diff --git a/contrib/ironic/bootstrap-files/etc/fuel-agent/fuel-agent.conf b/contrib/ironic/bootstrap-files/etc/fuel-agent/fuel-agent.conf new file mode 100644 index 0000000..f7f80dc --- /dev/null +++ b/contrib/ironic/bootstrap-files/etc/fuel-agent/fuel-agent.conf @@ -0,0 +1,8 @@ +[DEFAULT] +use_stderr=false +logging_debug_format_suffix= +log_file=/var/log/fuel-agent.log +use_syslog=true +use_syslog_rfc_format=true +prepare_configdrive=false +fix_udev_net_rules=false diff --git a/contrib/ironic/bootstrap-files/etc/hostname b/contrib/ironic/bootstrap-files/etc/hostname new file mode 100644 index 0000000..0b26a9b --- /dev/null +++ b/contrib/ironic/bootstrap-files/etc/hostname @@ -0,0 +1,2 @@ +bootstrap-ironic + diff --git a/contrib/ironic/bootstrap-files/etc/init/ironic-callback.conf b/contrib/ironic/bootstrap-files/etc/init/ironic-callback.conf new file mode 100644 index 0000000..863dd4c --- /dev/null +++ b/contrib/ironic/bootstrap-files/etc/init/ironic-callback.conf @@ -0,0 +1,10 @@ +description "Ironic call back script" + +start on started ssh +pre-start script + /usr/bin/configure-remote-logging.sh +end script + +task + +exec /usr/bin/fa_ironic_callback diff --git a/contrib/ironic/bootstrap-files/etc/rsyslog.conf b/contrib/ironic/bootstrap-files/etc/rsyslog.conf new file mode 100644 index 0000000..b5f541f --- /dev/null +++ b/contrib/ironic/bootstrap-files/etc/rsyslog.conf @@ -0,0 +1,29 @@ +################# +#### MODULES #### +################# + +$ModLoad imuxsock # provides support for local system logging +$ModLoad imklog # provides kernel logging support (previously done by rklogd) +#$ModLoad immark # provides --MARK-- message capability + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +# +# Set the default permissions for all log files. +# +$FileOwner syslog +$FileGroup syslog +$FileCreateMode 0640 +$DirCreateMode 0755 +$umask 0000 +$PrivDropToUser syslog +$PrivDropToGroup syslog + +$MaxMessageSize 32k + +# +# Include all config files in /etc/rsyslog.d/ +# +$IncludeConfig /etc/rsyslog.d/*.conf diff --git a/contrib/ironic/bootstrap-files/etc/rsyslog.d/00-remote.conf b/contrib/ironic/bootstrap-files/etc/rsyslog.d/00-remote.conf new file mode 100644 index 0000000..75e8ef8 --- /dev/null +++ b/contrib/ironic/bootstrap-files/etc/rsyslog.d/00-remote.conf @@ -0,0 +1,36 @@ +# file is managed by puppet +# +# Log to remote syslog server +# Templates +# RFC3164 emulation with long tags (32+) +$Template RemoteLog, "<%pri%>%timestamp% ironic/@DEPLOYMENT_ID@/%syslogtag%%msg:::sp-if-no-1st-sp%%msg%\n" +# RFC544 emulation would be: "<%pri%>1 %timestamp:::date-rfc3339% %hostname% %syslogtag% %procid% %msgid% %structured-data% %msg%\n" +# Note: don't use %app-name% cuz it would be empty for some cases +$ActionFileDefaultTemplate RemoteLog +$WorkDirectory /var/spool/rsyslog/ +#Start remote server 0 +$ActionQueueType LinkedList # use asynchronous processing +$ActionQueueFileName remote0 # set file name, also enables disk mode +$ActionQueueMaxDiskSpace 1g +$ActionQueueSaveOnShutdown on +$ActionQueueLowWaterMark 2000 +$ActionQueueHighWaterMark 8000 +$ActionQueueSize 1000000 # Reserve 500Mb memory, each queue element is 512b +$ActionQueueDiscardMark 950000 # If the queue looks like filling, start discarding to not block ssh/login/etc. +$ActionQueueDiscardSeverity 0 # When in discarding mode discard everything. +$ActionQueueTimeoutEnqueue 0 # When in discarding mode do not enable throttling. +$ActionQueueDequeueSlowdown 1000 +$ActionQueueWorkerThreads 2 +$ActionQueueDequeueBatchSize 128 +$ActionResumeRetryCount -1 + + +# Isolate sudo logs locally +# match if "program name" is equal to "sudo" +:programname, isequal, "sudo" -/var/log/sudo.log +&~ + +# Send messages we receive to master node via tcp +# Use an octet-counted framing (understood for rsyslog only) to ensure correct multiline messages delivery +*.* @(o)@SYSLOG_SERVER_IP@:514;RemoteLog +#End remote server 0 diff --git a/contrib/ironic/bootstrap-files/etc/ssh/sshd_config b/contrib/ironic/bootstrap-files/etc/ssh/sshd_config new file mode 100644 index 0000000..393fd26 --- /dev/null +++ b/contrib/ironic/bootstrap-files/etc/ssh/sshd_config @@ -0,0 +1,20 @@ +Protocol 2 +SyslogFacility AUTHPRIV +PasswordAuthentication no +PubkeyAuthentication yes +ChallengeResponseAuthentication no +GSSAPIAuthentication no +UsePAM no +UseDNS no + +# Accept locale-related environment variables +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT +AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE +AcceptEnv XMODIFIERS + +Subsystem sftp /usr/lib/openssh/sftp-server + +# Secure Ciphers and MACs +Ciphers aes256-ctr,aes192-ctr,aes128-ctr,arcfour256,arcfour128 +MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-sha1 diff --git a/contrib/ironic/bootstrap-files/usr/bin/configure-remote-logging.sh b/contrib/ironic/bootstrap-files/usr/bin/configure-remote-logging.sh new file mode 100755 index 0000000..6157040 --- /dev/null +++ b/contrib/ironic/bootstrap-files/usr/bin/configure-remote-logging.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +SYSLOG_SERVER_IP=$(grep -oPz '(?<=\bip=)(\d+\.?){4}:\K(\d+\.?){4}' /proc/cmdline) +DEPLOYMENT_ID=$(grep -ioP '(?<=\bdeployment_id=)([0-9a-z-]+)\b' /proc/cmdline) + +sed -i /etc/rsyslog.d/00-remote.conf -re "s/@SYSLOG_SERVER_IP@/$SYSLOG_SERVER_IP/" +sed -i /etc/rsyslog.d/00-remote.conf -re "s/@DEPLOYMENT_ID@/$DEPLOYMENT_ID/" + +service rsyslog restart diff --git a/debian/changelog b/debian/changelog index 56906f1..0640883 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +fuel-agent (7.0+git20150905-1) unstable; urgency=low + + * Add bootstrap ironic config files + + -- Vasyl Saienko Mon, 05 Oct 2015 10:21:41 +0200 + fuel-agent (7.0+git20150720-1) unstable; urgency=low * Catch up the upstream. diff --git a/debian/control b/debian/control index 116fc70..802cf4d 100644 --- a/debian/control +++ b/debian/control @@ -65,3 +65,8 @@ Depends: bzip2, Description: fuel image based provisioning agent Fuel agent executes provisioning tasks on the discovery nodes . + +Package: ironic-fa-bootstrap-configs +Architecture: all +Section: python +Description: Ironic bootstrap config files diff --git a/debian/ironic-fa-bootstrap-configs.install b/debian/ironic-fa-bootstrap-configs.install new file mode 100644 index 0000000..9f35c71 --- /dev/null +++ b/debian/ironic-fa-bootstrap-configs.install @@ -0,0 +1 @@ +contrib/ironic/bootstrap-files/* /usr/share/ironic-fa-bootstrap-configs/ diff --git a/debian/ironic-fa-bootstrap-configs.postinst b/debian/ironic-fa-bootstrap-configs.postinst new file mode 100644 index 0000000..93d26ce --- /dev/null +++ b/debian/ironic-fa-bootstrap-configs.postinst @@ -0,0 +1,4 @@ +#!/bin/sh +set -e + chmod 755 /usr/share/ironic-fa-bootstrap-configs/usr/bin/configure-remote-logging.sh +exit 0 diff --git a/debian/rules b/debian/rules index 8d55516..fb28200 100755 --- a/debian/rules +++ b/debian/rules @@ -18,6 +18,13 @@ override_dh_clean: # set -e && for i in $(PYTHONS) $(PYTHON3S) ; do \ +override_dh_install: + set -e ; for pyvers in $(PYTHONS); do \ + python$$pyvers setup.py install --install-layout=deb \ + --root $(CURDIR)/debian/fuel-agent; \ + done + dh_install --remaining-packages + override_dh_auto_test: ifeq (,$(findstring nocheck, $(DEB_BUILD_OPTIONS))) echo "===> Running tests" diff --git a/specs/fuel-agent.spec b/specs/fuel-agent.spec index ae3fc0e..ced441b 100644 --- a/specs/fuel-agent.spec +++ b/specs/fuel-agent.spec @@ -56,6 +56,13 @@ Requires: coreutils %description Fuel-agent package +%package -n ironic-fa-bootstrap-configs +Summary: Ironic bootstrap config files +Group: Development/Libraries + +%description -n ironic-fa-bootstrap-configs +Ironic bootstrap config files with Fuel Agent + %prep %setup -cq -n %{name}-%{version} @@ -70,6 +77,10 @@ install -p -D -m 644 %{_builddir}/%{name}-%{version}/etc/fuel-agent/fuel-agent.c install -d -m 755 %{buildroot}%{_datadir}/fuel-agent/cloud-init-templates install -p -D -m 644 %{_builddir}/%{name}-%{version}/cloud-init-templates/* %{buildroot}%{_datadir}/fuel-agent/cloud-init-templates +#ironic bootstrap config files +install -d -m 755 %{buildroot}%{_datadir}/ironic-fa-bootstrap-configs/ +cp -a %{_builddir}/%{name}-%{version}/contrib/ironic/bootstrap-files/* %{buildroot}%{_datadir}/ironic-fa-bootstrap-configs/ + %clean rm -rf $RPM_BUILD_ROOT @@ -77,3 +88,7 @@ rm -rf $RPM_BUILD_ROOT %defattr(-,root,root) %config(noreplace) %{_sysconfdir}/fuel-agent/fuel-agent.conf %{_datadir}/fuel-agent/cloud-init-templates/* + +%files -n ironic-fa-bootstrap-configs +%attr(0644,root,root) %config(noreplace) %{_datadir}/ironic-fa-bootstrap-configs/* +%attr(0755,root,root) %config(noreplace) %{_datadir}/ironic-fa-bootstrap-configs/usr/bin/configure-remote-logging.sh