TARGET_BUILD_DIR)/cook-bits
$(TOOLSDIR)/cook-bits $(TARGET_BUILD_DIR) $(TARGET_BUILD_DIR)/cook-bits $(IMAGEDIR_BASE)/$(CHROOT_BIN)
sha256sum $(IMAGEDIR_BASE)/$(CHROOT_BIN) | awk '{print $$1}' > $(IMAGEDIR_BASE)/$(CHROOT_BIN).sha256sum.txt
clean:
rm -rf $(TARGET_BUILD_DIR)

12
tools/mk-base-image
View File

@@ -9,7 +9,12 @@
yum_config=$1 yum_config=$1
target=$2 target=$2
projectdir=$3 projectdir=$3
kernel_version="5.4.159-1.el7.elrepo.x86_64" profile_id=$4
if [ $profile_id == "TSG-X-NXR620G40-R01-P1403" ];then
kernel_version="3.10.0-1160.59.1.el7.x86_64"
else
kernel_version="5.4.159-1.el7.elrepo.x86_64"
fi
set -ex set -ex
@@ -24,8 +29,9 @@ setopt="group_package_types=mandatory,default,optional"
yum -c "$yum_config" --installroot="$target" -y makecache yum -c "$yum_config" --installroot="$target" -y makecache
yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt install $package_to_install yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt install $package_to_install
yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt localinstall $locak_package_to_install if [ $profile_id != "TSG-X-NXR620G40-R01-P1403" ];then
yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt localinstall $locak_package_to_install
fi
#git clone --depth 1 https://github.com/brendangregg/FlameGraph.git /opt/tools/FlameGraph/ #git clone --depth 1 https://github.com/brendangregg/FlameGraph.git /opt/tools/FlameGraph/
#git clone --depth 1 https://github.com/brendangregg/perf-tools.git /opt/tools/perf-tools/ #git clone --depth 1 https://github.com/brendangregg/perf-tools.git /opt/tools/perf-tools/
test -d "$target"/opt/tools/ || mkdir -p "$target"/opt/tools/ test -d "$target"/opt/tools/ || mkdir -p "$target"/opt/tools/