0e7024f9a7
Initial delivery of UEFI system node installs did not
use the signed boot loader. As a result Secure Boot
of system nodes was not supported. This update changes
that by swapping in the signed bootx64.efi boot loader
in a puppet update ; see depends on.
This update modifies to the pxe-network-installer
and kickstart to support a robust UEFI system node
install that supports Secure Boot.
The first change creates and uses an stx template
file from LAT grub file. This is done to avoid ongoing
and difficult to implement LAT grub file hack changes
from the kickstart.
This new grub.cg.stx file is packaged in the
pxe-network-installer.
The kickstarts are modified to replace the LAT grub.cfg
file with the new stx template file grub.cfg.stx. As far
as this update goes, this template file is a null change
from the LAT grub file and represents what the LAT grub
file looked like at the time the template was created.
Moving forward, further changes to the system node
install grub file will be made to this new grub.cfg.stx
template file.
The second change is to modify existing stx unprovisioned
default pxe-grub.cfg files to look for the new mac based
config file with the '.cfg' extention.
The system node install mac-based grub files are dynamically
created with no signature file. To work around that, this
update exports the LAT environment variable 'skip_check_cfg'
which instructs LAT to 'skip' the grub menu signature 'check'
for these dynamically created grub files.
An additional change is made to handle timer reload on menu
refresh if the new node remains unprovisioned after timeout.
Test Plan:
PASS: Verify the default LAT file is renamed and the new
template file positioned in its place.
PASS: Verify Debian pxe-network-installer package update
PASS: Verify Debian AIO DX UEFI Install
PASS: Verify CentOS kickstarts do not require the kickstart change
PASS: Verify build and UEFI install
- Debian
- CentOS
PASS: Verify unprovisioned grub menu reload handling with
re-occuring timeout until node is provisioned.
Regression:
PASS: Verify host-delete and host-update install and unlock
PASS: Verify host-reinstall and host-unlock
PASS: Verify lock/unlock controller-1 and controller-0
PASS: Verify lock/delete/reinstall/unlock controller-1
PASS: Verify swact to controller-1
PASS: Verify lock/delete/reinstall/unlock controller-0
Depends-On: https://review.opendev.org/c/starlingx/stx-puppet/+/863776
Story: 2009968
Task: 46701
Signed-off-by: Eric MacDonald <eric.macdonald@windriver.com>
Change-Id: Id073842ac1b29acf54c999022a9e37d4c2366031
|
||
|---|---|---|
| api-ref/source | ||
| bsp-files | ||
| devstack | ||
| doc | ||
| installer | ||
| kickstart | ||
| mtce | ||
| mtce-common | ||
| mtce-compute | ||
| mtce-control | ||
| mtce-storage | ||
| releasenotes | ||
| tools/rvmc | ||
| .gitignore | ||
| .gitreview | ||
| .zuul.yaml | ||
| CONTRIBUTORS.wrs | ||
| LICENSE | ||
| README.rst | ||
| centos_build_layer.cfg | ||
| centos_iso_image.inc | ||
| centos_pkg_dirs | ||
| centos_stable_docker_images.inc | ||
| debian_build_layer.cfg | ||
| debian_iso_image.inc | ||
| debian_pkg_dirs | ||
| debian_stable_docker_images.inc | ||
| pylint.rc | ||
| test-requirements.txt | ||
| tox.ini | ||
README.rst
metal
StarlingX Bare Metal Management