f762f03ecc
1) Add forgottent ntpd start into centos's cloud-init boothook. 2) Toggle ntp server on ubuntu to be sure it will start with correct settings. 3) Fix typo in both boothook files ntp(d) must be stopped before syncing date with ntpdate. Change-Id: I4e8e912b61a57c84e24e13be10983654bcfec0ab Closes-Bug: #1394617
107 lines
5.2 KiB
Django/Jinja
107 lines
5.2 KiB
Django/Jinja
#cloud-boothook
|
|
#!/bin/bash
|
|
|
|
function add_str_to_file_if_not_exists {
|
|
file=$1
|
|
str=$2
|
|
val=$3
|
|
if ! grep -q "^ *${str}" $file; then
|
|
echo $val >> $file
|
|
fi
|
|
}
|
|
|
|
|
|
cloud-init-per instance disable_selinux_on_the_fly setenforce 0
|
|
|
|
cloud-init-per instance disable_selinux sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/sysconfig/selinux
|
|
|
|
|
|
# configure udev rules
|
|
|
|
# udev persistent net
|
|
cloud-init-per instance udev_persistent_net1 service network stop
|
|
|
|
DEFAULT_GW={{ common.master_ip }}
|
|
ADMIN_MAC={{ common.admin_mac }}
|
|
ADMIN_IF=$(echo {{ common.udevrules }} | sed 's/[,=]/\n/g' | grep "$ADMIN_MAC" | cut -d_ -f2 | head -1)
|
|
INSTALL_IF=$(ifconfig | grep "$ADMIN_MAC" | head -1 | cut -d' ' -f1)
|
|
NETADDR=( $(ifconfig $INSTALL_IF | grep -oP "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}") )
|
|
if [ ! -z "$(grep $ADMIN_IF /etc/sysconfig/network-scripts/ifcfg-$ADMIN_IF | grep dhcp)" ] ; then
|
|
echo -e "# FROM COBBLER SNIPPET\nDEVICE=$ADMIN_IF\nIPADDR=${NETADDR[0]}\nNETMASK=${NETADDR[2]}\nBOOTPROTO=none\nONBOOT=yes\nUSERCTL=no\n" > /etc/sysconfig/network-scripts/ifcfg-"$ADMIN_IF"
|
|
fi
|
|
|
|
cloud-init-per instance set_gateway echo GATEWAY="$DEFAULT_GW" | tee -a /etc/sysconfig/network
|
|
|
|
#Add static udev rules
|
|
cloud-init-per instance udev_persistent_net2 echo {{ common.udevrules }} | tr ' ' '\n' | grep udevrules | tr '[:upper:]' '[:lower:]' | sed -e 's/udevrules=//g' -e 's/,/\n/g' | sed -e "s/^/SUBSYSTEM==\"net\",\ ACTION==\"add\",\ DRIVERS==\"?*\",\ ATTR{address}==\"/g" -e "s/_/\",\ ATTR{type}==\"1\",\ KERNEL==\"eth*\",\ NAME=\"/g" -e "s/$/\"/g" | tee /etc/udev/rules.d/70-persistent-net.rules
|
|
|
|
cloud-init-per instance udev_persistent_net3 udevadm control --reload-rules
|
|
cloud-init-per instance udev_persistent_net4 udevadm trigger --attr-match=subsystem=net
|
|
cloud-init-per instance udev_persistent_net5 service network start
|
|
|
|
# end of udev
|
|
|
|
# configure black module lists
|
|
# virt-what should be installed
|
|
if [ ! -f /etc/modprobe.d/blacklist-i2c_piix4.conf ]; then
|
|
([[ $(virt-what) = "virtualbox" ]] && echo "blacklist i2c_piix4" >> /etc/modprobe.d/blacklist-i2c_piix4.conf || :)
|
|
modprobe -r i2c_piix4
|
|
fi
|
|
|
|
cloud-init-per instance conntrack_ipv4 echo nf_conntrack_ipv4 | tee -a /etc/rc.modules
|
|
cloud-init-per instance conntrack_ipv6 echo nf_conntrack_ipv6 | tee -a /etc/rc.modules
|
|
cloud-init-per instance chmod_rc_modules chmod +x /etc/rc.modules
|
|
cloud-init-per instance conntrack_max echo "net.nf_conntrack_max=1048576" | tee -a /etc/sysctl.conf
|
|
|
|
cloud-init-per instance conntrack_ipv4_load modprobe nf_conntrack_ipv4
|
|
cloud-init-per instance conntrack_ipv6_load modprobe nf_conntrack_ipv6
|
|
cloud-init-per instance conntrack_max_set sysctl -w "net.nf_conntrack_max=1048576"
|
|
|
|
cloud-init-per instance mkdir_coredump mkdir -p /var/log/coredump
|
|
cloud-init-per instance set_coredump echo -e "kernel.core_pattern=/var/log/coredump/core.%e.%p.%h.%t" | tee -a /etc/sysctl.conf
|
|
cloud-init-per instance set_chmod chmod 777 /var/log/coredump
|
|
cloud-init-per instance set_limits echo -e "* soft core unlimited\n* hard core unlimited" | tee -a /etc/security/limits.conf
|
|
|
|
|
|
#NOTE: disabled for centos?
|
|
#cloud-init-per instance dhclient echo 'supersede routers 0;' | tee /etc/dhcp/dhclient.conf
|
|
|
|
# ntp sync
|
|
# '| tee /dev/null' is needed for returning zero execution code always
|
|
cloud-init-per instance stop_ntpd service ntpd stop | tee /dev/null
|
|
cloud-init-per instance sync_date ntpdate -t 4 -b {{ common.master_ip }}
|
|
cloud-init-per instance sync_hwclock hwclock --systohc
|
|
|
|
cloud-init-per instance edit_ntp_conf1 sed -i '/^\s*tinker panic/ d' /etc/ntp.conf
|
|
cloud-init-per instance edit_ntp_conf2 sed -i '1 i tinker panic 0' /etc/ntp.conf
|
|
cloud-init-per instance edit_ntp_conf3 echo 0 > /var/lib/ntp/drift
|
|
cloud-init-per instance edit_ntp_conf4 chown ntp: /var/lib/ntp/drift
|
|
cloud-init-per instance edit_ntp_conf5 sed -i '/^\s*server/ d' /etc/ntp.conf
|
|
cloud-init-per instance edit_ntp_conf6 echo "server {{ common.master_ip }} burst iburst" | tee -a /etc/ntp.conf
|
|
|
|
|
|
# Point installed ntpd to Master node
|
|
cloud-init-per instance set_ntpdate sed -i 's/SYNC_HWCLOCK\s*=\s*no/SYNC_HWCLOCK=yes/' /etc/sysconfig/ntpdate
|
|
cloud-init-per instance set_ntpd_0 chkconfig ntpd on
|
|
cloud-init-per instance set_ntpd_1 chkconfig ntpdate on
|
|
cloud-init-per instance start_ntpd service ntpd start
|
|
|
|
cloud-init-per instance removeUseDNS sed -i --follow-symlinks -e '/UseDNS/d' /etc/ssh/sshd_config
|
|
add_str_to_file_if_not_exists /etc/ssh/sshd_config 'UseDNS' 'UseDNS no'
|
|
|
|
cloud-init-per instance gssapi_disable sed -i -e "/^\s*GSSAPICleanupCredentials yes/d" -e "/^\s*GSSAPIAuthentication yes/d" /etc/ssh/sshd_config
|
|
|
|
cloud-init-per instance nailgun_agent echo 'flock -w 0 -o /var/lock/agent.lock -c "/opt/nailgun/bin/agent >> /var/log/nailgun-agent.log 2>&1"' | tee /etc/rc.local
|
|
|
|
# Copying default bash settings to the root directory
|
|
cloud-init-per instance skel_bash cp -f /etc/skel/.bash* /root/
|
|
|
|
cloud-init-per instance clean_repos find /etc/yum.repos.d/. -name '*.repo' -delete
|
|
|
|
# Puppet config
|
|
cloud-init-per instance hiera_puppet mkdir -p /etc/puppet /var/lib/hiera
|
|
cloud-init-per instance touch_puppet touch /var/lib/hiera/common.yaml /etc/puppet/hiera.yaml
|
|
|
|
# Mcollective enable
|
|
cloud-init-per instance mcollective_enable sed -i /etc/rc.d/init.d/mcollective -e 's/\(# chkconfig:\s\+[-0-6]\+\) [0-9]\+ \([0-9]\+\)/\1 81 \2/'
|