bugfix:删除helm中value.yaml多余配置项

2023-03-24 15:50:28 +08:00
parent 3c23c56644
commit 584de2f389
5 changed files with 46 additions and 125 deletions
--- a/ansible/roles/traffic-engine/files/helm/conf/sce.conf
+++ b/ansible/roles/traffic-engine/files/helm/conf/sce.conf
@@ -36,7 +36,7 @@ max_chaining_size=32
 # bypass_all_traffic:1 NF2NF and SF2SF
 bypass_all_traffic=0
 rx_burst_max=128
-app_symbol=sce_{{ .Values.sce_config.nic_index }}
+app_symbol=sce_{{ .Release.Name }}
 dev_endpoint={{ .Values.sce_config.endpoint_nic }}
 dev_nf_interface={{ .Values.sce_config.steering_nic }}
 dev_endpoint_src_ip={{ .Values.sce_config.endpoint_ip }}
@@ -64,7 +64,6 @@ telegraf_bind_address=127.0.0.1
 telegraf_listen_port=8300

 [bfdd]
-#path=/var/run/frr/bfdd_{{ .Values.vsys_id }}.vty
-path={{ .Values.sce_config.bfdd_socket_path }}/bfdd.vty
+path=/run/frr/bfdd.vty
 device={{ .Values.sce_config.endpoint_nic }}
 gateway={{ .Values.sce_config.endpoint_gateway }}
--- a/ansible/roles/traffic-engine/files/helm/templates/_config.tpl
+++ b/ansible/roles/traffic-engine/files/helm/templates/_config.tpl
@@ -139,7 +139,9 @@ enable_breakpad_upload=0
            cp /opt/tsg/config/main.conf               /opt/tsg/sapp/tsgconf/main.conf
            cp /opt/tsg/config/maat.conf               /opt/tsg/sapp/tsgconf/maat.conf
            cp /opt/tsg/config/sapp.toml               /opt/tsg/sapp/etc/sapp.toml
+{{ if eq .Values.proxy.enable .Values.define_enable_val_yes }}
            cp /opt/tsg/config/kni.conf                /opt/tsg/sapp/etc/kni/kni.conf
+{{- end }}
            cp /opt/tsg/config/wangw.conf              /opt/tsg/sapp/etc/wannat/wangw.conf
            cp /opt/tsg/config/wire_graft.conf         /opt/tsg/sapp/etc/wire_graft/wire_graft.conf
            cp /opt/tsg/config/tsg_conn_sketch.inf     /opt/tsg/sapp/plug/business/tsg_conn_sketch/tsg_conn_sketch.inf
@@ -158,8 +160,8 @@ enable_breakpad_upload=0
            export TOKEN=$(cat ${SERVICEACCOUNT}/token)
            export CACERT=${SERVICEACCOUNT}/ca.crt
            curl --cacert ${CACERT} --header "Authorization: Bearer ${TOKEN}" -X GET ${APISERVER}/api/v1/namespaces/${NAMESPACE}/services/${SERVICENAME} -o /tmp/service.txt
-            export CLUSTER_ANNOUNCE_PORT=$(cat /tmp/service.txt | jq '.spec.ports[] | select(.name=="cluster-announce-port") | .nodePort')
-            export HEALTH_CHECK_ANNOUNCE_PORT=$(cat /tmp/service.txt | jq '.spec.ports[] | select(.name=="healthcheck-announce-port") | .nodePort')
+            export CLUSTER_ANNOUNCE_PORT=$(cat /tmp/service.txt | jq '.spec.ports[] | select(.name=="shaping-cluster-announce-port") | .nodePort')
+            export HEALTH_CHECK_ANNOUNCE_PORT=$(cat /tmp/service.txt | jq '.spec.ports[] | select(.name=="shaping-healthcheck-announce-port") | .nodePort')
            echo "export CLUSTER_ANNOUNCE_PORT=${CLUSTER_ANNOUNCE_PORT}" > /etc/profile.d/announceinfo.sh
            echo "export HEALTH_CHECK_ANNOUNCE_PORT=${HEALTH_CHECK_ANNOUNCE_PORT}" >> /etc/profile.d/announceinfo.sh
            chmod 0755 /etc/profile.d/announceinfo.sh
--- a/ansible/roles/traffic-engine/files/helm/templates/service.yaml
+++ b/ansible/roles/traffic-engine/files/helm/templates/service.yaml
@@ -2,30 +2,18 @@ apiVersion: v1
 kind: Service
 metadata:
  labels:
-    app: traffic-engine-announce-vsys-{{ .Values.vsys_id }}
-  name: traffic-engine-announce-vsys-{{ .Values.vsys_id }}
-  {{- with .Values.service.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
+    app: shaping-announce-port-{{ .Release.Name }}
+  name: shaping-announce-port-{{ .Release.Name }}
  namespace: {{ .Release.Namespace }}

 spec:
  ports:
  - name: cluster-announce-port
-    {{- if .Values.service.type }}{{ if (and (eq .Values.service.type "NodePort") .Values.service.nodePort.clusterAnnounce) }}
-    nodePort: {{ .Values.service.nodePort.clusterAnnounce }}
-    {{- end }}{{ end }}
-    port: {{ .Values.service.port.clusterAnnounce }}
-    targetPort: cluster
+    port: 8551
+    targetPort: 8551
  - name: healthcheck-announce-port
-    {{- if .Values.service.type }}{{ if (and (eq .Values.service.type "NodePort") .Values.service.nodePort.healthcheckAnnounce) }}
-    nodePort: {{ .Values.service.nodePort.healthcheckAnnounce }}
-    {{- end }}{{ end }}
-    port: {{ .Values.service.port.healthcheckAnnounce }}
-    targetPort: healthcheck
+    port: 8552
+    targetPort: 8552
  selector:
-    app: traffic-engine-vsys-{{ .Values.vsys_id }}
-  {{- if .Values.service.type }}
-  type: {{ .Values.service.type }}
-  {{- end }}
+    app: traffic-engine-{{ .Release.Name }}
+  type: NodePort
--- a/ansible/roles/traffic-engine/files/helm/templates/traffic-engine.yaml
+++ b/ansible/roles/traffic-engine/files/helm/templates/traffic-engine.yaml
@@ -6,23 +6,22 @@ metadata:
    app: traffic-engine-{{ .Release.Name }}

 spec:
-  replicas: {{ .Values.replicaCount }}
+  replicas: 1
  selector:
    matchLabels:
-      app: traffic-engine-vsys-{{ .Values.vsys_id }}
+      app: traffic-engine-{{ .Release.Name }}
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
-        app: traffic-engine-vsys-{{ .Values.vsys_id }}
-        vsysId: vsys-{{ .Values.vsys_id }}
+        app: traffic-engine-{{ .Release.Name }}
+        vsysId: {{ .Values.vsys_id }}
        serviceFunction: {{ .Values.nic_raw_name }}
      annotations:
        configHash: "{{ .Values.configHash }}"
-  {{- with .Values.deployment.annotations }}
-        {{- toYaml . | nindent 8 }}
-  {{- end }}
+        prometheus.io/port: "9004"
+        prometheus.io/scrape: "true"

    spec:
      tolerations:
@@ -34,8 +33,8 @@ spec:
        effect: NoSchedule
      containers:
      - name: firewall
-        image: "{{ .Values.image.firewall.repository }}:{{ .Values.image.firewall.tag | default .Chart.AppVersion }}"
-        imagePullPolicy: {{ .Values.image.firewall.pullPolicy }}
+        image: "docker.io/library/tsg-firewall:{{ .Chart.AppVersion }}"
+        imagePullPolicy: Never
        workingDir: /opt/tsg/sapp
        command:
          - "bash"
@@ -48,10 +47,8 @@ spec:
            exec /opt/tsg/sapp/sapp
        ports:
          - containerPort: 9273
-          - name: cluster
-            containerPort: 8551
-          - name: healthcheck
-            containerPort: 8552
+          - containerPort: 8551
+          - containerPort: 8552
        env:
        - name: MRZCPD_CTRLMSG_LISTEN_ADDR
          valueFrom:
@@ -62,7 +59,7 @@ spec:
            fieldRef:
              fieldPath: status.hostIP
        - name: SERVICENAME
-          value: traffic-engine-announce-vsys-{{ .Values.vsys_id }}
+          value: shaping-announce-port-{{ .Release.Name }}
        - name: NODE_IP
          valueFrom:
            fieldRef:
@@ -109,8 +106,8 @@ spec:

 {{- if and (eq .Values.proxy.enable .Values.define_enable_val_yes) (ge (len .Values.tfe_affinity) 1) }}
      - name: proxy
-        image: "{{ .Values.image.proxy.repository }}:{{ .Values.image.proxy.tag | default .Chart.AppVersion }}"
-        imagePullPolicy: {{ .Values.image.proxy.pullPolicy }}
+        image: "docker.io/library/tsg-proxy:{{ .Chart.AppVersion }}"
+        imagePullPolicy: Never
        workingDir: /opt/tsg/tfe
        command:
          - "bash"
@@ -160,8 +157,8 @@ spec:
 {{- end }}

      - name: certstore
-        image: "{{ .Values.image.certstore.repository }}:{{ .Values.image.certstore.tag | default .Chart.AppVersion }}"
-        imagePullPolicy: {{ .Values.image.certstore.pullPolicy }}
+        image: "docker.io/library/tsg-certstore:{{ .Chart.AppVersion }}"
+        imagePullPolicy: Never
        workingDir: /opt/tsg/certstore
        command:
          - "bash"
@@ -191,8 +188,8 @@ spec:
          mountPath: /etc/traffic-engine/hotfix/certstore

      - name: cert-redis
-        image: "{{ .Values.image.certRedis.repository }}:{{ .Values.image.certRedis.tag | default .Chart.AppVersion }}"
-        imagePullPolicy: {{ .Values.image.certRedis.pullPolicy }}
+        image: "docker.io/library/tsg-certstore:{{ .Chart.AppVersion }}"
+        imagePullPolicy: Never
        command: ["/usr/bin/redis-server", "/etc/cert-redis.conf"]
        securityContext:
          privileged: true
@@ -202,7 +199,7 @@ spec:
          readOnly: true       

      - name: telegraf
-        image: "{{ .Values.image.telegraf.repository }}:{{ .Values.image.telegraf.tag | default .Chart.AppVersion }}"
+        image: "docker.io/library/tsg-telegraf:{{ .Chart.AppVersion }}"
        imagePullPolicy: {{ .Values.image.telegraf.pullPolicy }}
        command: ["/usr/bin/telegraf", "-config", "/etc/telegraf/telegraf_statistic.conf", "-config-directory", "/etc/telegraf/telegraf_statistic.d"]
        securityContext:
@@ -223,7 +220,7 @@ spec:

 {{- if eq .Values.shaping.enable .Values.define_enable_val_yes }}
      - name: telegraf-shaping
-        image: "{{ .Values.image.telegraf.repository }}:{{ .Values.image.telegraf.tag | default .Chart.AppVersion }}"
+        image: "docker.io/library/tsg-telegraf:{{ .Chart.AppVersion }}"
        imagePullPolicy: {{ .Values.image.telegraf.pullPolicy }}
        command: ["/usr/bin/telegraf", "-config", "/etc/telegraf/telegraf_shaping.conf", "-config-directory", "/etc/telegraf/telegraf_statistic.d"]
        securityContext:
@@ -244,16 +241,16 @@ spec:
 {{- end }}

      - name: merge-exporter
-        image: "{{ .Values.mergeExporter.image.repository }}:{{ .Values.mergeExporter.image.tag }}"
-        imagePullPolicy: {{ .Values.mergeExporter.image.pullPolicy }}
+        image: "quay.io/rebuy/exporter-merger:v0.2.0"
+        imagePullPolicy: Never
        ports:
-        - containerPort: {{ .Values.mergeExporter.port }}
+        - containerPort: 9004
        env:
        # space-separated list of URLs
        - name: MERGER_URLS
          {{- include "traffic-engine.merge-exporter.merge-urls" . | nindent 10 }}
        - name: MERGER_PORT
-          value: "{{ .Values.mergeExporter.mergePort }}"
+          value: "9004"

      - name: minidump-hook
        image: "{{ .Values.image.tsgInit.repository }}:{{ .Values.image.tsgInit.tag | default .Chart.AppVersion }}"
@@ -269,7 +266,7 @@ spec:

 {{- if and (eq .Values.sce.enable .Values.define_enable_val_yes) (.Values.sce_config.endpoint_nic) }}
      - name: telegraf-sce
-        image: "{{ .Values.image.telegraf.repository }}:{{ .Values.image.telegraf.tag | default .Chart.AppVersion }}"
+        image: "docker.io/library/tsg-telegraf:{{ .Chart.AppVersion }}"
        imagePullPolicy: {{ .Values.image.telegraf.pullPolicy }}
        command: ["/usr/bin/telegraf", "-config", "/etc/telegraf/telegraf_sce.conf", "-config-directory", "/etc/telegraf/telegraf_statistic.d"]
        securityContext:
@@ -289,8 +286,8 @@ spec:
          readOnly: true

      - name: sce
-        image: "{{ .Values.image.sce.repository }}:{{ .Values.image.sce.tag | default .Chart.AppVersion }}"
-        imagePullPolicy: {{ .Values.image.sce.pullPolicy }}
+        image: "docker.io/library/tsg-sce:{{ .Chart.AppVersion }}"
+        imagePullPolicy: Never
        workingDir: /opt/tsg/sce
        command:
          - "bash"
@@ -350,11 +347,11 @@ spec:
        - name: hotfix-sce
          mountPath: /etc/traffic-engine/hotfix/sce
        - name: bfdd-unix-socket
-          mountPath: {{ .Values.sce_config.bfdd_socket_path }}
+          mountPath: /run/frr

      - name: bfdd
-        image: "{{ .Values.image.bfdd.repository }}:{{ .Values.image.bfdd.tag | default .Chart.AppVersion }}"
-        imagePullPolicy: {{ .Values.image.bfdd.pullPolicy }}
+        image: "docker.io/library/tsg-bfdd:{{ .Chart.AppVersion }}"
+        imagePullPolicy: Never
        workingDir: /opt/tsg/bfdd
        command:
          - "bash"
@@ -387,14 +384,14 @@ spec:
        - name: hotfix-bfdd
          mountPath: /etc/traffic-engine/hotfix/bfdd
        - name: bfdd-unix-socket
-          mountPath: {{ .Values.sce_config.bfdd_socket_path }}
+          mountPath: /run/frr
 {{- end }}


      initContainers:
      - name: tsg-init
-        image: "{{ .Values.image.tsgInit.repository }}:{{ .Values.image.tsgInit.tag | default .Chart.AppVersion }}"
-        imagePullPolicy: {{ .Values.image.tsgInit.pullPolicy }}
+        image: "docker.io/library/tsg-init:{{ .Chart.AppVersion }}"
+        imagePullPolicy: Never
        command: ["/opt/tsg/provision-init.sh"]
        securityContext:
          privileged: true
--- a/ansible/roles/traffic-engine/files/helm/values.yaml
+++ b/ansible/roles/traffic-engine/files/helm/values.yaml
@@ -138,45 +138,6 @@ session_id_generator:
  snowflake_worker_id_base: 1
  snowflake_worker_id_offset: 1

-replicaCount: 1
-image:
-  firewall:
-    repository: docker.io/library/tsg-firewall
-    pullPolicy: Never
-    tag: ""
-  proxy:
-    repository: docker.io/library/tsg-proxy
-    pullPolicy: Never
-    tag: ""
-  certstore:
-    repository: docker.io/library/tsg-certstore
-    pullPolicy: Never
-    tag: ""
-  certRedis:
-    repository: docker.io/library/tsg-certstore
-    pullPolicy: Never
-    tag: ""
-  telegraf:
-    repository: docker.io/library/tsg-telegraf
-    pullPolicy: Never
-    tag: ""
-  tsgInit:
-    repository: docker.io/library/tsg-init
-    pullPolicy: Never
-    tag: ""
-  sce:
-    repository: docker.io/library/tsg-sce
-    pullPolicy: Never
-    tag: ""
-  bfdd:
-    repository: docker.io/library/tsg-bfdd
-    pullPolicy: Never
-    tag: ""
-
-
-
-
-
 decoders:
  DNS: yes
  QUIC: yes
@@ -197,30 +158,6 @@ decoders:

 configHash: "defaulthash"

-
-mergeExporter:
-  image:
-    repository: quay.io/rebuy/exporter-merger
-    pullPolicy: Never
-    tag: "v0.2.0"
-  port: "9004"
-#  mergeUrls: "http://localhost:9273/metrics http://localhost:9001/metrics http://localhost:9002/metrics"
-  mergePort: "9004"
-
-deployment:
-  annotations:
-    prometheus.io/scrape: "true"
-    prometheus.io/port: "9004"
-
-service:
-  type: "NodePort"
-  port:
-    clusterAnnounce: 8551
-    healthcheckAnnounce: 8552
-  nodePort:
-    clusterAnnounce: null
-    healthcheckAnnounce: null
-
 shaping:
  enable: yes

@@ -230,13 +167,11 @@ service_chaining:
 sce_config:
  steering_nic: nf_0_sce
  endpoint_nic: endpoint_0_sce
-  nic_index: 1
  endpoint_ip: 127.0.0.1
  endpoint_gateway: 127.0.0.1
  endpoint_netip: 127.0.0.1
  endpoint_mask: 24
  affinity: [1]
-  bfdd_socket_path: "/run/frr"

 sid:
  firewall: 1