From 1ffd6950a341b52b1a2d7f5081aebfc89dc94d82 Mon Sep 17 00:00:00 2001 From: aakash-v-virani Date: Fri, 13 Mar 2020 10:11:45 +0530 Subject: [PATCH] RNC-1.2 Release Signed-off-by: aakash-v-virani --- README.md | 79 +----------- conf/files.sample.yml | 77 ------------ post.sh | 30 +++++ bootstrap.sh => pre.sh | 278 ++++++++++++++++++----------------------- 4 files changed, 155 insertions(+), 309 deletions(-) delete mode 100644 conf/files.sample.yml create mode 100755 post.sh rename bootstrap.sh => pre.sh (66%) diff --git a/README.md b/README.md index fc3791a..a31f91b 100644 --- a/README.md +++ b/README.md @@ -1,83 +1,10 @@ # Ubuntu OS Profile - - -Intended to be used with [Retail Node Installer](https://github.com/intel/retail-node-installer), this Ubuntu OS profile contains a few files that ultimately will install Ubuntu OS to disk. - -## Software Stack in this profile - -* Ubuntu Linux w/ Docker - -## Target Device Prerequisites - -* x86 Bare Metal or x86 Virtual Machine -* At Least 5 GB of Disk Space - * Supports the following drive types: - * SDD - * NVME - * MMC -* 4 GB of RAM - -## Getting Started - -**A necessary prerequisite to using this profile is having an Retail Node Installer deployed**. Please refer to Retail Node Installer project [documentation for installation](https://github.com/intel/retail-node-installer) in order to deploy it. - -Out of the box, the Ubuntu profile should _just work_. Therefore, no specific steps are required in order to use this profile that have not already been described in the Retail Node Installer documentation. Simply boot a client device using legacy BIOS PXE boot and the Ubuntu profile should automatically launch after a brief waiting period. - -If you do encounter issues PXE booting, please review the steps outlined in the Retail Node Installer documentation and ensure you've followed them correctly. See the [Known Issues](#Known-Issues) section for possible solutions. - -After installing Ubuntu, the default login username is `sys-admin` and the default password is `P@ssw0rd!`. This password is defined in the `bootstrap.sh` script and in the `conf/config.yml` as a kernel argument. - -## Kernel Paramaters used at build time - -The following kernel parameters can be added to `conf/config.yml` - -* `bootstrap` - RESERVED, do not change -* `ubuntuversion` - Use the Ubuntu release name. Defaults to 'cosmic' release -* `debug` - [TRUE | FALSE] Enables a more verbose output -* `httppath` - RESERVED, do not change -* `kernparam` - Used to pass additional kernel parameters to the targeted system. Example format: kernparam=splash:quiet#enable_gvt:1 -* `parttype` - RESERVED, do not change -* `password` - Initial user password. Defaults to 'password' -* `proxy` - Add proxy settings if behind proxy during installation. Example: http://proxy-us.intel.com:912 -* `proxysocks` - Add socks proxy settings if behind proxy during installation. Example: http://proxy-us.intel.com:1080 -* `release` - [prod | dev] If set to prod the system will shutdown after it is provisioned. Altnerativily it will reboot. -* `token` - GitHub token for private repositories, if this profile is in a private respository this token should have access to this repo -* `username` - Initial user name. Defaults to 'sys-admin' +Intended to be used with Retail Node Installer and Ubuntu custom profiles. +Please refer to Ubuntu OS Profile project [documentation](https://github.com/intel/rni-profile-base-ubuntu/desktop/README.md) in order to deploy Ubuntu. ## Known Limitations * Currently does not support full disk encryption * Currently does not install Secure Boot features - -## Customization - -If you want to customize your Retail Node Installer profile, follow these steps: - -* Duplicate this repository locally and push it to a separate/new git repository -* Make changes after reading the information below -* Update your Retail Node Installer configuration to point to the git repository and branch (such as master). - -The flexibility of Retail Node Installer comes to fruition with the following profile-side file structures: - -* `conf/config.yml` - This file contains the arguments that are passed to the Linux kernel upon PXE boot. Alter these arguments according to the needs of your scripts. The following kernel arguments are always prepended to the arguments specified in `conf/config.yml`: - * `console=tty0` - * `httpserver=@@RNI_IP@@` - * `bootstrap=http://@@RNI_IP@@/profile/${profileName}/bootstrap.sh` -* `conf/files.yml` - This file contains a few definitions that tell Retail Node Installer to download specific files that you can customize. **Please check if there are any [Known Limitations](#Known-Limitations) before changing this file from the default.** See `conf/files.sample.yml` for a full example. -* `bootstrap.sh` - A profile is required to have a `bootstrap.sh` as an entry point. This is an arbitrary script that you can control. If you plan to create profiles for other operating systems such as Ubuntu or Debian, it is recommended to use [preseed](https://wiki.debian.org/DebianInstaller/Preseed) to launch `bootstrap.sh` as the last step. -Currently the following variables are processed: - * `@@RNI_DHCP_MIN@@` - * `@@RNI_DHCP_MAX@@` - * `@@RNI_NETWORK_BROADCAST_IP@@` - * `@@RNI_NETWORK_GATEWAY_IP@@` - * `@@RNI_IP@@` - * `@@RNI_NETWORK_DNS_SECONDARY@@` - * `@@PROFILE_NAME@@` - -### Customization Requirements - -A profile **must** have all of the following: - -* a `bootstrap.sh` file at the root of the repository -* a `conf/files.yml` specifying an `initrd` and `vmlinuz`, as shown in the `conf/files.yml` file. \ No newline at end of file +* Currently base profile intended to be used along with custom profiles. diff --git a/conf/files.sample.yml b/conf/files.sample.yml deleted file mode 100644 index b267350..0000000 --- a/conf/files.sample.yml +++ /dev/null @@ -1,77 +0,0 @@ ---- - -# Copyright (C) 2019 Intel Corporation -# SPDX-License-Identifier: BSD-3-Clause - -# Note that all fields for all items must be filled in, unless you omit -# the entire section. For example, you cannot omit 'type' from an object in -# the 'base_os_files' section; you must put the word "Other" or "None". Or, -# if the section is not needed, delete the entire thing. - -# Items in 'base_os_files' will be pushed to two locations accessible over the -# local network -# http://@@EDGEBUILDER_IP@@/tftp/images/${PROFILE_NAME}/ -# (tftp protocol) /images/${PROFILE_NAME}/ -# Both a 'kernel' and 'initrd' must be specified if you plan to use your own. -# Otherwise, the utility OS will be used. -base_os_files: - - url: https://github.com/rancher/os/releases/download/v1.5.1/vmlinuz - type: kernel - filename: vmlinuz - - url: https://github.com/rancher/os/releases/download/v1.5.1/initrd - type: initrd - filename: initrd - - url: https://google.com - type: other - filename: google.html - -# Items in 'general_files' will be retrieved using wget. Tokens are passed in -# as headers. These files will be accessible at -# http://@@EDGEBUILDER_IP@@/files/* -general_files: - - url: https://google.com - destination_file: google.html - token: None - - url: https://github.com/ - destination_file: github.html - token: asdf - -# Items in 's3_files' will be retrieved using aws-cli. -# These files will also be accessible at -# http://@@EDGEBUILDER_IP@@/files/* -s3_files: - - aws_access_key: ASDFASDFASDFASDF - aws_secret_key: ASDFASDFASDFASDFASDFASDFA - aws_region: us-west-2 - bucket: an-aws-bucket - object: some-dir/some-aws-object - destination_file: some_filename - -# These files are retrieved from the public Docker hub. -# Currently these files can go anywhere. -public_docker_images: - - image: alpine:latest - tag: alpine:latest - destination_file: alpine_latest.tar - -# These files are retrieved from a private AWS ECR. -# Currently these files can go anywhere. -private_docker_aws_images: - - image: helloworld:latest - docker_registry: ASDF.dkr.ecr.us-west-2.amazonaws.com - aws_access_key: ASDFASDFASDF - aws_secret_key: ASDF/ASDFASDFASDF/ASDFASDF - aws_region: us-west-2 - aws_registry: 999999999999 - tag: helloworld - destination_file: helloworld.tar - -# These files are retrieved from a Docker registry. -# Currently these files can go anywhere. -private_docker_registry_images: - - image: helloworld:latest - tag: universe/helloworld:latest - destination_file: helloworld.tar.gz - docker_registry: hub.docker.site.com - docker_username: registryuser - docker_password: asdfasdfasfasfasdfasf diff --git a/post.sh b/post.sh new file mode 100755 index 0000000..45e5c90 --- /dev/null +++ b/post.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# Copyright (C) 2019 Intel Corporation +# SPDX-License-Identifier: BSD-3-Clause + +#this is provided while using Utility OS +source /opt/bootstrap/functions + +# --- Cleanup --- +if [ $freemem -lt 6291456 ]; then + run "Cleaning up" \ + "killall dockerd && + sleep 3 && + swapoff $ROOTFS/swap && + rm $ROOTFS/swap && + rm -fr $ROOTFS/tmp/" \ + "$TMP/provisioning.log" +fi + +umount $BOOTFS && + umount $ROOTFS && + if [[ $param_diskencrypt == 'true' ]]; then + cryptsetup luksClose root 2>&1 | tee -a /dev/tty0 + fi + +if [[ $param_release == 'prod' ]]; then + poweroff +else + reboot +fi diff --git a/bootstrap.sh b/pre.sh similarity index 66% rename from bootstrap.sh rename to pre.sh index c0460a2..b5c6c6d 100755 --- a/bootstrap.sh +++ b/pre.sh @@ -3,9 +3,14 @@ # Copyright (C) 2019 Intel Corporation # SPDX-License-Identifier: BSD-3-Clause +set -a + #this is provided while using Utility OS source /opt/bootstrap/functions +ubuntu_packages="net-tools" +ubuntu_bundles="standard" + PROVISION_LOG="/tmp/provisioning.log" run "Begin provisioning process..." \ "sleep 0.5" \ @@ -17,188 +22,187 @@ PROVISIONER=$1 kernel_params=$(cat /proc/cmdline) if [[ $kernel_params == *"proxy="* ]]; then - tmp="${kernel_params##*proxy=}" - param_proxy="${tmp%% *}" - - export http_proxy=${param_proxy} - export https_proxy=${param_proxy} - export no_proxy="localhost,127.0.0.1,${PROVISIONER}" - export HTTP_PROXY=${param_proxy} - export HTTPS_PROXY=${param_proxy} - export NO_PROXY="localhost,127.0.0.1,${PROVISIONER}" - export DOCKER_PROXY_ENV="--env http_proxy='${http_proxy}' --env https_proxy='${https_proxy}' --env no_proxy='${no_proxy}' --env HTTP_PROXY='${HTTP_PROXY}' --env HTTPS_PROXY='${HTTPS_PROXY}' --env NO_PROXY='${NO_PROXY}'" - export INLINE_PROXY="export http_proxy='${http_proxy}'; export https_proxy='${https_proxy}'; export no_proxy='${no_proxy}'; export HTTP_PROXY='${HTTP_PROXY}'; export HTTPS_PROXY='${HTTPS_PROXY}'; export NO_PROXY='${NO_PROXY}';" + tmp="${kernel_params##*proxy=}" + export param_proxy="${tmp%% *}" + + export http_proxy=${param_proxy} + export https_proxy=${param_proxy} + export no_proxy="localhost,127.0.0.1,${PROVISIONER}" + export HTTP_PROXY=${param_proxy} + export HTTPS_PROXY=${param_proxy} + export NO_PROXY="localhost,127.0.0.1,${PROVISIONER}" + export DOCKER_PROXY_ENV="--env http_proxy='${http_proxy}' --env https_proxy='${https_proxy}' --env no_proxy='${no_proxy}' --env HTTP_PROXY='${HTTP_PROXY}' --env HTTPS_PROXY='${HTTPS_PROXY}' --env NO_PROXY='${NO_PROXY}'" + export INLINE_PROXY="export http_proxy='${http_proxy}'; export https_proxy='${https_proxy}'; export no_proxy='${no_proxy}'; export HTTP_PROXY='${HTTP_PROXY}'; export HTTPS_PROXY='${HTTPS_PROXY}'; export NO_PROXY='${NO_PROXY}';" elif [ $( - nc -vz ${PROVISIONER} 3128 - echo $? + nc -vz ${PROVISIONER} 3128 + echo $? ) -eq 0 ]; then - export http_proxy=http://${PROVISIONER}:3128/ - export https_proxy=http://${PROVISIONER}:3128/ - export no_proxy="localhost,127.0.0.1,${PROVISIONER}" - export HTTP_PROXY=http://${PROVISIONER}:3128/ - export HTTPS_PROXY=http://${PROVISIONER}:3128/ - export NO_PROXY="localhost,127.0.0.1,${PROVISIONER}" - export DOCKER_PROXY_ENV="--env http_proxy='${http_proxy}' --env https_proxy='${https_proxy}' --env no_proxy='${no_proxy}' --env HTTP_PROXY='${HTTP_PROXY}' --env HTTPS_PROXY='${HTTPS_PROXY}' --env NO_PROXY='${NO_PROXY}'" - export INLINE_PROXY="export http_proxy='${http_proxy}'; export https_proxy='${https_proxy}'; export no_proxy='${no_proxy}'; export HTTP_PROXY='${HTTP_PROXY}'; export HTTPS_PROXY='${HTTPS_PROXY}'; export NO_PROXY='${NO_PROXY}';" + export http_proxy=http://${PROVISIONER}:3128/ + export https_proxy=http://${PROVISIONER}:3128/ + export no_proxy="localhost,127.0.0.1,${PROVISIONER}" + export HTTP_PROXY=http://${PROVISIONER}:3128/ + export HTTPS_PROXY=http://${PROVISIONER}:3128/ + export NO_PROXY="localhost,127.0.0.1,${PROVISIONER}" + export DOCKER_PROXY_ENV="--env http_proxy='${http_proxy}' --env https_proxy='${https_proxy}' --env no_proxy='${no_proxy}' --env HTTP_PROXY='${HTTP_PROXY}' --env HTTPS_PROXY='${HTTPS_PROXY}' --env NO_PROXY='${NO_PROXY}'" + export INLINE_PROXY="export http_proxy='${http_proxy}'; export https_proxy='${https_proxy}'; export no_proxy='${no_proxy}'; export HTTP_PROXY='${HTTP_PROXY}'; export HTTPS_PROXY='${HTTPS_PROXY}'; export NO_PROXY='${NO_PROXY}';" fi if [[ $kernel_params == *"proxysocks="* ]]; then - tmp="${kernel_params##*proxysocks=}" - param_proxysocks="${tmp%% *}" + tmp="${kernel_params##*proxysocks=}" + param_proxysocks="${tmp%% *}" - export FTP_PROXY=${param_proxysocks} + export FTP_PROXY=${param_proxysocks} - tmp_socks=$(echo ${param_proxysocks} | sed "s#http://##g" | sed "s#https://##g" | sed "s#/##g") - export SSH_PROXY_CMD="-o ProxyCommand='nc -x ${tmp_socks} %h %p'" + tmp_socks=$(echo ${param_proxysocks} | sed "s#http://##g" | sed "s#https://##g" | sed "s#/##g") + export SSH_PROXY_CMD="-o ProxyCommand='nc -x ${tmp_socks} %h %p'" fi if [[ $kernel_params == *"httppath="* ]]; then - tmp="${kernel_params##*httppath=}" - param_httppath="${tmp%% *}" + tmp="${kernel_params##*httppath=}" + export param_httppath="${tmp%% *}" fi if [[ $kernel_params == *"parttype="* ]]; then - tmp="${kernel_params##*parttype=}" - param_parttype="${tmp%% *}" + tmp="${kernel_params##*parttype=}" + export param_parttype="${tmp%% *}" elif [ -d /sys/firmware/efi ]; then - param_parttype="efi" + export param_parttype="efi" else - param_parttype="msdos" + export param_parttype="msdos" fi if [[ $kernel_params == *"bootstrap="* ]]; then - tmp="${kernel_params##*bootstrap=}" - param_bootstrap="${tmp%% *}" - param_bootstrapurl=$(echo $param_bootstrap | sed "s#/$(basename $param_bootstrap)\$##g") + tmp="${kernel_params##*bootstrap=}" + export param_bootstrap="${tmp%% *}" + export param_bootstrapurl=$(echo $param_bootstrap | sed "s#/$(basename $param_bootstrap)\$##g") +fi + +if [[ $kernel_params == *"basebranch="* ]]; then + tmp="${kernel_params##*basebranch=}" + export param_basebranch="${tmp%% *}" fi if [[ $kernel_params == *"token="* ]]; then - tmp="${kernel_params##*token=}" - param_token="${tmp%% *}" + tmp="${kernel_params##*token=}" + export param_token="${tmp%% *}" fi if [[ $kernel_params == *"agent="* ]]; then - tmp="${kernel_params##*agent=}" - param_agent="${tmp%% *}" + tmp="${kernel_params##*agent=}" + export param_agent="${tmp%% *}" else - param_agent="master" + export param_agent="master" fi if [[ $kernel_params == *"kernparam="* ]]; then - tmp="${kernel_params##*kernparam=}" - temp_param_kernparam="${tmp%% *}" - param_kernparam=$(echo ${temp_param_kernparam} | sed 's/#/ /g' | sed 's/:/=/g') + tmp="${kernel_params##*kernparam=}" + temp_param_kernparam="${tmp%% *}" + export param_kernparam=$(echo ${temp_param_kernparam} | sed 's/#/ /g' | sed 's/:/=/g') fi if [[ $kernel_params == *"ubuntuversion="* ]]; then - tmp="${kernel_params##*ubuntuversion=}" - param_ubuntuversion="${tmp%% *}" + tmp="${kernel_params##*ubuntuversion=}" + export param_ubuntuversion="${tmp%% *}" else - param_ubuntuversion="cosmic" + export param_ubuntuversion="cosmic" fi # The following is bandaid for Disco Dingo if [ $param_ubuntuversion = "disco" ]; then - DOCKER_UBUNTU_RELEASE="cosmic" + export DOCKER_UBUNTU_RELEASE="cosmic" else - DOCKER_UBUNTU_RELEASE=$param_ubuntuversion + export DOCKER_UBUNTU_RELEASE=$param_ubuntuversion fi if [[ $kernel_params == *"arch="* ]]; then - tmp="${kernel_params##*arch=}" - param_arch="${tmp%% *}" + tmp="${kernel_params##*arch=}" + export param_arch="${tmp%% *}" else - param_arch="amd64" + export param_arch="amd64" fi if [[ $kernel_params == *"insecurereg="* ]]; then - tmp="${kernel_params##*insecurereg=}" - param_insecurereg="${tmp%% *}" + tmp="${kernel_params##*insecurereg=}" + export param_insecurereg="${tmp%% *}" fi if [[ $kernel_params == *"username="* ]]; then - tmp="${kernel_params##*username=}" - param_username="${tmp%% *}" + tmp="${kernel_params##*username=}" + export param_username="${tmp%% *}" else - param_username="sys-admin" + export param_username="sys-admin" fi if [[ $kernel_params == *"password="* ]]; then - tmp="${kernel_params##*password=}" - param_password="${tmp%% *}" + tmp="${kernel_params##*password=}" + export param_password="${tmp%% *}" else - param_password="password" + export param_password="password" fi if [[ $kernel_params == *"debug="* ]]; then - tmp="${kernel_params##*debug=}" - param_debug="${tmp%% *}" + tmp="${kernel_params##*debug=}" + export param_debug="${tmp%% *}" fi if [[ $kernel_params == *"release="* ]]; then - tmp="${kernel_params##*release=}" - param_release="${tmp%% *}" + tmp="${kernel_params##*release=}" + export param_release="${tmp%% *}" else - param_release='dev' + export param_release='dev' fi if [[ $param_release == 'prod' ]]; then - kernel_params="$param_kernparam" # ipv6.disable=1 + export kernel_params="$param_kernparam" # ipv6.disable=1 else - kernel_params="$param_kernparam" + export kernel_params="$param_kernparam" fi -# --- Config -ubuntu_bundles="standard openssh-server" -ubuntu_packages="net-tools" - -pull_sysdockerimagelist="" -wget_sysdockerimagelist="" # --- Get free memory -freemem=$(grep MemTotal /proc/meminfo | awk '{print $2}') +export freemem=$(grep MemTotal /proc/meminfo | awk '{print $2}') # --- Detect HDD --- if [ -d /sys/block/[vsh]da ]; then - export DRIVE=$(echo /dev/$(ls -l /sys/block/[vsh]da | grep -v usb | head -n1 | sed 's/^.*\([vsh]d[a-z]\+\).*$/\1/')) - if [[ $param_parttype == 'efi' ]]; then - export EFI_PARTITION=${DRIVE}1 - export BOOT_PARTITION=${DRIVE}2 - export SWAP_PARTITION=${DRIVE}3 - export ROOT_PARTITION=${DRIVE}4 - else - export BOOT_PARTITION=${DRIVE}1 - export SWAP_PARTITION=${DRIVE}2 - export ROOT_PARTITION=${DRIVE}3 - fi + export DRIVE=$(echo /dev/$(ls -l /sys/block/[vsh]da | grep -v usb | head -n1 | sed 's/^.*\([vsh]d[a-z]\+\).*$/\1/')) + if [[ $param_parttype == 'efi' ]]; then + export EFI_PARTITION=${DRIVE}1 + export BOOT_PARTITION=${DRIVE}2 + export SWAP_PARTITION=${DRIVE}3 + export ROOT_PARTITION=${DRIVE}4 + else + export BOOT_PARTITION=${DRIVE}1 + export SWAP_PARTITION=${DRIVE}2 + export ROOT_PARTITION=${DRIVE}3 + fi elif [ -d /sys/block/nvme[0-9]n[0-9] ]; then - export DRIVE=$(echo /dev/$(ls -l /sys/block/nvme* | grep -v usb | head -n1 | sed 's/^.*\(nvme[a-z0-1]\+\).*$/\1/')) - if [[ $param_parttype == 'efi' ]]; then - export EFI_PARTITION=${DRIVE}p1 - export BOOT_PARTITION=${DRIVE}p2 - export SWAP_PARTITION=${DRIVE}p3 - export ROOT_PARTITION=${DRIVE}p4 - else - export BOOT_PARTITION=${DRIVE}p1 - export SWAP_PARTITION=${DRIVE}p2 - export ROOT_PARTITION=${DRIVE}p3 - fi + export DRIVE=$(echo /dev/$(ls -l /sys/block/nvme* | grep -v usb | head -n1 | sed 's/^.*\(nvme[a-z0-1]\+\).*$/\1/')) + if [[ $param_parttype == 'efi' ]]; then + export EFI_PARTITION=${DRIVE}p1 + export BOOT_PARTITION=${DRIVE}p2 + export SWAP_PARTITION=${DRIVE}p3 + export ROOT_PARTITION=${DRIVE}p4 + else + export BOOT_PARTITION=${DRIVE}p1 + export SWAP_PARTITION=${DRIVE}p2 + export ROOT_PARTITION=${DRIVE}p3 + fi elif [ -d /sys/block/mmcblk[0-9] ]; then - export DRIVE=$(echo /dev/$(ls -l /sys/block/mmcblk[0-9] | grep -v usb | head -n1 | sed 's/^.*\(mmcblk[0-9]\+\).*$/\1/')) - if [[ $param_parttype == 'efi' ]]; then - export EFI_PARTITION=${DRIVE}p1 - export BOOT_PARTITION=${DRIVE}p2 - export SWAP_PARTITION=${DRIVE}p3 - export ROOT_PARTITION=${DRIVE}p4 - else - export BOOT_PARTITION=${DRIVE}p1 - export SWAP_PARTITION=${DRIVE}p2 - export ROOT_PARTITION=${DRIVE}p3 - fi + export DRIVE=$(echo /dev/$(ls -l /sys/block/mmcblk[0-9] | grep -v usb | head -n1 | sed 's/^.*\(mmcblk[0-9]\+\).*$/\1/')) + if [[ $param_parttype == 'efi' ]]; then + export EFI_PARTITION=${DRIVE}p1 + export BOOT_PARTITION=${DRIVE}p2 + export SWAP_PARTITION=${DRIVE}p3 + export ROOT_PARTITION=${DRIVE}p4 + else + export BOOT_PARTITION=${DRIVE}p1 + export SWAP_PARTITION=${DRIVE}p2 + export ROOT_PARTITION=${DRIVE}p3 + fi else - echo "No supported drives found!" 2>&1 | tee -a /dev/tty0 - sleep 300 - reboot + echo "No supported drives found!" 2>&1 | tee -a /dev/tty0 + sleep 300 + reboot fi export BOOTFS=/target/boot @@ -282,6 +286,7 @@ if [ $(wget http://${PROVISIONER}:5000/v2/_catalog -O-) ] 2>/dev/null; then export REGISTRY_MIRROR="--registry-mirror=http://${PROVISIONER}:5000" fi +# -- Configure Image database --- run "Configuring Image Database" \ "mkdir -p $ROOTFS/tmp/docker && \ chmod 777 $ROOTFS/tmp && \ @@ -326,7 +331,7 @@ if [[ $param_parttype == 'efi' ]]; then tasksel install ${ubuntu_bundles} && \ apt install -y ${ubuntu_packages} && \ apt clean\"' && \ - wget --header \"Authorization: token ${param_token}\" -O - ${param_bootstrapurl}/files/etc/fstab | sed -e \"s#ROOT#${ROOT_PARTITION}#g\" | sed -e \"s#BOOT#${BOOT_PARTITION}#g\" | sed -e \"s#SWAP#${SWAP_PARTITION}#g\" > $ROOTFS/etc/fstab && \ + wget --header \"Authorization: token ${param_token}\" -O - ${param_basebranch}/files/etc/fstab | sed -e \"s#ROOT#${ROOT_PARTITION}#g\" | sed -e \"s#BOOT#${BOOT_PARTITION}#g\" | sed -e \"s#SWAP#${SWAP_PARTITION}#g\" > $ROOTFS/etc/fstab && \ echo \"${EFI_PARTITION} /boot/efi vfat umask=0077 0 1\" >> $ROOTFS/etc/fstab" \ "$TMP/provisioning.log" else @@ -356,19 +361,19 @@ else tasksel install ${ubuntu_bundles} && \ apt install -y ${ubuntu_packages} && \ apt clean\"' && \ - wget --header \"Authorization: token ${param_token}\" -O - ${param_bootstrapurl}/files/etc/fstab | sed -e \"s#ROOT#${ROOT_PARTITION}#g\" | sed -e \"s#BOOT#${BOOT_PARTITION}#g\" | sed -e \"s#SWAP#${SWAP_PARTITION}#g\" > $ROOTFS/etc/fstab" \ + wget --header \"Authorization: token ${param_token}\" -O - ${param_basebranch}/files/etc/fstab | sed -e \"s#ROOT#${ROOT_PARTITION}#g\" | sed -e \"s#BOOT#${BOOT_PARTITION}#g\" | sed -e \"s#SWAP#${SWAP_PARTITION}#g\" > $ROOTFS/etc/fstab" \ "$TMP/provisioning.log" fi # --- Enabling Ubuntu boostrap items --- -HOSTNAME="ubuntu-$(tr $ROOTFS/etc/hosts && \ + wget --header \"Authorization: token ${param_token}\" -O - ${param_basebranch}/files/etc/hosts | sed -e \"s#@@HOSTNAME@@#${HOSTNAME}#g\" > $ROOTFS/etc/hosts && \ mkdir -p $ROOTFS/etc/systemd/network/ && \ - wget --header \"Authorization: token ${param_token}\" -O - ${param_bootstrapurl}/files/etc/systemd/network/wired.network > $ROOTFS/etc/systemd/network/wired.network && \ + wget --header \"Authorization: token ${param_token}\" -O - ${param_basebranch}/files/etc/systemd/network/wired.network > $ROOTFS/etc/systemd/network/wired.network && \ sed -i 's#^GRUB_CMDLINE_LINUX_DEFAULT=\"quiet splash\"#GRUB_CMDLINE_LINUX_DEFAULT=\"kvmgt vfio-iommu-type1 vfio-mdev i915.enable_gvt=1 kvm.ignore_msrs=1 intel_iommu=on drm.debug=0\"#' $ROOTFS/etc/default/grub && \ echo \"${HOSTNAME}\" > $ROOTFS/etc/hostname && \ echo \"LANG=en_US.UTF-8\" >> $ROOTFS/etc/default/locale && \ @@ -462,51 +467,12 @@ fi # --- Create system-docker database on $ROOTFS --- run "Preparing system-docker database" \ "mkdir -p $ROOTFS/var/lib/docker && \ - docker run -d --privileged --name system-docker ${DOCKER_PROXY_ENV} -v $ROOTFS/var/lib/docker:/var/lib/docker docker:dind ${REGISTRY_MIRROR}" \ + docker run -d --privileged --name system-docker ${DOCKER_PROXY_ENV} -v $ROOTFS/var/lib/docker:/var/lib/docker docker:18.06-dind ${REGISTRY_MIRROR}" \ "$TMP/provisioning.log" -# --- Pull any and load any system images --- -for image in $pull_sysdockerimagelist; do - run "Installing system-docker image $image" \ - "docker exec -i system-docker docker pull $image" \ - "$TMP/provisioning.log" -done - -for image in $wget_sysdockerimagelist; do - run "Installing system-docker image $image" \ - "wget -O- $image 2>> $TMP/provisioning.log | docker exec -i system-docker docker load" \ - "$TMP/provisioning.log" -done - -# --- Preload Software Stack --- +# --- Installing docker compose --- run "Installing Docker Compose" \ "mkdir -p $ROOTFS/usr/local/bin/ && \ wget -O $ROOTFS/usr/local/bin/docker-compose \"https://github.com/docker/compose/releases/download/1.24.0/docker-compose-$(uname -s)-$(uname -m)\" && \ chmod a+x $ROOTFS/usr/local/bin/docker-compose" \ "$TMP/provisioning.log" - -# Add here any software you want pre installed. - -# --- Cleanup --- -if [ $freemem -lt 6291456 ]; then - run "Cleaning up" \ - "killall dockerd && - sleep 3 && - swapoff $ROOTFS/swap && - rm $ROOTFS/swap && - rm -fr $ROOTFS/tmp/" \ - "$TMP/provisioning.log" -fi - -umount $BOOTFS && -umount $ROOTFS && - -if [[ $param_diskencrypt == 'true' ]]; then - cryptsetup luksClose root 2>&1 | tee -a /dev/tty0 -fi - -if [[ $param_release == 'prod' ]]; then - poweroff -else - reboot -fi