starlingx/config-files
Code Issues Proposed changes

Refactor patches for initscripts package

Browse Source 
Use initscripts-config package to package script and service file for
initscripts package.
Refactor 0001-Disable-zeroconf-route.patch,
spec-add-mountnfs-init-script.patch and
spec-include-TiS-changes.patch, let initscripts-config to be
responsible for the installation of config/script/service files.
Merged some meta patches that just includes adding source code patch to
spec-include-Tis-changes.patch.
Removed base/procps since it just includes one file, sysctl.conf. And
move this file to initscripts-config folder.The monitor-tools package
in stx-integ has a %post script that is adding an entry to sysctl.conf,
so add "Requires: initscripts-config" in monitor-tools.spec, to ensure
it is installed after this package replaces the file.

Deployment test and ping test between VMs pass
Service, config and script files check pass.

Story: 2003768
Task: 27585

Change-Id: I2ea3bd05bdc5bca5658d157e6f40f7380e922500
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
This commit is contained in:
zhipengl 2018-11-05 23:56:49 +08:00 committed by zhipeng liu
parent ccd754d835
commit 3fe2e675f8
6 changed files with 249 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
initscripts-config/centos/build_srpm.data Normal file
View File

@ -0,0 +1,2 @@
SRC_DIR="files"
TIS_PATCH_VER=0

47
initscripts-config/centos/initscripts-config.spec Normal file
View File

@ -0,0 +1,47 @@
Summary: initscripts-config
Name: initscripts-config
Version: 1.0
Release: %{tis_patch_ver}%{?_tis_dist}
License: Apache-2.0
Group: base
Packager: StarlingX
URL: unknown
BuildArch: noarch
Source: %name-%version.tar.gz
Requires: %{_bindir}/systemctl
Requires: initscripts
Summary: package StarlingX configuration files of initscripts to system folder.
%description
package StarlingX configuration files of initscripts to system folder.
%prep
%setup
%build
%install
%{__install} -d 644 %{buildroot}%{_datadir}/starlingx/
%{__install} -d 644 %{buildroot}%{_sysconfdir}/sysconfig
%{__install} -d 755 %{buildroot}%{_initddir}
%{__install} -d 644 %{buildroot}%{_unitdir}
%{__install} -m 644 sysctl.conf %{buildroot}%{_datadir}/starlingx/stx.sysctl.conf
%{__install} -m 644 sysconfig-network.conf %{buildroot}%{_sysconfdir}/sysconfig/network
%{__install} -m 755 mountnfs.sh %{buildroot}%{_initddir}/mountnfs
%{__install} -m 644 mountnfs.service %{buildroot}%{_unitdir}/mountnfs.service
%post
if [ $1 -eq 1 ] ; then
# Initial installation
cp -f %{_datadir}/starlingx/stx.sysctl.conf %{_sysconfdir}/sysctl.conf
chmod 644 %{_sysconfdir}/sysctl.conf
fi
%{_bindir}/systemctl enable mountnfs.service > /dev/null 2>&1 || :
%files
%{_datadir}/starlingx/stx.sysctl.conf
%{_sysconfdir}/sysconfig/network
%{_initddir}/mountnfs
%{_unitdir}/mountnfs.service

13
initscripts-config/files/mountnfs.service Normal file
View File

@ -0,0 +1,13 @@
[Unit]
Description=StarlingX Cloud Filesystem Auto-mounter
After=network.target nfscommon.service
Before=uexportfs.service
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/etc/init.d/mountnfs start
ExecStop=/etc/init.d/mountnfs stop
[Install]
WantedBy=multi-user.target

100
initscripts-config/files/mountnfs.sh Executable file
View File

@ -0,0 +1,100 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: mountnfs
# Required-Start: $local_fs $network $rpcbind
# Required-Stop:
# Default-Start: S
# Default-Stop:
### END INIT INFO
# . /etc/default/rcS
if [ "$1" = "stop" ]; then
# Avoid mounting if we're shutting down
exit 0
fi
#
# Run in a subshell because of I/O redirection.
#
test -f /etc/fstab && (
#
# Read through fstab line by line. If it is NFS, set the flag
# for mounting NFS filesystems. If any NFS partition is found and it
# not mounted with the nolock option, we start the rpcbind.
#
rpcbind=no
mount_nfs=no
mount_smb=no
mount_ncp=no
mount_cifs=no
while read device mountpt fstype options; do
case "$device" in
""|\#*)
continue
;;
esac
case "$options" in
*noauto*)
continue
;;
esac
if test "$fstype" = nfs
then
mount_nfs=yes
case "$options" in
*nolock*)
;;
*)
rpcbind=yes
;;
esac
fi
if test "$fstype" = smbfs
then
mount_smb=yes
fi
if test "$fstype" = ncpfs
then
mount_ncp=yes
fi
if test "$fstype" = cifs
then
mount_cifs=yes
fi
done
exec 0>&1
if test "$rpcbind" = yes; then
# WRL: Centos precheck: Dont start rpcbind in this init script.
# It is started by a systemd service file.
if test "/etc/centos-release" = no
then
if test -x /usr/sbin/rpcbind
then
service rpcbind status > /dev/null
if [ $? != 0 ]; then
echo -n "Starting rpcbind..."
start-stop-daemon --start --quiet --exec /usr/sbin/rpcbind
sleep 2
fi
fi
fi
fi
if test "$mount_nfs" = yes || test "$mount_smb" = yes || test "$mount_ncp" = yes || test "$mount_cifs" = yes; then
echo "Mounting remote filesystems..."
test "$mount_nfs" = yes && mount -a -t nfs
test "$mount_smb" = yes && mount -a -t smbfs
test "$mount_ncp" = yes && mount -a -t ncpfs
test "$mount_cifs" = yes && mount -a -t cifs
fi
) < /etc/fstab
: exit 0

1
initscripts-config/files/sysconfig-network.conf Normal file
View File

@ -0,0 +1 @@
ZEROCONF=yes

86
initscripts-config/files/sysctl.conf Normal file
View File

@ -0,0 +1,86 @@
# This configuration file is taken from Debian.
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
kernel.printk = 4 4 1 7
# Reboot X seconds after a kernel panic
kernel.panic = 5
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
#net.ipv6.conf.all.forwarding=1
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Ignore ICMP broadcasts
#net.ipv4.icmp_echo_ignore_broadcasts = 1
#
# Ignore bogus ICMP errors
#net.ipv4.icmp_ignore_bogus_error_responses = 1
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
#kernel.shmmax = 141762560
# Limit local port range
net.ipv4.ip_local_port_range = 49216 61000
net.ipv4.tcp_tw_reuse = 1
# WRL
# set max socket memory ; default was 212992
net.core.rmem_max=425984
# WRS
# The following kernel parameters help alleviate some RabbitMQ
# connection issues. These values need to be set here to ensure sysinv-agent
# remains connected to rabbitmq. Sysinv-agent starts before packstack and the
# long default values allowed the connection to be lost for 2 hours.
# Note the ipv4 vlaues are also applied to ipv6 connections.
net.ipv4.tcp_keepalive_intvl = 1
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_time = 5