Disable DLAMI aws-ubuntu-eni-helper to prevent confict with configure_nw_interface.sh

Refactor of log4j-cve-2021-44228-hotpatch service disabling

Author: francesco-giordano

CHANGELOG.md

@@ -44,6 +44,8 @@ This file is used to list changes made in each version of the AWS ParallelCluste
   - selinux-6.0.4 (from selinux-3.1.1)
   - yum-7.4.0 (from yum-6.1.1)
   - yum-epel-4.5.0 (from yum-epel-4.1.2)
+- Disable `aws-ubuntu-eni-helper` service, available in Deep Learning AMIs, to avoid conflicts with `configure_nw_interface.sh` when configuring instances with multiple network cards.
+- Set MTU to 9001 for all the network interfaces when configuring instances with multiple network cards.
 
 3.1.4
 ------

cookbooks/aws-parallelcluster-install/libraries/helpers.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+# Copyright:: 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License").
+# You may not use this file except in compliance with the License.
+# A copy of the License is located at
+#
+# http://aws.amazon.com/apache2.0/
+#
+# or in the "LICENSE.txt" file accompanying this file.
+# This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied.
+# See the License for the specific language governing permissions and limitations under the License.
+
+#
+# Disable service
+#
+def disable_service(service, platform_families = %i(rhel amazon debian), operations = :disable)
+  if platform_family?(platform_families)
+    service service do
+      action operations
+    end
+  end
+end

cookbooks/aws-parallelcluster-install/recipes/base.rb

@@ -18,7 +18,7 @@
 include_recipe "aws-parallelcluster::setup_envars"
 include_recipe "aws-parallelcluster-install::sudoers"
 include_recipe "aws-parallelcluster-install::cluster_admin_user"
-include_recipe "aws-parallelcluster-install::disable_log4j_patcher"
+include_recipe "aws-parallelcluster-install::disable_services" unless virtualized?
 
 case node['platform_family']
 when 'rhel', 'amazon'

cookbooks/aws-parallelcluster-install/recipes/disable_log4j_patcher.rb renamed to cookbooks/aws-parallelcluster-install/recipes/disable_services.rb

@@ -2,9 +2,9 @@
 
 #
 # Cookbook:: aws-parallelcluster
-# Recipe:: disable_log4j_patcher
+# Recipe:: disable_services
 #
-# Copyright:: 2013-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# Copyright:: 2013-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the
 # License. A copy of the License is located at
@@ -15,13 +15,11 @@
 # OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions and
 # limitations under the License.
 
-# default openmpi installation conflicts with new install
-# new one is installed in /opt/amazon/efa/bin/
+# Disable DLAMI multi eni helper
+# no only_if statement because if the service is not present the action disable does not return error
+disable_service('aws-ubuntu-eni-helper', 'debian', %i(disable stop mask))
 
-if platform_family?('amazon')
-  # masking the service in order to prevent it from being automatically enabled
-  # if not installed yet
-  service 'log4j-cve-2021-44228-hotpatch' do
-    action %i(disable stop mask)
-  end
-end
+# Disable log4j-cve-2021-44228-hotpatch
+# masking the service in order to prevent it from being automatically enabled
+# if not installed yet
+disable_service('log4j-cve-2021-44228-hotpatch', 'amazon', %i(disable stop mask))

cookbooks/aws-parallelcluster-test/libraries/helpers.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-# Copyright:: 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# Copyright:: 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License").
 # You may not use this file except in compliance with the License.
@@ -224,3 +224,14 @@ def check_ssh_target_checker_vpc_cidr_list(ssh_target_checker_script, expected_c
     TEST
   end
 end
+
+#
+# Check if a service is disabled
+#
+def is_service_disabled(service, platform_families = %i(rhel amazon debian))
+  if platform_family?(platform_families)
+    execute "check #{service} service is disabled" do
+      command "systemctl is-enabled #{service} && exit 1 || exit 0"
+    end
+  end
+end

cookbooks/aws-parallelcluster-test/recipes/tests.rb

@@ -541,6 +541,16 @@ module load intelmpi && mpirun --help | grep '#{node['cluster']['intelmpi']['kit
   command "systemctl is-enabled ec2blkdev"
 end
 
+###################
+# Verify that aws-ubuntu-eni-helper service is disabled
+###################
+is_service_disabled('aws-ubuntu-eni-helper', 'debian')
+
+###################
+# Verify that log4j-cve-2021-44228-hotpatch service is disabled
+###################
+is_service_disabled('log4j-cve-2021-44228-hotpatch', 'amazon')
+
 ###################
 # clusterstatusmgtd
 ###################