centra/photoncloud-monorepo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
photoncloud-monorepo/baremetal/vm-cluster/launch-node03-netboot.sh
centra d2149b6249 fix(lightningstor): Fix SigV4 canonicalization for AWS S3 auth 
- Replace form_urlencoded with RFC 3986 compliant URI encoding
- Implement aws_uri_encode() matching AWS SigV4 spec exactly
- Unreserved chars (A-Z,a-z,0-9,-,_,.,~) not encoded
- All other chars percent-encoded with uppercase hex
- Preserve slashes in paths, encode in query params
- Normalize empty paths to '/' per AWS spec
- Fix test expectations (body hash, HMAC values)
- Add comprehensive SigV4 signature determinism test

This fixes the canonicalization mismatch that caused signature
validation failures in T047. Auth can now be enabled for production.

Refs: T058.S1
2025-12-12 06:23:46 +09:00

83 lines
3 KiB
Bash
Executable file
Raw Blame History

#!/usr/bin/env bash
set -euo pipefail
# PlasmaCloud VM Cluster - Node 01 (Netboot with SSH Key)
# Features:
# - Direct kernel/initrd boot (no ISO required)
# - SSH key authentication baked in (no password setup needed)
# - Multicast socket for inter-VM L2 communication (eth0)
# - SLIRP with SSH port forward for host access (eth1)
# - Telnet serial console
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
DISK="${SCRIPT_DIR}/node03.qcow2"
KERNEL="${SCRIPT_DIR}/netboot-kernel/bzImage"
INITRD="${SCRIPT_DIR}/netboot-initrd/initrd"
# Networking
MAC_MCAST="52:54:00:12:34:03" # eth0: multicast (192.168.100.13)
MAC_SLIRP="52:54:00:aa:bb:03" # eth1: SLIRP DHCP (10.0.2.15)
MCAST_ADDR="230.0.0.1:1234"
SSH_PORT=2203 # Host port -> VM port 22
# Console access
VNC_DISPLAY=":3" # VNC fallback
SERIAL_PORT=4403 # Telnet serial
# Verify netboot artifacts exist
if [ ! -f "$KERNEL" ]; then
echo "ERROR: Kernel not found at $KERNEL"
echo "Build with: nix build .#nixosConfigurations.netboot-base.config.system.build.kernel"
exit 1
fi
if [ ! -f "$INITRD" ]; then
echo "ERROR: Initrd not found at $INITRD"
echo "Build with: nix build .#nixosConfigurations.netboot-base.config.system.build.netbootRamdisk"
exit 1
fi
echo "============================================"
echo "Launching node03 with netboot (SSH key auth)..."
echo "============================================"
echo " Disk: ${DISK}"
echo " Kernel: ${KERNEL}"
echo " Initrd: ${INITRD}"
echo ""
echo "Network interfaces:"
echo " eth0 (mcast): MAC ${MAC_MCAST} -> configure 192.168.100.13"
echo " eth1 (SLIRP): MAC ${MAC_SLIRP} -> DHCP (10.0.2.x), SSH on host:${SSH_PORT}"
echo ""
echo "Console access:"
echo " Serial: telnet localhost ${SERIAL_PORT}"
echo " VNC: vncviewer localhost${VNC_DISPLAY} (port 5901)"
echo " SSH: ssh -o StrictHostKeyChecking=no -p ${SSH_PORT} root@localhost"
echo ""
echo "SSH key authentication is ENABLED (no password required!)"
echo "============================================"
qemu-system-x86_64 \
-name node03-netboot \
-machine type=q35,accel=kvm \
-cpu host \
-smp 8 \
-m 16G \
-drive file="${DISK}",if=virtio,format=qcow2 \
-kernel "${KERNEL}" \
-initrd "${INITRD}" \
-append "init=/nix/store/qj1ilfdd8fcrmz4pk282p5qdf2q0vkmh-nixos-system-nixos-kexec-26.05.20251205.f61125a/init console=ttyS0,115200 console=tty0 loglevel=4" \
-netdev vde,id=vde0,sock=/tmp/vde.sock \
-device virtio-net-pci,netdev=vde0,mac="${MAC_MCAST}" \
-netdev user,id=user0,hostfwd=tcp::${SSH_PORT}-:22 \
-device virtio-net-pci,netdev=user0,mac="${MAC_SLIRP}" \
-vnc "${VNC_DISPLAY}" \
-serial mon:telnet:127.0.0.1:${SERIAL_PORT},server,nowait \
-daemonize
echo ""
echo "VM started! SSH should be available immediately:"
echo " ssh -o StrictHostKeyChecking=no -p ${SSH_PORT} root@localhost"
echo ""
echo "If needed, serial console:"
echo " telnet localhost ${SERIAL_PORT}"
echo ""
Reference in a new issue View git blame Copy permalink