diff --git a/controllerconfig/controllerconfig/scripts/controller_config b/controllerconfig/controllerconfig/scripts/controller_config index 7226b35c49..7d03a04905 100755 --- a/controllerconfig/controllerconfig/scripts/controller_config +++ b/controllerconfig/controllerconfig/scripts/controller_config @@ -28,6 +28,8 @@ CONFIG_DIR=$CONFIG_PATH VOLATILE_CONFIG_PASS="/var/run/.config_pass" VOLATILE_CONFIG_FAIL="/var/run/.config_fail" COMPLETED="/etc/platform/.initial_config_complete" +FIRST_BOOT="/etc/platform/.first_boot" +FIRST_CONTROLLER="/etc/platform/.first_controller" INITIAL_MANIFEST_APPLY_FAILED="/etc/platform/.initial_manifest_apply_failed" DELAY_SEC=70 CONTROLLER_UPGRADE_STARTED_FILE="$(basename ${CONTROLLER_UPGRADE_STARTED_FLAG})" @@ -36,6 +38,8 @@ PUPPET_CACHE=/etc/puppet/cache PUPPET_CACHE_TMP=/etc/puppet/cache.tmp ACTIVE_CONTROLLER_NOT_FOUND_FLAG="/var/run/.active_controller_not_found" CERT_DIR=/etc/pki/ca-trust/source/anchors +IPSEC_ENABLING_RETRIES=3 +IPSEC_ENABLING_DELAY=5 OS_ID=$(grep '^ID=' /etc/os-release | cut -f2- -d= | sed -e 's/\"//g') if [ "$OS_ID" == "debian" ] @@ -96,6 +100,24 @@ EOF exit 1 } +warning_error() +{ + cat < /dev/null + if [ $? -eq 0 ] + then + ipsec_enable_failed=0 + break + fi + logger -t $0 -p warn "Enabling IPsec failed (${retry}), retry in ${IPSEC_ENABLING_DELAY} seconds ..." + sleep ${IPSEC_ENABLING_DELAY} + done + # Fail if retried maximum times + if [ ${ipsec_enable_failed} -ne 0 ] + then + warning_error "WARNING: Failed to config and enable IPsec for the node" + fi + fi + # If hostname is undefined or localhost, something is wrong HOST=$(hostname) if [ -z "$HOST" -o "$HOST" = "localhost" ] diff --git a/storageconfig/storageconfig/storage_config b/storageconfig/storageconfig/storage_config index 12a02bc5de..f4ab9bb2f0 100644 --- a/storageconfig/storageconfig/storage_config +++ b/storageconfig/storageconfig/storage_config @@ -27,6 +27,7 @@ VOLATILE_CONFIG_PASS="/var/run/.config_pass" VOLATILE_CONFIG_FAIL="/var/run/.config_fail" DELAY_SEC=600 IMA_POLICY=/etc/ima.policy +FIRST_BOOT="/etc/platform/.first_boot" fatal_error() { @@ -44,6 +45,24 @@ EOF exit 1 } +warning_error() +{ + cat < /dev/null + if [ $? -eq 0 ] + then + ipsec_enable_failed=0 + break + fi + logger -t $0 -p warn "Enabling IPsec failed (${retry}), retry in ${IPSEC_ENABLING_DELAY} seconds ..." + sleep ${IPSEC_ENABLING_DELAY} + done + # Fail if retried maximum times + if [ ${ipsec_enable_failed} -ne 0 ] + then + warning_error "WARNING: Failed to config and enable IPsec for the node" + fi + fi + HOST=$(hostname) if [ -z "$HOST" -o "$HOST" = "localhost" ] then diff --git a/workerconfig/workerconfig/worker_config b/workerconfig/workerconfig/worker_config index b05feba9d7..64e8f83153 100644 --- a/workerconfig/workerconfig/worker_config +++ b/workerconfig/workerconfig/worker_config @@ -27,6 +27,7 @@ VOLATILE_CONFIG_PASS="/var/run/.config_pass" VOLATILE_CONFIG_FAIL="/var/run/.config_fail" LOGFILE="/var/log/worker_config.log" IMA_POLICY=/etc/ima.policy +FIRST_BOOT="/etc/platform/.first_boot" # Copy of /opt/platform required for worker_services VOLATILE_PLATFORM_PATH=$VOLATILE_PATH/cpe_upgrade_opt_platform @@ -55,6 +56,24 @@ EOF exit 1 } +warning_error() +{ + cat < /dev/null + if [ $? -eq 0 ] + then + ipsec_enable_failed=0 + break + fi + logger -t $0 -p warn "Enabling IPsec failed (${retry}), retry in ${IPSEC_ENABLING_DELAY} seconds ..." + sleep ${IPSEC_ENABLING_DELAY} + done + # Fail if retried maximum times + if [ ${ipsec_enable_failed} -ne 0 ] + then + warning_error "WARNING: Failed to config and enable IPsec for the node" + fi + fi + HOST=$(hostname) if [ -z "$HOST" -o "$HOST" = "localhost" ] then