diff --git a/tools/appliance/definitions/systemvmtemplate/cleanup.sh b/tools/appliance/definitions/systemvmtemplate/cleanup.sh index 9c6a6256568..42d0fd64769 100644 --- a/tools/appliance/definitions/systemvmtemplate/cleanup.sh +++ b/tools/appliance/definitions/systemvmtemplate/cleanup.sh @@ -35,5 +35,3 @@ rm /lib/udev/rules.d/75-persistent-net-generator.rules echo "Adding a 2 sec delay to the interface up, to make the dhclient happy" echo "pre-up sleep 2" >> /etc/network/interfaces -#clean up stuff copied in by veewee -rm -f /root/* diff --git a/tools/appliance/definitions/systemvmtemplate/cloudstack-packages.sh b/tools/appliance/definitions/systemvmtemplate/cloudstack-packages.sh index 9870191859d..e5d04fa3cce 100644 --- a/tools/appliance/definitions/systemvmtemplate/cloudstack-packages.sh +++ b/tools/appliance/definitions/systemvmtemplate/cloudstack-packages.sh @@ -17,6 +17,7 @@ ROOTPW=password +HOSTNAME=systemvm CLOUDSTACK_RELEASE=4.2.0 @@ -25,7 +26,10 @@ install_packages() { DEBIAN_PRIORITY=critical #basic stuff - apt-get --no-install-recommends -q -y --force-yes install rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny netbase iptables openssh-server grub-legacy e2fsprogs dhcp3-client dnsmasq tcpdump socat wget python bzip2 sed gawk diff grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps monit inetutils-ping iputils-arping httping dnsutils zip unzip ethtool uuid file iproute acpid iptables-persistent virt-what sudo + apt-get --no-install-recommends -q -y --force-yes install rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny netbase iptables + apt-get --no-install-recommends -q -y --force-yes install openssh-server grub-legacy e2fsprogs dhcp3-client dnsmasq tcpdump socat wget + apt-get --no-install-recommends -q -y --force-yes install python bzip2 sed gawk diffutils grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps monit inetutils-ping iputils-arping httping + apt-get --no-install-recommends -q -y --force-yes install dnsutils zip unzip ethtool uuid file iproute acpid virt-what sudo #sysstat echo 'sysstat sysstat/enable boolean true' | debconf-set-selections @@ -38,22 +42,27 @@ install_packages() { apt-get --no-install-recommends -q -y --force-yes install dnsmasq #nfs client apt-get --no-install-recommends -q -y --force-yes install nfs-common + #vpn stuff apt-get --no-install-recommends -q -y --force-yes install xl2tpd bcrelay ppp ipsec-tools tdb-tools echo "openswan openswan/install_x509_certificate boolean false" | debconf-set-selections echo "openswan openswan/install_x509_certificate seen true" | debconf-set-selections - chroot . apt-get --no-install-recommends -q -y --force-yes install openswan + apt-get --no-install-recommends -q -y --force-yes install openswan + #vmware tools apt-get --no-install-recommends -q -y --force-yes install open-vm-tools #xenstore utils apt-get --no-install-recommends -q -y --force-yes install xenstore-utils libxenstore3.0 - #keepalived and conntrackd + #keepalived and conntrackd for redundant router apt-get --no-install-recommends -q -y --force-yes install keepalived conntrackd ipvsadm libnetfilter-conntrack3 libnl1 #ipcalc apt-get --no-install-recommends -q -y --force-yes install ipcalc #java apt-get --no-install-recommends -q -y --force-yes install default-jre-headless + echo "iptables-persistent iptables-persistent/autosave_v4 boolean true" | debconf-set-selections + echo "iptables-persistent iptables-persistent/autosave_v6 boolean true" | debconf-set-selections + apt-get --no-install-recommends -q -y --force-yes install iptables-persistent } accounts() { @@ -61,8 +70,10 @@ accounts() { groupadd -r admin #create a 'cloud' user useradd -G admin cloud - echo "root:password" | chpasswd - echo "cloud:password" | chpasswd + echo "root:$PASSWORD" | chpasswd + #FIXME: create random password for cloud + #FIXME: disable password auth in sshd (final step, after veewee is done) + #echo "cloud:password" | chpasswd sed -i -e '/Defaults\s\+env_reset/a Defaults\texempt_group=admin' /etc/sudoers sed -i -e 's/%admin ALL=(ALL) ALL/%admin ALL=NOPASSWD:ALL/g' /etc/sudoers @@ -71,14 +82,62 @@ accounts() { } +fix_nameserver() { + #replace /etc/resolv.conf also + cat > /etc/resolv.conf << EOF +nameserver 8.8.8.8 +nameserver 4.4.4.4 +EOF + +} + do_fixes() { #fix hostname in openssh-server generated keys - sed -i "s/root@\(.*\)$/root@systemvm/g" /etc/ssh/ssh_host_*.pub + sed -i "s/root@\(.*\)$/root@$HOSTNAME/g" /etc/ssh/ssh_host_*.pub + #fix hostname to override one provided by dhcp during vm build + echo "$HOSTNAME" > /etc/hostname + hostname $HOSTNAME + #delete entry in /etc/hosts derived from dhcp + sed -i '/127.0.1.1/d' /etc/hosts + + #fix_nameserver FIXME needed after veewee finishes +} + +configure_apache2() { + #enable ssl, rewrite and auth + a2enmod ssl rewrite auth_basic auth_digest + a2ensite default-ssl + #backup stock apache configuration since we may modify it in Secondary Storage VM + cp /etc/apache2/sites-available/default /etc/apache2/sites-available/default.orig + cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/default-ssl.orig +} + +services() { + mkdir -p /var/www/html + mkdir -p /opt/cloud/bin + mkdir -p /var/cache/cloud + mkdir -p /usr/share/cloud + mkdir -p /usr/local/cloud + mkdir -p /root/.ssh + #Fix haproxy directory issue + mkdir -p /var/lib/haproxy + + #FIXME: need a way to copy from git repo (perhaps wget from git-wip-us.apache.org?) + #/bin/cp -r ${scriptdir}/config/* ./ + chkconfig xl2tpd off + #chkconfig --add cloud-early-config + #chkconfig cloud-early-config on + #chkconfig --add cloud-passwd-srvr + #chkconfig cloud-passwd-srvr off + #chkconfig --add cloud + #chkconfig cloud off + chkconfig monit off } signature() { mkdir -p /var/cache/cloud/ touch /var/cache/cloud/cloud-scripts-signature + #FIXME: signature should be generated from scripts package that can get updated echo "Cloudstack Release $CLOUDSTACK_RELEASE $(date)" > /etc/cloudstack-release } @@ -87,4 +146,6 @@ install_packages echo "*************DONE INSTALLING PACKAGES********************" accounts do_fixes +configure_apache2 +services signature diff --git a/tools/appliance/definitions/systemvmtemplate/definition.rb b/tools/appliance/definitions/systemvmtemplate/definition.rb index 406f6131d5c..ec591ba7f3d 100644 --- a/tools/appliance/definitions/systemvmtemplate/definition.rb +++ b/tools/appliance/definitions/systemvmtemplate/definition.rb @@ -58,5 +58,5 @@ Veewee::Definition.declare({ "cleanup.sh", "zerodisk.sh" ], - :postinstall_timeout => "100000" + :postinstall_timeout => "10000" }) diff --git a/tools/appliance/definitions/systemvmtemplate/preseed.cfg b/tools/appliance/definitions/systemvmtemplate/preseed.cfg index a21fd8a362f..0643ce3329b 100644 --- a/tools/appliance/definitions/systemvmtemplate/preseed.cfg +++ b/tools/appliance/definitions/systemvmtemplate/preseed.cfg @@ -58,8 +58,8 @@ d-i netcfg/choose_interface select auto # Any hostname and domain names assigned from dhcp take precedence over # values set here. However, setting the values still prevents the questions # from being shown, even if values come from dhcp. -#d-i netcfg/get_hostname string vagrant -d-i netcfg/get_domain string vagrantup.com +d-i netcfg/get_hostname string systemvm +d-i netcfg/get_domain string cloudstack.org # Disable that annoying WEP key dialog. d-i netcfg/wireless_wep string @@ -137,7 +137,7 @@ d-i partman-auto-lvm/guided_size string max # - atomic: all files in one partition # - home: separate /home partition # - multi: separate /home, /usr, /var, and /tmp partitions -d-i partman-auto/choose_recipe select atomic +d-i partman-auto/choose_recipe select multi d-i partman/default_filesystem string ext3 # Or provide a recipe of your own... @@ -192,8 +192,8 @@ d-i passwd/root-login boolean true #d-i passwd/make-user boolean false # Root password, either in clear text -d-i passwd/root-password password vagrant -d-i passwd/root-password-again password vagrant +d-i passwd/root-password password password +d-i passwd/root-password-again password password # or encrypted using an MD5 hash. #d-i passwd/root-password-crypted password [MD5 hash] diff --git a/tools/appliance/definitions/systemvmtemplate/zerodisk.sh b/tools/appliance/definitions/systemvmtemplate/zerodisk.sh index 81850921dba..fef5b705572 100644 --- a/tools/appliance/definitions/systemvmtemplate/zerodisk.sh +++ b/tools/appliance/definitions/systemvmtemplate/zerodisk.sh @@ -15,6 +15,9 @@ # specific language governing permissions and limitations # under the License. +#clean up stuff copied in by veewee +rm -f /root/* + # Zero out the free space to save space in the final image: dd if=/dev/zero of=/EMPTY bs=1M rm -f /EMPTY