forked from rpms/cloud-init
Add AlmaLinux OS patches
Signed-off-by: Elkhan Mammadli <elkhan.mammadli@protonmail.com>
This commit is contained in:
parent
6adb79da1b
commit
3d14383522
@ -0,0 +1,482 @@
|
||||
From 1eb69f434883ca685c5ee6136203f28231e18039 Mon Sep 17 00:00:00 2001
|
||||
From: Elkhan Mammadli <elkhan.mammadli@protonmail.com>
|
||||
Date: Tue, 10 Oct 2023 02:11:23 +0400
|
||||
Subject: [PATCH 1/1] Improvements for AlmaLinux OS and CloudLinux OS
|
||||
|
||||
Add AlmaLinux OS and CloudLinux OS support to:
|
||||
|
||||
Modules:
|
||||
- cc_ca_certs
|
||||
- cc_ntp
|
||||
- cc_resolv_conf
|
||||
|
||||
Datasources:
|
||||
- Rbx Cloud Datasource
|
||||
|
||||
Systemd services:
|
||||
- cloud-config.service
|
||||
- cloud-final.service
|
||||
- cloud-init-local.service
|
||||
- cloud-init.service
|
||||
|
||||
Signed-off-by: Elkhan Mammadli <elkhan.mammadli@protonmail.com>
|
||||
---
|
||||
cloudinit/config/cc_ca_certs.py | 8 ++++
|
||||
cloudinit/config/cc_ntp.py | 11 ++---
|
||||
cloudinit/config/cc_resolv_conf.py | 2 +
|
||||
cloudinit/settings.py | 2 +-
|
||||
cloudinit/sources/DataSourceRbxCloud.py | 2 +-
|
||||
systemd/cloud-config.service.tmpl | 2 +-
|
||||
systemd/cloud-final.service.tmpl | 4 +-
|
||||
systemd/cloud-init-local.service.tmpl | 12 ++---
|
||||
systemd/cloud-init.service.tmpl | 4 +-
|
||||
templates/chrony.conf.almalinux.tmpl | 45 ++++++++++++++++++
|
||||
templates/chrony.conf.cloudlinux.tmpl | 45 ++++++++++++++++++
|
||||
templates/ntp.conf.almalinux.tmpl | 61 +++++++++++++++++++++++++
|
||||
templates/ntp.conf.cloudlinux.tmpl | 61 +++++++++++++++++++++++++
|
||||
13 files changed, 238 insertions(+), 21 deletions(-)
|
||||
create mode 100644 templates/chrony.conf.almalinux.tmpl
|
||||
create mode 100644 templates/chrony.conf.cloudlinux.tmpl
|
||||
create mode 100644 templates/ntp.conf.almalinux.tmpl
|
||||
create mode 100644 templates/ntp.conf.cloudlinux.tmpl
|
||||
|
||||
diff --git a/cloudinit/config/cc_ca_certs.py b/cloudinit/config/cc_ca_certs.py
|
||||
index 4dc0868..1665d30 100644
|
||||
--- a/cloudinit/config/cc_ca_certs.py
|
||||
+++ b/cloudinit/config/cc_ca_certs.py
|
||||
@@ -51,6 +51,12 @@ for distro in (
|
||||
):
|
||||
DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["opensuse"]
|
||||
|
||||
+for distro in (
|
||||
+ "almalinux",
|
||||
+ "cloudlinux",
|
||||
+):
|
||||
+ DISTRO_OVERRIDES[distro] = DISTRO_OVERRIDES["rhel"]
|
||||
+
|
||||
MODULE_DESCRIPTION = """\
|
||||
This module adds CA certificates to the system's CA store and updates any
|
||||
related files using the appropriate OS-specific utility. The default CA
|
||||
@@ -66,6 +72,8 @@ configuration option ``remove_defaults``.
|
||||
order to provide the ``update-ca-certificates`` command.
|
||||
"""
|
||||
distros = [
|
||||
+ "almalinux",
|
||||
+ "cloudlinux",
|
||||
"alpine",
|
||||
"debian",
|
||||
"rhel",
|
||||
diff --git a/cloudinit/config/cc_ntp.py b/cloudinit/config/cc_ntp.py
|
||||
index b5620f3..eae4099 100644
|
||||
--- a/cloudinit/config/cc_ntp.py
|
||||
+++ b/cloudinit/config/cc_ntp.py
|
||||
@@ -110,14 +110,6 @@ DISTRO_CLIENT_CONFIG = {
|
||||
"service_name": "ntpd",
|
||||
},
|
||||
},
|
||||
- "centos": {
|
||||
- "ntp": {
|
||||
- "service_name": "ntpd",
|
||||
- },
|
||||
- "chrony": {
|
||||
- "service_name": "chronyd",
|
||||
- },
|
||||
- },
|
||||
"cos": {
|
||||
"chrony": {
|
||||
"service_name": "chronyd",
|
||||
@@ -225,6 +217,9 @@ DISTRO_CLIENT_CONFIG = {
|
||||
for distro in ("opensuse-microos", "opensuse-tumbleweed", "opensuse-leap"):
|
||||
DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["opensuse"]
|
||||
|
||||
+for distro in ("almalinux", "centos", "cloudlinux"):
|
||||
+ DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["rhel"]
|
||||
+
|
||||
for distro in ("sle_hpc", "sle-micro"):
|
||||
DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["sles"]
|
||||
|
||||
diff --git a/cloudinit/config/cc_resolv_conf.py b/cloudinit/config/cc_resolv_conf.py
|
||||
index 4629ca7..21057a1 100644
|
||||
--- a/cloudinit/config/cc_resolv_conf.py
|
||||
+++ b/cloudinit/config/cc_resolv_conf.py
|
||||
@@ -58,7 +58,9 @@ meta: MetaSchema = {
|
||||
"title": "Configure resolv.conf",
|
||||
"description": MODULE_DESCRIPTION,
|
||||
"distros": [
|
||||
+ "almalinux",
|
||||
"alpine",
|
||||
+ "cloudlinux",
|
||||
"fedora",
|
||||
"mariner",
|
||||
"opensuse",
|
||||
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
|
||||
index a36c518..9f0a5f4 100644
|
||||
--- a/cloudinit/settings.py
|
||||
+++ b/cloudinit/settings.py
|
||||
@@ -62,7 +62,7 @@ CFG_BUILTIN = {
|
||||
"cloud_dir": "/var/lib/cloud",
|
||||
"templates_dir": "/etc/cloud/templates/",
|
||||
},
|
||||
- "distro": "rhel",
|
||||
+ "distro": "almalinux",
|
||||
"network": {"renderers": None},
|
||||
},
|
||||
"vendor_data": {"enabled": True, "prefix": []},
|
||||
diff --git a/cloudinit/sources/DataSourceRbxCloud.py b/cloudinit/sources/DataSourceRbxCloud.py
|
||||
index 6890562..0b3c80c 100644
|
||||
--- a/cloudinit/sources/DataSourceRbxCloud.py
|
||||
+++ b/cloudinit/sources/DataSourceRbxCloud.py
|
||||
@@ -60,7 +60,7 @@ def _sub_arp(cmd):
|
||||
|
||||
def gratuitous_arp(items, distro):
|
||||
source_param = "-S"
|
||||
- if distro.name in ["fedora", "centos", "rhel"]:
|
||||
+ if distro.name in ["almalinux", "fedora", "centos", "cloudlinux", "rhel"]:
|
||||
source_param = "-s"
|
||||
for item in items:
|
||||
try:
|
||||
diff --git a/systemd/cloud-config.service.tmpl b/systemd/cloud-config.service.tmpl
|
||||
index d5568a6..a4d6038 100644
|
||||
--- a/systemd/cloud-config.service.tmpl
|
||||
+++ b/systemd/cloud-config.service.tmpl
|
||||
@@ -4,7 +4,7 @@ Description=Apply the settings specified in cloud-config
|
||||
After=network-online.target cloud-config.target
|
||||
After=snapd.seeded.service
|
||||
Wants=network-online.target cloud-config.target
|
||||
-{% if variant == "rhel" %}
|
||||
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
|
||||
ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
ConditionKernelCommandLine=!cloud-init=disabled
|
||||
{% endif %}
|
||||
diff --git a/systemd/cloud-final.service.tmpl b/systemd/cloud-final.service.tmpl
|
||||
index 85f423a..578c7f4 100644
|
||||
--- a/systemd/cloud-final.service.tmpl
|
||||
+++ b/systemd/cloud-final.service.tmpl
|
||||
@@ -7,7 +7,7 @@ After=multi-user.target
|
||||
Before=apt-daily.service
|
||||
{% endif %}
|
||||
Wants=network-online.target cloud-config.service
|
||||
-{% if variant == "rhel" %}
|
||||
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
|
||||
ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
ConditionKernelCommandLine=!cloud-init=disabled
|
||||
{% endif %}
|
||||
@@ -19,7 +19,7 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
|
||||
RemainAfterExit=yes
|
||||
TimeoutSec=0
|
||||
KillMode=process
|
||||
-{% if variant == "rhel" %}
|
||||
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
|
||||
# Restart NetworkManager if it is present and running.
|
||||
ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \
|
||||
out=$(systemctl show --property=SubState $u) || exit; \
|
||||
diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl
|
||||
index 6f3f9d8..f5521c4 100644
|
||||
--- a/systemd/cloud-init-local.service.tmpl
|
||||
+++ b/systemd/cloud-init-local.service.tmpl
|
||||
@@ -1,23 +1,23 @@
|
||||
## template:jinja
|
||||
[Unit]
|
||||
Description=Initial cloud-init job (pre-networking)
|
||||
-{% if variant in ["ubuntu", "unknown", "debian", "rhel" ] %}
|
||||
+{% if variant in ["almalinux", "cloudlinux", "ubuntu", "unknown", "debian", "rhel" ] %}
|
||||
DefaultDependencies=no
|
||||
{% endif %}
|
||||
Wants=network-pre.target
|
||||
After=hv_kvp_daemon.service
|
||||
After=systemd-remount-fs.service
|
||||
-{% if variant == "rhel" %}
|
||||
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
|
||||
Requires=dbus.socket
|
||||
After=dbus.socket
|
||||
{% endif %}
|
||||
Before=NetworkManager.service
|
||||
-{% if variant == "rhel" %}
|
||||
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
|
||||
Before=network.service
|
||||
{% endif %}
|
||||
Before=network-pre.target
|
||||
Before=shutdown.target
|
||||
-{% if variant == "rhel" %}
|
||||
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
|
||||
Before=firewalld.target
|
||||
Conflicts=shutdown.target
|
||||
{% endif %}
|
||||
@@ -26,14 +26,14 @@ Before=sysinit.target
|
||||
Conflicts=shutdown.target
|
||||
{% endif %}
|
||||
RequiresMountsFor=/var/lib/cloud
|
||||
-{% if variant == "rhel" %}
|
||||
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
|
||||
ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
ConditionKernelCommandLine=!cloud-init=disabled
|
||||
{% endif %}
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
-{% if variant == "rhel" %}
|
||||
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
|
||||
ExecStartPre=/bin/mkdir -p /run/cloud-init
|
||||
ExecStartPre=/sbin/restorecon /run/cloud-init
|
||||
ExecStartPre=/usr/bin/touch /run/cloud-init/enabled
|
||||
diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl
|
||||
index 1b1f9a8..875555d 100644
|
||||
--- a/systemd/cloud-init.service.tmpl
|
||||
+++ b/systemd/cloud-init.service.tmpl
|
||||
@@ -1,7 +1,7 @@
|
||||
## template:jinja
|
||||
[Unit]
|
||||
Description=Initial cloud-init job (metadata service crawler)
|
||||
-{% if variant not in ["photon", "rhel"] %}
|
||||
+{% if variant not in ["almalinux", "cloudlinux", "photon", "rhel"] %}
|
||||
DefaultDependencies=no
|
||||
{% endif %}
|
||||
Wants=cloud-init-local.service
|
||||
@@ -39,7 +39,7 @@ Before=shutdown.target
|
||||
Conflicts=shutdown.target
|
||||
{% endif %}
|
||||
Before=systemd-user-sessions.service
|
||||
-{% if variant == "rhel" %}
|
||||
+{% if variant in ["almalinux", "cloudlinux", "rhel"] %}
|
||||
ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
ConditionKernelCommandLine=!cloud-init=disabled
|
||||
{% endif %}
|
||||
diff --git a/templates/chrony.conf.almalinux.tmpl b/templates/chrony.conf.almalinux.tmpl
|
||||
new file mode 100644
|
||||
index 0000000..5b3542e
|
||||
--- /dev/null
|
||||
+++ b/templates/chrony.conf.almalinux.tmpl
|
||||
@@ -0,0 +1,45 @@
|
||||
+## template:jinja
|
||||
+# Use public servers from the pool.ntp.org project.
|
||||
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).
|
||||
+{% if pools %}# pools
|
||||
+{% endif %}
|
||||
+{% for pool in pools -%}
|
||||
+pool {{pool}} iburst
|
||||
+{% endfor %}
|
||||
+{%- if servers %}# servers
|
||||
+{% endif %}
|
||||
+{% for server in servers -%}
|
||||
+server {{server}} iburst
|
||||
+{% endfor %}
|
||||
+
|
||||
+# Record the rate at which the system clock gains/losses time.
|
||||
+driftfile /var/lib/chrony/drift
|
||||
+
|
||||
+# Allow the system clock to be stepped in the first three updates
|
||||
+# if its offset is larger than 1 second.
|
||||
+makestep 1.0 3
|
||||
+
|
||||
+# Enable kernel synchronization of the real-time clock (RTC).
|
||||
+rtcsync
|
||||
+
|
||||
+# Enable hardware timestamping on all interfaces that support it.
|
||||
+#hwtimestamp *
|
||||
+
|
||||
+# Increase the minimum number of selectable sources required to adjust
|
||||
+# the system clock.
|
||||
+#minsources 2
|
||||
+
|
||||
+# Allow NTP client access from local network.
|
||||
+#allow 192.168.0.0/16
|
||||
+
|
||||
+# Serve time even if not synchronized to a time source.
|
||||
+#local stratum 10
|
||||
+
|
||||
+# Specify file containing keys for NTP authentication.
|
||||
+#keyfile /etc/chrony.keys
|
||||
+
|
||||
+# Specify directory for log files.
|
||||
+logdir /var/log/chrony
|
||||
+
|
||||
+# Select which information is logged.
|
||||
+#log measurements statistics tracking
|
||||
diff --git a/templates/chrony.conf.cloudlinux.tmpl b/templates/chrony.conf.cloudlinux.tmpl
|
||||
new file mode 100644
|
||||
index 0000000..5b3542e
|
||||
--- /dev/null
|
||||
+++ b/templates/chrony.conf.cloudlinux.tmpl
|
||||
@@ -0,0 +1,45 @@
|
||||
+## template:jinja
|
||||
+# Use public servers from the pool.ntp.org project.
|
||||
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).
|
||||
+{% if pools %}# pools
|
||||
+{% endif %}
|
||||
+{% for pool in pools -%}
|
||||
+pool {{pool}} iburst
|
||||
+{% endfor %}
|
||||
+{%- if servers %}# servers
|
||||
+{% endif %}
|
||||
+{% for server in servers -%}
|
||||
+server {{server}} iburst
|
||||
+{% endfor %}
|
||||
+
|
||||
+# Record the rate at which the system clock gains/losses time.
|
||||
+driftfile /var/lib/chrony/drift
|
||||
+
|
||||
+# Allow the system clock to be stepped in the first three updates
|
||||
+# if its offset is larger than 1 second.
|
||||
+makestep 1.0 3
|
||||
+
|
||||
+# Enable kernel synchronization of the real-time clock (RTC).
|
||||
+rtcsync
|
||||
+
|
||||
+# Enable hardware timestamping on all interfaces that support it.
|
||||
+#hwtimestamp *
|
||||
+
|
||||
+# Increase the minimum number of selectable sources required to adjust
|
||||
+# the system clock.
|
||||
+#minsources 2
|
||||
+
|
||||
+# Allow NTP client access from local network.
|
||||
+#allow 192.168.0.0/16
|
||||
+
|
||||
+# Serve time even if not synchronized to a time source.
|
||||
+#local stratum 10
|
||||
+
|
||||
+# Specify file containing keys for NTP authentication.
|
||||
+#keyfile /etc/chrony.keys
|
||||
+
|
||||
+# Specify directory for log files.
|
||||
+logdir /var/log/chrony
|
||||
+
|
||||
+# Select which information is logged.
|
||||
+#log measurements statistics tracking
|
||||
diff --git a/templates/ntp.conf.almalinux.tmpl b/templates/ntp.conf.almalinux.tmpl
|
||||
new file mode 100644
|
||||
index 0000000..62b4776
|
||||
--- /dev/null
|
||||
+++ b/templates/ntp.conf.almalinux.tmpl
|
||||
@@ -0,0 +1,61 @@
|
||||
+## template:jinja
|
||||
+
|
||||
+# For more information about this file, see the man pages
|
||||
+# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
|
||||
+
|
||||
+driftfile /var/lib/ntp/drift
|
||||
+
|
||||
+# Permit time synchronization with our time source, but do not
|
||||
+# permit the source to query or modify the service on this system.
|
||||
+restrict default kod nomodify notrap nopeer noquery
|
||||
+restrict -6 default kod nomodify notrap nopeer noquery
|
||||
+
|
||||
+# Permit all access over the loopback interface. This could
|
||||
+# be tightened as well, but to do so would effect some of
|
||||
+# the administrative functions.
|
||||
+restrict 127.0.0.1
|
||||
+restrict -6 ::1
|
||||
+
|
||||
+# Hosts on local network are less restricted.
|
||||
+#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
|
||||
+
|
||||
+# Use public servers from the pool.ntp.org project.
|
||||
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).
|
||||
+{% if pools %}# pools
|
||||
+{% endif %}
|
||||
+{% for pool in pools -%}
|
||||
+pool {{pool}} iburst
|
||||
+{% endfor %}
|
||||
+{%- if servers %}# servers
|
||||
+{% endif %}
|
||||
+{% for server in servers -%}
|
||||
+server {{server}} iburst
|
||||
+{% endfor %}
|
||||
+
|
||||
+#broadcast 192.168.1.255 autokey # broadcast server
|
||||
+#broadcastclient # broadcast client
|
||||
+#broadcast 224.0.1.1 autokey # multicast server
|
||||
+#multicastclient 224.0.1.1 # multicast client
|
||||
+#manycastserver 239.255.254.254 # manycast server
|
||||
+#manycastclient 239.255.254.254 autokey # manycast client
|
||||
+
|
||||
+# Enable public key cryptography.
|
||||
+#crypto
|
||||
+
|
||||
+includefile /etc/ntp/crypto/pw
|
||||
+
|
||||
+# Key file containing the keys and key identifiers used when operating
|
||||
+# with symmetric key cryptography.
|
||||
+keys /etc/ntp/keys
|
||||
+
|
||||
+# Specify the key identifiers which are trusted.
|
||||
+#trustedkey 4 8 42
|
||||
+
|
||||
+# Specify the key identifier to use with the ntpdc utility.
|
||||
+#requestkey 8
|
||||
+
|
||||
+# Specify the key identifier to use with the ntpq utility.
|
||||
+#controlkey 8
|
||||
+
|
||||
+# Enable writing of statistics records.
|
||||
+#statistics clockstats cryptostats loopstats peerstats
|
||||
diff --git a/templates/ntp.conf.cloudlinux.tmpl b/templates/ntp.conf.cloudlinux.tmpl
|
||||
new file mode 100644
|
||||
index 0000000..62b4776
|
||||
--- /dev/null
|
||||
+++ b/templates/ntp.conf.cloudlinux.tmpl
|
||||
@@ -0,0 +1,61 @@
|
||||
+## template:jinja
|
||||
+
|
||||
+# For more information about this file, see the man pages
|
||||
+# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
|
||||
+
|
||||
+driftfile /var/lib/ntp/drift
|
||||
+
|
||||
+# Permit time synchronization with our time source, but do not
|
||||
+# permit the source to query or modify the service on this system.
|
||||
+restrict default kod nomodify notrap nopeer noquery
|
||||
+restrict -6 default kod nomodify notrap nopeer noquery
|
||||
+
|
||||
+# Permit all access over the loopback interface. This could
|
||||
+# be tightened as well, but to do so would effect some of
|
||||
+# the administrative functions.
|
||||
+restrict 127.0.0.1
|
||||
+restrict -6 ::1
|
||||
+
|
||||
+# Hosts on local network are less restricted.
|
||||
+#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
|
||||
+
|
||||
+# Use public servers from the pool.ntp.org project.
|
||||
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).
|
||||
+{% if pools %}# pools
|
||||
+{% endif %}
|
||||
+{% for pool in pools -%}
|
||||
+pool {{pool}} iburst
|
||||
+{% endfor %}
|
||||
+{%- if servers %}# servers
|
||||
+{% endif %}
|
||||
+{% for server in servers -%}
|
||||
+server {{server}} iburst
|
||||
+{% endfor %}
|
||||
+
|
||||
+#broadcast 192.168.1.255 autokey # broadcast server
|
||||
+#broadcastclient # broadcast client
|
||||
+#broadcast 224.0.1.1 autokey # multicast server
|
||||
+#multicastclient 224.0.1.1 # multicast client
|
||||
+#manycastserver 239.255.254.254 # manycast server
|
||||
+#manycastclient 239.255.254.254 autokey # manycast client
|
||||
+
|
||||
+# Enable public key cryptography.
|
||||
+#crypto
|
||||
+
|
||||
+includefile /etc/ntp/crypto/pw
|
||||
+
|
||||
+# Key file containing the keys and key identifiers used when operating
|
||||
+# with symmetric key cryptography.
|
||||
+keys /etc/ntp/keys
|
||||
+
|
||||
+# Specify the key identifiers which are trusted.
|
||||
+#trustedkey 4 8 42
|
||||
+
|
||||
+# Specify the key identifier to use with the ntpdc utility.
|
||||
+#requestkey 8
|
||||
+
|
||||
+# Specify the key identifier to use with the ntpq utility.
|
||||
+#controlkey 8
|
||||
+
|
||||
+# Enable writing of statistics records.
|
||||
+#statistics clockstats cryptostats loopstats peerstats
|
||||
--
|
||||
2.41.0
|
||||
|
Loading…
Reference in New Issue
Block a user