From 5440500624a503b3f91852cd17089aab76afe806 Mon Sep 17 00:00:00 2001 From: Alexandru Avadanii Date: Mon, 10 Jun 2019 15:19:27 +0200 Subject: [iec] Add basic CentOS support (virtual only) - reclass: iec: CentOS compatibility changes: * drop `proto: static` in favor of letting the linux formula set the appropiate default based on target OS; * replace `proto: manual` with `proto: none` on RHEL systems; * system.file: Avoid using non-existing `shadow` group for system files; * load br_netfilter kernel module to avoid `linux.network` state failures; * disable `at`, `cron` due to incomplete defaults in salt-formula-linux (since we don't use them on iec nodes anyway); - jumpserver/VCP VMs: centos: enable predictable interface names: * CentOS cloud image defaults to old 'eth' naming scheme; * add necessary kernel boot options via linux state; * cleanup auto-generated udev rules for old eth interface names; - salt-formula-linux: network: RHEL: Set bridge for member interfaces * Find the bridge containing the interface being currently configured (if any) and pass it to the `network.managed` Salt call; - deploy.sh: Add new deploy argument `-o` for specifying the operating system to preinstall on jumpserver and/or VCP VMs; * defaults to 'ubuntu1604'; * only iec scenarios will also support 'centos' for now; - user-data: minor tweaks for CentOS compatability: * use `systemctl` instead of `service` utility; * explicitly enable `salt-minion` service, since it defaults to disabled on RHEL systems; * explicitly call `ldconfig` to work around stale cache on RHEL, preventing `salt-minion` from using OpenSSL library; - states: virtual_init: Skip non-existing sysctl options on CentOS: * CentOS currently uses a 3.x kernel which lacks certain sysctl options that were only introduced in 4.x kernels, so skip them; - state: akraino_iec: Add centos support: * move iec repo to `/var/lib/akraino/iec` on both Salt Master and cluster nodes; - scenario defaults: Add CentOS configuration: * OS-dependent configuration split; * CentOS base image, default packages etc.; - AArch64 deploy requirements: Add `xz` dependency * CentOS AArch64 cloud image is archived using xz, install xz tools for decompression; - xdf_data: Make yaml parsing OS agnostic: * rename `apt` to `repo` where appropiate; * OS-dependent configuration parsing; - lib_jump_deploy: CentOS handling changes: * skip filesystem resize of cloud image for CentOS; * add repo handling, package intallation/removal handling for CentOS; * unxz base image if necessary (CentOS AArch64 cloud image); Change-Id: Ic3538bacd53198701ff4ef77db62218eabc662e7 Signed-off-by: Alexandru Avadanii --- mcp/scripts/lib_jump_deploy.sh | 69 +++++++++++++++++++++++++++++---------- mcp/scripts/pharos | 2 +- mcp/scripts/requirements_deb.yaml | 2 ++ mcp/scripts/requirements_rpm.yaml | 2 ++ mcp/scripts/user-data.sh.j2 | 7 ++-- mcp/scripts/xdf_data.sh.j2 | 14 ++++---- 6 files changed, 68 insertions(+), 28 deletions(-) (limited to 'mcp/scripts') diff --git a/mcp/scripts/lib_jump_deploy.sh b/mcp/scripts/lib_jump_deploy.sh index a8444b8cf..937071001 100644 --- a/mcp/scripts/lib_jump_deploy.sh +++ b/mcp/scripts/lib_jump_deploy.sh @@ -104,7 +104,7 @@ function __kernel_modules { function __mount_image { local image=$1 local image_dir=$2 - OPNFV_MNT_DIR="${image_dir}/ubuntu" + OPNFV_MNT_DIR="${image_dir}/mnt" # Find free nbd, loop devices for dev in '/sys/class/block/nbd'*; do @@ -117,7 +117,8 @@ function __mount_image { OPNFV_MAP_DEV=/dev/mapper/$(basename "${OPNFV_NBD_DEV}")p1 export OPNFV_MNT_DIR OPNFV_LOOP_DEV [ -n "${OPNFV_NBD_DEV}" ] && [ -n "${OPNFV_LOOP_DEV}" ] || exit 1 - qemu-img resize "${image_dir}/${image}" 3G + [[ "${MCP_OS:-}" =~ centos ]] || \ + qemu-img resize "${image_dir}/${image}" 3G sudo qemu-nbd --connect="${OPNFV_NBD_DEV}" --aio=native --cache=none \ "${image_dir}/${image}" sudo kpartx -av "${OPNFV_NBD_DEV}" @@ -131,15 +132,28 @@ function __mount_image { sleep 5 # /dev/nbdNp1 takes some time to come up fi sudo partx -d "${OPNFV_NBD_DEV}" - # grub-update does not like /dev/nbd*, so use a loop device to work around it - sudo losetup "${OPNFV_LOOP_DEV}" "${OPNFV_MAP_DEV}" mkdir -p "${OPNFV_MNT_DIR}" - sudo mount "${OPNFV_LOOP_DEV}" "${OPNFV_MNT_DIR}" + if [ "$(uname -i)" = "aarch64" ] && [[ "${MCP_OS:-}" =~ centos ]]; then + # AArch64 CentOS cloud image contains a broken shim binary + # https://bugzilla.redhat.com/show_bug.cgi?id=1527283 + sudo mount "${OPNFV_MAP_DEV}" "${OPNFV_MNT_DIR}" + sudo cp -f --remove-destination "${OPNFV_MNT_DIR}/EFI/BOOT/fbaa64.efi" \ + "${OPNFV_MNT_DIR}/EFI/BOOT/BOOTAA64.EFI" + sudo umount -l "${OPNFV_MNT_DIR}" + # AArch64 CentOS cloud image has root partition at index 4 instead of 1 + sudo mount "${OPNFV_MAP_DEV/p1/p4}" "${OPNFV_MNT_DIR}" + sudo sed -i -e 's/^\(SELINUX\)=.*$/\1=permissive/g' \ + "${OPNFV_MNT_DIR}/etc/selinux/config" + else + # grub-update does not like /dev/nbd*, so use a loop device to work around it + sudo losetup "${OPNFV_LOOP_DEV}" "${OPNFV_MAP_DEV}" + sudo mount "${OPNFV_LOOP_DEV}" "${OPNFV_MNT_DIR}" + fi sudo mount -t proc proc "${OPNFV_MNT_DIR}/proc" sudo mount -t sysfs sys "${OPNFV_MNT_DIR}/sys" sudo mount -o bind /dev "${OPNFV_MNT_DIR}/dev" - sudo mkdir -p "${OPNFV_MNT_DIR}/run/resolvconf" - sudo cp /etc/resolv.conf "${OPNFV_MNT_DIR}/run/resolvconf" + sudo cp -f --remove-destination \ + /etc/resolv.conf "${OPNFV_MNT_DIR}/etc/resolv.conf" echo "GRUB_DISABLE_OS_PROBER=true" | \ sudo tee -a "${OPNFV_MNT_DIR}/etc/default/grub" sudo sed -i -e 's/^\(GRUB_TIMEOUT\)=.*$/\1=1/g' -e 's/^GRUB_HIDDEN.*$//g' \ @@ -153,8 +167,10 @@ function __apt_repos_pkgs_image { local pkgs_r=(${4//,/ }) [ -n "${OPNFV_MNT_DIR}" ] || exit 1 + # NOTE: We don't support (yet) some features for non-APT repos: keys, prio + # APT keys - if [ "${#apt_key_urls[@]}" -gt 0 ]; then + if [[ "${MCP_OS:-}" =~ ubuntu ]] && [ "${#apt_key_urls[@]}" -gt 0 ]; then for apt_key in "${apt_key_urls[@]}"; do sudo chroot "${OPNFV_MNT_DIR}" /bin/bash -c \ "wget -qO - '${apt_key}' | apt-key add -" @@ -164,6 +180,16 @@ function __apt_repos_pkgs_image { for repo_line in "${all_repos[@]}"; do # ||deb|[arch=]||| local repo=(${repo_line//|/ }) + + if [[ "${MCP_OS:-}" =~ centos ]]; then + cat <<-EOF | sudo tee "${OPNFV_MNT_DIR}/etc/yum.repos.d/${repo[0]}.repo" + [${repo[0]}] + baseurl=${repo[3]} + enabled=1 + gpgcheck=0 + EOF + continue + fi [ "${#repo[@]}" -gt 5 ] || continue # NOTE: Names and formatting are compatible with Salt linux.system.repo cat <<-EOF | sudo tee "${OPNFV_MNT_DIR}/etc/apt/preferences.d/${repo[0]}" @@ -178,15 +204,23 @@ function __apt_repos_pkgs_image { done # Install packages if [ "${#pkgs_i[@]}" -gt 0 ]; then - sudo DEBIAN_FRONTEND="noninteractive" \ - chroot "${OPNFV_MNT_DIR}" apt-get update - sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ - chroot "${OPNFV_MNT_DIR}" apt-get install -y "${pkgs_i[@]}" + if [[ "${MCP_OS:-}" =~ ubuntu ]]; then + sudo DEBIAN_FRONTEND="noninteractive" \ + chroot "${OPNFV_MNT_DIR}" apt-get update + sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ + chroot "${OPNFV_MNT_DIR}" apt-get install -y "${pkgs_i[@]}" + else + sudo chroot "${OPNFV_MNT_DIR}" yum install -y "${pkgs_i[@]}" + fi fi # Remove packages if [ "${#pkgs_r[@]}" -gt 0 ]; then - sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ - chroot "${OPNFV_MNT_DIR}" apt-get purge -y "${pkgs_r[@]}" + if [[ "${MCP_OS:-}" =~ ubuntu ]]; then + sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ + chroot "${OPNFV_MNT_DIR}" apt-get purge -y "${pkgs_r[@]}" + else + sudo chroot "${OPNFV_MNT_DIR}" yum remove -y "${pkgs_r[@]}" + fi fi # Disable cloud-init metadata service datasource sudo mkdir -p "${OPNFV_MNT_DIR}/etc/cloud/cloud.cfg.d" @@ -212,7 +246,8 @@ function __cleanup_vms { ############################################################################## function prepare_vms { - local base_image=$1; shift + local base_image_f=$1; shift + local base_image=${base_image_f%.xz} local image_dir=$1; shift local repos_pkgs_str=$1; shift # ^-sep list of repos, pkgs to install/rm local image=base_image_opnfv_fuel.img @@ -222,7 +257,8 @@ function prepare_vms { cleanup_uefi __cleanup_vms - __get_base_image "${base_image}" "${image_dir}" + __get_base_image "${base_image_f}" "${image_dir}" + [ "${base_image}" == "${base_image_f}" ] || unxz -fk "${image_dir}/${_o}.xz" IFS='^' read -r -a repos_pkgs <<< "${repos_pkgs_str}" local _h=$(echo "${repos_pkgs_str}.$(md5sum "${image_dir}/${_o}")" | \ @@ -513,7 +549,6 @@ function cleanup_mounts { sudo sed -i -e 's/^\s*set root=.*$//g' -e 's/^\s*loopback.*$//g' \ "${OPNFV_MNT_DIR}/boot/grub/grub.cfg" fi - sudo rm -f "${OPNFV_MNT_DIR}/run/resolvconf/resolv.conf" sync if mountpoint -q "${OPNFV_MNT_DIR}"; then sudo umount -l "${OPNFV_MNT_DIR}" || true diff --git a/mcp/scripts/pharos b/mcp/scripts/pharos index fed789498..0a5938bca 160000 --- a/mcp/scripts/pharos +++ b/mcp/scripts/pharos @@ -1 +1 @@ -Subproject commit fed789498ee2d7b4a910c881331013d30ef623b3 +Subproject commit 0a5938bca8b4c6b8f328bdbb1f9da35fd8da002c diff --git a/mcp/scripts/requirements_deb.yaml b/mcp/scripts/requirements_deb.yaml index d2cc21539..032aa1146 100644 --- a/mcp/scripts/requirements_deb.yaml +++ b/mcp/scripts/requirements_deb.yaml @@ -40,3 +40,5 @@ deploy: # AArch64 VMs use AAVMF (guest UEFI) - ipxe-qemu - qemu-efi + # AArch64 CentOS cloud image is archived with xz + - xz-utils diff --git a/mcp/scripts/requirements_rpm.yaml b/mcp/scripts/requirements_rpm.yaml index 50ce5d9f5..ef9bfad9c 100644 --- a/mcp/scripts/requirements_rpm.yaml +++ b/mcp/scripts/requirements_rpm.yaml @@ -44,3 +44,5 @@ deploy: aarch64: # AArch64 VMs use AAVMF (guest UEFI) - AAVMF + # AArch64 CentOS cloud image is archived with xz + - xz diff --git a/mcp/scripts/user-data.sh.j2 b/mcp/scripts/user-data.sh.j2 index d77773260..f568164c1 100644 --- a/mcp/scripts/user-data.sh.j2 +++ b/mcp/scripts/user-data.sh.j2 @@ -7,8 +7,9 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## {%- import 'net_map.j2' as nm with context %} -rm /etc/salt/minion_id -rm -f /etc/salt/pki/minion/minion_master.pub +rm -f /etc/salt/minion_id /etc/salt/pki/minion/minion_master.pub echo "id: $(hostname).{{ conf.cluster.domain }}" > /etc/salt/minion echo "master: {{ nm.net_admin | ipnet_hostaddr(nm.start_ip[nm.net_admin] + nm.net_admin_hosts.index('opnfv_infra_config_pxe_admin_address') +1) }}" >> /etc/salt/minion -service salt-minion restart +ldconfig +systemctl enable salt-minion.service +systemctl restart salt-minion.service diff --git a/mcp/scripts/xdf_data.sh.j2 b/mcp/scripts/xdf_data.sh.j2 index 346a9e53e..032b00acf 100644 --- a/mcp/scripts/xdf_data.sh.j2 +++ b/mcp/scripts/xdf_data.sh.j2 @@ -76,15 +76,15 @@ {%- endif -%} {%- endmacro -%} -{#- Pack apt_pkg data as string -#} -{%- macro serialize_apt_pkg() -%} +{#- Pack repo_pkg data as string -#} +{%- macro serialize_repo_pkg() -%} {%- set arr = [] -%} - {%- set sections = [arch.common] -%} + {%- set sections = [arch[conf.MCP_OS].common] -%} {%- if conf.MCP_VCP or '-vcp-' in conf.MCP_DEPLOY_SCENARIO -%} - {%- do sections.append(arch.control) -%} + {%- do sections.append(arch[conf.MCP_OS].control) -%} {%- endif -%} {%- for c in sections -%} - {%- do arr.append(pack([pack(c.apt['keys']), pack(c.apt.repos), + {%- do arr.append(pack([pack(c.repo['keys']), pack(c.repo.repos), pack(c.pkg.install), pack(c.pkg.remove)], '^')) -%} {%- endfor -%} '{{ pack(arr, '^') }}' @@ -103,7 +103,7 @@ export CLUSTER_DOMAIN={{ conf.cluster.domain }} cluster_states={{ bash_arr(arch.default.cluster.states + cluster_states) }} virtual_nodes={{ filter_nodes('virtual') }} control_nodes_query={{ filter_nodes(['baremetal', 'virtual'], True, ['control']) }} -base_image={{ arch.base_image }} +base_image={{ arch[conf.MCP_OS].base_image }} # Serialize vnode data as: # ,,[,,,[,,, @@ -113,4 +113,4 @@ virtual_nodes_data={{ serialize_vnodes() }} # Serialize repos, packages to (pre-)install/remove for: # - foundation node VM base image (virtual: all VMs, baremetal: cfg01|mas01) # - virtualized control plane VM base image (only when VCP is used) -virtual_repos_pkgs={{ serialize_apt_pkg() }} +virtual_repos_pkgs={{ serialize_repo_pkg() }} -- cgit 1.2.3-korg