Jarrod Johnson
6865e3259e
Detect broken ipv4 and try ipv6
2022-11-08 09:45:08 -05:00
Jarrod Johnson
3d37692360
Add IPv6 to the imageboot script for EL profiles
2022-11-08 09:16:20 -05:00
Jarrod Johnson
20e6e1e521
Refresh functions to cope with v6-only usage
2022-11-08 08:52:29 -05:00
Jarrod Johnson
fd14221ab5
Avoid truncating console logging of firstboot
...
With significant firstboot output, there was a tendency
for tail to be killed before it relayed all the content.
Change to run the firstboot in a subshell in the background,
and have tail explicitly run until that subshell naturally
exits and then tail will cleanly exit
2022-10-28 09:30:12 -04:00
Jarrod Johnson
145be7ce31
Correct omission in private key access message during diskless boot
2022-10-07 16:47:48 -04:00
Jarrod Johnson
6eb4bf28e5
Another iteration to try to have IP adaptive syncfiles
...
It is likely that a client connects from fe80::, which
is explicitly omitted from ssh principals.
This time, have the client provide all currently set IP addresses
and the server will make a determination.
There remains the possibility it misconfigures a nic and tries to use that,
inducing failure. One strategy would be to filter the addresses and
only provide from the 'current' interface. Another is to just take
the hit as the node is likely going to suffer a lot from such a
misconfiguration anyway.
2022-10-05 12:23:47 -04:00
Jarrod Johnson
b98759698a
Sync up getinstalldisk and add another m.2 model
2022-09-01 13:22:50 -04:00
Jarrod Johnson
e774add916
Set timezone on diskless boots by default
...
During onboot, use confluent directed timezone
info to set the timezone if the
disk image is incorrect.
2022-08-24 16:09:05 -04:00
Jarrod Johnson
fb9546cbd6
Kill redundant udevd prior to starting the root fs
...
Having multiple udevd produces ambiguity and confusing
2022-04-14 13:56:42 -04:00
Jarrod Johnson
79bc27bc7a
Have el8 diskless systems add local repositories
...
This sets up local yum action by default.
2022-04-13 09:50:39 -04:00
Jarrod Johnson
9f071c1fdb
Provide more details in example syncfiles
2022-01-20 14:10:30 -05:00
Jarrod Johnson
02da50af8b
Tighter permissions on /var/log/confluent
2021-12-08 07:42:19 -05:00
Jarrod Johnson
77de3ab25b
Apply more restrictive permissions to /var/log/confluent/
...
While confluent shouldn't put anything sensitive in the log, custom
content may. To mitigate the risk, it will now lock down the
log permissions.
2021-12-07 07:21:04 -05:00
Jarrod Johnson
1b21b9316c
Correct variable typo in imageboot scripts
2021-12-06 09:00:44 -05:00
Jarrod Johnson
61eecd672c
Add confignet to default firstboot/onboot as appropriate for el8 and
...
suse15
2021-11-08 16:34:26 -05:00
Jarrod Johnson
224663d0c8
Fix execution of confluent functions after run_remote_python
2021-10-29 13:50:04 -04:00
Jarrod Johnson
729408a0cb
Fix run_remote aafter the cleanup was added
...
The removal of the temp dir needed to be linked with
whether the script was dedicated or shared tmp with a run_remote_parts.
2021-10-29 13:01:59 -04:00
Jarrod Johnson
8eb6ce0b69
Specify absolute path for mktemp
...
mktemp defaults to relative, to produce the correct
behavior, must be absolute template.
2021-10-25 12:03:26 -04:00
Jarrod Johnson
957679db3c
Update syncfile examples and el7 support
2021-10-15 16:24:22 -04:00
Jarrod Johnson
98a6ffd9b6
Update more profiles with the APPENDONCE support
2021-10-15 16:16:11 -04:00
Jarrod Johnson
f33ed9b4d9
Cleanup after script execution
...
Leave cleaner tmp directories when functions are ran.
2021-10-15 12:16:48 -04:00
Jarrod Johnson
52549ec563
Fix module autoloading in diskless profiles
...
The initramfs has a reduced set of modules to boot and then
in diskless mode hands over to the 'real' OS for all userspace
to use the more substantial root filesystem with all of the modules.
However one exception is kernel module autoload, which induces modprobe
to run in the initial mount namespace unconditionally.
Thus, preserve the ramfs drivers (just in case) but have the autoloading
pivot
to the normal root filesystem to get the full complement of modules.
2021-10-13 11:37:48 -04:00
Jarrod Johnson
b96e9f4f70
Provide better feedback on missing key and skip tpm when not present
2021-10-12 11:39:18 -04:00
Jarrod Johnson
57f346fa4c
Implement syncfiles parameters
...
chmod and chown as directed
by the syncfiles file if present
2021-10-08 10:27:57 -04:00
Jarrod Johnson
3b7e7afc24
Fix inconsistent handling of marginal id in syncfileclient
...
Also, resynchronize syncfileclient across the distributions.
2021-10-07 12:36:52 -04:00
Jarrod Johnson
6222883188
Syncronize syncfileclient for el8 diskless and diskful
2021-10-07 11:10:56 -04:00
Jarrod Johnson
d23f9db6e0
Syncronize diskfull and diskless el8 and el9 functions
2021-10-07 08:38:29 -04:00
Jarrod Johnson
6acd3c2b7d
Add ability to execute functions as a command
...
This gives easier access over nodeshell and similar to run functions by executing the
functions as a script with arguments.
2021-09-20 08:00:35 -04:00
Jarrod Johnson
06e32c53cc
Fix overly vague extraction of deploy_server
...
If deploy_server appears anywhere, it confuses
the scripts
2021-09-13 10:23:13 -04:00
Jarrod Johnson
1c3c54a35b
Update functions to be more thorough
...
confluent_mgr could be ipv6 or
may need to be updated from a
link local or may need to go to copernicus data to work.
2021-09-10 11:40:17 -04:00
Jarrod Johnson
225618ef75
Add stall in firstboot for deployer to be available
2021-08-09 15:19:36 -04:00
Jarrod Johnson
4c96735b6d
Add ssh to post phase of cloning
2021-07-26 13:51:36 -04:00
Jarrod Johnson
ac86961e24
Perform syncfiles on clone deployment post
2021-07-26 13:29:33 -04:00
Jarrod Johnson
6adc736450
Relocate syncfiles path to correct location
2021-07-26 13:22:31 -04:00
Jarrod Johnson
065d0585ea
Make search for grub.cfg more specific
...
grub.cfg outside of /boot can easily exist, be more specific about where it can be.
2021-07-26 12:17:15 -04:00
Jarrod Johnson
663f8fc085
Add nodename to set_confluent_vars
...
It is expected that nodename would also be set.
2021-07-23 19:08:06 -04:00
Jarrod Johnson
a7b9e72589
Fixes and update umage2disk to new multipart format
2021-07-23 19:06:14 -04:00
Jarrod Johnson
9eb6f38bf1
Various fixes to imageboot.sh
2021-07-23 18:43:57 -04:00
Jarrod Johnson
1e44deecf6
Add support to retrieve private key and crypt mount diskless/cloning
2021-07-23 16:49:02 -04:00
Jarrod Johnson
1e653851fe
Add syncfiles to el8 diskless
2021-07-23 16:23:15 -04:00
Jarrod Johnson
364085801a
Fix apikey variable
2021-07-21 17:44:43 -04:00
Jarrod Johnson
8171d461ea
Another selinux fixup
...
systemctl enable firstboot
produces invalid selinux context, fix aafter enabling.
2021-07-21 17:34:53 -04:00
Jarrod Johnson
3690dda177
Actually enable firstboot execution
2021-07-21 16:48:38 -04:00
Jarrod Johnson
b3fee922f9
Try to speed up selinux labelling
...
There's only a couple of places
where the imaging should need fixup, be more selective in relabel.
2021-07-21 13:26:31 -04:00
Jarrod Johnson
29d0dd6678
Add missing profile content for cloning
2021-07-21 12:47:43 -04:00
Jarrod Johnson
7d31e22447
Add post/firstboot to os cloning
2021-07-21 12:28:03 -04:00
Jarrod Johnson
5dfbeef79c
Advance state of cloning
...
Have imgutil complete the capture process, splitting work
between target and repository.
Provide hook through kcmdline to induce installtodisk.
Have installimage reboot system cleanly when done.
Have new /etc/confluent in cloned system.
Hook for post scripts to execute.
2021-07-21 11:15:42 -04:00
Jarrod Johnson
55302b74d9
Have prototype cloning implemented
...
Go ahead and relabel all selinux content, ssh keys, grub, and efiboot entry.
2021-07-20 14:07:55 -04:00
Jarrod Johnson
22008f9dc9
Image cloning changes
...
Refactor and try to mask ssh
keys for root user.
Try to preserve selinux context for masked files.
Add progress indicator for writing to disk.
2021-07-19 17:30:26 -04:00
Jarrod Johnson
fada9336ee
Fix swapsize float in image install
...
If it undergoes float arithmetic, it must be made int again.
2021-07-16 17:23:21 -04:00