da7a578473
Having admin NIC confugured in the middle of system booting is very fragile and error-prone approach. It's better to configure it ahead of first booting time. Also, there's no need for freaky networking restarting inside of cloud-init boothooks anymore. Change-Id: I4c278341e8b40eb8d9b100bed1d9a650f27b5c5b Related-Bug: #1583815
105 lines
5.8 KiB
Django/Jinja
105 lines
5.8 KiB
Django/Jinja
#cloud-boothook
|
|
#!/bin/bash
|
|
|
|
function add_str_to_file_if_not_exists {
|
|
file=$1
|
|
str=$2
|
|
val=$3
|
|
if ! grep -q "^ *${str}" $file; then
|
|
echo $val >> $file
|
|
fi
|
|
}
|
|
|
|
cloud-init-per instance wipe_sources_list_templates /bin/sh -c 'echo | tee /etc/cloud/templates/sources.list.ubuntu.tmpl'
|
|
|
|
#FIXME(agordeev): if operator updates dns settings on masternode after the node had been provisioned,
|
|
# cloud-init will start to generate resolv.conf with non-actual data
|
|
cloud-init-per instance resolv_conf_mkdir mkdir -p /etc/resolvconf/resolv.conf.d
|
|
cloud-init-per instance resolv_conf_remove rm -f /etc/resolv.conf
|
|
cloud-init-per instance resolv_conf_head_remove rm -f /etc/resolvconf/resolv.conf.d/head
|
|
cloud-init-per instance resolv_conf_header /bin/sh -c 'echo "# re-generated by cloud-init boothook only at the first boot;" | tee /etc/resolv.conf'
|
|
cloud-init-per instance resolv_conf_search /bin/sh -c 'echo "search {{ common.search_domain|replace('"','') }}" | tee -a /etc/resolv.conf'
|
|
cloud-init-per instance resolv_conf_domain /bin/sh -c 'echo "domain {{ common.search_domain|replace('"','') }}" | tee -a /etc/resolv.conf'
|
|
cloud-init-per instance resolv_conf_head_header /bin/sh -c 'echo "# re-generated by cloud-init boothook only at the first boot;" | tee /etc/resolvconf/resolv.conf.d/head'
|
|
cloud-init-per instance resolv_conf_head_search /bin/sh -c 'echo "search {{ common.search_domain|replace('"','') }}" | tee -a /etc/resolvconf/resolv.conf.d/head'
|
|
cloud-init-per instance resolv_conf_head_domain /bin/sh -c 'echo "domain {{ common.search_domain|replace('"','') }}" | tee -a /etc/resolvconf/resolv.conf.d/head'
|
|
cloud-init-per instance resolv_conf_nameserver /bin/sh -c 'echo nameserver {{ common.master_ip|replace('"','') }} | tee -a /etc/resolv.conf'
|
|
cloud-init-per instance resolv_conf_head_nameserver /bin/sh -c 'echo nameserver {{ common.master_ip|replace('"','') }} | tee -a /etc/resolvconf/resolv.conf.d/head'
|
|
|
|
# configure black module lists
|
|
# virt-what should be installed
|
|
if [ ! -f /etc/modprobe.d/blacklist-i2c_piix4.conf ]; then
|
|
( (virt-what | fgrep -q "virtualbox") && echo "blacklist i2c_piix4" >> /etc/modprobe.d/blacklist-i2c_piix4.conf || :) && update-initramfs -u -k all
|
|
modprobe -r i2c_piix4
|
|
fi
|
|
|
|
cloud-init-per instance conntrack_ipv4 /bin/sh -c 'echo nf_conntrack_ipv4 | tee -a /etc/modules'
|
|
cloud-init-per instance conntrack_ipv6 /bin/sh -c 'echo nf_conntrack_ipv6 | tee -a /etc/modules'
|
|
cloud-init-per instance conntrack_proto_gre /bin/sh -c 'echo nf_conntrack_proto_gre | tee -a /etc/modules'
|
|
cloud-init-per instance conntrack_max /bin/sh -c 'echo "net.nf_conntrack_max=1048576" | tee -a /etc/sysctl.conf'
|
|
cloud-init-per instance kernel_panic /bin/sh -c 'echo "kernel.panic=60" | tee -a /etc/sysctl.conf'
|
|
|
|
cloud-init-per instance conntrack_ipv4_load modprobe nf_conntrack_ipv4
|
|
cloud-init-per instance conntrack_ipv6_load modprobe nf_conntrack_ipv6
|
|
cloud-init-per instance conntrack_proto_gre_load modprobe nf_conntrack_proto_gre
|
|
cloud-init-per instance conntrack_max_set sysctl -w "net.nf_conntrack_max=1048576"
|
|
cloud-init-per instance kernel_panic_set sysctl -w "kernel.panic=60"
|
|
|
|
cloud-init-per instance dhclient /bin/sh -c 'echo "supersede routers 0;" | tee /etc/dhcp/dhclient.conf'
|
|
|
|
# ntp sync
|
|
# '| tee /dev/null' is needed for returning zero execution code always
|
|
cloud-init-per instance stop_ntp /bin/sh -c 'service ntp stop | tee /dev/null'
|
|
cloud-init-per instance sync_date ntpdate -t 4 -b {{ common.master_ip }}
|
|
cloud-init-per instance sync_hwclock hwclock --systohc
|
|
|
|
cloud-init-per instance edit_ntp_conf1 sed -i '/^\s*tinker panic/ d' /etc/ntp.conf
|
|
cloud-init-per instance edit_ntp_conf2 sed -i '1 i tinker panic 0' /etc/ntp.conf
|
|
cloud-init-per instance edit_ntp_conf_mkdir mkdir -p /var/lib/ntp
|
|
cloud-init-per instance edit_ntp_conf_chown_dir chown ntp: /var/lib/ntp
|
|
cloud-init-per instance edit_ntp_conf3 /bin/sh -c 'echo 0 | tee /var/lib/ntp/ntp.drift'
|
|
cloud-init-per instance edit_ntp_conf_chown_drift chown ntp: /var/lib/ntp/ntp.drift
|
|
cloud-init-per instance edit_ntp_conf4 sed -i '/^\s*server/ d' /etc/ntp.conf
|
|
cloud-init-per instance edit_ntp_conf5 /bin/sh -c 'echo "server {{ common.master_ip }} burst iburst" | tee -a /etc/ntp.conf'
|
|
cloud-init-per instance start_ntp service ntp start
|
|
|
|
cloud-init-per instance removeUseDNS sed -i --follow-symlinks -e '/UseDNS/d' /etc/ssh/sshd_config
|
|
add_str_to_file_if_not_exists /etc/ssh/sshd_config 'UseDNS' 'UseDNS no'
|
|
|
|
cloud-init-per instance gssapi_disable sed -i -e "/^\s*GSSAPICleanupCredentials yes/d" -e "/^\s*GSSAPIAuthentication yes/d" /etc/ssh/sshd_config
|
|
|
|
cloud-init-per instance nailgun_agent_0 /bin/sh -c 'echo "#!/bin/sh" | tee /etc/rc.local'
|
|
cloud-init-per instance nailgun_agent_1 /bin/sh -c 'echo "rm -f /etc/nailgun-agent/nodiscover" | tee -a /etc/rc.local'
|
|
cloud-init-per instance nailgun_agent_2 /bin/sh -c 'echo "flock -w 0 -o /var/lock/agent.lock -c \"/usr/bin/nailgun-agent >> /var/log/nailgun-agent.log 2>&1\"" | tee -a /etc/rc.local'
|
|
|
|
# Copying default bash settings to the root directory
|
|
cloud-init-per instance skel_bash cp -f /etc/skel/.bash* /root/
|
|
|
|
cloud-init-per instance hiera_puppet mkdir -p /etc/puppet /var/lib/hiera
|
|
cloud-init-per instance touch_puppet touch /var/lib/hiera/common.yaml /etc/puppet/hiera.yaml /var/log/puppet.log
|
|
cloud-init-per instance chmod_puppet chmod 600 /var/log/puppet.log
|
|
|
|
cloud-init-per instance upstart_console /bin/sh -c 'for i in $(seq 0 1); do
|
|
cat >/etc/init/ttyS${i}.conf <<-EOF
|
|
# ttyS${i} - getty
|
|
|
|
start on stopped rc RUNLEVEL=[12345]
|
|
stop on runlevel [!12345]
|
|
|
|
respawn
|
|
|
|
pre-start script
|
|
# exit if console not present on ttyS${i}
|
|
cat /proc/cmdline | grep -q "console=ttyS${i}"
|
|
end script
|
|
|
|
script
|
|
# get console speed if provded with "console=ttySx,38400"
|
|
SPEED=\$(cat /proc/cmdline | sed -e"s/^.*console=ttyS${i}[,]*\([^ ]*\)[ ]*.*\$/\1/g")
|
|
# or use 9600 console speed as default
|
|
exec /sbin/getty -L \${SPEED:-9600} ttyS${i}
|
|
end script
|
|
EOF
|
|
done
|
|
'
|