-
Notifications
You must be signed in to change notification settings - Fork 34
/
contrail-ubuntu_trusty.ks
executable file
·226 lines (195 loc) · 9.47 KB
/
contrail-ubuntu_trusty.ks
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
# Kickstart template for the NewNode (ubuntu)
%pre
wget http://$server/cblr/svc/op/trig/mode/pre/system/$system_name
%post
set -x -v
#--------------------------------------------------------------------------
# Uodate entries in /etc/hosts file for self and puppet ip address
sed -i '/127\.0\..\.1/d' /etc/hosts
echo "127.0.0.1 localhost.$system_domain localhost" >> /etc/hosts
echo "$ip_address $system_name.$system_domain $system_name" >> /etc/hosts
echo "$server puppet" >> /etc/hosts
#--------------------------------------------------------------------------
# Set apt-get config option to allow un-authenticated packages to be installed
# This is needed for puppet package resource to succeed. In the long run, we
# need to have contrail deb packaged correctly signed before creating repo.
cat >/etc/apt/apt.conf <<EOF
/* Configuration file to specify default option for apt-get command.
This is temporary workaround to have our un-authenticated packages
install successfully. Long term, we need to have the packages signed
when those are built.
*/
APT
{
// Options for apt-get
Get
{
AllowUnauthenticated "true";
};
}
EOF
#--------------------------------------------------------------------------
# Enable ssh for root
sed -i '/PermitRootLogin/c\PermitRootLogin yes' /etc/ssh/sshd_config
service ssh restart
#--------------------------------------------------------------------------
# Install puppet
# Update sources.list so that ubuntu repo is available to download all
# dependencies needed by puppet such as ruby, puppet-common etc.
# add repos needed for puppet and its dependencies
#Install puppet 2.7 against 3.x which is got from trusty repo.
#Need to revisit this logic to use preferences.
#echo "deb http://$server/thirdparty_packages/ ./" > /etc/apt/sources.list
cat >>/etc/apt/sources.list <<EOF
# add repos needed for puppet and its dependencies
deb http://puppet/thirdparty_packages/ ./
EOF
apt-get update
apt-get -y install puppet
#cp /etc/apt/sources.list.orig /etc/apt/sources.list
cat >>/etc/apt/sources.list.save <<EOF
# add repos needed for puppet and its dependencies
deb http://puppet/thirdparty_packages/ ./
#deb cdrom:[Ubuntu 14.04 _Trusty Tahr_ - Release i386]/ Trusty main restricted
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://us.archive.ubuntu.com/ubuntu/ trusty main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ trusty main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb http://us.archive.ubuntu.com/ubuntu/ trusty-updates main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ trusty-updates main restricted
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://us.archive.ubuntu.com/ubuntu/ trusty universe
deb-src http://us.archive.ubuntu.com/ubuntu/ trusty universe
deb http://us.archive.ubuntu.com/ubuntu/ trusty-updates universe
deb-src http://us.archive.ubuntu.com/ubuntu/ trusty-updates universe
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://us.archive.ubuntu.com/ubuntu/ trusty multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ trusty multiverse
deb http://us.archive.ubuntu.com/ubuntu/ trusty-updates multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ trusty-updates multiverse
## Uncomment the following two lines to add software from the 'backports'
## repository.
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://us.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse
## Uncomment the following two lines to add software from Canonical's
## 'partner' repository. This software is not part of Ubuntu, but is
## offered by Canonical and the respective vendors as a service to Ubuntu
## users.
deb http://archive.canonical.com/ubuntu trusty partner
deb-src http://archive.canonical.com/ubuntu trusty partner
deb http://security.ubuntu.com/ubuntu trusty-security main restricted
deb-src http://security.ubuntu.com/ubuntu trusty-security main restricted
deb http://security.ubuntu.com/ubuntu trusty-security universe
deb-src http://security.ubuntu.com/ubuntu trusty-security universe
deb http://security.ubuntu.com/ubuntu trusty-security multiverse
deb-src http://security.ubuntu.com/ubuntu trusty-security multiverse
## Medibuntu - Ubuntu 14.04 "Trusty Tahr"
## Please report any bug on https://bugs.launchpad.net/medibuntu/
deb http://packages.medibuntu.org/ trusty free non-free
deb-src http://packages.medibuntu.org/ trusty free non-free
# Google software repository
deb http://dl.google.com/linux/deb/ stable non-free
EOF
# Get additional packages
apt-get update
apt-get -y install biosdevname
apt-get -y install python-netaddr
apt-get -y install ifenslave=2.4ubuntu1
apt-get -y install vlan
# Packages needed to get Inventory and Monitoring Info
apt-get -y install sysstat
apt-get -y install ethtool
wget -O /root/interface_setup.py http://$server/kickstarts/interface_setup.py
wget -O /root/staticroute_setup.py http://$server/kickstarts/staticroute_setup.py
wget http://$server/contrail/config_file/$system_name.sh
chmod +x $system_name.sh
cp $system_name.sh /etc/init.d
update-rc.d $system_name.sh defaults
#--------------------------------------------------------------------------
#Set up the ntp client
apt-get -y install ntp
ntpdate $server
mv /etc/ntp.conf /etc/ntp.conf.orig
touch /var/lib/ntp/drift
cat << __EOT__ > /etc/ntp.conf
driftfile /var/lib/ntp/drift
server $server
restrict 127.0.0.1
restrict -6 ::1
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
__EOT__
service ntp restart
#--------------------------------------------------------------------------
#--------------------------------------------------------------------------
# Enable puppet conf setting to allow custom facts
echo "[agent]" >> /etc/puppet/puppet.conf
echo " pluginsync = true" >> /etc/puppet/puppet.conf
echo " ignorecache = true" >> /etc/puppet/puppet.conf
echo " usecacheonfailure = false" >> /etc/puppet/puppet.conf
echo " ordering = manifest" >> /etc/puppet/puppet.conf
echo " report = true" >> /etc/puppet/puppet.conf
echo " stringify_facts = false" >> /etc/puppet/puppet.conf
echo "[main]" >> /etc/puppet/puppet.conf
echo "runinterval=10" >> /etc/puppet/puppet.conf
echo "configtimeout=500" >> /etc/puppet/puppet.conf
# Tempprary patch to work around puppet issue of custom facts not working. The custom
# fact scripts get installed with incorrect permissions (no execute permission). This
# results in custom facts not working. Putting a hot patch to work around this problem.
# could be removed once puppet issue is resolved. Abhay
sed -i "s/initialize(name, path, source, ignore = nil, environment = nil, source_permissions = :ignore)/initialize(name, path, source, ignore = nil, environment = nil, source_permissions = :use)/g" /usr/lib/ruby/vendor_ruby/puppet/configurer/downloader.rb
#--------------------------------------------------------------------------
# Enable to start puppet agent on boot
#sed -i 's/START=.*$/START=yes/' /etc/default/puppet
if [ "$contrail_repo_name" != "" ];
then
cd /etc/apt
datetime_string=`date +%Y_%m_%d__%H_%M_%S`
cp sources.list sources.list.$datetime_string
echo "deb http://$server/contrail/repo/$contrail_repo_name ./" > new_repo
#modify /etc/apt/soruces.list/ to add new repo on the top
grep "deb http://$server/contrail/repo/$contrail_repo_name ./" sources.list
if [ $? != 0 ]; then
cat new_repo sources.list > new_sources.list
mv new_sources.list sources.list
fi
apt-get update
# Kept for now to create local /opt/contrail on target, should be removed
# later - Abhay
apt-get -y install contrail-install-packages
#--------------------------------------------------------------------------
# below was to create local repo on target, commented out as we create a
# repo on cobbler. Kept the commented below for reference.
# Create directory to copy the package file
# mkdir -p /tmp
# cd /tmp
# wget http://$server/contrail/images/$contrail_repo_name.deb
#--------------------------------------------------------------------------
# Install the package file
# dpkg -i $contrail_repo_name.deb
#--------------------------------------------------------------------------
# Execute shell script to create repo
cd /opt/contrail/contrail_packages
./setup.sh
echo "exec-contrail-setup-sh" >> exec-contrail-setup-sh.out
fi
#blacklist mei module for ocp
echo "blacklist mei" >> /etc/modprobe.d/blacklist.conf
echo "blacklist mei \ninstall mei /bin/true" > /etc/modprobe.d/mei.conf;
echo "blacklist mei_me \ninstall mei_me /bin/true" > /etc/modprobe.d/mei_me.conf;
echo "blacklist mei_me" >> /etc/modprobe.d/blacklist.conf
wget http://$server/cblr/svc/op/trig/mode/post/system/$system_name
%end