knife-proxmox-ve 0.1.3 → 0.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/chef/knife/proxmox_vm_bootstrap.rb +26 -9
- data/lib/knife-proxmox-ve/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fbd3b9c6dcb50cfa79244a9ff639c08e2b4417bdc99416a870b0a9886367a888
|
|
4
|
+
data.tar.gz: e4c7f6ab01e458c4794651ac8927f8aecb5a1e42368b7222862f25e6b85d08bc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7633f2ed9ae45c09629598331707b209076eb32e477239a5cc91732339eb8947f4637631ef974e99604eac66fbb8ef59ed5ebab07ec24dee427d1037053ef5c6
|
|
7
|
+
data.tar.gz: 3df97180d137de70f035416f88d487b13d3f562ec02087b2b8e382abea081dcc7b91c0fa6475ef15453dde08d857290e8b703f39d2015aca121228bba7f60e73
|
|
@@ -28,13 +28,30 @@ class Chef
|
|
|
28
28
|
CINC_PRODUCT = "cinc"
|
|
29
29
|
CINC_INSTALL_URL = "https://omnitruck.cinc.sh/install.sh"
|
|
30
30
|
|
|
31
|
-
# A freshly cloned VM
|
|
32
|
-
#
|
|
33
|
-
#
|
|
34
|
-
#
|
|
35
|
-
#
|
|
36
|
-
|
|
37
|
-
|
|
31
|
+
# A freshly cloned VM is still settling when SSH first answers, and two independent
|
|
32
|
+
# subsystems contend for the dpkg lock: cloud-init (which itself drives apt) and the
|
|
33
|
+
# apt-daily / unattended-upgrades systemd timers, which fire on their own schedule even
|
|
34
|
+
# after cloud-init reports done. Installing the client — or the first client run's package
|
|
35
|
+
# resources — then races them for the lock and fails non-deterministically. Clear the field
|
|
36
|
+
# before the omnibus install, in order:
|
|
37
|
+
# 1. wait for cloud-init to finish;
|
|
38
|
+
# 2. stop the apt-daily / unattended-upgrades timers and any in-flight run, so nothing
|
|
39
|
+
# grabs the lock again for the rest of this boot (`stop`, not `disable`/`mask`: the
|
|
40
|
+
# services return on the next reboot, leaving the image unchanged);
|
|
41
|
+
# 3. block (bounded) until the dpkg lock a stopped run may still hold is released.
|
|
42
|
+
# Every step is guarded on the tool existing and `|| true`, so non-cloud-init / non-systemd
|
|
43
|
+
# / non-apt images and degraded states still let the bootstrap proceed.
|
|
44
|
+
PREINSTALL_WAIT_COMMAND = <<~SH
|
|
45
|
+
if command -v cloud-init >/dev/null 2>&1; then cloud-init status --wait >/dev/null 2>&1 || true; fi
|
|
46
|
+
if command -v systemctl >/dev/null 2>&1; then
|
|
47
|
+
systemctl stop apt-daily.timer apt-daily-upgrade.timer apt-daily.service apt-daily-upgrade.service unattended-upgrades.service >/dev/null 2>&1 || true
|
|
48
|
+
fi
|
|
49
|
+
if command -v flock >/dev/null 2>&1; then
|
|
50
|
+
for lock in /var/lib/dpkg/lock-frontend /var/lib/dpkg/lock; do
|
|
51
|
+
[ -e "$lock" ] && flock -w 300 "$lock" true >/dev/null 2>&1 || true
|
|
52
|
+
done
|
|
53
|
+
fi
|
|
54
|
+
SH
|
|
38
55
|
|
|
39
56
|
deps do
|
|
40
57
|
require "chef/knife/bootstrap"
|
|
@@ -60,8 +77,8 @@ class Chef
|
|
|
60
77
|
# TOFU: a freshly cloned VM has no entry in known_hosts. Accept its key on
|
|
61
78
|
# first connect rather than failing the bootstrap or disabling verification.
|
|
62
79
|
config[:ssh_verify_host_key] ||= :accept_new
|
|
63
|
-
#
|
|
64
|
-
config[:bootstrap_preinstall_command] ||=
|
|
80
|
+
# Drain cloud-init and the dpkg lock before the bootstrap installs the client (see constant).
|
|
81
|
+
config[:bootstrap_preinstall_command] ||= PREINSTALL_WAIT_COMMAND
|
|
65
82
|
end
|
|
66
83
|
|
|
67
84
|
# The bootstrap target host does not exist yet — it is resolved to the VM's IP
|