Re: [ovirt-users] Users Digest, Vol 37, Issue 201
Excellent! Many thanks. I was looking at cloud-init but haven't had the
study time to really dig into it. Your method makes perfect sense to me. I
never considered using the first boot process. That really is the key.
Many thanks!!
On Nov 2, 2014 9:16 AM, "Amedeo Salvati" <amedeo(a)oscert.net> wrote:
Hi Jim,
I use ovirt template and freeipa for authentication, and on template i put
a simple script "setup-freeipa-client.sh" to run on first boot,
specifically for first boot I use cloud-init functions on ovirt, via web UI
or via python sdk, and with cloud-init you can pass **evethings** you need
-> new hostname, new ssh keys, new network configurations, new root
password, new content on configuration files, or simply executing a new
script.
If you are interested on cloud-init functions on python sdk have a look on
a simple script that i wrote for our disaster recovery automation where on
function buildYamlFile(line 124-137) by using cloud-init execution
program/script, I change our freeipa server (lines 132-136) avoiding sssd
timeout on contacting first two production freeipa server.
https://github.com/amedeos/ovirt-scripts-dr/blob/master/StartAllVM.py
HTH
Amedeo Salvati
Il 31/10/2014 20:01, users-request(a)ovirt.org ha scritto:
> Date: Fri, 31 Oct 2014 14:55:46 -0400
> From: Jim Kinney<jim.kinney(a)gmail.com>
> To:"users@ovirt.org" <users(a)ovirt.org>
> Subject: [ovirt-users] templates and freeipa
> Message-ID:
> <CAEo=5PwfhT=cvvahCuj4GsxkufD-UFUNbsN0q5Mi9ee76eg3ug@mail.
> gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Ovirt 3.5 is running well for me and I have freeIPA controlling access to
> the user portal. I would like to provide templates of various linux setups
> that all have freeipa for user authentication in the VM for my developers
> to be able to create a new VM from and then log in using their freeIPA
> access and sudo control. I'm wanting to group developers by project and
> use
> freeIPA to set sudo commands as needed (group A get oracle, group B get
> postgresql, etc). Wanting to maximize developer ability while minimizing
> my
> clean up time:-) They will be able to delete VMs they create.
>
> It's possible to do a kickstart deploy with freeIPA registration but a
> template from that will be a problem as it will have the same keys for all
> VMs.
>
> Is there a post-creation scripting process I can attach to in ovirt or
> should I look at a default root user and script that personalizes the new
> VM?
>
Attachments:
- attachment.html (text/html — 3.4 KB)