diff options
author | pmikus <peter.mikus@protonmail.ch> | 2023-04-28 11:27:25 +0000 |
---|---|---|
committer | pmikus <peter.mikus@protonmail.ch> | 2023-04-28 11:27:25 +0000 |
commit | d14b7a69e628582b9132abc1b6e09aada68c0077 (patch) | |
tree | 4ac651bd5240093f82580656bf5a95639c976fa3 /fdio.infra.ansible/roles/docker_images/files | |
parent | f451c7a50bc663a6727f01873b8663bfa9ae22e1 (diff) |
feat(ansible): Refactor docker-image roles
Signed-off-by: pmikus <peter.mikus@protonmail.ch>
Change-Id: I6731e55b9643f46463c16f68e4986e3cb61f843f
Diffstat (limited to 'fdio.infra.ansible/roles/docker_images/files')
6 files changed, 248 insertions, 0 deletions
diff --git a/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile b/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile new file mode 100644 index 0000000000..0a17bf6404 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile @@ -0,0 +1,152 @@ +FROM ubuntu:22.04 + +# Setup the environment +ENV DEBIAN_FRONTEND=noninteractive + +# Configure locales +RUN apt-get update -qq \ + && apt-get install -y \ + apt-utils \ + locales \ + && sed -i 's/# \(en_US\.UTF-8 .*\)/\1/' /etc/locale.gen \ + && locale-gen en_US.UTF-8 \ + && dpkg-reconfigure --frontend=noninteractive locales \ + && update-locale LANG=en_US.UTF-8 \ + && TZ=Etc/UTC && ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone \ + && rm -r /var/lib/apt/lists/* +ENV LANG="en_US.UTF-8" LANGUAGE="en_US" LC_ALL="en_US.UTF-8" + +# Install packages and Docker +RUN apt-get -q update \ + && apt-get install -y -qq \ + apt-transport-https \ + bridge-utils \ + ca-certificates \ + cgroup-tools \ + cloud-init \ + cmake \ + curl \ + dkms \ + gdb \ + gfortran \ + libapr1 \ + libblas-dev \ + libffi-dev \ + liblapack-dev \ + libmbedcrypto7 \ + libmbedtls14 \ + libmbedx509-1 \ + libnuma1 \ + libnuma-dev \ + libpcap-dev \ + libpixman-1-dev \ + libssl-dev \ + net-tools \ + openssh-server \ + pciutils \ + python3-all \ + python3-apt \ + python3-cffi \ + python3-cffi-backend \ + python3-dev \ + python3-pip \ + python3-setuptools \ + python3-virtualenv \ + qemu-system \ + rsyslog \ + socat \ + software-properties-common \ + strongswan \ + ssh \ + sshpass \ + sudo \ + supervisor \ + tar \ + tcpdump \ + unzip \ + vim \ + wget \ + zlib1g-dev \ + && curl -fsSL https://get.docker.com | sh \ + && rm -rf /var/lib/apt/lists/* + +# Fix permissions +RUN chown root:syslog /var/log \ + && chmod 755 /etc/default + +# Create directory structure +RUN mkdir -p /tmp/dumps \ + && mkdir -p /var/cache/vpp/python \ + && mkdir -p /var/run/sshd \ + && mkdir -p /var/log/vpp + +# CSIT PIP pre-cache +RUN pip3 install \ + ecdsa==0.18.0 \ + paramiko==2.9.3 \ + pycrypto==2.6.1 \ + PyYAML==5.4.1 \ + requests==2.25.1 \ + robotframework==5.0.1 \ + scapy==2.4.5 \ + scp==0.14.4 \ + ansible==5.10.0 \ + ansible-core==2.12.7 \ + dill==0.3.5.1 \ + numpy==1.22.4 \ + scipy==1.8.1 \ + boto3==1.17.78 \ + botocore==1.20.78 \ + hdrhistogram==0.6.1 \ + pandas==1.4.2 \ + plotly==4.1.1 \ + PTable==0.9.2 \ + Sphinx==3.5.4 \ + sphinx-rtd-theme==0.5.2 \ + sphinxcontrib-applehelp==1.0.2 \ + sphinxcontrib-devhelp==1.0.2 \ + sphinxcontrib-htmlhelp==2.0.0 \ + sphinxcontrib-jsmath==1.0.1 \ + sphinxcontrib-programoutput==0.17 \ + sphinxcontrib-qthelp==1.0.3 \ + sphinxcontrib-robotdoc==0.11.0 \ + sphinxcontrib-serializinghtml==1.1.5 \ + ply==3.11 \ + jsonschema==4.1.0 \ + rfc3339-validator==0.1.4 \ + rfc3987==1.3.8 \ + alabaster==0.7.12 \ + attrs==21.4.0 \ + Babel==2.10.3 \ + bcrypt==3.2.2 \ + certifi==2022.6.15 \ + cffi==1.15.1 \ + chardet==4.0.0 \ + cryptography==36.0.2 \ + docutils==0.16 \ + future==0.18.2 \ + idna==2.10 \ + imagesize==1.4.1 \ + Jinja2==3.0.3 \ + jmespath==0.10.0 \ + MarkupSafe==2.1.1 \ + packaging==21.3 \ + pbr==5.9.0 \ + pycparser==2.21 \ + Pygments==2.12.0 \ + PyNaCl==1.5.0 \ + pyparsing==3.0.9 \ + pyrsistent==0.18.1 \ + python-dateutil==2.8.2 \ + pytz==2022.1 \ + resolvelib==0.5.4 \ + retrying==1.3.3 \ + s3transfer==0.4.2 \ + six==1.16.0 \ + snowballstemmer==2.2.0 \ + urllib3==1.26.10 + +RUN useradd -rm -d /home/testuser -s /bin/bash -g root -G sudo -u 1000 testuser \ + && echo 'testuser:Csit1234' | chpasswd + +RUN service ssh start
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service new file mode 100644 index 0000000000..431387c95c --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service @@ -0,0 +1,12 @@ +[Unit] +Description=CSIT Initialize Docker SUT +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=True +ExecStart=docker compose -f /opt/csit-docker-images/docker-compose-sut.yaml up --detach +ExecStop=docker compose -f /opt/csit-docker-images/docker-compose-sut.yaml down + +[Install] +WantedBy=default.target diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service new file mode 100644 index 0000000000..2c93724a4c --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service @@ -0,0 +1,12 @@ +[Unit] +Description=CSIT Initialize Docker TG +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=True +ExecStart=docker compose -f /opt/csit-docker-images/docker-compose-tg.yaml up --detach +ExecStop=docker compose -f /opt/csit-docker-images/docker-compose-tg.yaml down + +[Install] +WantedBy=default.target diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.sh b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.sh new file mode 100755 index 0000000000..0f93def8b5 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.sh @@ -0,0 +1,43 @@ +#!/usr/bin/env bash + +set -euo pipefail + +case "${1:-start}" in + "start" ) + # Run TG + for cnt in $(seq 1 ${2:-1}); do + docker network create --driver bridge csit-nw-tg${cnt} || true + # If the IMAGE is not already loaded then docker run will pull the + # IMAGE, and all image dependencies, before it starts the container. + dcr_image="base-ubuntu2204:local" + # Run the container in the background and print the new container + # ID. + dcr_stc_params="--detach=true " + # Give extended privileges to this container. A "privileged" + # container is given access to all devices and able to run nested + # containers. + dcr_stc_params+="--privileged " + # Publish all exposed ports to random ports on the host interfaces. + dcr_stc_params+="--publish 600${cnt}:2222 " + # Automatically remove the container when it exits. + dcr_stc_params+="--rm " + # Size of /dev/shm. + dcr_stc_params+="--shm-size 4G " + # Mount vfio to be able to bind to see binded interfaces. We cannot + # use --device=/dev/vfio as this does not see newly binded + # interfaces. + dcr_stc_params+="--volume /dev:/dev " + # Mount /opt/boot/ where VM kernel and initrd are located. + dcr_stc_params+="--volume /opt:/opt " + # Mount host hugepages for VMs. + dcr_stc_params+="--volume /dev/hugepages:/dev/hugepages " + + params=(${dcr_stc_params} --name csit-tg-"${cnt}" "${dcr_image}") + docker run --network=csit-nw-tg${cnt} "${params[@]}" + done + ;; + "stop" ) + docker rm --force $(docker ps --all --quiet --filter name=csit) + docker network rm $(docker network ls --filter name=csit --quiet) + ;; +esac diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile b/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile new file mode 100644 index 0000000000..26463db449 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile @@ -0,0 +1,5 @@ +FROM base-ubuntu2204:local + +COPY supervisord.conf /etc/supervisor/supervisord.conf + +CMD ["sh", "-c", "rm -f /dev/shm/db /dev/shm/global_vm /dev/shm/vpe-api; /usr/bin/supervisord -c /etc/supervisor/supervisord.conf; /usr/sbin/sshd -D -p 2222"]
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf b/fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf new file mode 100644 index 0000000000..22a36be5c6 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf @@ -0,0 +1,24 @@ +[unix_http_server] +file = /tmp/supervisor.sock +chmod = 0777 + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[supervisorctl] +serverurl = unix:///tmp/supervisor.sock + +[supervisord] +pidfile = /tmp/supervisord.pid +identifier = supervisor +directory = /tmp +logfile = /tmp/supervisord.log +loglevel = debug +nodaemon = false + +[program:vpp] +command = /usr/bin/vpp -c /etc/vpp/startup.conf +autostart = false +autorestart = true +redirect_stderr = true +priority = 1
\ No newline at end of file |