efa4b9e454
This reverts commit b8fb623dc9
.
No longer needed.
Change-Id: I1303055226f8dc6dd02dc3419c87f2042506b833
109 lines
3.4 KiB
INI
109 lines
3.4 KiB
INI
%post --erroronfail
|
|
|
|
# Source common functions
|
|
. /tmp/ks-functions.sh
|
|
|
|
# Source the generated platform.conf
|
|
. /etc/platform/platform.conf
|
|
|
|
# Update grub with custom kernel bootargs
|
|
source /etc/init.d/cpumap_functions.sh
|
|
n_cpus=$(cat /proc/cpuinfo 2>/dev/null | \
|
|
awk '/^[pP]rocessor/ { n +=1 } END { print (n>0) ? n : 1}')
|
|
n_numa=$(ls -d /sys/devices/system/node/node* 2>/dev/null | wc -l)
|
|
KERN_OPTS=" iommu=pt usbcore.autosuspend=-1"
|
|
|
|
KERN_OPTS="${KERN_OPTS} hugepagesz=2M hugepages=0 default_hugepagesz=2M"
|
|
|
|
# If this is an all-in-one system, we need at least 4 CPUs
|
|
if [ "$system_type" = "All-in-one" -a ${n_cpus} -lt 4 ]; then
|
|
report_post_failure_with_msg "ERROR: At least 4 CPUs are required for controller+worker node."
|
|
fi
|
|
|
|
# Add kernel options for cpu isolation / affinity
|
|
if [ ${n_cpus} -gt 1 ]
|
|
then
|
|
base_cpulist=$(platform_expanded_cpu_list)
|
|
base_cpumap=$(cpulist_to_cpumap ${base_cpulist} ${n_cpus})
|
|
avp_cpulist=$(vswitch_expanded_cpu_list)
|
|
norcu_cpumap=$(invert_cpumap ${base_cpumap} ${n_cpus})
|
|
norcu_cpulist=$(cpumap_to_cpulist ${norcu_cpumap} ${n_cpus})
|
|
|
|
if [[ "$subfunction" =~ lowlatency ]]; then
|
|
KERN_OPTS="${KERN_OPTS} nohz_full=${norcu_cpulist}"
|
|
fi
|
|
KERN_OPTS="${KERN_OPTS} rcu_nocbs=${norcu_cpulist}"
|
|
KERN_OPTS="${KERN_OPTS} kthread_cpus=${base_cpulist}"
|
|
KERN_OPTS="${KERN_OPTS} irqaffinity=${base_cpulist}"
|
|
# Update vswitch.conf
|
|
sed -i "s/^VSWITCH_CPU_LIST=.*/VSWITCH_CPU_LIST=\"${avp_cpulist}\"/" /etc/vswitch/vswitch.conf
|
|
fi
|
|
|
|
# Add kernel options to ensure an selinux is disabled
|
|
KERN_OPTS="${KERN_OPTS} selinux=0 enforcing=0"
|
|
|
|
# Add kernel options to set NMI watchdog
|
|
if [[ "$subfunction" =~ lowlatency ]]; then
|
|
KERN_OPTS="${KERN_OPTS} nmi_watchdog=0 softlockup_panic=0"
|
|
else
|
|
KERN_OPTS="${KERN_OPTS} nmi_watchdog=panic,1 softlockup_panic=1"
|
|
fi
|
|
|
|
# Add kernel option to panic on a softdog timeout
|
|
KERN_OPTS="${KERN_OPTS} softdog.soft_panic=1"
|
|
|
|
if [[ "$(dmidecode -s system-product-name)" =~ ^ProLiant.*Gen8$ ]]; then
|
|
KERN_OPTS="${KERN_OPTS} intel_iommu=on,eth_no_rmrr"
|
|
else
|
|
KERN_OPTS="${KERN_OPTS} intel_iommu=on"
|
|
fi
|
|
|
|
# Add kernel option to disable biosdevname if enabled
|
|
# As this may already be in GRUB_CMDLINE_LINUX, only add if it is not already present
|
|
grep -q '^GRUB_CMDLINE_LINUX=.*biosdevname=0' /etc/default/grub
|
|
if [ $? -ne 0 ]; then
|
|
KERN_OPTS="${KERN_OPTS} biosdevname=0"
|
|
fi
|
|
|
|
# Add kernel options to disable kvm-intel.eptad on Broadwell
|
|
# Broadwell: Model: 79, Model name: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
|
|
if grep -q -E "^model\s+:\s+79$" /proc/cpuinfo
|
|
then
|
|
KERN_OPTS="${KERN_OPTS} kvm-intel.eptad=0"
|
|
fi
|
|
|
|
# k8s updates:
|
|
#KERN_OPTS="${KERN_OPTS} cgroup_disable=memory"
|
|
KERN_OPTS="${KERN_OPTS} user_namespace.enable=1"
|
|
|
|
# Add kernel option to avoid jiffies_lock contention on real-time kernel
|
|
if [[ "$subfunction" =~ lowlatency ]]; then
|
|
KERN_OPTS="${KERN_OPTS} skew_tick=1"
|
|
fi
|
|
|
|
# If the installer asked us to use security related kernel params, use
|
|
# them in the grub line as well (until they can be configured via puppet)
|
|
grep -q 'nopti' /proc/cmdline
|
|
if [ $? -eq 0 ]; then
|
|
KERN_OPTS="${KERN_OPTS} nopti"
|
|
fi
|
|
grep -q 'nospectre_v2' /proc/cmdline
|
|
if [ $? -eq 0 ]; then
|
|
KERN_OPTS="${KERN_OPTS} nospectre_v2"
|
|
fi
|
|
grep -q 'nospectre_v1' /proc/cmdline
|
|
if [ $? -eq 0 ]; then
|
|
KERN_OPTS="${KERN_OPTS} nospectre_v1"
|
|
fi
|
|
|
|
perl -pi -e 's/(GRUB_CMDLINE_LINUX=.*)\"/\1'"$KERN_OPTS"'\"/g' /etc/default/grub
|
|
|
|
if [ -d /sys/firmware/efi ] ; then
|
|
grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
|
|
else
|
|
grub2-mkconfig -o /boot/grub2/grub.cfg
|
|
fi
|
|
|
|
%end
|
|
|