diff options
Diffstat (limited to 'fdio.infra.ansible/roles')
17 files changed, 319 insertions, 138 deletions
diff --git a/fdio.infra.ansible/roles/csit_sut_image/tasks/main.yaml b/fdio.infra.ansible/roles/csit_sut_image/tasks/main.yaml deleted file mode 100644 index f0a93c06ee..0000000000 --- a/fdio.infra.ansible/roles/csit_sut_image/tasks/main.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -# file: roles/csit_sut_image/tasks/main.yaml - -- name: Create a directory if it does not exist - ansible.builtin.file: - path: "/opt/csit-sut/" - state: "directory" - mode: 0755 - tags: - - csit-sut-image - -- name: Copy Build Items - ansible.builtin.copy: - src: "{{ item }}" - dest: "/opt/csit-sut/" - owner: "root" - group: "root" - mode: 0755 - with_items: - - Dockerfile - - supervisord.conf - tags: - - csit-sut-image - -- name: Build CSIT SUT Docker Image - ansible.builtin.shell: "docker build -t csit_sut-ubuntu2204:local ." - args: - chdir: "/opt/csit-sut" - async: 3000 - poll: 0 - register: docker_built - tags: - - csit-sut-image - -- name: Check if CSIT SUT Docker Image is Built - async_status: - jid: "{{ docker_built.ansible_job_id }}" - register: docker_built - until: docker_built.finished - delay: 10 - retries: 300 - tags: - - csit-sut-image
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/csit_sut_image/files/Dockerfile b/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile index 1f72df8205..0a17bf6404 100644 --- a/fdio.infra.ansible/roles/csit_sut_image/files/Dockerfile +++ b/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile @@ -1,19 +1,4 @@ -# Copyright (c) 2022 Cisco and/or its affiliates. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at: -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - FROM ubuntu:22.04 -LABEL Description="CSIT vpp-device ubuntu 22.04 SUT image" -LABEL Version="master" # Setup the environment ENV DEBIAN_FRONTEND=noninteractive @@ -37,6 +22,7 @@ RUN apt-get -q update \ apt-transport-https \ bridge-utils \ ca-certificates \ + cgroup-tools \ cloud-init \ cmake \ curl \ @@ -55,7 +41,6 @@ RUN apt-get -q update \ libpcap-dev \ libpixman-1-dev \ libssl-dev \ - locales \ net-tools \ openssh-server \ pciutils \ @@ -92,7 +77,8 @@ RUN chown root:syslog /var/log \ # Create directory structure RUN mkdir -p /tmp/dumps \ && mkdir -p /var/cache/vpp/python \ - && mkdir -p /var/run/sshd + && mkdir -p /var/run/sshd \ + && mkdir -p /var/log/vpp # CSIT PIP pre-cache RUN pip3 install \ @@ -160,14 +146,7 @@ RUN pip3 install \ snowballstemmer==2.2.0 \ urllib3==1.26.10 -# SSH settings -RUN echo 'root:Csit1234' | chpasswd \ - && sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config \ - && sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd \ - && echo "export VISIBLE=now" >> /etc/profile - -EXPOSE 2222 - -COPY supervisord.conf /etc/supervisor/supervisord.conf +RUN useradd -rm -d /home/testuser -s /bin/bash -g root -G sudo -u 1000 testuser \ + && echo 'testuser:Csit1234' | chpasswd -CMD ["sh", "-c", "rm -f /dev/shm/db /dev/shm/global_vm /dev/shm/vpe-api; /usr/bin/supervisord -c /etc/supervisor/supervisord.conf; /usr/sbin/sshd -D -p 2222"]
\ No newline at end of file +RUN service ssh start
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service new file mode 100644 index 0000000000..431387c95c --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service @@ -0,0 +1,12 @@ +[Unit] +Description=CSIT Initialize Docker SUT +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=True +ExecStart=docker compose -f /opt/csit-docker-images/docker-compose-sut.yaml up --detach +ExecStop=docker compose -f /opt/csit-docker-images/docker-compose-sut.yaml down + +[Install] +WantedBy=default.target diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service new file mode 100644 index 0000000000..2c93724a4c --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service @@ -0,0 +1,12 @@ +[Unit] +Description=CSIT Initialize Docker TG +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=True +ExecStart=docker compose -f /opt/csit-docker-images/docker-compose-tg.yaml up --detach +ExecStop=docker compose -f /opt/csit-docker-images/docker-compose-tg.yaml down + +[Install] +WantedBy=default.target diff --git a/fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.sh b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.sh index 7776b4488d..0f93def8b5 100755 --- a/fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.sh +++ b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.sh @@ -1,20 +1,5 @@ #!/usr/bin/env bash -# Copyright (c) 2021 Cisco and/or its affiliates. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at: -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# CSIT SRIOV VF initialization and isolation. - set -euo pipefail case "${1:-start}" in @@ -24,7 +9,7 @@ case "${1:-start}" in docker network create --driver bridge csit-nw-tg${cnt} || true # If the IMAGE is not already loaded then docker run will pull the # IMAGE, and all image dependencies, before it starts the container. - dcr_image="csit_sut-ubuntu2204:local" + dcr_image="base-ubuntu2204:local" # Run the container in the background and print the new container # ID. dcr_stc_params="--detach=true " diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile b/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile new file mode 100644 index 0000000000..26463db449 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile @@ -0,0 +1,5 @@ +FROM base-ubuntu2204:local + +COPY supervisord.conf /etc/supervisor/supervisord.conf + +CMD ["sh", "-c", "rm -f /dev/shm/db /dev/shm/global_vm /dev/shm/vpe-api; /usr/bin/supervisord -c /etc/supervisor/supervisord.conf; /usr/sbin/sshd -D -p 2222"]
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/csit_sut_image/files/supervisord.conf b/fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf index 22a36be5c6..22a36be5c6 100644 --- a/fdio.infra.ansible/roles/csit_sut_image/files/supervisord.conf +++ b/fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf diff --git a/fdio.infra.ansible/roles/docker_images/handlers/main.yaml b/fdio.infra.ansible/roles/docker_images/handlers/main.yaml new file mode 100644 index 0000000000..766eec432a --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/handlers/main.yaml @@ -0,0 +1,18 @@ +--- +# file: handlers/main.yaml + +- name: "Start csit-initialize-docker-sut.service" + ansible.builtin.systemd: + enabled: true + state: "started" + name: "csit-initialize-docker-sut.service" + tags: + - docker-sut + +- name: "Start csit-initialize-docker-tg.service" + ansible.builtin.systemd: + enabled: true + state: "started" + name: "csit-initialize-docker-tg.service" + tags: + - docker-tg
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/base.yaml b/fdio.infra.ansible/roles/docker_images/tasks/base.yaml new file mode 100644 index 0000000000..69b3f6217d --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/base.yaml @@ -0,0 +1,63 @@ +--- +# file: tasks/base.yaml + +- name: "Create a Directory For Docker Images" + ansible.builtin.file: + path: "/opt/csit-docker-images/" + state: "directory" + mode: 0755 + tags: + - docker-base + +- name: "Copy Build Items" + ansible.builtin.copy: + src: "{{ item }}" + dest: "/opt/csit-docker-images/{{ item }}" + owner: "root" + group: "root" + mode: 0755 + with_items: + - "base/" + - "csit-sut/" + tags: + - docker-base + +- name: "Build CSIT Base Docker Image" + ansible.builtin.shell: "docker build -t base-ubuntu2204:local ." + args: + chdir: "/opt/csit-docker-images/base" + async: 3000 + poll: 0 + register: "docker_built" + tags: + - docker-base + +- name: "Check if CSIT Base Docker Image is Built" + async_status: + jid: "{{ docker_built.ansible_job_id }}" + register: "docker_built" + until: "docker_built.finished" + delay: 10 + retries: 300 + tags: + - docker-base + +- name: "Build CSIT OLD Docker Image" + ansible.builtin.shell: "docker build -t csit_sut-ubuntu2204:local ." + args: + chdir: "/opt/csit-docker-images/csit-sut" + async: 3000 + poll: 0 + register: "docker_built" + tags: + - docker-base + +- name: "Check if CSIT OLD Docker Image is Built" + async_status: + jid: "{{ docker_built.ansible_job_id }}" + register: "docker_built" + until: "docker_built.finished" + delay: 10 + retries: 300 + tags: + - docker-base
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/main.yaml b/fdio.infra.ansible/roles/docker_images/tasks/main.yaml new file mode 100644 index 0000000000..1005e024f2 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/main.yaml @@ -0,0 +1,21 @@ +--- +# file: tasks/main.yaml + +- name: "Build Base Docker Images" + import_tasks: "base.yaml" + tags: + - docker-base + +- name: "Docker Orchestration for TG" + import_tasks: "tg.yaml" + when: > + docker_tg is defined + tags: + - docker-tg + +- name: "Docker Orchestration for SUT" + import_tasks: "sut.yaml" + when: > + docker_sut is defined + tags: + - docker-sut
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/sut.yaml b/fdio.infra.ansible/roles/docker_images/tasks/sut.yaml new file mode 100644 index 0000000000..8ac179573d --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/sut.yaml @@ -0,0 +1,28 @@ +--- +# file: tasks/sut.yaml + +- name: "Template Compose File" + ansible.builtin.template: + src: "{{ item }}.j2" + dest: "/opt/csit-docker-images/{{ item }}" + owner: "root" + group: "root" + mode: 0755 + with_items: + - "docker-compose-sut.yaml" + tags: + - docker-sut + +- name: "Copy csit-initialize-docker-sut.service" + ansible.builtin.copy: + src: "files/csit-initialize-docker-sut.service" + dest: "/etc/systemd/system/" + owner: "root" + group: "root" + mode: 0644 + notify: + - "Start csit-initialize-docker-sut.service" + tags: + - docker-sut + +- meta: flush_handlers
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/tg.yaml b/fdio.infra.ansible/roles/docker_images/tasks/tg.yaml new file mode 100644 index 0000000000..0623616073 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/tg.yaml @@ -0,0 +1,28 @@ +--- +# file: tasks/tg.yaml + +- name: "Template Compose File" + ansible.builtin.template: + src: "{{ item }}.j2" + dest: "/opt/csit-docker-images/{{ item }}" + owner: "root" + group: "root" + mode: 0755 + with_items: + - "docker-compose-tg.yaml" + tags: + - docker-tg + +- name: "Start csit-initialize-docker-tg.service" + ansible.builtin.copy: + src: "files/csit-initialize-docker-tg.service" + dest: "/etc/systemd/system/" + owner: "root" + group: "root" + mode: 0644 + notify: + - "Start csit-initialize-docker-tg.service" + tags: + - docker-tg + +- meta: flush_handlers
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/templates/docker-compose-sut.yaml.j2 b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-sut.yaml.j2 new file mode 100644 index 0000000000..bcb29f1ae0 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-sut.yaml.j2 @@ -0,0 +1,64 @@ +version: "3" +services: + numa-0: + build: + context: "base/" + dockerfile: "Dockerfile" + command: ["/usr/sbin/sshd","-D", "-p", "6001"] + expose: + - "6001" + hostname: "{{ ansible_hostname[:-1] }}1" + network_mode: "host" + privileged: true + restart: "always" + shm_size: "4G" + devices: + - "/dev/hugepages:/dev/hugepages" + - "/dev/vfio:/dev/vfio" + volumes: + - type: "bind" + source: "/etc/sudoers" + target: "/etc/sudoers" + - type: "bind" + source: "/dev/null" + target: "/etc/sysctl.d/80-vpp.conf" + - type: "bind" + source: "/opt/boot/" + target: "/opt/boot/" + - type: "bind" + source: "/var/run/docker.sock" + target: "/var/run/docker.sock" + - type: "bind" + source: "/usr/lib/firmware/" + target: "/usr/lib/firmware/" + numa-1: + build: + context: "base/" + dockerfile: "Dockerfile" + command: ["/usr/sbin/sshd","-D", "-p", "6002"] + expose: + - "6002" + hostname: "{{ ansible_hostname[:-1] }}2" + network_mode: "host" + privileged: true + restart: "always" + shm_size: "4G" + devices: + - "/dev/hugepages:/dev/hugepages" + - "/dev/vfio:/dev/vfio" + volumes: + - type: "bind" + source: "/etc/sudoers" + target: "/etc/sudoers" + - type: "bind" + source: "/dev/null" + target: "/etc/sysctl.d/80-vpp.conf" + - type: "bind" + source: "/opt/boot/" + target: "/opt/boot/" + - type: "bind" + source: "/var/run/docker.sock" + target: "/var/run/docker.sock" + - type: "bind" + source: "/usr/lib/firmware/" + target: "/usr/lib/firmware/"
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/templates/docker-compose-tg.yaml.j2 b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-tg.yaml.j2 new file mode 100644 index 0000000000..0cbe6c5590 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-tg.yaml.j2 @@ -0,0 +1,61 @@ +version: "3" +services: + tg-0: + build: + context: "base/" + dockerfile: "Dockerfile" + command: ["/usr/sbin/sshd","-D", "-p", "6001"] + expose: + - "6001" + hostname: "{{ ansible_hostname }}" + networks: + tg-nw-0: + privileged: true + ports: + - "6001:6001" + restart: "always" + shm_size: "4G" + devices: + - "/dev/hugepages:/dev/hugepages" + - "/dev/vfio:/dev/vfio" + volumes: + - type: "bind" + source: "/etc/sudoers" + target: "/etc/sudoers" + - type: "bind" + source: "/opt/" + target: "/opt/" + - type: "bind" + source: "/usr/lib/firmware/" + target: "/usr/lib/firmware/" + tg-1: + build: + context: "base/" + dockerfile: "Dockerfile" + command: ["/usr/sbin/sshd","-D", "-p", "6002"] + expose: + - "6002" + hostname: "{{ ansible_hostname }}" + networks: + tg-nw-1: + privileged: true + ports: + - "6002:6002" + restart: "always" + shm_size: "4G" + devices: + - "/dev/hugepages:/dev/hugepages" + - "/dev/vfio:/dev/vfio" + volumes: + - type: "bind" + source: "/etc/sudoers" + target: "/etc/sudoers" + - type: "bind" + source: "/opt/" + target: "/opt/" + - type: "bind" + source: "/usr/lib/firmware/" + target: "/usr/lib/firmware/" +networks: + tg-nw-0: + tg-nw-1:
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.service b/fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.service deleted file mode 100644 index 11911201d5..0000000000 --- a/fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=CSIT Initialize Docker TG -After=network.target - -[Service] -Type=oneshot -RemainAfterExit=True -ExecStart=/usr/local/bin/csit-initialize-docker-tg.sh start 2 -ExecStop=/usr/local/bin/csit-initialize-docker-tg.sh stop - -[Install] -WantedBy=default.target diff --git a/fdio.infra.ansible/roles/tg/handlers/main.yaml b/fdio.infra.ansible/roles/tg/handlers/main.yaml deleted file mode 100644 index 7edd60dc5b..0000000000 --- a/fdio.infra.ansible/roles/tg/handlers/main.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -# file: roles/tg/handlers/main.yaml - -- name: Start csit-initialize-docker-tg.service - ansible.builtin.systemd: - enabled: true - state: "started" - name: "csit-initialize-docker-tg.service" - tags: - - docker-tg diff --git a/fdio.infra.ansible/roles/tg/tasks/main.yaml b/fdio.infra.ansible/roles/tg/tasks/main.yaml deleted file mode 100644 index 1893fb4a93..0000000000 --- a/fdio.infra.ansible/roles/tg/tasks/main.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# file: roles/tg/tasks/main.yaml - -- name: Conf - csit-initialize-docker-tg.sh - ansible.builtin.copy: - src: "files/csit-initialize-docker-tg.sh" - dest: "/usr/local/bin/csit-initialize-docker-tg.sh" - owner: "root" - group: "root" - mode: 0744 - when: - - docker_tg is defined - tags: - - tg-conf-docker - -- name: Conf - Start csit-initialize-docker-tg.service - ansible.builtin.copy: - src: "files/csit-initialize-docker-tg.service" - dest: "/etc/systemd/system/" - owner: "root" - group: "root" - mode: 0644 - notify: - - "Start csit-initialize-docker-tg.service" - when: - - docker_tg is defined - tags: - - tg-conf-docker - -- meta: flush_handlers |