Since we have now EFI framebuffer enabled for ARM64 if we boot on a board
with an screen, u-boot will set up a EFI GOP framebuffer and we won't boot
using the serial console.
Also on RPI3 the firmware always setup the framebuffer area resulting in u-boot
always setup the EFI GOP and FreeBSD never using the serial console.
Reviewed by: gjb, lwshu (previous version)
Differential Revision: https://reviews.freebsd.org/D16472
They were added for unclear reasons in r277263. The current OpenSSH
defaults (7.5+) are reasonable, and do not include the insecure rc4 cipher:
chacha20-poly1305@openssh.com,
aes128-ctr,aes192-ctr,aes256-ctr,
aes128-gcm@openssh.com,aes256-gcm@openssh.com,
aes128-cbc,aes192-cbc,aes256-cbc
I think I recall there being a reason for a specific list of ciphers on GCE
at the time, but I do not recall what it was, and cannot find any
current GCE documentation of such a list.
So, just revert the explicit configuration and use sane openssh defaults.
PR: 230092
Submitted by: Gustavo Scalet <gustavo.scalet AT collabora.com>
MFC after: 3 days
Security: yes
This reduce the per-board arm_install_uboot to just install u-boot.
While here remove the installation of rpi.dtb and rpi2.dtb as we load
them from the UFS partition via ubldr.
Reviewed by: gjb, imp (older version)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D16239
the system to make use of USB device mode / USB OTG to provide a "virtual
serial port" on release images.
Reviewed by: gjb@
MFC after: 2 weeks
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D15602
switch the default kldxref_enable to YES.
The reason is that it's required for every image that's being cross-built,
as kldxref(8) cannot handle files for non-native architectures. For the
one that is not - amd64 - having it on by default doesn't change anything;
the script is noop if the linker.hints already exists.
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
the /boot/kernel/linker.hints file, which breaks loading some of the modules
with dependencies, eg cfiscsi.ko.
This is a minimal fix for ARM images, in order to safely MFC it before
11.2-RELEASE. Afterwards, however, I believe we should actually just change
the default (as in, etc/defaults/rc.conf). The reason is that it's required
for every image that's being cross-built, as kldxref(1) cannot handle files
for non-native architectures. For the one that is not - amd64 - having it
on by default doesn't change anything - the script is noop if the linker.hints
already exists.
The long-term solution would be to rewrite kldxref(1) to handle other
architectures, and generate linker.hints at build time.
Reviewed by: gjb@
MFC after: 3 days
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D14534
satisfying a requirement to allow FreeBSD to be considered
a top-tier supported OS in Google Compute Engine.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
EC2 instances from sysctl.conf to loader.conf; these can all be set as
loader tunables, and setting them in loader.conf gives us the right
behaviour in the event of a kernel panic taking place prior to when
sysctl.conf is processed.
MFC after: 1 week
Since Amazon provides NTP servers within their network, this should
be far superior to using the default NTP pools; and since the service
is provided by Amazon there's very little risk in enabling it by
default. (If someone is able to compromise Amazon's NTP servers and
exploit them to attack EC2 instances, they would almost certainly be
able to compromise EC2 instances even without ntpd running...)
MFC after: 1 week
Relnotes: EC2 instances now keep their clocks synchronized using
the Amazon Time Sync Service (aka. NTP).
EC2 instances are normally launched with an SSH public key specified,
which is then used for logging in (by default, as 'ec2-user'). Having
ChallengeResponseAuthentication enabled (as FreeBSD's default sshd_config
does) has no functional effect in a new EC2 instance, since you can't log
in using a password until a password has been set -- but having this
enabled results in alerts from automated scanning tools which can detect
that sshd advertises support for keyboard-interactive logins (since they
can't detect that accounts have no password set).
EC2 users who want to use passwords to log in to their instances will need
to set 'ChallengeResponseAuthentication yes' in FreeBSD 12.0 and later.
Discussed with: gjb, gtetlow, emaste, des
Requested by: Amazon
X-MFC: No
Relnotes: ChallengeResponseAuthentication is turned off by default in
Amazon EC2 AMIs.
copied from the build host. It is renamed to /etc/resolv.conf.bak
on boot, so never used anyway.
Noticed by: peter
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
This changes the build OBJDIR from the older style of /usr/obj/<srcdir> for
native builds, and /usr/obj/<target>.<target_arch>/<srcdir> for cross builds to
a new simpler format of /usr/obj/<srcdir>/<target>.<target_arch>. This
new format is used regardless of cross or native build. It allows
easier management of multiple source tree object directories.
The UNIFIED_OBJDIR option will be removed and its feature made permanent
for the 12.0 release.
Relnotes: yes (don't note UNIFIED_OBJDIR option since it will be removed)
Prior work: D3711 D874
Reviewed by: gjb, sjg
Discussed at: https://lists.freebsd.org/pipermail/freebsd-arch/2016-May/017805.html
Discussed with: emaste
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D12840
immediately available on instances which are running without internet
access (or which can't rely on firstboot_pkgs to install it for some
other reason).
Note that this agent is not enabled by default; to enable it, add
amazon_ssm_agent_enable="YES" to /etc/rc.conf, e.g., by placing the lines
>>/etc/rc.conf
amazon_ssm_agent_enable="YES"
into the EC2 user-data. In addition to being enabled, the agent requires
keys to be provided via IAM Roles; users are encouraged to be very careful
in using this functionality due to the inherent vulnerability in the idea
of providing credentials via a service accessible to any process which can
open an HTTP connection.
Requested by: Amazon
No objection from: re@
Relnotes: FreeBSD/EC2 AMIs now include the Amazon EC2 Systems Manager
(SSM) Agent.
A recent bug in security/sudo causes segmentation faults when
the system is not configured with a hostname, which causes issues
with some virtual machine setups, notably Vagrant. Set the default
hostname to the output of 'uname -o'.
Submitted by: Nicholas Fiorentini
Sponsored by: The FreeBSD Foundation
build on arm/armv6 images.
Pointyhat: gjb (myself)
MFC after: immediate
MFC note: releng/10.4 has broken because of this
Sponsored by: The FreeBSD Foundation
virtual machine images and embedded images, similar to what is
done when extracting base.txz to the target root filesystem in
an new installation.
Noticed by: marius
Tested with: head@r323729
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Engine (GCE) images with an updated version of Google's tools.
PR: 221714
Submitted by: helen _dot_ koike _@_ collabora_dot_com (original)
MFC after: 5 days
Sponsored by: The FreeBSD Foundation
- Rename chroot_arm_armv6_build_release() to chroot_arm_build_release()
and make it hardware agnostic (such as armv6 -vs- armv7 -vs- arm64).
- Evaluate EMBEDDED_TARGET differently so release/tools/arm.subr can
be used for arm/armv6 and arm64/aarch64.
- Update comments and copyright.
In release/tools/arm.subr:
- In arm_create_disk(), change the default alignment from 63 to 512k,
fixing a boot issue on arm64 and EFI. [1]
- Update comments and copyright.
Add a RPI3 configuration file, pieces obtained from Crochet.
Obtained from: Crochet [1]
MFC after: 5 days
X-MFC-Note: maybe
Sponsored by: The FreeBSD Foundation
install to prepare an AMI image. This can be used to create a ZFS AMI disk
image using a virtual machine.
Change ec2.conf to use the pkg tool from a chroot rather than trying to
bootstrap it and fail from the livecd readonly filesystem.
Reviewed by: gjb
- Speeds up the boot process by disabling sendmail.
- Allows an user to ssh as root with a public key.
- Make ssh(1) respond faster by disabling DNS lookups.
- Enable DHCP on the vtnet(4) interface.
Note: The CLOUDWARE list has not yet been changed to include the
OpenStack target by default yet.
Submitted by: Diego Casati
PR: 215258
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
running on EC2. Due to improvements in EC2, the performance penalty which
was present on some EC2 instances no longer exists, and enabling this
feature now consistently yields ~20% higher throughput with equal or lower
latency.
Reverts: r286063
Approved by: re (gjb)
MFC after: 2 weeks
Relnotes: Improved disk throughput on EC2
30m isn't enough for pkg anymore to extract packagesite.txz.
40m is fine for now but let's take a safer way as we don't know when pkg will need more.
Reported by: many
Approved by: re (gjb), andrew (mentor)
on performance, especially with SD cards on certain SoCs.
Requested by: trasz
Discussed with: ian, kientzle
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
A stray trailing space snuck in with one of the recent
changes, making r290550 and r290573 effectively no-op.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
issues on some EC2 instance types. Users may want to experiment with
removing this from loader.conf and measuring the performance impact on
the EC2 instances they are using.
- pkg(8) cannot be removed before subsequent reinvocations
- The PKG_CACHEDIR cannot be cleaned after the repo*.sqlite
has been removed
- pkg(8) cannot be removed as a precursor to any of the other
steps involved here
MFC after: 3 days
X-MFC-With: r285722
X-MFC-Before: 10.2-{BETA3,RC1} (whichever happens next)
Sponsored by: The FreeBSD Foundation
The true cause of the missing UFS/MSDOSFS labels has been
identified, and only affects stable/10 at the moment.
An request for commit to stable/10 will be pending RE approval
after this commit.
MFC after: 1 day
X-MFC-Note: never
X-MFC-Never: r285018, r285019, r285076, r285078, r285082
Sponsored by: The FreeBSD Foundation
the symlink from loader.rc.sample.
Fix paths relative to the CHROOTDIR.
MFC after: 3 days
X-MFC-With: r285076, r285078
X-MFC-Before: 10.2-BETA1
Sponsored by: The FreeBSD Foundation
UFS/MSDOSFS label issues on FreeBSD/arm builds, however
the real problem was addressed in r285076, which is due
to two separate issues, unrelated to md(4) stale device
existence.
MFC after: 3 days
X-MFC-With: r285076
X-MFC-Before: 10.2-BETA1
Sponsored by: The FreeBSD Foundation
FreeBSD/arm builds. The problem stems from the loader.rc file
not existing, as well as geom_label not being loaded at boot.
For now, add the geom_label_load entry to loader.conf, and
symlink loader.rc.sample to loader.rc, both of which allowed
my BeagleBone Black to boot fine with a UFS label reference in
fstab(5).
MFC after: 3 days
X-MFC-Before: 10.2-BETA1
Sponsored by: The FreeBSD Foundation
cannot possibly exist within the chroot(8) before the target
filesystem actually exists.
MFC after: 3 days
X-MFC-With: r285018
Sponsored by: The FreeBSD Foundation
written to disk with newfs(8) and newfs_msdosfs(8).
When iterating through snapshot builds in serial, it is possible for
a build failure to leave stale md(4) devices behind, in some cases, they
could have a UFS or MSDOS filesystem label assigned.
If the md(4) is not destroyed (or not able to be destroyed, as has
happened recently due to my own fault), the filesystem label that
already exists can interfere with a new md(4) device that is targeted to
have the same label.
This behavior, although admittedly a logic error in the wrapper build
scripts, has caused intermittent reports (in particular with the armv6
builds) of missing UFS/MSDOSFS labels, causing the image to fallback to
the mountroot prompt. This appears to only happen when the backing
md(4) device is destroyed before the calling umount(8) on the target
mount, after which the UFS/MSDOSFS label persists.
The workaround is this: If EVERYTHINGISFINE is set to non-empty value,
check for an existing ufs/rootfs and msdosfs/MSDOSBOOT filesystem label
in arm_create_disk(), and rm(1) them if they exist.
The EVERYTHINGISFINE variable is chosen because it is used in exactly
one other place - release/Makefile.mirrors - and there are big scary
warnings at the top of that file as well that it should *not* be used
under normal circumstances. This should not destroy a build machine
that also uses '/dev/ufs/rootfs' as the UFS label, and I have verified
in extensive local testing that the destroyed label is recreated when
the md(4) is unmounted/mounted, but this really should not be enabled
by anyone.
Having said all that, I absolutely *do* plan MFC this to stable/10 for
the 10.2-RELEASE cycle, as so far, I have only observed this behavior
on stable/10, but this is a temporary solution until I can unravel all
of the failure paths to properly trap them.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
machine images to the Google Compute Engine platform.
By default, gcutil/gsutil requires an Oauth2 login generated
from a URL that must be opened in a browser, a verification
code copied back to the terminal from which it was invoked,
etc., etc., making it near impossible for automation.
I've hacked together an evil solution to work around this,
so unless GCE_LOGIN_SKIP is set to a non-empty value, this
Makefile will not do anything useful.
As a result of this commit, remove the gce-package.sh script
that was never, nor will ever be, used.
MFC after: 3 days
X-MFC-Note: (hopefully)
Sponsored by: The FreeBSD Foundation
Remove the Azure-local vm_extra_create_disk(), since we no longer
need qemu-img to convert the final VHD image to an Azure-compatible
format.
Although the waagent utility is installed from ports, create the
symlink to /usr/sbin, pending investigation on where this is
hard-coded, so it can be reported upstream. In the meantime, this
is good enough.
MFC after: 3 days
X-MFC-Needs: r284269, r284270, r284271, r284655,
r284656, r284657, r284658, r284659
X-MFC-Note: Required for 10.2-RELEASE, marcel@ has
implicit approval for the required changes
Sponsored by: The FreeBSD Foundation
According to the manual page, '-m' should create the user home
directory, however rigorous testing suggests it does not, and
it is unclear if this is an implementation or expectation issue.
Sponsored by: The FreeBSD Foundation
Disabling soft updates journaling appears to resolve issues
with kernel panics, and may also be generally bad to have
enabled for SD cards.
Requested by: ian
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
pw(8) to set the correct /etc directory for the user/group
files.
Provided by: ian (thanks!)
MFC after: 3 days
X-MFC-with: r283894
Sponsored by: The FreeBSD Foundation
user in the userland for the target image, but creates the
user in the build chroot.
Before this is re-enabled, I want to figure out a clean way
to do this without requiring the overhead of third-party
utilities (such as qemu).
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Of note:
- This commit adds native FreeBSD/arm release build support without
requiring out-of-tree utilities.
- Part of this merge removes the WANDBOARD-{SOLO,DUAL,QUAD} kernel
configuration files, for which the IMX6 kernel configuration file
should be used instead.
- The resulting images have a 'freebsd' user (password 'freebsd'),
to allow ssh(1) access when console access is not available (VGA
or serial). The default 'root' user password is set to 'root'.
- The /etc/ttys file for arm images now enable both ttyv0 and ttyu0
by default.
Help from: many (boot testing, feedback, etc.)
Sponsored by: The FreeBSD Foundation
is necessary.
In arm_install_base(), chroot(8) when installing world
and kernel. Fix paths for fstab(5) and rc.conf(5).
Sponsored by: The FreeBSD Foundation
before attempting to mount(8) devfs. Also, create the
.OBJDIR for the 'release' target, so files end up in the
correct location.
In tools/arm.subr, fix the target device when creating the
gpart partition scheme.
Sponsored by: The FreeBSD Foundation
building arm images. This is similar to tools/vmimage.subr
used for building virtual machine disk images. By default,
only arm_create_disk() and arm_install_base() contain real
functionality here, and arm_install_uboot() must be overridden
in the arm/KERNEL.conf file.
In release.sh, make create_arm_armv6_build_release() do
something now.
In arm/BEAGLEBONE.conf, set IMAGE_SIZE, PART_SCHEME, FAT_SIZE,
FAT_TYPE, and MD_ARGS, as well as make arm_install_uboot()
functional.
Parts of this were taken from disecting a previous BEAGLEBONE
image, and other parts obtained from Crochet sources.
Sponsored by: The FreeBSD Foundation
sysutils/u-boot-beaglebone port:
- In arm/BEAGLEBONE.conf, set EMBEDDEDPORTS to the
sysutils/u-boot-beaglebone port.
- In arm/release.sh, remove BEAGLEBONE from setting WANT_UBOOT
- In tools/arm/crochet-BEAGLEBONE.conf, override the
beaglebone_check_uboot(), and set BEAGLEBONE_UBOOT to
/tmp/external/u-boot-beaglebone, and create symlinks to the
u-boot files in /usr/local/share/u-boot-beaglebone and the
uEnv.txt file in crochet/board/Beaglebone/files.
Sponsored by: The FreeBSD Foundation
In release.sh, allow overriding buildenv_setup() before
the handoff to arm/release.sh.
Copy arm/RPI-B.conf -> arm/RPI2.conf, set UBOOT_PORT and
the correct KERNEL, and add the buildenv_setup() override
to install the sysutils/u-boot-rpi2 port/package.
Copy tools/arm/crochet-RPI-B.conf -> tools/arm/crochet-RPI2.conf,
and set the correct entries for the RaspberryPi2 board.
Thanks to: loos@
Sponsored by: The FreeBSD Foundation
GPT scheme. UEFI needs to know the unique partition GUID
with GPT, which changes each time. Specifically, the QEMU
EFI BIOS file has this hard-coded.[1]
Since the GPT labels are now unavailable, unconditionally
label the root filesystem as 'rootfs' with newfs(8), since
it does not hurt anything anywhere else. For the arm64 case,
'/' is mounted from /dev/ufs/rootfs; for all other VM images,
'/' is mounted from /dev/gpt/rootfs.
Unfortunately, since the /dev/gpt/swapfs label is also lost,
set NOSWAP=1 for the arm64/aarch64 images. This is temporary,
until I figure out a scalable solution to this. But, a certain
piece of softare was written "very fast", and ended up living
for 15 years. We can deal with this for a week or so.
Information from: andrew, emaste [1]
Sponsored by: The FreeBSD Foundation
copy the userland from one md(4)-mounted filesystem to a clean
filesystem to prevent remnants of files that were added and
removed from resulting in an unclean filesystem. When newfs(8)
creates the first filesystem with journaled soft-updates enabled,
the /.sujournal file in the new filesystem cannot be overwritten
by the /.sujournal in the original filesystem.
To avoid this particular error case, do not enable journaled
soft-updates when creating the md(4)-backed filesystems, and
instead use tunefs(8) to enable journaled soft-updates after
the new filesystem is populated in vm_copy_base().
While here, fix a long standing bug where the build environment
/boot files were used by mkimg(1) when creating the VM disk
images by using the files in .OBJDIR.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
* Remove vm_umount_base function which is currently unused.
* Add umount_loop function which loops attempting to unmount one filesystem.
* Replace calls to umount with calls to umount_loop.
* Don't attempt to unmount ${DESTDIR}/dev if it isn't mounted.
The looping is necessary because sometimes umount fails due to filesystems
being busy. The most common cause of such busyness is periodic(8) jobs
running `find / ...`.
Reviewed by: gjb
a new filesystem before packaging it into a disk image. This prevents
"remnants" of deleted files from showing up in the VM images, and reduces
their compressed size (by about 10% for the cloudware images) as a result.
Looks good to: gjb
post-install packaging cloud provider images.
Add a 'gce-package.sh' script to generate the final output
image ready for upload to the GCE platform. Right now, this
is the only image that has a specific output format (GNU-tar),
and this implementation is expected to be temporary.
This is not directly connected to the other release targets.
MFC after: 1 week
X-MFC-with: r279249, r279250
Sponsored by: The FreeBSD Foundation
VM_RC_LIST and deduplicate.
Evaluate if firstboot_freebsd_update should be enabled
based on UNAME_r, because it is not supported for the
-CURRENT or -STABLE branches.
MFC after: 2 weeks
X-MFC-with: r277458, r277536, r277606, r277609,
r277836
Sponsored by: The FreeBSD Foundation
r273823-r273826, r273833, r273836, r273944, r274069-r274071,
r274134, r274211, r274280-r274285, r274287-r274288, r274292,
r274296-r274297, r274356, r274533, r274725, r274726, r274729,
r274734, r274771, r274945-r274946, r277180, r277183-r277184,
r277186-r277187, r277250-r277253, r277263-r277264, r277383-r277384,
r277393-r277395, r277438-r277439, r277447, r277455:
r273823:
Move virtual machine / cloud provider targets and
options from release/Makefile to their own Makefile.
r273824:
Add glue to allow enabling building cloud provider VM images
by default.
When WITH_CLOUDWARE is not empty, add CLOUDTARGETS to the
release/Makefile 'release' target.
r273825:
Avoid hard-coding the Azure image file format. While here,
avoid using OSRELEASE for the output file name.
r273826:
Remove a few vestiges of passing an exit code to panic().
r273833:
Initial commit providing a mechanism to create openstack images
as part of the release build.
r273836:
Fix output file name for openstack images. No further conversion
is necessary for this VM file target, so there is no need to append
the '.raw' suffix here.
r273944:
Uncomment the cloudinit rc.conf(5) line.
r274069:
Add line continuation so OPENSTACKCONF is actually included in the env(1).
r274070:
Add a 'vm-cloudware' target, used to drive all targets in CLOUDTARGETS.
r274071:
Add examples for WITH_CLOUDWARE to release.conf.sample.
Add WITH_CLOUDWARE evaluation to RELEASE_RMAKEFLAGS.
r274134:
Initial rewrite to consolidate VM image build scripts into one.
r274211:
Add write_partition_layout() used to populate the final image.
Fix duplicated mkimg(1) call in vm_create_disk().
Add primitive (untested) PowerPC/PowerPC64 VM image support.
Note: As it is currently written, the /boot/pmbr and
/boot/{gptboot,boot1.hfs} use the build host and not the target
build. Fixing this is likely going to be a hack in itself.
r274280:
Return if vm_create_disk() is unsuccessful.
r274281:
Add CLEANFILES entry for VM targets
r274282:
Add vm_extra_pre_umount() prototype to vmimage.subr.
r274283:
Fix DESTDIR for installworld, and make sure it is created before use.
r274284:
Move usage() from vmimage.subr to mk-vmimage.sh, in case vmimage.subr
has not been sourced.
r274285:
Spell 'OPTARG' correctly. Actually call vm_create_base().
r274287:
Fix line continuation in write_partition_layout().
Remove variable test that is no longer needed.
r274288:
Fix scheme flag to mkimg(1).
r274292:
mount(8) and umount(8) devfs(5) as needed.
r274296:
Change path for mk-vmimage.sh from ${TARGET}/ to scripts/ now that
it is consolidated into one file.
Fix paths for the base image and output disk image files.
r274297:
Call cleanup() after everything is done.
r274356:
Remove a stray directory from CLEANFILES.
r274533:
Set the boot partition type to 'apple-boot' for powerpc.
r274725:
In vm_install_base(), copy the host resolv.conf into
the build chroot before attempting to do anything that
requires working DNS (i.e., pkg bootstrap).
In vm_extra_pre_umount(), remove the resolv.conf before
the disk image is unmounted from the backing md(4).
r274726 (cperciva):
Silence errors when umounting the chroot's /dev, since it
probably doesn't exist when we're running this.
Unmount filesystems before attempting to destroy the md which
holds them.
r274729 (cperciva):
Unmount filesystem and destroy md before we read the vnode from
disk and package it into a disk image. Otherwise we end up
packaging an unclean filesystem.
r274734 (cperciva):
Merge duplicative vm-CLOUDTYPE targets before additional duplication
gets added by the impending arrival of ec2 and gcloud.
r274771 (cperciva):
Add NOSWAP option which can be set by a vmimage.conf file to specify
that no swap space should be created in the image. This will be used
by EC2 builds, since FreeBSD/EC2 allocates swap space on "ephemeral"
disks which are physically attached to the Xen host node.
r274945:
In vm_extra_install_packages(), only bootstrap pkg(8) if
VM_EXTRA_PACKAGES is empty.
In vm_extra_pre_umount(), cleanup downloaded packages if pkg(8) was
bootstrapped earlier.
r274946:
Fix indentation nit.
r277180:
In vm_extra_install_base(), do not install waagent in the openstack
image, because it is not used. This appears to be a copy mistake.
Remove vm_extra_install_base() from the openstack.conf entirely,
since it does not need to be overridden.
r277183:
Enable the textmode console by default for VM images, since there is
no way to tell if the environment will be able to use the
graphics-mode console.
r277184:
Enable password-less sudo for openstack images.
r277186:
Update the VM_EXTRA_PACKAGES list for the openstack images.
The documentation suggests doing a "just fetch this and run it"-style
bootstrap, from which the list of dependencies was obtained (in
github, at: pellaeon/bsd-cloudinit-installer)
There is one Python dependency unmet, oslo.config, which is not in
the Ports Collection.
r277187:
Add a comment to note that setting hw.vga.textmode=1 is temporary.
r277250:
Remove vm_extra_install_base() for the Azure image, now that the
waagent exists in the ports tree.
Add sysutils/azure-agent to the VM_EXTRA_PACKAGES list.
In vm_extra_pre_umount(), remove the explicit pkg(8) install
list, as dependencies are resolved by sysutils/azure-agent.
r277251:
Add a 'list-cloudware' target to print the list of supported CLOUDWARE
values and a description.
Add the AZURE_DESC and OPENSTACK_DESC descriptions.
r277252:
Update release(7)
r277253:
Add 'list-vmtargets' target, which produces a list of all supported
VM and cloud provider images.
Add VHD_DESC, VMDK_DESC, QCOW2_DESC, RAW_DESC image descriptions.
Format the output to make a bit more readable.
Update release(7) to document the list-vmtargets target.
r277263:
Add initial support for the GCE (Google Compute Engine) cloud hosting
provider image.
r277264:
Style and line length cleanup.
r277383:
Remove the console setting from rc.conf(5), which is not used there.
While here, set console to include vidconsole in the loader.conf(5).
r277384:
Fix an indentation nit.
No functional changes.
r277393:
Remove the pkg-clean(8) call from vm_extra_pre_umount() since the
function is often overridden.
Add vm_extra_pkg_rmcache() to call pkg-clean(8) to avoid duplicated
code.
r277394:
Move resolv.conf(5) removal back to vm_extra_pre_umount() where it
belongs.
The GCE image needs resolv.conf(5) to exist (created as part of the
image setup), so it cannot be removed.
r277395:
Comment the line that configures ttys(5) to 'off', which makes it
impossible to test that the image boots.
Add a note explaining why the line is commented, and not (yet) removed
entirely.
r277438:
Move the 'install' bits that are specific to virtual machine images
from the Makefile to Makefile.vm.
Rename the 'install' target to 'release-install', and add a new
'vm-install' target.
Add a new 'install' target that invokes the new targets.
r277439:
Add WITH_CLOUDWARE to the list of make(1) variables for the release
build.
r277447:
Remove hw.vga.textmode=1 from the VM image loader.conf, which was
included during test builds and not intended to be included when
merging this project branch back to head.
r277455:
Remove mk-azure.sh, which is no longer needed.
MFC after: 1 month
X-MFC-To: stable/10 (requires mkimg(1))
Help from: cperciva, swills
Relnotes: yes
Sponsored by: The FreeBSD Foundation
cloud hosting provider image.
Many thanks to swills@ for his work on getting this to
this point.
Submitted by: swills
Sponsored by: The FreeBSD Foundation
that the waagent exists in the ports tree.
Add sysutils/azure-agent to the VM_EXTRA_PACKAGES list.
In vm_extra_pre_umount(), remove the explicit pkg(8) install
list, as dependencies are resolved by sysutils/azure-agent.
Sponsored by: The FreeBSD Foundation
images.
The documentation suggests doing a "just fetch this
and run it"-style bootstrap, from which the list of
dependencies was obtained (in github, at:
pellaeon/bsd-cloudinit-installer)
There is one Python dependency unmet, oslo.config,
which is not in the Ports Collection.
Sponsored by: The FreeBSD Foundation
in the openstack image, because it is not used. This
appears to be a copy mistake.
Remove vm_extra_install_base() from the openstack.conf
entirely, since it does not need to be overridden.
Sponsored by: The FreeBSD Foundation
if VM_EXTRA_PACKAGES is empty.
In vm_extra_pre_umount(), cleanup downloaded packages
if pkg(8) was bootstrapped earlier.
Inspired by: cperciva
Sponsored by: The FreeBSD Foundation
into the image and running 'pkg install' from there, use 'pkg fetch' to
download packages into a temporary location and then 'pkg add' to install
them into the image.
This simplifies the code by avoiding the need to copy /etc/resolv.conf
into the image and then delete it later, and makes it possible to cross
build (e.g., to create an amd64 image when running on i386 hardware; or
in the future for building disk images for embedded platforms).
Because pkg was implicitly installed when VM_EXTRA_PACKAGES was non-empty,
add it to VM_EXTRA_PACKAGES in azure.conf and openstack.conf to maintain
the current behaviour.
By default repo-FreeBSD.sqlite is copied into the image, (a) to match
previous behaviour, where the file would be downloaded by the chrooted
pkg invocation; and (b) because it may be useful for testing purposes,
e.g., to see why a package didn't get installed. Because this file is
large (46 MB) and not likely to be useful in -RELEASE images which are
being launched into Clouds several months later, it can be disabled by
setting NOREPOSQLITE.
As far as I know this commit does not change the disk images produced in
any filesystem-visible way.
no swap space should be created in the image. This will be used by EC2
builds, since FreeBSD/EC2 allocates swap space on "ephemeral" disks which
are physically attached to the Xen host node.
the build chroot before attempting to do anything that
requires working DNS (i.e., pkg bootstrap).
In vm_extra_pre_umount(), remove the resolv.conf before
the disk image is unmounted from the backing md(4).
Reported by: cperciva
Sponsored by: The FreeBSD Foundation
final image.
Fix duplicated mkimg(1) call in vm_create_disk().
Add primitive (untested) PowerPC/PowerPC64 VM image
support.
Note: As it is currently written, the /boot/pmbr and
/boot/{gptboot,boot1.hfs} use the build host and not
the target build. Fixing this is likely going to be
a hack in itself.
Sponsored by: The FreeBSD Foundation
There may be some very sharp edges here while refactoring.
- Move amd64/mk-vmimage.sh -> scripts/mk-vmimage.sh.
- Remove vm-base target from Makefile.vm.
- In vm-image target, use getopts flags for argument passing.
- Create tools/vmimage.subr, containing default and prototype
for the following functions that are used to drive the build,
run in this order:
vm_install_base()
vm_extra_install_base()
vm_extra_install_packages()
vm_extra_install_ports()
vm_extra_enable_services()
vm_extra_pre_umount()
vm_create_disk()
vm_extra_create_disk()
- In tools/azure.conf, override:
vm_extra_install_base()
vm_extra_pre_umount()
vm_extra_create_disk()
- In tools/openstack.conf, override:
vm_extra_install_base()
vm_extra_pre_umount()
Sponsored by: The FreeBSD Foundation
openstack images as part of the release build.
This mimics the way Microsoft Azure images are
built, with the addition of installing the
net/cloud-init package and adding a (commented)
rc.conf(5) entry for cloudinit.
Sponsored by: The FreeBSD Foundation
r273076, r273077, r273079, r273095:
r273076:
Add a separate make(1) target to release/Makefile to
build FreeBSD virtual machine disk images for use on
the Microsoft Azure service.
For now, this target is not directly connected to the
build, however can be manually invoked.
The 'vm-azure' target invokes {amd64,i386}/mk-azure.sh,
which does the heavy lifting to produce proper VHDs.
mk-azure.sh uses a configuration file, defaulting to
tools/azure.conf if otherwise unset.
r273077:
Clear VM_RC_LIST.
r273079:
Fix signal list to trigger umount(8).
r273095:
Output an informational message when mkimg(1) runs, so it
does not appear that the process has stopped while waiting
for a 'y/n' response when waagent is deprovisioned.
Tested on: releng/10.1@r272876
MFC after: 3 days
X-MFC-10.1: yes
Sponsored by: The FreeBSD Foundation
build FreeBSD virtual machine disk images for use on
the Microsoft Azure service.
For now, this target is not directly connected to the
build, however can be manually invoked.
The 'vm-azure' target invokes {amd64,i386}/mk-azure.sh,
which does the heavy lifting to produce proper VHDs.
mk-azure.sh uses a configuration file, defaulting to
tools/azure.conf if otherwise unset.
Sponsored by: The FreeBSD Foundation
to 'make -V OSRELEASE' output.
This probably should use 'make -V OSRELEASE' directly, but for
now, this keeps the line length reasonable for readability.
Sponsored by: The FreeBSD Foundation
- In arm/release.sh:
- Move crochet work directory creation to occur earlier,
since its parent directory is needed to store a fetched
u-boot version.
- Add a before_build() function as a quick hack to run
board-specific (kernel configuration specific, really)
commands, if any.
- For the BEAGLEBONE kernel, a specific version of u-boot
source is needed. Fetch the source in before_build() for
this case. Unfortunately, there are no checksums available
(that I can find) for these sources. For a quick solution,
add the hard-coded sha256 of the tarball, and fetch from
my public_html/ directory. A more permanent solution for
this needs to be found.
Add initial release.sh and crochet configuration files for the
BEAGLEBONE build.
Sponsored by: The FreeBSD Foundation
In general, the workflow used for the latest releases has been
to checkout head/release/ to a directory outside of any build
environments, modify the release.conf accordingly, and run:
# ./release.sh -c ./release.conf
By moving tools/release/${XDEV}/ (for RPI-B build testing, in
this case), any dependency on a different branch of the source
tree can be removed. In particular, release.sh expects the
tools/release/${XDEV}/crochet-${KERNEL}.conf file to exist, so
by moving the crochet configuration file to a directory in
release/, it becomes possible to build images for branches that
do not yet have the necessary configuration files and/or scripts.
Sponsored by: The FreeBSD Foundation
