summaryrefslogtreecommitdiffstats
path: root/mcp/scripts/lib.sh
AgeCommit message (Collapse)AuthorFilesLines
2018-08-29[docker] Switch to containerized Salt MasterAlexandru Avadanii1-4/+39
* Refactor OPNFV salt-formulas mechanism to resemble upstream git structure: - git submodules: add new submodule for each formula we patch; - create salt-formula-x directories for OPNFV formulas; - move mcp/metadata/service contents to their each formula subdir; - use `make patches-import` for patches previously handled by patch.sh; - retire patch.sh * states: add virtual_init: - mostly based on old salt.sh, which is now obsolete; - exclude salt-master service restart (it would kill the container); * scenarios: cleanup (rm cfg01 virtual node def), adopt virtual_init; * reclass: align our model with prebuilt container's Salt config: - drop linux:network pillar data (handled by Docker); - stop applying linux.system state on cfg01; - align salt user homedir; - drop salt-formula packages (preprovisioned); * minor plumbing in deploy.sh and lib.sh; JIRA: FUEL-383 Change-Id: I28708a9b399d3f19012212c71966ebda9d6fc0ac Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-29[lib.sh] Add veth pair handling supportAlexandru Avadanii1-2/+10
Upcoming docker integration requires special care for network interfaces Docker will hook to, so virsh networks can be mixed with Docker networks. We'll use veth pair(s) to hook together the Docker network(s) to their counterpart virsh-managed Linux bridge(s). JIRA: FUEL-383 Change-Id: I1a714dc8be73e79539d85bacac311d1ed05cc18d Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-29[jump vnet] Workaround MTU set race conditionAlexandru Avadanii1-2/+4
Older libvirt (1.x, 2.x, even older 3.x) try to enforce their own MTU (1500), overriding it back to 1500 after the udev rule finished. Delay link modification with 1 second and extend its patten to also include libvirt's own tap interfaces (<network name>-nic). Change-Id: I3050c11de7f376df02cbf203e9106b61c560683f Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-27[jump vnet] Fix udev rule event for older libvirtAlexandru Avadanii1-1/+1
Older libvirt seems to raise 'change' events instead of 'add', so the MTU bump of the libvirt managed tap interfaces was not properly applied. Change-Id: Ie1a4f1c4f235ad4f83bf9ee218a40dcedc1ce914 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-21[deploy.sh] Install Docker if not presentAlexandru Avadanii1-0/+11
JIRA: FUEL-383 Change-Id: I19d27ca59a3f24d1bd66e39457a6ca267bccce19 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-21[jump req] Add build/deploy specific requirementsAlexandru Avadanii1-1/+2
Add support for different prerequisites depending on the current operation (docker build or cluster deploy). Leverage the new support to pre-install upcoming deps: - python-pip (build); - docker-compose (deploy); JIRA: FUEL-383 Change-Id: Ic3e6062b1943e3584f0b1f80d2e33b8812defced Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-13[jump] Enable jumbo frames for vnet devicesAlexandru Avadanii1-0/+7
By default, vnet devices have a MTU of 1500 on the host side, causing issue with larger packets traversing the bridges between guest VMs when guest VMs have jumbo frames enabled. JIRA: FUEL-336 JIRA: FUEL-367 JIRA: FUEL-382 [1] http://linuxaleph.blogspot.com/2013/01/ how-to-network-jumbo-frames-to-kvm-guest.html [2] https://packetpushers.net/udev/ Change-Id: I941ac9cf764e3b3fa2d6463be5363b5459775f29 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-07[scenarios] Differentiate virtual node rolesAlexandru Avadanii1-0/+1
Split scenario yaml definitions for virtual.nodes based on node role ('infra', 'control' or 'compute'), to be leveraged later to contruct node lists based on said role. This moves the responsability of filtering node names in scenario files (based on 'virtual' or 'baremetal' type) to xdf_data.sh.j2, simplifying scenario templates. By keeping all nodes (both virtual and baremetal) in scenario files, we can later determine the role (and implicitly the hostname) for a MaaS-managed node based on its index in the virtual.nodes.control structure. JIRA: FUEL-382 Change-Id: I1f83a307631f4166ee1c57ef598c44876b962f97 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-03[lib.sh] Reset virtual nodes after MaaS installAlexandru Avadanii1-0/+17
For hybrid PODs (e.g. x86_64 jumpserver + control nodes, aarch64 baremetal compute nodes), the virtual nodes rely on MaaS DHCP to be up when the OS boots, so issue a `virsh reset` accordingly. Instead of checking for online nodes using `test.ping`, use `saltutil.sync_all` to also sync Salt state modules to the virtual nodes (usually handled by baremetal_init state in HA deploys). JIRA: FUEL-338 Change-Id: If689d057dc4438102c3a7428a97b9638e21bfdc5 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-03[lib.sh] Support older jumpserver libvirtAlexandru Avadanii1-1/+2
`virsh undefine` argument `--nvram` is only supported by newer versions of libvirt. Although this is mandatory for AArch64, for x86_64 this is not a blocker (since we don't enable OVMF for the VMs on the jumpserver). Change-Id: I3a82bc54b36228980a41d77a463a7558a685c03d Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-03-18lib.sh: Skip modprobing nbd, loop if inbuiltAlexandru Avadanii1-1/+3
While at it, skip waiting for Salt master when deleting UEFI stale entries if it doesn't respond to ping. Also, use https for fetching Armband GPG key to bypass yet another hks issue behind proxies/firewalls that block hks port. Change-Id: I400cbe3257094b62c96b302a3c81c5ffd1ba4755 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-03-11lib.sh: Add missing `sudo` for `losetup`Alexandru Avadanii1-2/+2
Change-Id: I1c5e3d7a0dbac14bf242730d6ac8d2b1d0817907 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-03-07[vnode parsing] Move core logic to j2Alexandru Avadanii1-63/+1
j2/python is easier to read and manipulate strings, although it does need some special care about undefined dict keys. With this in place, deploy.sh only contains the higher level logic for the deployment process. - merge arch-specific default configuration files into a singular file with arch name as main dict key of old config (also avoids creating duplicate 'virtual' YAML keys in $LOCAL_PDF); - move template handling to separate <lib_template.sh>; - decouple tight bash ordering of scenario expansion -> parse_yaml -> variable export (e.g. CLUSTER_DOMAIN) -> re-use in cluster j2s; however we can't parse *all* j2s in one go, as scenario j2s might expand to YAMLs needed while expanding cluster j2; - split `do_templates` into separate functions for each stage, with no coupling between them other then call order; Change-Id: I4b5e804094c00e5e918caf769fd85fa52181ad76 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-03-04[jump req] Move pkg installation to lib.shAlexandru Avadanii1-0/+15
Change-Id: I687b73b256aca78c9d41d4bcd49bfbde51278b51 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-03-03[j2 parsing] Adopt new generate_config featuresAlexandru Avadanii1-15/+13
- bump Pharos git submodule for j2 'do' extension + batch mode; - adopt j2 'do' in our templates; - use int filter for 'native' vlan check; - lib.sh: adopt `-i` to remove `ln` hack for net_map.j2; - lib.sh: adopt `-b` to speedup template parsing; NOTE: Bumping Pharos will also bring in the latest changes in pod_config.yml.j2, which include massive IP shifts and updates. JIRA: FUEL-335 Change-Id: I7d3a997b3d8659d5f09f867870fb3a148c1ec6df Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-28lib.sh: Validate pdf/idf with pharos schemaGuillermo Herrero1-1/+15
Run the pharos yaml schema validation for configuration files before expanding them JIRA: FUEL-341 Change-Id: Ia1d69f53265876683a1b6674665a9594ba7dae16 Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
2018-02-22[noHA] Add dedicated cinder volume for virtual cmpAlexandru Avadanii1-0/+11
Replace loop device LVM-backed cinder volume with a dedicated /dev/vdb drive. This is another small step towards bringing noHA to baremetal. Change-Id: I80f9c2bee42e933a36ab7a8f9b4c5247d1652b42 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-07[jump] Add simple check for required Linux bridgesAlexandru Avadanii1-3/+39
- MaaS requires PXE/admin to be a Linux bridge; - if virtual nodes are present, they should be hooked to a proper Linux bridge for the Public network, but only throw a warning if not (and create a mock public virsh network instead); - if both virtual and baremetal nodes are present, Public bridge is indirectly mandatory (we can't mock it); JIRA: FUEL-339 Change-Id: Idfe99d66c49eadc56cb3d94ca4db3467fb76d388 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-06Add NOVCP HA OVS scenario (baremetal, virtual)Alexandru Avadanii1-4/+3
Add a new class of scenarios, based on existing baremetal HA scenarios, but instead of having a virtualized control plane (VCP), all Openstack controller services will run directly on the cluster nodes. This change adds the common scaffolding, as well as the OVS scenario. The new scenario(s) can be used on full-baremetal clusters, soon on full-virtual clusters and later on hybrid (virt + bare) clusters. This change defines old (current) style scenario definitions for both baremetal and virtual, both named: - os-nosdn-nofeature-novcp-ha; Prerequisites: 1. Merge-able by name reclass.storage.node definitions Each cluster (e.g. database, telemetry) adds its own set of reclass storage node defitions, which for novcp scenarios should be merged into a single node (kvm) based on the 'name' property. This is not currently supported by upstream reclass 'node.sls' high state, so add support for it via an early patch (required before salt-master-init.sh tries to handle reclass.storage). 2. common reclass classes for novcp Some of the classes in `baremetal-...-common-ha` are not fit for novcp as they define VCP-specific config/inheritance, so add new versions of said classes with novcp in mind or adapt old classes: - parameterize ctl hostname in `openstack_compute.yml`; - new `openstack_control_novcp.yml`; - new `openstack_init_novcp.yml`; 3. Handle hard set names in state files for baremetal nodes Some of our state files (e.g. maas) hardcodes baremetal node names to 'kvm', 'cmp', so we need to align the names in novcp scenario with these values to re-use the maas state. As a future improvement we should parameterize these names in all state files. As a consequence, our baremetal controller nodes will also use 'kvm*' hostnames (instead of 'ctl*'). 4. Add 'noifupdown' to all interfaces on kvm nodes to prevent duplicate IPs/routes created at *any* ifup due to /etc/network/route-br-ex. Patch salt-formula-linux to skip network restart on 'noifupdown', also when routes are present on that interface. JIRA: FUEL-310 Change-Id: Ic67778f63e5ee0334dbfe9547c7109ec1a938d61 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-06[virtual] Add missing ODL dhcp_intAlexandru Avadanii1-4/+3
- add missing network definitions for ODL node's 1st interface; - add missing comments for `notify` global functions; - fix or silence shellcheck issues; JIRA: FUEL-322 Change-Id: Ie3341d29ab12ddf432db603ad865259afb54714e Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-06lib.sh: modprobe br_netfilter, don't bail on errAlexandru Avadanii1-4/+7
Some sysadmins or distro defaults might blacklist br_netfilter, or it might not be loaded at deploy start, account for these corner cases too. JIRA: FUEL-334 Change-Id: I3ca6cb3848df8d2af1625ff4e3816efe8b320886 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-05[virtual] PDF-based network defs for cluster nodesAlexandru Avadanii1-0/+3
Decouple virtual cluster nodes (ctl, gtw etc.) from opnfv_fn_* vars in favor of parsing PDF/IDF. This is the first step towards unifying baremetal and virtual network definition templates, as well as allowing virtual nodes to run on a remote hypervisor (and eventually with a different arch). opnfv_fn_* vars will still be used for infra VMs spawned on FN (cfg01 and optionally mas01). Adopt new 'net_map.j2' from Pharos submodule for new templates (virt), as well as old ones (baremetal). JIRA: FUEL-322 Change-Id: I150c2416566bbe42ea11cd00f12a8a7bf96776c2 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-05[virtual] Split 'pxebr' from 'mcpcontrol' netAlexandru Avadanii1-7/+12
- add new virsh managed network 'pxebr' (to mimic baremetal behavior on virtual PODs, this will be the equivalent of PXE/admin network); - connect 'pxebr' to 3rd interface for cfg01, mas01 for all deploys (used to be baremetal-specific), replacing 'internal'; - keep 'mcpcontrol' connected only to 'cfg01' (+ 'mas01' if present) for initial infrastructure bring-up (1st interface); - switch all virtual cluster nodes to 'pxebr' (1st interface); - use 'pxebr' for all Salt cluster nodes traffic, 'mcpcontrol' only for mas01<=>cfg01 Salt traffic; - convert <user-data.template> to jinja2 and expand it based on PDF instead of using `envsubst`; - split <user-data.sh.j2> into two versions, one for each network used for Salt traffic; - ci/deploy.sh: Read scenario data before template parsing for cluster domain variable, needed in virsh network def; - leave docs diagram refresh to later after all possible deploy types have settled; - limit keyserver proxy usage to nodes where the configured http proxy matches the first nameserver (true for all MaaS-provisioned nodes), so we can re-use the same pillar for FN VMs and baremetal nodes; - add PXE/admin IP on cfg01's 3rd interface and switch other vnodes `salt_master_host` to point to it; JIRA: FUEL-322 Change-Id: Ie4f7aedddf2ef81046f1127b377d88dce79f0fda Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-05[PDF] Switch to generate_config, unify templatesAlexandru Avadanii1-3/+53
- move bash template handling (previously expanded via `envsubst`) to lib.sh; - move j2 template handling to lib.sh; - move virsh network templates to 'mcp/scripts/virsh_net' subdir; - switch virsh network templates from `envsubst` expansion to j2 and leverage generate_config.py, similar to PDF Fuel installer adapter; - add relevant runtime env vars (e.g. SALT_MASTER, MAAS_IP) on the fly to PDF, to consume them in templates like params coming from PDF; - parameterize virsh network definitions based on PDF (mgmt, public); JIRA: FUEL-322 Change-Id: Ib94e78fc4f25797b9354a0552e884104da5d0003 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-02Merge "deploy.sh: Disable net.bridge.bridge-nf-call"Michael Polenchuk1-0/+9
2018-02-02Revert "[FN VMs] remove graphics"Alexandru Avadanii1-2/+10
RHEL family virtualization tools reserve 02:00 PCI slot for VGA, even if 'nographics' is specified when creating the VM (in case the user wants to later hook a video card, which usually *requires* PCI slot2). Debian systems do not follow this rule (tested with libvirt 1.x, 2.x, 3.x), hence 1st NIC lands on PCI slot 2 (and get eth name 'ens2'). To align the behavior across all possible jumpserver distros, bring back the virtio video. This reverts commit 738f6c3b68d1179de1ff790f9e72c25f10874da4. Change-Id: Ifd855c12e04aec1ff0ab047b13f8081365741889 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-01deploy.sh: Disable net.bridge.bridge-nf-callAlexandru Avadanii1-0/+9
JIRA: FUEL-334 Change-Id: I6d2499053dcfb7f99593fcd5c948b569bdcb9c9b Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-29[FN VMs] remove graphicsAlexandru Avadanii1-10/+2
Since VCP VMs (created via salt formula) do not have a video controller defined in their domain XMLs, network devices end on different PCI slots and hence have different names assigned (ens2+ vs foundation node VMs, which start with ens3). To align network interface names for VMs on jumpserver vs kvm nodes, and reduce confusion, remove the video controller from FN VMs. This allows some cleanup: - drop extra AArch64 args from virt-install; - unify 'opnfv_vcp_vm_*' and 'opnfv_fn_vm_*' variables; Change-Id: I0d108b00914b3eaaa03b67c652174f8ed4573118 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-25lib.sh: Reduce useless wget dot reportingAlexandru Avadanii1-1/+1
Downloading the base image (usually a few hundred MB) outputs a lot of useless dots to show progress. Switch to 1M per dot (from 1K). Change-Id: I8c525cad0b46e8ba3a7f6da4dd7f8277a49df91f Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-22Add support for different public network netmaskGuillermo Herrero1-0/+7
- Remove hardcoded /24 mask - Use PDF as source for public network, with reclass params: opnfv_net_public, _mask, _gw, _pool_start, _pool_end JIRA: FUEL-315 Change-Id: Idf3a4ed8f63f58fa90d9c1dcb7751ef3b1c9bd36 Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
2018-01-08lib.sh: base image: Prevent using incomplete imgAlexandru Avadanii1-4/+4
In case the previous deploy attempt already copied the base image as the VCP image in order to perform offline operations and failed, leaving an incomplete image in place, current code might try to use it instead of building it from scratch. Use the hash-agnostic link names as checkpoints for successful image handling. Change-Id: I1e99e515e18ba1dec534c520811c127b2b528afe Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-08lib.sh: Fix `modprobe -f` on UbuntuAlexandru Avadanii1-3/+4
For some reason, `modprobe -f` for a clean nbd module (from vanilla Ubuntu) fails with exec format error randomly, while a simple `modprobe` works. Change-Id: I79785e510cab757e2482baf442054be984c24019 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-07lib.sh: Fix stop condition in wait_forAlexandru Avadanii1-5/+5
Change-Id: Ida693b6dd328db283d6992ac33500f4dd1a73eb8 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-07lib.sh: Extend wait_for function to catch no respAlexandru Avadanii1-3/+11
wait_for function should be able to also check for minions that did not return or not respond, in addition to the return code. To keep it backwards compatible, condition the new check on the max attempt number being specified in decimal format (e.g. '10.0' unlike old '10'). Change-Id: If2512cf9121cdd795638efe7362ef0485d4e8d91 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-07user-data.template: Remove salt-minion installAlexandru Avadanii1-4/+1
salt-minion is now pre-provisioned inside the image using qemu-nbd. Revert "lib.sh: Limit envsubst to certain variables" This reverts commit 3a76d07dbd409b781abdb8520f55a1b20edf07db. Change-Id: Icceb8bcf439e28ab01c7731c3602c1113290454d Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-07lib.sh: Cache base image(s) between deploysAlexandru Avadanii1-13/+36
Fingerprint and re-use base image artifacts. Change-Id: Ic7a73c04e27d25addd50e4e9880619a0028956d3 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-04[centos jump] nbd build: Fix REQ_TYPE_SPECIALAlexandru Avadanii1-1/+5
Change-Id: Ia514418d2aae1b4f7e752d4610fa6c9829c67e51 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-04[centos jump] Add nbd build supportAlexandru Avadanii1-2/+70
RHEL distros do not maintain nbd, so add a best-effort function to build it on the fly. Change-Id: Ie0419f0fed8a0b12f6b878b3093d6ca34f72d140 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-12-27lib.sh: Add delay after `kpartx -av`Alexandru Avadanii1-0/+1
On rare occassions, mapper bindings created by kpartx take longer to show up, leading to errors when we try to mount them on. Bring back the hardcoded delay to bypass such issues. Change-Id: Ib386c04fc55cd85235a2156dba08fda378e4cdfd Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-12-18Merge "[baremetal] Move salt master IP to PXE/admin"Alexandru Avadanii1-4/+3
2017-12-18[baremetal] Move salt master IP to PXE/adminAlexandru Avadanii1-4/+3
Use PXE/admin network for salt traffic from/to all minions except cfg01, mas01. This allows us to drop the route to admin net from cfg01. Change-Id: Ic2526f1ff77afe5d92ced900971f4c8f78d2d8a2 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-12-15ci/deploy.sh: maas: cleanup_uefi on env eraseAlexandru Avadanii1-2/+3
Running `ci/deploy.sh -EE` should also perform an UEFI boot option cleanup, otherwise we risk booting the previously installed OS. While at it, reduce delay between nodes removal and fix a rare failure for `-EE` when no nodes are defined in MaaS. Change-Id: I789ffd3e22545921216f7d5ee3509c76354542eb Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-12-07Merge "base image: Explicitly call kpartx"Michael Polenchuk1-3/+7
2017-12-07Merge "lib.sh: persistent cfg01, mas01 mcpcontrol"Michael Polenchuk1-2/+2
2017-11-28base image: Explicitly call kpartxAlexandru Avadanii1-3/+7
qemu-nbd currently available in CentOS 7 does not add partition mappings automatically for NBD devices, so add explicit `kpartx` calls. Change-Id: Ifa79c89b82024602b782c449dbf4de10899e03b5 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-11-27lib.sh: persistent cfg01, mas01 mcpcontrolAlexandru Avadanii1-2/+2
cfg01, mas01 DHCP leases in mcpcontrol virtual network should be persistent (if cfg01 IP changes, minions can't find Salt Master). Change-Id: I497207ebe1537af94fd92de12491664d17ad3144 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-11-27AArch64: base image: pre-install salt-minionAlexandru Avadanii1-1/+7
While at it, rename apt repo in foundation node user-data template from "salt" to "saltstack", to align with reclass model naming. Change-Id: I5b216492349ae187b568884b1ab4046c52b1c6b2 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-11-27Add pre-{install,purge} support for base imageAlexandru Avadanii1-5/+132
Extend <lib.sh> and its invocation from <ci.deploy.sh> with support for modifying foundation node VMs base image prior to using it with: - additional APT GPG keys; - additional APT repos; - packages to pre-install; - packages to pre-remove; - (non-configurable) cloud init datasource via NoCloud only, so VCP VMs won't wait for metadata service; While at it, re-use the resulting image as a base for another round of pre-patching (same operations as above are supported) to provide a base image for VCP VMs. Add AArch64-specific configuration based on new mechanisms: - pre-install linux-image-generic-hwe-16.04-edge (and headers) for foundation node and VCP (common) image (also requires new repo and its key); - pre-install cloud-init for VCP image (it should already be installed, but script needs non-empty config for VCP to create the VCP image and transfer it over to Salt Master); NOTE: cloud-init is required on VCP VMs for DHCP on 1st iface. JIRA: FUEL-309 Change-Id: I7dcaf0ffd9c57009133c6d339496ec831ab14375 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-11-08lib.sh: Cleanup previous /boot/efi contentsAlexandru Avadanii1-1/+2
Some UEFI firmwares insist on scanning removable drives, even when boot entries were deleted from UEFI boot list (board flash). To work around this, remove contents of </boot/efi/*>, so scanning won't identify any valid EFI binaries. Another option would be erasing partition tables, but identifying the underlying disk(s) is more complicated, especially when using LVM/RAID etc. Change-Id: I9949b99b139b1642e3bd8f04de3bd5ef74d1ecc5 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-28lib.sh: rm Ubuntu boot entry on EFI systemsAlexandru Avadanii1-0/+10
On EFI-enabled systems, grub-install from grub-efi-* package installs a boot entry named "ubuntu". MaaS relies on IPMI to set boot order to PXE first; however on systems with buggy firmware or without full IPMI support, that fails, leading to booting Ubuntu from hard disk instead. Work around this by clearing any previous Ubuntu boot entry from board flash, before starting a new baremetal deploy. NOTE: This only runs against nodes that are online from a previous deploy. Closes: ARMBAND-47 Change-Id: I1c4ece09e42845ce2a1b7119ec69e46e5ca12376 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>