post-deploy hook for rhel registration

Adds a potential usage of the post-deploy hooks to register a server with RHN or a satellite. Note this requires some additional parameters, which can be specified in environment_rhel_reg.yaml, and this must be passed into the call to heat via another -e parameter. An alternative may be to have a global extraconfig_env.yaml at the top level, which the scripts always pass, or to use the global environment (/etc/heat/environment.d/default.yaml) on the seed. Co-Authored-By: James Slagle <jslagle@redhat.com> Change-Id: Ia6fd270122cbc2e51beb672654e5e1ebd3bd2966
2015-04-09 15:01:08 +01:00 · 2015-04-09 15:01:08 +01:00 · c799b2e04e
commit c799b2e04e
parent ad0f3a3e44
5 changed files with 276 additions and 0 deletions
--- a/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml
+++ b/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml
@ -0,0 +1,22 @@
+# Note this can be specified either in the call
+# to heat stack-create via an additional -e option
+# or via the global environment on the seed in
+# /etc/heat/environment.d/default.yaml
+parameter_defaults:
+  rhel_reg_activation_key: ""
+  rhel_reg_auto_attach: ""
+  rhel_reg_base_url: ""
+  rhel_reg_environment: ""
+  rhel_reg_force: ""
+  rhel_reg_machine_name: ""
+  rhel_reg_org: ""
+  rhel_reg_password: ""
+  rhel_reg_pool_id: ""
+  rhel_reg_release: ""
+  rhel_reg_repos: ""
+  rhel_reg_sat_url: ""
+  rhel_reg_server_url: ""
+  rhel_reg_service_level: ""
+  rhel_reg_user: ""
+  rhel_reg_type: ""
+  rhel_reg_method: ""
--- a/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml
+++ b/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml
@ -0,0 +1,2 @@
+resource_registry:
+  OS::TripleO::NodeExtraConfigPost: rhel-registration.yaml
--- a/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml
+++ b/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml
@ -0,0 +1,113 @@
+heat_template_version: 2014-10-16
+
+description: >
+  RHEL Registration and unregistration software deployments.
+
+# Note extra parameters can be defined, then passed data via the
+# environment parameter_defaults, without modifying the parent template
+parameters:
+  servers:
+    type: json
+  # To be defined via a local or global environment in parameter_defaults
+  rhel_reg_activation_key:
+    type: string
+  rhel_reg_auto_attach:
+    type: string
+  rhel_reg_base_url:
+    type: string
+  rhel_reg_environment:
+    type: string
+  rhel_reg_force:
+    type: string
+  rhel_reg_machine_name:
+    type: string
+  rhel_reg_org:
+    type: string
+  rhel_reg_password:
+    type: string
+  rhel_reg_pool_id:
+    type: string
+  rhel_reg_release:
+    type: string
+  rhel_reg_repos:
+    type: string
+  rhel_reg_sat_url:
+    type: string
+  rhel_reg_server_url:
+    type: string
+  rhel_reg_service_level:
+    type: string
+  rhel_reg_user:
+    type: string
+  rhel_reg_type:
+    type: string
+  rhel_reg_method:
+    type: string
+
+resources:
+
+  RHELRegistration:
+    type: OS::Heat::SoftwareConfig
+    properties:
+      group: script
+      inputs:
+        - name: REG_ACTIVATION_KEY
+        - name: REG_AUTO_ATTACH
+        - name: REG_BASE_URL
+        - name: REG_ENVIRONMENT
+        - name: REG_FORCE
+        - name: REG_MACHINE_NAME
+        - name: REG_ORG
+        - name: REG_PASSWORD
+        - name: REG_POOL_ID
+        - name: REG_RELEASE
+        - name: REG_REPOS
+        - name: REG_SAT_URL
+        - name: REG_SERVER_URL
+        - name: REG_SERVICE_LEVEL
+        - name: REG_USER
+        - name: REG_TYPE
+        - name: REG_METHOD
+      config: {get_file: scripts/rhel-registration}
+
+  RHELRegistrationDeployment:
+    type: OS::Heat::StructuredDeployments
+    properties:
+      servers:  {get_param: servers}
+      config: {get_resource: RHELRegistration}
+      actions: ['CREATE'] # Only do this on CREATE
+      input_values:
+        REG_ACTIVATION_KEY: {get_param: rhel_reg_activation_key}
+        REG_AUTO_ATTACH: {get_param: rhel_reg_auto_attach}
+        REG_BASE_URL: {get_param: rhel_reg_base_url}
+        REG_ENVIRONMENT: {get_param: rhel_reg_environment}
+        REG_FORCE: {get_param: rhel_reg_force}
+        REG_MACHINE_NAME: {get_param: rhel_reg_machine_name}
+        REG_ORG: {get_param: rhel_reg_org}
+        REG_PASSWORD: {get_param: rhel_reg_password}
+        REG_POOL_ID: {get_param: rhel_reg_pool_id}
+        REG_RELEASE: {get_param: rhel_reg_release}
+        REG_REPOS: {get_param: rhel_reg_repos}
+        REG_SAT_URL: {get_param: rhel_reg_sat_url}
+        REG_SERVER_URL: {get_param: rhel_reg_server_url}
+        REG_SERVICE_LEVEL: {get_param: rhel_reg_service_level}
+        REG_USER: {get_param: rhel_reg_user}
+        REG_TYPE: {get_param: rhel_reg_type}
+        REG_METHOD: {get_param: rhel_reg_method}
+
+  RHELUnregistration:
+    type: OS::Heat::SoftwareConfig
+    properties:
+      group: script
+      config: {get_file: scripts/rhel-unregistration}
+      inputs:
+        - name: REG_METHOD
+
+  RHELUnregistrationDeployment:
+    type: OS::Heat::StructuredDeployments
+    properties:
+      servers:  {get_param: servers}
+      config: {get_resource: RHELUnregistration}
+      actions: ['DELETE'] # Only do this on DELETE
+      input_values:
+        REG_METHOD: {get_param: rhel_reg_method}
--- a/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration
+++ b/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration
@ -0,0 +1,120 @@
+#!/bin/bash
+
+# dib-lint: disable=setu sete setpipefail dibdebugtrace
+
+set -eu
+set -o pipefail
+
+OK=/mnt/state/var/lib/rhsm/rhsm.ok
+
+if [ -e $OK ] ; then
+    exit 0
+fi
+
+opts=
+attach_opts=
+repos="repos --enable rhel-7-server-rpms"
+satellite_repo="rhel-7-server-rh-common-rpms"
+if [ -n "${REG_AUTO_ATTACH:-}" ]; then
+    opts="$opts --auto-attach"
+
+    if [ -n "${REG_SERVICE_LEVEL:-}" ]; then
+        opts="$opts --servicelevel $REG_SERVICE_LEVEL"
+    fi
+
+    if [ -n "${REG_RELEASE:-}" ]; then
+        opts="$opts --release=$REG_RELEASE"
+    fi
+else
+    if [ -n "${REG_SERVICE_LEVEL:-}" ]; then
+        echo "WARNING: REG_SERVICE_LEVEL set without REG_AUTO_ATTACH."
+    fi
+
+    if [ -n "${REG_RELEASE:-}" ]; then
+        echo "WARNING: REG_RELEASE set without REG_AUTO_ATTACH."
+    fi
+
+    if [ -n "${REG_POOL_ID:-}" ]; then
+        attach_opts="$attach_opts --pool=$REG_POOL_ID"
+    fi
+fi
+
+if [ -n "${REG_BASE_URL:-}" ]; then
+    opts="$opts --baseurl=$REG_BASE_URL"
+fi
+
+if [ -n "${REG_ENVIRONMENT:-}" ]; then
+    opts="$opts --env=$REG_ENVIRONMENT"
+fi
+
+if [ -n "${REG_FORCE:-}" ]; then
+    opts="$opts --force"
+fi
+
+if [ -n "${REG_SERVER_URL:-}" ]; then
+    opts="$opts --serverurl=$REG_SERVER_URL"
+fi
+
+if [ -n "${REG_ACTIVATION_KEY:-}" ]; then
+    opts="$opts --activationkey=$REG_ACTIVATION_KEY"
+
+    if [ -z "${REG_ORG:-}" ]; then
+        echo "WARNING: REG_ACTIVATION_KEY set without REG_ORG."
+    fi
+else
+    echo "WARNING: Support for registering with a username and password is deprecated."
+    echo "Please use activation keys instead.  See the README for more information."
+    if [ -n "${REG_PASSWORD:-}" ]; then
+        opts="$opts --password $REG_PASSWORD"
+    fi
+
+    if [ -n "${REG_USER:-}" ]; then
+        opts="$opts --username $REG_USER"
+    fi
+fi
+
+if [ -n "${REG_MACHINE_NAME:-}" ]; then
+    opts="$opts --name $REG_MACHINE_NAME"
+fi
+
+if [ -n "${REG_ORG:-}" ]; then
+    opts="$opts --org=$REG_ORG"
+fi
+
+if [ -n "${REG_REPOS:-}" ]; then
+    for repo in $(echo $REG_REPOS | tr ',' '\n'); do
+        repos="$repos --enable $repo"
+    done
+fi
+
+if [ -n "${REG_TYPE:-}" ]; then
+    opts="$opts --type=$REG_TYPE"
+fi
+
+case "${REG_METHOD:-}" in
+    portal)
+        subscription-manager register $opts
+        if [ -z "${REG_AUTO_ATTACH:-}" ]; then
+            subscription-manager attach $attach_opts
+        fi
+        subscription-manager $repos
+        ;;
+    satellite)
+        repos="$repos --enable ${satellite_repo}"
+        rpm -Uvh "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" || true
+        subscription-manager register $opts
+        subscription-manager $repos
+        yum install -y katello-agent || true # needed for errata reporting to satellite6
+        katello-package-upload
+        subscription-manager repos --disable ${satellite_repo}
+        ;;
+    disable)
+        echo "Disabling RHEL registration"
+        ;;
+    *)
+        echo "WARNING: only 'portal', 'satellite', and 'disable' are valid values for REG_METHOD."
+        exit 0
+esac
+
+mkdir -p $(dirname $OK)
+touch $OK
--- a/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration
+++ b/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration
@ -0,0 +1,19 @@
+#!/bin/bash
+
+set -eux
+set -o pipefail
+
+case "${REG_METHOD:-}" in
+    portal|satellite)
+        # Allow unregistration to fail.
+        # We don't want to fail stack deletes if unregistration fails.
+        subscription-manager unregister || true
+        subscription-manager clean || true
+        ;;
+    disable)
+        echo "Disabling RHEL unregistration"
+        ;;
+    *)
+        echo "WARNING: only 'portal', 'satellite', and 'disable' are valid values for REG_METHOD."
+        exit 0
+esac