This repository has been archived by the owner on Jan 14, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 7
/
default.conf
321 lines (281 loc) · 11.4 KB
/
default.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
# THIS IS THE LML DEFAULT CONFIGURATION! IT GIVES AN EXAMPLE FOR ALL
# CONFIGURATION ITEMS THAT LML KNOWS.
#
# PLEASE DONT EDIT THIS FILE!!!!!
#
# INSTEAD, CREATE ADDITIONAL CONFIGURATION FILES LIKE /etc/lml/*.conf
#
# The configuration is read with http://search.cpan.org/dist/Config-IniFiles, see there for what you can
# use in this config file. Where we say list of we mean that you can provide a single value OR a list (with <<EOF syntax).
# Templates are always given as multi-line value with <<EOF
#
[dhcp]
# trigger the DHCP server with this command after changing the host list
triggercommand=sudo /usr/sbin/service dhcp3-server force-reload
# this file is managed by lml and contains ISC dhcp3 host entries for each managed host
hostsfile=/etc/dhcp3/dhcp-hosts.conf
# this is the domain we need to append to the VM name to construct a valid FQDN
appenddomain=arc.int
# NOTE: DNS is managed entirely through the DHCP integration, hence no configuration items here.
# List of network label patterns for which we actually have to manage the DHCP server.
managed_networks=<<EOF
.*
EOF
[appenddomains]
# Per-network setting of appenddomain, overriding the default from [dhcp]
# example: ARC_NETWORK=dyn.arc.int
[gui]
# The GUI should filter the VM path, () denotes the part displayed to the user
# this removes the leading <datacenter-name>/vm>/ stuff from the display name
display_filter_vm_path=^[^/]+/vm(.*)$
# Content of the <a>...</a> extra link that points to http://CLIENT_IP
# The link is shown while the VM is in force boot mode and we use this
# to link to the Kickstart Debugger (http://github.com/ImmobilienScout24/kickstart-debugger)
# which runs on our systems during provisioning. You could also put an image there (<img src=... />).
extra_link_text=Kickstart Debugger
# define a list of variables here. The pxelinux-proxy.pl script will take the KEY as
# the name of the TOKEN (in *.pxelinux files) and the VALUE as the token replacement
# Variables look like %%%kickstart_host%%%, variable names are case-insensitive
[proxy_variables]
# Example: kickstart_host=kickstart.arc.int
[pxelinux]
# redirect target if a VM passes all LML checks and is allowed to boot.
# think twice before changing this as pxelinux.0 uses that as a built-in default in case pxelinux.pl throws a 500
# set to 0 to disable redirecting
default_redirect=pxelinux.cfg/default
# redirect target for non-VMs (anything that LML cant find in the vSphere inventory)
# set to 0 to disable redirecting
unknown_redirect=pxelinux.cfg/default
# redirect target for VMs that dont match our networks
# set to 0 to disable redirecting
othervm_redirect=pxelinux.cfg/default
# pxelinux configuration for error screen
# QRIMAGE is replaced by the URL to a background image which contains the error details as a QR code
error_main= <<EOF
menu width 80
menu margin 0
menu helpmsgrow -1
menu color title * #FFFFFFFF *
menu color border * #00000000 #00000000 none
menu color sel 0 #ffffffff #00000000 none
menu color unsel 0 #ffffffff #00000000 none
menu color hotsel 0 #ffffffff #00000000 none
menu background QRIMAGE
ui bin/vesamenu.c32
noescape 1
allowoptions 0
prompt 0
timeout 0
EOF
# pxelinux configuration error tile prefix for error screen
error_title=ERROR REPORT FOR VM
# pxelinux configuration for error item on error screen
error_item= <<EOF
kernel bin/reboot.c32
text help
Please fix these issues and press ENTER to reboot and try again
endtext
EOF
# template for qrdata forceboot target, URL will be replaced with the URL to the QR image
qrdata_template=<<EOF
# push the menu out of the screen
menu vshift -1
menu width 80
menu background URL
menu color title * #FFFFFFFF *
menu color border * #00000000 #00000000 none
menu color sel 0 #ffffffff #00000000 none
menu color unsel 0 #ffffffff #00000000 none
menu color hotsel 0 #ffffffff #00000000 none
menu vshift 5
#menu rows 13
label dummy
menu label
kernel bin/reboot.c32
ui bin/vesamenu.c32
noescape 1
allowoptions 0
prompt 0
timeout 0
EOF
# template for fatal errors. MESSAGE will be replaced by the actual error message. Used with showfatalerrors=1
# set a force boot target of fatalerror to trigger a fatal error for testing purposes
fatalerror_template=<<EOF
menu width 80
menu color title * #ff000000 #ffffffff
menu color border * #00000000 #00000000 none
menu color sel * #ff000000 #ffffffff none
menu color unsel * #ff000000 #ffffffff none
menu color hotsel * #ff000000 #ffffffff none
menu color help * #ff000000 #ffffffff none
menu vshift 5
menu title A FATAL ERROR HAS HAPPENED
menu rows 2
ui bin/vesamenu.c32
noescape 1
allowoptions 0
prompt 0
timeout TIMEOUT
label error
menu label MESSAGE
kernel bin/reboot.c32
text help
Please stand up and call for help!
endtext
EOF
# local path to pxelinux.cfg directory, needed for forceboot autodetection
# This is the local path for the URI given to pxelinux as TFTP path prefix
# dont include the pxelinux.cfg directory itself!
pxelinuxcfg_path=/var/www/boot
[forceboot]
# force boot profiles
# NOTE: fatalerror is used internally, but you can override it at the loss of the ability to trigger a fake fatal error
# NOTE: unmanaged is used internally and you cannot override it here. Unmanaged VMs should NOT PXE boot hence LML triggers a fatal error for them
# each profile simply maps to a pxelinux configuration file, for example:
# server=menu/server.centos5.txt
[hostrules]
# hostnames must match this Perl pattern
pattern=^[a-z]{6}[0-9]{3}$
# The group_pattern is used to identify similar vms by their name. When a vm will be
# created, the creation script will take care, that this vm is not going to an host with
# similar vm(s) on it. A brace is needed! If this parameter is not set or no braces are defined
# the distribution function will be deactivated.
group_pattern=[a-z]{3}([a-z]{3})[0-9]{3}
# You can define the assignment of vms here. Beginning with defining the rulesets here. The
# ruleset name will be used in front of the ruleset patterns to identify them
#vm_host_assignment=<<EOF
#tst_dev
#pro
#EOF
# This is an ruleset which allows all vms with dev or tst as the first three letters of their
# hostname on esx hosts with tst as the first three letters in the hostname
#tst_dev.vm_pattern=(dev|tst).*
#tst_dev.host_pattern=(tst).*
# This ruleset said, that only hosts with pro as the first threee letters in the hostname
# will be assigned to esx hosts with pro as the first three letters in their hostname
#pro.vm_pattern=(pro).*
#pro.host_pattern=(pro).*
# deactivate dns checks. Only do this, if you really need it
dnscheck=1
# List of DNS domains to check new hostnames against. Matching VMs are not allowed to boot. Never list DHCP.APPENDDOMAIN here!
dnscheckzones= <<EOF
some.zone
some.other.zone
EOF
[dnscheckzones]
# Optional additional DNS zones to check against set per network label
# Example:
# List of more DNS domains
# ARC_NETWORK=some.other.network
[modifyvm]
# modify the VM so that it can boot only via PXE
forcenetboot=1
[lml]
# where to keep lml internal data
datadir=/var/lib/lml
# should fatal errors be shown to the PXE boot client, this uses the fatalerror_template
# fatalerror is a builtin force boot target to trigger a fatal error for testing purposes
showfatalerrors=0
# should we fail on invalid forceboot targets
failoninvalidforceboot=1
# globally disable proxy
# It seems like LWP ignores the no_proxy setting for HTTPS. ATM the only workaround seems to be to
# disable proxy settings globally.
disableproxy=0
# should we dump placement and filtering debug output
verbose_auto_placement=0
[triggers]
# run this optional command after deleting a VM. Keys from LML::Lab are replaced if they are in the %%%TOKEN%%% form
# default is disabled, this is an example
# vmdestroy=curl http://host/sys/destroy/%%%NAME%%%.%%%DNS_DOMAIN%%%
# vmdetonate=curl http://host/sys/detonate/%%%NAME%%%.%%%DNS_DOMAIN%%%
# CONSIDER: %%%CLIENT_IP%%%, %%%DNS_DOMAIN%%% and %%%CUSTOMFIELDS%%% are not available on vmcreate
# vmcreate=curl http://host/sys/create/%%%NAME%%%
[vmscreenshot]
# enable vmscreenshot.pl
enabled=1
# allow server_push
server_push=1
# how long to wait between pushing images
push_delay=15
# how many images to push in a single request (push_delay * push_max = Amount of time you can watch a VM)
push_max=25
[vsphere]
server=devvcs01.iscout.local
username=vCenterService
password=********************
# default datacenter as target for new vms
datacenter=MY_DATACENTER
# default network(s) for new vms each line one network (no wildcards)
default_vm_networks=<<EOF
arc.int
EOF
# if you run this on VMA or on Windows then you can try to use pass through auth.
# However, this is an untested feature and might not work.
passthroughauth=0
# disable certificate checking
disablecertificatevalidation=0
# List of networks that a VM must be attached to (with at least one NIC) so that LML will care about it.
# the names can be also a perl regex (^ and $ is added, dont use them!)
networks=<<EOF
.*
EOF
# define the custom field name that contains a UNIX username to validate
contactuserid_field=Contact User ID
# the UNIX username must have a uid >= this one
contactuserid_minuid=1000
# define the custom field name that contains the VM expiry date
expires_field=Expires
# use european date format for expiry date field
expires_european=1
# define networks to whitelist from expiry
expires_whitelist_networks= <<EOF
intern1.example
intern2.example
EOF
# maximum expiration in days - fail VMs that expire too far in the future.
expires_maximum=1000
# Define a field that contains info about forced PXE boots (ON|OFF)
forceboot_field=Force Boot
# Define a field where the target for the forceboot is given
forceboot_target_field=Force Boot Target
# VMs in a VM path matching one of the following patterns will always be treated with othervm_redirect
# Default is empty to not ignore any VM path. Patterns are matched case insensitive by qr(^...$)i.
ignore_paths=
# VMs must be in one of allow_paths pattern and may not be in any of deny_paths patterns.
# Patterns are matched case insensitive by qr(^...$)i
# Default is allow all and deny none
allow_paths=.*
deny_paths=
[http]
# here you can set some options for http
# base_url= can be set to the http://<host>/<path> that should be prefixed to all LML scripts
# if it is not set, then LML will try to guess it.
[network_assignment]
# List of permitted VM name regex patterns for each network label. Patterns are case-sensitive and used in qr(^<pattern>$).
# Example:
# ARC_NETWORK=<<EOF
# is24.*
# EOF
# ARC_BACKUP_NETWORK=backup.*
# ARC_NETWORK_FE=.*web\d+
[new_vm]
# List of configured network assignments. This list describes the search order for vm network
# assignment. The assignment which has the first hit matching the vm name patterns in [network_assignment]
# will take precedence.
network_search_order=<<EOF
ARC_NETWORK
ARC_BACKUP_NETWORK
EOF
# Suffix identifier for the second interface. This value will be append to the network label of the
# first interface. The resulting name should represend the network label of the second interface
2nd_interface_suffix=_FE
# Hostrule patterns for that hosts, which should get an second interface
2nd_interface=<<EOF
EOF
[vm_spec]
host_announcement=http://host.arc.int/hostname-package/hostname-%s.arc.int.rpm
host_spec=http://host.arc.int/configviewer/hosts/%s/data/vmProfile/esx.json
[backgroundimage]
# Customize the backgroundimage.pl script with a 400x150px png image
customimage=sorry.png