From eb7514d781c0bab9de8a2371af6fb2007abebe49 Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Wed, 25 Nov 2015 15:12:32 -0800 Subject: [PATCH] pxe: Configure Vagrant PXE with config.rb --- README.md | 4 +- Vagrantfile | 81 --------------------------------- .gitignore => pxe/.gitignore | 0 pxe/Vagrantfile | 33 ++++++++++++++ pxe/config.rb | 12 +++++ {scripts => pxe/scripts}/pxe.sh | 25 +++++----- 6 files changed, 61 insertions(+), 94 deletions(-) delete mode 100644 Vagrantfile rename .gitignore => pxe/.gitignore (100%) create mode 100644 pxe/Vagrantfile create mode 100644 pxe/config.rb rename {scripts => pxe/scripts}/pxe.sh (55%) diff --git a/README.md b/README.md index 2f06e332..a915f253 100644 --- a/README.md +++ b/README.md @@ -23,13 +23,13 @@ Launch `virt-manager` to create a new virtual machine. When prompted, select Net If you see "Nothing" to boot, try force resetting the client VM. -Use SSH to connect to a client VM if booting and parsing the cloud-config succeeded. The CLIENT_IP will be visible in the virt-manager console. +Use SSH to connect to a client VM after boot and cloud-config succeed. The CLIENT_IP will be visible in the virt-manager console. ssh core@CLIENT_IP # requires ssh_authorized_keys entry in cloud-config ### Configuration -TODO +The Vagrantfile parses the `config.rb` file for several variables you can use to configure network settings. ### Reload diff --git a/Vagrantfile b/Vagrantfile deleted file mode 100644 index e6839693..00000000 --- a/Vagrantfile +++ /dev/null @@ -1,81 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -# All Vagrant configuration is done below. The "2" in Vagrant.configure -# configures the configuration version (we support older styles for -# backwards compatibility). Please don't change it unless you know what -# you're doing. -Vagrant.configure(2) do |config| - # The most common configuration options are documented and commented below. - # For a complete reference, please see the online documentation at - # https://docs.vagrantup.com. - - # Every Vagrant development environment requires a box. You can search for - # boxes at https://atlas.hashicorp.com/search. - config.vm.box = "fedora/23-cloud-base" - - # Disable automatic box update checking. If you disable this, then - # boxes will only be checked for updates when the user runs - # `vagrant box outdated`. This is not recommended. - # config.vm.box_check_update = false - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine. In the example below, - # accessing "localhost:8080" will access port 80 on the guest machine. - # config.vm.network "forwarded_port", guest: 80, host: 8080 - - # Create a private network, which allows host-only access to the machine - # using a specific IP. - - # Brdige Static IP address - config.vm.network "public_network", ip: "192.168.32.10", dev: "wlp3s0" - - # Create a public network, which generally matched to bridged network. - # Bridged networks make the machine appear as another physical device on - # your network. - # config.vm.network "public_network" - - config.vm.provider :libvirt do |libvirt| - libvirt.management_network_name = "vagrant-libvirt" - libvirt.management_network_address = "192.168.32.0/24" - end - - # Share an additional folder to the guest VM. The first argument is - # the path on the host to the actual folder. The second argument is - # the path on the guest to mount the folder. And the optional third - # argument is a set of non-required options. - # config.vm.synced_folder "../data", "/vagrant_data" - - # Provider-specific configuration so you can fine-tune various - # backing providers for Vagrant. These expose provider-specific options. - # Example for VirtualBox: - # - # config.vm.provider "virtualbox" do |vb| - # # Display the VirtualBox GUI when booting the machine - # vb.gui = true - # - # # Customize the amount of memory on the VM: - # vb.memory = "1024" - # end - # - # View the documentation for the provider you are using for more - # information on available options. - - # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies - # such as FTP and Heroku are also available. See the documentation at - # https://docs.vagrantup.com/v2/push/atlas.html for more information. - # config.push.define "atlas" do |push| - # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME" - # end - - # Provision a PXE Server - config.vm.provision :shell, :privileged => true, :path => "scripts/pxe.sh" - - # Enable provisioning with a shell script. Additional provisioners such as - # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the - # documentation for more information about their specific syntax and use. - # config.vm.provision "shell", inline: <<-SHELL - # sudo apt-get update - # sudo apt-get install -y apache2 - # SHELL -end diff --git a/.gitignore b/pxe/.gitignore similarity index 100% rename from .gitignore rename to pxe/.gitignore diff --git a/pxe/Vagrantfile b/pxe/Vagrantfile new file mode 100644 index 00000000..72bdbd36 --- /dev/null +++ b/pxe/Vagrantfile @@ -0,0 +1,33 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +require 'fileutils' + +CONFIG = File.join(File.dirname(__FILE__), "config.rb") + +if File.exist?(CONFIG) + require CONFIG +end + +Vagrant.configure(2) do |config| + config.vm.box = "fedora/23-cloud-base" + + # Create a public network with a static IP address + config.vm.network "public_network", ip: $pxe_server_ip, dev: "wlp3s0" + + # Provider Specific Configuration + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + libvirt.management_network_name = "vagrant-libvirt" + libvirt.management_network_address = $network_range + end + + # Provision a PXE Server + config.vm.provision :shell do |s| + s.privileged = true + s.path = "scripts/pxe.sh" + s.args = [$pxe_server_ip, $dhcp_range, $ssh_authorized_key] + end + +end diff --git a/pxe/config.rb b/pxe/config.rb new file mode 100644 index 00000000..7f284ec9 --- /dev/null +++ b/pxe/config.rb @@ -0,0 +1,12 @@ + +# Vagrant Network CIDR +$network_range="192.168.32.0/24" + +# PXE Server IP, must be from the network_range +$pxe_server_ip="192.168.32.10" + +# DHCP range dnsmasq should serve, must be a subset of network_range +$dhcp_range="192.168.32.2,192.168.32.254,12h" + +# SSH Authorized Key for client CoreOS instances +$ssh_authorized_key="AAAAB3NzaC1yc2EAAAADAQABAAACAQDp9dypy87zDQgoMm9tk9aKVNDXemN2bp+taQzY4I2BS74H850SjvxVqMHbTcZVi+gMmUev9DPo5xfDOeTPeaT5fnNaKTLNGLezGM0pjMtKWOrZSQqK2YywjT/VdnBvNG6zKHE/MgpexLdkqiPJGPSHhRB+rQ5JX1FL3Qpt9prD2tW8audLmZ6PorC8/HLIwgBIrlh8JFbVFYGEy4dFImz2eyTqNUxDhP2hx17Drvssy/D6HR4zehgP1MGJWOKGfFlE2xe+hy+S6fjkPK5Nc7MR0uqhCkJHpCfVFjbHyZsQK3oi30Afe9t/CdRfPgQW+daeA7yBd1d/56A8QEbRf7W8wO5/CaSBoomA3bufJwwtT50oQwi3r0+hapivvmlUo3WhXwFoPV/XLyQUNGMWKmOWEqqmREFpi/NVnfItU8CenowvDoly0FkreztO4bAAhMd0w4/bAUisRHlucXXifqFEZr5NUt0BIaZmjavbXDadajzhwbK5mWpijuLoiuYCsa+5pQjFVlZRo5f3F3dQ5nREgRSWJPkxzllHygdEeKqxcE4slZJwZbrBgV4OT2nwGjBpfHsbBKBZRM6eKOiDIOVf/hh4+9+GirHWKosv3HRKHH9TisfIFlZoxzxY6E87oPvlf+7rEwHhuaPUoThSXxB6JS9LiOcqxjgL1ltfapgLqQ== dghubble@gmail.com" \ No newline at end of file diff --git a/scripts/pxe.sh b/pxe/scripts/pxe.sh similarity index 55% rename from scripts/pxe.sh rename to pxe/scripts/pxe.sh index ff73fa33..36b699a7 100644 --- a/scripts/pxe.sh +++ b/pxe/scripts/pxe.sh @@ -1,15 +1,18 @@ #!/bin/bash -e -# Setup a minimal PXE Server +# Usage: Setup a minimal PXE Server +# ./pxe.sh IP DHCP_RANGE SSH_KEY +# ./pxe.sh "192.168.32.10" "192.168.32.2,192.168.32.254,12h" "AABC.... name" -# PXE Server IP should be the static IP set in the Vagrantfile. -export NODE_IP=192.168.32.10 +PXE_SERVER_IP=$1 +DHCP_RANGE=$2 +SSH_AUTHORIZED_KEYS=$3 # dnsmasq - your all in one DHCP, TFTP, and DNS dnf install -yq dnsmasq cp /etc/dnsmasq.conf /etc/dnsmasq.old cat << EOF > "/etc/dnsmasq.conf" -dhcp-range=192.168.32.2,192.168.32.254,12h +dhcp-range=$DHCP_RANGE dhcp-boot=pxelinux.0 enable-tftp tftp-root=/var/lib/tftpboot @@ -37,18 +40,19 @@ display boot.msg label coreos menu default kernel coreos_production_pxe.vmlinuz - append initrd=coreos_production_pxe_image.cpio.gz cloud-config-url=http://$NODE_IP/pxe-cloud-config.yml + append initrd=coreos_production_pxe_image.cpio.gz cloud-config-url=http://$PXE_SERVER_IP/pxe-cloud-config.yml EOF # TFTP ldlinux.c32 pxelinux.0 dnf install -yq syslinux -cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/pxelinux.0 -cp /usr/share/syslinux/ldlinux.c32 /var/lib/tftpboot/ldlinux.c32 +ln -s /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/pxelinux.0 +ln -s /usr/share/syslinux/ldlinux.c32 /var/lib/tftpboot/ldlinux.c32 # TFTP kernel image and options dnf install -yq wget wget -q -O /var/lib/tftpboot/coreos_production_pxe.vmlinuz http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz wget -q -O /var/lib/tftpboot/coreos_production_pxe_image.cpio.gz http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz +# Add cobbler_var_lib_t and tftpdir_rw_t SELinux context as appropriate restorecon -R /var/lib/tftpboot systemctl enable dnsmasq @@ -56,10 +60,9 @@ systemctl start dnsmasq # HTTP -# static HTTP server +# static cloud-config HTTP server dnf install -yq httpd -# TODO - this static config is exactly what we can improve upon cat << EOF > "/var/www/html/pxe-cloud-config.yml" #cloud-config coreos: @@ -69,10 +72,10 @@ coreos: - name: fleet.service command: start ssh_authorized_keys: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDp9dypy87zDQgoMm9tk9aKVNDXemN2bp+taQzY4I2BS74H850SjvxVqMHbTcZVi+gMmUev9DPo5xfDOeTPeaT5fnNaKTLNGLezGM0pjMtKWOrZSQqK2YywjT/VdnBvNG6zKHE/MgpexLdkqiPJGPSHhRB+rQ5JX1FL3Qpt9prD2tW8audLmZ6PorC8/HLIwgBIrlh8JFbVFYGEy4dFImz2eyTqNUxDhP2hx17Drvssy/D6HR4zehgP1MGJWOKGfFlE2xe+hy+S6fjkPK5Nc7MR0uqhCkJHpCfVFjbHyZsQK3oi30Afe9t/CdRfPgQW+daeA7yBd1d/56A8QEbRf7W8wO5/CaSBoomA3bufJwwtT50oQwi3r0+hapivvmlUo3WhXwFoPV/XLyQUNGMWKmOWEqqmREFpi/NVnfItU8CenowvDoly0FkreztO4bAAhMd0w4/bAUisRHlucXXifqFEZr5NUt0BIaZmjavbXDadajzhwbK5mWpijuLoiuYCsa+5pQjFVlZRo5f3F3dQ5nREgRSWJPkxzllHygdEeKqxcE4slZJwZbrBgV4OT2nwGjBpfHsbBKBZRM6eKOiDIOVf/hh4+9+GirHWKosv3HRKHH9TisfIFlZoxzxY6E87oPvlf+7rEwHhuaPUoThSXxB6JS9LiOcqxjgL1ltfapgLqQ== dghubble@gmail.com + - ssh-rsa $SSH_AUTHORIZED_KEYS EOF systemctl enable httpd systemctl start httpd -echo "Done" \ No newline at end of file +echo "Done"