[Spacewalk-list] Several Kickstart questions

Alexander Innes senni at necurity.co.uk
Sun May 24 11:20:07 UTC 2015 

Aloha there,

The point of kickstart is so you can manually make it do exaclty what you
need to get a standard build without having the faff of extra scripts to
run at the end :)

1) I use a post scrip to to move the files out of yum.repos.d so that they
are ignored, I prefer moving to deleting incase i screw something up in
spacewalk :)

2) You need to import the GPG key in the kickstart, if you have used the
space command tool to make the repos I think the GPG key is imported to
spacewalk automattically, if not check the gpg keys, then if they are there
and correct in the actual kickstart make sure they are checked to be
imported during build time. This should solve it

3) To be honest i would recommend using DHCP, even if its just in the build
environment,

4) To use snippets paste the macro in the post script, the macro is the $
ones. Then at the bottom of the script editing page there is a checkbox
that syas something along the lines of enable templating. Once that is
clicked when you view the "raw" kickstart you will see the macro replaced
with the snippet. I tend to keep all actions in snippets rather than
scripts as then they are centra for all builds so im only changing one
thing rather than 6

5) You should try and make them generic, what is it thats differnt about
them? If its the network config then dhcp ;), the passwords I set default
"weak" ones then modify the MOTD of the box to add a TODO checklist before
the box is pushed into production, on there is change + record the disk
encyption and root passwords. My kickstarts also ask for user input when
needed :), never got that part to work in centos 7 though

6) i had the same "problem" (Its not really a problem just a wierd way of
doing it), in the kickstart theres a packages section, you just need to add
that and some others to there, however i dont have my notes at the moment
so i couldnt say what they are till monday :)

On a side note would it be usefull for you to have a Wiki style page to
follow going through the options and such? (not sure if there is one) i
could write on up for the Main spacewalk site (and yoink it for my website
;D) If it would help :),

On 22 May 2015 at 17:08, Will Beldman <wbeldma at uwo.ca> wrote:

> Hi Everyone,
>
> I'm very new to both Spacewalk (using v2.2) and Kickstart. I'm trying to
> stumble through my first CentOS 7 kickstart. I'd like to avoid manual
> customizations as much as I can so I have a few questions:
>
> 1. I've got as far as successfully completing a kickstart and it
> automatically
> registers the host in Spacewalk. At this point, I would like the machine to
> disable any locally configured repos and depend on Spacewalk only. Should I
> create my own post script to do this?
>
> 2. So I manually disable locally configured repos and it is using Spacewalk
> only, but I cannot run updates locally. yum update gives the standard GPG
> key
> error message:
> ==================
>         You have enabled checking of packages via GPG keys. This is a good
> thing...
>         ...
>         rpm --import public.gpg.key
>         ...
>         Problem repository: centos-7-64bit
> ==================
> I see from the generated kickstart file, in the post script, the Spacewalk
> cert is being dropped in /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT but no
> rpm --
> import line for it. There is a line to do:
>         rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
> But since this is CentOS, this doesn't do anything.
> Is this normal? Should I also add an rpm --import line in another
> customized
> post script?
>
> 3. We do not use DHCP in our environment so I am kickstarting via static IP
> and I need to set kickstart to use static as well. I have manually updated
> the
> network advanced option to:
>         --bootproto=static --ip=$IP --netmask=$NM --gateway=$GW
> --hostname=$HN --
> nameserver=$NS1 --nameserver=$NS2 --nameserver=$NS3
> and I added variables to match my specific host. First of all, it looks
> like
> my nameservers are being ignored. My kickstarted machine is using the
> nameserver I specified at boot time when I kickstarted it and not the
> three I
> set here. Second, does this approach make sense? I see it listed as an
> example
> in some documentation (
> https://access.redhat.com/documentation/en-US/Red_Hat_Network_Satellite/5.3/html/Reference_Guide/s1-cobbler-templates.html#s2-cobbler-templates-usage),
> but I also see that are snippets
> listed in my Spacewalk server that I could take advantage of?:
>         network_config  $SNIPPET('network_config')
>         post_install_network_config
>  $SNIPPET('post_install_network_config')
>         pre_install_network_config
> $SNIPPET('pre_install_network_config')
> Should I configure the network settings in the kickstart config or can I be
> prompted for that in the installer? Or can I get the machine to assume the
> boot parameters I supplied for the network configuration?
>
> 4. On that subject, how do I use snippets in kickstart through Spacewalk?
> There are a handful there and a bunch I can find online. Spacewalk says:
> "TIP:
> Copy and paste the snippet macro into your kickstart profiles to make the
> full
> snippet appear in that kickstart profile."
> Okay, where? In the advanced options? Do I download my automatically
> generated
> kickstart file, modify it, and re-upload it?
>
> 5. Is it common to have one kickstart config per machine? Every time I
> want to
> spin up a new machine, should I clone a "base" kickstart profile and modify
> the settings appropriately to make it machine specific? Or is it possible
> to
> template a kickstart profile enough to have exactly one to work from. In
> the
> end, at least for now, I would be looking for every kickstarted machine to
> be
> identical except for network configuration and root password.
>
> 6. I checked off "Enable Spacewalk Configuration Management" and "Enable
> Spacewalk Remote Commands" but rhncfg-actions does not get installed so
> this
> cannot be working. I can manually add the package to the list of software
> to
> be installed but this should not be necessary.
>
> Help on any of these questions would be greatly appreciated.
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20150524/d9bbcb33/attachment.htm>

More information about the Spacewalk-list mailing list