2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-25 11:01:09 +00:00
Commit Graph

66 Commits

Author SHA1 Message Date
Jarrod Johnson
6865e3259e Detect broken ipv4 and try ipv6 2022-11-08 09:45:08 -05:00
Jarrod Johnson
3d37692360 Add IPv6 to the imageboot script for EL profiles 2022-11-08 09:16:20 -05:00
Jarrod Johnson
20e6e1e521 Refresh functions to cope with v6-only usage 2022-11-08 08:52:29 -05:00
Jarrod Johnson
fd14221ab5 Avoid truncating console logging of firstboot
With significant firstboot output, there was a tendency
for tail to be killed before it relayed all the content.

Change to run the firstboot in a subshell in the background,
and have tail explicitly run until that subshell naturally
exits and then tail will cleanly exit
2022-10-28 09:30:12 -04:00
Jarrod Johnson
145be7ce31 Correct omission in private key access message during diskless boot 2022-10-07 16:47:48 -04:00
Jarrod Johnson
6eb4bf28e5 Another iteration to try to have IP adaptive syncfiles
It is likely that a client connects from fe80::, which
is explicitly omitted from ssh principals.

This time, have the client provide all currently set IP addresses
and the server will make a determination.

There remains the possibility it misconfigures a nic and tries to use that,
inducing failure.  One strategy would be to filter the addresses and
only provide from the 'current' interface.  Another is to just take
the hit as the node is likely going to suffer a lot from such a
misconfiguration anyway.
2022-10-05 12:23:47 -04:00
Jarrod Johnson
b98759698a Sync up getinstalldisk and add another m.2 model 2022-09-01 13:22:50 -04:00
Jarrod Johnson
e774add916 Set timezone on diskless boots by default
During onboot, use confluent directed timezone
info to set the timezone if the
disk image is incorrect.
2022-08-24 16:09:05 -04:00
Jarrod Johnson
fb9546cbd6 Kill redundant udevd prior to starting the root fs
Having multiple udevd produces ambiguity and confusing
2022-04-14 13:56:42 -04:00
Jarrod Johnson
79bc27bc7a Have el8 diskless systems add local repositories
This sets up local yum action by default.
2022-04-13 09:50:39 -04:00
Jarrod Johnson
9f071c1fdb Provide more details in example syncfiles 2022-01-20 14:10:30 -05:00
Jarrod Johnson
02da50af8b Tighter permissions on /var/log/confluent 2021-12-08 07:42:19 -05:00
Jarrod Johnson
77de3ab25b Apply more restrictive permissions to /var/log/confluent/
While confluent shouldn't put anything sensitive in the log, custom
content may. To mitigate the risk, it will now lock down the
log permissions.
2021-12-07 07:21:04 -05:00
Jarrod Johnson
1b21b9316c Correct variable typo in imageboot scripts 2021-12-06 09:00:44 -05:00
Jarrod Johnson
61eecd672c Add confignet to default firstboot/onboot as appropriate for el8 and
suse15
2021-11-08 16:34:26 -05:00
Jarrod Johnson
224663d0c8 Fix execution of confluent functions after run_remote_python 2021-10-29 13:50:04 -04:00
Jarrod Johnson
729408a0cb Fix run_remote aafter the cleanup was added
The removal of the temp dir needed to be linked with
whether the script was dedicated or shared tmp with a run_remote_parts.
2021-10-29 13:01:59 -04:00
Jarrod Johnson
8eb6ce0b69 Specify absolute path for mktemp
mktemp defaults to relative, to produce the correct
behavior, must be absolute template.
2021-10-25 12:03:26 -04:00
Jarrod Johnson
957679db3c Update syncfile examples and el7 support 2021-10-15 16:24:22 -04:00
Jarrod Johnson
98a6ffd9b6 Update more profiles with the APPENDONCE support 2021-10-15 16:16:11 -04:00
Jarrod Johnson
f33ed9b4d9 Cleanup after script execution
Leave cleaner tmp directories when functions are ran.
2021-10-15 12:16:48 -04:00
Jarrod Johnson
52549ec563 Fix module autoloading in diskless profiles
The initramfs has a reduced set of modules to boot and then
in diskless mode hands over to the 'real' OS for all userspace
to use the more substantial root filesystem with all of the modules.

However one exception is kernel module autoload, which induces modprobe
to run in the initial mount namespace unconditionally.

Thus, preserve the ramfs drivers (just in case) but have the autoloading
pivot
to the normal root filesystem to get the full complement of modules.
2021-10-13 11:37:48 -04:00
Jarrod Johnson
b96e9f4f70 Provide better feedback on missing key and skip tpm when not present 2021-10-12 11:39:18 -04:00
Jarrod Johnson
57f346fa4c Implement syncfiles parameters
chmod and chown as directed
by the syncfiles file if present
2021-10-08 10:27:57 -04:00
Jarrod Johnson
3b7e7afc24 Fix inconsistent handling of marginal id in syncfileclient
Also, resynchronize syncfileclient across the distributions.
2021-10-07 12:36:52 -04:00
Jarrod Johnson
6222883188 Syncronize syncfileclient for el8 diskless and diskful 2021-10-07 11:10:56 -04:00
Jarrod Johnson
d23f9db6e0 Syncronize diskfull and diskless el8 and el9 functions 2021-10-07 08:38:29 -04:00
Jarrod Johnson
6acd3c2b7d Add ability to execute functions as a command
This gives easier access over nodeshell and similar to run functions by executing the
functions as a script with arguments.
2021-09-20 08:00:35 -04:00
Jarrod Johnson
06e32c53cc Fix overly vague extraction of deploy_server
If deploy_server appears anywhere, it confuses
the scripts
2021-09-13 10:23:13 -04:00
Jarrod Johnson
1c3c54a35b Update functions to be more thorough
confluent_mgr could be ipv6 or
may need to be updated from a
link local or may need to go to copernicus data to work.
2021-09-10 11:40:17 -04:00
Jarrod Johnson
225618ef75 Add stall in firstboot for deployer to be available 2021-08-09 15:19:36 -04:00
Jarrod Johnson
4c96735b6d Add ssh to post phase of cloning 2021-07-26 13:51:36 -04:00
Jarrod Johnson
ac86961e24 Perform syncfiles on clone deployment post 2021-07-26 13:29:33 -04:00
Jarrod Johnson
6adc736450 Relocate syncfiles path to correct location 2021-07-26 13:22:31 -04:00
Jarrod Johnson
065d0585ea Make search for grub.cfg more specific
grub.cfg outside of /boot can easily exist, be more specific about where it can be.
2021-07-26 12:17:15 -04:00
Jarrod Johnson
663f8fc085 Add nodename to set_confluent_vars
It is expected that nodename would also be set.
2021-07-23 19:08:06 -04:00
Jarrod Johnson
a7b9e72589 Fixes and update umage2disk to new multipart format 2021-07-23 19:06:14 -04:00
Jarrod Johnson
9eb6f38bf1 Various fixes to imageboot.sh 2021-07-23 18:43:57 -04:00
Jarrod Johnson
1e44deecf6 Add support to retrieve private key and crypt mount diskless/cloning 2021-07-23 16:49:02 -04:00
Jarrod Johnson
1e653851fe Add syncfiles to el8 diskless 2021-07-23 16:23:15 -04:00
Jarrod Johnson
364085801a Fix apikey variable 2021-07-21 17:44:43 -04:00
Jarrod Johnson
8171d461ea Another selinux fixup
systemctl enable firstboot
produces invalid selinux context, fix aafter enabling.
2021-07-21 17:34:53 -04:00
Jarrod Johnson
3690dda177 Actually enable firstboot execution 2021-07-21 16:48:38 -04:00
Jarrod Johnson
b3fee922f9 Try to speed up selinux labelling
There's only a couple of places
where the imaging should need fixup, be more selective in relabel.
2021-07-21 13:26:31 -04:00
Jarrod Johnson
29d0dd6678 Add missing profile content for cloning 2021-07-21 12:47:43 -04:00
Jarrod Johnson
7d31e22447 Add post/firstboot to os cloning 2021-07-21 12:28:03 -04:00
Jarrod Johnson
5dfbeef79c Advance state of cloning
Have imgutil complete the capture process, splitting work
between target and repository.

Provide hook through kcmdline to induce installtodisk.

Have installimage reboot system cleanly when done.

Have new /etc/confluent in cloned system.

Hook for post scripts to execute.
2021-07-21 11:15:42 -04:00
Jarrod Johnson
55302b74d9 Have prototype cloning implemented
Go ahead and relabel all selinux content, ssh keys, grub, and efiboot entry.
2021-07-20 14:07:55 -04:00
Jarrod Johnson
22008f9dc9 Image cloning changes
Refactor and try to mask ssh
keys for root user.

Try to preserve selinux context for masked files.

Add progress indicator for writing to disk.
2021-07-19 17:30:26 -04:00
Jarrod Johnson
fada9336ee Fix swapsize float in image install
If it undergoes float arithmetic, it must be made int again.
2021-07-16 17:23:21 -04:00