+++ /dev/null
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-# SPDX-License-Identifier: Apache-2.0
-#
-
-%pre
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-%post
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-
-# Template from: pre_common_head.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-append=
-if [ -n "$console" ] ; then
- append="console=$console"
-fi
-
-if [ -n "$security_profile" ]; then
- append="$append security_profile=$security_profile"
-fi
-
-#### SECURITY PROFILE HANDLING (Pre Installation) ####
-if [ -n "$security_profile" ] && [ "$security_profile" == "extended" ]; then
- # IMA specific boot options:
- # Enable Kernel auditing
- append="$append audit=1"
-else
- # we need to blacklist the IMA and Integrity Modules
- # on standard security profile
- append="$append module_blacklist=integrity,ima"
-
- # Disable Kernel auditing in Standard Security Profile mode
- append="$append audit=0"
-fi
-
-if [ -n "$tboot" ]; then
- append="$append tboot=$tboot"
-else
- append="$append tboot=false"
-fi
-
-boot_device_arg=
-if [ -n "$boot_device" ] ; then
- boot_device_arg="--boot-drive=$(get_by_path $boot_device)"
-fi
-
-echo "bootloader --location=mbr $boot_device_arg --timeout=5 --append=\"$append\"" > /tmp/bootloader-include
-
-echo "timezone --nontp --utc UTC" >/tmp/timezone-include
-%end
-
-#version=DEVEL
-install
-lang en_US.UTF-8
-keyboard us
-%include /tmp/timezone-include
-# set to 'x' so we can use shadow password
-rootpw --iscrypted x
-selinux --disabled
-authconfig --enableshadow --passalgo=sha512
-firewall --service=ssh
-
-# The following is the partition information you requested
-# Note that any partitions you deleted are not expressed
-# here so unless you clear all partitions first, this is
-# not guaranteed to work
-zerombr
-
-# Disk layout from %pre
-%include /tmp/part-include
-# Bootloader parms from %pre
-%include /tmp/bootloader-include
-
-reboot --eject
-
-
-# Template from: pre_pkglist.cfg
-%packages
-@core
-@base
--kernel-module-igb-uio-rt
--kernel-module-wrs-avp-rt
--kernel-rt
--kernel-rt-kvm
--kernel-rt-tools
--kernel-rt-tools-libs
--kmod-drbd-rt
--kmod-e1000e-rt
--kmod-i40e-rt
--kmod-ixgbe-rt
--kmod-tpm-rt
--mlnx-ofa_kernel
--mlnx-ofa_kernel-rt
--mlnx-ofa_kernel-rt-modules
--qat16-rt
-@platform-controller-worker
-@updates-controller-worker
-%end
-
-
-# Template from: pre_disk_setup_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# This is a really fancy way of finding the first usable disk for the
-# install and not stomping on the USB device if it comes up first
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-# Find either the ISO or USB device first chopping off partition
-ISO_DEV=`readlink /dev/disk/by-label/oe_iso_boot`
-sdev=`echo $ISO_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- ISO_DEV=$sdev
-fi
-USB_DEV=`readlink /dev/disk/by-label/wr_usb_boot`
-sdev=`echo $USB_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- USB_DEV=$sdev
-fi
-
-# Temporary, until lab pxelinux.cfg files are updated to specify install devices
-if [ -z "$rootfs_device" -o -z "$boot_device" ]
-then
- INST_HDD=""
- # Prefer a vd* device if this is kvm/qemu
- for e in vda vdb sda sdb nvme0n1; do
- if [ -e /dev/$e -a "$ISO_DEV" != "../../$e" -a "$USB_DEV" != "../../$e" ] ; then
- INST_HDD=$e
- break
- fi
- done
-
- # Set variables to $INST_HDD if not set
- rootfs_device=${rootfs_device:-$INST_HDD}
- boot_device=${boot_device:-$INST_HDD}
-fi
-
-# Convert to by-path
-orig_rootfs_device=$rootfs_device
-rootfs_device=$(get_by_path $rootfs_device)
-
-orig_boot_device=$boot_device
-boot_device=$(get_by_path $boot_device)
-
-if [ ! -e "$rootfs_device" -o ! -e "$boot_device" ] ; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is invalid."
-fi
-
-# Ensure specified device is not a USB drive
-udevadm info --query=property --name=$rootfs_device |grep -q '^ID_BUS=usb' || \
- udevadm info --query=property --name=$boot_device |grep -q '^ID_BUS=usb'
-if [ $? -eq 0 ]; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is a USB drive."
-fi
-
-# Deactivate existing volume groups to avoid Anaconda issues with pre-existing groups
-vgs --noheadings -o vg_name | xargs --no-run-if-empty -n 1 vgchange -an
-
-# Remove volumes and group for cgts-vg, if any
-lvremove --force cgts-vg
-pvs --select 'vg_name=cgts-vg' --noheadings -o pv_name | xargs --no-run-if-empty pvremove --force --force --yes
-vgs --select 'vg_name=cgts-vg' --noheadings -o vg_name | xargs --no-run-if-empty vgremove --force
-
-ONLYUSE_HDD=""
-if [ "$(curl -sf http://pxecontroller:6385/v1/upgrade/$(hostname)/in_upgrade 2>/dev/null)" = "true" ]; then
- # In an upgrade, only wipe the disk with the rootfs and boot partition
- echo "In upgrade, wiping only $rootfs_device"
- WIPE_HDD="$(get_disk $rootfs_device)"
- ONLYUSE_HDD="$(basename $(get_disk $rootfs_device))"
- if [ "$(get_disk $rootfs_device)" != "$(get_disk $boot_device)" ]; then
- WIPE_HDD="$WIPE_HDD,$(get_disk $boot_device)"
- ONLYUSE_HDD="$ONLYUSE_HDD,$(basename $(get_disk $boot_device))"
- fi
-else
- # Make a list of all the hard drives that are to be wiped
- WIPE_HDD=""
- # Partition type OSD has a unique globally identifier
- part_type_guid_str="Partition GUID code"
- CEPH_OSD_GUID="4FBD7E29-9D25-41B8-AFD0-062C0CEFF05D"
-
- # Check if we wipe OSDs
- if [ "$(curl -sf http://pxecontroller:6385/v1/ihosts/wipe_osds 2>/dev/null)" = "true" ]; then
- echo "Wipe OSD data."
- WIPE_CEPH_OSDS="true"
- else
- echo "Skip Ceph OSD data wipe."
- WIPE_CEPH_OSDS="false"
- fi
-
- for f in /dev/disk/by-path/*
- do
- dev=$(readlink -f $f)
- lsblk --nodeps --pairs $dev | grep -q 'TYPE="disk"'
- if [ $? -ne 0 ]
- then
- continue
- fi
-
- # Avoid wiping USB drives
- udevadm info --query=property --name=$dev |grep -q '^ID_BUS=usb' && continue
-
- # Avoid wiping ceph osds if sysinv tells us so
- if [ ${WIPE_CEPH_OSDS} == "false" ]; then
- wipe_dev="true"
- part_numbers=( `parted -s $dev print | awk '$1 == "Number" {i=1; next}; i {print $1}'` )
- # Scanning the partitions looking for CEPH OSDs and
- # skipping any disk found with such partitions
- for part_number in "${part_numbers[@]}"; do
- sgdisk_part_info=$(flock $dev sgdisk -i $part_number $dev)
- part_type_guid=$(echo "$sgdisk_part_info" | grep "$part_type_guid_str" | awk '{print $4;}')
- if [ "$part_type_guid" == $CEPH_OSD_GUID ]; then
- echo "OSD found on $dev, skipping wipe"
- wipe_dev="false"
- break
- fi
- done
- if [ "$wipe_dev" == "false" ]; then
- continue
- fi
- fi
-
- # Add device to the wipe list
- devname=$(basename $dev)
- if [ -e $dev -a "$ISO_DEV" != "../../$devname" -a "$USB_DEV" != "../../$devname" ]; then
- if [ -n "$WIPE_HDD" ]; then
- WIPE_HDD=$WIPE_HDD,$dev
- else
- WIPE_HDD=$dev
- fi
- fi
- done
- echo "Not in upgrade, wiping disks: $WIPE_HDD"
-fi
-
-for dev in ${WIPE_HDD//,/ }
-do
- # Clearing previous GPT tables or LVM data
- # Delete the first few bytes at the start and end of the partition. This is required with
- # GPT partitions, they save partition info at the start and the end of the block.
- # Do this for each partition on the disk, as well.
- partitions=$(lsblk -rip $dev -o TYPE,NAME |awk '$1 == "part" {print $2}')
- for p in $partitions $dev
- do
- echo "Pre-wiping $p from kickstart"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
- done
-done
-
-# Check for remaining cgts-vg PVs, which could potentially happen
-# in an upgrade where we're not wiping all disks.
-# If we ever create other volume groups from kickstart in the future,
-# include them in this search as well.
-partitions=$(pvs --select 'vg_name=cgts-vg' -o pv_name --noheading | grep -v '\[unknown\]')
-for p in $partitions
-do
- echo "Pre-wiping $p from kickstart (cgts-vg present)"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
-done
-
-let -i gb=1024*1024*1024
-
-cat<<EOF>/tmp/part-include
-clearpart --all --drives=$WIPE_HDD --initlabel
-EOF
-
-if [ -n "$ONLYUSE_HDD" ]; then
- cat<<EOF>>/tmp/part-include
-ignoredisk --only-use=$ONLYUSE_HDD
-EOF
-fi
-
-if [ -d /sys/firmware/efi ] ; then
- cat<<EOF>>/tmp/part-include
-part /boot/efi --fstype=efi --size=300 --ondrive=$(get_disk $boot_device)
-EOF
-else
- cat<<EOF>>/tmp/part-include
-part biosboot --asprimary --fstype=biosboot --size=1 --ondrive=$(get_disk $boot_device)
-EOF
-fi
-
-
-# Template from: pre_disk_aio.cfg
-
-## NOTE: updates to partition sizes need to be also reflected in
-## - stx-config/.../sysinv/conductor/manager.py:create_controller_filesystems()
-## - stx-config/.../sysinv/common/constants.py
-##
-## NOTE: When adding partitions, we currently have a max of 4 primary partitions.
-## If more than 4 partitions are required, we can use a max of 3 --asprimary,
-## to allow 1 primary logical partition with extended partitions
-##
-## NOTE: Max default PV size must align with the default controllerfs sizes
-##
-## BACKUP_OVERHEAD = 20
-##
-## Physical install (for disks over 240GB)
-## - DB size is doubled to allow for upgrades
-##
-## DEFAULT_IMAGE_STOR_SIZE = 10
-## DEFAULT_DATABASE_STOR_SIZE = 20
-## DEFAULT_IMG_CONVERSION_STOR_SIZE = 20
-## BACKUP = DEFAULT_DATABASE_STOR_SIZE + DEFAULT_IMAGE_STOR_SIZE
-## + BACKUP_OVERHEAD = 50
-## LOG_VOL_SIZE = 8192
-## SCRATCH_VOL_SIZE = 8192
-## RABBIT = 2048
-## PLATFORM = 2048
-## ANCHOR = 1024
-## EXTENSION = 1024
-## GNOCCHI = 5120
-## DOCKER = 30720
-## DOCKER_DIST = 16384
-## ETCD = 5120
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-## CGCS_PV_SIZE = 10240 + 2*20480 + 20480 + 51200 + 8196 + 8196 + 2048 +
-## 2048 + 1024 + 1024 + 5120 + 30720 + 16384 + 5120 +
-## 20480 + 10240 + 16 = 233496
-##
-## small install - (for disks below 240GB)
-## - DB size is doubled to allow for upgrades
-##
-## DEFAULT_SMALL_IMAGE_STOR_SIZE = 10
-## DEFAULT_SMALL_DATABASE_STOR_SIZE = 10
-## DEFAULT_SMALL_IMG_CONVERSION_STOR_SIZE = 10
-## DEFAULT_SMALL_BACKUP_STOR_SIZE = 40
-##
-## LOG_VOL_SIZE = 8192
-## SCRATCH_VOL_SIZE = 8192
-## RABBIT = 2048
-## PLATFORM = 2048
-## ANCHOR = 1024
-## EXTENSION = 1024
-## GNOCCHI = 5120
-## DOCKER = 30720
-## DOCKER_DIST = 16384
-## ETCD = 5120
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-##
-## CGCS_PV_SIZE = 10240 + 2*10240 + 10240 + 40960 + 8192 + 8192 + 2048 +
-## 2048 + 1024 + 1024 + 5120 + 30720 + 16384 + 5120 +
-## 20480 + 10240 + 16 = 192528
-##
-## NOTE: To maintain upgrade compatability within the volume group, keep the
-## undersized LOG_VOL_SIZE and SCRATCH_VOL_SIZE, but size the minimally size
-## physical volume correctly.
-##
-## R4 AIO installations:
-## - R4 (case #1): /boot (0.5G), / (20G),
-## cgts-vg PV (239G), /local_pv (239G)
-## - R4 (case #2): /boot (0.5G), / (20G),
-## cgts-vg PV (239G), cgts-vg (239G)
-##
-## Upgrade migration will start with R5 install and create a partition to align
-## above so filesystems within the volume group will be able to maintain their
-## sizes in R5
-## - R5 install : /boot (0.5G), / (20G),
-## cgts-vg PV (142G), un-partitioned (336G)
-## - R5 (case #1): /boot (0.5G), / (20G),
-## cgts-vg PV (142G), cgts-vg PV (97G), unpartitioned (239G)
-## - R5 (case #2): /boot (0.5G), / (20G),
-## cgts-vg PV (142G), cgts-vg PV (336G)
-##
-
-sz=$(blockdev --getsize64 $(get_disk $rootfs_device))
-if [ $sz -le $((240*$gb)) ] ; then
- # Round CGCS_PV_SIZE to the closest upper value that can be divided by 1024.
- # 192528/1024=188.01. CGCS_PV_SIZE=189*1024=193536. Using a disk with a
- # size under 189GiB will fail.
- CGCS_PV_SIZE=193536
-else
- # Round CGCS_PV_SIZE to the closest upper value that can be divided by 1024.
- # 233496/1024=228.02. CGCS_PV_SIZE=229*1024=234496.
- CGCS_PV_SIZE=234496
-fi
-
-ROOTFS_SIZE=20000
-LOG_VOL_SIZE=8000
-SCRATCH_VOL_SIZE=8000
-
-ROOTFS_OPTIONS="defaults"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- # Enable iversion labelling for rootfs when IMA is enabled
- ROOTFS_OPTIONS="${ROOTFS_OPTIONS},iversion"
-fi
-
-cat<<EOF>>/tmp/part-include
-part /boot --fstype=ext4 --asprimary --size=500 --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-part pv.253004 --grow --size=500 --maxsize=$CGCS_PV_SIZE --ondrive=$(get_disk $rootfs_device)
-volgroup cgts-vg --pesize=32768 pv.253004
-logvol /var/log --fstype=ext4 --vgname=cgts-vg --size=$LOG_VOL_SIZE --name=log-lv
-logvol /scratch --fstype=ext4 --vgname=cgts-vg --size=$SCRATCH_VOL_SIZE --name=scratch-lv
-part / --fstype=ext4 --asprimary --size=$ROOTFS_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-EOF
-
-%end
-
-
-# Template from: post_platform_conf_aio.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Set the security profile mode
-secprofile="standard"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- secprofile="extended"
-fi
-
-mkdir -p -m 0775 /etc/platform
-cat <<EOF > /etc/platform/platform.conf
-nodetype=controller
-subfunction=controller,worker
-system_type=All-in-one
-security_profile=$secprofile
-EOF
-
-%end
-
-
-# Template from: post_common.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Turn off locale support for i18n if is not installed
-if [ ! -d /usr/share/i18n ] ; then
- rm -f /etc/sysconfig/i18n
-fi
-# Unset the hostname
-rm /etc/hostname
-
-# If using a serial install make sure to add a getty on the tty1
-conarg=`cat /proc/cmdline |xargs -n1 echo |grep console= |grep ttyS`
-if [ -n "$conarg" ] ; then
- echo "1:2345:respawn:/sbin/mingetty tty1" >> /etc/inittab
-fi
-
-#### SECURITY PROFILE HANDLING (Post Installation) ####
-# Check if the Security profile mode is enabled
-# and load the appropriate kernel modules
-secprofile=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$secprofile" ]; then
- echo "In Extended Security profile mode. Loading IMA kernel module"
- systemctl enable auditd.service
- # Add the securityfs mount for the IMA Runtime measurement list
- echo "securityfs /sys/kernel/security securityfs defaults,nodev 0 0" >> /etc/fstab
-else
- # Disable audit daemon in the Standard Security Profile
- systemctl disable auditd
-fi
-
-. /etc/platform/platform.conf
-# Configure smart package manager channels
-rm -rf /var/lib/smart
-mkdir /var/lib/smart
-/usr/bin/smart channel -y \
- --add rpmdb type=rpm-sys name="RPM Database"
-/usr/bin/smart channel -y \
- --add base type=rpm-md name="Base" baseurl=http://controller:${http_port:-8080}/feed/rel-19.12
-/usr/bin/smart channel -y \
- --add updates type=rpm-md name="Patches" baseurl=http://controller:${http_port:-8080}/updates/rel-19.12
-
-# Configure smart to use rpm --nolinktos option
-/usr/bin/smart config --set rpm-nolinktos=true
-
-# Configure smart to use rpm --nosignature option
-/usr/bin/smart config --set rpm-check-signatures=false
-
-# Delete the CentOS yum repo files
-rm -f /etc/yum.repos.d/CentOS-*
-
-# Persist the boot device naming as UDEV rules so that if the network device
-# order changes post-install that we will still be able to DHCP from the
-# correct interface to reach the active controller. For most nodes only the
-# management/boot interface needs to be persisted but because we require both
-# controllers to be identically configured and controller-0 and controller-1
-# are installed differently (e.g., controller-0 from USB and controller-1 from
-# network) it is not possible to know which interface to persist for
-# controller-0. The simplest solution is to persist all interfaces.
-#
-mkdir -p /etc/udev/rules.d
-echo "# Persisted network interfaces from anaconda installer" > /etc/udev/rules.d/70-persistent-net.rules
-for dir in /sys/class/net/*; do
- if [ -e ${dir}/device ]; then
- dev=$(basename ${dir})
- mac_address=$(cat /sys/class/net/${dev}/address)
- echo "ACTION==\"add\", SUBSYSTEM==\"net\", DRIVERS==\"?*\", ATTR{address}==\"${mac_address}\", NAME=\"${dev}\"" >> /etc/udev/rules.d/70-persistent-net.rules
- fi
-done
-
-# Mark the sysadmin password as expired immediately
-chage -d 0 sysadmin
-
-# Lock the root password
-passwd -l root
-
-# Enable tmpfs mount for /tmp
-# delete /var/tmp so that it can similinked in
-rm -rf /var/tmp
-systemctl enable tmp.mount
-
-# Disable automount of /dev/hugepages
-systemctl mask dev-hugepages.mount
-
-# Disable firewall
-systemctl disable firewalld
-
-# Disable libvirtd
-systemctl disable libvirtd.service
-
-# Enable rsyncd
-systemctl enable rsyncd.service
-
-# Allow root to run sudo from a non-tty (for scripts running as root that run sudo cmds)
-echo 'Defaults:root !requiretty' > /etc/sudoers.d/root
-
-# Make fstab just root read/writable
-chmod 600 /etc/fstab
-
-# Create first_boot flag
-touch /etc/platform/.first_boot
-
-%end
-
-# Template from: post_kernel_aio_and_worker.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-# Update grub with custom kernel bootargs
-source /etc/init.d/cpumap_functions.sh
-n_cpus=$(cat /proc/cpuinfo 2>/dev/null | \
- awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-n_numa=$(ls -d /sys/devices/system/node/node* 2>/dev/null | wc -l)
-KERN_OPTS=" iommu=pt usbcore.autosuspend=-1"
-
-KERN_OPTS="${KERN_OPTS} hugepagesz=2M hugepages=0 default_hugepagesz=2M"
-
-# If this is an all-in-one system, we need at least 4 CPUs
-if [ "$system_type" = "All-in-one" -a ${n_cpus} -lt 4 ]; then
- report_post_failure_with_msg "ERROR: At least 4 CPUs are required for controller+worker node."
-fi
-
-# Add kernel options for cpu isolation / affinity
-if [ ${n_cpus} -gt 1 ]
-then
- base_cpulist=$(platform_expanded_cpu_list)
- base_cpumap=$(cpulist_to_cpumap ${base_cpulist} ${n_cpus})
- avp_cpulist=$(vswitch_expanded_cpu_list)
- norcu_cpumap=$(invert_cpumap ${base_cpumap} ${n_cpus})
- norcu_cpulist=$(cpumap_to_cpulist ${norcu_cpumap} ${n_cpus})
-
- if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} isolcpus=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} nohz_full=${norcu_cpulist}"
- else
- KERN_OPTS="${KERN_OPTS} isolcpus=${avp_cpulist}"
- fi
- KERN_OPTS="${KERN_OPTS} rcu_nocbs=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} kthread_cpus=${base_cpulist}"
- KERN_OPTS="${KERN_OPTS} irqaffinity=${base_cpulist}"
- # Update vswitch.conf
- sed -i "s/^VSWITCH_CPU_LIST=.*/VSWITCH_CPU_LIST=\"${avp_cpulist}\"/" /etc/vswitch/vswitch.conf
-fi
-
-# Add kernel options to ensure an selinux is disabled
-KERN_OPTS="${KERN_OPTS} selinux=0 enforcing=0"
-
-# Add kernel options to set NMI watchdog
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=0 softlockup_panic=0"
-else
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=panic,1 softlockup_panic=1"
-fi
-
-if [[ "$(dmidecode -s system-product-name)" =~ ^ProLiant.*Gen8$ ]]; then
- KERN_OPTS="${KERN_OPTS} intel_iommu=on,eth_no_rmrr"
-else
- KERN_OPTS="${KERN_OPTS} intel_iommu=on"
-fi
-
-# Add kernel option to disable biosdevname if enabled
-# As this may already be in GRUB_CMDLINE_LINUX, only add if it is not already present
-grep -q '^GRUB_CMDLINE_LINUX=.*biosdevname=0' /etc/default/grub
-if [ $? -ne 0 ]; then
- KERN_OPTS="${KERN_OPTS} biosdevname=0"
-fi
-
-# Add kernel options to disable kvm-intel.eptad on Broadwell
-# Broadwell: Model: 79, Model name: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
-if grep -q -E "^model\s+:\s+79$" /proc/cpuinfo
-then
- KERN_OPTS="${KERN_OPTS} kvm-intel.eptad=0"
-fi
-
-# k8s updates:
-#KERN_OPTS="${KERN_OPTS} cgroup_disable=memory"
-KERN_OPTS="${KERN_OPTS} user_namespace.enable=1"
-
-# Add kernel option to avoid jiffies_lock contention on real-time kernel
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} skew_tick=1"
-fi
-
-# If the installer asked us to use security related kernel params, use
-# them in the grub line as well (until they can be configured via puppet)
-grep -q 'nopti' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nopti"
-fi
-grep -q 'nospectre_v2' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nospectre_v2"
-fi
-
-perl -pi -e 's/(GRUB_CMDLINE_LINUX=.*)\"/\1'"$KERN_OPTS"'\"/g' /etc/default/grub
-
-if [ -d /sys/firmware/efi ] ; then
- grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
-else
- grub2-mkconfig -o /boot/grub2/grub.cfg
-fi
-
-%end
-
-
-# Template from: post_lvm_pv_on_rootfs.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# uncomment the global_filter line in lvm.conf
-perl -0777 -i.bak -pe 's:(# This configuration option has an automatic default value\.\n)\t# global_filter:$1 global_filter:m' /etc/lvm/lvm.conf
-
-# Determine which disk we created our PV on (i.e. the root disk)
-ROOTDISK=$(get_by_path $(pvdisplay --select 'vg_name=cgts-vg' -C -o pv_name --noheadings))
-if [ -z "$ROOTDISK" ]; then
- report_post_failure_with_msg "ERROR: failed to identify rootdisk via pvdisplay"
-fi
-# Edit the LVM config so LVM only looks for LVs on the root disk
-sed -i "s#^\( *\)global_filter = \[.*#\1global_filter = [ \"a|${ROOTDISK}|\", \"r|.*|\" ]#" /etc/lvm/lvm.conf
-%end
-
-
-# Template from: post_system_aio.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-## Reserve more memory for base processes since the controller has higher
-## memory requirements but cap it to better handle systems with large
-## amounts of memory
-TOTALMEM=$(grep MemTotal /proc/meminfo | awk '{print int($2/1024)}')
-
-if [ -e /sys/devices/system/node/node0 ]; then
- RESERVEDMEM=$(grep MemTotal /sys/devices/system/node/node0/meminfo | awk '{printf "%d\n", $4/1024}')
-else
- RESERVEDMEM=$(grep MemTotal /proc/meminfo | awk '{print int($2/1024/4)}')
-fi
-
-if [ ${RESERVEDMEM} -lt 6144 ]; then
- RESERVEDMEM=6144
-elif [ ${RESERVEDMEM} -gt 14500 ]; then
- RESERVEDMEM=14500
-elif [ ${RESERVEDMEM} -gt 8192 ]; then
- RESERVEDMEM=8192
-fi
-
-sed -i -e "s#\(WORKER_BASE_RESERVED\)=.*#\1=(\"node0:${RESERVEDMEM}MB:1\" \"node1:2000MB:0\" \"node2:2000MB:0\" \"node3:2000MB:0\")#g" /etc/platform/worker_reserved.conf
-
-# Update WORKER_CPU_LIST
-N_CPUS=$(cat /proc/cpuinfo 2>/dev/null | awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-sed -i "s/^WORKER_CPU_LIST=.*/WORKER_CPU_LIST=\"0-$((N_CPUS-1))\"/" /etc/platform/worker_reserved.conf
-
-%end
-
-
-# Template from: post_usb_controller.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-touch /tmp/repo-include
-
-if [ -d ${srcdir}/patches ]; then
- echo "repo --name=updates --baseurl=file://${srcdir}/patches/" > /tmp/repo-include
-fi
-
-%end
-
-# Repository arguments from %pre
-%include /tmp/repo-include
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-mgmt_dev=none
-
-# Persist the boot device to the platform configuration. This will get
-# overwritten when config_controller is run.
-echo management_interface=$mgmt_dev >> /etc/platform/platform.conf
-
-# persist the default http port number to platform configuration. This
-# will get overwritten when config_controller is run.
-echo http_port=8080 >> /etc/platform/platform.conf
-
-# Build networking scripts
-cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
-%end
-
-
-# Note, this section is different and replaced with a wget
-# if doing the initial install off the network
-%post --nochroot
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-if [ -d $srcdir/Packages ] ; then
- mkdir -p /mnt/sysimage/www/pages/feed/rel-19.12
- cp -r $srcdir/Packages /mnt/sysimage/www/pages/feed/rel-19.12/Packages
- cp -r $srcdir/repodata /mnt/sysimage/www/pages/feed/rel-19.12/repodata
- cp $srcdir/*.cfg /mnt/sysimage/www/pages/feed/rel-19.12
-fi
-
-if [ -d $srcdir/patches ]; then
- mkdir -p /mnt/sysimage/www/pages/updates/rel-19.12
- cp -r $srcdir/patches/Packages /mnt/sysimage/www/pages/updates/rel-19.12/Packages
- cp -r $srcdir/patches/repodata /mnt/sysimage/www/pages/updates/rel-19.12/repodata
- mkdir -p /mnt/sysimage/opt/patching
- cp -r $srcdir/patches/metadata /mnt/sysimage/opt/patching/metadata
- mkdir -p /mnt/sysimage/opt/patching/packages/19.12
-
- find /mnt/sysimage/www/pages/updates/rel-19.12/Packages -name '*.rpm' \
- | xargs --no-run-if-empty -I files cp --preserve=all files /mnt/sysimage/opt/patching/packages/19.12/
-fi
-
-# Create a uuid specific to this installation
-INSTALL_UUID=`uuidgen`
-echo $INSTALL_UUID > /mnt/sysimage/www/pages/feed/rel-19.12/install_uuid
-echo "INSTALL_UUID=$INSTALL_UUID" >> /mnt/sysimage/etc/platform/platform.conf
-%end
-
-%post
-
-# This is a USB install, so set ONBOOT=yes for network devices.
-# Doing this in the %post so we don't unintentionally setup a
-# network device during the installation.
-for f in /etc/sysconfig/network-scripts/ifcfg-*; do
- if grep -q '^ONBOOT=' ${f}; then
- sed -i 's/^ONBOOT=.*/ONBOOT=yes/' ${f}
- else
- echo "ONBOOT=yes" >> ${f}
- fi
- if grep -q '^IPV6_AUTOCONF=' ${f}; then
- sed -i 's/^IPV6_AUTOCONF=.*/IPV6_AUTOCONF=no/' ${f}
- else
- echo "IPV6_AUTOCONF=no" >> ${f}
- fi
-done
-
-%end
-
-
-# Template from: post_usb_addon.cfg
-%pre --erroronfail
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-if [ -f ${srcdir}/ks-addon.cfg ]; then
- cp ${srcdir}/ks-addon.cfg /tmp/
-else
- cat <<EOF > /tmp/ks-addon.cfg
-# No custom addon included
-EOF
-fi
-%end
-
-%post --nochroot
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-# Store the ks-addon.cfg for debugging
-mkdir -p /mnt/sysimage/var/log/anaconda
-cp /tmp/ks-addon.cfg /mnt/sysimage/var/log/anaconda/
-%end
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-%include /tmp/ks-addon.cfg
-
-%end
+++ /dev/null
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-# SPDX-License-Identifier: Apache-2.0
-#
-
-%pre
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-%post
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-
-# Template from: pre_common_head.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-append=
-if [ -n "$console" ] ; then
- append="console=$console"
-fi
-
-if [ -n "$security_profile" ]; then
- append="$append security_profile=$security_profile"
-fi
-
-#### SECURITY PROFILE HANDLING (Pre Installation) ####
-if [ -n "$security_profile" ] && [ "$security_profile" == "extended" ]; then
- # IMA specific boot options:
- # Enable Kernel auditing
- append="$append audit=1"
-else
- # we need to blacklist the IMA and Integrity Modules
- # on standard security profile
- append="$append module_blacklist=integrity,ima"
-
- # Disable Kernel auditing in Standard Security Profile mode
- append="$append audit=0"
-fi
-
-if [ -n "$tboot" ]; then
- append="$append tboot=$tboot"
-else
- append="$append tboot=false"
-fi
-
-boot_device_arg=
-if [ -n "$boot_device" ] ; then
- boot_device_arg="--boot-drive=$(get_by_path $boot_device)"
-fi
-
-echo "bootloader --location=mbr $boot_device_arg --timeout=5 --append=\"$append\"" > /tmp/bootloader-include
-
-echo "timezone --nontp --utc UTC" >/tmp/timezone-include
-%end
-
-#version=DEVEL
-install
-lang en_US.UTF-8
-keyboard us
-%include /tmp/timezone-include
-# set to 'x' so we can use shadow password
-rootpw --iscrypted x
-selinux --disabled
-authconfig --enableshadow --passalgo=sha512
-firewall --service=ssh
-
-# The following is the partition information you requested
-# Note that any partitions you deleted are not expressed
-# here so unless you clear all partitions first, this is
-# not guaranteed to work
-zerombr
-
-# Disk layout from %pre
-%include /tmp/part-include
-# Bootloader parms from %pre
-%include /tmp/bootloader-include
-
-reboot --eject
-
-
-# Template from: pre_pkglist_lowlatency.cfg
-%packages
-@core
-@base
--kernel-module-igb-uio
--kernel-module-wrs-avp
--kernel
--kernel-tools
--kernel-tools-libs
--kmod-drbd
--kmod-e1000e
--kmod-i40e
--kmod-ixgbe
--kmod-tpm
--mlnx-ofa_kernel
--mlnx-ofa_kernel-rt
--mlnx-ofa_kernel-modules
--qat16
-@platform-controller-worker-lowlatency
-@updates-controller-worker-lowlatency
-%end
-
-
-# Template from: pre_disk_setup_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# This is a really fancy way of finding the first usable disk for the
-# install and not stomping on the USB device if it comes up first
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-# Find either the ISO or USB device first chopping off partition
-ISO_DEV=`readlink /dev/disk/by-label/oe_iso_boot`
-sdev=`echo $ISO_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- ISO_DEV=$sdev
-fi
-USB_DEV=`readlink /dev/disk/by-label/wr_usb_boot`
-sdev=`echo $USB_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- USB_DEV=$sdev
-fi
-
-# Temporary, until lab pxelinux.cfg files are updated to specify install devices
-if [ -z "$rootfs_device" -o -z "$boot_device" ]
-then
- INST_HDD=""
- # Prefer a vd* device if this is kvm/qemu
- for e in vda vdb sda sdb nvme0n1; do
- if [ -e /dev/$e -a "$ISO_DEV" != "../../$e" -a "$USB_DEV" != "../../$e" ] ; then
- INST_HDD=$e
- break
- fi
- done
-
- # Set variables to $INST_HDD if not set
- rootfs_device=${rootfs_device:-$INST_HDD}
- boot_device=${boot_device:-$INST_HDD}
-fi
-
-# Convert to by-path
-orig_rootfs_device=$rootfs_device
-rootfs_device=$(get_by_path $rootfs_device)
-
-orig_boot_device=$boot_device
-boot_device=$(get_by_path $boot_device)
-
-if [ ! -e "$rootfs_device" -o ! -e "$boot_device" ] ; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is invalid."
-fi
-
-# Ensure specified device is not a USB drive
-udevadm info --query=property --name=$rootfs_device |grep -q '^ID_BUS=usb' || \
- udevadm info --query=property --name=$boot_device |grep -q '^ID_BUS=usb'
-if [ $? -eq 0 ]; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is a USB drive."
-fi
-
-# Deactivate existing volume groups to avoid Anaconda issues with pre-existing groups
-vgs --noheadings -o vg_name | xargs --no-run-if-empty -n 1 vgchange -an
-
-# Remove volumes and group for cgts-vg, if any
-lvremove --force cgts-vg
-pvs --select 'vg_name=cgts-vg' --noheadings -o pv_name | xargs --no-run-if-empty pvremove --force --force --yes
-vgs --select 'vg_name=cgts-vg' --noheadings -o vg_name | xargs --no-run-if-empty vgremove --force
-
-ONLYUSE_HDD=""
-if [ "$(curl -sf http://pxecontroller:6385/v1/upgrade/$(hostname)/in_upgrade 2>/dev/null)" = "true" ]; then
- # In an upgrade, only wipe the disk with the rootfs and boot partition
- echo "In upgrade, wiping only $rootfs_device"
- WIPE_HDD="$(get_disk $rootfs_device)"
- ONLYUSE_HDD="$(basename $(get_disk $rootfs_device))"
- if [ "$(get_disk $rootfs_device)" != "$(get_disk $boot_device)" ]; then
- WIPE_HDD="$WIPE_HDD,$(get_disk $boot_device)"
- ONLYUSE_HDD="$ONLYUSE_HDD,$(basename $(get_disk $boot_device))"
- fi
-else
- # Make a list of all the hard drives that are to be wiped
- WIPE_HDD=""
- # Partition type OSD has a unique globally identifier
- part_type_guid_str="Partition GUID code"
- CEPH_OSD_GUID="4FBD7E29-9D25-41B8-AFD0-062C0CEFF05D"
-
- # Check if we wipe OSDs
- if [ "$(curl -sf http://pxecontroller:6385/v1/ihosts/wipe_osds 2>/dev/null)" = "true" ]; then
- echo "Wipe OSD data."
- WIPE_CEPH_OSDS="true"
- else
- echo "Skip Ceph OSD data wipe."
- WIPE_CEPH_OSDS="false"
- fi
-
- for f in /dev/disk/by-path/*
- do
- dev=$(readlink -f $f)
- lsblk --nodeps --pairs $dev | grep -q 'TYPE="disk"'
- if [ $? -ne 0 ]
- then
- continue
- fi
-
- # Avoid wiping USB drives
- udevadm info --query=property --name=$dev |grep -q '^ID_BUS=usb' && continue
-
- # Avoid wiping ceph osds if sysinv tells us so
- if [ ${WIPE_CEPH_OSDS} == "false" ]; then
- wipe_dev="true"
- part_numbers=( `parted -s $dev print | awk '$1 == "Number" {i=1; next}; i {print $1}'` )
- # Scanning the partitions looking for CEPH OSDs and
- # skipping any disk found with such partitions
- for part_number in "${part_numbers[@]}"; do
- sgdisk_part_info=$(flock $dev sgdisk -i $part_number $dev)
- part_type_guid=$(echo "$sgdisk_part_info" | grep "$part_type_guid_str" | awk '{print $4;}')
- if [ "$part_type_guid" == $CEPH_OSD_GUID ]; then
- echo "OSD found on $dev, skipping wipe"
- wipe_dev="false"
- break
- fi
- done
- if [ "$wipe_dev" == "false" ]; then
- continue
- fi
- fi
-
- # Add device to the wipe list
- devname=$(basename $dev)
- if [ -e $dev -a "$ISO_DEV" != "../../$devname" -a "$USB_DEV" != "../../$devname" ]; then
- if [ -n "$WIPE_HDD" ]; then
- WIPE_HDD=$WIPE_HDD,$dev
- else
- WIPE_HDD=$dev
- fi
- fi
- done
- echo "Not in upgrade, wiping disks: $WIPE_HDD"
-fi
-
-for dev in ${WIPE_HDD//,/ }
-do
- # Clearing previous GPT tables or LVM data
- # Delete the first few bytes at the start and end of the partition. This is required with
- # GPT partitions, they save partition info at the start and the end of the block.
- # Do this for each partition on the disk, as well.
- partitions=$(lsblk -rip $dev -o TYPE,NAME |awk '$1 == "part" {print $2}')
- for p in $partitions $dev
- do
- echo "Pre-wiping $p from kickstart"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
- done
-done
-
-# Check for remaining cgts-vg PVs, which could potentially happen
-# in an upgrade where we're not wiping all disks.
-# If we ever create other volume groups from kickstart in the future,
-# include them in this search as well.
-partitions=$(pvs --select 'vg_name=cgts-vg' -o pv_name --noheading | grep -v '\[unknown\]')
-for p in $partitions
-do
- echo "Pre-wiping $p from kickstart (cgts-vg present)"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
-done
-
-let -i gb=1024*1024*1024
-
-cat<<EOF>/tmp/part-include
-clearpart --all --drives=$WIPE_HDD --initlabel
-EOF
-
-if [ -n "$ONLYUSE_HDD" ]; then
- cat<<EOF>>/tmp/part-include
-ignoredisk --only-use=$ONLYUSE_HDD
-EOF
-fi
-
-if [ -d /sys/firmware/efi ] ; then
- cat<<EOF>>/tmp/part-include
-part /boot/efi --fstype=efi --size=300 --ondrive=$(get_disk $boot_device)
-EOF
-else
- cat<<EOF>>/tmp/part-include
-part biosboot --asprimary --fstype=biosboot --size=1 --ondrive=$(get_disk $boot_device)
-EOF
-fi
-
-
-# Template from: pre_disk_aio.cfg
-
-## NOTE: updates to partition sizes need to be also reflected in
-## - stx-config/.../sysinv/conductor/manager.py:create_controller_filesystems()
-## - stx-config/.../sysinv/common/constants.py
-##
-## NOTE: When adding partitions, we currently have a max of 4 primary partitions.
-## If more than 4 partitions are required, we can use a max of 3 --asprimary,
-## to allow 1 primary logical partition with extended partitions
-##
-## NOTE: Max default PV size must align with the default controllerfs sizes
-##
-## BACKUP_OVERHEAD = 20
-##
-## Physical install (for disks over 240GB)
-## - DB size is doubled to allow for upgrades
-##
-## DEFAULT_IMAGE_STOR_SIZE = 10
-## DEFAULT_DATABASE_STOR_SIZE = 20
-## DEFAULT_IMG_CONVERSION_STOR_SIZE = 20
-## BACKUP = DEFAULT_DATABASE_STOR_SIZE + DEFAULT_IMAGE_STOR_SIZE
-## + BACKUP_OVERHEAD = 50
-## LOG_VOL_SIZE = 8192
-## SCRATCH_VOL_SIZE = 8192
-## RABBIT = 2048
-## PLATFORM = 2048
-## ANCHOR = 1024
-## EXTENSION = 1024
-## GNOCCHI = 5120
-## DOCKER = 30720
-## DOCKER_DIST = 16384
-## ETCD = 5120
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-## CGCS_PV_SIZE = 10240 + 2*20480 + 20480 + 51200 + 8196 + 8196 + 2048 +
-## 2048 + 1024 + 1024 + 5120 + 30720 + 16384 + 5120 +
-## 20480 + 10240 + 16 = 233496
-##
-## small install - (for disks below 240GB)
-## - DB size is doubled to allow for upgrades
-##
-## DEFAULT_SMALL_IMAGE_STOR_SIZE = 10
-## DEFAULT_SMALL_DATABASE_STOR_SIZE = 10
-## DEFAULT_SMALL_IMG_CONVERSION_STOR_SIZE = 10
-## DEFAULT_SMALL_BACKUP_STOR_SIZE = 40
-##
-## LOG_VOL_SIZE = 8192
-## SCRATCH_VOL_SIZE = 8192
-## RABBIT = 2048
-## PLATFORM = 2048
-## ANCHOR = 1024
-## EXTENSION = 1024
-## GNOCCHI = 5120
-## DOCKER = 30720
-## DOCKER_DIST = 16384
-## ETCD = 5120
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-##
-## CGCS_PV_SIZE = 10240 + 2*10240 + 10240 + 40960 + 8192 + 8192 + 2048 +
-## 2048 + 1024 + 1024 + 5120 + 30720 + 16384 + 5120 +
-## 20480 + 10240 + 16 = 192528
-##
-## NOTE: To maintain upgrade compatability within the volume group, keep the
-## undersized LOG_VOL_SIZE and SCRATCH_VOL_SIZE, but size the minimally size
-## physical volume correctly.
-##
-## R4 AIO installations:
-## - R4 (case #1): /boot (0.5G), / (20G),
-## cgts-vg PV (239G), /local_pv (239G)
-## - R4 (case #2): /boot (0.5G), / (20G),
-## cgts-vg PV (239G), cgts-vg (239G)
-##
-## Upgrade migration will start with R5 install and create a partition to align
-## above so filesystems within the volume group will be able to maintain their
-## sizes in R5
-## - R5 install : /boot (0.5G), / (20G),
-## cgts-vg PV (142G), un-partitioned (336G)
-## - R5 (case #1): /boot (0.5G), / (20G),
-## cgts-vg PV (142G), cgts-vg PV (97G), unpartitioned (239G)
-## - R5 (case #2): /boot (0.5G), / (20G),
-## cgts-vg PV (142G), cgts-vg PV (336G)
-##
-
-sz=$(blockdev --getsize64 $(get_disk $rootfs_device))
-if [ $sz -le $((240*$gb)) ] ; then
- # Round CGCS_PV_SIZE to the closest upper value that can be divided by 1024.
- # 192528/1024=188.01. CGCS_PV_SIZE=189*1024=193536. Using a disk with a
- # size under 189GiB will fail.
- CGCS_PV_SIZE=193536
-else
- # Round CGCS_PV_SIZE to the closest upper value that can be divided by 1024.
- # 233496/1024=228.02. CGCS_PV_SIZE=229*1024=234496.
- CGCS_PV_SIZE=234496
-fi
-
-ROOTFS_SIZE=20000
-LOG_VOL_SIZE=8000
-SCRATCH_VOL_SIZE=8000
-
-ROOTFS_OPTIONS="defaults"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- # Enable iversion labelling for rootfs when IMA is enabled
- ROOTFS_OPTIONS="${ROOTFS_OPTIONS},iversion"
-fi
-
-cat<<EOF>>/tmp/part-include
-part /boot --fstype=ext4 --asprimary --size=500 --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-part pv.253004 --grow --size=500 --maxsize=$CGCS_PV_SIZE --ondrive=$(get_disk $rootfs_device)
-volgroup cgts-vg --pesize=32768 pv.253004
-logvol /var/log --fstype=ext4 --vgname=cgts-vg --size=$LOG_VOL_SIZE --name=log-lv
-logvol /scratch --fstype=ext4 --vgname=cgts-vg --size=$SCRATCH_VOL_SIZE --name=scratch-lv
-part / --fstype=ext4 --asprimary --size=$ROOTFS_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-EOF
-
-%end
-
-
-# Template from: post_platform_conf_aio_lowlatency.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Set the security profile mode
-secprofile="standard"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- secprofile="extended"
-fi
-
-mkdir -p -m 0775 /etc/platform
-cat <<EOF > /etc/platform/platform.conf
-nodetype=controller
-subfunction=controller,worker,lowlatency
-system_type=All-in-one
-security_profile=$secprofile
-EOF
-
-%end
-
-
-# Template from: post_common.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Turn off locale support for i18n if is not installed
-if [ ! -d /usr/share/i18n ] ; then
- rm -f /etc/sysconfig/i18n
-fi
-# Unset the hostname
-rm /etc/hostname
-
-# If using a serial install make sure to add a getty on the tty1
-conarg=`cat /proc/cmdline |xargs -n1 echo |grep console= |grep ttyS`
-if [ -n "$conarg" ] ; then
- echo "1:2345:respawn:/sbin/mingetty tty1" >> /etc/inittab
-fi
-
-#### SECURITY PROFILE HANDLING (Post Installation) ####
-# Check if the Security profile mode is enabled
-# and load the appropriate kernel modules
-secprofile=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$secprofile" ]; then
- echo "In Extended Security profile mode. Loading IMA kernel module"
- systemctl enable auditd.service
- # Add the securityfs mount for the IMA Runtime measurement list
- echo "securityfs /sys/kernel/security securityfs defaults,nodev 0 0" >> /etc/fstab
-else
- # Disable audit daemon in the Standard Security Profile
- systemctl disable auditd
-fi
-
-. /etc/platform/platform.conf
-# Configure smart package manager channels
-rm -rf /var/lib/smart
-mkdir /var/lib/smart
-/usr/bin/smart channel -y \
- --add rpmdb type=rpm-sys name="RPM Database"
-/usr/bin/smart channel -y \
- --add base type=rpm-md name="Base" baseurl=http://controller:${http_port:-8080}/feed/rel-19.12
-/usr/bin/smart channel -y \
- --add updates type=rpm-md name="Patches" baseurl=http://controller:${http_port:-8080}/updates/rel-19.12
-
-# Configure smart to use rpm --nolinktos option
-/usr/bin/smart config --set rpm-nolinktos=true
-
-# Configure smart to use rpm --nosignature option
-/usr/bin/smart config --set rpm-check-signatures=false
-
-# Delete the CentOS yum repo files
-rm -f /etc/yum.repos.d/CentOS-*
-
-# Persist the boot device naming as UDEV rules so that if the network device
-# order changes post-install that we will still be able to DHCP from the
-# correct interface to reach the active controller. For most nodes only the
-# management/boot interface needs to be persisted but because we require both
-# controllers to be identically configured and controller-0 and controller-1
-# are installed differently (e.g., controller-0 from USB and controller-1 from
-# network) it is not possible to know which interface to persist for
-# controller-0. The simplest solution is to persist all interfaces.
-#
-mkdir -p /etc/udev/rules.d
-echo "# Persisted network interfaces from anaconda installer" > /etc/udev/rules.d/70-persistent-net.rules
-for dir in /sys/class/net/*; do
- if [ -e ${dir}/device ]; then
- dev=$(basename ${dir})
- mac_address=$(cat /sys/class/net/${dev}/address)
- echo "ACTION==\"add\", SUBSYSTEM==\"net\", DRIVERS==\"?*\", ATTR{address}==\"${mac_address}\", NAME=\"${dev}\"" >> /etc/udev/rules.d/70-persistent-net.rules
- fi
-done
-
-# Mark the sysadmin password as expired immediately
-chage -d 0 sysadmin
-
-# Lock the root password
-passwd -l root
-
-# Enable tmpfs mount for /tmp
-# delete /var/tmp so that it can similinked in
-rm -rf /var/tmp
-systemctl enable tmp.mount
-
-# Disable automount of /dev/hugepages
-systemctl mask dev-hugepages.mount
-
-# Disable firewall
-systemctl disable firewalld
-
-# Disable libvirtd
-systemctl disable libvirtd.service
-
-# Enable rsyncd
-systemctl enable rsyncd.service
-
-# Allow root to run sudo from a non-tty (for scripts running as root that run sudo cmds)
-echo 'Defaults:root !requiretty' > /etc/sudoers.d/root
-
-# Make fstab just root read/writable
-chmod 600 /etc/fstab
-
-# Create first_boot flag
-touch /etc/platform/.first_boot
-
-%end
-
-# Template from: post_kernel_aio_and_worker.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-# Update grub with custom kernel bootargs
-source /etc/init.d/cpumap_functions.sh
-n_cpus=$(cat /proc/cpuinfo 2>/dev/null | \
- awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-n_numa=$(ls -d /sys/devices/system/node/node* 2>/dev/null | wc -l)
-KERN_OPTS=" iommu=pt usbcore.autosuspend=-1"
-
-KERN_OPTS="${KERN_OPTS} hugepagesz=2M hugepages=0 default_hugepagesz=2M"
-
-# If this is an all-in-one system, we need at least 4 CPUs
-if [ "$system_type" = "All-in-one" -a ${n_cpus} -lt 4 ]; then
- report_post_failure_with_msg "ERROR: At least 4 CPUs are required for controller+worker node."
-fi
-
-# Add kernel options for cpu isolation / affinity
-if [ ${n_cpus} -gt 1 ]
-then
- base_cpulist=$(platform_expanded_cpu_list)
- base_cpumap=$(cpulist_to_cpumap ${base_cpulist} ${n_cpus})
- avp_cpulist=$(vswitch_expanded_cpu_list)
- norcu_cpumap=$(invert_cpumap ${base_cpumap} ${n_cpus})
- norcu_cpulist=$(cpumap_to_cpulist ${norcu_cpumap} ${n_cpus})
-
- if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} isolcpus=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} nohz_full=${norcu_cpulist}"
- else
- KERN_OPTS="${KERN_OPTS} isolcpus=${avp_cpulist}"
- fi
- KERN_OPTS="${KERN_OPTS} rcu_nocbs=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} kthread_cpus=${base_cpulist}"
- KERN_OPTS="${KERN_OPTS} irqaffinity=${base_cpulist}"
- # Update vswitch.conf
- sed -i "s/^VSWITCH_CPU_LIST=.*/VSWITCH_CPU_LIST=\"${avp_cpulist}\"/" /etc/vswitch/vswitch.conf
-fi
-
-# Add kernel options to ensure an selinux is disabled
-KERN_OPTS="${KERN_OPTS} selinux=0 enforcing=0"
-
-# Add kernel options to set NMI watchdog
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=0 softlockup_panic=0"
-else
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=panic,1 softlockup_panic=1"
-fi
-
-if [[ "$(dmidecode -s system-product-name)" =~ ^ProLiant.*Gen8$ ]]; then
- KERN_OPTS="${KERN_OPTS} intel_iommu=on,eth_no_rmrr"
-else
- KERN_OPTS="${KERN_OPTS} intel_iommu=on"
-fi
-
-# Add kernel option to disable biosdevname if enabled
-# As this may already be in GRUB_CMDLINE_LINUX, only add if it is not already present
-grep -q '^GRUB_CMDLINE_LINUX=.*biosdevname=0' /etc/default/grub
-if [ $? -ne 0 ]; then
- KERN_OPTS="${KERN_OPTS} biosdevname=0"
-fi
-
-# Add kernel options to disable kvm-intel.eptad on Broadwell
-# Broadwell: Model: 79, Model name: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
-if grep -q -E "^model\s+:\s+79$" /proc/cpuinfo
-then
- KERN_OPTS="${KERN_OPTS} kvm-intel.eptad=0"
-fi
-
-# k8s updates:
-#KERN_OPTS="${KERN_OPTS} cgroup_disable=memory"
-KERN_OPTS="${KERN_OPTS} user_namespace.enable=1"
-
-# Add kernel option to avoid jiffies_lock contention on real-time kernel
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} skew_tick=1"
-fi
-
-# If the installer asked us to use security related kernel params, use
-# them in the grub line as well (until they can be configured via puppet)
-grep -q 'nopti' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nopti"
-fi
-grep -q 'nospectre_v2' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nospectre_v2"
-fi
-
-perl -pi -e 's/(GRUB_CMDLINE_LINUX=.*)\"/\1'"$KERN_OPTS"'\"/g' /etc/default/grub
-
-if [ -d /sys/firmware/efi ] ; then
- grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
-else
- grub2-mkconfig -o /boot/grub2/grub.cfg
-fi
-
-%end
-
-
-# Template from: post_lvm_pv_on_rootfs.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# uncomment the global_filter line in lvm.conf
-perl -0777 -i.bak -pe 's:(# This configuration option has an automatic default value\.\n)\t# global_filter:$1 global_filter:m' /etc/lvm/lvm.conf
-
-# Determine which disk we created our PV on (i.e. the root disk)
-ROOTDISK=$(get_by_path $(pvdisplay --select 'vg_name=cgts-vg' -C -o pv_name --noheadings))
-if [ -z "$ROOTDISK" ]; then
- report_post_failure_with_msg "ERROR: failed to identify rootdisk via pvdisplay"
-fi
-# Edit the LVM config so LVM only looks for LVs on the root disk
-sed -i "s#^\( *\)global_filter = \[.*#\1global_filter = [ \"a|${ROOTDISK}|\", \"r|.*|\" ]#" /etc/lvm/lvm.conf
-%end
-
-
-# Template from: post_system_aio.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-## Reserve more memory for base processes since the controller has higher
-## memory requirements but cap it to better handle systems with large
-## amounts of memory
-TOTALMEM=$(grep MemTotal /proc/meminfo | awk '{print int($2/1024)}')
-
-if [ -e /sys/devices/system/node/node0 ]; then
- RESERVEDMEM=$(grep MemTotal /sys/devices/system/node/node0/meminfo | awk '{printf "%d\n", $4/1024}')
-else
- RESERVEDMEM=$(grep MemTotal /proc/meminfo | awk '{print int($2/1024/4)}')
-fi
-
-if [ ${RESERVEDMEM} -lt 6144 ]; then
- RESERVEDMEM=6144
-elif [ ${RESERVEDMEM} -gt 14500 ]; then
- RESERVEDMEM=14500
-elif [ ${RESERVEDMEM} -gt 8192 ]; then
- RESERVEDMEM=8192
-fi
-
-sed -i -e "s#\(WORKER_BASE_RESERVED\)=.*#\1=(\"node0:${RESERVEDMEM}MB:1\" \"node1:2000MB:0\" \"node2:2000MB:0\" \"node3:2000MB:0\")#g" /etc/platform/worker_reserved.conf
-
-# Update WORKER_CPU_LIST
-N_CPUS=$(cat /proc/cpuinfo 2>/dev/null | awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-sed -i "s/^WORKER_CPU_LIST=.*/WORKER_CPU_LIST=\"0-$((N_CPUS-1))\"/" /etc/platform/worker_reserved.conf
-
-%end
-
-
-# Template from: post_usb_controller.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-touch /tmp/repo-include
-
-if [ -d ${srcdir}/patches ]; then
- echo "repo --name=updates --baseurl=file://${srcdir}/patches/" > /tmp/repo-include
-fi
-
-%end
-
-# Repository arguments from %pre
-%include /tmp/repo-include
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-mgmt_dev=none
-
-# Persist the boot device to the platform configuration. This will get
-# overwritten when config_controller is run.
-echo management_interface=$mgmt_dev >> /etc/platform/platform.conf
-
-# persist the default http port number to platform configuration. This
-# will get overwritten when config_controller is run.
-echo http_port=8080 >> /etc/platform/platform.conf
-
-# Build networking scripts
-cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
-%end
-
-
-# Note, this section is different and replaced with a wget
-# if doing the initial install off the network
-%post --nochroot
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-if [ -d $srcdir/Packages ] ; then
- mkdir -p /mnt/sysimage/www/pages/feed/rel-19.12
- cp -r $srcdir/Packages /mnt/sysimage/www/pages/feed/rel-19.12/Packages
- cp -r $srcdir/repodata /mnt/sysimage/www/pages/feed/rel-19.12/repodata
- cp $srcdir/*.cfg /mnt/sysimage/www/pages/feed/rel-19.12
-fi
-
-if [ -d $srcdir/patches ]; then
- mkdir -p /mnt/sysimage/www/pages/updates/rel-19.12
- cp -r $srcdir/patches/Packages /mnt/sysimage/www/pages/updates/rel-19.12/Packages
- cp -r $srcdir/patches/repodata /mnt/sysimage/www/pages/updates/rel-19.12/repodata
- mkdir -p /mnt/sysimage/opt/patching
- cp -r $srcdir/patches/metadata /mnt/sysimage/opt/patching/metadata
- mkdir -p /mnt/sysimage/opt/patching/packages/19.12
-
- find /mnt/sysimage/www/pages/updates/rel-19.12/Packages -name '*.rpm' \
- | xargs --no-run-if-empty -I files cp --preserve=all files /mnt/sysimage/opt/patching/packages/19.12/
-fi
-
-# Create a uuid specific to this installation
-INSTALL_UUID=`uuidgen`
-echo $INSTALL_UUID > /mnt/sysimage/www/pages/feed/rel-19.12/install_uuid
-echo "INSTALL_UUID=$INSTALL_UUID" >> /mnt/sysimage/etc/platform/platform.conf
-%end
-
-%post
-
-# This is a USB install, so set ONBOOT=yes for network devices.
-# Doing this in the %post so we don't unintentionally setup a
-# network device during the installation.
-for f in /etc/sysconfig/network-scripts/ifcfg-*; do
- if grep -q '^ONBOOT=' ${f}; then
- sed -i 's/^ONBOOT=.*/ONBOOT=yes/' ${f}
- else
- echo "ONBOOT=yes" >> ${f}
- fi
- if grep -q '^IPV6_AUTOCONF=' ${f}; then
- sed -i 's/^IPV6_AUTOCONF=.*/IPV6_AUTOCONF=no/' ${f}
- else
- echo "IPV6_AUTOCONF=no" >> ${f}
- fi
-done
-
-%end
-
-
-# Template from: post_usb_addon.cfg
-%pre --erroronfail
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-if [ -f ${srcdir}/ks-addon.cfg ]; then
- cp ${srcdir}/ks-addon.cfg /tmp/
-else
- cat <<EOF > /tmp/ks-addon.cfg
-# No custom addon included
-EOF
-fi
-%end
-
-%post --nochroot
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-# Store the ks-addon.cfg for debugging
-mkdir -p /mnt/sysimage/var/log/anaconda
-cp /tmp/ks-addon.cfg /mnt/sysimage/var/log/anaconda/
-%end
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-%include /tmp/ks-addon.cfg
-
-%end
+++ /dev/null
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-# SPDX-License-Identifier: Apache-2.0
-#
-
-%pre
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-%post
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-
-# Template from: pre_common_head.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-append=
-if [ -n "$console" ] ; then
- append="console=$console"
-fi
-
-if [ -n "$security_profile" ]; then
- append="$append security_profile=$security_profile"
-fi
-
-#### SECURITY PROFILE HANDLING (Pre Installation) ####
-if [ -n "$security_profile" ] && [ "$security_profile" == "extended" ]; then
- # IMA specific boot options:
- # Enable Kernel auditing
- append="$append audit=1"
-else
- # we need to blacklist the IMA and Integrity Modules
- # on standard security profile
- append="$append module_blacklist=integrity,ima"
-
- # Disable Kernel auditing in Standard Security Profile mode
- append="$append audit=0"
-fi
-
-if [ -n "$tboot" ]; then
- append="$append tboot=$tboot"
-else
- append="$append tboot=false"
-fi
-
-boot_device_arg=
-if [ -n "$boot_device" ] ; then
- boot_device_arg="--boot-drive=$(get_by_path $boot_device)"
-fi
-
-echo "bootloader --location=mbr $boot_device_arg --timeout=5 --append=\"$append\"" > /tmp/bootloader-include
-
-echo "timezone --nontp --utc UTC" >/tmp/timezone-include
-%end
-
-#version=DEVEL
-install
-lang en_US.UTF-8
-keyboard us
-%include /tmp/timezone-include
-# set to 'x' so we can use shadow password
-rootpw --iscrypted x
-selinux --disabled
-authconfig --enableshadow --passalgo=sha512
-firewall --service=ssh
-
-# The following is the partition information you requested
-# Note that any partitions you deleted are not expressed
-# here so unless you clear all partitions first, this is
-# not guaranteed to work
-zerombr
-
-# Disk layout from %pre
-%include /tmp/part-include
-# Bootloader parms from %pre
-%include /tmp/bootloader-include
-
-reboot --eject
-
-
-# Template from: pre_pkglist.cfg
-%packages
-@core
-@base
--kernel-module-igb-uio-rt
--kernel-module-wrs-avp-rt
--kernel-rt
--kernel-rt-kvm
--kernel-rt-tools
--kernel-rt-tools-libs
--kmod-drbd-rt
--kmod-e1000e-rt
--kmod-i40e-rt
--kmod-ixgbe-rt
--kmod-tpm-rt
--mlnx-ofa_kernel
--mlnx-ofa_kernel-rt
--mlnx-ofa_kernel-rt-modules
--qat16-rt
-@platform-controller
-@updates-controller
-%end
-
-
-# Template from: pre_disk_setup_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# This is a really fancy way of finding the first usable disk for the
-# install and not stomping on the USB device if it comes up first
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-# Find either the ISO or USB device first chopping off partition
-ISO_DEV=`readlink /dev/disk/by-label/oe_iso_boot`
-sdev=`echo $ISO_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- ISO_DEV=$sdev
-fi
-USB_DEV=`readlink /dev/disk/by-label/wr_usb_boot`
-sdev=`echo $USB_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- USB_DEV=$sdev
-fi
-
-# Temporary, until lab pxelinux.cfg files are updated to specify install devices
-if [ -z "$rootfs_device" -o -z "$boot_device" ]
-then
- INST_HDD=""
- # Prefer a vd* device if this is kvm/qemu
- for e in vda vdb sda sdb nvme0n1; do
- if [ -e /dev/$e -a "$ISO_DEV" != "../../$e" -a "$USB_DEV" != "../../$e" ] ; then
- INST_HDD=$e
- break
- fi
- done
-
- # Set variables to $INST_HDD if not set
- rootfs_device=${rootfs_device:-$INST_HDD}
- boot_device=${boot_device:-$INST_HDD}
-fi
-
-# Convert to by-path
-orig_rootfs_device=$rootfs_device
-rootfs_device=$(get_by_path $rootfs_device)
-
-orig_boot_device=$boot_device
-boot_device=$(get_by_path $boot_device)
-
-if [ ! -e "$rootfs_device" -o ! -e "$boot_device" ] ; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is invalid."
-fi
-
-# Ensure specified device is not a USB drive
-udevadm info --query=property --name=$rootfs_device |grep -q '^ID_BUS=usb' || \
- udevadm info --query=property --name=$boot_device |grep -q '^ID_BUS=usb'
-if [ $? -eq 0 ]; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is a USB drive."
-fi
-
-# Deactivate existing volume groups to avoid Anaconda issues with pre-existing groups
-vgs --noheadings -o vg_name | xargs --no-run-if-empty -n 1 vgchange -an
-
-# Remove volumes and group for cgts-vg, if any
-lvremove --force cgts-vg
-pvs --select 'vg_name=cgts-vg' --noheadings -o pv_name | xargs --no-run-if-empty pvremove --force --force --yes
-vgs --select 'vg_name=cgts-vg' --noheadings -o vg_name | xargs --no-run-if-empty vgremove --force
-
-ONLYUSE_HDD=""
-if [ "$(curl -sf http://pxecontroller:6385/v1/upgrade/$(hostname)/in_upgrade 2>/dev/null)" = "true" ]; then
- # In an upgrade, only wipe the disk with the rootfs and boot partition
- echo "In upgrade, wiping only $rootfs_device"
- WIPE_HDD="$(get_disk $rootfs_device)"
- ONLYUSE_HDD="$(basename $(get_disk $rootfs_device))"
- if [ "$(get_disk $rootfs_device)" != "$(get_disk $boot_device)" ]; then
- WIPE_HDD="$WIPE_HDD,$(get_disk $boot_device)"
- ONLYUSE_HDD="$ONLYUSE_HDD,$(basename $(get_disk $boot_device))"
- fi
-else
- # Make a list of all the hard drives that are to be wiped
- WIPE_HDD=""
- # Partition type OSD has a unique globally identifier
- part_type_guid_str="Partition GUID code"
- CEPH_OSD_GUID="4FBD7E29-9D25-41B8-AFD0-062C0CEFF05D"
-
- # Check if we wipe OSDs
- if [ "$(curl -sf http://pxecontroller:6385/v1/ihosts/wipe_osds 2>/dev/null)" = "true" ]; then
- echo "Wipe OSD data."
- WIPE_CEPH_OSDS="true"
- else
- echo "Skip Ceph OSD data wipe."
- WIPE_CEPH_OSDS="false"
- fi
-
- for f in /dev/disk/by-path/*
- do
- dev=$(readlink -f $f)
- lsblk --nodeps --pairs $dev | grep -q 'TYPE="disk"'
- if [ $? -ne 0 ]
- then
- continue
- fi
-
- # Avoid wiping USB drives
- udevadm info --query=property --name=$dev |grep -q '^ID_BUS=usb' && continue
-
- # Avoid wiping ceph osds if sysinv tells us so
- if [ ${WIPE_CEPH_OSDS} == "false" ]; then
- wipe_dev="true"
- part_numbers=( `parted -s $dev print | awk '$1 == "Number" {i=1; next}; i {print $1}'` )
- # Scanning the partitions looking for CEPH OSDs and
- # skipping any disk found with such partitions
- for part_number in "${part_numbers[@]}"; do
- sgdisk_part_info=$(flock $dev sgdisk -i $part_number $dev)
- part_type_guid=$(echo "$sgdisk_part_info" | grep "$part_type_guid_str" | awk '{print $4;}')
- if [ "$part_type_guid" == $CEPH_OSD_GUID ]; then
- echo "OSD found on $dev, skipping wipe"
- wipe_dev="false"
- break
- fi
- done
- if [ "$wipe_dev" == "false" ]; then
- continue
- fi
- fi
-
- # Add device to the wipe list
- devname=$(basename $dev)
- if [ -e $dev -a "$ISO_DEV" != "../../$devname" -a "$USB_DEV" != "../../$devname" ]; then
- if [ -n "$WIPE_HDD" ]; then
- WIPE_HDD=$WIPE_HDD,$dev
- else
- WIPE_HDD=$dev
- fi
- fi
- done
- echo "Not in upgrade, wiping disks: $WIPE_HDD"
-fi
-
-for dev in ${WIPE_HDD//,/ }
-do
- # Clearing previous GPT tables or LVM data
- # Delete the first few bytes at the start and end of the partition. This is required with
- # GPT partitions, they save partition info at the start and the end of the block.
- # Do this for each partition on the disk, as well.
- partitions=$(lsblk -rip $dev -o TYPE,NAME |awk '$1 == "part" {print $2}')
- for p in $partitions $dev
- do
- echo "Pre-wiping $p from kickstart"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
- done
-done
-
-# Check for remaining cgts-vg PVs, which could potentially happen
-# in an upgrade where we're not wiping all disks.
-# If we ever create other volume groups from kickstart in the future,
-# include them in this search as well.
-partitions=$(pvs --select 'vg_name=cgts-vg' -o pv_name --noheading | grep -v '\[unknown\]')
-for p in $partitions
-do
- echo "Pre-wiping $p from kickstart (cgts-vg present)"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
-done
-
-let -i gb=1024*1024*1024
-
-cat<<EOF>/tmp/part-include
-clearpart --all --drives=$WIPE_HDD --initlabel
-EOF
-
-if [ -n "$ONLYUSE_HDD" ]; then
- cat<<EOF>>/tmp/part-include
-ignoredisk --only-use=$ONLYUSE_HDD
-EOF
-fi
-
-if [ -d /sys/firmware/efi ] ; then
- cat<<EOF>>/tmp/part-include
-part /boot/efi --fstype=efi --size=300 --ondrive=$(get_disk $boot_device)
-EOF
-else
- cat<<EOF>>/tmp/part-include
-part biosboot --asprimary --fstype=biosboot --size=1 --ondrive=$(get_disk $boot_device)
-EOF
-fi
-
-
-# Template from: pre_disk_controller.cfg
-
-## NOTE: updates to partition sizes need to be also reflected in
-## _controller_filesystem_limits() in sysinv/api/controllers/v1/istorconfig.py
-
-ROOTFS_SIZE=20000
-LOG_VOL_SIZE=8000
-SCRATCH_VOL_SIZE=8000
-
-ROOTFS_OPTIONS="defaults"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- # Enable iversion labelling for rootfs when IMA is enabled
- ROOTFS_OPTIONS="${ROOTFS_OPTIONS},iversion"
-fi
-
-cat<<EOF>>/tmp/part-include
-part /boot --fstype=ext4 --asprimary --size=500 --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-part pv.253004 --grow --asprimary --size=500 --ondrive=$(get_disk $rootfs_device)
-volgroup cgts-vg --pesize=32768 pv.253004
-logvol /var/log --fstype=ext4 --vgname=cgts-vg --size=$LOG_VOL_SIZE --name=log-lv
-logvol /scratch --fstype=ext4 --vgname=cgts-vg --size=$SCRATCH_VOL_SIZE --name=scratch-lv
-part / --fstype=ext4 --asprimary --size=$ROOTFS_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-
-EOF
-
-%end
-
-
-# Template from: post_platform_conf_controller.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Set the security profile mode
-secprofile="standard"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- secprofile="extended"
-fi
-
-mkdir -p -m 0775 /etc/platform
-cat <<EOF > /etc/platform/platform.conf
-nodetype=controller
-subfunction=controller
-system_type=Standard
-security_profile=$secprofile
-EOF
-
-%end
-
-
-# Template from: post_common.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Turn off locale support for i18n if is not installed
-if [ ! -d /usr/share/i18n ] ; then
- rm -f /etc/sysconfig/i18n
-fi
-# Unset the hostname
-rm /etc/hostname
-
-# If using a serial install make sure to add a getty on the tty1
-conarg=`cat /proc/cmdline |xargs -n1 echo |grep console= |grep ttyS`
-if [ -n "$conarg" ] ; then
- echo "1:2345:respawn:/sbin/mingetty tty1" >> /etc/inittab
-fi
-
-#### SECURITY PROFILE HANDLING (Post Installation) ####
-# Check if the Security profile mode is enabled
-# and load the appropriate kernel modules
-secprofile=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$secprofile" ]; then
- echo "In Extended Security profile mode. Loading IMA kernel module"
- systemctl enable auditd.service
- # Add the securityfs mount for the IMA Runtime measurement list
- echo "securityfs /sys/kernel/security securityfs defaults,nodev 0 0" >> /etc/fstab
-else
- # Disable audit daemon in the Standard Security Profile
- systemctl disable auditd
-fi
-
-. /etc/platform/platform.conf
-# Configure smart package manager channels
-rm -rf /var/lib/smart
-mkdir /var/lib/smart
-/usr/bin/smart channel -y \
- --add rpmdb type=rpm-sys name="RPM Database"
-/usr/bin/smart channel -y \
- --add base type=rpm-md name="Base" baseurl=http://controller:${http_port:-8080}/feed/rel-19.12
-/usr/bin/smart channel -y \
- --add updates type=rpm-md name="Patches" baseurl=http://controller:${http_port:-8080}/updates/rel-19.12
-
-# Configure smart to use rpm --nolinktos option
-/usr/bin/smart config --set rpm-nolinktos=true
-
-# Configure smart to use rpm --nosignature option
-/usr/bin/smart config --set rpm-check-signatures=false
-
-# Delete the CentOS yum repo files
-rm -f /etc/yum.repos.d/CentOS-*
-
-# Persist the boot device naming as UDEV rules so that if the network device
-# order changes post-install that we will still be able to DHCP from the
-# correct interface to reach the active controller. For most nodes only the
-# management/boot interface needs to be persisted but because we require both
-# controllers to be identically configured and controller-0 and controller-1
-# are installed differently (e.g., controller-0 from USB and controller-1 from
-# network) it is not possible to know which interface to persist for
-# controller-0. The simplest solution is to persist all interfaces.
-#
-mkdir -p /etc/udev/rules.d
-echo "# Persisted network interfaces from anaconda installer" > /etc/udev/rules.d/70-persistent-net.rules
-for dir in /sys/class/net/*; do
- if [ -e ${dir}/device ]; then
- dev=$(basename ${dir})
- mac_address=$(cat /sys/class/net/${dev}/address)
- echo "ACTION==\"add\", SUBSYSTEM==\"net\", DRIVERS==\"?*\", ATTR{address}==\"${mac_address}\", NAME=\"${dev}\"" >> /etc/udev/rules.d/70-persistent-net.rules
- fi
-done
-
-# Mark the sysadmin password as expired immediately
-chage -d 0 sysadmin
-
-# Lock the root password
-passwd -l root
-
-# Enable tmpfs mount for /tmp
-# delete /var/tmp so that it can similinked in
-rm -rf /var/tmp
-systemctl enable tmp.mount
-
-# Disable automount of /dev/hugepages
-systemctl mask dev-hugepages.mount
-
-# Disable firewall
-systemctl disable firewalld
-
-# Disable libvirtd
-systemctl disable libvirtd.service
-
-# Enable rsyncd
-systemctl enable rsyncd.service
-
-# Allow root to run sudo from a non-tty (for scripts running as root that run sudo cmds)
-echo 'Defaults:root !requiretty' > /etc/sudoers.d/root
-
-# Make fstab just root read/writable
-chmod 600 /etc/fstab
-
-# Create first_boot flag
-touch /etc/platform/.first_boot
-
-%end
-
-# Template from: post_kernel_controller.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-## Custom kernel options
-KERN_OPTS=" intel_iommu=off usbcore.autosuspend=-1"
-
-## Setup the loop module to support up to 15 partitions so that we can enable the
-## customer to manually resize images if needed.
-##
-KERN_OPTS="${KERN_OPTS} loop.max_part=15"
-
-## Add kernel options to ensure an selinux is disabled
-KERN_OPTS="${KERN_OPTS} selinux=0 enforcing=0"
-
-# Add kernel options to ensure NMI watchdog is enabled, if supported
-KERN_OPTS="${KERN_OPTS} nmi_watchdog=panic,1 softlockup_panic=1"
-
-# Add kernel option to disable biosdevname if enabled
-# As this may already be in GRUB_CMDLINE_LINUX, only add if it is not already present
-grep -q '^GRUB_CMDLINE_LINUX=.*biosdevname=0' /etc/default/grub
-if [ $? -ne 0 ]; then
- KERN_OPTS="${KERN_OPTS} biosdevname=0"
-fi
-
-# k8s updates
-#KERN_OPTS="${KERN_OPTS} cgroup_disable=memory"
-KERN_OPTS="${KERN_OPTS} user_namespace.enable=1"
-
-# If the installer asked us to use security related kernel params, use
-# them in the grub line as well (until they can be configured via puppet)
-grep -q 'nopti' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nopti"
-fi
-grep -q 'nospectre_v2' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nospectre_v2"
-fi
-
-perl -pi -e 's/(GRUB_CMDLINE_LINUX=.*)\"/\1'"$KERN_OPTS"'\"/g' /etc/default/grub
-
-if [ -d /sys/firmware/efi ] ; then
- grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
-else
- grub2-mkconfig -o /boot/grub2/grub.cfg
-fi
-
-%end
-
-
-# Template from: post_lvm_pv_on_rootfs.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# uncomment the global_filter line in lvm.conf
-perl -0777 -i.bak -pe 's:(# This configuration option has an automatic default value\.\n)\t# global_filter:$1 global_filter:m' /etc/lvm/lvm.conf
-
-# Determine which disk we created our PV on (i.e. the root disk)
-ROOTDISK=$(get_by_path $(pvdisplay --select 'vg_name=cgts-vg' -C -o pv_name --noheadings))
-if [ -z "$ROOTDISK" ]; then
- report_post_failure_with_msg "ERROR: failed to identify rootdisk via pvdisplay"
-fi
-# Edit the LVM config so LVM only looks for LVs on the root disk
-sed -i "s#^\( *\)global_filter = \[.*#\1global_filter = [ \"a|${ROOTDISK}|\", \"r|.*|\" ]#" /etc/lvm/lvm.conf
-%end
-
-
-# Template from: post_usb_controller.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-touch /tmp/repo-include
-
-if [ -d ${srcdir}/patches ]; then
- echo "repo --name=updates --baseurl=file://${srcdir}/patches/" > /tmp/repo-include
-fi
-
-%end
-
-# Repository arguments from %pre
-%include /tmp/repo-include
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-mgmt_dev=none
-
-# Persist the boot device to the platform configuration. This will get
-# overwritten when config_controller is run.
-echo management_interface=$mgmt_dev >> /etc/platform/platform.conf
-
-# persist the default http port number to platform configuration. This
-# will get overwritten when config_controller is run.
-echo http_port=8080 >> /etc/platform/platform.conf
-
-# Build networking scripts
-cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
-%end
-
-
-# Note, this section is different and replaced with a wget
-# if doing the initial install off the network
-%post --nochroot
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-if [ -d $srcdir/Packages ] ; then
- mkdir -p /mnt/sysimage/www/pages/feed/rel-19.12
- cp -r $srcdir/Packages /mnt/sysimage/www/pages/feed/rel-19.12/Packages
- cp -r $srcdir/repodata /mnt/sysimage/www/pages/feed/rel-19.12/repodata
- cp $srcdir/*.cfg /mnt/sysimage/www/pages/feed/rel-19.12
-fi
-
-if [ -d $srcdir/patches ]; then
- mkdir -p /mnt/sysimage/www/pages/updates/rel-19.12
- cp -r $srcdir/patches/Packages /mnt/sysimage/www/pages/updates/rel-19.12/Packages
- cp -r $srcdir/patches/repodata /mnt/sysimage/www/pages/updates/rel-19.12/repodata
- mkdir -p /mnt/sysimage/opt/patching
- cp -r $srcdir/patches/metadata /mnt/sysimage/opt/patching/metadata
- mkdir -p /mnt/sysimage/opt/patching/packages/19.12
-
- find /mnt/sysimage/www/pages/updates/rel-19.12/Packages -name '*.rpm' \
- | xargs --no-run-if-empty -I files cp --preserve=all files /mnt/sysimage/opt/patching/packages/19.12/
-fi
-
-# Create a uuid specific to this installation
-INSTALL_UUID=`uuidgen`
-echo $INSTALL_UUID > /mnt/sysimage/www/pages/feed/rel-19.12/install_uuid
-echo "INSTALL_UUID=$INSTALL_UUID" >> /mnt/sysimage/etc/platform/platform.conf
-%end
-
-%post
-
-# This is a USB install, so set ONBOOT=yes for network devices.
-# Doing this in the %post so we don't unintentionally setup a
-# network device during the installation.
-for f in /etc/sysconfig/network-scripts/ifcfg-*; do
- if grep -q '^ONBOOT=' ${f}; then
- sed -i 's/^ONBOOT=.*/ONBOOT=yes/' ${f}
- else
- echo "ONBOOT=yes" >> ${f}
- fi
- if grep -q '^IPV6_AUTOCONF=' ${f}; then
- sed -i 's/^IPV6_AUTOCONF=.*/IPV6_AUTOCONF=no/' ${f}
- else
- echo "IPV6_AUTOCONF=no" >> ${f}
- fi
-done
-
-%end
-
-
-# Template from: post_usb_addon.cfg
-%pre --erroronfail
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-if [ -f ${srcdir}/ks-addon.cfg ]; then
- cp ${srcdir}/ks-addon.cfg /tmp/
-else
- cat <<EOF > /tmp/ks-addon.cfg
-# No custom addon included
-EOF
-fi
-%end
-
-%post --nochroot
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-# Store the ks-addon.cfg for debugging
-mkdir -p /mnt/sysimage/var/log/anaconda
-cp /tmp/ks-addon.cfg /mnt/sysimage/var/log/anaconda/
-%end
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-%include /tmp/ks-addon.cfg
-
-%end
+++ /dev/null
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-# SPDX-License-Identifier: Apache-2.0
-#
-
-%pre
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-%post
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-
-# Template from: pre_common_head.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-append=
-if [ -n "$console" ] ; then
- append="console=$console"
-fi
-
-if [ -n "$security_profile" ]; then
- append="$append security_profile=$security_profile"
-fi
-
-#### SECURITY PROFILE HANDLING (Pre Installation) ####
-if [ -n "$security_profile" ] && [ "$security_profile" == "extended" ]; then
- # IMA specific boot options:
- # Enable Kernel auditing
- append="$append audit=1"
-else
- # we need to blacklist the IMA and Integrity Modules
- # on standard security profile
- append="$append module_blacklist=integrity,ima"
-
- # Disable Kernel auditing in Standard Security Profile mode
- append="$append audit=0"
-fi
-
-if [ -n "$tboot" ]; then
- append="$append tboot=$tboot"
-else
- append="$append tboot=false"
-fi
-
-boot_device_arg=
-if [ -n "$boot_device" ] ; then
- boot_device_arg="--boot-drive=$(get_by_path $boot_device)"
-fi
-
-echo "bootloader --location=mbr $boot_device_arg --timeout=5 --append=\"$append\"" > /tmp/bootloader-include
-
-echo "timezone --nontp --utc UTC" >/tmp/timezone-include
-%end
-
-#version=DEVEL
-install
-lang en_US.UTF-8
-keyboard us
-%include /tmp/timezone-include
-# set to 'x' so we can use shadow password
-rootpw --iscrypted x
-selinux --disabled
-authconfig --enableshadow --passalgo=sha512
-firewall --service=ssh
-
-# The following is the partition information you requested
-# Note that any partitions you deleted are not expressed
-# here so unless you clear all partitions first, this is
-# not guaranteed to work
-zerombr
-
-# Disk layout from %pre
-%include /tmp/part-include
-# Bootloader parms from %pre
-%include /tmp/bootloader-include
-
-reboot --eject
-
-
-# Template from: pre_net_common.cfg
-%pre
-
-# Setup ntp.conf and sync time
-cat <<EOF >/etc/ntp_kickstart.conf
-server pxecontroller
-EOF
-
-/usr/sbin/ntpd -g -q -n -c /etc/ntp_kickstart.conf
-if [ $? -eq 0 ]; then
- /sbin/hwclock --systohc --utc
-fi
-
-%end
-
-
-# Template from: pre_pkglist.cfg
-%packages
-@core
-@base
--kernel-module-igb-uio-rt
--kernel-module-wrs-avp-rt
--kernel-rt
--kernel-rt-kvm
--kernel-rt-tools
--kernel-rt-tools-libs
--kmod-drbd-rt
--kmod-e1000e-rt
--kmod-i40e-rt
--kmod-ixgbe-rt
--kmod-tpm-rt
--mlnx-ofa_kernel
--mlnx-ofa_kernel-rt
--mlnx-ofa_kernel-rt-modules
--qat16-rt
-@platform-controller
-@updates-controller
-%end
-
-
-# Template from: pre_disk_setup_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# This is a really fancy way of finding the first usable disk for the
-# install and not stomping on the USB device if it comes up first
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-# Find either the ISO or USB device first chopping off partition
-ISO_DEV=`readlink /dev/disk/by-label/oe_iso_boot`
-sdev=`echo $ISO_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- ISO_DEV=$sdev
-fi
-USB_DEV=`readlink /dev/disk/by-label/wr_usb_boot`
-sdev=`echo $USB_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- USB_DEV=$sdev
-fi
-
-# Temporary, until lab pxelinux.cfg files are updated to specify install devices
-if [ -z "$rootfs_device" -o -z "$boot_device" ]
-then
- INST_HDD=""
- # Prefer a vd* device if this is kvm/qemu
- for e in vda vdb sda sdb nvme0n1; do
- if [ -e /dev/$e -a "$ISO_DEV" != "../../$e" -a "$USB_DEV" != "../../$e" ] ; then
- INST_HDD=$e
- break
- fi
- done
-
- # Set variables to $INST_HDD if not set
- rootfs_device=${rootfs_device:-$INST_HDD}
- boot_device=${boot_device:-$INST_HDD}
-fi
-
-# Convert to by-path
-orig_rootfs_device=$rootfs_device
-rootfs_device=$(get_by_path $rootfs_device)
-
-orig_boot_device=$boot_device
-boot_device=$(get_by_path $boot_device)
-
-if [ ! -e "$rootfs_device" -o ! -e "$boot_device" ] ; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is invalid."
-fi
-
-# Ensure specified device is not a USB drive
-udevadm info --query=property --name=$rootfs_device |grep -q '^ID_BUS=usb' || \
- udevadm info --query=property --name=$boot_device |grep -q '^ID_BUS=usb'
-if [ $? -eq 0 ]; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is a USB drive."
-fi
-
-# Deactivate existing volume groups to avoid Anaconda issues with pre-existing groups
-vgs --noheadings -o vg_name | xargs --no-run-if-empty -n 1 vgchange -an
-
-# Remove volumes and group for cgts-vg, if any
-lvremove --force cgts-vg
-pvs --select 'vg_name=cgts-vg' --noheadings -o pv_name | xargs --no-run-if-empty pvremove --force --force --yes
-vgs --select 'vg_name=cgts-vg' --noheadings -o vg_name | xargs --no-run-if-empty vgremove --force
-
-ONLYUSE_HDD=""
-if [ "$(curl -sf http://pxecontroller:6385/v1/upgrade/$(hostname)/in_upgrade 2>/dev/null)" = "true" ]; then
- # In an upgrade, only wipe the disk with the rootfs and boot partition
- echo "In upgrade, wiping only $rootfs_device"
- WIPE_HDD="$(get_disk $rootfs_device)"
- ONLYUSE_HDD="$(basename $(get_disk $rootfs_device))"
- if [ "$(get_disk $rootfs_device)" != "$(get_disk $boot_device)" ]; then
- WIPE_HDD="$WIPE_HDD,$(get_disk $boot_device)"
- ONLYUSE_HDD="$ONLYUSE_HDD,$(basename $(get_disk $boot_device))"
- fi
-else
- # Make a list of all the hard drives that are to be wiped
- WIPE_HDD=""
- # Partition type OSD has a unique globally identifier
- part_type_guid_str="Partition GUID code"
- CEPH_OSD_GUID="4FBD7E29-9D25-41B8-AFD0-062C0CEFF05D"
-
- # Check if we wipe OSDs
- if [ "$(curl -sf http://pxecontroller:6385/v1/ihosts/wipe_osds 2>/dev/null)" = "true" ]; then
- echo "Wipe OSD data."
- WIPE_CEPH_OSDS="true"
- else
- echo "Skip Ceph OSD data wipe."
- WIPE_CEPH_OSDS="false"
- fi
-
- for f in /dev/disk/by-path/*
- do
- dev=$(readlink -f $f)
- lsblk --nodeps --pairs $dev | grep -q 'TYPE="disk"'
- if [ $? -ne 0 ]
- then
- continue
- fi
-
- # Avoid wiping USB drives
- udevadm info --query=property --name=$dev |grep -q '^ID_BUS=usb' && continue
-
- # Avoid wiping ceph osds if sysinv tells us so
- if [ ${WIPE_CEPH_OSDS} == "false" ]; then
- wipe_dev="true"
- part_numbers=( `parted -s $dev print | awk '$1 == "Number" {i=1; next}; i {print $1}'` )
- # Scanning the partitions looking for CEPH OSDs and
- # skipping any disk found with such partitions
- for part_number in "${part_numbers[@]}"; do
- sgdisk_part_info=$(flock $dev sgdisk -i $part_number $dev)
- part_type_guid=$(echo "$sgdisk_part_info" | grep "$part_type_guid_str" | awk '{print $4;}')
- if [ "$part_type_guid" == $CEPH_OSD_GUID ]; then
- echo "OSD found on $dev, skipping wipe"
- wipe_dev="false"
- break
- fi
- done
- if [ "$wipe_dev" == "false" ]; then
- continue
- fi
- fi
-
- # Add device to the wipe list
- devname=$(basename $dev)
- if [ -e $dev -a "$ISO_DEV" != "../../$devname" -a "$USB_DEV" != "../../$devname" ]; then
- if [ -n "$WIPE_HDD" ]; then
- WIPE_HDD=$WIPE_HDD,$dev
- else
- WIPE_HDD=$dev
- fi
- fi
- done
- echo "Not in upgrade, wiping disks: $WIPE_HDD"
-fi
-
-for dev in ${WIPE_HDD//,/ }
-do
- # Clearing previous GPT tables or LVM data
- # Delete the first few bytes at the start and end of the partition. This is required with
- # GPT partitions, they save partition info at the start and the end of the block.
- # Do this for each partition on the disk, as well.
- partitions=$(lsblk -rip $dev -o TYPE,NAME |awk '$1 == "part" {print $2}')
- for p in $partitions $dev
- do
- echo "Pre-wiping $p from kickstart"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
- done
-done
-
-# Check for remaining cgts-vg PVs, which could potentially happen
-# in an upgrade where we're not wiping all disks.
-# If we ever create other volume groups from kickstart in the future,
-# include them in this search as well.
-partitions=$(pvs --select 'vg_name=cgts-vg' -o pv_name --noheading | grep -v '\[unknown\]')
-for p in $partitions
-do
- echo "Pre-wiping $p from kickstart (cgts-vg present)"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
-done
-
-let -i gb=1024*1024*1024
-
-cat<<EOF>/tmp/part-include
-clearpart --all --drives=$WIPE_HDD --initlabel
-EOF
-
-if [ -n "$ONLYUSE_HDD" ]; then
- cat<<EOF>>/tmp/part-include
-ignoredisk --only-use=$ONLYUSE_HDD
-EOF
-fi
-
-if [ -d /sys/firmware/efi ] ; then
- cat<<EOF>>/tmp/part-include
-part /boot/efi --fstype=efi --size=300 --ondrive=$(get_disk $boot_device)
-EOF
-else
- cat<<EOF>>/tmp/part-include
-part biosboot --asprimary --fstype=biosboot --size=1 --ondrive=$(get_disk $boot_device)
-EOF
-fi
-
-
-# Template from: pre_disk_controller.cfg
-
-## NOTE: updates to partition sizes need to be also reflected in
-## _controller_filesystem_limits() in sysinv/api/controllers/v1/istorconfig.py
-
-ROOTFS_SIZE=20000
-LOG_VOL_SIZE=8000
-SCRATCH_VOL_SIZE=8000
-
-ROOTFS_OPTIONS="defaults"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- # Enable iversion labelling for rootfs when IMA is enabled
- ROOTFS_OPTIONS="${ROOTFS_OPTIONS},iversion"
-fi
-
-cat<<EOF>>/tmp/part-include
-part /boot --fstype=ext4 --asprimary --size=500 --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-part pv.253004 --grow --asprimary --size=500 --ondrive=$(get_disk $rootfs_device)
-volgroup cgts-vg --pesize=32768 pv.253004
-logvol /var/log --fstype=ext4 --vgname=cgts-vg --size=$LOG_VOL_SIZE --name=log-lv
-logvol /scratch --fstype=ext4 --vgname=cgts-vg --size=$SCRATCH_VOL_SIZE --name=scratch-lv
-part / --fstype=ext4 --asprimary --size=$ROOTFS_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-
-EOF
-
-%end
-
-
-# Template from: post_platform_conf_controller.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Set the security profile mode
-secprofile="standard"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- secprofile="extended"
-fi
-
-mkdir -p -m 0775 /etc/platform
-cat <<EOF > /etc/platform/platform.conf
-nodetype=controller
-subfunction=controller
-system_type=Standard
-security_profile=$secprofile
-EOF
-
-%end
-
-
-# Template from: post_common.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Turn off locale support for i18n if is not installed
-if [ ! -d /usr/share/i18n ] ; then
- rm -f /etc/sysconfig/i18n
-fi
-# Unset the hostname
-rm /etc/hostname
-
-# If using a serial install make sure to add a getty on the tty1
-conarg=`cat /proc/cmdline |xargs -n1 echo |grep console= |grep ttyS`
-if [ -n "$conarg" ] ; then
- echo "1:2345:respawn:/sbin/mingetty tty1" >> /etc/inittab
-fi
-
-#### SECURITY PROFILE HANDLING (Post Installation) ####
-# Check if the Security profile mode is enabled
-# and load the appropriate kernel modules
-secprofile=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$secprofile" ]; then
- echo "In Extended Security profile mode. Loading IMA kernel module"
- systemctl enable auditd.service
- # Add the securityfs mount for the IMA Runtime measurement list
- echo "securityfs /sys/kernel/security securityfs defaults,nodev 0 0" >> /etc/fstab
-else
- # Disable audit daemon in the Standard Security Profile
- systemctl disable auditd
-fi
-
-. /etc/platform/platform.conf
-# Configure smart package manager channels
-rm -rf /var/lib/smart
-mkdir /var/lib/smart
-/usr/bin/smart channel -y \
- --add rpmdb type=rpm-sys name="RPM Database"
-/usr/bin/smart channel -y \
- --add base type=rpm-md name="Base" baseurl=http://controller:${http_port:-8080}/feed/rel-19.12
-/usr/bin/smart channel -y \
- --add updates type=rpm-md name="Patches" baseurl=http://controller:${http_port:-8080}/updates/rel-19.12
-
-# Configure smart to use rpm --nolinktos option
-/usr/bin/smart config --set rpm-nolinktos=true
-
-# Configure smart to use rpm --nosignature option
-/usr/bin/smart config --set rpm-check-signatures=false
-
-# Delete the CentOS yum repo files
-rm -f /etc/yum.repos.d/CentOS-*
-
-# Persist the boot device naming as UDEV rules so that if the network device
-# order changes post-install that we will still be able to DHCP from the
-# correct interface to reach the active controller. For most nodes only the
-# management/boot interface needs to be persisted but because we require both
-# controllers to be identically configured and controller-0 and controller-1
-# are installed differently (e.g., controller-0 from USB and controller-1 from
-# network) it is not possible to know which interface to persist for
-# controller-0. The simplest solution is to persist all interfaces.
-#
-mkdir -p /etc/udev/rules.d
-echo "# Persisted network interfaces from anaconda installer" > /etc/udev/rules.d/70-persistent-net.rules
-for dir in /sys/class/net/*; do
- if [ -e ${dir}/device ]; then
- dev=$(basename ${dir})
- mac_address=$(cat /sys/class/net/${dev}/address)
- echo "ACTION==\"add\", SUBSYSTEM==\"net\", DRIVERS==\"?*\", ATTR{address}==\"${mac_address}\", NAME=\"${dev}\"" >> /etc/udev/rules.d/70-persistent-net.rules
- fi
-done
-
-# Mark the sysadmin password as expired immediately
-chage -d 0 sysadmin
-
-# Lock the root password
-passwd -l root
-
-# Enable tmpfs mount for /tmp
-# delete /var/tmp so that it can similinked in
-rm -rf /var/tmp
-systemctl enable tmp.mount
-
-# Disable automount of /dev/hugepages
-systemctl mask dev-hugepages.mount
-
-# Disable firewall
-systemctl disable firewalld
-
-# Disable libvirtd
-systemctl disable libvirtd.service
-
-# Enable rsyncd
-systemctl enable rsyncd.service
-
-# Allow root to run sudo from a non-tty (for scripts running as root that run sudo cmds)
-echo 'Defaults:root !requiretty' > /etc/sudoers.d/root
-
-# Make fstab just root read/writable
-chmod 600 /etc/fstab
-
-# Create first_boot flag
-touch /etc/platform/.first_boot
-
-%end
-
-# Template from: post_kernel_controller.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-## Custom kernel options
-KERN_OPTS=" intel_iommu=off usbcore.autosuspend=-1"
-
-## Setup the loop module to support up to 15 partitions so that we can enable the
-## customer to manually resize images if needed.
-##
-KERN_OPTS="${KERN_OPTS} loop.max_part=15"
-
-## Add kernel options to ensure an selinux is disabled
-KERN_OPTS="${KERN_OPTS} selinux=0 enforcing=0"
-
-# Add kernel options to ensure NMI watchdog is enabled, if supported
-KERN_OPTS="${KERN_OPTS} nmi_watchdog=panic,1 softlockup_panic=1"
-
-# Add kernel option to disable biosdevname if enabled
-# As this may already be in GRUB_CMDLINE_LINUX, only add if it is not already present
-grep -q '^GRUB_CMDLINE_LINUX=.*biosdevname=0' /etc/default/grub
-if [ $? -ne 0 ]; then
- KERN_OPTS="${KERN_OPTS} biosdevname=0"
-fi
-
-# k8s updates
-#KERN_OPTS="${KERN_OPTS} cgroup_disable=memory"
-KERN_OPTS="${KERN_OPTS} user_namespace.enable=1"
-
-# If the installer asked us to use security related kernel params, use
-# them in the grub line as well (until they can be configured via puppet)
-grep -q 'nopti' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nopti"
-fi
-grep -q 'nospectre_v2' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nospectre_v2"
-fi
-
-perl -pi -e 's/(GRUB_CMDLINE_LINUX=.*)\"/\1'"$KERN_OPTS"'\"/g' /etc/default/grub
-
-if [ -d /sys/firmware/efi ] ; then
- grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
-else
- grub2-mkconfig -o /boot/grub2/grub.cfg
-fi
-
-%end
-
-
-# Template from: post_lvm_pv_on_rootfs.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# uncomment the global_filter line in lvm.conf
-perl -0777 -i.bak -pe 's:(# This configuration option has an automatic default value\.\n)\t# global_filter:$1 global_filter:m' /etc/lvm/lvm.conf
-
-# Determine which disk we created our PV on (i.e. the root disk)
-ROOTDISK=$(get_by_path $(pvdisplay --select 'vg_name=cgts-vg' -C -o pv_name --noheadings))
-if [ -z "$ROOTDISK" ]; then
- report_post_failure_with_msg "ERROR: failed to identify rootdisk via pvdisplay"
-fi
-# Edit the LVM config so LVM only looks for LVs on the root disk
-sed -i "s#^\( *\)global_filter = \[.*#\1global_filter = [ \"a|${ROOTDISK}|\", \"r|.*|\" ]#" /etc/lvm/lvm.conf
-%end
-
-
-# Template from: post_net_controller.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-http_port=$(get_http_port)
-# Retrieve the installation uuid from the controller we booted from
-INSTALL_UUID=`curl -sf http://pxecontroller:${http_port:-8080}/feed/rel-19.12/install_uuid`
-if [ $? -ne 0 ]
-then
- INSTALL_UUID=unknown
-fi
-
-grep -q INSTALL_UUID /etc/platform/platform.conf
-if [ $? -ne 0 ]; then
- echo "INSTALL_UUID=$INSTALL_UUID" >> /etc/platform/platform.conf
-fi
-
-cd /www/pages
-# Sync software repository
-feed_url=http://pxecontroller:${http_port:-8080}/feed/
-anaconda_logdir=/var/log/anaconda
-mkdir -p $anaconda_logdir
-
-echo "Mirroring software repository (may take several minutes)..." >/dev/console
-wget --recursive --no-parent --no-host-directories --no-clobber --reject 'index.html*' --reject '*.log' $feed_url/ -o $anaconda_logdir/wget-feed-mirror.log \
- || report_post_failure_with_logfile $anaconda_logdir/wget-feed-mirror.log
-
-# Sync patching repository
-updates_url=http://pxecontroller:${http_port:-8080}/updates/
-wget --mirror --no-parent --no-host-directories --reject 'index.html*' --reject '*.log' $updates_url/ -o $anaconda_logdir/wget-updates-mirror.log \
- || report_post_failure_with_logfile $anaconda_logdir/wget-updates-mirror.log
-echo "Done" >/dev/console
-
-shopt -s nullglob
-
-# Check whether a second release is installed
-. /etc/build.info
-CURRENT_REL_DIR=rel-${SW_VERSION}
-OTHER_REL_DIR=
-for REL_DIR in /www/pages/feed/*; do
- if [[ ! $REL_DIR =~ "${SW_VERSION}" ]]; then
- OTHER_REL_DIR=`basename $REL_DIR`
- OTHER_REL_VERSION=${OTHER_REL_DIR:4}
- break
- fi
-done
-
-# If second release is installed, find the latest version of the installer
-# RPM and install the pxeboot files we require to boot hosts with that release.
-if [ ! -z "$OTHER_REL_DIR" ]; then
- PATCH_RPM=`find /www/pages/updates/${OTHER_REL_DIR}/Packages -name 'pxe-network-installer*' | sort -V | tail -1`
- BASE_RPM=`find /www/pages/feed/${OTHER_REL_DIR}/Packages -name 'pxe-network-installer*' | sort -V | tail -1`
-
- if [ ! -z "$PATCH_RPM" ]; then
- INSTALL_RPM=$PATCH_RPM
- elif [ ! -z "$BASE_RPM" ]; then
- INSTALL_RPM=$BASE_RPM
- else
- report_post_failure_with_msg "ERROR: Unable to find pxe-network-installer RPM for $OTHER_REL_DIR. Aborting installation."
- fi
-
- echo "Installing pxeboot files for release $OTHER_REL_DIR from $INSTALL_RPM" >/dev/console
- TMP_RPM=/tmp/pxe-network-installer
- mkdir $TMP_RPM
- pushd $TMP_RPM
- /usr/bin/rpm2cpio $INSTALL_RPM | cpio -idm \
- || report_post_failure_with_msg "Failed to extract pxe-network-installer"
-
- cp -r $TMP_RPM/usr / \
- || report_post_failure_with_msg "Failed to copy pxe-network-installer /usr"
- cp -r $TMP_RPM/pxeboot/$OTHER_REL_DIR /pxeboot/ \
- || report_post_failure_with_msg "Failed to copy pxe-network-installer /pxeboot/$OTHER_REL_DIR"
- cp $TMP_RPM/pxeboot/pxelinux.cfg.files/*-$OTHER_REL_VERSION /pxeboot/pxelinux.cfg.files/ \
- || report_post_failure_with_msg "Failed to copy pxe-network-installer pxelinux.cfg files"
-
- rm -rf $TMP_RPM
-fi
-
-%end
-
-# Template from: post_net_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-http_port=$(get_http_port)
-echo "repo --name=base --baseurl=http://pxecontroller:${http_port:-8080}/feed/rel-19.12/" > /tmp/repo-include
-echo "repo --name=updates --baseurl=http://pxecontroller:${http_port:-8080}/updates/rel-19.12/" > /tmp/repo-include
-
-%end
-
-# Repository arguments from %pre
-%include /tmp/repo-include
-
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Persist the http port to the platform configuration
-echo http_port=$(get_http_port) >> /etc/platform/platform.conf
-
-# Obtain the boot interface from the PXE boot
-BOOTIF=`cat /proc/cmdline |xargs -n1 echo |grep BOOTIF=`
-if [ -d /sys/firmware/efi ] ; then
- BOOTIF=${BOOTIF#BOOTIF=}
-else
- BOOTIF=${BOOTIF#BOOTIF=01-}
- BOOTIF=${BOOTIF//-/:}
-fi
-
-mgmt_dev=none
-mgmt_vlan=0
-if [ -n "$BOOTIF" ] ; then
- ndev=`ip link show |grep -B 1 $BOOTIF |head -1 |awk '{print $2}' |sed -e 's/://'`
- if [ -n "$ndev" ] ; then
- mgmt_dev=$ndev
- # Retrieve the management VLAN from sysinv if it exists
- mgmt_vlan=`curl -sf http://pxecontroller:6385/v1/isystems/mgmtvlan`
- if [ $? -ne 0 ]
- then
- report_post_failure_with_msg "ERROR: Unable to communicate with System Inventory REST API. Aborting installation."
- fi
- else
- report_post_failure_with_msg "ERROR: Unable to determine mgmt interface from BOOTIF=$BOOTIF."
- fi
-else
- report_post_failure_with_msg "ERROR: BOOTIF is not set. Unable to determine mgmt interface."
-fi
-
-if [ $mgmt_vlan -eq 0 ] ; then
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=$mgmt_dev >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=dhcp
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
-else
-
- # Check whether to use inet or inet6
- ipv6_addr=$(dig +short AAAA controller)
- if [[ -n "$ipv6_addr" ]]
- then
- mgmt_address_family=inet6
- ipv6init=yes
- dhcpv6c=yes
- dhclientargs=-1
- else
- mgmt_address_family=inet
- ipv6init=no
- dhcpv6c=no
- dhclientargs=
- fi
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=vlan$mgmt_vlan >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=none
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-vlan$mgmt_vlan
-DEVICE=vlan$mgmt_vlan
-BOOTPROTO=dhcp
-DHCLIENTARGS=$dhclientargs
-IPV6INIT=$ipv6init
-DHCPV6C=$dhcpv6c
-ONBOOT=yes
-IPV6_AUTOCONF=no
-PHYSDEV=$mgmt_dev
-VLAN=yes
-LINKDELAY=20
-EOF
-
- # Reject DHCPOFFER from DHCP server that doesn't send
- # wrs-install-uuid option
- echo "require wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
- echo "require dhcp6.wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
-
- # Bring up the mgmt vlan so that a dhcp lease is acquired and an address is
- # setup prior to the post-install reboot. This is so that the timing of the IP
- # address allocation is similar to how normal/non-pxe installation works.
- mgmt_iface=vlan$mgmt_vlan
- dhclient_family=$([[ $mgmt_address_family == "inet" ]] && echo -4 || echo -6)
- ip link add link $mgmt_dev name $mgmt_iface type vlan id $mgmt_vlan
- ip link set up dev $mgmt_iface
- dhclient $dhclient_family $mgmt_iface || true
-
-fi
-
-%end
+++ /dev/null
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-# SPDX-License-Identifier: Apache-2.0
-#
-
-%pre
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-%post
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-
-# Template from: pre_common_head.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-append=
-if [ -n "$console" ] ; then
- append="console=$console"
-fi
-
-if [ -n "$security_profile" ]; then
- append="$append security_profile=$security_profile"
-fi
-
-#### SECURITY PROFILE HANDLING (Pre Installation) ####
-if [ -n "$security_profile" ] && [ "$security_profile" == "extended" ]; then
- # IMA specific boot options:
- # Enable Kernel auditing
- append="$append audit=1"
-else
- # we need to blacklist the IMA and Integrity Modules
- # on standard security profile
- append="$append module_blacklist=integrity,ima"
-
- # Disable Kernel auditing in Standard Security Profile mode
- append="$append audit=0"
-fi
-
-if [ -n "$tboot" ]; then
- append="$append tboot=$tboot"
-else
- append="$append tboot=false"
-fi
-
-boot_device_arg=
-if [ -n "$boot_device" ] ; then
- boot_device_arg="--boot-drive=$(get_by_path $boot_device)"
-fi
-
-echo "bootloader --location=mbr $boot_device_arg --timeout=5 --append=\"$append\"" > /tmp/bootloader-include
-
-echo "timezone --nontp --utc UTC" >/tmp/timezone-include
-%end
-
-#version=DEVEL
-install
-lang en_US.UTF-8
-keyboard us
-%include /tmp/timezone-include
-# set to 'x' so we can use shadow password
-rootpw --iscrypted x
-selinux --disabled
-authconfig --enableshadow --passalgo=sha512
-firewall --service=ssh
-
-# The following is the partition information you requested
-# Note that any partitions you deleted are not expressed
-# here so unless you clear all partitions first, this is
-# not guaranteed to work
-zerombr
-
-# Disk layout from %pre
-%include /tmp/part-include
-# Bootloader parms from %pre
-%include /tmp/bootloader-include
-
-reboot --eject
-
-
-# Template from: pre_net_common.cfg
-%pre
-
-# Setup ntp.conf and sync time
-cat <<EOF >/etc/ntp_kickstart.conf
-server pxecontroller
-EOF
-
-/usr/sbin/ntpd -g -q -n -c /etc/ntp_kickstart.conf
-if [ $? -eq 0 ]; then
- /sbin/hwclock --systohc --utc
-fi
-
-%end
-
-
-# Template from: pre_pkglist.cfg
-%packages
-@core
-@base
--kernel-module-igb-uio-rt
--kernel-module-wrs-avp-rt
--kernel-rt
--kernel-rt-kvm
--kernel-rt-tools
--kernel-rt-tools-libs
--kmod-drbd-rt
--kmod-e1000e-rt
--kmod-i40e-rt
--kmod-ixgbe-rt
--kmod-tpm-rt
--mlnx-ofa_kernel
--mlnx-ofa_kernel-rt
--mlnx-ofa_kernel-rt-modules
--qat16-rt
-@platform-controller-worker
-@updates-controller-worker
-%end
-
-
-# Template from: pre_disk_setup_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# This is a really fancy way of finding the first usable disk for the
-# install and not stomping on the USB device if it comes up first
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-# Find either the ISO or USB device first chopping off partition
-ISO_DEV=`readlink /dev/disk/by-label/oe_iso_boot`
-sdev=`echo $ISO_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- ISO_DEV=$sdev
-fi
-USB_DEV=`readlink /dev/disk/by-label/wr_usb_boot`
-sdev=`echo $USB_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- USB_DEV=$sdev
-fi
-
-# Temporary, until lab pxelinux.cfg files are updated to specify install devices
-if [ -z "$rootfs_device" -o -z "$boot_device" ]
-then
- INST_HDD=""
- # Prefer a vd* device if this is kvm/qemu
- for e in vda vdb sda sdb nvme0n1; do
- if [ -e /dev/$e -a "$ISO_DEV" != "../../$e" -a "$USB_DEV" != "../../$e" ] ; then
- INST_HDD=$e
- break
- fi
- done
-
- # Set variables to $INST_HDD if not set
- rootfs_device=${rootfs_device:-$INST_HDD}
- boot_device=${boot_device:-$INST_HDD}
-fi
-
-# Convert to by-path
-orig_rootfs_device=$rootfs_device
-rootfs_device=$(get_by_path $rootfs_device)
-
-orig_boot_device=$boot_device
-boot_device=$(get_by_path $boot_device)
-
-if [ ! -e "$rootfs_device" -o ! -e "$boot_device" ] ; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is invalid."
-fi
-
-# Ensure specified device is not a USB drive
-udevadm info --query=property --name=$rootfs_device |grep -q '^ID_BUS=usb' || \
- udevadm info --query=property --name=$boot_device |grep -q '^ID_BUS=usb'
-if [ $? -eq 0 ]; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is a USB drive."
-fi
-
-# Deactivate existing volume groups to avoid Anaconda issues with pre-existing groups
-vgs --noheadings -o vg_name | xargs --no-run-if-empty -n 1 vgchange -an
-
-# Remove volumes and group for cgts-vg, if any
-lvremove --force cgts-vg
-pvs --select 'vg_name=cgts-vg' --noheadings -o pv_name | xargs --no-run-if-empty pvremove --force --force --yes
-vgs --select 'vg_name=cgts-vg' --noheadings -o vg_name | xargs --no-run-if-empty vgremove --force
-
-ONLYUSE_HDD=""
-if [ "$(curl -sf http://pxecontroller:6385/v1/upgrade/$(hostname)/in_upgrade 2>/dev/null)" = "true" ]; then
- # In an upgrade, only wipe the disk with the rootfs and boot partition
- echo "In upgrade, wiping only $rootfs_device"
- WIPE_HDD="$(get_disk $rootfs_device)"
- ONLYUSE_HDD="$(basename $(get_disk $rootfs_device))"
- if [ "$(get_disk $rootfs_device)" != "$(get_disk $boot_device)" ]; then
- WIPE_HDD="$WIPE_HDD,$(get_disk $boot_device)"
- ONLYUSE_HDD="$ONLYUSE_HDD,$(basename $(get_disk $boot_device))"
- fi
-else
- # Make a list of all the hard drives that are to be wiped
- WIPE_HDD=""
- # Partition type OSD has a unique globally identifier
- part_type_guid_str="Partition GUID code"
- CEPH_OSD_GUID="4FBD7E29-9D25-41B8-AFD0-062C0CEFF05D"
-
- # Check if we wipe OSDs
- if [ "$(curl -sf http://pxecontroller:6385/v1/ihosts/wipe_osds 2>/dev/null)" = "true" ]; then
- echo "Wipe OSD data."
- WIPE_CEPH_OSDS="true"
- else
- echo "Skip Ceph OSD data wipe."
- WIPE_CEPH_OSDS="false"
- fi
-
- for f in /dev/disk/by-path/*
- do
- dev=$(readlink -f $f)
- lsblk --nodeps --pairs $dev | grep -q 'TYPE="disk"'
- if [ $? -ne 0 ]
- then
- continue
- fi
-
- # Avoid wiping USB drives
- udevadm info --query=property --name=$dev |grep -q '^ID_BUS=usb' && continue
-
- # Avoid wiping ceph osds if sysinv tells us so
- if [ ${WIPE_CEPH_OSDS} == "false" ]; then
- wipe_dev="true"
- part_numbers=( `parted -s $dev print | awk '$1 == "Number" {i=1; next}; i {print $1}'` )
- # Scanning the partitions looking for CEPH OSDs and
- # skipping any disk found with such partitions
- for part_number in "${part_numbers[@]}"; do
- sgdisk_part_info=$(flock $dev sgdisk -i $part_number $dev)
- part_type_guid=$(echo "$sgdisk_part_info" | grep "$part_type_guid_str" | awk '{print $4;}')
- if [ "$part_type_guid" == $CEPH_OSD_GUID ]; then
- echo "OSD found on $dev, skipping wipe"
- wipe_dev="false"
- break
- fi
- done
- if [ "$wipe_dev" == "false" ]; then
- continue
- fi
- fi
-
- # Add device to the wipe list
- devname=$(basename $dev)
- if [ -e $dev -a "$ISO_DEV" != "../../$devname" -a "$USB_DEV" != "../../$devname" ]; then
- if [ -n "$WIPE_HDD" ]; then
- WIPE_HDD=$WIPE_HDD,$dev
- else
- WIPE_HDD=$dev
- fi
- fi
- done
- echo "Not in upgrade, wiping disks: $WIPE_HDD"
-fi
-
-for dev in ${WIPE_HDD//,/ }
-do
- # Clearing previous GPT tables or LVM data
- # Delete the first few bytes at the start and end of the partition. This is required with
- # GPT partitions, they save partition info at the start and the end of the block.
- # Do this for each partition on the disk, as well.
- partitions=$(lsblk -rip $dev -o TYPE,NAME |awk '$1 == "part" {print $2}')
- for p in $partitions $dev
- do
- echo "Pre-wiping $p from kickstart"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
- done
-done
-
-# Check for remaining cgts-vg PVs, which could potentially happen
-# in an upgrade where we're not wiping all disks.
-# If we ever create other volume groups from kickstart in the future,
-# include them in this search as well.
-partitions=$(pvs --select 'vg_name=cgts-vg' -o pv_name --noheading | grep -v '\[unknown\]')
-for p in $partitions
-do
- echo "Pre-wiping $p from kickstart (cgts-vg present)"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
-done
-
-let -i gb=1024*1024*1024
-
-cat<<EOF>/tmp/part-include
-clearpart --all --drives=$WIPE_HDD --initlabel
-EOF
-
-if [ -n "$ONLYUSE_HDD" ]; then
- cat<<EOF>>/tmp/part-include
-ignoredisk --only-use=$ONLYUSE_HDD
-EOF
-fi
-
-if [ -d /sys/firmware/efi ] ; then
- cat<<EOF>>/tmp/part-include
-part /boot/efi --fstype=efi --size=300 --ondrive=$(get_disk $boot_device)
-EOF
-else
- cat<<EOF>>/tmp/part-include
-part biosboot --asprimary --fstype=biosboot --size=1 --ondrive=$(get_disk $boot_device)
-EOF
-fi
-
-
-# Template from: pre_disk_aio.cfg
-
-## NOTE: updates to partition sizes need to be also reflected in
-## - stx-config/.../sysinv/conductor/manager.py:create_controller_filesystems()
-## - stx-config/.../sysinv/common/constants.py
-##
-## NOTE: When adding partitions, we currently have a max of 4 primary partitions.
-## If more than 4 partitions are required, we can use a max of 3 --asprimary,
-## to allow 1 primary logical partition with extended partitions
-##
-## NOTE: Max default PV size must align with the default controllerfs sizes
-##
-## BACKUP_OVERHEAD = 20
-##
-## Physical install (for disks over 240GB)
-## - DB size is doubled to allow for upgrades
-##
-## DEFAULT_IMAGE_STOR_SIZE = 10
-## DEFAULT_DATABASE_STOR_SIZE = 20
-## DEFAULT_IMG_CONVERSION_STOR_SIZE = 20
-## BACKUP = DEFAULT_DATABASE_STOR_SIZE + DEFAULT_IMAGE_STOR_SIZE
-## + BACKUP_OVERHEAD = 50
-## LOG_VOL_SIZE = 8192
-## SCRATCH_VOL_SIZE = 8192
-## RABBIT = 2048
-## PLATFORM = 2048
-## ANCHOR = 1024
-## EXTENSION = 1024
-## GNOCCHI = 5120
-## DOCKER = 30720
-## DOCKER_DIST = 16384
-## ETCD = 5120
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-## CGCS_PV_SIZE = 10240 + 2*20480 + 20480 + 51200 + 8196 + 8196 + 2048 +
-## 2048 + 1024 + 1024 + 5120 + 30720 + 16384 + 5120 +
-## 20480 + 10240 + 16 = 233496
-##
-## small install - (for disks below 240GB)
-## - DB size is doubled to allow for upgrades
-##
-## DEFAULT_SMALL_IMAGE_STOR_SIZE = 10
-## DEFAULT_SMALL_DATABASE_STOR_SIZE = 10
-## DEFAULT_SMALL_IMG_CONVERSION_STOR_SIZE = 10
-## DEFAULT_SMALL_BACKUP_STOR_SIZE = 40
-##
-## LOG_VOL_SIZE = 8192
-## SCRATCH_VOL_SIZE = 8192
-## RABBIT = 2048
-## PLATFORM = 2048
-## ANCHOR = 1024
-## EXTENSION = 1024
-## GNOCCHI = 5120
-## DOCKER = 30720
-## DOCKER_DIST = 16384
-## ETCD = 5120
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-##
-## CGCS_PV_SIZE = 10240 + 2*10240 + 10240 + 40960 + 8192 + 8192 + 2048 +
-## 2048 + 1024 + 1024 + 5120 + 30720 + 16384 + 5120 +
-## 20480 + 10240 + 16 = 192528
-##
-## NOTE: To maintain upgrade compatability within the volume group, keep the
-## undersized LOG_VOL_SIZE and SCRATCH_VOL_SIZE, but size the minimally size
-## physical volume correctly.
-##
-## R4 AIO installations:
-## - R4 (case #1): /boot (0.5G), / (20G),
-## cgts-vg PV (239G), /local_pv (239G)
-## - R4 (case #2): /boot (0.5G), / (20G),
-## cgts-vg PV (239G), cgts-vg (239G)
-##
-## Upgrade migration will start with R5 install and create a partition to align
-## above so filesystems within the volume group will be able to maintain their
-## sizes in R5
-## - R5 install : /boot (0.5G), / (20G),
-## cgts-vg PV (142G), un-partitioned (336G)
-## - R5 (case #1): /boot (0.5G), / (20G),
-## cgts-vg PV (142G), cgts-vg PV (97G), unpartitioned (239G)
-## - R5 (case #2): /boot (0.5G), / (20G),
-## cgts-vg PV (142G), cgts-vg PV (336G)
-##
-
-sz=$(blockdev --getsize64 $(get_disk $rootfs_device))
-if [ $sz -le $((240*$gb)) ] ; then
- # Round CGCS_PV_SIZE to the closest upper value that can be divided by 1024.
- # 192528/1024=188.01. CGCS_PV_SIZE=189*1024=193536. Using a disk with a
- # size under 189GiB will fail.
- CGCS_PV_SIZE=193536
-else
- # Round CGCS_PV_SIZE to the closest upper value that can be divided by 1024.
- # 233496/1024=228.02. CGCS_PV_SIZE=229*1024=234496.
- CGCS_PV_SIZE=234496
-fi
-
-ROOTFS_SIZE=20000
-LOG_VOL_SIZE=8000
-SCRATCH_VOL_SIZE=8000
-
-ROOTFS_OPTIONS="defaults"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- # Enable iversion labelling for rootfs when IMA is enabled
- ROOTFS_OPTIONS="${ROOTFS_OPTIONS},iversion"
-fi
-
-cat<<EOF>>/tmp/part-include
-part /boot --fstype=ext4 --asprimary --size=500 --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-part pv.253004 --grow --size=500 --maxsize=$CGCS_PV_SIZE --ondrive=$(get_disk $rootfs_device)
-volgroup cgts-vg --pesize=32768 pv.253004
-logvol /var/log --fstype=ext4 --vgname=cgts-vg --size=$LOG_VOL_SIZE --name=log-lv
-logvol /scratch --fstype=ext4 --vgname=cgts-vg --size=$SCRATCH_VOL_SIZE --name=scratch-lv
-part / --fstype=ext4 --asprimary --size=$ROOTFS_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-EOF
-
-%end
-
-
-# Template from: post_platform_conf_aio.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Set the security profile mode
-secprofile="standard"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- secprofile="extended"
-fi
-
-mkdir -p -m 0775 /etc/platform
-cat <<EOF > /etc/platform/platform.conf
-nodetype=controller
-subfunction=controller,worker
-system_type=All-in-one
-security_profile=$secprofile
-EOF
-
-%end
-
-
-# Template from: post_common.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Turn off locale support for i18n if is not installed
-if [ ! -d /usr/share/i18n ] ; then
- rm -f /etc/sysconfig/i18n
-fi
-# Unset the hostname
-rm /etc/hostname
-
-# If using a serial install make sure to add a getty on the tty1
-conarg=`cat /proc/cmdline |xargs -n1 echo |grep console= |grep ttyS`
-if [ -n "$conarg" ] ; then
- echo "1:2345:respawn:/sbin/mingetty tty1" >> /etc/inittab
-fi
-
-#### SECURITY PROFILE HANDLING (Post Installation) ####
-# Check if the Security profile mode is enabled
-# and load the appropriate kernel modules
-secprofile=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$secprofile" ]; then
- echo "In Extended Security profile mode. Loading IMA kernel module"
- systemctl enable auditd.service
- # Add the securityfs mount for the IMA Runtime measurement list
- echo "securityfs /sys/kernel/security securityfs defaults,nodev 0 0" >> /etc/fstab
-else
- # Disable audit daemon in the Standard Security Profile
- systemctl disable auditd
-fi
-
-. /etc/platform/platform.conf
-# Configure smart package manager channels
-rm -rf /var/lib/smart
-mkdir /var/lib/smart
-/usr/bin/smart channel -y \
- --add rpmdb type=rpm-sys name="RPM Database"
-/usr/bin/smart channel -y \
- --add base type=rpm-md name="Base" baseurl=http://controller:${http_port:-8080}/feed/rel-19.12
-/usr/bin/smart channel -y \
- --add updates type=rpm-md name="Patches" baseurl=http://controller:${http_port:-8080}/updates/rel-19.12
-
-# Configure smart to use rpm --nolinktos option
-/usr/bin/smart config --set rpm-nolinktos=true
-
-# Configure smart to use rpm --nosignature option
-/usr/bin/smart config --set rpm-check-signatures=false
-
-# Delete the CentOS yum repo files
-rm -f /etc/yum.repos.d/CentOS-*
-
-# Persist the boot device naming as UDEV rules so that if the network device
-# order changes post-install that we will still be able to DHCP from the
-# correct interface to reach the active controller. For most nodes only the
-# management/boot interface needs to be persisted but because we require both
-# controllers to be identically configured and controller-0 and controller-1
-# are installed differently (e.g., controller-0 from USB and controller-1 from
-# network) it is not possible to know which interface to persist for
-# controller-0. The simplest solution is to persist all interfaces.
-#
-mkdir -p /etc/udev/rules.d
-echo "# Persisted network interfaces from anaconda installer" > /etc/udev/rules.d/70-persistent-net.rules
-for dir in /sys/class/net/*; do
- if [ -e ${dir}/device ]; then
- dev=$(basename ${dir})
- mac_address=$(cat /sys/class/net/${dev}/address)
- echo "ACTION==\"add\", SUBSYSTEM==\"net\", DRIVERS==\"?*\", ATTR{address}==\"${mac_address}\", NAME=\"${dev}\"" >> /etc/udev/rules.d/70-persistent-net.rules
- fi
-done
-
-# Mark the sysadmin password as expired immediately
-chage -d 0 sysadmin
-
-# Lock the root password
-passwd -l root
-
-# Enable tmpfs mount for /tmp
-# delete /var/tmp so that it can similinked in
-rm -rf /var/tmp
-systemctl enable tmp.mount
-
-# Disable automount of /dev/hugepages
-systemctl mask dev-hugepages.mount
-
-# Disable firewall
-systemctl disable firewalld
-
-# Disable libvirtd
-systemctl disable libvirtd.service
-
-# Enable rsyncd
-systemctl enable rsyncd.service
-
-# Allow root to run sudo from a non-tty (for scripts running as root that run sudo cmds)
-echo 'Defaults:root !requiretty' > /etc/sudoers.d/root
-
-# Make fstab just root read/writable
-chmod 600 /etc/fstab
-
-# Create first_boot flag
-touch /etc/platform/.first_boot
-
-%end
-
-# Template from: post_kernel_aio_and_worker.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-# Update grub with custom kernel bootargs
-source /etc/init.d/cpumap_functions.sh
-n_cpus=$(cat /proc/cpuinfo 2>/dev/null | \
- awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-n_numa=$(ls -d /sys/devices/system/node/node* 2>/dev/null | wc -l)
-KERN_OPTS=" iommu=pt usbcore.autosuspend=-1"
-
-KERN_OPTS="${KERN_OPTS} hugepagesz=2M hugepages=0 default_hugepagesz=2M"
-
-# If this is an all-in-one system, we need at least 4 CPUs
-if [ "$system_type" = "All-in-one" -a ${n_cpus} -lt 4 ]; then
- report_post_failure_with_msg "ERROR: At least 4 CPUs are required for controller+worker node."
-fi
-
-# Add kernel options for cpu isolation / affinity
-if [ ${n_cpus} -gt 1 ]
-then
- base_cpulist=$(platform_expanded_cpu_list)
- base_cpumap=$(cpulist_to_cpumap ${base_cpulist} ${n_cpus})
- avp_cpulist=$(vswitch_expanded_cpu_list)
- norcu_cpumap=$(invert_cpumap ${base_cpumap} ${n_cpus})
- norcu_cpulist=$(cpumap_to_cpulist ${norcu_cpumap} ${n_cpus})
-
- if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} isolcpus=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} nohz_full=${norcu_cpulist}"
- else
- KERN_OPTS="${KERN_OPTS} isolcpus=${avp_cpulist}"
- fi
- KERN_OPTS="${KERN_OPTS} rcu_nocbs=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} kthread_cpus=${base_cpulist}"
- KERN_OPTS="${KERN_OPTS} irqaffinity=${base_cpulist}"
- # Update vswitch.conf
- sed -i "s/^VSWITCH_CPU_LIST=.*/VSWITCH_CPU_LIST=\"${avp_cpulist}\"/" /etc/vswitch/vswitch.conf
-fi
-
-# Add kernel options to ensure an selinux is disabled
-KERN_OPTS="${KERN_OPTS} selinux=0 enforcing=0"
-
-# Add kernel options to set NMI watchdog
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=0 softlockup_panic=0"
-else
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=panic,1 softlockup_panic=1"
-fi
-
-if [[ "$(dmidecode -s system-product-name)" =~ ^ProLiant.*Gen8$ ]]; then
- KERN_OPTS="${KERN_OPTS} intel_iommu=on,eth_no_rmrr"
-else
- KERN_OPTS="${KERN_OPTS} intel_iommu=on"
-fi
-
-# Add kernel option to disable biosdevname if enabled
-# As this may already be in GRUB_CMDLINE_LINUX, only add if it is not already present
-grep -q '^GRUB_CMDLINE_LINUX=.*biosdevname=0' /etc/default/grub
-if [ $? -ne 0 ]; then
- KERN_OPTS="${KERN_OPTS} biosdevname=0"
-fi
-
-# Add kernel options to disable kvm-intel.eptad on Broadwell
-# Broadwell: Model: 79, Model name: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
-if grep -q -E "^model\s+:\s+79$" /proc/cpuinfo
-then
- KERN_OPTS="${KERN_OPTS} kvm-intel.eptad=0"
-fi
-
-# k8s updates:
-#KERN_OPTS="${KERN_OPTS} cgroup_disable=memory"
-KERN_OPTS="${KERN_OPTS} user_namespace.enable=1"
-
-# Add kernel option to avoid jiffies_lock contention on real-time kernel
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} skew_tick=1"
-fi
-
-# If the installer asked us to use security related kernel params, use
-# them in the grub line as well (until they can be configured via puppet)
-grep -q 'nopti' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nopti"
-fi
-grep -q 'nospectre_v2' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nospectre_v2"
-fi
-
-perl -pi -e 's/(GRUB_CMDLINE_LINUX=.*)\"/\1'"$KERN_OPTS"'\"/g' /etc/default/grub
-
-if [ -d /sys/firmware/efi ] ; then
- grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
-else
- grub2-mkconfig -o /boot/grub2/grub.cfg
-fi
-
-%end
-
-
-# Template from: post_lvm_pv_on_rootfs.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# uncomment the global_filter line in lvm.conf
-perl -0777 -i.bak -pe 's:(# This configuration option has an automatic default value\.\n)\t# global_filter:$1 global_filter:m' /etc/lvm/lvm.conf
-
-# Determine which disk we created our PV on (i.e. the root disk)
-ROOTDISK=$(get_by_path $(pvdisplay --select 'vg_name=cgts-vg' -C -o pv_name --noheadings))
-if [ -z "$ROOTDISK" ]; then
- report_post_failure_with_msg "ERROR: failed to identify rootdisk via pvdisplay"
-fi
-# Edit the LVM config so LVM only looks for LVs on the root disk
-sed -i "s#^\( *\)global_filter = \[.*#\1global_filter = [ \"a|${ROOTDISK}|\", \"r|.*|\" ]#" /etc/lvm/lvm.conf
-%end
-
-
-# Template from: post_system_aio.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-## Reserve more memory for base processes since the controller has higher
-## memory requirements but cap it to better handle systems with large
-## amounts of memory
-TOTALMEM=$(grep MemTotal /proc/meminfo | awk '{print int($2/1024)}')
-
-if [ -e /sys/devices/system/node/node0 ]; then
- RESERVEDMEM=$(grep MemTotal /sys/devices/system/node/node0/meminfo | awk '{printf "%d\n", $4/1024}')
-else
- RESERVEDMEM=$(grep MemTotal /proc/meminfo | awk '{print int($2/1024/4)}')
-fi
-
-if [ ${RESERVEDMEM} -lt 6144 ]; then
- RESERVEDMEM=6144
-elif [ ${RESERVEDMEM} -gt 14500 ]; then
- RESERVEDMEM=14500
-elif [ ${RESERVEDMEM} -gt 8192 ]; then
- RESERVEDMEM=8192
-fi
-
-sed -i -e "s#\(WORKER_BASE_RESERVED\)=.*#\1=(\"node0:${RESERVEDMEM}MB:1\" \"node1:2000MB:0\" \"node2:2000MB:0\" \"node3:2000MB:0\")#g" /etc/platform/worker_reserved.conf
-
-# Update WORKER_CPU_LIST
-N_CPUS=$(cat /proc/cpuinfo 2>/dev/null | awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-sed -i "s/^WORKER_CPU_LIST=.*/WORKER_CPU_LIST=\"0-$((N_CPUS-1))\"/" /etc/platform/worker_reserved.conf
-
-%end
-
-
-# Template from: post_net_controller.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-http_port=$(get_http_port)
-# Retrieve the installation uuid from the controller we booted from
-INSTALL_UUID=`curl -sf http://pxecontroller:${http_port:-8080}/feed/rel-19.12/install_uuid`
-if [ $? -ne 0 ]
-then
- INSTALL_UUID=unknown
-fi
-
-grep -q INSTALL_UUID /etc/platform/platform.conf
-if [ $? -ne 0 ]; then
- echo "INSTALL_UUID=$INSTALL_UUID" >> /etc/platform/platform.conf
-fi
-
-cd /www/pages
-# Sync software repository
-feed_url=http://pxecontroller:${http_port:-8080}/feed/
-anaconda_logdir=/var/log/anaconda
-mkdir -p $anaconda_logdir
-
-echo "Mirroring software repository (may take several minutes)..." >/dev/console
-wget --recursive --no-parent --no-host-directories --no-clobber --reject 'index.html*' --reject '*.log' $feed_url/ -o $anaconda_logdir/wget-feed-mirror.log \
- || report_post_failure_with_logfile $anaconda_logdir/wget-feed-mirror.log
-
-# Sync patching repository
-updates_url=http://pxecontroller:${http_port:-8080}/updates/
-wget --mirror --no-parent --no-host-directories --reject 'index.html*' --reject '*.log' $updates_url/ -o $anaconda_logdir/wget-updates-mirror.log \
- || report_post_failure_with_logfile $anaconda_logdir/wget-updates-mirror.log
-echo "Done" >/dev/console
-
-shopt -s nullglob
-
-# Check whether a second release is installed
-. /etc/build.info
-CURRENT_REL_DIR=rel-${SW_VERSION}
-OTHER_REL_DIR=
-for REL_DIR in /www/pages/feed/*; do
- if [[ ! $REL_DIR =~ "${SW_VERSION}" ]]; then
- OTHER_REL_DIR=`basename $REL_DIR`
- OTHER_REL_VERSION=${OTHER_REL_DIR:4}
- break
- fi
-done
-
-# If second release is installed, find the latest version of the installer
-# RPM and install the pxeboot files we require to boot hosts with that release.
-if [ ! -z "$OTHER_REL_DIR" ]; then
- PATCH_RPM=`find /www/pages/updates/${OTHER_REL_DIR}/Packages -name 'pxe-network-installer*' | sort -V | tail -1`
- BASE_RPM=`find /www/pages/feed/${OTHER_REL_DIR}/Packages -name 'pxe-network-installer*' | sort -V | tail -1`
-
- if [ ! -z "$PATCH_RPM" ]; then
- INSTALL_RPM=$PATCH_RPM
- elif [ ! -z "$BASE_RPM" ]; then
- INSTALL_RPM=$BASE_RPM
- else
- report_post_failure_with_msg "ERROR: Unable to find pxe-network-installer RPM for $OTHER_REL_DIR. Aborting installation."
- fi
-
- echo "Installing pxeboot files for release $OTHER_REL_DIR from $INSTALL_RPM" >/dev/console
- TMP_RPM=/tmp/pxe-network-installer
- mkdir $TMP_RPM
- pushd $TMP_RPM
- /usr/bin/rpm2cpio $INSTALL_RPM | cpio -idm \
- || report_post_failure_with_msg "Failed to extract pxe-network-installer"
-
- cp -r $TMP_RPM/usr / \
- || report_post_failure_with_msg "Failed to copy pxe-network-installer /usr"
- cp -r $TMP_RPM/pxeboot/$OTHER_REL_DIR /pxeboot/ \
- || report_post_failure_with_msg "Failed to copy pxe-network-installer /pxeboot/$OTHER_REL_DIR"
- cp $TMP_RPM/pxeboot/pxelinux.cfg.files/*-$OTHER_REL_VERSION /pxeboot/pxelinux.cfg.files/ \
- || report_post_failure_with_msg "Failed to copy pxe-network-installer pxelinux.cfg files"
-
- rm -rf $TMP_RPM
-fi
-
-%end
-
-# Template from: post_net_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-http_port=$(get_http_port)
-echo "repo --name=base --baseurl=http://pxecontroller:${http_port:-8080}/feed/rel-19.12/" > /tmp/repo-include
-echo "repo --name=updates --baseurl=http://pxecontroller:${http_port:-8080}/updates/rel-19.12/" > /tmp/repo-include
-
-%end
-
-# Repository arguments from %pre
-%include /tmp/repo-include
-
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Persist the http port to the platform configuration
-echo http_port=$(get_http_port) >> /etc/platform/platform.conf
-
-# Obtain the boot interface from the PXE boot
-BOOTIF=`cat /proc/cmdline |xargs -n1 echo |grep BOOTIF=`
-if [ -d /sys/firmware/efi ] ; then
- BOOTIF=${BOOTIF#BOOTIF=}
-else
- BOOTIF=${BOOTIF#BOOTIF=01-}
- BOOTIF=${BOOTIF//-/:}
-fi
-
-mgmt_dev=none
-mgmt_vlan=0
-if [ -n "$BOOTIF" ] ; then
- ndev=`ip link show |grep -B 1 $BOOTIF |head -1 |awk '{print $2}' |sed -e 's/://'`
- if [ -n "$ndev" ] ; then
- mgmt_dev=$ndev
- # Retrieve the management VLAN from sysinv if it exists
- mgmt_vlan=`curl -sf http://pxecontroller:6385/v1/isystems/mgmtvlan`
- if [ $? -ne 0 ]
- then
- report_post_failure_with_msg "ERROR: Unable to communicate with System Inventory REST API. Aborting installation."
- fi
- else
- report_post_failure_with_msg "ERROR: Unable to determine mgmt interface from BOOTIF=$BOOTIF."
- fi
-else
- report_post_failure_with_msg "ERROR: BOOTIF is not set. Unable to determine mgmt interface."
-fi
-
-if [ $mgmt_vlan -eq 0 ] ; then
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=$mgmt_dev >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=dhcp
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
-else
-
- # Check whether to use inet or inet6
- ipv6_addr=$(dig +short AAAA controller)
- if [[ -n "$ipv6_addr" ]]
- then
- mgmt_address_family=inet6
- ipv6init=yes
- dhcpv6c=yes
- dhclientargs=-1
- else
- mgmt_address_family=inet
- ipv6init=no
- dhcpv6c=no
- dhclientargs=
- fi
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=vlan$mgmt_vlan >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=none
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-vlan$mgmt_vlan
-DEVICE=vlan$mgmt_vlan
-BOOTPROTO=dhcp
-DHCLIENTARGS=$dhclientargs
-IPV6INIT=$ipv6init
-DHCPV6C=$dhcpv6c
-ONBOOT=yes
-IPV6_AUTOCONF=no
-PHYSDEV=$mgmt_dev
-VLAN=yes
-LINKDELAY=20
-EOF
-
- # Reject DHCPOFFER from DHCP server that doesn't send
- # wrs-install-uuid option
- echo "require wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
- echo "require dhcp6.wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
-
- # Bring up the mgmt vlan so that a dhcp lease is acquired and an address is
- # setup prior to the post-install reboot. This is so that the timing of the IP
- # address allocation is similar to how normal/non-pxe installation works.
- mgmt_iface=vlan$mgmt_vlan
- dhclient_family=$([[ $mgmt_address_family == "inet" ]] && echo -4 || echo -6)
- ip link add link $mgmt_dev name $mgmt_iface type vlan id $mgmt_vlan
- ip link set up dev $mgmt_iface
- dhclient $dhclient_family $mgmt_iface || true
-
-fi
-
-%end
+++ /dev/null
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-# SPDX-License-Identifier: Apache-2.0
-#
-
-%pre
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-%post
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-
-# Template from: pre_common_head.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-append=
-if [ -n "$console" ] ; then
- append="console=$console"
-fi
-
-if [ -n "$security_profile" ]; then
- append="$append security_profile=$security_profile"
-fi
-
-#### SECURITY PROFILE HANDLING (Pre Installation) ####
-if [ -n "$security_profile" ] && [ "$security_profile" == "extended" ]; then
- # IMA specific boot options:
- # Enable Kernel auditing
- append="$append audit=1"
-else
- # we need to blacklist the IMA and Integrity Modules
- # on standard security profile
- append="$append module_blacklist=integrity,ima"
-
- # Disable Kernel auditing in Standard Security Profile mode
- append="$append audit=0"
-fi
-
-if [ -n "$tboot" ]; then
- append="$append tboot=$tboot"
-else
- append="$append tboot=false"
-fi
-
-boot_device_arg=
-if [ -n "$boot_device" ] ; then
- boot_device_arg="--boot-drive=$(get_by_path $boot_device)"
-fi
-
-echo "bootloader --location=mbr $boot_device_arg --timeout=5 --append=\"$append\"" > /tmp/bootloader-include
-
-echo "timezone --nontp --utc UTC" >/tmp/timezone-include
-%end
-
-#version=DEVEL
-install
-lang en_US.UTF-8
-keyboard us
-%include /tmp/timezone-include
-# set to 'x' so we can use shadow password
-rootpw --iscrypted x
-selinux --disabled
-authconfig --enableshadow --passalgo=sha512
-firewall --service=ssh
-
-# The following is the partition information you requested
-# Note that any partitions you deleted are not expressed
-# here so unless you clear all partitions first, this is
-# not guaranteed to work
-zerombr
-
-# Disk layout from %pre
-%include /tmp/part-include
-# Bootloader parms from %pre
-%include /tmp/bootloader-include
-
-reboot --eject
-
-
-# Template from: pre_net_common.cfg
-%pre
-
-# Setup ntp.conf and sync time
-cat <<EOF >/etc/ntp_kickstart.conf
-server pxecontroller
-EOF
-
-/usr/sbin/ntpd -g -q -n -c /etc/ntp_kickstart.conf
-if [ $? -eq 0 ]; then
- /sbin/hwclock --systohc --utc
-fi
-
-%end
-
-
-# Template from: pre_pkglist_lowlatency.cfg
-%packages
-@core
-@base
--kernel-module-igb-uio
--kernel-module-wrs-avp
--kernel
--kernel-tools
--kernel-tools-libs
--kmod-drbd
--kmod-e1000e
--kmod-i40e
--kmod-ixgbe
--kmod-tpm
--mlnx-ofa_kernel
--mlnx-ofa_kernel-rt
--mlnx-ofa_kernel-modules
--qat16
-@platform-controller-worker-lowlatency
-@updates-controller-worker-lowlatency
-%end
-
-
-# Template from: pre_disk_setup_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# This is a really fancy way of finding the first usable disk for the
-# install and not stomping on the USB device if it comes up first
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-# Find either the ISO or USB device first chopping off partition
-ISO_DEV=`readlink /dev/disk/by-label/oe_iso_boot`
-sdev=`echo $ISO_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- ISO_DEV=$sdev
-fi
-USB_DEV=`readlink /dev/disk/by-label/wr_usb_boot`
-sdev=`echo $USB_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- USB_DEV=$sdev
-fi
-
-# Temporary, until lab pxelinux.cfg files are updated to specify install devices
-if [ -z "$rootfs_device" -o -z "$boot_device" ]
-then
- INST_HDD=""
- # Prefer a vd* device if this is kvm/qemu
- for e in vda vdb sda sdb nvme0n1; do
- if [ -e /dev/$e -a "$ISO_DEV" != "../../$e" -a "$USB_DEV" != "../../$e" ] ; then
- INST_HDD=$e
- break
- fi
- done
-
- # Set variables to $INST_HDD if not set
- rootfs_device=${rootfs_device:-$INST_HDD}
- boot_device=${boot_device:-$INST_HDD}
-fi
-
-# Convert to by-path
-orig_rootfs_device=$rootfs_device
-rootfs_device=$(get_by_path $rootfs_device)
-
-orig_boot_device=$boot_device
-boot_device=$(get_by_path $boot_device)
-
-if [ ! -e "$rootfs_device" -o ! -e "$boot_device" ] ; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is invalid."
-fi
-
-# Ensure specified device is not a USB drive
-udevadm info --query=property --name=$rootfs_device |grep -q '^ID_BUS=usb' || \
- udevadm info --query=property --name=$boot_device |grep -q '^ID_BUS=usb'
-if [ $? -eq 0 ]; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is a USB drive."
-fi
-
-# Deactivate existing volume groups to avoid Anaconda issues with pre-existing groups
-vgs --noheadings -o vg_name | xargs --no-run-if-empty -n 1 vgchange -an
-
-# Remove volumes and group for cgts-vg, if any
-lvremove --force cgts-vg
-pvs --select 'vg_name=cgts-vg' --noheadings -o pv_name | xargs --no-run-if-empty pvremove --force --force --yes
-vgs --select 'vg_name=cgts-vg' --noheadings -o vg_name | xargs --no-run-if-empty vgremove --force
-
-ONLYUSE_HDD=""
-if [ "$(curl -sf http://pxecontroller:6385/v1/upgrade/$(hostname)/in_upgrade 2>/dev/null)" = "true" ]; then
- # In an upgrade, only wipe the disk with the rootfs and boot partition
- echo "In upgrade, wiping only $rootfs_device"
- WIPE_HDD="$(get_disk $rootfs_device)"
- ONLYUSE_HDD="$(basename $(get_disk $rootfs_device))"
- if [ "$(get_disk $rootfs_device)" != "$(get_disk $boot_device)" ]; then
- WIPE_HDD="$WIPE_HDD,$(get_disk $boot_device)"
- ONLYUSE_HDD="$ONLYUSE_HDD,$(basename $(get_disk $boot_device))"
- fi
-else
- # Make a list of all the hard drives that are to be wiped
- WIPE_HDD=""
- # Partition type OSD has a unique globally identifier
- part_type_guid_str="Partition GUID code"
- CEPH_OSD_GUID="4FBD7E29-9D25-41B8-AFD0-062C0CEFF05D"
-
- # Check if we wipe OSDs
- if [ "$(curl -sf http://pxecontroller:6385/v1/ihosts/wipe_osds 2>/dev/null)" = "true" ]; then
- echo "Wipe OSD data."
- WIPE_CEPH_OSDS="true"
- else
- echo "Skip Ceph OSD data wipe."
- WIPE_CEPH_OSDS="false"
- fi
-
- for f in /dev/disk/by-path/*
- do
- dev=$(readlink -f $f)
- lsblk --nodeps --pairs $dev | grep -q 'TYPE="disk"'
- if [ $? -ne 0 ]
- then
- continue
- fi
-
- # Avoid wiping USB drives
- udevadm info --query=property --name=$dev |grep -q '^ID_BUS=usb' && continue
-
- # Avoid wiping ceph osds if sysinv tells us so
- if [ ${WIPE_CEPH_OSDS} == "false" ]; then
- wipe_dev="true"
- part_numbers=( `parted -s $dev print | awk '$1 == "Number" {i=1; next}; i {print $1}'` )
- # Scanning the partitions looking for CEPH OSDs and
- # skipping any disk found with such partitions
- for part_number in "${part_numbers[@]}"; do
- sgdisk_part_info=$(flock $dev sgdisk -i $part_number $dev)
- part_type_guid=$(echo "$sgdisk_part_info" | grep "$part_type_guid_str" | awk '{print $4;}')
- if [ "$part_type_guid" == $CEPH_OSD_GUID ]; then
- echo "OSD found on $dev, skipping wipe"
- wipe_dev="false"
- break
- fi
- done
- if [ "$wipe_dev" == "false" ]; then
- continue
- fi
- fi
-
- # Add device to the wipe list
- devname=$(basename $dev)
- if [ -e $dev -a "$ISO_DEV" != "../../$devname" -a "$USB_DEV" != "../../$devname" ]; then
- if [ -n "$WIPE_HDD" ]; then
- WIPE_HDD=$WIPE_HDD,$dev
- else
- WIPE_HDD=$dev
- fi
- fi
- done
- echo "Not in upgrade, wiping disks: $WIPE_HDD"
-fi
-
-for dev in ${WIPE_HDD//,/ }
-do
- # Clearing previous GPT tables or LVM data
- # Delete the first few bytes at the start and end of the partition. This is required with
- # GPT partitions, they save partition info at the start and the end of the block.
- # Do this for each partition on the disk, as well.
- partitions=$(lsblk -rip $dev -o TYPE,NAME |awk '$1 == "part" {print $2}')
- for p in $partitions $dev
- do
- echo "Pre-wiping $p from kickstart"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
- done
-done
-
-# Check for remaining cgts-vg PVs, which could potentially happen
-# in an upgrade where we're not wiping all disks.
-# If we ever create other volume groups from kickstart in the future,
-# include them in this search as well.
-partitions=$(pvs --select 'vg_name=cgts-vg' -o pv_name --noheading | grep -v '\[unknown\]')
-for p in $partitions
-do
- echo "Pre-wiping $p from kickstart (cgts-vg present)"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
-done
-
-let -i gb=1024*1024*1024
-
-cat<<EOF>/tmp/part-include
-clearpart --all --drives=$WIPE_HDD --initlabel
-EOF
-
-if [ -n "$ONLYUSE_HDD" ]; then
- cat<<EOF>>/tmp/part-include
-ignoredisk --only-use=$ONLYUSE_HDD
-EOF
-fi
-
-if [ -d /sys/firmware/efi ] ; then
- cat<<EOF>>/tmp/part-include
-part /boot/efi --fstype=efi --size=300 --ondrive=$(get_disk $boot_device)
-EOF
-else
- cat<<EOF>>/tmp/part-include
-part biosboot --asprimary --fstype=biosboot --size=1 --ondrive=$(get_disk $boot_device)
-EOF
-fi
-
-
-# Template from: pre_disk_aio.cfg
-
-## NOTE: updates to partition sizes need to be also reflected in
-## - stx-config/.../sysinv/conductor/manager.py:create_controller_filesystems()
-## - stx-config/.../sysinv/common/constants.py
-##
-## NOTE: When adding partitions, we currently have a max of 4 primary partitions.
-## If more than 4 partitions are required, we can use a max of 3 --asprimary,
-## to allow 1 primary logical partition with extended partitions
-##
-## NOTE: Max default PV size must align with the default controllerfs sizes
-##
-## BACKUP_OVERHEAD = 20
-##
-## Physical install (for disks over 240GB)
-## - DB size is doubled to allow for upgrades
-##
-## DEFAULT_IMAGE_STOR_SIZE = 10
-## DEFAULT_DATABASE_STOR_SIZE = 20
-## DEFAULT_IMG_CONVERSION_STOR_SIZE = 20
-## BACKUP = DEFAULT_DATABASE_STOR_SIZE + DEFAULT_IMAGE_STOR_SIZE
-## + BACKUP_OVERHEAD = 50
-## LOG_VOL_SIZE = 8192
-## SCRATCH_VOL_SIZE = 8192
-## RABBIT = 2048
-## PLATFORM = 2048
-## ANCHOR = 1024
-## EXTENSION = 1024
-## GNOCCHI = 5120
-## DOCKER = 30720
-## DOCKER_DIST = 16384
-## ETCD = 5120
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-## CGCS_PV_SIZE = 10240 + 2*20480 + 20480 + 51200 + 8196 + 8196 + 2048 +
-## 2048 + 1024 + 1024 + 5120 + 30720 + 16384 + 5120 +
-## 20480 + 10240 + 16 = 233496
-##
-## small install - (for disks below 240GB)
-## - DB size is doubled to allow for upgrades
-##
-## DEFAULT_SMALL_IMAGE_STOR_SIZE = 10
-## DEFAULT_SMALL_DATABASE_STOR_SIZE = 10
-## DEFAULT_SMALL_IMG_CONVERSION_STOR_SIZE = 10
-## DEFAULT_SMALL_BACKUP_STOR_SIZE = 40
-##
-## LOG_VOL_SIZE = 8192
-## SCRATCH_VOL_SIZE = 8192
-## RABBIT = 2048
-## PLATFORM = 2048
-## ANCHOR = 1024
-## EXTENSION = 1024
-## GNOCCHI = 5120
-## DOCKER = 30720
-## DOCKER_DIST = 16384
-## ETCD = 5120
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-##
-## CGCS_PV_SIZE = 10240 + 2*10240 + 10240 + 40960 + 8192 + 8192 + 2048 +
-## 2048 + 1024 + 1024 + 5120 + 30720 + 16384 + 5120 +
-## 20480 + 10240 + 16 = 192528
-##
-## NOTE: To maintain upgrade compatability within the volume group, keep the
-## undersized LOG_VOL_SIZE and SCRATCH_VOL_SIZE, but size the minimally size
-## physical volume correctly.
-##
-## R4 AIO installations:
-## - R4 (case #1): /boot (0.5G), / (20G),
-## cgts-vg PV (239G), /local_pv (239G)
-## - R4 (case #2): /boot (0.5G), / (20G),
-## cgts-vg PV (239G), cgts-vg (239G)
-##
-## Upgrade migration will start with R5 install and create a partition to align
-## above so filesystems within the volume group will be able to maintain their
-## sizes in R5
-## - R5 install : /boot (0.5G), / (20G),
-## cgts-vg PV (142G), un-partitioned (336G)
-## - R5 (case #1): /boot (0.5G), / (20G),
-## cgts-vg PV (142G), cgts-vg PV (97G), unpartitioned (239G)
-## - R5 (case #2): /boot (0.5G), / (20G),
-## cgts-vg PV (142G), cgts-vg PV (336G)
-##
-
-sz=$(blockdev --getsize64 $(get_disk $rootfs_device))
-if [ $sz -le $((240*$gb)) ] ; then
- # Round CGCS_PV_SIZE to the closest upper value that can be divided by 1024.
- # 192528/1024=188.01. CGCS_PV_SIZE=189*1024=193536. Using a disk with a
- # size under 189GiB will fail.
- CGCS_PV_SIZE=193536
-else
- # Round CGCS_PV_SIZE to the closest upper value that can be divided by 1024.
- # 233496/1024=228.02. CGCS_PV_SIZE=229*1024=234496.
- CGCS_PV_SIZE=234496
-fi
-
-ROOTFS_SIZE=20000
-LOG_VOL_SIZE=8000
-SCRATCH_VOL_SIZE=8000
-
-ROOTFS_OPTIONS="defaults"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- # Enable iversion labelling for rootfs when IMA is enabled
- ROOTFS_OPTIONS="${ROOTFS_OPTIONS},iversion"
-fi
-
-cat<<EOF>>/tmp/part-include
-part /boot --fstype=ext4 --asprimary --size=500 --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-part pv.253004 --grow --size=500 --maxsize=$CGCS_PV_SIZE --ondrive=$(get_disk $rootfs_device)
-volgroup cgts-vg --pesize=32768 pv.253004
-logvol /var/log --fstype=ext4 --vgname=cgts-vg --size=$LOG_VOL_SIZE --name=log-lv
-logvol /scratch --fstype=ext4 --vgname=cgts-vg --size=$SCRATCH_VOL_SIZE --name=scratch-lv
-part / --fstype=ext4 --asprimary --size=$ROOTFS_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-EOF
-
-%end
-
-
-# Template from: post_platform_conf_aio_lowlatency.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Set the security profile mode
-secprofile="standard"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- secprofile="extended"
-fi
-
-mkdir -p -m 0775 /etc/platform
-cat <<EOF > /etc/platform/platform.conf
-nodetype=controller
-subfunction=controller,worker,lowlatency
-system_type=All-in-one
-security_profile=$secprofile
-EOF
-
-%end
-
-
-# Template from: post_common.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Turn off locale support for i18n if is not installed
-if [ ! -d /usr/share/i18n ] ; then
- rm -f /etc/sysconfig/i18n
-fi
-# Unset the hostname
-rm /etc/hostname
-
-# If using a serial install make sure to add a getty on the tty1
-conarg=`cat /proc/cmdline |xargs -n1 echo |grep console= |grep ttyS`
-if [ -n "$conarg" ] ; then
- echo "1:2345:respawn:/sbin/mingetty tty1" >> /etc/inittab
-fi
-
-#### SECURITY PROFILE HANDLING (Post Installation) ####
-# Check if the Security profile mode is enabled
-# and load the appropriate kernel modules
-secprofile=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$secprofile" ]; then
- echo "In Extended Security profile mode. Loading IMA kernel module"
- systemctl enable auditd.service
- # Add the securityfs mount for the IMA Runtime measurement list
- echo "securityfs /sys/kernel/security securityfs defaults,nodev 0 0" >> /etc/fstab
-else
- # Disable audit daemon in the Standard Security Profile
- systemctl disable auditd
-fi
-
-. /etc/platform/platform.conf
-# Configure smart package manager channels
-rm -rf /var/lib/smart
-mkdir /var/lib/smart
-/usr/bin/smart channel -y \
- --add rpmdb type=rpm-sys name="RPM Database"
-/usr/bin/smart channel -y \
- --add base type=rpm-md name="Base" baseurl=http://controller:${http_port:-8080}/feed/rel-19.12
-/usr/bin/smart channel -y \
- --add updates type=rpm-md name="Patches" baseurl=http://controller:${http_port:-8080}/updates/rel-19.12
-
-# Configure smart to use rpm --nolinktos option
-/usr/bin/smart config --set rpm-nolinktos=true
-
-# Configure smart to use rpm --nosignature option
-/usr/bin/smart config --set rpm-check-signatures=false
-
-# Delete the CentOS yum repo files
-rm -f /etc/yum.repos.d/CentOS-*
-
-# Persist the boot device naming as UDEV rules so that if the network device
-# order changes post-install that we will still be able to DHCP from the
-# correct interface to reach the active controller. For most nodes only the
-# management/boot interface needs to be persisted but because we require both
-# controllers to be identically configured and controller-0 and controller-1
-# are installed differently (e.g., controller-0 from USB and controller-1 from
-# network) it is not possible to know which interface to persist for
-# controller-0. The simplest solution is to persist all interfaces.
-#
-mkdir -p /etc/udev/rules.d
-echo "# Persisted network interfaces from anaconda installer" > /etc/udev/rules.d/70-persistent-net.rules
-for dir in /sys/class/net/*; do
- if [ -e ${dir}/device ]; then
- dev=$(basename ${dir})
- mac_address=$(cat /sys/class/net/${dev}/address)
- echo "ACTION==\"add\", SUBSYSTEM==\"net\", DRIVERS==\"?*\", ATTR{address}==\"${mac_address}\", NAME=\"${dev}\"" >> /etc/udev/rules.d/70-persistent-net.rules
- fi
-done
-
-# Mark the sysadmin password as expired immediately
-chage -d 0 sysadmin
-
-# Lock the root password
-passwd -l root
-
-# Enable tmpfs mount for /tmp
-# delete /var/tmp so that it can similinked in
-rm -rf /var/tmp
-systemctl enable tmp.mount
-
-# Disable automount of /dev/hugepages
-systemctl mask dev-hugepages.mount
-
-# Disable firewall
-systemctl disable firewalld
-
-# Disable libvirtd
-systemctl disable libvirtd.service
-
-# Enable rsyncd
-systemctl enable rsyncd.service
-
-# Allow root to run sudo from a non-tty (for scripts running as root that run sudo cmds)
-echo 'Defaults:root !requiretty' > /etc/sudoers.d/root
-
-# Make fstab just root read/writable
-chmod 600 /etc/fstab
-
-# Create first_boot flag
-touch /etc/platform/.first_boot
-
-%end
-
-# Template from: post_kernel_aio_and_worker.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-# Update grub with custom kernel bootargs
-source /etc/init.d/cpumap_functions.sh
-n_cpus=$(cat /proc/cpuinfo 2>/dev/null | \
- awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-n_numa=$(ls -d /sys/devices/system/node/node* 2>/dev/null | wc -l)
-KERN_OPTS=" iommu=pt usbcore.autosuspend=-1"
-
-KERN_OPTS="${KERN_OPTS} hugepagesz=2M hugepages=0 default_hugepagesz=2M"
-
-# If this is an all-in-one system, we need at least 4 CPUs
-if [ "$system_type" = "All-in-one" -a ${n_cpus} -lt 4 ]; then
- report_post_failure_with_msg "ERROR: At least 4 CPUs are required for controller+worker node."
-fi
-
-# Add kernel options for cpu isolation / affinity
-if [ ${n_cpus} -gt 1 ]
-then
- base_cpulist=$(platform_expanded_cpu_list)
- base_cpumap=$(cpulist_to_cpumap ${base_cpulist} ${n_cpus})
- avp_cpulist=$(vswitch_expanded_cpu_list)
- norcu_cpumap=$(invert_cpumap ${base_cpumap} ${n_cpus})
- norcu_cpulist=$(cpumap_to_cpulist ${norcu_cpumap} ${n_cpus})
-
- if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} isolcpus=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} nohz_full=${norcu_cpulist}"
- else
- KERN_OPTS="${KERN_OPTS} isolcpus=${avp_cpulist}"
- fi
- KERN_OPTS="${KERN_OPTS} rcu_nocbs=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} kthread_cpus=${base_cpulist}"
- KERN_OPTS="${KERN_OPTS} irqaffinity=${base_cpulist}"
- # Update vswitch.conf
- sed -i "s/^VSWITCH_CPU_LIST=.*/VSWITCH_CPU_LIST=\"${avp_cpulist}\"/" /etc/vswitch/vswitch.conf
-fi
-
-# Add kernel options to ensure an selinux is disabled
-KERN_OPTS="${KERN_OPTS} selinux=0 enforcing=0"
-
-# Add kernel options to set NMI watchdog
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=0 softlockup_panic=0"
-else
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=panic,1 softlockup_panic=1"
-fi
-
-if [[ "$(dmidecode -s system-product-name)" =~ ^ProLiant.*Gen8$ ]]; then
- KERN_OPTS="${KERN_OPTS} intel_iommu=on,eth_no_rmrr"
-else
- KERN_OPTS="${KERN_OPTS} intel_iommu=on"
-fi
-
-# Add kernel option to disable biosdevname if enabled
-# As this may already be in GRUB_CMDLINE_LINUX, only add if it is not already present
-grep -q '^GRUB_CMDLINE_LINUX=.*biosdevname=0' /etc/default/grub
-if [ $? -ne 0 ]; then
- KERN_OPTS="${KERN_OPTS} biosdevname=0"
-fi
-
-# Add kernel options to disable kvm-intel.eptad on Broadwell
-# Broadwell: Model: 79, Model name: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
-if grep -q -E "^model\s+:\s+79$" /proc/cpuinfo
-then
- KERN_OPTS="${KERN_OPTS} kvm-intel.eptad=0"
-fi
-
-# k8s updates:
-#KERN_OPTS="${KERN_OPTS} cgroup_disable=memory"
-KERN_OPTS="${KERN_OPTS} user_namespace.enable=1"
-
-# Add kernel option to avoid jiffies_lock contention on real-time kernel
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} skew_tick=1"
-fi
-
-# If the installer asked us to use security related kernel params, use
-# them in the grub line as well (until they can be configured via puppet)
-grep -q 'nopti' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nopti"
-fi
-grep -q 'nospectre_v2' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nospectre_v2"
-fi
-
-perl -pi -e 's/(GRUB_CMDLINE_LINUX=.*)\"/\1'"$KERN_OPTS"'\"/g' /etc/default/grub
-
-if [ -d /sys/firmware/efi ] ; then
- grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
-else
- grub2-mkconfig -o /boot/grub2/grub.cfg
-fi
-
-%end
-
-
-# Template from: post_lvm_pv_on_rootfs.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# uncomment the global_filter line in lvm.conf
-perl -0777 -i.bak -pe 's:(# This configuration option has an automatic default value\.\n)\t# global_filter:$1 global_filter:m' /etc/lvm/lvm.conf
-
-# Determine which disk we created our PV on (i.e. the root disk)
-ROOTDISK=$(get_by_path $(pvdisplay --select 'vg_name=cgts-vg' -C -o pv_name --noheadings))
-if [ -z "$ROOTDISK" ]; then
- report_post_failure_with_msg "ERROR: failed to identify rootdisk via pvdisplay"
-fi
-# Edit the LVM config so LVM only looks for LVs on the root disk
-sed -i "s#^\( *\)global_filter = \[.*#\1global_filter = [ \"a|${ROOTDISK}|\", \"r|.*|\" ]#" /etc/lvm/lvm.conf
-%end
-
-
-# Template from: post_system_aio.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-## Reserve more memory for base processes since the controller has higher
-## memory requirements but cap it to better handle systems with large
-## amounts of memory
-TOTALMEM=$(grep MemTotal /proc/meminfo | awk '{print int($2/1024)}')
-
-if [ -e /sys/devices/system/node/node0 ]; then
- RESERVEDMEM=$(grep MemTotal /sys/devices/system/node/node0/meminfo | awk '{printf "%d\n", $4/1024}')
-else
- RESERVEDMEM=$(grep MemTotal /proc/meminfo | awk '{print int($2/1024/4)}')
-fi
-
-if [ ${RESERVEDMEM} -lt 6144 ]; then
- RESERVEDMEM=6144
-elif [ ${RESERVEDMEM} -gt 14500 ]; then
- RESERVEDMEM=14500
-elif [ ${RESERVEDMEM} -gt 8192 ]; then
- RESERVEDMEM=8192
-fi
-
-sed -i -e "s#\(WORKER_BASE_RESERVED\)=.*#\1=(\"node0:${RESERVEDMEM}MB:1\" \"node1:2000MB:0\" \"node2:2000MB:0\" \"node3:2000MB:0\")#g" /etc/platform/worker_reserved.conf
-
-# Update WORKER_CPU_LIST
-N_CPUS=$(cat /proc/cpuinfo 2>/dev/null | awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-sed -i "s/^WORKER_CPU_LIST=.*/WORKER_CPU_LIST=\"0-$((N_CPUS-1))\"/" /etc/platform/worker_reserved.conf
-
-%end
-
-
-# Template from: post_net_controller.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-http_port=$(get_http_port)
-# Retrieve the installation uuid from the controller we booted from
-INSTALL_UUID=`curl -sf http://pxecontroller:${http_port:-8080}/feed/rel-19.12/install_uuid`
-if [ $? -ne 0 ]
-then
- INSTALL_UUID=unknown
-fi
-
-grep -q INSTALL_UUID /etc/platform/platform.conf
-if [ $? -ne 0 ]; then
- echo "INSTALL_UUID=$INSTALL_UUID" >> /etc/platform/platform.conf
-fi
-
-cd /www/pages
-# Sync software repository
-feed_url=http://pxecontroller:${http_port:-8080}/feed/
-anaconda_logdir=/var/log/anaconda
-mkdir -p $anaconda_logdir
-
-echo "Mirroring software repository (may take several minutes)..." >/dev/console
-wget --recursive --no-parent --no-host-directories --no-clobber --reject 'index.html*' --reject '*.log' $feed_url/ -o $anaconda_logdir/wget-feed-mirror.log \
- || report_post_failure_with_logfile $anaconda_logdir/wget-feed-mirror.log
-
-# Sync patching repository
-updates_url=http://pxecontroller:${http_port:-8080}/updates/
-wget --mirror --no-parent --no-host-directories --reject 'index.html*' --reject '*.log' $updates_url/ -o $anaconda_logdir/wget-updates-mirror.log \
- || report_post_failure_with_logfile $anaconda_logdir/wget-updates-mirror.log
-echo "Done" >/dev/console
-
-shopt -s nullglob
-
-# Check whether a second release is installed
-. /etc/build.info
-CURRENT_REL_DIR=rel-${SW_VERSION}
-OTHER_REL_DIR=
-for REL_DIR in /www/pages/feed/*; do
- if [[ ! $REL_DIR =~ "${SW_VERSION}" ]]; then
- OTHER_REL_DIR=`basename $REL_DIR`
- OTHER_REL_VERSION=${OTHER_REL_DIR:4}
- break
- fi
-done
-
-# If second release is installed, find the latest version of the installer
-# RPM and install the pxeboot files we require to boot hosts with that release.
-if [ ! -z "$OTHER_REL_DIR" ]; then
- PATCH_RPM=`find /www/pages/updates/${OTHER_REL_DIR}/Packages -name 'pxe-network-installer*' | sort -V | tail -1`
- BASE_RPM=`find /www/pages/feed/${OTHER_REL_DIR}/Packages -name 'pxe-network-installer*' | sort -V | tail -1`
-
- if [ ! -z "$PATCH_RPM" ]; then
- INSTALL_RPM=$PATCH_RPM
- elif [ ! -z "$BASE_RPM" ]; then
- INSTALL_RPM=$BASE_RPM
- else
- report_post_failure_with_msg "ERROR: Unable to find pxe-network-installer RPM for $OTHER_REL_DIR. Aborting installation."
- fi
-
- echo "Installing pxeboot files for release $OTHER_REL_DIR from $INSTALL_RPM" >/dev/console
- TMP_RPM=/tmp/pxe-network-installer
- mkdir $TMP_RPM
- pushd $TMP_RPM
- /usr/bin/rpm2cpio $INSTALL_RPM | cpio -idm \
- || report_post_failure_with_msg "Failed to extract pxe-network-installer"
-
- cp -r $TMP_RPM/usr / \
- || report_post_failure_with_msg "Failed to copy pxe-network-installer /usr"
- cp -r $TMP_RPM/pxeboot/$OTHER_REL_DIR /pxeboot/ \
- || report_post_failure_with_msg "Failed to copy pxe-network-installer /pxeboot/$OTHER_REL_DIR"
- cp $TMP_RPM/pxeboot/pxelinux.cfg.files/*-$OTHER_REL_VERSION /pxeboot/pxelinux.cfg.files/ \
- || report_post_failure_with_msg "Failed to copy pxe-network-installer pxelinux.cfg files"
-
- rm -rf $TMP_RPM
-fi
-
-%end
-
-# Template from: post_net_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-http_port=$(get_http_port)
-echo "repo --name=base --baseurl=http://pxecontroller:${http_port:-8080}/feed/rel-19.12/" > /tmp/repo-include
-echo "repo --name=updates --baseurl=http://pxecontroller:${http_port:-8080}/updates/rel-19.12/" > /tmp/repo-include
-
-%end
-
-# Repository arguments from %pre
-%include /tmp/repo-include
-
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Persist the http port to the platform configuration
-echo http_port=$(get_http_port) >> /etc/platform/platform.conf
-
-# Obtain the boot interface from the PXE boot
-BOOTIF=`cat /proc/cmdline |xargs -n1 echo |grep BOOTIF=`
-if [ -d /sys/firmware/efi ] ; then
- BOOTIF=${BOOTIF#BOOTIF=}
-else
- BOOTIF=${BOOTIF#BOOTIF=01-}
- BOOTIF=${BOOTIF//-/:}
-fi
-
-mgmt_dev=none
-mgmt_vlan=0
-if [ -n "$BOOTIF" ] ; then
- ndev=`ip link show |grep -B 1 $BOOTIF |head -1 |awk '{print $2}' |sed -e 's/://'`
- if [ -n "$ndev" ] ; then
- mgmt_dev=$ndev
- # Retrieve the management VLAN from sysinv if it exists
- mgmt_vlan=`curl -sf http://pxecontroller:6385/v1/isystems/mgmtvlan`
- if [ $? -ne 0 ]
- then
- report_post_failure_with_msg "ERROR: Unable to communicate with System Inventory REST API. Aborting installation."
- fi
- else
- report_post_failure_with_msg "ERROR: Unable to determine mgmt interface from BOOTIF=$BOOTIF."
- fi
-else
- report_post_failure_with_msg "ERROR: BOOTIF is not set. Unable to determine mgmt interface."
-fi
-
-if [ $mgmt_vlan -eq 0 ] ; then
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=$mgmt_dev >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=dhcp
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
-else
-
- # Check whether to use inet or inet6
- ipv6_addr=$(dig +short AAAA controller)
- if [[ -n "$ipv6_addr" ]]
- then
- mgmt_address_family=inet6
- ipv6init=yes
- dhcpv6c=yes
- dhclientargs=-1
- else
- mgmt_address_family=inet
- ipv6init=no
- dhcpv6c=no
- dhclientargs=
- fi
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=vlan$mgmt_vlan >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=none
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-vlan$mgmt_vlan
-DEVICE=vlan$mgmt_vlan
-BOOTPROTO=dhcp
-DHCLIENTARGS=$dhclientargs
-IPV6INIT=$ipv6init
-DHCPV6C=$dhcpv6c
-ONBOOT=yes
-IPV6_AUTOCONF=no
-PHYSDEV=$mgmt_dev
-VLAN=yes
-LINKDELAY=20
-EOF
-
- # Reject DHCPOFFER from DHCP server that doesn't send
- # wrs-install-uuid option
- echo "require wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
- echo "require dhcp6.wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
-
- # Bring up the mgmt vlan so that a dhcp lease is acquired and an address is
- # setup prior to the post-install reboot. This is so that the timing of the IP
- # address allocation is similar to how normal/non-pxe installation works.
- mgmt_iface=vlan$mgmt_vlan
- dhclient_family=$([[ $mgmt_address_family == "inet" ]] && echo -4 || echo -6)
- ip link add link $mgmt_dev name $mgmt_iface type vlan id $mgmt_vlan
- ip link set up dev $mgmt_iface
- dhclient $dhclient_family $mgmt_iface || true
-
-fi
-
-%end
+++ /dev/null
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-# SPDX-License-Identifier: Apache-2.0
-#
-
-%pre
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-%post
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-
-# Template from: pre_common_head.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-append=
-if [ -n "$console" ] ; then
- append="console=$console"
-fi
-
-if [ -n "$security_profile" ]; then
- append="$append security_profile=$security_profile"
-fi
-
-#### SECURITY PROFILE HANDLING (Pre Installation) ####
-if [ -n "$security_profile" ] && [ "$security_profile" == "extended" ]; then
- # IMA specific boot options:
- # Enable Kernel auditing
- append="$append audit=1"
-else
- # we need to blacklist the IMA and Integrity Modules
- # on standard security profile
- append="$append module_blacklist=integrity,ima"
-
- # Disable Kernel auditing in Standard Security Profile mode
- append="$append audit=0"
-fi
-
-if [ -n "$tboot" ]; then
- append="$append tboot=$tboot"
-else
- append="$append tboot=false"
-fi
-
-boot_device_arg=
-if [ -n "$boot_device" ] ; then
- boot_device_arg="--boot-drive=$(get_by_path $boot_device)"
-fi
-
-echo "bootloader --location=mbr $boot_device_arg --timeout=5 --append=\"$append\"" > /tmp/bootloader-include
-
-echo "timezone --nontp --utc UTC" >/tmp/timezone-include
-%end
-
-#version=DEVEL
-install
-lang en_US.UTF-8
-keyboard us
-%include /tmp/timezone-include
-# set to 'x' so we can use shadow password
-rootpw --iscrypted x
-selinux --disabled
-authconfig --enableshadow --passalgo=sha512
-firewall --service=ssh
-
-# The following is the partition information you requested
-# Note that any partitions you deleted are not expressed
-# here so unless you clear all partitions first, this is
-# not guaranteed to work
-zerombr
-
-# Disk layout from %pre
-%include /tmp/part-include
-# Bootloader parms from %pre
-%include /tmp/bootloader-include
-
-reboot --eject
-
-
-# Template from: pre_net_common.cfg
-%pre
-
-# Setup ntp.conf and sync time
-cat <<EOF >/etc/ntp_kickstart.conf
-server pxecontroller
-EOF
-
-/usr/sbin/ntpd -g -q -n -c /etc/ntp_kickstart.conf
-if [ $? -eq 0 ]; then
- /sbin/hwclock --systohc --utc
-fi
-
-%end
-
-
-# Template from: pre_pkglist.cfg
-%packages
-@core
-@base
--kernel-module-igb-uio-rt
--kernel-module-wrs-avp-rt
--kernel-rt
--kernel-rt-kvm
--kernel-rt-tools
--kernel-rt-tools-libs
--kmod-drbd-rt
--kmod-e1000e-rt
--kmod-i40e-rt
--kmod-ixgbe-rt
--kmod-tpm-rt
--mlnx-ofa_kernel
--mlnx-ofa_kernel-rt
--mlnx-ofa_kernel-rt-modules
--qat16-rt
-@platform-storage
-@updates-storage
-%end
-
-
-# Template from: pre_disk_setup_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# This is a really fancy way of finding the first usable disk for the
-# install and not stomping on the USB device if it comes up first
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-# Find either the ISO or USB device first chopping off partition
-ISO_DEV=`readlink /dev/disk/by-label/oe_iso_boot`
-sdev=`echo $ISO_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- ISO_DEV=$sdev
-fi
-USB_DEV=`readlink /dev/disk/by-label/wr_usb_boot`
-sdev=`echo $USB_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- USB_DEV=$sdev
-fi
-
-# Temporary, until lab pxelinux.cfg files are updated to specify install devices
-if [ -z "$rootfs_device" -o -z "$boot_device" ]
-then
- INST_HDD=""
- # Prefer a vd* device if this is kvm/qemu
- for e in vda vdb sda sdb nvme0n1; do
- if [ -e /dev/$e -a "$ISO_DEV" != "../../$e" -a "$USB_DEV" != "../../$e" ] ; then
- INST_HDD=$e
- break
- fi
- done
-
- # Set variables to $INST_HDD if not set
- rootfs_device=${rootfs_device:-$INST_HDD}
- boot_device=${boot_device:-$INST_HDD}
-fi
-
-# Convert to by-path
-orig_rootfs_device=$rootfs_device
-rootfs_device=$(get_by_path $rootfs_device)
-
-orig_boot_device=$boot_device
-boot_device=$(get_by_path $boot_device)
-
-if [ ! -e "$rootfs_device" -o ! -e "$boot_device" ] ; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is invalid."
-fi
-
-# Ensure specified device is not a USB drive
-udevadm info --query=property --name=$rootfs_device |grep -q '^ID_BUS=usb' || \
- udevadm info --query=property --name=$boot_device |grep -q '^ID_BUS=usb'
-if [ $? -eq 0 ]; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is a USB drive."
-fi
-
-# Deactivate existing volume groups to avoid Anaconda issues with pre-existing groups
-vgs --noheadings -o vg_name | xargs --no-run-if-empty -n 1 vgchange -an
-
-# Remove volumes and group for cgts-vg, if any
-lvremove --force cgts-vg
-pvs --select 'vg_name=cgts-vg' --noheadings -o pv_name | xargs --no-run-if-empty pvremove --force --force --yes
-vgs --select 'vg_name=cgts-vg' --noheadings -o vg_name | xargs --no-run-if-empty vgremove --force
-
-ONLYUSE_HDD=""
-if [ "$(curl -sf http://pxecontroller:6385/v1/upgrade/$(hostname)/in_upgrade 2>/dev/null)" = "true" ]; then
- # In an upgrade, only wipe the disk with the rootfs and boot partition
- echo "In upgrade, wiping only $rootfs_device"
- WIPE_HDD="$(get_disk $rootfs_device)"
- ONLYUSE_HDD="$(basename $(get_disk $rootfs_device))"
- if [ "$(get_disk $rootfs_device)" != "$(get_disk $boot_device)" ]; then
- WIPE_HDD="$WIPE_HDD,$(get_disk $boot_device)"
- ONLYUSE_HDD="$ONLYUSE_HDD,$(basename $(get_disk $boot_device))"
- fi
-else
- # Make a list of all the hard drives that are to be wiped
- WIPE_HDD=""
- # Partition type OSD has a unique globally identifier
- part_type_guid_str="Partition GUID code"
- CEPH_OSD_GUID="4FBD7E29-9D25-41B8-AFD0-062C0CEFF05D"
-
- # Check if we wipe OSDs
- if [ "$(curl -sf http://pxecontroller:6385/v1/ihosts/wipe_osds 2>/dev/null)" = "true" ]; then
- echo "Wipe OSD data."
- WIPE_CEPH_OSDS="true"
- else
- echo "Skip Ceph OSD data wipe."
- WIPE_CEPH_OSDS="false"
- fi
-
- for f in /dev/disk/by-path/*
- do
- dev=$(readlink -f $f)
- lsblk --nodeps --pairs $dev | grep -q 'TYPE="disk"'
- if [ $? -ne 0 ]
- then
- continue
- fi
-
- # Avoid wiping USB drives
- udevadm info --query=property --name=$dev |grep -q '^ID_BUS=usb' && continue
-
- # Avoid wiping ceph osds if sysinv tells us so
- if [ ${WIPE_CEPH_OSDS} == "false" ]; then
- wipe_dev="true"
- part_numbers=( `parted -s $dev print | awk '$1 == "Number" {i=1; next}; i {print $1}'` )
- # Scanning the partitions looking for CEPH OSDs and
- # skipping any disk found with such partitions
- for part_number in "${part_numbers[@]}"; do
- sgdisk_part_info=$(flock $dev sgdisk -i $part_number $dev)
- part_type_guid=$(echo "$sgdisk_part_info" | grep "$part_type_guid_str" | awk '{print $4;}')
- if [ "$part_type_guid" == $CEPH_OSD_GUID ]; then
- echo "OSD found on $dev, skipping wipe"
- wipe_dev="false"
- break
- fi
- done
- if [ "$wipe_dev" == "false" ]; then
- continue
- fi
- fi
-
- # Add device to the wipe list
- devname=$(basename $dev)
- if [ -e $dev -a "$ISO_DEV" != "../../$devname" -a "$USB_DEV" != "../../$devname" ]; then
- if [ -n "$WIPE_HDD" ]; then
- WIPE_HDD=$WIPE_HDD,$dev
- else
- WIPE_HDD=$dev
- fi
- fi
- done
- echo "Not in upgrade, wiping disks: $WIPE_HDD"
-fi
-
-for dev in ${WIPE_HDD//,/ }
-do
- # Clearing previous GPT tables or LVM data
- # Delete the first few bytes at the start and end of the partition. This is required with
- # GPT partitions, they save partition info at the start and the end of the block.
- # Do this for each partition on the disk, as well.
- partitions=$(lsblk -rip $dev -o TYPE,NAME |awk '$1 == "part" {print $2}')
- for p in $partitions $dev
- do
- echo "Pre-wiping $p from kickstart"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
- done
-done
-
-# Check for remaining cgts-vg PVs, which could potentially happen
-# in an upgrade where we're not wiping all disks.
-# If we ever create other volume groups from kickstart in the future,
-# include them in this search as well.
-partitions=$(pvs --select 'vg_name=cgts-vg' -o pv_name --noheading | grep -v '\[unknown\]')
-for p in $partitions
-do
- echo "Pre-wiping $p from kickstart (cgts-vg present)"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
-done
-
-let -i gb=1024*1024*1024
-
-cat<<EOF>/tmp/part-include
-clearpart --all --drives=$WIPE_HDD --initlabel
-EOF
-
-if [ -n "$ONLYUSE_HDD" ]; then
- cat<<EOF>>/tmp/part-include
-ignoredisk --only-use=$ONLYUSE_HDD
-EOF
-fi
-
-if [ -d /sys/firmware/efi ] ; then
- cat<<EOF>>/tmp/part-include
-part /boot/efi --fstype=efi --size=300 --ondrive=$(get_disk $boot_device)
-EOF
-else
- cat<<EOF>>/tmp/part-include
-part biosboot --asprimary --fstype=biosboot --size=1 --ondrive=$(get_disk $boot_device)
-EOF
-fi
-
-
-# Template from: pre_disk_storage.cfg
-
-sz=$(blockdev --getsize64 $(get_disk $rootfs_device))
-if [ $sz -le $((90*$gb)) ] ; then
- LOG_VOL_SIZE=4000
- SCRATCH_VOL_SIZE=4000
- ROOTFS_SIZE=10000
-else
- LOG_VOL_SIZE=8000
- SCRATCH_VOL_SIZE=8000
- ROOTFS_SIZE=20000
-fi
-
-ROOTFS_OPTIONS="defaults"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- # Enable iversion labelling for rootfs when IMA is enabled
- ROOTFS_OPTIONS="${ROOTFS_OPTIONS},iversion"
-fi
-
-cat<<EOF>>/tmp/part-include
-part /boot --fstype=ext4 --asprimary --size=500 --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-part pv.253004 --grow --asprimary --size=500 --ondrive=$(get_disk $rootfs_device)
-volgroup cgts-vg --pesize=32768 pv.253004
-logvol /var/log --fstype=ext4 --vgname=cgts-vg --size=$LOG_VOL_SIZE --name=log-lv
-logvol /scratch --fstype=ext4 --vgname=cgts-vg --size=$SCRATCH_VOL_SIZE --name=scratch-lv
-part / --fstype=ext4 --asprimary --size=$ROOTFS_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-
-EOF
-
-%end
-
-
-# Template from: post_platform_conf_storage.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Retrieve the installation uuid from the controller we booted from
-http_port=$(get_http_port)
-INSTALL_UUID=`curl -sf http://pxecontroller:${http_port:-8080}/feed/rel-19.12/install_uuid`
-if [ $? -ne 0 ]
-then
- INSTALL_UUID=unknown
-fi
-
-# Set the security profile mode
-secprofile="standard"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- secprofile="extended"
-fi
-
-mkdir -p -m 0775 /etc/platform
-cat <<EOF > /etc/platform/platform.conf
-nodetype=storage
-subfunction=storage
-system_type=Standard
-security_profile=$secprofile
-INSTALL_UUID=$INSTALL_UUID
-EOF
-
-%end
-
-# Template from: post_common.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Turn off locale support for i18n if is not installed
-if [ ! -d /usr/share/i18n ] ; then
- rm -f /etc/sysconfig/i18n
-fi
-# Unset the hostname
-rm /etc/hostname
-
-# If using a serial install make sure to add a getty on the tty1
-conarg=`cat /proc/cmdline |xargs -n1 echo |grep console= |grep ttyS`
-if [ -n "$conarg" ] ; then
- echo "1:2345:respawn:/sbin/mingetty tty1" >> /etc/inittab
-fi
-
-#### SECURITY PROFILE HANDLING (Post Installation) ####
-# Check if the Security profile mode is enabled
-# and load the appropriate kernel modules
-secprofile=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$secprofile" ]; then
- echo "In Extended Security profile mode. Loading IMA kernel module"
- systemctl enable auditd.service
- # Add the securityfs mount for the IMA Runtime measurement list
- echo "securityfs /sys/kernel/security securityfs defaults,nodev 0 0" >> /etc/fstab
-else
- # Disable audit daemon in the Standard Security Profile
- systemctl disable auditd
-fi
-
-. /etc/platform/platform.conf
-# Configure smart package manager channels
-rm -rf /var/lib/smart
-mkdir /var/lib/smart
-/usr/bin/smart channel -y \
- --add rpmdb type=rpm-sys name="RPM Database"
-/usr/bin/smart channel -y \
- --add base type=rpm-md name="Base" baseurl=http://controller:${http_port:-8080}/feed/rel-19.12
-/usr/bin/smart channel -y \
- --add updates type=rpm-md name="Patches" baseurl=http://controller:${http_port:-8080}/updates/rel-19.12
-
-# Configure smart to use rpm --nolinktos option
-/usr/bin/smart config --set rpm-nolinktos=true
-
-# Configure smart to use rpm --nosignature option
-/usr/bin/smart config --set rpm-check-signatures=false
-
-# Delete the CentOS yum repo files
-rm -f /etc/yum.repos.d/CentOS-*
-
-# Persist the boot device naming as UDEV rules so that if the network device
-# order changes post-install that we will still be able to DHCP from the
-# correct interface to reach the active controller. For most nodes only the
-# management/boot interface needs to be persisted but because we require both
-# controllers to be identically configured and controller-0 and controller-1
-# are installed differently (e.g., controller-0 from USB and controller-1 from
-# network) it is not possible to know which interface to persist for
-# controller-0. The simplest solution is to persist all interfaces.
-#
-mkdir -p /etc/udev/rules.d
-echo "# Persisted network interfaces from anaconda installer" > /etc/udev/rules.d/70-persistent-net.rules
-for dir in /sys/class/net/*; do
- if [ -e ${dir}/device ]; then
- dev=$(basename ${dir})
- mac_address=$(cat /sys/class/net/${dev}/address)
- echo "ACTION==\"add\", SUBSYSTEM==\"net\", DRIVERS==\"?*\", ATTR{address}==\"${mac_address}\", NAME=\"${dev}\"" >> /etc/udev/rules.d/70-persistent-net.rules
- fi
-done
-
-# Mark the sysadmin password as expired immediately
-chage -d 0 sysadmin
-
-# Lock the root password
-passwd -l root
-
-# Enable tmpfs mount for /tmp
-# delete /var/tmp so that it can similinked in
-rm -rf /var/tmp
-systemctl enable tmp.mount
-
-# Disable automount of /dev/hugepages
-systemctl mask dev-hugepages.mount
-
-# Disable firewall
-systemctl disable firewalld
-
-# Disable libvirtd
-systemctl disable libvirtd.service
-
-# Enable rsyncd
-systemctl enable rsyncd.service
-
-# Allow root to run sudo from a non-tty (for scripts running as root that run sudo cmds)
-echo 'Defaults:root !requiretty' > /etc/sudoers.d/root
-
-# Make fstab just root read/writable
-chmod 600 /etc/fstab
-
-# Create first_boot flag
-touch /etc/platform/.first_boot
-
-%end
-
-# Template from: post_kernel_storage.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-## Custom kernel options
-KERN_OPTS=" intel_iommu=off usbcore.autosuspend=-1"
-## Add kernel options to ensure an selinux is disabled
-KERN_OPTS="${KERN_OPTS} selinux=0 enforcing=0"
-
-# Add kernel options to ensure NMI watchdog is enabled, if supported
-KERN_OPTS="${KERN_OPTS} nmi_watchdog=panic,1 softlockup_panic=1"
-
-# Add kernel option to disable biosdevname if enabled
-# As this may already be in GRUB_CMDLINE_LINUX, only add if it is not already present
-grep -q '^GRUB_CMDLINE_LINUX=.*biosdevname=0' /etc/default/grub
-if [ $? -ne 0 ]; then
- KERN_OPTS="${KERN_OPTS} biosdevname=0"
-fi
-
-# k8s updates:
-#KERN_OPTS="${KERN_OPTS} cgroup_disable=memory"
-KERN_OPTS="${KERN_OPTS} user_namespace.enable=1"
-
-# If the installer asked us to use security related kernel params, use
-# them in the grub line as well (until they can be configured via puppet)
-grep -q 'nopti' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nopti"
-fi
-grep -q 'nospectre_v2' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nospectre_v2"
-fi
-
-perl -pi -e 's/(GRUB_CMDLINE_LINUX=.*)\"/\1'"$KERN_OPTS"'\"/g' /etc/default/grub
-
-if [ -d /sys/firmware/efi ] ; then
- grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
-else
- grub2-mkconfig -o /boot/grub2/grub.cfg
-fi
-
-%end
-
-
-# Template from: post_lvm_pv_on_rootfs.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# uncomment the global_filter line in lvm.conf
-perl -0777 -i.bak -pe 's:(# This configuration option has an automatic default value\.\n)\t# global_filter:$1 global_filter:m' /etc/lvm/lvm.conf
-
-# Determine which disk we created our PV on (i.e. the root disk)
-ROOTDISK=$(get_by_path $(pvdisplay --select 'vg_name=cgts-vg' -C -o pv_name --noheadings))
-if [ -z "$ROOTDISK" ]; then
- report_post_failure_with_msg "ERROR: failed to identify rootdisk via pvdisplay"
-fi
-# Edit the LVM config so LVM only looks for LVs on the root disk
-sed -i "s#^\( *\)global_filter = \[.*#\1global_filter = [ \"a|${ROOTDISK}|\", \"r|.*|\" ]#" /etc/lvm/lvm.conf
-%end
-
-
-# Template from: post_net_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-http_port=$(get_http_port)
-echo "repo --name=base --baseurl=http://pxecontroller:${http_port:-8080}/feed/rel-19.12/" > /tmp/repo-include
-echo "repo --name=updates --baseurl=http://pxecontroller:${http_port:-8080}/updates/rel-19.12/" > /tmp/repo-include
-
-%end
-
-# Repository arguments from %pre
-%include /tmp/repo-include
-
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Persist the http port to the platform configuration
-echo http_port=$(get_http_port) >> /etc/platform/platform.conf
-
-# Obtain the boot interface from the PXE boot
-BOOTIF=`cat /proc/cmdline |xargs -n1 echo |grep BOOTIF=`
-if [ -d /sys/firmware/efi ] ; then
- BOOTIF=${BOOTIF#BOOTIF=}
-else
- BOOTIF=${BOOTIF#BOOTIF=01-}
- BOOTIF=${BOOTIF//-/:}
-fi
-
-mgmt_dev=none
-mgmt_vlan=0
-if [ -n "$BOOTIF" ] ; then
- ndev=`ip link show |grep -B 1 $BOOTIF |head -1 |awk '{print $2}' |sed -e 's/://'`
- if [ -n "$ndev" ] ; then
- mgmt_dev=$ndev
- # Retrieve the management VLAN from sysinv if it exists
- mgmt_vlan=`curl -sf http://pxecontroller:6385/v1/isystems/mgmtvlan`
- if [ $? -ne 0 ]
- then
- report_post_failure_with_msg "ERROR: Unable to communicate with System Inventory REST API. Aborting installation."
- fi
- else
- report_post_failure_with_msg "ERROR: Unable to determine mgmt interface from BOOTIF=$BOOTIF."
- fi
-else
- report_post_failure_with_msg "ERROR: BOOTIF is not set. Unable to determine mgmt interface."
-fi
-
-if [ $mgmt_vlan -eq 0 ] ; then
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=$mgmt_dev >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=dhcp
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
-else
-
- # Check whether to use inet or inet6
- ipv6_addr=$(dig +short AAAA controller)
- if [[ -n "$ipv6_addr" ]]
- then
- mgmt_address_family=inet6
- ipv6init=yes
- dhcpv6c=yes
- dhclientargs=-1
- else
- mgmt_address_family=inet
- ipv6init=no
- dhcpv6c=no
- dhclientargs=
- fi
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=vlan$mgmt_vlan >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=none
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-vlan$mgmt_vlan
-DEVICE=vlan$mgmt_vlan
-BOOTPROTO=dhcp
-DHCLIENTARGS=$dhclientargs
-IPV6INIT=$ipv6init
-DHCPV6C=$dhcpv6c
-ONBOOT=yes
-IPV6_AUTOCONF=no
-PHYSDEV=$mgmt_dev
-VLAN=yes
-LINKDELAY=20
-EOF
-
- # Reject DHCPOFFER from DHCP server that doesn't send
- # wrs-install-uuid option
- echo "require wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
- echo "require dhcp6.wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
-
- # Bring up the mgmt vlan so that a dhcp lease is acquired and an address is
- # setup prior to the post-install reboot. This is so that the timing of the IP
- # address allocation is similar to how normal/non-pxe installation works.
- mgmt_iface=vlan$mgmt_vlan
- dhclient_family=$([[ $mgmt_address_family == "inet" ]] && echo -4 || echo -6)
- ip link add link $mgmt_dev name $mgmt_iface type vlan id $mgmt_vlan
- ip link set up dev $mgmt_iface
- dhclient $dhclient_family $mgmt_iface || true
-
-fi
-
-%end
+++ /dev/null
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-# SPDX-License-Identifier: Apache-2.0
-#
-
-%pre
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-%post
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-
-# Template from: pre_common_head.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-append=
-if [ -n "$console" ] ; then
- append="console=$console"
-fi
-
-if [ -n "$security_profile" ]; then
- append="$append security_profile=$security_profile"
-fi
-
-#### SECURITY PROFILE HANDLING (Pre Installation) ####
-if [ -n "$security_profile" ] && [ "$security_profile" == "extended" ]; then
- # IMA specific boot options:
- # Enable Kernel auditing
- append="$append audit=1"
-else
- # we need to blacklist the IMA and Integrity Modules
- # on standard security profile
- append="$append module_blacklist=integrity,ima"
-
- # Disable Kernel auditing in Standard Security Profile mode
- append="$append audit=0"
-fi
-
-if [ -n "$tboot" ]; then
- append="$append tboot=$tboot"
-else
- append="$append tboot=false"
-fi
-
-boot_device_arg=
-if [ -n "$boot_device" ] ; then
- boot_device_arg="--boot-drive=$(get_by_path $boot_device)"
-fi
-
-echo "bootloader --location=mbr $boot_device_arg --timeout=5 --append=\"$append\"" > /tmp/bootloader-include
-
-echo "timezone --nontp --utc UTC" >/tmp/timezone-include
-%end
-
-#version=DEVEL
-install
-lang en_US.UTF-8
-keyboard us
-%include /tmp/timezone-include
-# set to 'x' so we can use shadow password
-rootpw --iscrypted x
-selinux --disabled
-authconfig --enableshadow --passalgo=sha512
-firewall --service=ssh
-
-# The following is the partition information you requested
-# Note that any partitions you deleted are not expressed
-# here so unless you clear all partitions first, this is
-# not guaranteed to work
-zerombr
-
-# Disk layout from %pre
-%include /tmp/part-include
-# Bootloader parms from %pre
-%include /tmp/bootloader-include
-
-reboot --eject
-
-
-# Template from: pre_net_common.cfg
-%pre
-
-# Setup ntp.conf and sync time
-cat <<EOF >/etc/ntp_kickstart.conf
-server pxecontroller
-EOF
-
-/usr/sbin/ntpd -g -q -n -c /etc/ntp_kickstart.conf
-if [ $? -eq 0 ]; then
- /sbin/hwclock --systohc --utc
-fi
-
-%end
-
-
-# Template from: pre_pkglist.cfg
-%packages
-@core
-@base
--kernel-module-igb-uio-rt
--kernel-module-wrs-avp-rt
--kernel-rt
--kernel-rt-kvm
--kernel-rt-tools
--kernel-rt-tools-libs
--kmod-drbd-rt
--kmod-e1000e-rt
--kmod-i40e-rt
--kmod-ixgbe-rt
--kmod-tpm-rt
--mlnx-ofa_kernel
--mlnx-ofa_kernel-rt
--mlnx-ofa_kernel-rt-modules
--qat16-rt
-@platform-worker
-@updates-worker
-%end
-
-
-# Template from: pre_disk_setup_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# This is a really fancy way of finding the first usable disk for the
-# install and not stomping on the USB device if it comes up first
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-# Find either the ISO or USB device first chopping off partition
-ISO_DEV=`readlink /dev/disk/by-label/oe_iso_boot`
-sdev=`echo $ISO_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- ISO_DEV=$sdev
-fi
-USB_DEV=`readlink /dev/disk/by-label/wr_usb_boot`
-sdev=`echo $USB_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- USB_DEV=$sdev
-fi
-
-# Temporary, until lab pxelinux.cfg files are updated to specify install devices
-if [ -z "$rootfs_device" -o -z "$boot_device" ]
-then
- INST_HDD=""
- # Prefer a vd* device if this is kvm/qemu
- for e in vda vdb sda sdb nvme0n1; do
- if [ -e /dev/$e -a "$ISO_DEV" != "../../$e" -a "$USB_DEV" != "../../$e" ] ; then
- INST_HDD=$e
- break
- fi
- done
-
- # Set variables to $INST_HDD if not set
- rootfs_device=${rootfs_device:-$INST_HDD}
- boot_device=${boot_device:-$INST_HDD}
-fi
-
-# Convert to by-path
-orig_rootfs_device=$rootfs_device
-rootfs_device=$(get_by_path $rootfs_device)
-
-orig_boot_device=$boot_device
-boot_device=$(get_by_path $boot_device)
-
-if [ ! -e "$rootfs_device" -o ! -e "$boot_device" ] ; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is invalid."
-fi
-
-# Ensure specified device is not a USB drive
-udevadm info --query=property --name=$rootfs_device |grep -q '^ID_BUS=usb' || \
- udevadm info --query=property --name=$boot_device |grep -q '^ID_BUS=usb'
-if [ $? -eq 0 ]; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is a USB drive."
-fi
-
-# Deactivate existing volume groups to avoid Anaconda issues with pre-existing groups
-vgs --noheadings -o vg_name | xargs --no-run-if-empty -n 1 vgchange -an
-
-# Remove volumes and group for cgts-vg, if any
-lvremove --force cgts-vg
-pvs --select 'vg_name=cgts-vg' --noheadings -o pv_name | xargs --no-run-if-empty pvremove --force --force --yes
-vgs --select 'vg_name=cgts-vg' --noheadings -o vg_name | xargs --no-run-if-empty vgremove --force
-
-ONLYUSE_HDD=""
-if [ "$(curl -sf http://pxecontroller:6385/v1/upgrade/$(hostname)/in_upgrade 2>/dev/null)" = "true" ]; then
- # In an upgrade, only wipe the disk with the rootfs and boot partition
- echo "In upgrade, wiping only $rootfs_device"
- WIPE_HDD="$(get_disk $rootfs_device)"
- ONLYUSE_HDD="$(basename $(get_disk $rootfs_device))"
- if [ "$(get_disk $rootfs_device)" != "$(get_disk $boot_device)" ]; then
- WIPE_HDD="$WIPE_HDD,$(get_disk $boot_device)"
- ONLYUSE_HDD="$ONLYUSE_HDD,$(basename $(get_disk $boot_device))"
- fi
-else
- # Make a list of all the hard drives that are to be wiped
- WIPE_HDD=""
- # Partition type OSD has a unique globally identifier
- part_type_guid_str="Partition GUID code"
- CEPH_OSD_GUID="4FBD7E29-9D25-41B8-AFD0-062C0CEFF05D"
-
- # Check if we wipe OSDs
- if [ "$(curl -sf http://pxecontroller:6385/v1/ihosts/wipe_osds 2>/dev/null)" = "true" ]; then
- echo "Wipe OSD data."
- WIPE_CEPH_OSDS="true"
- else
- echo "Skip Ceph OSD data wipe."
- WIPE_CEPH_OSDS="false"
- fi
-
- for f in /dev/disk/by-path/*
- do
- dev=$(readlink -f $f)
- lsblk --nodeps --pairs $dev | grep -q 'TYPE="disk"'
- if [ $? -ne 0 ]
- then
- continue
- fi
-
- # Avoid wiping USB drives
- udevadm info --query=property --name=$dev |grep -q '^ID_BUS=usb' && continue
-
- # Avoid wiping ceph osds if sysinv tells us so
- if [ ${WIPE_CEPH_OSDS} == "false" ]; then
- wipe_dev="true"
- part_numbers=( `parted -s $dev print | awk '$1 == "Number" {i=1; next}; i {print $1}'` )
- # Scanning the partitions looking for CEPH OSDs and
- # skipping any disk found with such partitions
- for part_number in "${part_numbers[@]}"; do
- sgdisk_part_info=$(flock $dev sgdisk -i $part_number $dev)
- part_type_guid=$(echo "$sgdisk_part_info" | grep "$part_type_guid_str" | awk '{print $4;}')
- if [ "$part_type_guid" == $CEPH_OSD_GUID ]; then
- echo "OSD found on $dev, skipping wipe"
- wipe_dev="false"
- break
- fi
- done
- if [ "$wipe_dev" == "false" ]; then
- continue
- fi
- fi
-
- # Add device to the wipe list
- devname=$(basename $dev)
- if [ -e $dev -a "$ISO_DEV" != "../../$devname" -a "$USB_DEV" != "../../$devname" ]; then
- if [ -n "$WIPE_HDD" ]; then
- WIPE_HDD=$WIPE_HDD,$dev
- else
- WIPE_HDD=$dev
- fi
- fi
- done
- echo "Not in upgrade, wiping disks: $WIPE_HDD"
-fi
-
-for dev in ${WIPE_HDD//,/ }
-do
- # Clearing previous GPT tables or LVM data
- # Delete the first few bytes at the start and end of the partition. This is required with
- # GPT partitions, they save partition info at the start and the end of the block.
- # Do this for each partition on the disk, as well.
- partitions=$(lsblk -rip $dev -o TYPE,NAME |awk '$1 == "part" {print $2}')
- for p in $partitions $dev
- do
- echo "Pre-wiping $p from kickstart"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
- done
-done
-
-# Check for remaining cgts-vg PVs, which could potentially happen
-# in an upgrade where we're not wiping all disks.
-# If we ever create other volume groups from kickstart in the future,
-# include them in this search as well.
-partitions=$(pvs --select 'vg_name=cgts-vg' -o pv_name --noheading | grep -v '\[unknown\]')
-for p in $partitions
-do
- echo "Pre-wiping $p from kickstart (cgts-vg present)"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
-done
-
-let -i gb=1024*1024*1024
-
-cat<<EOF>/tmp/part-include
-clearpart --all --drives=$WIPE_HDD --initlabel
-EOF
-
-if [ -n "$ONLYUSE_HDD" ]; then
- cat<<EOF>>/tmp/part-include
-ignoredisk --only-use=$ONLYUSE_HDD
-EOF
-fi
-
-if [ -d /sys/firmware/efi ] ; then
- cat<<EOF>>/tmp/part-include
-part /boot/efi --fstype=efi --size=300 --ondrive=$(get_disk $boot_device)
-EOF
-else
- cat<<EOF>>/tmp/part-include
-part biosboot --asprimary --fstype=biosboot --size=1 --ondrive=$(get_disk $boot_device)
-EOF
-fi
-
-
-# Template from: pre_disk_worker.cfg
-LOG_VOL_SIZE=4000
-SCRATCH_VOL_SIZE=4000
-BOOT_VOL_SIZE=500
-
-## LOG_VOL_SIZE = 4096
-## SCRATCH_VOL_SIZE = 4096
-## DOCKER = 30720
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-## CGTS_PV_SIZE = 4096 + 4096 + 30720 + 20480 + 10240 + 16 = 69648
-##
-## Round CGTS_PV_SIZE to the closest upper value that can be divided by 1024.
-## 69648/1024=68.01. CGTS_PV_SIZE=69*1024=70656.
-CGTS_PV_SIZE=70656
-
-sz=$(blockdev --getsize64 $(get_disk $rootfs_device))
-if [ $sz -le $((80*$gb)) ] ; then
- ## Less than 80GB use a 10GB root partition
- ROOTFS_SIZE=10000
-else
- ## Use a 20GB root partition
- ROOTFS_SIZE=20000
-fi
-
-ROOTFS_OPTIONS="defaults"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- # Enable iversion labelling for rootfs when IMA is enabled
- ROOTFS_OPTIONS="${ROOTFS_OPTIONS},iversion"
-fi
-
-cat<<EOF>>/tmp/part-include
-part /boot --fstype=ext4 --asprimary --size=$BOOT_VOL_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-part pv.253004 --asprimary --size=$CGTS_PV_SIZE --ondrive=$(get_disk $rootfs_device)
-volgroup cgts-vg --pesize=32768 pv.253004
-logvol /var/log --fstype=ext4 --vgname=cgts-vg --size=$LOG_VOL_SIZE --name=log-lv
-logvol /scratch --fstype=ext4 --vgname=cgts-vg --size=$SCRATCH_VOL_SIZE --name=scratch-lv
-part / --fstype=ext4 --asprimary --size=$ROOTFS_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-
-EOF
-
-%end
-
-
-# Template from: post_platform_conf_worker.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Retrieve the installation uuid from the controller we booted from
-http_port=$(get_http_port)
-INSTALL_UUID=`curl -sf http://pxecontroller:${http_port:-8080}/feed/rel-19.12/install_uuid`
-if [ $? -ne 0 ]
-then
- INSTALL_UUID=unknown
-fi
-
-# Set the security profile mode
-secprofile="standard"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- secprofile="extended"
-fi
-
-mkdir -p -m 0775 /etc/platform
-cat <<EOF > /etc/platform/platform.conf
-nodetype=worker
-subfunction=worker
-system_type=Standard
-security_profile=$secprofile
-INSTALL_UUID=$INSTALL_UUID
-EOF
-
-# mount the platform directory from the controller
-cat >> /etc/fstab <<EOF
-controller-platform-nfs:/opt/platform /opt/platform nfs timeo=30,udp,rsize=1024,wsize=1024,_netdev 0 0
-EOF
-
-%end
-
-# Template from: post_common.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Turn off locale support for i18n if is not installed
-if [ ! -d /usr/share/i18n ] ; then
- rm -f /etc/sysconfig/i18n
-fi
-# Unset the hostname
-rm /etc/hostname
-
-# If using a serial install make sure to add a getty on the tty1
-conarg=`cat /proc/cmdline |xargs -n1 echo |grep console= |grep ttyS`
-if [ -n "$conarg" ] ; then
- echo "1:2345:respawn:/sbin/mingetty tty1" >> /etc/inittab
-fi
-
-#### SECURITY PROFILE HANDLING (Post Installation) ####
-# Check if the Security profile mode is enabled
-# and load the appropriate kernel modules
-secprofile=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$secprofile" ]; then
- echo "In Extended Security profile mode. Loading IMA kernel module"
- systemctl enable auditd.service
- # Add the securityfs mount for the IMA Runtime measurement list
- echo "securityfs /sys/kernel/security securityfs defaults,nodev 0 0" >> /etc/fstab
-else
- # Disable audit daemon in the Standard Security Profile
- systemctl disable auditd
-fi
-
-. /etc/platform/platform.conf
-# Configure smart package manager channels
-rm -rf /var/lib/smart
-mkdir /var/lib/smart
-/usr/bin/smart channel -y \
- --add rpmdb type=rpm-sys name="RPM Database"
-/usr/bin/smart channel -y \
- --add base type=rpm-md name="Base" baseurl=http://controller:${http_port:-8080}/feed/rel-19.12
-/usr/bin/smart channel -y \
- --add updates type=rpm-md name="Patches" baseurl=http://controller:${http_port:-8080}/updates/rel-19.12
-
-# Configure smart to use rpm --nolinktos option
-/usr/bin/smart config --set rpm-nolinktos=true
-
-# Configure smart to use rpm --nosignature option
-/usr/bin/smart config --set rpm-check-signatures=false
-
-# Delete the CentOS yum repo files
-rm -f /etc/yum.repos.d/CentOS-*
-
-# Persist the boot device naming as UDEV rules so that if the network device
-# order changes post-install that we will still be able to DHCP from the
-# correct interface to reach the active controller. For most nodes only the
-# management/boot interface needs to be persisted but because we require both
-# controllers to be identically configured and controller-0 and controller-1
-# are installed differently (e.g., controller-0 from USB and controller-1 from
-# network) it is not possible to know which interface to persist for
-# controller-0. The simplest solution is to persist all interfaces.
-#
-mkdir -p /etc/udev/rules.d
-echo "# Persisted network interfaces from anaconda installer" > /etc/udev/rules.d/70-persistent-net.rules
-for dir in /sys/class/net/*; do
- if [ -e ${dir}/device ]; then
- dev=$(basename ${dir})
- mac_address=$(cat /sys/class/net/${dev}/address)
- echo "ACTION==\"add\", SUBSYSTEM==\"net\", DRIVERS==\"?*\", ATTR{address}==\"${mac_address}\", NAME=\"${dev}\"" >> /etc/udev/rules.d/70-persistent-net.rules
- fi
-done
-
-# Mark the sysadmin password as expired immediately
-chage -d 0 sysadmin
-
-# Lock the root password
-passwd -l root
-
-# Enable tmpfs mount for /tmp
-# delete /var/tmp so that it can similinked in
-rm -rf /var/tmp
-systemctl enable tmp.mount
-
-# Disable automount of /dev/hugepages
-systemctl mask dev-hugepages.mount
-
-# Disable firewall
-systemctl disable firewalld
-
-# Disable libvirtd
-systemctl disable libvirtd.service
-
-# Enable rsyncd
-systemctl enable rsyncd.service
-
-# Allow root to run sudo from a non-tty (for scripts running as root that run sudo cmds)
-echo 'Defaults:root !requiretty' > /etc/sudoers.d/root
-
-# Make fstab just root read/writable
-chmod 600 /etc/fstab
-
-# Create first_boot flag
-touch /etc/platform/.first_boot
-
-%end
-
-# Template from: post_kernel_aio_and_worker.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-# Update grub with custom kernel bootargs
-source /etc/init.d/cpumap_functions.sh
-n_cpus=$(cat /proc/cpuinfo 2>/dev/null | \
- awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-n_numa=$(ls -d /sys/devices/system/node/node* 2>/dev/null | wc -l)
-KERN_OPTS=" iommu=pt usbcore.autosuspend=-1"
-
-KERN_OPTS="${KERN_OPTS} hugepagesz=2M hugepages=0 default_hugepagesz=2M"
-
-# If this is an all-in-one system, we need at least 4 CPUs
-if [ "$system_type" = "All-in-one" -a ${n_cpus} -lt 4 ]; then
- report_post_failure_with_msg "ERROR: At least 4 CPUs are required for controller+worker node."
-fi
-
-# Add kernel options for cpu isolation / affinity
-if [ ${n_cpus} -gt 1 ]
-then
- base_cpulist=$(platform_expanded_cpu_list)
- base_cpumap=$(cpulist_to_cpumap ${base_cpulist} ${n_cpus})
- avp_cpulist=$(vswitch_expanded_cpu_list)
- norcu_cpumap=$(invert_cpumap ${base_cpumap} ${n_cpus})
- norcu_cpulist=$(cpumap_to_cpulist ${norcu_cpumap} ${n_cpus})
-
- if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} isolcpus=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} nohz_full=${norcu_cpulist}"
- else
- KERN_OPTS="${KERN_OPTS} isolcpus=${avp_cpulist}"
- fi
- KERN_OPTS="${KERN_OPTS} rcu_nocbs=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} kthread_cpus=${base_cpulist}"
- KERN_OPTS="${KERN_OPTS} irqaffinity=${base_cpulist}"
- # Update vswitch.conf
- sed -i "s/^VSWITCH_CPU_LIST=.*/VSWITCH_CPU_LIST=\"${avp_cpulist}\"/" /etc/vswitch/vswitch.conf
-fi
-
-# Add kernel options to ensure an selinux is disabled
-KERN_OPTS="${KERN_OPTS} selinux=0 enforcing=0"
-
-# Add kernel options to set NMI watchdog
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=0 softlockup_panic=0"
-else
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=panic,1 softlockup_panic=1"
-fi
-
-if [[ "$(dmidecode -s system-product-name)" =~ ^ProLiant.*Gen8$ ]]; then
- KERN_OPTS="${KERN_OPTS} intel_iommu=on,eth_no_rmrr"
-else
- KERN_OPTS="${KERN_OPTS} intel_iommu=on"
-fi
-
-# Add kernel option to disable biosdevname if enabled
-# As this may already be in GRUB_CMDLINE_LINUX, only add if it is not already present
-grep -q '^GRUB_CMDLINE_LINUX=.*biosdevname=0' /etc/default/grub
-if [ $? -ne 0 ]; then
- KERN_OPTS="${KERN_OPTS} biosdevname=0"
-fi
-
-# Add kernel options to disable kvm-intel.eptad on Broadwell
-# Broadwell: Model: 79, Model name: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
-if grep -q -E "^model\s+:\s+79$" /proc/cpuinfo
-then
- KERN_OPTS="${KERN_OPTS} kvm-intel.eptad=0"
-fi
-
-# k8s updates:
-#KERN_OPTS="${KERN_OPTS} cgroup_disable=memory"
-KERN_OPTS="${KERN_OPTS} user_namespace.enable=1"
-
-# Add kernel option to avoid jiffies_lock contention on real-time kernel
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} skew_tick=1"
-fi
-
-# If the installer asked us to use security related kernel params, use
-# them in the grub line as well (until they can be configured via puppet)
-grep -q 'nopti' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nopti"
-fi
-grep -q 'nospectre_v2' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nospectre_v2"
-fi
-
-perl -pi -e 's/(GRUB_CMDLINE_LINUX=.*)\"/\1'"$KERN_OPTS"'\"/g' /etc/default/grub
-
-if [ -d /sys/firmware/efi ] ; then
- grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
-else
- grub2-mkconfig -o /boot/grub2/grub.cfg
-fi
-
-%end
-
-
-# Template from: post_lvm_pv_on_rootfs.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# uncomment the global_filter line in lvm.conf
-perl -0777 -i.bak -pe 's:(# This configuration option has an automatic default value\.\n)\t# global_filter:$1 global_filter:m' /etc/lvm/lvm.conf
-
-# Determine which disk we created our PV on (i.e. the root disk)
-ROOTDISK=$(get_by_path $(pvdisplay --select 'vg_name=cgts-vg' -C -o pv_name --noheadings))
-if [ -z "$ROOTDISK" ]; then
- report_post_failure_with_msg "ERROR: failed to identify rootdisk via pvdisplay"
-fi
-# Edit the LVM config so LVM only looks for LVs on the root disk
-sed -i "s#^\( *\)global_filter = \[.*#\1global_filter = [ \"a|${ROOTDISK}|\", \"r|.*|\" ]#" /etc/lvm/lvm.conf
-%end
-
-
-# Template from: post_net_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-http_port=$(get_http_port)
-echo "repo --name=base --baseurl=http://pxecontroller:${http_port:-8080}/feed/rel-19.12/" > /tmp/repo-include
-echo "repo --name=updates --baseurl=http://pxecontroller:${http_port:-8080}/updates/rel-19.12/" > /tmp/repo-include
-
-%end
-
-# Repository arguments from %pre
-%include /tmp/repo-include
-
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Persist the http port to the platform configuration
-echo http_port=$(get_http_port) >> /etc/platform/platform.conf
-
-# Obtain the boot interface from the PXE boot
-BOOTIF=`cat /proc/cmdline |xargs -n1 echo |grep BOOTIF=`
-if [ -d /sys/firmware/efi ] ; then
- BOOTIF=${BOOTIF#BOOTIF=}
-else
- BOOTIF=${BOOTIF#BOOTIF=01-}
- BOOTIF=${BOOTIF//-/:}
-fi
-
-mgmt_dev=none
-mgmt_vlan=0
-if [ -n "$BOOTIF" ] ; then
- ndev=`ip link show |grep -B 1 $BOOTIF |head -1 |awk '{print $2}' |sed -e 's/://'`
- if [ -n "$ndev" ] ; then
- mgmt_dev=$ndev
- # Retrieve the management VLAN from sysinv if it exists
- mgmt_vlan=`curl -sf http://pxecontroller:6385/v1/isystems/mgmtvlan`
- if [ $? -ne 0 ]
- then
- report_post_failure_with_msg "ERROR: Unable to communicate with System Inventory REST API. Aborting installation."
- fi
- else
- report_post_failure_with_msg "ERROR: Unable to determine mgmt interface from BOOTIF=$BOOTIF."
- fi
-else
- report_post_failure_with_msg "ERROR: BOOTIF is not set. Unable to determine mgmt interface."
-fi
-
-if [ $mgmt_vlan -eq 0 ] ; then
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=$mgmt_dev >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=dhcp
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
-else
-
- # Check whether to use inet or inet6
- ipv6_addr=$(dig +short AAAA controller)
- if [[ -n "$ipv6_addr" ]]
- then
- mgmt_address_family=inet6
- ipv6init=yes
- dhcpv6c=yes
- dhclientargs=-1
- else
- mgmt_address_family=inet
- ipv6init=no
- dhcpv6c=no
- dhclientargs=
- fi
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=vlan$mgmt_vlan >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=none
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-vlan$mgmt_vlan
-DEVICE=vlan$mgmt_vlan
-BOOTPROTO=dhcp
-DHCLIENTARGS=$dhclientargs
-IPV6INIT=$ipv6init
-DHCPV6C=$dhcpv6c
-ONBOOT=yes
-IPV6_AUTOCONF=no
-PHYSDEV=$mgmt_dev
-VLAN=yes
-LINKDELAY=20
-EOF
-
- # Reject DHCPOFFER from DHCP server that doesn't send
- # wrs-install-uuid option
- echo "require wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
- echo "require dhcp6.wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
-
- # Bring up the mgmt vlan so that a dhcp lease is acquired and an address is
- # setup prior to the post-install reboot. This is so that the timing of the IP
- # address allocation is similar to how normal/non-pxe installation works.
- mgmt_iface=vlan$mgmt_vlan
- dhclient_family=$([[ $mgmt_address_family == "inet" ]] && echo -4 || echo -6)
- ip link add link $mgmt_dev name $mgmt_iface type vlan id $mgmt_vlan
- ip link set up dev $mgmt_iface
- dhclient $dhclient_family $mgmt_iface || true
-
-fi
-
-%end
+++ /dev/null
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-# SPDX-License-Identifier: Apache-2.0
-#
-
-%pre
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-%post
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-
-# Template from: pre_common_head.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-append=
-if [ -n "$console" ] ; then
- append="console=$console"
-fi
-
-if [ -n "$security_profile" ]; then
- append="$append security_profile=$security_profile"
-fi
-
-#### SECURITY PROFILE HANDLING (Pre Installation) ####
-if [ -n "$security_profile" ] && [ "$security_profile" == "extended" ]; then
- # IMA specific boot options:
- # Enable Kernel auditing
- append="$append audit=1"
-else
- # we need to blacklist the IMA and Integrity Modules
- # on standard security profile
- append="$append module_blacklist=integrity,ima"
-
- # Disable Kernel auditing in Standard Security Profile mode
- append="$append audit=0"
-fi
-
-if [ -n "$tboot" ]; then
- append="$append tboot=$tboot"
-else
- append="$append tboot=false"
-fi
-
-boot_device_arg=
-if [ -n "$boot_device" ] ; then
- boot_device_arg="--boot-drive=$(get_by_path $boot_device)"
-fi
-
-echo "bootloader --location=mbr $boot_device_arg --timeout=5 --append=\"$append\"" > /tmp/bootloader-include
-
-echo "timezone --nontp --utc UTC" >/tmp/timezone-include
-%end
-
-#version=DEVEL
-install
-lang en_US.UTF-8
-keyboard us
-%include /tmp/timezone-include
-# set to 'x' so we can use shadow password
-rootpw --iscrypted x
-selinux --disabled
-authconfig --enableshadow --passalgo=sha512
-firewall --service=ssh
-
-# The following is the partition information you requested
-# Note that any partitions you deleted are not expressed
-# here so unless you clear all partitions first, this is
-# not guaranteed to work
-zerombr
-
-# Disk layout from %pre
-%include /tmp/part-include
-# Bootloader parms from %pre
-%include /tmp/bootloader-include
-
-reboot --eject
-
-
-# Template from: pre_net_common.cfg
-%pre
-
-# Setup ntp.conf and sync time
-cat <<EOF >/etc/ntp_kickstart.conf
-server pxecontroller
-EOF
-
-/usr/sbin/ntpd -g -q -n -c /etc/ntp_kickstart.conf
-if [ $? -eq 0 ]; then
- /sbin/hwclock --systohc --utc
-fi
-
-%end
-
-
-# Template from: pre_pkglist_lowlatency.cfg
-%packages
-@core
-@base
--kernel-module-igb-uio
--kernel-module-wrs-avp
--kernel
--kernel-tools
--kernel-tools-libs
--kmod-drbd
--kmod-e1000e
--kmod-i40e
--kmod-ixgbe
--kmod-tpm
--mlnx-ofa_kernel
--mlnx-ofa_kernel-rt
--mlnx-ofa_kernel-modules
--qat16
-@platform-worker-lowlatency
-@updates-worker-lowlatency
-%end
-
-
-# Template from: pre_disk_setup_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# This is a really fancy way of finding the first usable disk for the
-# install and not stomping on the USB device if it comes up first
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-# Find either the ISO or USB device first chopping off partition
-ISO_DEV=`readlink /dev/disk/by-label/oe_iso_boot`
-sdev=`echo $ISO_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- ISO_DEV=$sdev
-fi
-USB_DEV=`readlink /dev/disk/by-label/wr_usb_boot`
-sdev=`echo $USB_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- USB_DEV=$sdev
-fi
-
-# Temporary, until lab pxelinux.cfg files are updated to specify install devices
-if [ -z "$rootfs_device" -o -z "$boot_device" ]
-then
- INST_HDD=""
- # Prefer a vd* device if this is kvm/qemu
- for e in vda vdb sda sdb nvme0n1; do
- if [ -e /dev/$e -a "$ISO_DEV" != "../../$e" -a "$USB_DEV" != "../../$e" ] ; then
- INST_HDD=$e
- break
- fi
- done
-
- # Set variables to $INST_HDD if not set
- rootfs_device=${rootfs_device:-$INST_HDD}
- boot_device=${boot_device:-$INST_HDD}
-fi
-
-# Convert to by-path
-orig_rootfs_device=$rootfs_device
-rootfs_device=$(get_by_path $rootfs_device)
-
-orig_boot_device=$boot_device
-boot_device=$(get_by_path $boot_device)
-
-if [ ! -e "$rootfs_device" -o ! -e "$boot_device" ] ; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is invalid."
-fi
-
-# Ensure specified device is not a USB drive
-udevadm info --query=property --name=$rootfs_device |grep -q '^ID_BUS=usb' || \
- udevadm info --query=property --name=$boot_device |grep -q '^ID_BUS=usb'
-if [ $? -eq 0 ]; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is a USB drive."
-fi
-
-# Deactivate existing volume groups to avoid Anaconda issues with pre-existing groups
-vgs --noheadings -o vg_name | xargs --no-run-if-empty -n 1 vgchange -an
-
-# Remove volumes and group for cgts-vg, if any
-lvremove --force cgts-vg
-pvs --select 'vg_name=cgts-vg' --noheadings -o pv_name | xargs --no-run-if-empty pvremove --force --force --yes
-vgs --select 'vg_name=cgts-vg' --noheadings -o vg_name | xargs --no-run-if-empty vgremove --force
-
-ONLYUSE_HDD=""
-if [ "$(curl -sf http://pxecontroller:6385/v1/upgrade/$(hostname)/in_upgrade 2>/dev/null)" = "true" ]; then
- # In an upgrade, only wipe the disk with the rootfs and boot partition
- echo "In upgrade, wiping only $rootfs_device"
- WIPE_HDD="$(get_disk $rootfs_device)"
- ONLYUSE_HDD="$(basename $(get_disk $rootfs_device))"
- if [ "$(get_disk $rootfs_device)" != "$(get_disk $boot_device)" ]; then
- WIPE_HDD="$WIPE_HDD,$(get_disk $boot_device)"
- ONLYUSE_HDD="$ONLYUSE_HDD,$(basename $(get_disk $boot_device))"
- fi
-else
- # Make a list of all the hard drives that are to be wiped
- WIPE_HDD=""
- # Partition type OSD has a unique globally identifier
- part_type_guid_str="Partition GUID code"
- CEPH_OSD_GUID="4FBD7E29-9D25-41B8-AFD0-062C0CEFF05D"
-
- # Check if we wipe OSDs
- if [ "$(curl -sf http://pxecontroller:6385/v1/ihosts/wipe_osds 2>/dev/null)" = "true" ]; then
- echo "Wipe OSD data."
- WIPE_CEPH_OSDS="true"
- else
- echo "Skip Ceph OSD data wipe."
- WIPE_CEPH_OSDS="false"
- fi
-
- for f in /dev/disk/by-path/*
- do
- dev=$(readlink -f $f)
- lsblk --nodeps --pairs $dev | grep -q 'TYPE="disk"'
- if [ $? -ne 0 ]
- then
- continue
- fi
-
- # Avoid wiping USB drives
- udevadm info --query=property --name=$dev |grep -q '^ID_BUS=usb' && continue
-
- # Avoid wiping ceph osds if sysinv tells us so
- if [ ${WIPE_CEPH_OSDS} == "false" ]; then
- wipe_dev="true"
- part_numbers=( `parted -s $dev print | awk '$1 == "Number" {i=1; next}; i {print $1}'` )
- # Scanning the partitions looking for CEPH OSDs and
- # skipping any disk found with such partitions
- for part_number in "${part_numbers[@]}"; do
- sgdisk_part_info=$(flock $dev sgdisk -i $part_number $dev)
- part_type_guid=$(echo "$sgdisk_part_info" | grep "$part_type_guid_str" | awk '{print $4;}')
- if [ "$part_type_guid" == $CEPH_OSD_GUID ]; then
- echo "OSD found on $dev, skipping wipe"
- wipe_dev="false"
- break
- fi
- done
- if [ "$wipe_dev" == "false" ]; then
- continue
- fi
- fi
-
- # Add device to the wipe list
- devname=$(basename $dev)
- if [ -e $dev -a "$ISO_DEV" != "../../$devname" -a "$USB_DEV" != "../../$devname" ]; then
- if [ -n "$WIPE_HDD" ]; then
- WIPE_HDD=$WIPE_HDD,$dev
- else
- WIPE_HDD=$dev
- fi
- fi
- done
- echo "Not in upgrade, wiping disks: $WIPE_HDD"
-fi
-
-for dev in ${WIPE_HDD//,/ }
-do
- # Clearing previous GPT tables or LVM data
- # Delete the first few bytes at the start and end of the partition. This is required with
- # GPT partitions, they save partition info at the start and the end of the block.
- # Do this for each partition on the disk, as well.
- partitions=$(lsblk -rip $dev -o TYPE,NAME |awk '$1 == "part" {print $2}')
- for p in $partitions $dev
- do
- echo "Pre-wiping $p from kickstart"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
- done
-done
-
-# Check for remaining cgts-vg PVs, which could potentially happen
-# in an upgrade where we're not wiping all disks.
-# If we ever create other volume groups from kickstart in the future,
-# include them in this search as well.
-partitions=$(pvs --select 'vg_name=cgts-vg' -o pv_name --noheading | grep -v '\[unknown\]')
-for p in $partitions
-do
- echo "Pre-wiping $p from kickstart (cgts-vg present)"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
-done
-
-let -i gb=1024*1024*1024
-
-cat<<EOF>/tmp/part-include
-clearpart --all --drives=$WIPE_HDD --initlabel
-EOF
-
-if [ -n "$ONLYUSE_HDD" ]; then
- cat<<EOF>>/tmp/part-include
-ignoredisk --only-use=$ONLYUSE_HDD
-EOF
-fi
-
-if [ -d /sys/firmware/efi ] ; then
- cat<<EOF>>/tmp/part-include
-part /boot/efi --fstype=efi --size=300 --ondrive=$(get_disk $boot_device)
-EOF
-else
- cat<<EOF>>/tmp/part-include
-part biosboot --asprimary --fstype=biosboot --size=1 --ondrive=$(get_disk $boot_device)
-EOF
-fi
-
-
-# Template from: pre_disk_worker.cfg
-LOG_VOL_SIZE=4000
-SCRATCH_VOL_SIZE=4000
-BOOT_VOL_SIZE=500
-
-## LOG_VOL_SIZE = 4096
-## SCRATCH_VOL_SIZE = 4096
-## DOCKER = 30720
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-## CGTS_PV_SIZE = 4096 + 4096 + 30720 + 20480 + 10240 + 16 = 69648
-##
-## Round CGTS_PV_SIZE to the closest upper value that can be divided by 1024.
-## 69648/1024=68.01. CGTS_PV_SIZE=69*1024=70656.
-CGTS_PV_SIZE=70656
-
-sz=$(blockdev --getsize64 $(get_disk $rootfs_device))
-if [ $sz -le $((80*$gb)) ] ; then
- ## Less than 80GB use a 10GB root partition
- ROOTFS_SIZE=10000
-else
- ## Use a 20GB root partition
- ROOTFS_SIZE=20000
-fi
-
-ROOTFS_OPTIONS="defaults"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- # Enable iversion labelling for rootfs when IMA is enabled
- ROOTFS_OPTIONS="${ROOTFS_OPTIONS},iversion"
-fi
-
-cat<<EOF>>/tmp/part-include
-part /boot --fstype=ext4 --asprimary --size=$BOOT_VOL_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-part pv.253004 --asprimary --size=$CGTS_PV_SIZE --ondrive=$(get_disk $rootfs_device)
-volgroup cgts-vg --pesize=32768 pv.253004
-logvol /var/log --fstype=ext4 --vgname=cgts-vg --size=$LOG_VOL_SIZE --name=log-lv
-logvol /scratch --fstype=ext4 --vgname=cgts-vg --size=$SCRATCH_VOL_SIZE --name=scratch-lv
-part / --fstype=ext4 --asprimary --size=$ROOTFS_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-
-EOF
-
-%end
-
-
-# Template from: post_platform_conf_worker_lowlatency.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Retrieve the installation uuid from the controller we booted from
-http_port=$(get_http_port)
-INSTALL_UUID=`curl -sf http://pxecontroller:${http_port:-8080}/feed/rel-19.12/install_uuid`
-if [ $? -ne 0 ]
-then
- INSTALL_UUID=unknown
-fi
-
-# Set the security profile mode
-secprofile="standard"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- secprofile="extended"
-fi
-
-mkdir -p -m 0775 /etc/platform
-cat <<EOF > /etc/platform/platform.conf
-nodetype=worker
-subfunction=worker,lowlatency
-system_type=Standard
-security_profile=$secprofile
-INSTALL_UUID=$INSTALL_UUID
-EOF
-
-# mount the platform directory from the controller
-cat >> /etc/fstab <<EOF
-controller-platform-nfs:/opt/platform /opt/platform nfs timeo=30,udp,rsize=1024,wsize=1024,_netdev 0 0
-EOF
-
-%end
-
-# Template from: post_common.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Turn off locale support for i18n if is not installed
-if [ ! -d /usr/share/i18n ] ; then
- rm -f /etc/sysconfig/i18n
-fi
-# Unset the hostname
-rm /etc/hostname
-
-# If using a serial install make sure to add a getty on the tty1
-conarg=`cat /proc/cmdline |xargs -n1 echo |grep console= |grep ttyS`
-if [ -n "$conarg" ] ; then
- echo "1:2345:respawn:/sbin/mingetty tty1" >> /etc/inittab
-fi
-
-#### SECURITY PROFILE HANDLING (Post Installation) ####
-# Check if the Security profile mode is enabled
-# and load the appropriate kernel modules
-secprofile=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$secprofile" ]; then
- echo "In Extended Security profile mode. Loading IMA kernel module"
- systemctl enable auditd.service
- # Add the securityfs mount for the IMA Runtime measurement list
- echo "securityfs /sys/kernel/security securityfs defaults,nodev 0 0" >> /etc/fstab
-else
- # Disable audit daemon in the Standard Security Profile
- systemctl disable auditd
-fi
-
-. /etc/platform/platform.conf
-# Configure smart package manager channels
-rm -rf /var/lib/smart
-mkdir /var/lib/smart
-/usr/bin/smart channel -y \
- --add rpmdb type=rpm-sys name="RPM Database"
-/usr/bin/smart channel -y \
- --add base type=rpm-md name="Base" baseurl=http://controller:${http_port:-8080}/feed/rel-19.12
-/usr/bin/smart channel -y \
- --add updates type=rpm-md name="Patches" baseurl=http://controller:${http_port:-8080}/updates/rel-19.12
-
-# Configure smart to use rpm --nolinktos option
-/usr/bin/smart config --set rpm-nolinktos=true
-
-# Configure smart to use rpm --nosignature option
-/usr/bin/smart config --set rpm-check-signatures=false
-
-# Delete the CentOS yum repo files
-rm -f /etc/yum.repos.d/CentOS-*
-
-# Persist the boot device naming as UDEV rules so that if the network device
-# order changes post-install that we will still be able to DHCP from the
-# correct interface to reach the active controller. For most nodes only the
-# management/boot interface needs to be persisted but because we require both
-# controllers to be identically configured and controller-0 and controller-1
-# are installed differently (e.g., controller-0 from USB and controller-1 from
-# network) it is not possible to know which interface to persist for
-# controller-0. The simplest solution is to persist all interfaces.
-#
-mkdir -p /etc/udev/rules.d
-echo "# Persisted network interfaces from anaconda installer" > /etc/udev/rules.d/70-persistent-net.rules
-for dir in /sys/class/net/*; do
- if [ -e ${dir}/device ]; then
- dev=$(basename ${dir})
- mac_address=$(cat /sys/class/net/${dev}/address)
- echo "ACTION==\"add\", SUBSYSTEM==\"net\", DRIVERS==\"?*\", ATTR{address}==\"${mac_address}\", NAME=\"${dev}\"" >> /etc/udev/rules.d/70-persistent-net.rules
- fi
-done
-
-# Mark the sysadmin password as expired immediately
-chage -d 0 sysadmin
-
-# Lock the root password
-passwd -l root
-
-# Enable tmpfs mount for /tmp
-# delete /var/tmp so that it can similinked in
-rm -rf /var/tmp
-systemctl enable tmp.mount
-
-# Disable automount of /dev/hugepages
-systemctl mask dev-hugepages.mount
-
-# Disable firewall
-systemctl disable firewalld
-
-# Disable libvirtd
-systemctl disable libvirtd.service
-
-# Enable rsyncd
-systemctl enable rsyncd.service
-
-# Allow root to run sudo from a non-tty (for scripts running as root that run sudo cmds)
-echo 'Defaults:root !requiretty' > /etc/sudoers.d/root
-
-# Make fstab just root read/writable
-chmod 600 /etc/fstab
-
-# Create first_boot flag
-touch /etc/platform/.first_boot
-
-%end
-
-# Template from: post_kernel_aio_and_worker.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-# Update grub with custom kernel bootargs
-source /etc/init.d/cpumap_functions.sh
-n_cpus=$(cat /proc/cpuinfo 2>/dev/null | \
- awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-n_numa=$(ls -d /sys/devices/system/node/node* 2>/dev/null | wc -l)
-KERN_OPTS=" iommu=pt usbcore.autosuspend=-1"
-
-KERN_OPTS="${KERN_OPTS} hugepagesz=2M hugepages=0 default_hugepagesz=2M"
-
-# If this is an all-in-one system, we need at least 4 CPUs
-if [ "$system_type" = "All-in-one" -a ${n_cpus} -lt 4 ]; then
- report_post_failure_with_msg "ERROR: At least 4 CPUs are required for controller+worker node."
-fi
-
-# Add kernel options for cpu isolation / affinity
-if [ ${n_cpus} -gt 1 ]
-then
- base_cpulist=$(platform_expanded_cpu_list)
- base_cpumap=$(cpulist_to_cpumap ${base_cpulist} ${n_cpus})
- avp_cpulist=$(vswitch_expanded_cpu_list)
- norcu_cpumap=$(invert_cpumap ${base_cpumap} ${n_cpus})
- norcu_cpulist=$(cpumap_to_cpulist ${norcu_cpumap} ${n_cpus})
-
- if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} isolcpus=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} nohz_full=${norcu_cpulist}"
- else
- KERN_OPTS="${KERN_OPTS} isolcpus=${avp_cpulist}"
- fi
- KERN_OPTS="${KERN_OPTS} rcu_nocbs=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} kthread_cpus=${base_cpulist}"
- KERN_OPTS="${KERN_OPTS} irqaffinity=${base_cpulist}"
- # Update vswitch.conf
- sed -i "s/^VSWITCH_CPU_LIST=.*/VSWITCH_CPU_LIST=\"${avp_cpulist}\"/" /etc/vswitch/vswitch.conf
-fi
-
-# Add kernel options to ensure an selinux is disabled
-KERN_OPTS="${KERN_OPTS} selinux=0 enforcing=0"
-
-# Add kernel options to set NMI watchdog
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=0 softlockup_panic=0"
-else
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=panic,1 softlockup_panic=1"
-fi
-
-if [[ "$(dmidecode -s system-product-name)" =~ ^ProLiant.*Gen8$ ]]; then
- KERN_OPTS="${KERN_OPTS} intel_iommu=on,eth_no_rmrr"
-else
- KERN_OPTS="${KERN_OPTS} intel_iommu=on"
-fi
-
-# Add kernel option to disable biosdevname if enabled
-# As this may already be in GRUB_CMDLINE_LINUX, only add if it is not already present
-grep -q '^GRUB_CMDLINE_LINUX=.*biosdevname=0' /etc/default/grub
-if [ $? -ne 0 ]; then
- KERN_OPTS="${KERN_OPTS} biosdevname=0"
-fi
-
-# Add kernel options to disable kvm-intel.eptad on Broadwell
-# Broadwell: Model: 79, Model name: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
-if grep -q -E "^model\s+:\s+79$" /proc/cpuinfo
-then
- KERN_OPTS="${KERN_OPTS} kvm-intel.eptad=0"
-fi
-
-# k8s updates:
-#KERN_OPTS="${KERN_OPTS} cgroup_disable=memory"
-KERN_OPTS="${KERN_OPTS} user_namespace.enable=1"
-
-# Add kernel option to avoid jiffies_lock contention on real-time kernel
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} skew_tick=1"
-fi
-
-# If the installer asked us to use security related kernel params, use
-# them in the grub line as well (until they can be configured via puppet)
-grep -q 'nopti' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nopti"
-fi
-grep -q 'nospectre_v2' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nospectre_v2"
-fi
-
-perl -pi -e 's/(GRUB_CMDLINE_LINUX=.*)\"/\1'"$KERN_OPTS"'\"/g' /etc/default/grub
-
-if [ -d /sys/firmware/efi ] ; then
- grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
-else
- grub2-mkconfig -o /boot/grub2/grub.cfg
-fi
-
-%end
-
-
-# Template from: post_lvm_pv_on_rootfs.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# uncomment the global_filter line in lvm.conf
-perl -0777 -i.bak -pe 's:(# This configuration option has an automatic default value\.\n)\t# global_filter:$1 global_filter:m' /etc/lvm/lvm.conf
-
-# Determine which disk we created our PV on (i.e. the root disk)
-ROOTDISK=$(get_by_path $(pvdisplay --select 'vg_name=cgts-vg' -C -o pv_name --noheadings))
-if [ -z "$ROOTDISK" ]; then
- report_post_failure_with_msg "ERROR: failed to identify rootdisk via pvdisplay"
-fi
-# Edit the LVM config so LVM only looks for LVs on the root disk
-sed -i "s#^\( *\)global_filter = \[.*#\1global_filter = [ \"a|${ROOTDISK}|\", \"r|.*|\" ]#" /etc/lvm/lvm.conf
-%end
-
-
-# Template from: post_net_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-http_port=$(get_http_port)
-echo "repo --name=base --baseurl=http://pxecontroller:${http_port:-8080}/feed/rel-19.12/" > /tmp/repo-include
-echo "repo --name=updates --baseurl=http://pxecontroller:${http_port:-8080}/updates/rel-19.12/" > /tmp/repo-include
-
-%end
-
-# Repository arguments from %pre
-%include /tmp/repo-include
-
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Persist the http port to the platform configuration
-echo http_port=$(get_http_port) >> /etc/platform/platform.conf
-
-# Obtain the boot interface from the PXE boot
-BOOTIF=`cat /proc/cmdline |xargs -n1 echo |grep BOOTIF=`
-if [ -d /sys/firmware/efi ] ; then
- BOOTIF=${BOOTIF#BOOTIF=}
-else
- BOOTIF=${BOOTIF#BOOTIF=01-}
- BOOTIF=${BOOTIF//-/:}
-fi
-
-mgmt_dev=none
-mgmt_vlan=0
-if [ -n "$BOOTIF" ] ; then
- ndev=`ip link show |grep -B 1 $BOOTIF |head -1 |awk '{print $2}' |sed -e 's/://'`
- if [ -n "$ndev" ] ; then
- mgmt_dev=$ndev
- # Retrieve the management VLAN from sysinv if it exists
- mgmt_vlan=`curl -sf http://pxecontroller:6385/v1/isystems/mgmtvlan`
- if [ $? -ne 0 ]
- then
- report_post_failure_with_msg "ERROR: Unable to communicate with System Inventory REST API. Aborting installation."
- fi
- else
- report_post_failure_with_msg "ERROR: Unable to determine mgmt interface from BOOTIF=$BOOTIF."
- fi
-else
- report_post_failure_with_msg "ERROR: BOOTIF is not set. Unable to determine mgmt interface."
-fi
-
-if [ $mgmt_vlan -eq 0 ] ; then
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=$mgmt_dev >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=dhcp
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
-else
-
- # Check whether to use inet or inet6
- ipv6_addr=$(dig +short AAAA controller)
- if [[ -n "$ipv6_addr" ]]
- then
- mgmt_address_family=inet6
- ipv6init=yes
- dhcpv6c=yes
- dhclientargs=-1
- else
- mgmt_address_family=inet
- ipv6init=no
- dhcpv6c=no
- dhclientargs=
- fi
-
- # Persist the boot device to the platform configuration. This will get
- # overwritten later if the management_interface is on a bonded interface.
- echo management_interface=vlan$mgmt_vlan >> /etc/platform/platform.conf
-
- # Build networking scripts
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$mgmt_dev
-DEVICE=$mgmt_dev
-BOOTPROTO=none
-ONBOOT=yes
-IPV6_AUTOCONF=no
-LINKDELAY=20
-EOF
-
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-vlan$mgmt_vlan
-DEVICE=vlan$mgmt_vlan
-BOOTPROTO=dhcp
-DHCLIENTARGS=$dhclientargs
-IPV6INIT=$ipv6init
-DHCPV6C=$dhcpv6c
-ONBOOT=yes
-IPV6_AUTOCONF=no
-PHYSDEV=$mgmt_dev
-VLAN=yes
-LINKDELAY=20
-EOF
-
- # Reject DHCPOFFER from DHCP server that doesn't send
- # wrs-install-uuid option
- echo "require wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
- echo "require dhcp6.wrs-install-uuid;" >>/etc/dhcp/dhclient.conf
-
- # Bring up the mgmt vlan so that a dhcp lease is acquired and an address is
- # setup prior to the post-install reboot. This is so that the timing of the IP
- # address allocation is similar to how normal/non-pxe installation works.
- mgmt_iface=vlan$mgmt_vlan
- dhclient_family=$([[ $mgmt_address_family == "inet" ]] && echo -4 || echo -6)
- ip link add link $mgmt_dev name $mgmt_iface type vlan id $mgmt_vlan
- ip link set up dev $mgmt_iface
- dhclient $dhclient_family $mgmt_iface || true
-
-fi
-
-%end
+++ /dev/null
-%pre
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-%post
-# This file defines functions that can be used in %pre and %post kickstart sections, by including:
-# . /tmp/ks-functions.sh
-#
-
-cat <<END_FUNCTIONS >/tmp/ks-functions.sh
-#
-# Copyright (c) 2019 Wind River Systems, Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-#
-
-function get_by_path()
-{
- local disk=\$(cd /dev ; readlink -f \$1)
- for p in /dev/disk/by-path/*; do
- if [ "\$disk" = "\$(readlink -f \$p)" ]; then
- echo \$p
- return
- fi
- done
-}
-
-function get_disk()
-{
- echo \$(cd /dev ; readlink -f \$1)
-}
-
-function report_pre_failure_with_msg()
-{
- local msg=\$1
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_msg()
-{
- local msg=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-\$msg
-
-EOF
- echo "\$msg" >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- echo "\$msg"
-
- exit 1
-}
-
-function report_post_failure_with_logfile()
-{
- local logfile=\$1
- cat <<EOF >> /etc/motd
-
-Installation failed.
-Please see \$logfile for details of failure
-
-EOF
- echo \$logfile >/etc/platform/installation_failed
-
- echo -e '\n\nInstallation failed.\n'
- cat \$logfile
-
- exit 1
-}
-
-function get_http_port()
-{
- echo \$(cat /proc/cmdline |xargs -n1 echo |grep '^inst.repo=' | sed -r 's#^[^/]*://[^/]*:([0-9]*)/.*#\1#')
-}
-
-END_FUNCTIONS
-
-%end
-
-# Template from: pre_common_head.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-append=
-if [ -n "$console" ] ; then
- append="console=$console"
-fi
-
-if [ -n "$security_profile" ]; then
- append="$append security_profile=$security_profile"
-fi
-
-#### SECURITY PROFILE HANDLING (Pre Installation) ####
-if [ -n "$security_profile" ] && [ "$security_profile" == "extended" ]; then
- # IMA specific boot options:
- # Enable Kernel auditing
- append="$append audit=1"
-else
- # we need to blacklist the IMA and Integrity Modules
- # on standard security profile
- append="$append module_blacklist=integrity,ima"
-
- # Disable Kernel auditing in Standard Security Profile mode
- append="$append audit=0"
-fi
-
-if [ -n "$tboot" ]; then
- append="$append tboot=$tboot"
-else
- append="$append tboot=false"
-fi
-
-boot_device_arg=
-if [ -n "$boot_device" ] ; then
- boot_device_arg="--boot-drive=$(get_by_path $boot_device)"
-fi
-
-echo "bootloader --location=mbr $boot_device_arg --timeout=5 --append=\"$append\"" > /tmp/bootloader-include
-
-echo "timezone --nontp --utc UTC" >/tmp/timezone-include
-%end
-
-##############################################################
-# pre script for poky-stx
-##############################################################
-%pre
-mkdir -p /run/install/repo
-cp installer-config/* /run/install/repo/
-rm -f /run/install/repo/Packages
-ln -sf /Packages /run/install/repo/Packages
-%end
-
-##############################################################
-# Main kickstart
-##############################################################
-#version=DEVEL
-install
-lang en_US.UTF-8
-keyboard us
-
-# System timezone
-%include /tmp/timezone-include
-
-# Root password
-rootpw --iscrypted $6$ArDcm/wSNLJLT2OP$QdWX6kMUgBVsiibukLBLtLfRDVz0n49BQ1svT7hPEQJASvKnqkEL5zc5kqUMMzXzLrj80z6YX9DmYTD0Ysxn.1
-
-selinux --disabled
-authconfig --enableshadow --passalgo=sha512
-firewall --service=ssh
-
-# Use text mode install
-text
-
-# Use CDROM installation media
-cdrom
-
-# Run the Setup Agent on first boot
-firstboot --enable
-
-# System services
-services --enabled="lvm2-monitor.service"
-
-# Do not configure the X Window System
-skipx
-
-# The following is the partition information you requested
-# Note that any partitions you deleted are not expressed
-# here so unless you clear all partitions first, this is
-# not guaranteed to work
-zerombr
-
-# Disk layout from %pre
-%include /tmp/part-include
-
-# Bootloader parms from %pre
-%include /tmp/bootloader-include
-
-#reboot --eject
-
-%packages
-#@^stx-image-aio
-%end
-
-################################################################
-# End of Main
-################################################################
-
-# Template from: pre_disk_setup_common.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# This is a really fancy way of finding the first usable disk for the
-# install and not stomping on the USB device if it comes up first
-
-# First, parse /proc/cmdline to find the boot args
-set -- `cat /proc/cmdline`
-for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
-
-# Find either the ISO or USB device first chopping off partition
-ISO_DEV=`readlink /dev/disk/by-label/oe_iso_boot`
-sdev=`echo $ISO_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- ISO_DEV=$sdev
-fi
-USB_DEV=`readlink /dev/disk/by-label/wr_usb_boot`
-sdev=`echo $USB_DEV | sed -e 's/.$//'`
-if [ -e /dev/disk/by-label/$sdev ] ; then
- USB_DEV=$sdev
-fi
-
-# Temporary, until lab pxelinux.cfg files are updated to specify install devices
-if [ -z "$rootfs_device" -o -z "$boot_device" ]
-then
- INST_HDD=""
- # Prefer a vd* device if this is kvm/qemu
- for e in vda vdb sda sdb nvme0n1; do
- if [ -e /dev/$e -a "$ISO_DEV" != "../../$e" -a "$USB_DEV" != "../../$e" ] ; then
- INST_HDD=$e
- break
- fi
- done
-
- # Set variables to $INST_HDD if not set
- rootfs_device=${rootfs_device:-$INST_HDD}
- boot_device=${boot_device:-$INST_HDD}
-fi
-
-# Convert to by-path
-orig_rootfs_device=$rootfs_device
-rootfs_device=$(get_by_path $rootfs_device)
-
-orig_boot_device=$boot_device
-boot_device=$(get_by_path $boot_device)
-
-if [ ! -e "$rootfs_device" -o ! -e "$boot_device" ] ; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is invalid."
-fi
-
-# Ensure specified device is not a USB drive
-udevadm info --query=property --name=$rootfs_device |grep -q '^ID_BUS=usb' || \
- udevadm info --query=property --name=$boot_device |grep -q '^ID_BUS=usb'
-if [ $? -eq 0 ]; then
- # Touch this file to prevent Anaconda from dying an ungraceful death
- touch /tmp/part-include
-
- report_pre_failure_with_msg "ERROR: Specified installation ($orig_rootfs_device) or boot ($orig_boot_device) device is a USB drive."
-fi
-
-# Deactivate existing volume groups to avoid Anaconda issues with pre-existing groups
-vgs --noheadings -o vg_name | xargs --no-run-if-empty -n 1 vgchange -an
-
-# Remove volumes and group for cgts-vg, if any
-lvremove --force cgts-vg
-pvs --select 'vg_name=cgts-vg' --noheadings -o pv_name | xargs --no-run-if-empty pvremove --force --force --yes
-vgs --select 'vg_name=cgts-vg' --noheadings -o vg_name | xargs --no-run-if-empty vgremove --force
-
-ONLYUSE_HDD=""
-if [ "$(curl -sf http://pxecontroller:6385/v1/upgrade/$(hostname)/in_upgrade 2>/dev/null)" = "true" ]; then
- # In an upgrade, only wipe the disk with the rootfs and boot partition
- echo "In upgrade, wiping only $rootfs_device"
- WIPE_HDD="$(get_disk $rootfs_device)"
- ONLYUSE_HDD="$(basename $(get_disk $rootfs_device))"
- if [ "$(get_disk $rootfs_device)" != "$(get_disk $boot_device)" ]; then
- WIPE_HDD="$WIPE_HDD,$(get_disk $boot_device)"
- ONLYUSE_HDD="$ONLYUSE_HDD,$(basename $(get_disk $boot_device))"
- fi
-else
- # Make a list of all the hard drives that are to be wiped
- WIPE_HDD=""
- # Partition type OSD has a unique globally identifier
- part_type_guid_str="Partition GUID code"
- CEPH_OSD_GUID="4FBD7E29-9D25-41B8-AFD0-062C0CEFF05D"
-
- # Check if we wipe OSDs
- if [ "$(curl -sf http://pxecontroller:6385/v1/ihosts/wipe_osds 2>/dev/null)" = "true" ]; then
- echo "Wipe OSD data."
- WIPE_CEPH_OSDS="true"
- else
- echo "Skip Ceph OSD data wipe."
- WIPE_CEPH_OSDS="false"
- fi
-
- for f in /dev/disk/by-path/*
- do
- dev=$(readlink -f $f)
- lsblk --nodeps --pairs $dev | grep -q 'TYPE="disk"'
- if [ $? -ne 0 ]
- then
- continue
- fi
-
- # Avoid wiping USB drives
- udevadm info --query=property --name=$dev |grep -q '^ID_BUS=usb' && continue
-
- # Avoid wiping ceph osds if sysinv tells us so
- if [ ${WIPE_CEPH_OSDS} == "false" ]; then
- wipe_dev="true"
- part_numbers=( `parted -s $dev print | awk '$1 == "Number" {i=1; next}; i {print $1}'` )
- # Scanning the partitions looking for CEPH OSDs and
- # skipping any disk found with such partitions
- for part_number in "${part_numbers[@]}"; do
- sgdisk_part_info=$(flock $dev sgdisk -i $part_number $dev)
- part_type_guid=$(echo "$sgdisk_part_info" | grep "$part_type_guid_str" | awk '{print $4;}')
- if [ "$part_type_guid" == $CEPH_OSD_GUID ]; then
- echo "OSD found on $dev, skipping wipe"
- wipe_dev="false"
- break
- fi
- done
- if [ "$wipe_dev" == "false" ]; then
- continue
- fi
- fi
-
- # Add device to the wipe list
- devname=$(basename $dev)
- if [ -e $dev -a "$ISO_DEV" != "../../$devname" -a "$USB_DEV" != "../../$devname" ]; then
- if [ -n "$WIPE_HDD" ]; then
- WIPE_HDD=$WIPE_HDD,$dev
- else
- WIPE_HDD=$dev
- fi
- fi
- done
- echo "Not in upgrade, wiping disks: $WIPE_HDD"
-fi
-
-for dev in ${WIPE_HDD//,/ }
-do
- # Clearing previous GPT tables or LVM data
- # Delete the first few bytes at the start and end of the partition. This is required with
- # GPT partitions, they save partition info at the start and the end of the block.
- # Do this for each partition on the disk, as well.
- partitions=$(lsblk -rip $dev -o TYPE,NAME |awk '$1 == "part" {print $2}')
- for p in $partitions $dev
- do
- echo "Pre-wiping $p from kickstart"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
- done
-done
-
-# Check for remaining cgts-vg PVs, which could potentially happen
-# in an upgrade where we're not wiping all disks.
-# If we ever create other volume groups from kickstart in the future,
-# include them in this search as well.
-partitions=$(pvs --select 'vg_name=cgts-vg' -o pv_name --noheading | grep -v '\[unknown\]')
-for p in $partitions
-do
- echo "Pre-wiping $p from kickstart (cgts-vg present)"
- dd if=/dev/zero of=$p bs=512 count=34
- dd if=/dev/zero of=$p bs=512 count=34 seek=$((`blockdev --getsz $p` - 34))
-done
-
-let -i gb=1024*1024*1024
-
-cat<<EOF>/tmp/part-include
-clearpart --all --drives=$WIPE_HDD --initlabel
-EOF
-
-if [ -n "$ONLYUSE_HDD" ]; then
- cat<<EOF>>/tmp/part-include
-ignoredisk --only-use=$ONLYUSE_HDD
-EOF
-fi
-
-if [ -d /sys/firmware/efi ] ; then
- cat<<EOF>>/tmp/part-include
-part /boot/efi --fstype=efi --size=300 --ondrive=$(get_disk $boot_device)
-EOF
-else
- cat<<EOF>>/tmp/part-include
-part biosboot --asprimary --fstype=biosboot --size=1 --ondrive=$(get_disk $boot_device)
-EOF
-fi
-
-
-# Template from: pre_disk_aio.cfg
-
-## NOTE: updates to partition sizes need to be also reflected in
-## - stx-config/.../sysinv/conductor/manager.py:create_controller_filesystems()
-## - stx-config/.../sysinv/common/constants.py
-##
-## NOTE: When adding partitions, we currently have a max of 4 primary partitions.
-## If more than 4 partitions are required, we can use a max of 3 --asprimary,
-## to allow 1 primary logical partition with extended partitions
-##
-## NOTE: Max default PV size must align with the default controllerfs sizes
-##
-## BACKUP_OVERHEAD = 20
-##
-## Physical install (for disks over 240GB)
-## - DB size is doubled to allow for upgrades
-##
-## DEFAULT_IMAGE_STOR_SIZE = 10
-## DEFAULT_DATABASE_STOR_SIZE = 20
-## DEFAULT_IMG_CONVERSION_STOR_SIZE = 20
-## BACKUP = DEFAULT_DATABASE_STOR_SIZE + DEFAULT_IMAGE_STOR_SIZE
-## + BACKUP_OVERHEAD = 50
-## LOG_VOL_SIZE = 8192
-## SCRATCH_VOL_SIZE = 8192
-## RABBIT = 2048
-## PLATFORM = 2048
-## ANCHOR = 1024
-## EXTENSION = 1024
-## GNOCCHI = 5120
-## DOCKER = 30720
-## DOCKER_DIST = 16384
-## ETCD = 5120
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-## CGCS_PV_SIZE = 10240 + 2*20480 + 20480 + 51200 + 8196 + 8196 + 2048 +
-## 2048 + 1024 + 1024 + 5120 + 30720 + 16384 + 5120 +
-## 20480 + 10240 + 16 = 233496
-##
-## small install - (for disks below 240GB)
-## - DB size is doubled to allow for upgrades
-##
-## DEFAULT_SMALL_IMAGE_STOR_SIZE = 10
-## DEFAULT_SMALL_DATABASE_STOR_SIZE = 10
-## DEFAULT_SMALL_IMG_CONVERSION_STOR_SIZE = 10
-## DEFAULT_SMALL_BACKUP_STOR_SIZE = 40
-##
-## LOG_VOL_SIZE = 8192
-## SCRATCH_VOL_SIZE = 8192
-## RABBIT = 2048
-## PLATFORM = 2048
-## ANCHOR = 1024
-## EXTENSION = 1024
-## GNOCCHI = 5120
-## DOCKER = 30720
-## DOCKER_DIST = 16384
-## ETCD = 5120
-## CEPH_MON = 20480
-## KUBELET_VOL_SIZE = 10240
-## RESERVED_PE = 16 (based on pesize=32768)
-##
-##
-## CGCS_PV_SIZE = 10240 + 2*10240 + 10240 + 40960 + 8192 + 8192 + 2048 +
-## 2048 + 1024 + 1024 + 5120 + 30720 + 16384 + 5120 +
-## 20480 + 10240 + 16 = 192528
-##
-## NOTE: To maintain upgrade compatability within the volume group, keep the
-## undersized LOG_VOL_SIZE and SCRATCH_VOL_SIZE, but size the minimally size
-## physical volume correctly.
-##
-## R4 AIO installations:
-## - R4 (case #1): /boot (0.5G), / (20G),
-## cgts-vg PV (239G), /local_pv (239G)
-## - R4 (case #2): /boot (0.5G), / (20G),
-## cgts-vg PV (239G), cgts-vg (239G)
-##
-## Upgrade migration will start with R5 install and create a partition to align
-## above so filesystems within the volume group will be able to maintain their
-## sizes in R5
-## - R5 install : /boot (0.5G), / (20G),
-## cgts-vg PV (142G), un-partitioned (336G)
-## - R5 (case #1): /boot (0.5G), / (20G),
-## cgts-vg PV (142G), cgts-vg PV (97G), unpartitioned (239G)
-## - R5 (case #2): /boot (0.5G), / (20G),
-## cgts-vg PV (142G), cgts-vg PV (336G)
-##
-
-sz=$(blockdev --getsize64 $(get_disk $rootfs_device))
-if [ $sz -le $((240*$gb)) ] ; then
- # Round CGCS_PV_SIZE to the closest upper value that can be divided by 1024.
- # 192528/1024=188.01. CGCS_PV_SIZE=189*1024=193536. Using a disk with a
- # size under 189GiB will fail.
- CGCS_PV_SIZE=193536
-else
- # Round CGCS_PV_SIZE to the closest upper value that can be divided by 1024.
- # 233496/1024=228.02. CGCS_PV_SIZE=229*1024=234496.
- CGCS_PV_SIZE=234496
-fi
-
-ROOTFS_SIZE=20000
-LOG_VOL_SIZE=8000
-SCRATCH_VOL_SIZE=8000
-
-ROOTFS_OPTIONS="defaults"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- # Enable iversion labelling for rootfs when IMA is enabled
- ROOTFS_OPTIONS="${ROOTFS_OPTIONS},iversion"
-fi
-
-cat<<EOF>>/tmp/part-include
-part /boot --fstype=ext4 --asprimary --size=500 --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-part pv.253004 --grow --size=500 --maxsize=$CGCS_PV_SIZE --ondrive=$(get_disk $rootfs_device)
-volgroup cgts-vg --pesize=32768 pv.253004
-logvol /var/log --fstype=ext4 --vgname=cgts-vg --size=$LOG_VOL_SIZE --name=log-lv
-logvol /scratch --fstype=ext4 --vgname=cgts-vg --size=$SCRATCH_VOL_SIZE --name=scratch-lv
-part / --fstype=ext4 --asprimary --size=$ROOTFS_SIZE --ondrive=$(get_disk $rootfs_device) --fsoptions="$ROOTFS_OPTIONS"
-EOF
-
-%end
-
-
-# Template from: post_platform_conf_aio.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Set the security profile mode
-secprofile="standard"
-profile_mode=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$profile_mode" ]; then
- secprofile="extended"
-fi
-
-mkdir -p -m 0775 /etc/platform
-cat <<EOF > /etc/platform/platform.conf
-nodetype=controller
-subfunction=controller,worker
-system_type=All-in-one
-security_profile=$secprofile
-EOF
-
-%end
-
-######################################
-# workarounds or fixes for poky-stx
-######################################
-%post --erroronfail
-
-# Add extra users and groups
-SYSADMIN_P="4SuW8cnXFyxsk"
-groupadd -f -g 345 sys_protected
-useradd -m -g sys_protected -G root -d /home/sysadmin -p ${SYSADMIN_P} -s /bin/sh sysadmin
-
-groupadd -r -g 128 nscd
-useradd -M -o -r -d / -s /sbin/nologin -c 'NSCD Daemon' -u 28 -g nscd nscd
-
-useradd -p '' patching
-groupadd patching
-usermod -a -G patching patching
-
-useradd -p '' nfv
-groupadd nfv
-usermod -a -G nfv nfv
-
-usermod -a -G sys_protected sysadmin
-usermod -a -G sys_protected sysinv
-usermod -a -G sys_protected www
-usermod -a -G sys_protected nfv
-usermod -a -G sys_protected patching
-usermod -a -G sys_protected haproxy
-usermod -a -G snmpd fm
-usermod -P root root
-
-# Extend path variable for sysadmin
-echo 'PATH=/sbin:/usr/sbin:$PATH' >> /home/sysadmin/.bashrc
-chown sysadmin:sys_protected /home/sysadmin/.bashrc
-
-# Avoid duplicate with systemd-fstab-generator
-sed -i "s|\(^.*/dev/root\)|#\1|" /etc/fstab
-
-%end
-
-%post --nochroot
-# installer images for pxe-network-installer
-mkdir -p /mnt/sysimage/pxeboot/rel-19.12
-cp -P /boot/installer-initrd* /mnt/sysimage/pxeboot/rel-19.12/
-cp /boot/bzImage /mnt/sysimage/pxeboot/rel-19.12/installer-bzImage_1.0
-ln -s installer-bzImage_1.0 /mnt/sysimage/pxeboot/rel-19.12/installer-bzImage
-
-if [ -f /media/realroot/efi.img ]; then
- cp /media/realroot/efi.img /mnt/sysimage/pxeboot/rel-19.12/efiboot.img
-fi
-
-%end
-
-
-# Template from: post_common.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Turn off locale support for i18n if is not installed
-if [ ! -d /usr/share/i18n ] ; then
- rm -f /etc/sysconfig/i18n
-fi
-# Unset the hostname
-rm /etc/hostname
-
-# If using a serial install make sure to add a getty on the tty1
-conarg=`cat /proc/cmdline |xargs -n1 echo |grep console= |grep ttyS`
-if [ -n "$conarg" ] ; then
- echo "1:2345:respawn:/sbin/mingetty tty1" >> /etc/inittab
-fi
-
-#### SECURITY PROFILE HANDLING (Post Installation) ####
-# Check if the Security profile mode is enabled
-# and load the appropriate kernel modules
-secprofile=`cat /proc/cmdline |xargs -n1 echo |grep security_profile= | grep extended`
-if [ -n "$secprofile" ]; then
- echo "In Extended Security profile mode. Loading IMA kernel module"
- systemctl enable auditd.service
- # Add the securityfs mount for the IMA Runtime measurement list
- echo "securityfs /sys/kernel/security securityfs defaults,nodev 0 0" >> /etc/fstab
-else
- # Disable audit daemon in the Standard Security Profile
- systemctl disable auditd
-fi
-
-. /etc/platform/platform.conf
-
-# Delete the CentOS yum repo files
-rm -f /etc/yum.repos.d/CentOS-*
-
-# Create platform yum repo file
-mkdir -p /etc/yum.repos.d
-cat >/etc/yum.repos.d/platform.repo <<EOF
-[platform-base]
-name=platform-base
-baseurl=http://controller:${http_port:-8080}/feed/rel-19.12
-gpgcheck=0
-enabled=1
-
-[platform-updates]
-name=platform-updates
-baseurl=http://controller:${http_port:-8080}/updates/rel-19.12
-gpgcheck=0
-enabled=1
-EOF
-
-# Persist the boot device naming as UDEV rules so that if the network device
-# order changes post-install that we will still be able to DHCP from the
-# correct interface to reach the active controller. For most nodes only the
-# management/boot interface needs to be persisted but because we require both
-# controllers to be identically configured and controller-0 and controller-1
-# are installed differently (e.g., controller-0 from USB and controller-1 from
-# network) it is not possible to know which interface to persist for
-# controller-0. The simplest solution is to persist all interfaces.
-#
-mkdir -p /etc/udev/rules.d
-echo "# Persisted network interfaces from anaconda installer" > /etc/udev/rules.d/70-persistent-net.rules
-for dir in /sys/class/net/*; do
- if [ -e ${dir}/device ]; then
- dev=$(basename ${dir})
- mac_address=$(cat /sys/class/net/${dev}/address)
- echo "ACTION==\"add\", SUBSYSTEM==\"net\", DRIVERS==\"?*\", ATTR{address}==\"${mac_address}\", NAME=\"${dev}\"" >> /etc/udev/rules.d/70-persistent-net.rules
- fi
-done
-
-# Mark the sysadmin password as expired immediately
-chage -d 0 sysadmin
-
-# Lock the root password
-#passwd -l root
-
-# Enable tmpfs mount for /tmp
-# delete /var/tmp so that it can similinked in
-rm -rf /var/tmp
-systemctl enable tmp.mount
-
-# Disable firewall
-systemctl disable firewalld
-
-# Disable libvirtd
-systemctl disable libvirtd.service
-
-# Enable rsyncd
-systemctl enable rsyncd.service
-
-# Allow root to run sudo from a non-tty (for scripts running as root that run sudo cmds)
-echo 'Defaults:root !requiretty' > /etc/sudoers.d/root
-
-# Make fstab just root read/writable
-chmod 600 /etc/fstab
-
-# Create first_boot flag
-touch /etc/platform/.first_boot
-
-%end
-
-# Template from: post_kernel_aio_and_worker.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-# Update grub with custom kernel bootargs
-source /etc/init.d/cpumap_functions.sh
-n_cpus=$(cat /proc/cpuinfo 2>/dev/null | \
- awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-n_numa=$(ls -d /sys/devices/system/node/node* 2>/dev/null | wc -l)
-KERN_OPTS=" iommu=pt usbcore.autosuspend=-1"
-
-KERN_OPTS="${KERN_OPTS} hugepagesz=2M hugepages=0 default_hugepagesz=2M"
-
-# If this is an all-in-one system, we need at least 4 CPUs
-if [ "$system_type" = "All-in-one" -a ${n_cpus} -lt 4 ]; then
- report_post_failure_with_msg "ERROR: At least 4 CPUs are required for controller+worker node."
-fi
-
-# Add kernel options for cpu isolation / affinity
-if [ ${n_cpus} -gt 1 ]
-then
- base_cpulist=$(platform_expanded_cpu_list)
- base_cpumap=$(cpulist_to_cpumap ${base_cpulist} ${n_cpus})
- avp_cpulist=$(vswitch_expanded_cpu_list)
- norcu_cpumap=$(invert_cpumap ${base_cpumap} ${n_cpus})
- norcu_cpulist=$(cpumap_to_cpulist ${norcu_cpumap} ${n_cpus})
-
- if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} isolcpus=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} nohz_full=${norcu_cpulist}"
- else
- KERN_OPTS="${KERN_OPTS} isolcpus=${avp_cpulist}"
- fi
- KERN_OPTS="${KERN_OPTS} rcu_nocbs=${norcu_cpulist}"
- KERN_OPTS="${KERN_OPTS} kthread_cpus=${base_cpulist}"
- KERN_OPTS="${KERN_OPTS} irqaffinity=${base_cpulist}"
- # Update vswitch.conf
- sed -i "s/^VSWITCH_CPU_LIST=.*/VSWITCH_CPU_LIST=\"${avp_cpulist}\"/" /etc/vswitch/vswitch.conf
-fi
-
-# Add kernel options to ensure an selinux is disabled
-KERN_OPTS="${KERN_OPTS} selinux=0 enforcing=0"
-
-# Add kernel options to set NMI watchdog
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=0 softlockup_panic=0"
-else
- KERN_OPTS="${KERN_OPTS} nmi_watchdog=panic,1 softlockup_panic=1"
-fi
-
-if [[ "$(dmidecode -s system-product-name)" =~ ^ProLiant.*Gen8$ ]]; then
- KERN_OPTS="${KERN_OPTS} intel_iommu=on,eth_no_rmrr"
-else
- KERN_OPTS="${KERN_OPTS} intel_iommu=on"
-fi
-
-# Add kernel option to disable biosdevname if enabled
-# As this may already be in GRUB_CMDLINE_LINUX, only add if it is not already present
-grep -q '^GRUB_CMDLINE_LINUX=.*biosdevname=0' /etc/default/grub
-if [ $? -ne 0 ]; then
- KERN_OPTS="${KERN_OPTS} biosdevname=0"
-fi
-
-# Add kernel options to disable kvm-intel.eptad on Broadwell
-# Broadwell: Model: 79, Model name: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
-if grep -q -E "^model\s+:\s+79$" /proc/cpuinfo
-then
- KERN_OPTS="${KERN_OPTS} kvm-intel.eptad=0"
-fi
-
-# k8s updates:
-#KERN_OPTS="${KERN_OPTS} cgroup_disable=memory"
-KERN_OPTS="${KERN_OPTS} user_namespace.enable=1"
-
-# Add kernel option to avoid jiffies_lock contention on real-time kernel
-if [[ "$subfunction" =~ lowlatency ]]; then
- KERN_OPTS="${KERN_OPTS} skew_tick=1"
-fi
-
-# If the installer asked us to use security related kernel params, use
-# them in the grub line as well (until they can be configured via puppet)
-grep -q 'nopti' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nopti"
-fi
-grep -q 'nospectre_v2' /proc/cmdline
-if [ $? -eq 0 ]; then
- KERN_OPTS="${KERN_OPTS} nospectre_v2"
-fi
-
-perl -pi -e 's/(GRUB_CMDLINE_LINUX=.*)\"/\1'"$KERN_OPTS"'\"/g' /etc/default/grub
-
-if [ -d /sys/firmware/efi ] ; then
- grub-mkconfig -o /boot/efi/EFI/centos/grub.cfg
-else
- grub-mkconfig -o /boot/grub/grub.cfg
-fi
-
-%end
-
-
-# Template from: post_lvm_pv_on_rootfs.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# uncomment the global_filter line in lvm.conf
-perl -0777 -i.bak -pe 's:(# This configuration option has an automatic default value\.\n)\t# global_filter:$1 global_filter:m' /etc/lvm/lvm.conf
-
-# Determine which disk we created our PV on (i.e. the root disk)
-ROOTDISK=$(get_by_path $(pvdisplay --select 'vg_name=cgts-vg' -C -o pv_name --noheadings))
-if [ -z "$ROOTDISK" ]; then
- report_post_failure_with_msg "ERROR: failed to identify rootdisk via pvdisplay"
-fi
-# Edit the LVM config so LVM only looks for LVs on the root disk
-sed -i "s#^\( *\)global_filter = \[.*#\1global_filter = [ \"a|${ROOTDISK}|\", \"r|.*|\" ]#" /etc/lvm/lvm.conf
-%end
-
-
-# Template from: post_system_aio.cfg
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-# Source the generated platform.conf
-. /etc/platform/platform.conf
-
-## Reserve more memory for base processes since the controller has higher
-## memory requirements but cap it to better handle systems with large
-## amounts of memory
-TOTALMEM=$(grep MemTotal /proc/meminfo | awk '{print int($2/1024)}')
-
-if [ -e /sys/devices/system/node/node0 ]; then
- RESERVEDMEM=$(grep MemTotal /sys/devices/system/node/node0/meminfo | awk '{printf "%d\n", $4/1024}')
-else
- RESERVEDMEM=$(grep MemTotal /proc/meminfo | awk '{print int($2/1024/4)}')
-fi
-
-if [ ${RESERVEDMEM} -lt 6144 ]; then
- RESERVEDMEM=6144
-elif [ ${RESERVEDMEM} -gt 14500 ]; then
- RESERVEDMEM=14500
-elif [ ${RESERVEDMEM} -gt 8192 ]; then
- RESERVEDMEM=8192
-fi
-
-sed -i -e "s#\(WORKER_BASE_RESERVED\)=.*#\1=(\"node0:${RESERVEDMEM}MB:1\" \"node1:2000MB:0\" \"node2:2000MB:0\" \"node3:2000MB:0\")#g" /etc/platform/worker_reserved.conf
-
-# Update WORKER_CPU_LIST
-N_CPUS=$(cat /proc/cpuinfo 2>/dev/null | awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
-sed -i "s/^WORKER_CPU_LIST=.*/WORKER_CPU_LIST=\"0-$((N_CPUS-1))\"/" /etc/platform/worker_reserved.conf
-
-%end
-
-
-# Template from: post_usb_controller.cfg
-%pre --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-touch /tmp/repo-include
-
-if [ -d ${srcdir}/patches ]; then
- echo "repo --name=updates --baseurl=file://${srcdir}/patches/" > /tmp/repo-include
-fi
-
-%end
-
-# Repository arguments from %pre
-%include /tmp/repo-include
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-mgmt_dev=none
-
-# Persist the boot device to the platform configuration. This will get
-# overwritten when config_controller is run.
-echo management_interface=$mgmt_dev >> /etc/platform/platform.conf
-
-# persist the default http port number to platform configuration. This
-# will get overwritten when config_controller is run.
-echo http_port=8080 >> /etc/platform/platform.conf
-
-# Build networking scripts
-cat << EOF > /etc/sysconfig/network-scripts/ifcfg-lo
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-BROADCAST=127.255.255.255
-ONBOOT=yes
-IPV6_AUTOCONF=no
-NAME=loopback
-EOF
-
-%end
-
-
-# Note, this section is different and replaced with a wget
-# if doing the initial install off the network
-%post --nochroot
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-if [ -d $srcdir/Packages ] ; then
- mkdir -p /mnt/sysimage/www/pages/feed/rel-19.12
- cp -r $srcdir/Packages/* /mnt/sysimage/www/pages/feed/rel-19.12/
- cp $srcdir/*.cfg /mnt/sysimage/www/pages/feed/rel-19.12
-fi
-
-if [ -d $srcdir/patches ]; then
- mkdir -p /mnt/sysimage/www/pages/updates/rel-19.12
- cp -r $srcdir/patches/Packages /mnt/sysimage/www/pages/updates/rel-19.12/Packages
- cp -r $srcdir/patches/repodata /mnt/sysimage/www/pages/updates/rel-19.12/repodata
- mkdir -p /mnt/sysimage/opt/patching
- cp -r $srcdir/patches/metadata /mnt/sysimage/opt/patching/metadata
- mkdir -p /mnt/sysimage/opt/patching/packages/19.12
-
- find /mnt/sysimage/www/pages/updates/rel-19.12/Packages -name '*.rpm' \
- | xargs --no-run-if-empty -I files cp --preserve=all files /mnt/sysimage/opt/patching/packages/19.12/
-fi
-
-# Create a uuid specific to this installation
-INSTALL_UUID=`uuidgen`
-echo $INSTALL_UUID > /mnt/sysimage/www/pages/feed/rel-19.12/install_uuid
-echo "INSTALL_UUID=$INSTALL_UUID" >> /mnt/sysimage/etc/platform/platform.conf
-%end
-
-%post
-
-# This is a USB install, so set ONBOOT=yes for network devices.
-# Doing this in the %post so we don't unintentionally setup a
-# network device during the installation.
-for f in /etc/sysconfig/network-scripts/ifcfg-*; do
- if grep -q '^ONBOOT=' ${f}; then
- sed -i 's/^ONBOOT=.*/ONBOOT=yes/' ${f}
- else
- echo "ONBOOT=yes" >> ${f}
- fi
- if grep -q '^IPV6_AUTOCONF=' ${f}; then
- sed -i 's/^IPV6_AUTOCONF=.*/IPV6_AUTOCONF=no/' ${f}
- else
- echo "IPV6_AUTOCONF=no" >> ${f}
- fi
-done
-
-%end
-
-
-# Template from: post_usb_addon.cfg
-%pre --erroronfail
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-if [ -f ${srcdir}/ks-addon.cfg ]; then
- cp ${srcdir}/ks-addon.cfg /tmp/
-else
- cat <<EOF > /tmp/ks-addon.cfg
-# No custom addon included
-EOF
-fi
-%end
-
-%post --nochroot
-if [ -d /mnt/install/source ]; then
- srcdir=/mnt/install/source
-else
- srcdir=/run/install/repo
-fi
-
-# Store the ks-addon.cfg for debugging
-mkdir -p /mnt/sysimage/var/log/anaconda
-cp /tmp/ks-addon.cfg /mnt/sysimage/var/log/anaconda/
-%end
-
-%post --erroronfail
-
-# Source common functions
-. /tmp/ks-functions.sh
-
-%include /tmp/ks-addon.cfg
-
-%end
inherit core-image stx-anaconda-image
-KICKSTART_FILE ?= "${LAYER_PATH_meta-stx}/conf/distro/files/ks/poky_stx_aio_ks.cfg"
+DEFAULT_KICKSTART ?= "smallsystem_lowlatency_ks.cfg"
+STX_KICKSTART_DIR ?= "${INSTALLER_TARGET_BUILD}/tmp/deploy/images/${MACHINE}/stx-kickstarts/"
+KICKSTART_FILE ?= "${STX_KICKSTART_DIR}/${DEFAULT_KICKSTART}"
-# Only the ones prefix with poky_stx_ are tested and working
KICKSTART_FILE_EXTRA ?= " \
- ${LAYER_PATH_meta-stx}/conf/distro/files/ks/poky_stx_aio_ks.cfg \
- ${LAYER_PATH_meta-stx}/conf/distro/files/ks/aio_ks.cfg \
- ${LAYER_PATH_meta-stx}/conf/distro/files/ks/aio_lowlatency_ks.cfg \
- ${LAYER_PATH_meta-stx}/conf/distro/files/ks/controller_ks.cfg \
- ${LAYER_PATH_meta-stx}/conf/distro/files/ks/net_controller_ks.cfg \
- ${LAYER_PATH_meta-stx}/conf/distro/files/ks/net_smallsystem_ks.cfg \
- ${LAYER_PATH_meta-stx}/conf/distro/files/ks/net_smallsystem_lowlatency_ks.cfg \
- ${LAYER_PATH_meta-stx}/conf/distro/files/ks/net_storage_ks.cfg \
- ${LAYER_PATH_meta-stx}/conf/distro/files/ks/net_worker_ks.cfg \
- ${LAYER_PATH_meta-stx}/conf/distro/files/ks/net_worker_lowlatency_ks.cfg \
+ ${STX_KICKSTART_DIR}/smallsystem_ks.cfg \
+ ${STX_KICKSTART_DIR}/smallsystem_lowlatency_ks.cfg \
+ ${STX_KICKSTART_DIR}/controller_ks.cfg \
+ ${STX_KICKSTART_DIR}/net_controller_ks.cfg \
+ ${STX_KICKSTART_DIR}/net_smallsystem_ks.cfg \
+ ${STX_KICKSTART_DIR}/net_smallsystem_lowlatency_ks.cfg \
+ ${STX_KICKSTART_DIR}/net_storage_ks.cfg \
+ ${STX_KICKSTART_DIR}/net_worker_ks.cfg \
+ ${STX_KICKSTART_DIR}/net_worker_lowlatency_ks.cfg \
"
SYSLINUX_CFG_LIVE = "${LAYER_PATH_meta-stx}/conf/distro/files/syslinux.cfg"
DEPENDS += "perl-native"
+inherit deploy
+
do_compile_prepend () {
cd ${S}/bsp-files/
./centos-ks-gen.pl --release ${STX_REL}
install -D -m 0444 extra_cfgs/* ${D}/extra_cfgs
}
+do_deploy () {
+ mkdir -p ${DEPLOYDIR}/stx-kickstarts
+ cp -f ${S}/bsp-files/generated/* ${DEPLOYDIR}/stx-kickstarts
+}
+
+addtask do_deploy after do_compile before do_build
+
FILES_platform-kickstarts = "${feed_dir}"
FILES_platform-kickstarts-pxeboot = "/pxeboot"
FILES_platform-kickstarts-extracfgs = "/extra_cfgs"