Hi Jim,
I use ovirt template and freeipa for authentication, and on template i
put a simple script "setup-freeipa-client.sh" to run on first boot,
specifically for first boot I use cloud-init functions on ovirt, via web
UI or via python sdk, and with cloud-init you can pass **evethings** you
need -> new hostname, new ssh keys, new network configurations, new root
password, new content on configuration files, or simply executing a new
script.
If you are interested on cloud-init functions on python sdk have a look
on a simple script that i wrote for our disaster recovery automation
where on function buildYamlFile(line 124-137) by using cloud-init
execution program/script, I change our freeipa server (lines 132-136)
avoiding sssd timeout on contacting first two production freeipa server.
https://github.com/amedeos/ovirt-scripts-dr/blob/master/StartAllVM.py
HTH
Amedeo Salvati
Il 31/10/2014 20:01, users-request(a)ovirt.org ha scritto:
Date: Fri, 31 Oct 2014 14:55:46 -0400
From: Jim Kinney<jim.kinney(a)gmail.com>
To:"users@ovirt.org" <users(a)ovirt.org>
Subject: [ovirt-users] templates and freeipa
Message-ID:
<CAEo=5PwfhT=cvvahCuj4GsxkufD-UFUNbsN0q5Mi9ee76eg3ug(a)mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Ovirt 3.5 is running well for me and I have freeIPA controlling access to
the user portal. I would like to provide templates of various linux setups
that all have freeipa for user authentication in the VM for my developers
to be able to create a new VM from and then log in using their freeIPA
access and sudo control. I'm wanting to group developers by project and use
freeIPA to set sudo commands as needed (group A get oracle, group B get
postgresql, etc). Wanting to maximize developer ability while minimizing my
clean up time:-) They will be able to delete VMs they create.
It's possible to do a kickstart deploy with freeIPA registration but a
template from that will be a problem as it will have the same keys for all
VMs.
Is there a post-creation scripting process I can attach to in ovirt or
should I look at a default root user and script that personalizes the new
VM?