confluent

mirror of https://github.com/xcat2/confluent.git synced 2024-11-22 01:22:00 +00:00

Author	SHA1	Message	Date
Jarrod Johnson	1c4f1ae817	Try to add ntp and timezones to Ubuntu scripted install	2024-07-29 15:21:10 -04:00
Jarrod Johnson	e6dc383d25	Fix mistake in EL8/EL9 LUKS	2024-07-29 11:22:07 -04:00
Jarrod Johnson	329f2b4485	Amend cryptboot implementation for Ubuntu 22/24, EL8/EL9 Provide mechanism for administrator to place a custom key for potential interactive recovery into /var/lib/confluent/private/os/<profile>/pending/luks.key If not provided, generate a unique one for each install. Either way, persist the key in /etc/confluent/luks.key, to facilitate later resealing if the user wants (clevis nor systemd prior to 256 supports unlock via TPM2, so keyfile is required for now). Migrating to otherwise escrowed passphrases and/or sealing to specific TPMs will be left to operators and/or third parties.	2024-07-29 10:17:14 -04:00
Jarrod Johnson	bee9f18197	Tolerate / in the apikey for LUKS setup The apikey is highly likely to have a /, and so we need to use something not in the base64 alphabet as a delimiter.	2024-07-26 17:59:42 -04:00
Jarrod Johnson	1af898dcb8	Fix encryptboot on EL8/EL9	2024-07-26 17:43:51 -04:00
Jarrod Johnson	332068074d	Extend systemdecrypt hook to support Ubuntu 24.04 Ubuntu 240.4 systemd-cryptsetup now has an external dependency.	2024-07-26 16:54:58 -04:00
Jarrod Johnson	2df902e80e	Remove luks password from argv Pass the luks password by environment variable instead.	2024-07-26 14:07:54 -04:00
Jarrod Johnson	7a602f58b2	Fixes for ubuntu profile tpm support	2024-07-26 13:47:13 -04:00
Jarrod Johnson	c563f48c71	Fix assignment of lukspass variable.	2024-07-26 12:30:41 -04:00
Jarrod Johnson	c1747ad24c	Correct spelling of key for luks check	2024-07-26 11:54:10 -04:00
Jarrod Johnson	1ddf735590	Fix omitted argument to addcrypt	2024-07-26 11:50:53 -04:00
Jarrod Johnson	f482d2ead9	Amend crypt hook check The comment was changed, check for password instead.	2024-07-26 11:35:49 -04:00
Jarrod Johnson	58ee85f39e	Rework Ubuntu addcrypt support The comment based hook is destroyed during early install process. Use python to manipulate the autoinstall file in a more sophisticated way. Also refactor the initramfs hook material to be standalone files.	2024-07-26 11:33:01 -04:00
Jarrod Johnson	1d6009a2f2	Switch to using systemd-cryptenroll The design more cleanly uses luks slot, but requires providing initramfs hooks. Those hooks are provided now.	2024-07-26 10:33:38 -04:00
Jarrod Johnson	0f955cd068	Begin work on a cryptboot support for ubuntu Start implementing a tpm2-initramfs-tool based approach. This requires a bit of an odd transition as the PCR 7 is likely to change between the install phase and the boot phase, so we have to select different PCRs, but that requires an argument to pass that crypttab does not support.	2024-07-25 11:24:41 -04:00
Jarrod Johnson	c3e918fc5f	Fix mistake in untethered support	2024-07-25 09:42:24 -04:00
Jarrod Johnson	714fefe31b	Fix unethered boot for ubuntu	2024-07-24 14:41:39 -04:00
Jarrod Johnson	a94b9235e8	Tighten umask on confignet to avoid ubuntu warnings	2024-07-23 10:14:32 -04:00
Jarrod Johnson	bb04faed04	Explicitly request bash under ubuntu, which tends to use dash	2024-07-23 10:01:53 -04:00
Jarrod Johnson	33ed1a5e64	Add onboot for ubuntu diskless	2024-07-23 09:32:20 -04:00
Jarrod Johnson	294ef8e88c	Fix for IB diskless boot to install clone The infiniband section must be defined for the OS to use the IB link. If it is missing then networking does not come up during firstboot. Fix this by having an inifiniband section including explicitly declaring use of datagram mode. This should suffice for all install use cases, and may be changed after firstboot starts.	2024-07-19 09:28:29 -04:00
Markus Hilger	b4a33b8102	Fix EL stateful install Sometimes stateful install can fail if vgchange -a n is run after dd. Use wipefs instead and fix order of both commands. Furthermore, use the $INSALLDISK variable.	2024-07-18 17:35:39 +02:00
Jarrod Johnson	8c193fe33f	Fix issues with firstboot on Ubuntu 22+	2024-07-12 15:30:47 -04:00
Jarrod Johnson	bc624d9360	Fix Ubuntu 24.04 network bring up Ubuntu 24.04 does not check conf files in /run before assuming dhcp anymore. Influence its logic to skip dhcp if we have static for it	2024-07-12 15:15:56 -04:00
Jarrod Johnson	dde6ceadfb	Allow local ISO to proceed if detected with Ubuntu	2024-07-03 14:36:54 -04:00
Jarrod Johnson	162e4d1d1e	Add retry logic for the el8 identity image support This allows slow linking interfaces to come up rather than being missed	2024-06-15 15:43:13 -04:00
Jarrod Johnson	8e407cb96e	Correct mistake with confluent uuid copy-in in copernicus	2024-06-14 11:21:46 -04:00
Jarrod Johnson	663b320868	Add more bounds checking in copernicus	2024-06-07 12:43:15 -04:00
Jarrod Johnson	517242df47	Avoid double run of driver disk content	2024-06-07 11:36:39 -04:00
Jarrod Johnson	c6adf8175a	Try processing driver disks before udevadm invocation	2024-06-07 11:03:00 -04:00
Jarrod Johnson	010c8a0a23	Amend EL network bringup One issue is that there are multiple networkmanager connections, clean this up, though this seems not to be a functional issue. However, sometimes the lldpad usage screws up network configuration, disable the facility by forcibly disabling fcoe sincec that is what triggers lldpad. wq	2024-05-22 15:45:24 -04:00
Jarrod Johnson	172c57c6f1	Fix media location search for EL8 EL8 distributions marked the 'OS' as dracut, workaround by trying to use PRETTY_NAME	2024-05-15 12:29:32 -04:00
Jarrod Johnson	d0e73c887b	Load firewall before esxi installation begins Parts of esxi install depend on firewall running. When we are done with 'odd' networking, restore firewall to meet that expectation.	2024-05-07 10:06:57 -04:00
Jarrod Johnson	86e612b4bf	Move anaconda netroot to not be specified in media sourced When sourcing from media, do not trigger anaconda netroot behavior.	2024-04-22 12:47:52 -04:00
Jarrod Johnson	6f2be355ef	Source from "local" media if present Some environments may want to load the bulk of the media via USB rather than over the network. This prefers that source if that scheme is detected.	2024-04-22 11:32:27 -04:00
Jarrod Johnson	0d3e2cee6c	Merge pull request #146 from tkucherera-lenovo/sample-postscrits sample post scripts directory	2024-04-16 09:14:56 -04:00
tkucherera	3b55f500ce	sample post scripts directory	2024-04-16 03:16:15 -04:00
Jarrod Johnson	1da27083cc	Another cleanup of syncfileclient output	2024-04-09 15:08:56 -04:00
Jarrod Johnson	67b3c48dc9	Clean up error output on syncfileclient execution	2024-04-09 14:58:38 -04:00
Jarrod Johnson	02f301b5d0	Fix mistakes in syncfileclient change	2024-04-09 13:41:27 -04:00
Jarrod Johnson	f68f9f4693	Make syncfile step robust or pause If syncfiles fails, keep it retrying. Also, slow down sync checking to avoid hammering the system. Further, randomized delay to spread highly synchronized requestors. Block attempts to do multiple concurrent syncfile runs.	2024-04-09 11:07:11 -04:00
Jarrod Johnson	f7a2e51f9c	fstab fixup for hyphenated lvm vg names	2024-03-26 10:31:29 -04:00
Jarrod Johnson	559e88b144	Correct vgname for hyphenated node names	2024-03-19 09:41:20 -04:00
Jarrod Johnson	5f801e6683	Correct syntax error in ubuntu arm profile init	2024-03-18 12:45:25 -04:00
Jarrod Johnson	7a6b03097b	Fixup Ubuntu 22 ARM support	2024-03-18 12:24:25 -04:00
Jarrod Johnson	6502573d90	Bring ubuntu 22 versions of firstboot and post to 20	2024-03-18 09:15:11 -04:00
Jarrod Johnson	3dd09b95e4	Fix Ubuntu 20 pre script to match 22	2024-03-18 09:13:53 -04:00
Jarrod Johnson	a595d31e94	Explicitly invoke bash for ubuntu post Ubuntu really tries to use non-bash, explicitly use bash when we need it.	2024-03-18 08:56:06 -04:00
Jarrod Johnson	60fe306890	Numerous fixes Normalize cloning by wipefs prior to image2disk Have imgutil filter out zram mounts. Fix syncfiles error handling.	2024-03-15 13:03:46 -04:00
Jarrod Johnson	bd2288ccb7	Ensure preservation of " if rename fails If ent would swallow a ", make sure to put it back.	2024-03-15 12:29:37 -04:00

1 2 3 4 5 ...

893 Commits