12 commits - ec2/fedora-18-i386-ec2.ks ec2/fedora-18-x86_64-ec2.ks generic/fedora-18-x86_64-cloud.ks generic/fedora-18-x86_64.ks generic/fedora-18-x86_64-minimal.ks
Matthew Miller
mattdm at fedoraproject.org
Thu Dec 20 20:38:08 UTC 2012
ec2/fedora-18-i386-ec2.ks | 150 +++++++++++++++++++++++------------
ec2/fedora-18-x86_64-ec2.ks | 151 +++++++++++++++++++++++-------------
generic/fedora-18-x86_64-cloud.ks | 83 +------------------
generic/fedora-18-x86_64-minimal.ks | 11 +-
generic/fedora-18-x86_64.ks | 11 +-
5 files changed, 218 insertions(+), 188 deletions(-)
New commits:
commit c6c5db46b8dcade0f6e621c9efe9ec07416cb7ba
Author: Matthew Miller <mattdm at mattdm.org>
Date: Thu Dec 20 15:37:32 2012 -0500
copy new stuff to i386, too
diff --git a/ec2/fedora-18-i386-ec2.ks b/ec2/fedora-18-i386-ec2.ks
index 742fec6..1f0dcbb 100644
--- a/ec2/fedora-18-i386-ec2.ks
+++ b/ec2/fedora-18-i386-ec2.ks
@@ -1,81 +1,129 @@
-# Build a basic Fedora 18 AMI
+# This is a basic Fedora 18 spin designed to work in Amazon EC2.
+# It's configured with cloud-init so it will take advantage of
+# ec2-compatible metadata services for provisioning ssh keys. That also
+# currently creates an ec2-user account; we'll probably want to make that
+# something generic by default. The root password is empty by default.
+#
+# Note that unlike the standard F18 install, this image has /tmp on disk
+# rather than in tmpfs, since memory is usually at a premium.
+#
+# It additionally configures _no_ local firewall, in line with EC2
+# recommendations that security groups be used instead.
+
+
+
lang en_US.UTF-8
keyboard us
timezone --utc America/New_York
+
auth --useshadow --enablemd5
selinux --enforcing
-firewall --service=ssh
-bootloader --timeout=1 --location=mbr --driveorder=sda
-network --bootproto=dhcp --device=eth0 --onboot=on
-services --enabled=network,sshd,rsyslog
-# By default the root password is emptied
+firewall --disabled
-#
-# Define how large you want your rootfs to be
-# NOTE: S3-backed AMIs have a limit of 10G
-#
-part / --size 10000 --fstype ext4 --ondisk sda
+bootloader --timeout=0 --location=mbr --driveorder=sda
+
+network --bootproto=dhcp --device=eth0 --onboot=on
+services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
+
+# This would let fussy grub2 install, but will break in EC2
+#part biosboot --fstype=biosboot --size=1 --ondisk sda
+part / --size 4096 --fstype ext4 --ondisk sda
-#
# Repositories
repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-18&arch=$basearch
-#
-#
-# Add all the packages after the base packages
-#
+
+# Package list.
%packages --nobase
@core
-pciutils
kernel-PAE
-man-db
-firewalld
-
--biosdevname
-# package to setup cloudy bits for us
+# cloud-init does magical things with EC2 metadata, including provisioning
+# a user account with ssh keys.
cloud-init
-%end
+# Needed initially, but removed below.
+firewalld
-# more ec2-ify
-%post --erroronfail
+# cherry-pick a few things from @standard
+tmpwatch
+tar
+rsync
-# fstab mounting is different for x86_64 and i386
-cat <<EOL > /etc/fstab
-LABEL=_/ / ext4 defaults 1 1
-proc /proc proc defaults 0 0
-sysfs /sys sysfs defaults 0 0
-devpts /dev/pts devpts gid=5,mode=620 0 0
-tmpfs /dev/shm tmpfs defaults 0 0
-EOL
-if [ ! -d /lib64 ] ; then
+# Some things from @core we can do without in a minimal install
+-biosdevname
+-plymouth
+-NetworkManager
+-polkit
-cat <<EOL >> /etc/fstab
-/dev/xvda3 swap swap defaults 0 0
-EOL
+%end
-# workaround xen performance issue (bz 651861)
-echo "hwcap 1 nosegneg" > /etc/ld.so.conf.d/libc6-xen.conf
-fi
-# idle=nomwait is to allow xen images to boot and not try use cpu features that are not supported
-# grub tweaks
-sed -i -e 's/timeout=5/timeout=0/' \
- -e 's|root=[^ ]\+|root=LABEL=_/ idle=halt|' \
- -e '/splashimage/d' \
- /boot/grub/grub.conf
+%post --erroronfail
-# symlink grub.conf to menu.lst for use by EC2 pv-grub
-pushd /boot/grub
-ln -s grub.conf menu.lst
-popd
+echo -n "Writing fstab"
+cat <<EOF > /etc/fstab
+LABEL=_/ / ext4 defaults 1 1
+EOF
+echo .
+
+echo -n "Grub tweaks"
+echo GRUB_TIMEOUT=0 > /etc/default/grub
+sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
+sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
+sed -i 's/^default=1/default=0/' /boot/grub/grub.conf
+sed -i '/splashimage/d' /boot/grub/grub.conf
+# need to file a bug on this one
+sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
+echo .
+if ! [[ -e /boot/grub/menu.lst ]]; then
+ echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
+ ln /boot/grub/grub.conf /boot/grub/menu.lst
+ ln -sf /boot/grub/grub.conf /etc/grub.conf
+fi
# setup systemd to boot to the right runlevel
-rm /etc/systemd/system/default.target
+echo -n "Setting default runlevel to multiuser text mode"
+rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+echo .
+
+# If you want to remove rsyslog and just use journald, also uncomment this.
+#echo -n "Enabling persistent journal"
+#mkdir /var/log/journal/
+#echo .
+
+# this is installed by default but we don't need it in virt
+echo "Removing linux-firmware package."
+yum -C -y remove linux-firmware
+
+# Remove firewalld; was supposed to be optional in F18, but is required to
+# be present for install/image building.
+echo "Removing firewalld."
+yum -C -y remove firewalld
+
+
+# Because memory is scarce resource in most cloud/virt environments,
+# and because this impedes forensics, we are differing from the Fedora
+# default of having /tmp on tmpfs.
+echo "Disabling tmpfs for /tmp."
+systemctl mask tmp.mount
+
+# Uncomment this if you want to use cloud init but suppress the creation
+# of an "ec2-user" account. This will, in the absence of further config,
+# cause the ssh key from a metadata source to be put in the root account.
+#cat <<EOF > /etc/cloud/cloud.cfg.d/50_suppress_ec2-user_use_root.cfg
+#users: []
+#disable_root: 0
+#EOF
+
+echo "Zeroing out empty space."
+# This forces the filesystem to reclaim space from deleted files
+dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
+rm -f /var/tmp/zeros
+echo "(Don't worry -- that out-of-space error was expected.)"
%end
commit 5fb26a988877f8682978bc1debd0fc6420f90c3f
Author: Matthew Miller <mattdm at mattdm.org>
Date: Thu Dec 20 13:22:52 2012 -0500
pull out cloud-init 0.7.1-1 kludge -- no longer needed
diff --git a/ec2/fedora-18-x86_64-ec2.ks b/ec2/fedora-18-x86_64-ec2.ks
index ccd8874..5cd8544 100644
--- a/ec2/fedora-18-x86_64-ec2.ks
+++ b/ec2/fedora-18-x86_64-ec2.ks
@@ -119,76 +119,6 @@ systemctl mask tmp.mount
#disable_root: 0
#EOF
-# Temporary kludge in case https://bugzilla.redhat.com/show_bug.cgi?id=887363
-# does not make F18 final release.
-if [[ $( rpm -q --qf '%{v}-%{r}' cloud-init) == "0.7.1-1.fc18" ]]; then
-echo "Detected older cloud-init; generating config file now."
-cat <<EOF > /etc/cloud/cloud.cfg
-users:
- - default
-
-disable_root: 1
-ssh_pwauth: 0
-
-locale_configfile: /etc/sysconfig/i18n
-mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2']
-resize_rootfs_tmp: /dev
-ssh_deletekeys: 0
-ssh_genkeytypes: ~
-syslog_fix_perms: ~
-
-cloud_init_modules:
- - bootcmd
- - write-files
- - resizefs
- - set_hostname
- - update_hostname
- - update_etc_hosts
- - rsyslog
- - users-groups
- - ssh
-
-cloud_config_modules:
- - mounts
- - locale
- - set-passwords
- - timezone
- - puppet
- - chef
- - salt-minion
- - mcollective
- - disable-ec2-metadata
- - runcmd
-
-cloud_final_modules:
- - rightscale_userdata
- - scripts-per-once
- - scripts-per-boot
- - scripts-per-instance
- - scripts-user
- - ssh-authkey-fingerprints
- - keys-to-console
- - phone-home
- - final-message
-
-system_info:
- default_user:
- name: ec2-user
- lock_passwd: true
- gecos: EC2 user
- groups: [wheel, adm]
- sudo: ["ALL=(ALL) NOPASSWD:ALL"]
- shell: /bin/bash
- distro: fedora
- paths:
- cloud_dir: /var/lib/cloud
- templates_dir: /etc/cloud/templates
- ssh_svcname: sshd
-# vim:syntax=yaml
-EOF
-fi
-
-
echo "Zeroing out empty space."
# This forces the filesystem to reclaim space from deleted files
dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
diff --git a/generic/fedora-18-x86_64-cloud.ks b/generic/fedora-18-x86_64-cloud.ks
index 3fd6531..7bc2884 100644
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@ -146,76 +146,6 @@ systemctl mask tmp.mount
#disable_root: 0
#EOF
-# Temporary kludge in case https://bugzilla.redhat.com/show_bug.cgi?id=887363
-# does not make F18 final release.
-if [[ $( rpm -q --qf '%{v}-%{r}' cloud-init) == "0.7.1-1.fc18" ]]; then
-echo "Detected older cloud-init; generating config file now."
-cat <<EOF > /etc/cloud/cloud.cfg
-users:
- - default
-
-disable_root: 1
-ssh_pwauth: 0
-
-locale_configfile: /etc/sysconfig/i18n
-mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2']
-resize_rootfs_tmp: /dev
-ssh_deletekeys: 0
-ssh_genkeytypes: ~
-syslog_fix_perms: ~
-
-cloud_init_modules:
- - bootcmd
- - write-files
- - resizefs
- - set_hostname
- - update_hostname
- - update_etc_hosts
- - rsyslog
- - users-groups
- - ssh
-
-cloud_config_modules:
- - mounts
- - locale
- - set-passwords
- - timezone
- - puppet
- - chef
- - salt-minion
- - mcollective
- - disable-ec2-metadata
- - runcmd
-
-cloud_final_modules:
- - rightscale_userdata
- - scripts-per-once
- - scripts-per-boot
- - scripts-per-instance
- - scripts-user
- - ssh-authkey-fingerprints
- - keys-to-console
- - phone-home
- - final-message
-
-system_info:
- default_user:
- name: ec2-user
- lock_passwd: true
- gecos: EC2 user
- groups: [wheel, adm]
- sudo: ["ALL=(ALL) NOPASSWD:ALL"]
- shell: /bin/bash
- distro: fedora
- paths:
- cloud_dir: /var/lib/cloud
- templates_dir: /etc/cloud/templates
- ssh_svcname: sshd
-# vim:syntax=yaml
-EOF
-fi
-
-
echo "Zeroing out empty space."
# This forces the filesystem to reclaim space from deleted files
dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
commit d62789e6dd1df1dee2f99fb6cd5874f8d8ee0a1d
Author: Matthew Miller <mattdm at mattdm.org>
Date: Thu Dec 20 13:06:55 2012 -0500
make that warning stronger
diff --git a/ec2/fedora-18-x86_64-ec2.ks b/ec2/fedora-18-x86_64-ec2.ks
index 0bef4b2..ccd8874 100644
--- a/ec2/fedora-18-x86_64-ec2.ks
+++ b/ec2/fedora-18-x86_64-ec2.ks
@@ -26,7 +26,7 @@ bootloader --timeout=0 --location=mbr --driveorder=sda
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
-# This would let fussy, fussy grub2 install -- but not needed for EC2.
+# This would let fussy grub2 install, but will break in EC2
#part biosboot --fstype=biosboot --size=1 --ondisk sda
part / --size 4096 --fstype ext4 --ondisk sda
commit 01b5dbb785ffe2e206a1f4d0522502e470cd4c6b
Author: Matthew Miller <mattdm at mattdm.org>
Date: Thu Dec 20 12:31:19 2012 -0500
delete the splashimage from the legacy grub config file
diff --git a/ec2/fedora-18-x86_64-ec2.ks b/ec2/fedora-18-x86_64-ec2.ks
index 2c86096..0bef4b2 100644
--- a/ec2/fedora-18-x86_64-ec2.ks
+++ b/ec2/fedora-18-x86_64-ec2.ks
@@ -74,6 +74,7 @@ echo GRUB_TIMEOUT=0 > /etc/default/grub
sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
sed -i 's/^default=1/default=0/' /boot/grub/grub.conf
+sed -i '/splashimage/d' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
diff --git a/generic/fedora-18-x86_64-cloud.ks b/generic/fedora-18-x86_64-cloud.ks
index 249a801..3fd6531 100644
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@ -80,6 +80,7 @@ sed -i 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
sed -i 's/^default=1/default=0/' /boot/grub/grub.conf
+sed -i '/splashimage/d' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index 348a446..71339a5 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -85,6 +85,7 @@ echo GRUB_TIMEOUT=0 > /etc/default/grub
sed -i 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
+sed -i '/splashimage/d' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
diff --git a/generic/fedora-18-x86_64.ks b/generic/fedora-18-x86_64.ks
index 12b7116..877f4ae 100644
--- a/generic/fedora-18-x86_64.ks
+++ b/generic/fedora-18-x86_64.ks
@@ -73,6 +73,7 @@ echo GRUB_TIMEOUT=0 > /etc/default/grub
sed -i 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
+sed -i '/splashimage/d' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
commit 4acdc22d991765ca72e2efaacb14a7d9c193f0e3
Author: Matthew Miller <mattdm at mattdm.org>
Date: Thu Dec 20 12:25:41 2012 -0500
remove biosboot from ec2 image (not needed since we're not booting that way)
diff --git a/ec2/fedora-18-x86_64-ec2.ks b/ec2/fedora-18-x86_64-ec2.ks
index 2b5bebb..2c86096 100644
--- a/ec2/fedora-18-x86_64-ec2.ks
+++ b/ec2/fedora-18-x86_64-ec2.ks
@@ -26,7 +26,8 @@ bootloader --timeout=0 --location=mbr --driveorder=sda
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
-part biosboot --fstype=biosboot --size=1 --ondisk sda
+# This would let fussy, fussy grub2 install -- but not needed for EC2.
+#part biosboot --fstype=biosboot --size=1 --ondisk sda
part / --size 4096 --fstype ext4 --ondisk sda
# Repositories
commit 4744ec0f119243707497dd49042d6dafa01db64c
Author: Matthew Miller <mattdm at mattdm.org>
Date: Wed Dec 19 15:10:11 2012 -0500
Why is this getting set to "1" in the first place? Odd.
diff --git a/ec2/fedora-18-x86_64-ec2.ks b/ec2/fedora-18-x86_64-ec2.ks
index d91a4c6..2b5bebb 100644
--- a/ec2/fedora-18-x86_64-ec2.ks
+++ b/ec2/fedora-18-x86_64-ec2.ks
@@ -72,6 +72,7 @@ echo -n "Grub tweaks"
echo GRUB_TIMEOUT=0 > /etc/default/grub
sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
+sed -i 's/^default=1/default=0/' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
commit 202bc343ee2569c44dad17d71169dc7902000345
Author: Matthew Miller <mattdm at mattdm.org>
Date: Wed Dec 19 14:47:30 2012 -0500
idle=halt not needed on x86_64, and maybe not at all anymore
diff --git a/ec2/fedora-18-x86_64-ec2.ks b/ec2/fedora-18-x86_64-ec2.ks
index c19cc15..d91a4c6 100644
--- a/ec2/fedora-18-x86_64-ec2.ks
+++ b/ec2/fedora-18-x86_64-ec2.ks
@@ -73,7 +73,7 @@ echo GRUB_TIMEOUT=0 > /etc/default/grub
sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
# need to file a bug on this one
-sed -i 's/root=.*/root=LABEL=_\/ idle=halt/' /boot/grub/grub.conf
+sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
if ! [[ -e /boot/grub/menu.lst ]]; then
echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
commit 4b2acf9646bcb5bf09b9c5e6fdfc7643e38660fd
Merge: 3b3df1a 30b961a
Author: Matthew Miller <mattdm at mattdm.org>
Date: Wed Dec 19 14:35:42 2012 -0500
Merge branch 'master' of ssh://git.fedorahosted.org/git/cloud-kickstarts
Conflicts:
ec2/fedora-18-x86_64-ec2.ks
diff --cc ec2/fedora-18-x86_64-ec2.ks
index c63af4e,ccfa11e..c19cc15
--- a/ec2/fedora-18-x86_64-ec2.ks
+++ b/ec2/fedora-18-x86_64-ec2.ks
@@@ -32,166 -25,62 +32,165 @@@ part / --size 4096 --fstype ext4 --ondi
# Repositories
repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-18&arch=$basearch
-#
-#
-# Add all the packages after the base packages
-#
+
+# Package list.
%packages --nobase
@core
-pciutils
kernel
-man-db
-firewalld
--biosdevname
-
-# package to setup cloudy bits for us
+# cloud-init does magical things with EC2 metadata, including provisioning
+# a user account with ssh keys.
cloud-init
-%end
+# Needed initially, but removed below.
+firewalld
-# more ec2-ify
-%post --erroronfail
+# cherry-pick a few things from @standard
+tmpwatch
+tar
+rsync
-# fstab mounting is different for x86_64 and i386
-cat <<EOL > /etc/fstab
-LABEL=_/ / ext4 defaults 1 1
-proc /proc proc defaults 0 0
-sysfs /sys sysfs defaults 0 0
-devpts /dev/pts devpts gid=5,mode=620 0 0
-tmpfs /dev/shm tmpfs defaults 0 0
-EOL
-if [ ! -d /lib64 ] ; then
+# Some things from @core we can do without in a minimal install
+-biosdevname
+-plymouth
+-NetworkManager
+-polkit
-cat <<EOL >> /etc/fstab
-/dev/xvda3 swap swap defaults 0 0
-EOL
+%end
-# workaround xen performance issue (bz 651861)
-echo "hwcap 1 nosegneg" > /etc/ld.so.conf.d/libc6-xen.conf
-fi
-# idle=nomwait is to allow xen images to boot and not try use cpu features that are not supported
-# grub tweaks
-sed -i -e 's/timeout=5/timeout=0/' \
- -e 's|root=[^ ]\+|root=LABEL=_/ idle=halt|' \
- -e '/splashimage/d' \
- /boot/grub/grub.conf
+%post --erroronfail
-# symlink grub.conf to menu.lst for use by EC2 pv-grub
-pushd /boot/grub
-ln -s grub.conf menu.lst
-popd
+echo -n "Writing fstab"
+cat <<EOF > /etc/fstab
+LABEL=_/ / ext4 defaults 1 1
+EOF
+echo .
+
+echo -n "Grub tweaks"
+echo GRUB_TIMEOUT=0 > /etc/default/grub
+sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
+sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
+# need to file a bug on this one
- sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
++sed -i 's/root=.*/root=LABEL=_\/ idle=halt/' /boot/grub/grub.conf
+echo .
+if ! [[ -e /boot/grub/menu.lst ]]; then
+ echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
+ ln /boot/grub/grub.conf /boot/grub/menu.lst
+ ln -sf /boot/grub/grub.conf /etc/grub.conf
+fi
-
# setup systemd to boot to the right runlevel
-rm /etc/systemd/system/default.target
+echo -n "Setting default runlevel to multiuser text mode"
+rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+echo .
+
+# If you want to remove rsyslog and just use journald, also uncomment this.
+#echo -n "Enabling persistent journal"
+#mkdir /var/log/journal/
+#echo .
+
+# this is installed by default but we don't need it in virt
+echo "Removing linux-firmware package."
+yum -C -y remove linux-firmware
+
+# Remove firewalld; was supposed to be optional in F18, but is required to
+# be present for install/image building.
+echo "Removing firewalld."
+yum -C -y remove firewalld
+
+
+# Because memory is scarce resource in most cloud/virt environments,
+# and because this impedes forensics, we are differing from the Fedora
+# default of having /tmp on tmpfs.
+echo "Disabling tmpfs for /tmp."
+systemctl mask tmp.mount
+
+# Uncomment this if you want to use cloud init but suppress the creation
+# of an "ec2-user" account. This will, in the absence of further config,
+# cause the ssh key from a metadata source to be put in the root account.
+#cat <<EOF > /etc/cloud/cloud.cfg.d/50_suppress_ec2-user_use_root.cfg
+#users: []
+#disable_root: 0
+#EOF
+
+# Temporary kludge in case https://bugzilla.redhat.com/show_bug.cgi?id=887363
+# does not make F18 final release.
+if [[ $( rpm -q --qf '%{v}-%{r}' cloud-init) == "0.7.1-1.fc18" ]]; then
+echo "Detected older cloud-init; generating config file now."
+cat <<EOF > /etc/cloud/cloud.cfg
+users:
+ - default
+
+disable_root: 1
+ssh_pwauth: 0
+
+locale_configfile: /etc/sysconfig/i18n
+mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2']
+resize_rootfs_tmp: /dev
+ssh_deletekeys: 0
+ssh_genkeytypes: ~
+syslog_fix_perms: ~
+
+cloud_init_modules:
+ - bootcmd
+ - write-files
+ - resizefs
+ - set_hostname
+ - update_hostname
+ - update_etc_hosts
+ - rsyslog
+ - users-groups
+ - ssh
+
+cloud_config_modules:
+ - mounts
+ - locale
+ - set-passwords
+ - timezone
+ - puppet
+ - chef
+ - salt-minion
+ - mcollective
+ - disable-ec2-metadata
+ - runcmd
+
+cloud_final_modules:
+ - rightscale_userdata
+ - scripts-per-once
+ - scripts-per-boot
+ - scripts-per-instance
+ - scripts-user
+ - ssh-authkey-fingerprints
+ - keys-to-console
+ - phone-home
+ - final-message
+
+system_info:
+ default_user:
+ name: ec2-user
+ lock_passwd: true
+ gecos: EC2 user
+ groups: [wheel, adm]
+ sudo: ["ALL=(ALL) NOPASSWD:ALL"]
+ shell: /bin/bash
+ distro: fedora
+ paths:
+ cloud_dir: /var/lib/cloud
+ templates_dir: /etc/cloud/templates
+ ssh_svcname: sshd
+# vim:syntax=yaml
+EOF
+fi
+
+
+echo "Zeroing out empty space."
+# This forces the filesystem to reclaim space from deleted files
+dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
+rm -f /var/tmp/zeros
+echo "(Don't worry -- that out-of-space error was expected.)"
%end
diff --cc generic/fedora-18-x86_64-cloud.ks
index ef3b3fa,db04391..249a801
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@@ -77,8 -77,8 +77,9 @@@ echo
echo -n "Grub tweaks"
echo GRUB_TIMEOUT=0 > /etc/default/grub
sed -i 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
-sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub2/grub.cfg
+sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
++sed -i 's/^default=1/default=0/' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
commit 3b3df1af0695f2996c7aa158be3f963ae288df13
Author: Matthew Miller <mattdm at mattdm.org>
Date: Mon Dec 17 11:45:21 2012 -0500
ami-creator does the menu.lst linking automatically, so don't step on that.
When we migrate away from appliance-tools in the future, this hack can be
removed completely.
diff --git a/ec2/fedora-18-x86_64-ec2.ks b/ec2/fedora-18-x86_64-ec2.ks
index b3ee27b..c63af4e 100644
--- a/ec2/fedora-18-x86_64-ec2.ks
+++ b/ec2/fedora-18-x86_64-ec2.ks
@@ -75,9 +75,11 @@ sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
-echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
-mv /boot/grub/grub.conf /boot/grub/menu.lst
-ln -s /boot/grub/menu.lst /etc/grub.conf
+if ! [[ -e /boot/grub/menu.lst ]]; then
+ echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
+ ln /boot/grub/grub.conf /boot/grub/menu.lst
+ ln -sf /boot/grub/grub.conf /etc/grub.conf
+fi
# setup systemd to boot to the right runlevel
diff --git a/generic/fedora-18-x86_64-cloud.ks b/generic/fedora-18-x86_64-cloud.ks
index f21e710..ef3b3fa 100644
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@ -82,10 +82,11 @@ sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
-echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
-mv /boot/grub/grub.conf /boot/grub/menu.lst
-ln -s /boot/grub/menu.lst /etc/grub.conf
-
+if ! [[ -e /boot/grub/menu.lst ]]; then
+ echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
+ ln /boot/grub/grub.conf /boot/grub/menu.lst
+ ln -sf /boot/grub/grub.conf /etc/grub.conf
+fi
# setup systemd to boot to the right runlevel
echo -n "Setting default runlevel to multiuser text mode"
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index e651dd9..348a446 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -88,9 +88,11 @@ sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
-echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
-mv /boot/grub/grub.conf /boot/grub/menu.lst
-ln -s /boot/grub/menu.lst /etc/grub.conf
+if ! [[ -e /boot/grub/menu.lst ]]; then
+ echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
+ ln /boot/grub/grub.conf /boot/grub/menu.lst
+ ln -sf /boot/grub/grub.conf /etc/grub.conf
+fi
# setup systemd to boot to the right runlevel
diff --git a/generic/fedora-18-x86_64.ks b/generic/fedora-18-x86_64.ks
index eb742cf..12b7116 100644
--- a/generic/fedora-18-x86_64.ks
+++ b/generic/fedora-18-x86_64.ks
@@ -76,9 +76,11 @@ sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
echo .
-echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
-mv /boot/grub/grub.conf /boot/grub/menu.lst
-ln -s /boot/grub/menu.lst /etc/grub.conf
+if ! [[ -e /boot/grub/menu.lst ]]; then
+ echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
+ ln /boot/grub/grub.conf /boot/grub/menu.lst
+ ln -sf /boot/grub/grub.conf /etc/grub.conf
+fi
# setup systemd to boot to the right runlevel
commit 5f670d1dc86f902db1eaa01ba4b6a6623aec9d15
Author: Matthew Miller <mattdm at mattdm.org>
Date: Sun Dec 16 14:24:58 2012 -0500
ec2-specific changes
diff --git a/ec2/fedora-18-x86_64-ec2.ks b/ec2/fedora-18-x86_64-ec2.ks
index db04391..b3ee27b 100644
--- a/ec2/fedora-18-x86_64-ec2.ks
+++ b/ec2/fedora-18-x86_64-ec2.ks
@@ -1,12 +1,16 @@
-# This is a basic Fedora 18 spin designed to work in OpenStack and other
-# private cloud environments. It's configured with cloud-init so it will
-# take advantage of ec2-compatible metadata services for provisioning
-# ssh keys. That also currently creates an ec2-user account; we'll probably
-# want to make that something generic by default. The root password is empty
-# by default.
+# This is a basic Fedora 18 spin designed to work in Amazon EC2.
+# It's configured with cloud-init so it will take advantage of
+# ec2-compatible metadata services for provisioning ssh keys. That also
+# currently creates an ec2-user account; we'll probably want to make that
+# something generic by default. The root password is empty by default.
#
# Note that unlike the standard F18 install, this image has /tmp on disk
# rather than in tmpfs, since memory is usually at a premium.
+#
+# It additionally configures _no_ local firewall, in line with EC2
+# recommendations that security groups be used instead.
+
+
lang en_US.UTF-8
keyboard us
@@ -15,9 +19,7 @@ timezone --utc America/New_York
auth --useshadow --enablemd5
selinux --enforcing
-# this is actually not used, but a static firewall
-# matching these rules is generated below.
-firewall --service=ssh --service=http --service=https
+firewall --disabled
bootloader --timeout=0 --location=mbr --driveorder=sda
@@ -40,17 +42,9 @@ kernel
# a user account with ssh keys.
cloud-init
-# Not needed with pv-grub (as in EC2). Would be nice to have
-# something smaller for F19 (syslinux?), but this is what we have now.
-grub2
-
# Needed initially, but removed below.
firewalld
-# Basic firewall. If you're going to rely on your cloud service's
-# security groups you can remove this.
-iptables-services
-
# cherry-pick a few things from @standard
tmpwatch
tar
@@ -76,8 +70,7 @@ echo .
echo -n "Grub tweaks"
echo GRUB_TIMEOUT=0 > /etc/default/grub
-sed -i 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
-sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub2/grub.cfg
+sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
@@ -107,27 +100,6 @@ yum -C -y remove linux-firmware
echo "Removing firewalld."
yum -C -y remove firewalld
-# Non-firewalld-firewall
-echo -n "Writing static firewall"
-cat <<EOF > /etc/sysconfig/iptables
-# Simple static firewall loaded by iptables.service. Replace
-# this with your own custom rules, run lokkit, or switch to
-# shorewall or firewalld as your needs dictate.
-*filter
-:INPUT ACCEPT [0:0]
-:FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [0:0]
--A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
--A INPUT -p icmp -j ACCEPT
--A INPUT -i lo -j ACCEPT
--A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -j ACCEPT
--A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 80 -j ACCEPT
--A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 443 -j ACCEPT
--A INPUT -j REJECT --reject-with icmp-host-prohibited
--A FORWARD -j REJECT --reject-with icmp-host-prohibited
-COMMIT
-EOF
-echo .
# Because memory is scarce resource in most cloud/virt environments,
# and because this impedes forensics, we are differing from the Fedora
commit 11469890e4ecbe9d027aad2301e3c7e218f92a53
Author: Matthew Miller <mattdm at mattdm.org>
Date: Sun Dec 16 14:22:47 2012 -0500
Comment was supposed to be inserted in legacy grub config file, not grub2
diff --git a/generic/fedora-18-x86_64-cloud.ks b/generic/fedora-18-x86_64-cloud.ks
index db04391..f21e710 100644
--- a/generic/fedora-18-x86_64-cloud.ks
+++ b/generic/fedora-18-x86_64-cloud.ks
@@ -77,7 +77,7 @@ echo .
echo -n "Grub tweaks"
echo GRUB_TIMEOUT=0 > /etc/default/grub
sed -i 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
-sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub2/grub.cfg
+sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
diff --git a/generic/fedora-18-x86_64-minimal.ks b/generic/fedora-18-x86_64-minimal.ks
index 044335d..e651dd9 100644
--- a/generic/fedora-18-x86_64-minimal.ks
+++ b/generic/fedora-18-x86_64-minimal.ks
@@ -83,7 +83,7 @@ echo .
echo -n "Grub tweaks"
echo GRUB_TIMEOUT=0 > /etc/default/grub
sed -i 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
-sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub2/grub.cfg
+sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
diff --git a/generic/fedora-18-x86_64.ks b/generic/fedora-18-x86_64.ks
index 92a84f0..eb742cf 100644
--- a/generic/fedora-18-x86_64.ks
+++ b/generic/fedora-18-x86_64.ks
@@ -71,7 +71,7 @@ echo .
echo -n "Grub tweaks"
echo GRUB_TIMEOUT=0 > /etc/default/grub
sed -i 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
-sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub2/grub.cfg
+sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub/grub.conf
sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
# need to file a bug on this one
sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
commit c561239c2f65b63b0ba5eeae42d340778be329f2
Author: Matthew Miller <mattdm at mattdm.org>
Date: Sun Dec 16 14:20:35 2012 -0500
copy in changes from 'generic' cloud image
diff --git a/ec2/fedora-18-x86_64-ec2.ks b/ec2/fedora-18-x86_64-ec2.ks
index 090e1bf..db04391 100644
--- a/ec2/fedora-18-x86_64-ec2.ks
+++ b/ec2/fedora-18-x86_64-ec2.ks
@@ -1,90 +1,223 @@
-# Build a basic Fedora 18 AMI
+# This is a basic Fedora 18 spin designed to work in OpenStack and other
+# private cloud environments. It's configured with cloud-init so it will
+# take advantage of ec2-compatible metadata services for provisioning
+# ssh keys. That also currently creates an ec2-user account; we'll probably
+# want to make that something generic by default. The root password is empty
+# by default.
+#
+# Note that unlike the standard F18 install, this image has /tmp on disk
+# rather than in tmpfs, since memory is usually at a premium.
+
lang en_US.UTF-8
keyboard us
timezone --utc America/New_York
+
auth --useshadow --enablemd5
selinux --enforcing
-firewall --service=ssh
-bootloader --timeout=1 --location=mbr --driveorder=sda
-network --bootproto=dhcp --device=eth0 --onboot=on
-services --enabled=network,sshd,rsyslog
-# By default the root password is emptied
+# this is actually not used, but a static firewall
+# matching these rules is generated below.
+firewall --service=ssh --service=http --service=https
-#
-# Define how large you want your rootfs to be
-# NOTE: S3-backed AMIs have a limit of 10G
-#
-part / --size 10000 --fstype ext4 --ondisk sda
+bootloader --timeout=0 --location=mbr --driveorder=sda
-# This will let fussy, fussy grub2 install, if we
-# decide we want that.
-#part biosboot --fstype=biosboot --size=1 --ondisk sda
+network --bootproto=dhcp --device=eth0 --onboot=on
+services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
+part biosboot --fstype=biosboot --size=1 --ondisk sda
+part / --size 4096 --fstype ext4 --ondisk sda
-#
# Repositories
repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-18&arch=$basearch
-#
-#
-# Add all the packages after the base packages
-#
+
+# Package list.
%packages --nobase
@core
-pciutils
kernel
-man-db
-
--biosdevname
-# package to setup cloudy bits for us
+# cloud-init does magical things with EC2 metadata, including provisioning
+# a user account with ssh keys.
cloud-init
-%end
+# Not needed with pv-grub (as in EC2). Would be nice to have
+# something smaller for F19 (syslinux?), but this is what we have now.
+grub2
-# more ec2-ify
-%post --erroronfail
+# Needed initially, but removed below.
+firewalld
-# fstab mounting is different for x86_64 and i386
-cat <<EOL > /etc/fstab
-LABEL=_/ / ext4 defaults 1 1
-proc /proc proc defaults 0 0
-sysfs /sys sysfs defaults 0 0
-devpts /dev/pts devpts gid=5,mode=620 0 0
-tmpfs /dev/shm tmpfs defaults 0 0
-EOL
-if [ ! -d /lib64 ] ; then
+# Basic firewall. If you're going to rely on your cloud service's
+# security groups you can remove this.
+iptables-services
-cat <<EOL >> /etc/fstab
-/dev/xvda3 swap swap defaults 0 0
-EOL
+# cherry-pick a few things from @standard
+tmpwatch
+tar
+rsync
-# workaround xen performance issue (bz 651861)
-echo "hwcap 1 nosegneg" > /etc/ld.so.conf.d/libc6-xen.conf
+# Some things from @core we can do without in a minimal install
+-biosdevname
+-plymouth
+-NetworkManager
+-polkit
-fi
+%end
-# idle=nomwait is to allow xen images to boot and not try use cpu features that are not supported
-# grub tweaks
-sed -i -e 's/timeout=5/timeout=0/' \
- -e 's|root=[^ ]\+|root=LABEL=_/ idle=halt|' \
- -e '/splashimage/d' \
- /boot/grub/grub.conf
-# the firewall rules get saved as .old without this we end up not being able
-# ssh in as iptables blocks access
-rename -v .old "" /etc/sysconfig/*old
+%post --erroronfail
+
+echo -n "Writing fstab"
+cat <<EOF > /etc/fstab
+LABEL=_/ / ext4 defaults 1 1
+EOF
+echo .
+
+echo -n "Grub tweaks"
+echo GRUB_TIMEOUT=0 > /etc/default/grub
+sed -i 's/^set timeout=5/set timeout=0/' /boot/grub2/grub.cfg
+sed -i '1i# This file is for use with pv-grub; legacy grub is not installed in this image' /boot/grub2/grub.cfg
+sed -i 's/^timeout=5/timeout=0/' /boot/grub/grub.conf
+# need to file a bug on this one
+sed -i 's/root=.*/root=LABEL=_\//' /boot/grub/grub.conf
+echo .
+echo -n "Linking menu.lst to old-style grub.conf for pv-grub"
+mv /boot/grub/grub.conf /boot/grub/menu.lst
+ln -s /boot/grub/menu.lst /etc/grub.conf
-# symlink grub.conf to menu.lst for use by EC2 pv-grub
-pushd /boot/grub
-ln -s grub.conf menu.lst
-popd
# setup systemd to boot to the right runlevel
-rm /etc/systemd/system/default.target
+echo -n "Setting default runlevel to multiuser text mode"
+rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+echo .
+
+# If you want to remove rsyslog and just use journald, also uncomment this.
+#echo -n "Enabling persistent journal"
+#mkdir /var/log/journal/
+#echo .
+
+# this is installed by default but we don't need it in virt
+echo "Removing linux-firmware package."
+yum -C -y remove linux-firmware
+
+# Remove firewalld; was supposed to be optional in F18, but is required to
+# be present for install/image building.
+echo "Removing firewalld."
+yum -C -y remove firewalld
+
+# Non-firewalld-firewall
+echo -n "Writing static firewall"
+cat <<EOF > /etc/sysconfig/iptables
+# Simple static firewall loaded by iptables.service. Replace
+# this with your own custom rules, run lokkit, or switch to
+# shorewall or firewalld as your needs dictate.
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
+-A INPUT -p icmp -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -j ACCEPT
+-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 80 -j ACCEPT
+-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 443 -j ACCEPT
+-A INPUT -j REJECT --reject-with icmp-host-prohibited
+-A FORWARD -j REJECT --reject-with icmp-host-prohibited
+COMMIT
+EOF
+echo .
+
+# Because memory is scarce resource in most cloud/virt environments,
+# and because this impedes forensics, we are differing from the Fedora
+# default of having /tmp on tmpfs.
+echo "Disabling tmpfs for /tmp."
+systemctl mask tmp.mount
+
+# Uncomment this if you want to use cloud init but suppress the creation
+# of an "ec2-user" account. This will, in the absence of further config,
+# cause the ssh key from a metadata source to be put in the root account.
+#cat <<EOF > /etc/cloud/cloud.cfg.d/50_suppress_ec2-user_use_root.cfg
+#users: []
+#disable_root: 0
+#EOF
+
+# Temporary kludge in case https://bugzilla.redhat.com/show_bug.cgi?id=887363
+# does not make F18 final release.
+if [[ $( rpm -q --qf '%{v}-%{r}' cloud-init) == "0.7.1-1.fc18" ]]; then
+echo "Detected older cloud-init; generating config file now."
+cat <<EOF > /etc/cloud/cloud.cfg
+users:
+ - default
+
+disable_root: 1
+ssh_pwauth: 0
+
+locale_configfile: /etc/sysconfig/i18n
+mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2']
+resize_rootfs_tmp: /dev
+ssh_deletekeys: 0
+ssh_genkeytypes: ~
+syslog_fix_perms: ~
+
+cloud_init_modules:
+ - bootcmd
+ - write-files
+ - resizefs
+ - set_hostname
+ - update_hostname
+ - update_etc_hosts
+ - rsyslog
+ - users-groups
+ - ssh
+
+cloud_config_modules:
+ - mounts
+ - locale
+ - set-passwords
+ - timezone
+ - puppet
+ - chef
+ - salt-minion
+ - mcollective
+ - disable-ec2-metadata
+ - runcmd
+
+cloud_final_modules:
+ - rightscale_userdata
+ - scripts-per-once
+ - scripts-per-boot
+ - scripts-per-instance
+ - scripts-user
+ - ssh-authkey-fingerprints
+ - keys-to-console
+ - phone-home
+ - final-message
+
+system_info:
+ default_user:
+ name: ec2-user
+ lock_passwd: true
+ gecos: EC2 user
+ groups: [wheel, adm]
+ sudo: ["ALL=(ALL) NOPASSWD:ALL"]
+ shell: /bin/bash
+ distro: fedora
+ paths:
+ cloud_dir: /var/lib/cloud
+ templates_dir: /etc/cloud/templates
+ ssh_svcname: sshd
+# vim:syntax=yaml
+EOF
+fi
+
+
+echo "Zeroing out empty space."
+# This forces the filesystem to reclaim space from deleted files
+dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
+rm -f /var/tmp/zeros
+echo "(Don't worry -- that out-of-space error was expected.)"
%end
More information about the cloud
mailing list