Initial commit

Change-Id: Ibb7a6f101d602222a6993f0ab172c22ae6779ea0

centos-bareon/README.rst

@@ -0,0 +1,4 @@
+======
+bareon
+======
+Builds a ramdisk with bareon. Centos element as OS is mandatory.

centos-bareon/cleanup.d/10-remove-repos

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
+    set -x
+fi
+
+set -e
+
+[[ -n "$TARGET_ROOT" ]] || exit 1
+
+sudo rm -f $TARGET_ROOT/etc/yum.repos.d/var_*.repo
+sudo rm -rf $TARGET_ROOT/var/cache/yum/*

centos-bareon/cleanup.d/99-ramdisk-create

@@ -0,0 +1,38 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -e
+set -o pipefail
+
+
+[ -n "$TARGET_ROOT" ]
+
+source $_LIB/img-functions
+
+IMAGE_PATH=$(readlink -f $IMAGE_NAME)
+cd $TARGET_ROOT
+
+echo "#disabled" > ./tmp/fstab.new
+sudo mv ./tmp/fstab.new ./etc/fstab
+sudo ln -s ./sbin/init ./
+
+
+if [ ! -n ${DIB_MAKE_SQUASHFS-""} ] ; then
+    sudo find . -path './sys/*' -prune -o -path './proc/*' -prune -o -path './dev/*' -prune -o -path './tmp/*' -prune -o -path './usr/share/icons/*' -prune -o -path './usr/share/locale/*' -prune -o -print | sudo cpio -o -H newc | gzip > ${IMAGE_PATH}.initramfs
+
+    select_boot_kernel_initrd $TARGET_ROOT
+    sudo cp $BOOTDIR/$KERNEL ${IMAGE_PATH}.vmlinuz
+else
+    wget http://mirror.centos.org/centos/7/os/x86_64/images/pxeboot/initrd.img -O ${IMAGE_PATH}.initramfs
+    wget http://mirror.centos.org/centos/7/os/x86_64/images/pxeboot/vmlinuz -O ${IMAGE_PATH}.vmlinuz
+
+    sudo rm -f ./boot/initrd*
+    sudo rm -f ./boot/vmlinuz*
+
+    mkdir -p $TMP_BUILD_DIR/workdir/LiveOS
+    cp $TMP_IMAGE_PATH $TMP_BUILD_DIR/workdir/LiveOS/ext3fs.img
+    sudo mksquashfs $TMP_BUILD_DIR/workdir/ ${IMAGE_PATH}.squashfs
+fi
+

centos-bareon/element-deps

@@ -0,0 +1,2 @@
+package-installs
+

centos-bareon/element-provides

@@ -0,0 +1 @@
+bareon

centos-bareon/install.d/60-bareon-install

@@ -0,0 +1,44 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+RELEASE_FILE=/etc/bareon-release
+
+SCRIPTDIR=$(dirname $0)
+install-packages python-setuptools python-pip python-dev
+
+if [ -n ${BAREON_SRC-""} ] ; then
+    cd /tmp/bareon
+    pip install --upgrade setuptools
+    pip install -r requirements.txt && python setup.py install
+
+    pip freeze | grep bareon > $RELEASE_FILE
+    echo "Source-based bareon installation. Git log:" >> $RELEASE_FILE
+    cat changelog >> $RELEASE_FILE
+
+    cd /
+else
+    install-packages bareon
+
+    pip freeze | grep bareon > $RELEASE_FILE
+    echo "RPM-based bareon installation. RPM info:" >> $RELEASE_FILE
+    rpm -qi bareon >> $RELEASE_FILE
+fi
+
+if [ ! -f /usr/bin/ironic_callback ]; then
+    ln -s /usr/local/bin/ironic_callback /usr/bin/ironic_callback
+fi
+
+# TODO(lobur): generate this key and publish together with image
+install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/root/.ssh/authorized_keys /root/.ssh/authorized_keys
+chmod 0700 /root/.ssh/
+install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/etc/ssh/sshd_config /etc/ssh/sshd_config
+install -D -g root -o root -m 0664 ${SCRIPTDIR}/files.ironic/etc/network /etc/sysconfig/network
+install -D -g root -o root -m 0755 ${SCRIPTDIR}/files.ironic/usr/lib/systemd/system/ironic-callback.service /usr/lib/systemd/system/ironic-callback.service
+install -D -g root -o root -m 0755 ${SCRIPTDIR}/files.ironic/etc/bareon/bareon.conf /etc/bareon/bareon.conf
+
+systemctl enable ironic-callback.service

centos-bareon/install.d/files.ironic/etc/bareon/bareon.conf

@@ -0,0 +1,211 @@
+[DEFAULT]
+
+#
+# Options defined in bareon.manager
+#
+
+# Data driver (string value)
+#data_driver=nailgun
+
+# Directory where the image is supposed to be built (string
+# value)
+#image_build_dir=/tmp
+
+# Path to directory with cloud init templates (string value)
+#nc_template_path=/usr/share/bareon/cloud-init-templates
+
+# Temporary directory for file manipulations (string value)
+#tmp_path=/tmp
+
+# Path where to store generated config drive image (string
+# value)
+#config_drive_path=/tmp/config-drive.img
+
+# Path where to store actual rules for udev daemon (string
+# value)
+#udev_rules_dir=/etc/udev/rules.d
+
+# Path where to store default rules for udev daemon (string
+# value)
+#udev_rules_lib_dir=/lib/udev/rules.d
+
+# Substring to which file extension .rules be renamed (string
+# value)
+#udev_rename_substr=.renamedrule
+
+# Correct empty rule for udev daemon (string value)
+#udev_empty_rule=empty_rule
+
+# Suffix which is used while creating temporary files (string
+# value)
+#image_build_suffix=.bareon-image
+
+# Timeout in secs for GRUB (integer value)
+#grub_timeout=5
+
+# Maximum allowed loop devices count to use (integer value)
+#max_loop_devices_count=255
+
+# Size of sparse file in MiBs (integer value)
+#sparse_file_size=8192
+
+# System-wide major number for loop device (integer value)
+#loop_device_major_number=7
+
+# Maximum allowed debootstrap/apt-get attempts to execute
+# (integer value)
+#fetch_packages_attempts=10
+
+# File where to store apt setting for unsigned packages
+# (string value)
+#allow_unsigned_file=allow_unsigned_packages
+
+# File where to store apt setting for forcing IPv4 usage
+# (string value)
+#force_ipv4_file=force_ipv4
+
+# Create configdrive file, use pre-builded if set to False
+# (boolean value)
+prepare_configdrive=false
+
+# Add udev rules for NIC remapping (boolean value)
+fix_udev_net_rules=true
+
+
+#
+# Options defined in bareon.cmd.agent
+#
+
+# Input data file (string value)
+#input_data_file=/tmp/provision.json
+
+# Input data (json string) (string value)
+#input_data=
+
+
+#
+# Options defined in bareon.openstack.common.log
+#
+
+# Print debugging output (set logging level to DEBUG instead
+# of default WARNING level). (boolean value)
+debug=true
+
+# Print more verbose output (set logging level to INFO instead
+# of default WARNING level). (boolean value)
+#verbose=false
+
+# Log output to standard error. (boolean value)
+use_stderr=false
+
+# Format string to use for log messages with context. (string
+# value)
+#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
+
+# Format string to use for log messages without context.
+# (string value)
+#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
+
+# Data to append to log format when level is DEBUG. (string
+# value)
+logging_debug_format_suffix=
+
+# Prefix each line of exception output with this format.
+# (string value)
+#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s
+
+# List of logger=LEVEL pairs. (list value)
+#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN
+
+# Enables or disables publication of error events. (boolean
+# value)
+#publish_errors=false
+
+# Enables or disables fatal status of deprecations. (boolean
+# value)
+#fatal_deprecations=false
+
+# The format for an instance that is passed with the log
+# message.  (string value)
+#instance_format="[instance: %(uuid)s] "
+
+# The format for an instance UUID that is passed with the log
+# message.  (string value)
+#instance_uuid_format="[instance: %(uuid)s] "
+
+# The name of a logging configuration file. This file is
+# appended to any existing logging configuration files. For
+# details about logging configuration files, see the Python
+# logging module documentation. (string value)
+# Deprecated group/name - [DEFAULT]/log_config
+#log_config_append=<None>
+
+# DEPRECATED. A logging.Formatter log message format string
+# which may use any of the available logging.LogRecord
+# attributes. This option is deprecated.  Please use
+# logging_context_format_string and
+# logging_default_format_string instead. (string value)
+#log_format=<None>
+
+# Format string for %%(asctime)s in log records. Default:
+# %(default)s . (string value)
+#log_date_format=%Y-%m-%d %H:%M:%S
+
+# (Optional) Name of log file to output to. If no default is
+# set, logging will go to stdout. (string value)
+# Deprecated group/name - [DEFAULT]/logfile
+log_file=/var/log/bareon.log
+
+# (Optional) The base directory used for relative --log-file
+# paths. (string value)
+# Deprecated group/name - [DEFAULT]/logdir
+#log_dir=<None>
+
+# Use syslog for logging. Existing syslog format is DEPRECATED
+# during I, and will change in J to honor RFC5424. (boolean
+# value)
+#use_syslog=false
+
+# (Optional) Enables or disables syslog rfc5424 format for
+# logging. If enabled, prefixes the MSG part of the syslog
+# message with APP-NAME (RFC5424). The format without the APP-
+# NAME is deprecated in I, and will be removed in J. (boolean
+# value)
+#use_syslog_rfc_format=false
+
+# Syslog facility to receive log lines. (string value)
+#syslog_log_facility=LOG_USER
+
+
+#
+# Options defined in bareon.utils.artifact
+#
+
+# Size of data chunk to operate with images (integer value)
+#data_chunk_size=1048576
+
+
+#
+# Options defined in bareon.utils.utils
+#
+
+# Maximum retries count for http requests. 0 means infinite
+# (integer value)
+#http_max_retries=30
+
+# Http request timeout in seconds (floating point value)
+#http_request_timeout=10.0
+
+# Delay in seconds before the next http request retry
+# (floating point value)
+#http_retry_delay=2.0
+
+# Block size of data to read for calculating checksum (integer
+# value)
+#read_chunk_size=1048576
+
+# Delay in seconds before the next exectuion will retry
+# (floating point value)
+#execute_retry_delay=2.0
+
+

centos-bareon/install.d/files.ironic/etc/network

@@ -0,0 +1,3 @@
+NETWORKING=yes
+HOSTNAME=bootstrap
+VLAN=yes

centos-bareon/install.d/files.ironic/etc/ssh/sshd_config

@@ -0,0 +1,20 @@
+Protocol 2
+SyslogFacility AUTHPRIV
+PasswordAuthentication no
+PubkeyAuthentication yes
+ChallengeResponseAuthentication no
+GSSAPIAuthentication no
+UsePAM yes
+UseDNS no
+
+# Accept locale-related environment variables
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
+AcceptEnv XMODIFIERS
+
+Subsystem sftp /usr/libexec/openssh/sftp-server
+
+# Secure Ciphers and MACs
+Ciphers aes256-ctr,aes192-ctr,aes128-ctr,arcfour256,arcfour128
+MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-sha1

centos-bareon/install.d/files.ironic/root/.ssh/authorized_keys

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDtrVTSM8tGd4E8khJn2gfN/2fymnX/0YKAGSVZTWDNIcYL5zXTlSwrccn/8EgmnNsJNxucJRT+oWqrDGaFaehuwlY/IBqm50KJVaUr5QYzOUpqVpFIpoX3UwETCxcSB1LiQYbCvrJcqOPQ4Zu9fMhMGKaAX1ohzOumn4czuLDYIvCnPnoU5RDWt7g1GaFFlzGU3JFooj7/aWFJMqJLinvay3vr2vFpBvO1y29nKu+zgpZkzzJCc0ndoVqvB+W9DY6QtgTSWfd3ZE/8vg4h8QV8H+xxqL/uWCxDkv2Y3rviAHivR/V+1YCSQH0NBJrNSkRjd+1roLhcEGT7/YEnbgVV nailgun@bootstrap

centos-bareon/install.d/files.ironic/usr/lib/systemd/system/ironic-callback.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=Ironic Callback
+Requires=sshd.service
+Wants=network-online.target
+After=network-online.target sshd.service
+
+[Service]
+Type=oneshot
+User=root
+ExecStart=/usr/bin/bareon-ironic-callback
+
+[Install]
+WantedBy=multi-user.target

centos-bareon/package-installs.yaml

@@ -0,0 +1,21 @@
+curl:
+dhclient:
+policycoreutils:
+selinux-policy:
+selinux-policy-targeted:
+setroubleshoot:
+openssh-server:
+openssh-client:
+qemu-utils:
+parted:
+hdparm:
+util-linux:
+gcc:
+lvm2:
+e2fsprogs:
+xfsprogs:
+btrfs-progs:
+dosfstools:
+rsync:
+grub2:
+

centos-bareon/pkg-map

@@ -0,0 +1,2 @@
+{
+}

centos-bareon/post-install.d/10-disable-selinux

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
+    set -x
+fi
+
+set -e
+
+sed -i.bak \
+    -e 's/^SELINUX=.*/SELINUX=disabled/' \
+    /etc/sysconfig/selinux
+
+sed -i.bak \
+    -e 's/^SELINUX=.*/SELINUX=disabled/' \
+    /etc/selinux/config

centos-bareon/post-install.d/10-disable-udev-iface-rename

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
+    set -x
+fi
+
+set -e
+
+# Disabling this rule prevents inconsistent iface renames done by udev. This
+# were conflicting with prebuilt dhcp scripts (ifcfg-eth0, ifcfg-eth1) as well
+# as with dhcp-all-interfaces which was not able to generate scripts according
+# to new names (because it runs concurrently with renaming).
+# Using old schema (ethN) + pre-built dhcp scripts allows to have stable DHCP
+# even if eth interfaces are randomly swapped.
+ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
+
+# Configs for additional interfaces
+SYSCONFIG_PATH=/etc/sysconfig/network-scripts
+for IFACE_NUM in 1 2 3
+do
+    cp $SYSCONFIG_PATH/ifcfg-eth0 $SYSCONFIG_PATH/ifcfg-eth$IFACE_NUM
+    sed -i "s/eth0/eth$IFACE_NUM/g" $SYSCONFIG_PATH/ifcfg-eth$IFACE_NUM
+done
+

centos-bareon/post-install.d/80-bareon

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+rm -rf /tmp/bareon

centos-bareon/root.d/10-create-repo

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
+    set -x
+fi
+
+set -e
+
+[[ -n "$TARGET_ROOT" ]] || exit 1
+
+sudo mkdir -p $TARGET_ROOT/etc/yum.repos.d
+sudo cp /etc/yum.repos.d/*.repo $TARGET_ROOT/etc/yum.repos.d/
+sudo cp /etc/pki/rpm-gpg/* $TARGET_ROOT/etc/pki/rpm-gpg/
+

centos-bareon/root.d/60-bareon-src

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+if [ -n ${BAREON_SRC-""} ] ; then
+    git clone -b $BAREON_BRANCH $BAREON_SRC $TARGET_ROOT/tmp/bareon
+
+    cd $TARGET_ROOT/tmp/bareon
+    git log -25 --oneline > changelog
+    cd -
+fi
+

debian-bareon/README.rst

@@ -0,0 +1,8 @@
+======
+bareon
+======
+Builds a debian ramdisk with bareon.
+
+Note: This element has not been maintained along with centos-bareon, so
+might not work out of the box.
+

debian-bareon/cleanup.d/99-ramdisk-create

@@ -0,0 +1,38 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+
+[ -n "$TARGET_ROOT" ]
+
+source $_LIB/img-functions
+
+IMAGE_PATH=$(readlink -f $IMAGE_NAME)
+cd $TARGET_ROOT
+
+echo "#disabled" > ./tmp/fstab.new
+sudo mv ./tmp/fstab.new ./etc/fstab
+sudo ln -s ./sbin/init ./
+
+if [ ! -n ${DIB_MAKE_SQUASHFS-""} ] ; then
+	sudo find . -path './sys/*' -prune -o -path './proc/*' -prune -o -path './dev/*' -prune -o -path './tmp/*' -prune -o -print | sudo cpio -o -H newc | gzip > ${IMAGE_PATH}.initramfs
+
+	select_boot_kernel_initrd $TARGET_ROOT
+	sudo cp $BOOTDIR/$KERNEL ${IMAGE_PATH}.vmlinuz
+else
+	select_boot_kernel_initrd $TARGET_ROOT
+	sudo cp -a ./boot/initrd* ${IMAGE_PATH}.initramfs
+	sudo cp -a ./boot/vmlinuz* ${IMAGE_PATH}.vmlinuz
+	sudo rm -f ./boot/initrd*
+	sudo rm -f ./boot/vmlinuz*
+
+	if sudo mountpoint -q ./proc ; then
+		sudo umount ./proc
+	fi
+
+	sudo mksquashfs . ${IMAGE_PATH}.squashfs -noappend -e proc/* dev/* sys/* tmp/*
+fi

debian-bareon/element-deps

@@ -0,0 +1 @@
+source-repositories

debian-bareon/element-provides

@@ -0,0 +1,2 @@
+bareon
+

debian-bareon/install.d/60-bareon-install

@@ -0,0 +1,42 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+SCRIPTDIR=$(dirname $0)
+
+install-packages openssh-server isc-dhcp-client rsync lvm2 parted ifupdown iproute2 gcc python-dev python-pip python-wheel
+
+if [ -n ${DIB_MAKE_SQUASHFS-""} ] ; then
+    install-packages live-boot live-boot-initramfs-tools
+fi
+
+# TODO(max_lobur): sync this with a way how we do for CentOS
+cd /tmp/bareon
+python2 setup.py bdist_wheel
+whl_name=$(ls -1rv dist/bareon*.whl 2>/dev/null | head -1)
+pip install $whl_name
+cd /
+
+if [ ! -f /usr/bin/ironic_callback ]; then
+    ln -s /usr/local/bin/ironic_callback /usr/bin/ironic_callback
+fi
+
+echo $'md-mod' >> /etc/modules
+
+install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/root/.ssh/authorized_keys /root/.ssh/authorized_keys
+chmod 0700 /root/.ssh/
+install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/etc/ssh/sshd_config /etc/ssh/sshd_config
+install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/etc/hostname /etc/hostname
+install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/etc/modprobe.d/blacklist-i2c-piix4.conf /etc/modprobe.d/blacklist-i2c-piix4.conf
+install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/etc/modprobe.d/mlnx4_core.conf /etc/modprobe.d/mlnx4_core.conf
+install -D -g root -o root -m 0755 ${SCRIPTDIR}/files.ironic/etc/bareon/bareon.conf /etc/bareon/bareon.conf
+install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/lib/systemd/system/ironic-callback.service /lib/systemd/system/ironic-callback.service
+
+# TODO(lobur): sync service definition with CentOS
+systemctl enable ironic-callback.service
+
+update-initramfs -u -k all

debian-bareon/install.d/files.ironic/etc/bareon/bareon.conf

@@ -0,0 +1,211 @@
+[DEFAULT]
+
+#
+# Options defined in bareon.manager
+#
+
+# Data driver (string value)
+#data_driver=nailgun
+
+# Directory where the image is supposed to be built (string
+# value)
+#image_build_dir=/tmp
+
+# Path to directory with cloud init templates (string value)
+#nc_template_path=/usr/share/bareon/cloud-init-templates
+
+# Temporary directory for file manipulations (string value)
+#tmp_path=/tmp
+
+# Path where to store generated config drive image (string
+# value)
+#config_drive_path=/tmp/config-drive.img
+
+# Path where to store actual rules for udev daemon (string
+# value)
+#udev_rules_dir=/etc/udev/rules.d
+
+# Path where to store default rules for udev daemon (string
+# value)
+#udev_rules_lib_dir=/lib/udev/rules.d
+
+# Substring to which file extension .rules be renamed (string
+# value)
+#udev_rename_substr=.renamedrule
+
+# Correct empty rule for udev daemon (string value)
+#udev_empty_rule=empty_rule
+
+# Suffix which is used while creating temporary files (string
+# value)
+#image_build_suffix=.bareon-image
+
+# Timeout in secs for GRUB (integer value)
+#grub_timeout=5
+
+# Maximum allowed loop devices count to use (integer value)
+#max_loop_devices_count=255
+
+# Size of sparse file in MiBs (integer value)
+#sparse_file_size=8192
+
+# System-wide major number for loop device (integer value)
+#loop_device_major_number=7
+
+# Maximum allowed debootstrap/apt-get attempts to execute
+# (integer value)
+#fetch_packages_attempts=10
+
+# File where to store apt setting for unsigned packages
+# (string value)
+#allow_unsigned_file=allow_unsigned_packages
+
+# File where to store apt setting for forcing IPv4 usage
+# (string value)
+#force_ipv4_file=force_ipv4
+
+# Create configdrive file, use pre-builded if set to False
+# (boolean value)
+prepare_configdrive=false
+
+# Add udev rules for NIC remapping (boolean value)
+fix_udev_net_rules=true
+
+
+#
+# Options defined in bareon.cmd.agent
+#
+
+# Input data file (string value)
+#input_data_file=/tmp/provision.json
+
+# Input data (json string) (string value)
+#input_data=
+
+
+#
+# Options defined in bareon.openstack.common.log
+#
+
+# Print debugging output (set logging level to DEBUG instead
+# of default WARNING level). (boolean value)
+debug=true
+
+# Print more verbose output (set logging level to INFO instead
+# of default WARNING level). (boolean value)
+#verbose=false
+
+# Log output to standard error. (boolean value)
+use_stderr=false
+
+# Format string to use for log messages with context. (string
+# value)
+#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
+
+# Format string to use for log messages without context.
+# (string value)
+#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
+
+# Data to append to log format when level is DEBUG. (string
+# value)
+logging_debug_format_suffix=
+
+# Prefix each line of exception output with this format.
+# (string value)
+#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s
+
+# List of logger=LEVEL pairs. (list value)
+#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN
+
+# Enables or disables publication of error events. (boolean
+# value)
+#publish_errors=false
+
+# Enables or disables fatal status of deprecations. (boolean
+# value)
+#fatal_deprecations=false
+
+# The format for an instance that is passed with the log
+# message.  (string value)
+#instance_format="[instance: %(uuid)s] "
+
+# The format for an instance UUID that is passed with the log
+# message.  (string value)
+#instance_uuid_format="[instance: %(uuid)s] "
+
+# The name of a logging configuration file. This file is
+# appended to any existing logging configuration files. For
+# details about logging configuration files, see the Python
+# logging module documentation. (string value)
+# Deprecated group/name - [DEFAULT]/log_config
+#log_config_append=<None>
+
+# DEPRECATED. A logging.Formatter log message format string
+# which may use any of the available logging.LogRecord
+# attributes. This option is deprecated.  Please use
+# logging_context_format_string and
+# logging_default_format_string instead. (string value)
+#log_format=<None>
+
+# Format string for %%(asctime)s in log records. Default:
+# %(default)s . (string value)
+#log_date_format=%Y-%m-%d %H:%M:%S
+
+# (Optional) Name of log file to output to. If no default is
+# set, logging will go to stdout. (string value)
+# Deprecated group/name - [DEFAULT]/logfile
+log_file=/var/log/bareon.log
+
+# (Optional) The base directory used for relative --log-file
+# paths. (string value)
+# Deprecated group/name - [DEFAULT]/logdir
+#log_dir=<None>
+
+# Use syslog for logging. Existing syslog format is DEPRECATED
+# during I, and will change in J to honor RFC5424. (boolean
+# value)
+#use_syslog=false
+
+# (Optional) Enables or disables syslog rfc5424 format for
+# logging. If enabled, prefixes the MSG part of the syslog
+# message with APP-NAME (RFC5424). The format without the APP-
+# NAME is deprecated in I, and will be removed in J. (boolean
+# value)
+#use_syslog_rfc_format=false
+
+# Syslog facility to receive log lines. (string value)
+#syslog_log_facility=LOG_USER
+
+
+#
+# Options defined in bareon.utils.artifact
+#
+
+# Size of data chunk to operate with images (integer value)
+#data_chunk_size=1048576
+
+
+#
+# Options defined in bareon.utils.utils
+#
+
+# Maximum retries count for http requests. 0 means infinite
+# (integer value)
+#http_max_retries=30
+
+# Http request timeout in seconds (floating point value)
+#http_request_timeout=10.0
+
+# Delay in seconds before the next http request retry
+# (floating point value)
+#http_retry_delay=2.0
+
+# Block size of data to read for calculating checksum (integer
+# value)
+#read_chunk_size=1048576
+
+# Delay in seconds before the next exectuion will retry
+# (floating point value)
+#execute_retry_delay=2.0
+
+

debian-bareon/install.d/files.ironic/etc/hostname

@@ -0,0 +1 @@
+bootstrap

debian-bareon/install.d/files.ironic/etc/modprobe.d/blacklist-i2c-piix4.conf

@@ -0,0 +1 @@
+blacklist i2c_piix4

debian-bareon/install.d/files.ironic/etc/modprobe.d/mlnx4_core.conf

@@ -0,0 +1 @@
+options mlx4_core port_type_array=2,2

debian-bareon/install.d/files.ironic/etc/ssh/sshd_config

@@ -0,0 +1,20 @@
+Protocol 2
+SyslogFacility AUTHPRIV
+PasswordAuthentication no
+PubkeyAuthentication yes
+ChallengeResponseAuthentication no
+GSSAPIAuthentication no
+UsePAM no
+UseDNS no
+
+# Accept locale-related environment variables
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
+AcceptEnv XMODIFIERS
+
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+# Secure Ciphers and MACs
+Ciphers aes256-ctr,aes192-ctr,aes128-ctr,arcfour256,arcfour128
+MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-sha1

debian-bareon/install.d/files.ironic/lib/systemd/system/ironic-callback.service

@@ -0,0 +1,11 @@
+[Unit]
+Description=Ironic Callback
+Requires=ssh.service
+
+[Service]
+Type=oneshot
+User=root
+ExecStart=/usr/bin/bareon-ironic-callback
+
+[Install]
+WantedBy=multi-user.target

debian-bareon/install.d/files.ironic/root/.ssh/authorized_keys

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDtrVTSM8tGd4E8khJn2gfN/2fymnX/0YKAGSVZTWDNIcYL5zXTlSwrccn/8EgmnNsJNxucJRT+oWqrDGaFaehuwlY/IBqm50KJVaUr5QYzOUpqVpFIpoX3UwETCxcSB1LiQYbCvrJcqOPQ4Zu9fMhMGKaAX1ohzOumn4czuLDYIvCnPnoU5RDWt7g1GaFFlzGU3JFooj7/aWFJMqJLinvay3vr2vFpBvO1y29nKu+zgpZkzzJCc0ndoVqvB+W9DY6QtgTSWfd3ZE/8vg4h8QV8H+xxqL/uWCxDkv2Y3rviAHivR/V+1YCSQH0NBJrNSkRjd+1roLhcEGT7/YEnbgVV nailgun@bootstrap

debian-bareon/post-install.d/80-bareon

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+install-packages -e git
+rm -rf /tmp/bareon
+apt-get -y autoremove

debian-bareon/source-repository-bareon

@@ -0,0 +1 @@
+agent git /tmp/bareon git@github.com:openstack/bareon.git