From d14b7a69e628582b9132abc1b6e09aada68c0077 Mon Sep 17 00:00:00 2001 From: pmikus Date: Fri, 28 Apr 2023 11:27:25 +0000 Subject: feat(ansible): Refactor docker-image roles Signed-off-by: pmikus Change-Id: I6731e55b9643f46463c16f68e4986e3cb61f843f --- .../lf_inventory/host_vars/10.30.51.52.yaml | 1 + .../lf_inventory/host_vars/10.30.51.53.yaml | 4 +- .../lf_inventory/host_vars/10.30.51.54.yaml | 1 + .../lf_inventory/host_vars/10.30.51.55.yaml | 4 +- .../lf_inventory/host_vars/10.30.51.56.yaml | 2 +- .../lf_inventory/host_vars/10.30.51.57.yaml | 5 +- .../lf_inventory/host_vars/10.30.51.58.yaml | 2 +- .../lf_inventory/host_vars/10.30.51.59.yaml | 5 +- .../roles/csit_sut_image/files/Dockerfile | 173 --------------------- .../roles/csit_sut_image/files/supervisord.conf | 24 --- .../roles/csit_sut_image/tasks/main.yaml | 43 ----- .../roles/docker_images/files/base/Dockerfile | 152 ++++++++++++++++++ .../files/csit-initialize-docker-sut.service | 12 ++ .../files/csit-initialize-docker-tg.service | 12 ++ .../files/csit-initialize-docker-tg.sh | 43 +++++ .../roles/docker_images/files/csit-sut/Dockerfile | 5 + .../docker_images/files/csit-sut/supervisord.conf | 24 +++ .../roles/docker_images/handlers/main.yaml | 18 +++ .../roles/docker_images/tasks/base.yaml | 63 ++++++++ .../roles/docker_images/tasks/main.yaml | 21 +++ .../roles/docker_images/tasks/sut.yaml | 28 ++++ .../roles/docker_images/tasks/tg.yaml | 28 ++++ .../templates/docker-compose-sut.yaml.j2 | 64 ++++++++ .../templates/docker-compose-tg.yaml.j2 | 61 ++++++++ .../tg/files/csit-initialize-docker-tg.service | 12 -- .../roles/tg/files/csit-initialize-docker-tg.sh | 58 ------- fdio.infra.ansible/roles/tg/handlers/main.yaml | 10 -- fdio.infra.ansible/roles/tg/tasks/main.yaml | 30 ---- fdio.infra.ansible/sut.yaml | 4 +- fdio.infra.ansible/tg.yaml | 10 +- fdio.infra.ansible/vpp_device.yaml | 4 +- 31 files changed, 553 insertions(+), 370 deletions(-) delete mode 100644 fdio.infra.ansible/roles/csit_sut_image/files/Dockerfile delete mode 100644 fdio.infra.ansible/roles/csit_sut_image/files/supervisord.conf delete mode 100644 fdio.infra.ansible/roles/csit_sut_image/tasks/main.yaml create mode 100644 fdio.infra.ansible/roles/docker_images/files/base/Dockerfile create mode 100644 fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service create mode 100644 fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service create mode 100755 fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.sh create mode 100644 fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile create mode 100644 fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf create mode 100644 fdio.infra.ansible/roles/docker_images/handlers/main.yaml create mode 100644 fdio.infra.ansible/roles/docker_images/tasks/base.yaml create mode 100644 fdio.infra.ansible/roles/docker_images/tasks/main.yaml create mode 100644 fdio.infra.ansible/roles/docker_images/tasks/sut.yaml create mode 100644 fdio.infra.ansible/roles/docker_images/tasks/tg.yaml create mode 100644 fdio.infra.ansible/roles/docker_images/templates/docker-compose-sut.yaml.j2 create mode 100644 fdio.infra.ansible/roles/docker_images/templates/docker-compose-tg.yaml.j2 delete mode 100644 fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.service delete mode 100755 fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.sh delete mode 100644 fdio.infra.ansible/roles/tg/handlers/main.yaml delete mode 100644 fdio.infra.ansible/roles/tg/tasks/main.yaml diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.52.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.52.yaml index 0aa2da2c8e..3b5e2faeea 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.52.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.52.yaml @@ -28,6 +28,7 @@ sysctl: inventory_ipmi_hostname: "10.30.50.52" cpu_microarchitecture: "sapphirerapids" +docker_sut: true mellanox_matrix: "dpdk22.07" intel_dsa_matrix: true \ No newline at end of file diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.53.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.53.yaml index 715d85eb5f..1fe061605a 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.53.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.53.yaml @@ -7,7 +7,7 @@ grub: default_hugepagesz: "2M hugepagesz=1G hugepages=32 hugepagesz=2M hugepages=32768" hpet: "disable" intel_idle.max_cstate: "1" - intel_iommu: "on" + intel_iommu: "on,sm_on" intel_pstate: "disable" iommu: "pt" isolcpus: "1-31,33-63,65-95,97-127" @@ -28,5 +28,7 @@ sysctl: inventory_ipmi_hostname: "10.30.50.53" cpu_microarchitecture: "sapphirerapids" +docker_tg: true mellanox_matrix: "dpdk22.07" +intel_dsa_matrix: true diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.54.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.54.yaml index 46a87376a4..9a2aea894b 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.54.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.54.yaml @@ -28,6 +28,7 @@ sysctl: inventory_ipmi_hostname: "10.30.50.54" cpu_microarchitecture: "sapphirerapids" +docker_sut: true intel_800_matrix: "dpdk22.07" intel_dsa_matrix: true diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.55.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.55.yaml index 523e3710f5..d9bced7c78 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.55.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.55.yaml @@ -7,7 +7,7 @@ grub: default_hugepagesz: "2M hugepagesz=1G hugepages=32 hugepagesz=2M hugepages=32768" hpet: "disable" intel_idle.max_cstate: "1" - intel_iommu: "on" + intel_iommu: "on,sm_on" intel_pstate: "disable" iommu: "pt" isolcpus: "1-31,33-63,65-95,97-127" @@ -28,5 +28,7 @@ sysctl: inventory_ipmi_hostname: "10.30.50.55" cpu_microarchitecture: "sapphirerapids" +docker_tg: true intel_800_matrix: "dpdk22.07" +intel_dsa_matrix: true diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.56.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.56.yaml index baf2bbb0ac..69964c2a3b 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.56.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.56.yaml @@ -28,8 +28,8 @@ sysctl: inventory_ipmi_hostname: "10.30.50.56" cpu_microarchitecture: "sapphirerapids" +docker_sut: true -intel_700_matrix: "dpdk22.07" intel_800_matrix: "dpdk22.07" mellanox_matrix: "dpdk22.07" intel_dsa_matrix: true \ No newline at end of file diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.57.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.57.yaml index 58c7e7682c..a0a832385c 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.57.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.57.yaml @@ -7,7 +7,7 @@ grub: default_hugepagesz: "2M hugepagesz=1G hugepages=32 hugepagesz=2M hugepages=32768" hpet: "disable" intel_idle.max_cstate: "1" - intel_iommu: "on" + intel_iommu: "on,sm_on" intel_pstate: "disable" iommu: "pt" isolcpus: "1-31,33-63,65-95,97-127" @@ -28,7 +28,8 @@ sysctl: inventory_ipmi_hostname: "10.30.50.57" cpu_microarchitecture: "sapphirerapids" +docker_tg: true -intel_700_matrix: "dpdk22.07" intel_800_matrix: "dpdk22.07" mellanox_matrix: "dpdk22.07" +intel_dsa_matrix: true diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.58.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.58.yaml index 21ca935ebf..a127c15513 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.58.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.58.yaml @@ -28,8 +28,8 @@ sysctl: inventory_ipmi_hostname: "10.30.50.58" cpu_microarchitecture: "sapphirerapids" +docker_sut: true -intel_700_matrix: "dpdk22.07" intel_800_matrix: "dpdk22.07" mellanox_matrix: "dpdk22.07" intel_dsa_matrix: true diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.59.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.59.yaml index 0f593169d9..4e84477f01 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.59.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.59.yaml @@ -7,7 +7,7 @@ grub: default_hugepagesz: "2M hugepagesz=1G hugepages=32 hugepagesz=2M hugepages=32768" hpet: "disable" intel_idle.max_cstate: "1" - intel_iommu: "on" + intel_iommu: "on,sm_on" intel_pstate: "disable" iommu: "pt" isolcpus: "1-31,33-63,65-95,97-127" @@ -28,7 +28,8 @@ sysctl: inventory_ipmi_hostname: "10.30.50.59" cpu_microarchitecture: "sapphirerapids" +docker_tg: true -intel_700_matrix: "dpdk22.07" intel_800_matrix: "dpdk22.07" mellanox_matrix: "dpdk22.07" +intel_dsa_matrix: true diff --git a/fdio.infra.ansible/roles/csit_sut_image/files/Dockerfile b/fdio.infra.ansible/roles/csit_sut_image/files/Dockerfile deleted file mode 100644 index 1f72df8205..0000000000 --- a/fdio.infra.ansible/roles/csit_sut_image/files/Dockerfile +++ /dev/null @@ -1,173 +0,0 @@ -# Copyright (c) 2022 Cisco and/or its affiliates. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at: -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM ubuntu:22.04 -LABEL Description="CSIT vpp-device ubuntu 22.04 SUT image" -LABEL Version="master" - -# Setup the environment -ENV DEBIAN_FRONTEND=noninteractive - -# Configure locales -RUN apt-get update -qq \ - && apt-get install -y \ - apt-utils \ - locales \ - && sed -i 's/# \(en_US\.UTF-8 .*\)/\1/' /etc/locale.gen \ - && locale-gen en_US.UTF-8 \ - && dpkg-reconfigure --frontend=noninteractive locales \ - && update-locale LANG=en_US.UTF-8 \ - && TZ=Etc/UTC && ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone \ - && rm -r /var/lib/apt/lists/* -ENV LANG="en_US.UTF-8" LANGUAGE="en_US" LC_ALL="en_US.UTF-8" - -# Install packages and Docker -RUN apt-get -q update \ - && apt-get install -y -qq \ - apt-transport-https \ - bridge-utils \ - ca-certificates \ - cloud-init \ - cmake \ - curl \ - dkms \ - gdb \ - gfortran \ - libapr1 \ - libblas-dev \ - libffi-dev \ - liblapack-dev \ - libmbedcrypto7 \ - libmbedtls14 \ - libmbedx509-1 \ - libnuma1 \ - libnuma-dev \ - libpcap-dev \ - libpixman-1-dev \ - libssl-dev \ - locales \ - net-tools \ - openssh-server \ - pciutils \ - python3-all \ - python3-apt \ - python3-cffi \ - python3-cffi-backend \ - python3-dev \ - python3-pip \ - python3-setuptools \ - python3-virtualenv \ - qemu-system \ - rsyslog \ - socat \ - software-properties-common \ - strongswan \ - ssh \ - sshpass \ - sudo \ - supervisor \ - tar \ - tcpdump \ - unzip \ - vim \ - wget \ - zlib1g-dev \ - && curl -fsSL https://get.docker.com | sh \ - && rm -rf /var/lib/apt/lists/* - -# Fix permissions -RUN chown root:syslog /var/log \ - && chmod 755 /etc/default - -# Create directory structure -RUN mkdir -p /tmp/dumps \ - && mkdir -p /var/cache/vpp/python \ - && mkdir -p /var/run/sshd - -# CSIT PIP pre-cache -RUN pip3 install \ - ecdsa==0.18.0 \ - paramiko==2.9.3 \ - pycrypto==2.6.1 \ - PyYAML==5.4.1 \ - requests==2.25.1 \ - robotframework==5.0.1 \ - scapy==2.4.5 \ - scp==0.14.4 \ - ansible==5.10.0 \ - ansible-core==2.12.7 \ - dill==0.3.5.1 \ - numpy==1.22.4 \ - scipy==1.8.1 \ - boto3==1.17.78 \ - botocore==1.20.78 \ - hdrhistogram==0.6.1 \ - pandas==1.4.2 \ - plotly==4.1.1 \ - PTable==0.9.2 \ - Sphinx==3.5.4 \ - sphinx-rtd-theme==0.5.2 \ - sphinxcontrib-applehelp==1.0.2 \ - sphinxcontrib-devhelp==1.0.2 \ - sphinxcontrib-htmlhelp==2.0.0 \ - sphinxcontrib-jsmath==1.0.1 \ - sphinxcontrib-programoutput==0.17 \ - sphinxcontrib-qthelp==1.0.3 \ - sphinxcontrib-robotdoc==0.11.0 \ - sphinxcontrib-serializinghtml==1.1.5 \ - ply==3.11 \ - jsonschema==4.1.0 \ - rfc3339-validator==0.1.4 \ - rfc3987==1.3.8 \ - alabaster==0.7.12 \ - attrs==21.4.0 \ - Babel==2.10.3 \ - bcrypt==3.2.2 \ - certifi==2022.6.15 \ - cffi==1.15.1 \ - chardet==4.0.0 \ - cryptography==36.0.2 \ - docutils==0.16 \ - future==0.18.2 \ - idna==2.10 \ - imagesize==1.4.1 \ - Jinja2==3.0.3 \ - jmespath==0.10.0 \ - MarkupSafe==2.1.1 \ - packaging==21.3 \ - pbr==5.9.0 \ - pycparser==2.21 \ - Pygments==2.12.0 \ - PyNaCl==1.5.0 \ - pyparsing==3.0.9 \ - pyrsistent==0.18.1 \ - python-dateutil==2.8.2 \ - pytz==2022.1 \ - resolvelib==0.5.4 \ - retrying==1.3.3 \ - s3transfer==0.4.2 \ - six==1.16.0 \ - snowballstemmer==2.2.0 \ - urllib3==1.26.10 - -# SSH settings -RUN echo 'root:Csit1234' | chpasswd \ - && sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config \ - && sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd \ - && echo "export VISIBLE=now" >> /etc/profile - -EXPOSE 2222 - -COPY supervisord.conf /etc/supervisor/supervisord.conf - -CMD ["sh", "-c", "rm -f /dev/shm/db /dev/shm/global_vm /dev/shm/vpe-api; /usr/bin/supervisord -c /etc/supervisor/supervisord.conf; /usr/sbin/sshd -D -p 2222"] \ No newline at end of file diff --git a/fdio.infra.ansible/roles/csit_sut_image/files/supervisord.conf b/fdio.infra.ansible/roles/csit_sut_image/files/supervisord.conf deleted file mode 100644 index 22a36be5c6..0000000000 --- a/fdio.infra.ansible/roles/csit_sut_image/files/supervisord.conf +++ /dev/null @@ -1,24 +0,0 @@ -[unix_http_server] -file = /tmp/supervisor.sock -chmod = 0777 - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl = unix:///tmp/supervisor.sock - -[supervisord] -pidfile = /tmp/supervisord.pid -identifier = supervisor -directory = /tmp -logfile = /tmp/supervisord.log -loglevel = debug -nodaemon = false - -[program:vpp] -command = /usr/bin/vpp -c /etc/vpp/startup.conf -autostart = false -autorestart = true -redirect_stderr = true -priority = 1 \ No newline at end of file diff --git a/fdio.infra.ansible/roles/csit_sut_image/tasks/main.yaml b/fdio.infra.ansible/roles/csit_sut_image/tasks/main.yaml deleted file mode 100644 index f0a93c06ee..0000000000 --- a/fdio.infra.ansible/roles/csit_sut_image/tasks/main.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -# file: roles/csit_sut_image/tasks/main.yaml - -- name: Create a directory if it does not exist - ansible.builtin.file: - path: "/opt/csit-sut/" - state: "directory" - mode: 0755 - tags: - - csit-sut-image - -- name: Copy Build Items - ansible.builtin.copy: - src: "{{ item }}" - dest: "/opt/csit-sut/" - owner: "root" - group: "root" - mode: 0755 - with_items: - - Dockerfile - - supervisord.conf - tags: - - csit-sut-image - -- name: Build CSIT SUT Docker Image - ansible.builtin.shell: "docker build -t csit_sut-ubuntu2204:local ." - args: - chdir: "/opt/csit-sut" - async: 3000 - poll: 0 - register: docker_built - tags: - - csit-sut-image - -- name: Check if CSIT SUT Docker Image is Built - async_status: - jid: "{{ docker_built.ansible_job_id }}" - register: docker_built - until: docker_built.finished - delay: 10 - retries: 300 - tags: - - csit-sut-image \ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile b/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile new file mode 100644 index 0000000000..0a17bf6404 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile @@ -0,0 +1,152 @@ +FROM ubuntu:22.04 + +# Setup the environment +ENV DEBIAN_FRONTEND=noninteractive + +# Configure locales +RUN apt-get update -qq \ + && apt-get install -y \ + apt-utils \ + locales \ + && sed -i 's/# \(en_US\.UTF-8 .*\)/\1/' /etc/locale.gen \ + && locale-gen en_US.UTF-8 \ + && dpkg-reconfigure --frontend=noninteractive locales \ + && update-locale LANG=en_US.UTF-8 \ + && TZ=Etc/UTC && ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone \ + && rm -r /var/lib/apt/lists/* +ENV LANG="en_US.UTF-8" LANGUAGE="en_US" LC_ALL="en_US.UTF-8" + +# Install packages and Docker +RUN apt-get -q update \ + && apt-get install -y -qq \ + apt-transport-https \ + bridge-utils \ + ca-certificates \ + cgroup-tools \ + cloud-init \ + cmake \ + curl \ + dkms \ + gdb \ + gfortran \ + libapr1 \ + libblas-dev \ + libffi-dev \ + liblapack-dev \ + libmbedcrypto7 \ + libmbedtls14 \ + libmbedx509-1 \ + libnuma1 \ + libnuma-dev \ + libpcap-dev \ + libpixman-1-dev \ + libssl-dev \ + net-tools \ + openssh-server \ + pciutils \ + python3-all \ + python3-apt \ + python3-cffi \ + python3-cffi-backend \ + python3-dev \ + python3-pip \ + python3-setuptools \ + python3-virtualenv \ + qemu-system \ + rsyslog \ + socat \ + software-properties-common \ + strongswan \ + ssh \ + sshpass \ + sudo \ + supervisor \ + tar \ + tcpdump \ + unzip \ + vim \ + wget \ + zlib1g-dev \ + && curl -fsSL https://get.docker.com | sh \ + && rm -rf /var/lib/apt/lists/* + +# Fix permissions +RUN chown root:syslog /var/log \ + && chmod 755 /etc/default + +# Create directory structure +RUN mkdir -p /tmp/dumps \ + && mkdir -p /var/cache/vpp/python \ + && mkdir -p /var/run/sshd \ + && mkdir -p /var/log/vpp + +# CSIT PIP pre-cache +RUN pip3 install \ + ecdsa==0.18.0 \ + paramiko==2.9.3 \ + pycrypto==2.6.1 \ + PyYAML==5.4.1 \ + requests==2.25.1 \ + robotframework==5.0.1 \ + scapy==2.4.5 \ + scp==0.14.4 \ + ansible==5.10.0 \ + ansible-core==2.12.7 \ + dill==0.3.5.1 \ + numpy==1.22.4 \ + scipy==1.8.1 \ + boto3==1.17.78 \ + botocore==1.20.78 \ + hdrhistogram==0.6.1 \ + pandas==1.4.2 \ + plotly==4.1.1 \ + PTable==0.9.2 \ + Sphinx==3.5.4 \ + sphinx-rtd-theme==0.5.2 \ + sphinxcontrib-applehelp==1.0.2 \ + sphinxcontrib-devhelp==1.0.2 \ + sphinxcontrib-htmlhelp==2.0.0 \ + sphinxcontrib-jsmath==1.0.1 \ + sphinxcontrib-programoutput==0.17 \ + sphinxcontrib-qthelp==1.0.3 \ + sphinxcontrib-robotdoc==0.11.0 \ + sphinxcontrib-serializinghtml==1.1.5 \ + ply==3.11 \ + jsonschema==4.1.0 \ + rfc3339-validator==0.1.4 \ + rfc3987==1.3.8 \ + alabaster==0.7.12 \ + attrs==21.4.0 \ + Babel==2.10.3 \ + bcrypt==3.2.2 \ + certifi==2022.6.15 \ + cffi==1.15.1 \ + chardet==4.0.0 \ + cryptography==36.0.2 \ + docutils==0.16 \ + future==0.18.2 \ + idna==2.10 \ + imagesize==1.4.1 \ + Jinja2==3.0.3 \ + jmespath==0.10.0 \ + MarkupSafe==2.1.1 \ + packaging==21.3 \ + pbr==5.9.0 \ + pycparser==2.21 \ + Pygments==2.12.0 \ + PyNaCl==1.5.0 \ + pyparsing==3.0.9 \ + pyrsistent==0.18.1 \ + python-dateutil==2.8.2 \ + pytz==2022.1 \ + resolvelib==0.5.4 \ + retrying==1.3.3 \ + s3transfer==0.4.2 \ + six==1.16.0 \ + snowballstemmer==2.2.0 \ + urllib3==1.26.10 + +RUN useradd -rm -d /home/testuser -s /bin/bash -g root -G sudo -u 1000 testuser \ + && echo 'testuser:Csit1234' | chpasswd + +RUN service ssh start \ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service new file mode 100644 index 0000000000..431387c95c --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-sut.service @@ -0,0 +1,12 @@ +[Unit] +Description=CSIT Initialize Docker SUT +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=True +ExecStart=docker compose -f /opt/csit-docker-images/docker-compose-sut.yaml up --detach +ExecStop=docker compose -f /opt/csit-docker-images/docker-compose-sut.yaml down + +[Install] +WantedBy=default.target diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service new file mode 100644 index 0000000000..2c93724a4c --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.service @@ -0,0 +1,12 @@ +[Unit] +Description=CSIT Initialize Docker TG +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=True +ExecStart=docker compose -f /opt/csit-docker-images/docker-compose-tg.yaml up --detach +ExecStop=docker compose -f /opt/csit-docker-images/docker-compose-tg.yaml down + +[Install] +WantedBy=default.target diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.sh b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.sh new file mode 100755 index 0000000000..0f93def8b5 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-initialize-docker-tg.sh @@ -0,0 +1,43 @@ +#!/usr/bin/env bash + +set -euo pipefail + +case "${1:-start}" in + "start" ) + # Run TG + for cnt in $(seq 1 ${2:-1}); do + docker network create --driver bridge csit-nw-tg${cnt} || true + # If the IMAGE is not already loaded then docker run will pull the + # IMAGE, and all image dependencies, before it starts the container. + dcr_image="base-ubuntu2204:local" + # Run the container in the background and print the new container + # ID. + dcr_stc_params="--detach=true " + # Give extended privileges to this container. A "privileged" + # container is given access to all devices and able to run nested + # containers. + dcr_stc_params+="--privileged " + # Publish all exposed ports to random ports on the host interfaces. + dcr_stc_params+="--publish 600${cnt}:2222 " + # Automatically remove the container when it exits. + dcr_stc_params+="--rm " + # Size of /dev/shm. + dcr_stc_params+="--shm-size 4G " + # Mount vfio to be able to bind to see binded interfaces. We cannot + # use --device=/dev/vfio as this does not see newly binded + # interfaces. + dcr_stc_params+="--volume /dev:/dev " + # Mount /opt/boot/ where VM kernel and initrd are located. + dcr_stc_params+="--volume /opt:/opt " + # Mount host hugepages for VMs. + dcr_stc_params+="--volume /dev/hugepages:/dev/hugepages " + + params=(${dcr_stc_params} --name csit-tg-"${cnt}" "${dcr_image}") + docker run --network=csit-nw-tg${cnt} "${params[@]}" + done + ;; + "stop" ) + docker rm --force $(docker ps --all --quiet --filter name=csit) + docker network rm $(docker network ls --filter name=csit --quiet) + ;; +esac diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile b/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile new file mode 100644 index 0000000000..26463db449 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-sut/Dockerfile @@ -0,0 +1,5 @@ +FROM base-ubuntu2204:local + +COPY supervisord.conf /etc/supervisor/supervisord.conf + +CMD ["sh", "-c", "rm -f /dev/shm/db /dev/shm/global_vm /dev/shm/vpe-api; /usr/bin/supervisord -c /etc/supervisor/supervisord.conf; /usr/sbin/sshd -D -p 2222"] \ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf b/fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf new file mode 100644 index 0000000000..22a36be5c6 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/files/csit-sut/supervisord.conf @@ -0,0 +1,24 @@ +[unix_http_server] +file = /tmp/supervisor.sock +chmod = 0777 + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[supervisorctl] +serverurl = unix:///tmp/supervisor.sock + +[supervisord] +pidfile = /tmp/supervisord.pid +identifier = supervisor +directory = /tmp +logfile = /tmp/supervisord.log +loglevel = debug +nodaemon = false + +[program:vpp] +command = /usr/bin/vpp -c /etc/vpp/startup.conf +autostart = false +autorestart = true +redirect_stderr = true +priority = 1 \ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/handlers/main.yaml b/fdio.infra.ansible/roles/docker_images/handlers/main.yaml new file mode 100644 index 0000000000..766eec432a --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/handlers/main.yaml @@ -0,0 +1,18 @@ +--- +# file: handlers/main.yaml + +- name: "Start csit-initialize-docker-sut.service" + ansible.builtin.systemd: + enabled: true + state: "started" + name: "csit-initialize-docker-sut.service" + tags: + - docker-sut + +- name: "Start csit-initialize-docker-tg.service" + ansible.builtin.systemd: + enabled: true + state: "started" + name: "csit-initialize-docker-tg.service" + tags: + - docker-tg \ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/base.yaml b/fdio.infra.ansible/roles/docker_images/tasks/base.yaml new file mode 100644 index 0000000000..69b3f6217d --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/base.yaml @@ -0,0 +1,63 @@ +--- +# file: tasks/base.yaml + +- name: "Create a Directory For Docker Images" + ansible.builtin.file: + path: "/opt/csit-docker-images/" + state: "directory" + mode: 0755 + tags: + - docker-base + +- name: "Copy Build Items" + ansible.builtin.copy: + src: "{{ item }}" + dest: "/opt/csit-docker-images/{{ item }}" + owner: "root" + group: "root" + mode: 0755 + with_items: + - "base/" + - "csit-sut/" + tags: + - docker-base + +- name: "Build CSIT Base Docker Image" + ansible.builtin.shell: "docker build -t base-ubuntu2204:local ." + args: + chdir: "/opt/csit-docker-images/base" + async: 3000 + poll: 0 + register: "docker_built" + tags: + - docker-base + +- name: "Check if CSIT Base Docker Image is Built" + async_status: + jid: "{{ docker_built.ansible_job_id }}" + register: "docker_built" + until: "docker_built.finished" + delay: 10 + retries: 300 + tags: + - docker-base + +- name: "Build CSIT OLD Docker Image" + ansible.builtin.shell: "docker build -t csit_sut-ubuntu2204:local ." + args: + chdir: "/opt/csit-docker-images/csit-sut" + async: 3000 + poll: 0 + register: "docker_built" + tags: + - docker-base + +- name: "Check if CSIT OLD Docker Image is Built" + async_status: + jid: "{{ docker_built.ansible_job_id }}" + register: "docker_built" + until: "docker_built.finished" + delay: 10 + retries: 300 + tags: + - docker-base \ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/main.yaml b/fdio.infra.ansible/roles/docker_images/tasks/main.yaml new file mode 100644 index 0000000000..1005e024f2 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/main.yaml @@ -0,0 +1,21 @@ +--- +# file: tasks/main.yaml + +- name: "Build Base Docker Images" + import_tasks: "base.yaml" + tags: + - docker-base + +- name: "Docker Orchestration for TG" + import_tasks: "tg.yaml" + when: > + docker_tg is defined + tags: + - docker-tg + +- name: "Docker Orchestration for SUT" + import_tasks: "sut.yaml" + when: > + docker_sut is defined + tags: + - docker-sut \ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/sut.yaml b/fdio.infra.ansible/roles/docker_images/tasks/sut.yaml new file mode 100644 index 0000000000..8ac179573d --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/sut.yaml @@ -0,0 +1,28 @@ +--- +# file: tasks/sut.yaml + +- name: "Template Compose File" + ansible.builtin.template: + src: "{{ item }}.j2" + dest: "/opt/csit-docker-images/{{ item }}" + owner: "root" + group: "root" + mode: 0755 + with_items: + - "docker-compose-sut.yaml" + tags: + - docker-sut + +- name: "Copy csit-initialize-docker-sut.service" + ansible.builtin.copy: + src: "files/csit-initialize-docker-sut.service" + dest: "/etc/systemd/system/" + owner: "root" + group: "root" + mode: 0644 + notify: + - "Start csit-initialize-docker-sut.service" + tags: + - docker-sut + +- meta: flush_handlers \ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/tasks/tg.yaml b/fdio.infra.ansible/roles/docker_images/tasks/tg.yaml new file mode 100644 index 0000000000..0623616073 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/tasks/tg.yaml @@ -0,0 +1,28 @@ +--- +# file: tasks/tg.yaml + +- name: "Template Compose File" + ansible.builtin.template: + src: "{{ item }}.j2" + dest: "/opt/csit-docker-images/{{ item }}" + owner: "root" + group: "root" + mode: 0755 + with_items: + - "docker-compose-tg.yaml" + tags: + - docker-tg + +- name: "Start csit-initialize-docker-tg.service" + ansible.builtin.copy: + src: "files/csit-initialize-docker-tg.service" + dest: "/etc/systemd/system/" + owner: "root" + group: "root" + mode: 0644 + notify: + - "Start csit-initialize-docker-tg.service" + tags: + - docker-tg + +- meta: flush_handlers \ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/templates/docker-compose-sut.yaml.j2 b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-sut.yaml.j2 new file mode 100644 index 0000000000..bcb29f1ae0 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-sut.yaml.j2 @@ -0,0 +1,64 @@ +version: "3" +services: + numa-0: + build: + context: "base/" + dockerfile: "Dockerfile" + command: ["/usr/sbin/sshd","-D", "-p", "6001"] + expose: + - "6001" + hostname: "{{ ansible_hostname[:-1] }}1" + network_mode: "host" + privileged: true + restart: "always" + shm_size: "4G" + devices: + - "/dev/hugepages:/dev/hugepages" + - "/dev/vfio:/dev/vfio" + volumes: + - type: "bind" + source: "/etc/sudoers" + target: "/etc/sudoers" + - type: "bind" + source: "/dev/null" + target: "/etc/sysctl.d/80-vpp.conf" + - type: "bind" + source: "/opt/boot/" + target: "/opt/boot/" + - type: "bind" + source: "/var/run/docker.sock" + target: "/var/run/docker.sock" + - type: "bind" + source: "/usr/lib/firmware/" + target: "/usr/lib/firmware/" + numa-1: + build: + context: "base/" + dockerfile: "Dockerfile" + command: ["/usr/sbin/sshd","-D", "-p", "6002"] + expose: + - "6002" + hostname: "{{ ansible_hostname[:-1] }}2" + network_mode: "host" + privileged: true + restart: "always" + shm_size: "4G" + devices: + - "/dev/hugepages:/dev/hugepages" + - "/dev/vfio:/dev/vfio" + volumes: + - type: "bind" + source: "/etc/sudoers" + target: "/etc/sudoers" + - type: "bind" + source: "/dev/null" + target: "/etc/sysctl.d/80-vpp.conf" + - type: "bind" + source: "/opt/boot/" + target: "/opt/boot/" + - type: "bind" + source: "/var/run/docker.sock" + target: "/var/run/docker.sock" + - type: "bind" + source: "/usr/lib/firmware/" + target: "/usr/lib/firmware/" \ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker_images/templates/docker-compose-tg.yaml.j2 b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-tg.yaml.j2 new file mode 100644 index 0000000000..0cbe6c5590 --- /dev/null +++ b/fdio.infra.ansible/roles/docker_images/templates/docker-compose-tg.yaml.j2 @@ -0,0 +1,61 @@ +version: "3" +services: + tg-0: + build: + context: "base/" + dockerfile: "Dockerfile" + command: ["/usr/sbin/sshd","-D", "-p", "6001"] + expose: + - "6001" + hostname: "{{ ansible_hostname }}" + networks: + tg-nw-0: + privileged: true + ports: + - "6001:6001" + restart: "always" + shm_size: "4G" + devices: + - "/dev/hugepages:/dev/hugepages" + - "/dev/vfio:/dev/vfio" + volumes: + - type: "bind" + source: "/etc/sudoers" + target: "/etc/sudoers" + - type: "bind" + source: "/opt/" + target: "/opt/" + - type: "bind" + source: "/usr/lib/firmware/" + target: "/usr/lib/firmware/" + tg-1: + build: + context: "base/" + dockerfile: "Dockerfile" + command: ["/usr/sbin/sshd","-D", "-p", "6002"] + expose: + - "6002" + hostname: "{{ ansible_hostname }}" + networks: + tg-nw-1: + privileged: true + ports: + - "6002:6002" + restart: "always" + shm_size: "4G" + devices: + - "/dev/hugepages:/dev/hugepages" + - "/dev/vfio:/dev/vfio" + volumes: + - type: "bind" + source: "/etc/sudoers" + target: "/etc/sudoers" + - type: "bind" + source: "/opt/" + target: "/opt/" + - type: "bind" + source: "/usr/lib/firmware/" + target: "/usr/lib/firmware/" +networks: + tg-nw-0: + tg-nw-1: \ No newline at end of file diff --git a/fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.service b/fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.service deleted file mode 100644 index 11911201d5..0000000000 --- a/fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=CSIT Initialize Docker TG -After=network.target - -[Service] -Type=oneshot -RemainAfterExit=True -ExecStart=/usr/local/bin/csit-initialize-docker-tg.sh start 2 -ExecStop=/usr/local/bin/csit-initialize-docker-tg.sh stop - -[Install] -WantedBy=default.target diff --git a/fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.sh b/fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.sh deleted file mode 100755 index 7776b4488d..0000000000 --- a/fdio.infra.ansible/roles/tg/files/csit-initialize-docker-tg.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/env bash - -# Copyright (c) 2021 Cisco and/or its affiliates. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at: -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# CSIT SRIOV VF initialization and isolation. - -set -euo pipefail - -case "${1:-start}" in - "start" ) - # Run TG - for cnt in $(seq 1 ${2:-1}); do - docker network create --driver bridge csit-nw-tg${cnt} || true - # If the IMAGE is not already loaded then docker run will pull the - # IMAGE, and all image dependencies, before it starts the container. - dcr_image="csit_sut-ubuntu2204:local" - # Run the container in the background and print the new container - # ID. - dcr_stc_params="--detach=true " - # Give extended privileges to this container. A "privileged" - # container is given access to all devices and able to run nested - # containers. - dcr_stc_params+="--privileged " - # Publish all exposed ports to random ports on the host interfaces. - dcr_stc_params+="--publish 600${cnt}:2222 " - # Automatically remove the container when it exits. - dcr_stc_params+="--rm " - # Size of /dev/shm. - dcr_stc_params+="--shm-size 4G " - # Mount vfio to be able to bind to see binded interfaces. We cannot - # use --device=/dev/vfio as this does not see newly binded - # interfaces. - dcr_stc_params+="--volume /dev:/dev " - # Mount /opt/boot/ where VM kernel and initrd are located. - dcr_stc_params+="--volume /opt:/opt " - # Mount host hugepages for VMs. - dcr_stc_params+="--volume /dev/hugepages:/dev/hugepages " - - params=(${dcr_stc_params} --name csit-tg-"${cnt}" "${dcr_image}") - docker run --network=csit-nw-tg${cnt} "${params[@]}" - done - ;; - "stop" ) - docker rm --force $(docker ps --all --quiet --filter name=csit) - docker network rm $(docker network ls --filter name=csit --quiet) - ;; -esac diff --git a/fdio.infra.ansible/roles/tg/handlers/main.yaml b/fdio.infra.ansible/roles/tg/handlers/main.yaml deleted file mode 100644 index 7edd60dc5b..0000000000 --- a/fdio.infra.ansible/roles/tg/handlers/main.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -# file: roles/tg/handlers/main.yaml - -- name: Start csit-initialize-docker-tg.service - ansible.builtin.systemd: - enabled: true - state: "started" - name: "csit-initialize-docker-tg.service" - tags: - - docker-tg diff --git a/fdio.infra.ansible/roles/tg/tasks/main.yaml b/fdio.infra.ansible/roles/tg/tasks/main.yaml deleted file mode 100644 index 1893fb4a93..0000000000 --- a/fdio.infra.ansible/roles/tg/tasks/main.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# file: roles/tg/tasks/main.yaml - -- name: Conf - csit-initialize-docker-tg.sh - ansible.builtin.copy: - src: "files/csit-initialize-docker-tg.sh" - dest: "/usr/local/bin/csit-initialize-docker-tg.sh" - owner: "root" - group: "root" - mode: 0744 - when: - - docker_tg is defined - tags: - - tg-conf-docker - -- name: Conf - Start csit-initialize-docker-tg.service - ansible.builtin.copy: - src: "files/csit-initialize-docker-tg.service" - dest: "/etc/systemd/system/" - owner: "root" - group: "root" - mode: 0644 - notify: - - "Start csit-initialize-docker-tg.service" - when: - - docker_tg is defined - tags: - - tg-conf-docker - -- meta: flush_handlers diff --git a/fdio.infra.ansible/sut.yaml b/fdio.infra.ansible/sut.yaml index d0faad10a7..5ce6cbe7b5 100644 --- a/fdio.infra.ansible/sut.yaml +++ b/fdio.infra.ansible/sut.yaml @@ -26,14 +26,14 @@ tags: intel - role: docker tags: docker + - role: docker_images + tags: docker_images - role: vpp tags: vpp - role: dpdk tags: dpdk - role: kernel_vm tags: kernel_vm - - role: csit_sut_image - tags: csit_sut_image - role: performance_tuning tags: performance_tuning - role: cleanup diff --git a/fdio.infra.ansible/tg.yaml b/fdio.infra.ansible/tg.yaml index b6f1f06d7a..d9e6c83566 100644 --- a/fdio.infra.ansible/tg.yaml +++ b/fdio.infra.ansible/tg.yaml @@ -26,16 +26,14 @@ tags: intel - role: docker tags: docker + - role: docker_images + tags: docker_images - role: iperf tags: iperf - role: trex tags: trex - role: ab tags: ab - - role: tg - tags: tg - - role: csit_sut_image - tags: csit_sut_image - role: performance_tuning tags: performance_tuning - role: cleanup @@ -64,8 +62,6 @@ tags: dpdk - role: docker tags: docker - - role: tg - tags: tg - role: iperf tags: iperf - role: aws @@ -97,8 +93,6 @@ tags: python_env - role: docker tags: docker - - role: tg - tags: tg - role: iperf tags: iperf - role: trex diff --git a/fdio.infra.ansible/vpp_device.yaml b/fdio.infra.ansible/vpp_device.yaml index ced882a148..dfd0434336 100644 --- a/fdio.infra.ansible/vpp_device.yaml +++ b/fdio.infra.ansible/vpp_device.yaml @@ -24,6 +24,8 @@ tags: intel - role: docker tags: docker + - role: docker_images + tags: docker_images - role: nomad tags: nomad - role: consul @@ -36,7 +38,5 @@ tags: vpp_device - role: kernel_vm tags: kernel_vm - - role: csit_sut_image - tags: csit_sut_image - role: cleanup tags: cleanup -- cgit 1.2.3-korg