Skip to content

Commit

Permalink
Update u-root and userspace to debian-11 (#105)
Browse files Browse the repository at this point in the history
  • Loading branch information
majst01 authored Jan 10, 2024
1 parent c9d5d17 commit 29900d8
Show file tree
Hide file tree
Showing 6 changed files with 30 additions and 12 deletions.
12 changes: 9 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,12 @@ RUN curl -fLsS https://sourceforge.net/projects/e1000/files/ice%20stable/${ICE_V
&& mkdir -p /lib/firmware/intel/ice/ddp/ \
&& mv ice-${ICE_VERSION}/ddp/ice-${ICE_PKG_VERSION}.pkg /work/ice.pkg

FROM golang:1.14-buster as initrd-builder
ENV UROOT_GIT_SHA_OR_TAG=v0.7.0
# ipmitool from bookworm is broken and returns with error on most commands
FROM golang:1.20-bullseye as initrd-builder
ENV UROOT_GIT_SHA_OR_TAG=v0.11.0
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
ca-certificates \
curl \
dosfstools \
e2fsprogs \
Expand All @@ -30,14 +32,18 @@ RUN apt-get update \
nvme-cli \
pciutils \
strace \
util-linux
util-linux \
# this is required, otherwise uroot complains that these files already exist
&& rm -f /etc/passwd /etc/lvm/lvmlocal.conf
RUN mkdir -p ${GOPATH}/src/github.com/u-root \
&& cd ${GOPATH}/src/github.com/u-root \
&& git clone https://github.com/u-root/u-root \
&& cd u-root \
&& git checkout ${UROOT_GIT_SHA_OR_TAG} \
&& GO111MODULE=off go install
WORKDIR /work
RUN mkdir -p /work/etc/lvm /work/etc/ssl/certs /work/lib/firmware/intel/ice/ddp/ /work/var/run \
&& cp /usr/share/zoneinfo/Etc/UTC /work/etc/localtime
COPY lvmlocal.conf metal.key metal.key.pub passwd varrun Makefile .git /work/
COPY --from=r.metal-stack.io/metal/supermicro:2.12.0 /usr/bin/sum /work/
COPY --from=builder /common /common
Expand Down
5 changes: 3 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ ramdisk:
-format=cpio -build=bb \
-defaultsh=/bin/bash \
-files="bin/metal-hammer:bbin/uinit" \
-files="/etc/ssl/certs/ca-certificates.crt:etc/ssl/certs/ca-certificates.crt" \
-files="/etc/localtime:etc/localtime" \
-files="/bin/bash:bin/bash" \
-files="/sbin/blkid:sbin/blkid" \
Expand All @@ -56,8 +57,8 @@ ramdisk:
-files="/sbin/mdmon:sbin/mdmon" \
-files="/sbin/sgdisk:sbin/sgdisk" \
-files="/sbin/wipefs:sbin/wipefs" \
-files="/etc/ssl/certs/ca-certificates.crt:etc/ssl/certs/ca-certificates.crt" \
-files="/usr/lib/x86_64-linux-gnu/libnss_files.so:lib/libnss_files.so.2" \
-files="/lib/x86_64-linux-gnu/libnss_files-2.31.so:lib/x86_64-linux-gnu/libnss_files-2.31.so" \
-files="/lib/x86_64-linux-gnu/libnss_files.so.2:lib/x86_64-linux-gnu/libnss_files.so.2" \
-files="passwd:etc/passwd" \
-files="varrun:var/run/keep" \
-files="ice.pkg:lib/firmware/intel/ice/ddp/ice.pkg" \
Expand Down
4 changes: 2 additions & 2 deletions cmd/storage/wipe.go
Original file line number Diff line number Diff line change
Expand Up @@ -124,15 +124,15 @@ func isNVMeDisk(device string) bool {
}

// Secure erase is done via:
// nvme-cli --format --ses=1 /dev/nvme0n1
// nvme-cli --format --force --ses=1 /dev/nvme0n1
// see: https://github.com/linux-nvme/nvme-cli/blob/master/Documentation/nvme-format.txt
//
// TODO: configure qemu to map a disk with the nvme format:
// https://github.com/nvmecompliance/manage/blob/master/runQemu.sh
// https://github.com/arunar/nvmeqemu
func (d *Disks) secureEraseNVMe(device string) error {
d.log.Infow("wipe", "disk", device, "message", "start very fast deleting of existing data")
err := os.ExecuteCommand(command.NVME, "--format", "--ses=1", device)
err := os.ExecuteCommand(command.NVME, "--format", "--force", "--ses=1", device)
if err != nil {
return fmt.Errorf("unable to secure erase nvme disk %s %w", device, err)
}
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ require (
github.com/vishvananda/netlink v1.2.1-beta.2
go.uber.org/zap v1.26.0
// TODO remove once we really migrated the build to 1.21
golang.org/x/exp v0.0.0-20231108232855-2478ac86f678
golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa
golang.org/x/sync v0.5.0
golang.org/x/sys v0.14.0
google.golang.org/grpc v1.59.0
Expand Down
2 changes: 2 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -336,6 +336,8 @@ golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA=
golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g=
golang.org/x/exp v0.0.0-20231108232855-2478ac86f678 h1:mchzmB1XO2pMaKFRqk/+MV3mgGG96aqaPXaMifQU47w=
golang.org/x/exp v0.0.0-20231108232855-2478ac86f678/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE=
golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ=
golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
Expand Down
17 changes: 13 additions & 4 deletions main.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package main
import (
"fmt"
"os"
"syscall"
"time"

"github.com/metal-stack/v"
Expand All @@ -23,7 +24,13 @@ func main() {
panic("cmd args are not supported")
}

err := updateResolvConf()
err := syscall.Unmount("/etc", syscall.MNT_FORCE)
if err != nil {
fmt.Printf("unable to umount /etc, which is overmounted with tmpfs %s", err)
os.Exit(1)
}

err = updateResolvConf()
if err != nil {
fmt.Printf("error updating resolv.conf %s", err)
os.Exit(1)
Expand Down Expand Up @@ -87,9 +94,11 @@ func updateResolvConf() error {
symlink := "/etc/resolv.conf"
target := "/proc/net/pnp"

err := os.Remove(symlink)
if err != nil {
return err
if _, err := os.Stat(symlink); !os.IsNotExist(err) {
err := os.Remove(symlink)
if err != nil {
return err
}
}

return os.Symlink(target, symlink)
Expand Down

0 comments on commit 29900d8

Please sign in to comment.