Jarrod Johnson
55302b74d9
Have prototype cloning implemented
...
Go ahead and relabel all selinux content, ssh keys, grub, and efiboot entry.
2021-07-20 14:07:55 -04:00
Jarrod Johnson
22008f9dc9
Image cloning changes
...
Refactor and try to mask ssh
keys for root user.
Try to preserve selinux context for masked files.
Add progress indicator for writing to disk.
2021-07-19 17:30:26 -04:00
Jarrod Johnson
da44738e00
Generalize more of an OS on capture
...
/etc/fstab, hostname, and networnk-scripts are masked
for the image.
2021-07-15 17:30:50 -04:00
Jarrod Johnson
46c0852b6f
Add more non-json data to image format
2021-07-15 12:38:50 -04:00
Jarrod Johnson
e3bd1d6cac
Correct format of confluent multipart magic
2021-07-15 11:24:49 -04:00
Jarrod Johnson
85643d82e8
Add losetup to el8 stateless
...
For multipart support, need to manually
set up loop mount and dmsetup.
2021-07-15 10:45:38 -04:00
Jarrod Johnson
7e07ec96a2
Combine json and images into a single multi-part file
...
This will facilitate urlmount use for mounting without
downloading.
2021-07-15 09:12:17 -04:00
Jarrod Johnson
eb3dd0f10a
Begin work on imgutil capture
...
Provide mechanism to capture for cloning purposes.
2021-07-14 17:36:55 -04:00
Jarrod Johnson
f830514d10
Implement support for additional pam prompts
...
For example, if PAM has OTP, then support it.
2021-06-25 17:26:32 -04:00
Jarrod Johnson
c19ae8a451
Add tpm2 tools to genesis
...
Follow the design of the stateless usage of TPM
2021-06-24 13:20:47 -04:00
Jarrod Johnson
a8e152cc4a
Switch TPM strategy on RedHat diskless
...
Switch to thte same approach as used in suse:
-Try to unseal any persistent handles
-If that works, try to use it on network
-If it didn't work, clear that handle
-When an api key is retrieved, then seal it to pcr 15
-When it's all done, extend pcr15 to prevent the OS from being able to
unseal
2021-06-24 12:04:10 -04:00
Jarrod Johnson
5be4a5ab73
Add missing TPM utilities to suse boot
2021-06-24 11:22:41 -04:00
Jarrod Johnson
ee5ea4263f
Add curl to suse15 pkglist
2021-06-23 17:16:13 -04:00
Jarrod Johnson
b30fabd55d
Enable TPM2 on SUSE diskless for apikey
...
Rather than remote sealed copy, store it in the TPM2
Will convert genesis and EL diskless for this to be the new preferred
mechanism.
2021-06-23 17:01:27 -04:00
Jarrod Johnson
4445b8cc78
Fix name resolution for suse hosts/containers
...
Suse uses a strategy with symlinks, adapt
the resolv.conf target based on findings from
symlink chasing.
2021-06-23 11:49:16 -04:00
Jarrod Johnson
b2fa2d92c5
Correct formatting mistake in os profile label in diskless
2021-06-23 11:32:43 -04:00
Jarrod Johnson
23231e2b75
Have Suse15 diskless prep initrd and enable sshd
2021-06-22 16:59:12 -04:00
Jarrod Johnson
9ad5f52eed
Package up suse diskless support
2021-06-22 16:37:04 -04:00
Jarrod Johnson
76f3537a79
Further advance SUSE15 diskless support
2021-06-22 16:18:32 -04:00
Jarrod Johnson
b26b46dc41
Crate dracut module for suse15
2021-06-22 14:49:15 -04:00
Jarrod Johnson
deec9b111a
Initial phase of suse diskless support
2021-06-22 14:29:28 -04:00
Jarrod Johnson
f0693f6ee5
Correct typo in imgutil
2021-06-15 13:45:27 -04:00
Jarrod Johnson
84634afc9c
Improve imgutil brevity
...
Allow it to take only the basename and
default to likely /var/lib/confluent locations
Draft work on tab completion for imgutil.
Technically the tab completion should be in the imgutil package,
but for now bundle with server.
2021-06-15 13:30:30 -04:00
Jarrod Johnson
5621d48ffa
Fix syntax error with new check
2021-06-15 12:23:45 -04:00
Jarrod Johnson
55a4211e71
Fix imgutil volume mounting
2021-06-15 12:12:27 -04:00
Jarrod Johnson
dee03e1359
Attempt to updateboot at end of pack
2021-06-15 08:41:33 -04:00
Jarrod Johnson
1d8d0699bc
Fix ability to copy profiles during pack
2021-06-15 08:11:31 -04:00
Jarrod Johnson
62ac393721
Fix imgutil profile path and osdeploy diskless layout
2021-06-15 08:00:09 -04:00
Jarrod Johnson
e6550d8160
Fix use of label in profile.yaml
2021-06-14 16:55:32 -04:00
Jarrod Johnson
0079e5c437
Change imgutil packaging and pkglist path
2021-06-14 16:46:23 -04:00
Jarrod Johnson
cce2c6d6db
Add missing Release and remove stale binaries from git
2021-06-14 16:16:19 -04:00
Jarrod Johnson
e32e40f451
Correct build script typo
2021-06-14 16:14:13 -04:00
Jarrod Johnson
e50423881d
Correct spec name in imgutil build script
2021-06-14 16:12:43 -04:00
Jarrod Johnson
82b94e3ff9
Add build script for imgutil
2021-06-14 16:12:01 -04:00
Jarrod Johnson
cb4b8ab06f
First pass at packaging imgutil
2021-06-14 16:02:52 -04:00
Jarrod Johnson
ac2474f43e
Attempt to fixup ownership, if applicable on the output
2021-06-14 15:17:54 -04:00
Jarrod Johnson
e678ca24f9
Attempt to pull in osdeploy profile information
2021-06-14 14:59:59 -04:00
Jarrod Johnson
99a42af907
Add zram module to stateless images
2021-06-14 14:31:57 -04:00
Jarrod Johnson
24d33256ca
Fix typo in dracut configuration
2021-06-14 13:45:44 -04:00
Jarrod Johnson
334ec3a74f
Refactor for multi-os support and improve initramfs experience
...
Organize el8 specific content to separate spaces for future
development of other OS support
Also, make the diskless initramfs a natural result of
dracut activity, so that normal rpm updates and oob driver
installs produce the expected initramfs without further
intervention.
2021-06-14 13:09:25 -04:00
Jarrod Johnson
261def8de2
Rename and refactor imgutil to separate rpm
2021-06-14 07:39:01 -04:00