-Change .directories in postscripts dir for wget traversal
-Change remoteshell to retrieve ssh host keys via credentials plugin -Change allowcred.awk to be persistant in execution for multiple runs -Move stunnel setup to the post.rh scripts (post.sles to do) -Migrate to no longer have per-node postscripts generated for redhat installs -Change to no longer use a postscripts tar file, recursive ftp instead -Change to setup vsftpd git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@1238 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
parent
5da7d1d175
commit
5540ae512b
@ -169,8 +169,8 @@ sub mknetboot {
|
||||
}
|
||||
|
||||
# create the node-specific post scripts
|
||||
mkpath "/install/postscripts/";
|
||||
xCAT::Postage->writescript($node,"/install/postscripts/".$node, "netboot", $callback);
|
||||
#mkpath "/install/postscripts/";
|
||||
#xCAT::Postage->writescript($node,"/install/postscripts/".$node, "netboot", $callback);
|
||||
|
||||
mkpath("/$tftpdir/xcat/netboot/$osver/$arch/$profile/");
|
||||
#TODO: only copy if newer...
|
||||
@ -220,10 +220,10 @@ sub mknetboot {
|
||||
kcmdline=>$kcmdline
|
||||
});
|
||||
}
|
||||
my $rc = xCAT::Utils->create_postscripts_tar();
|
||||
if ( $rc != 0 ) {
|
||||
xCAT::MsgUtils->message( "S", "Error creating postscripts tar file." );
|
||||
}
|
||||
#my $rc = xCAT::Utils->create_postscripts_tar();
|
||||
#if ( $rc != 0 ) {
|
||||
# xCAT::MsgUtils->message( "S", "Error creating postscripts tar file." );
|
||||
#}
|
||||
}
|
||||
|
||||
sub mkinstall {
|
||||
@ -296,8 +296,8 @@ sub mkinstall {
|
||||
}
|
||||
|
||||
# create the node-specific post scripts
|
||||
mkpath "/install/postscripts/";
|
||||
xCAT::Postage->writescript($node,"/install/postscripts/".$node, "install", $callback);
|
||||
#mkpath "/install/postscripts/";
|
||||
#xCAT::Postage->writescript($node,"/install/postscripts/".$node, "install", $callback);
|
||||
|
||||
|
||||
if (
|
||||
|
@ -113,12 +113,22 @@ sub process_request
|
||||
next;
|
||||
}
|
||||
$tfilename = "/root/.xcat/client-cred.pem";
|
||||
} elsif (/ssh_dsa_hostkey/) {
|
||||
unless (-r "/install/postscripts/hostkeys/ssh_host_dsa_key") {
|
||||
push @{$rsp->{'error'}},"Unable to read private DSA key from /install/postscripts/hostkeys";
|
||||
}
|
||||
$tfilename="/install/postscripts/hostkeys/ssh_host_dsa_key";
|
||||
} elsif (/ssh_rsa_hostkey/) {
|
||||
unless (-r "/install/postscripts/hostkeys/ssh_host_rsa_key") {
|
||||
push @{$rsp->{'error'}},"Unable to read private RSA key from /install/postscripts/hostkeys";
|
||||
}
|
||||
$tfilename="/install/postscripts/hostkeys/ssh_host_rsa_key";
|
||||
} elsif (/xcat_cfgloc/) {
|
||||
unless (-r "/etc/xcat/cfgloc") {
|
||||
push @{$rsp->{'error'}},"Unable to read xCAT database location";
|
||||
next;
|
||||
}
|
||||
$tfilename = "/etc/xcat/cfglog";
|
||||
$tfilename = "/etc/xcat/cfgloc";
|
||||
} else {
|
||||
next;
|
||||
}
|
||||
|
@ -41,7 +41,7 @@ exit 0;
|
||||
|
||||
Copy from the mounted /xcatpost/ directory to the MS /install/postscripts
|
||||
directory the /install/postscripts/ca install/postscripts/cert and
|
||||
/install/postscripts/.xcat into the local file system. These certificate are
|
||||
/install/postscripts/_xcat into the local file system. These certificate are
|
||||
needed for the postresql db setup for the service node to be able to access
|
||||
the DB from the service node.
|
||||
|
||||
@ -54,19 +54,19 @@ sub copyCertstoSN
|
||||
`touch /etc/xCATSN`;
|
||||
`touch /tmp/lissatestxxx`;
|
||||
`unalias cp`;
|
||||
if (-d "/xcatpost/.xcat")
|
||||
if (-d "/xcatpost/_xcat")
|
||||
{
|
||||
if (!(-d "/root/.xcat"))
|
||||
{
|
||||
mkdir("/root/.xcat", 0600);
|
||||
}
|
||||
`cp -rp /xcatpost/.xcat/* /root/.xcat`;
|
||||
`cp -rp /xcatpost/_xcat/* /root/.xcat`;
|
||||
`chmod 0600 /root/.xcat/*`;
|
||||
}
|
||||
else
|
||||
{
|
||||
xCAT::MsgUtils->message('S',
|
||||
"/xcatpost/.xcat directory does not exist\n");
|
||||
"/xcatpost/_xcat directory does not exist\n");
|
||||
|
||||
}
|
||||
if (-d "/xcatpost/ca")
|
||||
|
@ -26,8 +26,7 @@ hostname $HOSTNAME
|
||||
export MASTER_IP="#XCATVAR:XCATMASTER#"
|
||||
export MASTER_IPS="#XCATVAR:XCATMASTER#"
|
||||
export MASTER="#XCATVAR:XCATMASTER#"
|
||||
mkdir -p /xcatpost
|
||||
cd /xcatpost
|
||||
cd /tmp
|
||||
RAND=$(perl -e 'print int(rand(50)). "\n"')
|
||||
sleep $RAND
|
||||
for i in $(seq 1 20)
|
||||
@ -35,9 +34,28 @@ do
|
||||
GOTIT=0
|
||||
for i in $MASTER_IPS
|
||||
do
|
||||
wget --wait=10 --random-wait --waitretry=10 --retry-connrefused -t 0 -T 60 http://$i/install/autoinst/xcatpost.tar.gz
|
||||
wget -l inf -N -r --waitretry=10 --random-wait --retry-connrefused -t 0 -T 60 ftp://$i/install/postscripts
|
||||
#wget --wait=10 --random-wait --waitretry=10 --retry-connrefused -t 0 -T 60 http://$i/install/autoinst/xcatpost.tar.gz
|
||||
if [ "$?" = "0" ]
|
||||
then
|
||||
if [ -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit
|
||||
echo client=yes > /etc/stunnel/stunnel.conf
|
||||
echo foreground=yes >> /etc/stunnel/stunnel.conf
|
||||
echo output=/dev/null >> /etc/stunnel/stunnel.conf
|
||||
echo verify=0 >> /etc/stunnel/stunnel.conf
|
||||
echo '[xcatd]' >> /etc/stunnel/stunnel.conf
|
||||
echo accept=400 >> /etc/stunnel/stunnel.conf
|
||||
echo connect=$i:3001 >> /etc/stunnel/stunnel.conf
|
||||
|
||||
stunnel &
|
||||
STUN_PID=$!
|
||||
sleep 1
|
||||
fi
|
||||
mv $i/install/postscripts /xcatpost
|
||||
rm -rf $i
|
||||
chmod +x /xcatpost/*
|
||||
/xcatpost/getpostscript.awk |sed -e 's/<[^>]*>//g'|egrep -v '^ *$'|sed -e 's/^ *//' > /tmp/mypostscript
|
||||
chmod +x /tmp/mypostscript
|
||||
GOTIT=1
|
||||
break
|
||||
fi
|
||||
@ -49,15 +67,19 @@ do
|
||||
RAND=$(perl -e 'print int(rand(5)). "\n"')
|
||||
sleep $RAND
|
||||
done
|
||||
gunzip xcatpost.tar.gz
|
||||
tar -xvf xcatpost.tar
|
||||
/xcatpost/#TABLE:nodelist:THISNODE:node#
|
||||
export NODE=#TABLE:nodelist:THISNODE:node#
|
||||
cd /xcatpost
|
||||
#gunzip xcatpost.tar.gz
|
||||
#tar -xvf xcatpost.tar
|
||||
#/xcatpost/#TABLE:nodelist:THISNODE:node#
|
||||
export PATH=/xcatpost:$PATH
|
||||
/tmp/mypostscript
|
||||
export NODE=#TABLE:nodelist:THISNODE:node#
|
||||
export OSVER=#TABLE:nodetype:THISNODE:os#
|
||||
export ARCH=#TABLE:nodetype:THISNODE:arch#
|
||||
addsiteyum
|
||||
updateflag.awk $MASTER 3002
|
||||
cd /
|
||||
rm -Rf /xcatpost
|
||||
rm -f /tmp/mypostscript
|
||||
rm -f /etc/stunnel/stunnel.conf
|
||||
exit 0
|
||||
|
@ -26,8 +26,7 @@ hostname $HOSTNAME
|
||||
export MASTER_IP="#XCATVAR:XCATMASTER#"
|
||||
export MASTER_IPS="#XCATVAR:XCATMASTER#"
|
||||
export MASTER="#XCATVAR:XCATMASTER#"
|
||||
mkdir -p /xcatpost
|
||||
cd /xcatpost
|
||||
cd /tmp
|
||||
RAND=$(perl -e 'print int(rand(50)). "\n"')
|
||||
sleep $RAND
|
||||
for i in $(seq 1 20)
|
||||
@ -35,9 +34,28 @@ do
|
||||
GOTIT=0
|
||||
for i in $MASTER_IPS
|
||||
do
|
||||
wget --wait=10 --random-wait --waitretry=10 --retry-connrefused -t 0 -T 60 http://$i/install/autoinst/xcatpost.tar.gz
|
||||
wget -l inf -N -r --waitretry=10 --random-wait --retry-connrefused -t 0 -T 60 ftp://$i/install/postscripts
|
||||
#wget --wait=10 --random-wait --waitretry=10 --retry-connrefused -t 0 -T 60 http://$i/install/autoinst/xcatpost.tar.gz
|
||||
if [ "$?" = "0" ]
|
||||
then
|
||||
if [ -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit
|
||||
echo client=yes > /etc/stunnel/stunnel.conf
|
||||
echo foreground=yes >> /etc/stunnel/stunnel.conf
|
||||
echo output=/dev/null >> /etc/stunnel/stunnel.conf
|
||||
echo verify=0 >> /etc/stunnel/stunnel.conf
|
||||
echo '[xcatd]' >> /etc/stunnel/stunnel.conf
|
||||
echo accept=400 >> /etc/stunnel/stunnel.conf
|
||||
echo connect=$i:3001 >> /etc/stunnel/stunnel.conf
|
||||
|
||||
stunnel &
|
||||
STUN_PID=$!
|
||||
sleep 1
|
||||
fi
|
||||
mv $i/install/postscripts /xcatpost
|
||||
rm -rf $i
|
||||
chmod +x /xcatpost/*
|
||||
/xcatpost/getpostscript.awk |sed -e 's/<[^>]*>//g'|egrep -v '^ *$'|sed -e 's/^ *//' > /tmp/mypostscript
|
||||
chmod +x /tmp/mypostscript
|
||||
GOTIT=1
|
||||
break
|
||||
fi
|
||||
@ -49,11 +67,13 @@ do
|
||||
RAND=$(perl -e 'print int(rand(5)). "\n"')
|
||||
sleep $RAND
|
||||
done
|
||||
gunzip xcatpost.tar.gz
|
||||
tar -xvf xcatpost.tar
|
||||
/xcatpost/#TABLE:nodelist:THISNODE:node#
|
||||
export NODE=#TABLE:nodelist:THISNODE:node#
|
||||
cd /xcatpost
|
||||
#gunzip xcatpost.tar.gz
|
||||
#tar -xvf xcatpost.tar
|
||||
#/xcatpost/#TABLE:nodelist:THISNODE:node#
|
||||
export PATH=/xcatpost:$PATH
|
||||
/tmp/mypostscript
|
||||
export NODE=#TABLE:nodelist:THISNODE:node#
|
||||
export OSVER=#TABLE:nodetype:THISNODE:os#
|
||||
export ARCH=#TABLE:nodetype:THISNODE:arch#
|
||||
addsiteyum
|
||||
@ -61,4 +81,6 @@ iscsiadm -m discovery -t st -p #TABLE:iscsi:$NODE:server#
|
||||
uploadboot
|
||||
cd /
|
||||
rm -Rf /xcatpost
|
||||
rm -f /tmp/mypostscript
|
||||
rm -f /etc/stunnel/stunnel.conf
|
||||
exit 0
|
||||
|
@ -4,11 +4,12 @@ BEGIN {
|
||||
quit = "no"
|
||||
|
||||
|
||||
while (match(quit,"no") && (listener |& getline) > 0) {
|
||||
if (match($0,"CREDOKBYYOU?")) {
|
||||
print "CREDOKBYME" |& listener
|
||||
quit="yes"
|
||||
}
|
||||
}
|
||||
close(listener)
|
||||
while (match(quit,"no")) {
|
||||
while ((listener |& getline) > 0) {
|
||||
if (match($0,"CREDOKBYYOU?")) {
|
||||
print "CREDOKBYME" |& listener
|
||||
}
|
||||
}
|
||||
close(listener)
|
||||
}
|
||||
}
|
||||
|
@ -20,46 +20,46 @@ then
|
||||
echo " StrictHostKeyChecking no" >> /etc/ssh/ssh_config
|
||||
fi
|
||||
|
||||
if [ -d /xcatpost/.ssh ]
|
||||
if [ -d /xcatpost/_ssh ]
|
||||
then
|
||||
logger -t xcat "Install: setup root .ssh"
|
||||
cd /xcatpost/.ssh
|
||||
cd /xcatpost/_ssh
|
||||
mkdir -p /root/.ssh
|
||||
cp -f * /root/.ssh
|
||||
cd -
|
||||
chmod 700 /root/.ssh
|
||||
chmod 600 /root/.ssh/*
|
||||
fi
|
||||
allowcred.awk &
|
||||
sleep 1
|
||||
|
||||
if [ -d /xcatpost/hostkeys ]
|
||||
then
|
||||
logger -t xcat "Install: using server provided host key for convenience."
|
||||
cp /xcatpost/hostkeys/*_key /etc/ssh/
|
||||
fi
|
||||
getcredentials.awk ssh_dsa_hostkey | grep -v '<'|sed -e 's/</</' -e 's/>/>/' -e 's/&/&/' -e 's/"/"/' -e "s/'/'/" > /etc/ssh/ssh_host_dsa_key
|
||||
chmod 600 /etc/ssh/ssh_host_dsa_key
|
||||
if ! grep "PRIVATE KEY" /etc/ssh/ssh_host_dsa_key > /dev/null 2>&1 ; then
|
||||
rm /etc/ssh/ssh_host_dsa_key
|
||||
fi
|
||||
getcredentials.awk ssh_rsa_hostkey | grep -v '<'|sed -e 's/</</' -e 's/>/>/' -e 's/&/&/' -e 's/"/"/' -e "s/'/'/" > /etc/ssh/ssh_host_rsa_key
|
||||
chmod 600 /etc/ssh/ssh_host_rsa_key
|
||||
if ! grep "PRIVATE KEY" /etc/ssh/ssh_host_rsa_key > /dev/null 2>&1 ; then
|
||||
rm /etc/ssh/ssh_host_rsa_key
|
||||
fi
|
||||
|
||||
|
||||
if [ ! -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo client=yes > /etc/stunnel/stunnel.conf
|
||||
echo foreground=yes >> /etc/stunnel/stunnel.conf
|
||||
echo output=/dev/null >> /etc/stunnel/stunnel.conf
|
||||
echo verify=0 >> /etc/stunnel/stunnel.conf
|
||||
echo '[xcatd]' >> /etc/stunnel/stunnel.conf
|
||||
echo accept=400 >> /etc/stunnel/stunnel.conf
|
||||
echo connect=$MASTER:3001 >> /etc/stunnel/stunnel.conf
|
||||
|
||||
stunnel &
|
||||
STUN_PID=$!
|
||||
sleep 1
|
||||
|
||||
umask 0077
|
||||
|
||||
mkdir -p /root/.ssh/
|
||||
allowcred.awk &
|
||||
sleep 1
|
||||
getcredentials.awk ssh_root_key | grep -v '<'|sed -e 's/</</' -e 's/>/>/' -e 's/&/&/' -e 's/"/"/' -e "s/'/'/" > /root/.ssh/id_rsa
|
||||
if ! grep "PRIVATE KEY" /root/.ssh/id_rsa > /dev/null 2>&1 ; then
|
||||
rm /root/.ssh/id_rsa
|
||||
fi
|
||||
kill $STUN_PID
|
||||
|
@ -104,6 +104,12 @@ if [ ! -f /install/postscripts/hostkeys/ssh_host_key ]; then
|
||||
echo Generating SSH2 DSA Key...
|
||||
/usr/bin/ssh-keygen -t dsa -f /install/postscripts/hostkeys/ssh_host_dsa_key -C '' -N ''
|
||||
fi
|
||||
if [ -d /install/postscripts/.ssh ]; then
|
||||
mv /install/postscripts/.ssh /install/postscripts/_ssh
|
||||
fi
|
||||
if [ -d /install/postscripts/.xcat ]; then
|
||||
mv /install/postscripts/.xcat /install/postscripts/_xcat
|
||||
fi
|
||||
if [ "$1" = "1" ]; then #Only if installing for the fist time..
|
||||
mkdir -p /root/.ssh
|
||||
chmod 700 /root/.ssh
|
||||
@ -112,8 +118,8 @@ if [ "$1" = "1" ]; then #Only if installing for the fist time..
|
||||
if [ ! -r /root/.ssh/id_rsa.pub ]; then
|
||||
ssh-keygen -t rsa -q -b 2048 -N "" -f /root/.ssh/id_rsa
|
||||
fi
|
||||
mkdir -p /install/postscripts/.ssh
|
||||
cp /root/.ssh/id_rsa.pub /install/postscripts/.ssh/authorized_keys
|
||||
mkdir -p /install/postscripts/_ssh
|
||||
cp /root/.ssh/id_rsa.pub /install/postscripts/_ssh/authorized_keys
|
||||
|
||||
mkdir -p /var/log/consoles
|
||||
if ! grep /tftpboot /etc/exports; then
|
||||
@ -161,8 +167,8 @@ if [ "$1" = "1" ]; then #Only if installing for the fist time..
|
||||
if [ ! -r /root/.xcat/client-key.pem ]; then
|
||||
yes | $RPM_INSTALL_PREFIX0/share/xcat/scripts/setup-local-client.sh root
|
||||
fi
|
||||
mkdir -p /install/postscripts/.xcat
|
||||
cp -r /root/.xcat/* /install/postscripts/.xcat
|
||||
mkdir -p /install/postscripts/_xcat
|
||||
cp -r /root/.xcat/* /install/postscripts/_xcat
|
||||
#Zap the almost certainly wrong pxelinux.cfg file
|
||||
if [ -r /tftpboot/pxelinux.cfg/default ]
|
||||
then
|
||||
|
Loading…
Reference in New Issue
Block a user