Install PostgreSQL

~# yum install postgresql postgresql-contrib

Install Oracle Spacewalk

~# yum install spacewalk-postgresql

Install utilities

~# yum install spacewalk-utils spacecmd

spacecmd allows you to administer Spacewalk from the command line. You can manage activation keys, configuration channels, Kickstarts, software channels, systems, and users.

spacewalk-common-channels allows you to configure the software channels, public yum repositories, GPG keys, and activation keys for Oracle Linux from the command line.

spacewalk-hostname-rename allows you to regenerate the SSL certificate if you change the system’s host name.

spacewalk-sync-setup allows you configure a master-slave relationship between two Spacewalk servers that you want to use in an Inter-Server Synchronization (ISS) configuration.

Firewall

~# firewall-cmd –permanent –add-service=http ; firewall-cmd –permanent –add-service=https

~# firewall-cmd –permanent –add-port=5222/tcp ; firewall-cmd –permanent –add-port=69/udp
~# firewall-cmd –reload

Rollout spacewalk configuration.

~# spacewalk-setup –disconnected

Configure

Software

Channels

ULN

Spacewalk contains a ULN plug-in for the spacewalk-repo-sync tool. The plug-in enables you to synchronize software channels without having to register the Spacewalk server with ULN.

To configure the ULN plug-in:

  1. Change the mode of /etc/rhn/spacewalk-repo-sync/uln.conf to 600 (read-write).
    # chmod 600 /etc/rhn/spacewalk-repo-sync/uln.conf
  2. Edit /etc/rhn/spacewalk-repo-sync/uln.conf and add your SSO login user name and password for ULN:
    [main] 
    username = ULN_SSO_username 
    password = ULN_SSO_password
  3. Change the mode of /etc/rhn/spacewalk-repo-sync/uln.conf to 400 (read-only).
    # chmod 400 /etc/rhn/spacewalk-repo-sync/uln.conf
Important

To protect your ULN credentials, verify that /etc/rhn/spacewalk-repo-sync/uln.conf is read-only (file mode 0400) by root.

When you have configured the ULN plug-in, you can use either the Spacewalk web interface, spacecmd, or spacewalk-common-channels to create the Spacewalk software channels, repositories, and activation keys.

Once the ULN plug-in is configured, you create the Spacewalk software channels and repositories in the normal way using the Spacewalk web interface. When you specify the URL for a ULN repository, use a URL in the following format:

uln:///<ULN channel label>

 

Note

The URL must contain three forward slash (/) characters. For example:

uln:///ol6_x86_64_latest

 

For example:

uln:///ol6_x86_64_latest

 

You can get a list of available ULN channel labels by logging in to ULN (https://linux.oracle.com) and selecting the Channels tab.

Repositories

Activation Keys

Kickstart

Distributions

Profiles

Systems

Install standalone system using spacewalk profile.

Sometimes we need to install a standalone system such as new hypervisor or bare metal server. In this case we can generate cobbler configuration manually running command like:

~# cobbler system add –name=tst-001 –hostname=tst-001.cluster –mac=08:00:27:70:FD:D5 –ip=172.12.13.13 –gateway=172.24.37.1 –name-servers=172.12.13.14 –profile=ovs-3-x86_64:1:Organisation –static=True

This system will not apear in spacewalk intil it fully provisioned. To list existing system run: ~# cobbler system list

Next step from here is to boot system from PXE or ISO

Snipets

Install OVS

OVS specific kickstart options

System->Kickstart->Profiles->OVS-blah-blah->Kickstart Details->Advanced Options

bootloader –location none –dom0_mem=569 –append=”rhgb quiet allowsuperpage selinux=0 audit=1″ –timeout=5 –iscrypted –password=grub.pbkdf2.sha512.10000.BLAH.BLAH #generated by

firewall –enabled –ssh –port=2049:tcp –port=5900-5950:tcp –port=8002:tcp –port=8003:tcp –port=8899:tcp –port=7777:tcp

custom options

eula Accepted
ovsagent –iscrypted $6$6Nt1CqDNa2. ## To generate new cluster password run ~# ovs-agent-passwd –encrypt
ovsmgmntif eth0

Enable xen interface socket

This need to talk to libvirtd to avoid this message:

libvirt: XML-RPC error : Failed to connect socket to ‘/var/run/libvirt/libvirt-sock-ro’: No such file or directory
Warning: Could not retrieve virtualization information!
libvirtd service needs to be running.

Install libvirt and koan

~# yum install libvirt python-virtinst spacewalk-koan

~# rhnreg_ks –serverUrl=https://spacewalk.server/XMLRPC –sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT –activationkey=1-ovm-34-latest –force

Compile virt-install source rpm for OVS

Thank you very much Oracle!

~# rpm -i python-virtinst-*

  • cd ~/rpmbuild/SPECS/  
  • rpmbuild -bp mypackage.spec  
  • cd ~/rpmbuild/BUILD/  
  • cp existing_directory existing_directory.orig  
  • cd existing_directory  
  • find the file you wish to change, modify it.  
  • cd ~/rpmbuild/BUILD/  
  • diff -Npru existing_directory.orig existing_directory > name_of_your_patch_file.patch  

  • cp name_of_your_patch_file.patch ~/rpmbuild/SOURCES/  
  • cd ~/rpmbuild/SPECS/  
  • edit the mypackage.spec file to add the definition of name_of_your_patch_file.patch and the application of your_patch_file — please look in the file to see how that is done.  
  • rpmbuild -ba mypackage.spec

Debug provisioning problems

~# virt-install –connect xen:/// –name tmp-tmp-1 –ram 1024 –vcpus 2 –uuid 5a4f2e35-c041-7074-63ae-c6ef0513bd9c –autostart –vnc –hvm –pxe –arch x86_64  –os-variant rhel7 –disk path=/var/lib/xen/images/tmp-tmp-1,size=16,format=raw –network bridge=virbr0,mac=00:16:3e:0d:00:f7 –wait 0 –noautoconsole

~# koan –server=172.12.13.3 –list=systems

~# koan –server=172.12.13.3 –virt –virt-name=tst-001:1:tmp-1 –profile=ol-7-x86_64-virt:1:Organisation –nogfx

Building Standalone ISO

The “cobbler buildiso –standalone” command will create an ISO image of a DVD which can be used to install the selected distribution. However, it does not include any additional repositories which you might have defined in the profiles – only the base distribution. This means that if you have an errata repository or additional packages from something like Red Hat MRG, those RPMs won’t make it into your installed system.

The $yum_repo_stanza is still expanded in the kickstart configuration file to list the applicable repositories with HTTP addresses, which means that if the system you’re installing has access to a web server hosting those repositories, then the install will proceed normally – but then why would you want a standalone ISO if you can reach the Cobbler server?

If your extra repositories are small enough to fit on the remaining space on the DVD after the distribution is copied, then with a few small changes you can create a DVD which includes both the distribution and the additional repositories, making it possible to install a system which is completely disconnected from the network.

First, run a standard buildiso, capturing the output to a file:

  • cobbler buildiso –standalone –distro=distribution_name –iso=/tmp/standalone.iso >/tmp/build.out 2>&1

The directory /var/cache/cobbler/buildiso holds the filesystem which is transferred to the ISO image, so we can customize this and recreate the ISO. In /var/cache/cobbler/buildiso/isolinux, you will find a list of “.cfg” files named after the profiles which are attached to the distribution you specified.

Edit each one, and look for the “repo” lines which define the extra repositories:

  • repo –name=ovs-3-x86_64 –baseurl=http://cobbler-server/ks/dist/child/ol6-ovs-x86_64/ovs-3-x86_64

First, change the “baseurl” to point to the install media, rather than a web server, by replacing the “http://cobbler-server” with “file:///mnt/source,” like so:

  • repo –name=ovs-3-x86_64 –baseurl=file:///mnt/source/cobbler/repo_mirror/ovs-3-x86_64/

The “/mnt/source” path is where the root directory of the install media is mounted during an Anaconda installation. Also, be sure to delete or comment out all of the “source-n” repos, since they are being made available from the media and will not be reachable via a URL during a standalone media-only install.

We then copy over the appropriate repositories to the buildiso directory:

  • mkdir -p /var/cache/cobbler/buildiso/cobbler/repo_mirror
  • cd /var/cache/cobbler/buildiso/cobbler/repo_mirror
  • cp -rp /var/www/cobbler/repo_mirror/ovs-3-x86_64 .

Next, check that each of the repositories you have copied contains a “config.repo” file in its top-level directory. This is used after the completion of the Cobbler installation to build a cobbler-config.repo file – the contents of each of these files will be pasted together once the system is installed. If your system will eventually be network-connected, you can use the web addresses of each of the repositories you’re copying into the ISO, or otherwise change the base URLs to suit the requirements of your environment. Perhaps you could copy an ISO image of the install DVD you’re about to create here to new system, and configure a loopback mount for it?

You will need to delete any checksum cache directories from the repositories if you’re copying them out of a mirror, as above, since otherwise the cache file names will overwhelm the Joliet file name conversion tables:

  • rm -rf /var/cache/cobbler/buildiso/cobbler/repo_mirror/*/cache

Since the distribution itself will probably take up a majority of the space available on a 4.7GB DVD, you should be selective as to which repositories you copy – only take the ones that are actually needed by the profiles listed in the isolinux directory. Or, if your hardware supports it, you can use a dual-layer DVD or a BluRay, and go nuts.

Next, execute the exact same “mkisofs” command which was used to create the original ISO image, which can be found in the /tmp/build.out file from your “cobbler buildiso” run. It will probably look like this:

  • mkisofs -o /tmp/standalone.iso -r -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -V Cobbler\ Install -R -J -T /var/cache/cobbler/buildiso

Once complete, you will have an ISO image which will install not only the distribution you selected, but also the additional packages from the supplemental repositories, eliminating the need for a network connection or web server during the installation – absolutely 100% standalone.

I grant that these instructions are Red Hat-centric since that’s what I have to work with, but if there are adjustments needed for Debian, Ubuntu, or other distributions, please feel free to update this page.

NOTE: As of October 2015, work is underway to incorporate this capability into Cobbler via a buildiso –airgapped option.

Example ISO build automation script:

#!/bin/bash
# Written 27/09/2016 by daniel@mashonkin.com

BUILDISO=”/var/cache/cobbler/buildiso”
ISODEST=”/tmp”

echo “Hello, “$USER”. This script will build standalone ISO to install”
echo “and register choosen system to local spacewalk database.”
echo “Please make sure you have cobbler repos configured prior run this script”

cobbler distro list

echo -n “Enter base distro and press [ENTER]: ”
read distro

echo “Building default ISO”
cobbler buildiso –standalone –distro=$distro –iso=$ISODEST/$distro.iso 1>/dev/null

echo “Customising for My Organisation”
sed -i ‘s/MENU TITLE Cobbler/MENU TITLE My Customised ISO/’ $BUILDISO/isolinux/isolinux.cfg

echo “Replacing network repo links with local.”
sed -i ‘s/–baseurl=.*.child\//–baseurl=file:\/\/\/mnt\/source\/cobbler\/repo_mirror\//;/repo/s:/[^/]*$::’ $BUILDISO/isolinux/ks-*.cfg

echo “Remove RHN dependencies download workaround.”
sed -i ‘/wget -P/d;/rpm -Uvh/d’ $BUILDISO/isolinux/ks-*.cfg

echo “Copying all local Cobbler repositories to $BUILDISO”
cobbler repo list
mkdir $BUILDISO/cobbler
cp -rp /var/www/cobbler/repo_mirror $BUILDISO/cobbler/
rm -rf $BUILDISO/cobbler/repo_mirror/*/cache

echo “Rebuilding ISO with our changes applied.”
mkisofs -o $ISODEST/$distro.iso -r -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -V Ezidebit\ Install -R -J -T $BUILDISO 1>/dev/null

Leave a Reply

Your email address will not be published. Required fields are marked *

Post Navigation