aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--mcp/patches/salt-formula-maas/0006-curtin-Add-Bionic-support.patch20
-rw-r--r--mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j23
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j21
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml1
-rw-r--r--mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j21
-rw-r--r--mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml1
-rw-r--r--mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j21
7 files changed, 18 insertions, 10 deletions
diff --git a/mcp/patches/salt-formula-maas/0006-curtin-Add-Bionic-support.patch b/mcp/patches/salt-formula-maas/0006-curtin-Add-Bionic-support.patch
index 791f8eec7..c69507b20 100644
--- a/mcp/patches/salt-formula-maas/0006-curtin-Add-Bionic-support.patch
+++ b/mcp/patches/salt-formula-maas/0006-curtin-Add-Bionic-support.patch
@@ -12,19 +12,19 @@ Subject: [PATCH] curtin: Add Bionic support
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
---
- .../curtin_userdata_amd64_generic_bionic | 83 +++++++++++++++++++
- .../curtin_userdata_arm64_generic_bionic | 78 +++++++++++++++++
+ .../curtin_userdata_amd64_generic_bionic | 84 +++++++++++++++++++
+ .../curtin_userdata_arm64_generic_bionic | 79 +++++++++++++++++
maas/region.sls | 24 ++++++
- 3 files changed, 185 insertions(+)
+ 3 files changed, 187 insertions(+)
create mode 100644 maas/files/curtin_userdata_amd64_generic_bionic
create mode 100644 maas/files/curtin_userdata_arm64_generic_bionic
diff --git a/maas/files/curtin_userdata_amd64_generic_bionic b/maas/files/curtin_userdata_amd64_generic_bionic
new file mode 100644
-index 0000000..c28721a
+index 0000000..11af3cf
--- /dev/null
+++ b/maas/files/curtin_userdata_amd64_generic_bionic
-@@ -0,0 +1,83 @@
+@@ -0,0 +1,84 @@
+{%- from "maas/map.jinja" import cluster with context %}
+{%- raw %}
+#cloud-config
@@ -33,8 +33,9 @@ index 0000000..c28721a
+ {{for line in str(curtin_preseed).splitlines()}}
+ {{line}}
+ {{endfor}}
-+{{if third_party_drivers and driver}}
+early_commands:
++ thin_tools_install: ["sh", "-c", "apt-get update --quiet && apt-get --assume-yes install thin-provisioning-tools"]
++{{if third_party_drivers and driver}}
+ {{py: key_string = ''.join(['\\x%x' % x for x in map(ord, driver['key_binary'])])}}
+ driver_00_get_key: /bin/echo -en '{{key_string}}' > /tmp/maas-{{driver['package']}}.gpg
+ driver_01_add_key: ["apt-key", "add", "/tmp/maas-{{driver['package']}}.gpg"]
@@ -110,10 +111,10 @@ index 0000000..c28721a
+#}
diff --git a/maas/files/curtin_userdata_arm64_generic_bionic b/maas/files/curtin_userdata_arm64_generic_bionic
new file mode 100644
-index 0000000..d14388a
+index 0000000..006d8c2
--- /dev/null
+++ b/maas/files/curtin_userdata_arm64_generic_bionic
-@@ -0,0 +1,78 @@
+@@ -0,0 +1,79 @@
+{%- from "maas/map.jinja" import cluster with context %}
+{% raw %}
+#cloud-config
@@ -122,8 +123,9 @@ index 0000000..d14388a
+ {{for line in str(curtin_preseed).splitlines()}}
+ {{line}}
+ {{endfor}}
-+{{if third_party_drivers and driver}}
+early_commands:
++ thin_tools_install: ["sh", "-c", "apt-get update --quiet && apt-get --assume-yes install thin-provisioning-tools"]
++{{if third_party_drivers and driver}}
+ {{py: key_string = ''.join(['\\x%x' % x for x in map(ord, driver['key_binary'])])}}
+ driver_00_get_key: /bin/echo -en '{{key_string}}' > /tmp/maas-{{driver['package']}}.gpg
+ driver_01_add_key: ["apt-key", "add", "/tmp/maas-{{driver['package']}}.gpg"]
diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
index f98040b93..f3b1f79aa 100644
--- a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
+++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
@@ -33,7 +33,7 @@ parameters:
aarch64_hugepages_1g:
comment: 'Enable 1G pagesizes on aarch64'
definition: '//capability[@id="asimd"]|//capability[@id="cp15_barrier"]'
- kernel_opts: 'default_hugepagesz=1G hugepagesz=1G'
+ kernel_opts: 'default_hugepagesz=1G hugepagesz=1G kpti=off'
{%- endif %}
enable_iframe: False
timeout:
@@ -111,6 +111,7 @@ parameters:
enable_third_party_drivers: true
network_discovery: 'enabled'
default_min_hwe_kernel: ${_param:hwe_kernel}
+ kernel_opts: 'spectre_v2=off nopti kpti=off nospec_store_bypass_disable noibrs noibpb'
cluster:
saltstack_repo_bionic: "deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/18.04/amd64/2017.7/ bionic main"
region:
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
index fe337fa5b..37bc42225 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
@@ -41,6 +41,7 @@ parameters:
boot_options:
- spectre_v2=off
- nopti
+ - kpti=off
- nospec_store_bypass_disable
- noibrs
- noibpb
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
index 411fcee5a..af87d9c2f 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
@@ -73,6 +73,7 @@ parameters:
boot_options:
- spectre_v2=off
- nopti
+ - kpti=off
- nospec_store_bypass_disable
- noibrs
- noibpb
diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2 b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2
index cefed963e..14b8a268b 100644
--- a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2
@@ -41,6 +41,7 @@ parameters:
boot_options:
- spectre_v2=off
- nopti
+ - kpti=off
- nospec_store_bypass_disable
- noibrs
- noibpb
diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml
index 2dfe0370d..c330b677c 100644
--- a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml
+++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml
@@ -48,6 +48,7 @@ parameters:
boot_options:
- spectre_v2=off
- nopti
+ - kpti=off
- nospec_store_bypass_disable
- noibrs
- noibpb
diff --git a/mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j2
index 95b39f637..34372c69c 100644
--- a/mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j2
@@ -62,6 +62,7 @@ parameters:
boot_options:
- spectre_v2=off
- nopti
+ - kpti=off
sysctl:
net.ipv4.ip_forward: 0
libvirt: