Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

README.openvz:

- added

scripts/ovz-install:
- processed --nobase and --ignoremissing
  • Loading branch information...
commit 85fc168ba2ea3dbf8433b5d1d82625400c1fa7e0 1 parent 4910854
@neverho0d neverho0d authored jimi-c committed
Showing with 124 additions and 35 deletions.
  1. +79 −0 README.openvz
  2. +45 −35 scripts/ovz-install
View
79 README.openvz
@@ -0,0 +1,79 @@
+Support for OpenVZ containers in Cobbler
+
+THIS FUNCTIONS CONSIDERED AS ALPHA STAGE FOR TESTING AND LIMITED UGAGE!
+USAGE IN PRODUCTION CAN BE DANGEROUS! YOU WARNED!
+
+Cobbler is amazing tool for deploying barebones and virtual machines and I think it is suitable for
+deploying OpenVZ containers too.
+
+Current support for OpenVZ is rather basic, but I think this functionality can reach level we have now for KVM.
+
+How to use it?
+
+Because OpenVZ container is in nature chrooted environment we use cobbler+koan to create this on OpenVZ-enabled node.
+For cobbler and koan in case of OpenVZ all operations is similar - we should define distros, kickstarts, profiles,
+systems and so on with some additions.
+Now we do all operations only for RHEL/CentOS6. It may be suitable for recent Fedoras, but we do nothing for other
+distributions.
+
+How it works?
+
+All options keeps on cobbler side as for other VMs.
+Besides of common options you can use openvz-specific ones by defining them as vz_ prefixed, low-cased variables
+from this list: KMEMSIZE, LOCKEDPAGES, PRIVVMPAGES, SHMPAGES, NUMPROC, VMGUARPAGES, OOMGUARPAGES, NUMTCPSOCK,
+NUMFLOCK, NUMPTY, NUMSIGINFO, TCPSNDBUF, TCPRCVBUF, OTHERSOCKBUF, DGRAMRCVBUF, NUMOTHERSOCK, DCACHESIZE, NUMFILE,
+AVNUMPROC, NUMIPTENT, DISKINODES, QUOTATIME, VE_ROOT, VE_PRIVATE, SWAPPAGES, ONBOOT (See ctid.conf(5) for meaning
+of this parameters).
+Because cobbler does not have a place to keep CTID you MUST use it in ks_meta (as you can see in example below)!
+We use it on cobbler-side to be able allocate them from one place.
+We turn off pxe-menu creation for openvz containers to not pollute this menu.
+
+For exapmle:
+ # cobbler profile add --name=vz01 --distro=CentOS6-x86_64 --kickstart=/your/kickstart.cfg \
+ --ks_meta="lang=ru_RU.UTF-8 keyb=ru vz_ctid=101 vz_swappages=0:2G vz_numproc=120:120" \
+ --repos="centos6-x86_64-os centos-x86_64-updates" \
+ --virt-type=openvz \
+ --virt-ram=1024 \
+ --virt-cpus=1
+
+ # cobbler system add --name=vz01 \
+ --profile=vz01 \
+ --virt-type=openvz \
+ --virt-ram=1024 \
+ --virt-cpus=1
+
+ # cobbler system edit --name=vz01 \
+ --hostname=vz01.example.com \
+ --interface=eth0 \
+ --mac=YOUR_MAC_HERE \
+ --static=1 \
+ --ip-address=YOUR_IP \
+ --subnet=MASK \
+ --gateway=GATEWAY_IP \
+ --name-servers=NAME_SERVERS_IPs
+
+On koan side:
+ # koan --server=COBBLER_IP --virt --system=vz01
+
+This will start installation process. ovz-install script will install all packages and groups listed in $packages
+section.
+As root for installation ovz-install will use /vz/private/$VEID (/vz/private/101 for example above), that can be
+overriden with vz_ve_private variable in ks_meta (eg. vz_ve_private=/some/path or vz_ve_private=/other/path/$VEID
+or vz_ve_private=/some/path/101 - $VEID will be replaced with CTID).
+After installation ovz-install will process "services" option from kickstart like it do anaconda and run post-installation
+script, defined in kickstart (only in chroot), so you can tune the container for your needs.
+At the end of process ovz-install process installed tree to be truly OpenVZ container - creates dev files, change init
+scripts etc.
+Created container started after that, so you should be able to log in to it with root and password you defined for root
+in kickstart file.
+
+
+Options for creating OpenVZ containers.
+You should set virt-type to "openvz" in profile or system to create OpenVZ container.
+--virt-file-size not used for now. We think we can use it for logical volume creation, or quoting
+ filesystem usage, or for creating containers in ploop-file.
+--virt-ram as for other VMs
+--virt-cpus as for other VMs
+--virt-path not used now. Container will be created in /vz/private/$VEID, where $VEID will be replaced by
+ openvz with CTID (container ID). Can be redefined by vz_ve_private variable you can place in ks_meta.
+--virt_bridge not used now.
View
80 scripts/ovz-install
@@ -36,9 +36,6 @@ KICKSTART="/tmp/$PROFILE_NAME-kickstart.cfg"
# get the kickstart
wget $KICKSTART_URL -q -O $KICKSTART
-# get the package list (with groups) from kickstart
-PKGS=`cat $KICKSTART| awk '/^\%packages/,/^\%post/{ print $0 }'|egrep -v '^#|^$|^%'`
-
# get the root password hash from kickstart
ROOTPW=`cat $KICKSTART| awk '/^rootpw/{ print $NF }'`
@@ -70,7 +67,16 @@ done
# temporary yum config
YUM_CONFIG="/tmp/$PROFILE_NAME-yum.cfg"
-echo -e "[main]\ncachedir=/var/cache/yum/\$basearch/\$releasever\nkeepcache=0\ndebuglevel=2\nlogfile=/var/log/yum.log\nexactarch=1\nobsoletes=1\ngpgcheck=0\nplugins=1\ndistroverpkg=centos-release\nreposdir=/dev/null\n\n" >$YUM_CONFIG
+echo -e "[main]\ncachedir=/var/cache/yum/\$basearch/\$releasever\nkeepcache=0\ndebuglevel=2\nlogfile=/var/log/yum.log\nexactarch=1\nobsoletes=1\ngpgcheck=0\nplugins=1\ndistroverpkg=centos-release\nreposdir=/dev/null\n" >$YUM_CONFIG
+echo -e "groupremove_leaf_only=1\ngroup_package_types=mandatory\ntsflags=nodocs\n" >>$YUM_CONFIG
+
+# --ignoremissing processing
+cat $KICKSTART| grep '\-\-ignoremissing'>/dev/null
+if [ $? -eq 0 ] ; then echo -e "skip_broken=1\n" >>$YUM_CONFIG ; fi
+
+# just new line
+echo >>$YUM_CONFIG
+
# base package set we get from kickstart's url option (this option used only for http/ftp install, that is in use by cobbler, if kickstart use other method we'll FAIL!!!)
BASE_REPO_URL=`cat $KICKSTART| grep ^url | sed 's/^url.*--url=//'`
# put in to our config
@@ -84,50 +90,56 @@ cat $KICKSTART | grep ^repo | \
done
# packages we don't need to install (but included in installed groups)
-EXCLUDED_PKGS="selinux-policy-targeted b43*"
+EXCLUDED_PKGS="selinux-policy-targeted kernel* *firmware* b43*"
# packages we want to be installed, besides of listed in kickstart
PKGS_LIST="vim-minimal ssh-clients openssh-server logrotate"
-# package groups to be installed
-GROUP_LIST=""
-
-# process package list, extract groups and excluded packages
-for line in $PKGS ; do
+# temporary yum script
+YUM_SCRIPT="/tmp/$PROFILE_NAME-yum.yum"
+cp /dev/null $YUM_SCRIPT
+(echo config assumeyes True
+echo config gpgcheck False
+echo install $PKGS_LIST
+) >>$YUM_SCRIPT
+
+if [ -n "$EXCLUDED_PKGS" ] ; then echo config exclude \"$EXCLUDED_PKGS\" >>$YUM_SCRIPT ; fi
+
+cat $KICKSTART| awk '/^\%packages/,/^\%post/{ print $0 }'|egrep -v '^#|^$|^%' | \
+while read line ; do
+ # if package name can start with '-' sign, that means we have to exclude it
+ ACTION="install"
+ IS_GROUP=""
+ echo $line|grep '^-'>/dev/null
+ if [ $? -eq 0 ] ; then
+ line=`echo $line|sed 's/^-//'`
+ ACTION="remove"
+ fi
echo $line|grep '^@' >/dev/null
# if name starts with @ - it's a group
if [ $? -eq 0 ] ; then
- GROUP_LIST="$GROUP_LIST `echo $line|sed 's/^@//'`"
- else
- # if package name can start with '-' sign, that means we have to exclude it
- echo $line|grep '^-'>/dev/null
- if [ $? -eq 0 ] ; then
- EXCLUDED_PKGS="$EXCLUDED_PKGS `echo $line|sed 's/^-//'`"
- else
- PKGS_LIST="$PKGS_LIST $line"
- fi
+ line=`echo $line|sed 's/^@//'`
+ IS_GROUP="group"
fi
+ line=`echo $line | sed 's/^\s*//'`
+ echo ${IS_GROUP}${ACTION} \"$line\" >>$YUM_SCRIPT
done
-#echo groups $GROUP_LIST
-#echo packages $PKGS_LIST
-#echo excludes $EXCLUDED_PKGS
-# clear the installation directory
-[ -d $ROOTDIR ] && rm -rf $ROOTDIR/*
+cat $KICKSTART| grep '\-\-nobase'>/dev/null
+if [ $? -eq 0 ] ; then echo groupremove base >>$YUM_SCRIPT ; fi
+echo run >>$YUM_SCRIPT
# install all packages in one pass by using yum shell
#### THIS IS LONG-RUNNING TASK! ######
echo Start installing packages
-yum shell --quiet --config=$YUM_CONFIG --installroot=$ROOTDIR >/dev/null 2>&1 <<EOD
-config assumeyes True
-config gpgcheck False
-config exclude $EXCLUDED_PKGS
-groupinstall $GROUP_LIST
-install $PKGS_LIST
-run
-EOD
+yum shell --quiet --config=$YUM_CONFIG --installroot=$ROOTDIR $YUM_SCRIPT
+## >/dev/null 2>&1
+
+# some optimization
+yum remove kernel kernel-firmware dracut dracut-kernel dracut-network fcoe-utils libdrm lldpad plymouth -y --quiet --config=$YUM_CONFIG --installroot=$ROOTDIR
echo Packages installed
+
# remove all *.repo files, cobbler will install it's own repo-file with needed repos
rm -f $ROOTDIR/etc/yum.repos.d/*.repo
@@ -164,7 +176,7 @@ sed -i -e 's/GSSAPIAuthentication\ yes/GSSAPIAuthentication\ no/g' $ROOTDIR/etc/
mkdir -p $ROOTDIR/etc/selinux
echo SELINUX=disabled>$ROOTDIR/etc/selinux/config
-# we use ! as the delimiter for sed, because $ROOTPW hash is full of garbage ;)
+# we use ! as the delimiter for sed, because $ROOTPW hash is full of weird signs ;)
sed -i -e "s!root:.:!root:$ROOTPW:!" $ROOTDIR/etc/shadow
# who needs it?!
@@ -192,7 +204,5 @@ done
chmod 1777 $ROOTDIR/tmp
chmod 1777 $ROOTDIR/var/tmp
-#tar --numeric-owner -czf /home/$PROFILE_NAME.tar.gz ./
-[ -f /home/$PROFILE_NAME.tar.gz ] && echo Container template created: /home/$PROFILE_NAME.tar.gz
echo All done
exit 0
Please sign in to comment.
Something went wrong with that request. Please try again.