Is anyone else having issues getting the %post section to work with ESX 3.0 kickstart files. I'm using kickstart to automate our installations and they running flawlessly except for the %post section. I can't get even the simplest of commands to run. It is as if the entire post section is ignored.
Any suggestions on how to fix or troubleshoot post kickstart?
can you post your ks file?
have you been doing any editing of the file in Windows? sometimes windows messes up the line breaks.
also it might be a pathing thing, sometimes you'll need to issue full paths to commands..
I am using Windows to edit the file, but I use TextPad and have verified that the file is save in Unix/ANSI format. For debugging, I reduced the %post section to just perform a few simple tasks. Even a simple echo to file and cp command don't work. It seems like the %post section is not run during the install.
\# Auto-Generated Scripted Install Configuration file.
\# This file is used for VMware ESX Server Scripted Install Deployment
\# Installation Method
url --url ftp://anonymous:rdp@%IP/lib/osdist/vmesx300/
\# root Password
rootpw password
\# Authconfig
auth --enableshadow --enablemd5
\# BootLoader ( The user has to use grub by default )
bootloader --location=mbr --driveorder=cciss/c0d0,sda
\# Timezone
timezone America/Chicago
\# X windowing System
skipx
\# Install or Upgrade
install
\# Text Mode
text
\# Network install type
network --bootproto dhcp --addvmportgroup=1 --vlanid=0
\# Language
lang en_US
\# Langauge Support
langsupport --default en_US
\# Keyboard
keyboard us
\# Mouse
mouse none
\# Reboot after install ?
reboot
\# Firewall settings
firewall --disabled
\# Clear Partitions
zerombr yes
clearpart --all --initlabel --drives=cciss/c0d0
\# Partitioning
part /boot --fstype ext3 --size 100 --ondisk cciss/c0d0
part / --fstype ext3 --size 5000 --ondisk cciss/c0d0
part swap --size 1500 --ondisk cciss/c0d0
part None --fstype vmfs3 --size 10240 --grow --ondisk cciss/c0d0
part /home --fstype ext3 --size 1800 --ondisk cciss/c0d0
part /var/log --fstype ext3 --size 2048 --ondisk cciss/c0d0
part /tmp --fstype ext3 --size 1024 --ondisk cciss/c0d0
part None --fstype vmkcore --size 100 --ondisk cciss/c0d0
\# VMware Specific Commands
vmaccepteula
vmlicense --mode=server server=27000@servernameedition=esxFull
%packages
@base
%pre
%post
echo "# %Post Kisckstart Ran" >> /tmp/kickstart.log
cp /etc/rc.local /etc/rc.local.bak
%vmlicense_text
Good, reordering and removing the %pre is now allowing the %post section to execute. I will add back the more complex post section I have to verify again.
Great, this works like a champ. Since HP RDP (Altiris) do not have script templates for ESX 3.0, I'm retrofitting their 2.5.x kickstart scripts for ESX 3.0. There have been several of these little 'changes' that have given me trouble. But with this resolved, were good to go. Thanks for the help.
vmaccepteula
vmlicense --mode=server server=27000@servernameedition=esxFull
%packages
@base
%pre
%post
echo "# %Post Kisckstart Ran" >> /tmp/kickstart.log
cp /etc/rc.local /etc/rc.local.bak
%vmlicense_text[/i]
I've got a few questions about the new ESX 3.0 kickstart when reading this post:
\- what is the %vmlicense_text option doing?
\- vmlicense command - I assume the --edition is a seperate parameter
At this moment I'm trying to create a ESX 3.0 kickstart script, and with ESX 2.5.x I could basicly do anything within it. But since ESX 3.0 the commands to create a new network are requiring the ESX kernel to be loaded and may not work with the installer.
How are you guys configuring your servers in the %post section? And would you mind to share some of your idea's?
Thank you,
William
Bit rough and ready right now but heres a sanitised copy of one of my esx 3 ks.cfg files.
John
\# Auto-Generated Scripted Install Configuration file.
\# This file is used for VMware ESX Server Scripted Install Deployment
\# Installation Method
nfs --server nfsbuildserver.domain.name --dir /esx3/host
\# Network install type
network --bootproto static --ip 192.168.1.50 --netmask 255.255.255.0 --gateway 192.168.1.1 --nameserver 192.168.1.10 --hostname ESXHOSTNAME --addvmportgroup=0 --vlanid=0
\# root Password
rootpw --iscrypted $1$52405f39523fk302.
\# Authconfig
auth --enableshadow --enablemd5
\# BootLoader ( The user has to use grub by default )
bootloader --location=mbr
\# Timezone
timezone Europe/London
\# X windowing System
skipx
\# Install or Upgrade
install
\# Text Mode
text
\# Language
lang en_US
\# Langauge Support
langsupport --default en_US
\# Keyboard
keyboard uk
\# Mouse
mouse none
\# Reboot after install ?
reboot
\# Firewall settings
firewall --disabled
\# Clear Partitions
clearpart --all --initlabel --drives=sda
\# Partitioning
part /boot --fstype ext3 --size 200 --ondisk sda --asprimary
part swap --size 1600 --ondisk sda --asprimary
part / --fstype ext3 --size 5000 --ondisk sda --asprimary
part /var --fstype ext3 --size 2000 --ondisk sda
part /tmp --fstype ext3 --size 2000 --ondisk sda
part /opt --fstype ext3 --size 2000 --ondisk sda
part /vmimages --fstype ext3 --size 10000 --ondisk sda
part None --fstype vmkcore --size 100 --ondisk sda
part None --fstype vmfs3 --size 10000 --grow --ondisk sda
\# VMware Specific Commands
vmaccepteula
vmlicense --mode=server --server=27000@licenseserver.domain.name --edition=esxFull
%packages
@base
%vmlicense_text
%post
dateTime=`date '+%c'`
echo "Built using a scripted install by the xxxx Team.
Built on "$dateTime > /etc/motd
echo "search domain.name" >>/etc/resolv.conf
\# Connect to Windows Server to copy over build files.
cd /vmimages
cat >> //vmimages/build.sh << EOF1
#!/bin/sh
logger "ESX Host Scripted Build - build.sh"
echo "ESX Host Scripted Build..."
mkdir /vmimages/build
mkdir /tmp/build
echo "search domain.name" >>/etc/resolv.conf
echo "Mounting NFS Share to build source files..."
esxcfg-firewall -e nfsClient
chkconfig portmap on
service portmap start
mount -t nfs nfsbuildserver.domain.name:/esx3/config /tmp/build
echo "Copying Build Source Files..."
cp -p /tmp/build/* /vmimages/build
chmod +x /vmimages/build/*.sh
echo "Generating Custom Host config file..."
echo "hwmodel=X366" > /vmimages/build/host.cfg
echo "iphostname=ESXHOSTNAME" >> /vmimages/build/host.cfg
echo "ipdomain=domain.name" >> /vmimages/build/host.cfg
echo "ipaddress=192.168.1.50" >> /vmimages/build/host.cfg
echo "ipsubnet=255.255.255.0" >> /vmimages/build/host.cfg
echo "ipgateway=192.168.1.1" >> /vmimages/build/host.cfg
echo "ippridns=192.168.1.10" >> /vmimages/build/host.cfg
echo "ipsecdns=192.168.1.11" >> /vmimages/build/host.cfg
echo "ntpserver=NTPSOURCE.domain.name" >> /vmimages/build/host.cfg
echo "backuphost=BACKUPNFS" >> /vmimages/build/host.cfg
echo "vmotionip=192.168.1.51" >> /vmimages/build/host.cfg
echo "vmotionnm=255.255.255.0" >> /vmimages/build/host.cfg
echo "vmotiongw=192.168.1.1" >> /vmimages/build/host.cfg
echo "scspeed=1000" >> /vmimages/build/host.cfg
echo "dataspeed=1000" >> /vmimages/build/host.cfg
echo "Running Custom Config Script..."
/vmimages/build/config.sh /vmimages/build/host.cfg
echo "Setting up VM Networking..."
/usr/sbin/esxcfg-vswitch -a vSwitch1
/usr/sbin/esxcfg-vswitch vSwitch1 -L vmnic5
/usr/sbin/esxcfg-vswitch vSwitch1 -L vmnic6
/usr/sbin/esxcfg-vswitch vSwitch1 -A "192.168.3.1 Subnet"
/usr/sbin/esxcfg-vswitch vSwitch1 -p "192.168.3.1 Subnet" -v 53
/usr/sbin/esxcfg-vswitch vSwitch1 -A "192.168.4.1 Subnet"
/usr/sbin/esxcfg-vswitch vSwitch1 -p "192.168.4.1 Subnet" -v 54
/usr/sbin/esxcfg-vswitch vSwitch1 -A "192.168.5.1 Subnet"
/usr/sbin/esxcfg-vswitch vSwitch1 -p "192.168.5.1 Subnet" -v 55
/usr/sbin/esxcfg-vswitch vSwitch1 -A "192.168.6.1 Subnet"
/usr/sbin/esxcfg-vswitch vSwitch1 -p "192.168.6.1 Subnet" -v 56
cp -f /etc/rc.d/rc.local.sav /etc/rc.d/rc.local
umount /tmp/build
rmdir /tmp/build
echo "Scripted Build - Rebooting Server..."
reboot
EOF1
chmod +x /vmimages/build.sh
cp /etc/rc.d/rc.local /etc/rc.d/rc.local.sav
echo "/vmimages/build.sh" >>/etc/rc.d/rc.local
It calls a build script which looks like this:
#!/bin/sh
\# John Gison
doUsage()
{
echo USAGE: config.sh \[server.cfg]
echo EXAMPLE: config.sh ks.cfg
logger "$scriptName ERROR - incorrect usage"
exit 1
}
getConfig()
{
configFile=$1
\[ "$configFile" == "" ] && doUsage
\[ -r "$configFile" ] || { logger "$scriptName ERROR - unable to read config file \[ $configFile ]"; exit 1; }
. $configFile
logger "$scriptName - config file \[ $configFile ]"
}
setUsers()
{
echo "Adding default users..."
useradd vm_admin -c "Administrator" -p OeLfer$2OaIdk
useradd vm_ops -c "Operations" -p Wk425j5u7OiY
groupadd patrol
useradd patrol -c "Patrol" -G patrol,adm,sys -p XbA5252de6DWuA
logger "$scriptName - Added default users"
}
setSSHRoot()
{
echo "Allowing root to login via SSH..."
mv /etc/ssh/sshd_config /etc/ssh/sshd_config.old
sed -e "s/PermitRootLogin no/PermitRootLogin yes/g" /etc/ssh/sshd_config.old > /etc/ssh/sshd_config
rm -f /etc/ssh/sshd_config.old
logger "$scriptName - Set root to login via SSH"
}
remaneVMFS()
{
echo "Renaming VMFS Volume to be unique..."
vmkfstools /vmfs/volumes/storage1 -P | grep UUID > /vmimages/uuid.txt
ln -sf /vmfs/volumes/`sed -e "s/UUID: //g" /vmimages/uuid.txt` /vmfs/volumes/$HOSTNAME-VMFS
rm -f /vmimages/uuid.txt
logger "$scriptName - VMFS Volume renamed"
}
setNameResolution()
{
echo "Configuring Console Network..."
cp /etc/hosts /etc/hosts.bak
echo "# Built by automated script $scriptName $dateTime" > /etc/hosts
echo "127.0.0.1 localhost.localdomain localhost" >> /etc/hosts
echo "$ipaddress $iphostname.$ipdomain $iphostname" >> /etc/hosts
logger "$scriptName - configured /etc/hosts"
cp /etc/resolv.conf /etc/resolv.conf.bak
echo "# Built by automated script $scriptName $dateTime" > /etc/resolv.conf
echo search $ipdomain >> /etc/resolv.conf
echo nameserver $ippridns >> /etc/resolv.conf
echo nameserver $ipsecdns >> /etc/resolv.conf
logger "$scriptName - configured /etc/resolv.conf"
cp /etc/sysconfig/network /etc/sysconfig/network.bak
echo "# Built by automated script $scriptName $dateTime" > /etc/sysconfig/network
echo "HOSTNAME=$iphostname.$ipdomain" >> /etc/sysconfig/network
echo "GATEWAYDEV=vswif0" >> /etc/sysconfig/network
echo "GATEWAY=$ipgateway" >> /etc/sysconfig/network
echo "NETWORKING=yes" >> /etc/sysconfig/network
logger "$scriptName - configured /etc/sysconfig/network"
}
setNetwork()
{
echo "Configuring VM Network for $hwmodel..."
case $hwmodel in
HS20)
esxcfg-nics -s $scspeed -d full vmnic0
esxcfg-nics -s $scspeed -d full vmnic1
esxcfg-nics -s $dataspeed -d full vmnic2
esxcfg-nics -s $dataspeed -d full vmnic3
Settings for IBM HS20 with Broadcom netExtreme 570 in slots 8 and 5
logger "$scriptName - configured /etc/vmware/hwconfig - Hard Set NIC Speeds for $hwmodel";;
X366)
esxcfg-nics -s $scspeed -d full vmnic0
esxcfg-nics -s $scspeed -d full vmnic1
esxcfg-nics -s $dataspeed -d full vmnic2
esxcfg-nics -s $dataspeed -d full vmnic3
Settings for IBM HS20 with Broadcom netExtreme 570 in slots 8 and 5
echo "setting up VMotion/VMkernel NFS interface..."
esxcfg-vswitch vSwitch0 -L vmnic1
esxcfg-vswitch vSwitch0 -A vMotion
esxcfg-vswitch vSwitch0 -p vMotion -v 0
esxcfg-vmknic -a vMotion -i $vmotionip -n $vmotionnm
esxcfg-route $vmotiongw
logger "$scriptName - configured /etc/vmware/hwconfig - Hard Set NIC Speeds for $hwmodel";;
DL585)
Settings for DL585 with NC7170 in slots 5 and 7
echo device.esx.2.6.1.options = \"line_speed=$dataspeed auto_speed=0 full_duplex=1\" >> /etc/vmware/hwconfig
esxcfg-nics -s $scspeed -d full vmnic0
esxcfg-nics -s $scspeed -d full vmnic1
Data usually in 2 and 5, but set all to same speed.
esxcfg-nics -s $dataspeed -d full vmnic2
esxcfg-nics -s $dataspeed -d full vmnic3
esxcfg-nics -s $dataspeed -d full vmnic4
esxcfg-nics -s $dataspeed -d full vmnic5
echo "setting up VMotion/VMkernel NFS interface..."
esxcfg-vswitch vSwitch0 -L vmnic1
esxcfg-vswitch vSwitch0 -A vMotion
esxcfg-vswitch vSwitch0 -p vMotion -v 0
esxcfg-vmknic -a vMotion -i $vmotionip -n $vmotionnm
esxcfg-route $vmotiongw
logger "$scriptName - configured /etc/vmware/hwconfig - Hard Set NIC Speeds for $hwmodel";;
BL20PG3)
Settings for BL20p G3
esxcfg-nics -s $scspeed -d full vmnic0
esxcfg-nics -s $dataspeed -d full vmnic1
esxcfg-nics -s $dataspeed -d full vmnic2
logger "$scriptName - configured /etc/vmware/hwconfig - Hard Set NIC Speeds for $hwmodel";;
BL20PG2)
Settings for BL20p G2
esxcfg-nics -s $scspeed -d full vmnic0
esxcfg-nics -s $dataspeed -d full vmnic1
esxcfg-nics -s $dataspeed -d full vmnic2
logger "$scriptName - configured /etc/vmware/hwconfig - Hard Set NIC Speeds for $hwmodel";;
*)
echo "Unknown Hardware Model!"
logger "$scriptName - NOT configured /etc/vmware/hwconfig - $hwmodel Unknown hardware";;
esac
logger "$scriptName - configured /etc/vmware/hwconfig - Hard Set NIC Speeds for $hwmodel"
}
setHBA()
{
HBA tuning here
logger "$scriptName - HBA unchanged"
}
setSSHBANNER()
{
echo "Setting SSH Security Logon Banner Text..."
echo $bannertxt1 > /etc/ssh/banner
echo " " >>/etc/ssh/banner
echo $bannertxt2 >> /etc/ssh/banner
echo " " >> /etc/ssh/banner
echo $bannertxt3 >> /etc/ssh/banner
echo " " >> /etc/ssh/banner
echo $bannertxt4 >> /etc/ssh/banner
echo "banner /etc/ssh/banner" >> /etc/ssh/sshd_config
logger "$scriptName - Configured SSH Banner text"
}
setNTP()
{
requires $ntpserver to be set in config file
echo "Setting NTP Time source..."
esxcfg-firewall -e ntpClient
echo $ntpserver >> /etc/ntp/step-tickers
echo /etc/init.d/ntpd restart >> /etc/rc.local
chkconfig ntpd on
logger "$scriptName - configured NTP"
}
setNFS()
{
esxcfg-firewall -e nfsClient
esxcfg-nas -a TEMPLATES-NFS -o nfstemplateserver.server.name -s templates
esxcfg-nas -a $backuphost-NFS -o $backuphost.server.name -s esxranger
}
setMGMT()
{
case $hwmodel in
HS20)
setIBMMGT;;
X366)
setIBMMGT;;
DL585)
setHPMGT;;
DL580G2)
setHPMGT;;
BL20PG3)
setHPMGT;;
BL20PG2)
setHPMGT;;
BL25)
setHPMGT;;
*)
echo "Unknown Hardware Model!"
logger "$scriptName - NOT configured /etc/vmware/hwconfig - $hwmodel Unknown hardware";;
esac
}
setHPMGT()
{
echo "Configuring HP Management Agents..."
esxcfg-firewall -e snmpd
esxcfg-firewall -o 2381,tcp,in,hpim
cd /vmimages
tar -xvzf /vmimages/build/hpmgmt-7.5.1a-vmware.tar >/dev/null 2>&1
cd /vmimages/hpmgmt/751a
cp /vmimages/build/smhpd.xml /vmimages/hpmgmt/751a/smhpd.xml
/vmimages/hpmgmt/751a/installvm751.sh --silent --inputfile /vmimages/build/hpmgmt.cfg >/dev/null 2>&1
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.old1
cp /vmimages/build/snmpd.conf /etc/snmp/snmpd.conf
logger "$scriptName - Setup HP Management Agents"
}
setIBMMGT()
{
install of IBM Director Agent
echo "Configuring IBM Director Agents...this may take a few minutes."
esxcfg-firewall -e snmpd
esxcfg-firewall -o 14247,tcp,in,ibmdir
esxcfg-firewall -o 14247,udp,in,ibmdir
esxcfg-firewall -o 14248,tcp,in,ibmdir
mkdir /vmimages/director
cd /vmimages/director
tar -xvf /vmimages/build/dir5.10_agent_linux.tar >/dev/null 2>&1
cd /vmimages/director/FILES
/vmimages/director/FILES/dir5.10_agent_linux.sh -r /vmimages/director/FILES/diragent.rsp >/dev/null 2>&1
install of System Availability Agent
echo "Configuring IBM System Availability Agent."
cd /vmimages/director
tar -xvf /vmimages/build/dir5.10_sysavailagent_linux.tar >/dev/null 2>&1
rpm -ivh SysAvailAgent-5.10-1.i386.rpm >/dev/null 2>&1
install of IBM VMM Agent for Director
echo "Configuring IBM Virtual Machine Manager Agent."
rpm -ivh /vmimages/build/40k1491.rpm >/dev/null 2>&1
logger "$scriptName - IBM Director Agents configured for $hwmodel"
}
#
\# MAIN PROGRAM - ENTER HERE...
#
scriptName=`basename $0`
dateTime=`date '+%c'`
bannertxt1="Legal warning test line 1."
bannertxt2="Legal warning test line 2."
bannertxt3="Legal warning test line 3."
bannertxt4="Legal warning test line 4."
logger "$scriptName - started"
echo "Starting $scriptName..."
getConfig $1
setUsers
setSSHRoot
remaneVMFS
setNameResolution
setNetwork
setMGMT
setSSHBANNER
setNTP
setNFS
logger "$scriptName - ended"
exit 0
John,
This was exactly the info I was looking for!
This will keep me busy for a while
Thanks for sharing!
William
No problems
Hope you find something in there useful...
John
John,
You have great script to peform post installation tasks. I really like it.
However, I have a problem with firewall, i can't download the source files and config.sh from my nfs server. It seems, I can't enable nfsclient.
Did you face similar problem? Any suggestion to resolve this issue?
Thank you very much John
Great share!
William,
Not sure if anyone answered your question on the %vmlicense_text section, but it is used when using host based licenses. Not used when using Virtual Center.
SRVESX,
try the following before trying to get the source files from the NFS share:
esxcfg-firewall --allowIncoming
esxcfg-firewall --allowOutgoing
Make sure you do the following at the end of post installation configuration:
esxcfg-firewall --blockIncoming
esxcfg-firewall --blockOutgoing
I hope this helps
Ant