class grub {
+ $grub_do_ifnames = ($::kernel == 'Linux' and $::is_virtual and $::virtual == 'kvm')
+
if ($::kernel == 'Linux' and $::is_virtual and $::virtual == 'kvm') {
$grub_manage = true
$grub_do_kernel_serial = true
$grub_do_grub_serial = true
- $grub_do_ifnames = true
- } elsif $::hostname in [ubc-enc2bl01,ubc-enc2bl02,ubc-enc2bl09,ubc-enc2bl10,casulana,mirror-anu,sallinen,storace,mirror-skroutz] {
+ } elsif $::hostname in [ubc-enc2bl01,ubc-enc2bl02,ubc-enc2bl09,ubc-enc2bl10,casulana,mirror-anu,sallinen,storace,mirror-accumu,bm-bl1,bm-bl2,bm-bl3,bm-bl4,bm-bl5,bm-bl6,bm-bl7,bm-bl8,bm-bl9,bm-bl10,bm-bl11,bm-bl12,bm-bl13,bm-bl14,grnet-node01,grnet-node02,csail-node01,csail-node02,byrd,mirror-isc,mirror-umn,lobos,villa,klecker,clementi,czerny] {
$grub_manage = true
$grub_do_kernel_serial = true
$grub_do_grub_serial = true
- $grub_do_nopat = true
- } elsif $::hostname in [mirror-accumu] {
+ } elsif $::hostname in [mirror-skroutz,conova-node01,conova-node02,arm-arm-01,fasolo] {
$grub_manage = true
$grub_do_kernel_serial = true
$grub_do_grub_serial = true
- $grub_do_nopat = true
+ } elsif $::hostname in [arm-arm-03] {
+ $grub_manage = true
+ $grub_do_kernel_serial = true
+ $grub_do_grub_serial = false
+ #} elsif $::hostname in [villa] {
+ # $grub_manage = true
+ # $grub_do_kernel_serial = false
+ # $grub_do_grub_serial = false
} else {
$grub_manage = false
}
-
if $grub_manage {
+ # hp-health requires nopat on linux 4.9
+ $grub_do_nopat = ($::systemproductname and $::systemproductname =~ /^ProLiant/ and versioncmp($::kernelversion, '4.9') >= 0)
+
+ $grub_do_pti_on = ($::debarchitecture == 'amd64' and versioncmp($::lsbmajdistrelease, '9') >= 0)
+
+ $grub_do_extra = $::hostname in [fasolo,grnet-node01,grnet-node02]
+
file { '/etc/default/grub':
# restore to default
source => 'puppet:///modules/grub/etc-default-grub',
}
file { '/etc/default/grub.d':
- ensure => directory
+ ensure => directory,
+ mode => '0555',
+ purge => true,
+ force => true,
+ recurse => true,
+ source => 'puppet:///files/empty/',
}
file { '/etc/default/grub.d/puppet-grub-serial.cfg':
content => template('grub/puppet-kernel-nopat.cfg.erb'),
notify => Exec['update-grub']
}
+
+ file { '/etc/default/grub.d/puppet-kernel-extra.cfg':
+ ensure => $grub_do_extra ? { true => 'present', default => 'absent' },
+ content => template('grub/puppet-kernel-extra.cfg.erb'),
+ notify => Exec['update-grub']
+ }
+
+ file { '/etc/default/grub.d/puppet-kernel-pti-on.cfg':
+ ensure => $grub_do_pti_on ? { true => 'present', default => 'absent' },
+ content => template('grub/puppet-kernel-pti-on.cfg.erb'),
+ notify => Exec['update-grub']
+ }
}
exec { 'update-grub':