[Freeipa-users] Easy deployment

Dmitri Pal dpal at redhat.com
Thu Sep 27 22:36:21 UTC 2012 

On 09/27/2012 12:51 PM, James James wrote:
> Not yet but can you give me some clues ?

It is the project that does pretty much what you are trying to accomplish.
It has nice UI. It might make sense to take a look.
http://theforeman.org/

>
> 2012/9/27 Dmitri Pal <dpal at redhat.com <mailto:dpal at redhat.com>>
>
>     On 09/25/2012 04:18 PM, Sigbjorn Lie wrote:
>>     On 09/25/2012 12:17 AM, James James wrote:
>>>     Hi guys,
>>>
>>>     we are planning to install 150 freeipa clients and I was
>>>     wondering if there is a way to easily install (from kickstart)
>>>     nfsv4 client.
>>>
>>>     I can add host with
>>>
>>>     # ipa host-add --password=secret
>>>
>>>     But to get the keytab (host and service), I have to log into the
>>>     machine, launch kinit and get the keytab.
>>>
>>>     This will be very painful for 150 clients ....
>>>
>>>     Any hints is welcome ...
>>>
>>>
>>>     _______________________________________________
>>>     Freeipa-users mailing list
>>>     Freeipa-users at redhat.com <mailto:Freeipa-users at redhat.com>
>>>     https://www.redhat.com/mailman/listinfo/freeipa-users
>>     Hi,
>>
>>     I am working on integrating what you are asking for into
>>     OneClickKick. OneClickKick which is a web based GUI for managing
>>     DHCP server and PXE booting. The current version can read the
>>     host objects from IPA's LDAP, and you can use these to generate
>>     PXE boot files for kickstarting RHEL/Fedora, preseeding
>>     Debian/Ubuntu installations, do BIOS upgrades, run LIVE
>>     environments, etc.
>>
>>     What I have done in the past is to add a line like this to the
>>     post section of the kickstart:
>>     /usr/sbin/ipa-client-install --domain="ix.test.com
>>     <http://ix.test.com>" --principal="ipajoinuser"
>>     --password="somepassword" -U -f
>>
>>     This is not ideal even though the kickstart is saved in a
>>     database and only made available dynamically trough a php script
>>     to the host that's enabled for kickstarting. It is not saved in a
>>     text file on the disk. The next version will include tighter
>>     integration with IPA where a One Time Password is set for the
>>     host being kickstarted at the time it's enabled for kickstarting,
>>     and this password is seeded dynamically when the host is served
>>     it's kickstart file.
>>
>>     The next version will also have the PXE Enrollment boot image
>>     updated to supporting adding new hosts directly into IPA. The PXE
>>     Enrollment is support for adding a new host simply to PXE booting
>>     it, logging on, and giving it a hostname and assigning it with a
>>     kickstart profile to load the machine directly from the console
>>     of the new machine.
>>
>>     Adding of machines directly to IPA from the web UI will also be
>>     available in the next version. This allows you to do everything
>>     from adding the host, to selecting the kickstart profile group,
>>     and enabling for PXE installation/kickstart in 1 step.
>>
>>     It can also search trough the /var/log/messages file to find new
>>     hosts that's unknown to it's naming sources and directly add these.
>>
>>     You can also select a group of machine to install, so if you have
>>     your 150 machines in one group you can select the entire group
>>     for installation.
>>
>>
>>     See the project website or contact me for more information:
>>     http://sourceforge.net/projects/oneclickkick/
>>
>>
>
>     Have you looked at Foreman?
>
>>
>>     Regards,
>>     Siggi
>>
>>
>>
>>
>>     _______________________________________________
>>     Freeipa-users mailing list
>>     Freeipa-users at redhat.com <mailto:Freeipa-users at redhat.com>
>>     https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
>     -- 
>     Thank you,
>     Dmitri Pal
>
>     Sr. Engineering Manager for IdM portfolio
>     Red Hat Inc.
>
>
>     -------------------------------
>     Looking to carve out IT costs?
>     www.redhat.com/carveoutcosts/ <http://www.redhat.com/carveoutcosts/>
>
>
>
>     _______________________________________________
>     Freeipa-users mailing list
>     Freeipa-users at redhat.com <mailto:Freeipa-users at redhat.com>
>     https://www.redhat.com/mailman/listinfo/freeipa-users
>
>


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120927/29ee0483/attachment.htm>

More information about the Freeipa-users mailing list