[sles-beta] SLES12 Beta7 x86_64 Modules and autoyast and yast clone_system??

Ladislav Slezak lslezak at suse.cz
Wed Jun 4 08:11:09 MDT 2014 

Dne 4.6.2014 08:38, Peter Varkoly napsal(a):
> Am Dienstag, den 03.06.2014, 09:26 +0000 schrieb urs.frey at post.ch:
>> Hi
>>  
>> With SLES12 Beta7 the new module concept got introduced.
>> When installing interactively after the subscription registration one
>> gets to the screen where one could add some of the new modules.
>>  
>> In a server environment only unattended installation is the used case.
>> I wonder how the new module concept will be implemented to autoyast.
>> A mechanism to register a subscription and connecting repositories has
>> not been implemented to autoyast yet, has it? 

The Autoyast support is still not finished yet. Currently there is just a basic
support for registering the base product.

For addons there is currently a simple UI where you have to fill the internal
add-on ID which is quite difficult to get.

It would be better to display the real available addons (just like during
installation), however this requires a registered system. And it needs to be
registered to the same server, mixing SCC and SMT use would not be possible
(e.g. creating a profile using a SMT server on a system registered to SCC).

The requirements are not clear yet, so if you could describe your use case it would
help us.

> This is implemented since SLE11 SP<I do not known>.
>   <suse_register>
>     <do_registration config:type="boolean">true</do_registration>
>     <reg_server></reg_server>
>     <reg_server_cert></reg_server_cert>
>     <register_regularly config:type="boolean">false</register_regularly>
>     <registration_data>
>       <email></email>
>       <regcode-sles></regcode-sles>
>     </registration_data>
>     <submit_hwdata config:type="boolean">true</submit_hwdata>
>     <submit_optional config:type="boolean">false</submit_optional>
>   </suse_register>
> This works with a SMT-server too.

This is SLE11 schema, in SLE12 it has been little bit changed, I tried to make it
backward compatible as possible, but I'm not sure whether SLE11 profiles will work
without any change... Again, it is not finished yet.

>>  
>> There is a simple use case: automated installation of a classic LAMP
>> server.
>> SUSE SMT is such a LAMP server. In my environment I have quite a
>> number of LAMP server installations.
>> How do I get PHP now?
>> With SLES11 I can select all software directly and also configure
>> directly in autoyast in the software section.
>>  
>> Can I simply add modules as add-on in autoyast?
> Yes.

This is not a clean solution and I'd avoid this. SCC (or SMT) returns
a service which is basically a list of repositories while add-on
uses just a single repository. The difference is that the service
contain -Pool and -Update repositories. Moreover the service can be dynamically
changed later, it allows adding or removing a repository, it is much more
flexible than a single repository...


>> How do I get the repository connection without registering the
>> subscription?
>> I see a hen – egg problem.
>>  
>> In my opinion there is something missing in the jigsaw-puzzle
>>  
>> When worrying about missing parts within the autoyast process because
>> of the new module handling, there is also another aspect to mention:
>>  
>> Of course yast clone_system also needs to be able to recognize the new
>> handling and should be able to separate the module part from the
>> ordinary bundle part.
>>  
>> The goal is to have a fully unattended SLES12 installation of a LAMP
>> server and the ability to clone this installation by getting a
>> functional autoinst.xml using yast clone_system.

Um, there is a problem with the registration code. Yast does not store it
anywhere in the system (for security reasons), only the credentials
received during registration are saved to /etc/zypp/credentials.d.

So if the system gets compromised you can easily remove it from
scc.suse.com (make the credentials invalid and free the subscription)
and then re-install it and register it using the same registration code
(without need for invalidating the code and receiving a new one).

Therefore cloning cannot fill the reg. code, the cloned profile will need
to be edited manually.


--

Ladislav Slezák
Appliance department / YaST Developer
Lihovarská 1060/12
190 00 Prague 9 / Czech Republic
tel: +420 284 028 960
lslezak at suse.com
SUSE

More information about the sles-beta mailing list