svn commit: r277263 - in projects/release-vmimage/release: . tools
Glen Barber
gjb at FreeBSD.org
Fri Jan 16 19:27:20 UTC 2015
Author: gjb
Date: Fri Jan 16 19:27:19 2015
New Revision: 277263
URL: https://svnweb.freebsd.org/changeset/base/277263
Log:
Add initial support for the GCE (Google Compute Engine)
cloud hosting provider image.
Many thanks to swills@ for his work on getting this to
this point.
Submitted by: swills
Sponsored by: The FreeBSD Foundation
Added:
projects/release-vmimage/release/tools/gce.conf (contents, props changed)
Modified:
projects/release-vmimage/release/Makefile.vm
Modified: projects/release-vmimage/release/Makefile.vm
==============================================================================
--- projects/release-vmimage/release/Makefile.vm Fri Jan 16 19:11:58 2015 (r277262)
+++ projects/release-vmimage/release/Makefile.vm Fri Jan 16 19:27:19 2015 (r277263)
@@ -16,9 +16,12 @@ QCOW2_DESC= Qemu, KVM disk image
RAW_DESC= Unformatted raw disk image
CLOUDWARE?= AZURE \
+ GCE \
OPENSTACK
AZURE_FORMAT= vhdf
AZURE_DESC= Microsoft Azure platform image
+GCE_FORMAT= raw
+GCE_DESC= Google Compute Engine image
OPENSTACK_FORMAT=qcow2
OPENSTACK_DESC= OpenStack platform image
Added: projects/release-vmimage/release/tools/gce.conf
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ projects/release-vmimage/release/tools/gce.conf Fri Jan 16 19:27:19 2015 (r277263)
@@ -0,0 +1,96 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# Set to a list of packages to install.
+export VM_EXTRA_PACKAGES="firstboot-freebsd-update firstboot-pkgs google-cloud-sdk google-daemon panicmail sudo firstboot-growfs google-startup-scripts"
+
+# Set to a list of third-party software to enable in rc.conf(5).
+export VM_RC_LIST="google_accounts_manager ntpd"
+
+vm_extra_install_base() {
+ echo 'search google.internal' > ${DESTDIR}/etc/resolv.conf
+ echo 'nameserver 169.254.169.254' >> ${DESTDIR}/etc/resolv.conf
+ echo 'nameserver 8.8.8.8' >> ${DESTDIR}/etc/resolv.conf
+}
+
+vm_extra_pre_umount() {
+ cat << EOF >> ${DESTDIR}/etc/rc.conf
+console="comconsole"
+dumpdev="AUTO"
+ifconfig_vtnet0="SYNCDHCP mtu 1460"
+ntpd_sync_on_start="YES"
+ntpd_enable="YES"
+sshd_enable="YES"
+google_accounts_manager_enable="YES"
+#disabled until I can figure out why the reboot for updates is hanging
+#firstboot_freebsd_update_enable="YES"
+#firstboot_pkgs_enable="YES"
+# need to fill in something here
+#firstboot_pkgs_list=""
+panicmail_autosubmit="YES"
+firstboot_growfs_enable="YES"
+google_startup_enable="YES"
+EOF
+
+ cat << EOF >> ${DESTDIR}/boot/loader.conf
+autoboot_delay="-1"
+beastie_disable="YES"
+loader_logo="none"
+hw.memtest.tests="0"
+console="comconsole"
+hw.vtnet.mq_disable=1
+kern.timecounter.hardware=ACPI-safe
+aesni_load="YES"
+nvme_load="YES"
+EOF
+
+ echo '169.254.169.254 metadata.google.internal metadata' > \
+ ${DESTDIR}/etc/hosts
+
+ # overwrite ntp.conf
+ cat << EOF > ${DESTDIR}/etc/ntp.conf
+server metadata.google.internal iburst
+
+restrict default kod nomodify notrap nopeer noquery
+restrict -6 default kod nomodify notrap nopeer noquery
+
+restrict 127.0.0.1
+restrict -6 ::1
+restrict 127.127.1.0
+EOF
+
+ cat << EOF >> ${DESTDIR}/etc/syslog.conf
+*.err;kern.warning;auth.notice;mail.crit /dev/console
+EOF
+
+ cat << EOF >> ${DESTDIR}/etc/ssh/sshd_config
+ChallengeResponseAuthentication no
+X11Forwarding no
+AcceptEnv LANG
+Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
+AllowAgentForwarding no
+ClientAliveInterval 420
+EOF
+
+ cat << EOF >> ${DESTDIR}/etc/crontab
+0 3 * * * root /usr/sbin/freebsd-update cron
+EOF
+
+ cat << EOF >> ${DESTDIR}/etc/sysctl.conf
+net.inet.icmp.drop_redirect=1
+net.inet.ip.redirect=0
+net.inet.tcp.blackhole=2
+net.inet.udp.blackhole=1
+kern.ipc.somaxconn=1024
+debug.trace_on_panic=1
+debug.debugger_on_panic=0
+EOF
+
+ sed -E -i '' 's/^([^#].*[[:space:]])on/\1off/' ${DESTDIR}/etc/ttys
+
+ touch ${DESTDIR}/firstboot
+
+ return 0
+}
More information about the svn-src-projects
mailing list