-
Notifications
You must be signed in to change notification settings - Fork 34
/
contrail-ubuntu_xenial.ks
151 lines (127 loc) · 5.86 KB
/
contrail-ubuntu_xenial.ks
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
# Kickstart template for the NewNode (ubuntu)
%pre
wget http://$server/cblr/svc/op/trig/mode/pre/system/$system_name
%post
set -x -v
#--------------------------------------------------------------------------
# Uodate entries in /etc/hosts file for self and puppet ip address
sed -i '/127\.0\..\.1/d' /etc/hosts
echo "127.0.0.1 localhost.$system_domain localhost" >> /etc/hosts
echo "$ip_address $system_name.$system_domain $system_name" >> /etc/hosts
echo "$server puppet" >> /etc/hosts
#--------------------------------------------------------------------------
# Set apt-get config option to allow un-authenticated packages to be installed
# This is needed for puppet package resource to succeed. In the long run, we
# need to have contrail deb packaged correctly signed before creating repo.
cat >/etc/apt/apt.conf <<EOF
/* Configuration file to specify default option for apt-get command.
This is temporary workaround to have our un-authenticated packages
install successfully. Long term, we need to have the packages signed
when those are built.
*/
APT
{
// Options for apt-get
Get
{
AllowUnauthenticated "true";
};
}
EOF
#--------------------------------------------------------------------------
# Enable ssh for root
sed -i '/PermitRootLogin/c\PermitRootLogin yes' /etc/ssh/sshd_config
service ssh restart
#--------------------------------------------------------------------------
# Install puppet
# Update sources.list so that ubuntu repo is available to download all
# dependencies needed by puppet such as ruby, puppet-common etc.
# add repos needed for puppet and its dependencies
#Install puppet 2.7 against 3.x which is got from trusty repo.
#Need to revisit this logic to use preferences.
#echo "deb http://$server/thirdparty_packages/ ./" > /etc/apt/sources.list
cat >>/etc/apt/sources.list <<EOF
# add repos needed for puppet and its dependencies
deb http://puppet/thirdparty_packages/ ./
EOF
apt-get update
apt-get -y install puppet
#cp /etc/apt/sources.list.orig /etc/apt/sources.list
cat >>/etc/apt/sources.list.save <<EOF
# add repos needed for puppet and its dependencies
deb http://puppet/thirdparty_packages/ ./
deb http://archive.ubuntu.com/ubuntu xenial universe multiverse
deb-src http://archive.ubuntu.com/ubuntu xenial universe multiverse
deb http://us.archive.ubuntu.com/ubuntu/ xenial universe
deb-src http://us.archive.ubuntu.com/ubuntu/ xenial universe
deb http://us.archive.ubuntu.com/ubuntu/ xenial-updates universe
deb-src http://us.archive.ubuntu.com/ubuntu/ xenial-updates universe
deb http://us.archive.ubuntu.com/ubuntu/ xenial multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ xenial multiverse
deb http://us.archive.ubuntu.com/ubuntu/ xenial-updates multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ xenial-updates multiverse
deb http://security.ubuntu.com/ubuntu xenial-security universe
deb-src http://security.ubuntu.com/ubuntu xenial-security universe
deb http://security.ubuntu.com/ubuntu xenial-security multiverse
deb-src http://security.ubuntu.com/ubuntu xenial-security multiverse
# Google software repository
deb http://dl.google.com/linux/deb/ stable non-free
EOF
# Get additional packages
apt-get update
apt-get -y install biosdevname
apt-get -y install python-netaddr
apt-get -y install ifenslave=2.4ubuntu1
apt-get -y install vlan
# Packages needed to get Inventory and Monitoring Info
apt-get -y install sysstat
apt-get -y install ethtool
wget -O /root/interface_setup.py http://$server/kickstarts/interface_setup.py
wget -O /root/staticroute_setup.py http://$server/kickstarts/staticroute_setup.py
wget http://$server/contrail/config_file/$system_name.sh
chmod +x $system_name.sh
cp $system_name.sh /etc/init.d
update-rc.d $system_name.sh defaults
#--------------------------------------------------------------------------
#Set up the ntp client
apt-get -y install ntp
ntpdate $server
mv /etc/ntp.conf /etc/ntp.conf.orig
touch /var/lib/ntp/drift
cat << __EOT__ > /etc/ntp.conf
driftfile /var/lib/ntp/drift
server $server
restrict 127.0.0.1
restrict -6 ::1
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
__EOT__
service ntp restart
#--------------------------------------------------------------------------
#--------------------------------------------------------------------------
# Enable puppet conf setting to allow custom facts
echo "[agent]" >> /etc/puppet/puppet.conf
echo " pluginsync = true" >> /etc/puppet/puppet.conf
echo " ignorecache = true" >> /etc/puppet/puppet.conf
echo " usecacheonfailure = false" >> /etc/puppet/puppet.conf
echo " ordering = manifest" >> /etc/puppet/puppet.conf
echo " report = true" >> /etc/puppet/puppet.conf
echo " stringify_facts = false" >> /etc/puppet/puppet.conf
echo "[main]" >> /etc/puppet/puppet.conf
echo "runinterval=10" >> /etc/puppet/puppet.conf
echo "configtimeout=500" >> /etc/puppet/puppet.conf
# Tempprary patch to work around puppet issue of custom facts not working. The custom
# fact scripts get installed with incorrect permissions (no execute permission). This
# results in custom facts not working. Putting a hot patch to work around this problem.
# could be removed once puppet issue is resolved. Abhay
sed -i "s/initialize(name, path, source, ignore = nil, environment = nil, source_permissions = :ignore)/initialize(name, path, source, ignore = nil, environment = nil, source_permissions = :use)/g" /usr/lib/ruby/vendor_ruby/puppet/configurer/downloader.rb
#--------------------------------------------------------------------------
# Enable to start puppet agent on boot
#sed -i 's/START=.*$/START=yes/' /etc/default/puppet
#blacklist mei module for ocp
echo "blacklist mei" >> /etc/modprobe.d/blacklist.conf
echo "blacklist mei \ninstall mei /bin/true" > /etc/modprobe.d/mei.conf;
echo "blacklist mei_me \ninstall mei_me /bin/true" > /etc/modprobe.d/mei_me.conf;
echo "blacklist mei_me" >> /etc/modprobe.d/blacklist.conf
wget http://$server/cblr/svc/op/trig/mode/post/system/$system_name
%end