etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-10013: Migrate systemvmtemplate to Debian9 

SystemVM changes to work on Debian 9
- Migrate away from chkconfig to systemctl
- Remove xenstore-utils override deb pkg
- Fix runlevel in sysv scripts for systemd

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This commit is contained in:
Rohit Yadav 2017-07-23 18:01:35 +02:00
parent a7b233c5dc
commit 78bb74188d
21 changed files with 267 additions and 815 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

577
systemvm/patches/debian/buildsystemvm.sh
View File

@ -1,577 +0,0 @@
#!/bin/bash
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
echo "####################################################"
echo " Note there is a new systemvm build script based on "
echo " Veewee(Vagrant) under tools/appliance."
echo "####################################################"
set -e
set -x
IMAGENAME=systemvm
LOCATION=/var/lib/images/systemvm
PASSWORD=password
#APT_PROXY=192.168.1.115:3142/
APT_PROXY=
HOSTNAME=systemvm
SIZE=2000
DEBIAN_MIRROR=ftp.us.debian.org/debian
MINIMIZE=true
CLOUDSTACK_RELEASE=4.0
offset=4096
baseimage() {
mkdir -p $LOCATION
#dd if=/dev/zero of=$IMAGELOC bs=1M count=$SIZE
dd if=/dev/zero of=$IMAGELOC bs=1M seek=$((SIZE - 1)) count=1
loopdev=$(losetup -f)
losetup $loopdev $IMAGELOC
parted $loopdev -s 'mklabel msdos'
parted $loopdev -s 'mkpart primary ext3 4096B -1'
sleep 2
losetup -d $loopdev
loopdev=$(losetup --show -o $offset -f $IMAGELOC )
mkfs.ext3 -L ROOT $loopdev
mkdir -p $MOUNTPOINT
tune2fs -c 100 -i 0 $loopdev
sleep 2
losetup -d $loopdev
mount -o loop,offset=$offset $IMAGELOC $MOUNTPOINT
#debootstrap --variant=minbase --keyring=/usr/share/keyrings/debian-archive-keyring.gpg wheezy $MOUNTPOINT http://${APT_PROXY}${DEBIAN_MIRROR}
debootstrap --variant=minbase --arch=i386 wheezy $MOUNTPOINT http://${APT_PROXY}${DEBIAN_MIRROR}
}
fixapt() {
if [ "$APT_PROXY" != "" ]; then
cat >> etc/apt/apt.conf.d/01proxy << EOF
Acquire::http::Proxy "http://${APT_PROXY}";
EOF
fi
cat > etc/apt/sources.list << EOF
deb http://http.debian.net/debian/ wheezy main contrib non-free
deb-src http://http.debian.net/debian/ wheezy main contrib non-free
deb http://security.debian.org/ wheezy/updates main
deb-src http://security.debian.org/ wheezy/updates main
deb http://http.debian.net/debian/ wheezy-backports main
deb-src http://http.debian.net/debian/ wheezy-backports main
EOF
cat >> etc/apt/apt.conf << EOF
APT::Default-Release "stable";
EOF
cat >> etc/apt/preferences << EOF
Package: *
Pin: release o=Debian,a=stable
Pin-Priority: 900
EOF
#apt-key exportall | chroot . apt-key add - &&
chroot . apt-get update &&
echo "Apt::Install-Recommends 0;" > etc/apt/apt.conf.d/local-recommends
cat >> usr/sbin/policy-rc.d << EOF
#!/bin/sh
exit 101
EOF
chmod a+x usr/sbin/policy-rc.d
cat >> etc/default/locale << EOF
LANG=en_US.UTF-8
LC_ALL=en_US.UTF-8
EOF
cat >> etc/locale.gen << EOF
en_US.UTF-8 UTF-8
EOF
DEBIAN_FRONTEND=noninteractive
DEBIAN_PRIORITY=critical
export DEBIAN_FRONTEND DEBIAN_PRIORITY
chroot . dpkg-reconfigure debconf --frontend=noninteractive
chroot . apt-get -q -y install locales
}
network() {
echo "$HOSTNAME" > etc/hostname &&
cat > etc/hosts << EOF
127.0.0.1 localhost
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
EOF
cat >> etc/network/interfaces << EOF
auto lo eth0
iface lo inet loopback
# The primary network interface
iface eth0 inet static
EOF
}
install_kernel() {
DEBIAN_FRONTEND=noninteractive
DEBIAN_PRIORITY=critical
export DEBIAN_FRONTEND DEBIAN_PRIORITY
chroot . apt-get -qq -y --force-yes install grub-legacy &&
cp -av usr/lib/grub/i386-pc boot/grub
#for some reason apt-get install grub does not install grub/stage1 etc
#loopd=$(losetup -f --show $1)
#grub-install $loopd --root-directory=$MOUNTPOINT
#losetup -d $loopd
grub << EOF &&
device (hd0) $1
root (hd0,0)
setup (hd0)
quit
EOF
# install a kernel image
cat > etc/kernel-img.conf << EOF &&
do_symlinks = yes
link_in_boot = yes
do_initrd = yes
EOF
touch /mnt/systemvm/boot/grub/default
chroot . apt-get install -qq -y --force-yes linux-image-686-bigmem
cat >> etc/kernel-img.conf << EOF
postinst_hook = /usr/sbin/update-grub
postrm_hook = /usr/sbin/update-grub
EOF
}
fixgrub() {
kern=$(basename $(ls boot/vmlinuz-*))
ver=${kern#vmlinuz-}
cat > boot/grub/menu.lst << EOF
default 0
timeout 2
color cyan/blue white/blue
### BEGIN AUTOMAGIC KERNELS LIST
# kopt=root=LABEL=ROOT ro
## ## End Default Options ##
title Debian GNU/Linux, kernel $ver
root (hd0,0)
kernel /boot/$kern root=LABEL=ROOT ro console=tty0 xencons=ttyS0,115200 console=hvc0 quiet
initrd /boot/initrd.img-$ver
### END DEBIAN AUTOMAGIC KERNELS LIST
EOF
(cd boot/grub; ln -s menu.lst grub.conf)
}
fixinittab() {
cat >> etc/inittab << EOF
vc:2345:respawn:/sbin/getty 38400 hvc0
EOF
}
fixfstab() {
cat > etc/fstab << EOF
# <file system> <mount point> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
LABEL=ROOT / ext3 errors=remount-ro,sync,noatime 0 1
EOF
}
fixacpid() {
mkdir -p etc/acpi/events
cat >> etc/acpi/events/power << EOF
event=button/power.*
action=/usr/local/sbin/power.sh "%e"
EOF
cat >> usr/local/sbin/power.sh << EOF
#!/bin/bash
/sbin/poweroff
EOF
chmod a+x usr/local/sbin/power.sh
}
fixiptables() {
cat >> etc/modules << EOF
nf_conntrack
nf_conntrack_ipv4
EOF
cat > etc/init.d/iptables-persistent << EOF
#!/bin/sh
### BEGIN INIT INFO
# Provides: iptables
# Required-Start: mountkernfs $local_fs
# Required-Stop: $local_fs
# Should-Start: cloud-early-config
# Default-Start: S
# Default-Stop:
# Short-Description: Set up iptables rules
### END INIT INFO
PATH="/sbin:/bin:/usr/sbin:/usr/bin"
# Include config file for iptables-persistent
. /etc/iptables/iptables.conf
case "\$1" in
start)
if [ -e /var/run/iptables ]; then
echo "iptables is already started!"
exit 1
else
touch /var/run/iptables
fi
if [ \$ENABLE_ROUTING -ne 0 ]; then
# Enable Routing
echo 1 > /proc/sys/net/ipv4/ip_forward
fi
# Load Modules
modprobe -a \$MODULES
# Load saved rules
if [ -f /etc/iptables/rules ]; then
iptables-restore </etc/iptables/rules
fi
;;
stop|force-stop)
if [ ! -e /var/run/iptables ]; then
echo "iptables is already stopped!"
exit 1
else
rm /var/run/iptables
fi
if [ \$SAVE_NEW_RULES -ne 0 ]; then
# Backup old rules
cp /etc/iptables/rules /etc/iptables/rules.bak
# Save new rules
iptables-save >/etc/iptables/rules
fi
# Restore Default Policies
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
# Flush rules on default tables
iptables -F
iptables -t nat -F
iptables -t mangle -F
# Unload previously loaded modules
modprobe -r \$MODULES
# Disable Routing if enabled
if [ \$ENABLE_ROUTING -ne 0 ]; then
# Disable Routing
echo 0 > /proc/sys/net/ipv4/ip_forward
fi
;;
restart|force-reload)
\$0 stop
\$0 start
;;
status)
echo "Filter Rules:"
echo "--------------"
iptables -L -v
echo ""
echo "NAT Rules:"
echo "-------------"
iptables -t nat -L -v
echo ""
echo "Mangle Rules:"
echo "----------------"
iptables -t mangle -L -v
;;
*)
echo "Usage: \$0 {start|stop|force-stop|restart|force-reload|status}" >&2
exit 1
;;
esac
exit 0
EOF
chmod a+x etc/init.d/iptables-persistent
touch etc/iptables/iptables.conf
cat > etc/iptables/iptables.conf << EOF
# A basic config file for the /etc/init.d/iptable-persistent script
# Should new manually added rules from command line be saved on reboot? Assign to a value different that 0 if you want this enabled.
SAVE_NEW_RULES=0
# Modules to load:
MODULES="nf_nat_ftp nf_conntrack_ftp"
# Enable Routing?
ENABLE_ROUTING=1
EOF
chmod a+x etc/iptables/iptables.conf
}
vpn_config() {
cp -r ${scriptdir}/vpn/* ./
}
#
# IMPORTANT REMARK
# Package intallation is no longer done via this script. We are not removing the code yet, but we want to
# make sure that everybody willing to install/update packages should refer to the file:
# ==> cloud-tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
#
packages() {
DEBIAN_FRONTEND=noninteractive
DEBIAN_PRIORITY=critical
DEBCONF_DB_OVERRIDE=File{/root/config.dat}
export DEBIAN_FRONTEND DEBIAN_PRIORITY DEBCONF_DB_OVERRIDE
#basic stuff
chroot . apt-get --no-install-recommends -q -y --force-yes install rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny netbase iptables openssh-server grub-legacy e2fsprogs dhcp3-client dnsmasq tcpdump socat wget python bzip2 sed gawk diffutils grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps monit inetutils-ping iputils-arping httping dnsutils zip unzip ethtool uuid file iproute acpid iptables-persistent virt-what sudo
#fix hostname in openssh-server generated keys
sed -i "s/root@\(.*\)$/root@systemvm/g" etc/ssh/ssh_host_*.pub
#sysstat
chroot . echo 'sysstat sysstat/enable boolean true' | chroot . debconf-set-selections
chroot . apt-get --no-install-recommends -q -y --force-yes install sysstat
#apache
chroot . apt-get --no-install-recommends -q -y --force-yes install apache2 ssl-cert
#haproxy
chroot . apt-get --no-install-recommends -q -y --force-yes install haproxy
#dnsmasq
chroot . apt-get --no-install-recommends -q -y --force-yes install dnsmasq
#nfs client
chroot . apt-get --no-install-recommends -q -y --force-yes install nfs-common
#vpn stuff
chroot . apt-get --no-install-recommends -q -y --force-yes install xl2tpd openswan bcrelay ppp ipsec-tools tdb-tools
#vmware tools
chroot . apt-get --no-install-recommends -q -y --force-yes install open-vm-tools
#xenstore utils
chroot . apt-get --no-install-recommends -q -y --force-yes install xenstore-utils libxenstore3.0
#keepalived - install version 1.2.13 from wheezy backports
chroot . apt-get --no-install-recommends -q -y --force-yes -t wheezy-backports install keepalived
#conntrackd
chroot . apt-get --no-install-recommends -q -y --force-yes install conntrackd ipvsadm libnetfilter-conntrack3 libnl1
#ipcalc
chroot . apt-get --no-install-recommends -q -y --force-yes install ipcalc
#irqbalance from wheezy-backports
chroot . apt-get --no-install-recommends -q -y --force-yes -t wheezy-backports install irqbalance
echo "***** getting jre 7 *********"
chroot . apt-get --no-install-recommends -q -y install openjdk-7-jre-headless
}
password() {
chroot . echo "root:$PASSWORD" | chroot . chpasswd
}
apache2() {
chroot . a2enmod ssl rewrite auth_basic auth_digest
chroot . a2ensite default-ssl
cp etc/apache2/sites-available/default etc/apache2/sites-available/default.orig
cp etc/apache2/sites-available/default-ssl etc/apache2/sites-available/default-ssl.orig
}
services() {
mkdir -p ./var/www/html
mkdir -p ./opt/cloud/bin
mkdir -p ./var/cache/cloud
mkdir -p ./usr/share/cloud
mkdir -p ./usr/local/cloud
mkdir -p ./root/.ssh
#Fix haproxy directory issue
mkdir -p ./var/lib/haproxy
/bin/cp -r ${scriptdir}/config/* ./
chroot . chkconfig xl2tpd off
chroot . chkconfig --add cloud-early-config
chroot . chkconfig cloud-early-config on
chroot . chkconfig --add iptables-persistent
chroot . chkconfig iptables-persistent off
chroot . chkconfig --force --add cloud-passwd-srvr
chroot . chkconfig cloud-passwd-srvr off
chroot . chkconfig --add cloud
chroot . chkconfig cloud off
chroot . chkconfig monit off
}
dhcp_fix() {
#deal with virtio DHCP issue, copy and install customized kernel module and iptables
mkdir -p tmp
cp /tmp/systemvm/xt_CHECKSUM.ko lib/modules/2.6.32-5-686-bigmem/kernel/net/netfilter
chroot . depmod -a 2.6.32-5-686-bigmem
cp /tmp/systemvm/iptables_1.4.8-3local1checksum1_i386.deb tmp/
chroot . dpkg -i tmp/iptables_1.4.8-3local1checksum1_i386.deb
rm tmp/iptables_1.4.8-3local1checksum1_i386.deb
}
install_xs_tool() {
#deal with virtio DHCP issue, copy and install customized kernel module and iptables
mkdir -p tmp
cp /tmp/systemvm/xe-guest-utilities_5.6.0-595_i386.deb tmp/
chroot . dpkg -i tmp/xe-guest-utilities_5.6.0-595_i386.deb
rm tmp/xe-guest-utilities_5.6.0-595_i386.deb
}
cleanup() {
rm -f usr/sbin/policy-rc.d
rm -f root/config.dat
rm -f etc/apt/apt.conf.d/01proxy
if [ "$MINIMIZE" == "true" ]
then
rm -rf var/cache/apt/*
rm -rf var/lib/apt/*
rm -rf usr/share/locale/[a-d]*
rm -rf usr/share/locale/[f-z]*
rm -rf usr/share/doc/*
size=$(df $MOUNTPOINT | awk '{print $4}' | grep -v Available)
dd if=/dev/zero of=$MOUNTPOINT/zeros.img bs=1M count=$((((size-150000)) / 1000))
rm -f $MOUNTPOINT/zeros.img
fi
}
signature() {
(cd ${scriptdir}/config; tar cvf ${MOUNTPOINT}/usr/share/cloud/cloud-scripts.tar *)
(cd ${scriptdir}/vpn; tar rvf ${MOUNTPOINT}/usr/share/cloud/cloud-scripts.tar *)
gzip -c ${MOUNTPOINT}/usr/share/cloud/cloud-scripts.tar > ${MOUNTPOINT}/usr/share/cloud/cloud-scripts.tgz
md5sum ${MOUNTPOINT}/usr/share/cloud/cloud-scripts.tgz |awk '{print $1}' > ${MOUNTPOINT}/var/cache/cloud/cloud-scripts-signature
echo "Cloudstack Release $CLOUDSTACK_RELEASE $(date)" > ${MOUNTPOINT}/etc/cloudstack-release
}
#check grub version
grub --version | grep "0.9" > /dev/null
if [ $? -ne 0 ]
then
echo You need grub 0.9x\(grub-legacy\) to use this script!
exit 1
fi
mkdir -p $IMAGENAME
mkdir -p $LOCATION
MOUNTPOINT=/mnt/$IMAGENAME/
IMAGELOC=$LOCATION/$IMAGENAME.img
scriptdir=$(dirname $PWD/$0)
rm -rf /tmp/systemvm
mkdir -p /tmp/systemvm
#cp ./xt_CHECKSUM.ko /tmp/systemvm
#cp ./iptables_1.4.8-3local1checksum1_i386.deb /tmp/systemvm
#cp ./xe-guest-utilities_5.6.0-595_i386.deb /tmp/systemvm
rm -f $IMAGELOC
begin=$(date +%s)
echo "*************INSTALLING BASEIMAGE********************"
baseimage
cp $scriptdir/config.dat $MOUNTPOINT/root/
cd $MOUNTPOINT
mount -o bind /proc $MOUNTPOINT/proc
mount -o bind /dev $MOUNTPOINT/dev
echo "*************CONFIGURING APT********************"
fixapt
echo "*************DONE CONFIGURING APT********************"
echo "*************CONFIGURING NETWORK********************"
network
echo "*************DONE CONFIGURING NETWORK********************"
echo "*************INSTALLING KERNEL********************"
install_kernel $IMAGELOC
echo "*************DONE INSTALLING KERNEL********************"
echo "*************CONFIGURING GRUB********************"
fixgrub $IMAGELOC
echo "*************DONE CONFIGURING GRUB********************"
echo "*************CONFIGURING INITTAB********************"
fixinittab
echo "*************DONE CONFIGURING INITTAB********************"
echo "*************CONFIGURING FSTAB********************"
fixfstab
echo "*************DONE CONFIGURING FSTAB********************"
echo "*************CONFIGURING ACPID********************"
fixacpid
echo "*************DONE CONFIGURING ACPID********************"
echo "*************INSTALLING PACKAGES********************"
packages
echo "*************DONE INSTALLING PACKAGES********************"
echo "*************CONFIGURING IPTABLES********************"
fixiptables
echo "*************DONE CONFIGURING IPTABLES********************"
echo "*************CONFIGURING PASSWORD********************"
password
echo "*************CONFIGURING SERVICES********************"
services
echo "*************CONFIGURING APACHE********************"
apache2
echo "*************CONFIGURING VPN********************"
vpn_config
echo "*************FIX DHCP ISSUE********************"
#dhcp_fix
echo "*************INSTALL XS TOOLS********************"
#install_xs_tool
echo "*************CLEANING UP********************"
cleanup
echo "*************GENERATING SIGNATURE********************"
signature
cd $scriptdir
umount $MOUNTPOINT/proc
umount $MOUNTPOINT/dev
umount $MOUNTPOINT
fin=$(date +%s)
t=$((fin-begin))
echo "Finished building image $IMAGELOC in $t seconds"

10
systemvm/patches/debian/config/etc/init.d/cloud
View File

@ -1,13 +1,11 @@
#!/bin/bash
#!/bin/bash
### BEGIN INIT INFO
# Provides: cloud
# Required-Start: mountkernfs $local_fs cloud-early-config
# Required-Start: $local_fs cloud-early-config
# Required-Stop: $local_fs
# Should-Start:
# Should-Stop:
# Default-Start:
# Default-Start: 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start up the CloudStack cloud service
# Short-Description: Start up the CloudStack cloud service
### END INIT INFO
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file

23
systemvm/patches/debian/config/etc/init.d/cloud-early-config
View File

@ -1,10 +1,8 @@
#!/bin/bash
### BEGIN INIT INFO
# Provides: cloud-early-config
# Required-Start: mountkernfs $local_fs
# Required-Start: $local_fs
# Required-Stop: $local_fs
# Should-Start:
# Should-Stop:
# Default-Start: S
# Default-Stop: 0 6
# Short-Description: configure according to cmdline
@ -38,6 +36,9 @@ mkdir -p /var/lib/haproxy
# Clear boot up flag, it would be created by rc.local after boot up done
rm -f /var/cache/cloud/boot_up_done
# Randomize cloud password so only ssh login is allowed
echo "cloud:`openssl rand -base64 32`" | chpasswd
[ -x /sbin/ifup ] || exit 0
. /lib/lsb/init-functions
@ -807,7 +808,7 @@ setup_sshd(){
setup_vpc_apache2() {
log_it "Setting up apache web server for VPC"
chkconfig apache2 off
systemctl disable apache2
clean_ipalias_config
setup_apache2_common
}
@ -942,7 +943,7 @@ setup_router() {
disable_rpfilter_domR
enable_fwding 1
enable_rpsrfs 1
chkconfig nfs-common off
systemctl disable nfs-common
cp /etc/iptables/iptables-router /etc/iptables/rules.v4
#for old templates
cp /etc/iptables/iptables-router /etc/iptables/rules
@ -1083,7 +1084,7 @@ setup_dhcpsrvr() {
enable_svc cloud-passwd-srvr 1
enable_svc cloud 0
enable_fwding 0
chkconfig nfs-common off
systemctl disable nfs-common
cp /etc/iptables/iptables-router /etc/iptables/rules.v4
cp /etc/iptables/iptables-router /etc/iptables/rules
@ -1239,7 +1240,7 @@ setup_console_proxy() {
enable_svc dnsmasq 0
enable_svc cloud-passwd-srvr 0
enable_svc cloud 1
chkconfig nfs-common off
systemctl disable nfs-common
rm /etc/logrotate.d/cloud
}
@ -1267,8 +1268,8 @@ setup_elbvm() {
enable_svc dnsmasq 0
enable_svc cloud-passwd-srvr 0
enable_svc cloud 0
chkconfig nfs-common off
chkconfig portmap off
systemctl disable nfs-common
systemctl disable portmap
}
setup_ilbvm() {
@ -1290,8 +1291,8 @@ setup_ilbvm() {
enable_svc dnsmasq 0
enable_svc cloud-passwd-srvr 0
enable_svc cloud 0
chkconfig nfs-common off
chkconfig portmap off
systemctl disable nfs-common
systemctl disable portmap
}
setup_default() {

10
systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr
View File

@ -1,12 +1,10 @@
#!/bin/bash
#!/bin/bash
### BEGIN INIT INFO
# Provides: cloud-passwd-srvr
# Required-Start: mountkernfs $local_fs cloud-early-config iptables-persistent
# Required-Start: $local_fs cloud-early-config
# Required-Stop: $local_fs
# Should-Start:
# Should-Stop:
# Default-Start:
# Default-Stop: 0 6
# Default-Start: 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Web server that sends passwords to User VMs
### END INIT INFO
# Licensed to the Apache Software Foundation (ASF) under one

6
systemvm/patches/debian/config/etc/init.d/postinit
View File

@ -1,13 +1,11 @@
#!/bin/bash -e
### BEGIN INIT INFO
# Provides: postinit
# Required-Start: mountkernfs $local_fs cloud-early-config
# Required-Start: $local_fs cloud-early-config
# Required-Stop: $local_fs
# Should-Start:
# Should-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: post-init
# Short-Description: post-init
### END INIT INFO
# Licensed to the Apache Software Foundation (ASF) under one

2
systemvm/patches/debian/config/etc/rc.local
View File

@ -1,4 +1,4 @@
#/bin/bash
#!/bin/bash
#Licensed to the Apache Software Foundation (ASF) under one
#or more contributor license agreements. See the NOTICE file

1
systemvm/patches/debian/config/etc/ssh/sshd_config
View File

@ -13,7 +13,6 @@
Port 3922
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit

128
systemvm/patches/debian/config/opt/cloud/bin/patchsystemvm.sh
View File

@ -40,34 +40,34 @@ patch_console_proxy() {
}
consoleproxy_svcs() {
chkconfig cloud on
chkconfig postinit on
chkconfig cloud-passwd-srvr off
chkconfig haproxy off ;
chkconfig dnsmasq off
chkconfig ssh on
chkconfig apache2 off
chkconfig nfs-common off
chkconfig portmap off
chkconfig keepalived off
chkconfig conntrackd off
systemctl enable cloud
systemctl enable postinit
systemctl disable cloud-passwd-srvr
systemctl disable haproxy
systemctl disable dnsmasq
systemctl enable ssh
systemctl disable apache2
systemctl disable nfs-common
systemctl disable portmap
systemctl disable keepalived
systemctl disable conntrackd
echo "cloud postinit ssh" > /var/cache/cloud/enabled_svcs
echo "cloud-passwd-srvr haproxy dnsmasq apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
mkdir -p /var/log/cloud
}
secstorage_svcs() {
chkconfig cloud on
chkconfig postinit on
chkconfig cloud-passwd-srvr off
chkconfig haproxy off ;
chkconfig dnsmasq off
chkconfig portmap on
chkconfig nfs-common on
chkconfig ssh on
chkconfig apache2 off
chkconfig keepalived off
chkconfig conntrackd off
systemctl enable cloud on
systemctl enable postinit on
systemctl disable cloud-passwd-srvr
systemctl disable haproxy
systemctl disable dnsmasq
systemctl enable portmap
systemctl enable nfs-common
systemctl enable ssh
systemctl disable apache2
systemctl disable keepalived
systemctl disable conntrackd
echo "cloud postinit ssh nfs-common portmap" > /var/cache/cloud/enabled_svcs
echo "cloud-passwd-srvr haproxy dnsmasq" > /var/cache/cloud/disabled_svcs
mkdir -p /var/log/cloud
@ -76,67 +76,67 @@ secstorage_svcs() {
routing_svcs() {
grep "redundant_router=1" /var/cache/cloud/cmdline > /dev/null
RROUTER=$?
chkconfig cloud off
chkconfig haproxy on ;
chkconfig ssh on
chkconfig nfs-common off
chkconfig portmap off
systemctl disable cloud
systemctl disable haproxy
systemctl enable ssh
systemctl disable nfs-common
systemctl disable portmap
echo "ssh haproxy apache2" > /var/cache/cloud/enabled_svcs
echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs
if [ $RROUTER -eq 0 ]
then
chkconfig dnsmasq off
chkconfig cloud-passwd-srvr off
chkconfig keepalived on
chkconfig conntrackd on
chkconfig postinit on
systemctl disable dnsmasq
systemctl disable cloud-passwd-srvr
systemctl enable keepalived
systemctl enable conntrackd
systemctl enable postinit
echo "keepalived conntrackd postinit" >> /var/cache/cloud/enabled_svcs
echo "dnsmasq cloud-passwd-srvr" >> /var/cache/cloud/disabled_svcs
else
chkconfig dnsmasq on
chkconfig cloud-passwd-srvr on
chkconfig keepalived off
chkconfig conntrackd off
systemctl enable dnsmasq
systemctl enable cloud-passwd-srvr
systemctl disable keepalived
systemctl disable conntrackd
echo "dnsmasq cloud-passwd-srvr " >> /var/cache/cloud/enabled_svcs
echo "keepalived conntrackd " >> /var/cache/cloud/disabled_svcs
fi
}
dhcpsrvr_svcs() {
chkconfig cloud off
chkconfig cloud-passwd-srvr on ;
chkconfig haproxy off ;
chkconfig dnsmasq on
chkconfig ssh on
chkconfig nfs-common off
chkconfig portmap off
chkconfig keepalived off
chkconfig conntrackd off
systemctl disable cloud
systemctl enable cloud-passwd-srvr
systemctl disable haproxy
systemctl enable dnsmasq
systemctl enable ssh
systemctl disable nfs-common
systemctl disable portmap
systemctl disable keepalived
systemctl disable conntrackd
echo "ssh dnsmasq cloud-passwd-srvr apache2" > /var/cache/cloud/enabled_svcs
echo "cloud nfs-common haproxy portmap" > /var/cache/cloud/disabled_svcs
}
elbvm_svcs() {
chkconfig cloud off
chkconfig haproxy on ;
chkconfig ssh on
chkconfig nfs-common off
chkconfig portmap off
chkconfig keepalived off
chkconfig conntrackd off
systemctl disable cloud
systemctl disable haproxy
systemctl enable ssh
systemctl disable nfs-common
systemctl disable portmap
systemctl disable keepalived
systemctl disable conntrackd
echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
echo "cloud dnsmasq cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
}
ilbvm_svcs() {
chkconfig cloud off
chkconfig haproxy on ;
chkconfig ssh on
chkconfig nfs-common off
chkconfig portmap off
chkconfig keepalived off
chkconfig conntrackd off
systemctl disable cloud
systemctl enable haproxy
systemctl enable ssh
systemctl disable nfs-common
systemctl disable portmap
systemctl disable keepalived
systemctl disable conntrackd
echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
echo "cloud dnsmasq cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
}
@ -149,11 +149,11 @@ enable_pcihotplug() {
}
enable_serial_console() {
sed -i -e "/^serial.*/d" /boot/grub/grub.conf
sed -i -e "/^terminal.*/d" /boot/grub/grub.conf
sed -i -e "/^default.*/a\serial --unit=0 --speed=115200 --parity=no --stop=1" /boot/grub/grub.conf
sed -i -e "/^serial.*/a\terminal --timeout=0 serial console" /boot/grub/grub.conf
sed -i -e "s/\(^kernel.* ro\) \(console.*\)/\1 console=tty0 console=ttyS0,115200n8/" /boot/grub/grub.conf
#sed -i -e "/^serial.*/d" /boot/grub/grub.conf
#sed -i -e "/^terminal.*/d" /boot/grub/grub.conf
#sed -i -e "/^default.*/a\serial --unit=0 --speed=115200 --parity=no --stop=1" /boot/grub/grub.conf
#sed -i -e "/^serial.*/a\terminal --timeout=0 serial console" /boot/grub/grub.conf
#sed -i -e "s/\(^kernel.* ro\) \(console.*\)/\1 console=tty0 console=ttyS0,115200n8/" /boot/grub/grub.conf
sed -i -e "/^s0:2345:respawn.*/d" /etc/inittab
sed -i -e "/6:23:respawn/a\s0:2345:respawn:/sbin/getty -L 115200 ttyS0 vt102" /etc/inittab
}

2
tools/appliance/build.sh
View File

@ -594,7 +594,7 @@ function main() {
add_on_exit veewee_destroy
veewee_build
save_mac_address
veewee_halt
veewee_halt || true
retry 10 check_appliance_shutdown
retry 10 check_appliance_disk_ready
retry 10 remove_shares

9
tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
View File

@ -23,20 +23,23 @@ function add_backports() {
sed -i '/cdrom/d' /etc/apt/sources.list
sed -i '/deb-src/d' /etc/apt/sources.list
sed -i '/backports/d' /etc/apt/sources.list
echo 'deb http://http.debian.net/debian wheezy-backports main' >> /etc/apt/sources.list
echo 'deb http://http.debian.net/debian stretch-backports main' >> /etc/apt/sources.list
}
function apt_upgrade() {
DEBIAN_FRONTEND=noninteractive
DEBIAN_PRIORITY=critical
# Setup sudo
echo 'cloud ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/cloud
add_backports
rm -fv /root/*.iso
apt-get -y autoremove
apt-get autoclean
apt-get -q -y --force-yes update
apt-get -q -y --force-yes upgrade
apt-get -q -y update
apt-get -q -y upgrade
df -h
}

1
tools/appliance/definitions/systemvmtemplate/authorized_keys.sh
View File

@ -25,5 +25,6 @@ set -x
key='ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvFu3MLSPphFRBR1yM7nBukXWS9gPdAXfqq9cfC8ZqQN9ybi531aj44CybZ4BVT4kLfzbAs7+7nJeSIpPHxjv9XFqbxjIxoFeGYkj7s0RrJgtsEmvAAubZ3mYboUAYUivMgnJFLnv4VqyAbpjix6CfECUiU4ygwo24F3F6bAmhl4Vo1R5TSUdDIX876YePJTFtuVkLl4lu/+xw1QRWrgaSFosGICT37IKY7RjE79Ozb0GjNHyJPPgVAGkUVO4LawroL9dYOBlzdHpmqqA9Kc44oQBpvcU7s1+ezRTt7fZNnP7TG9ninZtrvnP4qmwAc4iUJ7N1bwh0mCblnoTfZ28hw== anthony@mobl-ant'
mkdir -p /root/.ssh
chmod 644 /root/.ssh
#touch /root/.ssh/authorized_keys
echo ${key} > /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys

26
tools/appliance/definitions/systemvmtemplate/build_time.sh
View File

@ -1,26 +0,0 @@
#!/bin/bash
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
set -e
set -x
function build_time() {
date > /etc/vagrant_box_build_time
}
return 2>/dev/null || build_time

1
tools/appliance/definitions/systemvmtemplate/cleanup.sh
View File

@ -20,7 +20,6 @@ set -e
set -x
function cleanup_apt() {
#apt-get -y remove linux-headers-$(uname -r) build-essential
apt-get -y remove dictionaries-common busybox
apt-get -y autoremove
apt-get autoclean

6
tools/appliance/definitions/systemvmtemplate/configure_grub.sh
View File

@ -31,9 +31,13 @@ GRUB_DEFAULT=0
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
GRUB_CMDLINE_LINUX="debian-installer=en_US"
GRUB_CMDLINE_LINUX="console=tty1 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 debian-installer=en_US"
GRUB_TERMINAL="console serial"
GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
EOF
grub-mkconfig -o /boot/grub/grub.cfg
update-grub
}

15
tools/appliance/definitions/systemvmtemplate/configure_login.sh
View File

@ -23,11 +23,12 @@ function add_admin_group() {
groupadd -f -r admin
}
function configure_cloud_user() {
function configure_user() {
usermod -a -G admin cloud
mkdir -p /home/cloud/.ssh
chmod 700 /home/cloud/.ssh
echo "cloud:`openssl rand -base64 32`" | chpasswd
echo "root:password" | chpasswd
}
function configure_sudoers() {
@ -42,7 +43,7 @@ root ALL=(ALL:ALL) ALL
#includedir /etc/sudoers.d
END
echo 'cloud ALL=NOPASSWD:/bin/chmod, /bin/cp, /bin/mkdir, /bin/mount, /bin/umount' > /etc/sudoers.d/cloud
echo 'cloud ALL=NOPASSWD:/bin/chmod, /bin/cp, /bin/mkdir, /bin/mount, /bin/umount, /sbin/halt' > /etc/sudoers.d/cloud
}
# sshd_config is overwritten from cloud_scripts
@ -58,8 +59,6 @@ END
#}
function configure_inittab() {
grep "vc:2345:respawn:/sbin/getty" /etc/inittab && return
# Fix inittab
cat >> /etc/inittab << EOF
@ -68,11 +67,13 @@ EOF
}
function configure_login() {
add_admin_group
configure_cloud_user
configure_sudoers
# configure_sshd
configure_inittab
add_admin_group
configure_sudoers
configure_user
rm -fv /home/cloud/configure_login.sh
halt -p
}
return 2>/dev/null || configure_login

25
tools/appliance/definitions/systemvmtemplate/configure_networking.sh
View File

@ -21,13 +21,6 @@ set -x
HOSTNAME=systemvm
# Adding a 2 sec delay to the interface up, to make the dhclient happy
function set_interface_sleep() {
grep "pre-up sleep 2" /etc/network/interfaces && return
echo "pre-up sleep 2" >> /etc/network/interfaces
}
function configure_resolv_conf() {
grep 8.8.8.8 /etc/resolv.conf && grep 8.8.4.4 /etc/resolv.conf && return
@ -52,8 +45,24 @@ function configure_hostname() {
hostname $HOSTNAME
}
function configure_interfaces() {
cat > /etc/network/interfaces << EOF
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet dhcp
pre-up sleep 2
EOF
}
function configure_networking() {
set_interface_sleep
configure_interfaces
configure_resolv_conf
delete_dhcp_ip
configure_hostname

94
tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
View File

@ -19,15 +19,15 @@
set -e
set -x
CLOUDSTACK_RELEASE=4.6.0
CLOUDSTACK_RELEASE=4.11.0
function configure_apache2() {
# Enable ssl, rewrite and auth
a2enmod ssl rewrite auth_basic auth_digest
a2ensite default-ssl
# Backup stock apache configuration since we may modify it in Secondary Storage VM
cp /etc/apache2/sites-available/default /etc/apache2/sites-available/default.orig
cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/default-ssl.orig
cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/default.orig
cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.orig
sed -i 's/SSLProtocol all -SSLv2$/SSLProtocol all -SSLv2 -SSLv3/g' /etc/apache2/mods-available/ssl.conf
}
@ -39,12 +39,76 @@ function install_cloud_scripts() {
/etc/init.d/{cloud,cloud-early-config,cloud-passwd-srvr,postinit} \
/etc/profile.d/cloud.sh
chkconfig --add cloud-early-config
chkconfig cloud-early-config on
chkconfig --add cloud-passwd-srvr
chkconfig cloud-passwd-srvr off
chkconfig --add cloud
chkconfig cloud off
cat > /lib/systemd/system/cloud-early-config.service << EOF
[Unit]
Description=cloud-early-config: configure according to cmdline
DefaultDependencies=no
After=local-fs.target apparmor.service systemd-sysctl.service systemd-modules-load.service
[Install]
WantedBy=multi-user.target
[Service]
Type=oneshot
ExecStart=/etc/init.d/cloud-early-config start
ExecStop=/etc/init.d/cloud-early-config stop
RemainAfterExit=true
TimeoutStartSec=5min
EOF
cat > /lib/systemd/system/cloud.service << EOF
[Unit]
Description=cloud: startup cloud service
After=cloud-early-config.service network.target local-fs.target
[Install]
WantedBy=multi-user.target
[Service]
Type=forking
ExecStart=/etc/init.d/cloud start
ExecStop=/etc/init.d/cloud stop
RemainAfterExit=true
TimeoutStartSec=5min
EOF
cat > /lib/systemd/system/cloud-passwd-srvr.service << EOF
[Unit]
Description=cloud-passwd-srvr: cloud password server
After=network.target local-fs.target
[Install]
WantedBy=multi-user.target
[Service]
Type=forking
ExecStart=/etc/init.d/cloud-passwd-srvr start
ExecStop=/etc/init.d/cloud-passwd-srvr stop
RemainAfterExit=true
TimeoutStartSec=5min
EOF
cat > /lib/systemd/system/postinit.service << EOF
[Unit]
Description=cloud post-init service
After=cloud-early-config.service network.target local-fs.target
[Install]
WantedBy=multi-user.target
[Service]
Type=forking
ExecStart=/etc/init.d/postinit start
ExecStop=/etc/init.d/postinit stop
RemainAfterExit=true
TimeoutStartSec=5min
EOF
systemctl daemon-reload
systemctl enable cloud-early-config
systemctl disable cloud-passwd-srvr
systemctl disable cloud
}
function do_signature() {
@ -72,18 +136,20 @@ function configure_services() {
install_cloud_scripts
do_signature
chkconfig xl2tpd off
systemctl daemon-reload
systemctl disable xl2tpd
# Disable services that slow down boot and are not used anyway
chkconfig x11-common off
chkconfig console-setup off
systemctl disable x11-common
systemctl disable console-setup
systemctl disable haproxy
# Hyperv kvp daemon - 64bit only
local arch=`dpkg --print-architecture`
if [ "${arch}" == "amd64" ]; then
chkconfig hv_kvp_daemon off
systemctl disable hv_kvp_daemon
fi
chkconfig radvd off
systemctl disable radvd
configure_apache2
configure_strongswan

36
tools/appliance/definitions/systemvmtemplate/definition.rb
View File

@ -15,7 +15,7 @@
# specific language governing permissions and limitations
# under the License.
arch = ENV['VM_ARCH'] || 'i386'
arch = 'amd64'
#
# NOTE: Before changing the version of the debian image make
@ -25,25 +25,19 @@ arch = ENV['VM_ARCH'] || 'i386'
# removed from the debian mirrors
#
architectures = {
:i386 => {
:os_type_id => 'Debian',
:iso_file => 'debian-7.11.0-i386-netinst.iso',
:iso_src => 'http://cdimage.debian.org/cdimage/archive/7.11.0/i386/iso-cd/debian-7.11.0-i386-netinst.iso',
:iso_md5 => '75055a694508f5b891038ec12d703c9e',
},
:amd64 => {
:os_type_id => 'Debian_64',
:iso_file => 'debian-7.11.0-amd64-netinst.iso',
:iso_src => 'http://cdimage.debian.org/cdimage/archive/7.11.0/amd64/iso-cd/debian-7.11.0-amd64-netinst.iso',
:iso_md5 => '096c1c18b44c269808bd815d58c53c8f'
:iso_file => 'debian-9.1.0-amd64-netinst.iso',
:iso_src => 'https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-9.1.0-amd64-netinst.iso',
:iso_md5 => 'ddd8f6542dae8baf410e90b9ae0fe986'
}
}
config = {
:cpu_count => '1',
:memory_size => '256',
:disk_size => '3200', :disk_format => 'VDI', :hostiocache => 'off',
:iso_download_timeout => '1200',
:memory_size => '512',
:disk_size => '2000', :disk_format => 'VDI', :hostiocache => 'off',
:iso_download_timeout => '1000',
:boot_wait => '10',
:boot_cmd_sequence => [
'<Esc>',
@ -63,11 +57,11 @@ config = {
'<Enter>'
],
:kickstart_port => '7122',
:kickstart_timeout => '1200',
:kickstart_timeout => '1000',
:kickstart_file => 'preseed.cfg',
:ssh_login_timeout => '1200',
:ssh_user => 'root',
:ssh_password => 'password',
:ssh_login_timeout => '10000',
:ssh_user => 'cloud',
:ssh_password => 'cloud',
:ssh_key => '',
:ssh_host_port => '7222',
:ssh_guest_port => '22',
@ -75,11 +69,9 @@ config = {
:shutdown_cmd => 'halt -p',
:postinstall_files => [
# basic minimal vm creation
'build_time.sh',
'apt_upgrade.sh',
'configure_grub.sh',
'configure_locale.sh',
'configure_login.sh',
'configure_networking.sh',
'configure_acpid.sh',
# turning it into a systemvm
@ -91,9 +83,11 @@ config = {
'configure_persistent_config.sh',
# cleanup & space-saving
'cleanup.sh',
'zerodisk.sh'
'zerodisk.sh',
# setup login stuff
'configure_login.sh'
],
:postinstall_timeout => '1200'
:postinstall_timeout => '10000'
}
config.merge! architectures[arch.to_sym]

32
tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
View File

@ -43,7 +43,7 @@ function install_packages() {
debconf_packages
install_vhd_util
local apt_get="apt-get --no-install-recommends -q -y --force-yes"
local apt_get="apt-get --no-install-recommends -q -y"
#32 bit architecture support:: not required for 32 bit template
if [ "${arch}" != "i386" ]; then
@ -53,8 +53,8 @@ function install_packages() {
fi
${apt_get} install \
rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny netbase iptables \
openssh-server e2fsprogs dhcp3-client tcpdump socat wget \
rsyslog logrotate cron insserv net-tools ifupdown vim netbase iptables \
openssh-server e2fsprogs isc-dhcp-client tcpdump socat wget \
python bzip2 sed gawk diffutils grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps \
inetutils-ping iputils-arping httping curl \
dnsutils zip unzip ethtool uuid file iproute acpid virt-what sudo \
@ -67,19 +67,22 @@ function install_packages() {
xenstore-utils libxenstore3.0 \
conntrackd ipvsadm libnetfilter-conntrack3 libnl-3-200 libnl-genl-3-200 \
ipcalc \
openjdk-8-jre-headless \
ipset \
iptables-persistent \
libtcnative-1 libssl-dev libapr1-dev \
python-flask \
haproxy \
radvd \
sharutils
sharutils \
keepalived irqbalance open-vm-tools qemu-guest-agent \
strongswan libcharon-extra-plugins libstrongswan-extra-plugins
${apt_get} -t wheezy-backports install keepalived irqbalance open-vm-tools qemu-guest-agent
${apt_get} -t wheezy-backports install strongswan libcharon-extra-plugins libstrongswan-extra-plugins
apt-get autoclean
apt-get clean
apt-get update
apt-get -y --force-yes upgrade
apt-get -y upgrade
if [ "${arch}" == "amd64" ]; then
# Hyperv kvp daemon - 64bit only
@ -87,22 +90,7 @@ function install_packages() {
wget http://people.apache.org/~rajeshbattala/hv-kvp-daemon_3.1_amd64.deb
dpkg -i hv-kvp-daemon_3.1_amd64.deb
rm -f hv-kvp-daemon_3.1_amd64.deb
# XS tools
wget --no-check-certificate https://raw.githubusercontent.com/rhtyd/cloudstack-nonoss/master/xe-guest-utilities_6.5.0_amd64.deb
md5sum xe-guest-utilities_6.5.0_amd64.deb
dpkg -i xe-guest-utilities_6.5.0_amd64.deb
rm -f xe-guest-utilities_6.5.0_amd64.deb
fi
# Install OpenJDK8 pkgs maintained by Azul
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 0x219BD9C9
echo 'deb http://repos.azulsystems.com/debian stable main' > /etc/apt/sources.list.d/zulu.list
apt-get -y autoremove
apt-get autoclean
apt-get clean
apt-get update
${apt_get} install zulu-8
java -version
}
return 2>/dev/null || install_packages

69
tools/appliance/definitions/systemvmtemplate/preseed.cfg
View File

@ -17,22 +17,35 @@
### Localization
# Locale sets language and country.
d-i debian-installer/locale string en_US
d-i debian-installer/locale string en_US.UTF-8
# Keyboard selection.
d-i console-keymaps-at/keymap select us
d-i keyboard-configuration/xkb-keymap select us
### Network configuration
d-i netcfg/choose_interface select auto
d-i netcfg/get_hostname string systemvm
d-i netcfg/get_domain string cloudstack.org
d-i netcfg/get_domain string apache.org
d-i netcfg/wireless_wep string
d-i hw-detect/load_firmware boolean true
### Mirror settings
d-i mirror/country string manual
d-i mirror/http/hostname string http.us.debian.org
d-i mirror/http/hostname string http.debian.net
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string
### Apt setup
d-i apt-setup/cdrom/set-first false
#d-i apt-setup/non-free boolean true
#d-i apt-setup/contrib boolean true
#d-i apt-setup/use_mirror boolean true
d-i apt-setup/services-select multiselect security, updates
d-i apt-setup/security_host string security.debian.org
d-i apt-setup/local0/source boolean false
d-i apt-setup/multiarch string i386
### Clock and time zone setup
d-i clock-setup/utc boolean true
d-i time/zone string UTC
@ -44,51 +57,33 @@ d-i partman-auto/method string regular
d-i partman-auto/choose_recipe select atomic
d-i partman-auto/expert_recipe string \
boot-root :: \
80 50 160 ext4 \
80 50 100 ext4 \
$primary{ } $bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /boot } \
. \
500 40 800 ext4 \
1500 40 1600 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
50 100 100 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /home } \
. \
1000 60 1400 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /usr } \
. \
200 40 300 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /opt } \
. \
600 70 1200 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /var } \
. \
400 50 500 ext4 \
300 50 300 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /var/log } \
. \
100 90 200 ext4 \
100 90 100 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /tmp } \
. \
256 100 1024 linux-swap \
100 100 200 linux-swap \
method{ swap } format{ } \
.
d-i partman/confirm_write_new_label boolean true
d-i partman-md/confirm boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
@ -97,10 +92,10 @@ d-i partman/confirm_nooverwrite boolean true
# ...
### Account setup
d-i passwd/root-login boolean true
d-i passwd/root-login boolean false
d-i passwd/root-password password password
d-i passwd/root-password-again password password
d-i passwd/user-fullname string Cloud Stack
d-i passwd/user-fullname string Cloud User
d-i passwd/username string cloud
d-i passwd/user-password password cloud
d-i passwd/user-password-again password cloud
@ -108,12 +103,14 @@ d-i user-setup/encrypt-home boolean false
d-i user-setup/allow-password-weak boolean true
d-i passwd/user-default-groups string audio cdrom video admin
#openssh-server openssh-server/permit-root-login boolean true
### Apt setup
# ...
### Package selection
tasksel tasksel/first multiselect ssh-server
d-i pkgsel/include string openssh-server ntp acpid sudo bzip2 openssl
d-i pkgsel/include string openssh-server ntp acpid sudo bzip2 openssl
# Allowed values: none, safe-upgrade, full-upgrade
d-i pkgsel/upgrade select none
@ -121,12 +118,10 @@ popularity-contest popularity-contest/participate boolean false
### Boot loader installation
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i grub-installer/bootdev string default
d-i finish-install/reboot_in_progress note
### Preseeding other packages
libssl1.0.0 libssl1.0.0/restart-services string
libssl1.0.0 libssl1.0.0/restart-failed error
#### Advanced options
# Prevent packaged version of VirtualBox Guest Additions being installed:
d-i preseed/early_command string sed -i \

9
tools/appliance/definitions/systemvmtemplate/zerodisk.sh
View File

@ -22,9 +22,10 @@ set -x
# clean up stuff copied in by veewee
function cleanup_veewee() {
# this has to be here since it is the last file to run (and we remove ourselves)
rm -fv /root/*.iso
rm -fv /root/{apt_upgrade,authorized_keys,build_time,cleanup,install_systemvm_packages,zerodisk}.sh
rm -fv /root/configure_{acpid,conntrack,grub,locale,login,networking,systemvm_services}.sh
cd /home/cloud
rm -fv *.iso
rm -fv {apt_upgrade,authorized_keys,cleanup,install_systemvm_packages,zerodisk}.sh
rm -fv configure_{acpid,conntrack,grub,locale,networking,persistent_config,systemvm_services}.sh /home/cloud/install_systemvm_packages.sh
rm -fv .veewee_version .veewee_params .vbox_version
}
@ -32,7 +33,7 @@ function cleanup_veewee() {
function zero_disk() {
cleanup_veewee
for path in / /boot /usr /var /var/log /opt /tmp /home
for path in / /boot /var/log /tmp
do
dd if=/dev/zero of=${path}/zero bs=1M || true
sync