arif/xcat-core
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Remove some of the xCAT specific chunks from xCAT-genesis-base

Browse Source 
git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@14575 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
jbjohnso 2012-12-06 14:41:46 +00:00
parent c17cea3b6f
commit a7fd482b38
13 changed files with 5 additions and 897 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
xCAT-genesis-builder/allowcred.awk
View File

@ -1,15 +0,0 @@
#!/usr/bin/awk -f
BEGIN {
listener = "/inet/tcp/300/0/0"
quit = "no"
while (match(quit,"no")) {
while ((listener |& getline) > 0) {
if (match($0,"CREDOKBYYOU?")) {
print "CREDOKBYME" |& listener
}
}
close(listener)
}
}

348
xCAT-genesis-builder/bmcsetup
View File

@ -1,348 +0,0 @@
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
#
# Raw commands to set BMCs to defaults
# dx320
# 0x2e 0x10 0x4d 0x4f 0x00 0xff
#
# dx340
# 0x30 0x13 0xff 0x00 0x00 0x00
#
# dx360/x3450
# 0x30 0x02 0x43 0x4c 0x52 0xaa
# 0x08 0x00 0x49 0x4e 0x54 0x45 0x4c
# 0x08 0x04
#
allowcred.awk &
CREDPID=$!
sleep 5
modprobe ipmi_si
modprobe ipmi_devintf
IPCFGMETHOD=static
while [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; do
while ! getipmi
do
echo "Retrying retrieval of IPMI settings from server"
done
TIMEOUT=15
BMCIP=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
BMCVLAN=`grep taggedvlan /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
if [ -z "$BMCVLAN" ]; then BMCVLAN=off; fi
BMCGW=`grep gateway /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
BMCNM=`grep netmask /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
BMCUS=`grep username /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
BMCPW=`grep password /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
IPCFGMETHOD=`grep ipcfgmethod /tmp/ipmicfg.xml|awk -F\> '{print $2}'|awk -F\< '{print $1}'`
if [ -z "$IPCFGMETHOD" ]; then
IPCFGMETHOD="static"
fi
if [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; then
echo "FAILED TO RETRIEVE SETTINGS, RETRYING in 15 seconds"
sleep 15
fi
done
kill $CREDPID
NUMBMCS=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'|wc -l`
IPMIVER=`ipmitool mc info|grep ^IPMI|awk '{print $4}'`
IPMIMFG=`ipmitool mc info|grep "^Manufacturer ID"|awk '{print $4}'`
if [ "$IPMIMFG" == 2 ]; then #IBM
XPROD=`ipmitool mc info|grep "^Product ID"|awk '{print $4}'`
if [ "$XPROD" == "220" ]; then
LOCKEDUSERS=1
BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
if [ ! -z "$BMCPORT" ]; then
let idev=NUMBMCS-1
for p in $BMCPORT; do
ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
ipmitool -d $idev raw 0x04 0x12 0x09 0x01 0x18 0x${p}1 0x00 > /dev/null
let idev=idev-1
done
fi
elif [ "$XPROD" == "291" ]; then
LOCKEDUSERS=1
else
IBMFAM=`ipmitool raw 0x3a 0x50 |head -n 1| awk '{print $1 $2 $3 $4}'`
if [ "$IBMFAM" == "59554f4f" ]; then
BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
if [ ! -z "$BMCPORT" ]; then
let idev=NUMBMCS-1
for p in $BMCPORT; do
ipmitool -d $idev raw 0xc 1 1 0xc0 $BMCPORT > /dev/null
let idev=idev-1
done
fi
fi
fi
elif [ "$IPMIMFG" == 20301 ] ; then
XPROD=`ipmitool mc info|grep "^Product ID"|awk '{print $4}'`
IBMVPDV=`ipmitool raw 0x3a 0xb 2 0 16 1`
if [ $IBMVPDV -eq 2 ]; then
ISITE=1;
fi
LOCKEDUSERS=1
BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
if [ ! -z "$BMCPORT" ]; then
let idev=NUMBMCS-1
for p in $BMCPORT; do
ipmitool -d $idev raw 0xc 1 1 0xc0 $BMCPORT > /dev/null
NEWPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0|awk '{print $2}'`
sleep 10
let idev=idev-1
done
fi
fi
echo -n "Auto detecting LAN channel..."
for LANCHAN in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16; do
if ipmitool channel info $LANCHAN 2> /dev/null | grep 802.3 > /dev/null 2>&1 && ipmitool raw 0xc 2 $LANCHAN 5 0 0 > /dev/null 2>&1;
then break;
fi;
echo -n "."
done
echo "Detected LAN channel $LANCHAN"
let idev=NUMBMCS
if [ $IPCFGMETHOD="static" ]; then
while [ $idev -gt 0 ]; do
let idev=idev-1
TRIES=0
while ! ipmitool -d $idev lan set $LANCHAN ipsrc static; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
done
let idev=NUMBMCS-1
for b in $BMCIP; do
TRIES=0
while ! ipmitool -d $idev lan set $LANCHAN ipaddr $b; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
let idev=idev-1
done
let idev=NUMBMCS-1
for m in $BMCNM; do
TRIES=0
while ! ipmitool -d $idev lan set $LANCHAN netmask $m; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
let idev=idev-1
done
TRIES=0
if [ ! -z "$BMCGW" ]; then
let idev=NUMBMCS-1
for g in $BMCGW; do
TRIES=0
while ! ipmitool -d $idev lan set $LANCHAN defgw ipaddr $g; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
let idev=idev-1
done
TRIES=0
fi
else
let idev=NUMBMCS
while [ $idev -gt 0 ]; do
let idev=idev-1
TRIES=0
while ! ipmitool -d $idev lan set $LANCHAN ipsrc $IPCFGMETHOD; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
done
fi
let idev=NUMBMCS
while [ $idev -gt 0 ]; do
let idev=idev-1
TRIES=0
ipmitool -d $idev lan set $LANCHAN vlan id $BMCVLAN
done
let idev=NUMBMCS-1
for bmcu in $BMCUS; do
if [ "$bmcu" = "" ]; then continue; fi
DISABLEUSERS="1 2 3 4"
if [ ! -z "$LOCKEDUSERS" ]; then
USERSLOT=`ipmitool -d $idev user list $LANCHAN |grep -v ^ID|awk '{print $1 " " $2}'|grep " $BMCUS"|awk '{print $1}'`
if [ -z "$USERSLOT" ]; then
USERSLOT=4
fi
else
USERSLOT=2
fi
if [ "$ISITE" = 1 ]; then
while ! remoteimmsetup
do
echo "Waiting for xCAT remote configuration of service processor via CMM.."
done
fi
CURRENTUSER=`ipmitool -d $idev user list $LANCHAN|grep ^$USERSLOT|awk '{print $2}'`
DISABLEUSERS=`echo 1 2 3 4|sed -e s/$USERSLOT//`
for user in $DISABLEUSERS; do
while ! ipmitool -d $idev user disable $user; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
done
TRIES=0
while ! ipmitool -d $idev user enable $USERSLOT; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
# Last param in ipmitool user priv is the channel to set it on.
# Penguin boxes are all channel 2
CURRPRIV=`ipmitool -d $idev user list 1|grep ^$USERSLOT|awk '{print $6}'`
if [ "$CURRPRIV" != "ADMINISTRATOR" ]; then
while ! ipmitool -d $idev user priv $USERSLOT 4 $LANCHAN; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
fi
TRIES=0
while ! ipmitool -d $idev channel setaccess $LANCHAN $USERSLOT link=on; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
if [ "$CURRENTUSER" != "$bmcu" ]; then
while ! ipmitool -d $idev user set name $USERSLOT $bmcu; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
fi
let idev=idev-1
done
let idev=NUMBMCS-1
for bmcp in $BMCPW; do
if [ "$bmcp" = "" ]; then continue; fi
TRIES=0
while ! ipmitool -d $idev user set password $USERSLOT $bmcp; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
echo "Set up following user table: "
ipmitool -d $idev user list $LANCHAN
let idev=idev-1
done
let idev=NUMBMCS
while [ $idev -gt 0 ]; do
let idev=idev-1
echo -n "Enabling Channel $LANCHAN: "
while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x42 0x44 > /dev/null; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x82 0x84 > /dev/null; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
TRIES=0
echo -n "Enabling ARP responses: "
while ! ipmitool -d $idev lan set $LANCHAN arp respond on > /dev/null; do
sleep 1
let TRIES=TRIES+1
echo -n .
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
TRIES=0
echo -n "Enabling IPMI v 1.5 MD5 LAN access:"
while ! ipmitool -d $idev lan set $LANCHAN auth admin md5 > /dev/null; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
TRIES=0
if [ ! "$IPMIVER" == "1.5" ]; then
echo -n "Enabling IPMI v 2.0 LAN access: "
#two goals here, make sure cipher suite 0 does not work as it is insecure
#mae sure cipher suite 3 does work because we will use it
#leave every thing else alone.
ACCESS=`ipmitool raw 0xc 2 1 24 0 0 `
NEWACCESS=""
i=0
for elem in $ACCESS; do
if [ $i = 2 ]; then
NEWACCESS=`printf "$NEWACCESS 0x%02x" $((0x$elem&0xf0))`
elif [ $i = 3 ]; then
NEWACCESS=`printf "$NEWACCESS 0x%02x" $((0x$elem|0x44))`
elif [ $i != 0 ]; then
NEWACCESS="$NEWACCESS 0x$elem"
fi
i=$((i+1))
done
if ipmitool raw 0xc 1 1 24 $NEWACCESS > /dev/null; then
echo OK
else
echo ERROR
fi
TRIES=0
echo -n "Enabling SOL for channel $LANCHAN:"
while ! ipmitool -d $idev raw 0xc 0x21 $LANCHAN 0x1 0x1 > /dev/null; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
TRIES=0
echo -n "Enabling SOL for $BMCUS:"
while ! ipmitool -d $idev raw 6 0x4c $LANCHAN $USERSLOT 2 0 0 0 > /dev/null; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
echo -n "Putting SOL on channel $LANCHAN:"
while ! OUTPUT=`ipmitool -d $idev raw 0xc 0x21 $LANCHAN 7 $LANCHAN 2>&1 > /dev/null`; do
if echo $OUTPUT|grep "Unknown (0x80)" > /dev/null; then
echo "Not Needed"
break
fi
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
fi
#frume.awk
echo "Lighting Identify Light"
while :
do ipmitool -d $idev raw 0 4 10 > /dev/null
sleep 7
done &
done

127
xCAT-genesis-builder/dodiscovery
View File

@ -1,127 +0,0 @@
#!/bin/sh
minixcatd.awk &
PUBKEY=`openssl rsa -in /etc/xcat/privkey.pem -pubout 2> /dev/null|grep -v "PUBLIC KEY"`
PUBKEY=`echo $PUBKEY|sed -e 's/ //g'`
export PUBKEY
echo "Beginning node discovery process"
waitforlink=100
while [ ! -z "$NICSTOBRINGUP" -a $waitforlink -gt 0 ]; do
NICSTOBRINGUP=`ip link|grep mtu|grep -v LOOPBACK|grep -v usb|grep -v ,LOWER_UP|awk -F: '{print $2}'`
waitforlink=$((waitforlink - 1))
sleep 0.1
if [ $waitforlink = 1 ]; then
echo "No link detected on $NICSTOBRINGUP"
fi
done
NICSGETTINGADDR=`ip link|grep mtu|grep -v LOOPBACK|grep -v usb|grep ,LOWER_UP|awk -F: '{print $2}'`
timewaiting=0
echo "Waiting for nics to get addresses"
while [ ! -z "$NICSGETTINGADDR" -a $timewaiting != 700 ]; do
NEWNICSGETTINGADDR=""
for nic in $NICSGETTINGADDR; do
if ! ip addr show dev $nic |grep -v inet6|grep inet >/dev/null; then
NEWNICSGETTINGADDR="$NEWNICSGETTINGADDR $nic"
else
echo -n "$nic|"
ip addr show dev $nic |grep -v inet6|grep inet|sed -e s/\\/.*//|awk '{print $2}'
fi
done
sleep 0.1
timewaiting=$((timewaiting+1))
if [ $timewaiting = 699 ]; then
echo "No DHCP answer for $nic, ignoring interface"
fi
NICSGETTINGADDR=$NEWNICSGETTINGADDR
done
if [ $timewaiting != 700 -a $timewaiting -gt 450 ]; then
echo "Got an address, but it took inordinately long, you may want to check spanning tree configuration"
fi
echo "Network configuration complete, commencing transmit of discovery packets"
XCATPORT=3001
export XCATPORT
for parm in `cat /proc/cmdline`; do
key=`echo $parm|awk -F= '{print $1}'`
if [ "$key" = "xcatd" ]; then
XCATMASTER=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $1}'`
XCATPORT=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $2}'`
fi
done
#time to make our packet...
MTM=unknown
SERIAL=unknown
ARCH=unknown
ARCH=`uname -m` #32-bit only is old news
if [ -r /sys/devices/virtual/dmi/id/product_name ]; then #x86
PRODNAME=`cat /sys/devices/virtual/dmi/id/product_name`
IAMAVM=0
if [ "$PRODNAME" = "KVM" ]; then
IAMAVM=1
MTM=KVM
elif [ "$PRODNAME" = "VMware Virtual Platform" ]; then
IAMAVM=1
MTM=VMware
else
MTM=`cat /sys/devices/virtual/dmi/id/product_name|awk -F'[' '{print $2}'|awk -F']' '{print $1}'`
SERIAL=`cat /sys/devices/virtual/dmi/id/product_serial`
fi
elif [ -r /proc/device-tree/model ]; then #POWER
MTM=`cat /proc/device-tree/model |awk -F, '{print $2}'`
fi
CPUCOUNT=`cat /proc/cpuinfo |grep "model name"|wc -l`
MEMORY=`cat /proc/meminfo |grep MemTotal|awk '{print $2}'`
UUID=`sed -e 's/\(..\)\(..\)\(..\)\(..\)-\(..\)\(..\)-\(..\)\(..\)/\4\3\2\1-\6\5-\8\7/' /sys/devices/virtual/dmi/id/product_uuid`
grep "model name" /proc/cpuinfo | while read line; do #to avoid pulling in tail, we do a goofy thing
echo $line > /tmp/cpumod
done
CPUTYPE=`cat /tmp/cpumod|awk -F':' '{print $2}'|sed -e 's/^ //'`
echo '<xcatrequest>' > /tmp/discopacket
echo "<command>findme</command>" >> /tmp/discopacket
echo "<arch>$ARCH</arch>" >> /tmp/discopacket
if [ "$IAMAVM" = 1 ]; then
echo "<nodetype>virtual</nodetype>" >> /tmp/discopacket
fi
echo "<cpucount>$CPUCOUNT</cpucount>" >> /tmp/discopacket
echo "<cputype>$CPUTYPE</cputype>" >> /tmp/discopacket
echo "<memory>$MEMORY</memory>" >> /tmp/discopacket
echo "<uuid>$UUID</uuid>" >> /tmp/discopacket
if [ "$MTM" != "unknown" ]; then
echo "<mtm>$MTM</mtm>" >> /tmp/discopacket
fi
if [ "$SERIAL" != "unknown" ]; then
echo "<serial>$SERIAL</serial>" >> /tmp/discopacket
fi
for dev in `ip link|grep -B1 ether|grep UP|awk '{print $2}'|sed -e s/://`; do
DRIVER=`grep DRIVER /sys/class/net/$dev/device/uevent|awk -F= '{print $2}'`
ADDRESS=`ip address show dev $dev|grep "inet "|grep global|awk '{print $2}'`
MAC=`ip link show dev $dev|grep ether|awk '{print $2}'| tr /a-f/ /A-F/`
echo "<mac>$DRIVER|$dev|$MAC|$ADDRESS</mac>" >> /tmp/discopacket
done
echo "<xcatpubkey>$PUBKEY</xcatpubkey>" >> /tmp/discopacket #this is not secure to use by itself, switch sourced pubkey for security
echo "<sha512sig>" >> /tmp/discopacket
echo "</sha512sig>" >> /tmp/discopacket
echo "</xcatrequest>" >> /tmp/discopacket
openssl dgst -sha512 -out /tmp/discopacket.sha512 -sign /etc/xcat/privkey.pem /tmp/discopacket
openssl enc -e -a -in /tmp/discopacket.sha512 > /tmp/discopacket.b64sig
cat /tmp/discopacket |while read line; do
if [ "$line" = "</sha512sig>" ]; then
cat /tmp/discopacket.b64sig >> /tmp/discopacket.new
fi
echo $line >> /tmp/discopacket.new
done
mv /tmp/discopacket.new /tmp/discopacket
while [ ! -r /restart ]; do
if [ ! -z "$XCATMASTER" ]; then
(cat /tmp/discopacket | udpcat.awk $XCATMASTER $XCATPORT ) &
fi
for dhcps in `grep dhcp-server /var/lib/dhclient/dhclient.leases|awk '{print $4}'|sed -s 's/;//'`; do
(cat /tmp/discopacket | udpcat.awk $dhcps $XCATPORT ) &
done
#cat /tmp/discopacket
sleep 5
done
/bin/restart

173
xCAT-genesis-builder/doxcat
View File

@ -1,173 +0,0 @@
if [ ! -z "$BOOTIF" ]; then
BOOTIF=`echo $BOOTIF|sed -e s/01-// -e s/-/:/g`
echo -n "Waiting for device with address $BOOTIF to appear.."
gripeiter=6000
while [ -z "$bootnic" ]; do
bootnic=`ip link show|grep -B1 $BOOTIF|grep mtu|awk '{print $2}'|sed -e 's/:$//'`
sleep 0.1
if [ $gripeiter = 0 ]; then
echo "ERROR"
echo "Unable to find boot device (maybe the nbroot is missing the driver for your nic?)"
while :; do sleep 365d; done
fi
gripeiter=$((gripeiter-1))
done
fi
echo "Done"
if [ -z "$bootnic" ]; then
echo "ERROR: BOOTIF missing, can't detect boot nic"
fi
if [ -r /sys/devices/virtual/dmi/id/product_uuid ]; then
duid='default-duid "\\000\\004';
#product_uuid in sysfs fails to cope with endianness of SMBIOS 2.6, unconditionnaly swap. Technically leads to incorrect DUID in 'older' systems but matches MS behavior
for i in `sed -e 's/\(..\)\(..\)\(..\)\(..\)-\(..\)\(..\)-\(..\)\(..\)/\4\3\2\1-\6\5-\8\7/;s/-//g;s/\(..\)/\1 /g' /sys/devices/virtual/dmi/id/product_uuid`; do
octnum="\\"`printf "\\%03o" 0x$i`
duid=$duid$octnum
done
duid=$duid'";'
echo $duid > /var/lib/dhclient/dhclient6.leases
fi
rpcbind
rpc.statd
ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -C '' -N ''
ssh-keygen -q -t dsa -f /etc/ssh/ssh_host_dsa_key -C '' -N ''
echo 'Protocol 2' >> /etc/ssh/sshd_config
/usr/sbin/sshd
mkdir -p /etc/xcat
mkdir -p /etc/pki/tls
echo "[ req ]
distinguished_name = nodedn
[ nodedn ]" > /etc/pki/tls/openssl.cnf
echo -n "Generating private key..."
openssl genrsa -out /etc/xcat/privkey.pem 1024 >& /dev/null
echo "Done"
PUBKEY=`openssl rsa -in /etc/xcat/privkey.pem -pubout 2> /dev/null|grep -v "PUBLIC KEY"`
PUBKEY=`echo $PUBKEY|sed -e 's/ //g'`
export PUBKEY
/sbin/rsyslogd -c4
mkdir -p /var/lib/lldpad
echo 'lldp :' >> /var/lib/lldpad/lldpad.conf
echo '{' >> /var/lib/lldpad/lldpad.conf
for iface in `ip link |grep -v '^ '|awk '{print $2}'|sed -e 's/:$//'|grep -v lo`; do
echo "$iface :" >> /var/lib/lldpad/lldpad.conf
echo "{" >> /var/lib/lldpad/lldpad.conf
echo "tlvid00000006 :" >> /var/lib/lldpad/lldpad.conf
echo "{" >> /var/lib/lldpad/lldpad.conf
echo info = '"'$PUBKEY'";' >> /var/lib/lldpad/lldpad.conf
echo 'enableTx = true;' >> /var/lib/lldpad/lldpad.conf
echo '};' >> /var/lib/lldpad/lldpad.conf
echo 'adminStatus = 3;' >> /var/lib/lldpad/lldpad.conf
echo '};' >> /var/lib/lldpad/lldpad.conf
done
echo '};' >> /var/lib/lldpad/lldpad.conf
lldpad -d
dhclient -cf /etc/dhclient.conf -pf /var/run/dhclient.$bootnic.pid $bootnic &
#we'll kick of IPv6 and IPv4 on all nics, but not wait for them to come up unless doing discovery, to reduce
#chances that we'll perform a partial discovery
#in other scenarios where downed non-bootnics cause issues, will rely on retries to fix things up
dhclient -6 -pf /var/run/dhclient6.$bootnic.pid $bootnic -lf /var/lib/dhclient/dhclient6.leases &
NICSTOBRINGUP=`ip link|grep mtu|grep -v LOOPBACK|grep -v $bootnic|grep -v usb|grep -v ,UP|awk -F: '{print $2}'`
export NICSTOBRINGUP
for nic in $NICSTOBRINGUP; do
dhclient -cf /etc/dhclient.conf -pf /var/run/dhclient.$nic.pid $nic &
dhclient -cf /etc/dhclient.conf -6 -pf /var/run/dhclient6.$nic.pid -lf var/lib/dhclient/dhclient6.leases $nic &
done
openssl genrsa -out /etc/xcat/certkey.pem 4096 > /dev/null 2>&1 &
gripeiter=101
echo -n "Acquiring network addresses.."
while ! ip addr show dev $bootnic|grep -v 'scope link'|grep -v 'dynamic'|grep -v inet6|grep inet > /dev/null; do
sleep 0.1
if [ $gripeiter = 1 ]; then
echo
echo "It seems to be taking a while to acquire an IPv4 address, you may want to check spanning tree..."
fi
gripeiter=$((gripeiter-1))
done
echo -n "Acquired IPv4 address on $bootnic: "
ip addr show dev $bootnic|grep -v 'scope link'|grep -v 'dynamic'|grep -v inet6|grep inet|awk '{print $2}'
ntpd -g -x
(while ! ntpq -c "rv 0 state"|grep 'state=4' > /dev/null; do sleep 1; done; hwclock --systohc) &
if dmidecode|grep IPMI > /dev/null; then
modprobe ipmi_si
modprobe ipmi_devintf
fi
XCATPORT=3001
export XCATPORT
for parm in `cat /proc/cmdline`; do
key=`echo $parm|awk -F= '{print $1}'`
if [ "$key" = "xcatd" ]; then
XCATMASTER=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $1}'`
XCATPORT=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $2}'`
fi
done
if [ "$destiny" != "discover" ]; then #we aren't discoverying, we probably can and should get a cert
/bin/getcert $XCATMASTER:$XCATPORT
fi
while :; do
if [ -z "$destiny" ]; then
destiny=`getdestiny $XCATMASTER:$XCATPORT`
fi
destparameter=`echo $destiny|awk -F= '{print $2}'`
destiny=`echo $destiny|awk -F= '{print $1}'`
dest=`echo $destiny|awk '{print $1}'` #could probably use bash but oh well
if [ "$dest" = "discover" ]; then #skip a query to xCAT when /proc/cmdline will do
/bin/dodiscovery
/bin/getcert $XCATMASTER:$XCATPORT
destiny=''
dest=''
elif [ "$dest" = shell ]; then
echo "Dropping to debug shell, exit to check for further action"
destiny=''
dest=''
/bin/bash
elif [ "$dest" = runcmd ]; then
destiny=`/bin/nextdestiny $XCATMASTER:$XCATPORT`
dest=`echo $destiny|awk -F= '{print $1}'`
$destparameter
elif [ "$dest" = runimage ]; then
destiny=`/bin/nextdestiny $XCATMASTER:$XCATPORT`
dest=`echo $destiny|awk -F= '{print $1}'`
mkdir /tmp/`basename $destparameter`
cd /tmp/`basename $destparameter`
ERROR=`wget $destparameter 2>&1`
while [ $? == 1 ] && echo $ERROR|grep -v 416; do
sleep 10
ERROR=`wget -c $destparameter 2>&1`
done
tar xvf `basename $destparameter`
./runme.sh
cd -
elif [ "$dest" = "reboot" -o "$dest" = "boot" ]; then
/bin/nextdestiny $XCATMASTER:$XCATPORT
reboot -f
elif [ "$dest" = "install" -o "$dest" = "netboot" ]; then
reboot -f
elif [ "$dest" = standby ]; then
destiny=''
dest=''
delay=$((30+$RANDOM%270))
while [ $delay -gt 0 ]; do
echo -en "Received request to retry in a bit, will call xCAT back in $delay seconds \r"
delay=$((delay-1))
sleep 1
done
echo "Retrying ";
else
echo "Unrecognized directive $dest"
destiny=''
dest=''
delay=$((30+$RANDOM%270))
while [ $delay -gt 0 ]; do
echo -en "Will retry in $delay seconds \r"
delay=$((delay-1))
sleep 1
done
fi
done

41
xCAT-genesis-builder/getcert
View File

@ -1,41 +0,0 @@
#!/bin/bash
allowcred.awk &
CREDPID=$!
if [ -z "$XCATDEST" ]; then
XCATDEST=$1
fi
#retry in case certkey.pem is not right, yet
while ! openssl req -new -key /etc/xcat/certkey.pem -out /tmp/tls.csr -subj "/CN=`hostname`" >& /dev/null; do
sleep 1
done
echo "<xcatrequest>
<command>getcredentials</command>
<arg>x509cert</arg>
<callback_port>300</callback_port>
<csr>" > /tmp/certreq.xml
cat /tmp/tls.csr >> /tmp/certreq.xml
echo "</csr>
<sha512sig>
</sha512sig>
</xcatrequest>" >> /tmp/certreq.xml
openssl dgst -sha512 -out /tmp/certreq.sha512 -sign /etc/xcat/privkey.pem /tmp/certreq.xml #chain off the switch published key
openssl enc -e -a -in /tmp/certreq.sha512 > /tmp/certreq.b64sig
cat /tmp/certreq.xml |while read line; do
if [ "$line" = "</sha512sig>" ]; then
cat /tmp/certreq.b64sig >> /tmp/certreq.xml.new
fi
echo $line >> /tmp/certreq.xml.new
done
mv /tmp/certreq.xml.new /tmp/certreq.xml
rm /tmp/certreq.b64sig /tmp/certreq.sha512
cat /tmp/certreq.xml | openssl s_client -connect $XCATDEST -quiet 2> /dev/null > /tmp/certresp.xml
if grep 'BEGIN CERTIFICATE' /tmp/certresp.xml > /dev/null; then
awk '/BEGIN CERTIFICATE/,/END CERTIFICATE/' < /tmp/certresp.xml > /etc/xcat/cert.pem
#stop transmitting sysDesc, allowing the public key to age out of validity
for iface in `grep '^ e' /var/lib/lldpad/lldpad.conf|awk '{print $1}' `; do
lldptool -T -i $iface -V sysDesc enableTx=no >& /dev/null
done
fi
rm /tmp/certreq.xml
rm /tmp/certresp.xml
kill $CREDPID

30
xCAT-genesis-builder/getdestiny
View File

@ -1,30 +0,0 @@
#!/bin/bash
if [ -z "$XCATDEST" ]; then
XCATDEST=$1
fi
echo "<xcatrequest>
<command>getdestiny</command>
<callback_port>300</callback_port>
</xcatrequest>" > /tmp/destreq.xml
if [ -f /tmp/destiny.xml ]; then rm /tmp/destiny.xml; fi
while [ ! -f /tmp/destiny.xml ] || grep error /tmp/destiny.xml; do
if [ -f /tmp/destiny.xml ]; then
timer=60
while [ $timer -gt 0 ]; do
echo -en "Retrying in $timer seconds \r" >&2
sleep 1
timer=$(($timer-1));
done
fi
echo " " >&2
if [ -f /etc/xcat/cert.pem -a -f /etc/xcat/certkey.pem ]; then #use client cert if available
cat /tmp/destreq.xml | openssl s_client -key /etc/xcat/certkey.pem -cert /etc/xcat/cert.pem -connect $XCATDEST -quiet 2> /dev/null > /tmp/destiny.xml
else
cat /tmp/destreq.xml | openssl s_client -connect $XCATDEST -quiet 2> /dev/null > /tmp/destiny.xml
fi
done
rm /tmp/destreq.xml
DESTINY=`grep '<destiny>' /tmp/destiny.xml | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'`
rm /tmp/destiny.xml
echo $DESTINY

46
xCAT-genesis-builder/getipmi
View File

@ -1,46 +0,0 @@
#!/bin/bash
allowcred.awk &
CREDPID=$!
if [ -z "$XCATDEST" ]; then
XCATDEST=$1
fi
if [ -z "$XCATDEST" ]; then
for parm in `cat /proc/cmdline` ; do
if echo $parm |grep xcatd= > /dev/null; then
XCATDEST=`echo $parm |awk -F= '{print $2}'`
fi
done
fi
for LANCHAN in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16; do
if ipmitool channel info $LANCHAN 2> /dev/null | grep 802.3 > /dev/null 2>&1 && ipmitool raw 0xc 2 $LANCHAN 5 0 0 > /dev/null 2>&1;
then break;
fi;
done
BMCMAC=`ipmitool lan print $LANCHAN|grep ^MAC|awk '{print $4}'` #bmcconfig may opt to use DHCP, if so we need to feed up the mac address
#TODO: need a way to get the DUID the service processor may use, perhaps reserve that for 'ibmsetup' since spec doesn't touch ipv6?
echo "<xcatrequest>
<command>getbmcconfig</command>
<callback_port>300</callback_port>
<bmcmac>$BMCMAC</bmcmac>
</xcatrequest>" > /tmp/bmcreq.xml
rm /tmp/ipmicfg.xml
while [ ! -f /tmp/ipmicfg.xml ] || grep error /tmp/ipmicfg.xml; do
if [ -f /tmp/ipmicfg.xml ]; then
timer=60
while [ $timer -gt 0 ]; do
sleep 1
echo -en "Retrying in $timer seconds \r"
timer=$(($timer-1));
done
fi
echo -en " \r";
if [ -f /etc/xcat/cert.pem -a -f /etc/xcat/certkey.pem ]; then #use client cert if available
cat /tmp/bmcreq.xml | openssl s_client -key /etc/xcat/certkey.pem -cert /etc/xcat/cert.pem -connect $XCATDEST -quiet 2> /dev/null > /tmp/ipmicfg.xml
else
cat /tmp/bmcreq.xml | openssl s_client -connect $XCATDEST -quiet 2> /dev/null > /tmp/ipmicfg.xml
fi
done
rm /tmp/bmcreq.xml
kill $CREDPID

13
xCAT-genesis-builder/install
View File

@ -9,7 +9,7 @@ dracut_install efibootmgr
#dracut_install libvirtd /usr/share/libvirt/cpu_map.xml /usr/bin/qemu-img /usr/libexec/qemu-kvm
dracut_install mkswap df brctl vconfig ifenslave ssh-keygen scp clear dhclient lldpad
dracut_install lldptool /lib64/libnss_dns-2.12.so /lib64/libnss_dns.so.2
dracut_install poweroff ntpq ntpd hwclock date /usr/share/terminfo/x/xterm /etc/nsswitch.conf /etc/services
dracut_install poweroff ntpq ntpd hwclock date /usr/share/terminfo/x/xterm /usr/share/terminfo/s/screen /etc/nsswitch.conf /etc/services
dracut_install /sbin/rsyslogd /etc/protocols umount /bin/rpm /usr/lib/rpm/rpmrc
dracut_install chmod /lib/libc.so.6 /lib/ld-linux.so.2 /lib/libdl.so.2 /lib/libm.so.6 /sbin/route /sbin/ifconfig /usr/bin/head /etc/redhat-release ping tr lsusb /usr/share/hwdata/usb.ids #ibm fw wrapper requirements
dracut_install dmidecode /usr/lib64/libstdc++.so.6 #uxspi prereqs, but will use dmidecode to improve decision on loading ipmi_si
@ -591,18 +591,7 @@ dracut_install /usr/share/zoneinfo/posix/Chile/EasterIsland
dracut_install /usr/share/zoneinfo/posix/Chile/Continental
dracut_install /usr/share/zoneinfo/posix/Factory
inst "$moddir/xcatroot" "/sbin/xcatroot"
inst "$moddir/dodiscovery" "/bin/dodiscovery"
inst "$moddir/udpcat.awk" "/bin/udpcat.awk"
inst "$moddir/minixcatd.awk" "/bin/minixcatd.awk"
inst "$moddir/bmcsetup" "/bin/bmcsetup"
inst "$moddir/allowcred.awk" "/bin/allowcred.awk"
inst "$moddir/getipmi" "/bin/getipmi"
inst "$moddir/remoteimmsetup" "/bin/remoteimmsetup"
inst "$moddir/getdestiny" "/bin/getdestiny"
inst "$moddir/restart" "/bin/restart"
inst "$moddir/doxcat" "/bin/doxcat"
inst "$moddir/nextdestiny" "/bin/nextdestiny"
inst "$moddir/getcert" "/bin/getcert"
inst "$moddir/dhclient.conf" "/etc/dhclient.conf"
inst "$moddir/dhclient-script" "/sbin/dhclient-script"
inst "$moddir/rsyslog.conf" "/etc/rsyslog.conf"

18
xCAT-genesis-builder/minixcatd.awk
View File

@ -1,18 +0,0 @@
#!/usr/bin/awk -f
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
BEGIN {
port = 3001
listener = "/inet/tcp/" port "/0/0"
quit = "no"
while (match(quit,"no")) {
while (match(quit,"no") && (listener |& getline) > 0) {
if (match($0,"restart")) {
print "restarting bootstrap process" |& listener
quit="yes"
system("echo \"" $0 "\" > /restart")
close(listener)
}
}
close(listener)
}
}

29
xCAT-genesis-builder/nextdestiny
View File

@ -1,29 +0,0 @@
#!/bin/bash
if [ -z "$XCATDEST" ]; then
XCATDEST=$1
fi
echo "<xcatrequest>
<command>nextdestiny</command>
<callback_port>300</callback_port>
</xcatrequest>" > /tmp/destreq.xml
if [ -f /tmp/destiny.xml ]; then rm /tmp/destiny.xml; fi
while [ ! -f /tmp/destiny.xml ] || grep error /tmp/destiny.xml; do
if [ -f /tmp/destiny.xml ]; then
timer=60
while [ $timer -gt 0 ]; do
echo -en "Retrying in $timer seconds \r" >&2
sleep 1
timer=$(($timer-1));
done
fi
echo " " >&2;
if [ -f /etc/xcat/cert.pem -a -f /etc/xcat/certkey.pem ]; then #use client cert if available
cat /tmp/destreq.xml | openssl s_client -key /etc/xcat/certkey.pem -cert /etc/xcat/cert.pem -connect $XCATDEST -quiet 2> /dev/null > /tmp/destiny.xml
else
cat /tmp/destreq.xml | openssl s_client -connect $XCATDEST -quiet 2> /dev/null > /tmp/destiny.xml
fi
done
rm /tmp/destreq.xml
DESTINY=`grep destiny /tmp/destiny.xml | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'`
rm /tmp/destiny.xml
echo $DESTINY

43
xCAT-genesis-builder/remoteimmsetup
View File

@ -1,43 +0,0 @@
#!/bin/bash
CREDPID=$!
if [ -z "$XCATDEST" ]; then
XCATDEST=$1
fi
if [ -z "$XCATDEST" ]; then
for parm in `cat /proc/cmdline` ; do
if echo $parm |grep xcatd= > /dev/null; then
XCATDEST=`echo $parm |awk -F= '{print $2}'`
fi
done
fi
for LANCHAN in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16; do
if ipmitool channel info $LANCHAN 2> /dev/null | grep 802.3 > /dev/null 2>&1 && ipmitool raw 0xc 2 $LANCHAN 5 0 0 > /dev/null 2>&1;
then break;
fi;
done
BMCMAC=`ipmitool lan print $LANCHAN|grep ^MAC|awk '{print $4}'` #bmcconfig may opt to use DHCP, if so we need to feed up the mac address
#TODO: need a way to get the DUID the service processor may use, perhaps reserve that for 'ibmsetup' since spec doesn't touch ipv6?
echo "<xcatrequest>
<command>remoteimmsetup</command>
<bmcmac>$BMCMAC</bmcmac>
</xcatrequest>" > /tmp/bmcreq.xml
rm /tmp/remsetup.xml
while [ ! -f /tmp/remsetup.xml ] || grep error /tmp/ipmicfg.xml; do
if [ -f /tmp/remsetup.xml ]; then
timer=60
while [ $timer -gt 0 ]; do
sleep 1
echo -en "Retrying in $timer seconds \r"
timer=$(($timer-1));
done
fi
echo -en " \r";
if [ -f /etc/xcat/cert.pem -a -f /etc/xcat/certkey.pem ]; then #use client cert if available
cat /tmp/bmcreq.xml | openssl s_client -key /etc/xcat/certkey.pem -cert /etc/xcat/cert.pem -connect $XCATDEST -quiet 2> /dev/null > /tmp/ipmicfg.xml
else
cat /tmp/bmcreq.xml | openssl s_client -connect $XCATDEST -quiet 2> /dev/null > /tmp/ipmicfg.xml
fi
done
rm /tmp/bmcreq.xml

12
xCAT-genesis-builder/udpcat.awk
View File

@ -1,12 +0,0 @@
#!/usr/bin/awk -f
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
BEGIN {
xcatdport = ARGV[2]
xcatdhost = ARGV[1]
delete ARGV[1]
delete ARGV[2]
RS=""
}
END {
print $0 |& "/inet/udp/301/"xcatdhost"/"xcatdport
}

7
xCAT-genesis-builder/xCAT-genesis.spec
View File

@ -1,4 +1,4 @@
%define version 2.7.3
%define version 2.8
%ifarch i386 i586 i686 x86
%define tarch x86
%endif
@ -9,7 +9,7 @@
%define tarch ppc64
%endif
BuildArch: noarch
%define name xCAT-genesis-%{tarch}
%define name xCAT-genesis-base-%{tarch}
%define __spec_install_post :
%define debug_package %{nil}
%define __prelink_undo_cmd %{nil}
@ -28,13 +28,14 @@ License: Various (see individual packages for details)
Vendor: IBM Corp.
Summary: xCAT Genesis netboot image
URL: http://xcat.org
Source1: xCAT-genesis-%{tarch}.tar.bz2
Source1: xCAT-genesis-base-%{tarch}.tar.bz2
Buildroot: %{_localstatedir}/tmp/xCAT-genesis
Packager: IBM Corp.
%Description
xCAT genesis (Genesis Enhanced Netboot Environment for System Information and Servicing) is a small, embedded-like environment for xCAT's use in discovery and management actions when interaction with an OS is infeasible.
This package comprises the base platform with most of the xCAT specific behavior left to xCAT-genesis-scripts package.
%Prep