From Fedora Project Wiki

mNo edit summary
No edit summary
 
(27 intermediate revisions by 9 users not shown)
Line 1: Line 1:
= Kickstart - SOP =
{{header|infra}}


== Contact Information ==
{{admon/important|All SOPs have been moved to the Fedora Infrastructure [https://pagure.io/infra-docs/ SOP git repository]. Please consult the [https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/index.html online documentation] for the current version of this document.}}
Owner: Fedora Infrastructure Team


Contact: #fedora-admin, sysadmin-main
[[Category:Infrastructure SOPs]]
 
Location: Phoenix
 
Servers: puppet1 (stores kickstarts and install media)
 
Purpose: Provides our install infrastructure
 
== Description ==
 
We only have a handful of different kickstart scripts, those in a xen guest and the xen box itself.
 
== Introduction ==
 
Our kickstart infrastructure lives on the proxy servers and puppet1.  All install media and kickstart scripts are located on puppet1.  Because the RHEL binaries are not public we have these bits blocked.  You can add your bits to (from puppet1):
<pre>
configs/web/infrastructure.fedoraproject.org/infrastructure.conf
</pre>
 
== Physical Machine (dom0) ==
 
Xen Dom0 installs are far riskier then the DomU installs below.  This is because if an install goes bad, your options to rebuild it are somewhat limited.
 
=== Prep ===
This only works on an already booted box, many boxes at our colocations may have to be rebuilt by the people in those locations first.  Also make sure the IP you are about to boot to install from is allowed to our IP restricted infrastructure.fedoraproject.org as noted above (in Introduction).
 
Download the vmlinuz and initrd images.
 
<pre>
wget http://infrastructure.fedoraproject.org/rhel/RHEL5-x86_64/images/pxeboot/vmlinuz -O /boot/vmlinuz-install
wget http://infrastructure.fedoraproject.org/rhel/RHEL5-x86_64/images/pxeboot/initrd.img -O /boot/initrd-install.img
 
grubby --add-kernel=/boot/vmlinuz-install --args="ks=http://infrastructure.fedoraproject.org/rhel/ks/xen-host  method=http://infrastructure.fedoraproject.org/rhel/RHEL5-x86_64/ lang=en_US.UTF-8 devfs=nomount ksdevice=link selinux=0 ip=$IP gateway=$GATEWAY netmask=$NETMASK dns=$DNS" --title="install el5" --initrd=/boot/initrd-install.img
</pre>
{{Admon/note |  Unfortunately some of our boxes are configured differently in that they use hardware raid.  If this is the case for your particular machine (or if it has a different odd hard drive configuration) make sure you use http://infrastructure.fedoraproject.org/rhel/ks/xen-host-nohd as the ks script.  This will require you to VNC to the box and configure its drives.}}
 
Double and triple check your configuration settings (cat /boot/grub/menu.lst), especially your IP information.  In places like ServerBeach not all hosts have the same netmask or gateway.  Once everything is ready run:
 
<pre>
echo "savedefault --default=0 --once" | grub --batch
shutdown -r now
</pre>
 
=== Installation ===
Once the box logs you out, start pinging the IP address.  It will disappear and come back.  Once you can ping it again, try to open up a VNC session.  It can take a couple of minutes after the box is back up for it to actually allow vnc sessions.  The VNC password is in the kickstart script on puppet1: "grep vnc /mnt/fedora/app/fi-repo/rhel/ks/xen-host":
 
<pre>
vncviewer $IP:1
</pre>
 
If using the standard kickstart script, one can watch as the install completes itself, there should be no need to do anything.  If using the xen-host-nohd script, one will need to configure the drives.
 
=== Post Install ===
If all goes well, the vnc session will close, the box will reboot and come back up as the new host.  The default root password is also listed in the kickstart script, from puppet1: grep rootpw /mnt/fedora/app/fi-repo/rhel/ks/xen-host  Most physical machines are to be used as xen hosts, If that is the case with this host, just install puppet, update the box and follow the normal puppet instructions
 
== Virtual Machine (domU) ==
 
=== Prep ===
 
Almost all of our virtual machines run off of LVM.  Step 1 is to create the LVM partition you want.
 
<pre>
lvcreate -n $NEWHOST -L 15G VolGroup00
</pre>
 
{{Admon/note | Machines in PHX that are running on the netapp over iscsi are stored on volgroup xenGuests}}
 
=== Installation ===
 
Once the size of the new machine is set, we need to run the virtinstall.  As before ensure that the ip listed below has access to the infrastructure.fedoraproject.org site.  This can be tricky, normally the ip, route and netmask can be templated from the dom0.  This is not the case at server beach (see below for clarification)
 
<pre>
virt-install -p -n $NEWHOST -r 1024 -f /dev/VolGroup00/$NEWHOST --nographics -l http://infrastructure.fedoraproject.org/rhel/RHEL5-x86_64/ -x "ks=http://infrastructure.fedoraproject.org/rhel/ks/xen-guest-rhel ip=$IP netmask=255.255.255.0 gateway=$GATEWAY dns=$DNS1,$DNS2"
</pre>
 
Or in PHX:
<pre>
virt-install -p -n $NEWHOST -r 1024 -f /dev/xenGuests/$NEWHOST --nographics -l http://puppet1.fedora.phx.redhat.com/repo/rhel/RHEL5-x86_64/ -x "ks=http://puppet1.fedora.phx.redhat.com/repo/rhel/ks/xen-guest-rhel ip=$IP netmask=255.255.255.0 gateway=10.8.34.254 dns=10.8.4.90,10.8.4.100"
</pre>
 
This install should be completely non-interactive.
 
{{Admon/note | To install a different OS change the install source (like Fedora 8's install source)}}
 
=== Post Installation ===
 
The installation process is pretty simple, the post configuration may not be depending on if the box you've installed has a reverse DNS lookup.  Here's the checklist:
 
1. If this is a PHX box (and only in PHX) add the following lines to <code> /etc/hosts </code>:
 
<pre>
10.8.34.125    puppet.fedoraproject.org        puppet  puppet1 puppet1.fedora.phx.redhat.com
10.8.32.121    infrastructure.fedoraproject.org
</pre>
 
1. Ensure the hostname is set properly in <code> /etc/sysconfig/network </code> and <code> /etc/hosts </code>
 
1. Ensure the system is up to date and can contact its yum mirror <code> yum -y update </code>.
 
1. For an external box make sure <code> /etc/resolv.conf </code> contains <code> search vpn.fedoraproject.org fedoraproject.org </code> while internal hosts (in PHX) should contain <code> search fedora.phx.redhat.com </code>  (this should be scripted by the kickstart file! -matt)
 
== Puppetization ==
 
Once the box is booted (virtual or not) follow the steps in the [[Infrastructure/SOP/Puppet|  Puppet SOP]]  
 
== VPN ==
 
After puppet has done it's magic, set up the VPN. [[Infrastructure/SOP/OpenVPN|  OpenVPN]]
 
== FAS accounts ==
 
Run <code>fasClient -i</code> to get all the home directories populated.
 
== Server Beach ==
 
Server beach has some interesting network infrastructure as it relates to our ability to do virtualization.  Basically the dom0 is given an ip on one network as normal but the virtual hosts (when we request IP's) are given an address on a different network and one without a gateway.  The best bet is to make sure that you request at least one IP for the host to be a gateway.  This is a terrible waste of an IP but until a better method is found this will work.  Once you have your IP addresses all that is required is to create an aliased interface on the host with that IP. <code> /etc/sysconfig/network-scripts/ifcfg-eth0:1 </code>  A reboot later and you can treat this xen host as a normal xen host (with bridged networking and such)

Latest revision as of 12:00, 16 February 2017

All SOPs have been moved to the Fedora Infrastructure SOP git repository. Please consult the online documentation for the current version of this document.