From 197f9950cb2d9cc06fe6c181dbb2cb7ca257fe56 Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Mon, 8 Jun 2020 17:24:48 -0400
Subject: [PATCH] Add ESXi contents to OS deploy

---
 .../confluent_osdeploy.spec.tmpl              | 11 +++-
 .../esxi7/initramfs/bin/dcuiweasel            | 25 +++++++++
 .../initramfs/opt/confluent/bin/apiclient     | 55 +++++++++++++++++++
 .../esxi7/profiles/hypervisor/kickstart       |  5 ++
 .../profiles/hypervisor/scripts/makeksnet     | 36 ++++++++++++
 5 files changed, 130 insertions(+), 2 deletions(-)
 create mode 100644 confluent_osdeploy/esxi7/initramfs/bin/dcuiweasel
 create mode 100644 confluent_osdeploy/esxi7/initramfs/opt/confluent/bin/apiclient
 create mode 100644 confluent_osdeploy/esxi7/profiles/hypervisor/kickstart
 create mode 100644 confluent_osdeploy/esxi7/profiles/hypervisor/scripts/makeksnet

diff --git a/confluent_osdeploy/confluent_osdeploy.spec.tmpl b/confluent_osdeploy/confluent_osdeploy.spec.tmpl
index bfa482f2..3bcd4ffe 100644
--- a/confluent_osdeploy/confluent_osdeploy.spec.tmpl
+++ b/confluent_osdeploy/confluent_osdeploy.spec.tmpl
@@ -34,12 +34,19 @@ for os in el8 suse15 ubuntu20.04; do
     mv ../addons.cpio .
     cd ..
 done
+mkdir esix7out
+cd esxi7out
+cp -a .//opt .
+cp -a ../esx7/initramfs/* .
+tar zcvf ../addons.tgz .
+mv ../addons.tgz .
+cd ..
 
 %install
-for os in el8 suse15 ubuntu20.04; do
+for os in el8 suse15 ubuntu20.04 esxi7; do
     mkdir -p %{buildroot}/opt/confluent/lib/osdeploy/$os/initramfs
     mkdir -p %{buildroot}/opt/confluent/lib/osdeploy/$os/profiles
-    cp ${os}out/addons.cpio %{buildroot}/opt/confluent/lib/osdeploy/$os/initramfs
+    cp ${os}out/addons.* %{buildroot}/opt/confluent/lib/osdeploy/$os/initramfs
     cp -a $os/profiles/* %{buildroot}/opt/confluent/lib/osdeploy/$os/profiles
 done
 
diff --git a/confluent_osdeploy/esxi7/initramfs/bin/dcuiweasel b/confluent_osdeploy/esxi7/initramfs/bin/dcuiweasel
new file mode 100644
index 00000000..02e391d9
--- /dev/null
+++ b/confluent_osdeploy/esxi7/initramfs/bin/dcuiweasel
@@ -0,0 +1,25 @@
+# copernicus is hard coded, easier to script a fake sysfs
+uuid=$(vsish -e get /hardware/bios/dmiInfo|grep -A15 UUID|sed -e 's/.*://'|sed -e ':a;N;$!ba;s/\n//g' | sed -e 's/ *0x//g')
+uuid=${uuid:0:8}-${uuid:8:4}-${uuid:12:4}-${uuid:16:4}-${uuid:20:12}
+mkdir -p /sys/devices/virtual/dmi/id/
+echo $uuid > /sys/devices/virtual/dmi/id/product_uuid
+mkdir -p /etc/confluent
+localcli network firewall unload
+touch /etc/confluent/confluent.info
+while ! grep NODENAME /etc/confluent/confluent.info; do
+    /opt/confluent/bin/copernicus > /etc/confluent/confluent.info
+done
+node=$(grep NODENAME: /etc/confluent/confluent.info|head -n 1|awk '{print $2}')
+mgr=$(grep MANAGER: /etc/confluent/confluent.info|head -n 1|awk '{print $2}')
+/opt/confluent/bin/clortho $node $mgr > /etc/confluent/confluent.apikey
+/opt/confluent/bin/apiclient /confluent-api/self/deploycfg > /etc/confluent/confluent.deploycfg
+profile=$(grep ^profile: /etc/confluent/confluent.deploycfg | sed -e 's/^profile: //')
+/opt/confluent/bin/apiclient /confluent-public/os/$profile/kickstart > /etc/confluent/ks.cfg
+/opt/confluent/bin/apiclient /confluent-public/os/$profile/scripts/makeksnet > /tmp/makeksnet
+chmod +x /tmp/makeksnet
+/tmp/makeksnet > /tmp/ksnet
+rootpw=$(grep ^rootpassword: /etc/confluent/confluent.deploycfg|sed -e 's/^rootpassword: //')
+echo rootpw --iscrypted $rootpw > /tmp/rootpw
+export BOOT_OPTIONS=ks=/etc/confluent/ks.cfg
+exec /bin/install
+
diff --git a/confluent_osdeploy/esxi7/initramfs/opt/confluent/bin/apiclient b/confluent_osdeploy/esxi7/initramfs/opt/confluent/bin/apiclient
new file mode 100644
index 00000000..a390c0f6
--- /dev/null
+++ b/confluent_osdeploy/esxi7/initramfs/opt/confluent/bin/apiclient
@@ -0,0 +1,55 @@
+#!/usr/bin/python
+import http.client as client
+import socket
+import ssl
+import sys
+
+class HTTPSClient(client.HTTPConnection, object):
+    def __init__(self, port=443):
+        self.stdheaders = {}
+        info = open('/etc/confluent/confluent.info').read().split('\n')
+        for line in info:
+            if line.startswith('NODENAME:'):
+                node = line.split(' ')[1]
+                self.stdheaders['CONFLUENT_NODENAME'] = node
+            if line.startswith('MANAGER:'):
+                host = line.split(' ')[1]
+        self.stdheaders['CONFLUENT_APIKEY'] = open('/etc/confluent/confluent.apikey').read().strip()
+        client.HTTPConnection.__init__(self, host, port)
+        self.connect()
+
+    def set_header(self, key, val):
+        self.stdheaders[key] = val
+
+    def connect(self):
+        addrinf = socket.getaddrinfo(self.host, self.port)[0]
+        psock = socket.socket(addrinf[0])
+        psock.connect(addrinf[4])
+        ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
+        ctx.load_verify_locations('/etc/confluent/ca.pem')
+        host = self.host.split('%', 1)[0]
+        if '[' not in host and ':' in host:
+            self.stdheaders['Host'] = '[{0}]'.format(host)
+        else
+            self.stdheaders['Host'] = '{0}'.format(host)
+        ctx.verify_mode = ssl.CERT_REQUIRED
+        ctx.check_hostname = True
+        self.sock = ctx.wrap_socket(psock, server_hostname=host)
+
+    def grab_url(self, url, data=None):
+        if data:
+            method = 'POST'
+        else:
+            method = 'GET'
+        self.request(method, url, headers=self.stdheaders)
+        rsp = self.getresponse()
+        body = rsp.read()
+        if rsp.status >= 200 and rsp.status < 300:
+            return body
+        raise Exception(body)
+
+if __name__ == '__main__':
+    data = None
+    if len(sys.argv) == 3:
+        data = open(sys.argv[2]).read()
+    print(HTTPSClient().grab_url(sys.argv[1], data).decode())
diff --git a/confluent_osdeploy/esxi7/profiles/hypervisor/kickstart b/confluent_osdeploy/esxi7/profiles/hypervisor/kickstart
new file mode 100644
index 00000000..5c3c17f2
--- /dev/null
+++ b/confluent_osdeploy/esxi7/profiles/hypervisor/kickstart
@@ -0,0 +1,5 @@
+accepteula
+install --firstdisk
+%include /tmp/ksnet
+%include /tmp/rootuser
+reboot
diff --git a/confluent_osdeploy/esxi7/profiles/hypervisor/scripts/makeksnet b/confluent_osdeploy/esxi7/profiles/hypervisor/scripts/makeksnet
new file mode 100644
index 00000000..531db356
--- /dev/null
+++ b/confluent_osdeploy/esxi7/profiles/hypervisor/scripts/makeksnet
@@ -0,0 +1,36 @@
+#!/usr/bin/python
+
+nodename = None
+for inf in open('/etc/confluent/confluent.info', 'r').read().split('\n'):
+    if inf.startswith('NODENAME: '):
+        nodename = inf.replace('NODENAME: ', '')
+        break
+
+deploycfg = open('/etc/confluent/confluent.deploycfg', 'r').read().split('\n')
+cfg = {}
+nslist = False
+nameservers = []
+for line in deploycfg:
+    kv = line.split(': ')
+    if not kv[0]:
+        continue
+    if len(kv) == 2:
+        cfg[kv[0]] = kv[1]
+    if kv[0] == 'nameservers:':
+        nslist = True
+        continue
+    if nslist and kv[0].startswith('- '):
+        nameservers.append(kv[0].split(' ', 1)[1])
+    else:
+        nslist=False
+cfg['nameservers'] = ','.join(nameservers)
+
+netline = 'network --hostname={0} --bootproto={1}'.format(nodename, cfg['ipv4_method'])
+if cfg['ipv4_method'] == 'static':
+    netline += ' --ip={0} --netmask={1}'.format(cfg['ipv4_address'], cfg['ipv4_netmask'])
+    if cfg.get('ipv4_gateway', 'null') not in (None, '', 'null'):
+        netline += ' --gateway={0}'.format(cfg['ipv4_gateway'])
+    if cfg['nameservers']:
+        netline += ' --nameserver={0}'.format(cfg['nameservers'])
+print(netline)
+