aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorpmikus <peter.mikus@protonmail.ch>2024-05-23 13:37:23 +0200
committerPeter Mikus <peter.mikus@protonmail.ch>2024-05-30 05:15:45 +0000
commitd556bc7cedc5dfd3f942e5fbe1c2df00ab114a6e (patch)
tree47a3f9c241f54950f75fd00c4614b1cffbb0a5d4
parentda7789571bf1de68615f86fb08ac283a29acd001 (diff)
fix(packer): Update AWS image
Signed-off-by: Peter Mikus <peter.mikus@protonmail.ch> Change-Id: I1907fcb88dff0bb62cc6f5a8bf3ea58e3ad1578d (cherry picked from commit fa300743951b31a8109769c075d1edba9e6a85bd)
-rw-r--r--fdio.infra.ansible/roles/aws/defaults/main.yaml6
-rw-r--r--fdio.infra.ansible/roles/aws/handlers/main.yaml5
-rw-r--r--fdio.infra.ansible/roles/aws/tasks/main.yaml119
-rw-r--r--fdio.infra.ansible/roles/trex/tasks/deploy_block.yaml22
-rw-r--r--fdio.infra/packer-aws-sut/ubuntu_jammy_x86.pkr.hcl12
5 files changed, 89 insertions, 75 deletions
diff --git a/fdio.infra.ansible/roles/aws/defaults/main.yaml b/fdio.infra.ansible/roles/aws/defaults/main.yaml
index 5b6978da51..a0150eae37 100644
--- a/fdio.infra.ansible/roles/aws/defaults/main.yaml
+++ b/fdio.infra.ansible/roles/aws/defaults/main.yaml
@@ -15,12 +15,10 @@ packages_base:
packages_by_distro:
ubuntu:
- - "linux-image-5.4.0-1009-aws"
- - "linux-headers-5.4.0-1009-aws"
- - "linux-tools-5.4.0-1009-aws"
+ - []
packages_by_arch:
aarch64:
- []
x86_64:
- - [] \ No newline at end of file
+ - []
diff --git a/fdio.infra.ansible/roles/aws/handlers/main.yaml b/fdio.infra.ansible/roles/aws/handlers/main.yaml
index d55db1c22f..bc160a3263 100644
--- a/fdio.infra.ansible/roles/aws/handlers/main.yaml
+++ b/fdio.infra.ansible/roles/aws/handlers/main.yaml
@@ -18,3 +18,8 @@
reboot_timeout: 3600
tags:
- reboot-server
+
+- name: Restart SSHd
+ ansible.builtin.service:
+ name: sshd
+ state: restarted
diff --git a/fdio.infra.ansible/roles/aws/tasks/main.yaml b/fdio.infra.ansible/roles/aws/tasks/main.yaml
index b5132c1909..b33848e2d2 100644
--- a/fdio.infra.ansible/roles/aws/tasks/main.yaml
+++ b/fdio.infra.ansible/roles/aws/tasks/main.yaml
@@ -13,18 +13,6 @@
tags:
- aws-inst-prerequisites
-- name: Switch Kernel At Boot
- ansible.builtin.lineinfile:
- path: "/etc/default/grub"
- state: "present"
- line: "GRUB_DEFAULT=\"1>2\""
- notify:
- - "Update GRUB"
- tags:
- - perf-conf-grub
-
-- meta: flush_handlers
-
- name: Load Kernel Modules By Default
ansible.builtin.lineinfile:
path: "/etc/modules"
@@ -58,55 +46,78 @@
tags:
- aws-load-kernel-modules
-#- name: Get vfio-pci With WC Patcher
-# ansible.builtin.get_url:
-# url: "https://github.com/amzn/amzn-drivers/raw/master/userspace/dpdk/enav2-vfio-patch/get-vfio-with-wc.sh"
-# dest: "/opt/get-vfio-with-wc.sh"
-# mode: 0744
-# tags:
-# - aws-vfio-patch
-
-- name: Create vfio-pci Patch Directory
- ansible.builtin.file:
- path: "/opt/patches/"
- state: "directory"
+- name: Kernel Parameters
+ ansible.builtin.lineinfile:
+ path: "/etc/default/grub"
+ state: "present"
+ regexp: "^GRUB_CMDLINE_LINUX="
+ line: "GRUB_CMDLINE_LINUX=iommu=1 intel_iommu=on"
+ notify:
+ - "Update GRUB"
tags:
- - aws-vfio-patch
+ - perf-conf-grub
-- name: Get vfio-pci WC Patch
- ansible.builtin.get_url:
- url: "https://github.com/amzn/amzn-drivers/raw/master/userspace/dpdk/enav2-vfio-patch/patches/{{ item }}"
- dest: "/opt/patches/{{ item }}"
- mode: 0744
- with_items:
- - "linux-4.10-vfio-wc.patch"
- - "linux-5.8-vfio-wc.patch"
- - "linux-5.15-vfio-wc.patch"
- tags:
- - aws-vfio-patch
+- meta: flush_handlers
-- name: Copy vfio-pci WC Patch
- ansible.builtin.copy:
- src: "files/get-vfio-with-wc.sh"
- dest: "/opt"
- mode: 0744
+- name: Disable Password Login
+ ansible.builtin.lineinfile:
+ dest: "/etc/ssh/sshd_config"
+ regexp: "^PasswordAuthentication yes"
+ line: "PasswordAuthentication no"
+ notify:
+ - "Restart SSHd"
tags:
- - aws-vfio-patch
+ - conf-ssh
-- name: Compile vfio-pci With WC Patch
- ansible.builtin.shell: "/bin/bash /opt/get-vfio-with-wc.sh"
- environment:
- DEBIAN_FRONTEND: "noninteractive"
- TERM: "vt100"
+- name: Recursively Delete Other Configs
+ ansible.builtin.file:
+ path: "/etc/ssh/sshd_config.d"
+ state: "absent"
tags:
- - aws-vfio-patch
+ - conf-ssh
-- name: Reload systemd-modules
- ansible.builtin.systemd:
- name: "systemd-modules-load"
- state: "restarted"
- tags:
- - aws-reload-systemd-modules
+#- name: Get vfio-pci With WC Patcher
+# ansible.builtin.get_url:
+# url: "https://github.com/amzn/amzn-drivers/raw/master/userspace/dpdk/enav2-vfio-patch/get-vfio-with-wc.sh"
+# dest: "/opt/get-vfio-with-wc.sh"
+# mode: 0744
+# tags:
+# - aws-vfio-patch
+#
+#- name: Create vfio-pci Patch Directory
+# ansible.builtin.file:
+# path: "/opt/patches/"
+# state: "directory"
+# tags:
+# - aws-vfio-patch
+#
+#- name: Get vfio-pci WC Patch
+# ansible.builtin.get_url:
+# url: "https://github.com/amzn/amzn-drivers/raw/master/userspace/dpdk/enav2-vfio-patch/patches/{{ item }}"
+# dest: "/opt/patches/{{ item }}"
+# mode: 0744
+# with_items:
+# - "linux-4.10-vfio-wc.patch"
+# - "linux-5.8-vfio-wc.patch"
+# - "linux-5.15-vfio-wc.patch"
+# tags:
+# - aws-vfio-patch
+#
+#- name: Copy vfio-pci WC Patch
+# ansible.builtin.copy:
+# src: "files/get-vfio-with-wc.sh"
+# dest: "/opt"
+# mode: 0744
+# tags:
+# - aws-vfio-patch
+#
+#- name: Compile vfio-pci With WC Patch
+# ansible.builtin.shell: "/bin/bash /opt/get-vfio-with-wc.sh"
+# environment:
+# DEBIAN_FRONTEND: "noninteractive"
+# TERM: "vt100"
+# tags:
+# - aws-vfio-patch
- name: Adjust nr_hugepages
ansible.builtin.sysctl:
diff --git a/fdio.infra.ansible/roles/trex/tasks/deploy_block.yaml b/fdio.infra.ansible/roles/trex/tasks/deploy_block.yaml
index 1a747f68d5..959330508d 100644
--- a/fdio.infra.ansible/roles/trex/tasks/deploy_block.yaml
+++ b/fdio.infra.ansible/roles/trex/tasks/deploy_block.yaml
@@ -46,17 +46,17 @@
retries: 300
when: trex_extracted.changed
-- name: Compile Release {{ item }} Part III
- ansible.builtin.command: "make -j 16"
- args:
- chdir: "{{ trex_target_dir }}/trex-core-{{ item }}/scripts/ko/src"
- when: trex_extracted.changed
-
-- name: Compile Release {{ item }} Part IV
- ansible.builtin.command: "make install"
- args:
- chdir: "{{ trex_target_dir }}/trex-core-{{ item }}/scripts/ko/src"
- when: trex_extracted.changed
+#- name: Compile Release {{ item }} Part III
+# ansible.builtin.command: "make -j 16"
+# args:
+# chdir: "{{ trex_target_dir }}/trex-core-{{ item }}/scripts/ko/src"
+# when: trex_extracted.changed
+
+#- name: Compile Release {{ item }} Part IV
+# ansible.builtin.command: "make install"
+# args:
+# chdir: "{{ trex_target_dir }}/trex-core-{{ item }}/scripts/ko/src"
+# when: trex_extracted.changed
- name: Link libc.a to liblibc.a
ansible.builtin.command: "ln -s -f /usr/lib/x86_64-linux-gnu/libc.a /usr/lib/x86_64-linux-gnu/liblibc.a"
diff --git a/fdio.infra/packer-aws-sut/ubuntu_jammy_x86.pkr.hcl b/fdio.infra/packer-aws-sut/ubuntu_jammy_x86.pkr.hcl
index 7293d176e0..625a3a1ea7 100644
--- a/fdio.infra/packer-aws-sut/ubuntu_jammy_x86.pkr.hcl
+++ b/fdio.infra/packer-aws-sut/ubuntu_jammy_x86.pkr.hcl
@@ -51,7 +51,7 @@ source "amazon-ebs" "csit_ubuntu_jammy_x86_sut" {
ami_name = "csit_ubuntu_jammy_x86_sut"
ami_description = "CSIT SUT image based on Ubuntu Jammy"
ena_support = true
- instance_type = "c5n.4xlarge"
+ instance_type = "c6in.4xlarge"
launch_block_device_mappings {
device_name = "/dev/sda1"
volume_size = 40
@@ -60,7 +60,7 @@ source "amazon-ebs" "csit_ubuntu_jammy_x86_sut" {
force_deregister = true
region = "eu-central-1"
skip_create_ami = false
- source_ami = "ami-04e601abe3e1a910f"
+ source_ami = "ami-026c3177c9bd54288"
ssh_username = "ubuntu"
}
@@ -68,7 +68,7 @@ source "amazon-ebs" "csit_ubuntu_jammy_x86_tg" {
ami_name = "csit_ubuntu_jammy_x86_tg"
ami_description = "CSIT TG image based on Ubuntu Jammy"
ena_support = true
- instance_type = "c5n.4xlarge"
+ instance_type = "c6in.4xlarge"
launch_block_device_mappings {
device_name = "/dev/sda1"
volume_size = 40
@@ -77,7 +77,7 @@ source "amazon-ebs" "csit_ubuntu_jammy_x86_tg" {
force_deregister = true
region = "eu-central-1"
skip_create_ami = false
- source_ami = "ami-04e601abe3e1a910f"
+ source_ami = "ami-026c3177c9bd54288"
ssh_username = "ubuntu"
}
@@ -92,10 +92,10 @@ build {
provisioner "ansible" {
playbook_file = var.ansible_file_path
user = "ubuntu"
+ use_proxy = false
groups = ["sut_aws"]
extra_arguments = [
"--extra-vars", "ansible_ssh_pass=${var.ansible_provision_pwd}",
- "--extra-vars", "ansible_python_interpreter=${var.ansible_python_executable}",
"--extra-vars", "aws=true"
]
}
@@ -115,10 +115,10 @@ build {
provisioner "ansible" {
playbook_file = var.ansible_file_path
user = "ubuntu"
+ use_proxy = false
groups = ["tg_aws"]
extra_arguments = [
"--extra-vars", "ansible_ssh_pass=${var.ansible_provision_pwd}",
- "--extra-vars", "ansible_python_interpreter=${var.ansible_python_executable}",
"--extra-vars", "aws=true"
]
}