[Spacewalk-list] problem kickstart + pxe
Renato Rudnicki
renato.rudnicki at human.com.br
Mon Dec 5 12:09:12 UTC 2011
Hello,
I'm having difficulty to install clients by kickstart + pxe on spacewalk.
My spacewalk clients (including the server) are virtualizated on xen
server (citrix). Well, I think my kickstart probally is wrong.
I don't have DHCP on my server environment, so I'm put static IP on the
kickstart file. The DVD is mounted on /var/lib/satellite/centos5 and I
trying make the installation over HTTP connection. When I start the VM
to install by spacewalk, when the linux going to install the packages, I
get the error saying that the RedHat-log.rpm couldn't be opened or read
and the package could be corrupted. I compared the md5sum of DVD and
it's be fine.
Somebody have some idea ?
[]'s
Renato
Here is my kickstart configuration:
# Kickstart config file generated by Spacewalk Config Management
# Profile Label : ks-centos5
# Date Created : 2011-11-30 16:43:42.119744
install
text
network --device=eth0 --bootproto=static --ip=10.0.2.243
--netmask=255.255.0.0 --gateway=10.0.2.6 --dns=10.0.2.6
url --url http://spacewalk.human/ks/dist/Centos5
lang en_US
keyboard us
zerombr
clearpart --all
bootloader --location mbr --driveorder=xvda --append=
timezone America/New_York
auth --enablemd5 --enableshadow
rootpw --iscrypted $1$eP5lko9H$XqUg41dICP.yEbvJq9Zz1/
selinux --disabled
reboot
firewall --disabled
skipx
key --skip
part /boot --fstype ext3 --size=100 --ondisk=xvda
part pv.00 --size=0 --grow --ondisk=xvda
volgroup VolGroup00 --pesize=32768 pv.00
logvol / --fstype ext3 --name=LogVol00 --vgname=VolGroup00 --size=1024
--grow
logvol swap --fstype swap --name=LogVol01 --vgname=VolGroup00 --size=272
--grow --maxsize=544
%packages
@ Base
%pre
wget
"http://spacewalk.human/cblr/svc/op/trig/mode/pre/profile/ks-centos5:1:SpacewalkDefaultOrganization"
-O /dev/null
echo "Saving RHN keys..." > /dev/ttyS0
SYSTEM_ID=/etc/sysconfig/rhn/systemid
rhn_keys_found=no
mkdir -p /tmp/rhn
drives=$(list-harddrives | awk '{print $1}')
for disk in $drives; do
DISKS="$DISKS $(fdisk -l /dev/$disk | grep -v "swap\|LVM\|Extended"
| awk '/^\/dev/{print $1}')"
done
# Try to find the keys on ordinary partitions
for disk in $DISKS; do
name=test-$(basename $disk)
mkdir -p /tmp/$name
mount $disk /tmp/$name
[ $? -eq 0 ] || continue # Skip to the next partition if the mount
fails
# Copy current RHN host keys out to be reused
if [ -f /tmp/${name}$SYSTEM_ID ]; then
cp -a /tmp/${name}$SYSTEM_ID /tmp/rhn
rhn_keys_found="yes"
umount /tmp/$name
break
fi
umount /tmp/$name
rm -r /tmp/$name
done
# Try LVM if that didn't work
if [ "$rhn_keys_found" = "no" ]; then
lvm lvmdiskscan
vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }')
for vg in $vgs; do
# Activate any VG we found
lvm vgchange -ay $vg
done
lvs=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }')
for lv in $lvs; do
tmpdir=$(mktemp -d findkeys.XXXXXX)
mkdir -p /tmp/${tmpdir}
mount $lv /tmp/${tmpdir} || continue # Skip to next volume if
this fails
# Let's see if the keys are in there
if [ -f /tmp/${tmpdir}$SYSTEM_ID ]; then
cp -a /tmp/${tmpdir}$SYSTEM_ID /tmp/rhn/
rhn_keys_found="yes"
umount /tmp/${tmpdir}
break # We're done!
fi
umount /tmp/${tmpdir}
rm -r /tmp/${tmpdir}
done
# And clean up..
for vg in $vgs; do
lvm vgchange -an $vg
done
fi
%post --nochroot
mkdir /mnt/sysimage/tmp/ks-tree-copy
if [ -d /oldtmp/ks-tree-shadow ]; then
cp -fa /oldtmp/ks-tree-shadow/* /mnt/sysimage/tmp/ks-tree-copy
elif [ -d /tmp/ks-tree-shadow ]; then
cp -fa /tmp/ks-tree-shadow/* /mnt/sysimage/tmp/ks-tree-copy
fi
cp /etc/resolv.conf /mnt/sysimage/etc/resolv.conf
cp -f /tmp/ks-pre.log* /mnt/sysimage/root/
%post --nochroot --interpreter /usr/bin/python
try:
import xmlrpclib
import shutil
import os
import os.path
old_system_id = "/tmp/rhn/systemid"
new_system_id = "/mnt/sysimage/root/systemid.old"
new_keys = "1-f426159c8f411ad58003717076663b3e"
for key in new_keys.split(','):
if key.startswith('re-'):
os.exit(0)
if os.path.exists(old_system_id):
client = xmlrpclib.Server("http://spacewalk.human/rpc/api")
key =
client.system.obtain_reactivation_key(open(old_system_id).read())
f = open("/mnt/sysimage/tmp/key","w")
f.write(key)
f.close()
shutil.copy(old_system_id, new_system_id)
except:
# xml rpc due to a old/bad system id
# we don't care about those
# we'll register those as new.
pass
%post --logfile /root/ks-rhn-post.log
# --Begin Spacewalk command section--
cat > /tmp/ssl-key-1 <<'EOF'
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
cb:9f:14:64:b6:70:9c:27
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=BR, ST=Rio Grande do Sul, L=Porto Alegre, O=Human
Mobile, OU=spacewalk.human, CN=spacewalk.human
Validity
Not Before: Nov 28 13:00:44 2011 GMT
Not After : Nov 21 13:00:44 2036 GMT
Subject: C=BR, ST=Rio Grande do Sul, L=Porto Alegre, O=Human
Mobile, OU=spacewalk.human, CN=spacewalk.human
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:e8:bf:25:eb:6d:cf:5e:79:6d:ad:7b:09:e1:37:
1b:87:fd:dc:b1:7e:0a:a2:ba:98:2b:5c:bc:c5:3f:
71:6e:6e:24:41:a4:65:c8:92:d7:62:96:eb:5c:be:
9b:1c:75:f9:c0:1e:82:95:c1:27:62:17:14:ef:63:
2d:77:0b:88:4f:37:4f:ab:0e:7f:bc:55:98:42:17:
7c:ca:23:78:79:f2:a4:b5:a3:c3:cc:c3:59:25:af:
d7:3e:2c:a1:b1:2d:0a:cd:08:ef:de:4f:1e:b7:dd:
89:80:db:26:35:6b:3a:b4:c0:32:28:00:aa:f9:a7:
4f:68:72:e2:2c:9c:88:aa:5b:8d:e1:50:13:15:dc:
a0:c6:b3:07:22:a4:70:4e:07:86:ae:f9:51:7d:79:
05:de:b9:d6:c3:89:23:51:fe:22:f8:c3:1e:1f:8a:
d8:c8:8c:ff:9c:d5:e3:dd:68:8d:e8:d7:34:3b:97:
65:96:b2:63:92:16:6c:a6:e2:30:32:86:91:65:e2:
d2:69:e0:e4:e6:3f:4a:02:a3:04:7b:12:a3:92:d4:
9f:43:69:56:b8:89:4f:44:30:62:fe:16:94:ef:b1:
c2:c8:39:f8:36:f2:c3:49:61:43:01:fe:7a:fe:11:
5e:c9:2d:06:25:7f:93:59:9e:eb:69:ab:12:e0:03:
61:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Key Usage:
Digital Signature, Key Encipherment, Certificate Sign
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client
Authentication
Netscape Comment:
RHN SSL Tool Generated Certificate
X509v3 Subject Key Identifier:
C0:5B:26:FD:DB:BF:9C:4E:F1:F4:CE:85:71:58:1F:1C:B2:5F:61:5C
X509v3 Authority Key Identifier:
keyid:C0:5B:26:FD:DB:BF:9C:4E:F1:F4:CE:85:71:58:1F:1C:B2:5F:61:5C
DirName:/C=BR/ST=Rio Grande do Sul/L=Porto
Alegre/O=Human Mobile/OU=spacewalk.human/CN=spacewalk.human
serial:CB:9F:14:64:B6:70:9C:27
Signature Algorithm: sha1WithRSAEncryption
4e:64:be:96:3d:c5:09:8c:23:a5:fd:9c:0d:10:97:79:0b:ad:
1a:39:d0:b0:c3:37:f6:87:48:8f:08:19:eb:f1:77:d9:5e:c5:
74:4d:26:c4:3d:ce:c3:c9:d5:d8:98:a0:16:97:44:5b:9b:4f:
b4:28:fc:b5:26:88:c0:7a:e7:4e:b3:50:a2:8a:65:7a:55:8a:
b4:5d:d3:c2:f9:72:b9:cf:64:79:1e:22:9f:cc:36:84:c6:58:
76:7f:ef:93:b4:78:12:b3:7a:61:c7:19:32:5c:2d:4e:90:b0:
bc:6a:b0:82:0b:d9:ee:08:73:f6:65:b0:e6:8f:df:eb:2b:12:
7e:bc:99:9b:b1:e0:fa:64:15:7a:85:93:bb:68:c8:7b:bf:44:
0b:b2:b0:3c:18:d2:ab:0f:13:3d:25:fa:6d:38:95:ad:83:b3:
9b:db:0f:ba:a2:9b:b2:f1:9e:dd:23:f9:cd:92:a6:a6:65:78:
1b:e4:2e:55:c0:f1:55:93:d4:85:2e:91:1b:6c:2d:71:3c:51:
b0:da:d2:49:a1:21:59:de:b5:90:e9:17:32:38:de:ba:9d:5a:
09:65:63:aa:5d:cb:23:15:69:36:e6:0f:7f:86:e0:05:c6:20:
62:c4:00:04:2f:49:5e:7d:dc:e6:49:3c:c0:72:5b:6d:8f:f8:
f0:b4:92:7b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIJAMufFGS2cJwnMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
VQQGEwJCUjEaMBgGA1UECBMRUmlvIEdyYW5kZSBkbyBTdWwxFTATBgNVBAcTDFBv
cnRvIEFsZWdyZTEVMBMGA1UEChMMSHVtYW4gTW9iaWxlMRgwFgYDVQQLEw9zcGFj
ZXdhbGsuaHVtYW4xGDAWBgNVBAMTD3NwYWNld2Fsay5odW1hbjAeFw0xMTExMjgx
MzAwNDRaFw0zNjExMjExMzAwNDRaMIGLMQswCQYDVQQGEwJCUjEaMBgGA1UECBMR
UmlvIEdyYW5kZSBkbyBTdWwxFTATBgNVBAcTDFBvcnRvIEFsZWdyZTEVMBMGA1UE
ChMMSHVtYW4gTW9iaWxlMRgwFgYDVQQLEw9zcGFjZXdhbGsuaHVtYW4xGDAWBgNV
BAMTD3NwYWNld2Fsay5odW1hbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOi/Jettz155ba17CeE3G4f93LF+CqK6mCtcvMU/cW5uJEGkZciS12KW61y+
mxx1+cAegpXBJ2IXFO9jLXcLiE83T6sOf7xVmEIXfMojeHnypLWjw8zDWSWv1z4s
obEtCs0I795PHrfdiYDbJjVrOrTAMigAqvmnT2hy4iyciKpbjeFQExXcoMazByKk
cE4Hhq75UX15Bd651sOJI1H+IvjDHh+K2MiM/5zV491ojejXNDuXZZayY5IWbKbi
MDKGkWXi0mng5OY/SgKjBHsSo5LUn0NpVriJT0QwYv4WlO+xwsg5+Dbyw0lhQwH+
ev4RXsktBiV/k1me62mrEuADYSsCAwEAAaOCAVMwggFPMAwGA1UdEwQFMAMBAf8w
CwYDVR0PBAQDAgKkMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAxBglg
hkgBhvhCAQ0EJBYiUkhOIFNTTCBUb29sIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd
BgNVHQ4EFgQUwFsm/du/nE7x9M6FcVgfHLJfYVwwgcAGA1UdIwSBuDCBtYAUwFsm
/du/nE7x9M6FcVgfHLJfYVyhgZGkgY4wgYsxCzAJBgNVBAYTAkJSMRowGAYDVQQI
ExFSaW8gR3JhbmRlIGRvIFN1bDEVMBMGA1UEBxMMUG9ydG8gQWxlZ3JlMRUwEwYD
VQQKEwxIdW1hbiBNb2JpbGUxGDAWBgNVBAsTD3NwYWNld2Fsay5odW1hbjEYMBYG
A1UEAxMPc3BhY2V3YWxrLmh1bWFuggkAy58UZLZwnCcwDQYJKoZIhvcNAQEFBQAD
ggEBAE5kvpY9xQmMI6X9nA0Ql3kLrRo50LDDN/aHSI8IGevxd9lexXRNJsQ9zsPJ
1diYoBaXRFubT7Qo/LUmiMB6506zUKKKZXpVirRd08L5crnPZHkeIp/MNoTGWHZ/
75O0eBKzemHHGTJcLU6QsLxqsIIL2e4Ic/ZlsOaP3+srEn68mZux4PpkFXqFk7to
yHu/RAuysDwY0qsPEz0l+m04la2Ds5vbD7qim7Lxnt0j+c2SpqZleBvkLlXA8VWT
1IUukRtsLXE8UbDa0kmhIVnetZDpFzI43rqdWgllY6pdyyMVaTbmD3+G4AXGIGLE
AAQvSV593OZJPMByW22P+PC0kns=
-----END CERTIFICATE-----
EOF
# ssl-key1
cat /tmp/ssl-key-* > /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
perl -npe 's/RHNS-CA-CERT/RHN-ORG-TRUSTED-SSL-CERT/g' -i
/etc/sysconfig/rhn/*
mkdir -p /tmp/rhn_rpms/optional
cd /tmp/rhn_rpms/optional
wget -P /tmp/rhn_rpms/optional
http://spacewalk.human/download/package/8f5ff96d2851eed73ef3c84c41306690443f2754/0/1/3586/rhnlib-2.5.41-1.el5.noarch.rpm
http://spacewalk.human/download/package/62366e925ffb7841435d1a3982f0faf74998ceb8/0/1/297/libxml2-python-2.6.26-2.1.12.x86_64.rpm
http://spacewalk.human/download/package/b8aac5592d93126df04941191c0ca5533ab7f41e/0/1/3232/pyOpenSSL-0.6-2.el5.x86_64.rpm
rpm -Uvh --replacepkgs --replacefiles /tmp/rhn_rpms/optional/pyOpenSSL*
/tmp/rhn_rpms/optional/rhnlib* /tmp/rhn_rpms/optional/libxml2-python*
perl -npe
's|^(\s*(noSSLS\|s)erverURL\s*=\s*[^:]+://)[^/]*/|${1}spacewalk.human/|'
-i /etc/sysconfig/rhn/up2date
# now copy from the ks-tree we saved in the non-chroot checkout
cp -fav /tmp/ks-tree-copy/* /
rm -Rf /tmp/ks-tree-copy
# --End Spacewalk command section--
/etc/init.d/messagebus restart
/etc/init.d/haldaemon restart
# begin cobbler snippet
# set default MOTD
echo "Kickstarted on $(date +'%Y-%m-%d')" >> /etc/motd
# begin Red Hat management server registration
mkdir -p /usr/share/rhn/
wget http://spacewalk.human/pub/RHN-ORG-TRUSTED-SSL-CERT -O
/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
perl -npe 's/RHNS-CA-CERT/RHN-ORG-TRUSTED-SSL-CERT/g' -i
/etc/sysconfig/rhn/*
key=""
if [ -f /tmp/key ]; then
key=`cat /tmp/key`
fi
if [ $key ]; then
rhnreg_ks --serverUrl=https://spacewalk.human/XMLRPC
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
--activationkey=$key,1-f426159c8f411ad58003717076663b3e
else
rhnreg_ks --serverUrl=https://spacewalk.human/XMLRPC
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
--activationkey=1-f426159c8f411ad58003717076663b3e
fi
# end Red Hat management server registration
# end cobbler snippet
rhn_check
# Start post_install_network_config generated code
# End post_install_network_config generated code
%post
# Start koan environment setup
echo "export COBBLER_SERVER=spacewalk.human" > /etc/profile.d/cobbler.sh
echo "setenv COBBLER_SERVER spacewalk.human" > /etc/profile.d/cobbler.csh
# End koan environment setup
wget
"http://spacewalk.human/cblr/svc/op/ks/profile/ks-centos5:1:SpacewalkDefaultOrganization"
-O /root/cobbler.ks
wget
"http://spacewalk.human/cblr/svc/op/trig/mode/post/profile/ks-centos5:1:SpacewalkDefaultOrganization"
-O /dev/null
[]'s
Renato
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20111205/d49ade51/attachment.htm>
More information about the Spacewalk-list
mailing list