Chapter 11. Bare Metal Installation
142
• python-cherrypy: A Python HTTP server which is distributed by default with most Linux
distributions. For example, both CentOS and Ubuntu have this package.
• ipset: An iptables tool which provides ipset match. In Ubuntu, ipset is provided by default. In
Cent OS, it is not provided by default; you need to download it from a third party. For example:
http://www.wandin.net/dotclear/index.php?post/2012/05/26/Installing-ipset-on-CentOS-6
• libmnl: ipset dependent library. it's usually available with ipset rpm for downloading
2. Place the RPMs in a directory that is accessable by browser through HTTP.
3. Create a repo where the kickstart installer can find the security group agent when it's time to
install. Run the following command:
# createrepo <path_to_rpms>
For example, if the RPMs are in the following directory:
/var/www/html/securitygroupagent/
The command would be:
createrepo /var/www/html/securitygroupagent/
The repo file will be created in /var/www/html/securitygroupagent/.
4. Add the security group agent package to the kickstart file that you are using for your bare metal
template. Make the following modifications in the kickstart file:
a. Add the repo that you created in the previous step. Insert the following command above the
%package section, before reboot. Substitute the desired repo name, IP address, and the
directory in the base URL (if you didn't use the name securitygroupagent in the previous step).
repo --name=<repo_name> --baseurl=http://<ip_address>/securitygroupagent/
b. In the %package section of the kickstart file, add all the RPMs. For example:
%package
libmnl
ipset
python-cherrypy
security_group_agent
c. In the %post section, add the following:
%post
chkconfig iptables off
chkconfig cs-sgagent on
service cs-sgagent start
This will close iptables to flush the default iptables rules set by the OS (CloudPlatform does
not need them), then set the security group agent to "on" and immediately start the agent.