os-autoinst-distri-rocky/tests/_support_server.pm

234 lines
13 KiB
Perl

use base "installedtest";
use strict;
use anaconda;
use testapi;
use lockapi;
use mmapi;
use tapnet;
use utils;
sub _pxe_setup {
# This happens before local DNS server is running and dnf will fail. Temporarily add 8.8.8.8 to resolve.conf
assert_script_run "echo 'nameserver 8.8.8.8' >> /etc/resolv.conf";
# set up PXE server (via dnsmasq). Not used for update tests.
# don't get hung up on slow mirrors when DNFing...
repos_mirrorlist;
# create necessary dirs
assert_script_run "mkdir -p /var/lib/tftpboot/rocky";
# basic tftp config
assert_script_run "printf 'enable-tftp\ntftp-root=/var/lib/tftpboot\ntftp-secure\n' >> /etc/dnsmasq.conf";
# pxe boot config
# we boot grub directly not shim on aarch64 as shim fails to boot
# with 'Synchronous Exception'
# https://bugzilla.redhat.com/show_bug.cgi?id=1592148
assert_script_run "printf 'dhcp-match=set:efi-x86_64,option:client-arch,7\ndhcp-match=set:efi-x86_64,option:client-arch,9\ndhcp-match=set:bios,option:client-arch,0\ndhcp-match=set:efi-aarch64,option:client-arch,11\ndhcp-match=set:ppc64,option:client-arch,12\ndhcp-match=set:ppc64,option:client-arch,13\ndhcp-boot=tag:efi-x86_64,\"shim.efi\"\ndhcp-boot=tag:bios,\"pxelinux.0\"\ndhcp-boot=tag:efi-aarch64,\"grubaa64.efi\"\ndhcp-boot=tag:ppc64,\"boot/grub2/powerpc-ieee1275/core.elf\"\n' >> /etc/dnsmasq.conf";
# install and configure bootloaders
my $ourversion = get_var("CURRREL");
my $contentdir = get_var("DNF_CONTENTDIR");
my $testversion = get_var("RELEASE");
assert_script_run "mkdir -p /var/tmp/rocky";
my $arch = get_var("ARCH");
if ($arch eq 'x86_64') {
# x86_64: use syslinux for BIOS, grub2 with 'linuxefi' for UEFI
assert_script_run "mkdir -p /var/lib/tftpboot/pxelinux.cfg";
# install bootloader packages
assert_script_run "dnf -y install syslinux", 120;
# selinux compatible fcontext config required
assert_script_run "dnf -y install policycoreutils-python-utils", 120;
assert_script_run "semanage fcontext -a -e /var/lib/rpm /var/tmp/rocky", 60;
assert_script_run "restorecon -vvRF /var/tmp/rocky", 60;
assert_script_run "rpm --root=/var/tmp/rocky --rebuilddb", 60;
assert_script_run "cd /var/tmp; dnf download rocky-release rocky-repos rocky-gpg-keys", 60;
assert_script_run "rpm --root=/var/tmp/rocky --nodeps -i /var/tmp/*.rpm", 60;
# Rocky Linux repos in /var/tmp/rocky point at mirrorlist and should be
# pointed at baseurl to support repositories in the staging if used for
# Beta or Lookahead builds.
if (get_version_major() < 9) {
assert_script_run 'sed -i -e "s/^mirrorlist/#mirrorlist/g;s,^#\(baseurl=http[s]*://\),\1,g" ' . '/var/tmp/rocky/etc/yum.repos.d/Rocky-BaseOS.repo';
assert_script_run 'sed -i -e "s/^mirrorlist/#mirrorlist/g;s,^#\(baseurl=http[s]*://\),\1,g" ' . '/var/tmp/rocky/etc/yum.repos.d/Rocky-AppStream.repo';
assert_script_run 'sed -i -e "s/^mirrorlist/#mirrorlist/g;s,^#\(baseurl=http[s]*://\),\1,g" ' . '/var/tmp/rocky/etc/yum.repos.d/Rocky-Extras.repo';
assert_script_run 'sed -i -e "s/^mirrorlist/#mirrorlist/g;s,^#\(baseurl=http[s]*://\),\1,g" ' . '/var/tmp/rocky/etc/yum.repos.d/Rocky-Devel.repo';
} else {
script_run 'sed -i -e "s/^mirrorlist/#mirrorlist/g;s/^#baseurl/baseurl/g" ' . '/var/tmp/rocky/etc/yum.repos.d/rocky.repo';
script_run 'sed -i -e "s/^mirrorlist/#mirrorlist/g;s/^#baseurl/baseurl/g" ' . '/var/tmp/rocky/etc/yum.repos.d/rocky-addons.repo';
script_run 'sed -i -e "s/^mirrorlist/#mirrorlist/g;s/^#baseurl/baseurl/g" ' . '/var/tmp/rocky/etc/yum.repos.d/rocky-devel.repo';
script_run 'sed -i -e "s/^mirrorlist/#mirrorlist/g;s/^#baseurl/baseurl/g" ' . '/var/tmp/rocky/etc/yum.repos.d/rocky-extras.repo';
}
# If we're pointing at Staging via alternate DNF_CONTENTDIR then modify dnf vars in /var/tmp/rocky
if ($contentdir) {
assert_script_run 'printf "%s\n" ' . $contentdir . ' > ' . '/var/tmp/rocky/etc/dnf/vars/contentdir';
}
assert_script_run "dnf -y --releasever=$ourversion --refresh --installroot=/var/tmp/rocky install shim-x64 grub2-efi-x64", 1800;
# copy bootloader files to tftp root
assert_script_run "cp /usr/share/syslinux/{pxelinux.0,vesamenu.c32,ldlinux.c32,libcom32.c32,libutil.c32} /var/lib/tftpboot";
assert_script_run "cp /var/tmp/rocky/boot/efi/EFI/rocky/{shimx64.efi,shimx64-rocky.efi,grubx64.efi} /var/lib/tftpboot";
# bootloader configs
# BIOS
assert_script_run "printf 'default vesamenu.c32\nprompt 1\ntimeout 600\n\nlabel linux\n menu label ^Install Rocky Linux 64-bit\n menu default\n kernel rocky/vmlinuz\n append initrd=rocky/initrd.img inst.ks=file:///ks.cfg ip=dhcp\nlabel local\n menu label Boot from ^local drive\n localboot 0xffff\n' >> /var/lib/tftpboot/pxelinux.cfg/default";
# UEFI
assert_script_run "printf 'function load_video {\n insmod efi_gop\n insmod efi_uga\n insmod ieee1275_fb\n insmod vbe\n insmod vga\n insmod video_bochs\n insmod video_cirrus\n}\n\nload_video\nset gfxpayload=keep\ninsmod gzio\n\nmenuentry \"Install Rocky Linux 64-bit\" --class rocky --class gnu-linux --class gnu --class os {\n linuxefi rocky/vmlinuz ip=dhcp inst.ks=file:///ks.cfg\n initrdefi rocky/initrd.img\n}' >> /var/lib/tftpboot/grub.cfg";
# DEBUG DEBUG
upload_logs "/etc/dnsmasq.conf";
upload_logs "/var/lib/tftpboot/grub.cfg";
upload_logs "/var/lib/tftpboot/pxelinux.cfg/default";
}
elsif ($arch eq 'ppc64le') {
# ppc64le: use grub2 for OFW
# install bootloader tools package
assert_script_run "dnf -y install grub2-tools-extra", 360;
# install a network bootloader to tftp root
assert_script_run "grub2-mknetdir --net-directory=/var/lib/tftpboot";
# bootloader config
assert_script_run "printf 'set default=0\nset timeout=5\n\nmenuentry \"Install Rocky Linux\" --class rocky --class gnu-linux --class gnu --class os {\n linux rocky/vmlinuz ip=dhcp inst.ks=file:///ks.cfg\n initrd rocky/initrd.img\n}' >> /var/lib/tftpboot/boot/grub2/grub.cfg";
# DEBUG DEBUG
upload_logs "/etc/dnsmasq.conf";
upload_logs "/var/lib/tftpboot/boot/grub2/grub.cfg";
}
elsif ($arch eq 'aarch64') {
# aarch64: use grub2 with 'linux' for UEFI
# copy bootloader files to tftp root (we just use the system
# bootloader, no need to install packages)
assert_script_run "cp /boot/efi/EFI/rocky/{shim.efi,grubaa64.efi} /var/lib/tftpboot";
# bootloader config
assert_script_run "printf 'function load_video {\n insmod efi_gop\n insmod efi_uga\n insmod ieee1275_fb\n insmod vbe\n insmod vga\n insmod video_bochs\n insmod video_cirrus\n}\n\nload_video\nset gfxpayload=keep\ninsmod gzio\n\nmenuentry \"Install Rocky Linux\" --class rocky --class gnu-linux --class gnu --class os {\n linux rocky/vmlinuz ip=dhcp inst.ks=file:///ks.cfg\n initrd rocky/initrd.img\n}' >> /var/lib/tftpboot/grub.cfg";
# DEBUG DEBUG
upload_logs "/etc/dnsmasq.conf";
upload_logs "/var/lib/tftpboot/grub.cfg";
}
# download kernel and initramfs
my $location = get_var("LOCATION");
my $kernpath = "images/pxeboot";
# for some crazy reason these are in a different place for ppc64
$kernpath = "ppc/ppc64" if ($arch eq 'ppc64le');
assert_script_run "curl -o /var/lib/tftpboot/rocky/vmlinuz $location/BaseOS/${arch}/os/${kernpath}/vmlinuz";
assert_script_run "curl -o /var/lib/tftpboot/rocky/initrd.img $location/BaseOS/${arch}/os/${kernpath}/initrd.img";
# get a kickstart to embed in the initramfs, for testing:
# https://fedoraproject.org/wiki/QA:Testcase_Kickstart_File_Path_Ks_Cfg
assert_script_run "curl -o ks.cfg https://git.rockylinux.org/tcooper/kickstarts/-/raw/main/root-user-crypted-net.ks";
# tweak the repo config in it
assert_script_run "sed -i -e 's,^url.*,nfs --server=nfs://172.16.2.110 --dir=/repo,g' ks.cfg";
# embed it
assert_script_run "echo ks.cfg | cpio -c -o >> /var/lib/tftpboot/rocky/initrd.img";
# chown root
assert_script_run "chown -R dnsmasq /var/lib/tftpboot";
assert_script_run "restorecon -vr /var/lib/tftpboot";
# open firewall ports
assert_script_run "firewall-cmd --add-service=tftp";
}
sub run {
my $self = shift;
my $contentdir = get_var("DNF_CONTENTDIR");
# disable systemd-resolved, it conflicts with dnsmasq
unless (script_run "systemctl is-active systemd-resolved.service") {
script_run "systemctl stop systemd-resolved.service";
script_run "systemctl disable systemd-resolved.service";
script_run "rm -f /etc/resolv.conf";
script_run "systemctl restart NetworkManager";
}
## DNS / DHCP (dnsmasq)
# create config
assert_script_run "printf 'domain=test.openqa.rockylinux.org\ndhcp-range=172.16.2.150,172.16.2.199\ndhcp-option=option:router,172.16.2.2\n' > /etc/dnsmasq.conf";
# do PXE setup if this is not an update test
_pxe_setup() unless (get_var("ADVISORY_OR_TASK"));
# open firewall ports
assert_script_run "firewall-cmd --add-service=dhcp";
assert_script_run "firewall-cmd --add-service=dns";
# start server
assert_script_run "systemctl restart dnsmasq.service";
assert_script_run "systemctl is-active dnsmasq.service";
## ISCSI
# start up iscsi target
#assert_script_run "printf '<target iqn.2016-06.local.domain:support.target1>\n backing-store /dev/vdb\n incominguser test weakpassword\n</target>' > /etc/tgt/conf.d/openqa.conf";
assert_script_run "targetcli /backstores/block create dev=/dev/vdb name=vdb";
assert_script_run "targetcli /iscsi create wwn=iqn.2016-06.local.domain:support.target1";
assert_script_run "targetcli /iscsi/iqn.2016-06.local.domain:support.target1/tpg1/acls create iqn.2016-06.local.domain:support.target1";
assert_script_run "targetcli /iscsi/iqn.2016-06.local.domain:support.target1/tpg1 set attribute authentication=1";
assert_script_run "targetcli /iscsi/iqn.2016-06.local.domain:support.target1/tpg1/acls/iqn.2016-06.local.domain:support.target1 set auth userid=test password=weakpassword";
assert_script_run "targetcli /iscsi/iqn.2016-06.local.domain:support.target1/tpg1/luns create /backstores/block/vdb";
assert_script_run "targetcli / saveconfig";
# open firewall port
assert_script_run "firewall-cmd --add-port=3260/tcp";
assert_script_run "systemctl restart target.service";
assert_script_run "systemctl is-active target.service";
## NFS
# create the file share
assert_script_run "mkdir -p /export";
# get the kickstart or kickstart template and replace content
if ($contentdir) {
my $releasever = get_var("DNF_RELEASEVAR");
assert_script_run "curl -o /export/root-user-crypted-net.ks https://git.rockylinux.org/tcooper/kickstarts/-/raw/main/root-user-crypted-net-template.ks";
# Tweak the kickstart template
if ($releasever) {
assert_script_run "sed -e 's,DNF_CONTENTDIR," . $contentdir . ",g;s,DNF_RELEASEVER," . $releasever . ",g' ks.cfg";
} else {
my $version = get_var("VERSION");
assert_script_run "sed -e 's,DNF_CONTENTDIR," . $contentdir . ",g;s,DNF_RELEASEVER," . $version . ",g' ks.cfg";
}
} else {
assert_script_run "curl -o /export/root-user-crypted-net.ks https://git.rockylinux.org/tcooper/kickstarts/-/raw/main/root-user-crypted-net.ks";
}
# for update tests, set up the update repository and export it
if (get_var("ADVISORY_OR_TASK")) {
assert_script_run "echo '/opt/update_repo 172.16.2.0/24(ro)' >> /etc/exports";
}
# for compose tests, we do all this stuff
else {
# create the repo share
assert_script_run "mkdir -p /repo";
# create a mount point for the ISO
assert_script_run "mkdir -p /mnt/iso";
# mount the ISO there
assert_script_run "mount /dev/cdrom /mnt/iso";
# copy the contents of the ISO to the repo share
assert_script_run "dnf -y install rsync", 180;
assert_script_run "rsync -av /mnt/iso/ /repo", 360;
# put the updates image in the NFS repo (for testing this update
# image delivery method)
assert_script_run "curl -o /repo/images/updates.img https://fedorapeople.org/groups/qa/updates/updates-openqa.img";
# create the iso share
assert_script_run "mkdir -p /iso";
# recreate an iso file
copy_devcdrom_as_isofile('/iso/image.iso');
# set up the exports
assert_script_run "printf '/export 172.16.2.0/24(ro)\n/repo 172.16.2.0/24(ro)\n/iso 172.16.2.0/24(ro)' > /etc/exports";
}
# configure nfsv3 ports
assert_script_run "printf '[lockd]\nport=5555\n\n[statd]\nport=6666\n' > /etc/nfs.conf";
# configure firewall
assert_script_run "firewall-cmd --add-service={nfs,rpc-bind,mountd}";
assert_script_run "firewall-cmd --add-port={5555/tcp,5555/udp,6666/tcp,6666/udp}";
assert_script_run "firewall-cmd --reload";
# start the server
assert_script_run "systemctl restart nfs-server.service";
assert_script_run "systemctl is-active nfs-server.service";
# report ready, wait for children
mutex_create('support_ready');
wait_for_children;
# upload logs in case of child failures
$self->post_fail_hook();
}
sub test_flags {
return {fatal => 1};
}
1;
# vim: set sw=4 et: