diff options
| author |   Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2019-06-10 15:19:27 +0200 |
|---|---|---|
| committer | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2019-06-28 15:11:46 +0200 |
| commit | 5440500624a503b3f91852cd17089aab76afe806 (patch) | |
| tree | 29ee9c6efe6d9879c34271c60471765099f63474 | |
| parent | f50cd4f58b2971c07c1ad37dbb4ebbf044ab1dc6 (diff) | |
[iec] Add basic CentOS support (virtual only)
- reclass: iec: CentOS compatibility changes:
* drop `proto: static` in favor of letting the linux formula set
the appropiate default based on target OS;
* replace `proto: manual` with `proto: none` on RHEL systems;
* system.file: Avoid using non-existing `shadow` group for system
files;
* load br_netfilter kernel module to avoid `linux.network` state
failures;
* disable `at`, `cron` due to incomplete defaults in
salt-formula-linux (since we don't use them on iec nodes anyway);
- jumpserver/VCP VMs: centos: enable predictable interface names:
* CentOS cloud image defaults to old 'eth' naming scheme;
* add necessary kernel boot options via linux state;
* cleanup auto-generated udev rules for old eth interface names;
- salt-formula-linux: network: RHEL: Set bridge for member interfaces
* Find the bridge containing the interface being currently
configured (if any) and pass it to the `network.managed` Salt call;
- deploy.sh: Add new deploy argument `-o` for specifying the operating
system to preinstall on jumpserver and/or VCP VMs;
* defaults to 'ubuntu1604';
* only iec scenarios will also support 'centos' for now;
- user-data: minor tweaks for CentOS compatability:
* use `systemctl` instead of `service` utility;
* explicitly enable `salt-minion` service, since it defaults to
disabled on RHEL systems;
* explicitly call `ldconfig` to work around stale cache on RHEL,
preventing `salt-minion` from using OpenSSL library;
- states: virtual_init: Skip non-existing sysctl options on CentOS:
* CentOS currently uses a 3.x kernel which lacks certain sysctl
options that were only introduced in 4.x kernels, so skip them;
- state: akraino_iec: Add centos support:
* move iec repo to `/var/lib/akraino/iec` on both Salt Master and
cluster nodes;
- scenario defaults: Add CentOS configuration:
* OS-dependent configuration split;
* CentOS base image, default packages etc.;
- AArch64 deploy requirements: Add `xz` dependency
* CentOS AArch64 cloud image is archived using xz, install xz tools
for decompression;
- xdf_data: Make yaml parsing OS agnostic:
* rename `apt` to `repo` where appropiate;
* OS-dependent configuration parsing;
- lib_jump_deploy: CentOS handling changes:
* skip filesystem resize of cloud image for CentOS;
* add repo handling, package intallation/removal handling for CentOS;
* unxz base image if necessary (CentOS AArch64 cloud image);
Change-Id: Ic3538bacd53198701ff4ef77db62218eabc662e7
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
| -rwxr-xr-x | ci/deploy.sh | 15 | ||||
| -rw-r--r-- | mcp/config/scenario/defaults.yaml.j2 | 117 | ||||
| -rwxr-xr-x | mcp/config/states/akraino_iec | 18 | ||||
| -rwxr-xr-x | mcp/config/states/virtual_init | 6 | ||||
| -rw-r--r-- | mcp/patches/salt-formula-linux/0005-network-RHEL-Set-bridge-for-member-interfaces.patch | 44 | ||||
| -rw-r--r-- | mcp/reclass/classes/cluster/mcp-iec-noha/akraino/iec.yml.j2 | 40 | ||||
| -rw-r--r-- | mcp/scripts/lib_jump_deploy.sh | 69 | ||||
| m--------- | mcp/scripts/pharos | 0 | ||||
| -rw-r--r-- | mcp/scripts/requirements_deb.yaml | 2 | ||||
| -rw-r--r-- | mcp/scripts/requirements_rpm.yaml | 2 | ||||
| -rw-r--r-- | mcp/scripts/user-data.sh.j2 | 7 | ||||
| -rw-r--r-- | mcp/scripts/xdf_data.sh.j2 | 14 |
12 files changed, 252 insertions, 82 deletions
diff --git a/ci/deploy.sh b/ci/deploy.sh index a657f7610..7443753a7 100755 --- a/ci/deploy.sh +++ b/ci/deploy.sh @@ -38,7 +38,8 @@ $(notify "USAGE:" 2) $(basename "$0") -l lab-name -p pod-name -s deploy-scenario \\ [-b Lab Config Base URI] \\ [-S storage-dir] [-L /path/to/log/file.tar.gz] \\ - [-f] [-F[F]] [-e[e] | -E[E]] [-d] [-D] [-N] [-m] + [-f] [-F[F]] [-e[e] | -E[E]] [-d] [-D] [-N] [-m] \\ + [-o operating-system] $(notify "OPTIONS:" 2) -b Base-uri for the stack-configuration structure @@ -51,6 +52,7 @@ $(notify "OPTIONS:" 2) -h Print this message and exit -l Lab-name -p Pod-name + -o Use specified operating system for jumpserver/VCP VMs -P Skip installation of package dependencies -s Deploy-scenario short-name -S Storage dir for VM images and other deploy artifacts @@ -101,6 +103,9 @@ $(notify_i "Input parameters to the build script are:" 2) single guest CPU socket. -N Experimental: Instead of virtualizing the control plane (VCP), deploy control plane directly on baremetal nodes +-o Operating system to be preinstalled on jumpserver VMs (for virtual/hybrid + deployments) and/or VCP VMs (for baremetal deployments). + Defaults to 'ubuntu1604' (Xenial). -P Skip installing dependency distro packages on current host This flag should only be used if you have kept back older packages that would be upgraded and that is undesirable on the current system. @@ -148,6 +153,7 @@ ERASE_ENV=${ERASE_ENV:-0} MCP_VCP=${MCP_VCP:-1} MCP_DOCKER_TAG=${MCP_DOCKER_TAG:-${DEF_DOCKER_TAG}} MCP_CMP_SS=${MCP_CMP_SS:-0} +MCP_OS=${MCP_OS:-ubuntu1604} source "${DEPLOY_DIR}/globals.sh" source "${DEPLOY_DIR}/lib.sh" @@ -163,7 +169,7 @@ source "${DEPLOY_DIR}/lib_jump_deploy.sh" # BEGIN of main # set +x -while getopts "b:dDfEFl:L:Np:Ps:S:he" OPTION +while getopts "b:dDfEFl:L:No:p:Ps:S:he" OPTION do case $OPTION in b) @@ -201,6 +207,9 @@ do N) MCP_VCP=0 ;; + o) + MCP_OS=${OPTARG} + ;; p) TARGET_POD=${OPTARG} ;; @@ -285,7 +294,7 @@ export MAAS_SSH_KEY="$(cat "$(basename "${SSH_KEY}").pub")" [[ "${DEPLOY_SCENARIO}" =~ -ha$ ]] || MCP_VCP=0 export MCP_REPO_ROOT_PATH MCP_VCP MCP_STORAGE_DIR MCP_DOCKER_TAG MCP_CMP_SS \ MCP_JUMP_ARCH=$(uname -i) MCP_DEPLOY_SCENARIO="${DEPLOY_SCENARIO}" \ - MCP_NO_DEPLOY_ENVIRONMENT + MCP_NO_DEPLOY_ENVIRONMENT MCP_OS do_templates_scenario "${MCP_STORAGE_DIR}" "${TARGET_LAB}" "${TARGET_POD}" \ "${BASE_CONFIG_URI}" "${SCENARIO_DIR}" \ "${SCENARIO_DIR}/${DEPLOY_SCENARIO}.yaml" diff --git a/mcp/config/scenario/defaults.yaml.j2 b/mcp/config/scenario/defaults.yaml.j2 index 3ea639bc3..5a9b4fd80 100644 --- a/mcp/config/scenario/defaults.yaml.j2 +++ b/mcp/config/scenario/defaults.yaml.j2 @@ -8,7 +8,6 @@ {%- import 'net_map.j2' as nm with context %} --- x86_64: - base_image: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img default: disks: 100G # ';'-separated list of disk drives to create vcpus: 4 @@ -23,47 +22,87 @@ x86_64: - virtual_control_plane {%- endif %} {%- endif %} - common: - apt: - keys: - - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/SALTSTACK-GPG-KEY.pub - repos: - # <repo name> <repo prio> deb [arch=<arch>] <repo url> <repo dist> <repo comp> - - saltstack 500 deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7 xenial main - pkg: - install: - - linux-generic-hwe-16.04 - - salt-minion - control: - apt: ~ - pkg: - install: - - cloud-init + ubuntu1604: + base_image: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img + common: + repo: + keys: + - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/SALTSTACK-GPG-KEY.pub + repos: + # <repo name> <repo prio> deb [arch=<arch>] <repo url> <repo dist> <repo comp> + - saltstack 500 deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7 xenial main + pkg: + install: + - linux-generic-hwe-16.04 + - salt-minion + control: + repo: ~ + pkg: + install: + - cloud-init + centos7: + base_image: https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 + common: + repo: + keys: + - https://repo.saltstack.com/yum/redhat/$releasever/x86_64/2017.7/SALTSTACK-GPG-KEY.pub + repos: + # <repo name> <repo prio> rpm <repo url> + - saltstack 0 rpm https://repo.saltstack.com/yum/redhat/$releasever/x86_64/2017.7 + pkg: + install: + - salt-minion + - epel-release + control: + repo: ~ + pkg: + install: + - cloud-init aarch64: - base_image: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-arm64-uefi1.img default: disks: 100G # ';'-separated list of disk drives to create vcpus: 6 ram: 4096 cluster: *arch_default_cluster_states - common: - apt: - keys: - - https://linux.enea.com/mcp-repos/rocky/xenial/archive-mcprocky.key - - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/SALTSTACK-GPG-KEY.pub - repos: - # <repo name> <repo prio> deb [arch=<arch>] <repo url> <repo dist> <repo comp> - - saltstack 500 deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7 xenial main - - armband_3 1201 deb [arch=arm64] http://linux.enea.com/mcp-repos/rocky/xenial rocky-armband main - pkg: - install: -{%- if '-iec-' in conf.MCP_DEPLOY_SCENARIO %} - - linux-generic-hwe-16.04 -{%- endif %} - - python-futures - - salt-minion - control: - apt: ~ - pkg: - install: - - cloud-init + ubuntu1604: + base_image: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-arm64-uefi1.img + common: + apt: + keys: + - https://linux.enea.com/mcp-repos/rocky/xenial/archive-mcprocky.key + - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/SALTSTACK-GPG-KEY.pub + repos: + # <repo name> <repo prio> deb [arch=<arch>] <repo url> <repo dist> <repo comp> + - saltstack 500 deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7 xenial main + - armband_3 1201 deb [arch=arm64] http://linux.enea.com/mcp-repos/rocky/xenial rocky-armband main + pkg: + install: + {%- if '-iec-' in conf.MCP_DEPLOY_SCENARIO %} + - linux-generic-hwe-16.04 + {%- endif %} + - python-futures + - salt-minion + control: + apt: ~ + pkg: + install: + - cloud-init + centos7: + base_image: https://cloud.centos.org/altarch/7/images/aarch64/CentOS-7-aarch64-GenericCloud.qcow2.xz + common: + repo: + keys: + - https://repo.saltstack.com/yum/redhat/$releasever/x86_64/2017.7/SALTSTACK-GPG-KEY.pub + repos: + # <repo name> <repo prio> rpm <repo url> + - openstack-rocky 0 rpm http://mirror.centos.org/altarch/$releasever/cloud/aarch64/openstack-rocky + - saltstack 0 rpm https://repo.saltstack.com/yum/redhat/$releasever/x86_64/2017.7 + pkg: + install: + - salt-minion + - epel-release + control: + repo: ~ + pkg: + install: + - cloud-init diff --git a/mcp/config/states/akraino_iec b/mcp/config/states/akraino_iec index 4e30ca582..e61ca9451 100755 --- a/mcp/config/states/akraino_iec +++ b/mcp/config/states/akraino_iec @@ -1,4 +1,5 @@ #!/bin/bash -e +# shellcheck disable=SC1090 ############################################################################## # Copyright (c) 2019 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials @@ -9,18 +10,25 @@ CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x -# shellcheck disable=SC1090 source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/lib.sh" +source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/xdf_data.sh" IEC_REPO_URI='https://gerrit.akraino.org/r/iec' -IEC_USER='ubuntu' -# shellcheck disable=SC2016 -IEC_REPO_PATH=$(su - "${IEC_USER}" -c 'echo ${HOME}/iec') +IEC_USER_L='ubuntu' +# shellcheck disable=SC2154 +if [[ "${base_image}" =~ centos ]]; then + IEC_USER='centos' +else + IEC_USER=${IEC_USER_L} +fi +IEC_REPO_PATH=/var/lib/akraino/iec IEC_SCRIPTS_PATH="${IEC_REPO_PATH}/src/foundation/scripts" POD_NETWORK_CIDR='100.100.0.0/16' # Avoid overlapping Fuel's PXE/admin net -[ -e "${IEC_REPO_PATH}" ] || su - "${IEC_USER}" -c \ +# shellcheck disable=SC2174 +mkdir -p -m 777 "$(dirname ${IEC_REPO_PATH})" +[ -e "${IEC_REPO_PATH}" ] || su - "${IEC_USER_L}" -c \ "git clone '${IEC_REPO_URI}' '${IEC_REPO_PATH}'" # shellcheck disable=SC2086 wait_for 3.0 "! salt-cp 'iec*' -C '${IEC_REPO_PATH}/' \ diff --git a/mcp/config/states/virtual_init b/mcp/config/states/virtual_init index 38a141a3e..77f4f5494 100755 --- a/mcp/config/states/virtual_init +++ b/mcp/config/states/virtual_init @@ -31,7 +31,11 @@ wait_for 3.0 "(for n in ${LOCAL_VIRT_NODES}; do salt -C \${n}.* test.ping || exi wait_for 3.0 "salt -C 'E@^(${NODE_MASK}).*' saltutil.sync_all" [[ ! "${NODE_MASK}" =~ mas01 ]] || exit 0 -wait_for 3.0 "salt -C 'E@^(${NODE_MASK}).*' state.sls linux" +if [[ "${base_image}" =~ centos ]]; then + # CentOS uses an older kernel, skip non-existing sysctl options + EXCLUDE_IDS="exclude='[{id: linux_kernel_net.core.netdev_budget_usecs}]'" +fi +wait_for 3.0 "salt -C 'E@^(${NODE_MASK}).*' state.sls linux ${EXCLUDE_IDS}" salt -C "E@^(${NODE_MASK}).*" cmd.run 'reboot' wait_for 90.0 "salt -C 'E@^(${NODE_MASK}).*' test.ping" diff --git a/mcp/patches/salt-formula-linux/0005-network-RHEL-Set-bridge-for-member-interfaces.patch b/mcp/patches/salt-formula-linux/0005-network-RHEL-Set-bridge-for-member-interfaces.patch new file mode 100644 index 000000000..67004601c --- /dev/null +++ b/mcp/patches/salt-formula-linux/0005-network-RHEL-Set-bridge-for-member-interfaces.patch @@ -0,0 +1,44 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Tue, 11 Jun 2019 03:57:29 +0200 +Subject: [PATCH] network: RHEL: Set bridge for member interfaces + +For RHEL, bridge member interfaces need to be passed down the +bridge name, so lookup all bridges, find the one containing the +current interface (if any) and use it when calling +`network.managed`. + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + linux/network/interface.sls | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/linux/network/interface.sls b/linux/network/interface.sls +index 11db5be..ccac6d7 100644 +--- a/linux/network/interface.sls ++++ b/linux/network/interface.sls +@@ -303,6 +303,17 @@ linux_interface_{{ interface_name }}: + - cmd: ovs_port_up_{{ network }} + {%- endfor %} + {%- endif %} ++ {%- if grains.os_family == 'RedHat' %} ++ {%- set br_todo = [] %} ++ {%- for br_name, br_info in network.interface.items() %} ++ {%- if br_info.type == 'bridge' and interface_name in br_info.get('use_interfaces', []) %} ++ {%- do br_todo.append(br_info.get('name', br_name)) %} ++ {%- endif %} ++ {%- endfor %} ++ {%- if br_todo %} ++ - bridge: {{ br_todo | first }} ++ {%- endif %} ++ {%- endif %} + {%- if interface.type == 'bridge' %} + - bridge: {{ interface_name }} + - delay: 0 diff --git a/mcp/reclass/classes/cluster/mcp-iec-noha/akraino/iec.yml.j2 b/mcp/reclass/classes/cluster/mcp-iec-noha/akraino/iec.yml.j2 index d3e6b6673..ccd378b73 100644 --- a/mcp/reclass/classes/cluster/mcp-iec-noha/akraino/iec.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-iec-noha/akraino/iec.yml.j2 @@ -32,12 +32,40 @@ parameters: single_nic: {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }} {%- endif %} linux: +{%- if 'centos' not in conf.MCP_OS %} +{%- set proto_manual = 'manual' %} +{%- else %} +{%- set proto_manual = 'none' %} + system: + file: + /etc/gshadow: + group: root + /etc/shadow: + group: root + /etc/udev/rules.d/70-persistent-net.rules: + contents: '' +{%- if conf.nodes[nm.ctl01.idx].node.arch == 'aarch64' %} + /etc/modprobe.d/vfat.conf: + contents: '' + /boot/efi/EFI/centos/grub.cfg: + source: /boot/grub2/grub.cfg +{%- endif %} + kernel: + boot_options: + - net.ifnames=1 + - biosdevname=1 + modules: + - br_netfilter + at: + enabled: False + cron: + enabled: False +{%- endif %} network: interface: pxe_admin_int: enabled: true name: ${_param:pxe_admin_interface} - proto: static type: eth address: ${_param:pxe_admin_address} netmask: ${_param:opnfv_net_admin_mask} @@ -49,28 +77,27 @@ parameters: {%- do nics.pop(nm.ctl01.nic_admin) %} {%- endif %} -{{ ma.linux_network_interfaces_nic(nics) }} +{{ ma.linux_network_interfaces_nic(nics, proto_manual) }} -{{ ma.linux_network_interfaces_vlan(vlans) }} +{{ ma.linux_network_interfaces_vlan(vlans, proto_manual) }} {%- if '-vcp-' in conf.MCP_DEPLOY_SCENARIO %} single: enabled: true type: eth - proto: manual + proto: {{ proto_manual }} name: ${_param:single_nic} mtu: ${_param:interface_mtu} external: enabled: true type: eth - proto: manual + proto: {{ proto_manual }} name: ${_param:external_nic} mtu: ${_param:interface_mtu} {%- endif %} br-ctl: enabled: true type: bridge - proto: static address: ${_param:single_address} netmask: ${_param:opnfv_net_mgmt_mask} noifupdown: true @@ -80,7 +107,6 @@ parameters: br-ex: enabled: true type: bridge - proto: static address: ${_param:external_address} netmask: ${_param:opnfv_net_public_mask} noifupdown: true diff --git a/mcp/scripts/lib_jump_deploy.sh b/mcp/scripts/lib_jump_deploy.sh index a8444b8cf..937071001 100644 --- a/mcp/scripts/lib_jump_deploy.sh +++ b/mcp/scripts/lib_jump_deploy.sh @@ -104,7 +104,7 @@ function __kernel_modules { function __mount_image { local image=$1 local image_dir=$2 - OPNFV_MNT_DIR="${image_dir}/ubuntu" + OPNFV_MNT_DIR="${image_dir}/mnt" # Find free nbd, loop devices for dev in '/sys/class/block/nbd'*; do @@ -117,7 +117,8 @@ function __mount_image { OPNFV_MAP_DEV=/dev/mapper/$(basename "${OPNFV_NBD_DEV}")p1 export OPNFV_MNT_DIR OPNFV_LOOP_DEV [ -n "${OPNFV_NBD_DEV}" ] && [ -n "${OPNFV_LOOP_DEV}" ] || exit 1 - qemu-img resize "${image_dir}/${image}" 3G + [[ "${MCP_OS:-}" =~ centos ]] || \ + qemu-img resize "${image_dir}/${image}" 3G sudo qemu-nbd --connect="${OPNFV_NBD_DEV}" --aio=native --cache=none \ "${image_dir}/${image}" sudo kpartx -av "${OPNFV_NBD_DEV}" @@ -131,15 +132,28 @@ function __mount_image { sleep 5 # /dev/nbdNp1 takes some time to come up fi sudo partx -d "${OPNFV_NBD_DEV}" - # grub-update does not like /dev/nbd*, so use a loop device to work around it - sudo losetup "${OPNFV_LOOP_DEV}" "${OPNFV_MAP_DEV}" mkdir -p "${OPNFV_MNT_DIR}" - sudo mount "${OPNFV_LOOP_DEV}" "${OPNFV_MNT_DIR}" + if [ "$(uname -i)" = "aarch64" ] && [[ "${MCP_OS:-}" =~ centos ]]; then + # AArch64 CentOS cloud image contains a broken shim binary + # https://bugzilla.redhat.com/show_bug.cgi?id=1527283 + sudo mount "${OPNFV_MAP_DEV}" "${OPNFV_MNT_DIR}" + sudo cp -f --remove-destination "${OPNFV_MNT_DIR}/EFI/BOOT/fbaa64.efi" \ + "${OPNFV_MNT_DIR}/EFI/BOOT/BOOTAA64.EFI" + sudo umount -l "${OPNFV_MNT_DIR}" + # AArch64 CentOS cloud image has root partition at index 4 instead of 1 + sudo mount "${OPNFV_MAP_DEV/p1/p4}" "${OPNFV_MNT_DIR}" + sudo sed -i -e 's/^\(SELINUX\)=.*$/\1=permissive/g' \ + "${OPNFV_MNT_DIR}/etc/selinux/config" + else + # grub-update does not like /dev/nbd*, so use a loop device to work around it + sudo losetup "${OPNFV_LOOP_DEV}" "${OPNFV_MAP_DEV}" + sudo mount "${OPNFV_LOOP_DEV}" "${OPNFV_MNT_DIR}" + fi sudo mount -t proc proc "${OPNFV_MNT_DIR}/proc" sudo mount -t sysfs sys "${OPNFV_MNT_DIR}/sys" sudo mount -o bind /dev "${OPNFV_MNT_DIR}/dev" - sudo mkdir -p "${OPNFV_MNT_DIR}/run/resolvconf" - sudo cp /etc/resolv.conf "${OPNFV_MNT_DIR}/run/resolvconf" + sudo cp -f --remove-destination \ + /etc/resolv.conf "${OPNFV_MNT_DIR}/etc/resolv.conf" echo "GRUB_DISABLE_OS_PROBER=true" | \ sudo tee -a "${OPNFV_MNT_DIR}/etc/default/grub" sudo sed -i -e 's/^\(GRUB_TIMEOUT\)=.*$/\1=1/g' -e 's/^GRUB_HIDDEN.*$//g' \ @@ -153,8 +167,10 @@ function __apt_repos_pkgs_image { local pkgs_r=(${4//,/ }) [ -n "${OPNFV_MNT_DIR}" ] || exit 1 + # NOTE: We don't support (yet) some features for non-APT repos: keys, prio + # APT keys - if [ "${#apt_key_urls[@]}" -gt 0 ]; then + if [[ "${MCP_OS:-}" =~ ubuntu ]] && [ "${#apt_key_urls[@]}" -gt 0 ]; then for apt_key in "${apt_key_urls[@]}"; do sudo chroot "${OPNFV_MNT_DIR}" /bin/bash -c \ "wget -qO - '${apt_key}' | apt-key add -" @@ -164,6 +180,16 @@ function __apt_repos_pkgs_image { for repo_line in "${all_repos[@]}"; do # <repo_name>|<repo prio>|deb|[arch=<arch>]|<repo url>|<dist>|<repo comp> local repo=(${repo_line//|/ }) + + if [[ "${MCP_OS:-}" =~ centos ]]; then + cat <<-EOF | sudo tee "${OPNFV_MNT_DIR}/etc/yum.repos.d/${repo[0]}.repo" + [${repo[0]}] + baseurl=${repo[3]} + enabled=1 + gpgcheck=0 + EOF + continue + fi [ "${#repo[@]}" -gt 5 ] || continue # NOTE: Names and formatting are compatible with Salt linux.system.repo cat <<-EOF | sudo tee "${OPNFV_MNT_DIR}/etc/apt/preferences.d/${repo[0]}" @@ -178,15 +204,23 @@ function __apt_repos_pkgs_image { done # Install packages if [ "${#pkgs_i[@]}" -gt 0 ]; then - sudo DEBIAN_FRONTEND="noninteractive" \ - chroot "${OPNFV_MNT_DIR}" apt-get update - sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ - chroot "${OPNFV_MNT_DIR}" apt-get install -y "${pkgs_i[@]}" + if [[ "${MCP_OS:-}" =~ ubuntu ]]; then + sudo DEBIAN_FRONTEND="noninteractive" \ + chroot "${OPNFV_MNT_DIR}" apt-get update + sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ + chroot "${OPNFV_MNT_DIR}" apt-get install -y "${pkgs_i[@]}" + else + sudo chroot "${OPNFV_MNT_DIR}" yum install -y "${pkgs_i[@]}" + fi fi # Remove packages if [ "${#pkgs_r[@]}" -gt 0 ]; then - sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ - chroot "${OPNFV_MNT_DIR}" apt-get purge -y "${pkgs_r[@]}" + if [[ "${MCP_OS:-}" =~ ubuntu ]]; then + sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ + chroot "${OPNFV_MNT_DIR}" apt-get purge -y "${pkgs_r[@]}" + else + sudo chroot "${OPNFV_MNT_DIR}" yum remove -y "${pkgs_r[@]}" + fi fi # Disable cloud-init metadata service datasource sudo mkdir -p "${OPNFV_MNT_DIR}/etc/cloud/cloud.cfg.d" @@ -212,7 +246,8 @@ function __cleanup_vms { ############################################################################## function prepare_vms { - local base_image=$1; shift + local base_image_f=$1; shift + local base_image=${base_image_f%.xz} local image_dir=$1; shift local repos_pkgs_str=$1; shift # ^-sep list of repos, pkgs to install/rm local image=base_image_opnfv_fuel.img @@ -222,7 +257,8 @@ function prepare_vms { cleanup_uefi __cleanup_vms - __get_base_image "${base_image}" "${image_dir}" + __get_base_image "${base_image_f}" "${image_dir}" + [ "${base_image}" == "${base_image_f}" ] || unxz -fk "${image_dir}/${_o}.xz" IFS='^' read -r -a repos_pkgs <<< "${repos_pkgs_str}" local _h=$(echo "${repos_pkgs_str}.$(md5sum "${image_dir}/${_o}")" | \ @@ -513,7 +549,6 @@ function cleanup_mounts { sudo sed -i -e 's/^\s*set root=.*$//g' -e 's/^\s*loopback.*$//g' \ "${OPNFV_MNT_DIR}/boot/grub/grub.cfg" fi - sudo rm -f "${OPNFV_MNT_DIR}/run/resolvconf/resolv.conf" sync if mountpoint -q "${OPNFV_MNT_DIR}"; then sudo umount -l "${OPNFV_MNT_DIR}" || true diff --git a/mcp/scripts/pharos b/mcp/scripts/pharos -Subproject fed789498ee2d7b4a910c881331013d30ef623b +Subproject 0a5938bca8b4c6b8f328bdbb1f9da35fd8da002 diff --git a/mcp/scripts/requirements_deb.yaml b/mcp/scripts/requirements_deb.yaml index d2cc21539..032aa1146 100644 --- a/mcp/scripts/requirements_deb.yaml +++ b/mcp/scripts/requirements_deb.yaml @@ -40,3 +40,5 @@ deploy: # AArch64 VMs use AAVMF (guest UEFI) - ipxe-qemu - qemu-efi + # AArch64 CentOS cloud image is archived with xz + - xz-utils diff --git a/mcp/scripts/requirements_rpm.yaml b/mcp/scripts/requirements_rpm.yaml index 50ce5d9f5..ef9bfad9c 100644 --- a/mcp/scripts/requirements_rpm.yaml +++ b/mcp/scripts/requirements_rpm.yaml @@ -44,3 +44,5 @@ deploy: aarch64: # AArch64 VMs use AAVMF (guest UEFI) - AAVMF + # AArch64 CentOS cloud image is archived with xz + - xz diff --git a/mcp/scripts/user-data.sh.j2 b/mcp/scripts/user-data.sh.j2 index d77773260..f568164c1 100644 --- a/mcp/scripts/user-data.sh.j2 +++ b/mcp/scripts/user-data.sh.j2 @@ -7,8 +7,9 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## {%- import 'net_map.j2' as nm with context %} -rm /etc/salt/minion_id -rm -f /etc/salt/pki/minion/minion_master.pub +rm -f /etc/salt/minion_id /etc/salt/pki/minion/minion_master.pub echo "id: $(hostname).{{ conf.cluster.domain }}" > /etc/salt/minion echo "master: {{ nm.net_admin | ipnet_hostaddr(nm.start_ip[nm.net_admin] + nm.net_admin_hosts.index('opnfv_infra_config_pxe_admin_address') +1) }}" >> /etc/salt/minion -service salt-minion restart +ldconfig +systemctl enable salt-minion.service +systemctl restart salt-minion.service diff --git a/mcp/scripts/xdf_data.sh.j2 b/mcp/scripts/xdf_data.sh.j2 index 346a9e53e..032b00acf 100644 --- a/mcp/scripts/xdf_data.sh.j2 +++ b/mcp/scripts/xdf_data.sh.j2 @@ -76,15 +76,15 @@ {%- endif -%} {%- endmacro -%} -{#- Pack apt_pkg data as string -#} -{%- macro serialize_apt_pkg() -%} +{#- Pack repo_pkg data as string -#} +{%- macro serialize_repo_pkg() -%} {%- set arr = [] -%} - {%- set sections = [arch.common] -%} + {%- set sections = [arch[conf.MCP_OS].common] -%} {%- if conf.MCP_VCP or '-vcp-' in conf.MCP_DEPLOY_SCENARIO -%} - {%- do sections.append(arch.control) -%} + {%- do sections.append(arch[conf.MCP_OS].control) -%} {%- endif -%} {%- for c in sections -%} - {%- do arr.append(pack([pack(c.apt['keys']), pack(c.apt.repos), + {%- do arr.append(pack([pack(c.repo['keys']), pack(c.repo.repos), pack(c.pkg.install), pack(c.pkg.remove)], '^')) -%} {%- endfor -%} '{{ pack(arr, '^') }}' @@ -103,7 +103,7 @@ export CLUSTER_DOMAIN={{ conf.cluster.domain }} cluster_states={{ bash_arr(arch.default.cluster.states + cluster_states) }} virtual_nodes={{ filter_nodes('virtual') }} control_nodes_query={{ filter_nodes(['baremetal', 'virtual'], True, ['control']) }} -base_image={{ arch.base_image }} +base_image={{ arch[conf.MCP_OS].base_image }} # Serialize vnode data as: # <name0>,<ram0>,<vcpu0>[,<sockets0>,<cores0>,<threads0>[,<cell0name0>,<cell0memory0>, @@ -113,4 +113,4 @@ virtual_nodes_data={{ serialize_vnodes() }} # Serialize repos, packages to (pre-)install/remove for: # - foundation node VM base image (virtual: all VMs, baremetal: cfg01|mas01) # - virtualized control plane VM base image (only when VCP is used) -virtual_repos_pkgs={{ serialize_apt_pkg() }} +virtual_repos_pkgs={{ serialize_repo_pkg() }} |