diff --git a/confluent_osdeploy/el7/profiles/default/kickstart b/confluent_osdeploy/el7/profiles/default/kickstart
index 4371b721..b6512f0d 100644
--- a/confluent_osdeploy/el7/profiles/default/kickstart
+++ b/confluent_osdeploy/el7/profiles/default/kickstart
@@ -50,23 +50,23 @@ pciutils
%include /tmp/kickstart.custom
%pre
-profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
-mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
-curl -f https://$mgr/confluent-public/os/$profile/scripts/pre.sh > /tmp/preinst.sh
+confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
+confluent_mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/pre.sh > /tmp/preinst.sh
. /tmp/preinst.sh
%end
%post --nochroot
mkdir -p /mnt/sysimage/etc/confluent
-profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
-mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
-curl -f https://$mgr/confluent-public/os/$profile/scripts/prechroot.sh > /tmp/postinst.sh
+confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
+confluent_mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/prechroot.sh > /tmp/postinst.sh
. /tmp/postinst.sh
# Hook firstboot.sh
-curl -f https://$mgr/confluent-public/os/$profile/scripts/firstboot.service > /mnt/sysimage/etc/systemd/system/firstboot.service
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/firstboot.service > /mnt/sysimage/etc/systemd/system/firstboot.service
mkdir -p /mnt/sysimage/opt/confluent/bin
-curl -f https://$mgr/confluent-public/os/$profile/scripts/firstboot.sh > /mnt/sysimage/opt/confluent/bin/firstboot.sh
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/firstboot.sh > /mnt/sysimage/opt/confluent/bin/firstboot.sh
chmod +x /mnt/sysimage/opt/confluent/bin/firstboot.sh
%end
@@ -75,8 +75,8 @@ cat /etc/confluent/tls/*.pem >> /etc/pki/tls/certs/ca-bundle.crt
systemctl enable firstboot
chgrp ssh_keys /etc/ssh/ssh*key
restorecon /etc/ssh/ssh*key /root/.shosts /etc/ssh/shosts.equiv /etc/ssh/ssh_config.d/* /opt/confluent/bin/firstboot.sh
-profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
-mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
-curl -f https://$mgr/confluent-public/os/$profile/scripts/post.sh > /tmp/postinst.sh
+confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
+confluent_mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/post.sh > /tmp/postinst.sh
. /tmp/postinst.sh
%end
diff --git a/confluent_osdeploy/el7/profiles/default/scripts/firstboot.sh b/confluent_osdeploy/el7/profiles/default/scripts/firstboot.sh
index 9b754056..73d10d98 100644
--- a/confluent_osdeploy/el7/profiles/default/scripts/firstboot.sh
+++ b/confluent_osdeploy/el7/profiles/default/scripts/firstboot.sh
@@ -6,10 +6,10 @@
# the script notifies confluent that install is fully complete.
nodename=$(grep ^NODENAME /etc/confluent/confluent.info|awk '{print $2}')
-apikey=$(cat /etc/confluent/confluent.apikey)
-mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg|awk '{print $2}')
-profile=$(grep ^profile: /etc/confluent/confluent.deploycfg|awk '{print $2}')
-export nodename mgr profile
+confluent_apikey=$(cat /etc/confluent/confluent.apikey)
+confluent_mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg|awk '{print $2}')
+confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg|awk '{print $2}')
+export nodename confluent_mgr confluent_profile
. /etc/confluent/functions
exec >> /var/log/confluent/confluent-firstboot.log
exec 2>> /var/log/confluent/confluent-firstboot.log
@@ -23,13 +23,13 @@ if [ ! -f /etc/confluent/firstboot.ran ]; then
run_remote firstboot.custom
# Firstboot scripts may be placed into firstboot.d, e.g. firstboot.d/01-firstaction.sh, firstboot.d/02-secondaction.sh
- run_remote_parts firstboot
+ run_remote_parts firstboot.d
# Induce execution of remote configuration, e.g. ansible plays in ansible/firstboot.d/
- run_remote_config firstboot
+ run_remote_config firstboot.d
fi
-curl -X POST -d 'status: complete' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/updatestatus
+curl -X POST -d 'status: complete' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $confluent_apikey" https://$confluent_mgr/confluent-api/self/updatestatus
systemctl disable firstboot
rm /etc/systemd/system/firstboot.service
rm /etc/confluent/firstboot.ran
diff --git a/confluent_osdeploy/el7/profiles/default/scripts/functions b/confluent_osdeploy/el7/profiles/default/scripts/functions
index 4919a918..c930044d 100644
--- a/confluent_osdeploy/el7/profiles/default/scripts/functions
+++ b/confluent_osdeploy/el7/profiles/default/scripts/functions
@@ -1,9 +1,9 @@
function set_confluent_vars() {
- if [ -z "$mgr" ]; then
- mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
+ if [ -z "$confluent_mgr" ]; then
+ confluent_mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
fi
- if [ -z "$profile" ]; then
- profile=$(grep ^profile: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
+ if [ -z "$confluent_profile" ]; then
+ confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
fi
}
@@ -14,7 +14,7 @@ fetch_remote() {
fi
set_confluent_vars
mkdir -p $(dirname $1)
- curl -f -sS $curlargs https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS $curlargs https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo $1 failed to download; return 1; fi
}
@@ -22,7 +22,7 @@ source_remote_parts() {
confluentscripttmpdir=$(mktemp -d)
scriptlist=$(/usr/libexec/platform-python /etc/confluent/apiclient /confluent-api/self/scriptlist/$1|sed -e 's/^- //')
for script in $scriptlist; do
- source_remote $1.d/$script
+ source_remote $1/$script
done
unset confluentscripttmpdir
}
@@ -31,7 +31,7 @@ run_remote_parts() {
confluentscripttmpdir=$(mktemp -d)
scriptlist=$(/usr/libexec/platform-python /etc/confluent/apiclient /confluent-api/self/scriptlist/$1|sed -e 's/^- //')
for script in $scriptlist; do
- run_remote $1.d/$script
+ run_remote $1/$script
done
unset confluentscripttmpdir
}
@@ -40,7 +40,7 @@ source_remote() {
set_confluent_vars
echo
echo '---------------------------------------------------------------------------'
- echo Sourcing $1 from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Sourcing $1 from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
if [ -z "$confluentscripttmpdir" ]; then
confluentscripttmpdir=$(mktemp -d)
fi
@@ -61,7 +61,7 @@ run_remote() {
set_confluent_vars
echo
echo '---------------------------------------------------------------------------'
- echo Running $requestedcmd from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Running $requestedcmd from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
if [ -z "$confluentscripttmpdir" ]; then
confluentscripttmpdir=$(mktemp -d)
fi
@@ -91,12 +91,12 @@ run_remote_python() {
curlargs=" --cacert /etc/confluent/ca.pem"
fi
echo '---------------------------------------------------------------------------'
- echo Running python script "'$*'" from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Running python script "'$*'" from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
tmpdir=$(mktemp -d)
echo Executing in $tmpdir
cd $tmpdir
mkdir -p $(dirname $1)
- curl -f -sS $curlargs https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS $curlargs https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo "'$*'" failed to download; return 1; fi
if [ -x /usr/libexec/platform-python ]; then
/usr/libexec/platform-python $*
@@ -117,7 +117,7 @@ run_remote_config() {
apiclient=/etc/confluent/apiclient
fi
echo '---------------------------------------------------------------------------'
- echo Requesting to run remote configuration for "'$*'" from $mgr under profile $profile
+ echo Requesting to run remote configuration for "'$*'" from $confluent_mgr under profile $confluent_profile
if [ -x /usr/libexec/platform-python ]; then
/usr/libexec/platform-python $apiclient /confluent-api/self/remoteconfig/"$*" -d {}
/usr/libexec/platform-python $apiclient /confluent-api/self/remoteconfig/status -w 204
diff --git a/confluent_osdeploy/el7/profiles/default/scripts/post.sh b/confluent_osdeploy/el7/profiles/default/scripts/post.sh
index f6fa2d07..408cfee4 100644
--- a/confluent_osdeploy/el7/profiles/default/scripts/post.sh
+++ b/confluent_osdeploy/el7/profiles/default/scripts/post.sh
@@ -41,9 +41,9 @@ run_remote_python syncfileclient
run_remote post.custom
# Also, scripts may be placed into 'post.d', e.g. post.d/01-runfirst.sh, post.d/02-runsecond.sh
-run_remote_parts post
+run_remote_parts post.d
# Induce execution of remote configuration, e.g. ansible plays in ansible/post.d/
-run_remote_config post
-curl -sf -X POST -d 'status: staged' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/updatestatus
+run_remote_config post.d
+curl -sf -X POST -d 'status: staged' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$confluent_mgr/confluent-api/self/updatestatus
kill $logshowpid
diff --git a/confluent_osdeploy/el7/profiles/default/scripts/pre.sh b/confluent_osdeploy/el7/profiles/default/scripts/pre.sh
index 63922ae8..5695e550 100644
--- a/confluent_osdeploy/el7/profiles/default/scripts/pre.sh
+++ b/confluent_osdeploy/el7/profiles/default/scripts/pre.sh
@@ -35,7 +35,7 @@ if [ "$rootpw" = null ]; then
else
echo "rootpw --iscrypted $rootpw" > /tmp/rootpw
fi
-curl -sf https://$mgr/confluent-public/os/$profile/profile.yaml > /tmp/instprofile.yaml
+curl -sf https://$confluent_mgr/confluent-public/os/$confluent_profile/profile.yaml > /tmp/instprofile.yaml
blargs=$(grep ^installedargs: /tmp/instprofile.yaml | sed -e 's/#.*//' -e 's/^installedargs: //')
if [ ! -z "$blargs" ]; then
blargs=' --append="'$blargs'"'
@@ -52,7 +52,7 @@ fi
ssh-keygen -A
for pubkey in /etc/ssh/ssh_host*key.pub; do
certfile=${pubkey/.pub/-cert.pub}
- curl -sf -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" -d @$pubkey https://$mgr/confluent-api/self/sshcert > $certfile
+ curl -sf -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" -d @$pubkey https://$confluent_mgr/confluent-api/self/sshcert > $certfile
echo HostCertificate $certfile >> /etc/ssh/sshd_config.anaconda
done
/usr/sbin/sshd -f /etc/ssh/sshd_config.anaconda
@@ -66,10 +66,10 @@ fi
export mgr profile nodename
-curl -sf https://$mgr/confluent-public/os/$profile/scripts/functions > /tmp/functions
+curl -sf https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/functions > /tmp/functions
. /tmp/functions
run_remote pre.custom
-run_remote_parts pre
+run_remote_parts pre.d
if [ ! -e /tmp/installdisk ]; then
run_remote_python getinstalldisk
fi
@@ -78,5 +78,5 @@ if [ -e /tmp/installdisk -a ! -e /tmp/partitioning ]; then
echo ignoredisk --only-use $(cat /tmp/installdisk) >> /tmp/partitioning
echo autopart --nohome $LUKSPARTY >> /tmp/partitioning
fi
-python /etc/confluent/apiclient /confluent-public/os/$profile/kickstart.custom -o /tmp/kickstart.custom
+python /etc/confluent/apiclient /confluent-public/os/$confluent_profile/kickstart.custom -o /tmp/kickstart.custom
kill $logshowpid
diff --git a/confluent_osdeploy/el7/profiles/default/scripts/setupssh.sh b/confluent_osdeploy/el7/profiles/default/scripts/setupssh.sh
index 909829c5..f06c4d61 100644
--- a/confluent_osdeploy/el7/profiles/default/scripts/setupssh.sh
+++ b/confluent_osdeploy/el7/profiles/default/scripts/setupssh.sh
@@ -18,6 +18,6 @@ chmod 700 /mnt/sysimage/root/.ssh/
cp /root/.ssh/authorized_keys /mnt/sysimage/root/.ssh/
chmod 600 /mnt/sysimage/root/.ssh/authorized_keys
cp /etc/ssh/ssh_known_hosts /mnt/sysimage/etc/ssh/
-curl -f -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" https://$mgr/confluent-api/self/nodelist > /tmp/allnodes
+curl -f -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" https://$confluent_mgr/confluent-api/self/nodelist > /tmp/allnodes
cp /tmp/allnodes /mnt/sysimage/etc/ssh/shosts.equiv
cp /tmp/allnodes /mnt/sysimage/root/.shosts
diff --git a/confluent_osdeploy/el8/profiles/default/kickstart b/confluent_osdeploy/el8/profiles/default/kickstart
index 63b56ce6..25f476da 100644
--- a/confluent_osdeploy/el8/profiles/default/kickstart
+++ b/confluent_osdeploy/el8/profiles/default/kickstart
@@ -52,23 +52,23 @@ pciutils
%include /tmp/kickstart.custom
%pre
-profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
-mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
-curl -f https://$mgr/confluent-public/os/$profile/scripts/pre.sh > /tmp/preinst.sh
+confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
+confluent_mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/pre.sh > /tmp/preinst.sh
. /tmp/preinst.sh
%end
%post --nochroot
mkdir -p /mnt/sysimage/etc/confluent
-profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
-mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
-curl -f https://$mgr/confluent-public/os/$profile/scripts/prechroot.sh > /tmp/postinst.sh
+confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
+confluent_mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/prechroot.sh > /tmp/postinst.sh
. /tmp/postinst.sh
# Hook firstboot.sh
-curl -f https://$mgr/confluent-public/os/$profile/scripts/firstboot.service > /mnt/sysimage/etc/systemd/system/firstboot.service
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/firstboot.service > /mnt/sysimage/etc/systemd/system/firstboot.service
mkdir -p /mnt/sysimage/opt/confluent/bin
-curl -f https://$mgr/confluent-public/os/$profile/scripts/firstboot.sh > /mnt/sysimage/opt/confluent/bin/firstboot.sh
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/firstboot.sh > /mnt/sysimage/opt/confluent/bin/firstboot.sh
chmod +x /mnt/sysimage/opt/confluent/bin/firstboot.sh
%end
@@ -77,8 +77,8 @@ cat /etc/confluent/tls/*.pem >> /etc/pki/tls/certs/ca-bundle.crt
systemctl enable firstboot
chgrp ssh_keys /etc/ssh/ssh*key
restorecon /etc/ssh/ssh*key /root/.shosts /etc/ssh/shosts.equiv /etc/ssh/ssh_config.d/* /opt/confluent/bin/firstboot.sh
-profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
-mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
-curl -f https://$mgr/confluent-public/os/$profile/scripts/post.sh > /tmp/postinst.sh
+confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg |awk '{print $2}')
+confluent_mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg |awk '{print $2}')
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/post.sh > /tmp/postinst.sh
. /tmp/postinst.sh
%end
diff --git a/confluent_osdeploy/el8/profiles/default/scripts/firstboot.sh b/confluent_osdeploy/el8/profiles/default/scripts/firstboot.sh
index 9b754056..73d10d98 100644
--- a/confluent_osdeploy/el8/profiles/default/scripts/firstboot.sh
+++ b/confluent_osdeploy/el8/profiles/default/scripts/firstboot.sh
@@ -6,10 +6,10 @@
# the script notifies confluent that install is fully complete.
nodename=$(grep ^NODENAME /etc/confluent/confluent.info|awk '{print $2}')
-apikey=$(cat /etc/confluent/confluent.apikey)
-mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg|awk '{print $2}')
-profile=$(grep ^profile: /etc/confluent/confluent.deploycfg|awk '{print $2}')
-export nodename mgr profile
+confluent_apikey=$(cat /etc/confluent/confluent.apikey)
+confluent_mgr=$(grep deploy_server /etc/confluent/confluent.deploycfg|awk '{print $2}')
+confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg|awk '{print $2}')
+export nodename confluent_mgr confluent_profile
. /etc/confluent/functions
exec >> /var/log/confluent/confluent-firstboot.log
exec 2>> /var/log/confluent/confluent-firstboot.log
@@ -23,13 +23,13 @@ if [ ! -f /etc/confluent/firstboot.ran ]; then
run_remote firstboot.custom
# Firstboot scripts may be placed into firstboot.d, e.g. firstboot.d/01-firstaction.sh, firstboot.d/02-secondaction.sh
- run_remote_parts firstboot
+ run_remote_parts firstboot.d
# Induce execution of remote configuration, e.g. ansible plays in ansible/firstboot.d/
- run_remote_config firstboot
+ run_remote_config firstboot.d
fi
-curl -X POST -d 'status: complete' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/updatestatus
+curl -X POST -d 'status: complete' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $confluent_apikey" https://$confluent_mgr/confluent-api/self/updatestatus
systemctl disable firstboot
rm /etc/systemd/system/firstboot.service
rm /etc/confluent/firstboot.ran
diff --git a/confluent_osdeploy/el8/profiles/default/scripts/functions b/confluent_osdeploy/el8/profiles/default/scripts/functions
index 4919a918..c930044d 100644
--- a/confluent_osdeploy/el8/profiles/default/scripts/functions
+++ b/confluent_osdeploy/el8/profiles/default/scripts/functions
@@ -1,9 +1,9 @@
function set_confluent_vars() {
- if [ -z "$mgr" ]; then
- mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
+ if [ -z "$confluent_mgr" ]; then
+ confluent_mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
fi
- if [ -z "$profile" ]; then
- profile=$(grep ^profile: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
+ if [ -z "$confluent_profile" ]; then
+ confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
fi
}
@@ -14,7 +14,7 @@ fetch_remote() {
fi
set_confluent_vars
mkdir -p $(dirname $1)
- curl -f -sS $curlargs https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS $curlargs https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo $1 failed to download; return 1; fi
}
@@ -22,7 +22,7 @@ source_remote_parts() {
confluentscripttmpdir=$(mktemp -d)
scriptlist=$(/usr/libexec/platform-python /etc/confluent/apiclient /confluent-api/self/scriptlist/$1|sed -e 's/^- //')
for script in $scriptlist; do
- source_remote $1.d/$script
+ source_remote $1/$script
done
unset confluentscripttmpdir
}
@@ -31,7 +31,7 @@ run_remote_parts() {
confluentscripttmpdir=$(mktemp -d)
scriptlist=$(/usr/libexec/platform-python /etc/confluent/apiclient /confluent-api/self/scriptlist/$1|sed -e 's/^- //')
for script in $scriptlist; do
- run_remote $1.d/$script
+ run_remote $1/$script
done
unset confluentscripttmpdir
}
@@ -40,7 +40,7 @@ source_remote() {
set_confluent_vars
echo
echo '---------------------------------------------------------------------------'
- echo Sourcing $1 from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Sourcing $1 from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
if [ -z "$confluentscripttmpdir" ]; then
confluentscripttmpdir=$(mktemp -d)
fi
@@ -61,7 +61,7 @@ run_remote() {
set_confluent_vars
echo
echo '---------------------------------------------------------------------------'
- echo Running $requestedcmd from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Running $requestedcmd from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
if [ -z "$confluentscripttmpdir" ]; then
confluentscripttmpdir=$(mktemp -d)
fi
@@ -91,12 +91,12 @@ run_remote_python() {
curlargs=" --cacert /etc/confluent/ca.pem"
fi
echo '---------------------------------------------------------------------------'
- echo Running python script "'$*'" from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Running python script "'$*'" from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
tmpdir=$(mktemp -d)
echo Executing in $tmpdir
cd $tmpdir
mkdir -p $(dirname $1)
- curl -f -sS $curlargs https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS $curlargs https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo "'$*'" failed to download; return 1; fi
if [ -x /usr/libexec/platform-python ]; then
/usr/libexec/platform-python $*
@@ -117,7 +117,7 @@ run_remote_config() {
apiclient=/etc/confluent/apiclient
fi
echo '---------------------------------------------------------------------------'
- echo Requesting to run remote configuration for "'$*'" from $mgr under profile $profile
+ echo Requesting to run remote configuration for "'$*'" from $confluent_mgr under profile $confluent_profile
if [ -x /usr/libexec/platform-python ]; then
/usr/libexec/platform-python $apiclient /confluent-api/self/remoteconfig/"$*" -d {}
/usr/libexec/platform-python $apiclient /confluent-api/self/remoteconfig/status -w 204
diff --git a/confluent_osdeploy/el8/profiles/default/scripts/post.sh b/confluent_osdeploy/el8/profiles/default/scripts/post.sh
index f6fa2d07..408cfee4 100644
--- a/confluent_osdeploy/el8/profiles/default/scripts/post.sh
+++ b/confluent_osdeploy/el8/profiles/default/scripts/post.sh
@@ -41,9 +41,9 @@ run_remote_python syncfileclient
run_remote post.custom
# Also, scripts may be placed into 'post.d', e.g. post.d/01-runfirst.sh, post.d/02-runsecond.sh
-run_remote_parts post
+run_remote_parts post.d
# Induce execution of remote configuration, e.g. ansible plays in ansible/post.d/
-run_remote_config post
-curl -sf -X POST -d 'status: staged' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/updatestatus
+run_remote_config post.d
+curl -sf -X POST -d 'status: staged' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$confluent_mgr/confluent-api/self/updatestatus
kill $logshowpid
diff --git a/confluent_osdeploy/el8/profiles/default/scripts/pre.sh b/confluent_osdeploy/el8/profiles/default/scripts/pre.sh
index 63922ae8..5695e550 100644
--- a/confluent_osdeploy/el8/profiles/default/scripts/pre.sh
+++ b/confluent_osdeploy/el8/profiles/default/scripts/pre.sh
@@ -35,7 +35,7 @@ if [ "$rootpw" = null ]; then
else
echo "rootpw --iscrypted $rootpw" > /tmp/rootpw
fi
-curl -sf https://$mgr/confluent-public/os/$profile/profile.yaml > /tmp/instprofile.yaml
+curl -sf https://$confluent_mgr/confluent-public/os/$confluent_profile/profile.yaml > /tmp/instprofile.yaml
blargs=$(grep ^installedargs: /tmp/instprofile.yaml | sed -e 's/#.*//' -e 's/^installedargs: //')
if [ ! -z "$blargs" ]; then
blargs=' --append="'$blargs'"'
@@ -52,7 +52,7 @@ fi
ssh-keygen -A
for pubkey in /etc/ssh/ssh_host*key.pub; do
certfile=${pubkey/.pub/-cert.pub}
- curl -sf -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" -d @$pubkey https://$mgr/confluent-api/self/sshcert > $certfile
+ curl -sf -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" -d @$pubkey https://$confluent_mgr/confluent-api/self/sshcert > $certfile
echo HostCertificate $certfile >> /etc/ssh/sshd_config.anaconda
done
/usr/sbin/sshd -f /etc/ssh/sshd_config.anaconda
@@ -66,10 +66,10 @@ fi
export mgr profile nodename
-curl -sf https://$mgr/confluent-public/os/$profile/scripts/functions > /tmp/functions
+curl -sf https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/functions > /tmp/functions
. /tmp/functions
run_remote pre.custom
-run_remote_parts pre
+run_remote_parts pre.d
if [ ! -e /tmp/installdisk ]; then
run_remote_python getinstalldisk
fi
@@ -78,5 +78,5 @@ if [ -e /tmp/installdisk -a ! -e /tmp/partitioning ]; then
echo ignoredisk --only-use $(cat /tmp/installdisk) >> /tmp/partitioning
echo autopart --nohome $LUKSPARTY >> /tmp/partitioning
fi
-python /etc/confluent/apiclient /confluent-public/os/$profile/kickstart.custom -o /tmp/kickstart.custom
+python /etc/confluent/apiclient /confluent-public/os/$confluent_profile/kickstart.custom -o /tmp/kickstart.custom
kill $logshowpid
diff --git a/confluent_osdeploy/el8/profiles/default/scripts/setupssh.sh b/confluent_osdeploy/el8/profiles/default/scripts/setupssh.sh
index 909829c5..f06c4d61 100644
--- a/confluent_osdeploy/el8/profiles/default/scripts/setupssh.sh
+++ b/confluent_osdeploy/el8/profiles/default/scripts/setupssh.sh
@@ -18,6 +18,6 @@ chmod 700 /mnt/sysimage/root/.ssh/
cp /root/.ssh/authorized_keys /mnt/sysimage/root/.ssh/
chmod 600 /mnt/sysimage/root/.ssh/authorized_keys
cp /etc/ssh/ssh_known_hosts /mnt/sysimage/etc/ssh/
-curl -f -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" https://$mgr/confluent-api/self/nodelist > /tmp/allnodes
+curl -f -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" https://$confluent_mgr/confluent-api/self/nodelist > /tmp/allnodes
cp /tmp/allnodes /mnt/sysimage/etc/ssh/shosts.equiv
cp /tmp/allnodes /mnt/sysimage/root/.shosts
diff --git a/confluent_osdeploy/genesis/profiles/default/scripts/functions b/confluent_osdeploy/genesis/profiles/default/scripts/functions
index 3af34a16..49bb5038 100644
--- a/confluent_osdeploy/genesis/profiles/default/scripts/functions
+++ b/confluent_osdeploy/genesis/profiles/default/scripts/functions
@@ -1,9 +1,9 @@
function set_confluent_vars() {
- if [ -z "$mgr" ]; then
- mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
+ if [ -z "$confluent_mgr" ]; then
+ confluent_mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
fi
- if [ -z "$profile" ]; then
- profile=$(grep ^profile: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
+ if [ -z "$confluent_profile" ]; then
+ confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
fi
}
@@ -12,7 +12,7 @@ fetch_remote() {
curlargs=" --cacert /etc/confluent/ca.pem"
fi
set_confluent_vars
- curl -f -sS $curlargs https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS $curlargs https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo $1 failed to download; return 1; fi
}
@@ -25,11 +25,11 @@ run_remote() {
set_confluent_vars
echo
echo '---------------------------------------------------------------------------'
- echo Running $requestedcmd from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Running $requestedcmd from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
tmpdir=$(mktemp -d)
echo Executing in $tmpdir
cd $tmpdir
- curl -f -sS $curlargs https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS $curlargs https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo $requestedcmd failed to download; return 1; fi
chmod +x $1
cmd=$1
@@ -51,11 +51,11 @@ run_remote_python() {
curlargs=" --cacert /etc/confluent/ca.pem"
fi
echo '---------------------------------------------------------------------------'
- echo Running python script "'$*'" from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Running python script "'$*'" from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
tmpdir=$(mktemp -d)
echo Executing in $tmpdir
cd $tmpdir
- curl -f -sS $curlargs https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS $curlargs https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo "'$*'" failed to download; return 1; fi
/usr/libexec/platform-python $*
retcode=$?
@@ -72,7 +72,7 @@ run_remote_config() {
apiclient=/etc/confluent/apiclient
fi
echo '---------------------------------------------------------------------------'
- echo Requesting to run remote configuration for "'$*'" from $mgr under profile $profile
+ echo Requesting to run remote configuration for "'$*'" from $confluent_mgr under profile $confluent_profile
/usr/libexec/platform-python $apiclient /confluent-api/self/remoteconfig/"$*" -d {}
/usr/libexec/platform-python $apiclient /confluent-api/self/remoteconfig/status -w 204
echo
diff --git a/confluent_osdeploy/suse15/profiles/hpc/autoyast b/confluent_osdeploy/suse15/profiles/hpc/autoyast
index e485c8d7..7aec831c 100644
--- a/confluent_osdeploy/suse15/profiles/hpc/autoyast
+++ b/confluent_osdeploy/suse15/profiles/hpc/autoyast
@@ -103,10 +103,10 @@ dynamic behavior and replace with static configuration.
/tmp/pre.sh
+curl $proto://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/pre.sh > /tmp/pre.sh
. /tmp/pre.sh
]]>
@@ -119,13 +119,13 @@ curl $proto://$mgr/confluent-public/os/$profile/scripts/pre.sh > /tmp/pre.sh
/tmp/prechroot.sh
+curl $proto://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/prechroot.sh > /tmp/prechroot.sh
. /tmp/prechroot.sh
-curl -f $proto://$mgr/confluent-public/os/$profile/scripts/firstboot.sh > /mnt/etc/confluent/firstboot.sh
-curl -f $proto://$mgr/confluent-public/os/$profile/scripts/post.sh > /mnt/etc/confluent/post.sh
+curl -f $proto://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/firstboot.sh > /mnt/etc/confluent/firstboot.sh
+curl -f $proto://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/post.sh > /mnt/etc/confluent/post.sh
chmod +x /mnt/etc/confluent/firstboot.sh
chmod +x /mnt/etc/confluent/post.sh
cp /mnt/etc/confluent/post.sh /mnt/var/adm/autoinstall/scripts/
diff --git a/confluent_osdeploy/suse15/profiles/hpc/scripts/firstboot.sh b/confluent_osdeploy/suse15/profiles/hpc/scripts/firstboot.sh
index b0297b03..a5466310 100644
--- a/confluent_osdeploy/suse15/profiles/hpc/scripts/firstboot.sh
+++ b/confluent_osdeploy/suse15/profiles/hpc/scripts/firstboot.sh
@@ -3,18 +3,18 @@
# This script runs at the end of the final boot, updating status
nodename=$(grep ^NODENAME /etc/confluent/confluent.info|awk '{print $2}')
-mgr=$(grep ^deploy_server /etc/confluent/confluent.deploycfg|awk '{print $2}')
-profile=$(grep ^profile: /etc/confluent/confluent.deploycfg|sed -e 's/^rootpassword: //')
+confluent_mgr=$(grep ^deploy_server /etc/confluent/confluent.deploycfg|awk '{print $2}')
+confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg|sed -e 's/^rootpassword: //')
proto=$(grep ^protocol: /etc/confluent/confluent.deploycfg |awk '{print $2}')
-apikey=$(cat /etc/confluent/confluent.apikey)
+confluent_apikey=$(cat /etc/confluent/confluent.apikey)
. /etc/confluent/functions
run_remote firstboot.custom
# Firstboot scripts may be placed into firstboot.d, e.g. firstboot.d/01-firstaction.sh, firstboot.d/02-secondaction.sh
-run_remote_parts firstboot
+run_remote_parts firstboot.d
# Induce execution of remote configuration, e.g. ansible plays in ansible/firstboot.d/
-run_remote_config firstboot
+run_remote_config firstboot.d
-curl --capath /etc/confluent/tls -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" -f -X POST -d "status: complete" https://$mgr/confluent-api/self/updatestatus
+curl --capath /etc/confluent/tls -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $confluent_apikey" -f -X POST -d "status: complete" https://$confluent_mgr/confluent-api/self/updatestatus
diff --git a/confluent_osdeploy/suse15/profiles/hpc/scripts/functions b/confluent_osdeploy/suse15/profiles/hpc/scripts/functions
index 4c07e5e7..926bcf64 100644
--- a/confluent_osdeploy/suse15/profiles/hpc/scripts/functions
+++ b/confluent_osdeploy/suse15/profiles/hpc/scripts/functions
@@ -1,12 +1,22 @@
+function set_confluent_vars() {
+ if [ -z "$confluent_mgr" ]; then
+ confluent_mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
+ fi
+ if [ -z "$confluent_profile" ]; then
+ confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
+ fi
+}
+
run_remote() {
+ set_confluent_vars
requestedcmd="'$*'"
echo
echo '---------------------------------------------------------------------------'
- echo Running $requestedcmd from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Running $requestedcmd from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
tmpdir=$(mktemp -d)
echo Executing in $tmpdir
cd $tmpdir
- curl -f -sS https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo $requestedcmd failed to download; return 1; fi
chmod +x $1
cmd=$1
@@ -18,14 +28,40 @@ run_remote() {
return $retcode
}
+source_remote_parts() {
+ confluentscripttmpdir=$(mktemp -d)
+ apiclient=/opt/confluent/bin/apiclient
+ if [ -f /etc/confluent/apiclient ]; then
+ apiclient=/etc/confluent/apiclient
+ fi
+ scriptlist=$(/usr/bin/python3 $apiclient /confluent-api/self/scriptlist/$1|sed -e 's/^- //')
+ for script in $scriptlist; do
+ source_remote $1/$script
+ done
+ unset confluentscripttmpdir
+}
+
+run_remote_parts() {
+ confluentscripttmpdir=$(mktemp -d)
+ apiclient=/opt/confluent/bin/apiclient
+ if [ -f /etc/confluent/apiclient ]; then
+ apiclient=/etc/confluent/apiclient
+ fi
+ scriptlist=$(/usr/bin/python3 $apiclient /confluent-api/self/scriptlist/$1|sed -e 's/^- //')
+ for script in $scriptlist; do
+ run_remote $1/$script
+ done
+ unset confluentscripttmpdir
+}
+
run_remote_python() {
echo
echo '---------------------------------------------------------------------------'
- echo Running python script "'$*'" from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Running python script "'$*'" from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
tmpdir=$(mktemp -d)
echo Executing in $tmpdir
cd $tmpdir
- curl -f -sS https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo "'$*'" failed to download; return 1; fi
python3 $*
retcode=$?
@@ -42,7 +78,7 @@ run_remote_config() {
apiclient=/etc/confluent/apiclient
fi
echo '---------------------------------------------------------------------------'
- echo Requesting to run remote configuration for "'$*'" from $mgr under profile $profile
+ echo Requesting to run remote configuration for "'$*'" from $confluent_mgr under profile $confluent_profile
python3 $apiclient /confluent-api/self/remoteconfig/"$*" -d {}
python3 $apiclient /confluent-api/self/remoteconfig/status -w 204
echo
diff --git a/confluent_osdeploy/suse15/profiles/hpc/scripts/post.sh b/confluent_osdeploy/suse15/profiles/hpc/scripts/post.sh
index 8c64bf29..ff871923 100644
--- a/confluent_osdeploy/suse15/profiles/hpc/scripts/post.sh
+++ b/confluent_osdeploy/suse15/profiles/hpc/scripts/post.sh
@@ -9,10 +9,10 @@
# If there are dependencies on the kernel (drivers or special filesystems)
# then firstboot.sh would be the script to customize.
-mgr=$(grep ^deploy_server /etc/confluent/confluent.deploycfg|awk '{print $2}')
-profile=$(grep ^profile: /etc/confluent/confluent.deploycfg|sed -e 's/^profile: //')
+confluent_mgr=$(grep ^deploy_server /etc/confluent/confluent.deploycfg|awk '{print $2}')
+confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg|sed -e 's/^profile: //')
nodename=$(grep ^NODENAME /etc/confluent/confluent.info|awk '{print $2}')
-apikey=$(cat /etc/confluent/confluent.apikey)
+confluent_apikey=$(cat /etc/confluent/confluent.apikey)
chmod 700 /etc/confluent
chmod og-rwx /etc/confluent/*
@@ -28,10 +28,10 @@ run_remote_python syncfileclient
run_remote post.custom
# Also, scripts may be placed into 'post.d', e.g. post.d/01-runfirst.sh, post.d/02-runsecond.sh
-run_remote_parts post
+run_remote_parts post.d
# Induce execution of remote configuration, e.g. ansible plays in ansible/post.d/
-run_remote_config post
+run_remote_config post.d
-curl -X POST -d 'status: staged' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/updatestatus
+curl -X POST -d 'status: staged' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $confluent_apikey" https://$confluent_mgr/confluent-api/self/updatestatus
diff --git a/confluent_osdeploy/suse15/profiles/hpc/scripts/pre.sh b/confluent_osdeploy/suse15/profiles/hpc/scripts/pre.sh
index d6232a09..14e6501d 100644
--- a/confluent_osdeploy/suse15/profiles/hpc/scripts/pre.sh
+++ b/confluent_osdeploy/suse15/profiles/hpc/scripts/pre.sh
@@ -21,12 +21,12 @@ cat /ssh/*pubkey > ~/.ssh/authorized_keys 2>/dev/null
ssh-keygen -A
for i in /etc/ssh/ssh_host*key.pub; do
certname=${i/.pub/-cert.pub}
- curl -f -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" -d @$i https://$mgr/confluent-api/self/sshcert > $certname
+ curl -f -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" -d @$i https://$confluent_mgr/confluent-api/self/sshcert > $certname
echo HostKey ${i%.pub} >> /etc/ssh/sshd_config
echo HostCertificate $certname >> /etc/ssh/sshd_config
done
/usr/sbin/sshd
-curl -f https://$mgr/confluent-public/os/$profile/scripts/functions > /tmp/functions
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/functions > /tmp/functions
. /tmp/functions
ntpcfg=""
if grep ^ntpservers: /etc/confluent/confluent.deploycfg > /dev/null; then
diff --git a/confluent_osdeploy/suse15/profiles/hpc/scripts/prechroot.sh b/confluent_osdeploy/suse15/profiles/hpc/scripts/prechroot.sh
index 2979a9b7..e73de763 100644
--- a/confluent_osdeploy/suse15/profiles/hpc/scripts/prechroot.sh
+++ b/confluent_osdeploy/suse15/profiles/hpc/scripts/prechroot.sh
@@ -4,8 +4,8 @@
# is still running, with the to-be-booted system mounted in /mnt
# carry over deployment configuration and api key for OS install action
-mgr=$(grep ^deploy_server /etc/confluent/confluent.deploycfg|awk '{print $2}')
-profile=$(grep ^profile: /etc/confluent/confluent.deploycfg|sed -e 's/^profile: //')
+confluent_mgr=$(grep ^deploy_server /etc/confluent/confluent.deploycfg|awk '{print $2}')
+confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg|sed -e 's/^profile: //')
nodename=$(grep ^NODENAME /etc/confluent/confluent.info|awk '{print $2}')
export mgr profile nodename
mkdir -p /mnt/etc/confluent
diff --git a/confluent_osdeploy/suse15/profiles/hpc/scripts/setupssh.sh b/confluent_osdeploy/suse15/profiles/hpc/scripts/setupssh.sh
index af585c68..181e225a 100644
--- a/confluent_osdeploy/suse15/profiles/hpc/scripts/setupssh.sh
+++ b/confluent_osdeploy/suse15/profiles/hpc/scripts/setupssh.sh
@@ -28,7 +28,7 @@ echo /usr/lib/ssh/ssh-keysign root:root 4711 >> /mnt/etc/permissions.local
chmod 4711 /mnt/usr/lib/ssh/ssh-keysign
# Download list of nodes from confluent, and put it into shosts.equiv (for most users) and .shosts (for root)
-curl -f -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" https://$mgr/confluent-api/self/nodelist > /tmp/allnodes
+curl -f -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" https://$confluent_mgr/confluent-api/self/nodelist > /tmp/allnodes
cp /tmp/allnodes /mnt/root/.shosts
cp /tmp/allnodes /mnt/etc/ssh/shosts.equiv
diff --git a/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/firstboot.sh b/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/firstboot.sh
index f07ada2c..d23c36f0 100755
--- a/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/firstboot.sh
+++ b/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/firstboot.sh
@@ -7,12 +7,12 @@ if [ ! -z "$rootpw" -a "$rootpw" != "null" ]; then
echo root:$rootpw | chpasswd -e
fi
nodename=$(grep ^NODENAME: /etc/confluent/confluent.info | awk '{print $2}')
-apikey=$(cat /etc/confluent/confluent.apikey)
-mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg |awk '{print $2}')
+confluent_apikey=$(cat /etc/confluent/confluent.apikey)
+confluent_mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg |awk '{print $2}')
hostnamectl set-hostname $(grep ^NODENAME: /etc/confluent/confluent.info | awk '{print $2}')
touch /etc/cloud/cloud-init.disabled
source /etc/confluent/functions
-run_remote_parts firstboot
-run_remote_config firstboot
-curl --capath /etc/confluent/tls -f -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" -X POST -d "status: complete" https://$mgr/confluent-api/self/updatestatus
+run_remote_parts firstboot.d
+run_remote_config firstboot.d
+curl --capath /etc/confluent/tls -f -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $confluent_apikey" -X POST -d "status: complete" https://$confluent_mgr/confluent-api/self/updatestatus
diff --git a/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/functions b/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/functions
index bd6445f5..00985e21 100644
--- a/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/functions
+++ b/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/functions
@@ -1,9 +1,9 @@
function set_confluent_vars() {
- if [ -z "$mgr" ]; then
- mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
+ if [ -z "$confluent_mgr" ]; then
+ confluent_mgr=$(grep ^deploy_server: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
fi
- if [ -z "$profile" ]; then
- profile=$(grep ^profile: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
+ if [ -z "$confluent_profile" ]; then
+ confluent_profile=$(grep ^profile: /etc/confluent/confluent.deploycfg | sed -e 's/[^ ]*: //')
fi
}
@@ -13,14 +13,14 @@ fetch_remote() {
fi
set_confluent_vars
mkdir -p $(dirname $1)
- curl -f -sS $curlargs https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS $curlargs https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo $1 failed to download; return 1; fi
}
run_remote_parts() {
scriptlist=$(python3 /etc/confluent/apiclient /confluent-api/self/scriptlist/$1|sed -e 's/^- //')
for script in $scriptlist; do
- run_remote $1.d/$script
+ run_remote $1/$script
done
}
@@ -33,12 +33,12 @@ run_remote() {
set_confluent_vars
echo
echo '---------------------------------------------------------------------------'
- echo Running $requestedcmd from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Running $requestedcmd from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
tmpdir=$(mktemp -d)
echo Executing in $tmpdir
cd $tmpdir
mkdir -p $(dirname $1)
- curl -f -sS $curlargs https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS $curlargs https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo $requestedcmd failed to download; return 1; fi
chmod +x $1
cmd=$1
@@ -60,12 +60,12 @@ run_remote_python() {
curlargs=" --cacert /etc/confluent/ca.pem"
fi
echo '---------------------------------------------------------------------------'
- echo Running python script "'$*'" from https://$mgr/confluent-public/os/$profile/scripts/
+ echo Running python script "'$*'" from https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/
tmpdir=$(mktemp -d)
echo Executing in $tmpdir
cd $tmpdir
mkdir -p $(dirname $1)
- curl -f -sS $curlargs https://$mgr/confluent-public/os/$profile/scripts/$1 > $1
+ curl -f -sS $curlargs https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/$1 > $1
if [ $? != 0 ]; then echo "'$*'" failed to download; return 1; fi
python3 $*
retcode=$?
@@ -82,7 +82,7 @@ run_remote_config() {
apiclient=/etc/confluent/apiclient
fi
echo '---------------------------------------------------------------------------'
- echo Requesting to run remote configuration for "'$*'" from $mgr under profile $profile
+ echo Requesting to run remote configuration for "'$*'" from $confluent_mgr under profile $confluent_profile
python3 $apiclient /confluent-api/self/remoteconfig/"$*" -d {}
python3 $apiclient /confluent-api/self/remoteconfig/status -w 204
echo
diff --git a/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/post.sh b/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/post.sh
index fe705538..64dee5f7 100755
--- a/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/post.sh
+++ b/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/post.sh
@@ -20,8 +20,8 @@ echo ' HostbasedAuthentication yes' >> $sshconf
echo ' EnableSSHKeysign yes' >> $sshconf
echo ' HostbasedKeyTypes *ed25519*' >> $sshconf
-curl -f https://$mgr/confluent-public/os/$profile/scripts/firstboot.sh > /target/etc/confluent/firstboot.sh
-curl -f https://$mgr/confluent-public/os/$profile/scripts/functions > /target/etc/confluent/functions
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/firstboot.sh > /target/etc/confluent/firstboot.sh
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/functions > /target/etc/confluent/functions
source /target/etc/confluent/functions
chmod +x /target/etc/confluent/firstboot.sh
cp /tmp/allnodes /target/root/.shosts
@@ -42,7 +42,7 @@ if [ "$textcons" = "true" ] && ! grep console= /proc/cmdline > /dev/null; then
updategrub=1
fi
fi
-kargs=$(curl https://$mgr/confluent-public/os/$profile/profile.yaml | grep ^installedargs: | sed -e 's/#.*//')
+kargs=$(curl https://$confluent_mgr/confluent-public/os/$confluent_profile/profile.yaml | grep ^installedargs: | sed -e 's/#.*//')
if [ ! -z "$kargs" ]; then
sed -i 's/GRUB_CMDLINE_LINUX="\([^"]*\)"/GRUB_CMDLINE_LINUX="\1 '"${kargs}"'"/' /target/etc/default/grub
fi
@@ -66,7 +66,7 @@ kill -HUP $(cat /run/sshd.pid)
cat /target/etc/confluent/tls/*.pem > /target/etc/confluent/ca.pem
cat /target/etc/confluent/tls/*.pem > /etc/confluent/ca.pem
chroot /target bash -c "source /etc/confluent/functions; run_remote_python syncfileclient"
-chroot /target bash -c "source /etc/confluent/functions; run_remote_parts post"
+chroot /target bash -c "source /etc/confluent/functions; run_remote_parts post.d"
source /target/etc/confluent/functions
run_remote_config post
diff --git a/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/pre.sh b/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/pre.sh
index 49b86651..ddfe598b 100755
--- a/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/pre.sh
+++ b/confluent_osdeploy/ubuntu20.04/profiles/default/scripts/pre.sh
@@ -15,7 +15,7 @@ apikey=$(cat /custom-installation/confluent/confluent.apikey)
for pubkey in /etc/ssh/ssh_host*key.pub; do
certfile=${pubkey/.pub/-cert.pub}
keyfile=${pubkey%.pub}
- curl -f -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" -d @$pubkey https://$mgr/confluent-api/self/sshcert > $certfile
+ curl -f -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" -d @$pubkey https://$confluent_mgr/confluent-api/self/sshcert > $certfile
echo HostKey $keyfile >> /etc/ssh/sshd_config.d/confluent.conf
echo HostCertificate $certfile >> /etc/ssh/sshd_config.d/confluent.conf
done
@@ -23,7 +23,7 @@ echo HostbasedAuthentication yes >> /etc/ssh/sshd_config.d/confluent.conf
echo HostbasedUsesNameFromPacketOnly yes >> /etc/ssh/sshd_config.d/confluent.conf
echo IgnoreRhosts no >> /etc/ssh/sshd_config.d/confluent.conf
systemctl restart sshd
-curl -f -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/nodelist > /tmp/allnodes
-curl -f https://$mgr/confluent-public/os/$profile/scripts/getinstalldisk > /custom-installation/getinstalldisk
+curl -f -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$confluent_mgr/confluent-api/self/nodelist > /tmp/allnodes
+curl -f https://$confluent_mgr/confluent-public/os/$confluent_profile/scripts/getinstalldisk > /custom-installation/getinstalldisk
python3 /custom-installation/getinstalldisk
sed -i s!%%INSTALLDISK%%!/dev/$(cat /tmp/installdisk)! /autoinstall.yaml
diff --git a/confluent_server/confluent/selfservice.py b/confluent_server/confluent/selfservice.py
index e99826a4..7d064e33 100644
--- a/confluent_server/confluent/selfservice.py
+++ b/confluent_server/confluent/selfservice.py
@@ -269,7 +269,7 @@ def handle_request(env, start_response):
scriptcat = env['PATH_INFO'].replace('/self/remoteconfig/', '')
slist, profile = get_scriptlist(
scriptcat, cfg, nodename,
- '/var/lib/confluent/public/os/{0}/ansible/{1}.d/')
+ '/var/lib/confluent/public/os/{0}/ansible/{1}')
playlist = []
dirname = '/var/lib/confluent/public/os/{0}/ansible/{1}.d/'.format(
profile, scriptcat)
@@ -311,7 +311,7 @@ def handle_request(env, start_response):
scriptcat = env['PATH_INFO'].replace('/self/scriptlist/', '')
slist, _ = get_scriptlist(
scriptcat, cfg, nodename,
- '/var/lib/confluent/public/os/{0}/scripts/{1}.d/')
+ '/var/lib/confluent/public/os/{0}/scripts/{1}')
if slist:
start_response('200 OK', (('Content-Type', 'application/yaml'),))
yield yaml.safe_dump(util.natural_sort(slist), default_flow_style=False)
@@ -337,8 +337,11 @@ def get_scriptlist(scriptcat, cfg, nodename, pathtemplate):
profile = deployinfo.get(
'deployment.profile', {}).get('value', '')
slist = []
+ target = pathtemplate.format(profile, scriptcat)
+ if not os.path.isdir(target) and os.path.isdir(target + '.d'):
+ target = target + '.d'
try:
- slist = os.listdir(pathtemplate.format(profile, scriptcat))
+ slist = os.listdir(target)
except OSError:
pass
return slist, profile