This commit adds the ability to use IPMI SOL console when the nodes
provisioned with an option 'console=ttySx' or 'console=ttySx,speed',
where x is 0 for the COM1 and 1 for COM2. If speed parameter doesn't
provided so 9600 used as default. This feature can be used for the
bootstrap nodes too.
DocImpact
Closes-Bug: #1544820
Change-Id: I210001c5692281add2439843f4ad69d65c8f6e17
Signed-off-by: Maksim Malchuk <mmalchuk@mirantis.com>
The cloud-init should use the same filenames for the rsyslog remote
logging as used in the fuel-library templates which would be
overwritten during the deployment by the puppet. This is partially
fix the problem with duplicate messages sent from slave nodes to the
Fuel master node rsyslog.
Change-Id: Ib95db5545889e8ae2b86dcf787c4adb7413d5698
Partial-Bug: #1579081
Partial-Bug: #1580200
Signed-off-by: Maksim Malchuk <mmalchuk@mirantis.com>
We put configdrive with is9660 filesystem to a
partition on a hard disk. New hard disks may have
4K sectors, but blocksize of iso9660 fs is 2K so
it will not work.
To fix this bug we should use another filesystem (ext2)
and another config drive format (files, directory
structure), because NoCloud format, which is currently
used support only vfat and iso9660 filesystems.
Conflicts:
bareon/drivers/deploy/nailgun.py
fuel_agent/tests/test_manager.py
Change-Id: Ia0f244f19bab3dfaceef8a092ad03667675a5557
Closes-Bug: #1544818
By default Puppet enables stringify_facts. It can lead to weird behavior,
assuming a fact, that supposedly returns an array. E.g.:
Facter: ["/", "/boot", "/var", "/var/log"]
As exposed in Puppet: "[\"/\", \"/boot\", \"/var\", \"/var/log\"]"
It is already disabled in Puppet 4, so it makes sense to do it now to save
us from possible problems in the future.
Change-Id: Ib70ae937165ddb2968c9e4346434f18778b31714
Closes-Bug: 1526782
The cloud-config uses a `plain_text_passwd: {{ user.password }}` which
could create potential security issues.
Therefore the cloud-config file, requires the 'plain text password'
replaced with a 'hashed password'.
Closes-bug: #1553236
Change-Id: Ic0c5992b5302f84819498ccd311cf19224142fa5
Signed-off-by: Anil Belur <askb23@gmail.com>
Extended Nailgun data driver to parse new ks_meta keys.
Extended Ubuntu cloud-init config template to create a non-root
account. Root login is being disabled, however, this setting
will only be effective until osnailyfacter::ssh puppet class
will have been evaluated during deployment as it overrides
sshd_config values. This means, that PermitRootLogin should be
managed by library as well.
Blueprint: fuel-nonroot-openstack-nodes
Depends-On: Ia18305e07d07377886783c3b3e44abe93cef2da5
Conflicts:
bareon/tests/test_configdrive.py
Change-Id: I69831fe0327ef9ac55bed99301d2c3732b87ed88
Since the non-root feature, targeted for 9.0, is going to require
modification of cloud-config templates, it is reasonable to introduce
versioned CC templates.
Change-Id: I73548644df7e56a6b35660913e38f802d556f9c3
Blueprint: fuel-nonroot-openstack-nodes
This commit fixes blacklist procedure if running VirtualBox because with
version 5.0 of VirtualBox the 'virt-what' reports several hypervisors,
such as "virtualbox" and "kvm".
Change-Id: Ifba124c4c89fe08f573a56cdf71165309bfd5709
Partial-Bug: #1523526
Nailgun-agent provided the parameter for the config and restarts
mcollective after update. But in some cases (see description of the
related bug) such behavior may cause deployment failure. So now the data
is supplied by astute in provision info and is placed into config on its
creation as other parameters.
Change-Id: I3670e571c13808da2b54bd6238d228e7cdb0ef96
Related-Bug: #1518306
Depends-On: I753eb76ed9c3b80f249c0c4b86ef48ef49274990
* Sync fix-configs-on-startup with fuel-main/bootstrap
* Due wrong permission for trusty/etc\usr folders, after
rsync's files into chroot system - ntp fails to run due Access Denied
error
* fix ubuntu cloud-init hook for ntp.drift
* nailgun-agent runs only from cron
* fix file permission for trusty bootstrap
* add 'psmisc' for fuel-agent requirements
Centos7 don't install it by default, otherwise mcollective
container - which used for IBP
Conflicts:
specs/fuel-agent.spec
Change-Id: Ifecbc4220df8ae77f7373d4b342aa1e72deb9059
Closes-Bug: #1522406
etckeeper is not installed or configured on deployed nodes, so it should
be replaced with a dummy command that will return 0
Change-Id: I0ced09f9cedcdb81eb3281168fed8b15f61d1e99
Closes-bug: #1504191
Since cloud-init templates may vary from one release to another,
fuel-agent should be able to choose appropriate version according to
environment version provided in provision data.
Due to matter of changes, only boothook templates were affected,
the rest of templates haven't been changed yet.
* add templates from 6.1/stable
* add templates from 7.0/stable
* rename meta-data to meta_data
Change-Id: I03f9c304edb387435747c5f59d83516e8adcce9f
Closes-Bug: #1478549
Depends-On: I81b50863a58de10ee33c8064b38fc92ef7e1d86a
This file is currently world-readable and exposes all passwords used for
deployment, including OpenStack services and MySQL database.
Change-Id: I0be5ffd806ddf708344205fe374f716e4cd2d831
Closes-bug: 1486399
Add nf_conntrack_proto_gre to the default loaded modules
for CentOS and Ubuntu. This enables VMs on OpenStack
that use GRE to provide GRE connectivity over floating
IPs.
Closes-bug: #1474210
Change-Id: I265a30d698396bcce64b139dfa8696a440cc2a3b
* Add errors=panic to rootfs in order to panic and
not to go to 'ro' when there are any errors on the disk
* Set parameter kernel.panic in sysctl to 60 (By default,
the kernel will not reboot after a panic, but this option
will cause a kernel reboot after 60 seconds.)
Doc-Impact
Change-Id: Ib24f13d3cbbf792e7ee81a9b4054e084f4ec1b5e
Closes-Bug: 1371689
sys v init scripts are inherently racy since creating a PID file takes
a while. In particular collectived needs about 0.6 seconds to daemonize
itself and create its PID file. If the service gets restarted in this
interval the second instance of the daemon gets started without stopping
the previous one. Apparently mcollectived gets restarted very often during
the final phase of IBP. Hence get rid of sys V init script and use
upstart job to manage mcollectived.
Merge-After: https://review.fuel-infra.org/7093
Closes-Bug: #1454741
Change-Id: Ie74539a068f33c485573645e6a2f88bd0972b59b
The iptables rules should be saved after being flushed as part of the
cloud-init process. If the reboot plugin is used, the default CentOS
rules are loaded on boot because we are not saving the cleared set of
rules. This can cause some network configurations to break.
Ubuntu is not impacted as they do not have any 'default' rules.
Change-Id: I49842cd833a736f318dd237f07be2267dbfb27ab
Closes-Bug: 1459733
The server.cfg shipped with mcollective package tells mcollectived to
daemonize itself, and the config generated by cloud init tells it to run
in the background (assuming that the init script is responsible for
daemonization). This mismatch breaks PID file: start-stop-daemon forks,
detaches, records its pid, and runs mcollectived which daemonizes again.
As a result the PID recored in the PID file is wrong so subsequent
start/restart/stop action can't find the previously launched process
and starts an extra instance of mcollective.
In order to solve the problem
1) fix the init script (assuming that mcollectived daemonizes itself)
2) generate a proper server.cfg (with daemonize=1 statement)
Related-Bug: #1454741
Merge-After: https://review.fuel-infra.org/6760
Change-Id: I1b9ddc2d8ec790b5a6cb1095e32559cf506c48e7
We use mcollective cloud-init module to configure
mcollective service. This module runs the command
'service mcollective start' which does nothing
if the service is already running (which is the actual case).
So, we can end up with mcollective unable to see
config file changed made by cloud-init and hence
prevent mcollective from being able to connect to
rabbit.
This patch restarts mcollective at the end of cloud-init run.
Closes-Bug: #1455489
Change-Id: I9ea122acc168120596bf48f378e92874936bcbe1
This patch prevents nailgun-agent from doing anything
until cloud-init has finished its magic.
/etc/nailgun-agent/nodiscover file is created during provisioning stage
and then it is removed in /etc/rc.local which guarantees
that nailgun-agent doesn't change mcollective config at the
same time when cloud-init does this. Otherwise, we can
end up with corrupted mcollective config.
Related-Patch: I5fca4ca39abdc273f6958f2643fae6c5c99fba68
Change-Id: If8d1252e6d351ad073de26afc13a19de76f531fb
Closes-Bug: #1449186
New deployment task flow assumes we have the
deployment stage which configures repos on a node
just before running puppet. So, we don't need to
perform this repo pre-configuration in fuel agent
any more.
Change-Id: Ib3ffc2944d20470476fe800a1bf95382780a4bf9
Implements: blueprint consume-external-ubuntu
We need to create udev rules prior the first boot. It's significally
easier to inject files and less magic required.
Change-Id: Iaa4dddad0efe5ac41f6b1284a8c4aa85066e39a9
Closes-Bug: #1420885
script named 'cloud-init-per' is written in bash and can't work with
pipes correctly. So, long command lines with pipes should be
converted to a single command, eg:
/bin/sh -c 'echo command | tee /etc/file'
Without that, all those incorrectly handled commands will empty files
on the every next boot after the first boot.
Change-Id: Ib49a21cde42264320ada882c9e06a4a0e09badfa
Closes-Bug: #1420396
It's related to deployment snippents backporting to cloud-init.
Snippet works with kernel parameter 'udevrules' passed during booting to
/proc/cmdline.
Image based installation doesn't use /proc/cmdline for getting this data.
And it was containing redundant for that case 'grep udevrules' in the scripted
line. It was creating empty file for every time. After removing it, the issue
becomes completely resolved.
Change-Id: I0fb3c5bb99960c71bb4e9299da144ea9ca7479fc
Closes-Bug: #1419769
The issue is that cloudinit/cc_resolv_conf.py is not working at all.
For both centos and ubuntu resolv.conf editing was moved to
cloud-init boothook stage. cloud-init will recreate resolv.conf on
every boot.
Closes-Bug: 1416399
Change-Id: I3d6fdd15ea279928d39f5e6ce4136372db3172c5
SSH password authentification was enabled in cloud-config.
Setting it to `false`.
Change-Id: I7311006d6c050423ff31923310c5f9de8519788d
Closes-Bug: #1413690
The actual reason is that cloud-init re-applies its metadata again
and again. Wiping out all the metadata from datasource resolves
the issue.
Change-Id: I0d1912da504df959e36c316ed09effaf1bcb682f
Closes-Bug: #1398207
1) Add forgottent ntpd start into centos's cloud-init boothook.
2) Toggle ntp server on ubuntu to be sure it will start with correct
settings.
3) Fix typo in both boothook files
ntp(d) must be stopped before syncing date with ntpdate.
Change-Id: I4e8e912b61a57c84e24e13be10983654bcfec0ab
Closes-Bug: #1394617
1) Fix cloud-init meta-data templates
Just meta-data comments layout.
2) Fix repos handling in nailgun drivers
Remove quotes from urls since apt refuses to work with them.
3) Fix ntp.conf issue
Wrong semaphore ids in boothook were wrong
Closes-Bug: #1388042
Implements: blueprint image-based-provisioning
Change-Id: Iad6755753cc1fa938b370016cd2f4026e76b90a3
Should be synchronized with appropriate patchsets in fuel-library and
fuel-main.
Change-Id: I1404fe60b0584e0afa0bdcb90905c318b4d1eb3d
Related-Bug: #1377160
Fuel agent is a bunch of tools which are
supposed to be placed on bootstrap image and
used for node discovering and image based
provisioning.
Implements: blueprint image-based-provisioning
Change-Id: I946decd50c51e6db767401682d9effbe3cf42bed