Hardcoded version of yq, decreased cloud init script Since version 4,yq uses another syntax, from apt repository focal by default uses 4.x version, bionic uses 3.x version. To decrease cloud init script: - remove license for ucp, it's no longer in use - move calico disable offloading script to the instance boot script Related-Prod: PRODX-24471 Change-Id: I98c3678785b40de7a783baa419cdd8dc6ee2cb0f

commit: 49b91eaa10bd9f6f92e2e0223818a7638ebe881c [log] [tgz]
author: Denis Biletskiy <dbiletskiy@mirantis.com> Thu Jun 09 11:41:39 2022 +0200
committer: dbiletskiy <dbiletskiy@mirantis.com> Mon Jun 13 10:39:18 2022 +0200
tree: 7b141af5660fb51223085a06cd203931a2b16f76
parent: 5a074776c3aa109327bd9ebde39a2e0fa6c2e50d [diff]
diff --git a/de/heat-templates/fragments/SrvInstancesBM.yaml b/de/heat-templates/fragments/SrvInstancesBM.yaml
index c3ffa7d..5599d11 100644
--- a/de/heat-templates/fragments/SrvInstancesBM.yaml
+++ b/de/heat-templates/fragments/SrvInstancesBM.yaml

@@ -98,10 +98,6 @@
             owner: "root:root"
             permissions: "0644"
             content: { get_param: hardware_metadata}
-          - path: /usr/sbin/calico_disable_offloading.sh
-            owner: "root:root"
-            permissions: "0755"
-            content: {get_file: ../scripts/calico_disable_offloading.sh}
 
   install_config_agent:
     type: "OS::Heat::MultipartMime"

diff --git a/de/heat-templates/fragments/SrvInstancesBMCeph.yaml b/de/heat-templates/fragments/SrvInstancesBMCeph.yaml
index c9a337c..7c6a76d 100644
--- a/de/heat-templates/fragments/SrvInstancesBMCeph.yaml
+++ b/de/heat-templates/fragments/SrvInstancesBMCeph.yaml

@@ -122,10 +122,6 @@
             owner: "root:root"
             permissions: "0644"
             content: { get_param: hardware_metadata}
-          - path: /usr/sbin/calico_disable_offloading.sh
-            owner: "root:root"
-            permissions: "0755"
-            content: {get_file: ../scripts/calico_disable_offloading.sh}
 
   install_config_agent:
     type: "OS::Heat::MultipartMime"

diff --git a/de/heat-templates/fragments/SrvInstancesBMCephOSD.yaml b/de/heat-templates/fragments/SrvInstancesBMCephOSD.yaml
index c8bdd4b..4fa2615 100644
--- a/de/heat-templates/fragments/SrvInstancesBMCephOSD.yaml
+++ b/de/heat-templates/fragments/SrvInstancesBMCephOSD.yaml

@@ -148,10 +148,6 @@
             owner: "root:root"
             permissions: "0644"
             content: { get_param: hardware_metadata}
-          - path: /usr/sbin/calico_disable_offloading.sh
-            owner: "root:root"
-            permissions: "0755"
-            content: {get_file: ../scripts/calico_disable_offloading.sh}
 
   install_config_agent:
     type: "OS::Heat::MultipartMime"

diff --git a/de/heat-templates/fragments/SrvInstancesVM.yaml b/de/heat-templates/fragments/SrvInstancesVM.yaml
index d3e0427..67e92e0 100644
--- a/de/heat-templates/fragments/SrvInstancesVM.yaml
+++ b/de/heat-templates/fragments/SrvInstancesVM.yaml

@@ -117,10 +117,6 @@
             owner: "root:root"
             permissions: "0644"
             content: { get_param: hardware_metadata}
-          - path: /usr/sbin/calico_disable_offloading.sh
-            owner: "root:root"
-            permissions: "0755"
-            content: {get_file: ../scripts/calico_disable_offloading.sh}
 
   install_config_agent:
     type: "OS::Heat::MultipartMime"

diff --git a/de/heat-templates/fragments/SrvInstancesVMCeph.yaml b/de/heat-templates/fragments/SrvInstancesVMCeph.yaml
index 3fc96d5..17b2593 100644
--- a/de/heat-templates/fragments/SrvInstancesVMCeph.yaml
+++ b/de/heat-templates/fragments/SrvInstancesVMCeph.yaml

@@ -130,10 +130,6 @@
             owner: "root:root"
             permissions: "0644"
             content: { get_param: hardware_metadata}
-          - path: /usr/sbin/calico_disable_offloading.sh
-            owner: "root:root"
-            permissions: "0755"
-            content: {get_file: ../scripts/calico_disable_offloading.sh}
 
   install_config_agent:
     type: "OS::Heat::MultipartMime"

diff --git a/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml b/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml
index d66dae9..f9c2ce9 100644
--- a/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml
+++ b/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml

@@ -172,10 +172,6 @@
             owner: "root:root"
             permissions: "0644"
             content: { get_param: hardware_metadata}
-          - path: /usr/sbin/calico_disable_offloading.sh
-            owner: "root:root"
-            permissions: "0755"
-            content: {get_file: ../scripts/calico_disable_offloading.sh}
 
   install_config_agent:
     type: "OS::Heat::MultipartMime"

diff --git a/de/heat-templates/scripts/calico_disable_offloading.sh b/de/heat-templates/scripts/calico_disable_offloading.sh
deleted file mode 100644
index 26ce61b..0000000
--- a/de/heat-templates/scripts/calico_disable_offloading.sh
+++ /dev/null

@@ -1,54 +0,0 @@
-#!/usr/bin/env bash
-
-# script is taken from https://gerrit.mcp.mirantis.com/plugins/gitiles/kubernetes/lcm-ansible/+/refs/heads/master/roles/kubernetes-postinstall/templates/calico_disable_offloading.sh
-# This script apply a workaround for a bug encountered on Kubernetes with vxlan
-# and iptables >= 1.6.2.
-# You can find more details on this bug here:
-# https://github.com/kubernetes/kubernetes/issues/96868
-# https://github.com/projectcalico/calico/issues/3145
-#
-# The workaround is to disable offloading on vxlan interface
-
-nic_name='vxlan.calico'
-if [ -e /etc/system-release ]; then
-    #RHEL
-    ethtool_cmd="/usr/sbin/ethtool"
-    ip_cmd="/usr/sbin/ip"
-else
-    #Ubuntu
-    ethtool_cmd="/sbin/ethtool"
-    ip_cmd="/sbin/ip"
-fi
-
-_ethtool() {
-    $ethtool_cmd "$@"
-}
-
-_ip () {
-    $ip_cmd "$@"
-}
-
-is_nic_available() {
-    _ip a show dev $nic_name > /dev/null 2>&1
-}
-
-deactivate_offloading() {
-    echo "Disabling offloading for ${nic_name}"
-    _ethtool --offload $nic_name rx off tx off > /dev/null
-}
-
-is_offloading_disabled() {
-    # Return an error if at least one offload is enabled (rx or tx)
-    if _ethtool --show-offload $nic_name | grep -E '^.x-checksumming:' | grep -q  ': on'; then
-        return 1
-    else
-        return 0
-    fi
-}
-
-if is_nic_available; then
-    if ! is_offloading_disabled; then
-        deactivate_offloading
-        exit $?
-    fi
-fi
\ No newline at end of file

diff --git a/de/heat-templates/scripts/instance_boot.sh b/de/heat-templates/scripts/instance_boot.sh
index 5950eff..6bfa35b 100644
--- a/de/heat-templates/scripts/instance_boot.sh
+++ b/de/heat-templates/scripts/instance_boot.sh

@@ -217,9 +217,11 @@
         fi
     fi
     function install_retry {
-        add-apt-repository ppa:rmescandon/yq -y
         apt update
-        export DEBIAN_FRONTEND=noninteractive; apt install -y $pkg_list yq
+        export DEBIAN_FRONTEND=noninteractive; apt install -y $pkg_list
+        # Since version 4 yq uses another syntax
+        curl --retry 6 --retry-delay 5 -L https://github.com/mikefarah/yq/releases/download/3.3.2/yq_linux_amd64 -o /usr/bin/yq
+        chmod +x /usr/bin/yq
     }
     retry 10 "Failed to install required packages" install_retry
 }
@@ -988,9 +990,22 @@
 }
 
 function cron_disable_calico_offloading {
-    cat << EOF >> /etc/cron.d/disable_calico_offloading
-* * * * * root /usr/sbin/calico_disable_offloading.sh 2>&1 | /usr/bin/logger -t calico_disable_offloading
+    # The workaround is to disable offloading on vxlan interface
+    if [ -f /etc/cron.d/disable_calico_offloading ]; then
+        echo "Cronjob for disable callico offloading already exists"
+    else
+        script_path="/usr/sbin/calico_disable_offloading.sh"
+        cat << 'EOF' >> $script_path
+#!/usr/bin/env bash
+if /sbin/ethtool --show-offload vxlan.calico | grep -E '^.x-checksumming:' | grep -q  ': on'; then
+    /sbin/ethtool --offload vxlan.calico rx off tx off > /dev/null
+fi
 EOF
+        chmod +x $script_path
+        cat << EOF >> /etc/cron.d/disable_calico_offloading
+* * * * * root $script_path 2>&1 | /usr/bin/logger -t calico_disable_offloading
+EOF
+    fi
 }
 
 function increase_iscsi_timeout {

diff --git a/de/heat-templates/scripts/license.lic b/de/heat-templates/scripts/license.lic
deleted file mode 100644
index 7407f46..0000000
--- a/de/heat-templates/scripts/license.lic
+++ /dev/null

@@ -1 +0,0 @@
-{"key_id":"lhF-hcUDANCs7YmGaTNHQ4N1aTSUfhO-jPhDchNbbmkd","private_key":"g-uMHRNS4BAn9yRMTAyLS2HbuwzKkRl3-Z1yGMaPD2Mn","authorization":"ewogICAicGF5bG9hZCI6ICJleUpsZUhCcGNtRjBhVzl1SWpvaU1qQXlNQzB3TWkweU9GUXhOVG95TXpveU1sb2lMQ0owYjJ0bGJpSTZJbFZUVmsxVFprZE9lVGQyUTE4ME0zQkViazF2ZGxjNFlraDVURGRWUm1GTlMyNW5hM0F5ZUZWSmJtODlJaXdpYldGNFJXNW5hVzVsY3lJNk1UQXNJbk5qWVc1dWFXNW5SVzVoWW14bFpDSTZkSEoxWlN3aWJHbGpaVzV6WlZSNWNHVWlPaUpQYm14cGJtVWlMQ0owYVdWeUlqb2lWSEpwWVd3aUxDSnpkV0p6WTNKcGNIUnBiMjVmYVdRaU9pSnpkV0l0TjJGaVlUWm1ZMlF0TkRGa1lpMDBZVEEwTFdKaU5EVXRObUUzT1dZM09EWXlaVGhrSWl3aWNISnZaSFZqZEY5cFpDSTZJbVJ2WTJ0bGNpMWxaUzEwY21saGJDSXNJbkpoZEdWZmNHeGhibDlwWkNJNkltUnZZMnRsY2kxbFpTMTBjbWxoYkMxMGNtbGhiQzEwYVdWeUlpd2lkbVZ5YzJsdmJpSTZNU3dpWjNKaFkyVmZaR0Y1Y3lJNk1Td2liV1YwWVdSaGRHRWlPbnNpZFhObGNtNWhiV1VpT2lKdWEyRnljR2x1SWl3aVkyOXRjR0Z1ZVNJNklrMXBjbUZ1ZEdsekluMHNJbkJ5YVdOcGJtZGZZMjl0Y0c5dVpXNTBjeUk2VzNzaWJtRnRaU0k2SWs1dlpHVnpJaXdpZG1Gc2RXVWlPakV3ZlYxOSIsCiAgICJzaWduYXR1cmVzIjogWwogICAgICB7CiAgICAgICAgICJoZWFkZXIiOiB7CiAgICAgICAgICAgICJqd2siOiB7CiAgICAgICAgICAgICAgICJlIjogIkFRQUIiLAogICAgICAgICAgICAgICAia2V5SUQiOiAiSjdMRDo2N1ZSOkw1SFo6VTdCQToyTzRHOjRBTDM6T0YyTjpKSEdCOkVGVEg6NUNWUTpNRkVPOkFFSVQiLAogICAgICAgICAgICAgICAia2lkIjogIko3TEQ6NjdWUjpMNUhaOlU3QkE6Mk80Rzo0QUwzOk9GMk46SkhHQjpFRlRIOjVDVlE6TUZFTzpBRUlUIiwKICAgICAgICAgICAgICAgImt0eSI6ICJSU0EiLAogICAgICAgICAgICAgICAibiI6ICJ5ZEl5LWxVN283UGNlWS00LXMtQ1E1T0VnQ3lGOEN4SWNRSVd1Szg0cElpWmNpWTY3MzB5Q1lud0xTS1Rsdy1VNlVDX1FSZVdSaW9NTk5FNURzNVRZRVhiR0c2b2xtMnFkV2JCd2NDZy0yVVVIX09jQjlXdVA2Z1JQSHBNRk1zeER6V3d2YXk4SlV1SGdZVUxVcG0xSXYtbXE3bHA1blFfUnhyVDBLWlJBUVRZTEVNRWZHd20zaE1PX2dlTFBTLWhnS1B0SUhsa2c2X1djb3hUR29LUDc5ZF93YUhZeEdObDdXaFNuZWlCU3hicGJRQUtrMjFsZzc5OFhiN3ZaeUVBVERNclJSOU1lRTZBZGo1SEpwWTNDb3lSQVBDbWFLR1JDSzR1b1pTb0l1MGhGVmxLVVB5YmJ3MDAwR08td2EyS044VXdnSUltMGk1STF1VzlHa3E0empCeTV6aGdxdVVYYkc5YldQQU9ZcnE1UWE4MUR4R2NCbEp5SFlBcC1ERFBFOVRHZzR6WW1YakpueFpxSEVkdUdxZGV2WjhYTUkwdWtma0dJSTE0d1VPaU1JSUlyWGxFY0JmXzQ2SThnUVdEenh5Y1plX0pHWC1MQXVheVhyeXJVRmVoVk5VZFpVbDl3WE5hSkIta2FDcXo1UXdhUjkzc0d3LVFTZnREME52TGU3Q3lPSC1FNnZnNlN0X05lVHZndjhZbmhDaVhJbFo4SE9mSXdOZTd0RUZfVWN6NU9iUHlrbTN0eWxyTlVqdDBWeUFtdHRhY1ZJMmlHaWhjVVBybWs0bFZJWjdWRF9MU1ctaTd5b1N1cnRwc1BYY2UycEtESW8zMGxKR2hPXzNLVW1sMlNVWkNxekoxeUVtS3B5c0g1SERXOWNzSUZDQTNkZUFqZlpVdk43VSIKICAgICAgICAgICAgfSwKICAgICAgICAgICAgImFsZyI6ICJSUzI1NiIKICAgICAgICAgfSwKICAgICAgICAgInNpZ25hdHVyZSI6ICJLc1NzNnNlRjMxOXloaHNXaU8za3VtNGY0N0FuRUxTNHhteDNJcVg1bHl0aDRsUTlwX2dhYk1LN1liOUR5NEt5cUl0UUVXbWFQMWRJUEJJVXZqa1lvdGRyMGEzUjMtcHYxTlJqZVJEZk9RV2lFOEdWRklMRFpFamhmMW55bGFfRHJOcmx1NjNpQmd0ZU1DU0pNcVZwOHdhUGVEYS1zenRCVTRLT0dGaGE2Yk8wSU4xbFFMMGlmLWVfOF9WMnM2c1BLNnQ0SlNPVUE3VHp1aVo2MC1JSW5ibi01VC1pVi1lMGpXUTZzeXA1T0gxZnR5VWVpMXlvQjlLeXFpaVVZZm9PN0ZRN29LWmQyNjhzOGVqb3JueFVqdGdTaWF2aGZ4cVIyS0xxT1FOeldPSFpMVF9abGtRMHpVUUc4U3c4Z3NsUTBEb2k0SVpBRzRtMkgyQ19Mck9pbHhBRXBEWU9GZE1TeWhlaTBPZ2YzRU9mYzhCel9oc1BkZGFrU1hwUHVQcTJYV3N3SlVXX28zYXhJTjliTnNtUHp2djRscWJ2VVlybkNGWTQzLVEzaTFwajZLQXIzb0FlUG52LUI1dUJGYzJ6dzM0Mkg1NUItVVBBbWZkWnRnTUI5RVplc0d3VXBaMTZDUWFRa2I4M0lDWkdMUG8ybXdERFpsRzM3TmR4V203Vm5nRVFZRGVVU2ZaQS1RM3JqQW9ua1pvbjRNZldLMzVET0h2amV4SUJ5RzljTkU0STVIaGNKQlBqYURFVDRrcE9GcGZtQ1ZlQndiZXRXY21BZXFRWF9DVlpXRFowLWRhQzE4UnBLZU1lVFg5MnVYWU1oeFBpbGR4TzFZaTF4eWdFQzNVTXZYdDZHY0tvcWZtVnRTTUZWME44NWs3b2ZDVnI0Uk9Jc0RsY09pYyIsCiAgICAgICAgICJwcm90ZWN0ZWQiOiAiZXlKbWIzSnRZWFJNWlc1bmRHZ2lPalF6Tnl3aVptOXliV0YwVkdGcGJDSTZJbVpSSWl3aWRHbHRaU0k2SWpJd01qQXRNREV0TWpoVU1URTZNVEU2TlRoYUluMCIKICAgICAgfQogICBdCn0="}
\ No newline at end of file
commit	49b91eaa10bd9f6f92e2e0223818a7638ebe881c	[log] [tgz]
author	Denis Biletskiy <dbiletskiy@mirantis.com>	Thu Jun 09 11:41:39 2022 +0200
committer	dbiletskiy <dbiletskiy@mirantis.com>	Mon Jun 13 10:39:18 2022 +0200
tree	7b141af5660fb51223085a06cd203931a2b16f76
parent	5a074776c3aa109327bd9ebde39a2e0fa6c2e50d [diff]