diff options
Diffstat (limited to 'fdio.infra.ansible/roles/docker_images')
12 files changed, 433 insertions, 0 deletions
diff --git a/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile b/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile new file mode 100644 index 0000000000..88af96bfa8 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile @@ -0,0 +1,140 @@ +FROM ubuntu:22.04 + +# Setup the environment +ENV DEBIAN_FRONTEND=noninteractive + +# Configure locales +RUN apt-get update -qq \ + && apt-get install -y \ + apt-utils \ + locales \ + && sed -i 's/# \(en_US\.UTF-8 .*\)/\1/' /etc/locale.gen \ + && locale-gen en_US.UTF-8 \ + && dpkg-reconfigure --frontend=noninteractive locales \ + && update-locale LANG=en_US.UTF-8 \ + && TZ=Etc/UTC && ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone \ + && rm -r /var/lib/apt/lists/* +ENV LANG="en_US.UTF-8" LANGUAGE="en_US" LC_ALL="en_US.UTF-8" + +# Install packages and Docker +RUN apt-get -q update \ + && apt-get install -y -qq \ + apt-transport-https \ + bridge-utils \ + ca-certificates \ + cgroup-tools \ + cloud-init \ + cmake \ + curl \ + dkms \ + ethtool \ + gdb \ + gfortran \ + libapr1 \ + libblas-dev \ + libffi-dev \ + libibverbs-dev \ + liblapack-dev \ + libmbedcrypto7 \ + libmbedtls14 \ + libmbedx509-1 \ + libnuma1 \ + libnuma-dev \ + libpcap-dev \ + libpixman-1-dev \ + libsctp-dev \ + libssl-dev \ + net-tools \ + ninja-build \ + openssh-server \ + pciutils \ + python3-all \ + python3-apt \ + python3-cffi \ + python3-cffi-backend \ + python3-dev \ + python3-pip \ + python3-pyelftools \ + python3-setuptools \ + python3-virtualenv \ + qemu-system \ + rdma-core \ + rsyslog \ + screen \ + socat \ + software-properties-common \ + strace \ + strongswan \ + ssh \ + sshpass \ + sudo \ + supervisor \ + tar \ + tcpdump \ + unzip \ + vim \ + wget \ + zlib1g-dev \ + && ln -s -f /usr/lib/x86_64-linux-gnu/libc.a /usr/lib/x86_64-linux-gnu/liblibc.a \ + && curl -fsSL https://get.docker.com | sh \ + && rm -rf /var/lib/apt/lists/* + +# Fix permissions +RUN chown root:syslog /var/log \ + && chmod 755 /etc/default + +# Create directory structure +RUN mkdir -p /tmp/dumps \ + && mkdir -p /var/cache/vpp/python \ + && mkdir -p /var/run/sshd \ + && mkdir -p /var/log/vpp + +# CSIT PIP pre-cache +RUN pip3 install \ + ecdsa==0.18.0 \ + paramiko==3.3.1 \ + pycrypto==2.6.1 \ + python-dateutil==2.8.2 \ + PyYAML==6.0.1 \ + requests==2.31.0 \ + robotframework==6.1.1 \ + scapy==2.4.5 \ + scp==0.14.5 \ + ansible==8.2.0 \ + ansible-core==2.15.2 \ + dill==0.3.7 \ + numpy==1.25.2 \ + scipy==1.11.1 \ + ply==3.11 \ + jsonschema==4.18.4 \ + rfc3339-validator==0.1.4 \ + rfc3987==1.3.8 \ + attrs==23.1.0 \ + bcrypt==4.0.1 \ + certifi==2023.7.22 \ + cffi==1.15.1 \ + charset-normalizer==3.2.0 \ + cryptography==41.0.3 \ + idna==3.4 \ + Jinja2==3.1.2 \ + jsonschema-specifications==2023.7.1 \ + MarkupSafe==2.1.3 \ + packaging==23.1 \ + pycparser==2.21 \ + PyNaCl==1.5.0 \ + referencing==0.30.0 \ + resolvelib==1.0.1 \ + rpds-py==0.9.2 \ + six==1.16.0 \ + urllib3==2.0.4 \ + meson==0.64.1 + +RUN groupadd -g 1000 testuser \ + && useradd -rm -d /home/testuser -s /bin/bash -g testuser -G sudo -u 1000 testuser \ + && echo 'testuser:Csit1234' | chpasswd + +RUN echo 'root:Csit1234' | chpasswd \ + && sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config \ + && echo "export VISIBLE=now" >> /etc/profile + +RUN service ssh start
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service new file mode 100644 index 0000000000..431387c95c --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service @@ -0,0 +1,12 @@ +[Unit] +Description=CSIT Initialize Docker SUT +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=True +ExecStart=docker compose -f /opt/csit-docker-images/docker-compose-sut.yaml up --detach +ExecStop=docker compose -f /opt/csit-docker-images/docker-compose-sut.yaml down + +[Install] +WantedBy=default.target diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service new file mode 100644 index 0000000000..2c93724a4c --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service @@ -0,0 +1,12 @@ +[Unit] +Description=CSIT Initialize Docker TG +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=True +ExecStart=docker compose -f /opt/csit-docker-images/docker-compose-tg.yaml up --detach +ExecStop=docker compose -f /opt/csit-docker-images/docker-compose-tg.yaml down + +[Install] +WantedBy=default.target diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile b/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile new file mode 100644 index 0000000000..85537bc32f --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile @@ -0,0 +1,7 @@ +FROM base-ubuntu2204:local + +EXPOSE 2222 + +COPY supervisord.conf /etc/supervisor/supervisord.conf + +CMD ["sh", "-c", "rm -f /dev/shm/db /dev/shm/global_vm /dev/shm/vpe-api; /usr/bin/supervisord -c /etc/supervisor/supervisord.conf; /usr/sbin/sshd -D -p 2222"]
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf b/fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf new file mode 100644 index 0000000000..22a36be5c6 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf @@ -0,0 +1,24 @@ +[unix_http_server] +file = /tmp/supervisor.sock +chmod = 0777 + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[supervisorctl] +serverurl = unix:///tmp/supervisor.sock + +[supervisord] +pidfile = /tmp/supervisord.pid +identifier = supervisor +directory = /tmp +logfile = /tmp/supervisord.log +loglevel = debug +nodaemon = false + +[program:vpp] +command = /usr/bin/vpp -c /etc/vpp/startup.conf +autostart = false +autorestart = true +redirect_stderr = true +priority = 1
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/handlers/main.yaml b/fdio.infra.ansible/roles/docker_images/handlers/main.yaml new file mode 100644 index 0000000000..766eec432a --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/handlers/main.yaml @@ -0,0 +1,18 @@ +--- +# file: handlers/main.yaml + +- name: "Start csit-initialize-docker-sut.service" + ansible.builtin.systemd: + enabled: true + state: "started" + name: "csit-initialize-docker-sut.service" + tags: + - docker-sut + +- name: "Start csit-initialize-docker-tg.service" + ansible.builtin.systemd: + enabled: true + state: "started" + name: "csit-initialize-docker-tg.service" + tags: + - docker-tg
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/base.yaml b/fdio.infra.ansible/roles/docker_images/tasks/base.yaml new file mode 100644 index 0000000000..69b3f6217d --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/base.yaml @@ -0,0 +1,63 @@ +--- +# file: tasks/base.yaml + +- name: "Create a Directory For Docker Images" + ansible.builtin.file: + path: "/opt/csit-docker-images/" + state: "directory" + mode: 0755 + tags: + - docker-base + +- name: "Copy Build Items" + ansible.builtin.copy: + src: "{{ item }}" + dest: "/opt/csit-docker-images/{{ item }}" + owner: "root" + group: "root" + mode: 0755 + with_items: + - "base/" + - "csit-sut/" + tags: + - docker-base + +- name: "Build CSIT Base Docker Image" + ansible.builtin.shell: "docker build -t base-ubuntu2204:local ." + args: + chdir: "/opt/csit-docker-images/base" + async: 3000 + poll: 0 + register: "docker_built" + tags: + - docker-base + +- name: "Check if CSIT Base Docker Image is Built" + async_status: + jid: "{{ docker_built.ansible_job_id }}" + register: "docker_built" + until: "docker_built.finished" + delay: 10 + retries: 300 + tags: + - docker-base + +- name: "Build CSIT OLD Docker Image" + ansible.builtin.shell: "docker build -t csit_sut-ubuntu2204:local ." + args: + chdir: "/opt/csit-docker-images/csit-sut" + async: 3000 + poll: 0 + register: "docker_built" + tags: + - docker-base + +- name: "Check if CSIT OLD Docker Image is Built" + async_status: + jid: "{{ docker_built.ansible_job_id }}" + register: "docker_built" + until: "docker_built.finished" + delay: 10 + retries: 300 + tags: + - docker-base
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/main.yaml b/fdio.infra.ansible/roles/docker_images/tasks/main.yaml new file mode 100644 index 0000000000..1005e024f2 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/main.yaml @@ -0,0 +1,21 @@ +--- +# file: tasks/main.yaml + +- name: "Build Base Docker Images" + import_tasks: "base.yaml" + tags: + - docker-base + +- name: "Docker Orchestration for TG" + import_tasks: "tg.yaml" + when: > + docker_tg is defined + tags: + - docker-tg + +- name: "Docker Orchestration for SUT" + import_tasks: "sut.yaml" + when: > + docker_sut is defined + tags: + - docker-sut
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/sut.yaml b/fdio.infra.ansible/roles/docker_images/tasks/sut.yaml new file mode 100644 index 0000000000..8ac179573d --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/sut.yaml @@ -0,0 +1,28 @@ +--- +# file: tasks/sut.yaml + +- name: "Template Compose File" + ansible.builtin.template: + src: "{{ item }}.j2" + dest: "/opt/csit-docker-images/{{ item }}" + owner: "root" + group: "root" + mode: 0755 + with_items: + - "docker-compose-sut.yaml" + tags: + - docker-sut + +- name: "Copy csit-initialize-docker-sut.service" + ansible.builtin.copy: + src: "files/csit-initialize-docker-sut.service" + dest: "/etc/systemd/system/" + owner: "root" + group: "root" + mode: 0644 + notify: + - "Start csit-initialize-docker-sut.service" + tags: + - docker-sut + +- meta: flush_handlers
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/tg.yaml b/fdio.infra.ansible/roles/docker_images/tasks/tg.yaml new file mode 100644 index 0000000000..0623616073 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/tg.yaml @@ -0,0 +1,28 @@ +--- +# file: tasks/tg.yaml + +- name: "Template Compose File" + ansible.builtin.template: + src: "{{ item }}.j2" + dest: "/opt/csit-docker-images/{{ item }}" + owner: "root" + group: "root" + mode: 0755 + with_items: + - "docker-compose-tg.yaml" + tags: + - docker-tg + +- name: "Start csit-initialize-docker-tg.service" + ansible.builtin.copy: + src: "files/csit-initialize-docker-tg.service" + dest: "/etc/systemd/system/" + owner: "root" + group: "root" + mode: 0644 + notify: + - "Start csit-initialize-docker-tg.service" + tags: + - docker-tg + +- meta: flush_handlers
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/templates/docker-compose-sut.yaml.j2 b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-sut.yaml.j2 new file mode 100644 index 0000000000..b4713d8552 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-sut.yaml.j2 @@ -0,0 +1,42 @@ +version: "3" +services: + numa-0: + build: + context: "base/" + dockerfile: "Dockerfile" + cap_add: + - NET_RAW + command: ["/usr/sbin/sshd","-D", "-p", "6001"] + expose: + - "6001" + hostname: "{{ ansible_hostname[:-1] }}1" + network_mode: "host" + privileged: true + restart: "always" + shm_size: "4G" + volumes: +{% for volume in docker_volumes %} + - type: "bind" + source: "{{ volume.source }}" + target: "{{ volume.target }}" +{% endfor %} + numa-1: + build: + context: "base/" + dockerfile: "Dockerfile" + cap_add: + - NET_RAW + command: ["/usr/sbin/sshd","-D", "-p", "6002"] + expose: + - "6002" + hostname: "{{ ansible_hostname[:-1] }}2" + network_mode: "host" + privileged: true + restart: "always" + shm_size: "4G" + volumes: +{% for volume in docker_volumes %} + - type: "bind" + source: "{{ volume.source }}" + target: "{{ volume.target }}" +{% endfor %}
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/templates/docker-compose-tg.yaml.j2 b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-tg.yaml.j2 new file mode 100644 index 0000000000..2cee85e169 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-tg.yaml.j2 @@ -0,0 +1,38 @@ +version: "3" +services: + tg-0: + build: + context: "base/" + dockerfile: "Dockerfile" + command: ["/usr/sbin/sshd","-D", "-p", "6001"] + expose: + - "6001" + hostname: "{{ ansible_hostname }}" + network_mode: "host" + privileged: true + restart: "always" + shm_size: "4G" + volumes: +{% for volume in docker_volumes %} + - type: "bind" + source: "{{ volume.source }}" + target: "{{ volume.target }}" +{% endfor %} + tg-1: + build: + context: "base/" + dockerfile: "Dockerfile" + command: ["/usr/sbin/sshd","-D", "-p", "6002"] + expose: + - "6002" + hostname: "{{ ansible_hostname }}" + network_mode: "host" + privileged: true + restart: "always" + shm_size: "4G" + volumes: +{% for volume in docker_volumes %} + - type: "bind" + source: "{{ volume.source }}" + target: "{{ volume.target }}" +{% endfor %}
\ No newline at end of file |