summaryrefslogtreecommitdiffstats
path: root/installation/ansible-server/src/main/Playbooks
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2019-01-23 11:14:30 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2019-01-30 14:34:37 +0100
commit80020fa702bd05f04d5b1f6b5fc4b33c3a9d62af (patch)
treefe6053a86b5c93cc5c326eee980e176927780cda /installation/ansible-server/src/main/Playbooks
parentfe8d3bc523ac928f5cf7d9a9951d584b333e21f5 (diff)
reduce sdnc-ansible-server image footprint
Project "CIA" scope is to provide smaller and multi architecture docker images. This proposition aims to do that for sdnc-ansible-server. The current size of this proposal is 139mb compared to the 618Mb image proposed before (and before actual ansible installation). Principles used are the following: 1. a "basic" `docker build .` should provide a working image; 2. use the smallest (and multi arch) base image possibe; 3. install necessary stuff only; 4. leverage python best practices for installation; 5. remove installation stuff occuring at run level and move them to build level. * Dockerfile is now at the root part; * ansible configuration file `ansible.cfg` is created and put in `configuration` folder; * ansible configuration file `ansible.cfg` is pushed during the build part with a reproductible process; * `python` files are on `ansible-server" folder so copying during build works out of the box; * yml files are put directly on `ansible-server/Playbooks` so copying during build works out the box; * Dockerfile base image is now alpine:3.8; * `timeout` executable being now from busybox, change in the command-line call has been made (`--signal` is now `-s` and `-t` is set before setting the timeout value). * Only install python and python-pip as alpine package and remove build dependencies package after use. * put all python requirements in `requirements.txt` package and launch pip installation command with this file. * call directly python main script (`RestServer.py`) as entrypoint and do the python installation stuff at build time. - [x] change pom.xml so building parts works - [ ] consider changing destination folder (`/opt/ansible-server/`) to the ancient one (`/opt/onap/ccsdk/`) if this is problematic Change-Id: I6295d7c2d1ed631e1842350581234686d704c1bf Issue-ID: INT-816 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Former-commit-id: 4fe3b43a0d30a15ceed58c695d2a72c5382fded6
Diffstat (limited to 'installation/ansible-server/src/main/Playbooks')
-rw-r--r--installation/ansible-server/src/main/Playbooks/Ansible_inventory26
-rw-r--r--installation/ansible-server/src/main/Playbooks/ansible_huawei_postcheck@0.00.yml21
-rw-r--r--installation/ansible-server/src/main/Playbooks/ansible_huawei_precheck@0.00.yml21
-rw-r--r--installation/ansible-server/src/main/Playbooks/ansible_huawei_upgrade@0.00.yml21
-rw-r--r--installation/ansible-server/src/main/Playbooks/ansible_postcheck@0.00.yml6
-rwxr-xr-xinstallation/ansible-server/src/main/Playbooks/ansible_postcheck_jq@0.00.yml10
-rw-r--r--installation/ansible-server/src/main/Playbooks/ansible_precheck@0.00.yml6
-rwxr-xr-xinstallation/ansible-server/src/main/Playbooks/ansible_precheck_jq@0.00.yml10
-rw-r--r--installation/ansible-server/src/main/Playbooks/ansible_pyver@0.00.yml6
-rwxr-xr-xinstallation/ansible-server/src/main/Playbooks/ansible_quiescetraffic@0.00.yml6
-rwxr-xr-xinstallation/ansible-server/src/main/Playbooks/ansible_resumetraffic@0.00.yml6
-rw-r--r--installation/ansible-server/src/main/Playbooks/ansible_sleep@0.00.yml41
-rw-r--r--installation/ansible-server/src/main/Playbooks/ansible_upgradesw@0.00.yml17
-rwxr-xr-xinstallation/ansible-server/src/main/Playbooks/ansible_upgradesw_insjq@0.00.yml9
-rwxr-xr-xinstallation/ansible-server/src/main/Playbooks/ansible_upgradesw_remjq@0.00.yml9
-rw-r--r--installation/ansible-server/src/main/Playbooks/ansible_vfw_distributetraffic@0.00.yml110
16 files changed, 325 insertions, 0 deletions
diff --git a/installation/ansible-server/src/main/Playbooks/Ansible_inventory b/installation/ansible-server/src/main/Playbooks/Ansible_inventory
new file mode 100644
index 00000000..4fffb37f
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/Ansible_inventory
@@ -0,0 +1,26 @@
+# /*-
+# * ============LICENSE_START=======================================================
+# * ONAP : APPC
+# * ================================================================================
+# * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# * ================================================================================
+# * Copyright (C) 2017 Amdocs
+# * =============================================================================
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+# *
+# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+# * ============LICENSE_END=========================================================
+# */
+
+[host]
+localhost ansible_connection=local
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_huawei_postcheck@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_huawei_postcheck@0.00.yml
new file mode 100644
index 00000000..0711e40a
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_huawei_postcheck@0.00.yml
@@ -0,0 +1,21 @@
+---
+- hosts: all
+ tasks:
+ - name: create a temporary file for additional data
+ file:
+ path: /tmp/tmp-{{Id}}
+ state: touch
+ become: false
+
+ - name: prepare additional data
+ shell: echo {{additionalData}} > /tmp/tmp-{{Id}}
+ become: false
+
+ - name: execute post-check operation
+ shell: ./swm/upgrade-post-check.sh {{pnfId}} {{oldSwVersion}} {{targetSwVersion}} {{ruleName}} /tmp/tmp-{{Id}}
+
+ - name: remove the temporary file
+ file:
+ path: /tmp/tmp-{{Id}}
+ state: absent
+ become: false
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_huawei_precheck@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_huawei_precheck@0.00.yml
new file mode 100644
index 00000000..b6614b65
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_huawei_precheck@0.00.yml
@@ -0,0 +1,21 @@
+---
+- hosts: all
+ tasks:
+ - name: create a temporary file for additional data
+ file:
+ path: /tmp/tmp-{{Id}}
+ state: touch
+ become: false
+
+ - name: prepare additional data
+ shell: echo {{additionalData}} > /tmp/tmp-{{Id}}
+ become: false
+
+ - name: execute pre-check operation
+ shell: ./swm/upgrade-pre-check.sh {{pnfId}} {{oldSwVersion}} {{targetSwVersion}} {{ruleName}} /tmp/tmp-{{Id}}
+
+ - name: remove the temporary file
+ file:
+ path: /tmp/tmp-{{Id}}
+ state: absent
+ become: false
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_huawei_upgrade@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_huawei_upgrade@0.00.yml
new file mode 100644
index 00000000..87e84ab1
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_huawei_upgrade@0.00.yml
@@ -0,0 +1,21 @@
+---
+- hosts: all
+ tasks:
+ - name: create a temporary file for additional data
+ file:
+ path: /tmp/tmp-{{Id}}
+ state: touch
+ become: false
+
+ - name: prepare additional data
+ shell: echo {{additionalData}} > /tmp/tmp-{{Id}}
+ become: false
+
+ - name: execute upgrade software operation
+ shell: ./swm/upgrade-software.sh {{pnfId}} {{oldSwVersion}} {{targetSwVersion}} /tmp/tmp-{{Id}}
+
+ - name: remove the temporary file
+ file:
+ path: /tmp/tmp-{{Id}}
+ state: absent
+ become: false
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_postcheck@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_postcheck@0.00.yml
new file mode 100644
index 00000000..199bc50c
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_postcheck@0.00.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+ tasks:
+ - name: check the vpp version
+ shell: vppctl show version | grep v17.07.01-release
+ become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_postcheck_jq@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_postcheck_jq@0.00.yml
new file mode 100755
index 00000000..18d20edf
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_postcheck_jq@0.00.yml
@@ -0,0 +1,10 @@
+---
+- hosts: all
+ tasks:
+ - name: check jq is not installed
+ stat:
+ path: /usr/bin/jq
+ register: abc
+ - fail:
+ msg: "jq is not installed"
+ when: abc.stat.exists == false
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_precheck@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_precheck@0.00.yml
new file mode 100644
index 00000000..e596aa29
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_precheck@0.00.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+ tasks:
+ - name: check the vpp version
+ shell: vppctl show version | grep v17.04.2-release
+ become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_precheck_jq@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_precheck_jq@0.00.yml
new file mode 100755
index 00000000..00470807
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_precheck_jq@0.00.yml
@@ -0,0 +1,10 @@
+---
+- hosts: all
+ tasks:
+ - name: check jq is not installed
+ stat:
+ path: /usr/bin/jq
+ register: abc
+ - fail:
+ msg: "jq is already installed"
+ when: abc.stat.exists == true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_pyver@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_pyver@0.00.yml
new file mode 100644
index 00000000..ad90e54b
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_pyver@0.00.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+ tasks:
+ - name: check the python version
+ shell: python --version 2>&1 | grep 2.7.12
+ become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_quiescetraffic@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_quiescetraffic@0.00.yml
new file mode 100755
index 00000000..000bc488
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_quiescetraffic@0.00.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+ tasks:
+ - name: Set vG to vG-MUX interface down
+ shell: vppctl set int state GigabitEthernet0/4/0 down
+ become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_resumetraffic@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_resumetraffic@0.00.yml
new file mode 100755
index 00000000..32ebfc94
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_resumetraffic@0.00.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+ tasks:
+ - name: Set vG to vG-MUX interface up
+ shell: vppctl set int state GigabitEthernet0/4/0 up
+ become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_sleep@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_sleep@0.00.yml
new file mode 100644
index 00000000..345f5e49
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_sleep@0.00.yml
@@ -0,0 +1,41 @@
+# /*-
+# * ============LICENSE_START=======================================================
+# * ONAP : APPC
+# * ================================================================================
+# * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# * ================================================================================
+# * Copyright (C) 2017 Amdocs
+# * =============================================================================
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+# *
+# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+# * ============LICENSE_END=========================================================
+# */
+
+- hosts: all
+
+ # Mandatory:
+ vars:
+ sleep_time: "{{Sleep|default(10)}}"
+
+ tasks:
+
+ - debug:
+ msg: "Sleep time: {{ sleep_time }}"
+
+ - name: sleep
+ shell: sleep {{ sleep_time }}
+
+
+ - debug:
+ msg: "Done"
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_upgradesw@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw@0.00.yml
new file mode 100644
index 00000000..886705db
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw@0.00.yml
@@ -0,0 +1,17 @@
+---
+- hosts: all
+ tasks:
+ - name: add fd.io repository
+ lineinfile:
+ path: /etc/apt/sources.list.d/99fd.io.list
+ state: present
+ create: yes
+ regexp: 'fd.io.stable.1707'
+ line: 'deb [trusted=yes] https://nexus.fd.io/content/repositories/fd.io.stable.1707.ubuntu.xenial.main/ ./'
+ become: true
+ - name: upgrade vpp software
+ apt:
+ name: vpp
+ state: latest
+ update_cache: yes
+ become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_insjq@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_insjq@0.00.yml
new file mode 100755
index 00000000..ec1d2de6
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_insjq@0.00.yml
@@ -0,0 +1,9 @@
+---
+- hosts: all
+ tasks:
+ - name: install jq package
+ apt:
+ name: jq
+ state: latest
+ update_cache: yes
+ become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_remjq@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_remjq@0.00.yml
new file mode 100755
index 00000000..c5be6330
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_remjq@0.00.yml
@@ -0,0 +1,9 @@
+---
+- hosts: all
+ tasks:
+ - name: remove jq package
+ apt:
+ name: jq
+ state: absent
+ update_cache: yes
+ become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_vfw_distributetraffic@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_vfw_distributetraffic@0.00.yml
new file mode 100644
index 00000000..aeffe62f
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_vfw_distributetraffic@0.00.yml
@@ -0,0 +1,110 @@
+---
+- hosts: all
+ gather_facts: no
+ tasks:
+ - include_vars: "{{ ConfigFileName }}"
+ - debug: var=fwIp
+ failed_when: fwIp is not defined
+ - debug: var=sinkIp
+ failed_when: sinkIp is not defined
+ - name: Read PKG IP
+ shell: cat /opt/config/vpg_private_ip_0.txt
+ register: pkgIp
+ become: true
+ - name: Read OLD FW IP
+ shell: cat /opt/config/fw_ipaddr.txt
+ register: oldFwIp
+ become: true
+ - name: Read OLD SINK IP
+ shell: cat /opt/config/sink_ipaddr.txt
+ register: oldSinkIp
+ become: true
+ - name: Read protected net CIDR
+ shell: cat /opt/config/protected_net_cidr.txt
+ register: protectedCidr
+ become: true
+ - debug: var=pkgIp.stdout
+ - debug: var=oldFwIp.stdout
+ - debug: var=oldSinkIp.stdout
+ - debug: var=protectedCidr.stdout
+ - debug:
+ msg: "FW IP has not been changed"
+ when: oldFwIp.stdout == fwIp
+ - block:
+ - name: Remove OLD FW IP route
+ shell: vppctl ip route del {{ protectedCidr.stdout }} via {{ oldFwIp.stdout }}
+ - name: Add NEW FW IP route
+ shell: vppctl ip route add {{ protectedCidr.stdout }} via {{ fwIp }}
+ - name: Save NEW FW IP address
+ shell: echo {{ fwIp }} > /opt/config/fw_ipaddr.txt
+ - debug:
+ msg: "FW IP has been changed"
+ become: true
+ when: oldFwIp.stdout != fwIp
+ - debug:
+ msg: "SINK IP has not been changed"
+ when: oldSinkIp.stdout == sinkIp
+ - block:
+ - block:
+ - name: Modify packet stream files
+ debug:
+ msg: "Modify packet stream files"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp1"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp2"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp3"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp4"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp5"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp6"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp7"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp8"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp9"
+ - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp10"
+ - block:
+ - name: Delete old streams
+ debug:
+ msg: "Delete old streams"
+ - shell: vppctl packet-generator delete fw_udp1
+ - shell: vppctl packet-generator delete fw_udp2
+ - shell: vppctl packet-generator delete fw_udp3
+ - shell: vppctl packet-generator delete fw_udp4
+ - shell: vppctl packet-generator delete fw_udp5
+ - shell: vppctl packet-generator delete fw_udp6
+ - shell: vppctl packet-generator delete fw_udp7
+ - shell: vppctl packet-generator delete fw_udp8
+ - shell: vppctl packet-generator delete fw_udp9
+ - shell: vppctl packet-generator delete fw_udp10
+ - block:
+ - name: Install new streams
+ debug:
+ msg: "Install new streams"
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp1
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp2
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp3
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp4
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp5
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp6
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp7
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp8
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp9
+ - shell: vppctl exec /opt/pg_streams/stream_fw_udp10
+ - block:
+ - name: Enable new streams
+ debug:
+ msg: "Enable new streams"
+ - shell: vppctl packet-generator enable fw_udp1
+ - shell: vppctl packet-generator enable fw_udp2
+ - shell: vppctl packet-generator enable fw_udp3
+ - shell: vppctl packet-generator enable fw_udp4
+ - shell: vppctl packet-generator enable fw_udp5
+ - shell: vppctl packet-generator enable fw_udp6
+ - shell: vppctl packet-generator enable fw_udp7
+ - shell: vppctl packet-generator enable fw_udp8
+ - shell: vppctl packet-generator enable fw_udp9
+ - shell: vppctl packet-generator enable fw_udp10
+ - name: Save NEW SINK IP address
+ shell: echo {{ sinkIp }} > /opt/config/sink_ipaddr.txt
+ - debug:
+ msg: "SINK IP has been changed"
+ become: true
+ when: oldSinkIp.stdout != sinkIp
+