Excellent! Many thanks. I was looking at cloud-init but haven't had the study time to really dig into it. Your method makes perfect sense to me. I never considered using the first boot process. That really is the key. Many thanks!! On Nov 2, 2014 9:16 AM, "Amedeo Salvati" <ame...@oscert.net> wrote:
> Hi Jim, > > I use ovirt template and freeipa for authentication, and on template i put > a simple script "setup-freeipa-client.sh" to run on first boot, > specifically for first boot I use cloud-init functions on ovirt, via web UI > or via python sdk, and with cloud-init you can pass **evethings** you need > -> new hostname, new ssh keys, new network configurations, new root > password, new content on configuration files, or simply executing a new > script. > > If you are interested on cloud-init functions on python sdk have a look on > a simple script that i wrote for our disaster recovery automation where on > function buildYamlFile(line 124-137) by using cloud-init execution > program/script, I change our freeipa server (lines 132-136) avoiding sssd > timeout on contacting first two production freeipa server. > > https://github.com/amedeos/ovirt-scripts-dr/blob/master/StartAllVM.py > > HTH > Amedeo Salvati > > Il 31/10/2014 20:01, users-requ...@ovirt.org ha scritto: > >> Date: Fri, 31 Oct 2014 14:55:46 -0400 >> From: Jim Kinney<jim.kin...@gmail.com> >> To:"users@ovirt.org" <users@ovirt.org> >> Subject: [ovirt-users] templates and freeipa >> Message-ID: >> <CAEo=5PwfhT=cvvahCuj4GsxkufD-UFUNbsN0q5Mi9ee76eg3ug@mail. >> gmail.com> >> Content-Type: text/plain; charset="utf-8" >> >> Ovirt 3.5 is running well for me and I have freeIPA controlling access to >> the user portal. I would like to provide templates of various linux setups >> that all have freeipa for user authentication in the VM for my developers >> to be able to create a new VM from and then log in using their freeIPA >> access and sudo control. I'm wanting to group developers by project and >> use >> freeIPA to set sudo commands as needed (group A get oracle, group B get >> postgresql, etc). Wanting to maximize developer ability while minimizing >> my >> clean up time:-) They will be able to delete VMs they create. >> >> It's possible to do a kickstart deploy with freeIPA registration but a >> template from that will be a problem as it will have the same keys for all >> VMs. >> >> Is there a post-creation scripting process I can attach to in ovirt or >> should I look at a default root user and script that personalizes the new >> VM? >> > >
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users