1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
|
#!/bin/sh
set -e
set -x
UNAME_MINUS_M=$(uname -m)
if ! [ -r /usr/share/openstack-pkg-tools/pkgos_func ] ; then
echo "Could not read /usr/share/openstack-pkg-tools/pkgos_func."
exit 1
fi
. /usr/share/openstack-pkg-tools/pkgos_func
openstack_release=$(cat /etc/oci_openstack_release)
debian_release=$(cat /etc/oci_debian_release)
if [ -r /etc/oci_use_debian_dot_net_backport ] ; then
use_debian_dot_net_backport=$(cat /etc/oci_use_debian_dot_net_backport)
else
use_debian_dot_net_backport=no
fi
official_backports_repo_url=$(cat /etc/oci_debian_mirror)
if [ -r /etc/oci_use_debian_official_backports ] ; then
use_debian_official_backports=$(cat /etc/oci_use_debian_official_backports)
if [ -r /etc/oci_debian_archived_backports_list ] && [ -r /etc/oci_debian_archive_mirror ] && grep -q $debian_release /etc/oci_debian_archived_backports_list ; then
official_backports_repo_url=$(cat /etc/oci_debian_archive_mirror)
fi
else
use_debian_official_backports=no
fi
if [ -r /etc/oci_use_incoming_build ] ; then
install_buildd_incoming=$(cat /etc/oci_use_incoming_build)
else
install_buildd_incoming=no
fi
if [ -r /etc/oci_incoming_buildd_url ] ; then
debian_incoming_buildd=$(cat /etc/oci_incoming_buildd_url)
else
debian_incoming_buildd=no
fi
debian_mirror=$(cat /etc/oci_debian_mirror)
if [ -r /etc/oci/production_system_setup_backports_repo ] ; then
production_system_setup_backports_repo=$(cat /etc/oci/production_system_setup_backports_repo)
else
production_system_setup_backports_repo=no
fi
if [ -r /etc/oci/production_system_setup_nonfree_repo ] ; then
production_system_setup_nonfree_repo=$(cat /etc/oci/production_system_setup_nonfree_repo)
else
production_system_setup_nonfree_repo=no
fi
if [ -r /etc/oci/production_system_install_nonfree_firmware_from_backports ] ; then
production_system_install_nonfree_firmware_from_backports=$(cat /etc/oci/production_system_install_nonfree_firmware_from_backports)
else
production_system_install_nonfree_firmware_from_backports=no
fi
if [ -r /etc/oci/production_system_install_firmware_from_backports_list ] ; then
production_system_install_firmware_from_backports_list=$(cat /etc/oci/production_system_install_firmware_from_backports_list)
else
production_system_install_firmware_from_backports_list=""
fi
# Ceph backport stuff
# Should we do ceph pinning?
if [ -r /etc/oci_ceph_from_stable_backports ] ; then
ceph_from_stable_backports=$(cat /etc/oci_ceph_from_stable_backports)
else
ceph_from_stable_backports=no
fi
# Should we install osbpo for Ceph?
if [ -r /etc/oci_ceph_use_osbpo ] ; then
ceph_use_osbpo=$(cat /etc/oci_ceph_use_osbpo)
else
ceph_use_osbpo=no
fi
# What release?
if [ -r /etc/oci_ceph_osbpo_release ] ; then
ceph_osbpo_release=$(cat /etc/oci_ceph_osbpo_release)
else
ceph_osbpo_release=""
fi
# Should we use upstream Ceph repo?
if [ -r /etc/oci_install_ceph_upstream_repo ] ; then
install_ceph_upstream_repo=$(cat /etc/oci_install_ceph_upstream_repo)
else
install_ceph_upstream_repo=no
fi
# What is its URL?
debian_mirror_ceph=$(cat /etc/oci_debian_mirror_ceph)
# This script writes rc.local in the HDD of installed OS
# so that it can inform the PXE server that the OS is up.
mkdir -p ${BODI_CHROOT_PATH}/etc/oci
cp /etc/oci/pxe-server-ip ${BODI_CHROOT_PATH}/etc/oci/pxe-server-ip
# If we see an already prepared hosts file, copy it to the chroot
if [ -e /oci-hosts-file ] ; then
cat /oci-hosts-file >${BODI_CHROOT_PATH}/etc/hosts
fi
if [ -r /puppet-master-host ] ; then
MY_HOSTNAME=$(cat /puppet-master-host)
else
MY_HOSTNAME=$(hostname --fqdn)
fi
# Configure the puppet agent to talk to the puppet master
if [ -e ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf ] ; then
if ! cat ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf | grep '\[main\]' ; then
echo '[main]' >>${BODI_CHROOT_PATH}/etc/puppet/puppet.conf
fi
. /usr/share/openstack-pkg-tools/pkgos_func
pkgos_add_directive ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf main server=example.com "#puppet master address"
pkgos_inifile set ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf main server ${MY_HOSTNAME}
# Default is 512, which is not enough, we had a warning about 665 top level facts.
pkgos_add_directive ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf main top_level_facts_soft_limit=81920 "#Default is 512, which is not enough, we had a warning about 2382 top level facts."
pkgos_inifile set ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf main top_level_facts_soft_limit 81920
pkgos_add_directive ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf main fact_value_length_soft_limit=40960 "#With a lot of VMs in a compute, there is a fact with all interfaces in one line, so it is huge."
pkgos_inifile set ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf main fact_value_length_soft_limit 40960
pkgos_add_directive ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf main number_of_facts_soft_limit=40960 "#With a lot of VMs in a compute (hundreds), there is also too many facts."
pkgos_inifile set ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf main number_of_facts_soft_limit 40960
# On controllers, the default 1h is not enough on first run.
pkgos_add_directive ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf main runtimeout=7200 "#On controllers, the default 1h is not enough on first run."
pkgos_inifile set ${BODI_CHROOT_PATH}/etc/puppet/puppet.conf main runtimeout 7200
fi
# Copy the http_proxy_addr file to provisionned hosts.
if [ -e /etc/oci/http_proxy_addr ] ; then
mkdir -p ${BODI_CHROOT_PATH}/etc/oci
cp /etc/oci/http_proxy_addr ${BODI_CHROOT_PATH}/etc/oci
fi
# Copy files under /oci-in-target to the root of the target
if [ -d /oci-in-target ] ; then
CWD=$(pwd)
cd /oci-in-target
if [ -d usr/bin ] ; then
chmod +x usr/bin/*
chown root:root usr/bin/*
fi
if [ -d etc/oci ] ; then
chown -R root:root etc/oci
fi
cp -axf * ${BODI_CHROOT_PATH}
cd ${CWD}
# Make sure we have correct rights for /root/.ssh
mkdir -p ${BODI_CHROOT_PATH}/root
if [ -e ${BODI_CHROOT_PATH}/root/.ssh ] ; then
chmod 0700 ${BODI_CHROOT_PATH}/root/.ssh
fi
chmod 0700 ${BODI_CHROOT_PATH}/root
chown -R root:root ${BODI_CHROOT_PATH}/root
if [ -e ${BODI_CHROOT_PATH}/root/.ssh/id_rsa.pub ] ; then
cat ${BODI_CHROOT_PATH}/root/.ssh/id_rsa.pub >> ${BODI_CHROOT_PATH}/root/.ssh/authorized_keys
fi
if [ -e ${BODI_CHROOT_PATH}/etc ] ; then
chown root:root ${BODI_CHROOT_PATH}/etc || true
chown root:root ${BODI_CHROOT_PATH}/etc/motd || true
if [ -e ${BODI_CHROOT_PATH}/etc/facter ] ; then
chown root:root ${BODI_CHROOT_PATH}/etc/facter
if [ -e ${BODI_CHROOT_PATH}/etc/facter/facts.d ] ; then
chown root:root ${BODI_CHROOT_PATH}/etc/facter/facts.d
if [ -e ${BODI_CHROOT_PATH}/etc/facter/facts.d/swift_blockdevs_names_to_uuid.sh ] ; then
chown root:root ${BODI_CHROOT_PATH}/etc/facter/facts.d/swift_blockdevs_names_to_uuid.sh
chmod +x ${BODI_CHROOT_PATH}/etc/facter/facts.d/swift_blockdevs_names_to_uuid.sh
fi
if [ -e ${BODI_CHROOT_PATH}/etc/facter/facts.d/swift_fstab_dev_list.sh ] ; then
chown root:root ${BODI_CHROOT_PATH}/etc/facter/facts.d/swift_fstab_dev_list.sh
chmod +x ${BODI_CHROOT_PATH}/etc/facter/facts.d/swift_fstab_dev_list.sh
fi
fi
fi
fi
# Make sure we have correct rights for /etc/cron.weekly scripts
chown -R root:root ${BODI_CHROOT_PATH}/etc/cron.weekly || true
if [ -e ${BODI_CHROOT_PATH}/etc/cron.weekly/oci-fernet-keys-rotate ] ; then
chmod +x ${BODI_CHROOT_PATH}/etc/cron.weekly/oci-fernet-keys-rotate
fi
chown -R root:root ${BODI_CHROOT_PATH}/etc/cron.hourly || true
if [ -e ${BODI_CHROOT_PATH}/etc/cron.hourly/oci-glance-image-rsync ] ; then
chmod +x ${BODI_CHROOT_PATH}/etc/cron.hourly/oci-glance-image-rsync
fi
fi
if [ -r ${BODI_CHROOT_PATH}/etc/oci/oci-repository-key.asc ] ; then
OCI_REPO_SIGNED_BY="[signed-by=/etc/oci/oci-repository-key.asc]"
else
OCI_REPO_SIGNED_BY=""
fi
# Add ${debian_release}-${openstack_release} backport repo
if [ "${use_debian_dot_net_backport}" = "yes" ] ; then
if [ ! -e ${BODI_CHROOT_PATH}/etc/oci/oci-repository-key.asc ] && [ -e /oci-backports-pubkey.gpg ] ; then
cp /oci-backports-pubkey.gpg ${BODI_CHROOT_PATH}
chroot ${BODI_CHROOT_PATH} apt-key add /oci-backports-pubkey.gpg
rm ${BODI_CHROOT_PATH}/oci-backports-pubkey.gpg
fi
if ! [ -e ${BODI_CHROOT_PATH}/etc/apt/sources.list.d/${debian_release}-${openstack_release}.list ] ; then
if [ "${UNAME_MINUS_M}" = "x86_64" ] ; then
SITE=${debian_release}-${openstack_release}.debian.net
else
SITE=osbpo.debian.net
fi
echo "deb ${OCI_REPO_SIGNED_BY} http://${SITE}/debian ${debian_release}-${openstack_release}-backports main
deb-src ${OCI_REPO_SIGNED_BY} http://${SITE}/debian ${debian_release}-${openstack_release}-backports main
deb ${OCI_REPO_SIGNED_BY} http://${SITE}/debian ${debian_release}-${openstack_release}-backports-nochange main
deb-src ${OCI_REPO_SIGNED_BY} http://${SITE}/debian ${debian_release}-${openstack_release}-backports-nochange main
" >${BODI_CHROOT_PATH}/etc/apt/sources.list.d/${debian_release}-${openstack_release}.list
chroot ${BODI_CHROOT_PATH} apt-get update
chroot ${BODI_CHROOT_PATH} apt-get -y -o Dpkg::Options::="--force-confnew" dist-upgrade
fi
fi
if [ "${use_debian_official_backports}" = "yes" ] || [ "${production_system_setup_backports_repo}" = "yes" ] ; then
if [ "${production_system_setup_nonfree_repo}" = "yes" ] ; then
BPO_NON_FREE_CONTRIB=" contrib non-free"
else
BPO_NON_FREE_CONTRIB=""
fi
mkdir -p ${BODI_CHROOT_PATH}/etc/apt/sources.list.d
echo "deb ${official_backports_repo_url} ${debian_release}-backports main${BPO_NON_FREE_CONTRIB}
deb-src ${official_backports_repo_url} ${debian_release}-backports main${BPO_NON_FREE_CONTRIB}" >${BODI_CHROOT_PATH}/etc/apt/sources.list.d/${debian_release}-backports.list
chroot ${BODI_CHROOT_PATH} apt-get update
if [ "${production_system_install_nonfree_firmware_from_backports}" = "yes" ] ; then
chroot ${BODI_CHROOT_PATH} apt-get install -t ${debian_release}-backports -y ${production_system_install_firmware_from_backports_list} || true
fi
fi
# Setup ceph-<RELEASE> osbpo repo
if [ "${ceph_use_osbpo}" = "yes" ] ; then
mkdir -p ${BODI_CHROOT_PATH}/etc/apt/sources.list.d
echo "deb ${OCI_REPO_SIGNED_BY} http://osbpo.debian.net/debian ${ceph_osbpo_release} main
deb-src ${OCI_REPO_SIGNED_BY} http://osbpo.debian.net/debian ${ceph_osbpo_release} main
" >>${BODI_CHROOT_PATH}/etc/apt/sources.list.d/${ceph_osbpo_release}.list
chroot ${BODI_CHROOT_PATH} apt-get update
fi
# Setup Ceph pinning
if [ "${ceph_from_stable_backports}" = "yes" ] ; then
mkdir -p ${BODI_CHROOT_PATH}/etc/apt/preferences.d
if [ "${debian_release}" = "buster" ] ; then
# Pacific list:
CEPH_PKG_LIST="ceph ceph-base ceph-base-dbg ceph-common ceph-common-dbg ceph-fuse ceph-grafana-dashboards ceph-immutable-object-cache ceph-immutable-object-cache-dbg ceph-mds ceph-mds-dbg ceph-mgr ceph-mgr-cephadm ceph-mgr-dashboard ceph-mgr-dbg ceph-mgr-diskprediction-local ceph-mgr-diskprediction-cloud ceph-mgr-k8sevents ceph-mgr-modules-core ceph-mgr-rook ceph-mgr-k8sevents ceph-mgr-ssh ceph-mon ceph-mon-dbg ceph-osd ceph-osd-dbg ceph-prometheus-alerts ceph-resource-agents ceph-test cephadm cephfs-mirror cephfs-mirror-dbg cephfs-shell cephfs-top libcephfs-dev libcephfs-java libcephfs-jni libcephfs2 libcephfs2-dbg librados-dev librados2 librados2-dbg libradospp-dev libradosstriper-dev libradosstriper1 libradosstriper1-dbg librbd-dev librbd1 librbd1-dbg librgw-dev librgw2 librgw2-dbg libsqlite3-mod-ceph libsqlite3-mod-ceph-dbg libsqlite3-mod-ceph-dev python3-ceph python3-ceph-argparse python3-ceph-common python3-cephfs python3-rados python3-rbd python3-rgw rados-objclass-dev radosgw radosgw-dbg rbd-fuse rbd-fuse-dbg rbd-mirror rbd-mirror-dbg rbd-nbd rbd-nbd-dbg smartmontools"
elif [ "${debian_release}" = "bookworm" ] ; then
# Reef list:
CEPH_PKG_LIST="ceph ceph-base ceph-base-dbg ceph-common ceph-common-dbg ceph-grafana-dashboards ceph-immutable-object-cache ceph-immutable-object-cache-dbg ceph-mds ceph-mds-dbg ceph-mgr ceph-mgr-cephadm ceph-mgr-dashboard ceph-mgr-dbg ceph-mgr-k8sevents ceph-mgr-modules-core ceph-mgr-rook ceph-mon ceph-mon-dbg ceph-osd ceph-osd-dbg ceph-prometheus-alerts ceph-resource-agents ceph-test ceph-test-dbg ceph-volume cephadm cephfs-mirror cephfs-mirror-dbg cephfs-shell cephfs-top libboost-all-dev libboost-atomic-dev libboost-atomic1.83-dev libboost-atomic1.83.0 libboost-atomic1.83.0-dbgsym libboost-chrono-dev libboost-chrono1.83-dev libboost-chrono1.83.0t64 libboost-chrono1.83.0t64-dbgsym libboost-container-dev libboost-container1.83-dev libboost-container1.83.0 libboost-container1.83.0-dbgsym libboost-context-dev libboost-context1.83-dev libboost-context1.83.0 libboost-context1.83.0-dbgsym libboost-contract-dev libboost-contract1.83-dev libboost-contract1.83.0 libboost-contract1.83.0-dbgsym libboost-coroutine-dev libboost-coroutine1.83-dev libboost-coroutine1.83.0 libboost-coroutine1.83.0-dbgsym libboost-date-time-dev libboost-date-time1.83-dev libboost-date-time1.83.0 libboost-date-time1.83.0-dbgsym libboost-dev libboost-doc libboost-exception-dev libboost-exception1.83-dev libboost-fiber-dev libboost-fiber1.83-dev libboost-fiber1.83.0 libboost-fiber1.83.0-dbgsym libboost-filesystem-dev libboost-filesystem1.83-dev libboost-filesystem1.83.0 libboost-filesystem1.83.0-dbgsym libboost-graph-dev libboost-graph-parallel-dev libboost-graph-parallel1.83-dev libboost-graph-parallel1.83.0 libboost-graph-parallel1.83.0-dbgsym libboost-graph1.83-dev libboost-graph1.83.0 libboost-graph1.83.0-dbgsym libboost-iostreams-dev libboost-iostreams1.83-dev libboost-iostreams1.83.0 libboost-iostreams1.83.0-dbgsym libboost-json-dev libboost-json1.83-dev libboost-json1.83.0 libboost-json1.83.0-dbgsym libboost-locale-dev libboost-locale1.83-dev libboost-locale1.83.0 libboost-locale1.83.0-dbgsym libboost-log-dev libboost-log1.83-dev libboost-log1.83.0 libboost-log1.83.0-dbgsym libboost-math-dev libboost-math1.83-dev libboost-math1.83.0 libboost-math1.83.0-dbgsym libboost-mpi-dev libboost-mpi-python-dev libboost-mpi-python1.83-dev libboost-mpi-python1.83.0 libboost-mpi-python1.83.0-dbgsym libboost-mpi1.83-dev libboost-mpi1.83.0 libboost-mpi1.83.0-dbgsym libboost-nowide-dev libboost-nowide1.83-dev libboost-nowide1.83.0 libboost-nowide1.83.0-dbgsym libboost-numpy-dev libboost-numpy1.83-dev libboost-numpy1.83.0 libboost-numpy1.83.0-dbgsym libboost-program-options-dev libboost-program-options1.83-dev libboost-program-options1.83.0 libboost-program-options1.83.0-dbgsym libboost-python-dev libboost-python1.83-dev libboost-python1.83.0 libboost-python1.83.0-dbgsym libboost-random-dev libboost-random1.83-dev libboost-random1.83.0 libboost-random1.83.0-dbgsym libboost-regex-dev libboost-regex1.83-dev libboost-regex1.83.0 libboost-regex1.83.0-dbgsym libboost-serialization-dev libboost-serialization1.83-dev libboost-serialization1.83.0 libboost-serialization1.83.0-dbgsym libboost-stacktrace-dev libboost-stacktrace1.83-dev libboost-stacktrace1.83.0 libboost-stacktrace1.83.0-dbgsym libboost-system-dev libboost-system1.83-dev libboost-system1.83.0 libboost-system1.83.0-dbgsym libboost-test-dev libboost-test1.83-dev libboost-test1.83.0 libboost-test1.83.0-dbgsym libboost-thread-dev libboost-thread1.83-dev libboost-thread1.83.0 libboost-thread1.83.0-dbgsym libboost-timer-dev libboost-timer1.83-dev libboost-timer1.83.0 libboost-timer1.83.0-dbgsym libboost-tools-dev libboost-type-erasure-dev libboost-type-erasure1.83-dev libboost-type-erasure1.83.0 libboost-type-erasure1.83.0-dbgsym libboost-url-dev libboost-url1.83-dev libboost-url1.83.0 libboost-url1.83.0-dbgsym libboost-wave-dev libboost-wave1.83-dev libboost-wave1.83.0 libboost-wave1.83.0-dbgsym libboost1.83-all-dev libboost1.83-dev libboost1.83-doc libboost1.83-tools-dev libboost1.83-tools-dev-dbgsym libcephfs-dev libcephfs-java libcephfs-jni libcephfs-jni-dbgsym libcephfs2 libcephfs2-dbg librados-dev librados-dev-dbgsym librados2 librados2-dbg libradospp-dev libradosstriper-dev libradosstriper1 libradosstriper1-dbg librbd-dev librbd1 librbd1-dbg librgw-dev librgw2 librgw2-dbg libsqlite3-mod-ceph libsqlite3-mod-ceph-dbg libsqlite3-mod-ceph-dev liburing-dev liburing2 liburing2-dbgsym python3-ceph python3-ceph-argparse python3-ceph-common python3-cephfs python3-cephfs-dbgsym python3-rados python3-rados-dbgsym python3-rbd python3-rbd-dbgsym python3-rgw python3-rgw-dbgsym rados-objclass-dev radosgw radosgw-dbg rbd-fuse rbd-fuse-dbg rbd-mirror rbd-mirror-dbg rbd-nbd rbd-nbd-dbg"
else
echo "Except for buster and bookworm, I do not know how to pin Ceph. Please contribute."
exit 1
fi
if [ "${ceph_use_osbpo}" = "yes" ] ; then
CEPH_BPO_REL_NAME="o=osbpo"
echo "Package: *
Pin: release o=osbpo
Pin-Priority: 900
">>${BODI_CHROOT_PATH}/etc/apt/preferences.d/99ceph-from-debian-backports
else
CEPH_BPO_REL_NAME="a=${debian_release}-backports"
for PKG in ${CEPH_PKG_LIST} ; do
echo "Package: ${PKG}
Pin: release a=${debian_release}-backports
Pin-Priority: 900
">>${BODI_CHROOT_PATH}/etc/apt/preferences.d/99ceph-from-debian-backports
done
fi
chroot ${BODI_CHROOT_PATH} apt-get update
fi
# Add buildd_incoming repo, so we can do quick tests with Sid
if [ "${install_buildd_incoming}" = "yes" ] ; then
echo "deb ${debian_incoming_buildd} buildd-sid main
deb-src ${debian_incoming_buildd} buildd-sid main
" >${BODI_CHROOT_PATH}/etc/apt/sources.list.d/incoming-buildd.list
chroot ${BODI_CHROOT_PATH} apt-get update
chroot ${BODI_CHROOT_PATH} apt-get -y -o Dpkg::Options::="--force-confnew" dist-upgrade
fi
# Add the Ceph upstream repo
if [ "${install_ceph_upstream_repo}" = "yes" ] ; then
echo "-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQINBFX4hgkBEADLqn6O+UFp+ZuwccNldwvh5PzEwKUPlXKPLjQfXlQRig1flpCH
E0HJ5wgGlCtYd3Ol9f9+qU24kDNzfbs5bud58BeE7zFaZ4s0JMOMuVm7p8JhsvkU
C/Lo/7NFh25e4kgJpjvnwua7c2YrA44ggRb1QT19ueOZLK5wCQ1mR+0GdrcHRCLr
7Sdw1d7aLxMT+5nvqfzsmbDullsWOD6RnMdcqhOxZZvpay8OeuK+yb8FVQ4sOIzB
FiNi5cNOFFHg+8dZQoDrK3BpwNxYdGHsYIwU9u6DWWqXybBnB9jd2pve9PlzQUbO
eHEa4Z+jPqxY829f4ldaql7ig8e6BaInTfs2wPnHJ+606g2UH86QUmrVAjVzlLCm
nqoGymoAPGA4ObHu9X3kO8viMBId9FzooVqR8a9En7ZE0Dm9O7puzXR7A1f5sHoz
JdYHnr32I+B8iOixhDUtxIY4GA8biGATNaPd8XR2Ca1hPuZRVuIiGG9HDqUEtXhV
fY5qjTjaThIVKtYgEkWMT+Wet3DPPiWT3ftNOE907e6EWEBCHgsEuuZnAbku1GgD
LBH4/a/yo9bNvGZKRaTUM/1TXhM5XgVKjd07B4cChgKypAVHvef3HKfCG2U/DkyA
LjteHt/V807MtSlQyYaXUTGtDCrQPSlMK5TjmqUnDwy6Qdq8dtWN3DtBWQARAQAB
tCpDZXBoLmNvbSAocmVsZWFzZSBrZXkpIDxzZWN1cml0eUBjZXBoLmNvbT6JAjgE
EwECACIFAlX4hgkCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOhKwsBG
DzmUXdIQAI8YPcZMBWdv489q8CzxlfRIRZ3Gv/G/8CH+EOExcmkVZ89mVHngCdAP
DOYCl8twWXC1lwJuLDBtkUOHXNuR5+Jcl5zFOUyldq1Hv8u03vjnGT7lLJkJoqpG
l9QD8nBqRvBU7EM+CU7kP8+09b+088pULil+8x46PwgXkvOQwfVKSOr740Q4J4nm
/nUOyTNtToYntmt2fAVWDTIuyPpAqA6jcqSOC7Xoz9cYxkVWnYMLBUySXmSS0uxl
3p+wK0lMG0my/gb+alke5PAQjcE5dtXYzCn+8Lj0uSfCk8Gy0ZOK2oiUjaCGYN6D
u72qDRFBnR3jaoFqi03bGBIMnglGuAPyBZiI7LJgzuT9xumjKTJW3kN4YJxMNYu1
FzmIyFZpyvZ7930vB2UpCOiIaRdZiX4Z6ZN2frD3a/vBxBNqiNh/BO+Dex+PDfI4
TqwF8zlcjt4XZ2teQ8nNMR/D8oiYTUW8hwR4laEmDy7ASxe0p5aijmUApWq5UTsF
+s/QbwugccU0iR5orksM5u9MZH4J/mFGKzOltfGXNLYI6D5Mtwrnyi0BsF5eY0u6
vkdivtdqrq2DXY+ftuqLOQ7b+t1RctbcMHGPptlxFuN9ufP5TiTWSpfqDwmHCLsT
k2vFiMwcHdLpQ1IH8ORVRgPPsiBnBOJ/kIiXG2SxPUTjjEGOVgeA
=/Tod
-----END PGP PUBLIC KEY BLOCK-----
" >${BODI_CHROOT_PATH}/root/ceph-repo.asc
chroot ${BODI_CHROOT_PATH} apt-key add /root/ceph-repo.asc
rm ${BODI_CHROOT_PATH}/root/ceph-repo.asc
echo "deb ${debian_mirror_ceph} ${debian_release} main
deb-src ${debian_mirror_ceph} ${debian_release} main
" >${BODI_CHROOT_PATH}/etc/apt/sources.list.d/ceph.list
chroot ${BODI_CHROOT_PATH} apt-get update
fi
# This has to be installed *after* the debootstrap, otherwise debootstrap will fail
# and libxml-xpath-perl is a dependency of oci-fixup-compute-node
if [ -x ${BODI_CHROOT_PATH}/usr/bin/oci-fixup-compute-node ] ; then
chroot ${BODI_CHROOT_PATH} apt-get install libxml-xpath-perl -y -o Dpkg::Options::="--force-confnew"
fi
if [ -e /self-signed-api-cert ] ; then
OCI_PKI_CA_CERT="OS_CACERT=/etc/ssl/certs/oci-pki-oci-ca-chain.pem"
mkdir -p ${BODI_CHROOT_PATH}/etc/oci/self-signed-api-cert
else
OCI_PKI_CA_CERT=""
fi
# Customize /root/.screenrc
echo "startup_message off
defscrollback 5000
caption always \"%{= kw}%-w%{= BW}%n %t%{-}%+w %-= @%H - %d.%m.%Y - %c\"
termcapinfo xterm 'Co#256:AB=\E[48;5;%dm:AF=\E[38;5;%dm'
defbce on
term screen-256color
termcapinfo konsole-256color ti@:te@" >${BODI_CHROOT_PATH}/root/.screenrc
# Setup /root/.bashrc
echo "# ~/.bashrc: executed by bash(1) for non-login shells.
export LS_OPTIONS='--color=auto'
eval \"\$(dircolors)\"
alias ls='ls \${LS_OPTIONS}'
SYSTEM_SERIAL_NUM=\$(cat /etc/serial_number)
RED=\"\\[\\033[1;31m\\]\"
LGRAY=\"\\[\\033[0;37m\\]\"
TEAL=\"\\[\\033[38;5;6m\\]\"
BLUE=\"\\[\\033[1;34m\\]\"
NO_COL=\"\\[\\033[0m\\]\"
LBLUE=\"\\[\\033[1;36m\\]\"
export PS1=\${RED}'\\u'\${LGRAY}@\${TEAL}\${SYSTEM_SERIAL_NUM}\${LGRAY}-\${BLUE}'\\h'\${LGRAY}'>_'\${NO_COL}' \\w # '
alias ssh='ssh -A -X'
if [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
export PAGER=most
" > ${BODI_CHROOT_PATH}/root/.bashrc
# No backup for joe
if [ -e ${BODI_CHROOT_PATH}/etc/joe/joerc ] ; then
sed -i "s/^ -nobackups/-nobackups/" ${BODI_CHROOT_PATH}/etc/joe/joerc
fi
CHASSIS_MANUFACTURER=$(dmidecode -s system-manufacturer)
if [ "${CHASSIS_MANUFACTURER}" = "HPE" ] ; then
# TODO: package ilorest-chif for arm64
if [ "${UNAME_MINUS_M}" = "x86_64" ] ; then
chroot ${BODI_CHROOT_PATH} apt-get install -o Dpkg::Options::="--force-confnew" ilorest ilorest-chif -y
fi
fi
# Add HPE softare
if [ -e /etc/oci/setup-hpe-intarget ] && [ "${CHASSIS_MANUFACTURER}" = "HPE" ] && [ "${UNAME_MINUS_M}" = "x86_64" ] ; then
HPE_REPO=$(cat /etc/oci/setup-hpe-intarget-repo)
if [ -n "${HPE_REPO}" ] ; then
echo "-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.12 (GNU/Linux)
mQENBFZp0LkBCACXajRw3b4x7G7dulNYj0hUID4BtVFq/MjEb6PHckTxGxZDoQRX
RK54tiTFA9wq3b4P3yEFnOjbjRoI0d7Ls67FADugFO+cDCtsV9yuDlaYP/U/h2nX
N0R4AdYbsVd5yr6xr+GAy66Hmx5jFH3kbC+zJpOcI0tU9hcyU7gjbxu6KQ1ypI2Q
VRKf8sRBJXgmkOlbYx35ZUMFcmVxrLJXvUuxmAVXgT9f5M3Z3rsGt/ab+/+1TFSb
RsaqHsIPE0QH8ikqW4IeDQAo1T99pCdf7FWr45KFFTo7O4AZdLMWVgqeFHaSoZxJ
307VIINsWiwQoPp0tfU5NOOOwB1Sv3x9QgFtABEBAAG0P0hld2xldHQgUGFja2Fy
ZCBFbnRlcnByaXNlIENvbXBhbnkgUlNBLTIwNDgtMjUgPHNpZ25ocEBocGUuY29t
PokBPQQTAQIAJwUCVmnQuQIbLwUJEswDAAYLCQgHAwIGFQgCCQoLAxYCAQIeAQIX
gAAKCRDCCK3eJsK3l9G+B/0ekblsBeN+xHIJ28pvo2aGb2KtWBwbT1ugI+aIS17K
UQyHZJUQH+ZeRLvosuoiQEdcGIqmOxi2hVhSCQAOV1LAonY16ACveA5DFAEBz1+a
WQyx6sOLLEAVX1VqGlBXxh3XLEUWOhlAf1gZPNtHsmURTUy2h1Lv/Yoj8KLyuK2n
DmrLOS3Ro+RqWocaJfvAgXKgt6Fq/ChDUHOnar7lGswzMsbE/yzLJ7He4y89ImK+
2ktR5HhDuxqgCe9CWH6Q/1WGhUa0hZ3nbluq7maa+kPe2g7JcRzPH/nJuDCAOZ7U
6mHE8j0kMQMYjgaYEx2wc02aQRmPyxhbDLjSbtjomXRr
=voON
-----END PGP PUBLIC KEY BLOCK-----
" >${BODI_CHROOT_PATH}/hpe-key.txt
chroot ${BODI_CHROOT_PATH} apt-key add /hpe-key.txt
rm ${BODI_CHROOT_PATH}/hpe-key.txt
if [ -e /etc/oci/setup-hpe-intarget-suite ] ; then
HPE_SUITE=$(cat /etc/oci/setup-hpe-intarget-suite)
else
HPE_SUITE=${debian_release}
fi
if [ "${HPE_SUITE}" = "buster" ] ; then
HPE_DEBIAN_SUITE=${HPE_SUITE}/current-gen10
else
HPE_DEBIAN_SUITE=${HPE_SUITE}/current
fi
echo "deb ${HPE_REPO} ${HPE_DEBIAN_SUITE} non-free" > ${BODI_CHROOT_PATH}/etc/apt/sources.list.d/hpe.list
chroot ${BODI_CHROOT_PATH} apt-get update
chroot ${BODI_CHROOT_PATH} apt-get install hponcfg ssacli storcli -y
# Make sure installing storcli also includes a symlink in /usr/bin
if ! [ -e ${BODI_CHROOT_PATH}/usr/bin/storcli64 ] ; then
ln -s /opt/MegaRAID/storcli/storcli64 ${BODI_CHROOT_PATH}/usr/bin/storcli64
fi
fi
fi
# Add Dell iDRAC software
if [ -e /etc/oci/setup-dell-ipmi-intarget ] && [ "${CHASSIS_MANUFACTURER}" = "Dell Inc." ] ; then
DELL_IPMI_REPO=$(cat /etc/oci/setup-dell-ipmi-intarget-repo)
if [ -n "${DELL_IPMI_REPO}" ] ; then
echo "-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBE9RLYYBEADEAmJvn2y182B6ZUr+u9I29f2ue87p6HQreVvPbTjiXG4z2/k0
l/Ov0DLImXFckaeVSSrqjFnEGUd3DiRr9pPb1FqxOseHRZv5IgjCTKZyj9Jvu6bx
U9WL8u4+GIsFzrgS5G44g1g5eD4Li4sV46pNBTp8d7QEF4e2zg9xk2mcZKaT+STl
O0Q2WKI7qN8PAoGd1SfyW4XDsyfaMrJKmIJTgUxe9sHGj+UmTf86ZIKYh4pRzUQC
WBOxMd4sPgqVfwwykg/y2CQjrorZcnUNdWucZkeXR0+UCR6WbDtmGfvN5H3htTfm
Nl84Rwzvk4NT/By4bHy0nnX+WojeKuygCZrxfpSqJWOKhQeH+YHKm1oVqg95jvCl
vBYTtDNkpJDbt4eBAaVhuEPwjCBsfff/bxGCrzocoKlh0+hgWDrr2S9ePdrwv+rv
2cgYfUcXEHltD5Ryz3u5LpiC5zDzNYGFfV092xbpG/B9YJz5GGj8VKMslRhYpUjA
IpBDlYhOJ+0uVAAKPeeZGBuFx0A1y/9iutERinPx8B9jYjO9iETzhKSHCWEov/yp
X6k17T8IHfVj4TSwL6xTIYFGtYXIzhInBXa/aUPIpMjwt5OpMVaJpcgHxLam6xPN
FYulIjKAD07FJ3U83G2fn9W0lmr11hVsFIMvo9JpQq9aryr9CRoAvRv7OwARAQAB
tGBEZWxsIEluYy4sIFBHUkUgMjAxMiAoUEcgUmVsZWFzZSBFbmdpbmVlcmluZyBC
dWlsZCBHcm91cCAyMDEyKSA8UEdfUmVsZWFzZV9FbmdpbmVlcmluZ0BEZWxsLmNv
bT6JAjcEEwEKACEFAk9RLYYCGwMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQ
EoVJFDTYeG9eBw//asbM4KRxBfFi9RmzRNitOiFEN1FqTbE5ujjN+9m9OEb+tB3Z
Fxv0bEPb2kUdpEwtMq6CgC5n8UcLbe5TF82Ho8r2mVYNRh5RltdvAtDK2pQxCOh+
i2b9im6GoIZa1HWNkKvKiW0dmiYYBvWlu78iQ8JpIixRIHXwEdd1nQIgWxjVix11
VDr+hEXPRFRMIyRzMteiq2w/XNTUZAh275BaZTmLdMLoYPhHO99AkYgsca9DK9f0
z7SYBmxgrKAs9uoNnroo4UxodjCFZHDu+UG2efP7SvJnq9v6XaC7ZxqBG8AObEsw
qGaLv9AN3t4oLjWhrAIoNWwIM1LWpYLmKjFYlLHaf30MYhJ8J7GHzgxANnkOP4g0
RiXeYNLcNvsZGXZ61/KzuvE6YcsGXSMVKRVaxLWkgS559OSjEcQV1TD65b+bttIe
EEYmcS8jLKL+q2T1qTKnmD6VuNCtZwlsxjR5wHnxORjumtC5kbkt1lxjb0l2gNvT
3ccA6FEWKS/uvtleQDeGFEA6mrKEGoD4prQwljPV0MZwyzWqclOlM7g21i/+SUj8
ND2Iw0dCs4LvHkf4F1lNdV3QB41ZQGrbQqcCcJFm3qRsYhi4dg8+24j3bNrSHjxo
sGtcmOLv15jXA1bxyXHkn0HPG6PZ27dogsJnAD1GXEH2S8yhJclYuL0JE0C5Ag0E
T1Ev4QEQANlcF8dbXMa6vXSmznnESEotJ2ORmvr5R1zEgqQJOZ9DyML9RAc0dmt7
IwgwUNX+EfY8LhXLKvHWrj2mBXm261A9SU8ijQOPHFAg/SYyP16JqfSx2jsvWGBI
jEXF4Z3SW/JD0yBNAXlWLWRGn3dx4cHyxmeGjCAc/6t322Tyi5XLtwKGxA/vEHeu
GmTuKzNIEnWZbdnqALcrT/xK6PGjDo45VKx8mzLal/mncXmvaNVEyld8MMwQfkYJ
HvZXwpWYXaWTgAiMMm+yEd0gaBZJRPBSCETYz9bENePWEMnrd9I65pRl4X27stDQ
91yO2dIdfamVqti436ZvLc0L4EZ7HWtjN53vgXobxMzz4/6eH71BRJujG1yYEk2J
1DUJKV1WUfV8Ow0TsJVNQRM/L9v8imSMdiR12BjzHismReMvaeAWfUL7Q1tgwvkZ
EFtt3sl8o0eoB39R8xP4p1ZApJFRj6N3ryCTVQw536QFGEb+C51MdJbXFSDTRHFl
BFVsrSE6PxB24RaQ+37w3lQZp/yCoGqA57S5VVIAjAll4Yl347WmNX9THogjhhzu
LkXW+wNGIPX9SnZopVAfuc4hj0TljVa6rbYtiw6HZNmvvr1/vSQMuAyl+HkEmqaA
hDgVknb3MQqUQmzeO/WtgSqYSLb7pPwDKYy7I1BojNiOt+qMj6P5ABEBAAGJAh4E
GAEKAAkFAk9RL+ECGwwACgkQEoVJFDTYeG/6mA/4q6DTSLwgKDiVYIRpqacUwQLy
SufOoAxGSEde8vGRpcGEC+kWt1aqIiE4jdlxFH7Cq5SnwojKpcBLIAvIYk6x9wof
z5cx10s5XHq1Ja2jKJV2IPT5ZdJqWBc+M8K5LJelemYRZoe50aT0jbN5YFRUkuU0
cZZyqv98tZzTYO9hdG4sH4gSZg4OOmUtnP1xwSqLWdDf0RpnjDuxMwJM4m6G3Uba
Q4w1K8hvUtZo9uC9+lLHq4eP9gcxnvi7Xg6mI3UXAXiLYXXWNY09kYXQ/jjrpLxv
WIPwk6zb02jsuD08j4THp5kU4nfujj/GklerGJJp1ypIOEwV4+xckAeKGUBIHOpy
Qq1fn5bz8IituSF3xSxdT2qfMGsoXmvfo2l8T9QdmPydb4ZGYhv24GFQZoyMAATL
bfPmKvXJAqomSbp0RUjeRCom7dbD1FfLRbtpRD73zHarBhYYZNLDMls3IIQTFuRv
NeJ7XfGwhkSE4rtY91J93eM77xNr4sXeYG+RQx4y5Hz99Q/gLas2celP6Zp8Y4OE
CdveX3BA0ytI8L02wkoJ8ixZnpGskMl4A0UYI4w4jZ/zdqdpc9wPhkPj9j+eF2UI
nzWOavuCXNmQz1WkLP/qlR8DchJtUKlgZq9ThshK4gTESNnmxzdpR6pYJGbEDdFy
ZFe5xHRWSlrC3WTbzg==
=buqa
-----END PGP PUBLIC KEY BLOCK-----
" >${BODI_CHROOT_PATH}/dell-ipmi-key.txt
chroot ${BODI_CHROOT_PATH} apt-key add /dell-ipmi-key.txt
rm ${BODI_CHROOT_PATH}/dell-ipmi-key.txt
echo "deb ${DELL_IPMI_REPO} stretch main" > ${BODI_CHROOT_PATH}/etc/apt/sources.list.d/dell-ipmi.list
chroot ${BODI_CHROOT_PATH} apt-get update
mkdir -p ${BODI_CHROOT_PATH}/opt/dell/srvadmin/lib/openmanage
touch ${BODI_CHROOT_PATH}/opt/dell/srvadmin/lib/openmanage/IGNORE_GENERATION
chroot ${BODI_CHROOT_PATH} apt-get install -y ipmitool net-tools dirmngr srvadmin-idracadm8 srvadmin-isvc srvadmin-deng dmidecode ipcalc iproute2 libopenipmi0
IDRAC_TYPE=$(ipmitool sdr elist mcloc | awk '{print $1}')
if [ "${IDRAC_TYPE}" = "iDRAC6" ] ; then
chroot ${BODI_CHROOT_PATH} apt-get install libssl1.0.0 syscfg
fi
# Add modules to be loaded at boot time
for m in "ipmi_msghandler" "ipmi_devintf" "ipmi_si"; do
if ! grep -q "${m}" ${BODI_CHROOT_PATH}/etc/modules ; then
echo "${m}" >> ${BODI_CHROOT_PATH}/etc/modules
fi
done
# Create .ipc directories (to enable LCD, BMC communication)
rm -rf ${BODI_CHROOT_PATH}/opt/dell/srvadmin/shared/.ipc &>/dev/null || true
rm -rf ${BODI_CHROOT_PATH}/opt/dell/srvadmin/hapi/bin/.ipc &>/dev/null || true
mkdir -p ${BODI_CHROOT_PATH}/opt/dell/srvadmin/shared/.ipc
mkdir -p ${BODI_CHROOT_PATH}/opt/dell/srvadmin/hapi/bin/.ipc
# make_omreg_dot_cfg
mkdir -p ${BODI_CHROOT_PATH}/opt/dell/srvadmin/etc
echo "suptlib.installpath=/opt/dell/srvadmin/
suptlib.logpath=/opt/dell/srvadmin/var/log/openmanage
suptlib.vardatapath=/opt/dell/srvadmin/var/lib/openmanage
suptlib.inipath=/opt/dell/srvadmin/etc/srvadmin-deng
OMDataEngine.omilcore.version=8.4.0
OMDataEngine.configtool=/opt/dell/srvadmin/sbin/dcecfg
OMDataEngine.installpath=/opt/dell/srvadmin/
OMDataEngine.logpath=/opt/dell/srvadmin/var/log/openmanage
OMDataEngine.vardatapath=/opt/dell/srvadmin/var/lib/openmanage
OMDataEngine.inipath=/opt/dell/srvadmin/etc/srvadmin-deng
OMDataEngine.startsnmpd=true
hapi.omilcore.version=8.4.0
hapi.configtool=/opt/dell/srvadmin/sbin/dchcfg
hapi.installpath=/opt/dell/srvadmin/
hapi.logpath=/opt/dell/srvadmin/var/log/openmanage
hapi.vardatapath=/opt/dell/srvadmin/var/lib/openmanage
hapi.inipath=/opt/dell/srvadmin/etc/srvadmin-hapi
openmanage.openipmi.kernel.2.6.x.ver_min_major=33
openmanage.openipmi.kernel.2.6.x.ver_min_minor=13
openmanage.openipmi.kernel.ver_min_major=2
openmanage.openipmi.kernel.ver_min_minor=6
openmanage.openipmi.kernel.ver_min_patch=15
openmanage.openipmi.rhel3.ver_min_major=35
openmanage.openipmi.rhel3.ver_min_minor=13
openmanage.openipmi.rhel4.ver_min_major=33
openmanage.openipmi.rhel4.ver_min_minor=13
Instrumentation.omilcore.version=8.4.0
Instrumentation.configtool=/opt/dell/srvadmin/sbin/dcicfg
Instrumentation.installpath=/opt/dell/srvadmin/
Instrumentation.logpath=/opt/dell/srvadmin/var/lib/openmanage
Instrumentation.vardatapath=/opt/dell/srvadmin/var/log/openmanage
Instrumentation.inipath=/opt/dell/srvadmin/etc/srvadmin-isvc
openmanage.version=8.4.0
openmanage.release=1
openmanage.archtype=64
openmanage.omilcore.installpath=/opt/dell/srvadmin
openmanage.omilcore.omiverdbpath=/opt/dell/srvadmin/var/lib/srvadmin-omilcore/
openmanage.funcs=/opt/dell/srvadmin/lib64/srvadmin-omilcore/Funcs.sh
openmanage.syslistfile=/opt/dell/srvadmin/share/srvadmin-omilcore/syslist.txt
openmanage.8gsyslistfile=/opt/dell/srvadmin/share/srvadmin-omilcore/8gsyslist.txt
openmanage.9gsyslistfile=/opt/dell/srvadmin/share/srvadmin-omilcore/9gsyslist.txt
openmanage.idracsyslistfile=/opt/dell/srvadmin/share/srvadmin-omilcore/idracsyslist.txt
openmanage.openipmi.syslisttypesfile=/opt/dell/srvadmin/share/srvadmin-omilcore/syslisttypes.txt
rac5.inipath=/opt/dell/srvadmin/etc/srvadmin-isvc
" >${BODI_CHROOT_PATH}/opt/dell/srvadmin/etc/omreg.cfg
# Add Dell library path to ld config
if [ ! -f ${BODI_CHROOT_PATH}/etc/ld.so.conf ] || ! grep -q "/opt/dell/toolkit/lib" ${BODI_CHROOT_PATH}/etc/ld.so.conf; then
echo "/opt/dell/toolkit/lib" >> ${BODI_CHROOT_PATH}/etc/ld.so.conf
fi
chroot ${BODI_CHROOT_PATH} ldconfig -f /etc/ld.so.conf
fi
fi
# Install megacli in target OS
if [ -e /etc/oci/setup-megacli-intarget ] && [ "${UNAME_MINUS_M}" = "x86_64" ] ; then
echo "-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.12 (GNU/Linux)
mQENBFHwGLoBCADGXHFostxbz4UzGFYtmox4pvyN1gMhq2KCuQ6f+FESa4HTd9L6
XVhXWPCad3cdxBIls+41+AdZTWxWMu7DUdy8nMU1Ikfw6JeHcSx97G5BdxBVMjK4
iMGfPdLfDgWf4BQ2h0dnTEWobt31WaqgNiNjNrKktqbymmF94pwYkwL53ydIA4zl
8ZQRZooFigkS9WdoKjh30Pv/SWakILSLcSQFHK0dvSkeGd1NxT9dMNPAXXqLom4+
7kCc0s04sS+0DwW16b0Hpb46mtsR9kzOnrE/Smj24uOGzNZen0oCc2Y7bfZlyaN+
RlTkWEze7lemc4Byup/QWkhT0Er8F8uxexy5ABEBAAG0PEhXUmFpZCAoaHR0cDov
L2h3cmFpZC5sZS12ZXJ0Lm5ldCkgPHJvb3RAaHdyYWlkLmxlLXZlcnQubmV0PokB
OAQTAQIAIgUCUfAYugIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQYAUh
DiOz07Rc4Af+N3dEZZHzLNVTjQ0+fCyeg8/flWOkR8DhP10cyoJhSHFTZRdXVshn
kP4VmmUycVeURh76DmrIRe/9Oyca6aGXccRMqvq+HMgBPVwD5qNhcJPIuzqEvmlO
6UIeW2ydil/v1pWu740fGntyFRQcsfqjReVPXw9K588F7MDMyL+31vLm6aorLSzR
hvLhOmGisTs0wg2Oz9f4muauRy6cpQPw/Zi/P/F4WkQYscbHrSbhszj6OIg/vftR
UbZ7QB26/+40B0ag4JzLpmj3scFxf/WdUl5LXazqhsbkurk7huV41BNKXi1+BS3c
x6pFzWEHpiuG1j7U/nScGzEQpsMlUW9D+rkBDQRR8Bi6AQgAuhH1H0VLwcROI/5n
9yTxSbTIZbyhUan3raAbit3pgo0zLagfUtp3vULVnm5ISqQcYFGLZoE1MUkmjGOL
38W0lsIiZTaKOKXxBbLlPhhrvlXnNWAG/S1wnq7K+DV179KCTkUzaLRDbHvv999j
9odBRtAkiTnCfHTMCN4AhydEejNxtlzJo4E5FecH4reimLI5euUdTltgCjixrbsa
KbQftYpSMdXnLy2+00QZoXu0U/h4WZcMhOSEEiyGP9BY6m5G76n03HIeQ6eALDFu
ryAgO+SB9rBrm/VN0kR/TZq0iA3uzLHC7zCw2aImipkr+rIuJOku0wH9MyowBbia
bQtnCQARAQABiQEfBBgBAgAJBQJR8Bi6AhsMAAoJEGAFIQ4js9O0d5YH/3fNQgsC
LvD0g2wdoksv5bG9CUOi9Bs0JHqI0LhXmPvMsbDojZ+zZle7KWNfK2227mWhmoG1
WLujJSmTtxhEO1fXIdYjlDfk2uLJKuFi2wQX9n8dFDUmKY3CUJgeVZof1uQ/5C3D
O06CcuOtf2d/+iijuW112aV1q1hoQqw71ojTET0iIV6lD/0i1eEBSSe1Ohb9yTGR
VxTVrB78zU9hih4/Oq8wJT/Fv25aO1MDSc26CXAg0JA6IWvKal3BSPNhtz4L4FIg
lXleArf9oJqxDO3TsV5zcLyxsIuRuxyP0+AKdSQUqv0dFi4Jf79OmvOmgwydhHjY
+f7quLbwiiDmPbU=
=Yv6D
-----END PGP PUBLIC KEY BLOCK-----" >${BODI_CHROOT_PATH}/megacli-key.txt
chroot ${BODI_CHROOT_PATH} apt-key add /megacli-key.txt
rm ${BODI_CHROOT_PATH}/megacli-key.txt
MEGACLI_REPO=$(cat /etc/oci/setup-megacli-intarget-repo)
echo "${MEGACLI_REPO}" > ${BODI_CHROOT_PATH}/etc/apt/sources.list.d/megacli.list
chroot ${BODI_CHROOT_PATH} apt-get update
chroot ${BODI_CHROOT_PATH} apt-get install -y megaraid-status megactl megamgr dellmgr megaclisas-status megacli
fi
# Install perccli in target OS
if [ -e /etc/oci/setup-perccli-intarget ] && [ "${UNAME_MINUS_M}" = "x86_64" ] ; then
echo "-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQINBFdVSl8BEADReopiCpFyJOHNu2xW/tnTDanHQOIvMiWdVZVS8pUcQVhmyQ53
Wkwf/R/tUabqCmR8up/mf/rCENbEc43tEb7cuuOFbXYocDmwuxUrhOW3APfpgMJL
1GPjeMywBQUs8VuJReu3ZchJiROWC1RuOTpVfREuY9DyRbTTqYvXyvwqGIfq+fP4
CY3oq/PN1PlqsqTfP58ENFMlW9BHje0Za1Ruwi/mI0yc5gNSYjFjstag77MQOIFv
J9M+hgevMN0qHPDc2DiRmT2hsQ1rZah8G2LfzxbQxjSKifJZ2Jfcrpys6gLAOC9O
6JAs86qqnhd59Pl+MdDsOcKQDFkFWpZJk4KadrJzDGa9XoZusVxfGPt0vbAPx/UW
Q56jiVUSFoHeX2VVAJu5AhoMWz+k3YaWV37SAyF4oceVh2Um7G/NM+isXqG+8iN7
UuqV9AiTWydnNGf0oYwBBmEZXIXqRhfIJZVv99qfRnjEHvxD2kgYGk+GWOSym2Ap
FOERQUdSh2N8DT52JlrwR4zYbHEBf6+E3WY47oWCUtyCr4OyePCbX9ShmlhHsEnS
YpdmgtOU1NfMAN7xgByXgLxl28s6F0IXsRPdUauekMCqJxVfboxN81WQOOmuqLGS
qUgCr1M/1BlQDxbTfJQ4QtOFLarcf2pfx3Y15BRzSoEq/5Ll3DAUKUep3QARAQAB
tD1JbmZvbWFuaWFrIEFyY2hpdmUgQXV0b21hdGljIFNpZ25pbmcgS2V5IDxhcHRA
aW5mb21hbmlhay5jb20+iQI+BBMBCAAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIe
AQIXgAUCZl2BrwUJEsqeOwAKCRAo1l7/kzHEiVBYD/0e29tSqbQhkQmRcaYIRo/9
IPIdXmybvY0FxPDMvlrF2pBMbt9GNII05Ry0PZT4Dxn+bSc1rd8OSC1yC+JNzU+i
JDIwPEkG4pn+1JQm92S7zv8w+1oP3FokVnMcn0eQG7ydfYfKNf4ejs+y9c3ySpjl
37d6N1WXgp6NQwxOtpyOXalCjJZwdaMQCE776SGyt0GljrXOsX+NX2KgcjqTbP/S
uHGzYYZFtCLopFWANQl7rJEyR1sJP22O+lPEMaLmr2SteDSb86v9Bdk3vJsad1dY
YhqzF3v6TKmOZJlmpWoBN1Dn81qZn2HvIfPYfpica4KthoYeSQKk0OiyqH1lP1ae
2VnXAqgR16Y7H/8W9B4mu7Ru0OPQRETx+8O+FeYbKjwEeVoxYMbhEuuZeRAAI4Q7
5MQRLqYUwCy8vaknASaQQq2JVq7kDLIkBO+jGYoLb3rZxaPvoTRZbgnFVwbeHVzj
xLDyc5gYxwRxrzAm7lgw8LXC2Ud+DxxC5+tOZsmqHZe5nk9fepx/nbd1gJoTMktr
HeO7egYMLc+UK4A6vsmJyCXk7bu+ESYhaDUQG6cpc02+H4En9SYXQFawZvlBynh0
V6+fCvZSbOkD2VtsYIOld+6w87Tp7XpqxIG28tM++7S4bLKvL8GTpehqJ12F9Okx
Le8vV2BUt/Mm2vtOPeATyA==
=U0Ko
-----END PGP PUBLIC KEY BLOCK-----" >${BODI_CHROOT_PATH}/perccli-key.txt
chroot ${BODI_CHROOT_PATH} apt-key add /perccli-key.txt
rm ${BODI_CHROOT_PATH}/perccli-key.txt
PERCCLI_REPO=$(cat /etc/oci/setup-perccli-intarget-repo)
echo "${PERCCLI_REPO}" > ${BODI_CHROOT_PATH}/etc/apt/sources.list.d/perccli.list
chroot ${BODI_CHROOT_PATH} apt-get update
chroot ${BODI_CHROOT_PATH} apt-get install -y perccli
fi
# Install onecli in target OS
if [ -e /etc/oci/setup-onecli-intarget ] && [ "${UNAME_MINUS_M}" = "x86_64" ] ; then
echo "-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQINBFdVSl8BEADReopiCpFyJOHNu2xW/tnTDanHQOIvMiWdVZVS8pUcQVhmyQ53
Wkwf/R/tUabqCmR8up/mf/rCENbEc43tEb7cuuOFbXYocDmwuxUrhOW3APfpgMJL
1GPjeMywBQUs8VuJReu3ZchJiROWC1RuOTpVfREuY9DyRbTTqYvXyvwqGIfq+fP4
CY3oq/PN1PlqsqTfP58ENFMlW9BHje0Za1Ruwi/mI0yc5gNSYjFjstag77MQOIFv
J9M+hgevMN0qHPDc2DiRmT2hsQ1rZah8G2LfzxbQxjSKifJZ2Jfcrpys6gLAOC9O
6JAs86qqnhd59Pl+MdDsOcKQDFkFWpZJk4KadrJzDGa9XoZusVxfGPt0vbAPx/UW
Q56jiVUSFoHeX2VVAJu5AhoMWz+k3YaWV37SAyF4oceVh2Um7G/NM+isXqG+8iN7
UuqV9AiTWydnNGf0oYwBBmEZXIXqRhfIJZVv99qfRnjEHvxD2kgYGk+GWOSym2Ap
FOERQUdSh2N8DT52JlrwR4zYbHEBf6+E3WY47oWCUtyCr4OyePCbX9ShmlhHsEnS
YpdmgtOU1NfMAN7xgByXgLxl28s6F0IXsRPdUauekMCqJxVfboxN81WQOOmuqLGS
qUgCr1M/1BlQDxbTfJQ4QtOFLarcf2pfx3Y15BRzSoEq/5Ll3DAUKUep3QARAQAB
tD1JbmZvbWFuaWFrIEFyY2hpdmUgQXV0b21hdGljIFNpZ25pbmcgS2V5IDxhcHRA
aW5mb21hbmlhay5jb20+iQI+BBMBCAAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIe
AQIXgAUCZl2BrwUJEsqeOwAKCRAo1l7/kzHEiVBYD/0e29tSqbQhkQmRcaYIRo/9
IPIdXmybvY0FxPDMvlrF2pBMbt9GNII05Ry0PZT4Dxn+bSc1rd8OSC1yC+JNzU+i
JDIwPEkG4pn+1JQm92S7zv8w+1oP3FokVnMcn0eQG7ydfYfKNf4ejs+y9c3ySpjl
37d6N1WXgp6NQwxOtpyOXalCjJZwdaMQCE776SGyt0GljrXOsX+NX2KgcjqTbP/S
uHGzYYZFtCLopFWANQl7rJEyR1sJP22O+lPEMaLmr2SteDSb86v9Bdk3vJsad1dY
YhqzF3v6TKmOZJlmpWoBN1Dn81qZn2HvIfPYfpica4KthoYeSQKk0OiyqH1lP1ae
2VnXAqgR16Y7H/8W9B4mu7Ru0OPQRETx+8O+FeYbKjwEeVoxYMbhEuuZeRAAI4Q7
5MQRLqYUwCy8vaknASaQQq2JVq7kDLIkBO+jGYoLb3rZxaPvoTRZbgnFVwbeHVzj
xLDyc5gYxwRxrzAm7lgw8LXC2Ud+DxxC5+tOZsmqHZe5nk9fepx/nbd1gJoTMktr
HeO7egYMLc+UK4A6vsmJyCXk7bu+ESYhaDUQG6cpc02+H4En9SYXQFawZvlBynh0
V6+fCvZSbOkD2VtsYIOld+6w87Tp7XpqxIG28tM++7S4bLKvL8GTpehqJ12F9Okx
Le8vV2BUt/Mm2vtOPeATyA==
=U0Ko
-----END PGP PUBLIC KEY BLOCK-----" >${BODI_CHROOT_PATH}/onecli-key.txt
chroot ${BODI_CHROOT_PATH} apt-key add /onecli-key.txt
rm ${BODI_CHROOT_PATH}/onecli-key.txt
ONECLI_REPO=$(cat /etc/oci/setup-onecli-intarget-repo)
echo "${ONECLI_REPO}" > ${BODI_CHROOT_PATH}/etc/apt/sources.list.d/onecli.list
chroot ${BODI_CHROOT_PATH} apt-get update
chroot ${BODI_CHROOT_PATH} apt-get install -y onecli
fi
# Add chassis serial number in /etc
#CHASSIS_SERIAL_NUMBER=$(dmidecode -s chassis-serial-number)
SYSTEM_SERIAL_NUMBER=$(dmidecode -s system-serial-number)
echo ${SYSTEM_SERIAL_NUMBER} > ${BODI_CHROOT_PATH}/etc/serialnumber
echo ${SYSTEM_SERIAL_NUMBER} > ${BODI_CHROOT_PATH}/etc/serial_number
chmod 0400 ${BODI_CHROOT_PATH}/etc/serialnumber ${BODI_CHROOT_PATH}/etc/serial_number
HOSTNAME=$(cat ${BODI_CHROOT_PATH}/etc/hostname)
#########################################
### Install puppet client certificate ###
#########################################
if [ -r /puppet-private-key.pem ] && [ -r /puppet-public-key.pem ] && [ -r /puppet-ca.pem ] && [ -r /puppet-signed-cert.pem ] ; then
# Install puppet so we have the puppet:puppet user
chroot ${BODI_CHROOT_PATH} apt-get install -y -o Dpkg::Options::="--force-confnew" puppet
# Private key
mkdir -p ${BODI_CHROOT_PATH}/var/lib/puppet/ssl/private_keys
chroot ${BODI_CHROOT_PATH} chown puppet:puppet /var/lib/puppet/ssl/private_keys
cp /puppet-private-key.pem ${BODI_CHROOT_PATH}/var/lib/puppet/ssl/private_keys/${HOSTNAME}.pem
chmod 640 ${BODI_CHROOT_PATH}/var/lib/puppet/ssl/private_keys/${HOSTNAME}.pem
chroot ${BODI_CHROOT_PATH} chown puppet:puppet /var/lib/puppet/ssl/private_keys/${HOSTNAME}.pem
# Public key
mkdir -p ${BODI_CHROOT_PATH}/var/lib/puppet/ssl/public_keys
chroot ${BODI_CHROOT_PATH} chown puppet:puppet /var/lib/puppet/ssl/public_keys
cp /puppet-public-key.pem ${BODI_CHROOT_PATH}/var/lib/puppet/ssl/public_keys/${HOSTNAME}.pem
chmod 644 ${BODI_CHROOT_PATH}/var/lib/puppet/ssl/public_keys/${HOSTNAME}.pem
chroot ${BODI_CHROOT_PATH} chown puppet:puppet /var/lib/puppet/ssl/public_keys/${HOSTNAME}.pem
# ca.pem + cert
mkdir -p ${BODI_CHROOT_PATH}/var/lib/puppet/ssl/certs
chroot ${BODI_CHROOT_PATH} chown puppet:puppet /var/lib/puppet/ssl/certs
cp /puppet-ca.pem ${BODI_CHROOT_PATH}/var/lib/puppet/ssl/certs/ca.pem
chmod 644 ${BODI_CHROOT_PATH}/var/lib/puppet/ssl/certs/ca.pem
chroot ${BODI_CHROOT_PATH} chown puppet:puppet /var/lib/puppet/ssl/certs/ca.pem
cp /puppet-signed-cert.pem ${BODI_CHROOT_PATH}/var/lib/puppet/ssl/certs/${HOSTNAME}.pem
chmod 644 ${BODI_CHROOT_PATH}/var/lib/puppet/ssl/certs/${HOSTNAME}.pem
chroot ${BODI_CHROOT_PATH} chown puppet:puppet /var/lib/puppet/ssl/certs/${HOSTNAME}.pem
touch ${BODI_CHROOT_PATH}/var/lib/oci-first-boot
# This is needed by puppet-openstack
mkdir -p ${BODI_CHROOT_PATH}/etc/facter/facts.d
echo "os_service_default=<SERVICE DEFAULT>" >${BODI_CHROOT_PATH}/etc/facter/facts.d/os_service_default.txt
echo "os_immutable=<SERVICE DEFAULT>" >${BODI_CHROOT_PATH}/etc/facter/facts.d/os_immutable.txt
# We need puppet to start with OCI's generated root CA cert knowledge. That's the
# Environment=OS_CACERT=/etc/ssl/certs/oci-pki-oci-ca-chain.pem
# that will do this.
# We can't do that if the cert isn't just self-signed: this breaks the setup of
# keystone's admin role in puppet.
if [ -e /self-signed-api-cert ] ; then
mkdir -p ${BODI_CHROOT_PATH}/etc/systemd/system/puppet.service.d/
echo "[Service]
Environment=OS_CACERT=/etc/ssl/certs/oci-pki-oci-ca-chain.pem
" >${BODI_CHROOT_PATH}/etc/systemd/system/puppet.service.d/oci-ca-cert.conf
fi
fi
# Overrides epmd.socket file to have it bind on all IPs
# not just on localhost.
mkdir -p ${BODI_CHROOT_PATH}/etc/systemd/system
echo "[Unit]
Description=Erlang Port Mapper Daemon Activation Socket
[Socket]
ListenStream=4369
BindIPv6Only=both
Accept=false
[Install]
WantedBy=sockets.target
" >${BODI_CHROOT_PATH}/etc/systemd/system/epmd.socket
#########################################################
### Fix the unix rights of the SSH (signed) host keys ###
#########################################################
SSH_KEYS=$(ls ${BODI_CHROOT_PATH}/etc/ssh/ssh_host_*_key 2>/dev/null)
if [ -n "${SSH_KEYS}" ] ; then
for i in ${SSH_KEYS} ; do
chown root:root $i $i.pub
chmod 0600 $i
chmod 0644 $i.pub
done
fi
SSH_KEYS_CERTS=$(ls ${BODI_CHROOT_PATH}/etc/ssh/ssh_host_*_key.pub 2>/dev/null)
if [ -n "${SSH_KEYS_CERTS}" ] ; then
for i in ${SSH_KEYS_CERTS} ; do
chown root:root $i
chmod 0600 $i
CERT=$(basename $i)
echo "HostCertificate /etc/ssh/${CERT}" >>${BODI_CHROOT_PATH}/etc/ssh/sshd_config
done
fi
if [ -e ${BODI_CHROOT_PATH}/etc/ssh/ssh_known_hosts ] ; then
chown root:root ${BODI_CHROOT_PATH}/etc/ssh/ssh_known_hosts
fi
if [ -e ${BODI_CHROOT_PATH}/etc/ssh ] ; then
chown root:root ${BODI_CHROOT_PATH}/etc/ssh
fi
##############################################################################
### Install an eventual x509 PKI, used so OpenStack nodes trust each other ###
##############################################################################
# These are the CA certificates
if ls /oci-pki* >/dev/null 2>&1 ; then
mkdir -p ${BODI_CHROOT_PATH}/etc/ssl/certs
cp /oci-pki* ${BODI_CHROOT_PATH}/etc/ssl/certs
chroot ${BODI_CHROOT_PATH} /usr/sbin/update-ca-certificates -f
fi
# These are the node's SSL keys
if [ -r "/${HOSTNAME}.key" ] && [ -r "/${HOSTNAME}.crt" ] ; then
mkdir -p ${BODI_CHROOT_PATH}/etc/ssl/private/
cp /${HOSTNAME}.key ${BODI_CHROOT_PATH}/etc/ssl/private/ssl-cert-snakeoil.key
mkdir -p ${BODI_CHROOT_PATH}/etc/ssl/certs
cp /${HOSTNAME}.crt ${BODI_CHROOT_PATH}/etc/ssl/certs/ssl-cert-snakeoil.pem
chroot ${BODI_CHROOT_PATH} /usr/sbin/update-ca-certificates -f
fi
# These are the swiftproxy SSL keys
if [ -r "/oci-pki-swiftproxy.key" ] && [ -r "/oci-pki-swiftproxy.crt" ] ; then
mkdir -p ${BODI_CHROOT_PATH}/etc/ssl/private/
cp /oci-pki-swiftproxy.key ${BODI_CHROOT_PATH}/etc/ssl/private/oci-pki-swiftproxy.key
mkdir -p ${BODI_CHROOT_PATH}/etc/ssl/certs
cp /oci-pki-swiftproxy.crt ${BODI_CHROOT_PATH}/etc/ssl/certs/oci-pki-swiftproxy.crt
cp /oci-pki-swiftproxy.pem ${BODI_CHROOT_PATH}/etc/ssl/private/oci-pki-swiftproxy.pem
chroot ${BODI_CHROOT_PATH} /usr/sbin/update-ca-certificates -f
fi
# These are the OpenStack public API SSL keys
if [ -r /oci-pki-api.crt ] ; then
cp /oci-pki-api.crt ${BODI_CHROOT_PATH}/etc/ssl/certs/oci-pki-api.crt
chroot ${BODI_CHROOT_PATH} /usr/sbin/update-ca-certificates -f
fi
if [ -r /oci-pki-api.pem ] ; then
cp /oci-pki-api.pem ${BODI_CHROOT_PATH}/etc/ssl/private/oci-pki-api.pem
chroot ${BODI_CHROOT_PATH} /usr/sbin/update-ca-certificates -f
fi
if [ -r /oci-pki-api.key ] ; then
cp /oci-pki-api.key ${BODI_CHROOT_PATH}/etc/ssl/private/oci-pki-api.key
fi
# Add the nf_conntrack module by default.
if ! grep -q nf_conntrack ${BODI_CHROOT_PATH}/etc/modules ; then echo nf_conntrack >>${BODI_CHROOT_PATH}/etc/modules ; fi
#########################
### Install OCI utils ###
#########################
chroot ${BODI_CHROOT_PATH} apt-get install -y -o Dpkg::Options::="--force-confnew" openstack-cluster-installer-utils
chroot ${BODI_CHROOT_PATH} systemctl enable oci-report-status.service
chroot ${BODI_CHROOT_PATH} systemctl enable oci-first-boot.service
|
