Difference between revisions of "Bcfg2 Configuration"
Line 2: | Line 2: | ||
==Server Side== | ==Server Side== | ||
+ | |||
+ | The server is the element of bcfg2 that performs most of the heavy lifting. It is responsible for defining what is the appropriate configuration and hosts all of the necessary files. It can also handle package management across clients. | ||
+ | |||
+ | ===Server Install=== | ||
+ | To install the server component of bcfg2, run the command: | ||
+ | |||
+ | <pre>yum -y install bcfg2-server</pre> | ||
===Server Setup=== | ===Server Setup=== | ||
+ | |||
+ | The configuration file is generated by running the command: | ||
+ | |||
+ | <pre>bcfg2-server init</pre> | ||
+ | |||
+ | However, at the time of this writing, there is a bug where the program will not run unless given extra text at the end of the command. This bug manifests itself by outputting a line of text and then retuning to the prompt. To get around this, simply run: | ||
+ | |||
+ | <pre> bcfg2-server init $HOSTNAME </pre> | ||
+ | |||
+ | |||
+ | The output should prompt you for values, however the default values are sufficient, though when prompted for the OS type, select 1 for "Redhat/Fedora/RHEL/RHAS/Centos". It should look something like this: | ||
+ | |||
+ | <pre> | ||
+ | [jordan@hongkong ~]$ sudo bcfg2-admin init | ||
+ | [sudo] password for jordan: | ||
+ | Store bcfg2 configuration in [/etc/bcfg2.conf]: | ||
+ | Location of bcfg2 repository [/var/lib/bcfg2]: | ||
+ | Directory /var/lib/bcfg2 exists. Overwrite? [y/N]:y | ||
+ | Input password used for communication verification (without echoing; leave blank for a random): | ||
+ | What is the server's hostname [hongkong.proximity.on.ca]: | ||
+ | Input the server location [https://hongkong.proximity.on.ca:6789]: | ||
+ | Input base Operating System for clients: | ||
+ | 1: Redhat/Fedora/RHEL/RHAS/Centos | ||
+ | 2: SUSE/SLES | ||
+ | 3: Mandrake | ||
+ | 4: Debian | ||
+ | 5: Ubuntu | ||
+ | 6: Gentoo | ||
+ | 7: FreeBSD | ||
+ | : 1 | ||
+ | Generating a 2048 bit RSA private key | ||
+ | ..........................................................................................................+++ | ||
+ | .........................................+++ | ||
+ | writing new private key to '/etc/bcfg2.key' | ||
+ | ----- | ||
+ | Signature ok | ||
+ | subject=/C=US/ST=Illinois/L=Argonne/CN=hongkong.proximity.on.ca | ||
+ | Getting Private key | ||
+ | Repository created successfuly in /var/lib/bcfg2 | ||
+ | </pre> | ||
+ | |||
+ | |||
+ | After this is done, a directory structure under /var/lib/bcfg2 should exist, as well as the files /etc/bcfg2.conf, /etc/bcfg2.cert and /etc/bcfg2.key. | ||
+ | |||
===Configuring Groups=== | ===Configuring Groups=== |
Revision as of 14:12, 27 January 2012
This page documents the configuration and maintenance of the bcfg2 configuration management system used in the Fedora ARM build farm.
Contents
Server Side
The server is the element of bcfg2 that performs most of the heavy lifting. It is responsible for defining what is the appropriate configuration and hosts all of the necessary files. It can also handle package management across clients.
Server Install
To install the server component of bcfg2, run the command:
yum -y install bcfg2-server
Server Setup
The configuration file is generated by running the command:
bcfg2-server init
However, at the time of this writing, there is a bug where the program will not run unless given extra text at the end of the command. This bug manifests itself by outputting a line of text and then retuning to the prompt. To get around this, simply run:
bcfg2-server init $HOSTNAME
The output should prompt you for values, however the default values are sufficient, though when prompted for the OS type, select 1 for "Redhat/Fedora/RHEL/RHAS/Centos". It should look something like this:
[jordan@hongkong ~]$ sudo bcfg2-admin init [sudo] password for jordan: Store bcfg2 configuration in [/etc/bcfg2.conf]: Location of bcfg2 repository [/var/lib/bcfg2]: Directory /var/lib/bcfg2 exists. Overwrite? [y/N]:y Input password used for communication verification (without echoing; leave blank for a random): What is the server's hostname [hongkong.proximity.on.ca]: Input the server location [https://hongkong.proximity.on.ca:6789]: Input base Operating System for clients: 1: Redhat/Fedora/RHEL/RHAS/Centos 2: SUSE/SLES 3: Mandrake 4: Debian 5: Ubuntu 6: Gentoo 7: FreeBSD : 1 Generating a 2048 bit RSA private key ..........................................................................................................+++ .........................................+++ writing new private key to '/etc/bcfg2.key' ----- Signature ok subject=/C=US/ST=Illinois/L=Argonne/CN=hongkong.proximity.on.ca Getting Private key Repository created successfuly in /var/lib/bcfg2
After this is done, a directory structure under /var/lib/bcfg2 should exist, as well as the files /etc/bcfg2.conf, /etc/bcfg2.cert and /etc/bcfg2.key.
Configuring Groups
Configuring Clients
Client Side
The client in a bcfg2 instance is simply responsible for accessing the configuration details on the remote server and changing the host so that it conforms with those details.
Client Install
At the time of this document's creation, there is one missing dependency of bcfg2 in the Fedora ARM repository. The packages themselves have been built in Koji, but are waiting on signing and final release. The location of this dependency, python-lxml is:
- For ARMv5TEL/ARMv7l builders: http://arm.koji.fedoraproject.org/packages/python-lxml/2.3/1.fc15/armv5tel/python-lxml-2.3-1.fc15.armv5tel.rpm
- For ARMv7HL builders: http://arm.koji.fedoraproject.org/packages/python-lxml/2.3/1.fc15/armv5tel/python-lxml-2.3-1.fc15.armv5tel.rpm
After installing this dependency, clients can be installed by running
yum -y install bcfg2
Client Configuration
Bcfg2 requires the use of a key generated by the initialization of the server to run.
The bcfg2 service can be initialized via command line arguments, but the preferred way of of handling this is to use a configuration file. A configuration file should be created at /etc/bcfg2.conf and contain the following entries:
[communication] protocol = xmlrpc/ssl password = XXXXXX #This should be set as the password from the server ca = /etc/bcfg2.crt #Copied from the server [components] bcfg2 = https://hongkong.proximity.on.ca:6789 # This should be the fqdn and port of the server component.
Client Update
To force an update from the server, use the command:
bcfg2 -vq
To ensure that a client is up to date, use the command:
bcfg2 -vqn