From 605b62e5ea3f8669cebebadfb59748e06fcd2aa5 Mon Sep 17 00:00:00 2001 From: fumingwei Date: Tue, 28 Mar 2023 15:19:00 +0800 Subject: [PATCH] =?UTF-8?q?feature:1.TSG-14343:=E6=94=AF=E6=8C=81=E6=B8=B2?= =?UTF-8?q?=E6=9F=93shaping=5Fengine=E9=85=8D=E7=BD=AE2.TSG-14471:?= =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=B8=B2=E6=9F=93shaping=20SID=E9=85=8D?= =?UTF-8?q?=E7=BD=AE=E9=A1=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ansible/HAL_deploy.yml | 11 ++- .../install_config/group_vars/rpm_version.yml | 4 + .../roles/firewall/templates/main.conf.j2.j2 | 2 + ansible/roles/shaping_engine/tasks/main.yml | 21 +++++ .../traffic-engine/files/helm/conf/main.conf | 23 +---- .../files/helm/conf/shaping.conf | 42 ++++++++++ .../files/helm/templates/_config.tpl | 70 +++++++++------- .../files/helm/templates/shaping.yaml | 7 ++ .../files/helm/templates/traffic-engine.yaml | 83 +++++++++++++++++-- .../traffic-engine/files/helm/values.yaml | 6 ++ .../provision.default.yml.7400MCN0P01R01 | 3 + .../provision.default.yml.9000NPBP01R01 | 5 +- ...rovision.default.yml.TSGXNXR620G40R01P0804 | 3 + ...rovision.default.yml.TSGXNXR620G40R01P1403 | 3 + .../provision.yml.sample.7400MCN0P01R01 | 3 + .../provision.yml.sample.9000NPBP01R01 | 3 + ...provision.yml.sample.TSGXNXR620G40R01P0804 | 3 + ...provision.yml.sample.TSGXNXR620G40R01P1403 | 3 + make/Makefile.TSGXNXR620G40R01P0906 | 26 ++++++ 19 files changed, 258 insertions(+), 63 deletions(-) create mode 100644 ansible/roles/shaping_engine/tasks/main.yml create mode 100644 ansible/roles/traffic-engine/files/helm/conf/shaping.conf create mode 100644 ansible/roles/traffic-engine/files/helm/templates/shaping.yaml diff --git a/ansible/HAL_deploy.yml b/ansible/HAL_deploy.yml index 049b5c4a..de06e390 100644 --- a/ansible/HAL_deploy.yml +++ b/ansible/HAL_deploy.yml @@ -190,7 +190,6 @@ - {role: mrzcpd, tags: mrzcpd} - {role: sapp, tags: sapp} - {role: tsg_master, tags: tsg_master} - - {role: shaping_master, tags: shaping_master} - {role: kni, tags: kni} - {role: firewall, tags: firewall} - {role: tsg_app, tags: tsg_app} @@ -253,6 +252,16 @@ - {role: framework, tags: framework} - {role: bfdd, tags: bfdd} +- hosts: TSG-X-NXR620G40-R01-P0906-shaping-engine + remote_user: root + vars_files: + - install_config/group_vars/HAL_TSGXNXR620G40R01P0906.yml + - install_config/group_vars/rpm_version.yml + roles: + - {role: container-tools-install, tags: container-tools-install} + - {role: framework, tags: framework} + - {role: shaping_engine, tags: shaping_engine} + - hosts: server remote_user: root vars_files: diff --git a/ansible/install_config/group_vars/rpm_version.yml b/ansible/install_config/group_vars/rpm_version.yml index a0deabdc..5ddd6c1c 100644 --- a/ansible/install_config/group_vars/rpm_version.yml +++ b/ansible/install_config/group_vars/rpm_version.yml @@ -105,3 +105,7 @@ sce_rpm_version: bfdd_rpm_version: bfdd: bfdd-1.0.2-release + + +shaping_engine_rpm_version: + shaping_engine: #TODO \ No newline at end of file diff --git a/ansible/roles/firewall/templates/main.conf.j2.j2 b/ansible/roles/firewall/templates/main.conf.j2.j2 index e784d4c9..d438f0b2 100644 --- a/ansible/roles/firewall/templates/main.conf.j2.j2 +++ b/ansible/roles/firewall/templates/main.conf.j2.j2 @@ -60,6 +60,8 @@ DEVICE_SEQ_IN_DATA_CENTER={{ session_id_generator.snowflake_worker_id_offset }} {% endif %} {% endraw %} FEATURE_TAMPER=1 +{% raw %}SHAPING_SID={{ sid.shaping }} +{% endraw %} [TSG_CONN_SKETCH] tcp_min_pkts=3 diff --git a/ansible/roles/shaping_engine/tasks/main.yml b/ansible/roles/shaping_engine/tasks/main.yml new file mode 100644 index 00000000..51e63c4b --- /dev/null +++ b/ansible/roles/shaping_engine/tasks/main.yml @@ -0,0 +1,21 @@ +--- +- name: "download rpm packages: shaping_engine" + yum: + name: + - "{{ shaping_engine_rpm_version.shaping_engine }}" + conf_file: "{{ rpm_repo_config_path }}" + state: present + download_only: yes + download_dir: "{{ path_download }}" + +- name: "Get shaping_engine rpm path" + find: + path: /tmp/rpm_download/ + pattern: "{{ shaping_engine_rpm_version.shaping_engine }}*" + register: shaping_engine_rpm_fullname + +- name: "Install shaping_engine from local path" + yum: + name: "{{ shaping_engine_rpm_fullname.files[0].path }}" + state: present + disable_gpg_check: yes diff --git a/ansible/roles/traffic-engine/files/helm/conf/main.conf b/ansible/roles/traffic-engine/files/helm/conf/main.conf index a3669a4f..3178ecbe 100644 --- a/ansible/roles/traffic-engine/files/helm/conf/main.conf +++ b/ansible/roles/traffic-engine/files/helm/conf/main.conf @@ -45,6 +45,7 @@ FEATURE_TAMPER=1 #IDENTIFY_PROTO_NAME="DNS;QUIC;HTTP;MAIL;FTP;SSL;RTP;SIP;SSH;RADIUS;SOCKS;STRATUM;RDP;BGP;DTLS;GTPC;" IDENTIFY_PROTO_NAME="{{- include "traffic-engine.config.identify-proto-name" . }}" SERVICE_CHAINING_SID={{ .Values.sid.sce }} +SHAPING_SID={{ .Values.sid.shaping }} [TSG_CONN_SKETCH] tcp_min_pkts=3 @@ -146,25 +147,3 @@ SIGNALING_ORIGIN="REDIS" HOS_IP="{{- include "traffic-engine.config.hos-address" . }}" HOS_PORT={{- include "traffic-engine.config.hos-port" . }} - -{{- if eq .Values.shaping.enable .Values.define_enable_val_yes }} -[SHAPING] -SWARMKV_CLUSTER_NAME="tsg-shaping-vsys{{ .Values.vsys_id }}" -SWARMKV_NODE_IP="0.0.0.0" -SWARMKV_NODE_PORT=8551 -SWARMKV_CONSUL_IP="NODE_IP_LOCATION" -SWARMKV_CONSUL_PORT=8500 - -SWARMKV_CLUSTER_ANNOUNCE_IP="NODE_IP_LOCATION" -SWARMKV_CLUSTER_ANNOUNCE_PORT=CLUSTER_ANNOUNCE_PORT_LOCATION - -SWARMKV_HEALTH_CHECK_PORT=8552 -SWARMKV_HEALTH_CHECK_ANNOUNCE_PORT=HEALTH_CHECK_ANNOUNCE_PORT_LOCATION - -TELEGRAF_IP="127.0.0.1" -TELEGRAF_PORT=8200 -SESSION_QUEUE_LEN_MAX=128 -PRIORITY_QUEUE_LEN_MAX=1024 -#POLLING_NODE_NUM_MAX=[ 3, 2, 2, 1, 1, 1, 1, 1, 1, 1 ] -POLLING_NODE_NUM_MAX={"polling_node_num_max":[ 3, 2, 2, 1, 1, 1, 1, 1, 1, 1 ]} -{{- end }} diff --git a/ansible/roles/traffic-engine/files/helm/conf/shaping.conf b/ansible/roles/traffic-engine/files/helm/conf/shaping.conf new file mode 100644 index 00000000..0e6d3df2 --- /dev/null +++ b/ansible/roles/traffic-engine/files/helm/conf/shaping.conf @@ -0,0 +1,42 @@ +[SYSTEM] +WORK_THREAD_NUM={{- include "traffic-engine.shaping.workerthread" . }} +ENABLE_CPU_AFFINITY=1 +CPU_AFFINITY_MASK={{- include "traffic-engine.shaping.cpu-affinity" . }} +firewall_sids={{ .Values.sid.firewall }} + +[MARSIO] +DEV_INTERFACE="{{ .Values.shaping_config.shaping_nic }}" +RX_BRUST_MAX=1 +APP_SYMBOL="shaping_{{ .Release.Name }}" + +[MAAT] +INPUT_MODE=1 +TABLE_INFO="conf/table_info.conf" +JSON_FILE="conf/shaping_maat.json" +REDIS_DB_IDX={{ .Values.vsys_id }} +REDIS_IP="{{ .Values.external_resources.cm.address }}" +REDIS_PORT="{{ .Values.external_resources.cm.port }}" + + +[SWARMKV] +SWARMKV_CLUSTER_NAME="tsg-shaping-vsys{{ .Values.vsys_id }}" +SWARMKV_NODE_IP="0.0.0.0" +SWARMKV_NODE_PORT=8551 +SWARMKV_CONSUL_IP="NODE_IP_LOCATION" +SWARMKV_CONSUL_PORT=8500 +SWARMKV_CLUSTER_ANNOUNCE_IP="NODE_IP_LOCATION" +SWARMKV_CLUSTER_ANNOUNCE_PORT=CLUSTER_ANNOUNCE_PORT_LOCATION +SWARMKV_HEALTH_CHECK_PORT=8552 +SWARMKV_HEALTH_CHECK_ANNOUNCE_PORT=HEALTH_CHECK_ANNOUNCE_PORT_LOCATION + +[METRIC] +FIELDSTAT_OUTPUT_INTERVAL_MS=500 +LINE_PROTOCOL_SERVER_IP="127.0.0.1" +LINE_PROTOCOL_SERVER_PORT=8200 + +[CONFIG] +#PROFILE_QUEUE_LEN_PER_PRIORITY_MAX=128 +SESSION_QUEUE_LEN_MAX=128 +QUEUEING_SESSIONS_PER_PRIORITY_PER_THREAD_MAX=1024 +POLLING_NODE_NUM_MAX={"polling_node_num_max":[ 3, 2, 2, 1, 1, 1, 1, 1, 1, 1 ]} + diff --git a/ansible/roles/traffic-engine/files/helm/templates/_config.tpl b/ansible/roles/traffic-engine/files/helm/templates/_config.tpl index 0a826d7f..f8f4d591 100644 --- a/ansible/roles/traffic-engine/files/helm/templates/_config.tpl +++ b/ansible/roles/traffic-engine/files/helm/templates/_config.tpl @@ -43,13 +43,12 @@ enable_breakpad_upload=0 {{- end -}} {{- define "traffic-engine.sce.workerthread" -}} -{{- if eq (len .Values.sce_config.affinity) 1 }} -{{- 1 }} -{{- else }} -{{- sub (len .Values.sce_config.affinity) 1 }} -{{- end }} +{{- len .Values.sce_affinity }} {{- end -}} +{{- define "traffic-engine.shaping.workerthread" -}} +{{- len .Values.shaping_affinity }} +{{- end -}} {{- define "traffic-engine.tfe.cpu-affinity" -}} {{- if eq (len .Values.tfe_affinity) 1 }} @@ -60,13 +59,12 @@ enable_breakpad_upload=0 {{- end -}} {{- define "traffic-engine.sce.cpu-affinity" -}} -{{- if eq (len .Values.sce_config.affinity) 1 }} -{{- print (index .Values.sce_config.affinity 0) }} -{{- else }} -{{- join "," .Values.sce_config.affinity }} -{{- end }} +{{- join "," .Values.sce_affinity }} {{- end -}} +{{- define "traffic-engine.shaping.cpu-affinity" -}} +{{- join "," .Values.shaping_affinity }} +{{- end -}} {{- define "traffic-engine.device-tag-list" -}} {{- $tags_list := list -}} @@ -153,28 +151,6 @@ enable_breakpad_upload=0 cp /opt/tsg/config/necessary_plug_list.conf /opt/tsg/sapp/etc/necessary_plug_list.conf {{- end -}} -{{- define "traffic-engine.firewall.get-service-node-port" -}} - export APISERVER=https://kubernetes.default.svc - export SERVICEACCOUNT=/var/run/secrets/kubernetes.io/serviceaccount - export NAMESPACE=$(cat ${SERVICEACCOUNT}/namespace) - export TOKEN=$(cat ${SERVICEACCOUNT}/token) - export CACERT=${SERVICEACCOUNT}/ca.crt - curl --cacert ${CACERT} --header "Authorization: Bearer ${TOKEN}" -X GET ${APISERVER}/api/v1/namespaces/${NAMESPACE}/services/${SERVICENAME} -o /tmp/service.txt - export CLUSTER_ANNOUNCE_PORT=$(cat /tmp/service.txt | jq '.spec.ports[] | select(.name=="shaping-cluster-announce-port") | .nodePort') - export HEALTH_CHECK_ANNOUNCE_PORT=$(cat /tmp/service.txt | jq '.spec.ports[] | select(.name=="shaping-healthcheck-announce-port") | .nodePort') - echo "export CLUSTER_ANNOUNCE_PORT=${CLUSTER_ANNOUNCE_PORT}" > /etc/profile.d/announceinfo.sh - echo "export HEALTH_CHECK_ANNOUNCE_PORT=${HEALTH_CHECK_ANNOUNCE_PORT}" >> /etc/profile.d/announceinfo.sh - chmod 0755 /etc/profile.d/announceinfo.sh -{{- end -}} - - -{{- define "traffic-engine.firewall.set-shaping-config" -}} - sed -Ei "s|NODE_IP_LOCATION|${NODE_IP?}|g" /opt/tsg/sapp/tsgconf/main.conf - sed -Ei "s|CLUSTER_ANNOUNCE_PORT_LOCATION|${CLUSTER_ANNOUNCE_PORT?}|g" /opt/tsg/sapp/tsgconf/main.conf - sed -Ei "s|HEALTH_CHECK_ANNOUNCE_PORT_LOCATION|${HEALTH_CHECK_ANNOUNCE_PORT?}|g" /opt/tsg/sapp/tsgconf/main.conf -{{- end -}} - - {{- define "traffic-engine.firewall.prestart" -}} if [ -f "/etc/traffic-engine/hotfix/firewall/scripts/prestart.sh" ]; then chmod 0755 /etc/traffic-engine/hotfix/firewall/scripts/prestart.sh; /etc/traffic-engine/hotfix/firewall/scripts/prestart.sh;fi {{- end -}} @@ -256,3 +232,33 @@ enable_breakpad_upload=0 /usr/sbin/ip addr del fd00::02/64 dev tap0 /usr/sbin/ip link set tap0 down */}} + + +{{- define "traffic-engine.shaping.copy-config-to-dest" -}} + cp /opt/tsg/config/shaping.conf /opt/tsg/shaping_engine/conf + cp /opt/tsg/config/tsg_device_tag.json /opt/tsg/etc/tsg_device_tag.json +{{- end -}} + +{{- define "traffic-engine.shaping.prestart" -}} + if [ -f "/etc/traffic-engine/hotfix/shaping/scripts/prestart.sh" ]; then chmod 0755 /etc/traffic-engine/hotfix/shaping/scripts/prestart.sh; /etc/traffic-engine/hotfix/shaping/scripts/prestart.sh;fi +{{- end -}} + +{{- define "traffic-engine.shaping.get-service-node-port" -}} + export APISERVER=https://kubernetes.default.svc + export SERVICEACCOUNT=/var/run/secrets/kubernetes.io/serviceaccount + export NAMESPACE=$(cat ${SERVICEACCOUNT}/namespace) + export TOKEN=$(cat ${SERVICEACCOUNT}/token) + export CACERT=${SERVICEACCOUNT}/ca.crt + curl --cacert ${CACERT} --header "Authorization: Bearer ${TOKEN}" -X GET ${APISERVER}/api/v1/namespaces/${NAMESPACE}/services/${SERVICENAME} -o /tmp/service.txt + export CLUSTER_ANNOUNCE_PORT=$(cat /tmp/service.txt | jq '.spec.ports[] | select(.name=="shaping-cluster-announce-port") | .nodePort') + export HEALTH_CHECK_ANNOUNCE_PORT=$(cat /tmp/service.txt | jq '.spec.ports[] | select(.name=="shaping-healthcheck-announce-port") | .nodePort') + echo "export CLUSTER_ANNOUNCE_PORT=${CLUSTER_ANNOUNCE_PORT}" > /etc/profile.d/announceinfo.sh + echo "export HEALTH_CHECK_ANNOUNCE_PORT=${HEALTH_CHECK_ANNOUNCE_PORT}" >> /etc/profile.d/announceinfo.sh + chmod 0755 /etc/profile.d/announceinfo.sh +{{- end -}} + +{{- define "traffic-engine.shaping.set-shaping-config" -}} + sed -Ei "s|NODE_IP_LOCATION|${NODE_IP?}|g" /opt/tsg/shaping_engine/conf/shaping.conf + sed -Ei "s|CLUSTER_ANNOUNCE_PORT_LOCATION|${CLUSTER_ANNOUNCE_PORT?}|g" /opt/tsg/shaping_engine/conf/shaping.conf + sed -Ei "s|HEALTH_CHECK_ANNOUNCE_PORT_LOCATION|${HEALTH_CHECK_ANNOUNCE_PORT?}|g" /opt/tsg/shaping_engine/conf/shaping.conf +{{- end -}} diff --git a/ansible/roles/traffic-engine/files/helm/templates/shaping.yaml b/ansible/roles/traffic-engine/files/helm/templates/shaping.yaml new file mode 100644 index 00000000..4dc5e58e --- /dev/null +++ b/ansible/roles/traffic-engine/files/helm/templates/shaping.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: shaping-{{ .Release.Name }} + namespace: default +data: + shaping.conf: {{ tpl (.Files.Get "conf/shaping.conf") . | quote }} \ No newline at end of file diff --git a/ansible/roles/traffic-engine/files/helm/templates/traffic-engine.yaml b/ansible/roles/traffic-engine/files/helm/templates/traffic-engine.yaml index 97466b86..360b188e 100644 --- a/ansible/roles/traffic-engine/files/helm/templates/traffic-engine.yaml +++ b/ansible/roles/traffic-engine/files/helm/templates/traffic-engine.yaml @@ -41,14 +41,10 @@ spec: - "-ec" - | {{ template "traffic-engine.firewall.copy-config-to-dest" }} - {{ template "traffic-engine.firewall.get-service-node-port" }} - {{ template "traffic-engine.firewall.set-shaping-config" }} {{ template "traffic-engine.firewall.prestart" }} exec /opt/tsg/sapp/sapp ports: - containerPort: 9273 - - containerPort: 8551 - - containerPort: 8552 env: - name: MRZCPD_CTRLMSG_LISTEN_ADDR valueFrom: @@ -58,8 +54,6 @@ spec: valueFrom: fieldRef: fieldPath: status.hostIP - - name: SERVICENAME - value: shaping-announce-port-{{ .Release.Name }} - name: NODE_IP valueFrom: fieldRef: @@ -219,6 +213,69 @@ spec: readOnly: true {{- if eq .Values.shaping.enable .Values.define_enable_val_yes }} + - name: shaping + image: "docker.io/library/tsg-shaping:{{ .Chart.AppVersion }}" + imagePullPolicy: Never + workingDir: /opt/tsg/shaping_engine + command: + - "bash" + - "-ec" + - | + {{ template "traffic-engine.shaping.copy-config-to-dest" }} + {{ template "traffic-engine.shaping.get-service-node-port" }} + {{ template "traffic-engine.shaping.set-shaping-config" }} + {{ template "traffic-engine.shaping.prestart" }} + exec /opt/tsg/shaping_engine/bin/shaping_engine + ports: + - containerPort: 8551 + - containerPort: 8552 + env: + - name: SERVICENAME + value: shaping-announce-port-{{ .Release.Name }} + - name: NODE_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + livenessProbe: + tcpSocket: + port: 8551 + failureThreshold: 1 + timeoutSeconds: 10 + startupProbe: + tcpSocket: + port: 8551 + failureThreshold: 30 + periodSeconds: 10 + securityContext: + privileged: true + volumeMounts: + - name: opt-tsg-mrzcpd + mountPath: /opt/tsg/mrzcpd + readOnly: false + - name: var-run-mrzcpd + mountPath: /var/run/mrzcpd + readOnly: false + - name: var-run-dpdk + mountPath: /var/run/dpdk + readOnly: false + - name: root-sys + mountPath: /root/sys + readOnly: false + - name: shaping + mountPath: "/opt/tsg/config" + - name: config-volume + mountPath: "/opt/tsg/etc/tsg_sn.json" + subPath: "opt/tsg/etc/tsg_sn.json" + - name: shaping-minidump + mountPath: /run/shaping/crashreport + - name: shaping-log + mountPath: /opt/tsg/shaping/log + - name: localtime-node + mountPath: /etc/localtime + readOnly: true + - name: hotfix-shaping + mountPath: /etc/traffic-engine/hotfix/shaping + - name: telegraf-shaping image: "docker.io/library/tsg-telegraf:{{ .Chart.AppVersion }}" imagePullPolicy: Never @@ -264,7 +321,7 @@ spec: - name: certstore-minidump mountPath: /run/certstore/crashreport -{{- if and (eq .Values.sce.enable .Values.define_enable_val_yes) (.Values.sce_config.endpoint_nic) }} +{{- if and (eq .Values.service_chaining.enable .Values.define_enable_val_yes) (.Values.sce_config.endpoint_nic) }} - name: telegraf-sce image: "docker.io/library/tsg-telegraf:{{ .Chart.AppVersion }}" imagePullPolicy: Never @@ -439,6 +496,9 @@ spec: - name: sce configMap: name: sce-{{ .Release.Name }} + - name: shaping + configMap: + name: shaping-{{ .Release.Name }} - name: config-volume emptyDir: {} - name: firewall-minidump @@ -456,6 +516,9 @@ spec: - name: certstore-minidump hostPath: path: /var/crashreport/traffic-engine/traffic-engine-{{ .Release.Name }}/tsg-certstore:{{ .Chart.AppVersion }}/ + - name: shaping-minidump + hostPath: + path: /var/crashreport/traffic-engine/traffic-engine-{{ .Release.Name }}/tsg-shaping:{{ .Chart.AppVersion }}/ - name: firewall-log hostPath: path: /var/log/traffic-engine/traffic-engine-{{ .Release.Name }}/sapp/ @@ -471,6 +534,9 @@ spec: - name: certstore-log hostPath: path: /var/log/traffic-engine/traffic-engine-{{ .Release.Name }}/certstore/ + - name: shaping-log + hostPath: + path: /var/log/traffic-engine/traffic-engine-{{ .Release.Name }}/shaping/ - name: localtime-node hostPath: path: /etc/localtime @@ -489,5 +555,8 @@ spec: - name: hotfix-bfdd hostPath: path: /etc/traffic-engine/hotfix/bfdd + - name: hotfix-shaping + hostPath: + path: /etc/traffic-engine/hotfix/shaping - name: bfdd-unix-socket emptyDir: {} diff --git a/ansible/roles/traffic-engine/files/helm/values.yaml b/ansible/roles/traffic-engine/files/helm/values.yaml index 2dde47d4..bb6ef100 100644 --- a/ansible/roles/traffic-engine/files/helm/values.yaml +++ b/ansible/roles/traffic-engine/files/helm/values.yaml @@ -119,6 +119,8 @@ etherfabric_settings: sapp_affinity: [5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76] tfe_affinity: [77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92] +sce_affinity: [92] +shaping_affinity: [93] tfe_rps_mask: "00000000" @@ -176,3 +178,7 @@ sce_config: sid: firewall: 1 sce: 2 + shaping: 1005 + +shaping_config: + shaping_nic: nf_1_shaping_engine diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01 b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01 index efe814d0..cb232185 100644 --- a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01 +++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01 @@ -91,3 +91,6 @@ consul_agent: shaping: enable: 1 + +sid: + shaping: 1000 \ No newline at end of file diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01 b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01 index 4203fb97..1b9c39a3 100644 --- a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01 +++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01 @@ -89,4 +89,7 @@ consul_agent: node_name: "" shaping: - enable: 1 \ No newline at end of file + enable: 1 + +sid: + shaping: 1000 \ No newline at end of file diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P0804 b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P0804 index b43026bd..eec611be 100644 --- a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P0804 +++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P0804 @@ -99,3 +99,6 @@ consul_agent: shaping: enable: 1 + +sid: + shaping: 1000 \ No newline at end of file diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403 b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403 index 5dcd9e36..0fa39f0c 100644 --- a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403 +++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403 @@ -98,3 +98,6 @@ consul_agent: shaping: enable: 1 + +sid: + shaping: 1000 \ No newline at end of file diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.7400MCN0P01R01 b/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.7400MCN0P01R01 index ae45fa51..d05e0cce 100644 --- a/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.7400MCN0P01R01 +++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.7400MCN0P01R01 @@ -118,3 +118,6 @@ consul_agent: shaping: enable: 1 + +sid: + shaping: 1000 diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.9000NPBP01R01 b/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.9000NPBP01R01 index 435cbb81..6f18f281 100644 --- a/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.9000NPBP01R01 +++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.9000NPBP01R01 @@ -82,3 +82,6 @@ consul_agent: shaping: enable: 1 + +sid: + shaping: 1000 diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P0804 b/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P0804 index 76b97e66..8e9b43f9 100644 --- a/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P0804 +++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P0804 @@ -97,3 +97,6 @@ consul_agent: shaping: enable: 1 + +sid: + shaping: 1000 diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P1403 b/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P1403 index 16cddb75..19d2b236 100644 --- a/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P1403 +++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.yml.sample.TSGXNXR620G40R01P1403 @@ -88,3 +88,6 @@ consul_agent: shaping: enable: 1 + +sid: + shaping: 1000 diff --git a/make/Makefile.TSGXNXR620G40R01P0906 b/make/Makefile.TSGXNXR620G40R01P0906 index 1f7c117a..761c7c4a 100644 --- a/make/Makefile.TSGXNXR620G40R01P0906 +++ b/make/Makefile.TSGXNXR620G40R01P0906 @@ -54,6 +54,11 @@ TARGET_CONTAINER_BFDD_SYSROOT_DIR := $(TARGET_BUILD_DIR)/$(CONTAINER_BFDD_NAME) CONTAINER_BFDD_PKG := tsg-$(CONTAINER_BFDD_NAME)-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-docker.tar.xz CONTAINER_BFDD_TAR := tsg-$(CONTAINER_BFDD_NAME)-${OS_RELEASE_VER}-docker.tar +CONTAINER_SHAPING_NAME := shaping +TARGET_CONTAINER_SHAPING_SYSROOT_DIR := $(TARGET_BUILD_DIR)/$(CONTAINER_SHAPING_NAME)-container_sysroot +CONTAINER_SHAPING_PKG := tsg-$(CONTAINER_SHAPING_NAME)-${OS_RELEASE_VER}-${PROFILE_ID_IN_SHORT}-docker.tar.xz +CONTAINER_SHAPING_TAR := tsg-$(CONTAINER_SHAPING_NAME)-${OS_RELEASE_VER}-docker.tar + .PHONY: all builddir installer sysroot-base sysroot-cleanup sysroot-archive sysroot-binary container-sysroot-base container-sysroot-ansible container-images-generate add-images-into-sysroot container-sysroot-cleanup clean all: sysroot-binary @@ -91,6 +96,7 @@ container-sysroot-base: builddir sysroot-verfile sysroot-ansible rm -rf $(TARGET_CONTAINER_INIT_SYSROOT_DIR) rm -rf $(TARGET_CONTAINER_SCE_SYSROOT_DIR) rm -rf $(TARGET_CONTAINER_BFDD_SYSROOT_DIR) + rm -rf $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR) mkdir -p $(TARGET_CONTAINER_FIREWALL_SYSROOT_DIR) mkdir -p $(TARGET_CONTAINER_RPOXY_SYSROOT_DIR) @@ -99,6 +105,7 @@ container-sysroot-base: builddir sysroot-verfile sysroot-ansible mkdir -p $(TARGET_CONTAINER_INIT_SYSROOT_DIR) mkdir -p $(TARGET_CONTAINER_SCE_SYSROOT_DIR) mkdir -p $(TARGET_CONTAINER_BFDD_SYSROOT_DIR) + mkdir -p $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR) mkdir -p $(TARGET_CONTAINER_IMAGE_DIR) mkdir -p $(TARGET_CONTAINER_IMAGE_TAR_DIR) @@ -110,6 +117,7 @@ container-sysroot-base: builddir sysroot-verfile sysroot-ansible tar -Jxf $(PROJECTDIR)/package/rocky-8.6-docker.tar.xz -C $(TARGET_CONTAINER_INIT_SYSROOT_DIR) tar -Jxf $(PROJECTDIR)/package/rocky-8.6-docker.tar.xz -C $(TARGET_CONTAINER_SCE_SYSROOT_DIR) tar -Jxf $(PROJECTDIR)/package/rocky-8.6-docker.tar.xz -C $(TARGET_CONTAINER_BFDD_SYSROOT_DIR) + tar -Jxf $(PROJECTDIR)/package/rocky-8.6-docker.tar.xz -C $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR) #curl -SL https://raw.githubusercontent.com/rocky-linux/sig-cloud-instance-images/Rocky-8.5-x86_64/rocky-8.5-docker-x86_64.tar.xz | tar -Jx -C $(TARGET_CONTAINER_SYSROOT_DIR) sysroot-verfile: sysroot-base @@ -175,6 +183,13 @@ container-sysroot-ansible: container-sysroot-base $(TOOLSDIR)/ansible-HAL $(PROFILE_ID)-$(CONTAINER_BFDD_NAME) $(PROJECTDIR) $(TARGET_CONTAINER_BFDD_SYSROOT_DIR) /tmp/yum-RockyLinux-8.conf $(OS_RELEASE_VER) cp $(TARGET_CONTAINER_BFDD_SYSROOT_DIR)/tmp/hosts $(TARGET_CONTAINER_BFDD_SYSROOT_DIR)/etc/ -r + cp $(CONFDIR)/yum-RockyLinux-8.conf $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/tmp/ -r + cp $(CONFDIR)/resolv.conf $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/etc/ -r + cp $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/etc/hosts $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/tmp/ -r + cp /etc/hosts $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/etc/ -r + $(TOOLSDIR)/ansible-HAL $(PROFILE_ID)-$(CONTAINER_SHAPING_NAME) $(PROJECTDIR) $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR) /tmp/yum-RockyLinux-8.conf $(OS_RELEASE_VER) + cp $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/tmp/hosts $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/etc/ -r + container-sysroot-cleanup: cp $(TARGET_CONTAINER_FIREWALL_SYSROOT_DIR)/tmp/ks-script-* $(TARGET_CONTAINER_FIREWALL_SYSROOT_DIR) rm -rf $(TARGET_CONTAINER_FIREWALL_SYSROOT_DIR)/tmp/* @@ -211,6 +226,11 @@ container-sysroot-cleanup: rm -rf $(TARGET_CONTAINER_BFDD_SYSROOT_DIR)/dev/* mv $(TARGET_CONTAINER_BFDD_SYSROOT_DIR)/ks-script-* $(TARGET_CONTAINER_BFDD_SYSROOT_DIR)/tmp + cp $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/tmp/ks-script-* $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR) + rm -rf $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/tmp/* + rm -rf $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/dev/* + mv $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/ks-script-* $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR)/tmp + container-images-generate: container-sysroot-ansible container-sysroot-cleanup tar -Jcf $(TARGET_CONTAINER_IMAGE_DIR)/$(CONTAINER_FIREWALL_PKG) -C $(TARGET_CONTAINER_FIREWALL_SYSROOT_DIR) . echo -e "FROM scratch\nADD $(CONTAINER_FIREWALL_PKG) /\n\nCMD ["/bin/bash"]\n" > $(CONTAINER_DOCKERFILE) @@ -254,6 +274,12 @@ container-images-generate: container-sysroot-ansible container-sysroot-cleanup docker save tsg-$(CONTAINER_BFDD_NAME):$(OS_RELEASE_VER) > $(TARGET_CONTAINER_IMAGE_TAR_DIR)/$(CONTAINER_BFDD_TAR) docker rmi tsg-$(CONTAINER_BFDD_NAME):$(OS_RELEASE_VER) + tar -Jcf $(TARGET_CONTAINER_IMAGE_DIR)/$(CONTAINER_SHAPING_PKG) -C $(TARGET_CONTAINER_SHAPING_SYSROOT_DIR) . + echo -e "FROM scratch\nADD $(CONTAINER_SHAPING_PKG) /\n\nCMD ["/bin/bash"]\n" > $(CONTAINER_DOCKERFILE) + docker build -t tsg-$(CONTAINER_SHAPING_NAME):$(OS_RELEASE_VER) -f $(CONTAINER_DOCKERFILE) $(TARGET_CONTAINER_IMAGE_DIR) + docker save tsg-$(CONTAINER_SHAPING_NAME):$(OS_RELEASE_VER) > $(TARGET_CONTAINER_IMAGE_TAR_DIR)/$(CONTAINER_SHAPING_TAR) + docker rmi tsg-$(CONTAINER_SHAPING_NAME):$(OS_RELEASE_VER) + sysroot-cleanup: rm -rf $(TARGET_SYSROOT_DIR)/tmp/* rm -rf $(TARGET_SYSROOT_DIR)/dev/*