HOWTO Set up a Subversion repository for provisioning
From Consultancy.EdVoncken.NET
Contents |
Setting up the repositories
Note: I assume you are running Subversion 1.5 or newer (needed for "svn mkdir --parents")
In the current design, there are 3 Subversion repositories:
- provisioning
- Holds Cobbler settings, snippets and kickstarts. Also, holds our postinstall scripts.
- config
- Holds client configuration files, optionally with branching for Customer/Site/Distro/Profile/System specific settings.
- puppet
- Future development. This will hold the Puppet manifests and will eventually replace the config repository.
As root, create the new Subversion repositories (since we're using mod_dav_svn, they should be owned by Apache):
svnadmin create /var/www/svn/provisioning svnadmin create /var/www/svn/config svnadmin create /var/www/svn/puppet cd /var/www chown -R apache.apache svn/ chmod -R g+s svn/
As a normal user, set up your work area (for example, in ~/svn/) and check out the new repositories:
cd; mkdir svn; cd svn for repo in provisioning config puppet; do svn co http://localhost/repos/${repo}; done
Create the standard repository layout (trunk, tags, branches):
cd ~/svn
for repo in provisioning config puppet; do cd ${repo}; svn mkdir trunk tags branches; \
svn commit . -m "Created standard repository layout"; cd ..; done
Note: If necessary, use the "--username" parameter to log in to Subversion - check your Apache configuration for the proper authentication settings.
provisioning
Create the directory structure in your work area:
cd ~/svn/provisioning
svn update
svn mkdir trunk/{cobbler,kickstarts,snippets,triggers,postinstall}
svn commit . -m "Created directory structure for provisioning repository"
As root, import the Cobbler configuration files into Subversion (necessary because some files are only readable by root). Substitute your own username below:
svn import --username ed /etc/cobbler/ \ http://localhost/repos/provisioning/trunk/cobbler/ \ -m "Imported Cobbler configuration files" svn import --username ed /var/lib/cobbler/kickstarts/ \ http://localhost/repos/provisioning/trunk/kickstarts/ \ -m "Imported Cobbler kickstarts" svn import --username ed /var/lib/cobbler/snippets/ \ http://localhost/repos/provisioning/trunk/snippets/ \ -m "Imported Cobbler snippets" svn import --username ed /var/lib/cobbler/triggers/ \ http://localhost/repos/provisioning/trunk/triggers/ \ -m "Imported Cobbler triggers"
Oops! We need to remove the /etc/cobbler/users.digest file we just imported since it contains sensitive information (remember to change those passwords!):
svn delete --username ed http://localhost/repos/provisioning/trunk/cobbler/users.digest \ -m "Hide /etc/cobbler/users.digest from view; contains sensitive information"
Note: It is probably better to temporarily move /etc/cobbler/users.digest to another directory before importing the tree.
This way, the sensitive information does not get imported in the first place. Remember, the file is still there, in an older revision of the directory!
config
Create the basic directory structure for mainline development:
cd ~/svn/config
svn update
svn mkdir --parents trunk/{el4,el5,el6,fc12,fc13}/{noarch,i386,x86_64}/{home,etc,root}
svn commit . -m "Created basic directory structure for mainline development"
Add commonly needed subdirectories:
cd ~/svn/config
svn update
svn mkdir --parents trunk/{el4,el5,el6,fc12,fc13}/{noarch,i386,x86_64}/etc/pam.d
svn mkdir --parents trunk/{el4,el5,el6,fc12,fc13}/{noarch,i386,x86_64}/etc/profile.d
svn mkdir --parents trunk/{el4,el5,el6,fc12,fc13}/{noarch,i386,x86_64}/etc/ssh
svn mkdir --parents trunk/{el4,el5,el6,fc12,fc13}/{noarch,i386,x86_64}/etc/sysconfig/network-scripts
svn mkdir --parents trunk/{el4,el5,el6,fc12,fc13}/{noarch,i386,x86_64}/root/bin
svn mkdir --parents trunk/{el4,el5,el6,fc12,fc13}/{noarch,i386,x86_64}/usr/local/bin
svn commit . -m "Created basic directory structure for mainline development"
puppet
Working with the Config-repository
The config repository holds all client configuration files. We already created the directory structure that separates configuration files based on distribution (el4, el5) and architecture (noarch, i386, x86_64)
Creating a Customer-specific branch
Let's say we need to modify some of the configuration files specifically for our customer, ACME Firewalls. Initially, all modifications will be made under the "default" site:
cd ~/svn/config/branches/customer svn mkdir acmefirewalls svn commit . -m "Create customer directory for ACME Firewalls" svn copy http://localhost/repos/config/trunk \ http://localhost/repos/config/branches/customer/acmefirewalls/default \ -m "Create customer branch for ACME Firewalls, default site" svn update
Creating a Site-specific branch
ACME Firewalls has several sites (data centers). The new site is "AMS":
svn copy http://localhost/repos/config/branches/customer/acmefirewalls/default \ http://localhost/repos/config/branches/customer/acmefirewalls/AMS -m "Create site-specific branch for ACME Firewalls, site AMS" svn update
Creating a Distro-specific branch
Creating a Profile-specific branch
Creating a System-specific branch
Let's say the customer has a system named "Intranet" that requires custom configuration. The system will run Red Hat Enterprise Linux version 5, 32-bit. We should create a new branch off the Customer-specific branch:
svn copy http://localhost/repos/config/branches/customer/acmefirewalls/default/el5/i386 \ http://localhost/repos/config/branches/system/acmefirewalls/default/intranet \ -m "Create branch for ACME Firewalls, system Intranet" svn update
Navigation
- HOWTO Build your own provisioning server
- HOWTO Configure Cobbler on Fedora or Red Hat
- HOWTO Set up a Subversion repository for provisioning
- HOWTO Set up a Post-Install environment for provisioning
- HOWTO Set up a Yum repository for provisioning