diff --git a/ansible/roles/certstore/tasks/main.yml b/ansible/roles/certstore/tasks/main.yml index d87fac34..fadf57da 100644 --- a/ansible/roles/certstore/tasks/main.yml +++ b/ansible/roles/certstore/tasks/main.yml @@ -56,6 +56,15 @@ - { src: "cert-redis.conf" , dest: "/etc" , mode: "0644" } - { src: "cert-redis.service" , dest: "/usr/lib/systemd/system" , mode: "0644" } +- name: "replace action: replace service WantedBy from multi-user.target to workload.target" + replace: + path: "{{ item }}" + regexp: 'WantedBy=multi-user.target' + replace: 'WantedBy=workload.target' + with_items: + - /usr/lib/systemd/system/cert-redis.service + - /usr/lib/systemd/system/certstore.service + ##################### certstore ##################### - name: "start certstore" systemd: diff --git a/ansible/roles/exporter/tasks/main.yml b/ansible/roles/exporter/tasks/main.yml index 20135887..5eb1a124 100644 --- a/ansible/roles/exporter/tasks/main.yml +++ b/ansible/roles/exporter/tasks/main.yml @@ -98,6 +98,24 @@ mode: 0644 when: PROFILE_ID != '9000-NPB-P01R01' +- name: "replace action: replace service WantedBy from multi-user.target to workload.target" + replace: + path: "{{ item }}" + regexp: 'WantedBy=multi-user.target' + replace: 'WantedBy=workload.target' + with_items: + - /usr/lib/systemd/system/exporter-node.service + - /usr/lib/systemd/system/exporter-systemd.service + +- name: "replace action: replace service WantedBy from multi-user.target to workload.target" + replace: + path: "{{ item }}" + regexp: 'WantedBy=multi-user.target' + replace: 'WantedBy=workload.target' + with_items: + - /usr/lib/systemd/system/exporter-ipmi.service + when: PROFILE_ID == '7400-MCN0-P01R01' or PROFILE_ID == '7400-MCN123-P01R01' + ##################### exporter ##################### - name: 'exporter-node service start' systemd: diff --git a/ansible/roles/maat-redis/tasks/main.yml b/ansible/roles/maat-redis/tasks/main.yml index 0231cd3d..1430a2a4 100644 --- a/ansible/roles/maat-redis/tasks/main.yml +++ b/ansible/roles/maat-redis/tasks/main.yml @@ -43,3 +43,12 @@ src: "{{ role_path }}/templates/maat-redis.conf.j2.j2" dest: /opt/tsg/tsg-os-provision/templates/maat-redis.conf.j2 tags: template + +- name: "replace action: replace service WantedBy from multi-user.target to workload.target" + replace: + path: "{{ item }}" + regexp: 'WantedBy=multi-user.target' + replace: 'WantedBy=workload.target' + with_items: + - /usr/lib/systemd/system/maat-redis.service + - /usr/lib/systemd/system/maat-redis-exporter.service \ No newline at end of file diff --git a/ansible/roles/mrzcpd/tasks/main.yml b/ansible/roles/mrzcpd/tasks/main.yml index a61abe50..0d221773 100644 --- a/ansible/roles/mrzcpd/tasks/main.yml +++ b/ansible/roles/mrzcpd/tasks/main.yml @@ -69,6 +69,18 @@ when: - PROFILE_ID == '7400-MCN123-P01R01' +- name: "replace action: replace service WantedBy from multi-user.target to workload.target" + replace: + path: "{{ item }}" + regexp: 'WantedBy=multi-user.target' + replace: 'WantedBy=workload.target' + with_items: + - /usr/lib/systemd/system/mrapm_device.service + - /usr/lib/systemd/system/mrapm_stream.service + - /usr/lib/systemd/system/mrenv.service + - /usr/lib/systemd/system/mrtunnat.service + - /usr/lib/systemd/system/mrzcpd.service + ##################### mrzcpd ##################### - name: "enable mrenv" systemd: diff --git a/ansible/roles/sapp/tasks/main.yml b/ansible/roles/sapp/tasks/main.yml index c9a3df67..3a6adcde 100644 --- a/ansible/roles/sapp/tasks/main.yml +++ b/ansible/roles/sapp/tasks/main.yml @@ -171,6 +171,14 @@ when: - PROFILE_ID == '7400-MCN0-P01R01' +- name: "replace action: replace service WantedBy from multi-user.target to workload.target" + replace: + path: "{{ item }}" + regexp: 'WantedBy=multi-user.target' + replace: 'WantedBy=workload.target' + with_items: + - /usr/lib/systemd/system/sapp.service + ##################### sapp ##################### - name: "enable sapp" systemd: diff --git a/ansible/roles/telegraf_statistic/tasks/main.yml b/ansible/roles/telegraf_statistic/tasks/main.yml index 74791aa1..6342ff76 100644 --- a/ansible/roles/telegraf_statistic/tasks/main.yml +++ b/ansible/roles/telegraf_statistic/tasks/main.yml @@ -35,6 +35,14 @@ dest: /usr/lib/systemd/system/telegraf_statistic.service.d/service_override_slice.conf mode: 0644 +- name: "replace action: replace service WantedBy from multi-user.target to workload.target" + replace: + path: "{{ item }}" + regexp: 'WantedBy=multi-user.target' + replace: 'WantedBy=workload.target' + with_items: + - /usr/lib/systemd/system/telegraf_statistic.service + ##################### telegraf ##################### - name: "disable telegraf" diff --git a/ansible/roles/tfe/tasks/main.yml b/ansible/roles/tfe/tasks/main.yml index 93cebd8d..400e6321 100644 --- a/ansible/roles/tfe/tasks/main.yml +++ b/ansible/roles/tfe/tasks/main.yml @@ -74,6 +74,15 @@ dest: /usr/lib/systemd/system/tfe.service.d/service_override_slice.conf mode: 0644 +- name: "replace action: replace service WantedBy from multi-user.target to workload.target" + replace: + path: "{{ item }}" + regexp: 'WantedBy=multi-user.target' + replace: 'WantedBy=workload.target' + with_items: + - /usr/lib/systemd/system/tfe-env.service + - /usr/lib/systemd/system/tfe.service + ##################### tfe ##################### - name: "enable tfe-env" systemd: diff --git a/ansible/roles/tsg-diagnose/tasks/main.yml b/ansible/roles/tsg-diagnose/tasks/main.yml index d84dc39c..be062558 100644 --- a/ansible/roles/tsg-diagnose/tasks/main.yml +++ b/ansible/roles/tsg-diagnose/tasks/main.yml @@ -51,4 +51,12 @@ copy: src: "{{ role_path }}/files/service_override_prestart.conf" dest: /usr/lib/systemd/system/tsg-diagnose.service.d/ - mode: 0644 \ No newline at end of file + mode: 0644 + +- name: "replace action: replace service WantedBy from multi-user.target to workload.target" + replace: + path: "{{ item }}" + regexp: 'WantedBy=multi-user.target' + replace: 'WantedBy=workload.target' + with_items: + - /usr/lib/systemd/system/tsg-diagnose.service \ No newline at end of file diff --git a/ansible/roles/tsg-exporter-proxy-9140/tasks/main.yml b/ansible/roles/tsg-exporter-proxy-9140/tasks/main.yml index 477cc266..47d63533 100644 --- a/ansible/roles/tsg-exporter-proxy-9140/tasks/main.yml +++ b/ansible/roles/tsg-exporter-proxy-9140/tasks/main.yml @@ -36,6 +36,15 @@ dest: /usr/lib/systemd/system/exporter-proxy.service.d/service_override_slice.conf mode: 0644 +- name: "replace action: replace service WantedBy from multi-user.target to workload.target" + replace: + path: "{{ item }}" + regexp: 'WantedBy=multi-user.target' + replace: 'WantedBy=workload.target' + with_items: + - /usr/lib/systemd/system/exporter-proxy.service + when: PROFILE_ID == '9000-NPB-P01R01' + - name: 'exporter-proxy service start' systemd: name: exporter-proxy diff --git a/ansible/roles/tsg-os-provision/files/script/guard.sh b/ansible/roles/tsg-os-provision/files/script/guard.sh new file mode 100644 index 00000000..8c94959e --- /dev/null +++ b/ansible/roles/tsg-os-provision/files/script/guard.sh @@ -0,0 +1,12 @@ +#!/bin/bash -x + +config_path=/data/tsg-os-provision/provision.yml + +if [ ! -f "$config_path" ];then + echo "$config_path is not exists" + exit 1 +else + echo "$config_path is exists" + exit 0 +fi +#exit 1 diff --git a/ansible/roles/tsg-os-provision/files/service/tsg-os-provision-guard.service.TSG9140 b/ansible/roles/tsg-os-provision/files/service/tsg-os-provision-guard.service.TSG9140 new file mode 100644 index 00000000..fc5b957b --- /dev/null +++ b/ansible/roles/tsg-os-provision/files/service/tsg-os-provision-guard.service.TSG9140 @@ -0,0 +1,10 @@ +[Unit] +Description=Tsg os provision guard + +[Service] +ExecStart=/bin/sh -c "/opt/tsg/tsg-os-provision/exec/guard.sh" +Type=oneshot +RemainAfterExit=yes + +[Install] +RequiredBy=workload-pre.target diff --git a/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service b/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSG7400 similarity index 100% rename from ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service rename to ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSG7400 diff --git a/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSG9140 b/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSG9140 new file mode 100644 index 00000000..d9accc47 --- /dev/null +++ b/ansible/roles/tsg-os-provision/files/service/tsg-os-provision.service.TSG9140 @@ -0,0 +1,13 @@ +[Unit] +Description=Tsg os provision +DefaultDependencies=no +Conflicts=shutdown.target +After=local-fs.target +Before=sysinit.target shutdown.target systemd-update-done.service +ConditionNeedsUpdate=|/etc +ConditionFileNotEmpty=|/usr + +[Service] +ExecStart=/bin/sh -c "/opt/tsg/tsg-os-provision/provision.sh" +Type=oneshot +RemainAfterExit=yes diff --git a/ansible/roles/tsg-os-provision/tasks/main.yml b/ansible/roles/tsg-os-provision/tasks/main.yml index ae77f3be..3c0a3afb 100644 --- a/ansible/roles/tsg-os-provision/tasks/main.yml +++ b/ansible/roles/tsg-os-provision/tasks/main.yml @@ -1,3 +1,6 @@ +- name: "set system default.target" + shell: ln -vfs /usr/lib/systemd/system/workload.target /etc/systemd/system/default.target + - name: "tsg-os-provision: build tsg-os-provision directory and sub directory" file: path: "{{ item }}" @@ -73,12 +76,6 @@ when: PROFILE_ID == '7400-MCN123-P01R01' -- name: "tsg-os-provision: copy tsg-os-provision.service file to dest" - copy: - src: "{{ role_path }}/files/service/tsg-os-provision.service" - dest: /usr/lib/systemd/system/tsg-os-provision.service - mode: 0644 - - name: "tsg-os-provision: copy provision.sh file to dest" copy: src: "{{ role_path }}/files/script/{{ item }}" @@ -88,12 +85,70 @@ - provision.sh - convertor.sh -- name: "tsg-os-provision: enable tsg-os-provison" +- name: "install tsg-os-provision.service -- TSG7400" + copy: + src: "{{ role_path }}/files/service/{{ item.src }}" + dest: /usr/lib/systemd/system/{{ item.dest }} + mode: 0644 + with_items: + - { "src": tsg-os-provision.service.TSG7400, "dest": tsg-os-provision.service } + when: PROFILE_ID == '7400-MCN0-P01R01' or PROFILE_ID == '7400-MCN123-P01R01' + +- name: "replace action: replace service WantedBy from multi-user.target to workload-pre.target --TSG7400" + replace: + path: "{{ item }}" + regexp: 'WantedBy=multi-user.target' + replace: 'RequiredBy=workload-pre.target' + with_items: + - /usr/lib/systemd/system/tsg-os-provision.service + when: PROFILE_ID == '7400-MCN0-P01R01' or PROFILE_ID == '7400-MCN123-P01R01' + +- name: "tsg-os-provision: enable tsg-os-provison -- TSG7400" systemd: name: "{{ item }}" enabled: yes with_items: - tsg-os-provision + when: PROFILE_ID == '7400-MCN0-P01R01' or PROFILE_ID == '7400-MCN123-P01R01' + +- name: "install tsg-os-provision.service -- TSG9140" + copy: + src: "{{ role_path }}/files/service/{{ item.src }}" + dest: /usr/lib/systemd/system/{{ item.dest }} + mode: 0644 + with_items: + - { "src": tsg-os-provision.service.TSG9140, "dest": tsg-os-provision.service } + when: PROFILE_ID == '9000-NPB-P01R01' + +- name: "replace action: add service into sysinit.target --TSG9140" + shell: ln -vfs --relative /usr/lib/systemd/system/{{item}} /usr/lib/systemd/system/sysinit.target.wants/{{item}} + with_items: + - tsg-os-provision.service + when: PROFILE_ID == '9000-NPB-P01R01' + +##### tsg-os-provison-guard.service enable start################### +- name: "tsg-os-provision: tsg-os-provision-guard.service to dest" + copy: + src: "{{ role_path }}/files/service/tsg-os-provision-guard.service.TSG9140" + dest: /usr/lib/systemd/system/tsg-os-provision-guard.service + mode: 0644 + when: PROFILE_ID == '9000-NPB-P01R01' + +- name: "tsg-os-provision: tsg-os-provision-guard.sh to dest" + copy: + src: "{{ role_path }}/files/script/guard.sh" + dest: /opt/tsg/tsg-os-provision/exec/ + mode: 0755 + when: PROFILE_ID == '9000-NPB-P01R01' + +- name: "tsg-os-provision: enable tsg-os-provision-guard.service" + systemd: + name: "{{ item }}" + enabled: yes + with_items: + - tsg-os-provision-guard.service + when: PROFILE_ID == '9000-NPB-P01R01' +##### tsg-os-provison-guard.service enable end################### - name: "tsg-os-provision: install yaml module using pip3" pip: diff --git a/rootconf/sysroot-usr/target/workload-pre.target b/rootconf/sysroot-usr/target/workload-pre.target new file mode 100644 index 00000000..3ba2198b --- /dev/null +++ b/rootconf/sysroot-usr/target/workload-pre.target @@ -0,0 +1,6 @@ +[Unit] +Description=TSG workload +Requires=basic.target multi-user.target +Conflicts=rescue.service rescue.target +After=basic.target rescue.service rescue.target multi-user.target +AllowIsolate=yes diff --git a/rootconf/sysroot-usr/target/workload.target b/rootconf/sysroot-usr/target/workload.target new file mode 100644 index 00000000..3f0a005b --- /dev/null +++ b/rootconf/sysroot-usr/target/workload.target @@ -0,0 +1,6 @@ +[Unit] +Description=TSG workload +Requires=basic.target multi-user.target workload-pre.target +Conflicts=rescue.service rescue.target +After=basic.target rescue.service rescue.target multi-user.target workload-pre.target +AllowIsolate=yes diff --git a/tools/mk-base-image b/tools/mk-base-image index 8475b027..eed59f8a 100755 --- a/tools/mk-base-image +++ b/tools/mk-base-image @@ -84,6 +84,10 @@ echo "session required pam_tty_audit.so enable=*" >> $target/etc/pam.d ln -vfs --relative $target/etc/pam.d/system-auth-local $target/etc/pam.d/system-auth ln -vfs --relative $target/etc/pam.d/password-auth-local $target/etc/pam.d/password-auth +cp -rf $projectdir/rootconf/sysroot-usr/target/* $target/usr/lib/systemd/system +mkdir -p $target/usr/lib/systemd/system/workload.target.wants +mkdir -p $target/usr/lib/systemd/system/workload-pre.target.wants + # ansible-playbook -i tsg-9140-scripts/install_config/tsg_9140_host tsg-9140-scripts/tsg_9140_deploy.yml yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt clean all