[Spacewalk-list] Several Kickstart questions
Will Beldman
wbeldma at uwo.ca
Mon May 25 15:02:12 UTC 2015
On May 24, 2015 12:20:07 PM Alexander Innes wrote:
> Aloha there,
>
> The point of kickstart is so you can manually make it do exaclty what you
> need to get a standard build without having the faff of extra scripts to
> run at the end :)
>
> 1) I use a post scrip to to move the files out of yum.repos.d so that they
> are ignored, I prefer moving to deleting incase i screw something up in
> spacewalk :)
Okay. This is something I can easily do. Is there a snippet out there that
already does this? Otherwise, I know this would work:
for i in `ls /etc/yum.repos.d`; do mv $i /etc/yum.repos.d/$i.off; done;
> 2) You need to import the GPG key in the kickstart, if you have used the
> space command tool to make the repos I think the GPG key is imported to
> spacewalk automattically, if not check the gpg keys, then if they are there
> and correct in the actual kickstart make sure they are checked to be
> imported during build time. This should solve it
See this is what surprised me. The GPG key is listed in the config. The page
in Spacewalk explicitly says: "Below is a list of the GPG and SSL keys you
have created. Selected keys will be imported during the %post section of all
kickstarts scheduled using this profile. "
The key is dropped into /usr/share/rhn, but it is not actually imported via
rpm.
> 3) To be honest i would recommend using DHCP, even if its just in the build
> environment,
>
> 4) To use snippets paste the macro in the post script, the macro is the $
> ones. Then at the bottom of the script editing page there is a checkbox
> that syas something along the lines of enable templating. Once that is
> clicked when you view the "raw" kickstart you will see the macro replaced
> with the snippet. I tend to keep all actions in snippets rather than
> scripts as then they are centra for all builds so im only changing one
> thing rather than 6
Thanks. I'll try that.
> 5) You should try and make them generic, what is it thats differnt about
> them? If its the network config then dhcp ;), the passwords I set default
> "weak" ones then modify the MOTD of the box to add a TODO checklist before
> the box is pushed into production, on there is change + record the disk
> encyption and root passwords. My kickstarts also ask for user input when
> needed :), never got that part to work in centos 7 though
How do you get user input? I tried the interactive flag but it's been
deprecated for CentOS 7.
> 6) i had the same "problem" (Its not really a problem just a wierd way of
> doing it), in the kickstart theres a packages section, you just need to add
> that and some others to there, however i dont have my notes at the moment
> so i couldnt say what they are till monday :)
Yeah, I've resorted to doing this for now. My Package Groups look like this:
@ Base
rhnsd
m2crypto
yum-rhn-plugin
rhncfg-actions
yum-utils
But I feel like if I request spacewalk configuration and remote commands, all
the right packages should be installed for me and I shouldn't have to ALSO
explicitly state certain packages to be installed.
> On a side note would it be usefull for you to have a Wiki style page to
> follow going through the options and such? (not sure if there is one) i
> could write on up for the Main spacewalk site (and yoink it for my website
> ;D) If it would help :),
This would be greatly appreciated. There is a lot of documentation on how to
setup kickstart, what all the options are and what they do. I am having
trouble finding documentation on kickstart philosophy and best practices. So
I'm stuck hacking through some things that "work" and I just hope that I am
doing it the most efficient and proper way.
> On 22 May 2015 at 17:08, Will Beldman <wbeldma at uwo.ca> wrote:
> > Hi Everyone,
> >
> > I'm very new to both Spacewalk (using v2.2) and Kickstart. I'm trying to
> > stumble through my first CentOS 7 kickstart. I'd like to avoid manual
> > customizations as much as I can so I have a few questions:
> >
> > 1. I've got as far as successfully completing a kickstart and it
> > automatically
> > registers the host in Spacewalk. At this point, I would like the machine
> > to
> > disable any locally configured repos and depend on Spacewalk only. Should
> > I
> > create my own post script to do this?
> >
> > 2. So I manually disable locally configured repos and it is using
> > Spacewalk
> > only, but I cannot run updates locally. yum update gives the standard GPG
> > key
> > error message:
> > ==================
> >
> > You have enabled checking of packages via GPG keys. This is a good
> >
> > thing...
> >
> > ...
> > rpm --import public.gpg.key
> > ...
> > Problem repository: centos-7-64bit
> >
> > ==================
> > I see from the generated kickstart file, in the post script, the Spacewalk
> > cert is being dropped in /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT but no
> > rpm --
> >
> > import line for it. There is a line to do:
> > rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
> >
> > But since this is CentOS, this doesn't do anything.
> > Is this normal? Should I also add an rpm --import line in another
> > customized
> > post script?
> >
> > 3. We do not use DHCP in our environment so I am kickstarting via static
> > IP
> > and I need to set kickstart to use static as well. I have manually updated
> > the
> >
> > network advanced option to:
> > --bootproto=static --ip=$IP --netmask=$NM --gateway=$GW
> >
> > --hostname=$HN --
> > nameserver=$NS1 --nameserver=$NS2 --nameserver=$NS3
> > and I added variables to match my specific host. First of all, it looks
> > like
> > my nameservers are being ignored. My kickstarted machine is using the
> > nameserver I specified at boot time when I kickstarted it and not the
> > three I
> > set here. Second, does this approach make sense? I see it listed as an
> > example
> > in some documentation (
> > https://access.redhat.com/documentation/en-US/Red_Hat_Network_Satellite/5.
> > 3/html/Reference_Guide/s1-cobbler-templates.html#s2-cobbler-templates-usag
> > e), but I also see that are snippets
> >
> > listed in my Spacewalk server that I could take advantage of?:
> > network_config $SNIPPET('network_config')
> > post_install_network_config
> >
> > $SNIPPET('post_install_network_config')
> >
> > pre_install_network_config
> >
> > $SNIPPET('pre_install_network_config')
> > Should I configure the network settings in the kickstart config or can I
> > be
> > prompted for that in the installer? Or can I get the machine to assume the
> > boot parameters I supplied for the network configuration?
> >
> > 4. On that subject, how do I use snippets in kickstart through Spacewalk?
> > There are a handful there and a bunch I can find online. Spacewalk says:
> > "TIP:
> > Copy and paste the snippet macro into your kickstart profiles to make the
> > full
> > snippet appear in that kickstart profile."
> > Okay, where? In the advanced options? Do I download my automatically
> > generated
> > kickstart file, modify it, and re-upload it?
> >
> > 5. Is it common to have one kickstart config per machine? Every time I
> > want to
> > spin up a new machine, should I clone a "base" kickstart profile and
> > modify
> > the settings appropriately to make it machine specific? Or is it possible
> > to
> > template a kickstart profile enough to have exactly one to work from. In
> > the
> > end, at least for now, I would be looking for every kickstarted machine to
> > be
> > identical except for network configuration and root password.
> >
> > 6. I checked off "Enable Spacewalk Configuration Management" and "Enable
> > Spacewalk Remote Commands" but rhncfg-actions does not get installed so
> > this
> > cannot be working. I can manually add the package to the list of software
> > to
> > be installed but this should not be necessary.
> >
> > Help on any of these questions would be greatly appreciated.
> >
> > _______________________________________________
> > Spacewalk-list mailing list
> > Spacewalk-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/spacewalk-list
More information about the Spacewalk-list
mailing list