Adding temporary debian integration scripts

In order to bootstrap and unlock on debian, there are
several workarounds required while the code is being modified
to properly support both Centos and Debian.

This is considered a temporary folder because eventually all
the workarounds should end up being resolved and removed
from the scripts.

Updated tox to exclude the two scripts from bashate

Story: 2009101
Task: 44827
Co-Authored-By: Dan Voiculeasa <dan.voiculeasa@windriver.com>
Signed-off-by: Al Bailey <al.bailey@windriver.com>
Change-Id: I0cca8e564c1f30333ef7d060ea7f8a6089187d1a
This commit is contained in:
Al Bailey 2022-03-21 15:12:27 +00:00 committed by Dan Voiculeasa
parent c5ccb52f4e
commit 4c250dd96c
16 changed files with 1778 additions and 0 deletions

View File

@ -1,5 +1,6 @@
ceph/ceph-manager ceph/ceph-manager
ceph/python-cephclient ceph/python-cephclient
tools/debian-integration
tools/collector tools/collector
tools/engtools/hostdata-collectors tools/engtools/hostdata-collectors
utilities/build-info utilities/build-info

View File

@ -0,0 +1,5 @@
debian-integration (1.0-1) unstable; urgency=medium
* Initial release.
-- Al Bailey <Al.Bailey@windriver.com> Mon, 21 Mar 2022 14:54:39 +0000

View File

@ -0,0 +1,13 @@
Source: debian-integration
Section: admin
Priority: optional
Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
Build-Depends: debhelper-compat (= 13)
Standards-Version: 4.4.1
Homepage: https://www.starlingx.io
Package: debian-integration
Architecture: all
Depends: ${misc:Depends}
Description: StarlingX Debian integration helper files.
Installs temporary StarlingX's Debian integration files

View File

@ -0,0 +1,27 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: debian-integration
Source: https://opendev.org/starlingx/config-files/
Files: *
Copyright: (c) 2013-2022 Wind River Systems, Inc
License: Apache-2
Files: debian/*
Copyright: 2022 Wind River Systems, Inc
License: Apache-2
License: Apache-2
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
.
https://www.apache.org/licenses/LICENSE-2.0
.
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
.
On Debian-based systems the full text of the Apache version 2.0 license
can be found in `/usr/share/common-licenses/Apache-2.0'.

View File

@ -0,0 +1 @@
usr/share/debian-integration

View File

@ -0,0 +1,7 @@
after_bootstrap_workarounds.sh usr/share/debian-integration
before_bootstrap_workarounds.sh usr/share/debian-integration
helm.py.patched usr/share/debian-integration
interfaces.vm.example usr/share/debian-integration
README.md usr/share/debian-integration
worker_reserved.conf usr/share/debian-integration

View File

@ -0,0 +1,5 @@
#!/usr/bin/make -f
#export DH_VERBOSE = 1
%:
dh $@

View File

@ -0,0 +1 @@
3.0 (quilt)

View File

@ -0,0 +1,7 @@
---
debname: debian-integration
debver: 1.0-1
src_path: source-debian
revision:
dist: $STX_DIST
PKG_GITREVCOUNT: true

View File

@ -0,0 +1,19 @@
VM steps:
- boot iso
- copy workarounds to /home/sysadmin
- generate /home/sysadmin/localhost.yml (with dns_servers entry)
- run before_bootstrap_workarounds.sh
- run bootstrap
- generate /home/sysadmin/interfaces file
- run after_bootstrap_workarounds.sh
- unlock
HW steps:
- boot iso
- copy workarounds to /home/sysadmin
- generate /home/sysadmin/localhost.yml (with dns_servers entry)
- run before_bootstrap_workarounds.sh
- run bootstrap
- generate /home/sysadmin/interfaces file
- run after_bootstrap_workarounds.sh
- unlock

View File

@ -0,0 +1,228 @@
# UBR 1: disable drubby commands
bifile='/home/sysadmin/.ubr1'
if [ ! -f ${bifile} ]; then
sed -i '3,31d' /usr/share/puppet/modules/platform/manifests/grub.pp
sed -i '70,85d' /usr/share/puppet/modules/platform/manifests/compute.pp
touch ${bifile}
fi
# UBR 2: don't start collectd
bifile='/home/sysadmin/.ubr2'
if [ ! -f ${bifile} ]; then
sed -i '53,56d' /usr/share/puppet/modules/platform/manifests/collectd.pp
touch ${bifile}
fi
# UAR 5: disable
A=$( grep -Rn 'Mask socket unit as well to make sure' /usr/share/puppet/modules/platform/manifests/lvm.pp | awk -F':' '{print $1}')
if [[ ! -z "$A" ]]; then
B=$((A + 20))
sed -i ${A}','${B}'d ' /usr/share/puppet/modules/platform/manifests/lvm.pp
fi
# UAR 8: nslcd
sed -i 's@gid ldap@gid openldap@g' /etc/nslcd.conf
# UAR 9: disable
find /etc/puppet/manifests -type f -exec \
sed -i 's@include ::platform::ntp@#include ::platform::ntp@g' {} +
# UAR 10: disable
find /etc/puppet/manifests -type f -exec \
sed -i 's@include ::platform::ptp@#include ::platform::ptp@g' {} +
#find /etc/puppet/manifests -type f -exec \
# sed -i 's@include ::platform::ptpinstance@#include ::platform::ptpinstance@g' {} +
# UAR 11: disable
find /etc/puppet/manifests -type f -exec \
sed -i 's@include ::platform::patching@#include ::platform::patching@g' {} +
#find /etc/puppet/manifests -type f -exec \
# sed -i 's@include ::platform::patching::api@#include ::platform::patching::api@g' {} +
# UAR 12: disable
find /etc/puppet/manifests -type f -exec \
sed -i 's@include ::platform::multipath@#include ::platform::multipath@g' {} +
# UAR 13: disable
find /usr/share/puppet/modules/platform -type f -exec \
sed -i 's@require ::platform::compute::machine@#require ::platform::compute::machine@g' {} +
# UAR 14: disable
find /usr/share/puppet/modules/platform -type f -exec \
sed -i 's@require ::platform::compute::kvm_timer_advance@#require ::platform::compute::kvm_timer_advance@g' {} +
# UAR 16: fix in updated BI 34
# UAR 17: k8s mounts
bifile='/home/sysadmin/.uar17'
if [ ! -f ${bifile} ]; then
A=$(grep -Rn "class platform::kubernetes::bindmounts" /usr/share/puppet/modules/platform/manifests/kubernetes.pp | tail -n 1 | awk -F':' '{print $1}')
B=$((A + 14))
sed -i ${B}'s@mount@-> mount@g' /usr/share/puppet/modules/platform/manifests/kubernetes.pp
B=$((A + 23))
sed -i ${B}'s@mount@-> mount@g' /usr/share/puppet/modules/platform/manifests/kubernetes.pp
B=$((A + 22))
sed -i ${B}'d' /usr/share/puppet/modules/platform/manifests/kubernetes.pp
B=$((A + 13))
sed -i ${B}' a \ \ exec { "stop k8s-pod-recovery":\
\ \ \ \ \ \ command => "systemctl stop k8s-pod-recovery"\
\ \ }' /usr/share/puppet/modules/platform/manifests/kubernetes.pp
B=$((A + 31))
# sed -i ${B}' a \ \ -> exec { "start k8s-pod-recovery":\
#\ \ \ \ \ \ command => "systemctl start k8s-pod-recovery"\
#\ \ }' /usr/share/puppet/modules/platform/manifests/kubernetes.pp
touch ${bifile}
fi
# TODO update
# UAR 18: backup-lv already mounted
sed -i '113 a \ \ \ \ -> exec { "workaround: umount ${device}":\
\ \ \ \ \ \ command => "umount ${mountpoint}; sleep 2",\
\ \ \ \ \ \ path => "/usr/bin"\
\ \ \ \ }' /usr/share/puppet/modules/platform/manifests/filesystem.pp
# UAR 20: lvm.conf issue
sed -i "s@match => '\^\[ ]\*global_filter =',@match => '\^\[ \\\t]\*#? ?global_filter =',@g" /usr/share/puppet/modules/platform/manifests/worker.pp
sed -i "s@match => '\^\[ ]\*global_filter =',@match => '\^\[ \\\t]\*#? ?global_filter =',@g" /usr/share/puppet/modules/platform/manifests/lvm.pp
# UAR 21:
bifile='/home/sysadmin/.uar21'
if [ ! -f ${bifile} ]; then
sed -i "s@random: '--random',@random: '--random-fully',@g" /usr/share/puppet/modules.available/puppetlabs-firewall/lib/puppet/provider/firewall/iptables.rb
touch ${bifile}
fi
# UAR 24:
sed -i 's@ \$ha_primary.*= false,@ \$ha_primary = true,@g' /usr/share/puppet/modules/drbd/manifests/resource.pp
sed -i 's@ \$ha_primary.*= false,@ \$ha_primary = true,@g' /usr/share/puppet/modules/platform/manifests/drbd.pp
sed -i 's@ \$automount.*= false,@ \$automount = true,@g' /usr/share/puppet/modules/platform/manifests/drbd.pp
sed -i 's@^RequiresMountsFor@#RequiresMountsFor@g' /lib/systemd/system/postgresql@.service
systemctl daemon-reload
# UAR 25:
sed -i 's@/etc/sysconfig/kubelet@/etc/default/kubelet@g' /usr/share/puppet/modules/platform/manifests/kubernetes.pp
# UAR 26: not a fix
bifile='/home/sysadmin/.uar26'
if [ ! -f ${bifile} ]; then
A=$(grep -Rn "Create \\$" /usr/share/puppet/modules/platform/manifests/kubernetes.pp | head -1 | awk -F':' '{print $1}')
A=$((A + 1))
B=$((A + 39))
sed -i ${A}','${B}'d ' /usr/share/puppet/modules/platform/manifests/kubernetes.pp
touch ${bifile}
fi
# UAR 28: not a fix
sed -i "s@command => 'reboot',@command => 'ls'@g" /usr/share/puppet/modules/platform/manifests/compute.pp
# UAR 29: moved the workaround to bootstrap issues section
# UAR 30: sm lighttpd
sed -i 's@ /www/tmp@ /var/www/tmp@g' /etc/init.d/lighttpd
mkdir -p /var/www/dev
touch /var/www/dev/null
chmod +777 /var/www/dev/null
# UAR 31: sm etcd
sed -i 's@/etc/etcd/etcd.conf@/etc/default/etcd@g' /usr/share/puppet/modules/platform/files/etcd
# UAR 32: sm rabbit
bifile='/home/sysadmin/.uar32'
if [ ! -f ${bifile} ]; then
sed -i 's@2)@2|69)@g' /usr/lib/ocf/resource.d/rabbitmq/stx.rabbitmq-server
A=$(grep -Rn "\$RABBITMQ_CTL stop \$RABBITMQ_PID_FILE" /usr/lib/ocf/resource.d/rabbitmq/stx.rabbitmq-server | head -1 | awk -F':' '{print $1}')
A=$((A - 1))
sed -i ${A}' a \ \ \ \ touch $RABBITMQ_PID_FILE' /usr/lib/ocf/resource.d/rabbitmq/stx.rabbitmq-server
touch ${bifile}
fi
# UAR 33:
bifile='/home/sysadmin/.uar33'
if [ ! -f ${bifile} ]; then
sed -i '26d' /usr/share/puppet/modules/rabbitmq/templates/rabbitmq.config.erb
sed -i '22d' /usr/share/puppet/modules/rabbitmq/templates/rabbitmq.config.erb
sed -i '11d' /usr/share/puppet/modules/rabbitmq/templates/rabbitmq.config.erb
sed -i '10 a \ \ \ \ {loopback_users, []},' /usr/share/puppet/modules/rabbitmq/templates/rabbitmq.config.erb
touch ${bifile}
fi
# UAR 35.a: goenabled check sysinv
chmod 755 /etc/goenabled.d/sysinv_goenabled_check.sh
# UAR 35.b: goenabled check worker
sed -i '1 a touch /var/run/worker_goenabled' /etc/goenabled.d/worker-goenabled.sh
# UAR 35.c: sm stuck waiting for goenabled_subf
systemctl enable config
# UAR bonus 35:
sed -i 's@|/usr/bin/python2)@|/usr/bin/python2|/usr/bin/python3)@g' /usr/lib/ocf/resource.d/platform/sysinv-api
sed -i 's@|/usr/bin/python2)@|/usr/bin/python2|/usr/bin/python3)@g' /usr/lib/ocf/resource.d/platform/sysinv-conductor
sed -i 's@|/usr/bin/python2)@|/usr/bin/python2|/usr/bin/python3)@g' /usr/lib/ocf/resource.d/platform/cert-mon
sed -i 's@|/usr/bin/python2)@|/usr/bin/python2|/usr/bin/python3)@g' /usr/lib/ocf/resource.d/platform/cert-alarm
# UAR 37: sm docker-distribution
sed -i 's@docker-distribution.service@docker-registry.service@g' /usr/share/puppet/modules/platform/files/docker-distribution
# UAR 43: haproxy
A=$(grep -Rn "reqadd" /usr/share/puppet/modules/platform/manifests/haproxy.pp | awk -F':' '{print $1}')
B=$((A + 0))
sed -i ${A}','${B}'d ' /usr/share/puppet/modules/platform/manifests/haproxy.pp
# UAR 46:
sed -i 's@status \$@status_of_proc \$@g' /etc/init.d/fminit
sed -i 's@status \$@status_of_proc \$@g' /etc/init.d/openldap
systemctl daemon-reload
# UAR 50.a ceph
bifile='/home/sysadmin/.uar_ceph_1'
if [ ! -f ${bifile} ]; then
sed -i 's@LIBDIR=/usr/lib64/ceph@LIBDIR=/usr/lib/ceph@g' /etc/init.d/ceph-init-wrapper
sed -i 's@LIBDIR=/usr/lib64/ceph@LIBDIR=/usr/lib/ceph@g' /etc/init.d/ceph
systemctl disable radosgw # do we need this ?
chown -R root:root /var/lib/ceph/
deluser ceph
touch ${bifile}
fi
# UAR 50.b platform-integ-apps apply
bifile='/home/sysadmin/.uar_50b'
if [ ! -f ${bifile} ]; then
# nfv kubernetes
sed -i 's@c = kubernetes.client.Configuration()$@c = kubernetes.client.Configuration().get_default_copy()@g' /usr/lib/python3/dist-packages/nfv_plugins/nfvi_plugins/clients/kubernetes_client.py
# Disable patching audit
A=$(grep -Rn "def _check_patching_operation" /usr/lib/python3/dist-packages/sysinv/api/controllers/v1/kube_app.py | tail -n 1 | awk -F':' '{print $1}')
if [[ ! -z "$A" ]]; then
sed -i ${A}' a \ \ \ \ \ \ \ \ return None' /usr/lib/python3/dist-packages/sysinv/api/controllers/v1/kube_app.py
fi
systemctl restart sysinv-conductor
touch ${bifile}
fi
# UAR 52.a
cp /usr/bin/guest* /usr/local/bin/
# UAR 52.b
mv /etc/pmon.d/pci-irq-affinity-agent.conf /home/sysadmin/
systemctl disable pci-irq-affinity-agent
# TODO WORKAROUND NETWOKING, UAR 2,6,36
bifile='/home/sysadmin/.uar2'
if [ ! -f ${bifile} ]; then
A=$(grep -Rn "gateway = get_interface_gateway_address(context, networktype)" /usr/lib/python3/dist-packages/sysinv/puppet/interface.py | tail -n 1 | awk -F':' '{print $1}')
if [[ ! -z "$A" ]]; then
A=$((A - 1))
B=$((A + 6))
sed -i ${A}','${B}'d ' /usr/lib/python3/dist-packages/sysinv/puppet/interface.py
fi
touch ${bifile}
systemctl restart sysinv-conductor
fi
cp /usr/local/bin/apply_network_config.sh /root
echo 'exit 0' > /usr/local/bin/apply_network_config.sh
cp /home/sysadmin/interfaces /etc/network/interfaces
sed -i "s@create_resources('network_config'@#create_resources('network_config'@g" /usr/share/puppet/modules/platform/manifests/network.pp

View File

@ -0,0 +1,260 @@
# syntactic sugar
echo 'set mouse-=a' > ~/.vimrc
#############################
# WORKAROUNDS PRE-BOOTSTRAP #
#############################
# May want to sudo source this
# WARNING: Everything here was run under root user.
# NOTE: some of the issues may be hidden by this remount, ideally it should be reverted after each command. Don't expect many such issues so leave it as it is for now.
# mount -o remount,rw /usr
# mount -o remount,rw /
ostree admin unlock --hotfix
# before bootstrap issue 7
hostnamectl set-hostname localhost
# sudo instant response and download stuff
# Workaround BI 40: need to generate the correct dns with access to private docker registry
cat > /home/sysadmin/correct_dns.py <<EOF
#!/usr/bin/env python
import yaml
with open("/etc/resolv.conf", "w") as f:
with open("/home/sysadmin/localhost.yml", "r") as stream:
try:
data = yaml.safe_load(stream)
for dns in data['dns_servers']:
f.write('nameserver ' + dns)
f.write('\n')
except yaml.YAMLError as exc:
print(exc)
EOF
sudo python /home/sysadmin/correct_dns.py
# BI 17:
bifile='/home/sysadmin/.bi17'
if [ ! -f ${bifile} ]; then
# 1
sed -i '82,86d' /usr/share/puppet/modules/sysinv/manifests/init.pp
sed -i '81 a \ \ ensure_packages(["sysinv"], {\
\ \ \ \ ensure => \$package_ensure,\
\ \ \ \ name => \$::sysinv::params::package_name,\
\ \ \ \ require => Anchor["sysinv-start"],\
\ \ })' /usr/share/puppet/modules/sysinv/manifests/init.pp
# 2
sed -i '193,196d' /usr/share/puppet/modules/sysinv/manifests/api.pp
sed -i '192 a \ \ \ \ ensure_packages(["sysinv"], {\
\ \ \ \ \ \ ensure => \$package_ensure,\
\ \ \ \ \ \ name => \$::sysinv::params::api_package,\
\ \ \ \ })' /usr/share/puppet/modules/sysinv/manifests/api.pp
# 3
sed -i '37,40d' /usr/share/puppet/modules/sysinv/manifests/conductor.pp
sed -i '36 a \ \ \ \ ensure_packages(["sysinv-conductor"], {\
\ \ \ \ \ \ ensure => \$package_ensure,\
\ \ \ \ \ \ name => \$::sysinv::params::conductor_package,\
\ \ \ \ })' /usr/share/puppet/modules/sysinv/manifests/conductor.pp
# 4
sed -i '44,47d' /usr/share/puppet/modules/sysinv/manifests/agent.pp
sed -i '43 a \ \ \ \ ensure_packages(["sysinv-agent"], {\
\ \ \ \ \ \ ensure => \$package_ensure,\
\ \ \ \ \ \ name => \$::sysinv::params::agent_package,\
\ \ \ \ })' /usr/share/puppet/modules/sysinv/manifests/agent.pp
# do we need 1, 2 , 3, 4 anymore?
sed -i "s@$api_package = 'sysinv'@$api_package = false@g" /usr/share/puppet/modules/sysinv/manifests/params.pp
sed -i "s@agent_package = 'sysinv'@agent_package = false@g" /usr/share/puppet/modules/sysinv/manifests/params.pp
sed -i "s@conductor_package = 'sysinv'@conductor_package = false@g" /usr/share/puppet/modules/sysinv/manifests/params.pp
touch ${bifile}
fi
# BI 20 e and n:
bifile='/home/sysadmin/.bi20e'
if [ ! -f ${bifile} ]; then
for f in /usr/lib/postgresql/13/bin/*
do
echo "Linked $f"
ln -s "$f" /usr/bin
done
touch ${bifile}
fi
# BI 20 i: only fix first puppet run, puppet is not re-entrant
sed -i 's@grep -Fxq \${mountpoint}@grep -Fxq -e /var/rootdirs\${mountpoint} -e \${mountpoint}@g' /usr/share/puppet/modules/platform/manifests/filesystem.pp
# BI 20 f:
sed -i "s@docker-ce@docker.io@g" /usr/share/puppet/modules/platform/manifests/docker.pp
sed -i "s@python-fmclient@python3-fmclient@g" /usr/share/puppet/modules/fm/manifests/params.pp
sed -i "s@python-psycopg2@python3-psycopg2@g" /usr/share/puppet/modules/postgresql/manifests/params.pp
# BI 20.o:
bifile='/home/sysadmin/.20o'
if [ ! -f ${bifile} ]; then
rm -rf /var/lib/postgresql/
mkdir -p /var/lib/postgresql/22.02
chown -R postgres:postgres /var/lib/postgresql
sudo -u postgres initdb -D /var/lib/postgresql/22.02
sed -i 's@/var/lib/postgresql/%I@/var/lib/postgresql/22.02@g' /lib/systemd/system/postgresql@.service
sed -i 's@/var/lib/postgresql/13/main@/var/lib/postgresql/22.02@g' /etc/postgresql/13/main/postgresql.conf
sed -i 's@ExecStart=-/usr/bin/pg_ctlcluster --skip-systemctl-redirect %i start@ExecStart=-/usr/bin/pg_ctlcluster --skip-systemctl-redirect %i start -- -D /var/lib/postgresql/22.02@g' /lib/systemd/system/postgresql@.service
systemctl daemon-reload
systemctl stop postgresql
sed -i '86 a \ \ Anchor["postgresql::server::service::end"] ->' /usr/share/puppet/modules/postgresql/manifests/server/role.pp
touch ${bifile}
fi
# BI 24:
bifile='/home/sysadmin/.24'
if [ ! -f ${bifile} ]; then
sed -i '27 a \ return' /usr/lib/python3/dist-packages/sysinv/db/sqlalchemy/migrate_repo/versions/110_remove_snmp.py
touch ${bifile}
fi
# BI 25: ignore puppet apply warnings until we fix them
sed -i 's@Warning|@MMAAAAAAAAAASKED|@g' /usr/local/bin/puppet-manifest-apply.sh
# BI 26: workaround missing pxe
mkdir -p /opt/platform/config/22.02/pxelinux.cfg
mkdir -p /var/pxeboot/pxelinux.cfg.files/
echo 0 > /var/pxeboot/pxelinux.cfg.files/pxe-storage-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/pxe-smallsystem_lowlatency-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/pxe-smallsystem-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/pxe-worker_lowlatency-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/default
echo 0 > /var/pxeboot/pxelinux.cfg.files/efi-pxe-storage-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/efi-pxe-worker-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/pxe-worker-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/efi-pxe-smallsystem_lowlatency-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/default.static
echo 0 > /var/pxeboot/pxelinux.cfg.files/pxe-controller-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/grub.cfg.static
echo 0 > /var/pxeboot/pxelinux.cfg.files/efi-pxe-smallsystem-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/efi-pxe-worker_lowlatency-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/efi-pxe-controller-install-22.02
echo 0 > /var/pxeboot/pxelinux.cfg.files/grub.cfg
# BI 27: workaround remove grubby commands
bifile='/home/sysadmin/.27'
if [ ! -f ${bifile} ]; then
A=$(grep -Rn "Get grub default kernel" /usr/share/ansible/stx-ansible/playbooks/roles/bootstrap/persist-config/tasks/one_time_config_tasks.yml | awk -F':' '{print $1}')
B=$((A + 8))
sed -i ${A}','${B}'d ' /usr/share/ansible/stx-ansible/playbooks/roles/bootstrap/persist-config/tasks/one_time_config_tasks.yml
touch ${bifile}
fi
# BI 30: this is based on fixes to generate SOURCES.txt
sed -i 's@if relative in distribution.files:@if distribution.files and relative in distribution.files:@g' /usr/lib/python3/dist-packages/sysinv/common/utils.py
# BI 34: partial populate_initial_config.py
bifile='/home/sysadmin/.34'
if [ ! -f ${bifile} ]; then
# workaround rootfs detection, hardcode /dev/sda
sed -i 's@device_path = out.rstrip()@device_path = out.split("\\n")[0].rstrip()@g' /usr/share/ansible/stx-ansible/playbooks/roles/bootstrap/persist-config/files/populate_initial_config.py
sed -i 's@"""Cloned from sysinv"""@return "/dev/sda"@g' /usr/share/ansible/stx-ansible/playbooks/roles/bootstrap/persist-config/files/populate_initial_config.py
# workaround pxe update, hardcoded based on SW Version
echo '#!/bin/bash' > /usr/sbin/pxeboot-update-22.02.sh
chmod +x /usr/sbin/pxeboot-update-22.02.sh
cat > /tmp/34_restart_sysinv <<EOF
- name: Restart sysinv
shell: |
systemctl stop sysinv-agent
sleep 3
systemctl start sysinv-agent
sleep 3
systemctl stop sysinv-conductor
sleep 10
systemctl start sysinv-conductor
sleep 10
EOF
sed -i '64 {
r /tmp/34_restart_sysinv
}' /usr/share/ansible/stx-ansible/playbooks/roles/bootstrap/persist-config/tasks/update_sysinv_database.yml
# .first_boot missing
touch /etc/platform/.first_boot
# workaround slow database interaction, use cached query
sed -i 's@def _find_local_mgmt_interface_vlan_id(self):@def _find_local_mgmt_interface_vlan_id(self, interface_list):@g' /usr/lib/python3/dist-packages/sysinv/conductor/manager.py
sed -i 's@interface_list = self.dbapi.iinterface_get_all(host_id, expunge=True)@@g' /usr/lib/python3/dist-packages/sysinv/conductor/manager.py
sed -i 's@vlan_id = self._find_local_mgmt_interface_vlan_id()@vlan_id = self._find_local_mgmt_interface_vlan_id(iinterfaces)@g' /usr/lib/python3/dist-packages/sysinv/conductor/manager.py
# missing /etc/platform/worker_reserved.conf
cp /usr/share/debian-integration/worker_reserved.conf /etc/platform/worker_reserved.conf
touch ${bifile}
fi
# BI 36: first puppet runtime apply
bifile='/home/sysadmin/.bi36'
if [ ! -f ${bifile} ]; then
# kdump service missing, disable kdump config
sed -i 's@include ::platform::config::kdump@@g' /usr/share/puppet/modules/platform/manifests/config.pp
touch ${bifile}
fi
# BI 37: barbican service
mkdir -p /var/log/barbican
chown -R barbican:barbican /var/log/barbican/
find /usr/share/ansible/stx-ansible/playbooks/ -type f -exec \
sed -i 's@name: openstack-barbican-api@name: barbican-api@g' {} +
# BI 40: workaround located at bootstrap section
# BI 41: etcd service override
sed -i 's@| /usr/bin/forward-journald -tag etcd@@g' /usr/share/puppet/modules/platform/files/etcd-override.conf
# BI 42: intermittent ansible_absent/linux_mv/python_keyring issue, may need to change to 'mkdir + cp /*'
sed -i '13 a \ \ - name: Wait for 30 seconds to ensure sysinv keyring call\
\ \ \ \ wait_for:\
\ \ \ \ \ \ timeout: 30\
' /usr/share/ansible/stx-ansible/playbooks/roles/bootstrap/persist-config/tasks/main.yml
sed -i 's@command: "mv {{ keyring_workdir }} {{ keyring_permdir }}"@shell: "rm -rf {{ keyring_permdir + '\'/\'' + keyring_workdir | basename }}; cp -r {{ keyring_workdir }} {{ keyring_permdir }}"@g' /usr/share/ansible/stx-ansible/playbooks/roles/bootstrap/persist-config/tasks/main.yml
# BI 45: kubelet for kubeadm init
sed -i 's@/etc/sysconfig/kubelet@/etc/default/kubelet@g' /usr/local/kubernetes/1.21.8/stage2/etc/systemd/system/kubelet.service.d/kubeadm.conf
sed -i 's@ cgroupRoot: "/k8s-infra"@ cgroupRoot: "/"@g' /usr/share/ansible/stx-ansible/playbooks/roles/bootstrap/prepare-env/vars/main.yml
echo " cgroupPerQOS: false" >> /usr/share/ansible/stx-ansible/playbooks/roles/bootstrap/prepare-env/vars/main.yml
systemctl daemon-reload
# BI 48: fm service
sed -i 's@/etc/rc.d/init.d/fm-api@/etc/init.d/fm-api@g' /lib/systemd/system/fm-api.service
sed -i 's@/etc/rc.d/init.d/fminit@/etc/init.d/fminit@g' /lib/systemd/system/fminit.service
cp /usr/bin/fm* /usr/local/bin/
chmod 644 /etc/fm/fm.conf
systemctl daemon-reload
# BI 49: maintenance services
cp -r /usr/bin/mtc* /usr/local/bin/
cp -r /usr/bin/hbs* /usr/local/bin/
cp -r /usr/bin/hwmond /usr/local/bin/
cp -r /usr/bin/lmond /usr/local/bin/
find /lib/systemd/system/ -type f | xargs -n 1 sed -i 's@/etc/rc.d/init.d/@/etc/init.d/@g'
systemctl daemon-reload
# BI 50: postgres configuration issue
sed -i 's@#listen_addresses = '\''localhost'\''@listen_addresses = '\''*'\''@g' /etc/postgresql/13/main/postgresql.conf
echo "host all all 0.0.0.0/0 md5" >> /etc/postgresql/13/main/pg_hba.conf
# BI 38.b: slow rpc calls.
echo "jit = off" >> /etc/postgresql/13/main/postgresql.conf
# BI 52: stevedore + python 3.9
cp /usr/share/debian-integration/helm.py.patched /usr/lib/python3/dist-packages/sysinv/helm/helm.py
# BI 53: intermittent armada not ready in 30 seconds
sed -i 's@async_timeout: 30@async_timeout: 120@g' /usr/share/ansible/stx-ansible/playbooks/roles/bootstrap/bringup-essential-services/tasks/main.yml
sed -i 's@async_retries: 10@async_retries: 40@g' /usr/share/ansible/stx-ansible/playbooks/roles/bootstrap/bringup-essential-services/tasks/main.yml
# BI 60:
sed -i 's@^ordering@#ordering@g' /etc/puppet/puppet.conf
# BI 58: LVM
sed -i "s/args = \[]/args = \['-y', '-Wy', '-Zy']/g" /usr/share/puppet/modules.available/puppet-lvm/lib/puppet/provider/logical_volume/lvm.rb
# BI 61:
systemctl stop docker-registry

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,39 @@
# HEADER: This file is being managed by puppet. Changes to
# HEADER: interfaces that are not being managed by puppet will persist;
# HEADER: however changes to interfaces that are being managed by puppet will
# HEADER: be overwritten. In addition, file order is NOT guaranteed.
# HEADER: Last generated at: 2022-02-15 12:23:56 +0000 by Andre Kantek
auto enp0s3 lo lo:1 lo:5
iface enp0s3 inet static
address 10.41.4.3
netmask 255.255.255.0
gateway 10.41.4.1
mtu 1500
pre-up sleep 20; /usr/sbin/sysctl -w net.ipv6.conf.enp0s3.autoconf=0 net.ipv6.conf.enp0s3.accept_ra=0 net.ipv6.conf.enp0s3.accept_redirects=0
iface lo inet static
address 192.168.204.2
netmask 255.255.255.0
mtu 1500
post-up /usr/local/bin/tc_setup.sh lo mgmt 10000 > /dev/null
pre-up sleep 20; /usr/sbin/sysctl -w net.ipv6.conf.lo.autoconf=0 net.ipv6.conf.lo.accept_ra=0 net.ipv6.conf.lo.accept_redirects=0
scope host
iface lo:1 inet static
address 192.168.204.2
netmask 255.255.255.0
mtu 1500
pre-up sleep 20; /usr/sbin/sysctl -w net.ipv6.conf.lo.autoconf=0 net.ipv6.conf.lo.accept_ra=0 net.ipv6.conf.lo.accept_redirects=0
scope host
iface lo:5 inet static
address 192.168.206.2
netmask 255.255.255.0
mtu 1500
pre-up sleep 20; /usr/sbin/sysctl -w net.ipv6.conf.lo.autoconf=0 net.ipv6.conf.lo.accept_ra=0 net.ipv6.conf.lo.accept_redirects=0
scope host

View File

@ -0,0 +1,55 @@
################################################################################
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
################################################################################
# WORKER Node configuration parameters for reserved memory and physical cores
# used by Base software and VSWITCH. These are resources that libvirt cannot use.
#
################################################################################
#
# List of logical CPU instances available in the system. This value is used
# for auditing purposes so that the current configuration can be checked for
# validity against the actual number of logical CPU instances in the system.
#
################################################################################
WORKER_CPU_LIST="0-7"
################################################################################
#
# List of Base software resources reserved per numa node. Each array element
# consists of a 3-tuple formatted as: <node>:<memory>:<cores>.
#
# Example: To reserve 1500MB and 1 core on NUMA node0, and 1500MB and 1 core
# on NUMA node1, the variable must be specified as follows.
# WORKER_BASE_MEMORY=("node0:1500MB:1" "node1:1500MB:1")
#
################################################################################
WORKER_BASE_RESERVED=("node0:14500MB:1" "node1:2000MB:0" "node2:2000MB:0" "node3:2000MB:0")
################################################################################
#
# List of HugeTLB memory descriptors to configure. Each array element
# consists of a 3-tuple descriptor formatted as: <node>:<pgsize>:<pgcount>.
# The NUMA node specified must exist and the HugeTLB pagesize must be a valid
# value such as 2048kB or 1048576kB.
#
# For example, to request 256 x 2MB HugeTLB pages on NUMA node0 and node1 the
# variable must be specified as follows.
# WORKER_VSWITCH_MEMORY=("node0:2048kB:256" "node1:2048kB:256")
#
################################################################################
WORKER_VSWITCH_MEMORY=("node0:1048576kB:1" "node1:1048576kB:1" "node2:1048576kB:1" "node3:1048576kB:1")
################################################################################
#
# List of VSWITCH physical cores reserved for VSWITCH applications.
#
# Example: To reserve 2 cores on NUMA node0, and 2 cores on NUMA node1, the
# variable must be specified as follows.
# WORKER_VSWITCH_CORES=("node0:2" "node1:2")
#
################################################################################
WORKER_VSWITCH_CORES=("node0:2" "node1:0" "node2:0" "node3:0")

View File

@ -36,6 +36,8 @@ commands =
-type f \ -type f \
-not -name \*~ \ -not -name \*~ \
-not -name \*.md \ -not -name \*.md \
-not -name before_bootstrap_workarounds.sh \
-not -name after_bootstrap_workarounds.sh \
-name \*.sh \ -name \*.sh \
-print0 | xargs -n 1 -0 bashate -v \ -print0 | xargs -n 1 -0 bashate -v \
-i E006,E010,E041,E042,E043,E044 \ -i E006,E010,E041,E042,E043,E044 \