From a59e253ecdafc6aef6235558c663e660d2d0f934240b2de11564507bfbdf2c23 Mon Sep 17 00:00:00 2001 From: Nicolas Belouin Date: Fri, 25 Apr 2025 16:00:05 +0200 Subject: [PATCH] Try exploding the tarball Signed-off-by: Nicolas Belouin --- ironic-ipa-ramdisk/ironic-ipa-ramdisk.spec | 6 +-- ironic-ipa-ramdisk/root.tar.bz2 | 3 -- .../etc/NetworkManager/conf.d/00-main.conf | 24 +++++++++ .../root/etc/ironic-python-agent.conf.d | 1 + ironic-ipa-ramdisk/root/etc/issue | 1 + .../root/etc/sysctl.d/98-rp_filter.conf | 2 + .../system/NetworkManager.service.d/nmc.conf | 7 +++ .../system/suse-ironic-image-setup.service | 12 +++++ .../etc/udev/rules.d/61-config2-ipa.rules | 1 + .../usr/local/bin/suse-ironic-image-setup.sh | 52 +++++++++++++++++++ .../root/usr/local/bin/suse-network-setup.sh | 24 +++++++++ .../root/usr/local/bin/suse-test-config-2.sh | 21 ++++++++ 12 files changed, 148 insertions(+), 6 deletions(-) delete mode 100644 ironic-ipa-ramdisk/root.tar.bz2 create mode 100644 ironic-ipa-ramdisk/root/etc/NetworkManager/conf.d/00-main.conf create mode 120000 ironic-ipa-ramdisk/root/etc/ironic-python-agent.conf.d create mode 100644 ironic-ipa-ramdisk/root/etc/issue create mode 100644 ironic-ipa-ramdisk/root/etc/sysctl.d/98-rp_filter.conf create mode 100644 ironic-ipa-ramdisk/root/etc/systemd/system/NetworkManager.service.d/nmc.conf create mode 100644 ironic-ipa-ramdisk/root/etc/systemd/system/suse-ironic-image-setup.service create mode 100644 ironic-ipa-ramdisk/root/etc/udev/rules.d/61-config2-ipa.rules create mode 100755 ironic-ipa-ramdisk/root/usr/local/bin/suse-ironic-image-setup.sh create mode 100755 ironic-ipa-ramdisk/root/usr/local/bin/suse-network-setup.sh create mode 100755 ironic-ipa-ramdisk/root/usr/local/bin/suse-test-config-2.sh diff --git a/ironic-ipa-ramdisk/ironic-ipa-ramdisk.spec b/ironic-ipa-ramdisk/ironic-ipa-ramdisk.spec index 2437c2b..7b4a4b4 100644 --- a/ironic-ipa-ramdisk/ironic-ipa-ramdisk.spec +++ b/ironic-ipa-ramdisk/ironic-ipa-ramdisk.spec @@ -27,7 +27,7 @@ Group: System/Management URL: https://github.com/SUSE-Cloud/ Source0: config.sh Source10: ironic-ipa-ramdisk.kiwi -Source20: root.tar.bz2 +Source20: root BuildRequires: -post-build-checks BuildRequires: bash @@ -123,13 +123,13 @@ Kernel and ramdisk image for use with Metal3 For %{_arch} %prep -mkdir -p /tmp/openstack-ironic-image/build /tmp/openstack-ironic-image/root /tmp/openstack-ironic-image/img +mkdir -p /tmp/openstack-ironic-image/build /tmp/openstack-ironic-image/img cp -a %{SOURCE0} /tmp/openstack-ironic-image/config.sh cp -a %{SOURCE10} /tmp/openstack-ironic-image/config.kiwi -tar -xC /tmp/openstack-ironic-image/root -f %{SOURCE20} +cp -ar %{SOURCE20} /tmp/openstack-ironic-image/root %build if ! which kiwi; then diff --git a/ironic-ipa-ramdisk/root.tar.bz2 b/ironic-ipa-ramdisk/root.tar.bz2 deleted file mode 100644 index c606974..0000000 --- a/ironic-ipa-ramdisk/root.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:65112cfe31a094eb67dc3a426571c37cc88528e550829590d4a199ae002e1921 -size 3138 diff --git a/ironic-ipa-ramdisk/root/etc/NetworkManager/conf.d/00-main.conf b/ironic-ipa-ramdisk/root/etc/NetworkManager/conf.d/00-main.conf new file mode 100644 index 0000000..1a891fc --- /dev/null +++ b/ironic-ipa-ramdisk/root/etc/NetworkManager/conf.d/00-main.conf @@ -0,0 +1,24 @@ +# WARNING: This file has been modified by the diskimage-builder +# dhcp-all-interfaces element as this machine is likely running +# a ramdisk or needs to attempt auto-configuration on all interfaces. +[main] +# This makes sense even with dhcp on all interfaces in the event +# that the configuration has been or is being supplied via external means. +ignore-carrier=* +# Use dhclient as was done previously to the Centos8/RHEL8 RPM defaults. +# This is because dhclient shuts the interface down after a retry attempt +# which allows the link state to reset with some switches, which may be +# important for the ramdisk to recover networking. +dhcp=dhclient + +[connection] +# Keep retrying, this is important for this important espescialy for +# ramdisks in environments where varying switch configurations may +# cause traffic to be blocked or intermittent connectivity failures +# such as those at an edge site may cause issues. +autoconnect-retries=-1 +# Set the timeout. Diskimage-builder dhcp-all-interfaces has a 30 +# second default. NetworkManager, by default, is 45 seconds. +# In some cases where ramdisks are in use, 60 seconds is advisable. +ipv4.dhcp-timeout=30 +ipv6.dhcp-timeout=30 diff --git a/ironic-ipa-ramdisk/root/etc/ironic-python-agent.conf.d b/ironic-ipa-ramdisk/root/etc/ironic-python-agent.conf.d new file mode 120000 index 0000000..0a992d8 --- /dev/null +++ b/ironic-ipa-ramdisk/root/etc/ironic-python-agent.conf.d @@ -0,0 +1 @@ +ironic-python-agent/ironic-python-agent.conf.d \ No newline at end of file diff --git a/ironic-ipa-ramdisk/root/etc/issue b/ironic-ipa-ramdisk/root/etc/issue new file mode 100644 index 0000000..a9ac1a1 --- /dev/null +++ b/ironic-ipa-ramdisk/root/etc/issue @@ -0,0 +1 @@ +SUSE Ironic Python Agent Ramdisk - terminal \l diff --git a/ironic-ipa-ramdisk/root/etc/sysctl.d/98-rp_filter.conf b/ironic-ipa-ramdisk/root/etc/sysctl.d/98-rp_filter.conf new file mode 100644 index 0000000..255446c --- /dev/null +++ b/ironic-ipa-ramdisk/root/etc/sysctl.d/98-rp_filter.conf @@ -0,0 +1,2 @@ +# avoid problems with multiple network interfaces +net.ipv4.conf.all.rp_filter=0 diff --git a/ironic-ipa-ramdisk/root/etc/systemd/system/NetworkManager.service.d/nmc.conf b/ironic-ipa-ramdisk/root/etc/systemd/system/NetworkManager.service.d/nmc.conf new file mode 100644 index 0000000..386bb4f --- /dev/null +++ b/ironic-ipa-ramdisk/root/etc/systemd/system/NetworkManager.service.d/nmc.conf @@ -0,0 +1,7 @@ +[Unit] +#WantsMountsFor=/mnt/ipa +After=mnt-ipa.mount +Wants=mnt-ipa.mount + +[Service] +ExecStartPre=-/usr/local/bin/suse-network-setup.sh diff --git a/ironic-ipa-ramdisk/root/etc/systemd/system/suse-ironic-image-setup.service b/ironic-ipa-ramdisk/root/etc/systemd/system/suse-ironic-image-setup.service new file mode 100644 index 0000000..7b64f66 --- /dev/null +++ b/ironic-ipa-ramdisk/root/etc/systemd/system/suse-ironic-image-setup.service @@ -0,0 +1,12 @@ +[Unit] +Description=Setup ironic-python-agent image +After=getty.target + +[Service] +Type=oneshot +ExecStart=/usr/local/bin/suse-ironic-image-setup.sh +StandardOutput=journal+console +RemainAfterExit=true + +[Install] +WantedBy=multi-user.target diff --git a/ironic-ipa-ramdisk/root/etc/udev/rules.d/61-config2-ipa.rules b/ironic-ipa-ramdisk/root/etc/udev/rules.d/61-config2-ipa.rules new file mode 100644 index 0000000..96083bd --- /dev/null +++ b/ironic-ipa-ramdisk/root/etc/udev/rules.d/61-config2-ipa.rules @@ -0,0 +1 @@ +ACTION=="add|change", SUBSYSTEM=="block", ENV{ID_FS_LABEL}=="config-2", ENV{ID_FS_PUBLISHER_ID}=="?*", PROGRAM="/usr/local/bin/suse-test-config-2.sh", RUN{program}+="/usr/bin/systemd-mount --description='Mount for the config-2 rom consumed by IPA for networking' --timeout-idle-sec=60 $devnode /mnt/ipa" diff --git a/ironic-ipa-ramdisk/root/usr/local/bin/suse-ironic-image-setup.sh b/ironic-ipa-ramdisk/root/usr/local/bin/suse-ironic-image-setup.sh new file mode 100755 index 0000000..da41de0 --- /dev/null +++ b/ironic-ipa-ramdisk/root/usr/local/bin/suse-ironic-image-setup.sh @@ -0,0 +1,52 @@ +#!/bin/sh +PARAMS=$(> /root/.ssh/authorized_keys +fi +# Inject certs +if [[ $PARAMS =~ tls.enabled=(true|True) ]]; then + cp /etc/ironic-python-agent.d/ca-certs/* /etc/pki/trust/anchors/ + cp /etc/ironic-python-agent.d/ca-certs/* /usr/share/pki/trust/anchors/ + update-ca-certificates +fi +# autologin root on given console (default tty1) if suse.autologin or coreos.autologin is enabled +if [[ $PARAMS =~ (suse|coreos)\.autologin=?([^ ]*) ]]; then + tty="${BASH_REMATCH[2]:-tty1}" + echo "Enabling autologin on $tty..." + systemctl stop getty@$tty + systemctl disable getty@$tty + systemctl start autologin@$tty +fi + +# Append to /etc/hosts +# hosts.append=1.2.3.4_foo,4.5.6.7_foo2 +if [[ $PARAMS =~ hosts.append=([^ ]+) ]]; then + HOSTS=${BASH_REMATCH[1]} + echo "Appending to hosts ${HOSTS}..." + for h in ${HOSTS/,/ }; do + echo "${h/_/ }" >> /etc/hosts + done + cat /etc/hosts +fi diff --git a/ironic-ipa-ramdisk/root/usr/local/bin/suse-network-setup.sh b/ironic-ipa-ramdisk/root/usr/local/bin/suse-network-setup.sh new file mode 100755 index 0000000..1f8f53a --- /dev/null +++ b/ironic-ipa-ramdisk/root/usr/local/bin/suse-network-setup.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +set -eux + +# Inspired by/based on glean-early.sh +# https://opendev.org/opendev/glean/src/branch/master/glean/init/glean-early.sh + +# NOTE(TheJulia): We care about iso images, and would expect lower case as a +# result. In the case of VFAT partitions, they would be upper case. + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +NETWORK_DATA_FILE="/mnt/ipa/openstack/latest/network_data.json" + + +if [ ! -f "${NETWORK_DATA_FILE}" ]; then + echo "No network_data.json found, skipping network configuration" + exit 1 +fi + +mkdir -p /tmp/nmc/{desired,generated} +cp ${NETWORK_DATA_FILE} /tmp/nmc/desired/_all.yaml + +nmc generate --config-dir /tmp/nmc/desired --output-dir /tmp/nmc/generated +nmc apply --config-dir /tmp/nmc/generated diff --git a/ironic-ipa-ramdisk/root/usr/local/bin/suse-test-config-2.sh b/ironic-ipa-ramdisk/root/usr/local/bin/suse-test-config-2.sh new file mode 100755 index 0000000..926f0ae --- /dev/null +++ b/ironic-ipa-ramdisk/root/usr/local/bin/suse-test-config-2.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +set -eux + +PATH=/bin:/usr/bin:/sbin:/usr/sbin + +# Transform the ID from the drive being considered to lower case +device_publisher_id=$(echo ${ID_FS_PUBLISHER_ID} | tr '[A-Z]' '[a-z]') + +cmdline_publisher_id="" +if grep -q "ir_pub_id" /proc/cmdline; then + cmdline_publisher_id=$(cat /proc/cmdline | sed -e 's/^.*ir_pub_id=//' -e 's/ .*$//') +fi + +if [[ "${cmdline_publisher_id}" == "${device_publisher_id}" ]]; then + # It is the device we are looking for, return success + exit 0 +else + # Not a match, return failure + exit 1 +fi