440245d6d4
This brings back changes that broke compatibility between old Nailgun code and Fuel Library with assumption that newer FUEL CI ISO will be uploaded in several hours.
blueprint consume-external-ubuntu
This reverts commit ccaab07d52.
Change-Id: Ifc6a8a6043445741691cbfae364b7b8c5df9802e
384 lines
16 KiB
Plaintext
384 lines
16 KiB
Plaintext
---
|
|
# cobbler settings file
|
|
# restart cobblerd and run "cobbler sync" after making changes
|
|
# This config file is in YAML 1.0 format
|
|
# see http://yaml.org
|
|
# ==========================================================
|
|
# if 1, cobbler will allow insertions of system records that duplicate
|
|
# the --dns-name information of other system records. In general,
|
|
# this is undesirable and should be left 0.
|
|
allow_duplicate_hostnames: 0
|
|
|
|
# if 1, cobbler will allow insertions of system records that duplicate
|
|
# the ip address information of other system records. In general,
|
|
# this is undesirable and should be left 0.
|
|
allow_duplicate_ips: 0
|
|
|
|
# if 1, cobbler will allow insertions of system records that duplicate
|
|
# the mac address information of other system records. In general,
|
|
# this is undesirable.
|
|
allow_duplicate_macs: 0
|
|
|
|
# by default, installs are *not* set to send installation logs to the cobbler
|
|
# # # server. With 'anamon_enabled', kickstart templates may use the pre_anamon
|
|
# # # snippet to allow remote live monitoring of their installations from the
|
|
# # # cobbler server. Installation logs will be stored under
|
|
# # # /var/log/cobbler/anamon/. NOTE: This does allow an xmlrpc call to send logs
|
|
# # # to this directory, without authentication, so enable only if you are
|
|
# # # ok with this limitation.
|
|
anamon_enabled: 0
|
|
|
|
# Email out a report when cobbler finishes installing a system.
|
|
# enabled: set to 1 to turn this feature on
|
|
# sender: optional
|
|
# email: which addresses to email
|
|
# smtp_server: used to specify another server for an MTA
|
|
# subject: use the default subject unless overridden
|
|
build_reporting_enabled: 0
|
|
build_reporting_sender: ""
|
|
build_reporting_email: [ 'root@localhost' ]
|
|
build_reporting_smtp_server: "localhost"
|
|
build_reporting_subject: ""
|
|
|
|
# Cheetah-language kickstart templates can import Python modules.
|
|
# while this is a useful feature, it is not safe to allow them to
|
|
# import anything they want. This whitelists which modules can be
|
|
# imported through Cheetah. Users can expand this as needed but
|
|
# should never allow modules such as subprocess or those that
|
|
# allow access to the filesystem as Cheetah templates are evaluated
|
|
# by cobblerd as code.
|
|
cheetah_import_whitelist:
|
|
- "random"
|
|
- "re"
|
|
- "time"
|
|
- "orchestra"
|
|
- "json"
|
|
|
|
# Default createrepo_flags to use for new repositories. If you have
|
|
# createrepo >= 0.4.10, consider "-c cache --update -C", which can
|
|
# dramatically improve your "cobbler reposync" time. "-s sha"
|
|
# enables working with Fedora repos from F11/F12 from EL-4 or
|
|
# EL-5 without python-hashlib installed (which is not available
|
|
# on EL-4)
|
|
createrepo_flags: "-c cache -s sha"
|
|
|
|
# if no kickstart is specified to profile add, use this template
|
|
default_kickstart: /var/lib/cobbler/kickstarts/ubuntu-server.preseed
|
|
|
|
# configure all installed systems to use these nameservers by default
|
|
# unless defined differently in the profile. For DHCP configurations
|
|
# you probably do /not/ want to supply this.
|
|
default_name_servers: []
|
|
|
|
# if using the authz_ownership module (see the Wiki), objects
|
|
# created without specifying an owner are assigned to this
|
|
# owner and/or group. Can be a comma seperated list.
|
|
default_ownership:
|
|
- "admin"
|
|
|
|
# cobbler has various sample kickstart templates stored
|
|
# in /var/lib/cobbler/kickstarts/. This controls
|
|
# what install (root) password is set up for those
|
|
# systems that reference this variable. The factory
|
|
# default is "cobbler" and cobbler check will warn if
|
|
# this is not changed.
|
|
default_password_crypted: ""
|
|
|
|
# for libvirt based installs in koan, if no virt bridge
|
|
# is specified, which bridge do we try? For EL 4/5 hosts
|
|
# this should be xenbr0, for all versions of Fedora, try
|
|
# "virbr0". This can be overriden on a per-profile
|
|
# basis or at the koan command line though this saves
|
|
# typing to just set it here to the most common option.
|
|
default_virt_bridge: virbr0
|
|
|
|
# use this as the default disk size for virt guests (GB)
|
|
default_virt_file_size: 5
|
|
|
|
# use this as the default memory size for virt guests (MB)
|
|
default_virt_ram: 512
|
|
|
|
# if koan is invoked without --virt-type and no virt-type
|
|
# is set on the profile/system, what virtualization type
|
|
# should be assumed? Values: xenpv, xenfv, qemu, vmware
|
|
# (NOTE: this does not change what virt_type is chosen by import)
|
|
default_virt_type: qemu
|
|
|
|
# controls whether cobbler will add each new profile entry to the default
|
|
# PXE boot menu. This can be over-ridden on a per-profile
|
|
# basis when adding/editing profiles with --enable-menu=0/1. Users
|
|
# should ordinarily leave this setting enabled unless they are concerned
|
|
# with accidental reinstalls from users who select an entry at the PXE
|
|
# boot menu. Adding a password to the boot menus templates
|
|
# may also be a good solution to prevent unwanted reinstallations
|
|
enable_menu: 1
|
|
|
|
# enable Func-integration? This makes sure each installed machine is set up
|
|
# to use func out of the box, which is a powerful way to script and control
|
|
# remote machines.
|
|
# Func lives at http://fedorahosted.org/func
|
|
# read more at https://fedorahosted.org/cobbler/wiki/FuncIntegration
|
|
# you will need to mirror Fedora/EPEL packages for this feature, so see
|
|
# https://fedorahosted.org/cobbler/wiki/ManageYumRepos if you want cobbler
|
|
# to help you with this
|
|
func_auto_setup: 0
|
|
func_master: overlord.example.org
|
|
|
|
# change this port if Apache is not running plaintext on port
|
|
# 80. Most people can leave this alone.
|
|
http_port: 80
|
|
|
|
# kernel options that should be present in every cobbler installation.
|
|
# kernel options can also be applied at the distro/profile/system
|
|
# level.
|
|
kernel_options:
|
|
ksdevice: bootif
|
|
lang: ' '
|
|
text: ~
|
|
locale: en_US
|
|
priority: critical
|
|
|
|
# s390 systems require additional kernel options in addition to the
|
|
# above defaults
|
|
kernel_options_s390x:
|
|
RUNKS: 1
|
|
ramdisk_size: 40000
|
|
root: /dev/ram0
|
|
ro: ~
|
|
ip: off
|
|
vnc: ~
|
|
|
|
# configuration options if using the authn_ldap module. See the
|
|
# the Wiki for details. This can be ignored if you are not using
|
|
# LDAP for WebUI/XMLRPC authentication.
|
|
ldap_server: "ldap.example.com"
|
|
ldap_base_dn: "DC=example,DC=com"
|
|
ldap_port: 389
|
|
ldap_tls: 1
|
|
ldap_anonymous_bind: 1
|
|
ldap_search_bind_dn: ''
|
|
ldap_search_passwd: ''
|
|
ldap_search_prefix: 'uid='
|
|
|
|
# cobbler has a feature that allows for integration with config management
|
|
# systems such as Puppet. The following parameters work in conjunction with
|
|
# --mgmt-classes and are described in furhter detail at:
|
|
# https://fedorahosted.org/cobbler/wiki/UsingCobblerWithConfigManagementSystem
|
|
mgmt_classes: []
|
|
mgmt_parameters:
|
|
from_cobbler: 1
|
|
|
|
# if enabled, this setting ensures that puppet is installed during
|
|
# machine provision, a client certificate is generated and a
|
|
# certificate signing request is made with the puppet master server
|
|
puppet_auto_setup: 0
|
|
|
|
# when puppet starts on a system after installation it needs to have
|
|
# its certificate signed by the puppet master server. Enabling the
|
|
# following feature will ensure that the puppet server signs the
|
|
# certificate after installation if the puppet master server is
|
|
# running on the same machine as cobbler. This requires
|
|
# puppet_auto_setup above to be enabled
|
|
sign_puppet_certs_automatically: 0
|
|
|
|
# location of the puppet signing utility puppetca
|
|
puppetca_path: "/usr/sbin/puppetca"
|
|
|
|
# when a puppet managed machine is reinstalled it is necessary to
|
|
# remove the puppet certificate from the puppet master server before a
|
|
# new certificate is signed (see above). Enabling the following
|
|
# feature will ensure that the certificate for the machine to be
|
|
# installed is removed from the puppet master server if the puppet
|
|
# master server is running on the same machine as cobbler. This
|
|
# requires puppet_auto_setup above to be enabled
|
|
remove_old_puppet_certs_automatically: 0
|
|
|
|
# set to 1 to enable Cobbler's DHCP management features.
|
|
# the choice of DHCP management engine is in /etc/cobbler/modules.conf
|
|
manage_dhcp: 1
|
|
|
|
# set to 1 to enable Cobbler's DNS management features.
|
|
# the choice of DNS mangement engine is in /etc/cobbler/modules.conf
|
|
manage_dns: 1
|
|
|
|
# set to 1 to enable Cobbler's TFTP management features.
|
|
# the choice of TFTP mangement engine is in /etc/cobbler/modules.conf
|
|
manage_tftpd: 1
|
|
|
|
# set to 1 to enable Cobbler's RSYNC management features.
|
|
manage_rsync: 0
|
|
|
|
# if using BIND (named) for DNS management in /etc/cobbler/modules.conf
|
|
# and manage_dns is enabled (above), this lists which zones are managed
|
|
# See the Wiki (https://fedorahosted.org/cobbler/wiki/ManageDns) for more info
|
|
manage_forward_zones: []
|
|
manage_reverse_zones: []
|
|
|
|
# if using cobbler with manage_dhcp, put the IP address
|
|
# of the cobbler server here so that PXE booting guests can find it
|
|
# if you do not set this correctly, this will be manifested in TFTP open timeouts.
|
|
next_server: <%= @next_server %>
|
|
|
|
# settings for power management features. optional.
|
|
# see https://fedorahosted.org/cobbler/wiki/PowerManagement to learn more
|
|
# choices:
|
|
# bullpap wti apc apc_snmp ether-wake ipmilan
|
|
# drac ipmitool ilo rsa lpar bladecenter virsh
|
|
power_management_default_type: 'ether_wake'
|
|
|
|
# the commands used by the power management module are sourced
|
|
# from what directory?
|
|
power_template_dir: "/etc/cobbler/power"
|
|
|
|
# if this setting is set to 1, cobbler systems that pxe boot
|
|
# will request at the end of their installation to toggle the
|
|
# --netboot-enabled record in the cobbler system record. This eliminates
|
|
# the potential for a PXE boot loop if the system is set to PXE
|
|
# first in it's BIOS order. Enable this if PXE is first in your BIOS
|
|
# boot order, otherwise leave this disabled. See the manpage
|
|
# for --netboot-enabled.
|
|
pxe_just_once: 1
|
|
|
|
# the templates used for PXE config generation are sourced
|
|
# from what directory?
|
|
pxe_template_dir: "/etc/cobbler/pxe"
|
|
|
|
# Path to where system consoles are
|
|
consoles: "/var/consoles"
|
|
|
|
# Are you using a Red Hat management platform in addition to Cobbler?
|
|
# Cobbler can help you register to it. Choose one of the following:
|
|
# "off" : I'm not using Red Hat Network, Satellite, or Spacewalk
|
|
# "hosted" : I'm using Red Hat Network
|
|
# "site" : I'm using Red Hat Satellite Server or Spacewalk
|
|
# You will also want to read: https://fedorahosted.org/cobbler/wiki/TipsForRhn
|
|
redhat_management_type: "off"
|
|
|
|
# if redhat_management_type is enabled, choose your server
|
|
# "management.example.org" : For Satellite or Spacewalk
|
|
# "xmlrpc.rhn.redhat.com" : For Red Hat Network
|
|
# This setting is also used by the code that supports using Spacewalk/Satellite users/passwords
|
|
# within Cobbler Web and Cobbler XMLRPC. Using RHN Hosted for this is not supported.
|
|
# This feature can be used even if redhat_management_type is off, you just have
|
|
# to have authn_spacewalk selected in modules.conf
|
|
redhat_management_server: "xmlrpc.rhn.redhat.com"
|
|
|
|
# specify the default Red Hat authorization key to use to register
|
|
# system. If left blank, no registration will be attempted. Similarly
|
|
# you can set the --redhat-management-key to blank on any system to
|
|
# keep it from trying to register.
|
|
redhat_management_key: ""
|
|
|
|
# if using authn_spacewalk in modules.conf to let cobbler authenticate
|
|
# against Satellite/Spacewalk's auth system, by default it will not allow per user
|
|
# access into Cobbler Web and Cobbler XMLRPC.
|
|
# in order to permit this, the following setting must be enabled HOWEVER
|
|
# doing so will permit all Spacewalk/Satellite users of certain types to edit all
|
|
# of cobbler's configuration.
|
|
# these roles are: config_admin and org_admin
|
|
# users should turn this on only if they want this behavior and
|
|
# do not have a cross-multi-org seperation concern. If you have
|
|
# a single org in your satellite, it's probably safe to turn this
|
|
# on and then you can use CobblerWeb alongside a Satellite install.
|
|
redhat_management_permissive: 0
|
|
|
|
# if set to 1, allows /usr/bin/cobbler-register (part of the koan package)
|
|
# to be used to remotely add new cobbler system records to cobbler.
|
|
# this effectively allows for registration of new hardware from system
|
|
# records.
|
|
register_new_installs: 0
|
|
|
|
# Flags to use for yum's reposync. If your version of yum reposync
|
|
# does not support -l, you may need to remove that option.
|
|
reposync_flags: "-l -m -d"
|
|
|
|
# when DHCP and DNS management are enabled, cobbler sync can automatically
|
|
# restart those services to apply changes. The exception for this is
|
|
# if using ISC for DHCP, then omapi eliminates the need for a restart.
|
|
# omapi, however, is experimental and not recommended for most configurations.
|
|
# If DHCP and DNS are going to be managed, but hosted on a box that
|
|
# is not on this server, disable restarts here and write some other
|
|
# script to ensure that the config files get copied/rsynced to the destination
|
|
# box. This can be done by modifying the restart services trigger.
|
|
# Note that if manage_dhcp and manage_dns are disabled, the respective
|
|
# parameter will have no effect. Most users should not need to change
|
|
# this.
|
|
restart_dns: 1
|
|
restart_dhcp: 1
|
|
|
|
# install triggers are scripts in /var/lib/cobbler/triggers/install
|
|
# that are triggered in kickstart pre and post sections. Any
|
|
# executable script in those directories is run. They can be used
|
|
# to send email or perform other actions. They are currently
|
|
# run as root so if you do not need this functionality you can
|
|
# disable it, though this will also disable "cobbler status" which
|
|
# uses a logging trigger to audit install progress.
|
|
run_install_triggers: 1
|
|
|
|
# enables a trigger which version controls all changes to /var/lib/cobbler
|
|
# when add, edit, or sync events are performed. This can be used
|
|
# to revert to previous database versions, generate RSS feeds, or for
|
|
# other auditing or backup purposes. "git" and "hg" are currently suported,
|
|
# but git is the recommend SCM for use with this feature.
|
|
scm_track_enabled: 0
|
|
scm_track_mode: "git"
|
|
|
|
# this is the address of the cobbler server -- as it is used
|
|
# by systems during the install process, it must be the address
|
|
# or hostname of the system as those systems can see the server.
|
|
# if you have a server that appears differently to different subnets
|
|
# (dual homed, etc), you need to read the --server-override section
|
|
# of the manpage for how that works.
|
|
server: <%= @server %>
|
|
|
|
# this is a directory of files that cobbler uses to make
|
|
# templating easier. See the Wiki for more information. Changing
|
|
# this directory should not be required.
|
|
snippetsdir: /var/lib/cobbler/snippets
|
|
|
|
# Normally if a kickstart is specified at a remote location, this
|
|
# URL will be passed directly to the kickstarting system, thus bypassing
|
|
# the usual snippet templating Cobbler does for local kickstart files. If
|
|
# this option is enabled, Cobbler will fetch the file contents internally
|
|
# and serve a templated version of the file to the client.
|
|
template_remote_kickstarts: 0
|
|
|
|
# cobbler uses pxe booting by default, enable this option if you want to
|
|
# use gpxe
|
|
use_gpxe: 0
|
|
|
|
# should new profiles for virtual machines default to auto booting with the physical host when the physical host reboots?
|
|
# this can be overridden on each profile or system object.
|
|
virt_auto_boot: 1
|
|
|
|
# cobbler's web directory. Don't change this setting -- see the
|
|
# Wiki on "relocating your cobbler install" if your /var partition
|
|
# is not large enough.
|
|
webdir: /var/www/cobbler
|
|
|
|
# cobbler's public XMLRPC listens on this port. Change this only
|
|
# if absolutely needed, as you'll have to start supplying a new
|
|
# port option to koan if it is not the default.
|
|
xmlrpc_port: 25151
|
|
|
|
# "cobbler repo add" commands set cobbler up with repository
|
|
# information that can be used during kickstart and is automatically
|
|
# set up in the cobbler kickstart templates. By default, these
|
|
# are only available at install time. To make these repositories
|
|
# usable on installed systems (since cobbler makes a very convient)
|
|
# mirror, set this to 1. Most users can safely set this to 1. Users
|
|
# who have a dual homed cobbler server, or are installing laptops that
|
|
# will not always have access to the cobbler server may wish to leave
|
|
# this as 0. In that case, the cobbler mirrored yum repos are still
|
|
# accessable at http://cobbler.example.org/cblr/repo_mirror and yum
|
|
# configuration can still be done manually. This is just a shortcut.
|
|
yum_post_install_mirror: 1
|
|
|
|
# the default yum priority for all the distros. This is only used
|
|
# if yum-priorities plugin is used. 1=maximum. Tweak with caution.
|
|
yum_distro_priority: 1
|
|
|
|
# Flags to use for yumdownloader. Not all versions may support
|
|
# --resolve.
|
|
yumdownloader_flags: "--resolve"
|