legacy-wiki
Lab satellite test environment
Recovered from the older tannerjc.net wiki snapshot dated January 23, 2016.
Purpose
-
Immediate Build an infrastructure to test cross version satellite api scripts and export/imports.
-
Later Build a system to quickly deploy -infrastructures- with simple commands.
-
infradeploy –type=webserver –HA=yes –nodes=2
-
infradeploy –type=satellite –version=54 –clients=2
-
infradeploy –type=directoryserver –clients=4 –slaves=1
Add NAT to cobbler
- echo 1 /proc/sys/net/ipv4/ip_forward
- iptables -F
- iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE
- iptables –append FORWARD –in-interface eth1 -j ACCEPT
- service iptables save
- chkconfig iptables on
Add DNS records to cobbler
- https://fedorahosted.org/cobbler/wiki/ManageDns
- mkdir /etc/cobbler/zone_templates
- cp /etc/cobbler/zone.template /etc/cobbler/zone_templates/lab.net
- vim /etc/cobbler/zone_templates/lab.net
[root@cobbler ~]# cat /etc/cobbler/zone_templates/lab.net
\$TTL 300
@ IN SOA $cobbler_server. root.lab.net. (
$serial ; Serial
600 ; Refresh
1800 ; Retry
604800 ; Expire
300 ; TTL
)
NS $cobbler_server.
lab.net. 1H MX 10 cobbler
cobbler A 10.0.0.1
www CNAME cobbler
puppet CNAME cobbler
$host_record
- vim /etc/cobbler/named.template
[root@cobbler ~]# cat /etc/cobbler/named.template
options {
listen-on port 53 { 127.0.0.1; 10.0.0.1; };
directory /var/named;
dump-file /var/named/data/cache_dump.db;
statistics-file /var/named/data/named_stats.txt;
memstatistics-file /var/named/data/named_mem_stats.txt;
allow-query { localhost; 10.0.0.0/24; };
recursion yes;
};
logging {
channel default_debug {
file data/named.run;
severity dynamic;
};
};
#for $zone in $forward_zones
zone ${zone}. {
type master;
file $zone;
};
#end for
#for $zone, $arpa in $reverse_zones
zone ${arpa}. {
type master;
file $zone;
};
#end for
- cobbler sync
Add mail services
-
DNS
-
dig MX lab.net @cobbler.lab.net
-
Sendmail
-
yum install sendmail sendmail-mc
-
edit /etc/mail/sendmail.mc
-
edit /etc/mail/local-host-names
-
cd /etc/sendmail; make
-
service sendmail start
-
chkconfig sendmail on
-
Dovecot
-
yum install dovecot
-
protocols = imap pop3 lmtp
-
cd /etc/pki
-
make -C tls/certs/ dovecot.pem
-
cp tls/certs/dovecot.pem dovecot/certs/
-
cp tls/certs/dovecot.pem dovecot/private/
-
chkconfig dovecot on; service dovecot start
-
Squirrelmail
-
yum install php-common hunspell
-
Download php-mbstring from: https://rhn.redhat.com/rhn/software/packages/details/Overview.do?pid=571748
-
Download hunspell-en from: https://rhn.redhat.com/rhn/software/packages/details/Overview.do?pid=575839
-
rpm -ivh php-mbstring-5.3.2-6.el6.x86_64.rpm
-
rpm -ivh hunspell-en-0.20090216-7.1.el6.noarch.rpm
-
yum install squirrelmail
-
cd /usr/share/squirrelmail/config
-
./conf.pl
-
set server domain
-
vim /etc/httpd/conf.d/squirrelmail.conf
-
remove the last few lines that force https
-
service httpd restart
-
Users
-
adduser -s /sbin/nologin satadmin; passwd satadmin
-
Test client
[root@anamontest ~]# /usr/lib/sendmail -bv satadmin@lab.net
satadmin@lab.net... deliverable: mailer esmtp, host lab.net., user satadmin@lab.net
Add transparent proxy: WIP
http://www.faqs.org/docs/Linux-mini/TransparentProxy.html
- yum install squid
[root@cobbler ~]# diff /etc/squid/squid.conf.orig /etc/squid/squid.conf
12a13
acl labnet src 10.0.0.0/24
36c37
http_access allow manager localhost
---
http_access allow manager localhost labnet
-
service squid start; chkconfig squid on
-
iptables iptables -t nat -A PREROUTING -i eth1 -p tcp –dport 80 -j DNAT –to 10.0.0.1:3128 iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128 iptables -t nat -A PREROUTING -i eth1 -p tcp –dport 443 -j DNAT –to 10.0.0.1:3128 iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 443 -j REDIRECT –to-port 3128 service iptables save
Cobbler add rhel 5u5
- mount /dev/cdrom /mnt/dvd
- cobbler import –path=/mnt/dvd –name=rhel5u5 –arch=x86_64
- add key –skip to /var/lib/cobbler/kickstarts/sample.ks
Add sat52 system record
cobbler system add --name=string --profile=string [--mac=macaddress] [--ip=ipaddress] [--hostname=hostname] [--kopts=string]
[--ksmeta=string] [--kickstart=path] [--netboot-enabled=Y/N] [--server-override=string] [--gateway=string] [--dns-name=string]
[--static-routes=string] [--power-address=string] [--power-type=string] [--power-user=string] [--power-password=string]
[--power-id=string]
cobbler system add –profile=rhel5u5-x86_64 –name=sat52.lab.net –mac=52:54:00:5a:cc:19 –ip=10.0.0.52 –hostname=sat52.lab.net –dns-name=sat52.lab.net cobbler system edit –name=sat52.lab.net –interface=eth0 –ip=10.0.0.52 –subnet=255.255.255.0 –static=true –dns-name=sat52.lab.net –hostname=sat52.lab.net –gateway=10.0.0.1 –name-servers=10.0.0.1 cobbler sync
- install host
cobbler system edit –name=sat52.lab.net –netboot-enabled=false
Setup Sat 5.2
- mkdir /mnt/ISO
- 192.168.2.14:/mnt/1TB/redhat/ISO /mnt/ISO
- cp Satellite-5.2.0-RHEL5-re20081028.3-x86_64-embedded-oracle.iso /tmp/.
- mkdir /mnt/sat
- mount /tmp/Satellite-5.2.0-RHEL5-re20081028.3-x86_64-embedded-oracle.iso /mnt/sat
- yum install screen
- rpm –import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
- copy cert into /root/sat.cert
- cd /mnt/sat
- ./install.pl –skip-selinux-test –disconnected
Add sat54 system record
cobbler system add –profile=rhel5u5-x86_64 –name=sat54.lab.net –mac=52:54:00:5d:5b:4f –ip=10.0.0.54 –hostname=sat54.lab.net –dns-name=sat54.lab.net cobbler system edit –name=sat54.lab.net –interface=eth0 –ip=10.0.0.54 –subnet=255.255.255.0 –static=true –dns-name=sat54.lab.net –hostname=sat54.lab.net –gateway=10.0.0.1 –name-servers=10.0.0.1
- install host
cobbler system edit –name=sat54.lab.net –netboot-enabled=false
Setup Sat 5.4
- yum install screen
- mkdir /mnt/ISO
- mkdir /mnt/sat
- mount 192.168.2.14:/mnt/1TB/redhat/ISO /mnt/ISO/
- cp /mnt/ISO/sat54.cert /root/.
- cp /mnt/ISO/satellite-embedded-oracle-5.4.0-20101025-rhel-5-x86_64.iso /tmp/.
- mount -o loop /tmp/satellite-embedded-oracle-5.4.0-20101025-rhel-5-x86_64.iso /mnt/sat
- rpm –import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
- cd /mnt/sat
- ./install.pl –skip-selinux-test –disconnected
Create helper scripts
[root@cobbler perl]# pwd
/root/scripts/perl
[root@cobbler perl]# ls -al
total 28
drwxr-xr-x 2 root root 4096 Jan 7 23:21 .
drwxr-xr-x 3 root root 4096 Jan 7 21:47 ..
-rwxr-xr-x 1 root root 499 Jan 7 21:55 api.getversion
-rwxr-xr-x 1 root root 1858 Jan 7 23:14 channel.create
-rwxr-xr-x 1 root root 1476 Jan 7 23:21 channel.delete
-rwxr-xr-x 1 root root 907 Jan 7 22:23 channel.listAllChannels
-rw-r--r-- 1 root root 7 Jan 7 21:47 secretfile
Channels
- Create
[root@cobbler perl]# ./channel.create sat52 jt-rhel5-base
Creating channel
[root@cobbler perl]# for i in `seq 1 1000`; do ./channel.create sat52 jt-rhel5-child-$i jt-rhel5-base; done;
[root@cobbler perl]#
- Delete
[root@cobbler perl]# for i in `seq 1 1000`; do ./channel.delete sat52 jt-rhel5-child-$i jt-rhel5-base; done;
Building fake RPMs
- yum groupinstall Development tools
- yum install rhnpush
- yum install python-rpmfluff
- https://fedorahosted.org/rpmfluff/
- source+methods
[root@cobbler python]# cat rpmcreate2.py
#!/usr/bin/python
import rpmfluff
#foo = rpmfluff.SimpleRpmBuild(foo, 0.1, 1)
#foo.make()
for i in range(1,10):
packagename = foo + str(i)
#foo = rpmfluff.SimpleRpmBuild(foo, 0.1, 1)
print packagename
foo = rpmfluff.SimpleRpmBuild(packagename, 0.1, 1)
# Add a directive to create a directory
foo.create_parent_dirs(/tmp/files)
# Add a simple hello world file
foo.add_simple_payload_file()
# Define a file and it's contents
fakefile = rpmfluff.SourceFile('hello-wiki.txt', 'test test test \n')
# Add the file to the rpm
foo.add_installed_file(installPath = 'usr/share/doc/hello-wiki.txt',
sourceFile = fakefile,
mode=None,
createParentDirs=True,
subpackageSuffix=None,
isConfig=False,
isDoc=False,
isGhost=False)
# Build rpm
foo.make()
http://sourceforge.net/projects/rpmrebuild/files/rpmrebuild/2.8/