knowshan/clear-network-config.sh

## clear-network-config.sh
#!/bin/bash

# Clear VM's network config
rm  /etc/udev/rules.d/70-persistent-net.rules
rm /etc/sysconfig/network-scripts/ifcfg-eth0
rm /etc/resolv.conf
rm /etc/sysconfig/network

## one-image-generic.ks
########################################################
### one-image-generic EL6 kickstart file ###
########################################################

# Install OS
install
text

# Installation logging level
logging --level=info

# installation media url
url --url http://192.168.1.7/repo/centos/6/os/x86_64

# Authentication
auth  --useshadow  --enablemd5

# System bootloader configuration
# I haven't password protected bootloader here, but you may want to do so!
bootloader --location=mbr --append="rhgb quiet divider=10"

# Run the Setup Agent on first boot
firstboot --disable

# System keyboard
keyboard us

# System language
lang en_US.UTF-8

# System timezone
timezone  --utc America/Chicago

# Root password not given in the kickstart - will be prompted

# Network settings
network --device eth0 --bootproto static --ip 192.168.1.18 --netmask 255.255.0.0 --gateway 192.168.1.2 --nameserver 192.168.1.2 --hostname one-image-generic.uabgrid.uab.edu --noipv6

# Firewall configuration
firewall --enabled --ssh

# SELinux configuration
selinux --permissive

# authconfig - pam_ldap
authconfig --enableshadow --passalgo=sha512 --enableldapauth --enableldaptls --ldapserver peopledb.uab.edu --ldapbasedn ou=staff,dc=uab,dc=edu

# Do not configure the X Window System
skipx

# Partition clearing information
clearpart --all --initlabel

# Disk partitioning information
# Total (40GB) = pv.1 + /boot
part /boot --fstype="ext4" --size=256
part pv.1 --size=1 --grow
volgroup generic-server_vg00 pv.1
logvol / --fstype ext4 --name=LogVol00 --vgname=generic-server_vg00 --size=2048 --grow

# System packages
%packages --nobase
rpm
rpm-libs
rpm-devel
rpm-build
rpmdevtools
yum
lvm2
grub
sysstat
ntp
openssh-server
openssh-clients
perl
wget
rsync
gcc
gcc-c++
make
sudo
man
which
patch
xinetd
bind-utils
pam_ldap
nss-pam-ldapd
autofs
nfs-utils
nfs-utils-lib
yum-priorities
openssl
curl
curl-devel
yum-utils
httpd
httpd-devel
mysql
mysql-server
mysql-devel
php
php-pear
php-mysql
acpid
audit
gd
libgfortran
gcc-gfortran
telnet
tcpdump
lsof
strace
redhat-lsb
tcl
environment-modules
git-all
mercurial
subversion
subversion-devel
ruby-libs
ruby-docs
ruby-devel
rubygems
ruby-ri
vim-common
vim-enhanced
vim-X11
emacs
%end


%post
###########################################################
### Create scripts to configure the server at first boot ###
###########################################################
postinstdir="/root/post-install"
postinsturl="http://192.168.1.7/kickstarts/rcs-el6/post-install"
host="one-image-generic"

/bin/mkdir -p $postinstdir/log/{common,nodes/$host} $postinstdir/common $postinstdir/nodes/$host


# Build array, Files, containing the post install files
# IMPORTANT: The order in which they are added is the order in which they will be executed!
# Common configs - those that can be applied to multiple machines
Files[${#Files[*]}]="common/rsyslog-remote-server.sh"
Files[${#Files[*]}]="common/repo-el6-config.sh"
Files[${#Files[*]}]="common/autofs-config.sh"
Files[${#Files[*]}]="common/ntp-config.sh"
Files[${#Files[*]}]="common/yum-update-config.sh"
# Node specific configs
Files[${#Files[*]}]="nodes/${host}/root-email.sh"
Files[${#Files[*]}]="nodes/${host}/sudo-config.sh"
Files[${#Files[*]}]="nodes/${host}/firewall-config.sh"
Files[${#Files[*]}]="nodes/${host}/rc-local-contextualize.sh"
Files[${#Files[*]}]="nodes/${host}/clear-network-config.sh"

for file in ${Files[@]} ; do
   /usr/bin/wget ${postinsturl}/${file} -P ${postinstdir} -O ${postinstdir}/${file}
done

# Set the execute bit on the post install scripts that you want to run
/bin/chmod +x $postinstdir/common/*.sh
/bin/chmod +x $postinstdir/nodes/${host}/*.sh

# if you want to prevent particular scripts from running, remove the execute
# bit here

# Now run the scripts
for file in ${Files[@]} ; do
  # Only run the files with the execute bit
  if [ -x $postinstdir/$file ] ; then
    $postinstdir/$file 2>&1 | tee $postinstdir/log/${file}.log
  else
    echo "This script has been disabled and wasn't executed: $postinstdir/$file" > $postinstdir/log/${file}.log
  fi
done

unset Files

# Halt or turn-off system after the installation is complete
/sbin/shutdown -h now

%end

## rc-local-contextualization-inside-image.sh
#!/bin/sh


## Example script - how rc.local can self-contain all contextualization steps
## network config, ntpd, rpcidmapd and puppet

# Update rc.local to
## Mount CD-ROM ISO device on boot
## Run contextualization script
## Unmount CD-ROM ISO device

cat >> /etc/rc.local << \EOF

## Added for OpenNebula contextualization
# http://opennebula.org/documentation:rel3.2:cong
# Virtual Machine contextualization
# OpenNebula VM templates with CONTEXT/files section can be launched only
# by 'oneadmin' users. Since we want non-oneadmin users to launch VMs as well
# we can't use the same CONTEXT/files technique. Hence the contextualization
# is added directly to the rc.local script.


# network-config
# NETMASK, NAMESERVER and GATEWAY variables are set through CONTEXT section
function network_config(){
  ip="$IPBASE.$VMID"
  hostname="one-$VMID.$IMGTYPE.$DOMAIN"
  hostname $hostname

  # ifcfg-eth0
  cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF1
# Added using OpenNebula contextualization
DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
IPADDR=$ip
NETMASK=$NETMASK
IPV6INIT=NO
TYPE=ETHERNET
EOF1

  # resolv.conf
  cat > /etc/resolv.conf << EOF2
# Added using OpenNebula contextualization
search uabgrid.uab.edu
nameserver $NAMESERVER1
nameserver $NAMESERVER2
EOF2

  # network
  cat > /etc/sysconfig/network << EOF3
NETWORKING=yes
HOSTNAME=$hostname
GATEWAY=$GATEWAY
EOF3

  /etc/init.d/network start
  exit_code="$?"
  return $exit_code

}

# rpcidmapd
function rpcidmapd_start(){
  /etc/init.d/rpcidmapd start
  exit_code="$?"
  return $exit_code
}

# puppet
function puppet_registration(){
  # Register VM with the Puppet server
  /etc/init.d/puppet once
  exit_code="$?"
  return $exit_code
}

# ntpd
function ntpd_restart(){
  # Restart ntpd daemon after network service is up
  /etc/init.d/ntpd restart
  exit_code="$?"
  return $exit_code
}

# Main function

# Mount CONTEXT drive
export CONTEXT_DIR=/mnt/context
export CONTEXT_DEV=/dev/cdrom
export ERROR_OUT=/tmp/context-mount.errout

mkdir -p $CONTEXT_DIR

# Mount /dev/cdrom device which contains 'contextulization files'
mount -v -t iso9660 $CONTEXT_DEV $CONTEXT_DIR > $ERROR_OUT 2>&1

# Execute context.sh script if present
if [[ -f $CONTEXT_DIR/context.sh ]]; then
  . $CONTEXT_DIR/context.sh
  IPBASE="10.20.30"

  # OpenNebula launched VMs have restricted IP range in current config
  # Ideally we should be using vnet and/or DHCP
  if [[ "$VMID" -lt 50 && "$VMID" -gt 0 ]]; then
    network_config
    if [[ "$?" -eq 0 ]]; then
      # call rpcidmapd_start and puppet_registration functions
      rpcidmapd_start
      ntpd_restart
      puppet_registration
    else
      echo "Failed to configure/start network service." >> $ERROR_OUT
      # echo "The system will be halted now..." >> $ERROR_OUT
      # /sbin/shutdown -h now
    fi
  else
    echo "Generated IP address $IPBASE.$VMID is outside of allowed range." >> $ERROR_OUT
    echo "The system will be halted now..." >> $ERROR_OUT
    /sbin/shutdown -h now
  fi

else
    echo "Can't find $CONTEXT_DIR/context.sh" >> $ERROR_OUT
fi


# Unmount CONTEXT drive
umount -v $CONTEXT_DIR >> $ERROR_OUT  2>&1
rm -rf $CONTEXT_DIR

EOF

## rc-local-contextualization.sh
#!/bin/sh

# Update rc.local to
## Mount CD-ROM ISO device on boot
## Run contextualization scripts
## Unmount CD-ROM ISO device

cat >> /etc/rc.local << \EOF

## Added for OpenNebula contextualization
# http://opennebula.org/documentation:rel3.2:cong

# Mount CONTEXT drive
export CONTEXT_DIR=/mnt/context
export CONTEXT_DEV=/dev/cdrom
export ERROR_OUT=/tmp/context-mount.errout

mkdir -p $CONTEXT_DIR

# Mount /dev/cdrom device which contains 'contextulization files'
mount -v -t iso9660 $CONTEXT_DEV $CONTEXT_DIR > $ERROR_OUT 2>&1

# Execute context.sh script if present
if [[ -f $CONTEXT_DIR/context.sh ]]; then
  . $CONTEXT_DIR/context.sh
  . $CONTEXT_DIR/init.sh
  . $CONTEXT_DIR/puppet-registration.sh

else
    echo "Can't find $CONTEXT_DIR/context.sh" >> $ERROR_OUT
fi

# Unmount CONTEXT drive
umount -v $CONTEXT_DIR >> $ERROR_OUT  2>&1
rm -rf $CONTEXT_DIR

EOF
	#!/bin/bash

	# Clear VM's network config
	rm /etc/udev/rules.d/70-persistent-net.rules
	rm /etc/sysconfig/network-scripts/ifcfg-eth0
	rm /etc/resolv.conf
	rm /etc/sysconfig/network
	########################################################
	### one-image-generic EL6 kickstart file ###
	########################################################

	# Install OS
	install
	text

	# Installation logging level
	logging --level=info

	# installation media url
	url --url http://192.168.1.7/repo/centos/6/os/x86_64

	# Authentication
	auth --useshadow --enablemd5

	# System bootloader configuration
	# I haven't password protected bootloader here, but you may want to do so!
	bootloader --location=mbr --append="rhgb quiet divider=10"

	# Run the Setup Agent on first boot
	firstboot --disable

	# System keyboard
	keyboard us

	# System language
	lang en_US.UTF-8

	# System timezone
	timezone --utc America/Chicago

	# Root password not given in the kickstart - will be prompted

	# Network settings
	network --device eth0 --bootproto static --ip 192.168.1.18 --netmask 255.255.0.0 --gateway 192.168.1.2 --nameserver 192.168.1.2 --hostname one-image-generic.uabgrid.uab.edu --noipv6

	# Firewall configuration
	firewall --enabled --ssh

	# SELinux configuration
	selinux --permissive

	# authconfig - pam_ldap
	authconfig --enableshadow --passalgo=sha512 --enableldapauth --enableldaptls --ldapserver peopledb.uab.edu --ldapbasedn ou=staff,dc=uab,dc=edu

	# Do not configure the X Window System
	skipx

	# Partition clearing information
	clearpart --all --initlabel

	# Disk partitioning information
	# Total (40GB) = pv.1 + /boot
	part /boot --fstype="ext4" --size=256
	part pv.1 --size=1 --grow
	volgroup generic-server_vg00 pv.1
	logvol / --fstype ext4 --name=LogVol00 --vgname=generic-server_vg00 --size=2048 --grow

	# System packages
	%packages --nobase
	rpm
	rpm-libs
	rpm-devel
	rpm-build
	rpmdevtools
	yum
	lvm2
	grub
	sysstat
	ntp
	openssh-server
	openssh-clients
	perl
	wget
	rsync
	gcc
	gcc-c++
	make
	sudo
	man
	which
	patch
	xinetd
	bind-utils
	pam_ldap
	nss-pam-ldapd
	autofs
	nfs-utils
	nfs-utils-lib
	yum-priorities
	openssl
	curl
	curl-devel
	yum-utils
	httpd
	httpd-devel
	mysql
	mysql-server
	mysql-devel
	php
	php-pear
	php-mysql
	acpid
	audit
	gd
	libgfortran
	gcc-gfortran
	telnet
	tcpdump
	lsof
	strace
	redhat-lsb
	tcl
	environment-modules
	git-all
	mercurial
	subversion
	subversion-devel
	ruby-libs
	ruby-docs
	ruby-devel
	rubygems
	ruby-ri
	vim-common
	vim-enhanced
	vim-X11
	emacs
	%end


	%post
	###########################################################
	### Create scripts to configure the server at first boot ###
	###########################################################
	postinstdir="/root/post-install"
	postinsturl="http://192.168.1.7/kickstarts/rcs-el6/post-install"
	host="one-image-generic"

	/bin/mkdir -p $postinstdir/log/{common,nodes/$host} $postinstdir/common $postinstdir/nodes/$host


	# Build array, Files, containing the post install files
	# IMPORTANT: The order in which they are added is the order in which they will be executed!
	# Common configs - those that can be applied to multiple machines
	Files[${#Files[*]}]="common/rsyslog-remote-server.sh"
	Files[${#Files[*]}]="common/repo-el6-config.sh"
	Files[${#Files[*]}]="common/autofs-config.sh"
	Files[${#Files[*]}]="common/ntp-config.sh"
	Files[${#Files[*]}]="common/yum-update-config.sh"
	# Node specific configs
	Files[${#Files[*]}]="nodes/${host}/root-email.sh"
	Files[${#Files[*]}]="nodes/${host}/sudo-config.sh"
	Files[${#Files[*]}]="nodes/${host}/firewall-config.sh"
	Files[${#Files[*]}]="nodes/${host}/rc-local-contextualize.sh"
	Files[${#Files[*]}]="nodes/${host}/clear-network-config.sh"

	for file in ${Files[@]} ; do
	/usr/bin/wget ${postinsturl}/${file} -P ${postinstdir} -O ${postinstdir}/${file}
	done

	# Set the execute bit on the post install scripts that you want to run
	/bin/chmod +x $postinstdir/common/*.sh
	/bin/chmod +x $postinstdir/nodes/${host}/*.sh

	# if you want to prevent particular scripts from running, remove the execute
	# bit here

	# Now run the scripts
	for file in ${Files[@]} ; do
	# Only run the files with the execute bit
	if [ -x $postinstdir/$file ] ; then
	$postinstdir/$file 2>&1 \| tee $postinstdir/log/${file}.log
	else
	echo "This script has been disabled and wasn't executed: $postinstdir/$file" > $postinstdir/log/${file}.log
	fi
	done

	unset Files

	# Halt or turn-off system after the installation is complete
	/sbin/shutdown -h now

	%end
	#!/bin/sh


	## Example script - how rc.local can self-contain all contextualization steps
	## network config, ntpd, rpcidmapd and puppet

	# Update rc.local to
	## Mount CD-ROM ISO device on boot
	## Run contextualization script
	## Unmount CD-ROM ISO device

	cat >> /etc/rc.local << \EOF

	## Added for OpenNebula contextualization
	# http://opennebula.org/documentation:rel3.2:cong
	# Virtual Machine contextualization
	# OpenNebula VM templates with CONTEXT/files section can be launched only
	# by 'oneadmin' users. Since we want non-oneadmin users to launch VMs as well
	# we can't use the same CONTEXT/files technique. Hence the contextualization
	# is added directly to the rc.local script.


	# network-config
	# NETMASK, NAMESERVER and GATEWAY variables are set through CONTEXT section
	function network_config(){
	ip="$IPBASE.$VMID"
	hostname="one-$VMID.$IMGTYPE.$DOMAIN"
	hostname $hostname

	# ifcfg-eth0
	cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF1
	# Added using OpenNebula contextualization
	DEVICE=eth0
	BOOTPROTO=static
	ONBOOT=yes
	IPADDR=$ip
	NETMASK=$NETMASK
	IPV6INIT=NO
	TYPE=ETHERNET
	EOF1

	# resolv.conf
	cat > /etc/resolv.conf << EOF2
	# Added using OpenNebula contextualization
	search uabgrid.uab.edu
	nameserver $NAMESERVER1
	nameserver $NAMESERVER2
	EOF2

	# network
	cat > /etc/sysconfig/network << EOF3
	NETWORKING=yes
	HOSTNAME=$hostname
	GATEWAY=$GATEWAY
	EOF3

	/etc/init.d/network start
	exit_code="$?"
	return $exit_code

	}

	# rpcidmapd
	function rpcidmapd_start(){
	/etc/init.d/rpcidmapd start
	exit_code="$?"
	return $exit_code
	}

	# puppet
	function puppet_registration(){
	# Register VM with the Puppet server
	/etc/init.d/puppet once
	exit_code="$?"
	return $exit_code
	}

	# ntpd
	function ntpd_restart(){
	# Restart ntpd daemon after network service is up
	/etc/init.d/ntpd restart
	exit_code="$?"
	return $exit_code
	}

	# Main function

	# Mount CONTEXT drive
	export CONTEXT_DIR=/mnt/context
	export CONTEXT_DEV=/dev/cdrom
	export ERROR_OUT=/tmp/context-mount.errout

	mkdir -p $CONTEXT_DIR

	# Mount /dev/cdrom device which contains 'contextulization files'
	mount -v -t iso9660 $CONTEXT_DEV $CONTEXT_DIR > $ERROR_OUT 2>&1

	# Execute context.sh script if present
	if [[ -f $CONTEXT_DIR/context.sh ]]; then
	. $CONTEXT_DIR/context.sh
	IPBASE="10.20.30"

	# OpenNebula launched VMs have restricted IP range in current config
	# Ideally we should be using vnet and/or DHCP
	if [[ "$VMID" -lt 50 && "$VMID" -gt 0 ]]; then
	network_config
	if [[ "$?" -eq 0 ]]; then
	# call rpcidmapd_start and puppet_registration functions
	rpcidmapd_start
	ntpd_restart
	puppet_registration
	else
	echo "Failed to configure/start network service." >> $ERROR_OUT
	# echo "The system will be halted now..." >> $ERROR_OUT
	# /sbin/shutdown -h now
	fi
	else
	echo "Generated IP address $IPBASE.$VMID is outside of allowed range." >> $ERROR_OUT
	echo "The system will be halted now..." >> $ERROR_OUT
	/sbin/shutdown -h now
	fi

	else
	echo "Can't find $CONTEXT_DIR/context.sh" >> $ERROR_OUT
	fi


	# Unmount CONTEXT drive
	umount -v $CONTEXT_DIR >> $ERROR_OUT 2>&1
	rm -rf $CONTEXT_DIR

	EOF