[Ovirt-devel] [PATCH node-image] Remove ovirt-pxe and ovirt-flash* wrapper scripts and provide docs in README
Perry Myers
pmyers at redhat.com
Sun Mar 29 23:21:26 UTC 2009
ovirt-pxe and ovirt-flash scripts just wrapped livecd-iso-to-* functionality
and really did not provide any added value. Only thing that ovirt-pxe did
that was valuable was added IPAPPEND 2 to the sample config file produced
by livecd-iso-to-pxe, but since in most configurations (cobbler etc) you
can't just use this file as is, instead we'll provide samples in README
and instructions for calling livecd-iso-to-* scripts directly.
Also, ovirt-node-image-pxe subpackage provided no real value since
all it did was provide %post that ran ovirt-pxe. So removed it.
Signed-off-by: Perry Myers <pmyers at redhat.com>
---
Makefile.am | 6 +-
README | 45 ++++++++++++++
README.krb5 | 149 ----------------------------------------------
ovirt-flash | 38 ------------
ovirt-flash-static | 94 -----------------------------
ovirt-node-image.spec.in | 21 -------
ovirt-pxe | 37 -----------
7 files changed, 47 insertions(+), 343 deletions(-)
create mode 100644 README
delete mode 100644 README.krb5
delete mode 100755 ovirt-flash
delete mode 100755 ovirt-flash-static
delete mode 100755 ovirt-pxe
diff --git a/Makefile.am b/Makefile.am
index 01bf632..eef520c 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -35,17 +35,15 @@ EXTRA_DIST = \
.gitignore \
$(PACKAGE).spec \
$(PACKAGE).spec.in \
- README.krb5 \
common-blacklist.ks \
common-install.ks \
common-pkgs.ks \
common-post.ks \
- ovirt-flash \
$(PACKAGE).ks \
- ovirt-pxe \
create-ovirt-iso-nodes \
edit-livecd \
- livecd-setauth
+ livecd-setauth \
+ README
DISTCLEANFILES = $(PACKAGE)-$(VERSION).tar.gz \
$(PACKAGE).$(PKG_FMT) \
diff --git a/README b/README
new file mode 100644
index 0000000..1062727
--- /dev/null
+++ b/README
@@ -0,0 +1,45 @@
+Some notes on node image deployment
+
+Nodes are provided in ISO format. These ISO images can be deployed by either:
+1. Writing the image to a CD
+2. Writing the image to USB flash using livecd-iso-to-disk utility
+3. Creating pxe bootable files using livecd-iso-to-pxe utility
+
+To burn a Node image to a usb stick accessible as /dev/sdb:
+livecd-iso-to-disk --format /usr/share/ovirt-node-image/ovirt-node-image.iso /dev/sdb
+
+To create vmlinuz and initrd images suitable for pxe booting:
+livecd-iso-to-pxe /usr/share/ovirt-node-image/ovirt-node-image.iso
+
+The output of livecd-iso-to-pxe is a directory called tftpboot that has the
+following files in it:
+./pxelinux.0
+./pxelinux.cfg/default
+./vmlinuz0
+./initrd0.img
+
+The vmlinuz0/initrd0.img files can be imported into a cobbler server or any
+other PXE/tftp server. pxelinux.cfg/default provides a template for
+configuring the pxe server to export the Node image:
+
+DEFAULT pxeboot
+TIMEOUT 20
+PROMPT 0
+LABEL pxeboot
+ KERNEL vmlinuz0
+ APPEND rootflags=loop initrd=initrd0.img root=/ovirt-node-image.iso rootfstype=auto ro liveimg check rootfstype=iso9660 elevator=deadline
+ONERROR LOCALBOOT 0
+
+In addition, PXE booted Nodes rely on the PXE server passing the mac address
+of the pxe interface to the kernel. This is provided by using the IPAPPEND 2
+parameter as follows:
+
+DEFAULT pxeboot
+TIMEOUT 20
+PROMPT 0
+LABEL pxeboot
+ KERNEL vmlinuz0
+ IPAPPEND 2
+ APPEND rootflags=loop initrd=initrd0.img root=/ovirt-node-image.iso rootfstype=auto ro liveimg check rootfstype=iso9660 elevator=deadline
+ONERROR LOCALBOOT 0
+
diff --git a/README.krb5 b/README.krb5
deleted file mode 100644
index 50d3159..0000000
--- a/README.krb5
+++ /dev/null
@@ -1,149 +0,0 @@
-This README is a series of instructions for setting up kerberos for use with
-the libvirt stuff. There are a lot of steps, it is fairly complicated, and
-the error reporting is pretty bad, so this is not for the faint of heart.
-
-It really helps to have a basic understanding of kerberos, KDC, and other
-terminology when getting this up. You *can* just follow the steps here, but
-when things go wrong (and they almost certainly will), you'll need more
-background knowledge.
-
-To start, you need a minimum of 3 machines here:
-
-1) The FreeIPA server, where you install the freeipa software, and which acts
-as your KDC. I'll refer to this one as "freeipa" throughout the document.
-2) The host machine, that is, the one that is running ovirt and libvirtd.
-I'll refer to this one as "ovirt" throughout the document.
-3) The client machine, that is, the one that you will be running
-virt-manager/virsh on, and connecting to the ovirt machine with. I'll refer
-to this machine as "client" throughout the document.
-
-With that initial part, let's get started:
-
-On the freeipa machine:
-1) Follow the directions on http://freeipa.org/page/QuickInstall to get the
-FreeIPA server up and running. Note that if you are running on F8 or later,
-you'll need to pay particular attention to the mod_auth_kerb section. During
-the FreeIPA setup, you can call your realm whatever you want; I'll use
-OVIRT.BOSTON.REDHAT.COM for the rest of the document.
-2) Once you have freeipa installed somewhere, you'll need to add a principle
-for the libvirt service. To do this, on the freeipa box, run:
-
-# kadmin.local
-> addprinc -randkey libvirt/ovirt at OVIRT.BOSTON.REDHAT.COM
-> ktadd -k /tmp/ovirt-libvirt.tab libvirt/ovirt at OVIRT.BOSTON.REDHAT.COM
-> quit
-
-This will add a new principle for libvirt for the "ovirt" machine, and export
-that principle to the /tmp/ovirt-libvirt.tab file. Note that you'll need
-to replace "ovirt" and "OVIRT.BOSTON.REDHAT.COM" with the full DNS name and the
-realm you are using, respectively.
-
-On the ovirt machine:
-
-NOTE: if you use the scripts (i.e. ovirt-pxe.sh) to generate an oVirt Node
-image, all of the following is done for you. These are just notes for doing
-it by hand.
-
-1) First, we need to edit the krb5.conf to point to the correct realm and
-KDC. In /etc/krb5.conf, in the [realms] section, you'll want to add your
-realm name, along with it's kdc and admin server. In my case, it looks like:
-
-[realms]
- OVIRT.BOSTON.REDHAT.COM = {
- kdc = freeipa:88
- admin_server = freeipa:749
- }
-
-You'll need to replace "freeipa" with the fully qualified domain name of your
-freeipa server.
-
-Now, you'll need to associate that realm with DNS names. So, you'll want to
-add 2 lines to the [domain_realm] section, which basically associates that
-realm with these names. In my case, it looks like:
-
-[domain_realm]
- .ovirt.boston.redhat.com = OVIRT.BOSTON.REDHAT.COM
- ovirt.boston.redhat.com = OVIRT.BOSTON.REDHAT.COM
-
-Finally, we'll need to make sure that this realm is the default realm. In
-the [libdefaults] section, you'll want to change the default_realm to point
-to your realm. In my case, it looks like:
-
-[libdefaults]
- default_realm = OVIRT.BOSTON.REDHAT.COM
-
-2) Now we need to make sure that libvirtd is configured properly. In the
-simple case, libvirtd is using kerberos for authentication, and TCP for the
-transport. We can also set it up to use kerberos for authentication and
-TLS for the transport, but that's not covered yet. In any case, we need to
-open up the raw TCP field for our use. Edit /etc/libvirt/libvirtd.conf, and
-uncomment "listen_tcp = 1".
-
-3) Next we need the keytable from the freeipa server. You should be able
-to take the keytab you exported from the freeipa machine earlier (with the
-ktadd -k command), and install it on the ovirt machine. Basically just copy
-that exported keytab to /etc/libvirt/krb5.tab
-
-4) Finally, we need to start the libvirtd daemon. Of course, make sure this
-libvirtd has the GSSAPI/kerberos stuff compiled in :). Assuming that is the
-case, you'll need to start it like:
-
-KRB5_KTNAME=/etc/libvirt/krb5.tab /root/libvirtd --listen --daemon
-
-On the client machine:
-1) Setup up krb5.conf exactly the same as described in step 1 for the ovirt
-machine.
-2) Edit /etc/sasl2/libvirt.conf, and add:
-mech_list: gssapi
-
-3) Now you'll need to kinit to get an initial kerberos ticket for the realm.
-In my case, I run:
-
-# kinit admin at OVIRT.BOSTON.REDHAT.COM
-
-and enter in the password to get a ticket. You'll have to replace the username
-and the realm to suit your own setup.
-
-At this point, you should run:
-
-# klist
-
-and should see output similar to the following:
-
-Ticket cache: FILE:/tmp/krb5cc_0
-Default principal: admin at VIRT.BOSTON.REDHAT.COM
-
-Valid starting Expires Service principal
-10/31/07 12:14:51 11/01/07 12:11:21 krbtgt/VIRT.BOSTON.REDHAT.COM at VIRT.BOSTON.REDHAT.COM
-
-
-Kerberos 4 ticket cache: /tmp/tkt0
-klist: You have no tickets cached
-
-4) Now we can attempt to connect to the remote hypervisor with virsh. Of
-course, make sure your virsh has the GSSAPI/kerberos support compiled in:
-
-# virsh --connect qemu+tcp://ovirt/system list --all
-
-This should output something like:
-
- Id Name State
-----------------------------------
- - f8i386 shut off
- - f8x86_64 shut off
-
-
-Troubleshooting:
-Two main problems tend to trip people up on their first try: differences in
-time, and problems with DNS. You have to make sure that all three machines
-in this example (freeipa, ovirt, client) are synced via NTP, and you have to
-make sure that all three machines can resolve each other's DNS name both
-forwards and backwards. If either of those isn't true, it won't work.
-
-On the "freeipa" machine, you can look at /var/log/krb5kdc.log to get an idea
-of what went wrong.
-
-If you see an error like "Server not found in Kerberos database", either you
-didn't add the principle correctly in the first step here, or you have an
-alternate name for the server in /etc/hosts. Remove any /etc/hosts aliases and
-try again.
diff --git a/ovirt-flash b/ovirt-flash
deleted file mode 100755
index 0b9c793..0000000
--- a/ovirt-flash
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/bin/bash
-#
-# Create an Ovirt Host USB device (stateless)
-# Copyright 2008 Red Hat, Inc.
-# Written by Chris Lalancette <clalance at redhat.com>
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; version 2 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Library General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-
-ME=$(basename "$0")
-warn() { printf '%s: %s\n' "$ME" "$*" >&2; }
-die() { warn "$@"; exit 1; }
-
-test $# != 2 && die "Usage: $ME <usbdevice> <iso-image>"
-
-USBDEVICE=$1
-ISO=$2
-
-test ! -r $ISO && die "$ISO is not a readable file"
-test ! -b $USBDEVICE && die "$USBDEVICE is not a valid block device"
-test $( id -u ) -ne 0 && die "$ME must run as root"
-
-# clear out the old partition table
-dd if=/dev/zero of=$USBDEVICE bs=4096 count=1
-printf 'n\np\n1\n\n\nt\n6\na\n1\nw\n' | fdisk $USBDEVICE
-mkdosfs -n ovirt ${USBDEVICE}1
-cat /usr/lib/syslinux/mbr.bin > $USBDEVICE
-livecd-iso-to-disk $ISO ${USBDEVICE}1
diff --git a/ovirt-flash-static b/ovirt-flash-static
deleted file mode 100755
index 79bcfbf..0000000
--- a/ovirt-flash-static
+++ /dev/null
@@ -1,94 +0,0 @@
-#!/bin/bash
-#
-# Create an Ovirt Host USB device (stateful)
-# Copyright 2008 Red Hat, Inc.
-# Written by Chris Lalancette <clalance at redhat.com>
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; version 2 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Library General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-
-ME=$(basename "$0")
-warn() { printf '%s: %s\n' "$ME" "$*" >&2; }
-die() { warn "$@"; exit 1; }
-
-test $# != 2 && die "Usage: $ME <usbdevice> <iso-image>"
-
-USBDEVICE=$1
-ISO=$2
-
-test ! -r "$ISO" && die "$ISO is not a readable file"
-test ! -b "$USBDEVICE" && die "$USBDEVICE is not a valid block device"
-test $( id -u ) -ne 0 && die "$ME must run as root"
-
-case $ISO in
- *.iso) ;;
- *) die "ME: ISO file name, '$ISO' lacks .iso suffix"
-esac
-
-tmpdir=$(mktemp -d) || exit 1
-
-IMGTMP="$tmpdir/ovirt"
-SQUASHTMP="$tmpdir/ovirt-squash"
-USBTMP="$tmpdir/ovirt-usb"
-
-cleanup()
-{
- { umount "$USBTMP"
- umount "$SQUASHTMP"
- umount "$IMGTMP"
- } 2> /dev/null || :
- rm -rf "$tmpdir"
-}
-trap cleanup 0
-trap 'exit $?' 1 2 13 15
-
-# From here on, any failure makes the script fail.
-set -e
-
-# do setup
-mkdir -p "$IMGTMP" "$SQUASHTMP" "$USBTMP"
-mount -o loop "$ISO" "$IMGTMP"
-
-squashfs_img="$IMGTMP/LiveOS/squashfs.img"
-test -f "$squashfs_img" \
- || die "not a LiveCD image: $ISO"
-
-mount -o loop "$squashfs_img" "$SQUASHTMP"
-
-# clear out the old partition table
-dd if=/dev/zero of="$USBDEVICE" bs=4096 count=1
-printf 'n\np\n1\n\n\nt\n83\na\n1\nw\n' | fdisk "$USBDEVICE"
-
-cat /usr/lib/syslinux/mbr.bin > "$USBDEVICE"
-dd if="$SQUASHTMP/LiveOS/ext3fs.img" of="${USBDEVICE}1"
-
-mount "${USBDEVICE}1" "$USBTMP"
-
-cp "$IMGTMP"/isolinux/* "$USBTMP"
-
-rm -f "$USBTMP/isolinux.bin"
-mv "$USBTMP/isolinux.cfg" "$USBTMP/extlinux.conf"
-
-iso_base=$(basename "$ISO" .iso)
-# sanitize for sed and the label name and limit to 16 bytes
-LABEL=$(echo "$iso_base" | cut -b-16 | tr -c '[[:alnum:]_.-]' _)
-sed -i -e "s/ *append.*/ append initrd=initrd.img root=LABEL=$LABEL ro/" \
- "$USBTMP/extlinux.conf"
-
-extlinux -i "$USBTMP"
-
-# To test:
-cat <<\EOF > /dev/null
-mkdir -p t/LiveOS && (cd t/LiveOS && touch ext3fs.img squashfs.img)
-genisoimage -U -o k2.iso t
-EOF
diff --git a/ovirt-node-image.spec.in b/ovirt-node-image.spec.in
index 8451dd3..c93019d 100644
--- a/ovirt-node-image.spec.in
+++ b/ovirt-node-image.spec.in
@@ -34,14 +34,6 @@ Requires: livecd-tools >= 020-2
The ISO boot image for oVirt Node booting from CDROM device.
At the moment, this RPM just packages prebuilt ISO.
-%package pxe
-Summary: oVirt Node PXE image
-Group: Applications/System
-Requires: %{name} = %{version}-%{release}
-
-%description pxe
-PXE boot image installer for oVirt Node network boot from oVirt Server.
-
%prep
%setup -q
%if ! %{source_iso}
@@ -63,8 +55,6 @@ mkdir %{buildroot}
%{__install} -d -m0755 %{buildroot}%{app_root}
%{__install} -p -m0644 %{image_iso} %{buildroot}%{app_root}
%{__install} -d -m0755 %{buildroot}%{_sbindir}
-%{__install} -p -m0755 ovirt-pxe %{buildroot}%{_sbindir}
-%{__install} -p -m0755 ovirt-flash %{buildroot}%{_sbindir}
%{__install} -p -m0755 create-ovirt-iso-nodes %{buildroot}%{_sbindir}
%{__install} -p -m0755 edit-livecd %{buildroot}%{_sbindir}
%{__install} -p -m0755 livecd-setauth %{buildroot}%{_sbindir}
@@ -73,12 +63,6 @@ mkdir %{buildroot}
%clean
%{__rm} -rf %{buildroot}
-%post pxe
-cd %{app_root}
-rm -rf tftpboot
-ovirt-pxe %{name}.iso > /dev/null
-cobbler sync > /dev/null 2>&1 || :
-
%files
%defattr(0644,root,root,0755)
%{app_root}/%{name}.iso
@@ -93,15 +77,10 @@ cobbler sync > /dev/null 2>&1 || :
%doc %{app_root}/manifests/ovirt-release
%defattr(0755,root,root,0755)
-%{_sbindir}/ovirt-pxe
-%{_sbindir}/ovirt-flash
%{_sbindir}/create-ovirt-iso-nodes
%{_sbindir}/edit-livecd
%{_sbindir}/livecd-setauth
-%files pxe
-%defattr(0644,root,root,0755)
-
%changelog
* Thu Jul 03 2008 Perry Myers <pmyers at redhat.com> 0.92-0
- Only store ISO in SRPM, and generate PXE from that during build
diff --git a/ovirt-pxe b/ovirt-pxe
deleted file mode 100755
index d1e2b91..0000000
--- a/ovirt-pxe
+++ /dev/null
@@ -1,37 +0,0 @@
-#!/bin/bash
-#
-# Create an Ovirt Host PXE boot
-# Copyright 2008 Red Hat, Inc.
-# Written by Chris Lalancette <clalance at redhat.com>
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; version 2 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Library General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-
-ME=$(basename "$0")
-warn() { printf '%s: %s\n' "$ME" "$*" >&2; }
-die() { warn "$@"; exit 1; }
-
-test $# != 1 && die "Usage: $ME <iso-image>"
-
-ISO=$1
-test ! -r $ISO && die "$ISO is not a readable file"
-test $( id -u ) -ne 0 && die "$ME must run as root"
-
-livecd-iso-to-pxeboot $ISO
-
-# append BOOTIF with PXE MAC info
-f=tftpboot/pxelinux.cfg/default
-grep -q 'IPAPPEND 2' $f || sed -i '/KERNEL/a \\tIPAPPEND 2' $f
-
-# timeout quickly for PXE boots
-sed -i 's/timeout.*/timeout 50/' $f
--
1.6.0.6
More information about the ovirt-devel
mailing list