Hi, all
I'm curious to know what other users have done for automating desktop installs. I've been reading the wiki and got a number of ideas using snippets. What I'm trying to do is do "self-installs", where a user can provision his or her own desktop with customizations for that user. It would be something like:
1. User PXE boots machine 2. User selects a profile 3. ??? 4. Machine gets provisioned according to profile 5. Machine is ready for use with user's custom settings
The constraint here is that I'd like to move away from creating system profiles prior to the install (which would normally require getting the MAC address and registering it with cobbler). What I'd like to tell cobbler (step 3) is that I'm provisioning this machine for a specific user -- perhaps by passing something onto the kernel command line as a parameter, and then having the post-install section do the customization based on that. For example, I could pass in username=$username and then a script/trigger could fire off and lookup a DB for that user, and then create the accounts/profiles/apps/configs/etc automatically.
I'm constrained to working with Windows managing DHCP, so I'm trying to pass the hostname onto the kickstart parameters somehow so I can get it register itself and update DDNS. As you can tell from the above, we're trying to reuse a single "generic" profile (which is my baseline) and simply customizing the install for a specific user (i.e. by adding that user's account) without creating.
So my questions are:
1. Is supplying this last information via kernel command line the best option?
2. Can we somehow get a ksmeta variable set at profile-selection time outside of cobbler (e.g. in the boot selection menu)? (I doubt it)
3. Short of implementing integration with LDAP/Kerberos/Active Directory for authentication and using roaming user directories, are there any recommendations for "user provisioning" via cobbler? My last recourse is to have the account provisioning be done as a first-boot option.
- gino
Gino LV. Ledesma wrote:
Hi, all
I'm curious to know what other users have done for automating desktop installs. I've been reading the wiki and got a number of ideas using snippets. What I'm trying to do is do "self-installs", where a user can provision his or her own desktop with customizations for that user. It would be something like:
- User PXE boots machine
- User selects a profile
- ???
- Machine gets provisioned according to profile
- Machine is ready for use with user's custom settings
The constraint here is that I'd like to move away from creating system profiles prior to the install (which would normally require getting the MAC address and registering it with cobbler).
We call these "system records" not "profiles", as we already have a "profiles" and saying "profile profiles" is weird.
What I'd like to tell cobbler (step 3) is that I'm provisioning this machine for a specific user -- perhaps by passing something onto the kernel command line as a parameter, and then having the post-install section do the customization based on that. For example, I could pass in username=$username and then a script/trigger could fire off and lookup a DB for that user, and then create the accounts/profiles/apps/configs/etc automatically.
What many folks do is create a web interface that allows the user to answer specific questions, and then save those answers as template varariables in the system objects which are used when evaluating the kickstart template.
If you want to do this via PXE you must create system records.
I'm constrained to working with Windows managing DHCP, so I'm trying to pass the hostname onto the kickstart parameters somehow so I can get it register itself and update DDNS. As you can tell from the above, we're trying to reuse a single "generic" profile (which is my baseline) and simply customizing the install for a specific user (i.e. by adding that user's account) without creating.
Per MAC pxe works here.
So my questions are:
- Is supplying this last information via kernel command line the best option?
Not really :)
- Can we somehow get a ksmeta variable set at profile-selection time
outside of cobbler (e.g. in the boot selection menu)? (I doubt it)
No.
- Short of implementing integration with LDAP/Kerberos/Active
Directory for authentication and using roaming user directories, are there any recommendations for "user provisioning" via cobbler? My last recourse is to have the account provisioning be done as a first-boot option.
Possibly make the said webapp template manage Puppet and just make sure all systems are subscribed. Or do what I said above about making system objects in the webapp.
- gino
cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
On Apr 30, 2009, at 1:22 PM, Michael DeHaan wrote:
Gino LV. Ledesma wrote:
What I'd like to tell cobbler (step 3) is that I'm provisioning this machine for a specific user -- perhaps by passing something onto the kernel command line as a parameter, and then having the post-install section do the customization based on that. For example, I could pass in username=$username and then a script/trigger could fire off and lookup a DB for that user, and then create the accounts/profiles/apps/configs/etc automatically.
What many folks do is create a web interface that allows the user to answer specific questions, and then save those answers as template varariables in the system objects which are used when evaluating the kickstart template.
If you want to do this via PXE you must create system records.
Guys: What about making a custom image that runs the koan system register stuff? The biggest issue is to avoid having to get the MAC address into Cobbler. If you could make a custom PXE that runs on all boxes by default, and prompts for a username, or even looks up a user name -> profile name, and then runs the proper system add command, you could probably get exactly what you wanted...
It's a combination of what Gino wants, and getting that system record into Cobbler... and everyone ends up ahead.
Matthew
Matthew Barr wrote:
On Apr 30, 2009, at 1:22 PM, Michael DeHaan wrote:
Gino LV. Ledesma wrote:
What I'd like to tell cobbler (step 3) is that I'm provisioning this machine for a specific user -- perhaps by passing something onto the kernel command line as a parameter, and then having the post-install section do the customization based on that. For example, I could pass in username=$username and then a script/trigger could fire off and lookup a DB for that user, and then create the accounts/profiles/apps/configs/etc automatically.
What many folks do is create a web interface that allows the user to answer specific questions, and then save those answers as template varariables in the system objects which are used when evaluating the kickstart template.
If you want to do this via PXE you must create system records.
Guys: What about making a custom image that runs the koan system register stuff? The biggest issue is to avoid having to get the MAC address into Cobbler. If you could make a custom PXE that runs on all boxes by default, and prompts for a username, or even looks up a user name -> profile name, and then runs the proper system add command, you could probably get exactly what you wanted...
It's a combination of what Gino wants, and getting that system record into Cobbler... and everyone ends up ahead.
Matthew _______________________________________________ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
WRT cobbler-register via PXE:
Thought about it a while back.
This could easily be done via livecd-tools, and then PXE booted via livecd-to-pxeboot.
After I get the koan live CD working again (should be week after next; travelling next), I can see about putting one (and instructions for use) together.
Not much is involved at all.
He would still have to do the web interface that asks the custom questions about what the user wants to put on the system for now... though that is also in my medium-term (is that a word?) plans?
Have a part of cobbler web (seperate UI) where you can log in, template out some questions, map them to metadata variables, and use them to update a system record, toggle the netboot flag, and reassign a new profile. It would probably have to be used with authz_ownership to ensure someone didn't reprogram their own systems, and we don't want ordinary users changing MAC addresses and such, so those are some fields you would /not/ want to make editable.
Anyway, this is a use case we /VERY/ much want to persue, so if you're interested in helping build this and have some Python/Django skills, you are welcome to do it.
I could see that working very well with a cobbler-register live CD to seed info.
Rather than needing the live CD, of course, a simple SSH loop or using Func could be used to seed that same data.
--Michael
cobbler@lists.fedorahosted.org