Merge pull request omniosorg#199 from citrus-it/azure

Add azure image build script

build/ami

@@ -12,7 +12,7 @@
 # http://www.illumos.org/license/CDDL.
 # }}}
 #
-# Copyright 2020 OmniOS Community Edition (OmniOSce) Association.
+# Copyright 2021 OmniOS Community Edition (OmniOSce) Association.
 #
 
 SRCDIR=`dirname $0`
@@ -28,15 +28,10 @@ find_zfssend
 set -e
 
 customise() {
-    # In case we are preparing a pre-release, temporarily add staging
-    lVERSION="`echo $VERSION | sed 's/[a-z]//g'`"
-    pkg -R $ALTROOT set-publisher \
-        -g https://pkg.omnios.org/r$lVERSION/staging omnios || true
+    typeset root="${1?altroot}"
 
-    # Allow root to ssh in
-    log "...setting PermitRootLogin=yes in sshd_config"
-    sed -i -e 's%^PermitRootLogin.*%PermitRootLogin without-password%' \
-        $ALTROOT/etc/ssh/sshd_config
+    img_permit_rootlogin $root without-password
+    img_dedicated_home $root
 
     # Set up to use DNS
     log "...enabling DNS resolution"
@@ -45,25 +40,29 @@ customise() {
     # Install ec2-credential package
     # rsync needed for vagrant
     log "...installing EC2 and rsync packages"
-    pkg -R $ALTROOT install network/rsync ec2-credential
+    img_install_pkg $root network/rsync ec2-credential
+
+    log "... installing noautofs profile"
+    img_install_profile $root $SRCDIR/../etc/noautofs.xml
+    img_install_profile $root $SRCDIR/../etc/rsyslog.xml
 
     # Decrease boot delay
-    cat << EOM > $ALTROOT/boot/loader.conf.local
+    cat << EOM > $root/boot/loader.conf.local
 autoboot_delay=1
 EOM
 
-    pkg -R $ALTROOT set-publisher \
-        -G https://pkg.omnios.org/r$lVERSION/staging omnios || true
-
-    Postboot '/sbin/dladm | tee /dev/msglog'
-    Postboot '/sbin/ipadm create-if xnf0 | tee /dev/msglog'
-    Postboot '/sbin/ipadm create-addr -T dhcp xnf0/v4 | tee /dev/msglog'
-    Postboot 'for i in $(seq 0 9); do curl -f http://169.254.169.254/ >/dev/null 2>&1 && break; sleep 1; done'
-    Postboot 'HOSTNAME=$(curl http://169.254.169.254/latest/meta-data/hostname)'
-    Postboot '[ -z "$HOSTNAME" ] || (hostname $HOSTNAME && echo $HOSTNAME >/etc/nodename)'
-    Postboot '/usr/sbin/svcadm restart network/service'
-    Postboot '/sbin/ipadm | tee /dev/msglog'
-    Postboot '/bin/netstat -rn | tee /dev/msglog'
+    img_postboot_block $root << EOM
+/bin/cp /etc/nsswitch.{dns,conf}
+/sbin/ipadm create-if xnf0 | tee /dev/msglog
+/sbin/ipadm create-addr -T dhcp xnf0/v4 | tee /dev/msglog
+for i in \$(seq 0 9); do
+    curl -f http://169.254.169.254/ >/dev/null 2>&1 && break
+    sleep 1
+done
+HOSTNAME=\$(curl http://169.254.169.254/latest/meta-data/hostname)
+[ -n "\$HOSTNAME" ] && uname -S \$HOSTNAME && echo \$HOSTNAME >/etc/nodename}
+/usr/sbin/svcadm restart network/service
+EOM
 }
 
 HVM_Image_Init 8G rpool ami omnios-r$VERSION

build/azure

@@ -0,0 +1,73 @@
+#!/bin/bash
+#
+# {{{ CDDL HEADER
+#
+# This file and its contents are supplied under the terms of the
+# Common Development and Distribution License ("CDDL"), version 1.0.
+# You may only use this file in accordance with the terms of version
+# 1.0 of the CDDL.
+#
+# A full copy of the text of the CDDL should have accompanied this
+# source. A copy of the CDDL is also available via the Internet at
+# http://www.illumos.org/license/CDDL.
+# }}}
+#
+# Copyright 2021 OmniOS Community Edition (OmniOSce) Association.
+#
+
+SRCDIR=`dirname $0`
+[ ${SRCDIR:0:1} = "/" ] || SRCDIR=`pwd`/$SRCDIR
+
+. $SRCDIR/../lib/hvm_help.sh
+
+[ -z "$BUILDSEND_MP" ] && BUILDSEND_MP=/kayak_image
+
+find_zfssend
+[ ! -f $ZFSSEND ] && echo "ZFS Image ($ZFSSEND) missing" && exit
+
+set -e
+
+customise() {
+    typeset root="${1?altroot}"
+
+    img_permit_rootlogin $root without-password
+    img_dedicated_home $root
+    img_serial_console $root
+
+    log "...installing azure-agent package"
+    img_install_pkg $root azure-agent
+
+    log "... installing azure profile"
+    img_install_profile $root $SRCDIR/../etc/azure.xml
+    img_install_profile $root $SRCDIR/../etc/rsyslog.xml
+
+    img_postboot_block $root << EOM
+/sbin/ipadm create-if hv_netvsc0 | tee /dev/msglog
+/sbin/ipadm create-addr -T dhcp hv_netvsc0/dhcp | tee /dev/msglog
+/bin/cp /etc/nsswitch.{dns,conf}
+/usr/sbin/svcadm restart network/service
+EOM
+}
+
+HVM_Image_Init 8G rpool azure omnios-r$VERSION
+HVM_Image_Build "-fB -o ashift=12" $ZFSSEND omnios customise
+HVM_Image_Finalise 1 "/dev/dsk/c1d0s1" "/pci@0,0/pci-ide@7,1/ide@0/cmdk@0,0:b" \
+    "id1,cmdk@f0000000000000000000000000000/b" -keeplofi
+
+echo "Creating raw disk image"
+
+rm -f $BUILDSEND_MP/azure-$VERSION.{raw,vhd}
+dd if=$HVMlofi of=$BUILDSEND_MP/azure-$VERSION.raw bs=2048
+lofiadm -d $HVMlofi
+zfs destroy -r $HVMdataset
+
+conv=`mktemp`
+wget -O $conv https://mirrors.omnios.org/vhd/raw2vhd.py
+echo "Creating vhd disk image"
+python2 $conv $BUILDSEND_MP/azure-$VERSION.{raw,vhd}
+rm -f $conv
+rm -f $BUILDSEND_MP/azure-$VERSION.raw
+ls -lh $BUILDSEND_MP/azure-$VERSION.vhd
+
+# Vim hints
+# vim:ts=4:sw=4:et:fdm=marker

build/bhyve

@@ -12,7 +12,7 @@
 # http://www.illumos.org/license/CDDL.
 # }}}
 #
-# Copyright 2020 OmniOS Community Edition (OmniOSce) Association.
+# Copyright 2021 OmniOS Community Edition (OmniOSce) Association.
 #
 
 SRCDIR=`dirname $0`
@@ -28,11 +28,18 @@ find_zfssend
 set -e
 
 customise() {
-    echo "-h" > $ALTROOT/boot/config
-    cat << EOM > $ALTROOT/boot/conf.d/serial
-console="ttya"
-os_console="ttya"
-ttya-mode="115200,8,n,1,-"
+    typeset root="${1?altroot}"
+
+    img_permit_rootlogin $root without-password
+    img_dedicated_home $root
+    img_serial_console $root
+
+    log "... installing noautofs profile"
+    img_install_profile $root $SRCDIR/../etc/noautofs.xml
+    img_install_profile $root $SRCDIR/../etc/rsyslog.xml
+
+    img_postboot_block $root << EOM
+/bin/cp /etc/nsswitch.{dns,conf}
 EOM
 }
 
@@ -48,5 +55,7 @@ zfs destroy -r $HVMdataset
 rm -f $BUILDSEND_MP/r$VERSION.bhyve.xz
 xz -9v $BUILDSEND_MP/r$VERSION.bhyve
 
+ls -lh $BUILDSEND_MP/r$VERSION.bhyve.xz
+
 # Vim hints
 # vim:ts=4:sw=4:et:fdm=marker

etc/azure.xml

@@ -5,4 +5,7 @@
   <service name='system/virtualization/waagent' version='1' type='service'>
     <instance name='default' enabled='true'/>
   </service>
+  <service name='system/filesystem/autofs' version='1' type='service'>
+    <instance name='default' enabled='false'/>
+  </service>
 </service_bundle>

lib/hvm_help.sh

@@ -14,6 +14,9 @@
 # Copyright 2021 OmniOS Community Edition (OmniOSce) Association.
 #
 
+[ -n "$_KAYAK_LIB_HVM" ] && return
+_KAYAK_LIB_HVM=1
+
 . $SRCDIR/../lib/install_help.sh 2>/dev/null
 . $SRCDIR/../lib/disk_help.sh
 . $SRCDIR/../lib/net_help.sh
@@ -112,8 +115,8 @@ function HVM_Image_Build {
 	echo "Clearing any old pool"
 	zpool destroy -f $HVMtmprpool 2>/dev/null || true
 
-	zpool create $poolopts \
-	    -t $HVMtmprpool -m $HVMpoolmount $HVMrpool $HVMdisk
+	zpool create $poolopts -R $HVMpoolmount -t $HVMtmprpool \
+	    $HVMrpool $HVMdisk
 
 	BE_Create_Root $HVMtmprpool
 	BE_Receive_Image cat "xz -dc" $HVMtmprpool $HVMbename $zfssend
@@ -127,7 +130,7 @@ function HVM_Image_Build {
 	echo $hostname > $HVMaltroot/etc/nodename
 
 	# Any additional customisation
-	[ -n "$custom" ] && $custom
+	[ -n "$custom" ] && $custom "$HVMaltroot"
 
 	# Force new IPS UUID on first pkg invocation.
 	sed -i '/^last_uuid/d' $HVMaltroot/var/pkg/pkg5.image
@@ -142,7 +145,7 @@ function HVM_Image_Build {
 	# First boot configuration
 	#
 
-	# Pools are deliberately created with no features enabled and then
+	# Pools are sometimes created with no features enabled and then
 	# updated on first boot to add all features supported on the target
 	# system.
 	Postboot 'zpool upgrade -a'
@@ -174,5 +177,82 @@ function HVM_Image_Finalise {
 	esac
 }
 
+function img_version {
+    typeset root="${1?altroot}"; shift
+
+    awk -F= '$1 == "VERSION" {
+        gsub(/[a-z]/, "")
+        print $2
+        }' $root/etc/os-release
+}
+
+function img_install_pkg {
+    typeset root="${1?altroot}"; shift
+
+    log "...installing packages: $*"
+
+    # In case we are preparing a pre-release, temporarily add staging
+    typeset ver=`img_version $root`
+    if (( ver % 2 == 0 )); then
+        pkg -R $root set-publisher \
+            -g https://pkg.omnios.org/$repo/staging omnios || true
+    fi
+    logcmd pkg -R $root install "$@"
+    if (( ver % 2 == 0 )); then
+        pkg -R $root set-publisher \
+            -G https://pkg.omnios.org/$repo/staging omnios || true
+    fi
+}
+
+function img_install_profile {
+    typeset root="${1?altroot}"; shift
+    typeset profile="${1?profile}"; shift
+
+    logcmd cp $profile $root/etc/svc/profile/site/
+}
+
+function img_permit_rootlogin {
+    typeset root="${1?altroot}"; shift
+    typeset type="${2:-without-password}"; shift
+
+    log "...setting PermitRootLogin=$type in sshd_config"
+
+    sed -i -e "s%^PermitRootLogin.*%PermitRootLogin $type%" \
+        $root/etc/ssh/sshd_config
+}
+
+function img_postboot_block {
+    typeset root="${1?altroot}"; shift
+
+    while read line; do
+        log "Postboot - '$line'"
+        echo "$line" >> $root/.initialboot
+    done
+}
+
+function img_serial_console {
+    typeset root="${1?altroot}"; shift
+
+    log "...enabling serial console"
+
+    cat << EOM > $root/boot/conf.d/serial
+console="ttya"
+os_console="ttya"
+ttya-mode="115200,8,n,1,-"
+EOM
+    printf "%s" "-h" > $root/boot/config
+}
+
+function img_dedicated_home {
+    typeset root="${1?altroot}"; shift
+
+    img_postboot_block $root << EOM
+/sbin/zfs destroy -r rpool/export
+/sbin/zfs create -o mountpoint=/home rpool/home
+/bin/chmod 0555 /home
+/usr/sbin/useradd -D -b /home
+EOM
+}
+
 # Vim hints
 # vim:ts=4:sw=4:et:fdm=marker

lib/vm.sh

@@ -28,6 +28,14 @@ function vm_azure {
     runpkg install --no-refresh --no-index \
         -g /.cdrom/image/p5p/azure.p5p azure-agent
     cp /kayak/etc/azure.xml $ALTROOT/etc/svc/profile/site/
+    sed -i '/^MANAGE_ZFS=NO/s/^/#/' $ALTROOT/etc/default/useradd
+    sed -i '/^#MANAGE_ZFS=YES/s/#//' $ALTROOT/etc/default/useradd
+    {
+		echo "/sbin/zfs destroy -r $RPOOL/export"
+		echo "/sbin/zfs create -o mountpoint=/home $RPOOL/home"
+		echo "chmod 0555 /home"		# as per SUNWcs
+		echo "/usr/sbin/useradd -D -b /home"
+    } >> $ALTROOT/.initialboot
 }
 
 function setupvm {