3 # vim: ts=4 sw=4 sts=4 et tw=72 :
5 # force any errors to cause the script and job to end in failure
8 ensure_kernel_install() {
9 # Workaround for mkinitrd failing on occassion.
10 # On CentOS 7 it seems like the kernel install can fail it's mkinitrd
11 # run quietly, so we may not notice the failure. This script retries for a
12 # few times before giving up.
13 initramfs_ver=$(rpm -q kernel | tail -1 | sed "s/kernel-/initramfs-/")
15 if grep "$initramfs_ver" /boot/grub/grub.conf; then
18 echo "Kernel initrd missing. Retrying to install kernel..."
19 yum reinstall -y kernel
21 if ! grep "$initramfs_ver" /boot/grub/grub.conf; then
22 cat /boot/grub/grub.conf
23 echo "ERROR: Failed to install kernel."
29 # Handle the occurance where SELINUX is actually disabled
30 SELINUX=$(grep -E '^SELINUX=(disabled|permissive|enforcing)$' /etc/selinux/config)
31 MODE=$(echo "$SELINUX" | cut -f 2 -d '=')
34 echo "************************************"
35 echo "** SYSTEM ENTERING ENFORCING MODE **"
36 echo "************************************"
37 # make sure that the filesystem is properly labelled.
38 # it could be not fully labeled correctly if it was just switched
39 # from disabled, the autorelabel misses some things
40 # skip relabelling on /dev as it will generally throw errors
41 restorecon -R -e /dev /
43 # enable enforcing mode from the very start
46 # configure system for enforcing mode on next boot
47 sed -i 's/SELINUX=permissive/SELINUX=enforcing/' /etc/selinux/config
50 sed -i 's/SELINUX=disabled/SELINUX=permissive/' /etc/selinux/config
53 echo "*******************************************"
54 echo "** SYSTEM REQUIRES A RESTART FOR SELINUX **"
55 echo "*******************************************"
58 echo "*********************************"
59 echo "** SYSTEM IS IN ENFORCING MODE **"
60 echo "*********************************"
64 # Allow jenkins access to alternatives command to switch java version
65 cat <<EOF >/etc/sudoers.d/89-jenkins-user-defaults
66 Defaults:jenkins !requiretty
67 jenkins ALL = NOPASSWD: /usr/sbin/alternatives
70 echo "---> Updating operating system"
72 yum install -y deltarpm
77 # add in components we need or want on systems
78 echo "---> Installing base packages"
79 yum install -y @base https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
80 # separate group installs from package installs since a non-existing
81 # group with dnf based systems (F21+) will fail the install if such
82 # a group does not exist
83 yum install -y unzip xz puppet git git-review perl-XML-XPath ShellCheck
85 # All of our systems require Java (because of Jenkins)
86 # Install all versions of the OpenJDK devel but force 1.7.0 to be the
89 echo "---> Configuring OpenJDK"
90 yum install -y 'java-*-openjdk-devel'
92 FACTER_OS=$(/usr/bin/facter operatingsystem)
93 FACTER_OSVER=$(/usr/bin/facter operatingsystemrelease)
96 if [ "$FACTER_OSVER" -ge "21" ]
98 echo "---> not modifying java alternatives as OpenJDK 1.7.0 does not exist"
100 alternatives --set java /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java
101 alternatives --set java_sdk_openjdk /usr/lib/jvm/java-1.7.0-openjdk.x86_64
105 if [ "$(echo "$FACTER_OSVER" | cut -d'.' -f1)" -ge "7" ]
107 echo "---> not modifying java alternatives as OpenJDK 1.7.0 does not exist"
109 alternatives --set java /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java
110 alternatives --set java_sdk_openjdk /usr/lib/jvm/java-1.7.0-openjdk.x86_64
114 alternatives --set java /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java
115 alternatives --set java_sdk_openjdk /usr/lib/jvm/java-1.7.0-openjdk.x86_64
119 # Needed to parse OpenStack commands used by opendaylight-infra stack commands
120 # to initialize Heat template based systems.
123 # install haveged to avoid low entropy rejecting ssh connections
124 yum install -y haveged
125 systemctl enable haveged.service
130 # Ignore SELinux since slamming that onto Ubuntu leads to
133 # Allow jenkins access to update-alternatives command to switch java version
134 cat <<EOF >/etc/sudoers.d/89-jenkins-user-defaults
135 Defaults:jenkins !requiretty
136 jenkins ALL = NOPASSWD: /usr/bin/update-alternatives
139 export DEBIAN_FRONTEND=noninteractive
140 cat <<EOF >> /etc/apt/apt.conf
144 allow-change-held-packages "true";
145 allow-downgrades "true";
146 allow-remove-essential "true";
157 # Add hostname to /etc/hosts to fix 'unable to resolve host' issue with sudo
158 sed -i "/127.0.0.1/s/$/ $(hostname)/" /etc/hosts
160 echo "---> Updating operating system"
162 # add additional repositories
163 sudo add-apt-repository "deb http://us.archive.ubuntu.com/ubuntu $(lsb_release -sc) main universe restricted multiverse"
165 echo "---> Installing base packages"
166 # Use retry loop to install packages for failing mirrors
169 echo "Attempt $i of installing base packages..."
173 apt-get dist-upgrade -m
175 for pkg in unzip xz-utils puppet git git-review libxml-xpath-perl
177 # shellcheck disable=SC2046
178 if [ $(dpkg-query -W -f='${Status}' $pkg 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
185 echo "---> Configuring OpenJDK"
186 FACTER_OSVER=$(/usr/bin/facter operatingsystemrelease)
187 case "$FACTER_OSVER" in
189 apt-get install openjdk-7-jdk
190 # make jdk8 available
191 add-apt-repository -y ppa:openjdk-r/ppa
193 # We need to force openjdk-8-jdk to install
194 apt-get install openjdk-8-jdk
195 # make sure that we still default to openjdk 7
196 update-alternatives --set java /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java
197 update-alternatives --set javac /usr/lib/jvm/java-7-openjdk-amd64/bin/javac
200 apt-get install openjdk-8-jdk
203 echo "---> Unknown Ubuntu version $FACTER_OSVER"
208 # Needed to parse OpenStack commands used by opendaylight-infra stack commands
209 # to initialize Heat template based systems.
212 # install haveged to avoid low entropy rejecting ssh connections
213 apt-get install haveged
214 update-rc.d haveged defaults
216 # disable unattended upgrades & daily updates
217 echo '---> Disabling automatic daily upgrades'
218 sed -ine 's/"1"/"0"/g' /etc/apt/apt.conf.d/10periodic
219 echo 'APT::Periodic::Unattended-Upgrade "0";' >> /etc/apt/apt.conf.d/10periodic
223 # To handle the prompt style that is expected all over the environment
224 # with how use use robotframework we need to make sure that it is
225 # consistent for any of the users that are created during dynamic spin
227 echo 'PS1="[\u@\h \W]> "' >> /etc/skel/.bashrc
229 # Do any Distro specific installations here
230 echo "Checking distribution"
231 FACTER_OS=$(/usr/bin/facter operatingsystem)
234 if [ "$(/usr/bin/facter operatingsystemrelease | /bin/cut -d '.' -f1)" = "7" ]; then
237 echo "No extra steps currently for CentOS 7"
241 echo "Installing ODL YUM repo"
242 yum install -y https://nexus.opendaylight.org/content/repositories/opendaylight-yum-epel-6-x86_64/rpm/opendaylight-release/0.1.0-1.el6.noarch/opendaylight-release-0.1.0-1.el6.noarch.rpm
246 echo "---> $FACTER_OS found"
247 echo "No extra steps for $FACTER_OS"
252 echo "---> Attempting to detect OS"
253 # upstream cloud images use the distro name as the initial user
254 ORIGIN=$(if [ -e /etc/redhat-release ]
263 fedora|centos|redhat)
264 echo "---> RH type system detected"
268 echo "---> Ubuntu system detected"
272 echo "---> Unknown operating system"
276 # execute steps for all systems