diff --git a/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml b/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml new file mode 100644 index 0000000000..70437a8a45 --- /dev/null +++ b/extraconfig/post_deploy/rhel-registration/environment-rhel-registration.yaml @@ -0,0 +1,22 @@ +# Note this can be specified either in the call +# to heat stack-create via an additional -e option +# or via the global environment on the seed in +# /etc/heat/environment.d/default.yaml +parameter_defaults: + rhel_reg_activation_key: "" + rhel_reg_auto_attach: "" + rhel_reg_base_url: "" + rhel_reg_environment: "" + rhel_reg_force: "" + rhel_reg_machine_name: "" + rhel_reg_org: "" + rhel_reg_password: "" + rhel_reg_pool_id: "" + rhel_reg_release: "" + rhel_reg_repos: "" + rhel_reg_sat_url: "" + rhel_reg_server_url: "" + rhel_reg_service_level: "" + rhel_reg_user: "" + rhel_reg_type: "" + rhel_reg_method: "" diff --git a/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml b/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml new file mode 100644 index 0000000000..7b48392d80 --- /dev/null +++ b/extraconfig/post_deploy/rhel-registration/rhel-registration-resource-registry.yaml @@ -0,0 +1,2 @@ +resource_registry: + OS::TripleO::NodeExtraConfigPost: rhel-registration.yaml diff --git a/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml new file mode 100644 index 0000000000..cbf8f8b59f --- /dev/null +++ b/extraconfig/post_deploy/rhel-registration/rhel-registration.yaml @@ -0,0 +1,113 @@ +heat_template_version: 2014-10-16 + +description: > + RHEL Registration and unregistration software deployments. + +# Note extra parameters can be defined, then passed data via the +# environment parameter_defaults, without modifying the parent template +parameters: + servers: + type: json + # To be defined via a local or global environment in parameter_defaults + rhel_reg_activation_key: + type: string + rhel_reg_auto_attach: + type: string + rhel_reg_base_url: + type: string + rhel_reg_environment: + type: string + rhel_reg_force: + type: string + rhel_reg_machine_name: + type: string + rhel_reg_org: + type: string + rhel_reg_password: + type: string + rhel_reg_pool_id: + type: string + rhel_reg_release: + type: string + rhel_reg_repos: + type: string + rhel_reg_sat_url: + type: string + rhel_reg_server_url: + type: string + rhel_reg_service_level: + type: string + rhel_reg_user: + type: string + rhel_reg_type: + type: string + rhel_reg_method: + type: string + +resources: + + RHELRegistration: + type: OS::Heat::SoftwareConfig + properties: + group: script + inputs: + - name: REG_ACTIVATION_KEY + - name: REG_AUTO_ATTACH + - name: REG_BASE_URL + - name: REG_ENVIRONMENT + - name: REG_FORCE + - name: REG_MACHINE_NAME + - name: REG_ORG + - name: REG_PASSWORD + - name: REG_POOL_ID + - name: REG_RELEASE + - name: REG_REPOS + - name: REG_SAT_URL + - name: REG_SERVER_URL + - name: REG_SERVICE_LEVEL + - name: REG_USER + - name: REG_TYPE + - name: REG_METHOD + config: {get_file: scripts/rhel-registration} + + RHELRegistrationDeployment: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: servers} + config: {get_resource: RHELRegistration} + actions: ['CREATE'] # Only do this on CREATE + input_values: + REG_ACTIVATION_KEY: {get_param: rhel_reg_activation_key} + REG_AUTO_ATTACH: {get_param: rhel_reg_auto_attach} + REG_BASE_URL: {get_param: rhel_reg_base_url} + REG_ENVIRONMENT: {get_param: rhel_reg_environment} + REG_FORCE: {get_param: rhel_reg_force} + REG_MACHINE_NAME: {get_param: rhel_reg_machine_name} + REG_ORG: {get_param: rhel_reg_org} + REG_PASSWORD: {get_param: rhel_reg_password} + REG_POOL_ID: {get_param: rhel_reg_pool_id} + REG_RELEASE: {get_param: rhel_reg_release} + REG_REPOS: {get_param: rhel_reg_repos} + REG_SAT_URL: {get_param: rhel_reg_sat_url} + REG_SERVER_URL: {get_param: rhel_reg_server_url} + REG_SERVICE_LEVEL: {get_param: rhel_reg_service_level} + REG_USER: {get_param: rhel_reg_user} + REG_TYPE: {get_param: rhel_reg_type} + REG_METHOD: {get_param: rhel_reg_method} + + RHELUnregistration: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: {get_file: scripts/rhel-unregistration} + inputs: + - name: REG_METHOD + + RHELUnregistrationDeployment: + type: OS::Heat::StructuredDeployments + properties: + servers: {get_param: servers} + config: {get_resource: RHELUnregistration} + actions: ['DELETE'] # Only do this on DELETE + input_values: + REG_METHOD: {get_param: rhel_reg_method} diff --git a/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration new file mode 100644 index 0000000000..c2bf18946b --- /dev/null +++ b/extraconfig/post_deploy/rhel-registration/scripts/rhel-registration @@ -0,0 +1,120 @@ +#!/bin/bash + +# dib-lint: disable=setu sete setpipefail dibdebugtrace + +set -eu +set -o pipefail + +OK=/mnt/state/var/lib/rhsm/rhsm.ok + +if [ -e $OK ] ; then + exit 0 +fi + +opts= +attach_opts= +repos="repos --enable rhel-7-server-rpms" +satellite_repo="rhel-7-server-rh-common-rpms" +if [ -n "${REG_AUTO_ATTACH:-}" ]; then + opts="$opts --auto-attach" + + if [ -n "${REG_SERVICE_LEVEL:-}" ]; then + opts="$opts --servicelevel $REG_SERVICE_LEVEL" + fi + + if [ -n "${REG_RELEASE:-}" ]; then + opts="$opts --release=$REG_RELEASE" + fi +else + if [ -n "${REG_SERVICE_LEVEL:-}" ]; then + echo "WARNING: REG_SERVICE_LEVEL set without REG_AUTO_ATTACH." + fi + + if [ -n "${REG_RELEASE:-}" ]; then + echo "WARNING: REG_RELEASE set without REG_AUTO_ATTACH." + fi + + if [ -n "${REG_POOL_ID:-}" ]; then + attach_opts="$attach_opts --pool=$REG_POOL_ID" + fi +fi + +if [ -n "${REG_BASE_URL:-}" ]; then + opts="$opts --baseurl=$REG_BASE_URL" +fi + +if [ -n "${REG_ENVIRONMENT:-}" ]; then + opts="$opts --env=$REG_ENVIRONMENT" +fi + +if [ -n "${REG_FORCE:-}" ]; then + opts="$opts --force" +fi + +if [ -n "${REG_SERVER_URL:-}" ]; then + opts="$opts --serverurl=$REG_SERVER_URL" +fi + +if [ -n "${REG_ACTIVATION_KEY:-}" ]; then + opts="$opts --activationkey=$REG_ACTIVATION_KEY" + + if [ -z "${REG_ORG:-}" ]; then + echo "WARNING: REG_ACTIVATION_KEY set without REG_ORG." + fi +else + echo "WARNING: Support for registering with a username and password is deprecated." + echo "Please use activation keys instead. See the README for more information." + if [ -n "${REG_PASSWORD:-}" ]; then + opts="$opts --password $REG_PASSWORD" + fi + + if [ -n "${REG_USER:-}" ]; then + opts="$opts --username $REG_USER" + fi +fi + +if [ -n "${REG_MACHINE_NAME:-}" ]; then + opts="$opts --name $REG_MACHINE_NAME" +fi + +if [ -n "${REG_ORG:-}" ]; then + opts="$opts --org=$REG_ORG" +fi + +if [ -n "${REG_REPOS:-}" ]; then + for repo in $(echo $REG_REPOS | tr ',' '\n'); do + repos="$repos --enable $repo" + done +fi + +if [ -n "${REG_TYPE:-}" ]; then + opts="$opts --type=$REG_TYPE" +fi + +case "${REG_METHOD:-}" in + portal) + subscription-manager register $opts + if [ -z "${REG_AUTO_ATTACH:-}" ]; then + subscription-manager attach $attach_opts + fi + subscription-manager $repos + ;; + satellite) + repos="$repos --enable ${satellite_repo}" + rpm -Uvh "$REG_SAT_URL/pub/katello-ca-consumer-latest.noarch.rpm" || true + subscription-manager register $opts + subscription-manager $repos + yum install -y katello-agent || true # needed for errata reporting to satellite6 + katello-package-upload + subscription-manager repos --disable ${satellite_repo} + ;; + disable) + echo "Disabling RHEL registration" + ;; + *) + echo "WARNING: only 'portal', 'satellite', and 'disable' are valid values for REG_METHOD." + exit 0 +esac + +mkdir -p $(dirname $OK) +touch $OK diff --git a/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration b/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration new file mode 100644 index 0000000000..1e72e0a6fe --- /dev/null +++ b/extraconfig/post_deploy/rhel-registration/scripts/rhel-unregistration @@ -0,0 +1,19 @@ +#!/bin/bash + +set -eux +set -o pipefail + +case "${REG_METHOD:-}" in + portal|satellite) + # Allow unregistration to fail. + # We don't want to fail stack deletes if unregistration fails. + subscription-manager unregister || true + subscription-manager clean || true + ;; + disable) + echo "Disabling RHEL unregistration" + ;; + *) + echo "WARNING: only 'portal', 'satellite', and 'disable' are valid values for REG_METHOD." + exit 0 +esac