Merge "Hardcoded version of yq, decreased cloud init script"
diff --git a/de/heat-templates/fragments/SrvInstancesBM.yaml b/de/heat-templates/fragments/SrvInstancesBM.yaml
index c3ffa7d..5599d11 100644
--- a/de/heat-templates/fragments/SrvInstancesBM.yaml
+++ b/de/heat-templates/fragments/SrvInstancesBM.yaml
@@ -98,10 +98,6 @@
owner: "root:root"
permissions: "0644"
content: { get_param: hardware_metadata}
- - path: /usr/sbin/calico_disable_offloading.sh
- owner: "root:root"
- permissions: "0755"
- content: {get_file: ../scripts/calico_disable_offloading.sh}
install_config_agent:
type: "OS::Heat::MultipartMime"
diff --git a/de/heat-templates/fragments/SrvInstancesBMCeph.yaml b/de/heat-templates/fragments/SrvInstancesBMCeph.yaml
index c9a337c..7c6a76d 100644
--- a/de/heat-templates/fragments/SrvInstancesBMCeph.yaml
+++ b/de/heat-templates/fragments/SrvInstancesBMCeph.yaml
@@ -122,10 +122,6 @@
owner: "root:root"
permissions: "0644"
content: { get_param: hardware_metadata}
- - path: /usr/sbin/calico_disable_offloading.sh
- owner: "root:root"
- permissions: "0755"
- content: {get_file: ../scripts/calico_disable_offloading.sh}
install_config_agent:
type: "OS::Heat::MultipartMime"
diff --git a/de/heat-templates/fragments/SrvInstancesBMCephOSD.yaml b/de/heat-templates/fragments/SrvInstancesBMCephOSD.yaml
index c8bdd4b..4fa2615 100644
--- a/de/heat-templates/fragments/SrvInstancesBMCephOSD.yaml
+++ b/de/heat-templates/fragments/SrvInstancesBMCephOSD.yaml
@@ -148,10 +148,6 @@
owner: "root:root"
permissions: "0644"
content: { get_param: hardware_metadata}
- - path: /usr/sbin/calico_disable_offloading.sh
- owner: "root:root"
- permissions: "0755"
- content: {get_file: ../scripts/calico_disable_offloading.sh}
install_config_agent:
type: "OS::Heat::MultipartMime"
diff --git a/de/heat-templates/fragments/SrvInstancesVM.yaml b/de/heat-templates/fragments/SrvInstancesVM.yaml
index d3e0427..67e92e0 100644
--- a/de/heat-templates/fragments/SrvInstancesVM.yaml
+++ b/de/heat-templates/fragments/SrvInstancesVM.yaml
@@ -117,10 +117,6 @@
owner: "root:root"
permissions: "0644"
content: { get_param: hardware_metadata}
- - path: /usr/sbin/calico_disable_offloading.sh
- owner: "root:root"
- permissions: "0755"
- content: {get_file: ../scripts/calico_disable_offloading.sh}
install_config_agent:
type: "OS::Heat::MultipartMime"
diff --git a/de/heat-templates/fragments/SrvInstancesVMCeph.yaml b/de/heat-templates/fragments/SrvInstancesVMCeph.yaml
index 3fc96d5..17b2593 100644
--- a/de/heat-templates/fragments/SrvInstancesVMCeph.yaml
+++ b/de/heat-templates/fragments/SrvInstancesVMCeph.yaml
@@ -130,10 +130,6 @@
owner: "root:root"
permissions: "0644"
content: { get_param: hardware_metadata}
- - path: /usr/sbin/calico_disable_offloading.sh
- owner: "root:root"
- permissions: "0755"
- content: {get_file: ../scripts/calico_disable_offloading.sh}
install_config_agent:
type: "OS::Heat::MultipartMime"
diff --git a/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml b/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml
index d66dae9..f9c2ce9 100644
--- a/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml
+++ b/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml
@@ -172,10 +172,6 @@
owner: "root:root"
permissions: "0644"
content: { get_param: hardware_metadata}
- - path: /usr/sbin/calico_disable_offloading.sh
- owner: "root:root"
- permissions: "0755"
- content: {get_file: ../scripts/calico_disable_offloading.sh}
install_config_agent:
type: "OS::Heat::MultipartMime"
diff --git a/de/heat-templates/scripts/calico_disable_offloading.sh b/de/heat-templates/scripts/calico_disable_offloading.sh
deleted file mode 100644
index 26ce61b..0000000
--- a/de/heat-templates/scripts/calico_disable_offloading.sh
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/usr/bin/env bash
-
-# script is taken from https://gerrit.mcp.mirantis.com/plugins/gitiles/kubernetes/lcm-ansible/+/refs/heads/master/roles/kubernetes-postinstall/templates/calico_disable_offloading.sh
-# This script apply a workaround for a bug encountered on Kubernetes with vxlan
-# and iptables >= 1.6.2.
-# You can find more details on this bug here:
-# https://github.com/kubernetes/kubernetes/issues/96868
-# https://github.com/projectcalico/calico/issues/3145
-#
-# The workaround is to disable offloading on vxlan interface
-
-nic_name='vxlan.calico'
-if [ -e /etc/system-release ]; then
- #RHEL
- ethtool_cmd="/usr/sbin/ethtool"
- ip_cmd="/usr/sbin/ip"
-else
- #Ubuntu
- ethtool_cmd="/sbin/ethtool"
- ip_cmd="/sbin/ip"
-fi
-
-_ethtool() {
- $ethtool_cmd "$@"
-}
-
-_ip () {
- $ip_cmd "$@"
-}
-
-is_nic_available() {
- _ip a show dev $nic_name > /dev/null 2>&1
-}
-
-deactivate_offloading() {
- echo "Disabling offloading for ${nic_name}"
- _ethtool --offload $nic_name rx off tx off > /dev/null
-}
-
-is_offloading_disabled() {
- # Return an error if at least one offload is enabled (rx or tx)
- if _ethtool --show-offload $nic_name | grep -E '^.x-checksumming:' | grep -q ': on'; then
- return 1
- else
- return 0
- fi
-}
-
-if is_nic_available; then
- if ! is_offloading_disabled; then
- deactivate_offloading
- exit $?
- fi
-fi
\ No newline at end of file
diff --git a/de/heat-templates/scripts/instance_boot.sh b/de/heat-templates/scripts/instance_boot.sh
index 5950eff..6bfa35b 100644
--- a/de/heat-templates/scripts/instance_boot.sh
+++ b/de/heat-templates/scripts/instance_boot.sh
@@ -217,9 +217,11 @@
fi
fi
function install_retry {
- add-apt-repository ppa:rmescandon/yq -y
apt update
- export DEBIAN_FRONTEND=noninteractive; apt install -y $pkg_list yq
+ export DEBIAN_FRONTEND=noninteractive; apt install -y $pkg_list
+ # Since version 4 yq uses another syntax
+ curl --retry 6 --retry-delay 5 -L https://github.com/mikefarah/yq/releases/download/3.3.2/yq_linux_amd64 -o /usr/bin/yq
+ chmod +x /usr/bin/yq
}
retry 10 "Failed to install required packages" install_retry
}
@@ -988,9 +990,22 @@
}
function cron_disable_calico_offloading {
- cat << EOF >> /etc/cron.d/disable_calico_offloading
-* * * * * root /usr/sbin/calico_disable_offloading.sh 2>&1 | /usr/bin/logger -t calico_disable_offloading
+ # The workaround is to disable offloading on vxlan interface
+ if [ -f /etc/cron.d/disable_calico_offloading ]; then
+ echo "Cronjob for disable callico offloading already exists"
+ else
+ script_path="/usr/sbin/calico_disable_offloading.sh"
+ cat << 'EOF' >> $script_path
+#!/usr/bin/env bash
+if /sbin/ethtool --show-offload vxlan.calico | grep -E '^.x-checksumming:' | grep -q ': on'; then
+ /sbin/ethtool --offload vxlan.calico rx off tx off > /dev/null
+fi
EOF
+ chmod +x $script_path
+ cat << EOF >> /etc/cron.d/disable_calico_offloading
+* * * * * root $script_path 2>&1 | /usr/bin/logger -t calico_disable_offloading
+EOF
+ fi
}
function increase_iscsi_timeout {
diff --git a/de/heat-templates/scripts/license.lic b/de/heat-templates/scripts/license.lic
deleted file mode 100644
index 7407f46..0000000
--- a/de/heat-templates/scripts/license.lic
+++ /dev/null
@@ -1 +0,0 @@
-{"key_id":"lhF-hcUDANCs7YmGaTNHQ4N1aTSUfhO-jPhDchNbbmkd","private_key":"g-uMHRNS4BAn9yRMTAyLS2HbuwzKkRl3-Z1yGMaPD2Mn","authorization":"ewogICAicGF5bG9hZCI6ICJleUpsZUhCcGNtRjBhVzl1SWpvaU1qQXlNQzB3TWkweU9GUXhOVG95TXpveU1sb2lMQ0owYjJ0bGJpSTZJbFZUVmsxVFprZE9lVGQyUTE4ME0zQkViazF2ZGxjNFlraDVURGRWUm1GTlMyNW5hM0F5ZUZWSmJtODlJaXdpYldGNFJXNW5hVzVsY3lJNk1UQXNJbk5qWVc1dWFXNW5SVzVoWW14bFpDSTZkSEoxWlN3aWJHbGpaVzV6WlZSNWNHVWlPaUpQYm14cGJtVWlMQ0owYVdWeUlqb2lWSEpwWVd3aUxDSnpkV0p6WTNKcGNIUnBiMjVmYVdRaU9pSnpkV0l0TjJGaVlUWm1ZMlF0TkRGa1lpMDBZVEEwTFdKaU5EVXRObUUzT1dZM09EWXlaVGhrSWl3aWNISnZaSFZqZEY5cFpDSTZJbVJ2WTJ0bGNpMWxaUzEwY21saGJDSXNJbkpoZEdWZmNHeGhibDlwWkNJNkltUnZZMnRsY2kxbFpTMTBjbWxoYkMxMGNtbGhiQzEwYVdWeUlpd2lkbVZ5YzJsdmJpSTZNU3dpWjNKaFkyVmZaR0Y1Y3lJNk1Td2liV1YwWVdSaGRHRWlPbnNpZFhObGNtNWhiV1VpT2lKdWEyRnljR2x1SWl3aVkyOXRjR0Z1ZVNJNklrMXBjbUZ1ZEdsekluMHNJbkJ5YVdOcGJtZGZZMjl0Y0c5dVpXNTBjeUk2VzNzaWJtRnRaU0k2SWs1dlpHVnpJaXdpZG1Gc2RXVWlPakV3ZlYxOSIsCiAgICJzaWduYXR1cmVzIjogWwogICAgICB7CiAgICAgICAgICJoZWFkZXIiOiB7CiAgICAgICAgICAgICJqd2siOiB7CiAgICAgICAgICAgICAgICJlIjogIkFRQUIiLAogICAgICAgICAgICAgICAia2V5SUQiOiAiSjdMRDo2N1ZSOkw1SFo6VTdCQToyTzRHOjRBTDM6T0YyTjpKSEdCOkVGVEg6NUNWUTpNRkVPOkFFSVQiLAogICAgICAgICAgICAgICAia2lkIjogIko3TEQ6NjdWUjpMNUhaOlU3QkE6Mk80Rzo0QUwzOk9GMk46SkhHQjpFRlRIOjVDVlE6TUZFTzpBRUlUIiwKICAgICAgICAgICAgICAgImt0eSI6ICJSU0EiLAogICAgICAgICAgICAgICAibiI6ICJ5ZEl5LWxVN283UGNlWS00LXMtQ1E1T0VnQ3lGOEN4SWNRSVd1Szg0cElpWmNpWTY3MzB5Q1lud0xTS1Rsdy1VNlVDX1FSZVdSaW9NTk5FNURzNVRZRVhiR0c2b2xtMnFkV2JCd2NDZy0yVVVIX09jQjlXdVA2Z1JQSHBNRk1zeER6V3d2YXk4SlV1SGdZVUxVcG0xSXYtbXE3bHA1blFfUnhyVDBLWlJBUVRZTEVNRWZHd20zaE1PX2dlTFBTLWhnS1B0SUhsa2c2X1djb3hUR29LUDc5ZF93YUhZeEdObDdXaFNuZWlCU3hicGJRQUtrMjFsZzc5OFhiN3ZaeUVBVERNclJSOU1lRTZBZGo1SEpwWTNDb3lSQVBDbWFLR1JDSzR1b1pTb0l1MGhGVmxLVVB5YmJ3MDAwR08td2EyS044VXdnSUltMGk1STF1VzlHa3E0empCeTV6aGdxdVVYYkc5YldQQU9ZcnE1UWE4MUR4R2NCbEp5SFlBcC1ERFBFOVRHZzR6WW1YakpueFpxSEVkdUdxZGV2WjhYTUkwdWtma0dJSTE0d1VPaU1JSUlyWGxFY0JmXzQ2SThnUVdEenh5Y1plX0pHWC1MQXVheVhyeXJVRmVoVk5VZFpVbDl3WE5hSkIta2FDcXo1UXdhUjkzc0d3LVFTZnREME52TGU3Q3lPSC1FNnZnNlN0X05lVHZndjhZbmhDaVhJbFo4SE9mSXdOZTd0RUZfVWN6NU9iUHlrbTN0eWxyTlVqdDBWeUFtdHRhY1ZJMmlHaWhjVVBybWs0bFZJWjdWRF9MU1ctaTd5b1N1cnRwc1BYY2UycEtESW8zMGxKR2hPXzNLVW1sMlNVWkNxekoxeUVtS3B5c0g1SERXOWNzSUZDQTNkZUFqZlpVdk43VSIKICAgICAgICAgICAgfSwKICAgICAgICAgICAgImFsZyI6ICJSUzI1NiIKICAgICAgICAgfSwKICAgICAgICAgInNpZ25hdHVyZSI6ICJLc1NzNnNlRjMxOXloaHNXaU8za3VtNGY0N0FuRUxTNHhteDNJcVg1bHl0aDRsUTlwX2dhYk1LN1liOUR5NEt5cUl0UUVXbWFQMWRJUEJJVXZqa1lvdGRyMGEzUjMtcHYxTlJqZVJEZk9RV2lFOEdWRklMRFpFamhmMW55bGFfRHJOcmx1NjNpQmd0ZU1DU0pNcVZwOHdhUGVEYS1zenRCVTRLT0dGaGE2Yk8wSU4xbFFMMGlmLWVfOF9WMnM2c1BLNnQ0SlNPVUE3VHp1aVo2MC1JSW5ibi01VC1pVi1lMGpXUTZzeXA1T0gxZnR5VWVpMXlvQjlLeXFpaVVZZm9PN0ZRN29LWmQyNjhzOGVqb3JueFVqdGdTaWF2aGZ4cVIyS0xxT1FOeldPSFpMVF9abGtRMHpVUUc4U3c4Z3NsUTBEb2k0SVpBRzRtMkgyQ19Mck9pbHhBRXBEWU9GZE1TeWhlaTBPZ2YzRU9mYzhCel9oc1BkZGFrU1hwUHVQcTJYV3N3SlVXX28zYXhJTjliTnNtUHp2djRscWJ2VVlybkNGWTQzLVEzaTFwajZLQXIzb0FlUG52LUI1dUJGYzJ6dzM0Mkg1NUItVVBBbWZkWnRnTUI5RVplc0d3VXBaMTZDUWFRa2I4M0lDWkdMUG8ybXdERFpsRzM3TmR4V203Vm5nRVFZRGVVU2ZaQS1RM3JqQW9ua1pvbjRNZldLMzVET0h2amV4SUJ5RzljTkU0STVIaGNKQlBqYURFVDRrcE9GcGZtQ1ZlQndiZXRXY21BZXFRWF9DVlpXRFowLWRhQzE4UnBLZU1lVFg5MnVYWU1oeFBpbGR4TzFZaTF4eWdFQzNVTXZYdDZHY0tvcWZtVnRTTUZWME44NWs3b2ZDVnI0Uk9Jc0RsY09pYyIsCiAgICAgICAgICJwcm90ZWN0ZWQiOiAiZXlKbWIzSnRZWFJNWlc1bmRHZ2lPalF6Tnl3aVptOXliV0YwVkdGcGJDSTZJbVpSSWl3aWRHbHRaU0k2SWpJd01qQXRNREV0TWpoVU1URTZNVEU2TlRoYUluMCIKICAgICAgfQogICBdCn0="}
\ No newline at end of file