-Change .directories in postscripts dir for wget traversal

-Change remoteshell to retrieve ssh host keys via credentials plugin
-Change allowcred.awk to be persistant in execution for multiple runs
-Move stunnel setup to the post.rh scripts (post.sles to do)
-Migrate to no longer have per-node postscripts generated for redhat installs
-Change to no longer use a postscripts tar file, recursive ftp instead
-Change to setup vsftpd



git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@1238 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
jbjohnso 2008-04-30 20:54:57 +00:00
parent 5da7d1d175
commit 5540ae512b
8 changed files with 114 additions and 53 deletions

View File

@ -169,8 +169,8 @@ sub mknetboot {
}
# create the node-specific post scripts
mkpath "/install/postscripts/";
xCAT::Postage->writescript($node,"/install/postscripts/".$node, "netboot", $callback);
#mkpath "/install/postscripts/";
#xCAT::Postage->writescript($node,"/install/postscripts/".$node, "netboot", $callback);
mkpath("/$tftpdir/xcat/netboot/$osver/$arch/$profile/");
#TODO: only copy if newer...
@ -220,10 +220,10 @@ sub mknetboot {
kcmdline=>$kcmdline
});
}
my $rc = xCAT::Utils->create_postscripts_tar();
if ( $rc != 0 ) {
xCAT::MsgUtils->message( "S", "Error creating postscripts tar file." );
}
#my $rc = xCAT::Utils->create_postscripts_tar();
#if ( $rc != 0 ) {
# xCAT::MsgUtils->message( "S", "Error creating postscripts tar file." );
#}
}
sub mkinstall {
@ -296,8 +296,8 @@ sub mkinstall {
}
# create the node-specific post scripts
mkpath "/install/postscripts/";
xCAT::Postage->writescript($node,"/install/postscripts/".$node, "install", $callback);
#mkpath "/install/postscripts/";
#xCAT::Postage->writescript($node,"/install/postscripts/".$node, "install", $callback);
if (

View File

@ -113,12 +113,22 @@ sub process_request
next;
}
$tfilename = "/root/.xcat/client-cred.pem";
} elsif (/ssh_dsa_hostkey/) {
unless (-r "/install/postscripts/hostkeys/ssh_host_dsa_key") {
push @{$rsp->{'error'}},"Unable to read private DSA key from /install/postscripts/hostkeys";
}
$tfilename="/install/postscripts/hostkeys/ssh_host_dsa_key";
} elsif (/ssh_rsa_hostkey/) {
unless (-r "/install/postscripts/hostkeys/ssh_host_rsa_key") {
push @{$rsp->{'error'}},"Unable to read private RSA key from /install/postscripts/hostkeys";
}
$tfilename="/install/postscripts/hostkeys/ssh_host_rsa_key";
} elsif (/xcat_cfgloc/) {
unless (-r "/etc/xcat/cfgloc") {
push @{$rsp->{'error'}},"Unable to read xCAT database location";
next;
}
$tfilename = "/etc/xcat/cfglog";
$tfilename = "/etc/xcat/cfgloc";
} else {
next;
}

View File

@ -41,7 +41,7 @@ exit 0;
Copy from the mounted /xcatpost/ directory to the MS /install/postscripts
directory the /install/postscripts/ca install/postscripts/cert and
/install/postscripts/.xcat into the local file system. These certificate are
/install/postscripts/_xcat into the local file system. These certificate are
needed for the postresql db setup for the service node to be able to access
the DB from the service node.
@ -54,19 +54,19 @@ sub copyCertstoSN
`touch /etc/xCATSN`;
`touch /tmp/lissatestxxx`;
`unalias cp`;
if (-d "/xcatpost/.xcat")
if (-d "/xcatpost/_xcat")
{
if (!(-d "/root/.xcat"))
{
mkdir("/root/.xcat", 0600);
}
`cp -rp /xcatpost/.xcat/* /root/.xcat`;
`cp -rp /xcatpost/_xcat/* /root/.xcat`;
`chmod 0600 /root/.xcat/*`;
}
else
{
xCAT::MsgUtils->message('S',
"/xcatpost/.xcat directory does not exist\n");
"/xcatpost/_xcat directory does not exist\n");
}
if (-d "/xcatpost/ca")

View File

@ -26,8 +26,7 @@ hostname $HOSTNAME
export MASTER_IP="#XCATVAR:XCATMASTER#"
export MASTER_IPS="#XCATVAR:XCATMASTER#"
export MASTER="#XCATVAR:XCATMASTER#"
mkdir -p /xcatpost
cd /xcatpost
cd /tmp
RAND=$(perl -e 'print int(rand(50)). "\n"')
sleep $RAND
for i in $(seq 1 20)
@ -35,9 +34,28 @@ do
GOTIT=0
for i in $MASTER_IPS
do
wget --wait=10 --random-wait --waitretry=10 --retry-connrefused -t 0 -T 60 http://$i/install/autoinst/xcatpost.tar.gz
wget -l inf -N -r --waitretry=10 --random-wait --retry-connrefused -t 0 -T 60 ftp://$i/install/postscripts
#wget --wait=10 --random-wait --waitretry=10 --retry-connrefused -t 0 -T 60 http://$i/install/autoinst/xcatpost.tar.gz
if [ "$?" = "0" ]
then
if [ -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit
echo client=yes > /etc/stunnel/stunnel.conf
echo foreground=yes >> /etc/stunnel/stunnel.conf
echo output=/dev/null >> /etc/stunnel/stunnel.conf
echo verify=0 >> /etc/stunnel/stunnel.conf
echo '[xcatd]' >> /etc/stunnel/stunnel.conf
echo accept=400 >> /etc/stunnel/stunnel.conf
echo connect=$i:3001 >> /etc/stunnel/stunnel.conf
stunnel &
STUN_PID=$!
sleep 1
fi
mv $i/install/postscripts /xcatpost
rm -rf $i
chmod +x /xcatpost/*
/xcatpost/getpostscript.awk |sed -e 's/<[^>]*>//g'|egrep -v '^ *$'|sed -e 's/^ *//' > /tmp/mypostscript
chmod +x /tmp/mypostscript
GOTIT=1
break
fi
@ -49,15 +67,19 @@ do
RAND=$(perl -e 'print int(rand(5)). "\n"')
sleep $RAND
done
gunzip xcatpost.tar.gz
tar -xvf xcatpost.tar
/xcatpost/#TABLE:nodelist:THISNODE:node#
export NODE=#TABLE:nodelist:THISNODE:node#
cd /xcatpost
#gunzip xcatpost.tar.gz
#tar -xvf xcatpost.tar
#/xcatpost/#TABLE:nodelist:THISNODE:node#
export PATH=/xcatpost:$PATH
/tmp/mypostscript
export NODE=#TABLE:nodelist:THISNODE:node#
export OSVER=#TABLE:nodetype:THISNODE:os#
export ARCH=#TABLE:nodetype:THISNODE:arch#
addsiteyum
updateflag.awk $MASTER 3002
cd /
rm -Rf /xcatpost
rm -f /tmp/mypostscript
rm -f /etc/stunnel/stunnel.conf
exit 0

View File

@ -26,8 +26,7 @@ hostname $HOSTNAME
export MASTER_IP="#XCATVAR:XCATMASTER#"
export MASTER_IPS="#XCATVAR:XCATMASTER#"
export MASTER="#XCATVAR:XCATMASTER#"
mkdir -p /xcatpost
cd /xcatpost
cd /tmp
RAND=$(perl -e 'print int(rand(50)). "\n"')
sleep $RAND
for i in $(seq 1 20)
@ -35,9 +34,28 @@ do
GOTIT=0
for i in $MASTER_IPS
do
wget --wait=10 --random-wait --waitretry=10 --retry-connrefused -t 0 -T 60 http://$i/install/autoinst/xcatpost.tar.gz
wget -l inf -N -r --waitretry=10 --random-wait --retry-connrefused -t 0 -T 60 ftp://$i/install/postscripts
#wget --wait=10 --random-wait --waitretry=10 --retry-connrefused -t 0 -T 60 http://$i/install/autoinst/xcatpost.tar.gz
if [ "$?" = "0" ]
then
if [ -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit
echo client=yes > /etc/stunnel/stunnel.conf
echo foreground=yes >> /etc/stunnel/stunnel.conf
echo output=/dev/null >> /etc/stunnel/stunnel.conf
echo verify=0 >> /etc/stunnel/stunnel.conf
echo '[xcatd]' >> /etc/stunnel/stunnel.conf
echo accept=400 >> /etc/stunnel/stunnel.conf
echo connect=$i:3001 >> /etc/stunnel/stunnel.conf
stunnel &
STUN_PID=$!
sleep 1
fi
mv $i/install/postscripts /xcatpost
rm -rf $i
chmod +x /xcatpost/*
/xcatpost/getpostscript.awk |sed -e 's/<[^>]*>//g'|egrep -v '^ *$'|sed -e 's/^ *//' > /tmp/mypostscript
chmod +x /tmp/mypostscript
GOTIT=1
break
fi
@ -49,11 +67,13 @@ do
RAND=$(perl -e 'print int(rand(5)). "\n"')
sleep $RAND
done
gunzip xcatpost.tar.gz
tar -xvf xcatpost.tar
/xcatpost/#TABLE:nodelist:THISNODE:node#
export NODE=#TABLE:nodelist:THISNODE:node#
cd /xcatpost
#gunzip xcatpost.tar.gz
#tar -xvf xcatpost.tar
#/xcatpost/#TABLE:nodelist:THISNODE:node#
export PATH=/xcatpost:$PATH
/tmp/mypostscript
export NODE=#TABLE:nodelist:THISNODE:node#
export OSVER=#TABLE:nodetype:THISNODE:os#
export ARCH=#TABLE:nodetype:THISNODE:arch#
addsiteyum
@ -61,4 +81,6 @@ iscsiadm -m discovery -t st -p #TABLE:iscsi:$NODE:server#
uploadboot
cd /
rm -Rf /xcatpost
rm -f /tmp/mypostscript
rm -f /etc/stunnel/stunnel.conf
exit 0

View File

@ -4,11 +4,12 @@ BEGIN {
quit = "no"
while (match(quit,"no") && (listener |& getline) > 0) {
if (match($0,"CREDOKBYYOU?")) {
print "CREDOKBYME" |& listener
quit="yes"
}
}
close(listener)
while (match(quit,"no")) {
while ((listener |& getline) > 0) {
if (match($0,"CREDOKBYYOU?")) {
print "CREDOKBYME" |& listener
}
}
close(listener)
}
}

View File

@ -20,46 +20,46 @@ then
echo " StrictHostKeyChecking no" >> /etc/ssh/ssh_config
fi
if [ -d /xcatpost/.ssh ]
if [ -d /xcatpost/_ssh ]
then
logger -t xcat "Install: setup root .ssh"
cd /xcatpost/.ssh
cd /xcatpost/_ssh
mkdir -p /root/.ssh
cp -f * /root/.ssh
cd -
chmod 700 /root/.ssh
chmod 600 /root/.ssh/*
fi
allowcred.awk &
sleep 1
if [ -d /xcatpost/hostkeys ]
then
logger -t xcat "Install: using server provided host key for convenience."
cp /xcatpost/hostkeys/*_key /etc/ssh/
fi
getcredentials.awk ssh_dsa_hostkey | grep -v '<'|sed -e 's/&lt;/</' -e 's/&gt;/>/' -e 's/&amp;/&/' -e 's/&quot/"/' -e "s/&apos;/'/" > /etc/ssh/ssh_host_dsa_key
chmod 600 /etc/ssh/ssh_host_dsa_key
if ! grep "PRIVATE KEY" /etc/ssh/ssh_host_dsa_key > /dev/null 2>&1 ; then
rm /etc/ssh/ssh_host_dsa_key
fi
getcredentials.awk ssh_rsa_hostkey | grep -v '<'|sed -e 's/&lt;/</' -e 's/&gt;/>/' -e 's/&amp;/&/' -e 's/&quot/"/' -e "s/&apos;/'/" > /etc/ssh/ssh_host_rsa_key
chmod 600 /etc/ssh/ssh_host_rsa_key
if ! grep "PRIVATE KEY" /etc/ssh/ssh_host_rsa_key > /dev/null 2>&1 ; then
rm /etc/ssh/ssh_host_rsa_key
fi
if [ ! -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit
exit 0
fi
echo client=yes > /etc/stunnel/stunnel.conf
echo foreground=yes >> /etc/stunnel/stunnel.conf
echo output=/dev/null >> /etc/stunnel/stunnel.conf
echo verify=0 >> /etc/stunnel/stunnel.conf
echo '[xcatd]' >> /etc/stunnel/stunnel.conf
echo accept=400 >> /etc/stunnel/stunnel.conf
echo connect=$MASTER:3001 >> /etc/stunnel/stunnel.conf
stunnel &
STUN_PID=$!
sleep 1
umask 0077
mkdir -p /root/.ssh/
allowcred.awk &
sleep 1
getcredentials.awk ssh_root_key | grep -v '<'|sed -e 's/&lt;/</' -e 's/&gt;/>/' -e 's/&amp;/&/' -e 's/&quot/"/' -e "s/&apos;/'/" > /root/.ssh/id_rsa
if ! grep "PRIVATE KEY" /root/.ssh/id_rsa > /dev/null 2>&1 ; then
rm /root/.ssh/id_rsa
fi
kill $STUN_PID

View File

@ -104,6 +104,12 @@ if [ ! -f /install/postscripts/hostkeys/ssh_host_key ]; then
echo Generating SSH2 DSA Key...
/usr/bin/ssh-keygen -t dsa -f /install/postscripts/hostkeys/ssh_host_dsa_key -C '' -N ''
fi
if [ -d /install/postscripts/.ssh ]; then
mv /install/postscripts/.ssh /install/postscripts/_ssh
fi
if [ -d /install/postscripts/.xcat ]; then
mv /install/postscripts/.xcat /install/postscripts/_xcat
fi
if [ "$1" = "1" ]; then #Only if installing for the fist time..
mkdir -p /root/.ssh
chmod 700 /root/.ssh
@ -112,8 +118,8 @@ if [ "$1" = "1" ]; then #Only if installing for the fist time..
if [ ! -r /root/.ssh/id_rsa.pub ]; then
ssh-keygen -t rsa -q -b 2048 -N "" -f /root/.ssh/id_rsa
fi
mkdir -p /install/postscripts/.ssh
cp /root/.ssh/id_rsa.pub /install/postscripts/.ssh/authorized_keys
mkdir -p /install/postscripts/_ssh
cp /root/.ssh/id_rsa.pub /install/postscripts/_ssh/authorized_keys
mkdir -p /var/log/consoles
if ! grep /tftpboot /etc/exports; then
@ -161,8 +167,8 @@ if [ "$1" = "1" ]; then #Only if installing for the fist time..
if [ ! -r /root/.xcat/client-key.pem ]; then
yes | $RPM_INSTALL_PREFIX0/share/xcat/scripts/setup-local-client.sh root
fi
mkdir -p /install/postscripts/.xcat
cp -r /root/.xcat/* /install/postscripts/.xcat
mkdir -p /install/postscripts/_xcat
cp -r /root/.xcat/* /install/postscripts/_xcat
#Zap the almost certainly wrong pxelinux.cfg file
if [ -r /tftpboot/pxelinux.cfg/default ]
then