5 # Copyright:: 2012, OpenStreetMap Foundation
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # https://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
22 include_recipe "prometheus"
23 include_recipe "sysfs"
24 include_recipe "tools"
26 ohai_plugin "hardware" do
27 template "ohai.rb.erb"
30 if platform?("debian")
31 package "firmware-linux"
34 if node[:cpu] && node[:cpu][:"0"] && node[:cpu][:"0"][:vendor_id]
35 case node[:cpu][:"0"][:vendor_id]
37 package "intel-microcode"
39 package "amd64-microcode"
43 if node[:dmi] && node[:dmi][:system]
44 case node[:dmi][:system][:manufacturer]
46 manufacturer = node[:dmi][:base_board][:manufacturer]
47 product = node[:dmi][:base_board][:product_name]
49 manufacturer = node[:dmi][:system][:manufacturer]
50 product = node[:dmi][:system][:product_name]
53 manufacturer = "Unknown"
59 if node[:roles].include?("bytemark") || node[:roles].include?("exonetric") || node[:roles].include?("prgmr")
65 include_recipe "apt::management-component-pack"
69 execute "update-ilo" do
71 command "/usr/sbin/hponcfg -f /etc/ilo-defaults.xml"
75 template "/etc/ilo-defaults.xml" do
76 source "ilo-defaults.xml.erb"
80 notifies :run, "execute[update-ilo]"
83 package "hp-health" do
85 notifies :restart, "service[hp-health]"
86 only_if { platform?("ubuntu") && node[:lsb][:release].to_f < 22.04 }
89 service "hp-health" do
90 action [:enable, :start]
91 supports :status => true, :restart => true
92 only_if { platform?("ubuntu") && node[:lsb][:release].to_f < 22.04 }
95 if product.end_with?("Gen8", "Gen9")
98 notifies :restart, "service[hp-ams]"
102 action [:enable, :start]
103 supports :status => true, :restart => true
105 elsif product.end_with?("Gen10")
108 notifies :restart, "service[amsd]"
112 action [:enable, :start]
113 supports :status => true, :restart => true
117 units << if product.end_with?("Gen10")
124 when "TYAN Computer Corporation"
131 package "open-vm-tools"
133 # Remove timeSync plugin completely
134 # https://github.com/vmware/open-vm-tools/issues/302
135 file "/usr/lib/open-vm-tools/plugins/vmsvc/libtimeSync.so" do
137 notifies :restart, "service[open-vm-tools]"
140 # Attempt to tell Host we are not interested in timeSync
141 execute "vmware-toolbox-cmd-timesync-disable" do
142 command "/usr/bin/vmware-toolbox-cmd timesync disable"
146 service "open-vm-tools" do
147 action [:enable, :start]
148 supports :status => true, :restart => true
152 units.sort.uniq.each do |unit|
153 service "serial-getty@ttyS#{unit}" do
154 action [:enable, :start]
159 # if we need a different / special kernel version to make the hardware
160 # work (e.g: https://github.com/openstreetmap/operations/issues/45) then
161 # ensure that we have the package installed. the grub template will
162 # make sure that this is the default on boot.
163 if node[:hardware][:grub][:kernel]
164 kernel_version = node[:hardware][:grub][:kernel]
166 package "linux-image-#{kernel_version}-generic"
167 package "linux-image-extra-#{kernel_version}-generic"
168 package "linux-headers-#{kernel_version}-generic"
169 package "linux-tools-#{kernel_version}-generic"
171 boot_device = IO.popen(["df", "/boot"]).readlines.last.split.first
172 boot_uuid = IO.popen(["blkid", "-o", "value", "-s", "UUID", boot_device]).readlines.first.chomp
173 grub_entry = "gnulinux-advanced-#{boot_uuid}>gnulinux-#{kernel_version}-advanced-#{boot_uuid}"
178 if File.exist?("/etc/default/grub")
179 execute "update-grub" do
181 command "/usr/sbin/update-grub"
185 template "/etc/default/grub" do
190 variables :units => units, :entry => grub_entry
191 notifies :run, "execute[update-grub]"
195 package "initramfs-tools"
197 execute "update-initramfs" do
199 command "update-initramfs -u -k all"
204 template "/etc/initramfs-tools/conf.d/mdadm" do
205 source "initramfs-mdadm.erb"
209 notifies :run, "execute[update-initramfs]"
212 # haveged is only required on older kernels
213 # /dev/random is not blocking anymore in 5.15+
214 if Chef::Util.compare_versions(node[:kernel][:release], [5, 15]).negative?
217 action [:enable, :start]
221 action [:stop, :disable]
228 watchdog_module = %w[hpwdt sp5100_tco].find do |module_name|
229 node[:hardware][:pci]&.any? { |_, pci| pci[:modules]&.any?(module_name) }
232 if node[:kernel][:modules].include?("ipmi_si")
234 package "freeipmi-tools"
236 template "/etc/prometheus/ipmi_local.yml" do
237 source "ipmi_local.yml.erb"
243 prometheus_exporter "ipmi" do
246 private_devices false
248 system_call_filter ["@system-service", "@raw-io"]
249 options "--config.file=/etc/prometheus/ipmi_local.yml"
250 subscribes :restart, "template[/etc/prometheus/ipmi_local.yml]"
253 watchdog_module ||= "ipmi_watchdog"
258 service "irqbalance" do
259 action [:start, :enable]
260 supports :status => false, :restart => true, :reload => false
266 action [:start, :enable]
267 supports :status => true, :restart => true, :reload => true
270 ohai_plugin "lldp" do
271 template "lldp.rb.erb"
279 service "rasdaemon" do
280 action [:enable, :start]
283 prometheus_exporter "rasdaemon" do
291 if node[:virtualization][:role] != "guest" ||
292 (node[:virtualization][:system] != "lxc" &&
293 node[:virtualization][:system] != "lxd" &&
294 node[:virtualization][:system] != "openvz")
296 node[:kernel][:modules].each_key do |modname|
299 tools_packages << "ssacli"
300 status_packages["cciss-vol-status"] ||= []
302 tools_packages << "ssacli"
303 status_packages["cciss-vol-status"] ||= []
305 tools_packages << "lsiutil"
306 status_packages["mpt-status"] ||= []
307 when "mpt2sas", "mpt3sas"
308 tools_packages << "sas2ircu"
309 status_packages["sas2ircu-status"] ||= []
311 tools_packages << "megacli"
312 status_packages["megaclisas-status"] ||= []
314 tools_packages << "arcconf"
315 status_packages["aacraid-status"] ||= []
317 tools_packages << "areca"
321 node[:block_device].each do |name, attributes|
322 next unless attributes[:vendor] == "HP" && attributes[:model] == "LOGICAL VOLUME"
324 if name =~ /^cciss!(c[0-9]+)d[0-9]+$/
325 status_packages["cciss-vol-status"] |= ["cciss/#{Regexp.last_match[1]}d0"]
327 Dir.glob("/sys/block/#{name}/device/scsi_generic/*").each do |sg|
328 status_packages["cciss-vol-status"] |= [File.basename(sg)]
334 include_recipe "apt::hwraid" unless status_packages.empty?
336 %w[ssacli lsiutil sas2ircu megactl megacli arcconf].each do |tools_package|
337 if tools_packages.include?(tools_package)
338 package tools_package
340 package tools_package do
346 if tools_packages.include?("areca")
351 repository "https://git.openstreetmap.org/private/areca.git"
358 directory "/opt/areca" do
364 %w[cciss-vol-status mpt-status sas2ircu-status megaclisas-status aacraid-status].each do |status_package|
365 if status_packages.include?(status_package)
366 package status_package
368 service "#{status_package}d" do
369 action [:stop, :disable]
372 file "/etc/default/#{status_package}d" do
376 package status_package do
382 systemd_service "cciss-vol-statusd" do
386 template "/usr/local/bin/cciss-vol-statusd" do
390 disks = if node[:hardware][:disk]
391 node[:hardware][:disk][:disks]
396 intel_ssds = disks.select { |d| d[:vendor] == "INTEL" && d[:model] =~ /^SSD/ }
398 nvmes = if node[:hardware][:pci]
399 node[:hardware][:pci].values.select { |pci| pci[:driver] == "nvme" }
408 intel_nvmes = nvmes.select { |pci| pci[:vendor_name] == "Intel Corporation" }
410 if !intel_ssds.empty? || !intel_nvmes.empty?
413 sst_tool_version = "1.3"
414 sst_package_version = "#{sst_tool_version}.208-0"
416 # remote_file "#{Chef::Config[:file_cache_path]}/SST_CLI_Linux_#{sst_tool_version}.zip" do
417 # source "https://downloadmirror.intel.com/743764/SST_CLI_Linux_#{sst_tool_version}.zip"
420 execute "#{Chef::Config[:file_cache_path]}/SST_CLI_Linux_#{sst_tool_version}.zip" do
421 command "unzip SST_CLI_Linux_#{sst_tool_version}.zip sst_#{sst_package_version}_amd64.deb"
422 cwd Chef::Config[:file_cache_path]
425 not_if { ::File.exist?("#{Chef::Config[:file_cache_path]}/sst_#{sst_package_version}_amd64.deb") }
428 dpkg_package "sst" do
429 version "#{sst_package_version}"
430 source "#{Chef::Config[:file_cache_path]}/sst_#{sst_package_version}_amd64.deb"
433 dpkg_package "intelmas" do
438 disks = disks.map do |disk|
439 next if disk[:state] == "spun_down" || %w[unconfigured failed].any?(disk[:status])
441 if disk[:smart_device]
442 controller = node[:hardware][:disk][:controllers][disk[:controller]]
444 if controller && controller[:device]
445 device = controller[:device].sub("/dev/", "")
446 smart = disk[:smart_device]
448 device = disk[:device].sub("/dev/", "")
449 smart = disk[:smart_device]
451 elsif disk[:device] =~ %r{^/dev/(nvme\d+)n\d+$}
452 device = Regexp.last_match(1)
454 device = disk[:device].sub("/dev/", "")
465 disks = disks.compact.uniq
467 if disks.count.positive?
468 apt_preference "smartmontools" do
472 package "smartmontools"
474 template "/etc/cron.daily/update-smart-drivedb" do
475 source "update-smart-drivedb.erb"
481 template "/usr/local/bin/smartd-mailer" do
482 source "smartd-mailer.erb"
488 template "/etc/smartd.conf" do
489 source "smartd.conf.erb"
493 variables :disks => disks
496 template "/etc/default/smartmontools" do
497 source "smartmontools.erb"
503 service "smartmontools" do
504 action [:enable, :start]
505 subscribes :reload, "template[/etc/smartd.conf]"
506 subscribes :restart, "template[/etc/default/smartmontools]"
509 template "/etc/prometheus/collectors/smart.devices" do
510 source "smart.devices.erb"
514 variables :disks => disks
517 prometheus_collector "smart" do
520 capability_bounding_set %w[CAP_DAC_OVERRIDE CAP_SYS_ADMIN CAP_SYS_RAWIO]
521 private_devices false
527 action [:stop, :disable]
531 if File.exist?("/etc/mdadm/mdadm.conf")
532 mdadm_conf = edit_file "/etc/mdadm/mdadm.conf" do |line|
533 line.gsub!(/^MAILADDR .*$/, "MAILADDR admins@openstreetmap.org")
538 file "/etc/mdadm/mdadm.conf" do
545 service "mdmonitor" do
547 subscribes :restart, "file[/etc/mdadm/mdadm.conf]"
551 file "/etc/modules" do
555 node[:hardware][:modules].each do |module_name|
556 kernel_module module_name do
562 node[:hardware][:blacklisted_modules].each do |module_name|
563 kernel_module module_name do
569 kernel_module watchdog_module do
573 execute "systemctl-reload" do
575 command "systemctl daemon-reload"
580 directory "/etc/systemd/system.conf.d" do
586 template "/etc/systemd/system.conf.d/watchdog.conf" do
587 source "watchdog.conf.erb"
591 notifies :run, "execute[systemctl-reload]"
595 unless Dir.glob("/sys/class/hwmon/hwmon*").empty?
598 Dir.glob("/sys/devices/platform/coretemp.*").each do |coretemp|
599 cpu = File.basename(coretemp).sub("coretemp.", "").to_i
600 chip = format("coretemp-isa-%04d", cpu)
602 temps = if File.exist?("#{coretemp}/name")
603 Dir.glob("#{coretemp}/temp*_input").map do |temp|
604 File.basename(temp).sub("temp", "").sub("_input", "").to_i
607 Dir.glob("#{coretemp}/hwmon/hwmon*/temp*_input").map do |temp|
608 File.basename(temp).sub("temp", "").sub("_input", "").to_i
613 node.default[:hardware][:sensors][chip][:temps][:temp1][:label] = "CPU #{cpu}"
617 temps.each_with_index do |temp, index|
618 node.default[:hardware][:sensors][chip][:temps]["temp#{temp}"][:label] = "CPU #{cpu} Core #{index}"
622 execute "/etc/sensors.d/chef.conf" do
624 command "/usr/bin/sensors -s"
629 template "/etc/sensors.d/chef.conf" do
630 source "sensors.conf.erb"
634 notifies :run, "execute[/etc/sensors.d/chef.conf]"
638 if node[:hardware][:shm_size]
639 execute "remount-dev-shm" do
641 command "/bin/mount -o remount /dev/shm"
650 options "rw,nosuid,nodev,size=#{node[:hardware][:shm_size]}"
651 notifies :run, "execute[remount-dev-shm]"
655 prometheus_collector "ohai" do
659 capability_bounding_set %w[CAP_DAC_OVERRIDE CAP_SYS_ADMIN CAP_SYS_RAWIO]
660 private_devices false
663 protect_kernel_modules false
projects / chef.git / blob