From bc624d9360c06508abeff9f796e0a36224e2dde1 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 12 Jul 2024 15:15:56 -0400 Subject: [PATCH 01/22] Fix Ubuntu 24.04 network bring up Ubuntu 24.04 does not check conf files in /run before assuming dhcp anymore. Influence its logic to skip dhcp if we have static for it --- .../ubuntu22.04/initramfs/scripts/casper-bottom/99confluent | 2 ++ 1 file changed, 2 insertions(+) diff --git a/confluent_osdeploy/ubuntu22.04/initramfs/scripts/casper-bottom/99confluent b/confluent_osdeploy/ubuntu22.04/initramfs/scripts/casper-bottom/99confluent index e066714e..d629cf32 100755 --- a/confluent_osdeploy/ubuntu22.04/initramfs/scripts/casper-bottom/99confluent +++ b/confluent_osdeploy/ubuntu22.04/initramfs/scripts/casper-bottom/99confluent @@ -26,12 +26,14 @@ if [ -e /tmp/cnflnthmackeytmp ]; then chroot . curl -f -H "CONFLUENT_NODENAME: $NODENAME" -H "CONFLUENT_CRYPTHMAC: $(cat /root/$hmacfile)" -d @/tmp/cnflntcryptfile https://$MGR/confluent-api/self/registerapikey cp /root/$passfile /root/custom-installation/confluent/confluent.apikey DEVICE=$(cat /tmp/autodetectnic) + IP=done else chroot . custom-installation/confluent/bin/clortho $NODENAME $MGR > /root/custom-installation/confluent/confluent.apikey MGR=[$MGR] nic=$(grep ^MANAGER /custom-installation/confluent/confluent.info|grep fe80::|sed -e s/.*%//|head -n 1) nic=$(ip link |grep ^$nic:|awk '{print $2}') DEVICE=${nic%:} + IP=done fi if [ -z "$MGTIFACE" ]; then chroot . usr/bin/curl -f -H "CONFLUENT_NODENAME: $NODENAME" -H "CONFLUENT_APIKEY: $(cat /root//custom-installation/confluent/confluent.apikey)" https://${MGR}/confluent-api/self/deploycfg > $deploycfg From 8c193fe33f29831b3625b217fb0fe55f386f61da Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 12 Jul 2024 15:30:47 -0400 Subject: [PATCH 02/22] Fix issues with firstboot on Ubuntu 22+ --- .../ubuntu22.04/profiles/default/scripts/firstboot.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/confluent_osdeploy/ubuntu22.04/profiles/default/scripts/firstboot.sh b/confluent_osdeploy/ubuntu22.04/profiles/default/scripts/firstboot.sh index c0ba44ab..996bfffe 100755 --- a/confluent_osdeploy/ubuntu22.04/profiles/default/scripts/firstboot.sh +++ b/confluent_osdeploy/ubuntu22.04/profiles/default/scripts/firstboot.sh @@ -3,11 +3,11 @@ echo "Confluent first boot is running" HOME=$(getent passwd $(whoami)|cut -d: -f 6) export HOME ( -exec >> /target/var/log/confluent/confluent-firstboot.log -exec 2>> /target/var/log/confluent/confluent-firstboot.log -chmod 600 /target/var/log/confluent/confluent-firstboot.log +exec >> /var/log/confluent/confluent-firstboot.log +exec 2>> /var/log/confluent/confluent-firstboot.log +chmod 600 /var/log/confluent/confluent-firstboot.log cp -a /etc/confluent/ssh/* /etc/ssh/ -systemctl restart sshd +systemctl restart ssh rootpw=$(grep ^rootpassword: /etc/confluent/confluent.deploycfg |awk '{print $2}') if [ ! -z "$rootpw" -a "$rootpw" != "null" ]; then echo root:$rootpw | chpasswd -e @@ -27,4 +27,4 @@ run_remote_parts firstboot.d run_remote_config firstboot.d curl --capath /etc/confluent/tls -f -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $confluent_apikey" -X POST -d "status: complete" https://$confluent_mgr/confluent-api/self/updatestatus ) & -tail --pid $! -n 0 -F /target/var/log/confluent/confluent-post.log > /dev/console +tail --pid $! -n 0 -F /var/log/confluent/confluent-post.log > /dev/console From 08a5bffa90486596b8fa392d9aba470d0e14e966 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 12 Jul 2024 15:52:49 -0400 Subject: [PATCH 03/22] Write multiple grub.cfg paths Some have different requirements on how to find grub.cfg --- confluent_server/confluent/osimage.py | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/confluent_server/confluent/osimage.py b/confluent_server/confluent/osimage.py index e0c1a8cb..3d5f50de 100644 --- a/confluent_server/confluent/osimage.py +++ b/confluent_server/confluent/osimage.py @@ -158,7 +158,7 @@ def find_glob(loc, fileglob): for cdir, _, fs in os.walk(loc): for f in fs: if fnmatch(f, fileglob): - return os.path.join(cdir, f) + return [os.path.join(cdir, f)] return None @@ -182,9 +182,13 @@ def update_boot_linux(profiledir, profile, label): # well need to honor grubprefix path if different grubcfgpath = find_glob(profiledir + '/boot', 'grub.cfg') if not grubcfgpath: - grubcfgpath = profiledir + '/boot/efi/boot/grub.cfg' - with open(grubcfgpath, 'w') as grubout: - grubout.write(grubcfg) + grubcfgpath = [ + profiledir + '/boot/efi/boot/grub.cfg' + profiledir + '/boot/boot/grub.cfg' + ] + for grubcfgpth in grubcfgpath: + with open(grubcfgpth, 'w') as grubout: + grubout.write(grubcfg) ipxeargs = kernelargs for initramfs in initrds: ipxeargs += " initrd=" + initramfs From 3aea1ec7d67082ece19f9306594b53ecc8dc52e8 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 12 Jul 2024 16:21:36 -0400 Subject: [PATCH 04/22] Fix list syntax in grub cfg --- confluent_server/confluent/osimage.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_server/confluent/osimage.py b/confluent_server/confluent/osimage.py index 3d5f50de..5297424c 100644 --- a/confluent_server/confluent/osimage.py +++ b/confluent_server/confluent/osimage.py @@ -183,7 +183,7 @@ def update_boot_linux(profiledir, profile, label): grubcfgpath = find_glob(profiledir + '/boot', 'grub.cfg') if not grubcfgpath: grubcfgpath = [ - profiledir + '/boot/efi/boot/grub.cfg' + profiledir + '/boot/efi/boot/grub.cfg', profiledir + '/boot/boot/grub.cfg' ] for grubcfgpth in grubcfgpath: From c0cc673c63e551745f96380a453d29cf4065f408 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 12 Jul 2024 16:31:06 -0400 Subject: [PATCH 05/22] Make directory exist before creating file --- confluent_server/confluent/osimage.py | 1 + 1 file changed, 1 insertion(+) diff --git a/confluent_server/confluent/osimage.py b/confluent_server/confluent/osimage.py index 5297424c..5beb08f5 100644 --- a/confluent_server/confluent/osimage.py +++ b/confluent_server/confluent/osimage.py @@ -187,6 +187,7 @@ def update_boot_linux(profiledir, profile, label): profiledir + '/boot/boot/grub.cfg' ] for grubcfgpth in grubcfgpath: + os.makedirs(os.path.dirname(grubcfgpth), 0o755, exist_ok=True) with open(grubcfgpth, 'w') as grubout: grubout.write(grubcfg) ipxeargs = kernelargs From 7a3e1dfde3ed3e3c486c636c76f60c6fd12c5614 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 12 Jul 2024 16:48:46 -0400 Subject: [PATCH 06/22] Fix grub fallback path for more grub --- confluent_server/confluent/osimage.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_server/confluent/osimage.py b/confluent_server/confluent/osimage.py index 5beb08f5..557cc99d 100644 --- a/confluent_server/confluent/osimage.py +++ b/confluent_server/confluent/osimage.py @@ -184,7 +184,7 @@ def update_boot_linux(profiledir, profile, label): if not grubcfgpath: grubcfgpath = [ profiledir + '/boot/efi/boot/grub.cfg', - profiledir + '/boot/boot/grub.cfg' + profiledir + '/boot/boot/grub/grub.cfg' ] for grubcfgpth in grubcfgpath: os.makedirs(os.path.dirname(grubcfgpth), 0o755, exist_ok=True) From 945dff09f34744c560ad9fed8b4a1d5a8a99c178 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 15 Jul 2024 08:19:13 -0400 Subject: [PATCH 07/22] Change to generic linux/inird command in Grub Modern grub has removed these variants, and should only be required for very old non-EFI stub kernels --- confluent_server/confluent/osimage.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/confluent_server/confluent/osimage.py b/confluent_server/confluent/osimage.py index 557cc99d..0e3d8a58 100644 --- a/confluent_server/confluent/osimage.py +++ b/confluent_server/confluent/osimage.py @@ -167,7 +167,7 @@ def update_boot_linux(profiledir, profile, label): kernelargs = profile.get('kernelargs', '') grubcfg = "set timeout=5\nmenuentry '" grubcfg += label - grubcfg += "' {\n linuxefi /kernel " + kernelargs + "\n" + grubcfg += "' {\n linux /kernel " + kernelargs + "\n" initrds = [] for initramfs in glob.glob(profiledir + '/boot/initramfs/*.cpio'): initramfs = os.path.basename(initramfs) @@ -175,7 +175,7 @@ def update_boot_linux(profiledir, profile, label): for initramfs in os.listdir(profiledir + '/boot/initramfs'): if initramfs not in initrds: initrds.append(initramfs) - grubcfg += " initrdefi " + grubcfg += " initrd " for initramfs in initrds: grubcfg += " /initramfs/{0}".format(initramfs) grubcfg += "\n}\n" From 8d726bced97a8f1bb45a3a433fdf22a03b515daf Mon Sep 17 00:00:00 2001 From: tkucherera Date: Mon, 15 Jul 2024 09:22:59 -0400 Subject: [PATCH 08/22] better error handling --- confluent_client/bin/nodebmcpassword | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/confluent_client/bin/nodebmcpassword b/confluent_client/bin/nodebmcpassword index f76b076c..135abb96 100755 --- a/confluent_client/bin/nodebmcpassword +++ b/confluent_client/bin/nodebmcpassword @@ -88,6 +88,7 @@ for rsp in session.read('/noderange/{0}/configuration/management_controller/user for node in databynode: if 'error' in rsp['databynode'][node]: print(node, ':', rsp['databynode'][node]['error']) + errorNodes.add(node) continue for user in rsp['databynode'][node]['users']: if user['username'] == username: @@ -97,6 +98,10 @@ for rsp in session.read('/noderange/{0}/configuration/management_controller/user uid_dict[user['uid']] = uid_dict[user['uid']] + ',{}'.format(node) break +if not uid_dict: + print("Error: Could not reach target node's bmc user") + sys.exit(1) + for uid in uid_dict: success = session.simple_noderange_command(uid_dict[uid], 'configuration/management_controller/users/{0}'.format(uid), new_password, key='password', errnodes=errorNodes) # = 0 if successful From abf12f2b962ca94550e321684228cd028e5f3618 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 15 Jul 2024 11:26:58 -0400 Subject: [PATCH 09/22] Reinstate linuxefi/initrdefi for older GRUB Technically, Grub never had 'linuxefi/initrdefi' commands officially, so this is a bit weird. However, if we see signs of GRUB older than 2.03, we will assume that is requires the linuxefi/initrdefi commands from the out of tree patch to support EFI the old way. This corresponds with EL7. Other variants seem ok with the more proper linux/initrd command names. --- confluent_server/confluent/osimage.py | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/confluent_server/confluent/osimage.py b/confluent_server/confluent/osimage.py index 0e3d8a58..5ff28d16 100644 --- a/confluent_server/confluent/osimage.py +++ b/confluent_server/confluent/osimage.py @@ -165,9 +165,27 @@ def find_glob(loc, fileglob): def update_boot_linux(profiledir, profile, label): profname = os.path.basename(profiledir) kernelargs = profile.get('kernelargs', '') + needefi = False + for grubexe in glob.glob(profiledir + '/boot/efi/boot/grubx64.efi'): + with open(grubexe, 'rb') as grubin: + grubcontent = grubin.read() + uaidx = grubcontent.find(b'User-Agent: GRUB 2.0') + if uaidx > 0: + grubcontent = grubcontent[uaidx:] + cridx = grubcontent.find(b'\r') + if cridx > 1: + grubcontent = grubcontent[:cridx] + grubver = grubcontent.split(b'~', 1)[0] + grubver = grubver.rsplit(b' ', 1)[-1] + grubver = grubver.split(b'.') + if len(grubver) > 1: + if int(grubver[0]) < 3 and int(grubver[1]) < 3: + needefi = True + lincmd = 'linuxefi' if needefi else 'linux' + initrdcmd = 'initrdefi' if needefi else 'initrd' grubcfg = "set timeout=5\nmenuentry '" grubcfg += label - grubcfg += "' {\n linux /kernel " + kernelargs + "\n" + grubcfg += "' {\n " + lincmd + " /kernel " + kernelargs + "\n" initrds = [] for initramfs in glob.glob(profiledir + '/boot/initramfs/*.cpio'): initramfs = os.path.basename(initramfs) @@ -175,7 +193,7 @@ def update_boot_linux(profiledir, profile, label): for initramfs in os.listdir(profiledir + '/boot/initramfs'): if initramfs not in initrds: initrds.append(initramfs) - grubcfg += " initrd " + grubcfg += " " + initrdcmd + " " for initramfs in initrds: grubcfg += " /initramfs/{0}".format(initramfs) grubcfg += "\n}\n" From 9d5432f8cd22d2bfa5a206b227b119d95f6a473e Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 18 Jul 2024 08:40:40 -0400 Subject: [PATCH 10/22] Fix network configuration when middle name ends in 'net' --- confluent_server/confluent/netutil.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_server/confluent/netutil.py b/confluent_server/confluent/netutil.py index 9e9fd597..9bac92c2 100644 --- a/confluent_server/confluent/netutil.py +++ b/confluent_server/confluent/netutil.py @@ -320,7 +320,7 @@ def get_full_net_config(configmanager, node, serverip=None): if val is None: continue if attrib.startswith('net.'): - attrib = attrib.replace('net.', '').rsplit('.', 1) + attrib = attrib.replace('net.', '', 1).rsplit('.', 1) if len(attrib) == 1: iface = None attrib = attrib[0] From b4a33b810230e2c37dce78ca6a1d659de576ec76 Mon Sep 17 00:00:00 2001 From: Markus Hilger Date: Thu, 18 Jul 2024 17:26:49 +0200 Subject: [PATCH 11/22] Fix EL stateful install Sometimes stateful install can fail if vgchange -a n is run after dd. Use wipefs instead and fix order of both commands. Furthermore, use the $INSALLDISK variable. --- confluent_osdeploy/el8/profiles/default/scripts/pre.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_osdeploy/el8/profiles/default/scripts/pre.sh b/confluent_osdeploy/el8/profiles/default/scripts/pre.sh index 4d76aaa3..cd831360 100644 --- a/confluent_osdeploy/el8/profiles/default/scripts/pre.sh +++ b/confluent_osdeploy/el8/profiles/default/scripts/pre.sh @@ -115,7 +115,7 @@ grep '^%include /tmp/partitioning' /tmp/kickstart.* > /dev/null || rm /tmp/insta if [ -e /tmp/installdisk -a ! -e /tmp/partitioning ]; then INSTALLDISK=$(cat /tmp/installdisk) sed -e s/%%INSTALLDISK%%/$INSTALLDISK/ -e s/%%LUKSHOOK%%/$LUKSPARTY/ /tmp/partitioning.template > /tmp/partitioning - dd if=/dev/zero of=/dev/$(cat /tmp/installdisk) bs=1M count=1 >& /dev/null vgchange -a n >& /dev/null + wipefs -a -f /dev/$INSTALLDISK >& /dev/null fi kill $logshowpid From 294ef8e88c0cd52942bca848092a6529ba05a927 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 19 Jul 2024 09:28:29 -0400 Subject: [PATCH 12/22] Fix for IB diskless boot to install clone The infiniband section must be defined for the OS to use the IB link. If it is missing then networking does not come up during firstboot. Fix this by having an inifiniband section including explicitly declaring use of datagram mode. This should suffice for all install use cases, and may be changed after firstboot starts. --- .../usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/confluent_osdeploy/el9-diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh b/confluent_osdeploy/el9-diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh index a4f10ee2..9b885e82 100644 --- a/confluent_osdeploy/el9-diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh +++ b/confluent_osdeploy/el9-diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh @@ -171,6 +171,13 @@ permissions= wait-device-timeout=60000 EOC +if [ "$linktype" = infiniband ]; then +cat >> /run/NetworkManager/system-connections/$ifname.nmconnection << EOC +[infiniband] +transport-mode=datagram + +EOC +fi autoconfigmethod=$(grep ^ipv4_method: /etc/confluent/confluent.deploycfg |awk '{print $2}') auto6configmethod=$(grep ^ipv6_method: /etc/confluent/confluent.deploycfg |awk '{print $2}') if [ "$autoconfigmethod" = "dhcp" ]; then From 69fa3f10c0f38cf7a6fc52d13ed2c0fd5d2e41f9 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 22 Jul 2024 13:46:27 -0400 Subject: [PATCH 13/22] Add deb packaging of imgutil --- imgutil/builddeb | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100755 imgutil/builddeb diff --git a/imgutil/builddeb b/imgutil/builddeb new file mode 100755 index 00000000..4258fbc4 --- /dev/null +++ b/imgutil/builddeb @@ -0,0 +1,24 @@ +#!/bin/bash +VERSION=`git describe|cut -d- -f 1` +NUMCOMMITS=`git describe|cut -d- -f 2` +if [ "$NUMCOMMITS" != "$VERSION" ]; then + VERSION=$VERSION.dev$NUMCOMMITS.g`git describe|cut -d- -f 3` +fi +mkdir -p /tmp/confluent-imgutil +cp -a * /tmp/confluent-imgutil +cp ../LICENSE /tmp/confluent-imgutil +cd /tmp/confluent-imgutil +rm -rf deb/confluent_imgutil_$VERSION/ +mkdir -p deb/confluent_imgutil_$VERSION/DEBIAN/ +mkdir -p deb/confluent_imgutil_$VERSION/opt/confluent/lib/imgutil +mkdir -p deb/confluent_imgutil_$VERSION/opt/confluent/bin +mv imgutil deb/confluent_imgutil_$VERSION/opt/confluent/bin/ +chmod a+x deb/confluent_imgutil_$VERSION/opt/confluent/bin/imgutil +mv ubuntu* suse15 el7 el9 el8 deb/confluent_imgutil_$VERSION/opt/confluent/lib/imgutil/ +mkdir -p deb/confluent_imgutil_$VERSION/opt/confluent/share/licenses/confluent_imgutil +cp LICENSE deb/confluent_imgutil_$VERSION/opt/confluent/share/licenses/confluent_imgutil +sed -e 's/#VERSION#/'$VERSION/ control.tmpl > deb/confluent_imgutil_$VERSION/DEBIAN/control +dpkg-deb --build deb/lenovo_confluent_$VERSION +if [ ! -z "$1" ]; then + mv deb/lenovo-confluent_$VERSION.deb $1 +fi From 7154a1d60ca641d8ea44128ece8432d89ca4bfeb Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 22 Jul 2024 13:46:45 -0400 Subject: [PATCH 14/22] Add control file for deb build of imgutil --- imgutil/control.tmpl | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 imgutil/control.tmpl diff --git a/imgutil/control.tmpl b/imgutil/control.tmpl new file mode 100644 index 00000000..a0fe21af --- /dev/null +++ b/imgutil/control.tmpl @@ -0,0 +1,8 @@ +Package: confluent-imgutil +Version: #VERSION# +Section: base +Priority: optional +Maintainer: Jarrod Johnson +Description: Web frontend for confluent server +Architecture: all + From 4f18294d93f281af4eaa088a1a29317cf10c8574 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 22 Jul 2024 13:57:38 -0400 Subject: [PATCH 15/22] Fix path in debian build for imgutil --- imgutil/builddeb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/imgutil/builddeb b/imgutil/builddeb index 4258fbc4..7e12a6e6 100755 --- a/imgutil/builddeb +++ b/imgutil/builddeb @@ -18,7 +18,7 @@ mv ubuntu* suse15 el7 el9 el8 deb/confluent_imgutil_$VERSION/opt/confluent/lib/i mkdir -p deb/confluent_imgutil_$VERSION/opt/confluent/share/licenses/confluent_imgutil cp LICENSE deb/confluent_imgutil_$VERSION/opt/confluent/share/licenses/confluent_imgutil sed -e 's/#VERSION#/'$VERSION/ control.tmpl > deb/confluent_imgutil_$VERSION/DEBIAN/control -dpkg-deb --build deb/lenovo_confluent_$VERSION +dpkg-deb --build deb/confluent_imgutil_$VERSION if [ ! -z "$1" ]; then - mv deb/lenovo-confluent_$VERSION.deb $1 + mv deb/confluent_imgutil_$VERSION.deb $1 fi From 34b03da4941210cd8ad19ae7852cb7d390eafd82 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 22 Jul 2024 16:33:07 -0400 Subject: [PATCH 16/22] Update for Ubuntu 24.04 diskless --- imgutil/imgutil | 1 + imgutil/ubuntu24.04 | 1 + 2 files changed, 2 insertions(+) create mode 120000 imgutil/ubuntu24.04 diff --git a/imgutil/imgutil b/imgutil/imgutil index 022279cc..d5714306 100644 --- a/imgutil/imgutil +++ b/imgutil/imgutil @@ -655,6 +655,7 @@ class DebHandler(OsHandler): def prep_root(self, args): shutil.copy('/etc/apt/sources.list', os.path.join(self.targpath, 'etc/apt/sources.list')) + shutil.copytree('/etc/apt/sources.list.d', os.path.join(self.targpath, 'etc/apt/sources.list.d')) args.cmd = ['apt-get', 'update'] run_constrainedx(fancy_chroot, (args, self.targpath)) args.cmd = ['apt-get', '-y', 'install'] + self.includepkgs diff --git a/imgutil/ubuntu24.04 b/imgutil/ubuntu24.04 new file mode 120000 index 00000000..7d13753d --- /dev/null +++ b/imgutil/ubuntu24.04 @@ -0,0 +1 @@ +ubuntu \ No newline at end of file From 1ade704daa4bddb98481ab502d815d9df33bae92 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 22 Jul 2024 16:40:44 -0400 Subject: [PATCH 17/22] Fix imgutil copy of ubuntu sources --- imgutil/imgutil | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/imgutil/imgutil b/imgutil/imgutil index d5714306..1c6d3cc0 100644 --- a/imgutil/imgutil +++ b/imgutil/imgutil @@ -655,7 +655,8 @@ class DebHandler(OsHandler): def prep_root(self, args): shutil.copy('/etc/apt/sources.list', os.path.join(self.targpath, 'etc/apt/sources.list')) - shutil.copytree('/etc/apt/sources.list.d', os.path.join(self.targpath, 'etc/apt/sources.list.d')) + for listfile in glob.glob('/etc/apt/sources.list.d/*'): + shutil.copy(listfile, os.path.join(self.targpath, listfile[1:])) args.cmd = ['apt-get', 'update'] run_constrainedx(fancy_chroot, (args, self.targpath)) args.cmd = ['apt-get', '-y', 'install'] + self.includepkgs From 33ed1a5e640802deccfaefbab894770ac53b4667 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 23 Jul 2024 09:32:20 -0400 Subject: [PATCH 18/22] Add onboot for ubuntu diskless --- .../profiles/default/scripts/onboot.service | 11 +++++ .../profiles/default/scripts/onboot.sh | 40 +++++++++++++++++++ 2 files changed, 51 insertions(+) create mode 100644 confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.service create mode 100644 confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.sh diff --git a/confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.service b/confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.service new file mode 100644 index 00000000..f9235033 --- /dev/null +++ b/confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.service @@ -0,0 +1,11 @@ +[Unit] +Description=Confluent onboot hook +Requires=network-online.target +After=network-online.target + +[Service] +ExecStart=/opt/confluent/bin/onboot.sh + +[Install] +WantedBy=multi-user.target + diff --git a/confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.sh b/confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.sh new file mode 100644 index 00000000..60ccaa44 --- /dev/null +++ b/confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.sh @@ -0,0 +1,40 @@ +#!/bin/sh + +# This script is executed on each boot as it is +# completed. It is best to edit the middle of the file as +# noted below so custom commands are executed before +# the script notifies confluent that install is fully complete. + +nodename=$(grep ^NODENAME /etc/confluent/confluent.info|awk '{print $2}') +confluent_apikey=$(cat /etc/confluent/confluent.apikey) +v4meth=$(grep ^ipv4_method: /etc/confluent/confluent.deploycfg|awk '{print $2}') +if [ "$v4meth" = "null" -o -z "$v4meth" ]; then + confluent_mgr=$(grep ^deploy_server_v6: /etc/confluent/confluent.deploycfg|awk '{print $2}') +fi +if [ -z "$confluent_mgr" ]; then + confluent_mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg|awk '{print $2}') +fi +confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg|awk '{print $2}') +timedatectl set-timezone $(grep ^timezone: /etc/confluent/confluent.deploycfg|awk '{print $2}') +hostnamectl set-hostname $nodename +export nodename confluent_mgr confluent_profile +. /etc/confluent/functions +mkdir -p /var/log/confluent +chmod 700 /var/log/confluent +exec >> /var/log/confluent/confluent-onboot.log +exec 2>> /var/log/confluent/confluent-onboot.log +chmod 600 /var/log/confluent/confluent-onboot.log +tail -f /var/log/confluent/confluent-onboot.log > /dev/console & +logshowpid=$! + +run_remote_python syncfileclient +run_remote_python confignet + +# onboot scripts may be placed into onboot.d, e.g. onboot.d/01-firstaction.sh, onboot.d/02-secondaction.sh +run_remote_parts onboot.d + +# Induce execution of remote configuration, e.g. ansible plays in ansible/onboot.d/ +run_remote_config onboot.d + +#curl -X POST -d 'status: booted' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $confluent_apikey" https://$confluent_mgr/confluent-api/self/updatestatus +kill $logshowpid From bb04faed04c28c92e49723f592dbd0c2a5df278d Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 23 Jul 2024 10:01:53 -0400 Subject: [PATCH 19/22] Explicitly request bash under ubuntu, which tends to use dash --- .../ubuntu20.04-diskless/profiles/default/scripts/onboot.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.sh b/confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.sh index 60ccaa44..cc470d6f 100644 --- a/confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.sh +++ b/confluent_osdeploy/ubuntu20.04-diskless/profiles/default/scripts/onboot.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # This script is executed on each boot as it is # completed. It is best to edit the middle of the file as From a94b9235e8ddf6941a58d9f576b7ec67e4a58613 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 23 Jul 2024 10:14:32 -0400 Subject: [PATCH 20/22] Tighten umask on confignet to avoid ubuntu warnings --- confluent_osdeploy/common/profile/scripts/confignet | 2 ++ 1 file changed, 2 insertions(+) diff --git a/confluent_osdeploy/common/profile/scripts/confignet b/confluent_osdeploy/common/profile/scripts/confignet index 8cda6c83..72462834 100644 --- a/confluent_osdeploy/common/profile/scripts/confignet +++ b/confluent_osdeploy/common/profile/scripts/confignet @@ -192,8 +192,10 @@ class NetplanManager(object): if needcfgwrite: needcfgapply = True newcfg = {'network': {'version': 2, 'ethernets': {devname: self.cfgbydev[devname]}}} + oumask = os.umask(0o77) with open('/etc/netplan/{0}-confluentcfg.yaml'.format(devname), 'w') as planout: planout.write(yaml.dump(newcfg)) + os.umask(oumask) if needcfgapply: subprocess.call(['netplan', 'apply']) From cf4475cfccbc84425fee513ec25c96c26a7bf0a0 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 23 Jul 2024 10:23:05 -0400 Subject: [PATCH 21/22] Escape the '\W' to avoid stepping on python processing --- imgutil/imgutil | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/imgutil/imgutil b/imgutil/imgutil index 1c6d3cc0..4ef06776 100644 --- a/imgutil/imgutil +++ b/imgutil/imgutil @@ -947,7 +947,7 @@ def fancy_chroot(args, installroot): os.chroot(installroot) os.chdir('/') _mount('/', '/', flags=MS_BIND) # Make / manifest as a mounted filesystem in exec - os.environ['PS1'] = '[\x1b[1m\x1b[4mIMGUTIL EXEC {0}\x1b[0m \W]$ '.format(imgname) + os.environ['PS1'] = '[\x1b[1m\x1b[4mIMGUTIL EXEC {0}\x1b[0m \\W]$ '.format(imgname) os.environ['CONFLUENT_IMGUTIL_MODE'] = 'exec' if oshandler: oshandler.set_source('/run/confluentdistro') From 8f58567a700e0283ee681acd7a790bc917a0c693 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 23 Jul 2024 11:05:51 -0400 Subject: [PATCH 22/22] Add ssh to default services of a built ubuntu image --- imgutil/imgutil | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/imgutil/imgutil b/imgutil/imgutil index 4ef06776..907a3b64 100644 --- a/imgutil/imgutil +++ b/imgutil/imgutil @@ -661,6 +661,12 @@ class DebHandler(OsHandler): run_constrainedx(fancy_chroot, (args, self.targpath)) args.cmd = ['apt-get', '-y', 'install'] + self.includepkgs run_constrainedx(fancy_chroot, (args, self.targpath)) + servicefile = os.path.join(self.targpath, 'usr/lib/systemd/system/ssh.service') + if os.path.exists(servicefile): + os.symlink('/usr/lib/systemd/system/ssh.service', os.path.join(self.targpath, 'etc/systemd/system/multi-user.target.wants/ssh.service')) + else: + os.symlink('/usr/lib/systemd/system/sshd.service', os.path.join(self.targpath, 'etc/systemd/system/multi-user.target.wants/sshd.service')) + class ElHandler(OsHandler):