| |
@@ -1,10 +1,20 @@
|
| |
- # Fedora Atomic is a cloud-focused spin implementing the Project
|
| |
- # Atomic patterns. Note that this replicates the same tree which can
|
| |
- # now be installed on bare metal.
|
| |
+ # Fedora Atomic Host is the Fedora version of the "Atomic Host" pattern
|
| |
+ # from [Project Atomic](http://www.projectatomic.io/).
|
| |
|
| |
- # This image allocates most space to an LVM-managed thin pool
|
| |
- # dedicated for Docker containers, and uses docker-storage-setup to
|
| |
- # dynamically resize storage on boot.
|
| |
+ # This kickstart is used for cloud/virt images, and uses cloud-init
|
| |
+ # to bootstrap authentication, just like Fedora Cloud Base. (Also note the
|
| |
+ # fedora-atomic-vagrant.ks kickstart inherits from this).
|
| |
+
|
| |
+ # One very important thing to understand is that this image contains the same
|
| |
+ # OSTree commit as will be used on bare metal installations - Fedora Atomic Host
|
| |
+ # also has an ISO. One difference though is that cloud-init isn't enabled for
|
| |
+ # bare metal. When processing this kickstart then, Anaconda isn't actually
|
| |
+ # installing packages - it's just replicating a "pre-assembled" tree from
|
| |
+ # rpm-ostree.
|
| |
+
|
| |
+ # Basically, the `ostreesetup` verb replaces the traditional `%packages`
|
| |
+ # section. For example, `rpm-ostree status` can show you the same checksum and
|
| |
+ # version from an ISO install and this cloud image - it's the same bits.
|
| |
|
| |
text # don't use cmdline -- https://github.com/rhinstaller/anaconda/issues/931
|
| |
lang en_US.UTF-8
|
| |
@@ -84,12 +94,9 @@
|
| |
NOZEROCONF=yes
|
| |
EOF
|
| |
|
| |
- # For cloud images, 'eth0' _is_ the predictable device name, since
|
| |
- # we don't want to be tied to specific virtual (!) hardware
|
| |
- rm -f /etc/udev/rules.d/70*
|
| |
- ln -s /dev/null /etc/udev/rules.d/80-net-setup-link.rules
|
| |
-
|
| |
- # simple eth0 config, again not hard-coded to the build hardware
|
| |
+ # Remove any persistent NIC rules generated by udev
|
| |
+ rm -vf /etc/udev/rules.d/*persistent-net*.rules
|
| |
+ # And ensure that we will do DHCP on eth0 on startup
|
| |
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
|
| |
DEVICE="eth0"
|
| |
BOOTPROTO="dhcp"
|
| |
@@ -98,24 +105,12 @@
|
| |
PERSISTENT_DHCLIENT="yes"
|
| |
EOF
|
| |
|
| |
- # generic localhost names
|
| |
- cat > /etc/hosts << EOF
|
| |
- 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
|
| |
- ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
|
| |
-
|
| |
- EOF
|
| |
- echo .
|
| |
-
|
| |
-
|
| |
# Because memory is scarce resource in most cloud/virt environments,
|
| |
# and because this impedes forensics, we are differing from the Fedora
|
| |
# default of having /tmp on tmpfs.
|
| |
echo "Disabling tmpfs for /tmp."
|
| |
systemctl mask tmp.mount
|
| |
|
| |
- # make sure firstboot doesn't start
|
| |
- echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
|
| |
-
|
| |
# Uncomment this if you want to use cloud init but suppress the creation
|
| |
# of an "ec2-user" account. This will, in the absence of further config,
|
| |
# cause the ssh key from a metadata source to be put in the root account.
|
| |
This bit was cargo culted from the old school Fedora Cloud image, but we have
also been using
net.ifnames=0
on the kernel command line, which ensures thatwe get
eth0
as "the" NIC name. (There's a huge amount of history behindthis and I'm not trying to change that behavior here)
The problem is that those udev rules do other things that we do want, such as
ensure that
veth
devices getNM_CONTROLLED=no
. Without that e.g.NetworkManager might try to do DHCP on those devices, which is at best slow
since they appear and disappear frequently, and at worst risks the host network
configuration.
For more information, see RH bz#1503347