[ovirt-users] Users Digest, Vol 37, Issue 201
Jim Kinney
jim.kinney at gmail.com
Sun Nov 2 15:34:47 UTC 2014
Excellent! Many thanks. I was looking at cloud-init but haven't had the
study time to really dig into it. Your method makes perfect sense to me. I
never considered using the first boot process. That really is the key.
Many thanks!!
On Nov 2, 2014 9:16 AM, "Amedeo Salvati" <amedeo at oscert.net> wrote:
> Hi Jim,
>
> I use ovirt template and freeipa for authentication, and on template i put
> a simple script "setup-freeipa-client.sh" to run on first boot,
> specifically for first boot I use cloud-init functions on ovirt, via web UI
> or via python sdk, and with cloud-init you can pass **evethings** you need
> -> new hostname, new ssh keys, new network configurations, new root
> password, new content on configuration files, or simply executing a new
> script.
>
> If you are interested on cloud-init functions on python sdk have a look on
> a simple script that i wrote for our disaster recovery automation where on
> function buildYamlFile(line 124-137) by using cloud-init execution
> program/script, I change our freeipa server (lines 132-136) avoiding sssd
> timeout on contacting first two production freeipa server.
>
> https://github.com/amedeos/ovirt-scripts-dr/blob/master/StartAllVM.py
>
> HTH
> Amedeo Salvati
>
> Il 31/10/2014 20:01, users-request at ovirt.org ha scritto:
>
>> Date: Fri, 31 Oct 2014 14:55:46 -0400
>> From: Jim Kinney<jim.kinney at gmail.com>
>> To:"users at ovirt.org" <users at ovirt.org>
>> Subject: [ovirt-users] templates and freeipa
>> Message-ID:
>> <CAEo=5PwfhT=cvvahCuj4GsxkufD-UFUNbsN0q5Mi9ee76eg3ug at mail.
>> gmail.com>
>> Content-Type: text/plain; charset="utf-8"
>>
>> Ovirt 3.5 is running well for me and I have freeIPA controlling access to
>> the user portal. I would like to provide templates of various linux setups
>> that all have freeipa for user authentication in the VM for my developers
>> to be able to create a new VM from and then log in using their freeIPA
>> access and sudo control. I'm wanting to group developers by project and
>> use
>> freeIPA to set sudo commands as needed (group A get oracle, group B get
>> postgresql, etc). Wanting to maximize developer ability while minimizing
>> my
>> clean up time:-) They will be able to delete VMs they create.
>>
>> It's possible to do a kickstart deploy with freeIPA registration but a
>> template from that will be a problem as it will have the same keys for all
>> VMs.
>>
>> Is there a post-creation scripting process I can attach to in ovirt or
>> should I look at a default root user and script that personalizes the new
>> VM?
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20141102/a0b505ee/attachment-0001.html>
More information about the Users
mailing list