reduce sdnc-ansible-server image footprint

Project "CIA" scope is to provide smaller and multi architecture docker images. This proposition aims to do that for sdnc-ansible-server. The current size of this proposal is 139mb compared to the 618Mb image proposed before (and before actual ansible installation). Principles used are the following: 1. a "basic" `docker build .` should provide a working image; 2. use the smallest (and multi arch) base image possibe; 3. install necessary stuff only; 4. leverage python best practices for installation; 5. remove installation stuff occuring at run level and move them to build level. * Dockerfile is now at the root part; * ansible configuration file `ansible.cfg` is created and put in `configuration` folder; * ansible configuration file `ansible.cfg` is pushed during the build part with a reproductible process; * `python` files are on `ansible-server" folder so copying during build works out of the box; * yml files are put directly on `ansible-server/Playbooks` so copying during build works out the box; * Dockerfile base image is now alpine:3.8; * `timeout` executable being now from busybox, change in the command-line call has been made (`--signal` is now `-s` and `-t` is set before setting the timeout value). * Only install python and python-pip as alpine package and remove build dependencies package after use. * put all python requirements in `requirements.txt` package and launch pip installation command with this file. * call directly python main script (`RestServer.py`) as entrypoint and do the python installation stuff at build time. - [x] change pom.xml so building parts works - [ ] consider changing destination folder (`/opt/ansible-server/`) to the ancient one (`/opt/onap/ccsdk/`) if this is problematic Change-Id: I6295d7c2d1ed631e1842350581234686d704c1bf Issue-ID: INT-816 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Former-commit-id: 4fe3b43a0d30a15ceed58c695d2a72c5382fded6
author: Sylvain Desbureaux <sylvain.desbureaux@orange.com> 2019-01-23 11:14:30 +0100
committer: Sylvain Desbureaux <sylvain.desbureaux@orange.com> 2019-01-30 14:34:37 +0100
commit: 80020fa702bd05f04d5b1f6b5fc4b33c3a9d62af (patch)
tree: fe6053a86b5c93cc5c326eee980e176927780cda /installation/ansible-server/src/main/Playbooks
parent: fe8d3bc523ac928f5cf7d9a9951d584b333e21f5 (diff)
16 files changed, 325 insertions, 0 deletions
diff --git a/installation/ansible-server/src/main/Playbooks/Ansible_inventory b/installation/ansible-server/src/main/Playbooks/Ansible_inventory
new file mode 100644
index 00000000..4fffb37f
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/Ansible_inventory
@@ -0,0 +1,26 @@
+# /*-
+# * ============LICENSE_START=======================================================
+# * ONAP : APPC
+# * ================================================================================
+# * Copyright (C) 2017 AT&T Intellectual Property.  All rights reserved.
+# * ================================================================================
+# * Copyright (C) 2017 Amdocs
+# * =============================================================================
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# *      http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+# *
+# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+# * ============LICENSE_END=========================================================
+# */
+
+[host]
+localhost   ansible_connection=local
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_huawei_postcheck@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_huawei_postcheck@0.00.yml
new file mode 100644
index 00000000..0711e40a
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_huawei_postcheck@0.00.yml
@@ -0,0 +1,21 @@
+---
+- hosts: all
+  tasks:
+  - name: create a temporary file for additional data
+    file: 
+        path: /tmp/tmp-{{Id}}
+        state: touch
+    become: false
+
+  - name: prepare additional data
+    shell: echo {{additionalData}} > /tmp/tmp-{{Id}}
+    become: false
+
+  - name: execute post-check operation
+    shell: ./swm/upgrade-post-check.sh {{pnfId}} {{oldSwVersion}} {{targetSwVersion}} {{ruleName}} /tmp/tmp-{{Id}}
+
+  - name: remove the temporary file
+    file:
+        path: /tmp/tmp-{{Id}}
+        state: absent
+    become: false
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_huawei_precheck@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_huawei_precheck@0.00.yml
new file mode 100644
index 00000000..b6614b65
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_huawei_precheck@0.00.yml
@@ -0,0 +1,21 @@
+---
+- hosts: all
+  tasks:
+  - name: create a temporary file for additional data
+    file: 
+        path: /tmp/tmp-{{Id}}
+        state: touch
+    become: false
+
+  - name: prepare additional data
+    shell: echo {{additionalData}} > /tmp/tmp-{{Id}}
+    become: false
+
+  - name: execute pre-check operation
+    shell: ./swm/upgrade-pre-check.sh {{pnfId}} {{oldSwVersion}} {{targetSwVersion}} {{ruleName}} /tmp/tmp-{{Id}}
+
+  - name: remove the temporary file
+    file:
+        path: /tmp/tmp-{{Id}}
+        state: absent
+    become: false
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_huawei_upgrade@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_huawei_upgrade@0.00.yml
new file mode 100644
index 00000000..87e84ab1
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_huawei_upgrade@0.00.yml
@@ -0,0 +1,21 @@
+---
+- hosts: all
+  tasks:
+  - name: create a temporary file for additional data
+    file: 
+        path: /tmp/tmp-{{Id}}
+        state: touch
+    become: false
+
+  - name: prepare additional data
+    shell: echo {{additionalData}} > /tmp/tmp-{{Id}}
+    become: false
+
+  - name: execute upgrade software operation
+    shell: ./swm/upgrade-software.sh {{pnfId}} {{oldSwVersion}} {{targetSwVersion}} /tmp/tmp-{{Id}}
+
+  - name: remove the temporary file
+    file:
+        path: /tmp/tmp-{{Id}}
+        state: absent
+    become: false
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_postcheck@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_postcheck@0.00.yml
new file mode 100644
index 00000000..199bc50c
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_postcheck@0.00.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+  tasks:
+  - name: check the vpp version
+    shell: vppctl show version | grep v17.07.01-release
+    become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_postcheck_jq@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_postcheck_jq@0.00.yml
new file mode 100755
index 00000000..18d20edf
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_postcheck_jq@0.00.yml
@@ -0,0 +1,10 @@
+---
+- hosts: all
+  tasks:
+  - name: check jq is not installed
+    stat:
+      path: /usr/bin/jq
+    register: abc
+  - fail:
+      msg: "jq is not installed"
+    when: abc.stat.exists == false
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_precheck@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_precheck@0.00.yml
new file mode 100644
index 00000000..e596aa29
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_precheck@0.00.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+  tasks:
+  - name: check the vpp version
+    shell: vppctl show version | grep v17.04.2-release
+    become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_precheck_jq@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_precheck_jq@0.00.yml
new file mode 100755
index 00000000..00470807
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_precheck_jq@0.00.yml
@@ -0,0 +1,10 @@
+---
+- hosts: all
+  tasks:
+  - name: check jq is not installed
+    stat:
+      path: /usr/bin/jq
+    register: abc
+  - fail:
+      msg: "jq is already installed"
+    when: abc.stat.exists == true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_pyver@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_pyver@0.00.yml
new file mode 100644
index 00000000..ad90e54b
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_pyver@0.00.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+  tasks:
+  - name: check the python version
+    shell: python --version  2>&1 | grep 2.7.12
+    become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_quiescetraffic@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_quiescetraffic@0.00.yml
new file mode 100755
index 00000000..000bc488
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_quiescetraffic@0.00.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+  tasks:
+  - name: Set vG to vG-MUX interface down
+    shell: vppctl set int state GigabitEthernet0/4/0 down 
+    become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_resumetraffic@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_resumetraffic@0.00.yml
new file mode 100755
index 00000000..32ebfc94
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_resumetraffic@0.00.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+  tasks:
+  - name: Set vG to vG-MUX interface up
+    shell: vppctl set int state GigabitEthernet0/4/0 up 
+    become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_sleep@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_sleep@0.00.yml
new file mode 100644
index 00000000..345f5e49
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_sleep@0.00.yml
@@ -0,0 +1,41 @@
+# /*-
+# * ============LICENSE_START=======================================================
+# * ONAP : APPC
+# * ================================================================================
+# * Copyright (C) 2017 AT&T Intellectual Property.  All rights reserved.
+# * ================================================================================
+# * Copyright (C) 2017 Amdocs
+# * =============================================================================
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# *      http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+# *
+# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+# * ============LICENSE_END=========================================================
+# */
+
+- hosts: all
+
+  # Mandatory:
+  vars:
+      sleep_time: "{{Sleep|default(10)}}"
+
+  tasks:
+
+    - debug:
+        msg: "Sleep time: {{ sleep_time }}"
+
+    - name: sleep
+      shell: sleep {{ sleep_time }}
+
+
+    - debug:
+        msg: "Done"
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_upgradesw@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw@0.00.yml
new file mode 100644
index 00000000..886705db
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw@0.00.yml
@@ -0,0 +1,17 @@
+---
+- hosts: all
+  tasks:
+  - name: add fd.io repository
+    lineinfile:
+      path: /etc/apt/sources.list.d/99fd.io.list
+      state: present
+      create: yes
+      regexp: 'fd.io.stable.1707'
+      line: 'deb [trusted=yes] https://nexus.fd.io/content/repositories/fd.io.stable.1707.ubuntu.xenial.main/ ./'
+    become: true
+  - name: upgrade vpp software
+    apt:
+      name: vpp
+      state: latest
+      update_cache: yes
+    become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_insjq@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_insjq@0.00.yml
new file mode 100755
index 00000000..ec1d2de6
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_insjq@0.00.yml
@@ -0,0 +1,9 @@
+---
+- hosts: all
+  tasks:
+  - name: install jq package
+    apt:
+      name: jq
+      state: latest
+      update_cache: yes
+    become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_remjq@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_remjq@0.00.yml
new file mode 100755
index 00000000..c5be6330
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_upgradesw_remjq@0.00.yml
@@ -0,0 +1,9 @@
+---
+- hosts: all
+  tasks:
+  - name: remove jq package
+    apt:
+      name: jq
+      state: absent
+      update_cache: yes
+    become: true
diff --git a/installation/ansible-server/src/main/Playbooks/ansible_vfw_distributetraffic@0.00.yml b/installation/ansible-server/src/main/Playbooks/ansible_vfw_distributetraffic@0.00.yml
new file mode 100644
index 00000000..aeffe62f
--- /dev/null
+++ b/installation/ansible-server/src/main/Playbooks/ansible_vfw_distributetraffic@0.00.yml
@@ -0,0 +1,110 @@
+---
+- hosts: all
+  gather_facts: no
+  tasks:
+    - include_vars: "{{ ConfigFileName }}"
+    - debug: var=fwIp
+      failed_when: fwIp is not defined
+    - debug: var=sinkIp
+      failed_when: sinkIp is not defined
+    - name: Read PKG IP
+      shell: cat /opt/config/vpg_private_ip_0.txt
+      register: pkgIp
+      become: true
+    - name: Read OLD FW IP
+      shell: cat /opt/config/fw_ipaddr.txt
+      register: oldFwIp
+      become: true
+    - name: Read OLD SINK IP
+      shell: cat /opt/config/sink_ipaddr.txt
+      register: oldSinkIp
+      become: true
+    - name: Read protected net CIDR
+      shell: cat /opt/config/protected_net_cidr.txt
+      register: protectedCidr
+      become: true
+    - debug: var=pkgIp.stdout
+    - debug: var=oldFwIp.stdout
+    - debug: var=oldSinkIp.stdout
+    - debug: var=protectedCidr.stdout
+    - debug: 
+        msg: "FW IP has not been changed"
+      when: oldFwIp.stdout == fwIp
+    - block:
+        - name: Remove OLD FW IP route
+          shell: vppctl ip route del {{ protectedCidr.stdout }} via {{ oldFwIp.stdout }}
+        - name: Add NEW FW IP route
+          shell: vppctl ip route add {{ protectedCidr.stdout }} via {{ fwIp }}
+        - name: Save NEW FW IP address
+          shell: echo {{ fwIp }} > /opt/config/fw_ipaddr.txt
+        - debug: 
+            msg: "FW IP has been changed"
+      become: true
+      when: oldFwIp.stdout != fwIp
+    - debug: 
+        msg: "SINK IP has not been changed"
+      when: oldSinkIp.stdout == sinkIp
+    - block:
+        - block:
+          - name: Modify packet stream files
+            debug:
+              msg: "Modify packet stream files"
+          - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp1"
+          - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp2"
+          - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp3"
+          - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp4"
+          - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp5"
+          - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp6"
+          - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp7"
+          - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp8"
+          - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp9"
+          - shell: "sed -i -e '0,/UDP/ s/UDP:.*/UDP: {{ pkgIp.stdout }} -> {{ sinkIp }}/' /opt/pg_streams/stream_fw_udp10"
+        - block:
+          - name: Delete old streams
+            debug:
+              msg: "Delete old streams"
+          - shell: vppctl packet-generator delete fw_udp1
+          - shell: vppctl packet-generator delete fw_udp2
+          - shell: vppctl packet-generator delete fw_udp3
+          - shell: vppctl packet-generator delete fw_udp4
+          - shell: vppctl packet-generator delete fw_udp5
+          - shell: vppctl packet-generator delete fw_udp6
+          - shell: vppctl packet-generator delete fw_udp7
+          - shell: vppctl packet-generator delete fw_udp8
+          - shell: vppctl packet-generator delete fw_udp9
+          - shell: vppctl packet-generator delete fw_udp10
+        - block:
+          - name: Install new streams
+            debug:
+              msg: "Install new streams"
+          - shell: vppctl exec /opt/pg_streams/stream_fw_udp1
+          - shell: vppctl exec /opt/pg_streams/stream_fw_udp2
+          - shell: vppctl exec /opt/pg_streams/stream_fw_udp3
+          - shell: vppctl exec /opt/pg_streams/stream_fw_udp4
+          - shell: vppctl exec /opt/pg_streams/stream_fw_udp5
+          - shell: vppctl exec /opt/pg_streams/stream_fw_udp6
+          - shell: vppctl exec /opt/pg_streams/stream_fw_udp7
+          - shell: vppctl exec /opt/pg_streams/stream_fw_udp8
+          - shell: vppctl exec /opt/pg_streams/stream_fw_udp9
+          - shell: vppctl exec /opt/pg_streams/stream_fw_udp10
+        - block:
+          - name: Enable new streams
+            debug:
+              msg: "Enable new streams"
+          - shell: vppctl packet-generator enable fw_udp1
+          - shell: vppctl packet-generator enable fw_udp2
+          - shell: vppctl packet-generator enable fw_udp3
+          - shell: vppctl packet-generator enable fw_udp4
+          - shell: vppctl packet-generator enable fw_udp5
+          - shell: vppctl packet-generator enable fw_udp6
+          - shell: vppctl packet-generator enable fw_udp7
+          - shell: vppctl packet-generator enable fw_udp8
+          - shell: vppctl packet-generator enable fw_udp9
+          - shell: vppctl packet-generator enable fw_udp10
+        - name: Save NEW SINK IP address
+          shell: echo {{ sinkIp }} > /opt/config/sink_ipaddr.txt
+        - debug: 
+            msg: "SINK IP has been changed"
+      become: true
+      when: oldSinkIp.stdout != sinkIp
+
author	Sylvain Desbureaux <sylvain.desbureaux@orange.com>	2019-01-23 11:14:30 +0100
committer	Sylvain Desbureaux <sylvain.desbureaux@orange.com>	2019-01-30 14:34:37 +0100
commit	80020fa702bd05f04d5b1f6b5fc4b33c3a9d62af (patch)
tree	fe6053a86b5c93cc5c326eee980e176927780cda /installation/ansible-server/src/main/Playbooks
parent	fe8d3bc523ac928f5cf7d9a9951d584b333e21f5 (diff)