3 # vim: ts=4 sw=4 sts=4 et tw=72 :
5 # force any errors to cause the script and job to end in failure
8 ensure_kernel_install() {
9 # Workaround for mkinitrd failing on occassion.
10 # On CentOS 7 it seems like the kernel install can fail it's mkinitrd
11 # run quietly, so we may not notice the failure. This script retries for a
12 # few times before giving up.
13 initramfs_ver=$(rpm -q kernel | tail -1 | sed "s/kernel-/initramfs-/")
14 grub_conf="/boot/grub/grub.conf"
15 # Public cloud does not use /boot/grub/grub.conf and uses grub2 instead.
16 if [ ! -e "$grub_conf" ]; then
17 echo "$grub_conf not found. Using Grub 2 conf instead."
18 grub_conf="/boot/grub2/grub.cfg"
22 if grep "$initramfs_ver" "$grub_conf"; then
25 echo "Kernel initrd missing. Retrying to install kernel..."
26 yum reinstall -y kernel
28 if ! grep "$initramfs_ver" "$grub_conf"; then
29 cat /boot/grub/grub.conf
30 echo "ERROR: Failed to install kernel."
36 # Handle the occurance where SELINUX is actually disabled
37 SELINUX=$(grep -E '^SELINUX=(disabled|permissive|enforcing)$' /etc/selinux/config)
38 MODE=$(echo "$SELINUX" | cut -f 2 -d '=')
41 echo "************************************"
42 echo "** SYSTEM ENTERING ENFORCING MODE **"
43 echo "************************************"
44 # make sure that the filesystem is properly labelled.
45 # it could be not fully labeled correctly if it was just switched
46 # from disabled, the autorelabel misses some things
47 # skip relabelling on /dev as it will generally throw errors
48 restorecon -R -e /dev /
50 # enable enforcing mode from the very start
53 # configure system for enforcing mode on next boot
54 sed -i 's/SELINUX=permissive/SELINUX=enforcing/' /etc/selinux/config
57 sed -i 's/SELINUX=disabled/SELINUX=permissive/' /etc/selinux/config
60 echo "*******************************************"
61 echo "** SYSTEM REQUIRES A RESTART FOR SELINUX **"
62 echo "*******************************************"
65 echo "*********************************"
66 echo "** SYSTEM IS IN ENFORCING MODE **"
67 echo "*********************************"
71 # Allow jenkins access to alternatives command to switch java version
72 cat <<EOF >/etc/sudoers.d/89-jenkins-user-defaults
73 Defaults:jenkins !requiretty
74 jenkins ALL = NOPASSWD: /usr/sbin/alternatives
77 echo "---> Updating operating system"
79 yum install -y deltarpm
84 # add in components we need or want on systems
85 echo "---> Installing base packages"
86 yum install -y @base https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
87 # separate group installs from package installs since a non-existing
88 # group with dnf based systems (F21+) will fail the install if such
89 # a group does not exist
90 yum install -y unzip xz puppet git git-review perl-XML-XPath ShellCheck
92 # All of our systems require Java (because of Jenkins)
93 # Install all versions of the OpenJDK devel but force 1.7.0 to be the
96 echo "---> Configuring OpenJDK"
97 yum install -y 'java-*-openjdk-devel'
99 FACTER_OS=$(/usr/bin/facter operatingsystem)
100 FACTER_OSVER=$(/usr/bin/facter operatingsystemrelease)
103 if [ "$FACTER_OSVER" -ge "21" ]
105 echo "---> not modifying java alternatives as OpenJDK 1.7.0 does not exist"
107 alternatives --set java /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java
108 alternatives --set java_sdk_openjdk /usr/lib/jvm/java-1.7.0-openjdk.x86_64
112 if [ "$(echo "$FACTER_OSVER" | cut -d'.' -f1)" -ge "7" ]
114 echo "---> not modifying java alternatives as OpenJDK 1.7.0 does not exist"
116 alternatives --set java /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java
117 alternatives --set java_sdk_openjdk /usr/lib/jvm/java-1.7.0-openjdk.x86_64
121 alternatives --set java /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java
122 alternatives --set java_sdk_openjdk /usr/lib/jvm/java-1.7.0-openjdk.x86_64
126 # Needed to parse OpenStack commands used by opendaylight-infra stack commands
127 # to initialize Heat template based systems.
130 # install haveged to avoid low entropy rejecting ssh connections
131 yum install -y haveged
132 systemctl enable haveged.service
137 # Ignore SELinux since slamming that onto Ubuntu leads to
140 # Allow jenkins access to update-alternatives command to switch java version
141 cat <<EOF >/etc/sudoers.d/89-jenkins-user-defaults
142 Defaults:jenkins !requiretty
143 jenkins ALL = NOPASSWD: /usr/bin/update-alternatives
146 export DEBIAN_FRONTEND=noninteractive
147 cat <<EOF >> /etc/apt/apt.conf
151 allow-change-held-packages "true";
152 allow-downgrades "true";
153 allow-remove-essential "true";
164 # Add hostname to /etc/hosts to fix 'unable to resolve host' issue with sudo
165 sed -i "/127.0.0.1/s/$/ $(hostname)/" /etc/hosts
167 echo "---> Updating operating system"
169 # add additional repositories
170 sudo add-apt-repository "deb http://us.archive.ubuntu.com/ubuntu $(lsb_release -sc) main universe restricted multiverse"
172 echo "---> Installing base packages"
173 # Use retry loop to install packages for failing mirrors
176 echo "Attempt $i of installing base packages..."
180 apt-get dist-upgrade -m
182 for pkg in unzip xz-utils puppet git git-review libxml-xpath-perl
184 # shellcheck disable=SC2046
185 if [ $(dpkg-query -W -f='${Status}' $pkg 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
186 apt-cache policy $pkg
193 echo "---> Configuring OpenJDK"
194 FACTER_OSVER=$(/usr/bin/facter operatingsystemrelease)
195 case "$FACTER_OSVER" in
197 apt-get install openjdk-7-jdk
198 # make jdk8 available
199 add-apt-repository -y ppa:openjdk-r/ppa
201 # We need to force openjdk-8-jdk to install
202 apt-get install openjdk-8-jdk
203 # make sure that we still default to openjdk 7
204 update-alternatives --set java /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java
205 update-alternatives --set javac /usr/lib/jvm/java-7-openjdk-amd64/bin/javac
208 apt-get install openjdk-8-jdk
211 echo "---> Unknown Ubuntu version $FACTER_OSVER"
216 # Needed to parse OpenStack commands used by opendaylight-infra stack commands
217 # to initialize Heat template based systems.
220 # install haveged to avoid low entropy rejecting ssh connections
221 apt-get install haveged
222 update-rc.d haveged defaults
224 # disable unattended upgrades & daily updates
225 echo '---> Disabling automatic daily upgrades'
226 sed -ine 's/"1"/"0"/g' /etc/apt/apt.conf.d/10periodic
227 echo 'APT::Periodic::Unattended-Upgrade "0";' >> /etc/apt/apt.conf.d/10periodic
231 # To handle the prompt style that is expected all over the environment
232 # with how use use robotframework we need to make sure that it is
233 # consistent for any of the users that are created during dynamic spin
235 echo 'PS1="[\u@\h \W]> "' >> /etc/skel/.bashrc
237 # Do any Distro specific installations here
238 echo "Checking distribution"
239 FACTER_OS=$(/usr/bin/facter operatingsystem)
242 if [ "$(/usr/bin/facter operatingsystemrelease | /bin/cut -d '.' -f1)" = "7" ]; then
245 echo "No extra steps currently for CentOS 7"
249 echo "Installing ODL YUM repo"
250 yum install -y https://nexus.opendaylight.org/content/repositories/opendaylight-yum-epel-6-x86_64/rpm/opendaylight-release/0.1.0-1.el6.noarch/opendaylight-release-0.1.0-1.el6.noarch.rpm
254 echo "---> $FACTER_OS found"
255 echo "No extra steps for $FACTER_OS"
260 echo "---> Attempting to detect OS"
261 # upstream cloud images use the distro name as the initial user
262 ORIGIN=$(if [ -e /etc/redhat-release ]
271 fedora|centos|redhat)
272 echo "---> RH type system detected"
276 echo "---> Ubuntu system detected"
280 echo "---> Unknown operating system"
284 # execute steps for all systems