diff options
Diffstat (limited to '')
| -rw-r--r-- | .dir_colors | 4 | ||||
| -rwxr-xr-x | kubernetes/mongodb/deploy.sh | 11 | ||||
| -rw-r--r-- | kubernetes/mongodb/mongod.conf | 24 | ||||
| -rw-r--r-- | kubernetes/mongodb/mongodb-configmap.yaml | 2 | ||||
| -rw-r--r-- | kubernetes/mongodb/mongodb-deployment.yaml | 42 | ||||
| -rw-r--r-- | vagrant/ff/Vagrantfile | 55 | ||||
| -rw-r--r-- | vagrant/pfsense/Vagrantfile | 209 | ||||
| -rw-r--r-- | vagrant/pfsense/vm-config.yaml | 10 |
8 files changed, 341 insertions, 16 deletions
diff --git a/.dir_colors b/.dir_colors index cb76b62..1021789 100644 --- a/.dir_colors +++ b/.dir_colors @@ -204,8 +204,8 @@ EXEC 01;32 .cc 00;38;5;25 .cpp 00;38;5;25 # h -.h 00;38;5;32 -.hpp 00;38;5;32 +.h 00;38;5;39 +.hpp 00;38;5;39 # json .json 00;38;5;202 # yaml diff --git a/kubernetes/mongodb/deploy.sh b/kubernetes/mongodb/deploy.sh new file mode 100755 index 0000000..db60298 --- /dev/null +++ b/kubernetes/mongodb/deploy.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env sh + +kubectl apply -f ./mongodb-secret.yaml +kubectl apply -f ./mongodb-configmap.yaml +kubectl apply -f ./mongodb-data-volume.yaml +kubectl create configmap mongodb-config-file --from-file=mongod.conf +kubectl apply -f ./mongodb-deployment.yaml + +# kubectl delete pod mongodb +# kubectl delete pvc +# kubectl delete pv diff --git a/kubernetes/mongodb/mongod.conf b/kubernetes/mongodb/mongod.conf index 85d2bd9..b431e24 100644 --- a/kubernetes/mongodb/mongod.conf +++ b/kubernetes/mongodb/mongod.conf @@ -1,15 +1,17 @@ # vim: ft=yaml -systemLog: - destination: file - path: "/var/log/mongodb/mongod.log" - logAppend: true -storage: - journal: - enabled: true -processManagement: - fork: true +# systemLog: +# destination: file +# path: "/var/log/mongodb/mongod.log" +# logAppend: true +# storage: +# journal: +# enabled: true +# processManagement: +# fork: true +# setParameter: +# enableLocalhostAuthBypass: false net: bindIp: 0.0.0.0 port: 27017 -setParameter: - enableLocalhostAuthBypass: false +security: + authorization: "enabled" diff --git a/kubernetes/mongodb/mongodb-configmap.yaml b/kubernetes/mongodb/mongodb-configmap.yaml index 19a484e..0f3d693 100644 --- a/kubernetes/mongodb/mongodb-configmap.yaml +++ b/kubernetes/mongodb/mongodb-configmap.yaml @@ -3,5 +3,5 @@ kind: ConfigMap metadata: name: mongodb-configmap data: - mongodb_db__anime_name: anime + mongodb_db_anime_name: anime mongodb_db_manga_name: manga diff --git a/kubernetes/mongodb/mongodb-deployment.yaml b/kubernetes/mongodb/mongodb-deployment.yaml index 778fd60..2002146 100644 --- a/kubernetes/mongodb/mongodb-deployment.yaml +++ b/kubernetes/mongodb/mongodb-deployment.yaml @@ -17,6 +17,38 @@ spec: containers: - name: mongodb image: mongo:4.4.10 + livenessProbe: + exec: + command: + - mongo + - --disableImplicitSessions + - --eval + - "db.adminCommand('ping')" + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + readinessProbe: + exec: + command: + - mongo + - --disableImplicitSessions + - --eval + - "db.adminCommand('ping')" + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + command: + - mongod + - --config + - /etc/mongod.conf/mongod.conf + - --noauth + - --dbpath + - /data/db + - --bind_ip_all ports: - containerPort: 27017 - containerPort: 27018 @@ -33,12 +65,18 @@ spec: name: mongodb-secrets key: mongodb-root-password volumeMounts: - - mountPath: /data/db - name: mongo-data + - name: mongo-data + mountPath: /data/db + - name: mongo-conf + mountPath: /etc/mongod.conf + readOnly: true volumes: - name: mongo-data persistentVolumeClaim: claimName: mongo-data + - name: mongo-conf + configMap: + name: mongodb-config-file --- apiVersion: v1 kind: Service diff --git a/vagrant/ff/Vagrantfile b/vagrant/ff/Vagrantfile new file mode 100644 index 0000000..fe3a560 --- /dev/null +++ b/vagrant/ff/Vagrantfile @@ -0,0 +1,55 @@ +# vi: set ft=ruby : +# frozen_string_literal: true + +MOUNT_POINT = '/home/vagrant/ff' +ENV['VAGRANT_DEFAULT_PROVIDER'] = 'libvirt' +CPU_COUNT = 4 +MEMORY = 6144 + +Vagrant.require_version '>= 2.2.6' +Vagrant.configure('2') do |config| + config.vm.box = 'generic/debian10' + config.vm.box_version = '3.4.2' + config.vm.box_check_update = false + config.vm.synced_folder './', MOUNT_POINT, type: 'nfs' + config.vm.hostname = 'pam-farzad' + config.vm.boot_timeout = 30 + config.vm.graceful_halt_timeout = 30 + # confit.vm.network "private_network", ip: "192.168.33.10" + + # CFLAGS="-I/opt/vagrant/embedded/include/ruby-3.0.0/ruby" vagrant plugin install vagrant-libvirt + config.vagrant.plugins = [{ 'vagrant-libvirt' => { 'version' => '^0.6.2' } }] + + config.vm.provider 'virtualbox' do |vb| + vb.cpus = CPU_COUNT + vb.gui = false + vb.memory = MEMORY.to_s + end + config.vm.provider 'libvirt' do |libvirt| + libvirt.default_prefix = 'farzad-deb10-pam-' + libvirt.driver = 'kvm' + libvirt.nested = true + libvirt.machine_type = 'pc-q35-3.1' + libvirt.qemuargs value: '-object' + libvirt.qemuargs value: 'rng-random,id=rng0,filename=/dev/urandom' + libvirt.qemuargs value: '-device' + libvirt.qemuargs value: 'virtio-rng-pci,rng=rng0,bus=pcie.0' + libvirt.qemuargs value: '-nographic' + libvirt.qemuargs value: '-nodefaults' + libvirt.qemuargs value: '-no-user-config' + libvirt.sound_type = nil + libvirt.cpus = CPU_COUNT + libvirt.memory = MEMORY + libvirt.random model: 'random' + libvirt.autostart = true + libvirt.features = %w[acpi apic] + libvirt.disk_driver cache: 'writeback', io: nil, copy_on_read: 'on', discard: nil, detect_zeroes: nil + end + + config.vm.provision 'provision', type: 'shell', name: 'provision', privileged: false, reboot: false, inline: <<-SHELL + set -ex + sudo apt update && sudo apt upgrade -y + sudo apt install -y vim tmux python3 python3-pip curl + pip3 install ranger-fm + SHELL +end diff --git a/vagrant/pfsense/Vagrantfile b/vagrant/pfsense/Vagrantfile new file mode 100644 index 0000000..b7a187e --- /dev/null +++ b/vagrant/pfsense/Vagrantfile @@ -0,0 +1,209 @@ +# vi: set ft=ruby : +# frozen_string_literal: true + +require 'yaml' + +if File.file?('vm-config.yaml') + vm_config = YAML.load_file('vm-config.yaml') + DPDK_VERSION = vm_config['dpdk_version'] + E1000_NIC_COUNT = vm_config['nics']['e1000'] + VIRTIO_NIC_COUNT = vm_config['nics']['virtio'] + DEMO_MOUNT_POINT = vm_config['mount_point'] + HUGETLB_2MG_COUNT = vm_config['huge2mb'] + PXB_COUNT = vm_config['pxb'] + NUMA_COUNT = vm_config['numa'] + TOTAL_MEMORY = vm_config['memory'] + VCORE_COUNT = vm_config['vcore'] +else + # defaults + DPDK_VERSION = '20.11.3' + E1000_NIC_COUNT = 4 + VIRTIO_NIC_COUNT = 4 + DEMO_MOUNT_POINT = '/home/vagrant/pfsense' + HUGETLB_2MG_COUNT = 512 + PXB_COUNT = 2 + NUMA_COUNT = 2 + TOTAL_MEMORY = 12_288 + VCORE_COUNT = 8 +end + +ENV['VAGRANT_DEFAULT_PROVIDER'] = 'libvirt' +Vagrant.require_version '>= 2.2.6' +Vagrant.configure('2') do |config| + config.vm.box = 'generic/debian10' + config.vm.box_version = '3.4.2' + config.vm.box_check_update = false + config.vm.synced_folder './source', DEMO_MOUNT_POINT, type: 'nfs' + config.vm.hostname = 'dpdk-farzad' + + config.vm.boot_timeout = 30 + config.vm.graceful_halt_timeout = 30 + + # CFLAGS="-I/opt/vagrant/embedded/include/ruby-3.0.0/ruby" vagrant plugin install vagrant-reload + # CFLAGS="-I/opt/vagrant/embedded/include/ruby-3.0.0/ruby" vagrant plugin install vagrant-libvirt + config.vagrant.plugins = ['vagrant-reload', { 'vagrant-libvirt' => { 'version' => '^0.6.2' } }] + + config.vm.provider 'libvirt' do |libvirt| + libvirt.default_prefix = 'deb10-dpdk-' + libvirt.driver = 'kvm' + libvirt.nested = true + libvirt.machine_type = 'pc-q35-3.1' + libvirt.nic_adapter_count = E1000_NIC_COUNT + VIRTIO_NIC_COUNT + 1 + libvirt.qemuargs value: '-device' + libvirt.qemuargs value: 'intel-iommu,caching-mode=on,intremap=off,pt=true' + (0..PXB_COUNT - 1).each do |i| + libvirt.qemuargs value: '-device' + libvirt.qemuargs value: "pxb-pcie,id=pcie.#{i + 1},bus=pcie.0,bus_nr=#{180 + i * 20},addr=#{i + 10},numa_node=#{i % NUMA_COUNT}" + end + (0..VIRTIO_NIC_COUNT + E1000_NIC_COUNT - 1).each do |i| + libvirt.qemuargs value: '-device' + libvirt.qemuargs value: "ioh3420,port=0x3#{i},id=rppci.#{i},bus=pcie.#{(i / 4) + 1},chassis=#{i + 7},slot=#{i % 4},addr=0x#{i % 4}" + end + (0..VIRTIO_NIC_COUNT - 1).each do |i| + libvirt.qemuargs value: '-netdev' + libvirt.qemuargs value: "user,id=net#{i + 4}" + libvirt.qemuargs value: '-device' + libvirt.qemuargs value: "virtio-net-pci,netdev=net#{i + 4},mac=de:ad:be:ef:00:0#{i + 4},bus=rppci.#{i},mq=on,vectors=32,status=off" + end + (0..E1000_NIC_COUNT - 1).each do |i| + libvirt.qemuargs value: '-netdev' + libvirt.qemuargs value: "user,id=net#{i}" + libvirt.qemuargs value: '-device' + libvirt.qemuargs value: "e1000,netdev=net#{i},mac=de:ad:be:ef:00:0#{i},bus=rppci.#{i + 4}" + end + libvirt.qemuargs value: '-object' + libvirt.qemuargs value: 'rng-random,id=rng0,filename=/dev/urandom' + libvirt.qemuargs value: '-device' + libvirt.qemuargs value: 'virtio-rng-pci,rng=rng0,bus=pcie.0' + libvirt.qemuargs value: '-nographic' + libvirt.qemuargs value: '-nodefaults' + libvirt.qemuargs value: '-no-user-config' + libvirt.qemuargs value: '-enable-kvm' + # libvirt.qemuargs :value => "-chardev" + # libvirt.qemuargs :value => "socket,path=/tmp/ivshmem_socket,id=ivshmem_socket" + # libvirt.qemuargs :value => "-device" + # libvirt.qemuargs :value => "ivshmem,chardev=ivshmem_socket,size=1m" + libvirt.sound_type = nil + libvirt.cpus = VCORE_COUNT + libvirt.cputopology sockets: NUMA_COUNT.to_s, cores: (VCORE_COUNT / NUMA_COUNT).to_s, threads: '1' + libvirt.cpu_fallback = 'forbid' + libvirt.numa_nodes = [ + { cpus: '0-3', memory: (TOTAL_MEMORY / 2).to_s }, + { cpus: '4-7', memory: (TOTAL_MEMORY / 2).to_s } + ] + libvirt.random model: 'random' + libvirt.autostart = true + libvirt.features = %w[acpi apic] + libvirt.channel type: 'unix', target_name: 'org.qemu.guest_agent.0', target_type: 'virtio' + libvirt.disk_driver cache: 'writeback', io: nil, copy_on_read: 'on', discard: nil, detect_zeroes: nil + libvirt.clock_timer name: 'hpet', present: 'yes' + end + + config.vm.provision 'enable-iommu', type: 'shell', name: 'enable-iommu', privileged: true, reboot: false, + inline: <<-SHELL + set -ex + cp #{DEMO_MOUNT_POINT}/conf/grub /etc/default/grub + echo "options vfio_iommu_type1 allow_unsafe_interrupts=1" > /etc/modprobe.d/unsafe-interrupts.conf + update-grub + SHELL + + # https://github.com/vagrant-libvirt/vagrant-libvirt/issues/1366 + # https://github.com/hashicorp/vagrant/issues/11632 + config.vm.provision :reload + + config.vm.provision 'hugepages', type: 'shell', name: 'hugepages', privileged: true, reboot: false, reset: true, + run: 'always', inline: <<-SHELL + set -ex + groupadd dpdk || true + usermod -aG dpdk vagrant + echo "@dpdk - memlock unlimited" >> /etc/security/limits.conf + /usr/bin/bash -c "echo #{HUGETLB_2MG_COUNT} > /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages" + /usr/bin/bash -c "echo #{HUGETLB_2MG_COUNT} > /sys/devices/system/node/node1/hugepages/hugepages-2048kB/nr_hugepages" + mkdir -p /dev/hugepages-2MB &&\ + mountpoint -q /dev/hugepages-2MB || mount -o pagesize=2097152 -t hugetlbfs nodev /dev/hugepages-2MB + mkdir -p /dev/hugepages-1GB &&\ + mountpoint -q /dev/hugepages-1GB || mount -o pagesize=1073741824 -t hugetlbfs nodev /dev/hugepages-1GB + echo "nodev /mnt/huge hugetlbfs defaults 0 0" >> /etc/fstab + # recommended to increase limit of open files when using a lot of huge pages + ulimit -Sn 2048 + SHELL + + config.vm.provision 'dpdk-install', name: 'dpdk-install', type: 'shell', privileged: false, reboot: false, + inline: <<-SHELL + set -ex + sudo apt update && sudo apt upgrade -y + sudo apt install -y build-essential + sudo apt install -y libnuma-dev python3-pyelftools libarchive-dev libelf-dev python3 python3-pip meson ninja-build libssl-dev zlib1g-dev + sudo apt install -y tmux vim wget universal-ctags cscope git devscripts w3m cmake gdb sshfs libhugetlbfs-bin ethtool + cd /home/vagrant &&\ + wget -q https://fast.dpdk.org/rel/dpdk-#{DPDK_VERSION}.tar.xz &&\ + tar -xvf dpdk-#{DPDK_VERSION}.tar.xz &&\ + cd dpdk-stable-#{DPDK_VERSION} &&\ + meson build &&\ + cd build &&\ + meson configure -Dexamples=all -Duse_hpet=true -Dbuildtype=debug -Denable_trace_fp=true &&\ + ninja &&\ + ninja -t compdb &&\ + sudo ninja install &&\ + sudo ldconfig + SHELL + + config.vm.provision 'dpdk-pmd', type: 'shell', name: 'dpdk-pmd', privileged: true, reboot: false, run: 'always', + inline: <<-SHELL + set -ex + modprobe vfio-pci + NICS=$(lspci -nn -D | grep -i "gigabit\ ethernet" | gawk '{sum=sum" "$1}END{print sum}') + IFS=" ";read -ra NICS_ARRAY <<< "$NICS" + for NIC in "${NICS_ARRAY[@]}";do + /home/vagrant/dpdk-stable-#{DPDK_VERSION}/usertools/dpdk-devbind.py --bind vfio-pci $NIC || true + done + # we don't wanna blow out the one NIC that's giving us internet/ssh + EXCLUSION_LIST=$(/sbin/ethtool -i eth0 | grep bus-info | gawk '{print $2}') + NICS=$(lspci -nn -D | grep -v $EXCLUSION_LIST | grep -i "virtio\ network\ device" | gawk '{sum=sum" "$1}END{print sum}') + IFS=" ";read -ra NICS_ARRAY <<< "$NICS" + for NIC in "${NICS_ARRAY[@]}";do + /home/vagrant/dpdk-stable-#{DPDK_VERSION}/usertools/dpdk-devbind.py --bind vfio-pci $NIC || true + done + # kill ASLR. we need to do this for multiprocess + echo 0 > /proc/sys/kernel/randomize_va_space + SHELL + + config.vm.provision 'dpdk-sudoless', name: 'dpdk-sudoless', type: 'shell', privileged: true, reboot: false, + run: 'always', inline: <<-SHELL + set -ex + chown root:dpdk /dev/hpet + chown -R root:dpdk /dev/vfio + chmod 660 /dev/hpet + chmod 770 /dev/vfio + chmod 660 /dev/vfio/* + chmod 770 /dev/hugepages-1GB + chown root:dpdk /dev/hugepages-1GB + chmod 770 /dev/hugepages-2MB + chown root:dpdk /dev/hugepages-2MB + SHELL + + config.vm.provision 'dpdk-test', type: 'shell', name: 'dpdk-test', privileged: false, reboot: false, run: 'never', + inline: <<-SHELL + set -ex + cd /home/vagrant/dpdk-stable-#{DPDK_VERSION}/build &&\ + sudo meson test --suite fast-tests --timeout 100 + cd /home/vagrant/dpdk-stable-#{DPDK_VERSION}/build &&\ + meson test --suite driver-tests + /home/vagrant/dpdk-stable-#{DPDK_VERSION}/build/app/test/dpdk-test -n2 -l4 --vfio-int=legacy --huge-dir=/dev/hugepages-2MB --allow 0000:00:03.0 --allow 0000:00:04.0 + make -C /home/vagrant/dpdk-stable-#{DPDK_VERSION}/examples/helloworld &&\ + /home/vagra/tdpdk-stable-#{DPDK_VERSION}/examples/helloworld/build/helloworld + /home/vagra/tdpdk-stable-#{DPDK_VERSION}/build/app/dpdk-testpmd -l 0-3 -n 4 --vfio-int=legacy -- -i + make -C /home/vagrant/dpdk-stable-#{DPDK_VERSION}/examples/skeleton &&\ + /home/vagra/tdpdk-stable-#{DPDK_VERSION}/examples/skeleton/build/basicfwd -l1 -n4 --vfio-int=legacy + SHELL + + if ARGV[0] == '--farzad' + config.vm.provision 'farzad', type: 'shell', name: 'farzad', privileged: false, reboot: false, reset: true, + inline: <<-SHELL + set -ex + sudo apt install -y apt-file hwloc numactl strace ltrace babeltrace htop + sudo apt-file update + echo "set -o vi" >> ~/.bashrc + SHELL + end +end diff --git a/vagrant/pfsense/vm-config.yaml b/vagrant/pfsense/vm-config.yaml new file mode 100644 index 0000000..579170f --- /dev/null +++ b/vagrant/pfsense/vm-config.yaml @@ -0,0 +1,10 @@ +nics: + e1000: 4 + virtio: 4 +vcore: 8 +numa: 2 +memory: 12288 +huge2mb: 512 +pxb: 2 +mount_point: "/home/vagrant/pfsense" +dpdk_version: "20.11.3" |