fedora-kickstarts

Clone
Source Code
GIT

#905 Initial kickstart file for new Fedora Server VM image
Merged 2 years ago by kevin. Opened 2 years ago by pboy.
pboy/fedora-kickstarts main  into  main

file added
+196 
@@ -0,0 +1,196 @@ 
 

+ # fedora-server-vm-full.ks (rel. 1.0)
 

+ # Kickstart file to build a Fedora Server Edition VM disk image.
 

+ # The image aims to resemble as close as technically possible the
 

+ # full features of a Fedora Server Edition in a virtual machine.
 

+ #
 

+ # The image uses GPT partition type as of default in Fedora 37
 

+ #
 

+ # At first boot it opens a test based basic configuration screen.
 

+ #
 

+ # This kickstart file is designed to be used with ImageFactory (in Koji).
 

+ #
 

+ # To build the image locally, you need to install ImageFactory and
 

+ # various additional helpers and configuration files.
 

+ # See Fedora Server Edition user documentation tutorial.
 

+ 

+ 

+ # Use text mode install
 

+ text
 

+ 

+ # Keyboard layouts
 

+ keyboard 'us'
 

+ 

+ # System language
 

+ lang en_US.UTF-8
 

+ 

+ # System timezone
 

+ # set time zone to GMT (Etcetera/UTC)
 

+ timezone Etc/UTC --utc
 

+ 

+ 

+ # Root password
 

+ rootpw --iscrypted --lock locked
 

+ 

+ # SELinux configuration
 

+ selinux --enforcing
 

+ 

+ 

+ # System bootloader configuration
 

+ bootloader --location=mbr --timeout=1 --append="console=tty1 console=ttyS0,115200n8"
 

+ 

+ # Network information
 

+ network  --bootproto=dhcp --device=link --activate --onboot=on
 

+ 

+ # Firewall configuration
 

+ firewall --enabled --service=mdns
 

+ 

+ 

+ # System services
 

+ # message: error enabling initial-setup, initial-setup does not exist
 

+ services --enabled="sshd,NetworkManager,chronyd,initial-setup"
 

+ 

+ # Run the Setup Agent on first boot
 

+ firstboot --reconfig
 

+ 

+ # Partition Information. Use GPT by default (since Fedora 37)
 

+ # Resemble the Partitioning used for Fedora Server Install media
 

+ clearpart --all --initlabel --disklabel=gpt
 

+ part biosboot  --size=1    --fstype=biosboot
 

+ part /boot     --size=1000  --fstype=xfs --label=boot
 

+ part pv.007     --size=4000  --grow
 

+ volgroup  sysvg  pv.007
 

+ logvol / --vgname=sysvg --size=4000 --grow --maxsize=16000 --fstype=xfs --name=root --label=sysroot
 

+ 

+ 

+ # Include URLs for network installation dynamically, dependent from Fedora release
 

+ # and imagefactory runtime environment
 

+ %include fedora-repo.ks
 

+ 

+ # Shutdown after installation
 

+ shutdown
 

+ 

+ 

+ 

+ ##### begin package list #############################################
 

+ %packages --inst-langs=en
 

+ 

+ @server-product
 

+ @core
 

+ @headless-management
 

+ @standard
 

+ @networkmanager-submodules
 

+ ##@container-management
 

+ @domain-client
 

+ @guest-agents
 

+ 

+ # All arm-tools packages install on aarch64/armhfp only
 

+ # TODO: on a x86_64 devel environment are @arm-tools not available
 

+ # and cause a build error.
 

+ # @arm-tools
 

+ 

+ # Standard Fedora Package Groups
 

+ ## dracut-config-generic  ## included in =core=
 

+ glibc-all-langpacks
 

+ initial-setup
 

+ kernel-core
 

+ -dracut-config-rescue
 

+ -generic-release*
 

+ -initial-setup-gui
 

+ -kernel
 

+ -linux-firmware
 

+ -plymouth
 

+ # pulled in by @standard
 

+ -smartmontools
 

+ -smartmontools-selinux
 

+ 

+ %end
 

+ ##### end package list ###############################################
 

+ 

+ 

+ ##### begin kickstart post script ####################################
 

+ %post --erroronfail  --log=/root/anaconda-post-1.log
 

+ 

+ # Find the architecture we are on
 

+ arch=$(uname -m)
 

+ 

+ # Import RPM GPG key, during installation saved in /etc/pki
 

+ echo "Import RPM GPG key"
 

+ releasever=$(rpm --eval '%{fedora}')
 

+ basearch=$(uname -i)
 

+ rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$releasever-$basearch
 

+ 

+ # See the systemd-random-seed.service man page that says:
 

+ #   " It is recommended to remove the random seed from OS images intended
 

+ #     for replication on multiple systems"
 

+ # The newly installed instance should make it's own
 

+ echo "Removing random-seed so it's not the same in every image."
 

+ rm -f /var/lib/systemd/random-seed
 

+ 

+ # When we build the image a networking config file gets left behind.
 

+ # Let's clean it up.
 

+ echo "Cleanup leftover networking configuration"
 

+ rm -f /etc/NetworkManager/system-connections/*.nmconnection
 

+ 

+ # Truncate the /etc/resolv.conf left over from NetworkManager during the
 

+ # kickstart because the DNS server is environment specific.
 

+ truncate -s 0 /etc/resolv.conf
 

+ 

+ echo "Cleaning repodata to save space."
 

+ dnf clean all
 

+ 

+ # linux-firmware is installed by default and is quite large. As of mid 2020:
 

+ #   Total download size: 97 M
 

+ #   Installed size: 268 M
 

+ # Not needed in virtual environment.
 

+ echo "Removing linux-firmware package."
 

+ rpm -e linux-firmware
 

+ 

+ # Will ever anybody see this?
 

+ echo "Packages within this disk image"
 

+ rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn
 

+ 

+ # Note that running rpm recreates the rpm db files which aren't needed or wanted
 

+ rm -f /var/lib/rpm/__db*
 

+ 

+ 

+ # Do we need a serial terminal with a VM?
 

+ if [[ $arch == "aarch64" ]] || [[ $arch == "armv7l" ]]; then
 

+  # Anaconda adds console=tty0 to the grub boot line on all images. this is problematic
 

+  # when you are using fedora via serial console as you do not get any output post grub
 

+  # linux does a good job of knowing what consoles need to be enabled.
 

+  # https://bugzilla.redhat.com/show_bug.cgi?id=2022757
 

+  sed -i -e 's|console=tty0||g' /boot/loader/entries/*conf
 

+ fi
 

+ 

+ 

+ # Remove machine-id on pre generated images
 

+ rm -f /etc/machine-id
 

+ touch /etc/machine-id
 

+ 

+ %end
 

+ ##### end kickstart post script #####################################
 

+ 

+ 

+ ##### begin custom post script (after base) #########################
 

+ %post
 

+ 

+ echo "Zeroing out empty space."
 

+ # Create zeros file with nodatacow and no compression
 

+ touch /var/tmp/zeros
 

+ chattr +C /var/tmp/zeros
 

+ # This forces the filesystem to reclaim space from deleted files
 

+ dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
 

+ echo "(Don't worry -- that out-of-space error was expected.)"
 

+ # Force sync to disk
 

+ sync /
 

+ rm -f /var/tmp/zeros
 

+ sync /
 

+ 

+ # setup systemd to boot to the right runlevel
 

+ echo -n "Setting default runlevel to multiuser text mode"
 

+ rm -f /etc/systemd/system/default.target
 

+ ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
 

+ echo .
 

+ 

+ %end
 

+ ##### end custom post script ########################################

Kickstart file for new Fedora Server VM image to bi included in F37.
see:
Change proposal: https://fedoraproject.org/wiki/Changes/Supplement-server-by-kvm-vm-image
Fesco issue: https://pagure.io/fesco/issue/2807

That's my first technical contribution besides all my documentation writing, so please email me information about the steps I've to do next (pboy@uni-bremen.de).

This should use includes, we already have a fedora-disk-server.ks so it probably makes sense to have a fedora-server-common.ks and de-dupe between that and your addition so we have consistency. See the workstation for an example here in the repo.

This should use includes, we already have a fedora-disk-server.ks ...

Very much agreed. We have 2 ks files for disk distributable, 1 ks for aarch64 installation image (on hardware) und now this one. We must ensure that those variants are as identical as possible in terms of feature set and system properties.

There are some installation groups and a ks-file to include already here. But these currently don't separate hardware items from system software and applications, as an example. The installation groups as well as the existing server ks files need to get reviewed and then systematised and more appropriately modularised.

I included as much as currently possible without touching any existing file.

My reasoning here:
(a)
It's my first contribution and I want to be very cautions not to affect anything else. So the "minimal invasive" change without touching anything else.
(b)
I started getting involved in the Server WG at the beginning of last year. So I am a "newbe" in this field. Our plans are to start a review of the distibution media at the end of the year (after completing the currently ongoing review of our technical specs and quality and test criteria).

Please, I would like to know how the further procedure is planned, so that the server VM is published as decided with release 37?

Well you've not updated to use includes for one.

What is wrong with my explanation why it is not useful / possible without serious changes to other Kickstart files and why I didn't it in the short range for F37?

And for two?

Well, in the meantime I found out that I need at least an '%include fedora-repos.ks'.

Please, wait with the PR until a new commit.

1 new commit added

  • Added missing fedora-repo include.
2 years ago

Kickstart file is now ready to get published and used - from my POV

Is this intended to be in a # comment?

I agree with Peter it would be nice to deduplicate things, but I understand you don't want to touch other files yet...

The name seems a bit confusing to me... what does 'full' mean here? perhaps it should just be 'fedora-server-vm.ks' ?

One line seemed like it should have been commented? (see above).

Did you test this any? does it produce a working image?

I agree, too, that we should deduplicate things. And it's not just dedup, but we need to sort out slight differences between the netboot and the DVD version. So, it is really quite urgent, but it takes some time to get it done. So I would like to start with a fresh rawhide state, so we have some time to get it straight.

So I hope it is acceptable to have a bit of dup here. And if I look at some other Kickstarts, i think this here is a minor prob.

The "full" means full set of features. May be, we'll develop a minimal feature set, as well. But only a small group can recognize that at the moment, so it's better to leave it out now.

I tested that locally, and it works fine in my F35 devel environment.

Can you fix line 149? Then we can merge it and improve from there...

@humaton can you merge this when line 149 is fixed? (or I guess we can merge and fix it from there) and add it to pungi?

A link to the docs here would be great

Should be a comment too

I tested that locally, and it works fine in my F35 devel environment.

You should be testing this against the release you're aiming for, a lot changes between a single release let alone two.

Fixed the missing '#'

1 new commit added

  • Fixed missing # signs
2 years ago

tested that locally, and it works fine in my F35 devel environment.

You should be testing this against the release you're aiming for, a lot changes between a single release let alone two.

I would like to do that andI did. The current F36/37 version of ImageFactory starts a VM using machine type pc-i440fx and firmware UEFI. So you can't use the current Fedora ImageFactory to build and test a BIOS image locally. I couldn't find a configuration option, and nobody I asked knew a solution. But koji can, otherwise all the images would not get built.

As an alternative, I could use UEFI for the image, which I could (and did) test locally in a F37 and F36 environment and which works and can be built without any problems. But every Instantiation of a VM would need additional options. KVM/libvirt uses pc-q35 and firmware BIOS by default.

The images should probably have dual BIOS/UEFI support like most of what we produce. There should be something doing that in the other kickstarts.
Edited 2 years ago by siosm

The images should probably have dual BIOS/UEFI support ...

Yes, I have a version ready that does just that. But on my local ImageFactory in sometimes builds and the next time not, without any modification of the kickstart file. And the initial screen looks really awful. I'm currently evaluating what happens in detail.

Any news here?

@humaton you were going to make a pungi-fedora PR to start making this (after we merge this obviously)?

@humaton had other duties and have not had time to look at this yet
@kevin remarks it would be good to have it in before the RC (in todays Releng meeting 2022-08-30)

Hi, @pboy

we have the pungi config changes ready to merge once the kickstart lands. https://pagure.io/pungi-fedora/pull-request/1123

rebased onto b26c708
2 years ago

ok, lets merge this now to get it into RC5....

Pull-Request has been merged by kevin
2 years ago
Metadata
None
No Tags
Changes Summary 1
+196
file added
fedora-server-vm-full.ks
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.