generic/fedora-18-x86_64-cloud.ks generic/fedora-18-x86_64.ks
by Matthew Miller
generic/fedora-18-x86_64-cloud.ks | 1 -
generic/fedora-18-x86_64.ks | 1 -
2 files changed, 2 deletions(-)
New commits:
commit 03850951061272d47513b0fe65a0bcea59581576
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Fri Dec 14 16:03:30 2012 -0500
logrotate is pulled in by rsyslog (and cloud-init) so it's not necessary.
If we went to an all-journald world, neither would be needed, so leaving
this pulled in by the rsyslog dep seems best.
diff --git a/generic/fedora-18-x86_64-cloud.ks b/generic/fedora-18-x86_64-cloud.ks
index 9d0d51c..38ceed4 100644
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@ -52,7 +52,6 @@ firewalld
iptables-services
# cherry-pick a few things from @standard
-logrotate
tmpwatch
tar
rsync
diff --git a/generic/fedora-18-x86_64.ks b/generic/fedora-18-x86_64.ks
index 8df5184..92a84f0 100644
--- a/generic/fedora-18-x86_64.ks
+++ b/generic/fedora-18-x86_64.ks
@@ -46,7 +46,6 @@ firewalld
iptables-services
# cherry-pick a few things from @standard
-logrotate
tmpwatch
tar
rsync
11 years, 3 months
generic/fedora-18-x86_64-cloud.ks
by Matthew Miller
generic/fedora-18-x86_64-cloud.ks | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
New commits:
commit c506093cac633a5e6711feaf4be7f966f8d75f9b
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Fri Dec 14 15:49:39 2012 -0500
Add commented-out block toggling to root instead of ec2-user in case
we want to go that way.
diff --git a/generic/fedora-18-x86_64-cloud.ks b/generic/fedora-18-x86_64-cloud.ks
index 86ff68e..9d0d51c 100644
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@ -136,9 +136,14 @@ echo .
echo "Disabling tmpfs for /tmp."
systemctl mask tmp.mount
-# this is a kludge for an unexpected change in cloud-init. New
-# fedora package coming soon will make this unnecessary.
-sed -i '/system_info:/ a\ default_user: ec2-user' /etc/cloud/cloud.cfg
+# Uncomment this if you want to use cloud init but suppress the creation
+# of an "ec2-user" account. This will, in the absence of further config,
+# cause the ssh key from a metadata source to be put in the root account.
+#cat <<EOF > /etc/cloud/cloud.cfg.d/50_suppress_ec2-user_use_root.cfg
+#users: []
+#disable_root: 0
+#EOF
+
echo "Zeroing out empty space."
11 years, 3 months
generic/fedora-18-x86_64-cloud.ks generic/fedora-18-x86_64.ks generic/fedora-18-x86_64-minimal.ks
by Matthew Miller
generic/fedora-18-x86_64-cloud.ks | 10 ++++++----
generic/fedora-18-x86_64-minimal.ks | 3 ++-
generic/fedora-18-x86_64.ks | 4 +---
3 files changed, 9 insertions(+), 8 deletions(-)
New commits:
commit 6cce6706c8a479be891b415b2e76574244a50ad7
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Fri Dec 14 14:29:54 2012 -0500
Reduce list of firewalld deps cleaned from minimal; remove that cleaning from other kickstarts entirely.
The new pygobject3-base addresses the excessive dependencies problem of
firewalld (e.g., no more X11 or Wayland in minimal). Reduce the list of
clean-up in the ultra-minimal kickstart, and completely remove the fragile
and error-prone list from the other kickstarts (since having a few extra
things like ebtables and libselinux-python seems a lesser evil).
diff --git a/generic/fedora-18-x86_64-cloud.ks b/generic/fedora-18-x86_64-cloud.ks
index cd8b30a..86ff68e 100644
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@ -105,11 +105,8 @@ yum -C -y remove linux-firmware
# Remove firewalld; was supposed to be optional in F18, but is required to
# be present for install/image building.
-echo "Removing firewalld and dependencies"
+echo "Removing firewalld."
yum -C -y remove firewalld
-# These are all pulled in by firewalld (libselinux-python is too, but
-# is also required by cloud-init).
-yum -C -y remove cairo dbus-glib dbus-python ebtables fontconfig fontpackages-filesystem gobject-introspection js libdrm libpciaccess libpng libwayland-client libwayland-server libX11 libX11-common libXau libxcb libXdamage libXext libXfixes libXrender libXxf86vm mesa-libEGL mesa-libgbm mesa-libGL mesa-libglapi pixman polkit pycairo pygobject2 pygobject3 python-decorator python-slip python-slip-dbus
# Non-firewalld-firewall
echo -n "Writing static firewall"
@@ -139,6 +136,11 @@ echo .
echo "Disabling tmpfs for /tmp."
systemctl mask tmp.mount
+# this is a kludge for an unexpected change in cloud-init. New
+# fedora package coming soon will make this unnecessary.
+sed -i '/system_info:/ a\ default_user: ec2-user' /etc/cloud/cloud.cfg
+
+
echo "Zeroing out empty space."
# This forces the filesystem to reclaim space from deleted files
dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index d317b7e..044335d 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -31,6 +31,7 @@ part / --size 1024 --fstype ext4 --ondisk sda
# Repositories
repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-18&arch=$basearch
+#repo --name=fedora-updates --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-testing-f18&arch=$basearch
# Packag list.
@@ -112,7 +113,7 @@ yum -C -y remove linux-firmware
echo "Removing firewalld and dependencies"
yum -C -y remove firewalld
# These are all pulled in by firewalld
-yum -C -y remove cairo dbus-glib dbus-python ebtables fontconfig fontpackages-filesystem gobject-introspection js libdrm libpciaccess libpng libselinux-python libwayland-client libwayland-server libX11 libX11-common libXau libxcb libXdamage libXext libXfixes libXrender libXxf86vm mesa-libEGL mesa-libgbm mesa-libGL mesa-libglapi pixman polkit pycairo pygobject2 pygobject3 python-decorator python-slip python-slip-dbus
+yum -C -y remove cairo dbus-glib dbus-python ebtables gobject-introspection libselinux-python pygobject3-base python-slip python-slip-dbus
# Non-firewalld-firewall
echo -n "Writing static firewall"
diff --git a/generic/fedora-18-x86_64.ks b/generic/fedora-18-x86_64.ks
index a49ad26..8df5184 100644
--- a/generic/fedora-18-x86_64.ks
+++ b/generic/fedora-18-x86_64.ks
@@ -99,10 +99,8 @@ yum -C -y remove linux-firmware
# Remove firewalld; was supposed to be optional in F18, but is required to
# be present for install/image building.
-echo "Removing firewalld and dependencies"
+echo "Removing firewalld."
yum -C -y remove firewalld
-# These are all pulled in by firewalld
-yum -C -y remove cairo dbus-glib dbus-python ebtables fontconfig fontpackages-filesystem gobject-introspection js libdrm libpciaccess libpng libselinux-python libwayland-client libwayland-server libX11 libX11-common libXau libxcb libXdamage libXext libXfixes libXrender libXxf86vm mesa-libEGL mesa-libgbm mesa-libGL mesa-libglapi pixman polkit pycairo pygobject2 pygobject3 python-decorator python-slip python-slip-dbus
# Non-firewalld-firewall
echo -n "Writing static firewall"
11 years, 3 months
F18 & amis
by Robyn Bergeron
So. This subject.
Has anyone tried creating an AMI, tested out an available
F18-beta-or-rc-or-tc AMI that I am apparently oblivious to...
....or are we just 800% certain that everything will be hunky dory?
If not, what can we do to get that going?
-Robyn
11 years, 3 months
3 commits - generic/fedora-18-x86_64-minimal.ks
by Matthew Miller
generic/fedora-18-x86_64-minimal.ks | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
New commits:
commit 6453a6869b4f91412f49d3d1fba42ad341f08e74
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Dec 13 13:06:09 2012 -0500
no "set" in old grub config file syntax
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index b9508e3..82d4ea7 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -79,7 +79,7 @@ echo -n "Grub tweaks"
echo GRUB_TIMEOUT=0 > /etc/default/grub
sed -i 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub2/grub.cfg
-sed -i 's/^set timeout=5/set timeout=0/' /boot/grub/grub.conf
+sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
commit d0028e5f280dce411ecba707120229558efa460c
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Dec 13 13:04:54 2012 -0500
Revert "relatime" (this was redundant since it's the default)
This reverts commit 7e8b4ca4673a5386ee7a7890883379bd606595d3.
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index 8f339ef..b9508e3 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -71,7 +71,7 @@ iptables-services
echo -n "Writing fstab"
cat <<EOF > /etc/fstab
-LABEL=_/ / ext4 defaults,relatime 1 1
+LABEL=_/ / ext4 defaults 1 1
EOF
echo .
commit 10686a5fc802dbebb35ec69d38e69ea353f177fa
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Dec 13 13:03:31 2012 -0500
make old-style menu.lst/grub.conf for pv-grub in EC2 and Xen
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index c93832c..8f339ef 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -77,10 +77,15 @@ echo .
echo -n "Grub tweaks"
echo GRUB_TIMEOUT=0 > /etc/default/grub
-sed -ie 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
+sed -i 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
+sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub2/grub.cfg
+sed -i 's/^set timeout=5/set timeout=0/' /boot/grub/grub.conf
+# need to file a bug on this one
+sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
-
-# for EC2, need to figure out how to set up menu.list for pv-grub
+echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
+mv /boot/grub/grub.conf /boot/grub/menu.lst
+ln -s /boot/grub/menu.lst /etc/grub.conf
# setup systemd to boot to the right runlevel
11 years, 3 months
5 commits - generic/fedora-18-x86_64-minimal.ks
by Matthew Miller
generic/fedora-18-x86_64-minimal.ks | 58 +++++++++++++++++++++++++++---------
1 file changed, 45 insertions(+), 13 deletions(-)
New commits:
commit 7e8b4ca4673a5386ee7a7890883379bd606595d3
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Dec 13 10:23:43 2012 -0500
relatime
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index 9609d2d..c93832c 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -71,7 +71,7 @@ iptables-services
echo -n "Writing fstab"
cat <<EOF > /etc/fstab
-LABEL=_/ / ext4 defaults 1 1
+LABEL=_/ / ext4 defaults,relatime 1 1
EOF
echo .
commit f414d98bb75c04f413cbb7125aee32a404661210
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Dec 13 10:01:10 2012 -0500
echo some comments in the post script
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index db0b1ce..9609d2d 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -69,34 +69,44 @@ iptables-services
%post --erroronfail
+echo -n "Writing fstab"
cat <<EOF > /etc/fstab
LABEL=_/ / ext4 defaults 1 1
EOF
+echo .
-
-# grub tweaks
+echo -n "Grub tweaks"
echo GRUB_TIMEOUT=0 > /etc/default/grub
sed -ie 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
+echo .
# for EC2, need to figure out how to set up menu.list for pv-grub
+
# setup systemd to boot to the right runlevel
+echo -n "Setting default runlevel to multiuser text mode"
rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+echo .
# because we didn't install rsyslog, enable persistent journal
+echo -n "Enabling persistent journal"
mkdir /var/log/journal/
+echo .
# this is installed by default but we don't need it in virt
+echo "Removing linux-firmware package."
yum -C -y remove linux-firmware
# Remove firewalld; was supposed to be optional in F18, but is required to
# be present for install/image building.
+echo "Removing firewalld and dependencies"
yum -C -y remove firewalld
# These are all pulled in by firewalld
yum -C -y remove cairo dbus-glib dbus-python ebtables fontconfig fontpackages-filesystem gobject-introspection js libdrm libpciaccess libpng libselinux-python libwayland-client libwayland-server libX11 libX11-common libXau libxcb libXdamage libXext libXfixes libXrender libXxf86vm mesa-libEGL mesa-libgbm mesa-libGL mesa-libglapi pixman polkit pycairo pygobject2 pygobject3 python-decorator python-slip python-slip-dbus
# Non-firewalld-firewall
+echo -n "Writing static firewall"
cat <<EOF > /etc/sysconfig/iptables
# Simple static firewall loaded by iptables.service. Replace
# this with your own custom rules, run lokkit, or switch to
@@ -115,15 +125,19 @@ cat <<EOF > /etc/sysconfig/iptables
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
EOF
+echo .
# Because memory is scarce resource in most cloud/virt environments,
# and because this impedes forensics, we are differing from the Fedora
# default of having /tmp on tmpfs.
+echo "Disabling tmpfs for /tmp."
systemctl mask tmp.mount
+echo "Zeroing out empty space."
# This forces the filesystem to reclaim space from deleted files
dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
rm -f /var/tmp/zeros
+echo "(Don't worry -- that out-of-space error was expected.)"
%end
commit b3502d2e9da149691a5b985b960152de61c1cd62
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Dec 13 09:38:50 2012 -0500
tmp in disk instead of tmpfs
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index e2acef4..db0b1ce 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -116,6 +116,11 @@ cat <<EOF > /etc/sysconfig/iptables
COMMIT
EOF
+# Because memory is scarce resource in most cloud/virt environments,
+# and because this impedes forensics, we are differing from the Fedora
+# default of having /tmp on tmpfs.
+systemctl mask tmp.mount
+
# This forces the filesystem to reclaim space from deleted files
dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
rm -f /var/tmp/zeros
commit 7923fea15cd6e70109df9932491159629189f555
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Dec 13 08:52:57 2012 -0500
rootfs-resize doesn't work
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index e3e777d..e2acef4 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -22,8 +22,6 @@ network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables
-# Define how large you want your rootfs to be.
-# See root-resizefs below.
part biosboot --fstype=biosboot --size=1 --ondisk sda
part / --size 1024 --fstype ext4 --ondisk sda
@@ -48,10 +46,6 @@ firewalld
# security groups you can remove this.
iptables-services
-# Grows the filesystem to match the actual device size. You could instead
-# choose the final size above and remove this.
-rootfs-resize
-
# Some things from @core we can do without in a minimal install
-biosdevname
-plymouth
@@ -126,8 +120,5 @@ EOF
dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
rm -f /var/tmp/zeros
-# This is used by rootfs-resize
-touch /.rootfs-repartition
-
%end
commit e00949b300e88568d7c128013e85172cd9258f7e
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Dec 13 07:59:14 2012 -0500
add some notes (and rootfs-resize)
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index b760eb3..e3e777d 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -8,40 +8,58 @@
lang en_US.UTF-8
keyboard us
timezone --utc America/New_York
+
auth --useshadow --enablemd5
selinux --enforcing
+
# this is actually not used, but a static firewall
# matching these rules is generated below.
firewall --service=ssh --service=http --service=https
+
bootloader --timeout=0 --location=mbr --driveorder=sda
+
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables
-# Define how large you want your rootfs to be
+# Define how large you want your rootfs to be.
+# See root-resizefs below.
part biosboot --fstype=biosboot --size=1 --ondisk sda
part / --size 1024 --fstype ext4 --ondisk sda
# Repositories
repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-18&arch=$basearch
-# We start with @core, and then add a few more packages to make a nice
-# functional Fedora-like but still reasonably minimal cloud image.
+
+# Packag list.
+# "Obsessively minimal as we can reasonably get and still be Fedora."
%packages --nobase
@core
kernel
+
+# Not needed with pv-grub (as in EC2). Would be nice to have
+# something smaller for F19 (syslinux?), but this is what we have now.
grub2
+
+# Needed initially, but removed below.
firewalld
+
+# Basic firewall. If you're going to rely on your cloud service's
+# security groups you can remove this.
iptables-services
+# Grows the filesystem to match the actual device size. You could instead
+# choose the final size above and remove this.
+rootfs-resize
-# and, some things from @core we can do without in a minimal install
+# Some things from @core we can do without in a minimal install
-biosdevname
-plymouth
-NetworkManager
-polkit
-# ultra-minimal, in fact.
+# These are "leaf" packages which can be done without in an ultra-minimal
+# install, but which actually remove typical functionality
-e2fsprogs
-audit
-rsyslog
@@ -53,7 +71,8 @@ iptables-services
%end
-# Configuration
+
+
%post --erroronfail
cat <<EOF > /etc/fstab
@@ -77,10 +96,10 @@ mkdir /var/log/journal/
# this is installed by default but we don't need it in virt
yum -C -y remove linux-firmware
-# remove firewalld; was supposed to be optional in F18, but is required to
-# be present for image building.
+# Remove firewalld; was supposed to be optional in F18, but is required to
+# be present for install/image building.
yum -C -y remove firewalld
-#
+# These are all pulled in by firewalld
yum -C -y remove cairo dbus-glib dbus-python ebtables fontconfig fontpackages-filesystem gobject-introspection js libdrm libpciaccess libpng libselinux-python libwayland-client libwayland-server libX11 libX11-common libXau libxcb libXdamage libXext libXfixes libXrender libXxf86vm mesa-libEGL mesa-libgbm mesa-libGL mesa-libglapi pixman polkit pycairo pygobject2 pygobject3 python-decorator python-slip python-slip-dbus
# Non-firewalld-firewall
@@ -107,5 +126,8 @@ EOF
dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
rm -f /var/tmp/zeros
+# This is used by rootfs-resize
+touch /.rootfs-repartition
+
%end
11 years, 3 months
5 commits - generic/fedora-18-x86_64-cloud.ks generic/fedora-18-x86_64.ks generic/fedora-18-x86_64-minimal.ks
by Matthew Miller
generic/fedora-18-x86_64-cloud.ks | 8 --
generic/fedora-18-x86_64-minimal.ks | 111 ++++++++++++++++++++++++++++++++++++
generic/fedora-18-x86_64.ks | 8 --
3 files changed, 117 insertions(+), 10 deletions(-)
New commits:
commit cad2376ff3967ed53397140001804a879789fc86
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Wed Dec 12 20:12:36 2012 -0500
This is intended to be as obsessively minimal as we can reasonably
get and still be Fedora. It won't be the base of our default cloud image.
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
new file mode 100644
index 0000000..b760eb3
--- /dev/null
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -0,0 +1,111 @@
+# This is a basic Fedora 18 spin designed to work in OpenStack and other
+# private cloud environments. It's configured with cloud-init so it will
+# take advantage of ec2-compatible metadata services for provisioning
+# ssh keys. That also currently creates an ec2-user account; we'll probably
+# want to make that something generic by default. The root password is empty
+# by default.
+
+lang en_US.UTF-8
+keyboard us
+timezone --utc America/New_York
+auth --useshadow --enablemd5
+selinux --enforcing
+# this is actually not used, but a static firewall
+# matching these rules is generated below.
+firewall --service=ssh --service=http --service=https
+bootloader --timeout=0 --location=mbr --driveorder=sda
+network --bootproto=dhcp --device=eth0 --onboot=on
+services --enabled=network,sshd,rsyslog,iptables
+
+
+# Define how large you want your rootfs to be
+part biosboot --fstype=biosboot --size=1 --ondisk sda
+part / --size 1024 --fstype ext4 --ondisk sda
+
+# Repositories
+repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-18&arch=$basearch
+
+# We start with @core, and then add a few more packages to make a nice
+# functional Fedora-like but still reasonably minimal cloud image.
+%packages --nobase
+@core
+kernel
+grub2
+firewalld
+iptables-services
+
+
+# and, some things from @core we can do without in a minimal install
+-biosdevname
+-plymouth
+-NetworkManager
+-polkit
+
+# ultra-minimal, in fact.
+-e2fsprogs
+-audit
+-rsyslog
+-parted
+-openssh-clients
+-rootfiles
+-sendmail
+-sudo
+
+%end
+
+# Configuration
+%post --erroronfail
+
+cat <<EOF > /etc/fstab
+LABEL=_/ / ext4 defaults 1 1
+EOF
+
+
+# grub tweaks
+echo GRUB_TIMEOUT=0 > /etc/default/grub
+sed -ie 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
+
+# for EC2, need to figure out how to set up menu.list for pv-grub
+
+# setup systemd to boot to the right runlevel
+rm -f /etc/systemd/system/default.target
+ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+
+# because we didn't install rsyslog, enable persistent journal
+mkdir /var/log/journal/
+
+# this is installed by default but we don't need it in virt
+yum -C -y remove linux-firmware
+
+# remove firewalld; was supposed to be optional in F18, but is required to
+# be present for image building.
+yum -C -y remove firewalld
+#
+yum -C -y remove cairo dbus-glib dbus-python ebtables fontconfig fontpackages-filesystem gobject-introspection js libdrm libpciaccess libpng libselinux-python libwayland-client libwayland-server libX11 libX11-common libXau libxcb libXdamage libXext libXfixes libXrender libXxf86vm mesa-libEGL mesa-libgbm mesa-libGL mesa-libglapi pixman polkit pycairo pygobject2 pygobject3 python-decorator python-slip python-slip-dbus
+
+# Non-firewalld-firewall
+cat <<EOF > /etc/sysconfig/iptables
+# Simple static firewall loaded by iptables.service. Replace
+# this with your own custom rules, run lokkit, or switch to
+# shorewall or firewalld as your needs dictate.
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
+-A INPUT -p icmp -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -j ACCEPT
+-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 80 -j ACCEPT
+-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 443 -j ACCEPT
+-A INPUT -j REJECT --reject-with icmp-host-prohibited
+-A FORWARD -j REJECT --reject-with icmp-host-prohibited
+COMMIT
+EOF
+
+# This forces the filesystem to reclaim space from deleted files
+dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
+rm -f /var/tmp/zeros
+
+%end
+
commit f1529007ecc7ca129d8ae96c3b4bd47a2bd196c6
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Mon Nov 12 23:08:29 2012 -0500
go back to mirrorlist instead of hardcoded repo
diff --git a/generic/fedora-18-x86_64-cloud.ks b/generic/fedora-18-x86_64-cloud.ks
index cef6b13..72225ec 100644
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@ -21,9 +21,7 @@ part biosboot --fstype=biosboot --size=1 --ondisk sda
part / --size 4000 --fstype ext4 --ondisk sda
# Repositories
-#repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-18&arch=$basearch
-#temporarily hardcode because many mirrors don't have 0.7
-repo --name=fedoradev --baseurl=http://linux.seas.harvard.edu/fedora/linux/development/18/x86_64/os/
+repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-18&arch=$basearch
# We start with @core, and then add a few more packages to make a nice
# functional Fedora-like but still reasonably minimal cloud image.
diff --git a/generic/fedora-18-x86_64.ks b/generic/fedora-18-x86_64.ks
index a67db5d..dd0b1f7 100644
--- a/generic/fedora-18-x86_64.ks
+++ b/generic/fedora-18-x86_64.ks
@@ -18,9 +18,7 @@ part biosboot --fstype=biosboot --size=1 --ondisk sda
part / --size 4000 --fstype ext4 --ondisk sda
# Repositories
-#repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-18&arch=$basearch
-#temporarily hardcode because many mirrors don't have 0.7
-repo --name=fedoradev --baseurl=http://linux.seas.harvard.edu/fedora/linux/development/18/x86_64/os/
+repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-18&arch=$basearch
# We start with @core, and then add a few more packages to make a nice
# functional Fedora-like but still reasonably minimal cloud image.
commit d79eb2cd230e8c77468a95242f4d07189228d273
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Mon Nov 12 23:04:21 2012 -0500
man-db is now in @core anyway
diff --git a/generic/fedora-18-x86_64-cloud.ks b/generic/fedora-18-x86_64-cloud.ks
index 04ac166..cef6b13 100644
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@ -31,7 +31,6 @@ repo --name=fedoradev --baseurl=http://linux.seas.harvard.edu/fedora/linux/devel
@core
cloud-init
kernel
-man-db
grub2
# if we're not going to be installing firewalld, we need this
iptables-services
diff --git a/generic/fedora-18-x86_64.ks b/generic/fedora-18-x86_64.ks
index d93deab..a67db5d 100644
--- a/generic/fedora-18-x86_64.ks
+++ b/generic/fedora-18-x86_64.ks
@@ -27,7 +27,6 @@ repo --name=fedoradev --baseurl=http://linux.seas.harvard.edu/fedora/linux/devel
%packages --nobase
@core
kernel
-man-db
grub2
# if we're not going to be installing firewalld, we need this
iptables-services
commit eb4ce910f06a774fe02f85b3056fd1c92b77f3e3
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Mon Nov 12 23:03:28 2012 -0500
remove pciutils; no one could remember why it's there
diff --git a/generic/fedora-18-x86_64-cloud.ks b/generic/fedora-18-x86_64-cloud.ks
index 97fc6f7..04ac166 100644
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@ -30,7 +30,6 @@ repo --name=fedoradev --baseurl=http://linux.seas.harvard.edu/fedora/linux/devel
%packages --nobase
@core
cloud-init
-pciutils
kernel
man-db
grub2
diff --git a/generic/fedora-18-x86_64.ks b/generic/fedora-18-x86_64.ks
index ebf96ca..d93deab 100644
--- a/generic/fedora-18-x86_64.ks
+++ b/generic/fedora-18-x86_64.ks
@@ -26,7 +26,6 @@ repo --name=fedoradev --baseurl=http://linux.seas.harvard.edu/fedora/linux/devel
# functional Fedora-like but still reasonably minimal cloud image.
%packages --nobase
@core
-pciutils
kernel
man-db
grub2
commit a2012e2fbea0abe2f53337cf5c7d5b69976a52f7
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Mon Nov 12 22:54:59 2012 -0500
if we're not installing firewalld, we need iptables-services
diff --git a/generic/fedora-18-x86_64-cloud.ks b/generic/fedora-18-x86_64-cloud.ks
index 1d1b1c6..97fc6f7 100644
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@ -34,6 +34,8 @@ pciutils
kernel
man-db
grub2
+# if we're not going to be installing firewalld, we need this
+iptables-services
# and, some things from @core we can do without
-biosdevname
diff --git a/generic/fedora-18-x86_64.ks b/generic/fedora-18-x86_64.ks
index 2fb0699..ebf96ca 100644
--- a/generic/fedora-18-x86_64.ks
+++ b/generic/fedora-18-x86_64.ks
@@ -30,6 +30,8 @@ pciutils
kernel
man-db
grub2
+# if we're not going to be installing firewalld, we need this
+iptables-services
# and, some things from @core we can do without
-biosdevname
11 years, 3 months
floating ip get set on the wrong interface
by nux@li.nux.ro
Hi,
I've added a bunch of floating IPs to my setup, I did specify
"--interface=br0" in the command which is the bridge used by openstack,
however the IPs get allocated on eth0 instead, therefore they don't
work.
How can I force the floating IPs to get set on br0 instead?
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
11 years, 3 months