chef-automate deploy has preflight checks when hab-builder is enabled

[ryancragun]

We should assert that the system is in a known good state before deploying

Acceptance Criteria:

• Preflight checks should fail if system doesn't have ample storage space
  for core packages (~14GB right now)
• OAuth configuration is valid. (Perhaps do basic connectivity test and/or
  round trip after verifying field validity)
• Ensure that the ulimit is over 65k

Questions?

• Are there other checks we need?

[stevendanna]

Ensure that the ulimit is over 65k

At runtime, our ulimit is going to largely unrelated to the shell that the user runs chef-automate deploy in. Is this ulimit need for the install process itself or at service runtime? If the latter, I think it may be better to move this from a preflight check and into something we guarantee as part of service startup.

[chefsalim]

A couple of other things to consider:

1. TLS certs are valid (eg, if TLS is enabled for on-prem builder)
2. Check for IPv6 to avoid issues like builder-api-proxy crashes if IPV6 is disabled on the machine habitat-sh/on-prem-builder#207

[stevendanna]

@chefsalim We have some IPv6 capability checking code and can add it if needed, but in automate we've tried to support a variety of configurations. Might supporting both be possible? For nginx specifically we do:

https://github.com/chef/automate/blob/master/components/automate-load-balancer/habitat/config/nginx.conf#L92-L95

[chefsalim]

Right... Builder does support IPv6, It's mostly ensuring that the config matches the machine state so just calling that out as a potential preflight check.