给 openshift 的 coreos 编译内核驱动 rpm

作者有文档和项目，描述了如何编译设备的内核驱动，但是在 openshift 这里，rh-coreos用的 kernel 是高级订阅才有的，我们没办法弄一个和 rh-coreos 相同内核的 rhel 出来，也就没办法继续编译 .ko 了。

好在 openshift 发行版给了一个容器，里面有高级订阅才有的kernel版本开发包，可以帮助我们把这个 .ko 给编译出来，进而编译一个 rpm 包出来。那么我们今天就一步一步做做看。

制作一个工具镜像

openshift 发行版，自带一个 driver-toolkit 镜像，里面有 kernel 相关的开发包，满足了编译的需求，我们的目标是编译一个 rpm，那么我们就需要补充完善这个工具镜像。

OCP_VERSION=$(oc get clusterversion/version -ojsonpath={.status.desired.version})
DRIVER_TOOLKIT_IMAGE=$(oc adm release info $OCP_VERSION --image-for=driver-toolkit)

echo $OCP_VERSION
# 4.11.39
echo $DRIVER_TOOLKIT_IMAGE
# quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:dfed734e35163b1ab8483568780d13b528b4c0f558f8e727538af723b7a41ed4

# build a new image based on driver toolkit
# on a rhel
mkdir -p /data/driver
cd /data/driver

cat << EOF > docker.file
FROM quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:dfed734e35163b1ab8483568780d13b528b4c0f558f8e727538af723b7a41ed4

RUN dnf install -y rpm-build 
RUN cd /root && git clone https://github.com/wangzheng422/nic-rpm-rnp
RUN cd /root/nic-rpm-rnp && git checkout ocp-4.11.36
RUN mv /root/nic-rpm-rnp/rpmbuild /root/
EOF

podman build --no-cache --authfile /data/pull-secret.json -t quay.io/wangzheng422/driver-toolkit:nic-rpm-rnp-v03 -f docker.file .

podman push quay.io/wangzheng422/driver-toolkit:nic-rpm-rnp-v03

在 openshift 里面编译 rpm

我们有了工具镜像，就可以用特权模式运行它，然后到这个 pod 里面，去运行编译命令，完成 rpm 的编译。

# come back to your cluster
# https://master.sdk.operatorframework.io/docs/best-practices/pod-security-standards/
oc create ns driver-build
oc label --overwrite ns driver-build \
   pod-security.kubernetes.io/enforce=privileged

# oc create serviceaccount -n driver-build demo-app
# oc adm policy add-scc-to-user privileged -z demo-app -n driver-build

cat << EOF > ~/wzh/build.yaml
apiVersion: v1
kind: Pod
metadata:
  name: kmod-driver-samplepod
  annotations:
    openshift.io/scc: privileged
    # openshift.io/scc: restricted-v2

spec:
  # serviceAccountName: demo-app
  containers:
  - image: quay.io/wangzheng422/driver-toolkit:nic-rpm-rnp-v03
    name: simple-kmod-driver-container
    imagePullPolicy: Always
    command: [sleep, infinity]
    securityContext:
      # privileged: true
      AllowPrivilegedContainer: true
  # nodeSelector:
  #   node-role.kubernetes.io/worker: ""
EOF

oc create --save-config -n driver-build -f ~/wzh/build.yaml

# oc delete -n driver-build -f ~/wzh/build.yaml

# oc get all -n driver-build
# NAME                        READY   STATUS    RESTARTS   AGE
# pod/kmod-driver-samplepod   1/1     Running   0          22m

oc rsh -n driver-build pod/kmod-driver-samplepod

bash
cd ~/nic-rpm-rnp
tar zvxf rnp-nic-drv-0.1.6.rc44-35c40ea.tgz
cd rnp-nic-drv-0.1.6.rc44-35c40ea
cd rnp
bash do_build.sh
#   MODPOST 1 modules
#   CC      /root/nic-rpm-rnp/rnp-nic-drv-0.1.6.rc44-35c40ea/rnp/rnp.mod.o
#   LD [M]  /root/nic-rpm-rnp/rnp-nic-drv-0.1.6.rc44-35c40ea/rnp/rnp.ko
# make[1]: Leaving directory '/usr/src/kernels/4.18.0-372.52.1.el8_6.x86_64'
exit

# copy the rpm out to helper node
mkdir -p ~/wzh/rsync
oc project driver-build
oc rsync kmod-driver-samplepod:/root/rpmbuild/RPMS/x86_64/ ~/wzh/rsync/

scp ~/wzh/rsync/rnp-nic-drv-0.1.6.rc44_35c40ea-1.el8.x86_64.rpm core@172.29.17.61:~/

安装 rpm

我们有了驱动rpm，那么我们就直接在node上安装，看看效果吧。

ssh core@172.29.17.61
sudo -i
rpm-ostree install /home/core/rnp-nic-drv-0.1.6.rc44_35c40ea-1.el8.x86_64.rpm

# wait 1 mins at least, then
systemctl reboot

rpm-ostree status
# State: idle
# Deployments:
# ● pivot://quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:9b2f4d103a9116e5fb0e5237dd7c932360dda0ef77d3d435374692eaa26dad7c
#               CustomOrigin: Managed by machine-config-operator
#                    Version: 411.86.202304190130-0 (2023-04-19T01:34:04Z)
#              LocalPackages: rnp-nic-drv-0.1.6.rc44_35c40ea-1.el8.x86_64

################
# nic driver update
oc project driver-build

oc cp ./rnp-0.2.0-wzh.tar.gz driver-build/kmod-driver-samplepod:/root/rnp-0.2.0-wzh.tar.gz

oc rsh -n driver-build pod/kmod-driver-samplepod

bash
cd /root
rpmbuild -tb rnp-0.2.0-wzh.tar.gz

oc cp driver-build/kmod-driver-samplepod:/root/rpmbuild/RPMS/x86_64/rnp-0.2.0-1.x86_64.rpm ./rnp-0.2.0-1.x86_64.rpm

scp rnp-0.2.0-1.x86_64.rpm core@172.29.17.61:~/

ssh core@172.29.17.61
sudo -i

rpm-ostree install /home/core/rnp-0.2.0-1.x86_64.rpm

end


#### 使用ethtool命令更新固件
>新固件须重启设备后生效

1.1拷贝固件到Linux系统的/lib/firmware路径下

cp xxx.img.bin /lib/firmware

1.2执行烧录命令，<ethx>需要修改为实际网口名

ethtool -f <ethx> xxx.img.bin 0

@注意:指定网卡上任何一个网口，执行一次更新固件动作即可

ocp crash

https://access.redhat.com/solutions/5907731

rpm-ostree kargs --append='crashkernel=256M slub_debug=FZPU'

rpm-ostree kargs --delete='crashkernel=256M'

rpm-ostree kargs --delete='slub_debug=FZPU'

rpm-ostree kargs --append='slub_debug=F'