Improve cloud-init templates

* fill files for CentOS

Partially implements: blueprint image-based-provisioning
Change-Id: I794319b0fcdcdfd81fbe2f290faa6a0cb171c7fc

cloud-init-templates/boothook_centos.jinja2

@@ -0,0 +1,100 @@
+#cloud-boothook
+#!/bin/bash
+
+function add_str_to_file_if_not_exists {
+    file=$1
+    str=$2
+    val=$3
+    if ! grep -q "^ *${str}" $file; then
+        echo $val >> $file
+    fi
+}
+
+
+cloud-init-per instance disable_selinux_on_the_fly setenforce 0
+
+cloud-init-per instance disable_selinux sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/sysconfig/selinux
+
+
+# configure udev rules
+
+# udev persistent net
+cloud-init-per instance udev_persistent_net1 service network stop
+
+DEFAULT_GW={{ common.master_ip }}
+ADMIN_MAC={{ common.admin_mac }}
+ADMIN_IF=$(echo {{ common.udevrules }} | sed 's/[,=]/\n/g' | grep "$ADMIN_MAC" | cut -d_ -f2 | head -1)
+INSTALL_IF=$(ifconfig | grep "$ADMIN_MAC" | head -1 | cut -d' ' -f1)
+NETADDR=( $(ifconfig $INSTALL_IF | grep -oP "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}") )
+if [ ! -z "$(grep $ADMIN_IF /etc/sysconfig/network-scripts/ifcfg-$ADMIN_IF | grep dhcp)" ] ; then
+    echo -e "# FROM COBBLER SNIPPET\nDEVICE=$ADMIN_IF\nIPADDR=${NETADDR[0]}\nNETMASK=${NETADDR[2]}\nBOOTPROTO=none\nONBOOT=yes\nUSERCTL=no\n" > /etc/sysconfig/network-scripts/ifcfg-"$ADMIN_IF"
+fi
+
+cloud-init-per instance set_gateway echo GATEWAY="$DEFAULT_GW" | tee -a /etc/sysconfig/network
+
+#Add static udev rules
+cloud-init-per instance udev_persistent_net2 echo {{ common.udevrules }} | tr ' ' '\n' | grep udevrules | tr '[:upper:]' '[:lower:]' | sed -e 's/udevrules=//g' -e 's/,/\n/g' | sed -e "s/^/SUBSYSTEM==\"net\",\ ACTION==\"add\",\ DRIVERS==\"?*\",\ ATTR{address}==\"/g" -e "s/_/\",\ ATTR{type}==\"1\",\ KERNEL==\"eth*\",\ NAME=\"/g" -e "s/$/\"/g" | tee /etc/udev/rules.d/70-persistent-net.rules
+
+cloud-init-per instance udev_persistent_net3 udevadm control --reload-rules
+cloud-init-per instance udev_persistent_net4 udevadm trigger --attr-match=subsystem=net
+cloud-init-per instance udev_persistent_net5 service network start
+
+# end of udev
+
+# configure black module lists
+# virt-what should be installed
+if [ ! -f /etc/modprobe.d/blacklist-i2c_piix4.conf ]; then
+    ([[ $(virt-what) = "virtualbox" ]] && echo "blacklist i2c_piix4" >> /etc/modprobe.d/blacklist-i2c_piix4.conf || :)
+    modprobe -r i2c_piix4
+fi
+
+cloud-init-per instance conntrack_ipv4 echo nf_conntrack_ipv4 | tee -a /etc/rc.modules
+cloud-init-per instance conntrack_ipv6 echo nf_conntrack_ipv6 | tee -a /etc/rc.modules
+cloud-init-per instance chmod_rc_modules chmod +x /etc/rc.modules
+cloud-init-per instance conntrack_max echo "net.nf_conntrack_max=1048576" | tee -a /etc/sysctl.conf
+
+cloud-init-per instance conntrack_ipv4_load modprobe nf_conntrack_ipv4
+cloud-init-per instance conntrack_ipv6_load modprobe nf_conntrack_ipv6
+cloud-init-per instance conntrack_max_set sysctl -w "net.nf_conntrack_max=1048576"
+
+cloud-init-per instance mkdir_coredump mkdir -p /var/log/coredump
+cloud-init-per instance set_coredump echo -e "kernel.core_pattern=/var/log/coredump/core.%e.%p.%h.%t" | tee -a /etc/sysctl.conf
+cloud-init-per instance set_chmod chmod 777 /var/log/coredump
+cloud-init-per instance set_limits echo -e "* soft core unlimited\n* hard core unlimited" | tee -a /etc/security/limits.conf
+
+
+#NOTE: disabled for centos?
+#cloud-init-per instance dhclient echo 'supersede routers 0;' | tee /etc/dhcp/dhclient.conf
+
+# ntp sync
+cloud-init-per instance service ntp stop | tee /dev/null
+cloud-init-per instance sync_date ntpdate -t 4 -b {{ common.master_ip }}
+cloud-init-per instance sync_hwclock hwclock --systohc
+
+cloud-init-per instance edit_ntp_conf1 sed -i '/^\s*tinker panic/ d' /etc/ntp.conf
+cloud-init-per instance edit_ntp_conf2 sed -i '1 i tinker panic 0' /etc/ntp.conf
+cloud-init-per instance edit_ntp_conf3 echo 0 > /var/lib/ntp/drift
+cloud-init-per instance edit_ntp_conf_0 chown ntp: /var/lib/ntp/drift
+cloud-init-per instance edit_ntp_conf3 sed -i '/^\s*server/ d' /etc/ntp.conf
+cloud-init-per instance edit_ntp_conf4 echo "server {{ common.master_ip }} burst iburst" | tee -a /etc/ntp.conf
+
+
+# Point installed ntpd to Master node
+cloud-init-per instance set_ntpdate sed -i 's/SYNC_HWCLOCK\s*=\s*no/SYNC_HWCLOCK=yes/' /etc/sysconfig/ntpdate
+cloud-init-per instance set_ntpd_0 chkconfig ntpd on
+cloud-init-per instance set_ntpd_1 chkconfig ntpdate on
+
+cloud-init-per instance removeUseDNS sed -i --follow-symlinks -e '/UseDNS/d' /etc/ssh/sshd_config
+add_str_to_file_if_not_exists /etc/ssh/sshd_config 'UseDNS' 'UseDNS no'
+
+cloud-init-per instance gssapi_disable sed -i -e "/^\s*GSSAPICleanupCredentials yes/d" -e "/^\s*GSSAPIAuthentication yes/d" /etc/ssh/sshd_config
+
+cloud-init-per instance nailgun_agent echo 'flock -w 0 -o /var/lock/agent.lock -c "/opt/nailgun/bin/agent >> /var/log/nailgun-agent.log 2>&1"' | tee /etc/rc.local
+
+# Copying default bash settings to the root directory
+cloud-init-per instance skel_bash cp -f /etc/skel/.bash* /root/
+
+cloud-init-per instance hiera_puppet mkdir -p /etc/puppet /var/lib/hiera
+cloud-init-per instance touch_puppet touch /var/lib/hiera/common.yaml /etc/puppet/hiera.yaml
+
+cloud-init-per instance clean_repos find /etc/yum.repos.d/. -name '*.repo' -delete

cloud-init-templates/cloud_config_centos.jinja2

@@ -0,0 +1,105 @@
+#cloud-config
+disable_ec2_metadata: true
+disable_root: false
+
+ssh_authorized_keys:
+  - {{ common.ssh_auth_key }}
+
+# set the locale to a given locale
+# default: en_US.UTF-8
+locale: en_US.UTF-8
+
+timezone: {{ common.timezone }}
+
+hostname: {{ common.hostname }}
+fqdn: {{ common.fqdn }}
+
+# TODO(kozhukalov) name_servers is set as "1.2.3.4,1.2.3.5"
+resolv_conf:
+  nameservers: [ {{ common.name_servers }} ]
+  searchdomains:
+   - {{ common.search_domain }}
+#  domain: {{ domain }}
+#  options:
+#    rotate: true
+#    timeout: 1
+
+
+# add entries to rsyslog configuration
+rsyslog:
+  - filename: 10-log2master.conf
+    content: |
+      $template LogToMaster, "<%%PRI%>1 %$NOW%T%TIMESTAMP:8:$%Z %HOSTNAME% %APP-NAME% %PROCID% %MSGID% -%msg%\n"
+      *.* @{{ common.master_ip }};LogToMaster
+
+
+#TODO(agordeev):
+#mounts: fill /etc/fstab
+
+
+runcmd:
+ - sed -i /etc/rc.d/init.d/mcollective -e 's/\(# chkconfig:\s\+[-0-6]\+\) [0-9]\+ \([0-9]\+\)/\1 81 \2/'
+ - /sbin/chkconfig mcollective on
+
+
+# that module's missing in 0.6.3, but existent for >= 0.7.3
+write_files:
+ -   content: |
+        ---
+        url: {{ common.master_url }}
+     path: /etc/nailgun-agent/config.yaml
+ -   content: target
+     path: /etc/nailgun_systemtype
+
+
+yum_repos:
+    {% for repo in common.ks_repos %}
+        {{ repo.name }}:
+          baseurl: {{ repo.url }}
+          enabled: true
+          gpgcheck: false
+    {% endfor %}
+
+
+mcollective:
+  conf:
+    main_collective: mcollective
+    collectives: mcollective
+    libdir: /usr/share/mcollective/plugins
+    logfile: /var/log/mcollective.log
+    loglevel: debug
+    daemonize: 1
+    #NOTE: direct_addressing is 1 for ubuntu
+    direct_addressing: 1
+    ttl: 4294957
+    securityprovider: psk
+    plugin.psk: {{ mcollective.pskey }}
+    connector: {{ mcollective.connector }}
+    plugin.rabbitmq.vhost: {{ mcollective.vhost }}
+    plugin.rabbitmq.pool.size: 1
+    plugin.rabbitmq.pool.1.host: {{ mcollective.host }}
+    plugin.rabbitmq.pool.1.port: {{ mcollective.port|default(61613) }}
+    plugin.rabbitmq.pool.1.user: {{ mcollective.user }}
+    plugin.rabbitmq.pool.1.password: {{ mcollective.password }}
+    plugin.rabbitmq.heartbeat_interval: 30
+    factsource: yaml
+    plugin.yaml: /etc/mcollective/facts.yaml
+
+
+puppet:
+  conf:
+    main:
+      logdir: /var/log/puppet
+      rundir: /var/run/puppet
+      ssldir: $vardir/ssl
+      pluginsync: true
+    agent:
+      classfile: $vardir/classes.txt
+      localconfig: $vardir/localconfig
+      server: {{ puppet.master }}
+      report: false
+      configtimeout: 600
+
+
+final_message: "YAY! The system is finally up, after $UPTIME seconds"
+

cloud-init-templates/cloud_config_ubuntu.jinja2

@@ -33,6 +33,9 @@ rsyslog:
       *.* @{{ common.master_ip }};LogToMaster
 
 
+#TODO(agordeev):
+#mounts: fill /etc/fstab
+
 # that module's missing in 0.6.3, but existent for >= 0.7.3
 write_files:
  -   content: |