From d221af3d341fc2a56b00c1396f55f9f960a39631 Mon Sep 17 00:00:00 2001 From: fumingwei Date: Thu, 20 Apr 2023 17:32:46 +0800 Subject: [PATCH] =?UTF-8?q?feature:TSG-14740:helm=E6=96=B0=E5=A2=9Edebug?= =?UTF-8?q?=E9=85=8D=E7=BD=AE=E9=A1=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../files/helm/templates/_config.tpl | 273 ++++++++++++++++-- .../files/helm/templates/traffic-engine.yaml | 91 ++---- .../traffic-engine/files/helm/values.yaml | 30 ++ 3 files changed, 307 insertions(+), 87 deletions(-) diff --git a/ansible/roles/traffic-engine/files/helm/templates/_config.tpl b/ansible/roles/traffic-engine/files/helm/templates/_config.tpl index 9d86c313..4acb0bee 100644 --- a/ansible/roles/traffic-engine/files/helm/templates/_config.tpl +++ b/ansible/roles/traffic-engine/files/helm/templates/_config.tpl @@ -122,11 +122,6 @@ enable_breakpad_upload=0 cp /opt/tsg/config/tsg_device_tag.json /opt/tsg/etc/tsg_device_tag.json {{- end -}} -{{- define "traffic-engine.sce.prestart" -}} - if [ -f "/etc/traffic-engine/hotfix/sce/scripts/prestart.sh" ]; then chmod 0755 /etc/traffic-engine/hotfix/sce/scripts/prestart.sh; /etc/traffic-engine/hotfix/sce/scripts/prestart.sh;fi -{{- end -}} - - {{- define "traffic-engine.bfdd.prestart" -}} if [ -f "/etc/traffic-engine/hotfix/bfdd/scripts/prestart.sh" ]; then chmod 0755 /etc/traffic-engine/hotfix/bfdd/scripts/prestart.sh; /etc/traffic-engine/hotfix/bfdd/scripts/prestart.sh;fi {{- end -}} @@ -137,7 +132,7 @@ enable_breakpad_upload=0 cp /opt/tsg/config/main.conf /opt/tsg/sapp/tsgconf/main.conf cp /opt/tsg/config/maat.conf /opt/tsg/sapp/tsgconf/maat.conf cp /opt/tsg/config/sapp.toml /opt/tsg/sapp/etc/sapp.toml -{{ if eq .Values.proxy.enable .Values.define_enable_val_yes }} +{{- if eq .Values.proxy.enable .Values.define_enable_val_yes }} cp /opt/tsg/config/kni.conf /opt/tsg/sapp/etc/kni/kni.conf {{- end }} cp /opt/tsg/config/wangw.conf /opt/tsg/sapp/etc/wannat/wangw.conf @@ -151,24 +146,12 @@ enable_breakpad_upload=0 cp /opt/tsg/config/necessary_plug_list.conf /opt/tsg/sapp/etc/necessary_plug_list.conf {{- end -}} -{{- define "traffic-engine.firewall.prestart" -}} - if [ -f "/etc/traffic-engine/hotfix/firewall/scripts/prestart.sh" ]; then chmod 0755 /etc/traffic-engine/hotfix/firewall/scripts/prestart.sh; /etc/traffic-engine/hotfix/firewall/scripts/prestart.sh;fi -{{- end -}} - - {{- define "traffic-engine.proxy.copy-config-to-dest" -}} cp /opt/tsg/config/tfe.conf /opt/tsg/tfe/conf/tfe/tfe.conf cp /opt/tsg/config/pangu_pxy.conf /opt/tsg/tfe/conf/pangu/pangu_pxy.conf cp /opt/tsg/config/tsg_device_tag.json /opt/tsg/etc/tsg_device_tag.json {{- end -}} - -{{- define "traffic-engine.proxy.prestart" -}} - if [ -f "/etc/traffic-engine/hotfix/proxy/scripts/prestart.sh" ]; then chmod 0755 /etc/traffic-engine/hotfix/proxy/scripts/prestart.sh; /etc/traffic-engine/hotfix/proxy/scripts/prestart.sh;fi -{{- end -}} - - - {{- define "traffic-engine.certstore.copy-config-to-dest" -}} cp /opt/tsg/config/cert_store.ini /opt/tsg/certstore/conf/cert_store.ini cp /opt/tsg/config/tsg_device_tag.json /opt/tsg/etc/tsg_device_tag.json @@ -239,10 +222,6 @@ enable_breakpad_upload=0 cp /opt/tsg/config/tsg_device_tag.json /opt/tsg/etc/tsg_device_tag.json {{- end -}} -{{- define "traffic-engine.shaping.prestart" -}} - if [ -f "/etc/traffic-engine/hotfix/shaping/scripts/prestart.sh" ]; then chmod 0755 /etc/traffic-engine/hotfix/shaping/scripts/prestart.sh; /etc/traffic-engine/hotfix/shaping/scripts/prestart.sh;fi -{{- end -}} - {{- define "traffic-engine.shaping.get-service-node-port" -}} export APISERVER=https://kubernetes.default.svc export SERVICEACCOUNT=/var/run/secrets/kubernetes.io/serviceaccount @@ -262,3 +241,253 @@ enable_breakpad_upload=0 sed -Ei "s|CLUSTER_ANNOUNCE_PORT_LOCATION|${CLUSTER_ANNOUNCE_PORT?}|g" /opt/tsg/shaping_engine/conf/shaping.conf sed -Ei "s|HEALTH_CHECK_ANNOUNCE_PORT_LOCATION|${HEALTH_CHECK_ANNOUNCE_PORT?}|g" /opt/tsg/shaping_engine/conf/shaping.conf {{- end -}} + +{{- define "traffic-engine.volume.hostpath" -}} + - name: host-root + hostPath: + path: / +{{- end -}} + +{{- define "traffic-engine.firewall.mount.hostpath" -}} +{{- if eq .Values.debug.firewall.enable_mount_host_filesystem .Values.define_enable_val_yes }} + - name: host-root + mountPath: /host +{{- end }} +{{- end -}} + +{{- define "traffic-engine.firewall.start" -}} +{{- if eq .Values.debug.firewall.enable_interactive_startup .Values.define_enable_val_yes -}} + while true; do sleep 10;done +{{- else -}} + exec /opt/tsg/sapp/sapp +{{- end }} +{{- end -}} + +{{- define "traffic-engine.firewall.liveness-probe" -}} +{{- if eq .Values.debug.firewall.enable_liveness_probe .Values.define_enable_val_yes }} + livenessProbe: + tcpSocket: + port: 9273 + failureThreshold: 1 + timeoutSeconds: 10 + startupProbe: + tcpSocket: + port: 9273 + failureThreshold: 90 + periodSeconds: 10 +{{- end }} +{{- end -}} + +{{- define "traffic-engine.firewall.volume.prestart" -}} +{{- if eq .Values.debug.firewall.enable_prestart_script .Values.define_enable_val_yes }} + - name: firewall-prestart + hostPath: +{{- if .Values.debug.firewall.prestart_script }} + path: {{ .Values.debug.firewall.prestart_script }} +{{- else }} + path: /etc/tsg-os/{{ .Release.Name }}/firewall_prestart_script.sh +{{- end }} + type: FileOrCreate +{{- end }} +{{- end -}} + +{{- define "traffic-engine.firewall.mount.prestart" -}} +{{- if eq .Values.debug.firewall.enable_prestart_script .Values.define_enable_val_yes }} + - name: prestart-dir + mountPath: /tmp/prestart + - name: firewall-prestart + mountPath: /opt/tsg/scripts/prestart.sh +{{- end }} +{{- end -}} + +{{- define "traffic-engine.firewall.prestart" -}} +{{- if eq .Values.debug.firewall.enable_prestart_script .Values.define_enable_val_yes }} + chmod 0755 /opt/tsg/scripts/prestart.sh + /opt/tsg/scripts/prestart.sh +{{- end }} +{{- end -}} + + +{{- define "traffic-engine.proxy.liveness-probe" -}} +{{- if eq .Values.debug.proxy.enable_liveness_probe .Values.define_enable_val_yes }} + livenessProbe: + tcpSocket: + port: 9001 + failureThreshold: 1 + timeoutSeconds: 10 + startupProbe: + tcpSocket: + port: 9001 + failureThreshold: 30 + periodSeconds: 10 +{{- end }} +{{- end -}} + +{{- define "traffic-engine.proxy.start" -}} +{{- if eq .Values.debug.proxy.enable_interactive_startup .Values.define_enable_val_yes -}} + while true; do sleep 10;done +{{- else -}} + exec /opt/tsg/tfe/bin/tfe +{{- end }} +{{- end -}} + + +{{- define "traffic-engine.proxy.volume.prestart" -}} +{{- if eq .Values.debug.proxy.enable_prestart_script .Values.define_enable_val_yes }} + - name: proxy-prestart + hostPath: +{{- if .Values.debug.proxy.prestart_script }} + path: {{ .Values.debug.proxy.prestart_script }} +{{- else }} + path: /etc/tsg-os/{{ .Release.Name }}/proxy_prestart_script.sh +{{- end }} + type: FileOrCreate +{{- end }} +{{- end -}} + +{{- define "traffic-engine.proxy.mount.prestart" -}} +{{- if eq .Values.debug.proxy.enable_prestart_script .Values.define_enable_val_yes }} + - name: prestart-dir + mountPath: /tmp/prestart + - name: proxy-prestart + mountPath: /opt/tsg/scripts/prestart.sh +{{- end }} +{{- end -}} + +{{- define "traffic-engine.proxy.prestart" -}} +{{- if eq .Values.debug.proxy.enable_prestart_script .Values.define_enable_val_yes }} + chmod 0755 /opt/tsg/scripts/prestart.sh + /opt/tsg/scripts/prestart.sh +{{- end }} +{{- end -}} + +{{- define "traffic-engine.proxy.mount.hostpath" -}} +{{- if eq .Values.debug.proxy.enable_mount_host_filesystem .Values.define_enable_val_yes }} + - name: host-root + mountPath: /host +{{- end }} +{{- end -}} + + +{{- define "traffic-engine.service-chaining.liveness-probe" -}} +{{- if eq .Values.debug.service_chaining.enable_liveness_probe .Values.define_enable_val_yes }} + livenessProbe: + tcpSocket: + port: 9006 + failureThreshold: 1 + timeoutSeconds: 10 + startupProbe: + tcpSocket: + port: 9006 + failureThreshold: 30 + periodSeconds: 10 +{{- end }} +{{- end -}} + +{{- define "traffic-engine.service-chaining.start" -}} +{{- if eq .Values.debug.service_chaining.enable_interactive_startup .Values.define_enable_val_yes -}} + while true; do sleep 10;done +{{- else -}} + exec /opt/tsg/sce/bin/sce +{{- end }} +{{- end -}} + + +{{- define "traffic-engine.service-chaining.volume.prestart" -}} +{{- if eq .Values.debug.service_chaining.enable_prestart_script .Values.define_enable_val_yes }} + - name: service-chaining-prestart + hostPath: +{{- if .Values.debug.service_chaining.prestart_script }} + path: {{ .Values.debug.service_chaining.prestart_script }} +{{- else }} + path: /etc/tsg-os/{{ .Release.Name }}/service_chaining_prestart_script.sh +{{- end }} + type: FileOrCreate +{{- end }} +{{- end -}} + +{{- define "traffic-engine.service-chaining.mount.prestart" -}} +{{- if eq .Values.debug.service_chaining.enable_prestart_script .Values.define_enable_val_yes }} + - name: prestart-dir + mountPath: /tmp/prestart + - name: service-chaining-prestart + mountPath: /opt/tsg/scripts/prestart.sh +{{- end }} +{{- end -}} + +{{- define "traffic-engine.service-chaining.prestart" -}} +{{- if eq .Values.debug.service_chaining.enable_prestart_script .Values.define_enable_val_yes }} + chmod 0755 /opt/tsg/scripts/prestart.sh + /opt/tsg/scripts/prestart.sh +{{- end }} +{{- end -}} + +{{- define "traffic-engine.service-chaining.mount.hostpath" -}} +{{- if eq .Values.debug.service_chaining.enable_mount_host_filesystem .Values.define_enable_val_yes }} + - name: host-root + mountPath: /host +{{- end }} +{{- end -}} + + +{{- define "traffic-engine.shaping.liveness-probe" -}} +{{- if eq .Values.debug.shaping.enable_liveness_probe .Values.define_enable_val_yes }} + livenessProbe: + tcpSocket: + port: 9007 + failureThreshold: 1 + timeoutSeconds: 10 + startupProbe: + tcpSocket: + port: 9007 + failureThreshold: 30 + periodSeconds: 10 +{{- end }} +{{- end -}} + +{{- define "traffic-engine.shaping.start" -}} +{{- if eq .Values.debug.shaping.enable_interactive_startup .Values.define_enable_val_yes -}} + while true; do sleep 10;done +{{- else -}} + exec /opt/tsg/shaping_engine/bin/shaping_engine +{{- end }} +{{- end -}} + + +{{- define "traffic-engine.shaping.volume.prestart" -}} +{{- if eq .Values.debug.shaping.enable_prestart_script .Values.define_enable_val_yes }} + - name: shaping-prestart + hostPath: +{{- if .Values.debug.shaping.prestart_script }} + path: {{ .Values.debug.shaping.prestart_script }} +{{- else }} + path: /etc/tsg-os/{{ .Release.Name }}/shaping_prestart_script.sh +{{- end }} + type: FileOrCreate +{{- end }} +{{- end -}} + +{{- define "traffic-engine.shaping.mount.prestart" -}} +{{- if eq .Values.debug.shaping.enable_prestart_script .Values.define_enable_val_yes }} + - name: prestart-dir + mountPath: /tmp/prestart + - name: shaping-prestart + mountPath: /opt/tsg/scripts/prestart.sh +{{- end }} +{{- end -}} + +{{- define "traffic-engine.shaping.prestart" -}} +{{- if eq .Values.debug.shaping.enable_prestart_script .Values.define_enable_val_yes }} + chmod 0755 /opt/tsg/scripts/prestart.sh + /opt/tsg/scripts/prestart.sh +{{- end }} +{{- end -}} + +{{- define "traffic-engine.shaping.mount.hostpath" -}} +{{- if eq .Values.debug.shaping.enable_mount_host_filesystem .Values.define_enable_val_yes }} + - name: host-root + mountPath: /host +{{- end }} +{{- end -}} + + diff --git a/ansible/roles/traffic-engine/files/helm/templates/traffic-engine.yaml b/ansible/roles/traffic-engine/files/helm/templates/traffic-engine.yaml index 28dfd9e3..97a19869 100644 --- a/ansible/roles/traffic-engine/files/helm/templates/traffic-engine.yaml +++ b/ansible/roles/traffic-engine/files/helm/templates/traffic-engine.yaml @@ -42,7 +42,7 @@ spec: - | {{ template "traffic-engine.firewall.copy-config-to-dest" . }} {{ template "traffic-engine.firewall.prestart" . }} - exec /opt/tsg/sapp/sapp + {{ template "traffic-engine.firewall.start" . }} ports: - containerPort: 9273 env: @@ -60,16 +60,7 @@ spec: fieldPath: status.hostIP securityContext: privileged: true - livenessProbe: - tcpSocket: - port: 9273 - failureThreshold: 1 - timeoutSeconds: 10 - startupProbe: - tcpSocket: - port: 9273 - failureThreshold: 90 - periodSeconds: 10 + {{ template "traffic-engine.firewall.liveness-probe" . }} volumeMounts: - name: opt-tsg-mrzcpd mountPath: /opt/tsg/mrzcpd @@ -95,8 +86,8 @@ spec: - name: localtime-node mountPath: /etc/localtime readOnly: true - - name: hotfix-firewall - mountPath: /etc/traffic-engine/hotfix/firewall + {{ template "traffic-engine.firewall.mount.prestart" . }} + {{ template "traffic-engine.firewall.mount.hostpath" . }} {{- if and (eq .Values.proxy.enable .Values.define_enable_val_yes) (ge (len .Values.tfe_affinity) 1) }} - name: proxy @@ -109,7 +100,7 @@ spec: - | {{ template "traffic-engine.proxy.copy-config-to-dest" . }} {{ template "traffic-engine.proxy.prestart" . }} - exec /opt/tsg/tfe/bin/tfe + {{ template "traffic-engine.proxy.start" . }} ports: - containerPort: 9001 env: @@ -123,16 +114,7 @@ spec: fieldPath: status.hostIP securityContext: privileged: true - livenessProbe: - tcpSocket: - port: 9001 - failureThreshold: 1 - timeoutSeconds: 10 - startupProbe: - tcpSocket: - port: 9001 - failureThreshold: 30 - periodSeconds: 10 + {{ template "traffic-engine.proxy.liveness-probe" . }} volumeMounts: - name: tfe mountPath: "/opt/tsg/config" @@ -146,8 +128,8 @@ spec: - name: localtime-node mountPath: /etc/localtime readOnly: true - - name: hotfix-proxy - mountPath: /etc/traffic-engine/hotfix/proxy + {{ template "traffic-engine.proxy.mount.prestart" . }} + {{ template "traffic-engine.proxy.mount.hostpath" . }} {{- end }} - name: certstore @@ -225,7 +207,7 @@ spec: {{ template "traffic-engine.shaping.get-service-node-port" . }} {{ template "traffic-engine.shaping.set-shaping-config" . }} {{ template "traffic-engine.shaping.prestart" . }} - exec /opt/tsg/shaping_engine/bin/shaping_engine + {{ template "traffic-engine.shaping.start" . }} ports: - containerPort: 8551 - containerPort: 8552 @@ -245,16 +227,7 @@ spec: valueFrom: fieldRef: fieldPath: status.hostIP - livenessProbe: - tcpSocket: - port: 9007 - failureThreshold: 1 - timeoutSeconds: 10 - startupProbe: - tcpSocket: - port: 9007 - failureThreshold: 30 - periodSeconds: 10 + {{ template "traffic-engine.shaping.liveness-probe" . }} securityContext: privileged: true volumeMounts: @@ -282,8 +255,8 @@ spec: - name: localtime-node mountPath: /etc/localtime readOnly: true - - name: hotfix-shaping - mountPath: /etc/traffic-engine/hotfix/shaping + {{ template "traffic-engine.shaping.mount.prestart" . }} + {{ template "traffic-engine.shaping.mount.hostpath" . }} - name: telegraf-shaping image: "docker.io/library/tsg-telegraf:{{ .Chart.AppVersion }}" @@ -360,8 +333,8 @@ spec: - "-ec" - | {{ template "traffic-engine.sce.copy-config-to-dest" . }} - {{ template "traffic-engine.sce.prestart" . }} - exec /opt/tsg/sce/bin/sce + {{ template "traffic-engine.service-chaining.prestart" . }} + {{ template "traffic-engine.service-chaining.start" . }} ports: - containerPort: 9006 env: @@ -375,16 +348,7 @@ spec: fieldPath: status.hostIP securityContext: privileged: true - livenessProbe: - tcpSocket: - port: 9006 - failureThreshold: 1 - timeoutSeconds: 10 - startupProbe: - tcpSocket: - port: 9006 - failureThreshold: 30 - periodSeconds: 10 + {{ template "traffic-engine.service-chaining.liveness-probe" . }} volumeMounts: - name: opt-tsg-mrzcpd mountPath: /opt/tsg/mrzcpd @@ -410,10 +374,10 @@ spec: - name: localtime-node mountPath: /etc/localtime readOnly: true - - name: hotfix-sce - mountPath: /etc/traffic-engine/hotfix/sce - name: bfdd-unix-socket mountPath: /run/frr + {{ template "traffic-engine.service-chaining.mount.prestart" . }} + {{ template "traffic-engine.service-chaining.mount.hostpath" . }} - name: bfdd image: "docker.io/library/tsg-bfdd:{{ .Chart.AppVersion }}" @@ -568,23 +532,20 @@ spec: - name: localtime-node hostPath: path: /etc/localtime - - name: hotfix-firewall - hostPath: - path: /etc/traffic-engine/hotfix/firewall - - name: hotfix-proxy - hostPath: - path: /etc/traffic-engine/hotfix/proxy - name: hotfix-certstore hostPath: path: /etc/traffic-engine/hotfix/certstore - - name: hotfix-sce - hostPath: - path: /etc/traffic-engine/hotfix/sce - name: hotfix-bfdd hostPath: path: /etc/traffic-engine/hotfix/bfdd - - name: hotfix-shaping - hostPath: - path: /etc/traffic-engine/hotfix/shaping - name: bfdd-unix-socket emptyDir: {} + - name: prestart-dir + hostPath: + path: /etc/tsg-os/{{ .Release.Name }}/ + type: DirectoryOrCreate + {{ template "traffic-engine.firewall.volume.prestart" . }} + {{ template "traffic-engine.proxy.volume.prestart" . }} + {{ template "traffic-engine.service-chaining.volume.prestart" . }} + {{ template "traffic-engine.shaping.volume.prestart" . }} + {{ template "traffic-engine.volume.hostpath" . }} diff --git a/ansible/roles/traffic-engine/files/helm/values.yaml b/ansible/roles/traffic-engine/files/helm/values.yaml index 64207577..31db0728 100644 --- a/ansible/roles/traffic-engine/files/helm/values.yaml +++ b/ansible/roles/traffic-engine/files/helm/values.yaml @@ -184,3 +184,33 @@ shaping_config: shaping_nic: nf_1_shaping_engine app_symbol_index: 1 + +debug: + firewall: + enable_liveness_probe: yes + enable_interactive_startup: no + enable_prestart_script: no + enable_mount_host_filesystem: no + #default: /etc/tsg-os/${service_function_name}/firewall_prestart_script.sh + prestart_script: "" + proxy: + enable_liveness_probe: yes + enable_interactive_startup: no + enable_prestart_script: no + enable_mount_host_filesystem: no + #default: /etc/tsg-os/${service_function_name}/proxy_prestart_script.sh + prestart_script: "" + service_chaining: + enable_liveness_probe: yes + enable_interactive_startup: no + enable_prestart_script: no + enable_mount_host_filesystem: no + #default: /etc/tsg-os/${service_function_name}/service_chaining_prestart_script.sh + prestart_script: "" + shaping: + enable_liveness_probe: yes + enable_interactive_startup: no + enable_prestart_script: no + enable_mount_host_filesystem: no + #default: /etc/tsg-os/${service_function_name}/shaping_prestart_script.sh + prestart_script: "" \ No newline at end of file