Perry Myers
2008-Sep-22 13:33 UTC
[Ovirt-devel] [PATCH appliance] Integrated AOS tooling into the appliance rpm
From: Bryan Kearney <bkearney at redhat.com> --- Makefile.am | 3 - common-install.ks | 22 ---- common-pkgs.ks | 28 ----- common-post.ks | 88 -------------- ovirt-appliance.ks | 300 +++++++++-------------------------------------- ovirt-appliance.spec.in | 3 + 6 files changed, 58 insertions(+), 386 deletions(-) delete mode 100644 common-install.ks delete mode 100644 common-pkgs.ks delete mode 100644 common-post.ks diff --git a/Makefile.am b/Makefile.am index 8392f2c..adfc9f9 100644 --- a/Makefile.am +++ b/Makefile.am @@ -19,9 +19,6 @@ OVIRT_CACHE_DIR ?= $(HOME)/ovirt-cache EXTRA_DIST = \ .gitignore \ - common-install.ks \ - common-pkgs.ks \ - common-post.ks \ create-ovirt-appliance \ gettree.sh \ ovirt-appliance.ks \ diff --git a/common-install.ks b/common-install.ks deleted file mode 100644 index c55303b..0000000 --- a/common-install.ks +++ /dev/null @@ -1,22 +0,0 @@ -lang en_US.UTF-8 -keyboard us -network --device eth0 --bootproto dhcp -rootpw --iscrypted Xa8QeYfWrtscM -firewall --disabled -authconfig --enableshadow --enablemd5 -selinux --disabled -services --disabled=libvirtd,postgresql --enabled=network,tgtd,nfs,iptables -timezone --utc UTC -text - -bootloader --location=mbr --driveorder=sda -# The following is the partition information you requested -# Note that any partitions you deleted are not expressed -# here so unless you clear all partitions first, this is -# not guaranteed to work -zerombr -clearpart --all --drives=sda -part /boot --ondisk=sda --fstype=ext3 --size=100 -part / --ondisk=sda --fstype=ext3 --size=20000 -part swap --ondisk=sda --fstype=swap --size=512 -reboot diff --git a/common-pkgs.ks b/common-pkgs.ks deleted file mode 100644 index 226085d..0000000 --- a/common-pkgs.ks +++ /dev/null @@ -1,28 +0,0 @@ - at core -kernel -cronie -policycoreutils -chkconfig -rootfiles -dhclient -libvirt-python -openssh-clients -openssh-server -nfs-utils -collectd -collectd-rrdtool -ipa-server -ipa-admintools -scsi-target-utils -iscsi-initiator-utils -ovirt-server -ovirt-node-image-pxe -ovirt-release -rhpl -cobbler -rubygem-cobbler -bind-utils -augeas -syslinux -/usr/sbin/lokkit -curl diff --git a/common-post.ks b/common-post.ks deleted file mode 100644 index a5d79ce..0000000 --- a/common-post.ks +++ /dev/null @@ -1,88 +0,0 @@ -# -*-Shell-script-*- -PATH=/sbin:/usr/sbin:/bin:/usr/bin -export PATH - -# pretty login screen.. -g=$(printf '\33[1m\33[32m') # similar to g=$(tput bold; tput setaf 2) -n=$(printf '\33[m') # similar to n=$(tput sgr0) -cat <<EOF > /etc/issue - - 888 888 ${g}d8b$n 888 - 888 888 ${g}Y8P$n 888 - 888 888 888 - .d88b. Y88b d88P 888 888d888 888888 - d88''88b Y88b d88P 888 888P' 888 - 888 888 Y88o88P 888 888 888 - Y88..88P Y888P 888 888 Y88b. - 'Y88P' Y8P 888 888 'Y888 - - Admin Node - - Virtualization just got the ${g}Green Light$n - -EOF -cp /etc/issue /etc/issue.net - -cat > /etc/init.d/ovirt-appliance-first-run << \EOF -#!/bin/bash -# -# ovirt-appliance-first-run First run configuration for oVirt Appliance -# -# chkconfig: 3 96 01 -# description: ovirt appliance first run configuration -# - -# Source functions library -. /etc/init.d/functions - -start() { - echo -n "Starting ovirt-appliance-first-run: " - - ovirt-server-install > /var/log/ovirt-appliance-first-run.log 2>&1 - - RETVAL=$? - if [ $RETVAL -eq 0 ]; then - echo_success - else - echo_failure - fi - echo -} - -case "$1" in - start) - start - ;; - *) - echo "Usage: ovirt-appliance-first-run {start}" - exit 2 -esac - -chkconfig ovirt-appliance-first-run off -EOF -chmod +x /etc/init.d/ovirt-appliance-first-run -chkconfig ovirt-appliance-first-run on - -cat > /etc/yum.repos.d/ovirt.repo << \EOF -[ovirt] -name=ovirt -baseurl=http://ovirt.org/repos/ovirt/9/$basearch/ -enabled=1 -gpgcheck=0 -EOF - -# XXX default configuration db -cat > /var/www/html/ovirt-cfgdb << \EOF -rm /files/etc/sysconfig/network-scripts/ifcfg-eth0 -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/DEVICE eth0 -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/ONBOOT yes -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/BRIDGE ovirtbr0 -rm /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0 -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/DEVICE ovirtbr0 -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/BOOTPROTO dhcp -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/ONBOOT y -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/TYPE Bridge -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/PEERNTP yes -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/DELAY 0 -EOF - diff --git a/ovirt-appliance.ks b/ovirt-appliance.ks index bb2340a..7680c83 100644 --- a/ovirt-appliance.ks +++ b/ovirt-appliance.ks @@ -1,270 +1,81 @@ install -%include common-install.ks +lang en_US.UTF-8 +keyboard us +network --device eth0 --bootproto dhcp +rootpw --iscrypted Xa8QeYfWrtscM +firewall --disabled +authconfig --enableshadow --enablemd5 +selinux --disabled +services --disabled=libvirtd,postgresql --enabled=network,tgtd,nfs,iptables +timezone --utc UTC +text + +bootloader --location=mbr --driveorder=sda +# The following is the partition information you requested +# Note that any partitions you deleted are not expressed +# here so unless you clear all partitions first, this is +# not guaranteed to work +zerombr +clearpart --all --drives=sda +part /boot --ondisk=sda --fstype=ext3 --size=100 +part / --ondisk=sda --fstype=ext3 --size=20000 +part swap --ondisk=sda --fstype=swap --size=512 +reboot network --device=eth1 --bootproto=static --ip=192.168.50.2 --netmask=255.255.255.0 --onboot=on --nameserver=192.168.50.2 --hostname=management.priv.ovirt.org %include repos.ks %packages --nobase - -%include common-pkgs.ks +%include /usr/share/appliance-tools/base-pkgs.ks +ovirt-recipe +lokkit %post -exec > /root/kickstart-post.log 2>&1 - -%include common-post.ks + exec > /root/kickstart-post.log 2>&1 -# FIXME [PATCH] fix SelinuxConfig firewall side-effect -lokkit -f --nostart --disabled -# FIXME imgcreate.kickstart.NetworkConfig doesn't store nameserver into ifcfg-* -# only in resolv.conf which gets overwritten by dhclient-script -augtool <<EOF -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/PEERDNS no -set /files/etc/sysconfig/network-scripts/ifcfg-eth1/DNS1 192.168.50.2 -save -EOF - -# the code to contact the host we are running on and make it configure itself -# note that this has to be done in rc.local (as opposed to ovirt-wui-dev) -# because when ovirt-wui-dev starts, the host-browser is not yet running -cat >> /etc/rc.d/rc.local << \EOF + # the code to contact the host we are running on and make it configure itself + # note that this has to be done in rc.local (as opposed to ovirt-wui-dev) + # because when ovirt-wui-dev starts, the host-browser is not yet running + cat >> /etc/rc.d/rc.local << \EOF # Try to contact the host we are running on; if we succeed, we'll use it as # one of the managed nodes; if not, no big deal (exec 3<> /dev/tcp/192.168.50.1/7777 && echo "AWAKE" 1>&3 \ && exec 3<> /dev/tcp/192.168.50.1/7777 && echo "IDENTIFY" 1>&3) || : EOF -# make sure to update the /etc/hosts with the list of all possible DHCP -# addresses we can hand out; dnsmasq uses this -sed -i -e 's/management\.priv\.ovirt\.org//' /etc/hosts -echo "192.168.50.1 physical.priv.ovirt.org" >> /etc/hosts -echo "192.168.50.2 management.priv.ovirt.org" >> /etc/hosts -for i in `seq 3 252` ; do + # make sure to update the /etc/hosts with the list of all possible DHCP + # addresses we can hand out; dnsmasq uses this + sed -i -e 's/management\.priv\.ovirt\.org//' /etc/hosts + echo "192.168.50.2 management.priv.ovirt.org" >> /etc/hosts + for i in `seq 3 252` ; do echo "192.168.50.$i node$i.priv.ovirt.org" >> /etc/hosts -done - -# Enable forwarding so this node can act as a router for the .50 network -sed -i 's/net.ipv4.ip_forward = .*/net.ipv4.ip_forward = 1/' /etc/sysctl.conf -cat > /etc/sysconfig/iptables << EOF -*nat --A POSTROUTING -o eth0 -j MASQUERADE -COMMIT -EOF + done -# Create sparse files for iSCSI backing stores -mkdir -p /ovirtiscsi -for i in `seq 3 5`; do + # Create sparse files for iSCSI backing stores + mkdir -p /ovirtiscsi + for i in `seq 3 5`; do dd if=/dev/null of=/ovirtiscsi/iSCSI$i bs=1 count=1 seek=3G -done + done -# make an NFS directory with some small, fake disks and export them via NFS -# to show off the NFS part of the Server -mkdir -p /ovirtnfs -for i in `seq 1 3`; do + # make an NFS directory with some small, fake disks and export them via NFS + # to show off the NFS part of the WUI + mkdir -p /ovirtnfs + for i in `seq 1 3`; do dd if=/dev/zero of=/ovirtnfs/disk$i.dsk bs=1 count=1 seek=3G -done -echo "/ovirtnfs 192.168.50.0/24(rw,no_root_squash)" >> /etc/exports - -# make collectd.conf. -cat > /etc/collectd.conf << \EOF -LoadPlugin network -LoadPlugin logfile -LoadPlugin rrdtool -LoadPlugin unixsock - -<Plugin logfile> - LogLevel info - File STDOUT -</Plugin> - -<Plugin network> - Listen "0.0.0.0" -</Plugin> - -<Plugin rrdtool> - DataDir "/var/lib/collectd/rrd" - CacheTimeout 120 - CacheFlush 900 -</Plugin> - -<Plugin unixsock> - SocketFile "/var/lib/collectd/unixsock" -</Plugin> - -EOF - - -principal=ovirtadmin -password=ovirt -first_run_file=/etc/init.d/ovirt-server-appliance-first-run -sed -e "s, at principal@,$principal," \ - -e "s, at password@,$password,g" \ - > $first_run_file << \EOF -#!/bin/bash -# -# ovirt-server-appliance-first-run First run configuration for oVirt Server Appliance -# -# chkconfig: 3 95 01 -# description: ovirt server appliance first run configuration -# - -# Source functions library -. /etc/init.d/functions - -export PATH=/usr/kerberos/bin:$PATH - -start() { - echo -n "Starting ovirt-server-appliance-first-run: " - ( - # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=451936 - sed -i '/\[kdcdefaults\]/a \ kdc_ports = 88' /usr/share/ipa/kdc.conf.template - # set up freeipa - ipa-server-install -r PRIV.OVIRT.ORG -p @password@ -P @password@ -a @password@ \ - --hostname management.priv.ovirt.org -u dirsrv -U - - # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=459061 - # note: this has to happen after ipa-server-install or the templating - # feature in ipa-server-install chokes on the characters in the regexp - # we add here. - sed -i -e 's#<Proxy \*>#<ProxyMatch ^.*/ipa/ui.*$>#' \ - /etc/httpd/conf.d/ipa.conf - sed -i -e 's#</Proxy>#</ProxyMatch>#' /etc/httpd/conf.d/ipa.conf - # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=459209 - sed -i -e 's/^/#/' /etc/httpd/conf.d/ipa-rewrite.conf - service httpd restart - # now create the ovirtadmin user - echo @password@|kinit admin - # change max username length policy - ldapmodify -h management.priv.ovirt.org -p 389 -Y GSSAPI <<LDAP -dn: cn=ipaConfig,cn=etc,dc=priv,dc=ovirt,dc=org -changetype: modify -replace: ipaMaxUsernameLength -ipaMaxUsernameLength: 12 -LDAP - ipa-adduser -f Ovirt -l Admin -p @password@ @principal@ - # make ovitadmin also an IPA admin - ipa-modgroup -a ovirtadmin admins - ipa-moduser --setattr krbPasswordExpiration=19700101000000Z @principal@ - - ) > /var/log/ovirt-server-appliance-first-run.log 2>&1 - RETVAL=$? - if [ $RETVAL -eq 0 ]; then - echo_success - else - echo_failure - fi - echo -} + done + echo "/ovirtnfs 192.168.50.0/24(rw,no_root_squash)" >> /etc/exports -case "$1" in - start) - start - ;; - *) - echo "Usage: ovirt-server-appliance-first-run {start}" - exit 2 -esac - -chkconfig ovirt-server-appliance-first-run off -EOF -chmod +x $first_run_file -chkconfig ovirt-server-appliance-first-run on - -cat > /etc/init.d/ovirt-server-appliance << \EOF -#!/bin/bash -# -# ovirt-server-appliance oVirt Server Appliance service -# -# chkconfig: 3 60 40 -# description: ovirt server Appliance service -# - -# Source functions library -. /etc/init.d/functions - -start() { - echo -n "Starting ovirt-server-appliance: " - dnsmasq -i eth1 -F 192.168.50.6,192.168.50.252 \ - -G 00:16:3e:12:34:57,192.168.50.3 -G 00:16:3e:12:34:58,192.168.50.4 \ - -G 00:16:3e:12:34:59,192.168.50.5 \ - -s priv.ovirt.org \ - -W _ovirt._tcp,management.priv.ovirt.org,80 \ - -W _ipa._tcp,management.priv.ovirt.org,80 \ - -W _ldap._tcp,management.priv.ovirt.org,389 \ - -W _collectd._tcp,management.priv.ovirt.org,25826 \ - -W _identify._tcp,management.priv.ovirt.org,12120 \ - --enable-tftp --tftp-root=/var/lib/tftpboot -M pxelinux.0 \ - -O option:router,192.168.50.2 -O option:ntp-server,192.168.50.2 \ - --dhcp-option=12 \ - -R --local /priv.ovirt.org/ --server 192.168.122.1 - - # Set up the fake iscsi target - tgtadm --lld iscsi --op new --mode target --tid 1 \ - -T ovirtpriv:storage - - # - # Now associate them to the backing stores - # - tgtadm --lld iscsi --op new --mode logicalunit --tid 1 \ - --lun 1 -b /ovirtiscsi/iSCSI3 - tgtadm --lld iscsi --op new --mode logicalunit --tid 1 \ - --lun 2 -b /ovirtiscsi/iSCSI4 - tgtadm --lld iscsi --op new --mode logicalunit --tid 1 \ - --lun 3 -b /ovirtiscsi/iSCSI5 - - # - # Now make them available - # - tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL - - echo_success - echo -} - -stop() { - echo -n "Stopping ovirt-server-appliance: " - - # stop access to the iscsi target - tgtadm --lld iscsi --op unbind --mode target --tid 1 -I ALL - - # unbind the LUNs - tgtadm --lld iscsi --op delete --mode logicalunit --tid 1 --lun 3 - tgtadm --lld iscsi --op delete --mode logicalunit --tid 1 --lun 2 - tgtadm --lld iscsi --op delete --mode logicalunit --tid 1 --lun 1 - - # shutdown the target - tgtadm --lld iscsi --op delete --mode target --tid 1 - - kill $(cat /var/run/dnsmasq.pid) - - echo_success - echo -} - -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart) - stop - start - ;; - *) - echo "Usage: ovirt-server-appliance {start|stop|restart}" - exit 2 -esac -EOF -chmod +x /etc/init.d/ovirt-server-appliance -chkconfig ovirt-server-appliance on + # The ace stuff. + /sbin/chkconfig --level 35 ace on + mkdir /etc/sysconfig/ace + echo ovirt >> /etc/sysconfig/ace/appliancename + /sbin/chkconfig --add acpid %end %post --nochroot - # distribution tree is ready in tmp/tree set -e python -c ' from iniparse.ini import INIConfig @@ -330,11 +141,6 @@ EOF # Cobbler configuration %post exec >> /root/kickstart-post.log 2>&1 - # ovirt/ovirt - echo ovirt:Cobbler:68db208a546dcedf34edf0b4fe0ab1f2 > /etc/cobbler/users.digest - # make cobbler check happier - mkdir -p /etc/vsftpd - touch /etc/vsftpd/vsftpd.conf # TODO use Augeas 0.3.0 Inifile lens sed -i -e "s/^module = authn_denyall.*/module = authn_configfile/" \ /etc/cobbler/modules.conf @@ -345,3 +151,7 @@ EOF sed -i -e "s/^ONTIMEOUT.*/ONTIMEOUT $(cat /tmp/cobbler-default)/" \ /etc/cobbler/pxedefault.template %end + +%post --nochroot + cp ovirt-splash.xpm.gz $INSTALL_ROOT/boot/grub/splash.xpm.gz +%end diff --git a/ovirt-appliance.spec.in b/ovirt-appliance.spec.in index fc58fb5..aac30cc 100644 --- a/ovirt-appliance.spec.in +++ b/ovirt-appliance.spec.in @@ -1,6 +1,7 @@ %{!?ovirt_cache_dir: %define ovirt_cache_dir /var/tmp/ovirt-cache} %{!?ovirt_local_repo: %define ovirt_local_repo file://%{ovirt_cache_dir}/ovirt} %{!?ovirt_url: %define ovirt_url http://ovirt.org/repos/ovirt} +%{!?thincrust_url: %define thincrust_url http://www.thincrust.net/repo} %{?fedora_url: %define fedora_tree_url %{fedora_url}/releases/%{fedora}/Fedora/%{_arch}/os} %{!?fedora_tree_url: %define fedora_tree_url http://download.fedoraproject.org/pub/fedora/linux/releases/%{fedora}/Fedora/%{_arch}/os} %{!?bad_pkgs: %define bad_pkgs rubygem-rails,rubygem-activesupport,rubygem-activerecord} @@ -56,6 +57,8 @@ fi cat >> repos.ks << EOF repo --name=ovirt-org --baseurl=%{ovirt_url}/%{fedora}/%{_arch} repo --name=ovirt-local --baseurl=%{ovirt_local_repo} +repo --name=thincrust-org --baseurl=%{thincrust_url}/noarch + EOF mkdir -p %{ovirt_cache_dir}/appliance-tmp/tree -- 1.5.5.1
Perry Myers
2008-Sep-22 13:33 UTC
[Ovirt-devel] [PATCH appliance] Remove splash installation since it is now part of the recipe install
Signed-off-by: Perry Myers <pmyers at redhat.com> --- ovirt-appliance.ks | 5 ----- 1 files changed, 0 insertions(+), 5 deletions(-) diff --git a/ovirt-appliance.ks b/ovirt-appliance.ks index 7680c83..edb0bf5 100644 --- a/ovirt-appliance.ks +++ b/ovirt-appliance.ks @@ -72,7 +72,6 @@ EOF mkdir /etc/sysconfig/ace echo ovirt >> /etc/sysconfig/ace/appliancename /sbin/chkconfig --add acpid - %end %post --nochroot @@ -151,7 +150,3 @@ EOF sed -i -e "s/^ONTIMEOUT.*/ONTIMEOUT $(cat /tmp/cobbler-default)/" \ /etc/cobbler/pxedefault.template %end - -%post --nochroot - cp ovirt-splash.xpm.gz $INSTALL_ROOT/boot/grub/splash.xpm.gz -%end -- 1.5.5.1
Bryan Kearney
2008-Sep-22 14:12 UTC
[Ovirt-devel] Re: [PATCH appliance] Integrated AOS tooling into the appliance rpm
Perry Myers wrote:> From: Bryan Kearney <bkearney at redhat.com> > > --- > Makefile.am | 3 - > common-install.ks | 22 ---- > common-pkgs.ks | 28 ----- > common-post.ks | 88 -------------- > ovirt-appliance.ks | 300 +++++++++-------------------------------------- > ovirt-appliance.spec.in | 3 + > 6 files changed, 58 insertions(+), 386 deletions(-) > delete mode 100644 common-install.ks > delete mode 100644 common-pkgs.ks > delete mode 100644 common-post.ks > > diff --git a/Makefile.am b/Makefile.am > index 8392f2c..adfc9f9 100644 > --- a/Makefile.am > +++ b/Makefile.am > @@ -19,9 +19,6 @@ OVIRT_CACHE_DIR ?= $(HOME)/ovirt-cache > > EXTRA_DIST = \ > .gitignore \ > - common-install.ks \ > - common-pkgs.ks \ > - common-post.ks \ > create-ovirt-appliance \ > gettree.sh \ > ovirt-appliance.ks \ > diff --git a/common-install.ks b/common-install.ks > deleted file mode 100644 > index c55303b..0000000 > --- a/common-install.ks > +++ /dev/null > @@ -1,22 +0,0 @@ > -lang en_US.UTF-8 > -keyboard us > -network --device eth0 --bootproto dhcp > -rootpw --iscrypted Xa8QeYfWrtscM > -firewall --disabled > -authconfig --enableshadow --enablemd5 > -selinux --disabled > -services --disabled=libvirtd,postgresql --enabled=network,tgtd,nfs,iptables > -timezone --utc UTC > -text > - > -bootloader --location=mbr --driveorder=sda > -# The following is the partition information you requested > -# Note that any partitions you deleted are not expressed > -# here so unless you clear all partitions first, this is > -# not guaranteed to work > -zerombr > -clearpart --all --drives=sda > -part /boot --ondisk=sda --fstype=ext3 --size=100 > -part / --ondisk=sda --fstype=ext3 --size=20000 > -part swap --ondisk=sda --fstype=swap --size=512 > -reboot > diff --git a/common-pkgs.ks b/common-pkgs.ks > deleted file mode 100644 > index 226085d..0000000 > --- a/common-pkgs.ks > +++ /dev/null > @@ -1,28 +0,0 @@ > - at core > -kernel > -cronie > -policycoreutils > -chkconfig > -rootfiles > -dhclient > -libvirt-python > -openssh-clients > -openssh-server > -nfs-utils > -collectd > -collectd-rrdtool > -ipa-server > -ipa-admintools > -scsi-target-utils > -iscsi-initiator-utils > -ovirt-server > -ovirt-node-image-pxe > -ovirt-release > -rhpl > -cobbler > -rubygem-cobbler > -bind-utils > -augeas > -syslinux > -/usr/sbin/lokkit > -curl > diff --git a/common-post.ks b/common-post.ks > deleted file mode 100644 > index a5d79ce..0000000 > --- a/common-post.ks > +++ /dev/null > @@ -1,88 +0,0 @@ > -# -*-Shell-script-*- > -PATH=/sbin:/usr/sbin:/bin:/usr/bin > -export PATH > - > -# pretty login screen.. > -g=$(printf '\33[1m\33[32m') # similar to g=$(tput bold; tput setaf 2) > -n=$(printf '\33[m') # similar to n=$(tput sgr0) > -cat <<EOF > /etc/issue > - > - 888 888 ${g}d8b$n 888 > - 888 888 ${g}Y8P$n 888 > - 888 888 888 > - .d88b. Y88b d88P 888 888d888 888888 > - d88''88b Y88b d88P 888 888P' 888 > - 888 888 Y88o88P 888 888 888 > - Y88..88P Y888P 888 888 Y88b. > - 'Y88P' Y8P 888 888 'Y888 > - > - Admin Node > - > - Virtualization just got the ${g}Green Light$n > - > -EOF > -cp /etc/issue /etc/issue.net > - > -cat > /etc/init.d/ovirt-appliance-first-run << \EOF > -#!/bin/bash > -# > -# ovirt-appliance-first-run First run configuration for oVirt Appliance > -# > -# chkconfig: 3 96 01 > -# description: ovirt appliance first run configuration > -# > - > -# Source functions library > -. /etc/init.d/functions > - > -start() { > - echo -n "Starting ovirt-appliance-first-run: " > - > - ovirt-server-install > /var/log/ovirt-appliance-first-run.log 2>&1 > - > - RETVAL=$? > - if [ $RETVAL -eq 0 ]; then > - echo_success > - else > - echo_failure > - fi > - echo > -} > - > -case "$1" in > - start) > - start > - ;; > - *) > - echo "Usage: ovirt-appliance-first-run {start}" > - exit 2 > -esac > - > -chkconfig ovirt-appliance-first-run off > -EOF > -chmod +x /etc/init.d/ovirt-appliance-first-run > -chkconfig ovirt-appliance-first-run on > - > -cat > /etc/yum.repos.d/ovirt.repo << \EOF > -[ovirt] > -name=ovirt > -baseurl=http://ovirt.org/repos/ovirt/9/$basearch/ > -enabled=1 > -gpgcheck=0 > -EOF > - > -# XXX default configuration db > -cat > /var/www/html/ovirt-cfgdb << \EOF > -rm /files/etc/sysconfig/network-scripts/ifcfg-eth0 > -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/DEVICE eth0 > -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/ONBOOT yes > -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/BRIDGE ovirtbr0 > -rm /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0 > -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/DEVICE ovirtbr0 > -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/BOOTPROTO dhcp > -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/ONBOOT y > -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/TYPE Bridge > -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/PEERNTP yes > -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/DELAY 0 > -EOF > - > diff --git a/ovirt-appliance.ks b/ovirt-appliance.ks > index bb2340a..7680c83 100644 > --- a/ovirt-appliance.ks > +++ b/ovirt-appliance.ks > @@ -1,270 +1,81 @@ > install > > -%include common-install.ks > +lang en_US.UTF-8 > +keyboard us > +network --device eth0 --bootproto dhcp > +rootpw --iscrypted Xa8QeYfWrtscM > +firewall --disabled > +authconfig --enableshadow --enablemd5 > +selinux --disabled > +services --disabled=libvirtd,postgresql --enabled=network,tgtd,nfs,iptables > +timezone --utc UTC > +text > + > +bootloader --location=mbr --driveorder=sda > +# The following is the partition information you requested > +# Note that any partitions you deleted are not expressed > +# here so unless you clear all partitions first, this is > +# not guaranteed to work > +zerombr > +clearpart --all --drives=sda > +part /boot --ondisk=sda --fstype=ext3 --size=100 > +part / --ondisk=sda --fstype=ext3 --size=20000 > +part swap --ondisk=sda --fstype=swap --size=512 > +reboot > > network --device=eth1 --bootproto=static --ip=192.168.50.2 --netmask=255.255.255.0 --onboot=on --nameserver=192.168.50.2 --hostname=management.priv.ovirt.org > > %include repos.ks > > %packages --nobase > - > -%include common-pkgs.ks > +%include /usr/share/appliance-tools/base-pkgs.ks > +ovirt-recipe > +lokkit > > %post > -exec > /root/kickstart-post.log 2>&1 > - > -%include common-post.ks > + exec > /root/kickstart-post.log 2>&1 > > -# FIXME [PATCH] fix SelinuxConfig firewall side-effect > -lokkit -f --nostart --disabled > -# FIXME imgcreate.kickstart.NetworkConfig doesn't store nameserver into ifcfg-* > -# only in resolv.conf which gets overwritten by dhclient-script > -augtool <<EOF > -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/PEERDNS no > -set /files/etc/sysconfig/network-scripts/ifcfg-eth1/DNS1 192.168.50.2 > -save > -EOF > - > -# the code to contact the host we are running on and make it configure itself > -# note that this has to be done in rc.local (as opposed to ovirt-wui-dev) > -# because when ovirt-wui-dev starts, the host-browser is not yet running > -cat >> /etc/rc.d/rc.local << \EOF > + # the code to contact the host we are running on and make it configure itself > + # note that this has to be done in rc.local (as opposed to ovirt-wui-dev) > + # because when ovirt-wui-dev starts, the host-browser is not yet running > + cat >> /etc/rc.d/rc.local << \EOF > # Try to contact the host we are running on; if we succeed, we'll use it as > # one of the managed nodes; if not, no big deal > (exec 3<> /dev/tcp/192.168.50.1/7777 && echo "AWAKE" 1>&3 \ > && exec 3<> /dev/tcp/192.168.50.1/7777 && echo "IDENTIFY" 1>&3) || : > EOF > > -# make sure to update the /etc/hosts with the list of all possible DHCP > -# addresses we can hand out; dnsmasq uses this > -sed -i -e 's/management\.priv\.ovirt\.org//' /etc/hosts > -echo "192.168.50.1 physical.priv.ovirt.org" >> /etc/hosts > -echo "192.168.50.2 management.priv.ovirt.org" >> /etc/hosts > -for i in `seq 3 252` ; do > + # make sure to update the /etc/hosts with the list of all possible DHCP > + # addresses we can hand out; dnsmasq uses this > + sed -i -e 's/management\.priv\.ovirt\.org//' /etc/hosts > + echo "192.168.50.2 management.priv.ovirt.org" >> /etc/hosts > + for i in `seq 3 252` ; do > echo "192.168.50.$i node$i.priv.ovirt.org" >> /etc/hosts > -done > - > -# Enable forwarding so this node can act as a router for the .50 network > -sed -i 's/net.ipv4.ip_forward = .*/net.ipv4.ip_forward = 1/' /etc/sysctl.conf > -cat > /etc/sysconfig/iptables << EOF > -*nat > --A POSTROUTING -o eth0 -j MASQUERADE > -COMMIT > -EOF > + done > > -# Create sparse files for iSCSI backing stores > -mkdir -p /ovirtiscsi > -for i in `seq 3 5`; do > + # Create sparse files for iSCSI backing stores > + mkdir -p /ovirtiscsi > + for i in `seq 3 5`; do > dd if=/dev/null of=/ovirtiscsi/iSCSI$i bs=1 count=1 seek=3G > -done > + done > > -# make an NFS directory with some small, fake disks and export them via NFS > -# to show off the NFS part of the Server > -mkdir -p /ovirtnfs > -for i in `seq 1 3`; do > + # make an NFS directory with some small, fake disks and export them via NFS > + # to show off the NFS part of the WUI > + mkdir -p /ovirtnfs > + for i in `seq 1 3`; do > dd if=/dev/zero of=/ovirtnfs/disk$i.dsk bs=1 count=1 seek=3G > -done > -echo "/ovirtnfs 192.168.50.0/24(rw,no_root_squash)" >> /etc/exports > - > -# make collectd.conf. > -cat > /etc/collectd.conf << \EOF > -LoadPlugin network > -LoadPlugin logfile > -LoadPlugin rrdtool > -LoadPlugin unixsock > - > -<Plugin logfile> > - LogLevel info > - File STDOUT > -</Plugin> > - > -<Plugin network> > - Listen "0.0.0.0" > -</Plugin> > - > -<Plugin rrdtool> > - DataDir "/var/lib/collectd/rrd" > - CacheTimeout 120 > - CacheFlush 900 > -</Plugin> > - > -<Plugin unixsock> > - SocketFile "/var/lib/collectd/unixsock" > -</Plugin> > - > -EOF > - > - > -principal=ovirtadmin > -password=ovirt > -first_run_file=/etc/init.d/ovirt-server-appliance-first-run > -sed -e "s, at principal@,$principal," \ > - -e "s, at password@,$password,g" \ > - > $first_run_file << \EOF > -#!/bin/bash > -# > -# ovirt-server-appliance-first-run First run configuration for oVirt Server Appliance > -# > -# chkconfig: 3 95 01 > -# description: ovirt server appliance first run configuration > -# > - > -# Source functions library > -. /etc/init.d/functions > - > -export PATH=/usr/kerberos/bin:$PATH > - > -start() { > - echo -n "Starting ovirt-server-appliance-first-run: " > - ( > - # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=451936 > - sed -i '/\[kdcdefaults\]/a \ kdc_ports = 88' /usr/share/ipa/kdc.conf.template > - # set up freeipa > - ipa-server-install -r PRIV.OVIRT.ORG -p @password@ -P @password@ -a @password@ \ > - --hostname management.priv.ovirt.org -u dirsrv -U > - > - # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=459061 > - # note: this has to happen after ipa-server-install or the templating > - # feature in ipa-server-install chokes on the characters in the regexp > - # we add here. > - sed -i -e 's#<Proxy \*>#<ProxyMatch ^.*/ipa/ui.*$>#' \ > - /etc/httpd/conf.d/ipa.conf > - sed -i -e 's#</Proxy>#</ProxyMatch>#' /etc/httpd/conf.d/ipa.conf > - # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=459209 > - sed -i -e 's/^/#/' /etc/httpd/conf.d/ipa-rewrite.conf > - service httpd restart > - # now create the ovirtadmin user > - echo @password@|kinit admin > - # change max username length policy > - ldapmodify -h management.priv.ovirt.org -p 389 -Y GSSAPI <<LDAP > -dn: cn=ipaConfig,cn=etc,dc=priv,dc=ovirt,dc=org > -changetype: modify > -replace: ipaMaxUsernameLength > -ipaMaxUsernameLength: 12 > -LDAP > - ipa-adduser -f Ovirt -l Admin -p @password@ @principal@ > - # make ovitadmin also an IPA admin > - ipa-modgroup -a ovirtadmin admins > - ipa-moduser --setattr krbPasswordExpiration=19700101000000Z @principal@ > - > - ) > /var/log/ovirt-server-appliance-first-run.log 2>&1 > - RETVAL=$? > - if [ $RETVAL -eq 0 ]; then > - echo_success > - else > - echo_failure > - fi > - echo > -} > + done > + echo "/ovirtnfs 192.168.50.0/24(rw,no_root_squash)" >> /etc/exports > > -case "$1" in > - start) > - start > - ;; > - *) > - echo "Usage: ovirt-server-appliance-first-run {start}" > - exit 2 > -esac > - > -chkconfig ovirt-server-appliance-first-run off > -EOF > -chmod +x $first_run_file > -chkconfig ovirt-server-appliance-first-run on > - > -cat > /etc/init.d/ovirt-server-appliance << \EOF > -#!/bin/bash > -# > -# ovirt-server-appliance oVirt Server Appliance service > -# > -# chkconfig: 3 60 40 > -# description: ovirt server Appliance service > -# > - > -# Source functions library > -. /etc/init.d/functions > - > -start() { > - echo -n "Starting ovirt-server-appliance: " > - dnsmasq -i eth1 -F 192.168.50.6,192.168.50.252 \ > - -G 00:16:3e:12:34:57,192.168.50.3 -G 00:16:3e:12:34:58,192.168.50.4 \ > - -G 00:16:3e:12:34:59,192.168.50.5 \ > - -s priv.ovirt.org \ > - -W _ovirt._tcp,management.priv.ovirt.org,80 \ > - -W _ipa._tcp,management.priv.ovirt.org,80 \ > - -W _ldap._tcp,management.priv.ovirt.org,389 \ > - -W _collectd._tcp,management.priv.ovirt.org,25826 \ > - -W _identify._tcp,management.priv.ovirt.org,12120 \ > - --enable-tftp --tftp-root=/var/lib/tftpboot -M pxelinux.0 \ > - -O option:router,192.168.50.2 -O option:ntp-server,192.168.50.2 \ > - --dhcp-option=12 \ > - -R --local /priv.ovirt.org/ --server 192.168.122.1 > - > - # Set up the fake iscsi target > - tgtadm --lld iscsi --op new --mode target --tid 1 \ > - -T ovirtpriv:storage > - > - # > - # Now associate them to the backing stores > - # > - tgtadm --lld iscsi --op new --mode logicalunit --tid 1 \ > - --lun 1 -b /ovirtiscsi/iSCSI3 > - tgtadm --lld iscsi --op new --mode logicalunit --tid 1 \ > - --lun 2 -b /ovirtiscsi/iSCSI4 > - tgtadm --lld iscsi --op new --mode logicalunit --tid 1 \ > - --lun 3 -b /ovirtiscsi/iSCSI5 > - > - # > - # Now make them available > - # > - tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL > - > - echo_success > - echo > -} > - > -stop() { > - echo -n "Stopping ovirt-server-appliance: " > - > - # stop access to the iscsi target > - tgtadm --lld iscsi --op unbind --mode target --tid 1 -I ALL > - > - # unbind the LUNs > - tgtadm --lld iscsi --op delete --mode logicalunit --tid 1 --lun 3 > - tgtadm --lld iscsi --op delete --mode logicalunit --tid 1 --lun 2 > - tgtadm --lld iscsi --op delete --mode logicalunit --tid 1 --lun 1 > - > - # shutdown the target > - tgtadm --lld iscsi --op delete --mode target --tid 1 > - > - kill $(cat /var/run/dnsmasq.pid) > - > - echo_success > - echo > -} > - > -case "$1" in > - start) > - start > - ;; > - stop) > - stop > - ;; > - restart) > - stop > - start > - ;; > - *) > - echo "Usage: ovirt-server-appliance {start|stop|restart}" > - exit 2 > -esac > -EOF > -chmod +x /etc/init.d/ovirt-server-appliance > -chkconfig ovirt-server-appliance on > + # The ace stuff. > + /sbin/chkconfig --level 35 ace on > + mkdir /etc/sysconfig/ace > + echo ovirt >> /etc/sysconfig/ace/appliancename > + /sbin/chkconfig --add acpid > > %end > > %post --nochroot > - # distribution tree is ready in tmp/tree > set -e > python -c ' > from iniparse.ini import INIConfig > @@ -330,11 +141,6 @@ EOF > # Cobbler configuration > %post > exec >> /root/kickstart-post.log 2>&1 > - # ovirt/ovirt > - echo ovirt:Cobbler:68db208a546dcedf34edf0b4fe0ab1f2 > /etc/cobbler/users.digest > - # make cobbler check happier > - mkdir -p /etc/vsftpd > - touch /etc/vsftpd/vsftpd.conf > # TODO use Augeas 0.3.0 Inifile lens > sed -i -e "s/^module = authn_denyall.*/module = authn_configfile/" \ > /etc/cobbler/modules.conf > @@ -345,3 +151,7 @@ EOF > sed -i -e "s/^ONTIMEOUT.*/ONTIMEOUT $(cat /tmp/cobbler-default)/" \ > /etc/cobbler/pxedefault.template > %end > + > +%post --nochroot > + cp ovirt-splash.xpm.gz $INSTALL_ROOT/boot/grub/splash.xpm.gz > +%end > diff --git a/ovirt-appliance.spec.in b/ovirt-appliance.spec.in > index fc58fb5..aac30cc 100644 > --- a/ovirt-appliance.spec.in > +++ b/ovirt-appliance.spec.in > @@ -1,6 +1,7 @@ > %{!?ovirt_cache_dir: %define ovirt_cache_dir /var/tmp/ovirt-cache} > %{!?ovirt_local_repo: %define ovirt_local_repo file://%{ovirt_cache_dir}/ovirt} > %{!?ovirt_url: %define ovirt_url http://ovirt.org/repos/ovirt} > +%{!?thincrust_url: %define thincrust_url http://www.thincrust.net/repo} > %{?fedora_url: %define fedora_tree_url %{fedora_url}/releases/%{fedora}/Fedora/%{_arch}/os} > %{!?fedora_tree_url: %define fedora_tree_url http://download.fedoraproject.org/pub/fedora/linux/releases/%{fedora}/Fedora/%{_arch}/os} > %{!?bad_pkgs: %define bad_pkgs rubygem-rails,rubygem-activesupport,rubygem-activerecord} > @@ -56,6 +57,8 @@ fi > cat >> repos.ks << EOF > repo --name=ovirt-org --baseurl=%{ovirt_url}/%{fedora}/%{_arch} > repo --name=ovirt-local --baseurl=%{ovirt_local_repo} > +repo --name=thincrust-org --baseurl=%{thincrust_url}/noarch > + > EOF > > mkdir -p %{ovirt_cache_dir}/appliance-tmp/treeACK
Daniel P. Berrange
2008-Sep-22 14:21 UTC
[Ovirt-devel] [PATCH appliance] Integrated AOS tooling into the appliance rpm
On Mon, Sep 22, 2008 at 09:33:42AM -0400, Perry Myers wrote:> From: Bryan Kearney <bkearney at redhat.com>ACK only on the basis that:> @@ -56,6 +57,8 @@ fi > cat >> repos.ks << EOF > repo --name=ovirt-org --baseurl=%{ovirt_url}/%{fedora}/%{_arch} > repo --name=ovirt-local --baseurl=%{ovirt_local_repo} > +repo --name=thincrust-org --baseurl=%{thincrust_url}/noarchAll the RPMs in thincrust.org repo have review tickets present in Fedora BZ and are being actively worked on to get into Fedora 10. Please provide the review ticket urls so we can ensure this is addressed in a timely manner. Any non-Fedora repos must be a short term hack only and each RPM used from non-Fedora repos must have an associated BZ ticket in Fedora to track the problem which prevents us from using normal Fedora packages. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|