xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2026-06-17 17:10:50 +00:00
Code Issues Projects Releases Wiki Activity
Files
fc1a16e77f9788b85bbde2a730be4ebb25de93bf
confluent/confluent_osdeploy/ubuntu22.04/initramfs/scripts/init-premount/confluent
T
xu_ren_xian f269200004 Handle confluent= boot arg and IPv4 NIC autodetect 
Add support for a confluent=<host> kernel argument in init-premount: configure networking, flush interfaces, autodetect the primary NIC (saved to /tmp/autodetectnic), verify TLS connectivity to the provided server, call the whoami endpoint over TLS to obtain the node name, and write results to /custom-installation/confluent/confluent.info (with fallback to copernicus on failure).

Also update casper-bottom logic to handle IPv4 manager addresses: for IPv6 the manager is still bracketed and scoped interface resolved as before; for IPv4 the script now uses the previously detected NIC (/tmp/autodetectnic) or falls back to an `ip route get <mgr>` lookup to determine DEVICE. This ensures routed IPv4 deployments work correctly.
2026-04-23 23:23:26 +08:00

204 lines
8.4 KiB
Plaintext
Executable File
Raw Blame History

cp /tls/* /etc/ssl/certs/
cd /sys/class/net
for nic in *; do
ip link set $nic up
done
mkdir -p /custom-installation
cp -a /opt/confluent /custom-installation
touch /custom-installation/confluent/confluent.info
MGR=""
while ! grep NODENAME /custom-installation/confluent/confluent.info; do
if [ -e /dev/disk/by-label/CNFLNT_IDNT ]; then
tmnt=/tmp/idntmnt
mkdir -p /tmp/identdata/
mkdir -p $tmnt
tcfg=/tmp/idnttmp
mount /dev/disk/by-label/CNFLNT_IDNT $tmnt
cp -a $tmnt/* /tmp/identdata/
cd $tmnt
deploysrvs=$(sed -n '/^deploy_servers:/,/^[^-]/p' cnflnt.yml |grep ^-|sed -e 's/^- //'|grep -v :)
sed -n '/^net_cfgs:/,/^[^- ]/{/^[^- ]/!p}' cnflnt.yml |sed -n '/^-/,/^-/{/^-/!p}'| sed -e 's/^[- ]*//'> $tcfg
autoconfigmethod=$(grep ^ipv4_method: $tcfg)
autoconfigmethod=${autoconfigmethod#ipv4_method: }
. /scripts/functions
if [ "$autoconfigmethod" = "static" ]; then
MYIP=$(grep ^ipv4_address: $tcfg | awk '{print $2}'|sed -e s'!/.*!!')
v4addr=$(grep ^ipv4_address: $tcfg|cut -d: -f 2|sed -e 's/ //')
MYGW=$(grep ^ipv4_gateway: $tcfg | awk '{print $2}')
if [ "$MYGW" = "null" ]; then
MYGW=""
fi
MYNM=$(grep ^ipv4_netmask: $tcfg | awk '{print $2}')
NIC=""
while [ -z "$NIC" ]; do
for NICGUESS in $(ip link|grep LOWER_UP|grep -v LOOPBACK|cut -d ' ' -f 2 | sed -e 's/:$//'); do
ip addr add dev $NICGUESS $v4addr
if [ ! -z "$MYGW" ]; then
ip route add default via $MYGW
fi
for dsrv in $deploysrvs; do
if openssl s_client -connect $dsrv:443 > /dev/null 2>&1; then
deploysrvs=$dsrv
NIC=$NICGUESS
break
fi
done
if [ -z "$NIC" ]; then
ip -4 a flush dev $NICGUESS
else
break
fi
done
done
ipconfig -d $MYIP::$MYGW:$MYNM::$NIC
echo $NIC > /tmp/autodetectnic
else
rmmod cdc_ether 2> /dev/null
while [ ! -f /run/confirmednic ]; do
ALLNETDEVS=$(ip a|grep LOWER_UP|grep MULTICAST|awk '{print $2}'|sed -e s/://)
rm -rf /run/net* /run/dhcpcd /var/lib/dhcpcd
for dev in $(ip a|grep MULTICAST|awk '{print $2}'|sed -e s/://); do
ip a flush $dev
echo 1 > /proc/sys/net/ipv6/conf/$dev/addr_gen_mode
echo 0 > /proc/sys/net/ipv6/conf/$dev/addr_gen_mode
done
unset DEVICE DEVICE6 IP IP6 dev
[ -z "$1" ] || DEVICE=$1
shift
configure_networking
echo $DEVICE > /tmp/autodetectnic
for dsrv in $deploysrvs; do
(if openssl s_client -connect $dsrv:443 > /dev/null 2>&1; then
echo $dsrv > /run/confirmednic
break
fi) &
chkpid=$!
( sleep 10 && kill $chkpid ) &
timeoutpid=$!
wait $chkpid
kill $timeoutpid 2> /dev/null
unset chkpid timeoutpid
done
if [ ! -f /run/confirmednic ]; then
echo "No connectivity to deployment servers, retrying..."
[ -z "$1" ] && set -- $ALLNETDEVS
fi
done
deploysrvs=$(cat /run/confirmednic)
rm /run/confirmednic
fi
MGR=$deploysrvs
NODENAME=$(grep ^nodename: /tmp/idntmnt/cnflnt.yml | awk '{print $2}')
echo "NODENAME: $NODENAME" >> /custom-installation/confluent/confluent.info
echo "MANAGER: $MGR" >> /custom-installation/confluent/confluent.info
echo "EXTMGRINFO: $MGR||1" >> /custom-installation/confluent/confluent.info
hmackeyfile=/tmp/cnflnthmackeytmp
echo -n $(grep ^apitoken: cnflnt.yml|awk '{print $2}') > $hmackeyfile
cd -
umount $tmnt
elif confluentsrv=$(sed -n 's/.*confluent=\([^ ]*\).*/\1/p' /proc/cmdline); [ ! -z "$confluentsrv" ]; then
echo "confluent= kernel arg found: $confluentsrv" > /dev/console 2>&1
. /scripts/functions
rmmod cdc_ether 2> /dev/null
rm -rf /run/net* /run/dhcpcd /var/lib/dhcpcd
for dev in $(ip a|grep MULTICAST|awk '{print $2}'|sed -e s/://); do
ip a flush $dev
echo 1 > /proc/sys/net/ipv6/conf/$dev/addr_gen_mode 2>/dev/null
echo 0 > /proc/sys/net/ipv6/conf/$dev/addr_gen_mode 2>/dev/null
done
unset DEVICE DEVICE6 IP IP6 dev
echo "Starting DHCP configure_networking..." > /dev/console 2>&1
configure_networking
echo "DHCP done, DEVICE=$DEVICE" > /dev/console 2>&1
echo $DEVICE > /tmp/autodetectnic
RETRIES=0
while [ $RETRIES -lt 5 ]; do
if openssl s_client -connect $confluentsrv:443 </dev/null > /dev/null 2>&1; then
echo "TLS connectivity to $confluentsrv OK" > /dev/console 2>&1
break
fi
RETRIES=$((RETRIES + 1))
echo "Cannot reach $confluentsrv:443, retry $RETRIES/5..." > /dev/console 2>&1
sleep 3
done
if [ $RETRIES -ge 5 ]; then
echo "Failed to reach $confluentsrv after 5 retries, falling back to copernicus" > /dev/console 2>&1
/opt/confluent/bin/copernicus -t > /custom-installation/confluent/confluent.info
continue
fi
myids="uuid=$(cat /sys/devices/virtual/dmi/id/product_uuid)"
for mac in $(ip link | grep 'link/ether' | awk '{print $2}'); do
myids="$myids/mac=$mac"
done
echo "Calling whoami with IDs: $myids" > /dev/console 2>&1
myname=$( (printf "GET /confluent-api/self/whoami HTTP/1.0\r\nHost: $confluentsrv\r\nCONFLUENT_IDS: $myids\r\n\r\n"; sleep 3) \
| openssl s_client -connect $confluentsrv:443 -quiet 2>/dev/null \
| tail -1 | tr -d '\r\n')
echo "whoami returned: '$myname'" > /dev/console 2>&1
if [ ! -z "$myname" ]; then
MGR=$confluentsrv
echo "NODENAME: $myname" > /custom-installation/confluent/confluent.info
echo "MANAGER: $confluentsrv" >> /custom-installation/confluent/confluent.info
echo "EXTMGRINFO: $confluentsrv||1" >> /custom-installation/confluent/confluent.info
else
echo "whoami returned empty, retrying in 10s..." > /dev/console 2>&1
sleep 10
fi
else
/opt/confluent/bin/copernicus -t > /custom-installation/confluent/confluent.info
fi
done
if [ -z "$MGR" ]; then
MGR="[$(grep MANAGER: /custom-installation/confluent/confluent.info | head -n 1 | awk '{print $2}')]"
fi
osprofile=$(sed -e 's/.*osprofile=//' -e 's/ .*//' /proc/cmdline)
cat /proc/cmdline > /custom-installation/confluent/cmdline.orig
if [ -f /custom-installation/autocons.info ]; then
cons=$(cat /custom-installation/autocons.info)
fi
if [ ! -z "$cons" ]; then
echo "Preparing to deploy $osprofile from $MGR" > ${cons%,*}
fi
echo "Preparing to deploy $osprofile from $MGR"
echo $osprofile > /custom-installation/confluent/osprofile
. /etc/os-release
DIRECTISO=$(blkid -t TYPE=iso9660 |grep -Ei ' LABEL="Ubuntu-Server '$VERSION_ID)
if [ -z "$DIRECTISO" ]; then
mv /usr/bin/openssl /usr/bin/ossl
cat > /usr/bin/openssl << 'EOF'
#!/bin/sh
AMENDARGS=0
nargs=""
for arg in $*; do
if [ "$arg" == "-servername" -o "$arg" == "-verify" ]; then
AMENDARGS=1
fi
if [ "$AMENDARGS" == "1" ]; then
arg=$(echo $arg|sed -e 's/:443$//' -e 's/\[//' -e 's/\]//' -e 's/%.*//')
fi
nargs="$nargs $arg"
done
exec /usr/bin/ossl $nargs
EOF
chmod +x /usr/bin/openssl
echo URL=https://${MGR}:443/confluent-public/os/$osprofile/distribution/install.iso >> /conf/param.conf
fcmdline="$(cat /custom-installation/confluent/cmdline.orig) url=https://${MGR}:443/confluent-public/os/$osprofile/distribution/install.iso"
fi
if [ ! -z "$cons" ]; then
fcmdline="$fcmdline console=${cons#/dev/}"
fi
echo $fcmdline > /custom-installation/confluent/fakecmdline
mount -o bind /custom-installation/confluent/fakecmdline /proc/cmdline
echo '/scripts/casper-bottom/99confluent "$@"' >> /scripts/casper-bottom/ORDER
Reference in New Issue View Git Blame Copy Permalink