IBM POWER provisioning on Red Hat Satellite 6.2
The tutorial can be also used to setup similar configuration for Intel systems, the only change will be that directory named “powerpc-ieee1275” will be changed to “i386-pc”. Also when booting UEFI, the “linux” and “initrd” statements in the configuration files become “linuxefi” and “initrdefi”.
Preparing grub2 bootloader
On (any) PPC64 system, generate new Grub2 bootloader set and copy it over to the Satellite server.
grub2-mknetdir --net-directory=/root/bootp
scp -r /root/bootp/boot/* root@satellite:/var/lib/tftpboot/boot
On the Satellite server, set permissions for TFTP.
setfacl -R -m u:foreman:rwx /var/lib/tftpboot #for existing files
setfacl -R -m d:u:foreman:rwx /var/lib/tftpboot #for future new files
Preparing hook script
Place the following script into /usr/share/foreman/config/hooks/90-convert_grub2 (also available at https://gist.github.com/lzap/704e9866dc6e27e30a1ace818bc339a4 - use RAW button to copy the contents)
Very important - this is a Python code. Make sure the spaces does not get corrupted when copying or pasting. The script uses spaces instead of tabs. Verify the script with
# python -m py_compile /usr/share/foreman/config/hooks/90-convert_grub2
# md5sum /usr/share/foreman/config/hooks/90-convert_grub2
fab3bf9419cf666af39097e4ed6527b7 /usr/share/foreman/config/hooks/90-convert_grub2
before carrying on. Symptoms when the script is not correctly formatted are: SyntaxError: Non-ASCII character '\xc2'.
#!/usr/bin/env python
# vim:ts=4:sw=4:et
import os
import re
TFTP_PXELINUX_ROOT_CFG="/var/lib/tftpboot/pxelinux.cfg"
TFTP_GRUB_ROOT_CFG="/var/lib/tftpboot/boot/grub2/powerpc-ieee1275"
TFTP_GRUB_CFG_PREFIX="grub.cfg-"
GRUB2_TEMPLATE="""
set default=0
set timeout=5
menuentry 'Install Red Hat Enteprise Linux for Power' {
linux KERNEL_HERE BOOT_PARAM
initrd INITRD_HERE
}
"""
def grab_all_pxelinux_configs(directory=TFTP_PXELINUX_ROOT_CFG):
tftp_files = []
mac_format = re.compile(ur'((?:(\d{1,2}|[a-fA-F]{1,2}){2})(?::|-*)){6}')
for f in os.listdir(directory):
if re.findall(mac_format, f):
tftp_files.append(f)
return tftp_files
def file_exists(cfg_file):
if os.path.isfile(cfg_file):
return True
else:
return False
def process_pxelinux_cfg(tftp_files):
content = None
for f in tftp_files:
fpath = os.path.join(TFTP_PXELINUX_ROOT_CFG, f)
if file_exists(fpath):
with open(fpath, mode='ro') as fd:
content = fd.readlines()
if content:
for line in content:
if "KERNEL" in line:
kernel_arg = line.split()[-1]
grub_aux = GRUB2_TEMPLATE.replace("KERNEL_HERE", kernel_arg)
if "initrd" in line:
initrd_arg = line.split()[1].split('=')[-1]
boot_arg = line.split()[-3:]
grub_aux = grub_aux.replace("INITRD_HERE", initrd_arg)
grub_aux = grub_aux.replace("BOOT_PARAM", ' '.join(boot_arg))
filename = os.path.join(TFTP_GRUB_ROOT_CFG, str(TFTP_GRUB_CFG_PREFIX + f))
with open(filename, 'w') as grub_cfg:
grub_cfg.write(grub_aux)
pxefiles = grab_all_pxelinux_configs()
process_pxelinux_cfg(pxefiles)
Make it executable, create symlinks and fix SELinux labels:
chmod +x /usr/share/foreman/config/hooks/90-convert_grub2
mkdir -p /usr/share/foreman/config/hooks/host/managed/after_{create,update,destroy,build}
pushd /usr/share/foreman/config/hooks/host/managed/
ln -fs ../../../90-convert_grub2 after_create/90-convert_grub2
ln -fs ../../../90-convert_grub2 after_update/90-convert_grub2
ln -fs ../../../90-convert_grub2 after_destroy/90-convert_grub2
ln -fs ../../../90-convert_grub2 after_build/90-convert_grub2
popd
restorecon -FvvR /var/lib/tftpboot /usr/share/foreman/config/hooks
Testing the script
Create a host and mark down the MAC address of the provisioning interface, now execute the script from shell, but do not run it under root account, but under Satellite 6 Rails application effective user:
rm -f /var/lib/tftpboot/boot/grub2/powerpc-ieee1275/grub.cfg-*
su foreman -s /bin/bash \
-c /usr/share/foreman/config/hooks/host/managed/after_build/90-convert_grub2
If you list Grub2 configuration files, there should be one with the MAC address of the host created moment ago:
ls /var/lib/tftpboot/boot/grub2/powerpc-ieee1275/grub.cfg-*
SELinux will prevent Rails application from accessing TFTP directory. Compile and load SELinux policy that will allow httpd (Passenger) process to read and write contents in TFTP directory:
yum -y install setools-console policycoreutils-python policycoreutils selinux-policy-devel
mkdir foreman_grubhook
cat >foreman_grubhook/foreman_grubhook.te <<EOPY
policy_module(foreman_grubhook, 1.0)
require {
type passenger_t;
}
tftp_manage_rw_content(passenger_t)
cobbler_manage_lib_files(passenger_t)
libs_exec_ldconfig(passenger_t)
EOPY
ln -s /usr/share/selinux/devel/Makefile foreman_grubhook/Makefile
make -C foreman_grubhook/
semodule -i foreman_grubhook/foreman_grubhook.pp
semodule -l | grep grubhook
The policy module will survive OS restarts.
External DHCP server configuration
Configure DHCP, which must be managed on an external server. All PPC64 systems must have a reservation with BOOTP filename option. Example:
subnet 192.168.99.0 netmask 255.255.255.0 {
range 192.168.99.10 192.168.99.100;
group {
filename "boot/grub2/powerpc-ieee1275/core.elf";
host ppc64a {
hardware ethernet 62:a7:1f:5c:0c:04;
fixed-address 192.168.99.13;
}
}
option subnet-mask 255.255.255.0;
option routers 192.168.99.1;
}
Testing the workflow
Restart Satellite 6 web user interface.
systemctl restart httpd
Access the Web UI of Satellite 6 and create new host. Each time new host is created, updated, deleted or when a host enters or exits Build mode all PXELinux configuration files are copied and transformed into Grub2 format.
Check the PXELinux Kickstart Default template for all Operating Systems that are used for provisioning of IBM POWER hosts. By default they require DHCP to be present. If needed, provide additional Anaconda kernel command line options to boot in DHCP-less environments.