From 378df7b9d553820e906685a1c436186a320504c7 Mon Sep 17 00:00:00 2001 From: fumingwei Date: Thu, 4 Mar 2021 11:11:33 +0800 Subject: [PATCH] =?UTF-8?q?1=E3=80=81=E5=A2=9E=E5=8A=A0=E9=83=A8=E5=88=86?= =?UTF-8?q?=E5=8F=98=E9=87=8F=E6=B3=A8=E9=87=8A=202=E3=80=81=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0sapp=EF=BC=8Cmrzcpd=E9=83=A8=E7=BD=B2=E5=AE=8C?= =?UTF-8?q?=E4=BB=A5=E5=90=8E=E8=87=AA=E5=90=AF=E5=8A=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Readme.txt | 2 +- install_config/group_vars/platform.yml | 33 +++++++++++++------ roles/firewall/tasks/main.yml | 7 +++- roles/mrzcpd/tasks/main.yml | 6 ++++ .../mrglobal.conf.server_inline.j2 | 10 +----- roles/sapp/templates/sapp.toml.j2 | 2 +- tasks/unistall/uninstall_firewall.yml | 14 +++++--- tasks/unistall/uninstall_framework.yml | 10 +++--- tasks/unistall/uninstall_mrzcpd.yml | 5 ++- tasks/unistall/uninstall_sapp.yml | 5 ++- 10 files changed, 56 insertions(+), 38 deletions(-) diff --git a/Readme.txt b/Readme.txt index d4a35c3..b517596 100644 --- a/Readme.txt +++ b/Readme.txt @@ -1,5 +1,5 @@ 1、部署执行命令: - ansible-playbook -i install_config/hosts paltform_deploy.yml + ansible-playbook -i install_config/hosts platform_deploy.yml 2、卸载paltform 部署命令所安装的rpm包: ansible-playbook -i install_config/hosts tasks/uninstall/uninstall_platform.yml 3、查询安装rpm情况命令: diff --git a/install_config/group_vars/platform.yml b/install_config/group_vars/platform.yml index b312d31..8a0bd4e 100644 --- a/install_config/group_vars/platform.yml +++ b/install_config/group_vars/platform.yml @@ -34,7 +34,7 @@ sapp: inbound_route_dir: 1 ######################################### -#Sapp Double-Arm Config +#config for sapp nic that data comming packet_io: internal_interface: - eth2 @@ -42,8 +42,17 @@ packet_io: - eth3 +####for example: more than one nics that need to config +#packet_io: +# internal_interface: +# - internal_nic1 +# - internal_nic2 +# external_interface: +# - external_nic1 +# - external_nic2 + ######################################### -#Marsio Config +#config for mrzcpd cpu cores to bind mrzcpd: iocore: 39 @@ -51,23 +60,27 @@ mrtunnat: lcore_id: 38 ######################################### -#Inline Device Config list +#config for mrzcpd nic that data comming. inline_device_config_list: - keepalive_ip: 192.168.1.30 keepalive_mask: 255.255.255.252 data_incoming: eth5 -####for example: +####for example: more than one nics that need to config #inline_device_config_list: -# - keepalive_ip: 192.168.1.30 -# keepalive_mask: 255.255.255.252 -# data_incoming: eth5 -# - keepalive_ip: 192.168.1.30 -# keepalive_mask: 255.255.255.252 -# data_incoming: eth6 +# - keepalive_ip: ###填写ip地址,不能为空,如果没有需求,应填写默认地址为127.0.0.1###### +# keepalive_mask: ###填写ip掩码,不能为空,如果没有需求,应填写默认地址为127.0.0.1###### +# data_incoming: instance_nic1 +# - keepalive_ip: ###填写地址,不能为空,如果没有需求,应填写默认地址为127.0.0.1###### +# keepalive_mask: ###填写ip掩码,不能为空,如果没有需求,应填写默认地址为127.0.0.1###### +# data_incoming: instance_nic2 ######################################### sapp_prometheus_enable: 1 sapp_prometheus_port: 9273 sapp_prometheus_url_path: "/metrics" + +#########below variables are not to be modified +##程序breakpad_upload_url崩溃上传core 文件url +breakpad_upload_url: "http://127.0.0.1/test" \ No newline at end of file diff --git a/roles/firewall/tasks/main.yml b/roles/firewall/tasks/main.yml index 054a1c2..62542ce 100644 --- a/roles/firewall/tasks/main.yml +++ b/roles/firewall/tasks/main.yml @@ -18,4 +18,9 @@ - /tmp/ansible_deploy/quic-1.1.17.8c22b4d-2.el7.x86_64.rpm - /tmp/ansible_deploy/ssl-1.0.12.16b8fb5-2.el7.x86_64.rpm - +- name: "start sapp" + systemd: + name: sapp + enabled: yes + daemon_reload: yes + state: started \ No newline at end of file diff --git a/roles/mrzcpd/tasks/main.yml b/roles/mrzcpd/tasks/main.yml index 5c1d146..e46ea4b 100644 --- a/roles/mrzcpd/tasks/main.yml +++ b/roles/mrzcpd/tasks/main.yml @@ -35,6 +35,7 @@ name: mrenv enabled: yes daemon_reload: yes + state: started when: - capture_packet_type == 1 @@ -43,6 +44,7 @@ name: mrzcpd enabled: yes daemon_reload: yes + state: started when: - capture_packet_type == 1 @@ -51,12 +53,14 @@ name: mrapm_device enabled: yes daemon_reload: yes + state: started - name: "enable prometheus output - monit_stream" systemd: name: mrapm_stream enabled: yes daemon_reload: yes + state: started - name: "mask mrzcpd on capture_packet_type is pcap" systemd: @@ -64,6 +68,7 @@ enabled: no masked: yes daemon_reload: yes + state: started when: - capture_packet_type == 0 @@ -73,5 +78,6 @@ enabled: no masked: yes daemon_reload: yes + state: started when: - capture_packet_type == 0 diff --git a/roles/mrzcpd/templates/server_inline/mrglobal.conf.server_inline.j2 b/roles/mrzcpd/templates/server_inline/mrglobal.conf.server_inline.j2 index 93d00a9..369ccf0 100644 --- a/roles/mrzcpd/templates/server_inline/mrglobal.conf.server_inline.j2 +++ b/roles/mrzcpd/templates/server_inline/mrglobal.conf.server_inline.j2 @@ -9,7 +9,7 @@ sz_buffer=0 {% for device_config in inline_device_config_list %} [device:{{device_config.data_incoming}}] -{% if traffic_attr_type == 0 %} +{% if traffic_attr_type == 1 %} in_addr={{device_config.keepalive_ip}} in_mask={{device_config.keepalive_mask}} {% endif %} @@ -18,12 +18,6 @@ max_rx_pkt_len=15360 clear_tx_flags=1 {% endfor %} -#[device:] -#jumbo_frame=1 -#max_rx_pkt_len=15360 -#clear_tx_flags=1 -#promisc=1 - [service] # lcore id for i/o service, use comma to split iocore={{ mrzcpd.iocore }} @@ -47,5 +41,3 @@ sz_indirect_pktmbuf=8192 sz_cache=256 sz_data=4096 -[forward] - diff --git a/roles/sapp/templates/sapp.toml.j2 b/roles/sapp/templates/sapp.toml.j2 index bf66320..33c9b8c 100644 --- a/roles/sapp/templates/sapp.toml.j2 +++ b/roles/sapp/templates/sapp.toml.j2 @@ -84,7 +84,7 @@ dictator_enable=0 name={{packet_io.internal_interface | join(",")}} {% else %} type=marsio - name={{nic_data_incoming.name}} + name={{packet_io.internal_interface | join(",")}} {% endif %} [packet_io.external.interface] diff --git a/tasks/unistall/uninstall_firewall.yml b/tasks/unistall/uninstall_firewall.yml index 7f43e70..88c64a8 100644 --- a/tasks/unistall/uninstall_firewall.yml +++ b/tasks/unistall/uninstall_firewall.yml @@ -1,14 +1,20 @@ - hosts: platform remote_user: root tasks: - - name: "uninstall firewall: absent firewall rpm packages" - yum: + - name: "uninstall firewall: stop sapp.service" + systemd: name: "{{ item }}" - state: absent + state: stopped + with_items: + - sapp.service + + - name: "uninstall firewall: absent firewall rpm packages" + shell: rpm -e --nodeps {{item}} with_items: - dns - ftp - http - mail - quic - - ssl \ No newline at end of file + - ssl + ignore_errors: yes \ No newline at end of file diff --git a/tasks/unistall/uninstall_framework.yml b/tasks/unistall/uninstall_framework.yml index e2fc4fd..8a4a92d 100644 --- a/tasks/unistall/uninstall_framework.yml +++ b/tasks/unistall/uninstall_framework.yml @@ -1,11 +1,8 @@ -- hosts: paltform +- hosts: platform remote_user: root tasks: - name: "uninstall framework: absent framework rpm packages" - yum: - name: "{{ item }}" - state: absent - #skip_broken: yes + shell: rpm -e --nodeps {{item}} with_items: - libcjson - libdocumentanalyze @@ -21,4 +18,5 @@ - libwiredcfg - libWiredLB - lz4 - - libbreakpad_mini \ No newline at end of file + - libbreakpad_mini + ignore_errors: yes \ No newline at end of file diff --git a/tasks/unistall/uninstall_mrzcpd.yml b/tasks/unistall/uninstall_mrzcpd.yml index adfc137..562b3c9 100644 --- a/tasks/unistall/uninstall_mrzcpd.yml +++ b/tasks/unistall/uninstall_mrzcpd.yml @@ -9,6 +9,5 @@ - mrzcpd.service - name: "uninstall mrzcpd:absent mrzcpd rpm package" - yum: - name: mrzcpd - state: absent \ No newline at end of file + shell: rpm -e --nodeps mrzcpd + ignore_errors: yes \ No newline at end of file diff --git a/tasks/unistall/uninstall_sapp.yml b/tasks/unistall/uninstall_sapp.yml index 08e9a0e..39e4c63 100644 --- a/tasks/unistall/uninstall_sapp.yml +++ b/tasks/unistall/uninstall_sapp.yml @@ -9,6 +9,5 @@ - sapp.service - name: "uninstall sapp:absent sapp rpm package" - yum: - name: sapp - state: absent \ No newline at end of file + shell: rpm -e --nodeps sapp + ignore_errors: yes \ No newline at end of file