[ovirt-users] Users Digest, Vol 37, Issue 201
Amedeo Salvati
amedeo at oscert.net
Sun Nov 2 09:16:02 EST 2014
Hi Jim,
I use ovirt template and freeipa for authentication, and on template i
put a simple script "setup-freeipa-client.sh" to run on first boot,
specifically for first boot I use cloud-init functions on ovirt, via web
UI or via python sdk, and with cloud-init you can pass **evethings** you
need -> new hostname, new ssh keys, new network configurations, new root
password, new content on configuration files, or simply executing a new
script.
If you are interested on cloud-init functions on python sdk have a look
on a simple script that i wrote for our disaster recovery automation
where on function buildYamlFile(line 124-137) by using cloud-init
execution program/script, I change our freeipa server (lines 132-136)
avoiding sssd timeout on contacting first two production freeipa server.
https://github.com/amedeos/ovirt-scripts-dr/blob/master/StartAllVM.py
HTH
Amedeo Salvati
Il 31/10/2014 20:01, users-request at ovirt.org ha scritto:
> Date: Fri, 31 Oct 2014 14:55:46 -0400
> From: Jim Kinney<jim.kinney at gmail.com>
> To:"users at ovirt.org" <users at ovirt.org>
> Subject: [ovirt-users] templates and freeipa
> Message-ID:
> <CAEo=5PwfhT=cvvahCuj4GsxkufD-UFUNbsN0q5Mi9ee76eg3ug at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Ovirt 3.5 is running well for me and I have freeIPA controlling access to
> the user portal. I would like to provide templates of various linux setups
> that all have freeipa for user authentication in the VM for my developers
> to be able to create a new VM from and then log in using their freeIPA
> access and sudo control. I'm wanting to group developers by project and use
> freeIPA to set sudo commands as needed (group A get oracle, group B get
> postgresql, etc). Wanting to maximize developer ability while minimizing my
> clean up time:-) They will be able to delete VMs they create.
>
> It's possible to do a kickstart deploy with freeIPA registration but a
> template from that will be a problem as it will have the same keys for all
> VMs.
>
> Is there a post-creation scripting process I can attach to in ovirt or
> should I look at a default root user and script that personalizes the new
> VM?
More information about the Users
mailing list