The RHEL7 version of Anaconda only allows .service units to be used with
the kickstart services command. Update the documentation, examples, and
tests to reflect this.
Related: rhbz#1718473
To maintain consistency with the other options this changes firewall to
combine the existing settings from the image template with the settings
from the blueprint.
Also updated the docs, added a new test for it, and sorted the output
for consistency.
(cherry picked from commit 3e08389a0f)
Related: rhbz#1718473
Make it clear that the services are added to services already listed in
the image templates, and that you can specify any systemd unit filename.
Older releases are more restrictive, and this documentation will need to
be updated when these changes are backported.
(cherry picked from commit 4f701e7e92)
Related: rhbz#1718473
You can now open ports in the firewall, using port numbers or service
names:
[customizations.firewall]
ports = ["22:tcp", "80:tcp", "imap:tcp", "53:tcp", "53:udp"]
Or enable/disable services registered with firewalld:
[customizations.firewall.services]
enabled = ["ftp", "ntp", "dhcp"]
disabled = ["telnet"]
If the template contains firewall --disabled it cannot be overridden,
under the assumption that it is required for the image to boot in the
selected environment.
(cherry picked from commit 4d35668ab5)
Related: rhbz#1718473
You can now set the keyboard layout and language. Eg.
[customizations.locale]
languages = ["en_CA.utf8", "en_HK.utf8"]
keyboard = "de (dvorak)"
Existing entries in the kickstart templates are replaced with the new
ones. If there are no entries then it will default to 'keyboard us' and
'lang en_US.UTF-8'
Includes tests, and leaves the existing keyboard and lang entries in the
templates with a note that they can be replaced by the blueprint.
(cherry picked from commit e5a8700bdf)
Related: rhbz#1718473
The goal here is to do the minimum needed to get the images setup for
use so they can have more complex customizations applied later.
I think this list is a pretty good minimal set of features without going
full kickstart.
(cherry picked from commit 95c288d829)
Related: rhbz#1718473
Sometimes it is necessary to modify the kernel command-line of the
image, this adds support for a [customizations.kernel] section to the
blueprint:
[customizations.kernel]
append = "nosmt=force"
This will be appended to the kickstart's bootloader --append argument.
Includes tests for modifying the bootloader line, the kickstart
template, and examining the final-kickstart.ks created for a compose.
Related: rhbz#1688335
This is similar to the AMI type, but also adds open-vm-tools and does not do
anything special to the partitioning
(cherry picked from commit 1056bfc25b)
Resolves: rhbz#1656105
This is similar to the AMI compose type, with a handful of additional
changes specific to Azure:
* Add waagent (but leave NetworkManager enabled, despite some of the
docs)
* Disable cloud-init
* Add Hyper-V modules into initrams.
Fixes specific for RHEL:
* Create ifcfg-eth0 required by waagent.
* Install python3 and net-tools required by waagent.
Recommended changes:
* Use recommended kernel boot args.
* Disable kdump.
(cherry picked from commit e0c236ff36)
(cherry picked from commit da0435bc90)
(cherry picked from commit b594fa99bc)
Resolves: rhbz#1656105
This differs from lmc's --make-ami in that creates a full disk image instead of
an fsimage. Create a raw disk image with a / and /boot partitions, and enable
sshd, chronyd, and cockpit by default.
(cherry picked from commit 18188bf6cf)
(cherry picked from commit 81d38b6445)
Resolves: rhbz#1656105
If we leave the root account w/o a password people will use it that way,
leading to insecure images. Also if we use a default password. So lock
the root account in the templates.
Users will need to do one of these things:
1. Use [[customizations.user]] in their blueprint to configure root or
another user.
2. Use [[customizations.sshkey]] to set a key for root
2. Install a package that configures a user at install time
3. Install a package that sets up a user at boot time (eg. cloud-init)
This also drops the auth line from the kickstart templates, allowing it
to use the default password algoritm instead of md5.
Resolves: rhbz#1626120
Update the docs to make it clear that .socket will be slow to respond to
the first request, and to use .service to speed it up.
(cherry picked from commit 83e5f3f885)
(cherry picked from commit c2f96b3d3b)
This updates the documentation to include composer-cli instead of curl,
warnings about SELinux and needing the RHEL 7 Optional package repo, as
well as other documentation improvements from the master branch.
This drops support for the TCP port and switches to using a socket at
/var/run/weldr/api.socket
Also add the start of some docs for lorax-composer.
--host and --port argument have been removed.
--group sets the group name to use for access to the socket and its
parent directory. Defaults to 'weldr'
--socket sets the full path to the socket to create. Defaults to
'/var/run/weldr/api.socket'
This requires OVMF to be setup on the system, and for the kickstart to
create a /boot/efi/ partition. You can then use it to create UEFI
bootable partitioned disk images.
The UEFI firmware needs to be installed manually on the system, either
in the default location of /usr/share/OVMF/ or use --ovmf-path to point
to the location.
Resolves: rhbz#1546715
Resolves: rhbz#1544805
This makes it easier to specify existing repos with extra args, eg.
/etc/yum.repos.d/redhat.repo generated by subscription-manager.
Resolves: rhbz#1430479
Boot on 32bit UEFI requires this package. Legacy grub2-efi package
is satisfied only with grub2-efi-x64 package and grub2-efi-ia32 is missing.
Resolves: rhbz#1458937
Make sure grub2-efi-*-cdboot is included in the live media kickstart,
add some documentation about creating UEFI disk images, and add ia32 to
the minimal example (it will need to be commented out for other arches).
Resolves: rhbz#1458937
The only environmental variable set during %post is $ANA_INSTALL_PATH
which points to the installroot (usually /mnt/sysimage). It can be used
in a %post --nochroot to copy things from the installer root to the
target's root filesystem.
This removes the %post --nochroot section because the image is not
accessable at this point in the process. Items that need to go into the
/ of the iso need to be added in the final iso creation templates, like
x86_64.tmpl
Resolves: rhbz#1430547
This includes packages that anaconda runs from the installed system
during installation. It includes grub2, grub2-efi, shim, efibootmgr
among others.
Resolves: rhbz#1269891
systemd uses /var/lib/systemd/random-seed to add entropy to /dev/urandom
at boot time. During image creation this file is created, and if not
removed everything using the image will be adding the same seed.
This is only additional entropy, NOT a seed in the sense of a starting
point for a PRNG, so it will be mixed with other entropy as the system
runs. It isn't a good idea to use the same value everywhere so make sure
it is removed in %post
Resolves: rhbz#1258986
Resolves: rhbz#1184021
--make-pxe-live target generate live squashfs and initrd for pxe boot.
Also generates pxe config template.
--make-ostree-live is used for installations of Atomic Host. Additionally to
--make-pxe-live it ensures using deployment root instead of physical root of
installed disk image where needed. Atomic installation needs to be virt
installation with /boot on separate partition (the only way supported by
Anaconda currently). Content of boot partition is added to live root fs so that
ostree can find deployment by boot configuration.
This is used as a kickstart %post interpreter to streamline
modifications to images.
Also adds an example kickstart.
This Obsoletes the old appliance-tools-minimizer and includes a Provide
so that the transition will be seamless.
(cherry picked from commit 99f2ab9137)
(cherry picked from commit b090a09dca)
Resolves: rhbz#1082642
This adds the --make-tar option which will produce a xz compressed tar
of the root filesystem. This works with either virt-install or no-virt
modes. Use --image-name to set the output filename.
--compression is used to set the compression type to use, which defaults
to xz. Supported types are xz, lzma, gzip and bzip2.
--compress-arg is used to pass arguments to the compression utility.
(cherry picked from commit d04a99e8f4)
Resolves: rhbz#1144140
Also adds a check for a bad url repo, and fix ram calculation for
appliance mode. Updates the README.livemedia-creator documentation.
Resolves: rhbz#1019728
