Created
July 16, 2017 06:47
-
-
Save mungi/a410212bb3640769f47f33da338dfaec to your computer and use it in GitHub Desktop.
softlayer bootstrap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
if [ -s "/root/provisioningConfiguration.cfg" ] || [ -s "/target/root/provisioningConfiguration.cfg" ] | |
then | |
if [ -s "/root/provisioningConfiguration.cfg" ] ; then | |
. /root/provisioningConfiguration.cfg | |
DOWNLOAD_HOST=${TXN_HOST} | |
LOCAL_INSTALL_LOG=${TXN_INSTALL_LOG} | |
elif [ -s "/target/root/provisioningConfiguration.cfg" ] ; then | |
. /target/root/provisioningConfiguration.cfg | |
DOWNLOAD_HOST=${TXN_HOST_PROV} | |
LOCAL_INSTALL_LOG="/target${TXN_INSTALL_LOG}" | |
fi | |
HOSTNAME=${OS_HOSTNAME} | |
DOMAIN=${OS_DOMAIN} | |
TRANSACTION_ID=${TXN_ID} | |
for IF_NAME in ${NETWORK} ; do | |
eval IP='"$'"NETWORK_${IF_NAME}_IP"'"' | |
if [ -z "${IP}" ] ; then | |
continue; | |
fi | |
OCTET=`echo ${IP} | cut -d "." -f1` | |
if [ "${OCTET}" = "10" ]; then | |
if [ -z "${PRIVATE_IFNAME}" ] ; then | |
PRIVATE_IFNAME="${IF_NAME}" | |
PRIVATE_IP="${IP}" | |
fi | |
elif [ -n "${OCTET}" ]; then | |
if [ -z "${PUBLIC_IFNAME}" ]; then | |
PUBLIC_IFNAME="${IF_NAME}" | |
PUBLIC_IP="${IP}" | |
fi | |
fi | |
done | |
MAC_ADDRESS="${TXN_MAC_ADDRESS}" | |
# eval MAC_ADDRESS='"$'"NETWORK_${PRIVATE_IFNAME}_MAC"'"' | |
MANUFACTURER=${OS} | |
SYSTEM_UPDATE=${OS_INSTALL_TOOL} | |
ACCOUNT_ID=${TXN_ACCOUNT_ID} | |
PROFILENAME=${OS_PROFILE_NAME} | |
FIRSTOCTET=`echo ${NETWORK_GATEWAY} | cut -d "." -f1` | |
REDHAT_PROXY_SERVER=${OS_PROXY_SERVER} | |
REDHAT_CAPSULE_SERVER=${OS_CAPSULE_SERVER} | |
REDHAT_SAT_SERVER=${OS_SAT_SERVER} | |
ACTIVATION_KEYS=${OS_ACTIVATION_KEYS} | |
IFTOP_NAME="iftop.rpm" | |
IPMI_TYPE=${HARDWARE_IPMI_TYPE} | |
PROVISION=${TXN_IS_PROVISION} | |
MINIMAL_INSTALL="${OS_MINIMAL_INSTALL}" | |
SKIP_OS_UPDATE="${OS_SKIP_UPDATE}" | |
SYSTEM_PASSWORD=${OS_PASSWORD} | |
UPDATESERVER="${OS_UPDATE_SERVER}" | |
ENC_KEY="${TXN_ENC_KEY}" | |
if [ ${FIRSTOCTET:-0} -eq 10 ]; then | |
NO_PUBLIC_NETWORK=1 | |
else | |
NO_PUBLIC_NETWORK=0 | |
PUBLIC_IPADDRESS="${PUBLIC_IP}" | |
eval PUBLIC_NETMASK='"$'"NETWORK_${PUBLIC_IFNAME}_NETMASK"'"' | |
eval IPV6_PUBLIC_IPADDR='"$'"NETWORK_${PUBLIC_IFNAME}_IPV6_ADDRESS"'"' | |
eval IPV6_PUBLIC_NETMASK='"$'"NETWORK_${PUBLIC_IFNAME}_IPV6_NETMASK"'"' | |
eval IPV6_PUBLIC_GATEWAY='"$'"NETWORK_${PUBLIC_IFNAME}_IPV6_GATEWAY"'"' | |
eval IPV6_PUBLIC_CIDR='"$'"NETWORK_${PUBLIC_IFNAME}_IPV6_CIDR"'"' | |
fi | |
USEV3="YES" | |
else | |
echo "Could not load config!" | |
exit 1 | |
fi | |
# Adds a line to the end of ${LOCAL_INSTALL_LOG} | |
print_log() | |
{ | |
## hack for Habanero | |
if [ "`uname -m`" = "ppc64le" ] ; then | |
echo "`date "+%D %T"` $0: ${*}" >> "${LOCAL_INSTALL_LOG}" | tee /dev/console | |
else | |
echo "`date "+%D %T"` $0: ${*}" >> "${LOCAL_INSTALL_LOG}" | |
fi | |
} | |
# Description: trigger_error allows you to print an error message to the log file and exit with a specific status, 0 by default. | |
# | |
# Arguments: ${1} is the error message | |
# ${2} is the exit status | |
# | |
# Usage: trigger_error ${FUNCNAME}": I'm going to the log" | |
# trigger_error ${FUNCNAME}": I'm going to exit with a status of 42" 42 | |
# trigger_error ${FUNCNAME}": Something bad happened inside ${FUNCNAME}" 1 | |
# trigger_error ${0}": Unknown installcode?? ${SOFTWARE_WHATEVER_INSTALLCODE}" | |
trigger_error () | |
{ | |
TRIGGER_ERROR_ERROR_MESSAGE=${1} | |
TRIGGER_ERROR_EXIT_STATUS=${2} | |
print_log "Something bad happened in ${TRIGGER_ERROR_ERROR_MESSAGE}..." | |
if [ "${TRIGGER_ERROR_EXIT_STATUS}" ] ; then | |
exit ${TRIGGER_ERROR_EXIT_STATUS} | |
else | |
exit 0 | |
fi | |
} | |
OS_VENDOR=`echo ${OS_INSTALL_CODE} |cut -d "_" -f1` | |
OS_VERSION=`echo ${OS_INSTALL_CODE} |cut -d "_" -f2` | |
OS_VERSION_MAJOR=`echo ${OS_VERSION} |cut -d "." -f1` | |
OS_VERSION_MINOR=`echo ${OS_VERSION} |cut -d "." -f2` | |
OS_ARCH=`echo ${OS_INSTALL_CODE} |cut -d "_" -f3` | |
OS_UNAME=`uname -s` | |
# | |
# OS_REVISION is the revision of the OS, e.g. for Ubuntu 12.04.2, the revision would be 2. | |
# | |
if [ "${OS_VENDOR}" = "DEBIAN" ] || [ "${OS_VENDOR}" = "UBUNTU" ] ; then | |
OS_REVISION=`echo ${OS_VERSION} |cut -d"." -f3` | |
PATH="${PATH}:/target/bin:/target/sbin:/target/usr/bin:/target/usr/sbin" | |
fi | |
# | |
# OS_LOGGING_IDENTIFIER is string that can be added into logging/error messages to aid in debugging, et cetera. | |
# | |
if [ "${OS_REVISION}" ] ; then | |
OS_LOGGING_IDENTIFIER="${OS_ARCH}-bit ${OS_VENDOR} ${OS_VERSION_MAJOR}.${OS_VERSION_MINOR}.${OS_REVISION}" | |
else | |
OS_LOGGING_IDENTIFIER="${OS_ARCH}-bit ${OS_VENDOR} ${OS_VERSION_MAJOR}.${OS_VERSION_MINOR}" | |
fi | |
# | |
# HTTP_CMD is the name of the command used to fetch stuff via HTTP. | |
# | |
if [ "${OS}" = "FREEBSD" ] && $(which fetch > /dev/null 2>&1) ; then | |
# fetch is only available by default on the one BSD we currently offer, FreeBSD. | |
HTTP_CMD=$(which fetch) | |
elif [ "$OS" = "DEBIAN" ] || [ "$OS" = "QUANTASTOR" ] ; then | |
# Debian and Quantastor are speshul | |
HTTP_CMD="/usr/bin/wget" | |
elif $(which wget > /dev/null 2>&1) ; then | |
# wget should be on pretty much everything else. | |
HTTP_CMD=$(which wget) | |
else | |
# Explicitly set nothing, this shouldn't happen... | |
HTTP_CMD="" | |
fi | |
HTTP_CMD_ARGS="" | |
http_get_cmd_args() { | |
URI="${1}" | |
SAVE="${2}" | |
if [ -z "${HTTP_CMD}" ] ; then | |
print_log "Unable to Locate a http cmdline tool!" | |
exit 1 | |
fi | |
HTTP_CMD_ARGS="-q ${URI}" | |
if [ -n "${SAVE}" ] ; then | |
if [ -f "${SAVE}" ] ; then | |
rm -f "${SAVE}" | |
fi | |
if `echo ${HTTP_CMD} | grep -qi 'wget'` ; then | |
HTTP_CMD_ARGS="${HTTP_CMD_ARGS} -O ${SAVE}" | |
else | |
HTTP_CMD_ARGS="-o ${SAVE} ${HTTP_CMD_ARGS}" | |
fi | |
fi | |
return 0 | |
} | |
http_get() { | |
http_get_cmd_args ${1} ${2} | |
${HTTP_CMD} ${HTTP_CMD_ARGS} | |
return $? | |
} | |
get_os_helper() { | |
if [ ! -s "/root/os_helper_template.sh" ] && [ -e "/root/os_helper_template.sh" ] ; then | |
rm -f "/root/os_helper_template.sh" | |
fi | |
if [ ! -f "/root/os_helper_template.sh" ] ; then | |
http_get "http://${TXN_HOST}/install_scripts/os_helper_template.sh" "/root/os_helper_template.sh" | |
if [ $? -ne 0 ] ; then | |
print_log "Failed to grab os_helper_template.sh" | |
fi | |
fi | |
. "/root/os_helper_template.sh" | |
} | |
# Description: url_encode is an internal function that will convert | |
# your string into url encoded format. You would not | |
# normally call this function. ims_error() will. | |
# | |
# Arguments: ${1} is the error message string you wish to url encode. | |
# | |
# Returns: A string with the error message in url encoded format. | |
# | |
# Usage: ERRORMSG=$(url_encode "Task failed successfully!") | |
url_encode() { | |
URL_ARG=$1 | |
while [ -n "$URL_ARG" ]; do | |
URL_TAIL=${URL_ARG#?} | |
URL_HEAD=${URL_ARG%$URL_TAIL} | |
case "$URL_HEAD" in | |
[-._~0-9A-Za-z]) | |
URL_RET="${URL_HEAD}" | |
;; | |
*) | |
URL_RET=$(printf %%%02x "'$URL_HEAD") | |
esac | |
URL_ARG=$URL_TAIL | |
URL_ENC=$URL_ENC$URL_RET | |
done | |
printf %s ${URL_ENC} | |
} | |
# Description: ims_error will post an error message to both IMS and the | |
# normal log file. It will also note whether the call was | |
# successful or not. | |
# | |
# Arguments: ${1} is the error message string you wish to send. | |
# | |
# Usage: ims_error "These are not the errors you are looking for." | |
ims_error() { | |
IMS_ERR=$1 | |
ERRORMSG=$(url_encode "$IMS_ERR") | |
# Print non-url-encoded message to file normally. | |
print_log "${IMS_ERR}" | |
# Only difference for our needs are the exposed variables for MAC. | |
if [ -n "${IS_VIRT}" ] && [ "${IS_VIRT}" = "TRUE" ]; then | |
IMS_ERROR_URL="http://${DOWNLOAD_HOST}/deployment/Transaction/addError/${TRANSACTION_ID}/${ETH0_MAC_ADDRESS}/${ERRORMSG}" | |
else | |
IMS_ERROR_URL="http://${DOWNLOAD_HOST}/deployment/Transaction/addError/${TRANSACTION_ID}/${MAC_ADDRESS}/${ERRORMSG}" | |
fi | |
if [ "${OS}" = "FREEBSD" ]; then | |
# fetch | |
IMS_RESPONSE=`$HTTP_CMD -qo- $IMS_ERROR_URL` | |
else | |
# wget | |
IMS_RESPONSE=`$HTTP_CMD -qO- $IMS_ERROR_URL` | |
fi | |
if [ -z "$IMS_RESPONSE" ]; then | |
print_log "IMS_ERROR: IMS did not respond to send error request. Check network connectivity." | |
else | |
case "$IMS_RESPONSE" in | |
*SUCCESS*) | |
IMS_ACCEPTED_ERROR=true | |
;; | |
*FAILED*) | |
IMS_ACCEPTED_ERROR=false | |
print_log "IMS_ERROR: ${IMS_RESPONSE}" | |
;; | |
esac | |
fi | |
} | |
# Name: check_mode | |
# Desc: Queries the TXN host for the current mode (ex: "TEST") and | |
# outputs the status via print_log(). | |
# Parameters: n/a | |
# Returns: the status as a string via printf. To capture the output of this | |
# method as a return value, call: | |
# VAR=$(check_status) | |
check_mode() { | |
TXN_STATUS_FILE='/root/gsx' | |
TXN_STATUS_URL="http://${DOWNLOAD_HOST}/deployment/Transaction/getTransactionMode/${TRANSACTION_ID}/${MAC_ADDRESS}" | |
if [ -n "${DOWNLOAD_HOST}" ] && | |
[ -n "${TRANSACTION_ID}" ] && | |
[ -n "${MAC_ADDRESS}" ] && | |
$(http_get "${TXN_STATUS_URL}" "${TXN_STATUS_FILE}") && | |
[ -s "${TXN_STATUS_FILE}" ] | |
then | |
TXN_STATUS=$(cat "${TXN_STATUS_FILE}") | |
print_log "${FUNCNAME}: TXN Status: '${TXN_STATUS}'" | |
else | |
print_log "${FUNCNAME}: failed to retrieve TXN Status: ${TXN_STATUS_URL}" | |
fi | |
rm -f "${TXN_STATUS_FILE}" | |
# return the TXN status! | |
printf %s ${TXN_STATUS:-} | |
} | |
# Name: check_status | |
# Desc: Queries the TXN host for the current status (ex: "IPMI_BOOT") and | |
# outputs the status via print_log(). | |
# Parameters: n/a | |
# Returns: the status as a string via printf. To capture the output of this | |
# method as a return value, call: | |
# VAR=$(check_status) | |
check_status() { | |
TXN_STATUS_FILE='/root/gsx' | |
TXN_STATUS_URL="http://${DOWNLOAD_HOST}/deployment/Transaction/getTransactionStatus/${TRANSACTION_ID}/${MAC_ADDRESS}" | |
if [ -n "${DOWNLOAD_HOST}" ] && | |
[ -n "${TRANSACTION_ID}" ] && | |
[ -n "${MAC_ADDRESS}" ] && | |
$(http_get "${TXN_STATUS_URL}" "${TXN_STATUS_FILE}") && | |
[ -s "${TXN_STATUS_FILE}" ] | |
then | |
TXN_STATUS=$(cat "${TXN_STATUS_FILE}") | |
print_log "${FUNCNAME}: TXN Status: '${TXN_STATUS}'" | |
else | |
print_log "${FUNCNAME}: failed to retrieve TXN Status: ${TXN_STATUS_URL}" | |
fi | |
rm -f "${TXN_STATUS_FILE}" | |
# return the TXN status! | |
printf %s ${TXN_STATUS:-} | |
} | |
# Name: wait_for_status | |
# Desc: Waits for the status (ex: "IPMI_BOOT") passed to it and outputs the | |
# passed status to print_log(). | |
# Parameters: DESIRED_STATUS - the status on which you want to wait. | |
# REMEMBER_STATUS - (optional) when the desired status is found, remember it | |
# for future calls to this method. | |
# SEARCH_MEMORY - (optional) do we want to remember if this status was already | |
# encountered? | |
# Returns: n/a | |
wait_for_status() { | |
DESIRED_STATUS=${1} | |
REMEMBER_STATUS=${2:-0} | |
SEARCH_MEMORY=${3:-0} | |
if [ -s '/target/root/provisioningConfiguration.cfg' ]; then | |
PROV_CFG='/target/root/provisioningConfiguration.cfg' | |
else | |
PROV_CFG='/root/provisioningConfiguration.cfg' | |
fi | |
# Dangerous to run this without specifying a status, so kill the script. | |
if [ -z "${DESIRED_STATUS}" ]; then | |
print_log "${FUNCNAME}: ERROR! Exiting because this method was called without any parameters!" | |
exit 1 | |
fi | |
print_log "${FUNCNAME}: waiting for '${DESIRED_STATUS}' status; REMEMBER_STATUS:${REMEMBER_STATUS}; SEARCH_MEMORY:${SEARCH_MEMORY}." | |
# If desired, check the prov cfg for this status being previously set. | |
case "${SEARCH_MEMORY}" in | |
y*|Y*|t*|T*|1) | |
isInMemory=$( grep -iwc "ALREADY_RAN_${DESIRED_STATUS}=\"YES\"" ${PROV_CFG} ) | |
# Above command error? If not and the resulting string was not just zero.. | |
if [ ${?} -eq 0 ] && [ -n "${isInMemory#*0}" ] ; then | |
# Log this to help debug odd situations in the wild. | |
print_log "${FUNCNAME}: found '${DESIRED_STATUS}' status in '${PROV_CFG}'; REMEMBER_STATUS:${REMEMBER_STATUS}; SEARCH_MEMORY:${SEARCH_MEMORY}." | |
# Don't need to remember the status so exit the func now. | |
return 0 | |
fi | |
;; | |
esac | |
# Poll IMS API for HWTXN status and compare. | |
checkCount=1 | |
until [ "$(check_status)" = "${DESIRED_STATUS}" ]; do | |
sleep 30 # in seconds | |
# Log this to help troubleshoot long running TXNs. | |
if [ ${checkCount} -gt 4 ]; then | |
print_log "${FUNCNAME}: still waiting for '${DESIRED_STATUS}' status..." | |
checkCount=1 | |
else | |
checkCount=$((checkCount+1)) | |
fi | |
done | |
# Remember that the desired status was finally set. | |
case "${REMEMBER_STATUS}" in | |
y*|Y*|t*|T*|1) | |
# Don't want this in there twice! (catch-the-unexpected logic below) | |
isInMemory=$( grep -iwc "ALREADY_RAN_${DESIRED_STATUS}=\"YES\"" ${PROV_CFG} ) | |
# Above command error? Or was the resulting string just zero.. | |
if [ ${?} -eq 1 ] || [ -z "${isInMemory#*0}" ] ; then | |
# Store this so we can skip calling "check_status" next time, if there | |
# is a next time. | |
printf "ALREADY_RAN_${DESIRED_STATUS}=\"YES\"\n" >> ${PROV_CFG} | |
fi | |
;; | |
esac | |
# Useless return value? | |
# return 0 | |
} | |
# # Name: wait_for_status_cleanup | |
# # Desc: Cleans up any files left over by wait_for_status. This method is not | |
# # automatically called; you will need to add this where appro. to your code. | |
# # Why is this its own method? Because it makes sense to modularlize it so that | |
# # changes can be made here that affect all other scripts without manually | |
# # modifying those scripts--they don't need to know, just need it to work. | |
# # Parameters: n/a | |
# # Returns: n/a | |
# wait_for_status_cleanup() { | |
# rm -f "/root/wait_for_status.log" | |
# } | |
update_status() { | |
sleep 5 #This sleep is here to help from over whelming the TXN system, when updates come quickly | |
print_log "##################################" | |
print_log "Sending status update:${1}" | |
if [ -z "${TRANSACTION_ID}" ] ; then | |
print_log "Status update failure: unable to find TXN_ID" | |
print_log "##################################" | |
return 1 | |
fi | |
http_get "http://${DOWNLOAD_HOST}/deployment/Transaction/updateStatus/${TRANSACTION_ID}/${MAC_ADDRESS}/${1}" "/root/usx" | |
if grep -qi SUCCESS /root/usx | |
then | |
print_log "Status update successful" | |
else | |
print_log "Status update failure" | |
print_log "Output:" | |
cat "/root/usx" >> "${LOCAL_INSTALL_LOG}" | |
print_log "" | |
fi | |
print_log "##################################" | |
rm -f "/root/usx" | |
} | |
test_network() { | |
NETWORK_TEST_HOST=${1} | |
NETWORK_TEST_INTERVAL_DELAY=${2} | |
NETWORK_TEST_FAIL_COUNT=${3} | |
NETWORK_TEST_START_DELAY=${4} | |
NETWORK_TEST_CARE=${5:-1} | |
print_log "Starting network test to ${NETWORK_TEST_HOST} ." | |
if [ -n "${NETWORK_TEST_START_DELAY}" ] && [ "${NETWORK_TEST_START_DELAY}" -gt 0 ] | |
then | |
print_log "Sleeping for ${NETWORK_TEST_START_DELAY} seconds before starting network test." | |
sleep ${NETWORK_TEST_START_DELAY} | |
fi | |
NETWORK_COUNT=0 | |
until ping -c 1 ${NETWORK_TEST_HOST} > /dev/null 2>&1 | |
do | |
if [ ${NETWORK_COUNT} -ge ${NETWORK_TEST_FAIL_COUNT} ] | |
then | |
print_log "Network test failed!!!" | |
print_log "HOST: ${NETWORK_TEST_HOST} START DELAY: ${NETWORK_TEST_START_DELAY} INTERVAL DELAY: ${NETWORK_TEST_INTERVAL_DELAY} FAIL COUNT: ${NETWORK_TEST_FAIL_COUNT}" | |
print_log "" | |
if [ "${NETWORK_TEST_CARE}" = "1" ] | |
then | |
exit 1 | |
else | |
break | |
fi | |
fi | |
sleep ${NETWORK_TEST_INTERVAL_DELAY} | |
NETWORK_COUNT=$((NETWORK_COUNT+1)) | |
done | |
print_log "Network test to ${NETWORK_TEST_HOST} succeded." | |
} | |
hash_hmac() { | |
digest="$1" | |
data="$2" | |
key="$3" | |
shift 3 | |
echo -n "$data" | openssl dgst "-$digest" -hmac "$key" "$@" | |
} | |
set_next_step() { | |
step="$1" | |
echo -n "${step}" > /root/.next_step | |
sync | |
} | |
get_next_step() { | |
if [ ! -s "/root/.next_step" ] ; then | |
return 1 | |
fi | |
cat /root/.next_step | |
rm -f /root/.next_step | |
sync | |
return 0 | |
} | |
# Description: root_ssh_key_installer installs the requested SSH keys on the customer's server. This function is currently | |
# being called in the osupdate script for the OS/distributions that we support installing SSH keys on. | |
# | |
# Arguments: ${1} is the action, it determines whether we append or overwrite the authorized_keys file. | |
# The action can either be OVERWRITE or APPEND, with the default being to append. | |
# | |
# Usage: root_ssh_key_installer | |
# root_ssh_key_installer OVERWRITE | |
# | |
# N.B.: We do not update the authorized_keys2 file as the authorized_keys2 file is deprecated. | |
root_ssh_key_installer () | |
{ | |
# ACTION can either be OVERWRITE or APPEND. Default is to append. | |
ROOT_SSH_KEY_INSTALLER_ACTION=${1} | |
if [ "${ROOT_SSH_KEY}" = "TRUE" ] ; then | |
print_log ${FUNCNAME}": ROOT_SSH_KEY = TRUE? (${ROOT_SSH_KEY}), attempting to add ssh key(s) for root" | |
if [ ! -d /root/.ssh ] ; then | |
print_log ${FUNCNAME}": The directory /root/.ssh doesn't appear to exist, creating." | |
mkdir /root/.ssh | |
chmod 700 /root/.ssh | |
fi | |
if [ -e /root/.ssh/authorized_keys2 ] ; then | |
print_log ${FUNCNAME}": An authorized_keys2 file was found for root, however we only update the authorized_keys file." | |
fi | |
if [ ! -e /root/.ssh/authorized_keys ] ; then | |
print_log ${FUNCNAME}": root's authorized_keys file doesn't exist, creating." | |
touch /root/.ssh/authorized_keys | |
chmod 400 /root/.ssh/authorized_keys | |
fi | |
if [ "${ROOT_SSH_KEY_INSTALLER_ACTION}" = "OVERWRITE" ] ; then | |
print_log ${FUNCNAME}": The overwrite option has been specified, truncating root's authorized keys." | |
echo > /root/.ssh/authorized_keys | |
chmod 400 /root/.ssh/authorized_keys | |
fi | |
if $(http_get http://${DOWNLOAD_HOST}/deployment/Transaction/configurationTemplate/${TRANSACTION_ID}/${TXN_MAC_ADDRESS}/SSH_KEY_CONFIG /root/.ssh/SSH_KEY_CONFIG) && [ -s /root/.ssh/SSH_KEY_CONFIG ] ; then | |
print_log ${FUNCNAME}": Key download successful, attempting to add keys..." | |
echo "" >> /root/.ssh/authorized_keys | |
echo "# Start of keys added by the provisioning system" >> /root/.ssh/authorized_keys | |
cat /root/.ssh/SSH_KEY_CONFIG >> /root/.ssh/authorized_keys | |
echo "" >> /root/.ssh/authorized_keys | |
rm /root/.ssh/SSH_KEY_CONFIG | |
echo "# End of keys added by the provisioning system" >> /root/.ssh/authorized_keys | |
echo "" >> /root/.ssh/authorized_keys | |
else | |
print_log ${FUNCNAME}": Key download was unsuccessful." | |
fi | |
print_log ${FUNCNAME}": Key addition complete." | |
else | |
print_log ${FUNCNAME}": ROOT_SSH_KEY = FALSE? (${ROOT_SSH_KEY}), doing nothing..." | |
fi | |
} | |
# repo_install... does stuff | |
repo_install () | |
{ | |
REPO_URL=${1} | |
if [ -n "${REPO_URL}" ] ; then | |
print_log ${FUNCNAME}": REPO_URL = ${REPO_URL}" | |
REPO_FILE=$(basename ${REPO_URL}) | |
print_log ${FUNCNAME}": REPO_FILE = ${REPO_FILE}" | |
print_log ${FUNCNAME}": Attempting to retrieve ${REPO_URL}" | |
http_get ${REPO_URL} | |
if [ $? -eq 0 ] && [ -s "${REPO_FILE}" ] ; then | |
print_log ${FUNCNAME}": Successfully retrieved ${REPO_FILE} from ${REPO_URL}" | |
case "${OS_VENDOR}" in | |
REDHAT|CENTOS) | |
print_log ${FUNCNAME}": Moving ${REPO_FILE} to /etc/yum.repos.d/" | |
mv ${REPO_FILE} /etc/yum.repos.d/ | |
;; | |
UBUNTU|DEBIAN) | |
print_log ${FUNCNAME}": Moving ${REPO_FILE} to /etc/apt/sources.list.d/" | |
mv ${REPO_FILE} /etc/apt/sources.list.d/ | |
;; | |
*) | |
trigger_error ${FUNCNAME}": Unsure how to install repo for ${OS_VENDOR}" 1 | |
;; | |
esac | |
else | |
trigger_error ${FUNCNAME}": Failed to retrieve ${REPO_FILE} from ${REPO_URL}" 1 | |
fi | |
else | |
trigger_error ${FUNCNAME}": It doesn't appear a URL was passed to this function..." 1 | |
fi | |
} | |
# repo_key_install... does stuff | |
repo_key_install () | |
{ | |
REPO_KEY_URL=${1} | |
if [ -n "${REPO_KEY_URL}" ] ; then | |
print_log ${FUNCNAME}": REPO_KEY_URL = ${REPO_KEY_URL}" | |
REPO_KEY_FILE=$(basename ${REPO_KEY_URL}) | |
print_log ${FUNCNAME}": REPO_KEY_FILE = ${REPO_KEY_FILE}" | |
print_log ${FUNCNAME}": Attempting to retrieve ${REPO_KEY_URL}" | |
http_get ${REPO_KEY_URL} | |
if [ $? -eq 0 ] && [ -s "${REPO_KEY_FILE}" ] ; then | |
print_log ${FUNCNAME}": Successfully retrieved ${REPO_KEY_FILE} from ${REPO_KEY_URL}" | |
case "${OS_VENDOR}" in | |
REDHAT|CENTOS) | |
print_log ${FUNCNAME}": Importing ${REPO_KEY_FILE} with rpm..." | |
rpm --import ${REPO_KEY_FILE} | |
rm -f ${REPO_KEY_FILE} | |
;; | |
UBUNTU|DEBIAN) | |
print_log ${FUNCNAME}": Importing ${REPO_KEY_FILE} with apt-key..." | |
apt-key add ${REPO_KEY_FILE} | |
rm -f ${REPO_KEY_FILE} | |
;; | |
*) | |
trigger_error ${FUNCNAME}": Unsure how to install repo key for ${OS_VENDOR}" 1 | |
;; | |
esac | |
else | |
trigger_error ${FUNCNAME}": Failed to retrieve ${REPO_KEY_FILE} from ${REPO_KEY_URL}" 1 | |
fi | |
else | |
trigger_error ${FUNCNAME}": It doesn't appear a URL was passed to this function..." 1 | |
fi | |
} | |
##### | |
# Java installers | |
##### | |
# Java RPM versions. | |
# 6U45_64 | |
JDK_LINUX_6U45_64_RPM_BIN_FILE="jdk-6u45-linux-x64-rpm.bin" | |
JDK_LINUX_6U45_64_RPMS="jdk-6u45-linux-amd64.rpm sun-javadb-client-10.6.2-1.1.i386.rpm sun-javadb-common-10.6.2-1.1.i386.rpm sun-javadb-core-10.6.2-1.1.i386.rpm sun-javadb-demo-10.6.2-1.1.i386.rpm sun-javadb-docs-10.6.2-1.1.i386.rpm sun-javadb-javadoc-10.6.2-1.1.i386.rpm" | |
# java_rpm_installer... does stuff | |
java_rpm_installer () | |
{ | |
JAVA_VERSION=${1} | |
if [ -n "${JAVA_VERSION}" ] ; then | |
print_log ${FUNCNAME}": JAVA_VERSION = ${JAVA_VERSION}" | |
eval JAVA_FILE='"$'"JDK_LINUX_${JAVA_VERSION}_RPM_BIN_FILE"'"' | |
print_log ${FUNCNAME}": JAVA_FILE = ${JAVA_FILE}" | |
eval JAVA_RPM_FILES='"$'"JDK_LINUX_${JAVA_VERSION}_RPMS"'"' | |
print_log ${FUNCNAME}": JAVA_RPM_FILES = ${JAVA_RPM_FILES}" | |
JAVA_URL="http://${DOWNLOAD_HOST}/swinstall/java/" | |
print_log ${FUNCNAME}": JAVA_URL = ${JAVA_URL}" | |
http_get ${JAVA_URL}${JAVA_FILE} | |
if [ $? -eq 0 ] && [ -s "${JAVA_FILE}" ] ; then | |
print_log ${FUNCNAME}": Successfully retrieved ${JAVA_FILE} from ${JAVA_URL}." | |
chmod o+x ${JAVA_FILE} | |
print_log ${FUNCNAME}": Executing ${JAVA_FILE}." | |
./${JAVA_FILE} | |
if [ $? -ne 0 ] ; then | |
trigger_error ${FUNCNAME}": The Java installation file ${JAVA_FILE} returned a non-zero exit status upon execution" | |
fi | |
for JAVA_RPM_FILE in ${JAVA_RPM_FILES} ${JAVA_FILE} ; do | |
if [ -e "${JAVA_RPM_FILE}" ] ; then | |
print_log ${FUNCNAME}": ${JAVA_RPM_FILE} exists, deleting..." | |
rm -f ${JAVA_RPM_FILE} | |
if [ $? -eq 0 ] ; then | |
print_log ${FUNCNAME}": ${JAVA_RPM_FILE} successfully deleted." | |
else | |
trigger_error ${FUNCNAME}": The command 'rm -f' returned a non-zero exit status while attempting to delete ${JAVA_RPM_FILE}" | |
fi | |
fi | |
done | |
else | |
trigger_error ${FUNCNAME}": Failed to retrieve ${JAVA_FILE} from ${JAVA_URL}" 1 | |
fi | |
else | |
trigger_error ${FUNCNAME}": The required parameter JAVA_VERSION is not set..." 1 | |
fi | |
} | |
##### | |
# End of Java installers | |
##### | |
##### | |
# Habanero... | |
##### | |
start_hab_debug_logging () | |
{ | |
#### setup shell redirection for Habanero debug/logging #### | |
#echo '#### setup shell redirection for Habanero debug/logging ####' | |
echo '#### setup shell redirection for Habanero debug/logging ####' | tee /dev/console | |
## log file: | |
MAIN_LOG_FILE="/root/hab_debug.log" | |
##[ -e $MAIN_LOG_FILE ] && mv -f $MAIN_LOG_FILE $MAIN_LOG_FILE.`date +%Y%m%d.%H%M%S` | |
#[ ! -e $MAIN_LOG_FILE ] && touch $MAIN_LOG_FILE | |
[ -e $MAIN_LOG_FILE ] && cp -pf $MAIN_LOG_FILE $MAIN_LOG_FILE.`date +%Y%m%d.%H%M%S` || touch $MAIN_LOG_FILE | |
MY_PIPE="/tmp/.my.pipe.$$" | |
#[ -e $MY_PIPE ] && rm -f $MY_PIPE | |
#mkfifo $MY_PIPE | |
[ ! -e $MY_PIPE ] && mkfifo $MY_PIPE | |
exec 3>&1 4>&2 | |
tee $MAIN_LOG_FILE < $MY_PIPE >&3 & | |
#tpid=$! | |
exec > $MY_PIPE 2>&1 | |
## END: log file | |
### console output: | |
#CONSOLE_OUT="/dev/console" | |
#MY_PIPE2="/tmp/.my.pipe2.$$" | |
##[ -e $MY_PIPE2 ] && rm -f $MY_PIPE2 | |
##mkfifo $MY_PIPE2 | |
#[ ! -e $MY_PIPE2 ] && mkfifo $MY_PIPE2 | |
#exec 6>&1 7>&2 | |
#tee $CONSOLE_OUT < $MY_PIPE >&6 & | |
##tpid=$! | |
#exec > $MY_PIPE2 2>&1 | |
### END: console output | |
#echo '#### END: setup shell redirection for Habanero debug/logging ####' | |
echo '#### END: setup shell redirection for Habanero debug/logging ####' | tee /dev/console | |
#### END: setup shell redirection for Habanero debug/logging #### | |
} | |
stop_hab_debug_logging () | |
{ | |
#### cleanup (turn off shell redirection for Habanero debug/logging #### | |
echo '#### cleanup (turn off shell redirection for Habanero debug/logging) ####' | tee /dev/console | |
exec 1>&3 3>&- 2>&4 4>&- | |
##exec 1>&6 6>&- 2>&7 7>&- | |
#wait $tpid | |
#[ -e $MY_PIPE ] && rm -f $MY_PIPE | |
##[ -e $MY_PIPE2 ] && rm -f $MY_PIPE2 | |
echo '#### END: cleanup (turn off shell redirection for Habanero debug/logging) ####' | tee /dev/console | |
} | |
##### | |
# END: Habanero | |
##### | |
eval_indirect_variable(){ | |
_target="${1}" | |
while read _assignment | |
do | |
_key="${_assignment%%=*}" | |
if [ "${_key}" = "${_target}" ] | |
then | |
_val="${_assignment#*=}" | |
_val="${_val#[\'\"]}" | |
_val="${_val%[\'\"]}" | |
printf '%s\n' "${_val}" | |
return 0 | |
fi | |
# POSIX allows piplined commands to run in subshells, | |
# which could impact the value local variables -- | |
# so we use this trick instead of `set | while read` | |
done <<EOF | |
$(set) | |
EOF | |
return 1 | |
} | |
has_adn_routes(){ | |
for _netdev in ${NETWORK} | |
do | |
_net_adn_routes="$(eval_indirect_variable "NETWORK_${_netdev}_ADN_ROUTES")" | |
[ -n "${_net_adn_routes}" ] && return 0 | |
done | |
return 1 | |
} | |
has_adn(){ | |
# assume ADN setup if ADN routes exist | |
has_adn_routes && return 0 || return 1 | |
} | |
has_public_network(){ | |
_is_net_frontend_setup="$(eval_indirect_variable "NETWORK_${NETWORK_FRONTEND_DEVICE}_SETUP")" | |
[ "${_is_net_frontend_setup}" = 'YES' ] && return 0 || return 1 | |
} | |
is_backend_interface(){ | |
[ "${1}" = "${NETWORK_BACKEND_DEVICE}" ] | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
. /root/provisioningConfiguration.cfg | |
. /root/base_functions.sh | |
# Set system password | |
echo root:${OS_PASSWORD} | chpasswd | |
# Set times between fsck and reset counters | |
tune2fs -i 180d /dev/xvda1 | |
tune2fs -i 180d /dev/xvda2 | |
tune2fs -T now /dev/xvda1 | |
tune2fs -T now /dev/xvda2 | |
tune2fs -c 180 /dev/xvda1 | |
tune2fs -c 180 /dev/xvda2 | |
tune2fs -C 1 /dev/xvda1 | |
tune2fs -C 1 /dev/xvda2 | |
#Wait for networking forever | |
# cause Ubuntu is stupid | |
if [ "${OS}" = "UBUNTU" ] ; then | |
sleep 6 | |
/etc/init.d/networking restart | |
fi | |
# wget will default retry 20 times | |
wget -O "/root/nettest" "http://${DOWNLOAD_HOST}/install_scripts/nettest" | |
while true | |
do | |
if [ -s "/root/nettest" ] | |
then | |
rm -f "/root/nettest" | |
break | |
else | |
sleep 6 | |
wget -O "/root/nettest" "http://${DOWNLOAD_HOST}/install_scripts/nettest" | |
fi | |
done | |
# Ping ns1.softlayer.com and don't care if we can't ping it | |
test_network 67.228.254.4 5 3 2 0 | |
# Turn off iptables | |
#/etc/init.d/iptables stop | |
# Regen ssh host keys | |
rm -rf /etc/ssh/ssh_host_* | |
service sshd restart | |
update_status INSTALL_COMPLETE | |
rm -f "/root/provisioningConfiguration.cfg" | |
rm -f "/root/base_functions.sh" | |
rm -f "${TXN_INSTALL_LOG}" | |
sleep 30 | |
# sleep for 10 seconds to let IMS complete the provision as this should run after we check in with INSTALL_COMPLETE | |
sleep 10 | |
PI=$(mktemp post_install.XXXX) | |
echo "Post provision script detected. Downloading." | logger -i -t post_install -p info | |
wget --no-check-certificate -nv --header "X-Order-id: 12345678" --header "X-Host-id: 2345678" --header "X-FQDN: boot.test.com --header "X-Guid: 12345678-570f-1111-2222-333333333333" --header "X-BackendIP: 10.123.80.44" --header "X-FrontendIP: 169.55.11.12" --header "X-Filename: ${PI}" -O /root/${PI} "https://gist.githubusercontent.com/provisionscript.sh" 2>&1 | logger -i -t post_install -p info | |
if [ -s /root/${PI} ] ; then | |
# good pull lets run this | |
chmod u+x /root/${PI} | |
echo "Post provision script detected. Attempting execution." | logger -i -t post_install -p info | |
SH=$(which sh) | |
${SH} /root/${PI} 2>&1 | logger -i -t post_install -p info | |
else | |
echo "Failed to pull post provisining script" | logger -i -t post_install -p info | |
fi | |
rm /etc/systemd/system/multi-user.target.wants/install.service | |
rm /root/install.sh | |
# sleep for 10 seconds to let IMS complete the provision as this should run after we check in with INSTALL_COMPLETE | |
sleep 10 | |
PI=$(mktemp post_install.XXXX) | |
echo "Post provision script detected. Downloading." | logger -i -t post_install -p info | |
wget --no-check-certificate -nv --header "X-Order-id: 12345678" --header "X-Host-id: 2345678" --header "X-FQDN: boot.test.com --header "X-Guid: 12345678-570f-1111-2222-333333333333" --header "X-BackendIP: 10.123.80.44" --header "X-FrontendIP: 169.55.11.12" --header "X-Filename: ${PI}" -O /root/${PI} "https://gist.githubusercontent.com/provisionscript.sh" 2>&1 | logger -i -t post_install -p info | |
if [ -s /root/${PI} ] ; then | |
# good pull lets run this | |
chmod u+x /root/${PI} | |
echo "Post provision script detected. Attempting execution." | logger -i -t post_install -p info | |
SH=$(which sh) | |
${SH} /root/${PI} 2>&1 | logger -i -t post_install -p info | |
else | |
echo "Failed to pull post provisining script" | logger -i -t post_install -p info | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
TXN_ACCOUNT_ID="1234567" | |
TXN_ENC_KEY="" | |
TXN_GROUP_NAME="Cloud Provision" | |
TXN_HOST="10.200.11.11" | |
TXN_HOST_PROV="172.16.1.11" | |
TXN_HWO_ID="98765432" | |
TXN_ID="23456789" | |
TXN_INSTALL_LOG="/root/swinstall.log" | |
TXN_IS_PROVISION="1" | |
TXN_LOCATION_ID="seo01" | |
TXN_MAC_ADDRESS="06:0b:dc:11:11:11" | |
OS="CENTOS" | |
OS_ACTIVATION_KEYS="GPL" | |
OS_CAPSULE_SERVER="rhncaptok0202.service.networklayer.com" | |
OS_CDIMAGE_PATH="CentOS/CENTOS_7.0_64" | |
OS_DOMAIN="test.com" | |
OS_HOSTNAME="bootstrap" | |
OS_INSTALL_CODE="CENTOS_7.0_64" | |
OS_INSTALL_TOOL="/usr/bin/yum -y install" | |
OS_MANUFACTURER="CENTOS" | |
OS_MINIMAL_INSTALL="TRUE" | |
OS_PASSWORD="PASSWORD" | |
OS_PROFILE_NAME="1234567-98765432-V" | |
OS_PROXY_SERVER="" | |
OS_SAT_SERVER="rhnsatsyd0101.service.networklayer.com" | |
OS_SET_BRIDGE_MODE="FALSE" | |
OS_SKIP_UPDATE="TRUE" | |
OS_TIME_SERVER="time.service.networklayer.com" | |
OS_UPDATE_SERVER="mirrors.service.networklayer.com" | |
HARDWARE_DISKS="sda" | |
HARDWARE_DISK_CONTAINS_SSD="NO" | |
HARDWARE_DISK_CONTROLLER_MAKE="ONBOARD" | |
HARDWARE_DISK_CONTROLLER_MODEL="ONBOARD" | |
HARDWARE_DISK_CONTROLLER_TYPE="ONBOARD" | |
HARDWARE_DISK_sda_FORMAT="YES" | |
HARDWARE_DISK_sda_PARTITIONS="" | |
HARDWARE_GPU_MAKE="" | |
HARDWARE_GPU_MODEL="" | |
HARDWARE_IPMI_MODEL="" | |
HARDWARE_IPMI_TYPE="" | |
HARDWARE_LOCATION_NAME="seo01" | |
HARDWARE_MOTHERBOARD_MODEL="" | |
HARDWARE_NETWORK_ADDON_MODEL="" | |
HARDWARE_UUID="12345678-570f-0000-1111-222222222222" | |
SOFTWARE="" | |
IPMI_ADDRESS="" | |
IPMI_GATEWAY="" | |
IPMI_NETMASK="" | |
NETWORK="eth0 eth1" | |
NETWORK_BACKEND_DEVICE="eth0" | |
NETWORK_COUNT="0" | |
NETWORK_FRONTEND_DEVICE="eth1" | |
NETWORK_GATEWAY="169.55.11.11" | |
NETWORK_NAMESERVERS="10.0.80.11 10.0.80.12" | |
NETWORK_PRIMARY_NAMESERVER="10.0.80.11" | |
NETWORK_SECONDARY_NAMESERVER="10.0.80.12" | |
NETWORK_eth0_ADN_ROUTES="10.0.0.0/255.0.0.0:10.123.80.1 161.26.0.0/255.255.0.0:10.123.80.1" | |
NETWORK_eth0_ADN_ROUTES_CIDR="10.0.0.0/8:10.123.80.1 161.26.0.0/16:10.123.80.1" | |
NETWORK_eth0_CUSTOMER_ROUTES="" | |
NETWORK_eth0_DUPLEX="" | |
NETWORK_eth0_GATEWAY="10.123.80.1" | |
NETWORK_eth0_GROUPTYPE="" | |
NETWORK_eth0_IP="10.123.80.44" | |
NETWORK_eth0_IP_CIDR="26" | |
NETWORK_eth0_MAC="06:0b:dc:11:11:11" | |
NETWORK_eth0_NETMASK="255.255.255.192" | |
NETWORK_eth0_ROUTES="10.0.0.0/8" | |
NETWORK_eth0_SECONDARY="" | |
NETWORK_eth0_SETUP="YES" | |
NETWORK_eth0_SPEED="100" | |
NETWORK_eth1_ADN_ROUTES="" | |
NETWORK_eth1_ADN_ROUTES_CIDR="" | |
NETWORK_eth1_CUSTOMER_ROUTES="" | |
NETWORK_eth1_DUPLEX="" | |
NETWORK_eth1_GATEWAY="169.55.11.11" | |
NETWORK_eth1_GROUPTYPE="" | |
NETWORK_eth1_IP="169.55.11.12" | |
NETWORK_eth1_IP_CIDR="28" | |
NETWORK_eth1_MAC="06:c3:64:11:12:13" | |
NETWORK_eth1_NETMASK="255.255.255.240" | |
NETWORK_eth1_ROUTES="" | |
NETWORK_eth1_SECONDARY="" | |
NETWORK_eth1_SETUP="YES" | |
NETWORK_eth1_SPEED="100" | |
ROOT_SSH_KEY="TRUE" | |
CCI_TEMPLATE="TRUE" | |
IS_VIRT="TRUE" | |
POST_PROV_SCRIPT="https://gist.githubusercontent.com/provisionscript.sh" | |
ORDER_ID="01234567" | |
#OS_POST_INSTALL_CONFIG for nix systems |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment