CD2H gitForager

cloudfoundry/os-conf-release

Name: os-conf-release

Owner: Cloud Foundry

Description: Additional Linux OS configuration release

Created: 2016-04-14 19:03:24.0

Updated: 2018-04-23 13:46:33.0

Pushed: 2018-05-02 15:28:55.0

Homepage:

Size: 94

Language: Shell

GitHub Committers

User	Most Recent Commit	# Commits

Other Committers

User	Email	Most Recent Commit	# Commits

README

BOSH Linux OS Configuration Release

Enables configuration of a typical Linux OS:

customize login banner text (job: login_banner)
add UNIX users to VM (job: user_add)
add system wide CA certificates (job: ca_certs)
configure resolv.conf search domain (job: search_domain)
change TCP keepalive kernel args (job: tcp_keepalive)
apply arbitrary sysctls (job: sysctl)
enable IPv6 (job: enable_ipv6)

See https://github.com/cloudfoundry-incubator/windows-utilities-release for Windows OS configuration.

For a description of these and other functions, see jobs/.

Usage

Include the release:

ases:
me: os-conf
rsion: latest

Examples

In this example, we use BOSH's Runtime Config to customize login banner and create two users: first, an operator user with an encrypted password; second, a backup user with an ssh-key:

ns:
name: os-configuration
jobs:
- name: login_banner
  release: os-conf
  properties:
    login_banner:
      text: |
        Authorized Use Only.
        Unauthorized use will be prosecuted to the fullest extent of the law.
- name: user_add
  release: os-conf
  properties:
    persistent_homes: true
    users:
    - name: backup
      public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDbss5XtLYRYDeV8AmouVYOHmYPxPsN4F59fZnY4kJnimM3sk5TbP0ow19GMDppQOPzAQ1TcYH4sYhpnxwq5f32XYtw12rFnO8BatHISWIdjoEjHfdA1qLIMGouWZPbGIQ1qURbfJdR9e2shS7U/WSXD+AJ9Zy0ZKTsIvlukWSX8Nsxvfn7VaAFvhgI3YPmhjV3TCEVMDsWGbBXlMq+qiJt22JEOw+3dnrvfGzRUULGznO/8y4NvVQsQc5KGnJkeQWkmlOIrhUGYwd/hMn6zQEIxkR4elmwp+pjyLR0qYLUFjpMn2GJMG7lvTzF8SzQLhzTVrjW1E3nve2eCuJ5bB6/"
      shell: /bin/zsh # OPTIONAL: Defaults to `/bin/bash`
      sudo: false # OPTIONAL: Defaults to `true`

In this example, we configure our BOSH deployment manifest to configure the DNS search domain to pivotal.io and the TCP keepalive kernel settings:

ance_groups:
me: network-infrastructure
bs:
name: tcp_keepalive
release: os-conf
properties:
  tcp_keepalive:
    time:     120
    interval:  30
    probes:     8
name: search_domain
release: os-conf
properties:
  search_domain: pivotal.io

In this example, we enable the IPv6 protocol (note: there are no properties for the enable_ipv6 job):

ance_groups:
me: network-infrastructure
bs:
name: enable_ipv6
release: os-conf

See manifests/ and jobs/*/spec for more examples.

This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.