chef/cookbooks/provisioner/templates/default/compute.ks.erb
# Kickstart file automatically generated by anaconda.
install
url --url <%= @admin_web %>
key --skip
lang en_US.UTF-8
keyboard us
# crowbar
<% if node[:provisioner][:default_password_hash] -%>
rootpw --iscrypted <%= node[:provisioner][:default_password_hash] %>
<% else -%>
rootpw <%= node[:provisioner][:default_password] %>
<% end -%>
firewall --disabled
authconfig --enableshadow --enablemd5
selinux --disabled
timezone --utc <%=@timezone%>
bootloader --location=mbr --driveorder=<%= @boot_device || "sda" %> --append="rhgb quiet"
zerombr
<% if node[:platform_version].to_f >= 6 -%>
ignoredisk --only-use=<%= @boot_device || "sda" %>
clearpart --all --drives=<%= @boot_device || "sda" %>
part /boot --fstype ext4 --size=100 --ondisk=<%= @boot_device || "sda" %>
<% if @uefi -%>
part /boot/efi --fstype vfat --size 100 --ondisk=<%= @boot_device || "sda" %>
<% end -%>
part pv.2 --size=1 --grow --ondisk=<%= @boot_device || "sda" %>
volgroup <%=@node_name.split('.')[0]%> --pesize=32768 pv.2
logvol swap --fstype swap --name=swap --vgname=<%=@node_name.split('.')[0]%> --recommended
logvol / --fstype ext4 --name=lv_root --vgname=<%=@node_name.split('.')[0]%> --size=1 --grow
<% else -%>
ignoredisk --drives=sdb,sdc,sdd,sde,sdf,sdg,sdh,sdi,sdj,sdk,sdl,sdm,sdn,sdo,sdp,sdq,sdr,sds,sdt,sdu,sdv,sdw,sdx,sdy,sdz,hdb,hdc,hdd,hde,hdf,hdg,hdh,hdi,hdj,hdk,hdl,hdm,hdn,hdo,hdp,hdq,hdr,hds,hdt,hdu,hdv,hdw,hdx,hdy,hdz
clearpart --all --drives=<%= @boot_device || "sda" %>
part /boot --fstype ext3 --size=100 --ondisk=<%= @boot_device || "sda" %>
part swap --recommended
part pv.6 --size=0 --grow --ondisk=<%= @boot_device || "sda" %>
volgroup <%=@node_name.split('.')[0]%> --pesize=32768 pv.6
logvol / --fstype ext3 --name=lv_root --vgname=<%=@node_name.split('.')[0]%> --size=1 --grow
<% end -%>
text
reboot
%packages
@base
@core
<% if node[:platform_version].to_f >= 6 -%>
vim-enhanced
<% else -%>
@editors
@text-internet
<% end -%>
keyutils
trousers
fipscheck
device-mapper-multipath
OpenIPMI
OpenIPMI-tools
emacs-nox
openssh
curl.x86_64
ntp
tcpdump
%post
exec > /root/post-install.log 2>&1
set -x
export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]}): '
(cd /etc/yum.repos.d && rm *)
<% @repos.keys.sort.each do |repo| -%>
cat >/etc/yum.repos.d/crowbar-<%=repo%>.repo <<EOF
[crowbar-<%=repo%>]
name=Crowbar <%=repo%> Repo
<% @repos[repo].keys.sort.each do |url| -%>
<%= url %>
<% end -%>
gpgcheck=0
EOF
<% end %>
HTTP_SERVER="<%= @admin_node_ip %>:<%= @web_port %>"
IP="<%= @admin_node_ip %>"
HOSTNAME=$(hostname)
key_re='crowbar\.install\.key=([^ ]+)'
if [[ $(cat /proc/cmdline) =~ $key_re ]]; then
export CROWBAR_KEY="${BASH_REMATCH[1]}"
echo "$CROWBAR_KEY" >/etc/crowbar.install.key
elif [[ -f /etc/crowbar.install.key ]]; then
export CROWBAR_KEY="$(cat /etc/crowbar.install.key)"
fi
post_state() {
local curlargs=(-o "/var/log/crowbar/$1-$2.json" --connect-timeout 60 -s \
-L -X POST --data-binary "{ \"name\": \"$1\", \"state\": \"$2\" }" \
-H "Accept: application/json" -H "Content-Type: application/json" \
--max-time 240 --insecure --location)
[[ $CROWBAR_KEY ]] && curlargs+=(-u "$CROWBAR_KEY" --digest --anyauth)
curl "${curlargs[@]}" "http://$IP/crowbar/crowbar/1.0/transition/default"
}
#"Blacklisting IPv6".
echo "blacklist ipv6" >>/etc/modprobe.d/blacklist-ipv6.conf
echo "options ipv6 disable=1" >>/etc/modprobe.d/blacklist-ipv6.conf
rsyslog_dir="/etc/rsyslog.d"
mkdir -p "$rsyslog_dir"
echo '$IncludeConfig /etc/rsyslog.d/*.conf' >>/etc/rsyslog.conf
if [ ! -f "$rsyslog_dir/10-crowbar-client.conf" ]; then
echo "*.* @@${IP}" > "$rsyslog_dir/10-crowbar-client.conf"
if ! curl -f -s -o "$rsyslog_dir/00-crowbar-debug.conf" \
<%= @admin_web %>/rsyslog.d/00-crowbar-debug.conf
then
rm -f "$rsyslog_dir/00-crowbar-debug.conf"
fi
fi
yum -y install screen
mkdir -p /root/.ssh
chmod 700 /root/.ssh
if ! curl -s -o /root/.ssh/authorized_keys.wget \
http://$HTTP_SERVER/authorized_keys; then
rm -f /root/.ssh/authorized_keys.wget
else
chmod 644 /root/.ssh/authorized_keys
cat /root/.ssh/authorized_keys.wget >>/root/.ssh/authorized_keys
rm -f /root/.ssh/authorized_keys.wget
fi
curl -s -o /etc/init.d/crowbar_join.sh <%= @crowbar_join %>
chmod +x /etc/init.d/crowbar_join.sh
ln -s /etc/init.d/crowbar_join.sh /etc/rc3.d/S80crowbar
ln -s /etc/init.d/crowbar_join.sh /etc/rc5.d/S80crowbar
ln -s /etc/init.d/crowbar_join.sh /etc/rc2.d/S80crowbar
# boot to runlevel 3 by default
sed -i -e '/initdefault/ s/5/3/' /etc/inittab
sleep 30
post_state $HOSTNAME "installed"
# Wait for DHCP to update - this is mainly for virtual environments or really large deploys
sleep 30
sync