starlingx/meta-starlingx
Code Issues Proposed changes

Add stx packages to the layer

Browse Source
This commit is contained in:
babak sarashki 2019-10-13 19:35:16 -07:00
parent fcd40818cd
commit e87fb1cef7
256 changed files with 18744 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

116
README.md
View File

@ -4,7 +4,7 @@ meta-stx
Introduction
------------------------
This layer is intended to enable starlingx on poky.
This layer enables starlingx on poky.
Dependencies
@ -26,21 +26,17 @@ Maintenance
-------------------------
Maintainer:
Babak Sarashki <babak.sarashki@windriver.com>
Building the meta-stx layer
---------------------------
Use Case: Virtual Network Setup
-------------------------------
This script is inteded to setup virtual network between ns's on the host.
Setup workspace
```
mkdir -p layers
cd layers
mkdir -p $P/workspace/{layers,build}
cd $P/workspace/layers
git clone --branch thud git://git.yoctoproject.org/poky.git
git clone --branch thud git://git.openembedded.org/meta-openembedded
@ -48,57 +44,79 @@ git clone --branch thud git://git.yoctoproject.org/meta-virtualization
git clone --branch thud git://git.yoctoproject.org/meta-cloud-services
git clone --branch thud git://git.yoctoproject.org/meta-intel
git clone --branch thud git://git.yoctoproject.org/meta-intel-qat
git clone --branch thud git://git.yoctoproject.org/meta-selinux
git clone --branch thud git://git.yoctoproject.org/meta-security
git clone --branch thud https://github.com/jiazhang0/meta-secure-core.git
git clone --branch thud https://github.com/intel-iot-devkit/meta-iot-cloud.git
git clone --branch thud https://github.com/intel-iot-devkit/meta-iot-cloud.git
git clone --branch thud https://github.com/rauc/meta-rauc.git
git clone --branch thud git://git.yoctoproject.org/meta-intel
git clone --branch thud git://git.yoctoproject.org/meta-intel-qat
git clone --branch thud https://github.com/intel-iot-devkit/meta-iot-cloud.git
git clone https://github.com/zbsarashki/meta-stx.git
cd poky
. ./oe-init-build-env /path/to/prj/dir
```
Add the following layers to conf/bblayers.conf
```
PATH_TO_LOCAL_REPO/layers/poky/meta
PATH_TO_LOCAL_REPO/layers/poky/meta-poky
PATH_TO_LOCAL_REPO/layers/poky/meta-yocto-bsp
PATH_TO_LOCAL_REPO/layers/meta-openembedded/meta-oe
PATH_TO_LOCAL_REPO/layers/meta-openembedded/meta-networking
PATH_TO_LOCAL_REPO/layers/meta-openembedded/meta-filesystems
PATH_TO_LOCAL_REPO/layers/meta-openembedded/meta-perl
PATH_TO_LOCAL_REPO/layers/meta-openembedded/meta-python
PATH_TO_LOCAL_REPO/layers/meta-openembedded/meta-webserver
PATH_TO_LOCAL_REPO/layers/meta-openembedded/meta-initramfs
PATH_TO_LOCAL_REPO/layers/meta-openembedded/meta-gnome
PATH_TO_LOCAL_REPO/layers/meta-virtualization
PATH_TO_LOCAL_REPO/layers/meta-cloud-services
PATH_TO_LOCAL_REPO/layers/meta-cloud-services/meta-openstack
PATH_TO_LOCAL_REPO/layers/meta-cloud-services/meta-openstack-aio-deploy
PATH_TO_LOCAL_REPO/layers/meta-cloud-services/meta-openstack-compute-deploy
PATH_TO_LOCAL_REPO/layers/meta-cloud-services/meta-openstack-controller-deploy
PATH_TO_LOCAL_REPO/layers/meta-cloud-services/meta-openstack-qemu
PATH_TO_LOCAL_REPO/layers/meta-cloud-services/meta-openstack-swift-deploy
PATH_TO_LOCAL_REPO/layers/meta-measured
PATH_TO_LOCAL_REPO/layers/meta-secure-core/meta-signing-key
PATH_TO_LOCAL_REPO/layers/meta-secure-core/meta-efi-secure-boot
PATH_TO_LOCAL_REPO/layers/meta-secure-core/meta-encrypted-storage
PATH_TO_LOCAL_REPO/layers/meta-secure-core/meta-integrity
PATH_TO_LOCAL_REPO/layers/meta-secure-core/meta-tpm2
PATH_TO_LOCAL_REPO/layers/meta-secure-core/meta
PATH_TO_LOCAL_REPO/layers/meta-security
PATH_TO_LOCAL_REPO/layers/meta-security/meta-security-compliance
PATH_TO_LOCAL_REPO/layers/meta-selinux
PATH_TO_LOCAL_REPO/layers/meta-intel
PATH_TO_LOCAL_REPO/layers/meta-intel-qat
PATH_TO_LOCAL_REPO/layers/meta-rauc
PATH_TO_LOCAL_REPO/layers/meta-stx
PATH_TO_LOCAL_REPO/layers/local
PATH_TO_LOCAL_REPO/layers/meta-iot-cloud
P=Path to workspace
cd $P/workspace/layers/poky
source oe-init-build-env $P/workspace/build
cat > conf/bblayers.conf << EOF
# POKY_BBLAYERS_CONF_VERSION is increased each time build/conf/bblayers.conf
# changes incompatibly
POKY_BBLAYERS_CONF_VERSION = "2"
BBPATH = "\${TOPDIR}"
BBFILES ?= ""
BBLAYERS ?= " \\
$P/workspace/layers/poky/meta \\
$P/workspace/layers/poky/meta-poky \\
$P/workspace/layers/poky/meta-yocto-bsp \\
$P/workspace/layers/meta-openembedded/meta-oe \\
$P/workspace/layers/meta-openembedded/meta-networking \\
$P/workspace/layers/meta-openembedded/meta-filesystems \\
$P/workspace/layers/meta-openembedded/meta-perl \\
$P/workspace/layers/meta-openembedded/meta-python \\
$P/workspace/layers/meta-openembedded/meta-webserver \\
$P/workspace/layers/meta-openembedded/meta-initramfs \\
$P/workspace/layers/meta-openembedded/meta-gnome \\
$P/workspace/layers/meta-virtualization \\
$P/workspace/layers/meta-cloud-services \\
$P/workspace/layers/meta-cloud-services/meta-openstack \\
$P/workspace/layers/meta-cloud-services/meta-openstack-aio-deploy \\
$P/workspace/layers/meta-cloud-services/meta-openstack-compute-deploy \\
$P/workspace/layers/meta-cloud-services/meta-openstack-controller-deploy \\
$P/workspace/layers/meta-cloud-services/meta-openstack-qemu \\
$P/workspace/layers/meta-cloud-services/meta-openstack-swift-deploy \\
$P/workspace/layers/meta-secure-core/meta-signing-key \\
$P/workspace/layers/meta-secure-core/meta-efi-secure-boot \\
$P/workspace/layers/meta-secure-core/meta-encrypted-storage \\
$P/workspace/layers/meta-secure-core/meta-integrity \\
$P/workspace/layers/meta-secure-core/meta-tpm2 \\
$P/workspace/layers/meta-secure-core/meta \\
$P/workspace/layers/meta-security \\
$P/workspace/layers/meta-security/meta-security-compliance \\
$P/workspace/layers/meta-selinux \\
$P/workspace/layers/meta-intel \\
$P/workspace/layers/meta-intel-qat \\
$P/workspace/layers/meta-rauc \\
$P/workspace/layers/meta-iot-cloud \\
$P/workspace/layers/meta-stx \\
"
EOF
sed -i -e 's/^\(#MACHINE.*\"qemuarm\"\)/MACHINE \?= \"intel-corei7-64\"\n\1/g' conf/local.conf
echo 'PREFERRED_PROVIDER_virtual/kernel = "linux-yocto"' >> conf/local.conf
```
Use Case:
---------------------------
# Legal Notices
All product names, logos, and brands are property of their respective owners. All company, product and service names used in this software are for identification purposes only. Wind River is a registered trademarks of Wind River Systems, Inc. Linux is a registered trademark of Linus Torvalds.

99
recipes-connectivity/etcd/etcd_git.bb Normal file
View File

@ -0,0 +1,99 @@
SUMMARY = "A distributed key-value store for shared config and service discovery"
DESCRIPTION = " \
etcd is a distributed reliable key-value store for the most critical data \
of a distributed system, with a focus on being: \
\
* Simple: well-defined, user-facing API (gRPC) \
* Secure: automatic TLS with optional client cert authentication \
* Fast: benchmarked 10,000 writes/sec \
* Reliable: properly distributed using Raft \
"
HOMEPAGE = "https://github.com/coreos/etcd"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
SRC_URI = " \
git://github.com/coreos/etcd.git;branch=release-3.3 \
file://bz1350875-disaster-recovery-with-copies.patch \
file://expand-etcd-arch-validation.patch \
file://etcd.service \
file://etcd.conf \
"
SRCREV = "98d308426819d892e149fe45f6fd542464cb1f9d"
PV = "3.3.13+git${SRCPV}"
S = "${WORKDIR}/git"
inherit go goarch systemd useradd
SYSTEMD_PACKAGES = "${PN}"
SYSTEMD_SERVICE_${PN} = "etcd.service"
SYSTEMD_AUTO_ENABLE_${PN} = "enable"
USERADD_PACKAGES = "${PN}"
USERADD_PARAM_${PN} = " \
--system --shell ${sbindir}/nologin --comment 'etcd user' \
--home-dir ${localstatedir}/lib --groups etcd --gid etcd etcd \
"
GROUPADD_PARAM_${PN} = "etcd"
TARGET_CC_ARCH += "${LDFLAGS}"
GO_IMPORT = "import"
do_compile() {
export GOARCH="${TARGET_GOARCH}"
# Setup vendor directory so that it can be used in GOPATH.
#
# Go looks in a src directory under any directory in GOPATH but
# uses 'vendor' instead of 'vendor/src'. We can fix this with a symlink.
#
# We also need to link in the ipallocator directory as that is not under
# a src directory.
ln -sfn . "${S}/src/import/cmd/vendor/src"
mkdir -p "${S}/src/import/cmd/vendor/src/github.com/cockroachdb/cmux"
ln -sfn "${S}/cmux" "${S}/src/import/cmd/vendor/github.com/cockroachdb/cmux"
export GOPATH="${S}/src/import/cmd/vendor"
# Pass the needed cflags/ldflags so that cgo
# can find the needed headers files and libraries
export CGO_ENABLED="1"
export CFLAGS=""
export LDFLAGS=""
export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
if [ "${TARGET_ARCH}" = "x86_64" ]; then
export GOARCH="amd64"
elif [ "${TARGET_ARCH}" = "i586" ]; then
export GOARCH="386"
fi
./src/import/build
}
do_install() {
install -d ${D}/${bindir}
install -m 0755 ${S}/src/import/bin/etcd ${D}/${bindir}/etcd
install -m 0755 ${S}/src/import/bin/etcdctl ${D}/${bindir}/etcdctl
install -d ${D}${systemd_system_unitdir}
install -m 0644 ${WORKDIR}/etcd.service ${D}${systemd_system_unitdir}
# etcd state is in /var/lib/etcd
install -d ${D}/${localstatedir}/lib/${BPN}
install -d ${D}${sysconfdir}/etcd
install -m 0644 ${WORKDIR}/etcd.conf ${D}${sysconfdir}/etcd
}
deltask compile_ptest_base
RDEPENDS_${PN} = "bash"
# During packaging etcd gets the warning "no GNU hash in elf binary"
# This issue occurs due to compiling without ldflags, but a
# solution has yet to be found. For now we ignore this error with
# the line below.
#INSANE_SKIP_${PN} = "ldflags"

62
recipes-connectivity/etcd/files/bz1350875-disaster-recovery-with-copies.patch Normal file
View File

@ -0,0 +1,62 @@
From a859da2344e36c88f500661972083ce16c532663 Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@windriver.com>
Date: Tue, 6 Aug 2019 16:46:47 +0800
Subject: [PATCH] bz1350875-disaster-recovery-with-copies
original author: Jan Chaloupka <jchaloup@redhat.com>
rebased for 3.3.13
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
src/import/etcdctl/ctlv2/command/backup_command.go | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/src/import/etcdctl/ctlv2/command/backup_command.go b/src/import/etcdctl/ctlv2/command/backup_command.go
index 82e61d8..10f9961 100644
--- a/src/import/etcdctl/ctlv2/command/backup_command.go
+++ b/src/import/etcdctl/ctlv2/command/backup_command.go
@@ -20,6 +20,7 @@ import (
"os"
"path"
"path/filepath"
+ "strconv"
"regexp"
"time"
@@ -47,6 +48,9 @@ func NewBackupCommand() cli.Command {
cli.StringFlag{Name: "wal-dir", Value: "", Usage: "Path to the etcd wal dir"},
cli.StringFlag{Name: "backup-dir", Value: "", Usage: "Path to the backup dir"},
cli.StringFlag{Name: "backup-wal-dir", Value: "", Usage: "Path to the backup wal dir"},
+ cli.BoolFlag{Name: "keep-cluster-id", Usage: "Do not rewrite the cluster id"},
+ cli.StringFlag{Name: "node-id", Value: "", Usage: "Use custom node id instead of a random value"},
+
cli.BoolFlag{Name: "with-v3", Usage: "Backup v3 backend data"},
},
Action: handleBackup,
@@ -83,8 +87,20 @@ func handleBackup(c *cli.Context) error {
saveDB(filepath.Join(destSnap, "db"), filepath.Join(srcSnap, "db"), state.Commit, withV3)
idgen := idutil.NewGenerator(0, time.Now())
- metadata.NodeID = idgen.Next()
- metadata.ClusterID = idgen.Next()
+ explicitNodeId := c.String("node-id")
+ if explicitNodeId != "" {
+ var err error
+ metadata.NodeID, err = strconv.ParseUint(explicitNodeId, 16, 64)
+ if err != nil {
+ log.Fatal(err)
+ }
+ } else {
+ metadata.NodeID = idgen.Next()
+ }
+ keepClusterId := c.Bool("keep-cluster-id")
+ if !keepClusterId {
+ metadata.ClusterID = idgen.Next()
+ }
neww, err := wal.Create(destWAL, pbutil.MustMarshal(&metadata))
if err != nil {
--
2.7.4

69
recipes-connectivity/etcd/files/etcd.conf Normal file
View File

@ -0,0 +1,69 @@
#[Member]
#ETCD_CORS=""
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
#ETCD_WAL_DIR=""
#ETCD_LISTEN_PEER_URLS="http://localhost:2380"
ETCD_LISTEN_CLIENT_URLS="http://localhost:2379"
#ETCD_MAX_SNAPSHOTS="5"
#ETCD_MAX_WALS="5"
ETCD_NAME="default"
#ETCD_SNAPSHOT_COUNT="100000"
#ETCD_HEARTBEAT_INTERVAL="100"
#ETCD_ELECTION_TIMEOUT="1000"
#ETCD_QUOTA_BACKEND_BYTES="0"
#ETCD_MAX_REQUEST_BYTES="1572864"
#ETCD_GRPC_KEEPALIVE_MIN_TIME="5s"
#ETCD_GRPC_KEEPALIVE_INTERVAL="2h0m0s"
#ETCD_GRPC_KEEPALIVE_TIMEOUT="20s"
#
#[Clustering]
#ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhost:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"
#ETCD_DISCOVERY=""
#ETCD_DISCOVERY_FALLBACK="proxy"
#ETCD_DISCOVERY_PROXY=""
#ETCD_DISCOVERY_SRV=""
#ETCD_INITIAL_CLUSTER="default=http://localhost:2380"
#ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
#ETCD_INITIAL_CLUSTER_STATE="new"
#ETCD_STRICT_RECONFIG_CHECK="true"
#ETCD_ENABLE_V2="true"
#
#[Proxy]
#ETCD_PROXY="off"
#ETCD_PROXY_FAILURE_WAIT="5000"
#ETCD_PROXY_REFRESH_INTERVAL="30000"
#ETCD_PROXY_DIAL_TIMEOUT="1000"
#ETCD_PROXY_WRITE_TIMEOUT="5000"
#ETCD_PROXY_READ_TIMEOUT="0"
#
#[Security]
#ETCD_CERT_FILE=""
#ETCD_KEY_FILE=""
#ETCD_CLIENT_CERT_AUTH="false"
#ETCD_TRUSTED_CA_FILE=""
#ETCD_AUTO_TLS="false"
#ETCD_PEER_CERT_FILE=""
#ETCD_PEER_KEY_FILE=""
#ETCD_PEER_CLIENT_CERT_AUTH="false"
#ETCD_PEER_TRUSTED_CA_FILE=""
#ETCD_PEER_AUTO_TLS="false"
#
#[Logging]
#ETCD_DEBUG="false"
#ETCD_LOG_PACKAGE_LEVELS=""
#ETCD_LOG_OUTPUT="default"
#
#[Unsafe]
#ETCD_FORCE_NEW_CLUSTER="false"
#
#[Version]
#ETCD_VERSION="false"
#ETCD_AUTO_COMPACTION_RETENTION="0"
#
#[Profiling]
#ETCD_ENABLE_PPROF="false"
#ETCD_METRICS="basic"
#
#[Auth]
#ETCD_AUTH_TOKEN="simple"

18
recipes-connectivity/etcd/files/etcd.service Normal file
View File

@ -0,0 +1,18 @@
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target
[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
EnvironmentFile=-/etc/etcd/etcd.conf
User=etcd
# set GOMAXPROCS to number of processors
ExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd --name=\"${ETCD_NAME}\" --data-dir=\"${ETCD_DATA_DIR}\" --listen-client-urls=\"${ETCD_LISTEN_CLIENT_URLS}\""
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target

35
recipes-connectivity/etcd/files/expand-etcd-arch-validation.patch Normal file
View File

@ -0,0 +1,35 @@
From 24a09759e49510123d04ca34746fed3e695f889b Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@windriver.com>
Date: Tue, 6 Aug 2019 16:12:30 +0800
Subject: [PATCH] expand etcd arch validation
original author: Jan Chaloupka <jchaloup@redhat.com>
rebased for 3.3.13
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
src/import/etcdmain/etcd.go | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/import/etcdmain/etcd.go b/src/import/etcdmain/etcd.go
index 87e9b25..9fcde77 100644
--- a/src/import/etcdmain/etcd.go
+++ b/src/import/etcdmain/etcd.go
@@ -387,6 +387,13 @@ func checkSupportArch() {
if runtime.GOARCH == "amd64" || runtime.GOARCH == "ppc64le" {
return
}
+
+ if runtime.GOARCH == "arm64" || runtime.GOARCH == "s390x" {
+ plog.Warningf("Running etcd on %s architecture is experimental.", runtime.GOARCH)
+ plog.Warningf("Please report any bugs you encounter: https://bugzilla.redhat.com/")
+ return
+ }
+
// unsupported arch only configured via environment variable
// so unset here to not parse through flag
defer os.Unsetenv("ETCD_UNSUPPORTED_ARCH")
--
2.7.4

86
recipes-connectivity/haproxy/files/haproxy.cfg Normal file
View File

@ -0,0 +1,86 @@
# this config needs haproxy-1.1.28 or haproxy-1.2.1
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
chroot /usr/share/haproxy
uid 99
gid 99
daemon
#debug
#quiet
defaults
log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
maxconn 2000
timeout connect 5000
timeout client 50000
timeout server 50000
listen appli1-rewrite
bind 0.0.0.0:10001
cookie SERVERID rewrite
balance roundrobin
server app1_1 192.168.34.23:8080 cookie app1inst1 check inter 2000 rise 2 fall 5
server app1_2 192.168.34.32:8080 cookie app1inst2 check inter 2000 rise 2 fall 5
server app1_3 192.168.34.27:8080 cookie app1inst3 check inter 2000 rise 2 fall 5
server app1_4 192.168.34.42:8080 cookie app1inst4 check inter 2000 rise 2 fall 5
listen appli2-insert
bind 0.0.0.0:10002
option httpchk
balance roundrobin
cookie SERVERID insert indirect nocache
server inst1 192.168.114.56:80 cookie server01 check inter 2000 fall 3
server inst2 192.168.114.56:81 cookie server02 check inter 2000 fall 3
capture cookie vgnvisitor= len 32
option httpclose # disable keep-alive
rspidel ^Set-cookie:\ IP= # do not let this cookie tell our internal IP address
listen appli3-relais
bind 0.0.0.0:10003
dispatch 192.168.135.17:80
listen appli4-backup
bind 0.0.0.0:10004
option httpchk /index.html
option persist
balance roundrobin
server inst1 192.168.114.56:80 check inter 2000 fall 3
server inst2 192.168.114.56:81 check inter 2000 fall 3 backup
listen ssl-relay
bind 0.0.0.0:8443
option ssl-hello-chk
balance source
server inst1 192.168.110.56:443 check inter 2000 fall 3
server inst2 192.168.110.57:443 check inter 2000 fall 3
server back1 192.168.120.58:443 backup
listen appli5-backup
bind 0.0.0.0:10005
option httpchk *
balance roundrobin
cookie SERVERID insert indirect nocache
server inst1 192.168.114.56:80 cookie server01 check inter 2000 fall 3
server inst2 192.168.114.56:81 cookie server02 check inter 2000 fall 3
server inst3 192.168.114.57:80 backup check inter 2000 fall 3
capture cookie ASPSESSION len 32
timeout server 20000
option httpclose # disable keep-alive
option checkcache # block response if set-cookie & cacheable
rspidel ^Set-cookie:\ IP= # do not let this cookie tell our internal IP address
errorloc 502 http://192.168.114.58/error502.html
errorfile 503 /etc/haproxy/errors/503.http

14
recipes-connectivity/haproxy/files/haproxy.service Normal file
View File

@ -0,0 +1,14 @@
[Unit]
Description=HAProxy Load Balancer
After=network.target
[Service]
ExecStartPre=/usr/sbin/haproxy_gencert.sh
ExecStartPre=/usr/bin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/bin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID
KillMode=mixed
Restart=always
[Install]
WantedBy=multi-user.target

324
recipes-connectivity/haproxy/haproxy-1.7.11/haproxy-1.7.11-tpm-support.patch Normal file
View File

@ -0,0 +1,324 @@
From 2fa8fedba0968d1c6d21d2c7fa33c903f8984815 Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@windriver.com>
Date: Thu, 25 Jul 2019 15:22:49 +0800
Subject: [PATCH] haproxy tpm support
original author: Kam Nasim <kam.nasim@windriver.com>
rebased for 1.7.11
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
include/types/global.h | 13 +++++
src/cfgparse.c | 28 ++++++++++
src/haproxy.c | 26 ++++++++-
src/ssl_sock.c | 147 +++++++++++++++++++++++++++++++++++++++++++------
4 files changed, 197 insertions(+), 17 deletions(-)
diff --git a/include/types/global.h b/include/types/global.h
index 10f3a3c..68f2138 100644
--- a/include/types/global.h
+++ b/include/types/global.h
@@ -37,6 +37,10 @@
#include <import/51d.h>
#endif
+#ifdef USE_OPENSSL
+#include <openssl/engine.h>
+#endif
+
#ifndef UNIX_MAX_PATH
#define UNIX_MAX_PATH 108
#endif
@@ -79,6 +83,14 @@ enum {
SSL_SERVER_VERIFY_REQUIRED = 1,
};
+// WRS: Define a new TPM configuration structure
+struct tpm_conf {
+ char *tpm_object;
+ char *tpm_engine;
+ EVP_PKEY *tpm_key;
+ ENGINE *tpm_engine_ref;
+};
+
/* FIXME : this will have to be redefined correctly */
struct global {
#ifdef USE_OPENSSL
@@ -101,6 +113,7 @@ struct global {
char *connect_default_ciphers;
int listen_default_ssloptions;
int connect_default_ssloptions;
+ struct tpm_conf tpm; // tpm configuration
#endif
unsigned int ssl_server_verify; /* default verify mode on servers side */
struct freq_ctr conn_per_sec;
diff --git a/src/cfgparse.c b/src/cfgparse.c
index 3489f7e..0209874 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -1923,6 +1923,34 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm)
env++;
}
}
+ else if (!strcmp(args[0], "tpm-object")) {
+ if (global.tpm.tpm_object) {
+ free(global.tpm.tpm_object);
+ }
+#ifdef USE_OPENSSL
+ if (*(args[1]) && (access(args[1], F_OK) != -1)) {
+ global.tpm.tpm_object = strdup(args[1]);
+ }
+#else
+ Alert("parsing [%s:%d] : '%s' is not implemented.\n", file, linenum, args[0]);
+ err_code |= ERR_ALERT | ERR_FATAL;
+ goto out;
+#endif
+ }
+ else if (!strcmp(args[0], "tpm-engine")) {
+ if (global.tpm.tpm_engine) {
+ free(global.tpm.tpm_engine);
+ }
+#ifdef USE_OPENSSL
+ if (*(args[1]) && (access(args[1], F_OK) != -1)) {
+ global.tpm.tpm_engine = strdup(args[1]);
+ }
+#else
+ Alert("parsing [%s:%d] : '%s' is not implemented.\n", file, linenum, args[0]);
+ err_code |= ERR_ALERT | ERR_FATAL;
+ goto out;
+#endif
+ }
else {
struct cfg_kw_list *kwl;
int index;
diff --git a/src/haproxy.c b/src/haproxy.c
index f8a0912..f61dacf 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -1370,6 +1370,24 @@ static void deinit_stick_rules(struct list *rules)
}
}
+static void deinit_tpm_engine()
+{
+ /*
+ * if the tpm engine is present then
+ * deinit it, this is needed to
+ * flush the TPM key handle from TPM memory
+ */
+ if (global.tpm.tpm_engine_ref) {
+ ENGINE_finish(global.tpm.tpm_engine_ref);
+ }
+
+ if (global.tpm.tpm_key) {
+ EVP_PKEY_free(global.tpm.tpm_key);
+ }
+ free(global.tpm.tpm_engine); global.tpm.tpm_engine = NULL;
+ free(global.tpm.tpm_object); global.tpm.tpm_object = NULL;
+}
+
void deinit(void)
{
struct proxy *p = proxy, *p0;
@@ -1646,7 +1664,13 @@ void deinit(void)
free(uap);
}
-
+
+ /* if HAProxy was in TPM mode then deinit
+ * that configuration as well.
+ */
+ if (global.tpm.tpm_object && global.tpm.tpm_object != '\0')
+ deinit_tpm_engine();
+
userlist_free(userlist);
cfg_unregister_sections();
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 87b2584..44d0b48 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -51,6 +51,7 @@
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
#endif
+#include <openssl/engine.h>
#include <import/lru.h>
#include <import/xxhash.h>
@@ -2360,6 +2361,80 @@ end:
return ret;
}
+/*
+ * initialize the TPM engine and load the
+ * TPM object as private key within the Engine.
+ * Only do this for the first bind since TPM can
+ * only load 3-4 contexes before it runs out of memory
+ */
+static int ssl_sock_load_tpm_key(SSL_CTX *ctx, char **err) {
+ if (!global.tpm.tpm_object || global.tpm.tpm_object[0] == '\0') {
+ /* not in TPM mode */
+ return -1;
+ }
+ if (!global.tpm.tpm_key) {
+ Warning ("Could not find tpm_key; initializing engine\n");
+ /* no key present; load the dynamic TPM engine */
+ if (global.tpm.tpm_engine && global.tpm.tpm_engine[0]) {
+ ENGINE_load_dynamic();
+ ENGINE *engine = ENGINE_by_id("dynamic");
+ if (!engine) {
+ memprintf(err, "%s Unable to load the dynamic engine "
+ "(needed for loading custom TPM engine)\n",
+ err && *err ? *err : "");
+ return 1;
+ }
+
+ ENGINE_ctrl_cmd_string(engine, "SO_PATH", global.tpm.tpm_engine, 0);
+ ENGINE_ctrl_cmd_string(engine, "LOAD", NULL, 0);
+ /* stow away for ENGINE cleanup */
+ global.tpm.tpm_engine_ref = engine;
+
+ if (ENGINE_init(engine) != 1) {
+ const char *error_str = ERR_error_string(ERR_get_error(), NULL);
+ memprintf(err, "%s Unable to init the TPM engine (%s). Err: %s\n",
+ err && *err ? *err : "",
+ global.tpm.tpm_engine, error_str);
+ goto tpm_err;
+ }
+ EVP_PKEY *pkey = ENGINE_load_private_key(engine,
+ global.tpm.tpm_object,
+ NULL, NULL);
+ if (!pkey) {
+ const char *error_str = ERR_error_string(ERR_get_error(), NULL);
+ memprintf(err, "%s Unable to load TPM object (%s). Err: %s\n",
+ err && *err ? *err : "",
+ global.tpm.tpm_object, error_str);
+ goto tpm_err;
+ }
+ global.tpm.tpm_key = pkey;
+ }
+ else { /* no TPM engine found */
+ memprintf(err, "%s TPM engine option not set when TPM mode expected\n",
+ err && *err ? *err : "");
+ goto tpm_err;
+ }
+ }
+
+ if (SSL_CTX_use_PrivateKey(ctx, global.tpm.tpm_key) <= 0){
+ const char *error_str = ERR_error_string(ERR_get_error(),
+ NULL);
+ memprintf(err, "%s Invalid private key provided from TPM engine(%s). Err: %s\n",
+ err && *err ? *err : "",
+ global.tpm.tpm_object, error_str);
+ goto tpm_err;
+ }
+
+ return 0;
+
+tpm_err:
+ ENGINE_finish(global.tpm.tpm_engine_ref);
+ global.tpm.tpm_engine_ref = NULL;
+ EVP_PKEY_free(global.tpm.tpm_key);
+ global.tpm.tpm_key = NULL;
+ return 1;
+}
+
static int ssl_sock_load_cert_file(const char *path, struct bind_conf *bind_conf, struct proxy *curproxy, char **sni_filter, int fcount, char **err)
{
int ret;
@@ -2372,26 +2447,54 @@ static int ssl_sock_load_cert_file(const char *path, struct bind_conf *bind_conf
return 1;
}
- if (SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0) {
- memprintf(err, "%sunable to load SSL private key from PEM file '%s'.\n",
- err && *err ? *err : "", path);
- SSL_CTX_free(ctx);
- return 1;
+ /* NOTE (knasim-wrs): US93721: TPM support
+ * This SSL context applies to SSL frontends only.
+ * If the TPM option is set then the Private key
+ * is stored in TPM.
+ *
+ * Launch the OpenSSL TPM engine and load the TPM
+ * Private Key. The Public key will still be located
+ * at the provided path and needs to be loaded as
+ * per usual.
+ */
+ if (global.tpm.tpm_object) {
+ ret = ssl_sock_load_tpm_key(ctx, err);
+ if (ret > 0) {
+ /* tpm configuration failed */
+ SSL_CTX_free(ctx);
+ return 1;
+ }
}
-
- ret = ssl_sock_load_cert_chain_file(ctx, path, bind_conf, sni_filter, fcount);
- if (ret <= 0) {
- memprintf(err, "%sunable to load SSL certificate from PEM file '%s'.\n",
- err && *err ? *err : "", path);
- if (ret < 0) /* serious error, must do that ourselves */
+ else { /* non TPM mode */
+ if (SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0) {
+ memprintf(err, "%sunable to load SSL private key from PEM file '%s'.\n",
+ err && *err ? *err : "", path);
SSL_CTX_free(ctx);
- return 1;
+ return 1;
+ }
}
- if (SSL_CTX_check_private_key(ctx) <= 0) {
- memprintf(err, "%sinconsistencies between private key and certificate loaded from PEM file '%s'.\n",
- err && *err ? *err : "", path);
- return 1;
+ ret = ssl_sock_load_cert_chain_file(ctx, path, bind_conf, sni_filter, fcount);
+ if (ret <= 0) {
+ memprintf(err, "%sunable to load SSL certificate from PEM file '%s'.\n",
+ err && *err ? *err : "", path);
+ if (ret < 0) /* serious error, must do that ourselves */
+ SSL_CTX_free(ctx);
+ return 1;
+ }
+
+ /*
+ * only match the private key to the public key
+ * for non TPM mode. This op would never work for
+ * TPM since the private key has been wrapped, whereas
+ * the public key is still the original one.
+ */
+ if (!global.tpm.tpm_object) {
+ if (SSL_CTX_check_private_key(ctx) <= 0) {
+ memprintf(err, "%sinconsistencies between private key and certificate loaded from PEM file '%s'.\n",
+ err && *err ? *err : "", path);
+ return 1;
+ }
}
/* we must not free the SSL_CTX anymore below, since it's already in
@@ -3068,6 +3171,18 @@ int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *curproxy)
cfgerr++;
return cfgerr;
}
+
+ /* NOTE (knasim-wrs): US93721: TPM support
+ * This SSL context applies to SSL backends only.
+ * Since Titanium backends don't support SSL, there
+ * is no need to offload these keys in TPM or reuse the
+ * same TPM key for the frontend engine.
+ *
+ * If SSL backends are to be supported in the future,
+ * over TPM, then create a new TPM Engine context and
+ * load the backend key in TPM, in a similar fashion to
+ * the frontend key.
+ */
if (srv->ssl_ctx.client_crt) {
if (SSL_CTX_use_PrivateKey_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt, SSL_FILETYPE_PEM) <= 0) {
Alert("config : %s '%s', server '%s': unable to load SSL private key from PEM file '%s'.\n",
--
2.7.4

102
recipes-connectivity/haproxy/haproxy.inc Normal file
View File

@ -0,0 +1,102 @@
SUMMARY = "TCP/HTTP proxy and load balancer for high availability environments"
DESCRIPTION = " \
HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high \
availability environments. Indeed, it can: \
- route HTTP requests depending on statically assigned cookies \
- spread load among several servers while assuring server persistence \
through the use of HTTP cookies \
- switch to backup servers in the event a main server fails \
- accept connections to special ports dedicated to service monitoring \
- stop accepting connections without breaking existing ones \
- add, modify, and delete HTTP headers in both directions \
- block requests matching particular patterns \
- report detailed status to authenticated users from a URI \
intercepted by the application \
"
HOMEPAGE = "http://www.haproxy.org/"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://LICENSE;md5=2d862e836f92129cdc0ecccc54eed5e0"
DEPENDS = "libpcre openssl zlib"
MAJOR_VER = "${@'.'.join(d.getVar('PV').split('.')[0:2])}"
SRC_URI = "https://www.haproxy.org/download/${MAJOR_VER}/src/haproxy-${PV}.tar.gz \
file://haproxy.service \
file://haproxy.cfg \
"
inherit systemd useradd
# create a user for running haproxy
HAP_USER_HOME = "${libdir}/haproxy"
USERADD_PACKAGES = "${PN}"
USERADD_PARAM_${PN} = "--system --home ${HAP_USER_HOME} --shell /sbin/nologin \
--groups haproxy --gid haproxy haproxy"
GROUPADD_PARAM_${PN} = "haproxy"
# for haproxy 1.x
HAP_TARGET = "linux2628"
EXTRA_OEMAKE = " \
'CPU=generic' \
'TARGET=${HAP_TARGET}' \
'USE_GETADDRINFO=1' \
'USE_OPENSSL=1' \
'USE_PCRE=1' 'USE_PCRE_JIT=1' \
'USE_ZLIB=1' \
'USE_LINUX_TPROXY=1' \
"
EXTRA_OEMAKE_append_x86 = " USE_REGPARM=1"
EXTRA_OEMAKE_append_x86-64 = " USE_REGPARM=1"
do_configure() {
:
}
do_compile() {
oe_runmake CC="${CC}" CFLAGS="${CFLAGS}" SBINDIR="${bindir}" \
PREFIX="${prefix}" \
ZLIB_INC=${STAGING_INCDIR} \
ZLIB_LIB=${STAGING_LIBDIR} \
PCRE_INC=${STAGING_INCDIR} \
PCRE_LIB=${STAGING_LIBDIR} \
SSL_INC=${STAGING_INCDIR} \
SSL_LIB=${STAGING_LIBDIR}
oe_runmake -C contrib/halog halog
oe_runmake -C contrib/iprange iprange
}
do_install() {
oe_runmake install-bin \
PREFIX="${prefix}" \
SBINDIR="${bindir}" \
DESTDIR=${D} \
INCLUDEDIR=${includedir}
install -D -m 0644 ${WORKDIR}/haproxy.service ${D}${systemd_system_unitdir}/haproxy.service
install -D -m 0644 ${WORKDIR}/haproxy.cfg ${D}${sysconfdir}/haproxy/haproxy.cfg
# install ssl folder for certificate
install -m 700 -d ${D}/${sysconfdir}/ssl/haproxy
chown haproxy:haproxy ${D}/${sysconfdir}/ssl/haproxy
# install halog and iprange
install -D -m 755 contrib/halog/halog ${D}${bindir}/halog
install -D -m 755 contrib/iprange/iprange ${D}${bindir}/iprange
}
FILES_${PN} = " \
${bindir} \
${sbindir} \
${sysconfdir} \
${systemd_system_unitdir} \
"
RDEPENDS_${PN} = "openssl"
SYSTEMD_SERVICE_${PN} = "haproxy.service"
INSANE_SKIP_${PN} += "already-stripped"

6
recipes-connectivity/haproxy/haproxy_1.7.11.bb Normal file
View File

@ -0,0 +1,6 @@
include haproxy.inc
SRC_URI += "file://haproxy-${PV}-tpm-support.patch"
SRC_URI[md5sum] = "25be5ad717a71da89a65c3c24250e2eb"
SRC_URI[sha256sum] = "d564b8e9429d1e8e13cb648bf4694926b472e36da1079df946bb732927b232ea"

27
recipes-connectivity/libnfsidmap/libnfsidmap/0001-include-sys-types.h-for-getting-u_-typedefs.patch Normal file
View File

@ -0,0 +1,27 @@
From a5e95a42e7bceddc9ecad06694c1a0588f4bafc8 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 14 Apr 2015 07:22:47 -0700
Subject: [PATCH] include sys/types.h for getting u_* typedefs
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
cfg.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/cfg.h b/cfg.h
index d4d4cab..fe49e8f 100644
--- a/cfg.h
+++ b/cfg.h
@@ -33,6 +33,7 @@
#ifndef _CONF_H_
#define _CONF_H_
+#include <sys/types.h>
#include "queue.h"
struct conf_list_node {
--
2.1.4

18
recipes-connectivity/libnfsidmap/libnfsidmap/Set_nobody_user_group.patch Normal file
View File

@ -0,0 +1,18 @@
Set nobody user and group
Upstream-Status: Inappropriate [configuration]
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
--- a/idmapd.conf
+++ b/idmapd.conf
@@ -17,8 +17,8 @@
[Mapping]
-#Nobody-User = nobody
-#Nobody-Group = nobody
+Nobody-User = nobody
+Nobody-Group = nogroup
[Translation]

13
recipes-connectivity/libnfsidmap/libnfsidmap/fix-ac-prereq.patch Normal file
View File

@ -0,0 +1,13 @@
Upstream-Status: Inappropriate [configuration]
--- a/configure.in
+++ b/configure.in
@@ -1,7 +1,7 @@
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
-AC_PREREQ([2.68])
+AC_PREREQ([2.65])
AC_INIT([libnfsidmap],[0.25],[linux-nfs@vger.kernel.org])
AC_CONFIG_SRCDIR([nfsidmap.h])
AC_CONFIG_MACRO_DIR([m4])

27
recipes-connectivity/libnfsidmap/libnfsidmap_0.25.bb Normal file
View File

@ -0,0 +1,27 @@
SUMMARY = "NFS id mapping library"
HOMEPAGE = "http://www.citi.umich.edu/projects/nfsv4/linux/"
SECTION = "libs"
LICENSE = "BSD"
LIC_FILES_CHKSUM = "file://COPYING;md5=d9c6a2a0ca6017fda7cd905ed2739b37"
SRC_URI = "http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/${BPN}-${PV}.tar.gz \
file://fix-ac-prereq.patch \
file://Set_nobody_user_group.patch \
file://0001-include-sys-types.h-for-getting-u_-typedefs.patch \
"
SRC_URI[md5sum] = "2ac4893c92716add1a1447ae01df77ab"
SRC_URI[sha256sum] = "656d245d84400e1030f8f40a5a27da76370690c4a932baf249110f047fe7efcf"
UPSTREAM_CHECK_URI = "http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/"
inherit autotools
EXTRA_OECONF = "--disable-ldap"
do_install_append () {
install -d ${D}${sysconfdir}/
install -m 0644 ${WORKDIR}/${BPN}-${PV}/idmapd.conf ${D}${sysconfdir}/idmapd.conf
}

12
recipes-connectivity/qpid/files/fix-compile-through-disable-cflag-werror.patch Normal file
View File

@ -0,0 +1,12 @@
diff -urN qpidc-0.20.orig/configure.ac qpidc-0.20/configure.ac
--- qpidc-0.20.orig/configure.ac 2019-08-19 13:36:13.592214698 +0800
+++ qpidc-0.20/configure.ac 2019-08-19 13:36:29.160214501 +0800
@@ -75,7 +75,7 @@
# Can't test for -Werror as whether it fails or not depends on what's in
# CFLAGS/CXXFLAGS. In any case it's been in gcc for a long time (since 2.95 at least)
if test "${enableval}" = yes; then
- COMPILER_FLAGS="-Werror"
+ COMPILER_FLAGS=""
gl_COMPILER_FLAGS(-pedantic)
gl_COMPILER_FLAGS(-Wall)
gl_COMPILER_FLAGS(-Wextra)

7
recipes-connectivity/qpid/qpid_0.20.bbappend Normal file
View File

@ -0,0 +1,7 @@
FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
SRC_URI += "file://fix-compile-through-disable-cflag-werror.patch"
EXTRA_OEMAKE += " CPPFLAGS='-std=gnu++98 -Wno-error' LDFLAGS='-std=gnu++98 -Wno-error'"
TARGET_CC_ARCH += "${LDFLAGS}"
RDEPENDS_${PN} += " bash"

10
recipes-core/images/stx-image-aio.bb
View File

@ -7,8 +7,13 @@ IMAGE_INSTALL_append = " \
packagegroup-core-full-cmdline \
packagegroup-core-security \
packagegroup-core-selinux \
packagegroup-stx-kube \
packagegroup-stx-ceph \
packagegroup-core-lsb \
packagegroup-cloud-compute \
packagegroup-cloud-controller \
packagegroup-cloud-network \
packagegroup-cloud-debug \
packagegroup-cloud-extras \
packagegroup-stx \
"
IMAGE_FEATURES += " \
package-management \
@ -16,6 +21,7 @@ IMAGE_FEATURES += " \
"
inherit core-image
inherit distro_features_check
inherit openstack-base
inherit identity
inherit monitor

283
recipes-core/packagegroups/packagegroup-stx.bb
View File

@ -16,8 +16,45 @@ PACKAGES = " \
packagegroup-stx-kube \
packagegroup-stx-misc \
packagegroup-stx-ceph \
packagegroup-stx-config \
packagegroup-stx-fault \
packagegroup-stx-ha \
packagegroup-stx-integ \
packagegroup-stx-integ-base \
packagegroup-stx-integ-cff \
packagegroup-stx-integ-puppet-modules \
packagegroup-stx-metal \
packagegroup-stx-nfv \
packagegroup-stx-update \
packagegroup-stx-upstream \
packagegroup-stx-integ-k8s \
packagegroup-stx-integ-ceph \
packagegroup-stx-integ-tools \
packagegroup-stx-integ-filesystem \
packagegroup-stx-integ-logging \
packagegroup-stx \
"
RDEPENDS_packagegroup-stx = " \
packagegroup-stx-kube \
packagegroup-stx-misc \
packagegroup-stx-ceph \
packagegroup-stx-config \
packagegroup-stx-fault \
packagegroup-stx-ha \
packagegroup-stx-integ \
packagegroup-stx-metal \
packagegroup-stx-nfv \
packagegroup-stx-update \
packagegroup-stx-upstream \
starlingx-dashboard \
python-cephclient \
packagegroup-stx-integ-ceph \
packagegroup-stx-integ-tools \
packagegroup-stx-integ-filesystem \
packagegroup-stx-integ-logging \
"
RDEPENDS_packagegroup-stx-kube = "\
kubernetes \
kubernetes-misc \
@ -37,7 +74,16 @@ RDEPENDS_packagegroup-stx-misc = "\
vim-common \
ntp \
python3-pip \
python-keystone \
python-keystoneauth1 \
python-keystoneclient \
python-ansible \
playbookconfig \
tzdata \
go-dep \
auditd \
"
# mariadb
RDEPENDS_packagegroup-stx-ceph = "\
ceph \
@ -70,8 +116,241 @@ RDEPENDS_packagegroup-stx-ceph = "\
python3-tempora \
python3-portend \
python3-zc-lockfile \
python3-netaddr \
python3-keyring \
python3-rpm \
python-oslo.messaging \
python-keyring \
python-cephclient \
python-pyudev \
python-ldap \
python-configparser \
"
# tsconfig \
# ceph-manager \
# sysinv
# sysinv \
# controllerconfig \
# worker-utils
# stx-upstream /**** Port needed */
# python-keyrings.alt
##############
# FIXME:
# /usr/local/bin/puppet-manifests.sh to /usr/bin/puppet-manifests.sh in
# stx-ansible/playbooks/bootstrap/roles/apply-bootstrap-manifest/tasks/main.yml
#
# Add user sysinv
# fm-api fm-common fm-rest-api
# python-fmclient
# cgcs-patch cgcs-patch-agent cgcs-patch-controller cgcs-users
# python-platform-utils from stx-integ
# python-ldap cyrus-sasl
# python-rpm
# sql_connection failed
# FIXME: ./site-packages/ansible/modules/cloud/docker/docker_swarm_service.py refers to ubuntu
# "engine.labels.operatingsystem == ubuntu 14.04"
RDEPENDS_packagegroup-stx-config = " \
config-gate-worker \
controllerconfig \
puppet-manifests \
puppet-mtce \
puppet-dcdbsync \
puppet-patching \
puppet-sshd \
puppet-dcmanager \
puppet-fm \
puppet-nfv \
puppet-smapi \
puppet-sysinv \
puppet-dcorch \
storageconfig \
worker-utils \
workerconfig-standalone \
workerconfig-subfunction \
pm-qos-mgr \
sysinv \
cgts-client \
"
RDEPENDS_packagegroup-stx-fault = " \
fm-api \
fm-common \
fm-doc \
fm-mgr \
fm-rest-api \
python-fmclient \
snmp-audittrail \
snmp-ext \
"
RDEPENDS_packagegroup-stx-ha = " \
sm-api \
sm \
sm-client \
libsm-common \
sm-common-libs \
sm-db \
sm-tools \
sm-eru \
"
RDEPENDS_packagegroup-stx-integ = " \
packagegroup-stx-integ-base \
packagegroup-stx-integ-cff \
packagegroup-stx-integ-k8s \
packagegroup-stx-integ-puppet-modules \
packagegroup-stx-integ-tools \
ldapscripts \
"
# packagegroup-stx-integ-ldap
RDEPENDS_packagegroup-stx-integ-base = " \
cgcs-users \
dhcp-config \
dnsmasq-config \
haproxy-config \
initscripts-config \
net-snmp-config \
openssh-config \
setup-config \
systemd-config \
lighttpd-config \
resource-agents \
"
RDEPENDS_packagegroup-stx-integ-cff = " \
audit-config \
docker-config \
io-scheduler \
iptables-config \
memcached-custom \
ntp-config \
rsync-config \
syslog-ng-config \
util-linux-config \
pam-config \
shadow-utils-config \
sudo-config \
"
# TODO: resolve conflicts use bbappends instead
# sudo-config \
# shadow-utils-config
# pam-config
RDEPENDS_packagegroup-stx-integ-k8s = " \
etcd \
registry-token-server \
"
RDEPENDS_packagegroup-stx-integ-puppet-modules = " \
puppet \
puppet-create-resources \
puppet-dnsmasq \
puppet-lvm \
puppet-boolean \
puppet-ldap \
puppet-drbd \
puppet-postgresql \
puppet-network \
puppet-filemapper \
puppet-puppi \
puppet-nslcd \
"
# puppet
# The mtce-common contains dev components only and since
# the dev components endup in stx-metal-dev package, not
# adding mtce-common to packagegroup.
RDEPENDS_packagegroup-stx-metal = " \
inventory \
mtce \
mtce-pmon \
mtce-hwmon \
mtce-hostw \
mtce-lmon \
mtce-compute \
mtce-control \
mtce-storage \
python-inventoryclient \
"
RDEPENDS_packagegroup-stx-nfv = " \
nfv-common \
nfv-plugins \
nfv-tools \
nfv-vim \
nfv-client \
mtce-guestagent \
mtce-guestserver \
nova-api-proxy \
"
RDEPENDS_packagegroup-stx-update = " \
cgcs-patch \
cgcs-patch-agent \
cgcs-patch-controller \
enable-dev-patch \
patch-alarm \
tsconfig \
requests-toolbelt \
"
# TODO:
# Port required/missing packages :
# openstack-helm-infra.bb
# openstack-helm.bb
# python-horizon.bbappend
RDEPENDS_packagegroup-stx-upstream = " \
python-barbicanclient \
python-cinderclient \
python-glanceclient \
python-aodhclient \
python-heatclient \
python-horizon \
python-ironicclient \
python-keystoneauth1 \
python-keystoneclient \
python-magnumclient \
python-muranoclient \
python-neutronclient \
python-novaclient \
python-openstackclient \
python-openstacksdk \
stx-ocf-scripts \
rabbitmq-server-config \
openstack-ras \
python-gnocchiclient \
python-pankoclient \
"
#RDEPENDS_packagegroup-stx-integ-ceph = " \
# ceph \
# ceph-manager \
# ceph-python \
# python-cephclient \
# "
RDEPENDS_packagegroup-stx-integ-tools = " \
collector \
"
RDEPENDS_packagegroup-stx-integ-filesystem = " \
filesystem-scripts \
iscsi-initiator-utils-config \
nfscheck \
nfs-utils-config \
"
# TODO: Fix nfs-utils-config Conflicts.
RDEPENDS_packagegroup-stx-integ-logging = " \
logrotate-config \
logmgmt \
"

25
recipes-core/stx-ansible-playbooks/files/0001-Adjust-absolute-path.patch Normal file
View File

@ -0,0 +1,25 @@
From 502a908537c85cf8ff3e4c79c45ea0917c0cb5e0 Mon Sep 17 00:00:00 2001
From: babak sarashki <babak.sarashki@windriver.com>
Date: Tue, 8 Oct 2019 16:11:02 -0700
Subject: [PATCH] Adjust absolute path
---
.../bootstrap/roles/apply-bootstrap-manifest/tasks/main.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/apply-bootstrap-manifest/tasks/main.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/apply-bootstrap-manifest/tasks/main.yml
index 65f10fa..3083144 100644
--- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/apply-bootstrap-manifest/tasks/main.yml
+++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/apply-bootstrap-manifest/tasks/main.yml
@@ -28,7 +28,7 @@
- name: Applying puppet bootstrap manifest
command: >
- /usr/local/bin/puppet-manifest-apply.sh
+ /usr/bin/puppet-manifest-apply.sh
{{ hieradata_workdir }}
{{ derived_network_params.controller_0_address }}
controller ansible_bootstrap > {{ manifest_apply_log }}
--
2.17.1

49
recipes-core/stx-ansible-playbooks/playbookconfig.bb Normal file
View File

@ -0,0 +1,49 @@
FILESEXTRAPATHS_prepend := "${THISDIR}/patches:${THISDIR}/files:"
DESCRIPTION = " stx-ansible-playbooks"
# TODO:
# make this and others to .bbappends
STABLE = "starlingx/master"
PROTOCOL = "https"
BRANCH = "master"
SRCREV = "c7390f63001219b5eb41a6e36f4f4643d0fc0208"
S = "${WORKDIR}/git"
PV = "19.01"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
SRC_URI = " \
git://opendev.org/starlingx/ansible-playbooks.git;protocol=${PROTOCOL};rev=${SRCREV};branch=${BRANCH} \
file://0001-Adjust-absolute-path.patch \
"
DEPENDS = " \
python \
python-netaddr \
python-ptyprocess \
python-pexpect \
python-ansible \
"
do_configure () {
:
}
do_compile() {
:
}
do_install () {
cd ${S}/playbookconfig/playbookconfig
oe_runmake -e \
DESTDIR=${D}/${datadir}/ansible/stx-ansible
}
#pkg_postinst_ontarget_${PN} () { }
FILES_${PN}_append += " \
${datadir} \
\"

27
recipes-core/stx-config/cgts-client.inc Normal file
View File

@ -0,0 +1,27 @@
PACKAGES += " cgts-client"
do_configure_prepend() {
echo "Configure cgts-client..."
cd ${S}/sysinv/cgts-client/cgts-client
distutils_do_configure
}
do_compile_prepend() {
echo "Building cgts-client..."
cd ${S}/sysinv/cgts-client/cgts-client
distutils_do_compile
}
do_install_prepend() {
echo "Installing cgts-client..."
cd ${S}/sysinv/cgts-client/cgts-client
distutils_do_install
}
FILES_cgts-client = " \
${libdir}/python2.7/site-packages/sysinv/ \
${libdir}/python2.7/site-packages/cgtsclient/ \
${libdir}/python2.7/site-packages/cgtsclient-*.egg-info \
${libdir}/python2.7/site-packages/sysinv-*.egg-info \
"

15
recipes-core/stx-config/config-gate.inc Normal file
View File

@ -0,0 +1,15 @@
PACKAGES += " config-gate-worker"
RDEPENDS_config-gate-worker += " bash"
do_install_prepend() {
cd ${S}/config-gate/files
oe_runmake -e \
SBINDIR=${D}/${sbindir} SYSTEMDDIR=${D}/${systemd_system_unitdir}
}
FILES_config-gate-worker = " \
${sbindir}/wait_for_worker_config_init.sh \
${sbindir}/wait_for_config_init.sh \
${systemd_system_unitdir}/worker-config-gate.service \
${systemd_system_unitdir}/config.service \
"

55
recipes-core/stx-config/controllerconfig.inc Normal file
View File

@ -0,0 +1,55 @@
PACKAGES += " controllerconfig"
RDEPENDS_controllerconfig += " bash"
do_configure_prepend() {
cd ${S}/controllerconfig/controllerconfig
distutils_do_configure
}
do_compile_prepend() {
cd ${S}/controllerconfig/controllerconfig
distutils_do_compile
}
do_install_prepend () {
cd ${S}/controllerconfig/controllerconfig
distutils_do_install
install -p -D -m 700 scripts/keyringstaging ${D}/${bindir}
install -p -D -m 700 scripts/openstack_update_admin_password ${D}/${bindir}
install -p -D -m 700 scripts/install_clone.py ${D}/${bindir}
install -p -D -m 700 scripts/finish_install_clone.sh ${D}/${bindir}
install -p -D -m 700 scripts/config_goenabled_check.sh ${D}/${sysconfdir}/goenabled.d
install -p -D -m 755 scripts/controller_config ${D}/${sysconfdir}/init.d/controller_config
## Install Upgrade scripts
install -d -m 755 ${D}/${sysconfdir}/upgrade.d
install -p -m 755 upgrade-scripts/* ${D}/${sysconfdir}/upgrade.d
install -p -D -m 664 scripts/controllerconfig.service ${D}/${systemd_system_unitdir}/controllerconfig.service
}
FILES_controllerconfig = " \
${sysconfdir}/goenabled.d \
${sysconfdir}/goenabled.d/config_goenabled_check.sh \
${sysconfdir}/upgrade.d/* \
${sysconfdir}/init.d/controller_config \
${bindir}/keysringstaging \
${bindir}/openstack_update_admin_password \
${bindir}/install_clone.py \
${bindir}/finish_install_clone.sh \
${bindir}/finish_install_clone.sh \
${bindir}/upgrade_controller \
${bindir}/config_region \
${bindir}/config_subcloud \
${bindir}/config_management \
${bindir}/keyringstaging \
${bindir}/tidy_storage_post_restore \
${bindir}/config_controller \
${bindir}/upgrade_controller_simplex \
${systemd_system_unitdir}/controllerconfig.service \
${libdir}/python2.7/site-packages/controllerconfig*.egg-info/ \
${libdir}/python2.7/site-packages/controllerconfig/ \
"

24
recipes-core/stx-config/pm-qos-mgr.inc Normal file
View File

@ -0,0 +1,24 @@
PACKAGES += " pm-qos-mgr"
do_configure_prepend () {
cd ${S}/pm-qos-mgr/src
distutils_do_configure
}
do_compile_prepend() {
cd ${S}/pm-qos-mgr/src
distutils_do_compile
}
do_install_prepend () {
cd ${S}/pm-qos-mgr/src
distutils_do_install
install -p -D -m 664 pm-qos-mgr.service ${D}/${systemd_system_unitdir}/pm-qos-mgr.service
}
FILES_pm-qos-mgr = " \
${bindir}/pm-qos-mgr \
${systemd_system_unitdir}/pm-qos-mgr.service \
${libdir}/python2.7/site-packages/pm_qos_mgr*egg-info/ \
${libdir}/python2.7/site-packages/pm_qos_mgr/ \
"

11
recipes-core/stx-config/puppet-modules/puppet-dcdbsync.inc Normal file
View File

@ -0,0 +1,11 @@
PACKAGES += " puppet-dcdbsync"
do_install_prepend () {
install -d -m 0755 ${D}/${datadir}/puppet/modules/dcdbsync
cp -R ${S}/puppet-modules-wrs/puppet-dcdbsync/src/dcdbsync ${D}/${datadir}/puppet/modules
}
FILES_puppet-dcdbsync += " \
${datadir}/puppet/modules/dcdbsync \
"

11
recipes-core/stx-config/puppet-modules/puppet-dcmanager.inc Normal file
View File

@ -0,0 +1,11 @@
PACKAGES += " puppet-dcmanager"
do_install_prepend () {
install -d -m 0755 ${D}/${datadir}/puppet/modules/dcmanager
cp -R ${S}/puppet-modules-wrs/puppet-dcmanager/src/dcmanager ${D}/${datadir}/puppet/modules
}
FILES_puppet-dcmanager += " \
${datadir}/puppet/modules/dcmanager \
"

11
recipes-core/stx-config/puppet-modules/puppet-dcorch.inc Normal file
View File

@ -0,0 +1,11 @@
PACKAGES += " puppet-dcorch"
do_install_prepend () {
install -d -m 0755 ${D}/${datadir}/puppet/modules/dcorch
cp -R ${S}/puppet-modules-wrs/puppet-dcorch/src/dcorch/ ${D}/${datadir}/puppet/modules/
}
FILES_puppet-dcorch += " \
${datadir}/puppet/modules/dcorch \
"

11
recipes-core/stx-config/puppet-modules/puppet-fm.inc Normal file
View File

@ -0,0 +1,11 @@
PACKAGES += " puppet-fm"
do_install_prepend () {
install -d -m 0755 ${D}/${datadir}/puppet/modules/fm
cp -R ${S}/puppet-modules-wrs/puppet-fm/src/fm ${D}/${datadir}/puppet/modules
}
FILES_puppet-fm += " \
${datadir}/puppet/modules/fm \
"

36
recipes-core/stx-config/puppet-modules/puppet-manifests.inc Normal file
View File

@ -0,0 +1,36 @@
PACKAGES += " puppet-manifests"
RDEPENDS_puppet-manifests += " bash"
do_install_append () {
cd ${S}/puppet-manifests/src
oe_runmake BINDIR=${D}/${bindir} \
CONFIGDIR=${D}/${sysconfdir}/puppet/ \
MODULEDIR=${D}/${datadir}/puppet/modules -f Makefile install
}
FILES_puppet-manifests = "\
${sysconfdir}/puppet/hiera.yaml \
${sysconfdir}/puppet/hieradata \
${sysconfdir}/puppet/hieradata/worker.yaml \
${sysconfdir}/puppet/hieradata/storage.yaml \
${sysconfdir}/puppet/hieradata/global.yaml \
${sysconfdir}/puppet/hieradata/controller.yaml \
${sysconfdir}/puppet/manifests/worker.pp \
${sysconfdir}/puppet/manifests/ansible_bootstrap.pp \
${sysconfdir}/puppet/manifests/bootstrap.pp \
${sysconfdir}/puppet/manifests/runtime.pp \
${sysconfdir}/puppet/manifests/storage.pp \
${sysconfdir}/puppet/manifests/upgrade.pp \
${sysconfdir}/puppet/manifests/controller.pp \
${datadir}/puppet/modules/openstack/manifests \
${datadir}/puppet/modules/openstack/templates \
${datadir}/puppet/modules/platform/manifests \
${datadir}/puppet/modules/platform/templates \
${datadir}/puppet/modules/platform/files \
${datadir}/puppet/modules/platform/lib/facter \
${datadir}/puppet/modules/platform/lib/puppet \
${bindir}/puppet-manifest-apply.sh \
${bindir}/apply_network_config.sh \
"

11
recipes-core/stx-config/puppet-modules/puppet-mtce.inc Normal file
View File

@ -0,0 +1,11 @@
PACKAGES += " puppet-mtce"
RDEPENDS_puppet-mtce += " puppet"
do_install_append () {
cd ${S}/puppet-modules-wrs/puppet-mtce/src
oe_runmake -e MODULEDIR=${D}/${datadir}/puppet/modules install
}
FILES_puppet-mtce = "\
${datadir}/puppet/modules/mtce \
"

11
recipes-core/stx-config/puppet-modules/puppet-nfv.inc Normal file
View File

@ -0,0 +1,11 @@
PACKAGES += " puppet-nfv"
do_install_prepend () {
install -d -m 0755 ${D}/${datadir}/puppet/modules/nfv
cp -R ${S}/puppet-modules-wrs/puppet-nfv/src/nfv ${D}/${datadir}/puppet/modules
}
FILES_puppet-nfv += " \
${datadir}/puppet/modules/nfv \
"

11
recipes-core/stx-config/puppet-modules/puppet-patching.inc Normal file
View File

@ -0,0 +1,11 @@
PACKAGES += " puppet-patching"
do_install_prepend () {
install -d -m 0755 ${D}/${datadir}/puppet/modules/patching
cp -R ${S}/puppet-modules-wrs/puppet-patching/src/patching ${D}/${datadir}/puppet/modules
}
FILES_puppet-patching += " \
${datadir}/puppet/modules/patching \
"

11
recipes-core/stx-config/puppet-modules/puppet-smapi.inc Normal file
View File

@ -0,0 +1,11 @@
PACKAGES += " puppet-smapi"
do_install_prepend () {
install -d -m 0755 ${D}/${datadir}/puppet/modules/smapi
cp -R ${S}/puppet-modules-wrs/puppet-smapi/src/smapi ${D}/${datadir}/puppet/modules
}
FILES_puppet-smapi += " \
${datadir}/puppet/modules/smapi \
"

11
recipes-core/stx-config/puppet-modules/puppet-sshd.inc Normal file
View File

@ -0,0 +1,11 @@
PACKAGES += " puppet-sshd"
do_install_prepend () {
install -d -m 0755 ${D}/${datadir}/puppet/modules/sshd
cp -R ${S}/puppet-modules-wrs/puppet-sshd/src/sshd ${D}/${datadir}/puppet/modules
}
FILES_puppet-sshd += " \
${datadir}/puppet/modules/sshd \
"

13
recipes-core/stx-config/puppet-modules/puppet-sysinv.inc Normal file
View File

@ -0,0 +1,13 @@
PACKAGES += " puppet-sysinv"
do_install_prepend () {
install -d -m 0755 ${D}/${datadir}/puppet/modules/sysinv
cp -R ${S}/puppet-modules-wrs/puppet-sysinv/src/sysinv ${D}/${datadir}/puppet/modules
}
FILES_puppet-sysinv += " \
${datadir}/puppet/modules/sysinv \
"

14
recipes-core/stx-config/storageconfig.inc Normal file
View File

@ -0,0 +1,14 @@
PACKAGES += "storageconfig"
RDEPENDS_storageconfig += " bash"
do_install_prepend () {
cd ${S}/storageconfig/storageconfig/
oe_runmake GOENABLEDDIR=${D}/${sysconfdir}/goenabled.d INITDDIR=${D}/${sysconfdir}/init.d \
SYSTEMDDIR=${D}/${systemd_system_unitdir} install
}
FILES_storageconfig = " \
${sysconfdir}/init.d/storage_config \
${sysconfdir}/goenabled.d/config_goenabled_check.sh \
${systemd_system_unitdir}/storageconfig.service \
"

56
recipes-core/stx-config/stx-config.bb Normal file
View File

@ -0,0 +1,56 @@
DESCRIPTION = "stx-config"
STABLE = "starlingx/master"
PROTOCOL = "https"
BRANCH = "master"
SRCREV = "70609a3d55e5b7d2be82667fc35792505f9013c4"
S = "${WORKDIR}/git"
PV = "19.05"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
SRC_URI = "git://opendev.org/starlingx/config.git;protocol=${PROTOCOL};rev=${SRCREV};branch=${BRANCH}"
DEPENDS = "\
puppet \
python \
python-pbr-native \
"
inherit setuptools
require config-gate.inc
require controllerconfig.inc
require pm-qos-mgr.inc
require puppet-modules/puppet-manifests.inc
require puppet-modules/puppet-mtce.inc
require puppet-modules/puppet-dcdbsync.inc
require puppet-modules/puppet-patching.inc
require puppet-modules/puppet-sshd.inc
require puppet-modules/puppet-dcmanager.inc
require puppet-modules/puppet-fm.inc
require puppet-modules/puppet-nfv.inc
require puppet-modules/puppet-smapi.inc
require puppet-modules/puppet-sysinv.inc
require puppet-modules/puppet-dcorch.inc
require storageconfig.inc
require sysinv.inc
require cgts-client.inc
require workerconfig.inc
require worker-utils.inc
do_configure() {
:
}
do_compile() {
:
}
do_install() {
:
}
FILES_${PN} = " "

41
recipes-core/stx-config/sysinv.inc Normal file
View File

@ -0,0 +1,41 @@
PACKAGES += " sysinv"
do_configure_prepend() {
echo "Configure sysinv..."
cd ${S}/sysinv/sysinv/sysinv
distutils_do_configure
}
do_compile_prepend() {
echo "Building sysinv..."
cd ${S}/sysinv/sysinv/sysinv
distutils_do_compile
}
do_install_prepend() {
echo "Installing sysinv..."
cd ${S}/sysinv/sysinv/sysinv
distutils_do_install
install -p -D -m 755 ${S}/sysinv/sysinv-agent/sysinv-agent ${D}/${sysconfdir}/init.d/sysinv-agent
install -p -D -m 644 ${S}/sysinv/sysinv-agent/sysinv-agent.conf ${D}/${sysconfdir}/pmon.d/sysinv-agent.conf
install -p -D -m 644 ${S}/sysinv/sysinv-agent/sysinv-agent.service ${D}/${systemd_system_unitdir}/sysinv-agent.service
}
FILES_sysinv = " \
${bindir}/sysinv-agent \
${bindir}/system \
${bindir}/sysinv-conductor \
${bindir}/sysinv-api \
${bindir}/sysinv-helm \
${bindir}/sysinv-dbsync \
${bindir}/sysinv-dnsmasq-lease-update \
${bindir}/sysinv-puppet \
${bindir}/sysinv-rootwrap \
${bindir}/sysinv-upgrade \
${systemd_system_unitdir}/sysinv-agent.service \
${sysconfdir}/pmon.d/sysinv-agent.conf \
${sysconfdir}/init.d/sysinv-agent \
${libdir}/python2.7/site-packages/sysinv/ \
"

31
recipes-core/stx-config/worker-utils.inc Normal file
View File

@ -0,0 +1,31 @@
PACKAGES += " worker-utils"
RDEPENDS_worker-utils += " bash"
do_compile_prepend () {
cd ${S}/worker-utils/worker-utils
oe_runmake all
}
do_install_append () {
cd ${S}/worker-utils/worker-utils
oe_runmake BINDIR=${D}/${bindir} GOENABLEDDIR=${D}/${sysconfdir}/goenabled.d \
INITDDIR=${D}/${sysconfdir}/init.d PLATFORMCONFDIR=${D}/${sysconfdir}/platform \
SYSTEMDDIR=${D}/${systemd_system_unitdir} install
}
FILES_worker-utils = " \
${bindir}/ps-sched.sh \
${bindir}/topology.py \
${bindir}/set-cpu-wakeup-latency.sh \
${bindir}/affine-interrupts.sh \
${bindir}/topology \
${bindir}/topology.pyc \
${systemd_system_unitdir}/affine-tasks.service \
${systemd_system_unitdir}/affine-platform.sh.service \
${sysconfdir}/goenabled.d/worker-goenabled.sh \
${sysconfdir}/platform/worker_reserved.conf \
${sysconfdir}/init.d/affine-platform.sh \
${sysconfdir}/init.d/task_affinity_functions.sh \
${sysconfdir}/init.d/cpumap_functions.sh \
${sysconfdir}/init.d/affine-tasks.sh \
"

21
recipes-core/stx-config/workerconfig.inc Normal file
View File

@ -0,0 +1,21 @@
PACKAGES += " workerconfig-standalone"
PACKAGES += " workerconfig-subfunction"
RDEPENDS_workerconfig-standalone += " bash"
do_install_append () {
cd ${S}/workerconfig/workerconfig/
oe_runmake GOENABLEDDIR=${D}/${sysconfdir}/goenabled.d INITDDIR=${D}/${sysconfdir}/init.d \
SYSTEMDDIR=${D}/${systemd_system_unitdir} install
}
FILES_workerconfig-standalone += " \
${systemd_system_unitdir}/config/workerconfig-standalone.service \
${sysconfdir}/goenabled.d/config_goenabled_check.sh \
${sysconfdir}/init.d/worker_config \
${sysconfdir}/init.d/worker_services \
"
FILES_workerconfig-subfunction += " \
${systemd_system_unitdir}/config/workerconfig-combined.service \
"

32
recipes-core/stx-fault/files/0001-Honor-the-build-system-LDFLAGS.patch Normal file
View File

@ -0,0 +1,32 @@
From 78585fade2d47fc0aa98b7e2fb494385466007da Mon Sep 17 00:00:00 2001
From: babak sarashki <babak.sarashki@windriver.com>
Date: Thu, 27 Jun 2019 14:36:59 -0700
Subject: [PATCH 1/2] Honor the build system LDFLAGS
---
fm-common/sources/Makefile | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/fm-common/sources/Makefile b/fm-common/sources/Makefile
index 7b1ea03..7c7e4c7 100755
--- a/fm-common/sources/Makefile
+++ b/fm-common/sources/Makefile
@@ -25,12 +25,13 @@ build: lib fmClientCli
$(CXX) $(CCFLAGS) $(INCLUDES) $(EXTRACCFLAGS) -c $< -o $@
lib: $(OBJS)
- $(CXX) -Wl,-soname,$(LIBFMCOMMON_SO).$(MAJOR) -o $(LIBFMCOMMON_SO).$(MAJOR).$(MINOR) -shared $(OBJS) $(EXTRAARFLAGS) ${LDLIBS}
+ $(LDCXXSHARED) $(LDFLAGS) -Wl,-soname,$(LIBFMCOMMON_SO).$(MAJOR) \
+ -o $(LIBFMCOMMON_SO).$(MAJOR).$(MINOR) $(OBJS) $(EXTRAARFLAGS) ${LDLIBS}
ln -sf $(LIBFMCOMMON_SO).$(MAJOR).$(MINOR) $(LIBFMCOMMON_SO).$(MAJOR)
ln -sf $(LIBFMCOMMON_SO).$(MAJOR).$(MINOR) $(LIBFMCOMMON_SO)
fmClientCli: $(CLI_OBJS) lib
- $(CXX) -o $@ $(CLI_OBJS) -L./ -lfmcommon
+ $(CXX) $(LDFLAGS) -o $@ $(CLI_OBJS) -L./ -lfmcommon
clean:
@rm -f $(OBJ) *.o *.so fmClientCli
--
2.17.1

25
recipes-core/stx-fault/files/0001-Use-build-systems-LDFLAGS.patch Normal file
View File

@ -0,0 +1,25 @@
From ee51474dd6756492d1487304ce83b878b8867f6b Mon Sep 17 00:00:00 2001
From: babak sarashki <babak.sarashki@windriver.com>
Date: Mon, 8 Jul 2019 21:50:24 -0700
Subject: [PATCH] Use build systems LDFLAGS
---
snmp-audittrail/sources/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/snmp-audittrail/sources/Makefile b/snmp-audittrail/sources/Makefile
index 6f7469c..bb55765 100644
--- a/snmp-audittrail/sources/Makefile
+++ b/snmp-audittrail/sources/Makefile
@@ -16,7 +16,7 @@ build: lib
$(CXX) $(CCFLAGS) $(INCLUDES) -c $< -o $@
lib: $(OBJS)
- $(CXX) $(OBJS) $(LDLIBS) -o $(LIBCGTSAGENT_SO).$(MAJOR).$(MINOR).$(PATCH) -shared
+ $(LDCXXSHARED) $(OBJS) $(LDFLAGS) $(LDLIBS) -o $(LIBCGTSAGENT_SO).$(MAJOR).$(MINOR).$(PATCH)
ln -sf $(LIBCGTSAGENT_SO).$(MAJOR).$(MINOR).$(PATCH) $(LIBCGTSAGENT_SO).$(MAJOR)
ln -sf $(LIBCGTSAGENT_SO).$(MAJOR).$(MINOR).$(PATCH) $(LIBCGTSAGENT_SO)
--
2.17.1

25
recipes-core/stx-fault/files/0001-snmp-ext-use-build-systems-LDFLAGS.patch Normal file
View File

@ -0,0 +1,25 @@
From e452f7eaf630f7ab5de240c51ddce14c9329d580 Mon Sep 17 00:00:00 2001
From: babak sarashki <babak.sarashki@windriver.com>
Date: Mon, 8 Jul 2019 21:56:11 -0700
Subject: [PATCH] snmp-ext use build systems LDFLAGS
---
snmp-ext/sources/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/snmp-ext/sources/Makefile b/snmp-ext/sources/Makefile
index 408ea34..c00febe 100644
--- a/snmp-ext/sources/Makefile
+++ b/snmp-ext/sources/Makefile
@@ -23,7 +23,7 @@ LIBCGTSAGENT_SO := libcgtsAgentPlugin.so
$(CXX) $(CCFLAGS) $(INCLUDES) -c $< -o $@
lib: $(OBJS)
- $(CXX) $(OBJS) $(LDLIBS) -o $(LIBCGTSAGENT_SO).$(MAJOR).$(MINOR).$(PATCH) -shared
+ $(LDCXXSHARED) $(OBJS) $(LDFLAGS) $(LDLIBS) -o $(LIBCGTSAGENT_SO).$(MAJOR).$(MINOR).$(PATCH)
ln -sf $(LIBCGTSAGENT_SO).$(MAJOR).$(MINOR).$(PATCH) $(LIBCGTSAGENT_SO).$(MAJOR)
ln -sf $(LIBCGTSAGENT_SO).$(MAJOR).$(MINOR).$(PATCH) $(LIBCGTSAGENT_SO)
--
2.17.1

21
recipes-core/stx-fault/fm-api.inc Normal file
View File

@ -0,0 +1,21 @@
PACKAGES += " fm-api"
do_configure_append () {
cd ${S}/fm-api
distutils_do_configure
}
do_compile_append() {
cd ${S}/fm-api
distutils_do_compile
}
do_install_append() {
cd ${S}/fm-api
distutils_do_install
}
FILES_fm-api_append += " \
${libdir}/python2.7/site-packages/fm_api-1.0.0-py2.7.egg-info/ \
${libdir}/python2.7/site-packages/fm_api \
"

43
recipes-core/stx-fault/fm-common.inc Normal file
View File

@ -0,0 +1,43 @@
PACKAGES += " fm-common"
RDEPENDS_fm-common = " python"
do_configure_append () {
cd ${S}/fm-common/sources
distutils_do_configure
}
do_compile_append() {
cd ${S}/fm-common/sources
oe_runmake -e BINDIR=${bindir} \
INCLUDES="-I./ " \
EXTRACCFLAGS=" " \
CCFLAGS="${CXXFLAGS} ${CCSHARED}" \
LIBDIR=${libdir} INCDIR=${includedir} \
CGCS_DOC_DEPLOY=${cgcs_doc_deploy}
distutils_do_compile
}
do_install_append() {
cd ${S}/fm-common/sources
oe_runmake -e DESTDIR=${D} BINDIR=${bindir} \
LIBDIR=${libdir} INCDIR=${includedir} \
CGCS_DOC_DEPLOY=${cgcs_doc_deploy} install
distutils_do_install
}
FILES_fm-common = " \
${cgcs_doc_deploy}/fmAlarm.h \
${bindir}/fm_db_sync_event_suppression.py \
${bindir}/fmClientCli \
${libdir}/python2.7/site-packages/fm_core*.egg-info \
${libdir}/python2.7/site-packages/fm_core.so \
${libdir}/libfmcommon.so.1.0 \
${libdir}/libfmcommon.so.1 \
${includedir}/fmConfig.h \
${includedir}/fmLog.h \
${includedir}/fmThread.h \
${includedir}/fmDbAPI.h \
${includedir}/fmAPI.h \
${includedir}/fmAlarm.h \
"

20
recipes-core/stx-fault/fm-doc.inc Normal file
View File

@ -0,0 +1,20 @@
PACKAGES += "fm-doc"
do_install_append () {
cd ${S}/fm-doc/fm_doc/
install -d -m 755 ${D}/${cgcs_doc_deploy}
install -d -m 755 ${D}/${sysconfdir}/fm
install -m 744 events.yaml ${D}/${sysconfdir}/fm/
install -m 644 events.yaml ${D}/${cgcs_doc_deploy}
install -m 755 checkEventYaml ${D}/${cgcs_doc_deploy}
install -m 644 parseEventYaml.py ${D}/${cgcs_doc_deploy}
install -m 644 check_missing_alarms.py ${D}/${cgcs_doc_deploy}
}
FILES_fm-doc = " \
${sysconfdir}/fm/events.yaml \
${cgcs_doc_deploy}/events.yaml \
${cgcs_doc_deploy}/checkEventYaml \
${cgcs_doc_deploy}/parseEventYaml.py \
${cgcs_doc_deploy}/check_missing_alarms.py \
"

31
recipes-core/stx-fault/fm-mgr.inc Normal file
View File

@ -0,0 +1,31 @@
PACKAGES += " fm-mgr"
###################
# DEPENDS = " fm-common"
###################
do_compile_append() {
cd ${S}/fm-mgr/sources/
oe_runmake -e \
LDFLAGS="${LDFLAGS} -L${S}/fm-common/sources" \
CCFLAGS="${CXXFLAGS}" \
INCLUDES="-I. -I${S}/fm-common/sources" \
build
}
do_install_append () {
cd ${S}/fm-mgr/sources/
install -d -m0755 ${D}/${systemd_system_unitdir}
oe_runmake -e DESTDIR=${D} BINDIR=${bindir} \
LIBDIR=${libdir} UNITDIR=${systemd_system_unitdir} \
SYSCONFDIR=${sysconfdir} \
install
rm -rf ${D}/usr/lib/systemd
}
FILES_fm-mgr = " \
${bindir}/fmManager \
${systemd_system_unitdir}/fminit.service \
${sysconfdir}/init.d/fminit \
${sysconfdir}/logrotate.d/fm.logrotate \
"

28
recipes-core/stx-fault/fm-rest-api.inc Normal file
View File

@ -0,0 +1,28 @@
PACKAGES += " fm-rest-api"
do_configure_append () {
cd ${S}/fm-rest-api/fm
distutils_do_configure
}
do_compile_append() {
cd ${S}/fm-rest-api/fm
distutils_do_compile
}
do_install_append() {
cd ${S}/fm-rest-api/fm
distutils_do_compile
install -d -m 755 ${D}/${systemd_system_unitdir}
install -p -D -m 644 scripts/fm-api.service ${D}/${systemd_system_unitdir}
install -p -D -m 755 scripts/fm-api ${D}/${sysconfdir}/init.d/fm-api
install -p -D -m 644 fm-api-pmond.conf ${D}/${sysconfdir}/pmon.d/fm-api.conf
}
FILES_fm-rest-api = " \
${systemd_system_unitdir}/fm-api.service \
${sysconfdir}/init.d/fm-api \
${sysconfdir}/pmon.d/fm-api.conf \
"

26
recipes-core/stx-fault/python-fmclient.inc Normal file
View File

@ -0,0 +1,26 @@
PACKAGES += " python-fmclient"
do_configure_append () {
cd ${S}/python-fmclient/fmclient
distutils_do_configure
}
do_compile_append() {
cd ${S}/python-fmclient/fmclient
distutils_do_compile
}
do_install_append() {
cd ${S}/python-fmclient/fmclient
distutils_do_install
install -d -m 0755 ${D}/${sysconfdir}/bash_completion.d/
install -p -D -m 664 tools/fm.bash_completion ${D}/${sysconfdir}/bash_completion.d/fm.bash_completion
}
FILES_python-fmclient = " \
${bindir}/fm \
${libdir}/python2.7/site-packages/fmclient-*.egg-info/ \
${libdir}/python2.7/site-packages/fmclient/ \
${sysconfdir}/bash_completion.d/fm.bash_completion \
"

25
recipes-core/stx-fault/snmp-audittrail.inc Normal file
View File

@ -0,0 +1,25 @@
PACKAGES += " snmp-audittrail"
##################
# DEPENDS = " fm-common net-snmp"
##################
do_compile_append() {
cd ${S}/snmp-audittrail/sources
oe_runmake -e \
LDFLAGS="${LDFLAGS} -L${S}/fm-common/sources" \
CCFLAGS="${CXXFLAGS} -fPIC" \
INCLUDES="-I. -I${S}/fm-common/sources" \
build
}
do_install_append () {
cd ${S}/snmp-audittrail/sources
oe_runmake -e DESTDIR=${D} LIB_DIR=${libdir} MIBVER=0 PATCH=0 install
}
FILES_snmp-audittrail = " \
${libdir}/libsnmpAuditPlugin.so.1.0.0 \
${libdir}/libsnmpAuditPlugin.so.1 \
"

25
recipes-core/stx-fault/snmp-ext.inc Normal file
View File

@ -0,0 +1,25 @@
PACKAGES += " snmp-ext"
####################
# DEPENDS = " fm-common snmp-audittrail"
####################
do_compile_append() {
cd ${S}/snmp-ext/sources
oe_runmake -e PATCH=0 \
INCLUDES="-I. -I${S}/fm-common/sources" \
LDFLAGS="${LDFLAGS} -L${S}/fm-common/sources" \
CCFLAGS="${CXXFLAGS} -fPIC" lib
}
do_install_append () {
cd ${S}/snmp-ext/sources
oe_runmake -e DEST_DIR=${D} LIB_DIR=${libdir} MIBVER=0 PATCH=0 install
}
FILES_snmp-ext_append = " \
${datadir}/snmp/mibs/wrsAlarmMib.mib.txt \
${datadir}/snmp/mibs/wrsEnterpriseReg.mib.txt \
${libdir}/libcgtsAgentPlugin.so.1.0.0 \
${libdir}/libcgtsAgentPlugin.so.1 \
"

62
recipes-core/stx-fault/stx-fault.bb Normal file
View File

@ -0,0 +1,62 @@
DESCRIPTION = "stx-fault"
INSANE_SKIP_${PN} = "ldflags"
STABLE = "starlingx/master"
PROTOCOL = "https"
BRANCH = "master"
SRCREV = "eeb2dee9023347f73d7153325190550a5dc87e7a"
S = "${WORKDIR}/git"
PV = "19.05"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
SRC_URI = "git://opendev.org/starlingx/fault.git;protocol=${PROTOCOL};rev=${SRCREV};branch=${BRANCH} \
file://0001-Honor-the-build-system-LDFLAGS.patch \
file://0001-Use-build-systems-LDFLAGS.patch \
file://0001-snmp-ext-use-build-systems-LDFLAGS.patch \
"
DEPENDS = " \
util-linux \
postgresql \
python \
python-pbr-native \
python-six \
python-oslo.i18n \
python-oslo.utils \
python-requests \
bash \
net-snmp \
"
RDEPENDS_${PN} += " bash"
inherit setuptools
cgcs_doc_deploy = "/opt/deploy/cgcs_doc"
require fm-common.inc
require fm-mgr.inc
require fm-api.inc
require fm-doc.inc
require fm-rest-api.inc
require python-fmclient.inc
require snmp-audittrail.inc
require snmp-ext.inc
do_configure() {
:
}
do_compile() {
:
}
do_install() {
:
}
FILES_${PN} = " "

57
recipes-core/stx-gui/stx-gui.bb Normal file
View File

@ -0,0 +1,57 @@
DESCRIPTION = "stx-gui"
PACKAGES = "starlingx-dashboard"
STABLE = "starlingx/master"
PROTOCOL = "https"
BRANCH = "master"
SRCREV = "596136ecb8d0f07cf9124ed82db66e4031116344"
S = "${WORKDIR}/git"
PV = "19.05"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=1dece7821bf3fd70fe1309eaa37d52a2"
SRC_URI = "git://opendev.org/starlingx/gui.git;protocol=${PROTOCOL};rev=${SRCREV};branch=${BRANCH}"
inherit setuptools
DEPENDS = "\
python \
python-pbr-native \
"
# TODO: do we need openstack-dashboard here
do_configure () {
cd ${S}/starlingx-dashboard/starlingx-dashboard
distutils_do_configure
}
do_compile () {
cd ${S}/starlingx-dashboard/starlingx-dashboard
distutils_do_compile
}
do_install () {
cd ${S}/starlingx-dashboard/starlingx-dashboard
distutils_do_install
# Do we need this?
#install -d -m 0755 ${D}/${datadir}/openstack-dashboard/openstack_dashboard/enabled/
#install -d -m 0755 ${D}/${datadir}/openstack-dashboard/openstack_dashboard/themes/starlingx/
#install -d -m 0755 ${D}/${datadir}/openstack-dashboard/openstack_dashboard/local/local_settings.d
#install -p -D -m 755 build/lib/starlingx_dashboard/enabled/* \
# ${D}/${datadir}/openstack-dashboard/openstack_dashboard/enabled/
#install -p -D -m 755 build/lib/starlingx_dashboard/themes/* \
# ${D}/${datadir}/openstack-dashboard/openstack_dashboard/themes/starlingx_dashboard
#install -p -D -m 755 build/lib/starlingx_dashboard/local/local_settings.d/* \
# ${D}/${datadir}/openstack-dashboard/openstack_dashboard/local/local_settings.d
}
FILES_starlingx-dashboard = " \
${libdir}/python2.7/site-packages/ \
"

47
recipes-core/stx-ha/files/0001-Allow-user-to-define-destination-libdir.patch Normal file
View File

@ -0,0 +1,47 @@
From f9090b7fb267fec4a6cd100fe1523458ba9a0411 Mon Sep 17 00:00:00 2001
From: babak sarashki <babak.sarashki@windriver.com>
Date: Thu, 11 Jul 2019 15:10:18 -0700
Subject: [PATCH] Allow user to define destination libdir
---
service-mgmt/sm-db-1.0.0/src/Makefile | 17 +++++++++++------
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/service-mgmt/sm-db-1.0.0/src/Makefile b/service-mgmt/sm-db-1.0.0/src/Makefile
index a29b1ac..379ea00 100644
--- a/service-mgmt/sm-db-1.0.0/src/Makefile
+++ b/service-mgmt/sm-db-1.0.0/src/Makefile
@@ -33,6 +33,10 @@ EXTRACCFLAGS= -D__STDC_FORMAT_MACROS
LDLIBS= -lsqlite3 -lglib-2.0 -luuid -lrt -lsm_common
LDFLAGS = -shared -rdynamic
+LIB_DIR = /usr/lib64
+BIN_DIR = /usr/bin
+INC_DIR = /usr/include
+
build: libsm_db.so sm_db_build
.c.o:
@@ -51,12 +55,13 @@ sm_db_build: ${OBJS}
$(CXX) $(INCLUDES) $(CCFLAGS) $(EXTRACCFLAGS) $(OBJS) $(LDLIBS) -o sm_db_build
install:
- install -d ${DEST_DIR}/usr/lib64
- install libsm_db.so.${VER} $(DEST_DIR)/usr/lib64
- cp -P libsm_db.so libsm_db.so.$(VER_MJR) $(DEST_DIR)/usr/lib64
- install -d ${DEST_DIR}/usr/include
- install -m 0644 *.h ${DEST_DIR}/usr/include
- install -d 755 ${DEST_DIR}/usr/bin
+ install -d ${DEST_DIR}/${LIB_DIR}
+ install libsm_db.so.${VER} $(DEST_DIR)/${LIB_DIR}
+ cp -P libsm_db.so libsm_db.so.$(VER_MJR) $(DEST_DIR)/${LIB_DIR}
+ install -d ${DEST_DIR}/${INC_DIR}
+ install -m 0644 *.h ${DEST_DIR}/${INC_DIR}
+ install -d 755 ${DEST_DIR}/${BIN_DIR}
+ install -m 0744 sm_db_build ${DEST_DIR}/${BIN_DIR}
clean:
@rm -f *.o *.a *.so *.so.*
--
2.17.1

30
recipes-core/stx-ha/files/0001-Install-sm-eru-sm-eru-dump-and-sm-eru-watchdog.patch Normal file
View File

@ -0,0 +1,30 @@
From ff46ee1fa9d5b7269f5a05200d96d673a358e710 Mon Sep 17 00:00:00 2001
From: babak sarashki <babak.sarashki@windriver.com>
Date: Thu, 11 Jul 2019 13:07:49 -0700
Subject: [PATCH] Install sm-eru, sm-eru-dump, and sm-eru-watchdog
---
service-mgmt/sm-common-1.0.0/src/Makefile | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/service-mgmt/sm-common-1.0.0/src/Makefile b/service-mgmt/sm-common-1.0.0/src/Makefile
index 99f736d..7d138f9 100644
--- a/service-mgmt/sm-common-1.0.0/src/Makefile
+++ b/service-mgmt/sm-common-1.0.0/src/Makefile
@@ -69,8 +69,11 @@ install:
# install of these 3 are in the .spec file so that they can be
# renamed with '-' like they are in the bitbake file.
#
- # install -d $(DEST_DIR)$(BIN_DIR)
- # install sm_watchdog sm_eru sm_eru_dump $(DEST_DIR)$(BIN_DIR)
+
+ install -d -m 755 $(DEST_DIR)$(BIN_DIR)
+ install -p -m 755 sm_eru $(DEST_DIR)$(BIN_DIR)/sm-eru
+ install -p -m 755 sm_eru_dump $(DEST_DIR)$(BIN_DIR)/sm-eru-dump
+ install -p -m 755 sm_watchdog $(DEST_DIR)$(BIN_DIR)/sm-watchdog
install -d $(DEST_DIR)$(LIB_DIR)
install libsm_common.so.${VER} $(DEST_DIR)$(LIB_DIR)
cp -P libsm_common.so libsm_common.so.$(VER_MJR) $(DEST_DIR)$(LIB_DIR)
--
2.17.1

39
recipes-core/stx-ha/sm-api.inc Normal file
View File

@ -0,0 +1,39 @@
PACKAGES += " sm-api"
RDEPENDS_sm-api += " bash"
do_configure_prepend () {
cd ${S}/service-mgmt-api/sm-api
distutils_do_configure
}
do_compile_prepend () {
cd ${S}/service-mgmt-api/sm-api
distutils_do_compile
}
do_install_prepend () {
cd ${S}/service-mgmt-api/sm-api
distutils_do_install
install -d -m 0755 ${D}/${sysconfdir}/sm
install -d -m 0755 ${D}/${sysconfdir}/init.d
install -d -m 0755 ${D}/${sysconfdir}/pmon.d
install -d -m 0755 ${D}/${sysconfdir}/sm-api
install -d -m 0755 ${D}/${systemd_system_unitdir}
install -m 644 scripts/sm_api.ini ${D}/${sysconfdir}/sm
install -m 755 scripts/sm-api ${D}/${sysconfdir}/init.d
install -m 644 scripts/sm-api.service ${D}/${systemd_system_unitdir}
install -m 644 scripts/sm-api.conf ${D}/${sysconfdir}/pmon.d
install -m 644 etc/sm-api/policy.json ${D}/${sysconfdir}/sm-api
}
FILES_sm-api = " \
${libdir}/python2.7/site-packages/sm_api*.egg-info/ \
${libdir}/python2.7/site-packages/sm_api/ \
${systemd_system_unitdir}/sm-api.service \
${sysconfdir}/init.d/sm-api \
${sysconfdir}/pmon.d/sm-api.conf \
${sysconfdir}/sm/sm_api.ini \
${sysconfdir}/sm-api/policy.json \
${bindir}/sm-api \
"

24
recipes-core/stx-ha/sm-client.inc Normal file
View File

@ -0,0 +1,24 @@
PACKAGES += " sm-client"
do_configure_prepend () {
cd ${S}/service-mgmt-client/sm-client
distutils_do_configure
}
do_compile_prepend() {
cd ${S}/service-mgmt-client/sm-client
distutils_do_compile
}
do_install_prepend () {
cd ${S}/service-mgmt-client/sm-client
distutils_do_install
install -d -m 0755 ${D}/${bindir}
install -m 755 usr/bin/smc ${D}/${bindir}
}
FILES_sm-client = " \
${bindir}/smc \
${libdir}/python2.7/site-packages/sm_client*.egg-info/ \
${libdir}/python2.7/site-packages/sm_client/ \
"

64
recipes-core/stx-ha/sm-common.inc Normal file
View File

@ -0,0 +1,64 @@
PACKAGES += " libsm-common"
PACKAGES += " sm-common-libs"
PACKAGES += " sm-eru"
#DEPENDS += " \
# glib-2.0 \
# sqlite3 \
# "
RDEPENDS_sm-eru += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
cd ${S}/service-mgmt/sm-common-1.0.0/src
oe_runmake -e VER=0 VER_MJR=1 \
INCLUDES="-I. $(pkg-config --cflags glib-2.0)" \
CCFLAGS="${CXXFLAGS} -fPIC" LDFLAGS="${LDFLAGS} -shared -rdynamic" \
EXTRACCFLAGS="${LDFLAGS}"
}
do_install_prepend () {
cd ${S}/service-mgmt/sm-common-1.0.0/src
oe_runmake -e DEST_DIR=${D} BIN_DIR=${bindir} UNIT_DIR=${systemd_system_unitdir} \
LIB_DIR=${libdir} INC_DIR=${includedir} VER=0 VER_MJR=1 install
cd ${S}/service-mgmt/sm-common-1.0.0/
install -d -m 755 ${D}/${systemd_system_unitdir}
# install -m 755 -d ${D}/${sysconfdir}/pmon.d
# install -m 755 -d ${D}/${sysconfdir}/init.d
install -m 644 -p -D scripts/sm-eru.service ${D}/${systemd_system_unitdir}/sm-eru.service
install -m 644 -p -D scripts/sm-watchdog.service ${D}/${systemd_system_unitdir}/sm-watchdog.service
install -m 640 -p -D scripts/sm-eru.conf ${D}/${sysconfdir}/pmon.d/sm-eru.conf
install -m 640 -p -D scripts/sm-watchdog.conf ${D}/${sysconfdir}/pmon.d/sm-watchdog.conf
install -m 750 -p -D scripts/sm-eru ${D}/${sysconfdir}/init.d/sm-eru
# install -m 750 -p -D scripts/sm-watchdog ${D}/${sysconfdir}/init.d/sm-watchdog
}
FILES_libsm-common = " \
${libdir}/libsm_common.so.0 \
${libdir}/libsm_common.so.1 \
${libdir}/libsm_common.so \
"
FILES_sm-common-libs = " \
var/lib/sm/watchdog/modules/libsm_watchdog_nfs.so.0 \
var/lib/sm/watchdog/modules/libsm_watchdog_nfs.so.1 \
"
FILES_sm-eru = " \
${bindir}/sm-eru \
${bindir}/sm-eru-dump \
${bindir}/sm-watchdog \
${systemd_system_unitdir}/sm-eru.service \
${systemd_system_unitdir}/sm-watchdog.service \
${sysconfdir}/init.d/sm-eru \
${sysconfdir}/pmon.d/sm-eru.conf \
${sysconfdir}/pmon.d/sm-watchdog.conf \
"

33
recipes-core/stx-ha/sm-db.inc Normal file
View File

@ -0,0 +1,33 @@
PACKAGES += " sm-db"
# inherit pkgconfig
#DEPENDS += " \
# sm-common \
# "
do_configure_prepend () {
:
}
do_compile_prepend () {
cd ${S}/service-mgmt/sm-db-1.0.0/src
oe_runmake -e VER=0 VER_MJR=1 \
INCLUDES="-I. -I${S}/service-mgmt/sm-common-1.0.0/src " \
CCFLAGS="${CXXFLAGS} -fPIC" \
LDFLAGS="${LDFLAGS} -shared -rdynamic -L${S}/service-mgmt/sm-common-1.0.0/src " \
EXTRACCFLAGS="-D_TEST__AA__BB ${LDFLAGS} -L${S}/service-mgmt/sm-common-1.0.0/src "
}
do_install_prepend () {
cd ${S}/service-mgmt/sm-db-1.0.0/src
oe_runmake -e DEST_DIR=${D} BIN_DIR=${bindir} UNIT_DIR=${systemd_system_unitdir} \
LIB_DIR=${libdir} INC_DIR=${includedir} VER=0 VER_MJR=1 install
}
FILES_sm-db = " \
${bindir}/sm_db_build \
${libdir}/libsm_db.so.1 \
${libdir}/libsm_db.so.0 \
"

36
recipes-core/stx-ha/sm-tools.inc Normal file
View File

@ -0,0 +1,36 @@
PACKAGES += " sm-tools"
# DEPENDS = " \
# python \
# python-pbr-native \
# "
do_configure_prepend () {
cd ${S}/service-mgmt-tools/sm-tools
distutils_do_configure
}
do_compile_prepend() {
cd ${S}/service-mgmt-tools/sm-tools
distutils_do_compile
}
do_install_prepend () {
cd ${S}/service-mgmt-tools/sm-tools
distutils_do_install
}
FILES_sm-tools = " \
${bindir}/sm-query \
${bindir}/sm-provision \
${bindir}/sm-restart \
${bindir}/sm-unmanage \
${bindir}/sm-dump \
${bindir}/sm-iface-state \
${bindir}/sm-configure \
${bindir}/sm-manage \
${bindir}/sm-deprovision \
${bindir}/sm-restart-safe \
${libdir}/python2.7/site-packages/sm_tools-*.egg-info/ \
${libdir}/python2.7/site-packages/sm_tools/ \
"

43
recipes-core/stx-ha/sm.inc Normal file
View File

@ -0,0 +1,43 @@
PACKAGES += " sm"
#DEPENDS = " \
# sm-common \
# sm-db \
# stx-metal \
# stx-fault
# sqlite3 \
# "
do_configure_prepend () {
:
}
# TODO:
# Fix the Makefiles. We should not have to do this stuff here.
do_compile_prepend() {
cd ${S}/service-mgmt/sm-1.0.0/src
oe_runmake -e -j1 VER=0 VER_MJR=1 \
INCLUDES="-I. -I${S}/service-mgmt/sm-common-1.0.0/src \
-I${S}/service-mgmt/sm-db-1.0.0/src $(pkg-config --cflags glib-2.0)" \
EXTRACCFLAGS="-I. -I${S}/service-mgmt/sm-common-1.0.0/src \
-I${S}/service-mgmt/sm-db-1.0.0/src $(pkg-config --cflags glib-2.0) \
-L${S}/service-mgmt/sm-common-1.0.0/src -L${S}/service-mgmt/sm-db-1.0.0/src \
$(pkg-config --ldlags glib-2.0)" \
CCFLAGS="${CXXFLAGS} -std=c++11" LDFLAGS="${LDFLAGS} -rdynamic"
}
do_install_prepend () {
cd ${S}/service-mgmt/sm-1.0.0/src
oe_runmake -e DEST_DIR=${D} BIN_DIR=${bindir} UNIT_DIR=${systemd_system_unitdir} \
LIB_DIR=${libdir} INC_DIR=${includedir} VER=0 VER_MJR=1 install
}
FILES_sm = " \
${bindir}/sm \
"
pkg_postinst_ontarget_${PN}_append () {
/usr/bin/systemctl enable sm.service >/dev/null 2>&1
/usr/bin/systemctl enable sm-shutdown.service >/dev/null 2>&1
}

65
recipes-core/stx-ha/stx-ha.bb Normal file
View File

@ -0,0 +1,65 @@
DESCRIPTION = "stx-ha"
STABLE = "starlingx/master"
PROTOCOL = "https"
BRANCH = "master"
SRCREV = "73b77366b32eac3be1caaab2e44a1f02ee5c1980"
S = "${WORKDIR}/git"
PV = "19.05"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
SRC_URI = "git://opendev.org/starlingx/ha.git;protocol=${PROTOCOL};rev=${SRCREV};branch=${BRANCH} \
file://0001-Install-sm-eru-sm-eru-dump-and-sm-eru-watchdog.patch \
file://0001-Allow-user-to-define-destination-libdir.patch \
"
inherit setuptools
inherit pkgconfig
DEPENDS += " \
stx-fault \
stx-metal \
sqlite3 \
python \
python-pbr-native \
glib-2.0 \
sqlite3 \
"
require sm.inc
require sm-db.inc
require sm-common.inc
require sm-api.inc
require sm-client.inc
require sm-tools.inc
#TODO: Shouldn't have to do this
LDFLAGS_remove = "-Wl,--as-needed"
do_configure () {
:
}
do_compile() {
:
}
do_install () {
:
}
pkg_postinst_ontarget_${PN} () {
}
FILES_${PN} = " "
FILES_${PN}-dev += " \
var/lib/sm/watchdog/modules/libsm_watchdog_nfs.so \
"
# var/lib/sm/watchdog/modules/libsm_watchdog_nfs.so.1 \
# var/lib/sm/watchdog/modules/libsm_watchdog_nfs.so.0 \
# ${libdir}/libsm_common.so.1 \
# ${libdir}/libsm_common.so.0

46
recipes-core/stx-integ-kubernetes/cloud-provider-openstack.bb Normal file
View File

@ -0,0 +1,46 @@
DESCRIPTION = "cloud-provider-openstack"
STABLE = "starlingx/master"
PROTOCOL = "https"
BRANCH = "master"
SRCREV = "70609a3d55e5b7d2be82667fc35792505f9013c4"
S = "${WORKDIR}/git"
PV = "19.05"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
SRC_URI = "git://opendev.org/starlingx/config.git;protocol=${PROTOCOL};rev=${SRCREV};branch=${BRANCH}"
require stx-integ-kubernetes.inc
RDEPENDS_${PN} += " bash"
do_configure () {
:
}
do_compile() {
:
}
do_install () {
cd ${S}/filesystem/cloud-provider-openstack/
install -d -m755 ${D}/${bindir}
install -d -m755 ${D}/${systemd_system_unitdir}
install -D -m644 files/cloud-provider-openstack.sh ${D}/${bindir}
install -D -m644 files/cloud-provider-openstack.service ${D}/${systemd_system_unitdir}
}
pkg_postinst_ontarget_${PN} () {
/usr/bin/systemctl enable cloud-provider-openstack.service>
}
FILES_${PN}_append += " \
${systemd_system_unitdir} \
"

0
recipes-core/stx-integ-kubernetes/stx-integ-kubernetes.inc Normal file
View File

41
recipes-core/stx-integ/base/cgcs-users.inc Normal file
View File

@ -0,0 +1,41 @@
PACKAGES += " cgcs-users"
RDEPENDS_cgcs-users_append = " bash"
do_configure_append () {
:
}
do_compile_append () {
cd ${S}/base/cgcs-users/cgcs-users-1.0
oe_runmake -e ibsh
}
do_install_append () {
cd ${S}/base/cgcs-users/cgcs-users-1.0
# oe_runmake -e DESTDIR=${D} ibsh_install
install -d -m 755 ${D}/${sysconfdir}/ibsh/cmds
install -d -m 755 ${D}/${sysconfdir}/ibsh/xtns
install -d -m 755 ${D}/${bindir}
cp globals.cmds ${D}/${sysconfdir}/ibsh/
cp globals.xtns ${D}/${sysconfdir}/ibsh/
cp admin.cmds ${D}/${sysconfdir}/ibsh/cmds/
cp admin.xtns ${D}/${sysconfdir}/ibsh/xtns/
cp operator.cmds ${D}/${sysconfdir}/ibsh/cmds/
cp operator.xtns ${D}/${sysconfdir}/ibsh/xtns/
cp secadmin.cmds ${D}/${sysconfdir}/ibsh/cmds/
cp secadmin.xtns ${D}/${sysconfdir}/ibsh/xtns/
install -p -m 755 ibsh ${D}/${bindir}
}
FILES_cgcs-users = " \
${sysconfdir}/ibsh/globals.cmds \
${sysconfdir}/ibsh/globals.xtns \
${sysconfdir}/ibsh/cmds/secadmin.cmds \
${sysconfdir}/ibsh/cmds/operator.cmds \
${sysconfdir}/ibsh/cmds/admin.cmds \
${sysconfdir}/ibsh/xtns/operator.xtns \
${sysconfdir}/ibsh/xtns/admin.xtns \
${sysconfdir}/ibsh/xtns/secadmin.xtns \
${bindir}/ibsh \
"

25
recipes-core/stx-integ/base/dhcp-config.inc Normal file
View File

@ -0,0 +1,25 @@
PACKAGES += " dhcp-config"
# TODO: Needs to be a bbappend
RDEPENDS_dhcp-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/base/dhcp-config
install -d -m 0755 ${D}/${sysconfdir}/dhcp
install -p -m 0755 files/dhclient-enter-hooks ${D}/${sysconfdir}/dhcp/stx-dhclient-enter-hooks
install -p -m 0755 files/dhclient.conf ${D}/${sysconfdir}/dhcp/stx-dhclient.conf
}
FILES_dhcp-config = " \
${sysconfdir}/dhcp/stx-dhclient-enter-hooks \
${sysconfdir}/dhcp/stx-dhclient.conf \
"

21
recipes-core/stx-integ/base/dnsmasq-config.inc Normal file
View File

@ -0,0 +1,21 @@
PACKAGES += " dnsmasq-config"
RDEPENDS_dnsmasq-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/base/dnsmasq-config
install -d -m 0755 ${D}/${sysconfdir}/init.d
install -p -m 0755 files/init ${D}/${sysconfdir}/init.d/stx-dnsmasq
}
FILES_dnsmasq-config = " \
${sysconfdir}/init.d/stx-dnsmasq \
"

27
recipes-core/stx-integ/base/haproxy-config.inc Normal file
View File

@ -0,0 +1,27 @@
PACKAGES += " haproxy-config"
RDEPENDS_haproxy-config += " bash haproxy"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/base/haproxy-config
install -d -m 0755 ${D}/${sysconfdir}/systemd/system
install -d -m 0755 ${D}/${sysconfdir}/haproxy/errors
install -d -m 0755 ${D}/${sysconfdir}/init.d
install -p -m 0755 files/503.http ${D}/${sysconfdir}/haproxy/errors
install -p -m 0644 files/haproxy.service ${D}/${sysconfdir}/systemd/system
install -p -m 0755 files/haproxy.sh ${D}/${sysconfdir}/init.d
}
FILES_haproxy-config = " \
${sysconfdir}/haproxy/errors/503.http \
${sysconfdir}/systemd/system/haproxy.service \
${sysconfdir}/init.d/haproxy.sh \
"

33
recipes-core/stx-integ/base/initscripts-config.inc Normal file
View File

@ -0,0 +1,33 @@
PACKAGES += " initscripts-config"
RDEPENDS_initscripts-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/base/initscripts-config
install -d -m 0755 ${D}/${datadir}/starlingx/
install -d -m 0755 ${D}/${sysconfdir}/sysconfig
install -d -m 0755 ${D}/${sysconfdir}/init.d
install -d -m 0755 ${D}/${systemd_system_unitdir}
install -d -m 0755 ${D}/${sysconfdir}/sysconfig/network
install -p -m 0644 files/sysctl.conf ${D}/${datadir}/starlingx/stx.sysctl.conf
install -p -m 0644 files/sysconfig-network.conf ${D}/${sysconfdir}/sysconfig/network/
install -p -m 0755 files/mountnfs.sh ${D}/${sysconfdir}/init.d/mountnfs
install -p -m 0644 files/mountnfs.service ${D}/${systemd_system_unitdir}/mountnfs.service
}
FILES_initscripts-config = " \
${datadir}/starlingx/stx.sysctl.conf \
${sysconfdir}/sysconfig/network/sysconfig-network.conf \
${sysconfdir}/init.d/mountnfs \
${systemd_system_unitdir}/mountnfs.service \
"

43
recipes-core/stx-integ/base/lighttpd-config.inc Normal file
View File

@ -0,0 +1,43 @@
PACKAGES += " lighttpd-config"
RDEPENDS_lighttpd-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/base/lighttpd-config
install -d -m 1777 ${D}/www/tmp
install -d ${D}/${sysconfdir}/lighttpd/ssl
install -d ${D}/www/pages/dav
install -d ${D}/${datadir}/starlingx
install -m640 files/lighttpd.conf ${D}/${datadir}/starlingx/lighttpd.conf
install -m755 files/lighttpd.init ${D}/${datadir}/starlingx/lighttpd.init
install -m644 files/lighttpd-inc.conf ${D}/${sysconfdir}/lighttpd/lighttpd-inc.conf
install -m644 files/index.html.lighttpd ${D}/www/pages/index.html
# install -d ${D}/${sysconfdir}/logrotate.d
install -m644 files/lighttpd.logrotate ${D}/${datadir}/starlingx/lighttpd.logrotate
rm -rf ${D}/www/pages
}
# TODO:
# This and other .inc packages need to be bbappends to avoid conflicts
# www/pages/index.html
# www/pages/dav
FILES_lighttpd-config = " \
${datadir}/starlingx/lighttpd.conf \
${datadir}/starlingx/lighttpd.init \
${datadir}/starlingx/lighttpd.logrotate \
${sysconfdir}/lighttpd/lighttpd-inc.conf \
${sysconfdir}/lighttpd/ssl \
www/tmp \
"

32
recipes-core/stx-integ/base/net-snmp-config.inc Normal file
View File

@ -0,0 +1,32 @@
PACKAGES += " net-snmp-config"
RDEPENDS_net-snmp-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/base/net-snmp-config
install -d ${D}/${datadir}/starlingx
install -d ${D}/${datadir}/snmp
install -d ${D}/${sysconfdir}/rc.d/init.d
install -d ${D}/${systemd_system_unitdir}
install -m640 files/stx.snmpd.conf ${D}/${datadir}/starlingx/stx.snmpd.conf
install -m755 files/stx.snmpd ${D}/${sysconfdir}/rc.d/init.d/stx-snmpd
install -m640 files/stx.snmp.conf ${D}/${datadir}/snmp/snmp.conf
install -m644 files/snmpd.service ${D}/${systemd_system_unitdir}/stx-snmpd.service
}
FILES_net-snmp-config = " \
${datadir}/starlingx/stx.snmpd.conf \
${sysconfdir}/rc.d/init.d/stx-snmpd \
${datadir}/snmp/snmp.conf \
${systemd_system_unitdir}/stx-snmpd.service \
"

30
recipes-core/stx-integ/base/openssh-config.inc Normal file
View File

@ -0,0 +1,30 @@
PACKAGES += " openssh-config"
RDEPENDS_openssh-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/base/openssh-config
install -d ${D}/${datadir}/starlingx
install -d ${D}/${systemd_system_unitdir}
install -m640 files/sshd.pam ${D}/${datadir}/starlingx/sshd.pam
install -m640 files/sshd_config ${D}/${datadir}/starlingx/sshd_config
install -m640 files/ssh_config ${D}/${datadir}/starlingx/ssh_config
install -m644 files/sshd.service ${D}/${systemd_system_unitdir}/sshd.service
}
FILES_openssh-config_append += " \
${datadir}/starlingx/sshd.pam \
${datadir}/starlingx/sshd_config \
${datadir}/starlingx/ssh_config \
${systemd_system_unitdir}/sshd.service \
"

29
recipes-core/stx-integ/base/setup-config.inc Normal file
View File

@ -0,0 +1,29 @@
PACKAGES += " setup-config"
RDEPENDS_setup-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/base/setup-config
install -d ${D}/${datadir}/starlingx
install -d ${D}/${sysconfdir}/profile.d
install -m640 files/motd ${D}/${datadir}/starlingx/stx.motd
install -m640 files/prompt.sh ${D}/${sysconfdir}/profile.d/prompt.sh
install -m640 files/custom.sh ${D}/${sysconfdir}/profile.d/custom.sh
}
FILES_setup-config = " \
${datadir}/starlingx/stx.motd \
${sysconfdir}/profile.d/prompt.sh \
${sysconfdir}/profile.d/custom.sh \
"

31
recipes-core/stx-integ/base/systemd-config.inc Normal file
View File

@ -0,0 +1,31 @@
PACKAGES += " systemd-config"
RDEPENDS_systemd-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/base/systemd-config
install -d ${D}/${datadir}/starlingx
install -m644 files/60-persistent-storage.rules ${D}/${datadir}/starlingx/60-persistent-storage.rules
install -m644 files/journald.conf ${D}/${datadir}/starlingx/journald.conf
install -m644 files/systemd.conf.tmpfiles.d ${D}/${datadir}/starlingx/
install -m644 files/tmp.conf.tmpfiles.d ${D}/${datadir}/starlingx/
install -m644 files/tmp.mount ${D}/${datadir}/starlingx/
}
FILES_systemd-config = " \
${datadir}/starlingx/60-persistent-storage.rules \
${datadir}/starlingx/journald.conf \
${datadir}/starlingx/systemd.conf.tmpfiles.d \
${datadir}/starlingx/tmp.conf.tmpfiles.d \
${datadir}/starlingx/tmp.mount \
"

22
recipes-core/stx-integ/config-files/audit-config.inc Normal file
View File

@ -0,0 +1,22 @@
PACKAGES += " audit-config"
RDEPENDS_audit-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/config-files/audit-config
install -d -m 0755 ${D}/${datadir}/starlingx/
install -p -m 0644 files/syslog.conf ${D}/${datadir}/starlingx/syslog.conf
}
FILES_audit-config = " \
${datadir}/starlingx/syslog.conf \
"

25
recipes-core/stx-integ/config-files/docker-config.inc Normal file
View File

@ -0,0 +1,25 @@
PACKAGES += " docker-config"
RDEPENDS_docker-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/config-files/docker-config/files
oe_runmake -e DATADIR=${D}/${datadir} \
SYSCONFDIR=${D}/${sysconfdir} install
}
FILES_docker-config = " \
${sysconfdir}/pmon.d/docker.conf \
${sysconfdir}/systemd/system \
${sysconfdir}/systemd/system/docker.service.d \
${sysconfdir}/systemd/system/docker.service.d/docker-stx-override.conf \
${sysconfdir}/logrotate.d/docker.logrotate \
"

21
recipes-core/stx-integ/config-files/io-scheduler.inc Normal file
View File

@ -0,0 +1,21 @@
PACKAGES += " io-scheduler"
RDEPENDS_io-scheduler += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
install -d -m 0755 ${D}/${sysconfdir}/udev/rules.d
install -m644 ${S}/config-files/io-scheduler/centos/files/60-io-scheduler.rules \
${D}/${sysconfdir}/udev/rules.d/60-io-scheduler.rules
}
FILES_io-scheduler = " \
${sysconfdir}/udev/rules.d/60-io-scheduler.rules \
"

30
recipes-core/stx-integ/config-files/iptables-config.inc Normal file
View File

@ -0,0 +1,30 @@
PACKAGES += " iptables-config"
RDEPENDS_iptables-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/config-files/iptables-config
install -d -m0755 ${D}/${sysconfdir}/sysconfig
install -d -m0755 ${D}/${datadir}/starlingx
install -m600 files/iptables.rules ${D}/${datadir}/starlingx/iptables.rules
install -m600 files/ip6tables.rules ${D}/${datadir}/starlingx/ip6tables.rules
install -m600 files/iptables.rules ${D}/${sysconfdir}/sysconfig/iptables.rules
install -m600 files/ip6tables.rules ${D}/${sysconfdir}/sysconfig/ip6tables.rules
}
FILES_iptables-config = " \
${datadir}/starlingx/iptables.rules \
${datadir}/starlingx/ip6tables.rules \
${sysconfdir}/sysconfig/iptables.rules \
${sysconfdir}/sysconfig/ip6tables.rules \
"

22
recipes-core/stx-integ/config-files/memcached-custom.inc Normal file
View File

@ -0,0 +1,22 @@
PACKAGES += " memcached-custom"
RDEPENDS_memcached-custom = " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/config-files/memcached-custom
install -d -m0755 ${D}/${systemd_system_unitdir}
install -m644 files/memcached.service ${D}/${systemd_system_unitdir}/
}
FILES_memcached-custom = " \
${systemd_system_unitdir}/memcached.service \
"

25
recipes-core/stx-integ/config-files/ntp-config.inc Normal file
View File

@ -0,0 +1,25 @@
PACKAGES += " ntp-config"
RDEPENDS_ntp-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/config-files/ntp-config
install -d -m0755 ${D}/${datadir}/starlingx
install -m644 files/ntp.conf ${D}/${datadir}/starlingx/ntp.config
install -m644 files/ntpd.sysconfig ${D}/${datadir}/starlingx/ntpd.sysconfig
}
FILES_ntp-config = " \
${datadir}/starlingx/ntp.config \
${datadir}/starlingx/ntpd.sysconfig \
"

35
recipes-core/stx-integ/config-files/pam-config.inc Normal file
View File

@ -0,0 +1,35 @@
PACKAGES += " pam-config"
RDEPENDS_pam-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/config-files/pam-config/
install -d -m0755 ${D}/${datadir}/starlingx
install -d -m0755 ${D}/${sysconfdir}/pam.d
install -m 644 files/common-account ${D}/${sysconfdir}/pam.d/stx-common-account
install -m 644 files/common-auth ${D}/${sysconfdir}/pam.d/stx-common-auth
install -m 644 files/common-password ${D}/${sysconfdir}/pam.d/stx-common-password
install -m 644 files/common-session ${D}/${sysconfdir}/pam.d/stx-common-session
install -m 644 files/common-session-noninteractive ${D}${sysconfdir}/pam.d/stx-common-session-noninteractive
install -m 644 files/system-auth.pamd ${D}/${datadir}/starlingx/stx.system-auth
install -m 644 files/system-auth.pamd ${D}/${sysconfdir}/pam.d/stx-system-auth
}
FILES_pam-config = " \
${sysconfdir}/pam.d/stx-common-account \
${sysconfdir}/pam.d/stx-common-auth \
${sysconfdir}/pam.d/stx-common-password \
${sysconfdir}/pam.d/stx-common-session \
${sysconfdir}/pam.d/stx-common-session-noninteractive \
${datadir}/starlingx/stx.system-auth \
${sysconfdir}/pam.d/stx-system-auth \
"

23
recipes-core/stx-integ/config-files/rsync-config.inc Normal file
View File

@ -0,0 +1,23 @@
PACKAGES += " rsync-config"
RDEPENDS_rsync-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/config-files/rsync-config/
install -d -m0755 ${D}/${datadir}/starlingx
install -d -m0755 ${D}/${sysconfdir}/
install -m 644 files/rsyncd.conf ${D}/${datadir}/starlingx/stx.rsyncd.conf
}
FILES_rsync-config = " \
${datadir}/starlingx/stx.rsyncd.conf \
"

28
recipes-core/stx-integ/config-files/shadow-utils-config.inc Normal file
View File

@ -0,0 +1,28 @@
PACKAGES += " shadow-utils-config"
RDEPENDS_shadow-utils-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/config-files/shadow-utils-config
install -d -m0755 ${D}/${datadir}/starlingx
install -d -m0755 ${D}/${sysconfdir}/init.d
install -d -m0755 ${D}/${systemd_system_unitdir}
install -m644 files/login.defs ${D}/${datadir}/starlingx/login.defs
install -m644 files/clear_shadow_locks.service ${D}/${systemd_system_unitdir}/
install -m644 files/login.defs ${D}/${sysconfdir}/stx-login.defs
}
FILES_shadow-utils-config = " \
${datadir}/starlingx/login.defs \
${systemd_system_unitdir}/clear_shadow_locks.service \
${sysconfdir}/stx-login.defs \
"

37
recipes-core/stx-integ/config-files/sudo-config.inc Normal file
View File

@ -0,0 +1,37 @@
PACKAGES += " sudo-config"
#
#TODO:
# Set the following in shadow file and add the user
# %define SYSADMIN_P 4SuW8cnXFyxsk
# useradd -m -g sys_protected -G root \
# -d /home/sysadmin -p %{SYSADMIN_P} \
# -s /bin/sh sysadmin 2> /dev/null || :
#
# TODO:
# the RPM spec installs sysadmin.sudo
# Source does not include sysadmin.sudo
# Use wrs.sudo for now to get passed
# +++++++ Replace with the correct file.
RDEPENDS_sudo-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/config-files/sudo-config
install -d -m755 ${D}/${sysconfdir}/stx-sudoers.d
# install -m644 files/sysadmin.sudo ${D}/${sysconfdir}/sudoers.d/
install -m644 files/wrs.sudo ${D}/${sysconfdir}/stx-sudoers.d/stx-sysadmin
}
FILES_sudo-config = " \
${sysconfdir}/stx-sudoers.d/stx-sysadmin \
"

44
recipes-core/stx-integ/config-files/syslog-ng-config.inc Normal file
View File

@ -0,0 +1,44 @@
PACKAGES += " syslog-ng-config"
RDEPENDS_syslog-ng-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/config-files/syslog-ng-config
install -d -m755 ${D}/${datadir}/starlingx
install -d -m755 ${D}/${sysconfdir}/sysconfig/syslog-ng
install -d -m755 ${D}/${sysconfdir}/logrotate.d
install -d -m755 ${D}/${systemd_system_unitdir}
install -d -m755 ${D}/${sbindir}
install -D -m644 files/syslog-ng.conf ${D}/${datadir}/starlingx/syslog-ng.conf
install -D -m644 files/syslog-ng.logrotate ${D}/${datadir}/starlingx/syslog-ng.logrotate
install -D -m644 files/remotelogging.conf ${D}/${sysconfdir}/syslog-ng/remotelogging.conf
install -D -m700 files/fm_event_syslogger ${D}/${sbindir}/fm_event_syslogger
install -D -m644 files/syslog-ng.service ${D}/${datadir}/starlingx/syslog-ng.service
install -D -m644 files/syslog-ng.conf ${D}/${sysconfdir}/syslog-ng/syslog-ng.conf
install -D -m644 files/syslog-ng.logrotate ${D}/${sysconfdir}/logrotate.d/syslog
install -D -m644 files/syslog-ng.service ${D}/${systemd_system_unitdir}/syslog-ng.service
}
FILES_syslog-ng-config = " \
${datadir}/starlingx/syslog-ng.conf \
${datadir}/starlingx/syslog-ng.logrotate \
${sysconfdir}/syslog-ng/remotelogging.conf \
${sbindir}/fm_event_syslogger \
${datadir}/starlingx/syslog-ng.service \
${sysconfdir}/syslog-ng/syslog-ng.conf \
${sysconfdir}/logrotate.d/syslog \
${systemd_system_unitdir}/syslog-ng.service \
${sysconfdir}/sysconfig/syslog-ng \
"

27
recipes-core/stx-integ/config-files/util-linux-config.inc Normal file
View File

@ -0,0 +1,27 @@
PACKAGES += " util-linux-config"
RDEPENDS_util-linux-config += " bash"
do_configure_prepend () {
:
}
do_compile_prepend () {
:
}
do_install_prepend () {
cd ${S}/config-files/util-linux-config
install -d -m0755 ${D}/${datadir}/starlingx
install -d -m0755 ${D}/${sysconfdir}/pam.d
install -m644 files/stx.su ${D}/${datadir}/starlingx/stx.su
install -m644 files/stx.login ${D}/${datadir}/starlingx/stx.login
}
FILES_util-linux-config = " \
${datadir}/starlingx/stx.su \
${datadir}/starlingx/stx.login \
"

2191
recipes-core/stx-integ/files/base/0001-cgcs-users-with-patch-ibsh-patches.patch Normal file
View File

File diff suppressed because it is too large Load Diff

132
recipes-core/stx-integ/files/base/0002-Add-DESTDIR-CFLAGS-and-LDFLAGS.patch Normal file
View File

@ -0,0 +1,132 @@
From edd5d4208db67d560afd3b5873b6ffc17fd5d79f Mon Sep 17 00:00:00 2001
From: babak sarashki <babak.sarashki@windriver.com>
Date: Tue, 2 Jul 2019 14:29:52 -0700
Subject: [PATCH 2/2] Add DESTDIR, CFLAGS and LDFLAGS.
---
base/cgcs-users/cgcs-users-1.0/Makefile | 115 ++++++++++++------------
1 file changed, 59 insertions(+), 56 deletions(-)
diff --git a/base/cgcs-users/cgcs-users-1.0/Makefile b/base/cgcs-users/cgcs-users-1.0/Makefile
index ed37d00..205f653 100644
--- a/base/cgcs-users/cgcs-users-1.0/Makefile
+++ b/base/cgcs-users/cgcs-users-1.0/Makefile
@@ -1,56 +1,59 @@
-# This is the makefile for ibsh 0.3e
-CC = gcc
-OBJECTS = main.o command.o jail.o execute.o config.o misc.o antixploit.o delbadfiles.o
-
-ibsh: ${OBJECTS} ibsh.h
- ${CC} -o ibsh ${OBJECTS}
-
-main.o: main.c ibsh.h
- ${CC} -c main.c
-
-command.o: command.c ibsh.h
- ${CC} -c command.c
-
-jail.o: jail.c ibsh.h
- ${CC} -c jail.c
-
-execute.o: execute.c ibsh.h
- ${CC} -c execute.c
-
-config.o: config.c ibsh.h
- ${CC} -c config.c
-
-misc.o: misc.c ibsh.h
- ${CC} -c misc.c
-
-antixploit.o: antixploit.c ibsh.h
- ${CC} -c antixploit.c
-
-delbadfiles.o: delbadfiles.c ibsh.h
- ${CC} -c delbadfiles.c
-
-ibsh_install:
- cp ./ibsh /bin/
- mkdir /etc/ibsh
- mkdir /etc/ibsh/cmds
- mkdir /etc/ibsh/xtns
- cp ./globals.cmds /etc/ibsh/
- cp ./globals.xtns /etc/ibsh/
-
-ibsh_uninstall:
- rm -rf /etc/ibsh/globals.cmds
- rm -rf /etc/ibsh/globals.xtns
- rm -rf /etc/ibsh/cmds/*.*
- rm -rf /etc/ibsh/xtns/*.*
- rmdir /etc/ibsh/cmds
- rmdir /etc/ibsh/xtns
- rmdir /etc/ibsh
- rm -rf /bin/ibsh
-
-clean:
- rm -rf ibsh
- rm -rf *.o
-
-
-# 13:49 2005.04.06.
-
+# This is the makefile for ibsh 0.3e
+CC = gcc
+OBJECTS = main.o command.o jail.o execute.o config.o misc.o antixploit.o delbadfiles.o
+
+ibsh: ${OBJECTS} ibsh.h
+ ${CC} ${CFLAGS} ${LDFLAGS} -o ibsh ${OBJECTS}
+
+main.o: main.c ibsh.h
+ ${CC} ${CFLAGS} -c main.c
+
+command.o: command.c ibsh.h
+ ${CC} ${CFLAGS} -c command.c
+
+jail.o: jail.c ibsh.h
+ ${CC} ${CFLAGS} -c jail.c
+
+execute.o: execute.c ibsh.h
+ ${CC} ${CFLAGS} -c execute.c
+
+config.o: config.c ibsh.h
+ ${CC} ${CFLAGS} -c config.c
+
+misc.o: misc.c ibsh.h
+ ${CC} ${CFLAGS} -c misc.c
+
+antixploit.o: antixploit.c ibsh.h
+ ${CC} ${CFLAGS} -c antixploit.c
+
+delbadfiles.o: delbadfiles.c ibsh.h
+ ${CC} -c delbadfiles.c
+
+ibsh_install:
+ install -d 0755 ${DESTDIR}/bin
+ install -d 0755 ${DESTDIR}/etc/cmds
+ install -d 0755 ${DESTDIR}/etc/xtns
+ cp ./ibsh ${DESTDIR}/bin/
+ mkdir ${DESTDIR}/etc/ibsh
+ mkdir ${DESTDIR}/etc/ibsh/cmds
+ mkdir ${DESTDIR}/etc/ibsh/xtns
+ cp ./globals.cmds ${DESTDIR}/etc/ibsh/
+ cp ./globals.xtns ${DESTDIR}/etc/ibsh/
+
+ibsh_uninstall:
+ rm -rf ${DESTDIR}/etc/ibsh/globals.cmds
+ rm -rf ${DESTDIR}/etc/ibsh/globals.xtns
+ rm -rf ${DESTDIR}/etc/ibsh/cmds/*.*
+ rm -rf ${DESTDIR}/etc/ibsh/xtns/*.*
+ rmdir ${DESTDIR}/etc/ibsh/cmds
+ rmdir ${DESTDIR}/etc/ibsh/xtns
+ rmdir ${DESTDIR}/etc/ibsh
+ rm -rf ${DESTDIR}/bin/ibsh
+
+clean:
+ rm -rf ibsh
+ rm -rf *.o
+
+
+# 13:49 2005.04.06.
+
--
2.17.1

59
recipes-core/stx-integ/files/ceph/0001-Add-hooks-for-orderly-shutdown-on-controller.patch Normal file
View File

@ -0,0 +1,59 @@
From 03340eaf0004e3cc8e3f8991ea96a46757d92830 Mon Sep 17 00:00:00 2001
From: Don Penney <don.penney@windriver.com>
Date: Sat, 26 Jan 2019 13:34:55 -0500
Subject: [PATCH] Add hooks for orderly shutdown on controller
Hook the ceph init script to add systemd overrides to define
an orderly shutdown for StarlingX controllers.
Signed-off-by: Don Penney <don.penney@windriver.com>
---
src/init-ceph.in | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
diff --git a/src/init-ceph.in b/src/init-ceph.in
index 1fdb4b3..515d818 100644
--- a/src/init-ceph.in
+++ b/src/init-ceph.in
@@ -861,6 +861,38 @@ for name in $what; do
fi
fi
+ . /etc/platform/platform.conf
+ if [ "${nodetype}" = "controller" ]; then
+ # StarlingX: Hook the transient services launched by systemd-run
+ # to allow for proper cleanup and orderly shutdown
+
+ # Set nullglob so wildcards will return empty string if no match
+ shopt -s nullglob
+
+ OSD_SERVICES=$(for svc in /run/systemd/system/ceph-osd*.service; do basename $svc; done | xargs echo)
+ for d in /run/systemd/system/ceph-osd*.d; do
+ cat <<EOF > $d/starlingx-overrides.conf
+[Unit]
+Before=docker.service
+After=sm-shutdown.service
+
+EOF
+ done
+
+ for d in /run/systemd/system/ceph-mon*.d; do
+ cat <<EOF > $d/starlingx-overrides.conf
+[Unit]
+Before=docker.service
+After=sm-shutdown.service ${OSD_SERVICES}
+
+EOF
+ done
+
+ shopt -u nullglob
+
+ systemctl daemon-reload
+ fi
+
[ -n "$post_start" ] && do_cmd "$post_start"
[ -n "$lockfile" ] && [ "$?" -eq 0 ] && touch $lockfile
;;
--
1.8.3.1

282
recipes-core/stx-integ/files/ceph/ceph-init-wrapper.sh Executable file
View File

@ -0,0 +1,282 @@
#!/bin/bash
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
# This script is a helper wrapper for pmon monitoring of ceph
# processes. The "/etc/init.d/ceph" script does not know if ceph is
# running on the node. For example when the node is locked, ceph
# processes are not running. In that case we do not want pmond to
# monitor these processes.
#
# The script "/etc/services.d/<node>/ceph.sh" will create the file
# "/var/run/.ceph_started" when ceph is running and remove it when
# is not.
#
# The script also extracts one or more ceph process names that are
# reported as 'not running' or 'dead' or 'failed' by '/etc/intit.d/ceph status'
# and writes the names to a text file: /tmp/ceph_status_failure.txt for
# pmond to access. The pmond adds the text to logs and alarms. Example of text
# samples written to file by this script are:
# 'osd.1'
# 'osd.1, osd.2'
# 'mon.storage-0'
# 'mon.storage-0, osd.2'
#
# Moreover, for processes that are reported as 'hung' by '/etc/intit.d/ceph status'
# the script will try increase their logging to 'debug' for a configurable interval.
# With logging increased it will outputs a few stack traces then, at the end of this
# interval, it dumps its stack core and kills it.
#
# Return values;
# zero - /etc/init.d/ceph returned success or ceph is not running on the node
# non-zero /etc/init.d/ceph returned a failure or invalid syntax
#
source /usr/bin/tsconfig
source /etc/platform/platform.conf
CEPH_SCRIPT="/etc/init.d/ceph"
CEPH_FILE="$VOLATILE_PATH/.ceph_started"
CEPH_RESTARTING_FILE="$VOLATILE_PATH/.ceph_restarting"
CEPH_GET_STATUS_FILE="$VOLATILE_PATH/.ceph_getting_status"
CEPH_STATUS_FAILURE_TEXT_FILE="/tmp/ceph_status_failure.txt"
BINDIR=/usr/bin
SBINDIR=/usr/sbin
LIBDIR=/usr/lib64/ceph
ETCDIR=/etc/ceph
source $LIBDIR/ceph_common.sh
LOG_PATH=/var/log/ceph
LOG_FILE=$LOG_PATH/ceph-process-states.log
LOG_LEVEL=NORMAL # DEBUG
verbose=0
DATA_PATH=$VOLATILE_PATH/ceph_hang # folder where we keep state information
mkdir -p $DATA_PATH # make sure folder exists
MONITORING_INTERVAL=15
TRACE_LOOP_INTERVAL=5
GET_STATUS_TIMEOUT=120
CEPH_STATUS_TIMEOUT=20
WAIT_FOR_CMD=1
RC=0
args=("$@")
if [ ! -z $ARGS ]; then
IFS=";" read -r -a new_args <<< "$ARGS"
args+=("${new_args[@]}")
fi
wait_for_status ()
{
timeout=$GET_STATUS_TIMEOUT # wait for status no more than $timeout seconds
while [ -f ${CEPH_GET_STATUS_FILE} ] && [ $timeout -gt 0 ]; do
sleep 1
let timeout-=1
done
if [ $timeout -eq 0 ]; then
wlog "-" "WARN" "Getting status takes more than ${GET_STATUS_TIMEOUT}s, continuing"
rm -f $CEPH_GET_STATUS_FILE
fi
}
start ()
{
if [ -f ${CEPH_FILE} ]; then
wait_for_status
${CEPH_SCRIPT} start $1
RC=$?
else
# Ceph is not running on this node, return success
exit 0
fi
}
stop ()
{
wait_for_status
${CEPH_SCRIPT} stop $1
}
restart ()
{
if [ -f ${CEPH_FILE} ]; then
wait_for_status
touch $CEPH_RESTARTING_FILE
${CEPH_SCRIPT} restart $1
rm -f $CEPH_RESTARTING_FILE
else
# Ceph is not running on this node, return success
exit 0
fi
}
log_and_restart_blocked_osds ()
{
# Log info about the blocked osd daemons and then restart it
local names=$1
for name in $names; do
wlog $name "INFO" "Restarting OSD with blocked operations"
${CEPH_SCRIPT} restart $name
done
}
log_and_kill_hung_procs ()
{
# Log info about the hung processes and then kill them; later on pmon will restart them
local names=$1
for name in $names; do
type=`echo $name | cut -c 1-3` # e.g. 'mon', if $item is 'mon1'
id=`echo $name | cut -c 4- | sed 's/^\\.//'`
get_conf run_dir "/var/run/ceph" "run dir"
get_conf pid_file "$run_dir/$type.$id.pid" "pid file"
pid=$(cat $pid_file)
wlog $name "INFO" "Dealing with hung process (pid:$pid)"
# monitoring interval
wlog $name "INFO" "Increasing log level"
execute_ceph_cmd ret $name "ceph daemon $name config set debug_$type 20/20"
monitoring=$MONITORING_INTERVAL
while [ $monitoring -gt 0 ]; do
if [ $(($monitoring % $TRACE_LOOP_INTERVAL)) -eq 0 ]; then
date=$(date "+%Y-%m-%d_%H-%M-%S")
log_file="$LOG_PATH/hang_trace_${name}_${pid}_${date}.log"
wlog $name "INFO" "Dumping stack trace to: $log_file"
$(pstack $pid >$log_file) &
fi
let monitoring-=1
sleep 1
done
wlog $name "INFO" "Trigger core dump"
kill -ABRT $pid &>/dev/null
rm -f $pid_file # process is dead, core dump is archiving, preparing for restart
# Wait for pending systemd core dumps
sleep 2 # hope systemd_coredump has started meanwhile
deadline=$(( $(date '+%s') + 300 ))
while [[ $(date '+%s') -lt "${deadline}" ]]; do
systemd_coredump_pid=$(pgrep -f "systemd-coredump.*${pid}.*ceph-${type}")
[[ -z "${systemd_coredump_pid}" ]] && break
wlog $name "INFO" "systemd-coredump ceph-${type} in progress: pid ${systemd_coredump_pid}"
sleep 2
done
kill -KILL $pid &>/dev/null
done
}
status ()
{
if [[ "$system_type" == "All-in-one" ]] && [[ "$system_mode" != "simplex" ]] && [[ "$1" == "osd" ]]; then
timeout $CEPH_STATUS_TIMEOUT ceph -s
if [ "$?" -ne 0 ]; then
# Ceph cluster is not accessible. Don't panic, controller swact
# may be in progress.
wlog "-" INFO "Ceph is down, ignoring OSD status."
exit 0
fi
fi
if [ -f ${CEPH_RESTARTING_FILE} ]; then
# Ceph is restarting, we don't report state changes on the first pass
rm -f ${CEPH_RESTARTING_FILE}
exit 0
fi
if [ -f ${CEPH_FILE} ]; then
# Make sure the script does not 'exit' between here and the 'rm -f' below
# or the checkpoint file will be left behind
touch -f ${CEPH_GET_STATUS_FILE}
result=`${CEPH_SCRIPT} status $1`
RC=$?
if [ "$RC" -ne 0 ]; then
erred_procs=`echo "$result" | sort | uniq | awk ' /not running|dead|failed/ {printf "%s ", $1}' | sed 's/://g' | sed 's/, $//g'`
hung_procs=`echo "$result" | sort | uniq | awk ' /hung/ {printf "%s ", $1}' | sed 's/://g' | sed 's/, $//g'`
blocked_ops_procs=`echo "$result" | sort | uniq | awk ' /blocked ops/ {printf "%s ", $1}' | sed 's/://g' | sed 's/, $//g'`
invalid=0
host=`hostname`
if [[ "$system_type" == "All-in-one" ]] && [[ "$system_mode" != "simplex" ]]; then
# On 2 node configuration we have a floating monitor
host="controller"
fi
for i in $(echo $erred_procs $hung_procs); do
if [[ "$i" =~ osd.?[0-9]?[0-9]|mon.$host ]]; then
continue
else
invalid=1
fi
done
log_and_restart_blocked_osds $blocked_ops_procs
log_and_kill_hung_procs $hung_procs
hung_procs_text=""
for i in $(echo $hung_procs); do
hung_procs_text+="$i(process hung) "
done
rm -f $CEPH_STATUS_FAILURE_TEXT_FILE
if [ $invalid -eq 0 ]; then
text=""
for i in $erred_procs; do
text+="$i, "
done
for i in $hung_procs; do
text+="$i (process hang), "
done
echo "$text" | tr -d '\n' > $CEPH_STATUS_FAILURE_TEXT_FILE
else
echo "$host: '${CEPH_SCRIPT} status $1' result contains invalid process names: $erred_procs"
echo "Undetermined osd or monitor id" > $CEPH_STATUS_FAILURE_TEXT_FILE
fi
fi
rm -f ${CEPH_GET_STATUS_FILE}
if [[ $RC == 0 ]] && [[ "$1" == "mon" ]] && [[ "$system_type" == "All-in-one" ]] && [[ "$system_mode" != "simplex" ]]; then
# SM needs exit code != 0 from 'status mon' argument of the init script on
# standby controller otherwise it thinks that the monitor is running and
# tries to stop it.
# '/etc/init.d/ceph status mon' checks the status of monitors configured in
# /etc/ceph/ceph.conf and if it should be running on current host.
# If it should not be running it just exits with code 0. This is what
# happens on the standby controller.
# When floating monitor is running on active controller /var/lib/ceph/mon of
# standby is not mounted (Ceph monitor partition is DRBD synced).
test -e "/var/lib/ceph/mon/ceph-controller"
if [ "$?" -ne 0 ]; then
exit 3
fi
fi
else
# Ceph is not running on this node, return success
exit 0
fi
}
case "${args[0]}" in
start)
start ${args[1]}
;;
stop)
stop ${args[1]}
;;
restart)
restart ${args[1]}
;;
status)
status ${args[1]}
;;
*)
echo "Usage: $0 {start|stop|restart|status} [{mon|osd|osd.<number>|mon.<hostname>}]"
exit 1
;;
esac
exit $RC

334
recipes-core/stx-integ/files/ceph/ceph-manage-journal.py Normal file
View File

@ -0,0 +1,334 @@
#!/usr/bin/python
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
import ast
import os
import os.path
import re
import subprocess
import sys
DEVICE_NAME_NVME = "nvme"
#########
# Utils #
#########
def command(arguments, **kwargs):
"""Execute e command and capture stdout, stderr & return code"""
process = subprocess.Popen(
arguments,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
**kwargs)
out, err = process.communicate()
return out, err, process.returncode
def get_input(arg, valid_keys):
"""Convert the input to a dict and perform basic validation"""
json_string = arg.replace("\\n", "\n")
try:
input_dict = ast.literal_eval(json_string)
if not all(k in input_dict for k in valid_keys):
return None
except Exception:
return None
return input_dict
def get_partition_uuid(dev):
output, _, _ = command(['blkid', dev])
try:
return re.search('PARTUUID=\"(.+?)\"', output).group(1)
except AttributeError:
return None
def device_path_to_device_node(device_path):
try:
output, _, _ = command(["udevadm", "settle", "-E", device_path])
out, err, retcode = command(["readlink", "-f", device_path])
out = out.rstrip()
except Exception as e:
return None
return out
###########################################
# Manage Journal Disk Partitioning Scheme #
###########################################
DISK_BY_PARTUUID = "/dev/disk/by-partuuid/"
JOURNAL_UUID = '45b0969e-9b03-4f30-b4c6-b4b80ceff106' # Type of a journal partition
def is_partitioning_correct(disk_path, partition_sizes):
"""Validate the existence and size of journal partitions"""
# Obtain the device node from the device path.
disk_node = device_path_to_device_node(disk_path)
# Check that partition table format is GPT
output, _, _ = command(["udevadm", "settle", "-E", disk_node])
output, _, _ = command(["parted", "-s", disk_node, "print"])
if not re.search('Partition Table: gpt', output):
print("Format of disk node %s is not GPT, zapping disk" % disk_node)
return False
# Check each partition size
partition_index = 1
for size in partition_sizes:
# Check that each partition size matches the one in input
if DEVICE_NAME_NVME in disk_node:
partition_node = '{}p{}'.format(disk_node, str(partition_index))
else:
partition_node = '{}{}'.format(disk_node, str(partition_index))
output, _, _ = command(["udevadm", "settle", "-E", partition_node])
cmd = ["parted", "-s", partition_node, "unit", "MiB", "print"]
output, _, _ = command(cmd)
regex = ("^Disk " + str(partition_node) + ":\\s*" +
str(size) + "[\\.0]*MiB")
if not re.search(regex, output, re.MULTILINE):
print("Journal partition %(node)s size is not %(size)s, "
"zapping disk" % {"node": partition_node, "size": size})
return False
partition_index += 1
output, _, _ = command(["udevadm", "settle", "-t", "10"])
return True
def create_partitions(disk_path, partition_sizes):
"""Recreate partitions"""
# Obtain the device node from the device path.
disk_node = device_path_to_device_node(disk_path)
# Issue: After creating a new partition table on a device, Udev does not
# always remove old symlinks (i.e. to previous partitions on that device).
# Also, even if links are erased before zapping the disk, some of them will
# be recreated even though there is no partition to back them!
# Therefore, we have to remove the links AFTER we erase the partition table
# Issue: DISK_BY_PARTUUID directory is not present at all if there are no
# GPT partitions on the storage node so nothing to remove in this case
links = []
if os.path.isdir(DISK_BY_PARTUUID):
links = [os.path.join(DISK_BY_PARTUUID, l) for l in os.listdir(DISK_BY_PARTUUID)
if os.path.islink(os.path.join(DISK_BY_PARTUUID, l))]
# Erase all partitions on current node by creating a new GPT table
_, err, ret = command(["parted", "-s", disk_node, "mktable", "gpt"])
if ret:
print("Error erasing partition table of %(node)s\n"
"Return code: %(ret)s reason: %(reason)s" %
{"node": disk_node, "ret": ret, "reason": err})
exit(1)
# Erase old symlinks
for l in links:
if disk_node in os.path.realpath(l):
os.remove(l)
# Create partitions in order
used_space_mib = 1 # leave 1 MB at the beginning of the disk
num = 1
for size in partition_sizes:
cmd = ['parted', '-s', disk_node, 'unit', 'mib',
'mkpart', 'primary',
str(used_space_mib), str(used_space_mib + size)]
_, err, ret = command(cmd)
parms = {"disk_node": disk_node,
"start": used_space_mib,
"end": used_space_mib + size,
"reason": err}
print("Created partition from start=%(start)s MiB to end=%(end)s MiB"
" on %(disk_node)s" % parms)
if ret:
print("Failed to create partition with "
"start=%(start)s, end=%(end)s "
"on %(disk_node)s reason: %(reason)s" % parms)
exit(1)
# Set partition type to ceph journal
# noncritical operation, it makes 'ceph-disk list' output correct info
cmd = ['sgdisk',
'--change-name={num}:ceph journal'.format(num=num),
'--typecode={num}:{uuid}'.format(
num=num,
uuid=JOURNAL_UUID,
),
disk_node]
_, err, ret = command(cmd)
if ret:
print("WARNINIG: Failed to set partition name and typecode")
used_space_mib += size
num += 1
###########################
# Manage Journal Location #
###########################
OSD_PATH = "/var/lib/ceph/osd/"
def mount_data_partition(data_path, osdid):
"""Mount an OSD data partition and return the mounted path"""
# Obtain the device node from the device path.
data_node = device_path_to_device_node(data_path)
mount_path = OSD_PATH + "ceph-" + str(osdid)
output, _, _ = command(['mount'])
regex = "^" + data_node + ".*" + mount_path
if not re.search(regex, output, re.MULTILINE):
cmd = ['mount', '-t', 'xfs', data_node, mount_path]
_, _, ret = command(cmd)
params = {"node": data_node, "path": mount_path}
if ret:
print("Failed to mount %(node)s to %(path), aborting" % params)
exit(1)
else:
print("Mounted %(node)s to %(path)s" % params)
return mount_path
def is_location_correct(path, journal_path, osdid):
"""Check if location points to the correct device"""
# Obtain the device node from the device path.
journal_node = device_path_to_device_node(journal_path)
cur_node = os.path.realpath(path + "/journal")
if cur_node == journal_node:
return True
else:
return False
def fix_location(mount_point, journal_path, osdid):
"""Move the journal to the new partition"""
# Obtain the device node from the device path.
journal_node = device_path_to_device_node(journal_path)
# Fix symlink
path = mount_point + "/journal" # 'journal' symlink path used by ceph-osd
journal_uuid = get_partition_uuid(journal_node)
new_target = DISK_BY_PARTUUID + journal_uuid
params = {"path": path, "target": new_target}
try:
if os.path.lexists(path):
os.unlink(path) # delete the old symlink
os.symlink(new_target, path)
print("Symlink created: %(path)s -> %(target)s" % params)
except:
print("Failed to create symlink: %(path)s -> %(target)s" % params)
exit(1)
# Fix journal_uuid
path = mount_point + "/journal_uuid"
try:
with open(path, 'w') as f:
f.write(journal_uuid)
except Exception as ex:
# The operation is noncritical, it only makes 'ceph-disk list'
# display complete output. We log and continue.
params = {"path": path, "uuid": journal_uuid}
print("WARNING: Failed to set uuid of %(path)s to %(uuid)s" % params)
# Clean the journal partition
# even if erasing the partition table, if another journal was present here
# it's going to be reused. Journals are always bigger than 100MB.
command(['dd', 'if=/dev/zero', 'of=%s' % journal_node,
'bs=1M', 'count=100'])
# Format the journal
cmd = ['/usr/bin/ceph-osd', '-i', str(osdid),
'--pid-file', '/var/run/ceph/osd.%s.pid' % osdid,
'-c', '/etc/ceph/ceph.conf',
'--cluster', 'ceph',
'--mkjournal']
out, err, ret = command(cmd)
params = {"journal_node": journal_node,
"osdid": osdid,
"ret": ret,
"reason": err}
if not ret:
print("Prepared new journal partition: %(journal_node)s "
"for osd id: %(osdid)s" % params)
else:
print("Error initializing journal node: "
"%(journal_node)s for osd id: %(osdid)s "
"ceph-osd return code: %(ret)s reason: %(reason)s" % params)
########
# Main #
########
def main(argv):
# parse and validate arguments
err = False
partitions = None
location = None
if len(argv) != 2:
err = True
elif argv[0] == "partitions":
valid_keys = ['disk_path', 'journals']
partitions = get_input(argv[1], valid_keys)
if not partitions:
err = True
elif not isinstance(partitions['journals'], list):
err = True
elif argv[0] == "location":
valid_keys = ['data_path', 'journal_path', 'osdid']
location = get_input(argv[1], valid_keys)
if not location:
err = True
elif not isinstance(location['osdid'], int):
err = True
else:
err = True
if err:
print("Command intended for internal use only")
exit(-1)
if partitions:
# Recreate partitions only if the existing ones don't match input
if not is_partitioning_correct(partitions['disk_path'],
partitions['journals']):
create_partitions(partitions['disk_path'], partitions['journals'])
else:
print("Partition table for %s is correct, "
"no need to repartition" %
device_path_to_device_node(partitions['disk_path']))
elif location:
# we need to have the data partition mounted & we can let it mounted
mount_point = mount_data_partition(location['data_path'],
location['osdid'])
# Update journal location only if link point to another partition
if not is_location_correct(mount_point,
location['journal_path'],
location['osdid']):
print("Fixing journal location for "
"OSD id: %(id)s" % {"node": location['data_path'],
"id": location['osdid']})
fix_location(mount_point,
location['journal_path'],
location['osdid'])
else:
print("Journal location for %s is correct,"
"no need to change it" % location['data_path'])
main(sys.argv[1:])

30
recipes-core/stx-integ/files/ceph/ceph-preshutdown.sh Normal file
View File

@ -0,0 +1,30 @@
#!/bin/bash
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
script=$(basename $0)
# Set nullglob so wildcards will return empty string if no match
shopt -s nullglob
for dev in /dev/rbd[0-9]*; do
for mnt in $(mount | awk -v dev=$dev '($1 == dev) {print $3}'); do
logger -t ${script} "Unmounting $mnt"
/usr/bin/umount $mnt
done
logger -t ${script} "Unmounted $dev"
done
for dev in /dev/rbd[0-9]*; do
/usr/bin/rbd unmap -o force $dev
logger -t ${script} "Unmapped $dev"
done
lsmod | grep -q '^rbd\>' && /usr/sbin/modprobe -r rbd
lsmod | grep -q '^libceph\>' && /usr/sbin/modprobe -r libceph
exit 0

18
recipes-core/stx-integ/files/ceph/ceph-radosgw.service Normal file
View File

@ -0,0 +1,18 @@
[Unit]
Description=radosgw RESTful rados gateway
After=network.target
#After=remote-fs.target nss-lookup.target network-online.target time-sync.target
#Wants=network-online.target
[Service]
Type=forking
Restart=no
KillMode=process
RemainAfterExit=yes
ExecStart=/etc/rc.d/init.d/ceph-radosgw start
ExecStop=/etc/rc.d/init.d/ceph-radosgw stop
ExecReload=/etc/rc.d/init.d/ceph-radosgw reload
[Install]
WantedBy=multi-user.target

58
recipes-core/stx-integ/files/ceph/ceph.conf Normal file
View File

@ -0,0 +1,58 @@
[global]
# Unique ID for the cluster.
fsid = %CLUSTER_UUID%
# Public network where the monitor is connected to, i.e, 128.224.0.0/16
#public network = 127.0.0.1/24
# For version 0.55 and beyond, you must explicitly enable
# or disable authentication with "auth" entries in [global].
auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx
osd_journal_size = 1024
# Uncomment the following line if you are mounting with ext4
# filestore xattr use omap = true
# Number of replicas of objects. Write an object 2 times.
# Cluster cannot reach an active + clean state until there's enough OSDs
# to handle the number of copies of an object. In this case, it requires
# at least 2 OSDs
osd_pool_default_size = 2
# Allow writing one copy in a degraded state.
osd_pool_default_min_size = 1
# Ensure you have a realistic number of placement groups. We recommend
# approximately 100 per OSD. E.g., total number of OSDs multiplied by 100
# divided by the number of replicas (i.e., osd pool default size). So for
# 2 OSDs and osd pool default size = 2, we'd recommend approximately
# (100 * 2) / 2 = 100.
osd_pool_default_pg_num = 64
osd_pool_default_pgp_num = 64
osd_crush_chooseleaf_type = 1
setuser match path = /var/lib/ceph/$type/$cluster-$id
# Override Jewel default of 2 reporters. StarlingX has replication factor 2
mon_osd_min_down_reporters = 1
# Use Hammer's report interval default value
osd_mon_report_interval_max = 120
# Configure max PGs per OSD to cover worst-case scenario of all possible
# StarlingX deployments i.e. AIO-SX with one OSD. Otherwise using
# the default value provided by Ceph Mimic leads to "too many PGs per OSD"
# health warning as the pools needed by stx-openstack are being created.
mon_max_pg_per_osd = 2048
osd_max_pg_per_osd_hard_ratio = 1.2
[osd]
osd_mkfs_type = xfs
osd_mkfs_options_xfs = "-f"
osd_mount_options_xfs = "rw,noatime,inode64,logbufs=8,logbsize=256k"
[mon]
mon warn on legacy crush tunables = false
# Quiet new warnings on move to Hammer
mon pg warn max per osd = 2048
mon pg warn max object skew = 0
mgr initial modules = restful

26
recipes-core/stx-integ/files/ceph/ceph.conf.pmon Normal file
View File

@ -0,0 +1,26 @@
[process]
process = ceph
script = /etc/init.d/ceph-init-wrapper
style = lsb
severity = major ; minor, major, critical
restarts = 3 ; restart retries before error assertion
interval = 30 ; number of seconds to wait between restarts
mode = status ; Monitoring mode: passive (default) or active
; passive: process death monitoring (default: always)
; active : heartbeat monitoring, i.e. request / response messaging
; status : determine process health with executing "status" command
; "start" is used to start the process(es) again
; ignore : do not monitor or stop monitoring
; Status and Active Monitoring Options
period = 30 ; monitor period in seconds
timeout = 120 ; for active mode, messaging timeout period in seconds, must be shorter than period
; for status mode, max amount of time for a command to execute
; Status Monitoring Options
start_arg = start ; start argument for the script
status_arg = status ; status argument for the script
status_failure_text = /tmp/ceph_status_failure.txt ; text to be added to alarms or logs, this is optional

16
recipes-core/stx-integ/files/ceph/ceph.service Normal file
View File

@ -0,0 +1,16 @@
[Unit]
Description=StarlingX Ceph Startup
After=network.target
[Service]
Type=forking
Restart=no
KillMode=process
RemainAfterExit=yes
ExecStart=/etc/rc.d/init.d/ceph start
ExecStop=/etc/rc.d/init.d/ceph stop
PIDFile=/var/run/ceph/ceph.pid
[Install]
WantedBy=multi-user.target

67
recipes-core/stx-integ/files/ceph/ceph.sh Normal file
View File

@ -0,0 +1,67 @@
#!/bin/bash
INITDIR=/etc/init.d
LOGFILE=/var/log/ceph/ceph-init.log
CEPH_FILE=/var/run/.ceph_started
# Get our nodetype
. /etc/platform/platform.conf
# Exit immediately if ceph not configured (i.e. no mon in the config file)
if ! grep -q "mon\." /etc/ceph/ceph.conf
then
exit 0
fi
logecho ()
{
echo $1
date >> ${LOGFILE}
echo $1 >> ${LOGFILE}
}
start ()
{
logecho "Starting ceph services..."
${INITDIR}/ceph start >> ${LOGFILE} 2>&1
RC=$?
if [ ! -f ${CEPH_FILE} ]; then
touch ${CEPH_FILE}
fi
}
stop ()
{
if [[ "$system_type" == "All-in-one" ]] && [[ "$system_mode" == "simplex" ]]; then
logecho "Ceph services will continue to run on node"
exit 0
fi
logecho "Stopping ceph services..."
if [ -f ${CEPH_FILE} ]; then
rm -f ${CEPH_FILE}
fi
${INITDIR}/ceph stop >> ${LOGFILE} 2>&1
RC=$?
}
RC=0
case "$1" in
start)
start
;;
stop)
stop
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
;;
esac
logecho "RC was: $RC"
exit $RC

1056
recipes-core/stx-integ/files/ceph/mgr-restful-plugin.py Normal file
View File

File diff suppressed because it is too large Load Diff

15
recipes-core/stx-integ/files/ceph/mgr-restful-plugin.service Normal file
View File

@ -0,0 +1,15 @@
[Unit]
Description=Ceph MGR RESTful API Plugin
After=network-online.target sw-patch.service
[Service]
Type=forking
Restart=no
KillMode=process
RemainAfterExit=yes
ExecStart=/etc/rc.d/init.d/mgr-restful-plugin start
ExecStop=/etc/rc.d/init.d/mgr-restul-plugin stop
ExecReload=/etc/rc.d/init.d/mgr-restful-plugin reload
[Install]
WantedBy=multi-user.target

Some files were not shown because too many files have changed in this diff Show More