From 1b74dc75a4ac7a80b8bad1b1482b42084009c80a Mon Sep 17 00:00:00 2001 From: sus-admin Date: Wed, 5 Feb 2025 00:43:04 -0500 Subject: [PATCH 1/2] some formatting and syntax fixes on existing guides, and adding new OpenSUSE Deployment Guide --- _includes/autoinstall_done.md | 62 +++++ _includes/autoinstall_start.md | 27 ++ _includes/example-preseed-excerpt.txt | 42 ---- _includes/example-preseed-excerpt.txt.md | 42 ++++ _includes/suse-15.6-autoyast.xml.md | 121 +++++++++ _includes/suse-15.6-networking.xml.md | 234 ++++++++++++++++++ _includes/suse-15.6_scriptwrapper.xml.md | 10 + ...24-11-12-Cobbler-v3.3.6-Beginners-Guide.md | 5 +- ...-Cobbler-v3.3.7-Debian-Deployment-Guide.md | 12 +- ...obbler-v3.3.7-OpenSUSE-Deployment-Guide.md | 192 ++++++++++++++ 10 files changed, 695 insertions(+), 52 deletions(-) create mode 100644 _includes/autoinstall_done.md create mode 100644 _includes/autoinstall_start.md delete mode 100644 _includes/example-preseed-excerpt.txt create mode 100644 _includes/example-preseed-excerpt.txt.md create mode 100644 _includes/suse-15.6-autoyast.xml.md create mode 100644 _includes/suse-15.6-networking.xml.md create mode 100644 _includes/suse-15.6_scriptwrapper.xml.md create mode 100644 _posts/2025/2025-02-05-Cobbler-v3.3.7-OpenSUSE-Deployment-Guide.md diff --git a/_includes/autoinstall_done.md b/_includes/autoinstall_done.md new file mode 100644 index 00000000..683061a9 --- /dev/null +++ b/_includes/autoinstall_done.md @@ -0,0 +1,62 @@ + #set system_name = $getVar('system_name','') + #set profile_name = $getVar('profile_name','') + #if $system_name != '' + #set object_type = 'system' + #set object_name = $system_name + #else if $profile_name != '' + #set object_type = 'profile' + #set object_name = $profile_name + #else + #set object_type = '' + #set object_name = '' + #end if + #set breed = $getVar('breed','') + #set os_version = $getVar('os_version','') + #set srv = $getVar('http_server','') + #set autoinstall = $getVar('autoinstall','') + #set run_install_triggers = $getVar('run_install_triggers','') + #set pxe_just_once = $getVar('pxe_just_once','') + #set nopxe = "" + #set save_autoinstall = "" + #set runpost = "" + #if $system_name != '' + ## PXE JUST ONCE + #if $pxe_just_once + #if $breed == 'redhat' + #set nopxe = "\ncurl \"http://%s/cblr/svc/op/nopxe/system/%s\" -o /dev/null" % (srv, system_name) + #else if $breed == 'vmware' and $os_version == 'esx4' + #set nopxe = "\ncurl \"http://%s/cblr/svc/op/nopxe/system/%s\" -o /dev/null" % (srv, system_name) + #else + #set nopxe = "\nwget \"http://%s/cblr/svc/op/nopxe/system/%s\" -O /dev/null" % (srv, system_name) + #end if + #end if + #end if + #if $object_type != '' + ## SAVE AUTO INSTALLATION + #if $autoinstall != '' + #if $breed == 'redhat' + #set save_autoinstall = "\ncurl \"http://%s/cblr/svc/op/autoinstall/%s/%s\" -o /root/cobbler.ks" % (srv, object_type, object_name) + #else if $breed == 'suse' + #set save_autoinstall = "\ncurl \"http://%s/cblr/svc/op/autoinstall/%s/%s\" -o /root/cobbler.xml" % (srv, object_type, object_name) + #else if $breed == 'vmware' and $os_version == 'esx4' + #set save_autoinstall = "\ncurl \"http://%s/cblr/svc/op/autoinstall/%s/%s\" -o /root/cobbler.ks" % (srv, object_type, object_name) + #else if $breed == 'vmware' + #set save_autoinstall = "\nwget \"http://%s/cblr/svc/op/autoinstall/%s/%s\" -O /var/log/cobbler.ks" % (srv, object_type, object_name) + #else if $breed == 'debian' or $breed == 'ubuntu' + #set save_autoinstall = "\nwget \"http://%s/cblr/svc/op/autoinstall/%s/%s\" -O /var/log/cobbler.seed" % (srv, object_type, object_name) + #end if + #end if + ## RUN POST TRIGGER + #if $run_install_triggers + #if $breed == 'redhat' or $breed == 'suse' + #set runpost = "\ncurl \"http://%s/cblr/svc/op/trig/mode/post/%s/%s\" -o /dev/null" % (srv, object_type, object_name) + #else if $breed == 'vmware' and $os_version == 'esx4' + #set runpost = "\ncurl \"http://%s/cblr/svc/op/trig/mode/post/%s/%s\" -o /dev/null" % (srv, object_type, object_name) + #else + #set runpost = "\nwget \"http://%s/cblr/svc/op/trig/mode/post/%s/%s\" -O /dev/null" % (srv, object_type, object_name) + #end if + #end if + #end if + #echo $nopxe + #echo $save_autoinstall + #echo $runpost diff --git a/_includes/autoinstall_start.md b/_includes/autoinstall_start.md new file mode 100644 index 00000000..9eb46f0e --- /dev/null +++ b/_includes/autoinstall_start.md @@ -0,0 +1,27 @@ + #set system_name = $getVar('system_name','') + #set profile_name = $getVar('profile_name','') + #if $system_name != '' + #set object_type = 'system' + #set object_name = $system_name + #else if $profile_name != '' + #set object_type = 'profile' + #set object_name = $profile_name + #else + #set object_type = '' + #set object_name = '' + #end if + #set breed = $getVar('breed','') + #set srv = $getVar('http_server','') + #set run_install_triggers = $getVar('run_install_triggers','') + #set runpre = "" + #if $object_type != '' + ## RUN PRE TRIGGER + #if $run_install_triggers + #if $breed == 'redhat' or $breed == 'suse' + #set runpre = "\ncurl \"http://%s/cblr/svc/op/trig/mode/pre/%s/%s\" -o /dev/null" % (srv, object_type, object_name) + #else + #set runpre = "\nwget \"http://%s/cblr/svc/op/trig/mode/pre/%s/%s\" -O /dev/null" % (srv, object_type, object_name) + #end if + #end if + #end if + #echo $runpre diff --git a/_includes/example-preseed-excerpt.txt b/_includes/example-preseed-excerpt.txt deleted file mode 100644 index 89e1f1cc..00000000 --- a/_includes/example-preseed-excerpt.txt +++ /dev/null @@ -1,42 +0,0 @@ -### Apt setup -# Choose, if you want to scan additional installation media -# (default: false). -d-i apt-setup/cdrom/set-first boolean false -# You can choose to install non-free firmware. -#d-i apt-setup/non-free-firmware boolean true -# You can choose to install non-free and contrib software. -#d-i apt-setup/non-free boolean true -#d-i apt-setup/contrib boolean true -# Uncomment the following line, if you don't want to have the sources.list -# entry for a DVD/BD installation image active in the installed system -# (entries for netinst or CD images will be disabled anyway, regardless of -# this setting). -#d-i apt-setup/disable-cdrom-entries boolean true -# Uncomment this if you don't want to use a network mirror. -#d-i apt-setup/use_mirror boolean false -# Select which update services to use; define the mirrors to be used. -# Values shown below are the normal defaults. -#d-i apt-setup/services-select multiselect security, updates -#d-i apt-setup/security_host string security.debian.org - -# Additional repositories, local[0-9] available -#d-i apt-setup/local0/repository string \ -# http://local.server/debian stable main -#d-i apt-setup/local0/comment string local server -# Enable deb-src lines -#d-i apt-setup/local0/source boolean true -# URL to the public key of the local repository; you must provide a key or -# apt will complain about the unauthenticated repository and so the -# sources.list line will be left commented out. -#d-i apt-setup/local0/key string http://local.server/key -# or one can provide it in-line by base64 encoding the contents of the -# key file (with `base64 -w0`) and specifying it thus: -#d-i apt-setup/local0/key string base64://LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCi4uLgo= -# The content of the key file is checked to see if it appears to be ASCII-armoured. -# If so it will be saved with an ".asc" extension, otherwise it gets a '.gpg' extension. -# "keybox database" format is currently not supported. (see generators/60local in apt-setup's source) - -# By default the installer requires that repositories be authenticated -# using a known gpg key. This setting can be used to disable that -# authentication. Warning: Insecure, not recommended. -#d-i debian-installer/allow_unauthenticated boolean true diff --git a/_includes/example-preseed-excerpt.txt.md b/_includes/example-preseed-excerpt.txt.md new file mode 100644 index 00000000..be463edc --- /dev/null +++ b/_includes/example-preseed-excerpt.txt.md @@ -0,0 +1,42 @@ + ### Apt setup + # Choose, if you want to scan additional installation media + # (default: false). + d-i apt-setup/cdrom/set-first boolean false + # You can choose to install non-free firmware. + #d-i apt-setup/non-free-firmware boolean true + # You can choose to install non-free and contrib software. + #d-i apt-setup/non-free boolean true + #d-i apt-setup/contrib boolean true + # Uncomment the following line, if you don't want to have the sources.list + # entry for a DVD/BD installation image active in the installed system + # (entries for netinst or CD images will be disabled anyway, regardless of + # this setting). + #d-i apt-setup/disable-cdrom-entries boolean true + # Uncomment this if you don't want to use a network mirror. + #d-i apt-setup/use_mirror boolean false + # Select which update services to use; define the mirrors to be used. + # Values shown below are the normal defaults. + #d-i apt-setup/services-select multiselect security, updates + #d-i apt-setup/security_host string security.debian.org + + # Additional repositories, local[0-9] available + #d-i apt-setup/local0/repository string \ + # http://local.server/debian stable main + #d-i apt-setup/local0/comment string local server + # Enable deb-src lines + #d-i apt-setup/local0/source boolean true + # URL to the public key of the local repository; you must provide a key or + # apt will complain about the unauthenticated repository and so the + # sources.list line will be left commented out. + #d-i apt-setup/local0/key string http://local.server/key + # or one can provide it in-line by base64 encoding the contents of the + # key file (with `base64 -w0`) and specifying it thus: + #d-i apt-setup/local0/key string base64://LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCi4uLgo= + # The content of the key file is checked to see if it appears to be ASCII-armoured. + # If so it will be saved with an ".asc" extension, otherwise it gets a '.gpg' extension. + # "keybox database" format is currently not supported. (see generators/60local in apt-setup's source) + + # By default the installer requires that repositories be authenticated + # using a known gpg key. This setting can be used to disable that + # authentication. Warning: Insecure, not recommended. + #d-i debian-installer/allow_unauthenticated boolean true diff --git a/_includes/suse-15.6-autoyast.xml.md b/_includes/suse-15.6-autoyast.xml.md new file mode 100644 index 00000000..bbfea9f0 --- /dev/null +++ b/_includes/suse-15.6-autoyast.xml.md @@ -0,0 +1,121 @@ + + + + + false + + ## without the next 6 lines autoyast will ask for confirmation bevore installation + + + false + true + + + $SNIPPET('addons.xml') + $SNIPPET('hosts.xml') + + auto + + +
us.pool.ntp.org
+ false + false + + +
2.opensuse.pool.ntp.org
+ false + false + + + 15 + + $SNIPPET('kdump.xml') + + us + + + en_US + + + + UTC + EST5EDT + + + + chrony + sudo + openssh + + + + + + sshd + + + + + $SNIPPET('suse-15.4-networking.xml') + + + true + root + 0 + /root + + + + + + + + + /bin/bash + 0 + $default_password_crypted + root + + + true + suse + $default_password_crypted + + + + ## we have to include the pre-scripts tag to get autoinstall_start included + + #set global $wrappedscript = 'autoinstall_start' + $SNIPPET('suse-15.4_scriptwrapper.xml') + ## SuSE has an annoying habit on ppc64 of changing the system + ## boot order after installation. This makes it non-trivial to + ## automatically re-install future OS. + #set global $wrappedscript = 'save_boot_device' + $SNIPPET('suse-15.4_scriptwrapper.xml') + + + ## + ## This plugin wrapper provides the flexibility to call pure shell + ## snippets which can be used directly on autoinst file and with + ## wrapper on SuSE. + ## + ## To use it + ## - exchange name_of_pure_shell_snippet with the name of this shell snippet + ## - and remove the '##' in front of the line with suse-15.4_scriptwrapper.xml + ## + #set global $wrappedscript = 'name_of_pure_shell_snippet' + ## $SNIPPET('suse-15.4_scriptwrapper.xml') + + ## SuSE has an annoying habit on ppc64 of changing the system + ## boot order after installation. This makes it non-trivial to + ## automatically re-install future OS. + #set global $wrappedscript = 'restore_boot_device' + $SNIPPET('suse-15.4_scriptwrapper.xml') + + ## we have to include the init-scripts tag to get autoinstall_done included + + #set global $wrappedscript = 'autoinstall_done' + $SNIPPET('suse-15.4_scriptwrapper.xml') + + + diff --git a/_includes/suse-15.6-networking.xml.md b/_includes/suse-15.6-networking.xml.md new file mode 100644 index 00000000..0d7ba616 --- /dev/null +++ b/_includes/suse-15.6-networking.xml.md @@ -0,0 +1,234 @@ + #set $osversion = $getVar("os_version","") + #set $hostname = $getVar("hostname","") + #if $hostname == "" + #set $hostname = $getVar("system_name","cobbler") + #end if + #if $getVar("dns_name_eth0","") != "" + #set $my_hostname = $hostname.split('.',1)[:1][0] + #set $my_domainname = $dns_name_eth0.split('.',1)[1:][0] + #else + #set $my_hostname = $hostname + #set $my_domainname = "site" + #end if + + + ## Figure out if we're automating OS installation for a system or a profile + #if $getVar('system_name','') != '' + false + #else + true + #end if + + + + + + false + false + + $my_hostname + $my_domainname + #if $getVar("name_servers_search",[]) != [] + + #for $sd in $name_servers_search + $sd + #end for + + #end if + #if $name_servers and $name_servers[0] != "": + + #for $ns in $name_servers + $ns + #end for + + #end if + + + #if $getVar("system_name","") != "" + #import re + #set $vlanpattern = $re.compile("[a-zA-Z0-9]+[\.][0-9]+") + #set $ikeys = $interfaces.keys() + #for $iface in $ikeys + #set $idata = $interfaces[$iface] + #set $mac = $idata.get("mac_address", "").lower() + #set $static = $idata.get("static", "") + #set $ip = $idata.get("ip_address", "") + #set $netmask = $idata.get("netmask", "") + #set $static_routes = $idata.get("static_routes", "") + #set $iface_type = $idata.get("interface_type", "").lower() + #set $iface_master = $idata.get("interface_master", "") + #set $bonding_opts = $idata.get("bonding_opts", "").lower() + #set $ipv6_address = $idata.get("ipv6_address", "") + #set $ipv6_secondaries = $idata.get("ipv6_secondaries", "") + #set $ipv6_mtu = $idata.get("ipv6_mtu", "") + #set $ipv6_default_gateway = $idata.get("ipv6_default_gateway", "") + #set $ipv6_static_routes = $idata.get("ipv6_static_routes", "") + ## start of interface section + + #if $iface_type in ("bond", "master") + yes + $bonding_opts + #set $loop_ikeys = $interfaces.keys() + #set $loop_counter = 0 + #for $loop_iface in $loop_ikeys + #set $loop_idata = $interfaces[$loop_iface] + #set $loop_interface_type = $loop_idata.get("interface_type", "").lower() + #if $loop_interface_type in ("slave","bond_slave") + #if $loop_idata["interface_master"] != "" + #if $loop_idata["interface_master"].lower() == $iface.lower() + $loop_iface + #set $loop_counter += 1 + #end if + #end if + #end if + #end for + #if $static + static + #else + dhcp + #end if + $iface + $ip + $netmask + auto + no + #elif $iface_type in ("slave","bond_slave","bridge_slave") + none + $iface + #if $osversion == "sles12" or re.match('^sles12sp[1234]$', $osversion) + hotplug + #else + off + #end if + no + #elif $iface_type in ("","na") + #if $static + static + #else + dhcp + #end if + $iface + $mac + $ip + $netmask + auto + no + #end if + ## =================================================================== + ## VLAN configuration + ## =================================================================== + #if $vlanpattern.match($iface) + #set [$etherdevice, $vlanid] = $iface.split(".") + $etherdevice + $vlanid + #end if + ## =================================================================== + ## IPv6 support + ## =================================================================== + #if $ipv6_address != "" + + + $ipv6_address + + 64 + + #if $ipv6_secondaries != "" + #set $s = 1 + #for $alias in $ipv6_secondaries + + $alias + + 64 + + #set $s += 1 + #end for + #end if + + #end if + + #end for + #end if + + network_manager + #if $getVar("system_name","") != "" + + #set $ikeys = $interfaces.keys() + #for $iface in $ikeys + #set $idata = $interfaces[$iface] + #set $mac = $idata["mac_address"] + #set $interface_type = $idata["interface_type"] + #if $mac.lower() != "" + #if $interface_type.lower() not in ["bond","bridge"] + + $iface + ATTR{address} + $mac.lower() + + #end if + #end if + #end for + + #end if + + false + #if $getVar("system_name","") != "" + + + default + - + - + $gateway + + ## =================================================================== + ## IPv4 static route setup + ## =================================================================== + #for $iface in $ikeys + #set $idata = $interfaces[$iface] + #set $static_routes = $idata.get("static_routes", "") + #for $route in $static_routes + #set routepattern = $re.compile("[0-9/.]+:[0-9.]+") + #if $routepattern.match($route) + #set $routebits = $route.split(":") + #set [$network, $router] = $route.split(":") + + $network + - + $iface + $router + + #end if + #end for + #end for + ## =================================================================== + ## IPv6 routing setup + ## =================================================================== + #for $iface in $ikeys + #set $idata = $interfaces[$iface] + #set $ipv6_static_routes = $idata.get("ipv6_static_routes", "") + #set $ipv6_default_gateway = $idata.get("ipv6_default_gateway", "") + #if $ipv6_default_gateway != "" + + default + - + $iface + $ipv6_default_gateway + + #end if + #for $route in $ipv6_static_routes + #set routepattern = $re.compile("[0-9a-fA-F:/]+,[0-9a-fA-F:]+") + #if $routepattern.match($route) + #set $routebits = $route.split(",") + #set [$network, $router] = $route.split(",") + + $network + - + $iface + $router + + #end if + #end for + #end for + + #end if + + diff --git a/_includes/suse-15.6_scriptwrapper.xml.md b/_includes/suse-15.6_scriptwrapper.xml.md new file mode 100644 index 00000000..e20a732b --- /dev/null +++ b/_includes/suse-15.6_scriptwrapper.xml.md @@ -0,0 +1,10 @@ + diff --git a/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md b/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md index 5f53052b..f0b03475 100644 --- a/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md +++ b/_posts/2024/2024-11-12-Cobbler-v3.3.6-Beginners-Guide.md @@ -250,7 +250,7 @@ Mount the Fedora 34 Server installation media and run the `cobbler import` ```shell mkdir /mnt/Fedora -mount -t iso9660 -o loop,ro /home/fedora/Downloads/Fedora-Server-dvd-x86_64-34-1.2.iso /mnt/Fedora +mount -t iso9660 -o loop,ro ~/Downloads/Fedora-Server-dvd-x86_64-34-1.2.iso /mnt/Fedora cobbler import --name=Fedora34 --arch=x86_64 --path=/mnt/Fedora ``` @@ -298,7 +298,7 @@ cobbler sync Take similar steps as above to import and autoinstall Fedora 37 Server, being sure to use unique names for Cobbler Distros, Profiles, and Systems, as well as unique MAC addresses and IP addresses for Systems (unless configured differently in `/etc/cobbler/settings.yaml`) ```shell -mount -t iso9660 -o loop,ro /home/fedora/Downloads/Fedora-Server-dvd-x86_64-37-1.7.iso /mnt/Fedora +mount -t iso9660 -o loop,ro ~/Downloads/Fedora-Server-dvd-x86_64-37-1.7.iso /mnt/Fedora cobbler import --name=Fedora37 --arch=x86_64 --path=/mnt/Fedora cobbler distro edit --name Fedora37-x86_64 --kernel-options "" cat /var/lib/cobbler/templates/sample.ks | grep -v "\--useshadow" | grep -v ^install | sed 's,selinux --disabled,selinux --permissive,' | sed 's,rootpw --iscrypted \$default_password_crypted,rootpw --iscrypted \$default_password_crypted\nuser --groups=wheel --name=fedora --password=\$default_password_crypted --iscrypted --gecos="fedora",' | tee /var/lib/cobbler/templates/Fedora37.ks @@ -573,4 +573,3 @@ tftp 127.0.0.1 cat /etc/httpd/conf/httpd.conf cat /etc/httpd/conf.d/cobbler.conf ``` - diff --git a/_posts/2024/2024-12-02-Cobbler-v3.3.7-Debian-Deployment-Guide.md b/_posts/2024/2024-12-02-Cobbler-v3.3.7-Debian-Deployment-Guide.md index 0c3a1f24..1b95b827 100644 --- a/_posts/2024/2024-12-02-Cobbler-v3.3.7-Debian-Deployment-Guide.md +++ b/_posts/2024/2024-12-02-Cobbler-v3.3.7-Debian-Deployment-Guide.md @@ -15,7 +15,7 @@ This guide assumes that you have a Fedora 34 server or workstation system config ## Objective -Starting where the [Beginner's guide](/blog/2024/11/12/Cobbler-v3.3.6-Beginners-Guide.html) left off, further configure the Cobbler v3.3.7 server to deploy the latest release of Debian 11 Bullseye and Debian 12 Bookworm via PXE network boot, using the same system and network environment. This guide assumes that you still have `selinux` and `firewalld` configured and enabled as described in the Beginner's guide. +Starting where the [Beginner's guide](/blog/2024/11/12/Cobbler-v3.3.6-Beginners-Guide.html) left off, further configure the Cobbler v3.3.7 server to deploy the latest release of Debian 11 Bullseye and Debian 12 Bookworm *server* via PXE network boot, using the same system and network environment. This guide assumes that you still have `selinux` and `firewalld` configured and enabled as described in the Beginner's guide. ### Caveats @@ -89,7 +89,7 @@ mount the Debian 12 Bookworm installation media and import the distro into cobbl ```shell [ -e /mnt/Debian ] || mkdir /mnt/Debian -mount -t iso9660 -o loop,ro /home/fedora/Downloads/debian-12.8.0-amd64-DVD-1.iso /mnt/Debian +mount -t iso9660 -o loop,ro ~/Downloads/debian-12.8.0-amd64-DVD-1.iso /mnt/Debian cobbler import --name Debian12.8 --path /mnt/Debian ``` @@ -186,7 +186,7 @@ Take similar steps as above, with the inclusion of the netboot "firmware" image ```shell [ -e /mnt/Debian ] || mkdir /mnt/Debian -mount -t iso9660 -o loop,ro /home/fedora/Downloads/debian-11.11.0-amd64-DVD-1.iso /mnt/Debian +mount -t iso9660 -o loop,ro ~/Downloads/debian-11.11.0-amd64-DVD-1.iso /mnt/Debian cobbler import --name=Debian11.11 --path=/mnt/Debian cd /var/www/cobbler/distro_mirror/Debian11.11/dists/bullseye @@ -269,7 +269,7 @@ wget -O ~/Downloads/debian-stable-initrd.gz http://ftp.us.debian.org/debian/dist wget -O ~/Downloads/debian-stable-netboot-initrd.gz http://ftp.us.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz wget -O ~/Downloads/debian-stable-vmlinuz http://ftp.us.debian.org/debian/dists/stable/main/installer-amd64/current/images/cdrom/vmlinuz mkdir /var/www/cobbler/pub/Debian12.8-netboot -cat /home/fedora/Downloads/debian-stable-initrd.gz /home/fedora/Downloads/debian-stable-netboot-initrd.gz > /var/www/cobbler/pub/Debian12.8-netboot/initrd.gz +cat ~/Downloads/debian-stable-initrd.gz ~/Downloads/debian-stable-netboot-initrd.gz > /var/www/cobbler/pub/Debian12.8-netboot/initrd.gz cp ~/Downloads/debian-stable-vmlinuz /var/www/cobbler/pub/Debian12.8-netboot/vmlinuz ``` @@ -301,9 +301,8 @@ Now the **PXE Client** should be able to boot from a generic/random MAC address - The issue stems from the below section of the preseed file, retrieved drectly from Debian's official [stable](https://www.debian.org/releases/stable/example-preseed.txt) and [bookworm](https://www.debian.org/releases/bookworm/example-preseed.txt) example preseed files. -
{% include example-preseed-excerpt.txt path="_includes/example-preseed-excerpt.txt" %}
+{% include example-preseed-excerpt.txt.md path="_includes/example-preseed-excerpt.txt.md" %} -1. *(continued)* - As seen in the procedures above, `allow_unauthenticated` is set to true, which appears to only permit the installation to START when an untrusted repo mirror is found, but the mirror will be checked again before beginning the `apt-setup` phase, which `allow_unauthenticated` will not override. - This means that the `debian-installer` also requires the local APT mirror to be defined using the `d-i apt-setup/local0/repository` & `d-i apt-setup/local0/key` preseed options in order for the PXE client to retrieve the public GPG key for the repo mirror and use it to validate the mirror, which seems to be configured properly through the preseed from Cobbler, verified with the following commands on the `debian-installer` system (and obviously can be done, since the workaround provided in this guide does essentially the same thing): @@ -378,4 +377,3 @@ Now the **PXE Client** should be able to boot from a generic/random MAC address - [https://debian-handbook.info/browse/wheezy/sect.package-authentication.html](https://debian-handbook.info/browse/wheezy/sect.package-authentication.html) - [https://serverfault.com/questions/337278/debian-how-can-i-securely-get-debian-archive-keyring-so-that-i-can-do-an-apt-g](https://serverfault.com/questions/337278/debian-how-can-i-securely-get-debian-archive-keyring-so-that-i-can-do-an-apt-g) - [https://ubuntuforums.org/archive/index.php/t-2217665.html](https://ubuntuforums.org/archive/index.php/t-2217665.html) - diff --git a/_posts/2025/2025-02-05-Cobbler-v3.3.7-OpenSUSE-Deployment-Guide.md b/_posts/2025/2025-02-05-Cobbler-v3.3.7-OpenSUSE-Deployment-Guide.md new file mode 100644 index 00000000..1ca2de79 --- /dev/null +++ b/_posts/2025/2025-02-05-Cobbler-v3.3.7-OpenSUSE-Deployment-Guide.md @@ -0,0 +1,192 @@ +--- +layout: post +title: Cobbler (v3.3.7) OpenSUSE Deployment Guide +author: Sus-Admin +summary: Deploying OpenSUSE Leap 15 via PXE network boot. +--- + +This guide assumes that you have a Fedora 34 server or workstation system configured to run Cobbler v3.3.7 similarly to the [Cobbler v3.3.6 Beginner's guide](/blog/2024/11/12/Cobbler-v3.3.6-Beginners-Guide.html). + +## Table of Contents +{:.no_toc} + +1. TOC +{:toc} + +## Objective + +Starting where the [Beginner's guide](/blog/2024/11/12/Cobbler-v3.3.6-Beginners-Guide.html) left off, further configure the Cobbler v3.3.7 server to deploy OpenSUSE Leap 15 *server* via PXE network boot, using the same system and network environment. This guide assumes that you still have `selinux` and `firewalld` configured and enabled as described in the Beginner's guide. + +## OpenSUSE Leap 15 PXE Deployment + +This guide has been tested with OpenSUSE Leap 15.4, 15.5, & 15.6, which can be obtained from the sites below: + +- [download.opensuse.org](https://download.opensuse.org/distribution/leap/) + +- [provo-mirror.opensuse.org](https://provo-mirror.opensuse.org/distribution/leap/) + +- [cdimage.debian.org](https://cdimage.debian.org/mirror/opensuse.org/distribution/leap/) + +This guide will detail Leap 15.6 specifically; start by downloading the installation media on the Cobbler server: + +```shell +cd ~/Downloads +wget https://provo-mirror.opensuse.org/distribution/leap/15.6/iso/openSUSE-Leap-15.6-DVD-x86_64-Media.iso +``` + +Mount the installation media and run the `cobbler import`: + +```shell +[ -d /mnt/SUSE ] || mkdir /mnt/SUSE +mount -t iso9660 -o loop,ro ~/Downloads/openSUSE-Leap-15.6-DVD-x86_64-Media.iso /mnt/SUSE +cobbler import --name=SUSE-15.6 --arch=x86_64 --path=/mnt/SUSE +``` + +Update the `kernel-options` for the newly imported Cobbler Distro: + +```shell +cobbler distro edit --name SUSE-15.6-x86_64 --kernel-options 'install=$tree' +``` + +Create the necessary autoinstall template files, based on the originals included with cobbler, to generate a compatible `autoyast.xml` autoinstall file + +- **TIP:** execute the below text blocks on the Cobbler server CLI one-by-one exactly as shown below to edit the files appropriately; the final files (including the optional chagnes made in the next step) will be included at the very bottom of this guide for reference + +```shell +cat /var/lib/cobbler/templates/sample_autoyast.xml | \ + sed 's,english,us,' | \ + grep -v runlevel | grep -v "3" | \ + sed 's,networking.xml,suse-15.6-networking.xml,' | \ + sed 's,suse_scriptwrapper.xml,suse-15.6_scriptwrapper.xml,' | \ + tee /var/lib/cobbler/templates/suse-15.6-autoyast.xml +``` + +```shell +cat /var/lib/cobbler/snippets/networking.xml | \ + grep -v dhcp_resolv | \ + sed 's,^.*,## Figure out if we'\''re automating OS installation for a system or a profile\n#if $getVar('\''system_name'\''\,'\'\'') != '\'\''\n false\n#else\n true\n#end if,' | \ + sed 's,,network_manager,' | \ + sed 's,,#if $name_servers and $name_servers[0] != "":\n ,' | \ + sed 's,,\n #end if,' | \ + sed '/ /,/ #if $getVar("system_name","") != ""/c\ \ \ \ #if $getVar("system_name","") != ""\n\ \ \ \ ' | \ + sed -z 's,#end if\n ,\n #end if,' | \ + tee /var/lib/cobbler/snippets/suse-15.6-networking.xml +``` + +```shell +cat /var/lib/cobbler/snippets/suse_scriptwrapper.xml | \ + grep -v network_needed | \ + grep -v interpreter | \ + tee /var/lib/cobbler/snippets/suse-15.6_scriptwrapper.xml +``` + +```shell +cp /var/lib/cobbler/snippets/autoinstall_start /var/lib/cobbler/snippets/autoinstall_start.bkp +cp /var/lib/cobbler/snippets/autoinstall_done /var/lib/cobbler/snippets/autoinstall_done.bkp +sed -i -z 's,#if $run_install_triggers\n #if $breed == .redhat.,#if $run_install_triggers\n #if $breed == '\''redhat'\'' or $breed == '\''suse'\'',' /var/lib/cobbler/snippets/autoinstall_start /var/lib/cobbler/snippets/autoinstall_done +``` + +Optionally, further configure the autoyast template to install the `sudo`, `openssh`, & `chrony` packages, setup system NTP client, set the timezone precisely, enable the `sshd` systemd service, and configure a new linux user ***suse*** with the same password as the root user. + +```shell +sed 's,^ , \n \n UTC\n EST5EDT\n \n \n \n chrony\n sudo\n openssh\n \n \n \n \n \n sshd\n \n \n ,' /var/lib/cobbler/templates/suse-15.6-autoyast.xml +sed 's,$SNIPPET(.hosts.xml.),$SNIPPET('\''hosts.xml'\'')\n \n auto\n \n \n
us.pool.ntp.org
\n false\n false\n \n \n
2.opensuse.pool.ntp.org
\n false\n false\n \n \n 15\n ,' /var/lib/cobbler/templates/suse-15.6-autoyast.xml +sed 's,,\n \n true\n suse\n $default_password_crypted\n ,' /var/lib/cobbler/templates/suse-15.6-autoyast.xml +``` + + +Configure the Cobbler Profile to use the new autoinstall (`autoyast.xml`) template: + +```shell +cobbler profile edit --name SUSE-15.6-x86_64 --autoinstall suse-15.6-autoyast.xml +``` + +Create a new Cobbler System to automatically boot and install OpenSUSE Leap 15.6, replacing the *"aa:bb:cc:dd:ee:ff"* with the MAC address of your PXE client, being sure not to use a duplicate MAC or IP addresse of any other Cobbler System, and then sync up Cobbler: + +```shell +cobbler system add --name SUSE-15.6 --profile SUSE-15.6-x86_64 --netboot-enabled true --hostname SUSE-15-6 --interface eth0 --static true --mac-address "aa:bb:cc:dd:ee:ff" --ip-address 10.0.0.15 --gateway 10.0.0.1 --netmask 255.255.255.0 --name-servers "10.0.0.1 1.1.1.1 10.0.0.10" +``` + +Finally, sync up Cobbler: + +```shell +cobbler sync +``` + +## Taking it Further (Leap Micro Deployment) + +With OpenSUSE Leap 15 deploying successfully as described above, the Cobbler server is also prepped to deploy OpenSUSE Leap Micro *(v5.5 tested)* + +Download the installation media and use the same autoinstall file and options to configure a new Cobbler System for deploying OpenSUSE Leap Micro 5.5 + +```shell +cd ~/Downloads && wget https://slc-mirror.opensuse.org/distribution/leap-micro/5.5/product/iso/openSUSE-Leap-Micro-5.5-DVD-x86_64-Media.iso + +mount -t iso9660 -o loop,ro ~/Downloads/openSUSE-Leap-Micro-5.5-DVD-x86_64-Media.iso /mnt/SUSE +cobbler import --name=Leap-micro-5.5 --arch=x86_64 --path=/mnt/SUSE + +cobbler distro edit --name Leap-micro-5.5-x86_64 --kernel-options 'install=$tree' +cobbler profile edit --name Leap-micro-5.5-x86_64 --autoinstall suse-15.6-autoyast.xml +cobbler system add --name Leap-micro --profile Leap-micro-5.5-x86_64 --netboot-enabled true --enable-ipxe false --hostname Leap-micro --interface eth0 --static true --mac-address "aa:bb:cc:dd:ee:ff" --ip-address 10.0.0.15 --gateway 10.0.0.1 --netmask 255.255.255.0 --name-servers "10.0.0.1 1.1.1.1 10.0.0.10" +cobbler sync +``` + +## Tips & Troubleshooting + +1. The [Cobbler 3.3.6 Beginner's Guide](/blog/2024/11/12/Cobbler-v3.3.6-Beginners-Guide.html) **Tips & Troubleshooting** section contains some basic recommendations and limitations of Cobbler which will not be repeated here. + +1. References + + - [https://cobbler.readthedocs.io/en/v3.3.6/cobblerd.html#autoinstallation-autoyast-kickstart](https://cobbler.readthedocs.io/en/v3.3.6/cobblerd.html#autoinstallation-autoyast-kickstart) + + - [https://doc.opensuse.org/projects/autoyast/](https://doc.opensuse.org/projects/autoyast/) + + - [https://doc.opensuse.org/projects/autoyast/#CreateProfile-CMS-new](https://doc.opensuse.org/projects/autoyast/#CreateProfile-CMS-new) + + - [https://doc.opensuse.org/documentation/leap/archive/15.4/autoyast/html/book-autoyast/Invoking.html](https://doc.opensuse.org/documentation/leap/archive/15.4/autoyast/html/book-autoyast/Invoking.html) + + - [https://doc.opensuse.org/documentation/leap/archive/15.4/autoyast/single-html/book-autoyast/](https://doc.opensuse.org/documentation/leap/archive/15.4/autoyast/single-html/book-autoyast/) + + - [https://documentation.suse.com/sles/15-SP5/html/SLES-all/book-autoyast.html](https://documentation.suse.com/sles/15-SP5/html/SLES-all/book-autoyast.html) + + - [https://documentation.suse.com/en-us/sles/15-SP4/html/SLES-all/cha-autoyast-create-control-file.html](https://documentation.suse.com/en-us/sles/15-SP4/html/SLES-all/cha-autoyast-create-control-file.html) + + - [https://documentation.suse.com/en-us/sles/15-SP4/html/SLES-all/cha-autoyast-create-control-file.html#CreateProfile-Manual](https://documentation.suse.com/en-us/sles/15-SP4/html/SLES-all/cha-autoyast-create-control-file.html#CreateProfile-Manual) + + - [https://doc.opensuse.org/documentation/leap/archive/15.4/autoyast/single-html/book-autoyast/](https://doc.opensuse.org/documentation/leap/archive/15.4/autoyast/single-html/book-autoyast/) + + - [https://en.opensuse.org/SDB:PXE_boot_installation](https://en.opensuse.org/SDB:PXE_boot_installation) + + - [https://www.suse.com/support/kb/doc/?id=000020329](https://www.suse.com/support/kb/doc/?id=000020329) + + - [https://www.linuxquestions.org/questions/linux-server-73/sles-equivalent-of-root-anaconda-ks-cfg-4175543325/](https://www.linuxquestions.org/questions/linux-server-73/sles-equivalent-of-root-anaconda-ks-cfg-4175543325/) + + - [https://www.w3schools.com/xml/xml_validator.asp](https://www.w3schools.com/xml/xml_validator.asp) + + - [https://forums.opensuse.org/t/pxe-autoyast-15-3-15-4/150848](https://forums.opensuse.org/t/pxe-autoyast-15-3-15-4/150848) + + - [https://opensuse-autoinstall.opensuse.narkive.com/8tBZNWIG/debugging-autoyast](https://opensuse-autoinstall.opensuse.narkive.com/8tBZNWIG/debugging-autoyast) + + - [https://opensuse-autoinstall.opensuse.narkive.com/441KAfMq/how-to-configure-services-using-autoyast](https://opensuse-autoinstall.opensuse.narkive.com/441KAfMq/how-to-configure-services-using-autoyast) + +1. Edited files + + - suse-15.6-autoyast.xml + +{% include suse-15.6-autoyast.xml.md path="_includes/suse-15.6-autoyast.xml.md" %} + + - suse-15.6-networking.xml + +{% include suse-15.6-networking.xml.md path="_includes/suse-15.6-networking.xml.md" %} + + - suse-15.6_scriptwrapper.xml + +{% include suse-15.6_scriptwrapper.xml.md path="_includes/suse-15.6_scriptwrapper.xml.md" %} + + - autoinstall_start + +{% include autoinstall_start.md path="_includes/autoinstall_start.md" %} + + - autoinstall_done + +{% include autoinstall_done.md path="_includes/autoinstall_done.md" %} From 21ef386c4b3ee08af64f3d722afc5f93456ca158 Mon Sep 17 00:00:00 2001 From: Sheeno Date: Wed, 5 Feb 2025 09:15:54 -0500 Subject: [PATCH 2/2] Apply suggestions from code review Do I need to sign these changes, or this is OK? Co-authored-by: Enno G. --- ...2025-02-05-Cobbler-v3.3.7-OpenSUSE-Deployment-Guide.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/_posts/2025/2025-02-05-Cobbler-v3.3.7-OpenSUSE-Deployment-Guide.md b/_posts/2025/2025-02-05-Cobbler-v3.3.7-OpenSUSE-Deployment-Guide.md index 1ca2de79..05a0d157 100644 --- a/_posts/2025/2025-02-05-Cobbler-v3.3.7-OpenSUSE-Deployment-Guide.md +++ b/_posts/2025/2025-02-05-Cobbler-v3.3.7-OpenSUSE-Deployment-Guide.md @@ -19,7 +19,7 @@ Starting where the [Beginner's guide](/blog/2024/11/12/Cobbler-v3.3.6-Beginners- ## OpenSUSE Leap 15 PXE Deployment -This guide has been tested with OpenSUSE Leap 15.4, 15.5, & 15.6, which can be obtained from the sites below: +This guide has been tested with openSUSE Leap 15.4, 15.5, & 15.6, which can be obtained from the sites below: - [download.opensuse.org](https://download.opensuse.org/distribution/leap/) @@ -101,7 +101,7 @@ Configure the Cobbler Profile to use the new autoinstall (`autoyast.xml`) templa cobbler profile edit --name SUSE-15.6-x86_64 --autoinstall suse-15.6-autoyast.xml ``` -Create a new Cobbler System to automatically boot and install OpenSUSE Leap 15.6, replacing the *"aa:bb:cc:dd:ee:ff"* with the MAC address of your PXE client, being sure not to use a duplicate MAC or IP addresse of any other Cobbler System, and then sync up Cobbler: +Create a new Cobbler System to automatically boot and install openSUSE Leap 15.6, replacing the *"aa:bb:cc:dd:ee:ff"* with the MAC address of your PXE client, being sure not to use a duplicate MAC or IP addresse of any other Cobbler System, and then sync up Cobbler: ```shell cobbler system add --name SUSE-15.6 --profile SUSE-15.6-x86_64 --netboot-enabled true --hostname SUSE-15-6 --interface eth0 --static true --mac-address "aa:bb:cc:dd:ee:ff" --ip-address 10.0.0.15 --gateway 10.0.0.1 --netmask 255.255.255.0 --name-servers "10.0.0.1 1.1.1.1 10.0.0.10" @@ -115,9 +115,9 @@ cobbler sync ## Taking it Further (Leap Micro Deployment) -With OpenSUSE Leap 15 deploying successfully as described above, the Cobbler server is also prepped to deploy OpenSUSE Leap Micro *(v5.5 tested)* +With openSUSE Leap 15 deploying successfully as described above, the Cobbler server is also prepped to deploy openSUSE Leap Micro *(v5.5 tested)* -Download the installation media and use the same autoinstall file and options to configure a new Cobbler System for deploying OpenSUSE Leap Micro 5.5 +Download the installation media and use the same autoinstall file and options to configure a new Cobbler System for deploying openSUSE Leap Micro 5.5 ```shell cd ~/Downloads && wget https://slc-mirror.opensuse.org/distribution/leap-micro/5.5/product/iso/openSUSE-Leap-Micro-5.5-DVD-x86_64-Media.iso