pxe: Configure Vagrant PXE with config.rb

README.md

@@ -23,13 +23,13 @@ Launch `virt-manager` to create a new virtual machine. When prompted, select Net
 
 If you see "Nothing" to boot, try force resetting the client VM.
 
-Use SSH to connect to a client VM if booting and parsing the cloud-config succeeded. The CLIENT_IP will be visible in the virt-manager console.
+Use SSH to connect to a client VM after boot and cloud-config succeed. The CLIENT_IP will be visible in the virt-manager console.
 
     ssh core@CLIENT_IP  # requires ssh_authorized_keys entry in cloud-config
 
 ### Configuration
 
-TODO
+The Vagrantfile parses the `config.rb` file for several variables you can use to configure network settings.
 
 ### Reload
 

Vagrantfile

@@ -1,81 +0,0 @@
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-# All Vagrant configuration is done below. The "2" in Vagrant.configure
-# configures the configuration version (we support older styles for
-# backwards compatibility). Please don't change it unless you know what
-# you're doing.
-Vagrant.configure(2) do |config|
-  # The most common configuration options are documented and commented below.
-  # For a complete reference, please see the online documentation at
-  # https://docs.vagrantup.com.
-
-  # Every Vagrant development environment requires a box. You can search for
-  # boxes at https://atlas.hashicorp.com/search.
-  config.vm.box = "fedora/23-cloud-base"
-
-  # Disable automatic box update checking. If you disable this, then
-  # boxes will only be checked for updates when the user runs
-  # `vagrant box outdated`. This is not recommended.
-  # config.vm.box_check_update = false
-
-  # Create a forwarded port mapping which allows access to a specific port
-  # within the machine from a port on the host machine. In the example below,
-  # accessing "localhost:8080" will access port 80 on the guest machine.
-  # config.vm.network "forwarded_port", guest: 80, host: 8080
-
-  # Create a private network, which allows host-only access to the machine
-  # using a specific IP.
-
-  # Brdige Static IP address
-  config.vm.network "public_network", ip: "192.168.32.10", dev: "wlp3s0"
-
-  # Create a public network, which generally matched to bridged network.
-  # Bridged networks make the machine appear as another physical device on
-  # your network.
-  # config.vm.network "public_network"
-
-  config.vm.provider :libvirt do |libvirt|
-    libvirt.management_network_name = "vagrant-libvirt"
-    libvirt.management_network_address = "192.168.32.0/24"
-  end
-
-  # Share an additional folder to the guest VM. The first argument is
-  # the path on the host to the actual folder. The second argument is
-  # the path on the guest to mount the folder. And the optional third
-  # argument is a set of non-required options.
-  # config.vm.synced_folder "../data", "/vagrant_data"
-
-  # Provider-specific configuration so you can fine-tune various
-  # backing providers for Vagrant. These expose provider-specific options.
-  # Example for VirtualBox:
-  #
-  # config.vm.provider "virtualbox" do |vb|
-  #   # Display the VirtualBox GUI when booting the machine
-  #   vb.gui = true
-  #
-  #   # Customize the amount of memory on the VM:
-  #   vb.memory = "1024"
-  # end
-  #
-  # View the documentation for the provider you are using for more
-  # information on available options.
-
-  # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
-  # such as FTP and Heroku are also available. See the documentation at
-  # https://docs.vagrantup.com/v2/push/atlas.html for more information.
-  # config.push.define "atlas" do |push|
-  #   push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
-  # end
-
-  # Provision a PXE Server
-  config.vm.provision :shell, :privileged => true, :path => "scripts/pxe.sh"
-
-  # Enable provisioning with a shell script. Additional provisioners such as
-  # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
-  # documentation for more information about their specific syntax and use.
-  # config.vm.provision "shell", inline: <<-SHELL
-  #   sudo apt-get update
-  #   sudo apt-get install -y apache2
-  # SHELL
-end

pxe/Vagrantfile

@@ -0,0 +1,33 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+require 'fileutils'
+
+CONFIG = File.join(File.dirname(__FILE__), "config.rb")
+
+if File.exist?(CONFIG)
+  require CONFIG
+end
+
+Vagrant.configure(2) do |config|
+  config.vm.box = "fedora/23-cloud-base"
+
+  # Create a public network with a static IP address
+  config.vm.network "public_network", ip: $pxe_server_ip, dev: "wlp3s0"
+
+  # Provider Specific Configuration
+  config.vm.provider :libvirt do |libvirt|
+    libvirt.cpus = 1
+    libvirt.memory = 1024
+    libvirt.management_network_name = "vagrant-libvirt"
+    libvirt.management_network_address = $network_range
+  end
+
+  # Provision a PXE Server
+  config.vm.provision :shell do |s|
+    s.privileged = true
+    s.path = "scripts/pxe.sh"
+    s.args = [$pxe_server_ip, $dhcp_range, $ssh_authorized_key]
+  end
+
+end

pxe/config.rb

@@ -0,0 +1,12 @@
+
+# Vagrant Network CIDR
+$network_range="192.168.32.0/24"
+
+# PXE Server IP, must be from the network_range
+$pxe_server_ip="192.168.32.10"
+
+# DHCP range dnsmasq should serve, must be a subset of network_range
+$dhcp_range="192.168.32.2,192.168.32.254,12h"
+
+# SSH Authorized Key for client CoreOS instances
+$ssh_authorized_key="AAAAB3NzaC1yc2EAAAADAQABAAACAQDp9dypy87zDQgoMm9tk9aKVNDXemN2bp+taQzY4I2BS74H850SjvxVqMHbTcZVi+gMmUev9DPo5xfDOeTPeaT5fnNaKTLNGLezGM0pjMtKWOrZSQqK2YywjT/VdnBvNG6zKHE/MgpexLdkqiPJGPSHhRB+rQ5JX1FL3Qpt9prD2tW8audLmZ6PorC8/HLIwgBIrlh8JFbVFYGEy4dFImz2eyTqNUxDhP2hx17Drvssy/D6HR4zehgP1MGJWOKGfFlE2xe+hy+S6fjkPK5Nc7MR0uqhCkJHpCfVFjbHyZsQK3oi30Afe9t/CdRfPgQW+daeA7yBd1d/56A8QEbRf7W8wO5/CaSBoomA3bufJwwtT50oQwi3r0+hapivvmlUo3WhXwFoPV/XLyQUNGMWKmOWEqqmREFpi/NVnfItU8CenowvDoly0FkreztO4bAAhMd0w4/bAUisRHlucXXifqFEZr5NUt0BIaZmjavbXDadajzhwbK5mWpijuLoiuYCsa+5pQjFVlZRo5f3F3dQ5nREgRSWJPkxzllHygdEeKqxcE4slZJwZbrBgV4OT2nwGjBpfHsbBKBZRM6eKOiDIOVf/hh4+9+GirHWKosv3HRKHH9TisfIFlZoxzxY6E87oPvlf+7rEwHhuaPUoThSXxB6JS9LiOcqxjgL1ltfapgLqQ== dghubble@gmail.com"

pxe/scripts/pxe.sh

@@ -1,15 +1,18 @@
 #!/bin/bash -e
-# Setup a minimal PXE Server
+# Usage: Setup a minimal PXE Server
+# ./pxe.sh IP DHCP_RANGE SSH_KEY
+# ./pxe.sh "192.168.32.10" "192.168.32.2,192.168.32.254,12h" "AABC.... name"
 
-# PXE Server IP should be the static IP set in the Vagrantfile.
-export NODE_IP=192.168.32.10
+PXE_SERVER_IP=$1
+DHCP_RANGE=$2
+SSH_AUTHORIZED_KEYS=$3
 
 # dnsmasq - your all in one DHCP, TFTP, and DNS
 dnf install -yq dnsmasq
 
 cp /etc/dnsmasq.conf /etc/dnsmasq.old
 cat << EOF > "/etc/dnsmasq.conf"
-dhcp-range=192.168.32.2,192.168.32.254,12h
+dhcp-range=$DHCP_RANGE
 dhcp-boot=pxelinux.0
 enable-tftp
 tftp-root=/var/lib/tftpboot
@@ -37,18 +40,19 @@ display boot.msg
 label coreos
   menu default
   kernel coreos_production_pxe.vmlinuz
-  append initrd=coreos_production_pxe_image.cpio.gz cloud-config-url=http://$NODE_IP/pxe-cloud-config.yml
+  append initrd=coreos_production_pxe_image.cpio.gz cloud-config-url=http://$PXE_SERVER_IP/pxe-cloud-config.yml
 EOF
 
 # TFTP ldlinux.c32 pxelinux.0
 dnf install -yq syslinux
-cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/pxelinux.0
-cp /usr/share/syslinux/ldlinux.c32 /var/lib/tftpboot/ldlinux.c32
+ln -s /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/pxelinux.0
+ln -s /usr/share/syslinux/ldlinux.c32 /var/lib/tftpboot/ldlinux.c32
 
 # TFTP kernel image and options
 dnf install -yq wget
 wget -q -O /var/lib/tftpboot/coreos_production_pxe.vmlinuz http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz
 wget -q -O /var/lib/tftpboot/coreos_production_pxe_image.cpio.gz http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz
+# Add cobbler_var_lib_t and tftpdir_rw_t SELinux context as appropriate
 restorecon -R /var/lib/tftpboot
 
 systemctl enable dnsmasq
@@ -56,10 +60,9 @@ systemctl start dnsmasq
 
 # HTTP
 
-# static HTTP server
+# static cloud-config HTTP server
 dnf install -yq httpd
 
-# TODO - this static config is exactly what we can improve upon
 cat << EOF > "/var/www/html/pxe-cloud-config.yml"
 #cloud-config
 coreos:
@@ -69,10 +72,10 @@ coreos:
     - name: fleet.service
       command: start
 ssh_authorized_keys:
-    - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDp9dypy87zDQgoMm9tk9aKVNDXemN2bp+taQzY4I2BS74H850SjvxVqMHbTcZVi+gMmUev9DPo5xfDOeTPeaT5fnNaKTLNGLezGM0pjMtKWOrZSQqK2YywjT/VdnBvNG6zKHE/MgpexLdkqiPJGPSHhRB+rQ5JX1FL3Qpt9prD2tW8audLmZ6PorC8/HLIwgBIrlh8JFbVFYGEy4dFImz2eyTqNUxDhP2hx17Drvssy/D6HR4zehgP1MGJWOKGfFlE2xe+hy+S6fjkPK5Nc7MR0uqhCkJHpCfVFjbHyZsQK3oi30Afe9t/CdRfPgQW+daeA7yBd1d/56A8QEbRf7W8wO5/CaSBoomA3bufJwwtT50oQwi3r0+hapivvmlUo3WhXwFoPV/XLyQUNGMWKmOWEqqmREFpi/NVnfItU8CenowvDoly0FkreztO4bAAhMd0w4/bAUisRHlucXXifqFEZr5NUt0BIaZmjavbXDadajzhwbK5mWpijuLoiuYCsa+5pQjFVlZRo5f3F3dQ5nREgRSWJPkxzllHygdEeKqxcE4slZJwZbrBgV4OT2nwGjBpfHsbBKBZRM6eKOiDIOVf/hh4+9+GirHWKosv3HRKHH9TisfIFlZoxzxY6E87oPvlf+7rEwHhuaPUoThSXxB6JS9LiOcqxjgL1ltfapgLqQ== dghubble@gmail.com
+    - ssh-rsa $SSH_AUTHORIZED_KEYS
 EOF
 
 systemctl enable httpd
 systemctl start httpd
 
-echo "Done"
+echo "Done"