Overview

The hv02.ovh.rpmfusion.net host is a HyperVisor server to be used for RPM Fusion related services.

Server details :

Hostname : hv02.ovh.rpmfusion.net aka ks313095.kimsufi.com
Hardware : OVH Kemsirve i7-2T, i7 920 (4 x 2(HT) x 2.66GHz), 8GB DDR3, 2 x 1TB SATA (RAID-1 software)
Network : 100Mbps switch port, 3TB monthly traffic (switch port limited to 10Mbps when exceeded)
Main IPv4 address : 188.165.226.50/24 gw 188.165.226.254
Additional IPv4 failover addresses :
- 46.105.55.71 associated with 02:00:00:28:b9:9d used for se01.ovh.rpmfusion.net
- 46.105.55.72 associated with 02:00:00:73:6a:fd used for se02.ovh.rpmfusion.net
- 46.105.55.73 associated with 02:00:00:aa:ff:cf used for se03.ovh.rpmfusion.net
IPv6 network : 2001:41d0:2:ad32::/64

Management : OVH Manager with the rf30282-ovh RPM Forge account. This includes network traffic reports, tech support, remote reboot, DNS reverse mappings, etc.

Services

Detail of services running on the host and its virtual servers :

hv02.ovh.rpmfusion.net :
- Web for static files and reverse proxying (nginx)
- DHCP for virtual server installations
- IPv4 NAT for *.lan servers
se01.ovh.rpmfusion.net :
- Primary DNS
- SMTP, main MX
- Mailman
se02.ovh.rpmfusion.net :
- MoinMoin website
se03.ovh.rpmfusion.net :
- TBD
puppet.ovh.rpmfusion.lan :
- Puppet master
builder1.ovh.rpmfusion.lan :
- Plague builder for i386 and x86_64
bugzilla.ovh.rpmfusion.lan :
- Bugzilla (behind the host's reverse proxy)

(Re)Installation

Installed with CentOS 5 64bit in English. Steps below are mostly raw notes, yet easily understandable.

Post-Install Manual Steps

vi /etc/sysconfig/network
# HOSTNAME=hv02.ovh.rpmfusion.net
# NETWORKING_IPV6=yes
vi /etc/crontab # remove the last line for rtm
vi /etc/fstab
# remove /home and swap
umount /home
mdadm --manage --stop /dev/md2
vi /etc/mdadm.conf # remove md2 line
swapoff -a
fdisk /dev/sda
# delete 3 & 2
# n p 2 : first 1306 last 120557
# n p 3 : first 120558 last enter
# t 2 fd
# t 3 fd
fdisk /dev/sdb # same changes
partprobe
mdadm --create /dev/md2 --metadata=0.90 --level=1 --raid-devices=2 /dev/sda2 /dev/sdb2
mdadm --create /dev/md3 --metadata=0.90 --level=1 --raid-devices=2 /dev/sda3 /dev/sdb3
mkswap -f /dev/md3
vi /etc/fstab # add : /dev/md3        none    swap    defaults        0       0
swapon -a
free

Upgrade to RHEL6 somehow. This requires only updating to an intermediate xz-aware rpm-4.7.1-6.el5 build and its requirements, then pointing to a RHEL6 repository.

Main /srv Mount Point & Repositories

pvcreate /dev/md2
vgcreate vg0 /dev/md2
lvcreate -L512G -nsrv vg0
vi /etc/mdadm.conf
# add md2 and md3 with UUID
# get with mdadm --detail /dev/md2
mkfs.ext4 -j -m 1 -L srv /dev/vg0/srv
tune2fs -c 0 -i 0 /dev/vg0/srv
vi /etc/fstab # add : /dev/vg0/srv    /srv    ext4    noatime,nodiratime,commit=120      0       0
# !!! Add ,commit=120 for all ext* filesystems!
mount /srv
mkdir -p /srv/repo/redhat/el{5,6}/x86_64
ln -s el5 /srv/repo/redhat/el5Server
ln -s el6 /srv/repo/redhat/el6Server
# sync iso (loop mount, create os), updates (and optional for el6) from somewhere

Use the local repository :

rm -rf /var/cache/yum/*
mv /etc/yum.repos.d/* /tmp/
vi /etc/yum.repos.d/el.repo
[os]
name=Red Hat Enterprise Linux $releasever - $basearch - OS
baseurl=file:///srv/repo/redhat/el$releasever/$basearch/os/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

[updates]
name=Red Hat Enterprise Linux $releasever - $basearch - Updates
baseurl=file:///srv/repo/redhat/el$releasever/$basearch/updates/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

Tweaks

yum remove bind bind-chroot
vi /etc/resolv.conf # remove 127.0.0.1
yum remove 'man-pages-??' specspo
# Some obtained by "yum list extras"
yum remove 'abrt*' esound Deployment_Guide-en-US xen-libs qpixman htmlview compat-libcap
yum remove libvolume_id pkinit-nss qffmpeg-libs etherboot-zroms-kvm e4fsprogs-libs
# The EL5 updates are more recent than the EL6 packages
yum downgrade dmidecode less pciutils
chkconfig iscsi off
chkconfig iscsid off
chkconfig --level 345 ntpd on
service ntpd start

KVM Hypervisor

yum update
yum install kvm python-virtinst libvirt.x86_64 virt-top
rm -f /etc/libvirt/qemu/networks/autostart/default.xml
service libvirtd start
chkconfig --level 345 ksm on
chkconfig --level 345 ksmtuned on

Network

/etc/sysconfig/network-scripts/ifcfg-eth0 :

DEVICE=eth0
BRIDGE=br0
ONBOOT=yes

/etc/sysconfig/network-scripts/ifcfg-br0 :

# Main public Ethernet
DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
IPADDR=188.165.226.50
NETMASK=255.255.255.0
GATEWAY=188.165.226.254
ONBOOT=yes
# IPv6
IPV6INIT=yes
IPV6ADDR=2001:41d0:2:ad32::cafe/56
IPV6_DEFAULTGW=2001:41d0:2:adff:ff:ff:ff:ff

/etc/sysconfig/network-scripts/ifcfg-br1 :

# Private Ethernet (IPv4 only)
DEVICE=br1
TYPE=Bridge
BOOTPROTO=static
IPADDR=192.168.230.254
NETMASK=255.255.255.0
ONBOOT=yes
# IPv6
IPV6INIT=no

Give IPv4 access to the guests being installed :

vi /etc/sysctl.conf
# net.ipv4.ip_forward = 1
sysctl -p
iptables -t nat -A POSTROUTING -o br0 -s 192.168.230.0/24 -j MASQUERADE
service iptables save

DHCP Server

To make it trivial to install KVM guests using virt-install, the host will have a DHCP server on the private bridge :

yum install dhcp
vi /etc/dhcp/dhcpd.conf
chkconfig --level 345 dhcpd on
service dhcpd start

With /etc/dhcp/dhcpd.conf :

ddns-update-style                       none;

subnet 192.168.230.0 netmask 255.255.255.0 {
        option routers                  192.168.230.254;
        option subnet-mask              255.255.255.0;

        option domain-name              "ovh.rpmfusion.net";
        option domain-name-servers      213.186.33.99;

        range dynamic-bootp             192.168.230.128 192.168.230.160;
        default-lease-time              21600;
        max-lease-time                  43200;
}

Web Server

In order to serve kickstart files as well as the local yum repositories, we also have a trivial static web server. It will be extended to also serve as a Fedora and RPM Fusion mirror :

rpm -Uvh http://download.fedora.redhat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm
yum install nginx
vi /etc/nginx/nginx.conf
# With the important change being to have : location / { root /srv; }
chkconfig --level 345 nginx on
service nginx start

KVM Guests

se01.ovh.rpmfusion.net

Kickstart file :

# Kickstart file for RHEL6 - se01.ovh.rpmfusion.net

install
text
reboot
url --url=http://192.168.230.254/repo/redhat/el6Server/x86_64/install
lang en_US.UTF-8
keyboard us
# Configure eth0 in post
network --device eth0 --bootproto static --noipv4
network --hostname se01.ovh.rpmfusion.net --device eth1 --bootproto static --ip 192.168.230.1 --netmask 255.255.255.0 --gateway 192.168.230.254 --nameserver 213.186.33.99
rootpw tototo
firewall --service=ssh --port=domain:udp --port=domain:tcp
services --disabled anacron,auditd --enabled=ntpd
authconfig --enableshadow --passalgo=sha512 --enablefingerprint
selinux --enforcing
timezone --utc Europe/Paris

bootloader --location=mbr --append="console=ttyS0,9600 crashkernel=auto"
clearpart --all --initlabel
part / --asprimary --fstype=ext4 --size=100 --grow --fsoptions="commit=120"
part swap --asprimary --recommended

repo --name="Red Hat Enterprise Linux 6" --baseurl=http://192.168.230.254/repo/redhat/el6Server/x86_64/install/ --cost=100

%packages --nobase
@core
-rhn-check
-rhn-client-tools
-rhn-setup
-rhnlib
-rhnsd
-subscription-manager
-yum-rhn-plugin
bind-utils
elinks
iptraf
lsof
man
mtr
nmap
ntp
openssh-clients
prelink
rsync
screen
strace
sysstat
tcpdump
telnet
vim-enhanced
wget
yum-utils
%end

%post --log=/root/ks-post.log

wget -O /etc/yum.repos.d/el.repo http://192.168.230.254/install/el.repo

# Disable all tty consoles, since we run headless (the serial one is active)
sed -i -e 's|RUNLEVEL=\[2345\]|RUNLEVEL=[45]|' /etc/init/start-ttys.conf

# Hacks to get the main IPv4 address with its /32 mask to work + add IPv6
# eth0
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
BOOTPROTO="static"
DNS1="213.186.33.99"
HWADDR="02:00:00:28:b9:9d"
IPADDR="46.105.55.71"
NETMASK="255.255.255.255"
NM_CONTROLLED="no"
ONBOOT="yes"
# IPv6
IPV6INIT="yes"
IPV6ADDR="2001:41d0:2:ad32::1/64"
IPV6_AUTOCONF="yes"
EOF
# eth1 (to remove DNS and gateway from here)
cat > /etc/sysconfig/network-scripts/ifcfg-eth1 << EOF
DEVICE="eth1"
BOOTPROTO="static"
HWADDR="52:54:00:FF:BB:92"
IPADDR="192.168.230.1"
NETMASK="255.255.255.0"
NM_CONTROLLED="no"
ONBOOT="yes"
EOF
# eth0 routes, to get a default gateway working
cat > /etc/sysconfig/network-scripts/route-eth0 << EOF
# The HV's directly connected network
ADDRESS0=188.165.226.0
NETMASK0=255.255.255.0
# The default gateway, on the network above
ADDRESS1=0.0.0.0
NETMASK1=0.0.0.0
GATEWAY1=188.165.226.254
EOF

%end

Block device and virt-install run :

lvcreate -L16G -nse01 vg0
virt-install --name=se01 --ram=2048 --vcpus=8 --os-variant=rhel6 --hvm --accelerate \
  --location=/srv/repo/redhat/el6Server/x86_64/install --disk=path=/dev/vg0/se01 \
  --network=bridge=br0,mac=02:00:00:28:b9:9d --network=bridge=br1,mac=52:54:00:ff:bb:92 \
  --nographics --keymap=us \
  --extra-args="console=ttyS0,9600 ksdevice=eth1 ks=http://192.168.230.254/install/ks/se01.ks"

se02.ovh.rpmfusion.net

lvcreate -L16G -nse02 vg0
virt-install --name=se02 --ram=2048 --vcpus=8 --os-variant=rhel6 --hvm --accelerate \
  --location=/srv/repo/redhat/el6Server/x86_64/install --disk=path=/dev/vg0/se02 \
  --network=bridge=br0,mac=02:00:00:73:6a:fd --network=bridge=br1,mac=52:54:00:ff:bb:93 \
  --nographics --keymap=us \
  --extra-args="console=ttyS0,9600 ksdevice=eth1 ks=http://192.168.230.254/install/ks/se02.ks"

se03.ovh.rpmfusion.net

lvcreate -L16G -nse03 vg0
virt-install --name=se03 --ram=2048 --vcpus=8 --os-variant=rhel6 --hvm --accelerate \
  --location=/srv/repo/redhat/el6Server/x86_64/install --disk=path=/dev/vg0/se03 \
  --network=bridge=br0,mac=02:00:00:aa:ff:cf --network=bridge=br1,mac=52:54:00:ff:bb:94 \
  --nographics --keymap=us \
  --extra-args="console=ttyS0,9600 ksdevice=eth1 ks=http://192.168.230.254/install/ks/se03.ks"

Note : Since old02 needed its ssh service facing the outside for the CVS service, se03 redirects port 22 to old02 and has its own ssh service available on port 2222 instead of 22.

puppet.ovh.rpmfusion.lan

lvcreate -L4G -npuppet vg0
virt-install --name=puppet --ram=512 --vcpus=4 --os-variant=rhel6 --hvm --accelerate \
  --location=/srv/repo/redhat/el6Server/x86_64/install --disk=path=/dev/vg0/puppet \
  --network=bridge=br0,mac=52:54:00:ff:bb:a1 --network=bridge=br1,mac=52:54:00:ff:bb:b1 \
  --nographics --keymap=us \
  --extra-args="console=ttyS0,9600 ksdevice=eth1 ks=http://192.168.230.254/install/ks/puppet.ks"

Then to start the puppetmaster :

yum install puppet-server policycoreutils-python
mkdir -p /etc/selinux/local/puppetmaster
cd /etc/selinux/local/puppetmaster/
cat > messages << 'EOF'
avc:  denied  { search } for  pid=1368 comm="puppetmasterd" name="/" dev=sysfs ino=1 context=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir
avc:  denied  { search } for  pid=1910 comm="puppetmasterd" name="/" dev=sysfs ino=1 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir
avc:  denied  { getattr } for  pid=1368 comm="puppetmasterd" path="/usr/bin/chage" dev=vda1 ino=4005 context=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:passwd_exec_t:s0 tclass=file
avc:  denied  { execute } for  pid=1368 comm="puppetmasterd" name="chage" dev=vda1 ino=4005 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:passwd_exec_t:s0 tclass=file
avc:  denied  { name_bind } for  pid=1495 comm="puppetmasterd" src=13808 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=udp_socket
avc:  denied  { node_bind } for  pid=1495 comm="puppetmasterd" src=20571 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:node_t:s0 tclass=udp_socket
avc:  denied  { getattr } for  pid=1586 comm="puppetmasterd" path="/usr/bin/chage" dev=vda1 ino=4005 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:passwd_exec_t:s0 tclass=file
avc:  denied  { read } for  pid=1650 comm="puppetmasterd" name="config" dev=vda1 ino=11895 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
avc:  denied  { relabelfrom } for  pid=1650 comm="puppetmasterd" name="serial" dev=vda1 ino=14200 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=unconfined_u:object_r:puppet_var_lib_t:s0 tclass=file
avc:  denied  { relabelto } for  pid=1822 comm="puppetmasterd" name="serial" dev=vda1 ino=16975 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:puppet_var_lib_t:s0 tclass=file
avc:  denied  { open } for  pid=1822 comm="puppetmasterd" name="config" dev=vda1 ino=11895 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
avc:  denied  { getattr } for  pid=1870 comm="puppetmasterd" path="/etc/selinux/config" dev=vda1 ino=11895 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
EOF
audit2allow -M puppetmaster -i messages; semodule -i puppetmaster.pp
vi /etc/puppet/manifests/site.pp
service puppetmaster start

To later work with stored configurations and dashboard, there are also needed :

avc:  denied  { search } for  pid=6183 comm="puppetmasterd" name="mysql" dev=vda1 ino=260574 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:mysqld_db_t:s0 tclass=dir
avc:  denied  { name_connect } for  pid=6183 comm="puppetmasterd" dest=3000 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:ntop_port_t:s0 tclass=tcp_socket
avc:  denied  { write } for  pid=6183 comm="puppetmasterd" name="mysql.sock" dev=vda1 ino=260680 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=unconfined_u:object_r:mysqld_var_run_t:s0 tclass=sock_file
avc:  denied  { connectto } for  pid=6183 comm="puppetmasterd" path="/var/lib/mysql/mysql.sock" scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=unconfined_u:system_r:mysqld_t:s0 tclass=unix_stream_socket

And on nodes :

grep -q puppet.ovh.rpmfusion.lan /etc/hosts || echo "192.168.230.11 puppet.ovh.rpmfusion.lan" >> /etc/hosts
yum install puppet ruby-rdoc
puppet agent --onetime --no-daemonize --logdest=/var/log/puppet/puppet.log --logdest=console --server=puppet.ovh.rpmfusion.lan
# Then the usual puppetca --sign on the puppetmaster

bugzilla.ovh.rpmfusion.lan

lvcreate -L4G -nbugzilla vg0
virt-install --name=bugzilla --ram=512 --vcpus=4 --os-variant=rhel6 --hvm --accelerate \
  --location=/srv/repo/redhat/el6Server/x86_64/install --disk=path=/dev/vg0/bugzilla \
  --network=bridge=br0,mac=52:54:00:ff:bb:c1 --network=bridge=br1,mac=52:54:00:ff:bb:c2 \
  --nographics --keymap=us \
  --extra-args="console=ttyS0,9600 ksdevice=eth1 ks=http://192.168.230.254/install/ks/bugzilla.ks"

builder1.ovh.rpmfusion.lan

lvcreate -L 256G -n builder1 vg0
virt-install --name=builder1 --ram=2048 --vcpus=4 --os-variant=rhel6 --hvm --accelerate \
  --location=/srv/repo/redhat/el6Server/x86_64/install --disk=path=/dev/vg0/builder1 \
  --network=bridge=br0,mac=52:54:00:ff:bb:c3 --network=bridge=br1,mac=52:54:00:ff:bb:c4 \
  --nographics --keymap=us \
  --extra-args="console=ttyS0,9600 ksdevice=eth1 ks=http://192.168.230.254/install/ks/builder1.ks"

DNS Server

The DNS Server is entirely puppet managed. All zones must be edited on the puppet master then applied on se01.

Note that a glue record has been created using the OVH Manager for the ns1.rpmfusion.net entry, pointing to 46.105.55.71.

DNS Servers for RPM Fusion domains :

ns1.rpmfusion.net
ns.kimsufi.com

Local Infra Package Repository

On hv02, under /srv/repo/redhat/el6/x86_64/rpmfusion-infra/ are located both "custom/" (home made and/or rebuilt with tweaks) and "epel/" (binaries copied from EPEL) packages. Any required package not provided by the original Red Hat Enterprise Linux 6 repositories must be copied there, under the correct sub-directory. Always manage the files as the rpmfusion user.

To regenerate the repository's metadata :

[rpmfusion@hv02 ~]$ repo /srv/repo/redhat/el6/x86_64/rpmfusion-infra

All of the servers use this repository automatically, enabled from the el.repo installed by kickstart.

Xen Guests Migrated To KVM

Notes

Existing 32bit RHEL5 Xen guests on the es.rpmfusion.net network, the initial infrastructure servers, have been moved as-is. This is because they have legacy services which are still critical to RPM Fusion, such as CVS and Plague, not worth reconfiguring from scratch. Time will be best spent migrating to newer services such as Git and Koji.

Migration notes :

Initial sync example (best done from the source HV with the stopped VM instead of the running source VM) :

# Server sync
rsync --numeric-ids -avHPSx --exclude=lost+found --delete se02.es.rpmfusion.net:/ /srv/old-es/se02
# NFS data sync
rsync --numeric-ids -avHPSx --exclude=lost+found --delete files01.es6.egwn.net:/nfs/rpmf/ /srv/nfs

Kickstart a clean KVM guest, see each server's virt-install command.

Mount the new LV to be accessible and sync to it :

kpartx -a /dev/vg0/old02
mount /dev/mapper/vg0-old02p1 /mnt/old02
# We'll keep the x86_64 bit grub and kernel+modules, replace all the rest
# That way we have a clean MBR, initrd and grub conf (serial console)
rsync --numeric-ids -avHPSx --exclude=lost+found --delete --exclude=/boot --exclude=/lib/modules /srv/old-es/se02/ /mnt/old02

Inside the copied file tree :

# Replace /dev/xvda with /dev/vda1, /dev/xvdb with /dev/vda2
vi /etc/fstab
# Replace NFS server :
# files01.es6.egwn.lan:/nfs/rpmf -> 192.168.230.254:/srv/nfs
vi /etc/fstab
files01.es6.egwn.lan:/nfs/rpmf/repo /srv/cache/ nfs tcp,rsize=8192,wsize=8192,hard,intr 0 0
192.168.230.254:/srv/nfs/repo /srv/cache/ nfs tcp,rsize=8192,wsize=8192,hard,intr 0 0
# HOSTNAME=old...ovh.rpmfusion.lan
# GATEWAY=192.168.230.3
vi /etc/sysconfig/network
# Replace content entirely (new IP addressing, new MAC addresses)
vi /etc/sysconfig/network-scripts/ifcfg-eth0
vi /etc/sysconfig/network-scripts/ifcfg-eth1
# domain ovh.rpmfusion.lan
# search ovh.rpmfusion.lan
# nameserver 213.186.33.99
vi /etc/resolv.conf
# Replace xvc0 with ttyS0
# co:2345:respawn:/sbin/agetty ttyS0 9600 vt100-nav
vi /etc/inittab
# Add ttyS0
vi /etc/securetty
# Replace xennet with virtio_net and xenblk with virtio_blk
vi /etc/modprobe.conf
# Update hostname and IP address (keep only 127.0.0.1 line)
vi /etc/hosts
# Remove broken rules (!?) CLOSED, icmp, multiport
vi /etc/sysconfig/iptables

old02.ovh.rpmfusion.lan

Old name : se02.es.rpmfusion.net
Installation :

lvcreate -L 12G -n old02 vg0
virt-install --name=old02 --ram=512 --vcpus=2 --os-variant=rhel5.4 --hvm --accelerate \
  --location=/srv/repo/redhat/el5Server/x86_64/os --disk=path=/dev/vg0/old02 \
  --network=bridge=br0,mac=52:54:00:ff:bb:c5 --network=bridge=br1,mac=52:54:00:ff:bb:c6 \
  --nographics --keymap=us \
  --extra-args="console=ttyS0,9600 ksdevice=eth1 ks=http://192.168.230.254/install/ks/old02.ks"

Services :
- FAS (with PostgreSQL)
- SSH on 22/tcp for CVS_RSH
- CVS on 2401/tcp
- Web :
  - FAS on https://fas.rpmfusion.org/accounts/ reverse proxied to http://localhost:8088/accounts
  - Source lookaside cache on /repo/pkgs/ for cvs.rpmfusion.org
  - ViewVC on cvs.rpmfusion.org

Completely changed configuration files :

/etc/sysconfig/network-scripts/ifcfg-eth0 :

# Virtio Network Device
DEVICE=eth0
HWADDR=52:54:00:FF:BB:C5
IPV6ADDR=
IPV6PREFIX=
ONBOOT=no

/etc/sysconfig/network-scripts/ifcfg-eth1 :

# Virtio Network Device
DEVICE=eth1
BOOTPROTO=static
HWADDR=52:54:00:FF:BB:C6
IPADDR=192.168.230.14
NETMASK=255.255.255.0
ONBOOT=yes

old03.ovh.rpmfusion.lan

Old name : se03.es.rpmfusion.net
Installation :

lvcreate -L 12G -n old03 vg0
virt-install --name=old03 --ram=512 --vcpus=2 --os-variant=rhel5.4 --hvm --accelerate \
  --location=/srv/repo/redhat/el5Server/x86_64/os --disk=path=/dev/vg0/old03 \
  --network=bridge=br0,mac=52:54:00:ff:bb:c7 --network=bridge=br1,mac=52:54:00:ff:bb:c8 \
  --nographics --keymap=us \
  --extra-args="console=ttyS0,9600 ksdevice=eth1 ks=http://192.168.230.254/install/ks/old03.ks"

Services :
- Plague Server on 8886/tcp and 8887/tcp with both MySQL and PostgreSQL
- Rsync on 873/tcp (unused, koji testing only)
- Web :
  - Plague on buildsys.rpmfusion.org (only http, https broken)

Completely changed configuration files :

/etc/sysconfig/network-scripts/ifcfg-eth0 :

# Virtio Network Device
DEVICE=eth0
HWADDR=52:54:00:FF:BB:C7
IPV6ADDR=
IPV6PREFIX=
ONBOOT=no

/etc/sysconfig/network-scripts/ifcfg-eth1 :

# Virtio Network Device
DEVICE=eth1
BOOTPROTO=static
HWADDR=52:54:00:FF:BB:C8
IPADDR=192.168.230.15
NETMASK=255.255.255.0
ONBOOT=yes

Work around plague's strict binding to its configured name :
- Edit /etc/plague/server/plague-server.cfg to have hostname = plague-any in the [General] section.
- Edit /etc/hosts to add an entry with : 0.0.0.0 plague-any

hv02.ovh.rpmfusion.net

Contents

Overview

Services

(Re)Installation

Post-Install Manual Steps

Main /srv Mount Point & Repositories

Tweaks

KVM Hypervisor

Network

DHCP Server

Web Server

KVM Guests

se01.ovh.rpmfusion.net

se02.ovh.rpmfusion.net

se03.ovh.rpmfusion.net

puppet.ovh.rpmfusion.lan

bugzilla.ovh.rpmfusion.lan

builder1.ovh.rpmfusion.lan

DNS Server

Local Infra Package Repository

Xen Guests Migrated To KVM

Notes

old02.ovh.rpmfusion.lan

old03.ovh.rpmfusion.lan

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Categories

Tools