2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-23 01:53:28 +00:00
Commit Graph

32 Commits

Author SHA1 Message Date
Jarrod Johnson
e774add916 Set timezone on diskless boots by default
During onboot, use confluent directed timezone
info to set the timezone if the
disk image is incorrect.
2022-08-24 16:09:05 -04:00
Jarrod Johnson
624984b1c9 Do not assume SPCR until confluent confirms text console
TIOCCONS was called for users that did not want to use serial.  This
makes the serial console delayeed when automatic, but avoids video
users from being confused.
2021-12-09 10:34:12 -05:00
Jarrod Johnson
02da50af8b Tighter permissions on /var/log/confluent 2021-12-08 07:42:19 -05:00
Jarrod Johnson
77de3ab25b Apply more restrictive permissions to /var/log/confluent/
While confluent shouldn't put anything sensitive in the log, custom
content may. To mitigate the risk, it will now lock down the
log permissions.
2021-12-07 07:21:04 -05:00
Jarrod Johnson
61eecd672c Add confignet to default firstboot/onboot as appropriate for el8 and
suse15
2021-11-08 16:34:26 -05:00
Jarrod Johnson
224663d0c8 Fix execution of confluent functions after run_remote_python 2021-10-29 13:50:04 -04:00
Jarrod Johnson
729408a0cb Fix run_remote aafter the cleanup was added
The removal of the temp dir needed to be linked with
whether the script was dedicated or shared tmp with a run_remote_parts.
2021-10-29 13:01:59 -04:00
Jarrod Johnson
8eb6ce0b69 Specify absolute path for mktemp
mktemp defaults to relative, to produce the correct
behavior, must be absolute template.
2021-10-25 12:03:26 -04:00
Jarrod Johnson
f33ed9b4d9 Cleanup after script execution
Leave cleaner tmp directories when functions are ran.
2021-10-15 12:16:48 -04:00
Jarrod Johnson
04dd374bfb Synchronize functions across the supported OSes 2021-10-15 12:10:24 -04:00
Jarrod Johnson
52549ec563 Fix module autoloading in diskless profiles
The initramfs has a reduced set of modules to boot and then
in diskless mode hands over to the 'real' OS for all userspace
to use the more substantial root filesystem with all of the modules.

However one exception is kernel module autoload, which induces modprobe
to run in the initial mount namespace unconditionally.

Thus, preserve the ramfs drivers (just in case) but have the autoloading
pivot
to the normal root filesystem to get the full complement of modules.
2021-10-13 11:37:48 -04:00
Jarrod Johnson
6acd3c2b7d Add ability to execute functions as a command
This gives easier access over nodeshell and similar to run functions by executing the
functions as a script with arguments.
2021-09-20 08:00:35 -04:00
Jarrod Johnson
06e32c53cc Fix overly vague extraction of deploy_server
If deploy_server appears anywhere, it confuses
the scripts
2021-09-13 10:23:13 -04:00
Jarrod Johnson
1c3c54a35b Update functions to be more thorough
confluent_mgr could be ipv6 or
may need to be updated from a
link local or may need to go to copernicus data to work.
2021-09-10 11:40:17 -04:00
Jarrod Johnson
0d2ecd460d Merge changes from EL8 imageboot 2021-09-02 10:17:11 -04:00
Jarrod Johnson
6c32630bd9 Fix multi-server reply processing
The stateless code could get confused by multiple offers,
fix the mistake.
2021-08-30 11:24:57 -04:00
Jarrod Johnson
ef43d91164 Have diskless environment prefer 'primary' interface too 2021-08-12 15:20:43 -04:00
Jarrod Johnson
fc22c87ce9 Fix typo in informational message 2021-08-02 16:03:37 -04:00
Jarrod Johnson
663f8fc085 Add nodename to set_confluent_vars
It is expected that nodename would also be set.
2021-07-23 19:08:06 -04:00
Jarrod Johnson
abfa2c4f7c Switch back to default curl output
The terminal size on console is a challenge.
2021-06-24 17:01:35 -04:00
Jarrod Johnson
3be73af07e Change style of download progress in curl
Use a simpler progress bar.
2021-06-24 16:46:10 -04:00
Jarrod Johnson
a2b2c8a995 Remove extraneous '/' output
Suppress output of cd -, as
it's a bit odd during boot.
2021-06-24 15:57:03 -04:00
Jarrod Johnson
c92b3aea9d Mitigate error output from extraneous handles
Unrelated handles in use will no longer result in misleading console
output.
2021-06-24 11:41:34 -04:00
Jarrod Johnson
3c41c52d77 Rework TPM usage in SUSE diskless
For one, need to detect stale
TPM value and clear them.

For another, seal to PCR 15 and extend after unlock, so that the booted
system is unable to retrieve
the data from the TPM (e.g.
a plain user by default is allowed
to unseal data if there's no
policy, so use a policy and
extend the state away before boot)
2021-06-24 11:09:37 -04:00
Jarrod Johnson
feb418ac59 Store TPM unsealed apikey in usual location 2021-06-23 17:22:18 -04:00
Jarrod Johnson
b30fabd55d Enable TPM2 on SUSE diskless for apikey
Rather than remote sealed copy, store it in the TPM2

Will convert genesis and EL diskless for this to be the new preferred
mechanism.
2021-06-23 17:01:27 -04:00
Jarrod Johnson
d86fc664e9 Handle space delimiting in nameservers
If multiple dns servers, then need to quote to preserve
the list.
2021-06-23 12:35:54 -04:00
Jarrod Johnson
6862d9e580 Correct formatting of nameserver list in suse 2021-06-23 12:26:49 -04:00
Jarrod Johnson
dc8cb1b13f Correct syntax in imageboot for suse 2021-06-23 12:24:36 -04:00
Jarrod Johnson
f10d2af59f Specify netconfig file location 2021-06-23 12:16:08 -04:00
Jarrod Johnson
172bb12885 Modify Suse diskless for suse networking
Suse doesn't use network manager, populate sysconfig
instead.
2021-06-23 12:07:13 -04:00
Jarrod Johnson
76f3537a79 Further advance SUSE15 diskless support 2021-06-22 16:18:32 -04:00