[Ovirt-devel] Re: [PATCH appliance] Integrated AOS tooling into the appliance rpm
Bryan Kearney
bkearney at redhat.com
Mon Sep 22 14:12:10 UTC 2008
Perry Myers wrote:
> From: Bryan Kearney <bkearney at redhat.com>
>
> ---
> Makefile.am | 3 -
> common-install.ks | 22 ----
> common-pkgs.ks | 28 -----
> common-post.ks | 88 --------------
> ovirt-appliance.ks | 300 +++++++++--------------------------------------
> ovirt-appliance.spec.in | 3 +
> 6 files changed, 58 insertions(+), 386 deletions(-)
> delete mode 100644 common-install.ks
> delete mode 100644 common-pkgs.ks
> delete mode 100644 common-post.ks
>
> diff --git a/Makefile.am b/Makefile.am
> index 8392f2c..adfc9f9 100644
> --- a/Makefile.am
> +++ b/Makefile.am
> @@ -19,9 +19,6 @@ OVIRT_CACHE_DIR ?= $(HOME)/ovirt-cache
>
> EXTRA_DIST = \
> .gitignore \
> - common-install.ks \
> - common-pkgs.ks \
> - common-post.ks \
> create-ovirt-appliance \
> gettree.sh \
> ovirt-appliance.ks \
> diff --git a/common-install.ks b/common-install.ks
> deleted file mode 100644
> index c55303b..0000000
> --- a/common-install.ks
> +++ /dev/null
> @@ -1,22 +0,0 @@
> -lang en_US.UTF-8
> -keyboard us
> -network --device eth0 --bootproto dhcp
> -rootpw --iscrypted Xa8QeYfWrtscM
> -firewall --disabled
> -authconfig --enableshadow --enablemd5
> -selinux --disabled
> -services --disabled=libvirtd,postgresql --enabled=network,tgtd,nfs,iptables
> -timezone --utc UTC
> -text
> -
> -bootloader --location=mbr --driveorder=sda
> -# The following is the partition information you requested
> -# Note that any partitions you deleted are not expressed
> -# here so unless you clear all partitions first, this is
> -# not guaranteed to work
> -zerombr
> -clearpart --all --drives=sda
> -part /boot --ondisk=sda --fstype=ext3 --size=100
> -part / --ondisk=sda --fstype=ext3 --size=20000
> -part swap --ondisk=sda --fstype=swap --size=512
> -reboot
> diff --git a/common-pkgs.ks b/common-pkgs.ks
> deleted file mode 100644
> index 226085d..0000000
> --- a/common-pkgs.ks
> +++ /dev/null
> @@ -1,28 +0,0 @@
> - at core
> -kernel
> -cronie
> -policycoreutils
> -chkconfig
> -rootfiles
> -dhclient
> -libvirt-python
> -openssh-clients
> -openssh-server
> -nfs-utils
> -collectd
> -collectd-rrdtool
> -ipa-server
> -ipa-admintools
> -scsi-target-utils
> -iscsi-initiator-utils
> -ovirt-server
> -ovirt-node-image-pxe
> -ovirt-release
> -rhpl
> -cobbler
> -rubygem-cobbler
> -bind-utils
> -augeas
> -syslinux
> -/usr/sbin/lokkit
> -curl
> diff --git a/common-post.ks b/common-post.ks
> deleted file mode 100644
> index a5d79ce..0000000
> --- a/common-post.ks
> +++ /dev/null
> @@ -1,88 +0,0 @@
> -# -*-Shell-script-*-
> -PATH=/sbin:/usr/sbin:/bin:/usr/bin
> -export PATH
> -
> -# pretty login screen..
> -g=$(printf '\33[1m\33[32m') # similar to g=$(tput bold; tput setaf 2)
> -n=$(printf '\33[m') # similar to n=$(tput sgr0)
> -cat <<EOF > /etc/issue
> -
> - 888 888 ${g}d8b$n 888
> - 888 888 ${g}Y8P$n 888
> - 888 888 888
> - .d88b. Y88b d88P 888 888d888 888888
> - d88''88b Y88b d88P 888 888P' 888
> - 888 888 Y88o88P 888 888 888
> - Y88..88P Y888P 888 888 Y88b.
> - 'Y88P' Y8P 888 888 'Y888
> -
> - Admin Node
> -
> - Virtualization just got the ${g}Green Light$n
> -
> -EOF
> -cp /etc/issue /etc/issue.net
> -
> -cat > /etc/init.d/ovirt-appliance-first-run << \EOF
> -#!/bin/bash
> -#
> -# ovirt-appliance-first-run First run configuration for oVirt Appliance
> -#
> -# chkconfig: 3 96 01
> -# description: ovirt appliance first run configuration
> -#
> -
> -# Source functions library
> -. /etc/init.d/functions
> -
> -start() {
> - echo -n "Starting ovirt-appliance-first-run: "
> -
> - ovirt-server-install > /var/log/ovirt-appliance-first-run.log 2>&1
> -
> - RETVAL=$?
> - if [ $RETVAL -eq 0 ]; then
> - echo_success
> - else
> - echo_failure
> - fi
> - echo
> -}
> -
> -case "$1" in
> - start)
> - start
> - ;;
> - *)
> - echo "Usage: ovirt-appliance-first-run {start}"
> - exit 2
> -esac
> -
> -chkconfig ovirt-appliance-first-run off
> -EOF
> -chmod +x /etc/init.d/ovirt-appliance-first-run
> -chkconfig ovirt-appliance-first-run on
> -
> -cat > /etc/yum.repos.d/ovirt.repo << \EOF
> -[ovirt]
> -name=ovirt
> -baseurl=http://ovirt.org/repos/ovirt/9/$basearch/
> -enabled=1
> -gpgcheck=0
> -EOF
> -
> -# XXX default configuration db
> -cat > /var/www/html/ovirt-cfgdb << \EOF
> -rm /files/etc/sysconfig/network-scripts/ifcfg-eth0
> -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/DEVICE eth0
> -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/ONBOOT yes
> -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/BRIDGE ovirtbr0
> -rm /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0
> -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/DEVICE ovirtbr0
> -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/BOOTPROTO dhcp
> -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/ONBOOT y
> -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/TYPE Bridge
> -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/PEERNTP yes
> -set /files/etc/sysconfig/network-scripts/ifcfg-ovirtbr0/DELAY 0
> -EOF
> -
> diff --git a/ovirt-appliance.ks b/ovirt-appliance.ks
> index bb2340a..7680c83 100644
> --- a/ovirt-appliance.ks
> +++ b/ovirt-appliance.ks
> @@ -1,270 +1,81 @@
> install
>
> -%include common-install.ks
> +lang en_US.UTF-8
> +keyboard us
> +network --device eth0 --bootproto dhcp
> +rootpw --iscrypted Xa8QeYfWrtscM
> +firewall --disabled
> +authconfig --enableshadow --enablemd5
> +selinux --disabled
> +services --disabled=libvirtd,postgresql --enabled=network,tgtd,nfs,iptables
> +timezone --utc UTC
> +text
> +
> +bootloader --location=mbr --driveorder=sda
> +# The following is the partition information you requested
> +# Note that any partitions you deleted are not expressed
> +# here so unless you clear all partitions first, this is
> +# not guaranteed to work
> +zerombr
> +clearpart --all --drives=sda
> +part /boot --ondisk=sda --fstype=ext3 --size=100
> +part / --ondisk=sda --fstype=ext3 --size=20000
> +part swap --ondisk=sda --fstype=swap --size=512
> +reboot
>
> network --device=eth1 --bootproto=static --ip=192.168.50.2 --netmask=255.255.255.0 --onboot=on --nameserver=192.168.50.2 --hostname=management.priv.ovirt.org
>
> %include repos.ks
>
> %packages --nobase
> -
> -%include common-pkgs.ks
> +%include /usr/share/appliance-tools/base-pkgs.ks
> +ovirt-recipe
> +lokkit
>
> %post
> -exec > /root/kickstart-post.log 2>&1
> -
> -%include common-post.ks
> + exec > /root/kickstart-post.log 2>&1
>
> -# FIXME [PATCH] fix SelinuxConfig firewall side-effect
> -lokkit -f --nostart --disabled
> -# FIXME imgcreate.kickstart.NetworkConfig doesn't store nameserver into ifcfg-*
> -# only in resolv.conf which gets overwritten by dhclient-script
> -augtool <<EOF
> -set /files/etc/sysconfig/network-scripts/ifcfg-eth0/PEERDNS no
> -set /files/etc/sysconfig/network-scripts/ifcfg-eth1/DNS1 192.168.50.2
> -save
> -EOF
> -
> -# the code to contact the host we are running on and make it configure itself
> -# note that this has to be done in rc.local (as opposed to ovirt-wui-dev)
> -# because when ovirt-wui-dev starts, the host-browser is not yet running
> -cat >> /etc/rc.d/rc.local << \EOF
> + # the code to contact the host we are running on and make it configure itself
> + # note that this has to be done in rc.local (as opposed to ovirt-wui-dev)
> + # because when ovirt-wui-dev starts, the host-browser is not yet running
> + cat >> /etc/rc.d/rc.local << \EOF
> # Try to contact the host we are running on; if we succeed, we'll use it as
> # one of the managed nodes; if not, no big deal
> (exec 3<> /dev/tcp/192.168.50.1/7777 && echo "AWAKE" 1>&3 \
> && exec 3<> /dev/tcp/192.168.50.1/7777 && echo "IDENTIFY" 1>&3) || :
> EOF
>
> -# make sure to update the /etc/hosts with the list of all possible DHCP
> -# addresses we can hand out; dnsmasq uses this
> -sed -i -e 's/management\.priv\.ovirt\.org//' /etc/hosts
> -echo "192.168.50.1 physical.priv.ovirt.org" >> /etc/hosts
> -echo "192.168.50.2 management.priv.ovirt.org" >> /etc/hosts
> -for i in `seq 3 252` ; do
> + # make sure to update the /etc/hosts with the list of all possible DHCP
> + # addresses we can hand out; dnsmasq uses this
> + sed -i -e 's/management\.priv\.ovirt\.org//' /etc/hosts
> + echo "192.168.50.2 management.priv.ovirt.org" >> /etc/hosts
> + for i in `seq 3 252` ; do
> echo "192.168.50.$i node$i.priv.ovirt.org" >> /etc/hosts
> -done
> -
> -# Enable forwarding so this node can act as a router for the .50 network
> -sed -i 's/net.ipv4.ip_forward = .*/net.ipv4.ip_forward = 1/' /etc/sysctl.conf
> -cat > /etc/sysconfig/iptables << EOF
> -*nat
> --A POSTROUTING -o eth0 -j MASQUERADE
> -COMMIT
> -EOF
> + done
>
> -# Create sparse files for iSCSI backing stores
> -mkdir -p /ovirtiscsi
> -for i in `seq 3 5`; do
> + # Create sparse files for iSCSI backing stores
> + mkdir -p /ovirtiscsi
> + for i in `seq 3 5`; do
> dd if=/dev/null of=/ovirtiscsi/iSCSI$i bs=1 count=1 seek=3G
> -done
> + done
>
> -# make an NFS directory with some small, fake disks and export them via NFS
> -# to show off the NFS part of the Server
> -mkdir -p /ovirtnfs
> -for i in `seq 1 3`; do
> + # make an NFS directory with some small, fake disks and export them via NFS
> + # to show off the NFS part of the WUI
> + mkdir -p /ovirtnfs
> + for i in `seq 1 3`; do
> dd if=/dev/zero of=/ovirtnfs/disk$i.dsk bs=1 count=1 seek=3G
> -done
> -echo "/ovirtnfs 192.168.50.0/24(rw,no_root_squash)" >> /etc/exports
> -
> -# make collectd.conf.
> -cat > /etc/collectd.conf << \EOF
> -LoadPlugin network
> -LoadPlugin logfile
> -LoadPlugin rrdtool
> -LoadPlugin unixsock
> -
> -<Plugin logfile>
> - LogLevel info
> - File STDOUT
> -</Plugin>
> -
> -<Plugin network>
> - Listen "0.0.0.0"
> -</Plugin>
> -
> -<Plugin rrdtool>
> - DataDir "/var/lib/collectd/rrd"
> - CacheTimeout 120
> - CacheFlush 900
> -</Plugin>
> -
> -<Plugin unixsock>
> - SocketFile "/var/lib/collectd/unixsock"
> -</Plugin>
> -
> -EOF
> -
> -
> -principal=ovirtadmin
> -password=ovirt
> -first_run_file=/etc/init.d/ovirt-server-appliance-first-run
> -sed -e "s, at principal@,$principal," \
> - -e "s, at password@,$password,g" \
> - > $first_run_file << \EOF
> -#!/bin/bash
> -#
> -# ovirt-server-appliance-first-run First run configuration for oVirt Server Appliance
> -#
> -# chkconfig: 3 95 01
> -# description: ovirt server appliance first run configuration
> -#
> -
> -# Source functions library
> -. /etc/init.d/functions
> -
> -export PATH=/usr/kerberos/bin:$PATH
> -
> -start() {
> - echo -n "Starting ovirt-server-appliance-first-run: "
> - (
> - # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=451936
> - sed -i '/\[kdcdefaults\]/a \ kdc_ports = 88' /usr/share/ipa/kdc.conf.template
> - # set up freeipa
> - ipa-server-install -r PRIV.OVIRT.ORG -p @password@ -P @password@ -a @password@ \
> - --hostname management.priv.ovirt.org -u dirsrv -U
> -
> - # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=459061
> - # note: this has to happen after ipa-server-install or the templating
> - # feature in ipa-server-install chokes on the characters in the regexp
> - # we add here.
> - sed -i -e 's#<Proxy \*>#<ProxyMatch ^.*/ipa/ui.*$>#' \
> - /etc/httpd/conf.d/ipa.conf
> - sed -i -e 's#</Proxy>#</ProxyMatch>#' /etc/httpd/conf.d/ipa.conf
> - # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=459209
> - sed -i -e 's/^/#/' /etc/httpd/conf.d/ipa-rewrite.conf
> - service httpd restart
> - # now create the ovirtadmin user
> - echo @password@|kinit admin
> - # change max username length policy
> - ldapmodify -h management.priv.ovirt.org -p 389 -Y GSSAPI <<LDAP
> -dn: cn=ipaConfig,cn=etc,dc=priv,dc=ovirt,dc=org
> -changetype: modify
> -replace: ipaMaxUsernameLength
> -ipaMaxUsernameLength: 12
> -LDAP
> - ipa-adduser -f Ovirt -l Admin -p @password@ @principal@
> - # make ovitadmin also an IPA admin
> - ipa-modgroup -a ovirtadmin admins
> - ipa-moduser --setattr krbPasswordExpiration=19700101000000Z @principal@
> -
> - ) > /var/log/ovirt-server-appliance-first-run.log 2>&1
> - RETVAL=$?
> - if [ $RETVAL -eq 0 ]; then
> - echo_success
> - else
> - echo_failure
> - fi
> - echo
> -}
> + done
> + echo "/ovirtnfs 192.168.50.0/24(rw,no_root_squash)" >> /etc/exports
>
> -case "$1" in
> - start)
> - start
> - ;;
> - *)
> - echo "Usage: ovirt-server-appliance-first-run {start}"
> - exit 2
> -esac
> -
> -chkconfig ovirt-server-appliance-first-run off
> -EOF
> -chmod +x $first_run_file
> -chkconfig ovirt-server-appliance-first-run on
> -
> -cat > /etc/init.d/ovirt-server-appliance << \EOF
> -#!/bin/bash
> -#
> -# ovirt-server-appliance oVirt Server Appliance service
> -#
> -# chkconfig: 3 60 40
> -# description: ovirt server Appliance service
> -#
> -
> -# Source functions library
> -. /etc/init.d/functions
> -
> -start() {
> - echo -n "Starting ovirt-server-appliance: "
> - dnsmasq -i eth1 -F 192.168.50.6,192.168.50.252 \
> - -G 00:16:3e:12:34:57,192.168.50.3 -G 00:16:3e:12:34:58,192.168.50.4 \
> - -G 00:16:3e:12:34:59,192.168.50.5 \
> - -s priv.ovirt.org \
> - -W _ovirt._tcp,management.priv.ovirt.org,80 \
> - -W _ipa._tcp,management.priv.ovirt.org,80 \
> - -W _ldap._tcp,management.priv.ovirt.org,389 \
> - -W _collectd._tcp,management.priv.ovirt.org,25826 \
> - -W _identify._tcp,management.priv.ovirt.org,12120 \
> - --enable-tftp --tftp-root=/var/lib/tftpboot -M pxelinux.0 \
> - -O option:router,192.168.50.2 -O option:ntp-server,192.168.50.2 \
> - --dhcp-option=12 \
> - -R --local /priv.ovirt.org/ --server 192.168.122.1
> -
> - # Set up the fake iscsi target
> - tgtadm --lld iscsi --op new --mode target --tid 1 \
> - -T ovirtpriv:storage
> -
> - #
> - # Now associate them to the backing stores
> - #
> - tgtadm --lld iscsi --op new --mode logicalunit --tid 1 \
> - --lun 1 -b /ovirtiscsi/iSCSI3
> - tgtadm --lld iscsi --op new --mode logicalunit --tid 1 \
> - --lun 2 -b /ovirtiscsi/iSCSI4
> - tgtadm --lld iscsi --op new --mode logicalunit --tid 1 \
> - --lun 3 -b /ovirtiscsi/iSCSI5
> -
> - #
> - # Now make them available
> - #
> - tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL
> -
> - echo_success
> - echo
> -}
> -
> -stop() {
> - echo -n "Stopping ovirt-server-appliance: "
> -
> - # stop access to the iscsi target
> - tgtadm --lld iscsi --op unbind --mode target --tid 1 -I ALL
> -
> - # unbind the LUNs
> - tgtadm --lld iscsi --op delete --mode logicalunit --tid 1 --lun 3
> - tgtadm --lld iscsi --op delete --mode logicalunit --tid 1 --lun 2
> - tgtadm --lld iscsi --op delete --mode logicalunit --tid 1 --lun 1
> -
> - # shutdown the target
> - tgtadm --lld iscsi --op delete --mode target --tid 1
> -
> - kill $(cat /var/run/dnsmasq.pid)
> -
> - echo_success
> - echo
> -}
> -
> -case "$1" in
> - start)
> - start
> - ;;
> - stop)
> - stop
> - ;;
> - restart)
> - stop
> - start
> - ;;
> - *)
> - echo "Usage: ovirt-server-appliance {start|stop|restart}"
> - exit 2
> -esac
> -EOF
> -chmod +x /etc/init.d/ovirt-server-appliance
> -chkconfig ovirt-server-appliance on
> + # The ace stuff.
> + /sbin/chkconfig --level 35 ace on
> + mkdir /etc/sysconfig/ace
> + echo ovirt >> /etc/sysconfig/ace/appliancename
> + /sbin/chkconfig --add acpid
>
> %end
>
> %post --nochroot
> - # distribution tree is ready in tmp/tree
> set -e
> python -c '
> from iniparse.ini import INIConfig
> @@ -330,11 +141,6 @@ EOF
> # Cobbler configuration
> %post
> exec >> /root/kickstart-post.log 2>&1
> - # ovirt/ovirt
> - echo ovirt:Cobbler:68db208a546dcedf34edf0b4fe0ab1f2 > /etc/cobbler/users.digest
> - # make cobbler check happier
> - mkdir -p /etc/vsftpd
> - touch /etc/vsftpd/vsftpd.conf
> # TODO use Augeas 0.3.0 Inifile lens
> sed -i -e "s/^module = authn_denyall.*/module = authn_configfile/" \
> /etc/cobbler/modules.conf
> @@ -345,3 +151,7 @@ EOF
> sed -i -e "s/^ONTIMEOUT.*/ONTIMEOUT $(cat /tmp/cobbler-default)/" \
> /etc/cobbler/pxedefault.template
> %end
> +
> +%post --nochroot
> + cp ovirt-splash.xpm.gz $INSTALL_ROOT/boot/grub/splash.xpm.gz
> +%end
> diff --git a/ovirt-appliance.spec.in b/ovirt-appliance.spec.in
> index fc58fb5..aac30cc 100644
> --- a/ovirt-appliance.spec.in
> +++ b/ovirt-appliance.spec.in
> @@ -1,6 +1,7 @@
> %{!?ovirt_cache_dir: %define ovirt_cache_dir /var/tmp/ovirt-cache}
> %{!?ovirt_local_repo: %define ovirt_local_repo file://%{ovirt_cache_dir}/ovirt}
> %{!?ovirt_url: %define ovirt_url http://ovirt.org/repos/ovirt}
> +%{!?thincrust_url: %define thincrust_url http://www.thincrust.net/repo}
> %{?fedora_url: %define fedora_tree_url %{fedora_url}/releases/%{fedora}/Fedora/%{_arch}/os}
> %{!?fedora_tree_url: %define fedora_tree_url http://download.fedoraproject.org/pub/fedora/linux/releases/%{fedora}/Fedora/%{_arch}/os}
> %{!?bad_pkgs: %define bad_pkgs rubygem-rails,rubygem-activesupport,rubygem-activerecord}
> @@ -56,6 +57,8 @@ fi
> cat >> repos.ks << EOF
> repo --name=ovirt-org --baseurl=%{ovirt_url}/%{fedora}/%{_arch}
> repo --name=ovirt-local --baseurl=%{ovirt_local_repo}
> +repo --name=thincrust-org --baseurl=%{thincrust_url}/noarch
> +
> EOF
>
> mkdir -p %{ovirt_cache_dir}/appliance-tmp/tree
ACK
More information about the ovirt-devel
mailing list