Thank you, adding 'localcli network firewall unload' before '...nextdestiny...' fixed the problem. ESXi 5.1 installs OK now.
So, the %post section looks like this: %post --interpreter=busybox --ignorefailure=false localcli network firewall unload echo "<xcatrequest>\n<command>nextdestiny</command>\n</xcatrequest>" | /bin/openssl s_client -connect <xCAT_IP>:3001 On Sep 28, 2012, at 15:46 , Jarrod B Johnson <[email protected]> wrote: > Hmm, I used the stock template in hypervisor.tmpl without issue (network > seems to reliably latch on to BOOTIF. > > Of particular interest would be around this area, where we temporarily unload > the firewall so that updateflag can proceed. > > # tell xCAT management server we are done installing > # have to put in the IP address instead of the hostname because VMware > # ESXi 4.1 can not resolve IP addresses... > cp /etc/resolv.conf.xcat /etc/resolv.conf > localcli network firewall unload > for param in `vsish -e cat /system/bootCmdLine|grep weasel`; do > if [ ${param%=*} = "ks" ]; then > param=${param#*//} > param=${param%%/*} > xcatd=$param > fi > done > echo -e "<xcatrequest>\n<command>nextdestiny</command>\n</xcatrequest>" | > /bin/openssl s_client -quiet -connect $xcatd:3001 2>&1 | tee /tmp/foo.log > > > -----Dmitri Chebotarov <[email protected]> wrote: ----- > To: xCAT Users Mailing list <[email protected]> > From: Dmitri Chebotarov <[email protected]> > Date: 09/28/2012 01:29PM > Subject: Re: [xcat-user] ESXi 5.1 with xCAT > > Hi > > I'm not sure I can set/check firewall in %post steps. > hostd is not running on this step and 'esxcli network' commands fail (unable > to connect). > > I've found workaround (using wget and monitoring httpd access log on master > to see when node finished installing) and I'll suffice for now. > If it's know that ESXi 5.1 works OK then I'll keep looking for a reason why > openssl cannot connect. > > This is KS script for ESXi 5.1, which fails on %post steps. > > # kickstart script for esxi51 > > vmaccepteula > rootpw --iscrypted #CRYPT:passwd:key=vmware,username=root:password# > clearpart --alldrives --overwritevmfs > install --firstdisk --overwritevmfs > network --bootproto=static --addvmportgroup=false --device=#COMMAND:echo > #TABLE:noderes:$NODE:primarynic#|sed s/eth/vmnic/g# > --ip=#TABLE:hosts:$NODE:ip# --netmask=255.255.255.0 --gateway=<X> > --nameserver=<X> --hostname=#TABLE:noderes:$NODE:node# > reboot > > %post --interpreter=busybox --ignorefailure=false > echo "<xcatrequest>\n<command>nextdestiny</command>\n</xcatrequest>" | > /bin/openssl s_client -connect #TABLE:noderes:$NODE:xcatmaster#:3001 > > %firstboot --interpreter=busybox > > <... 1st boot steps...> > > Thanks > On Sep 25, 2012, at 4:13 , Hans-Joachim Ehlers > <[email protected]> wrote: > > > Could it be a firewall issue on the ESX host ? > > > > Can you execute something like "esxcfg-firewall --allowOutgoing" within > > your kickstart file ? > > > > Cheers > > Hajo > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > xCAT-user mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/xcat-user > > > > -- > Thank you, > > Dmitri Chebotarov > Virtual Computing Lab Systems Engineer, TSD - Ent Servers & Messaging > 223 Aquia Building, Ffx, MSN: 1B5 > Phone: (703) 993-6175 > Fax: (703) 993-3404 > > > > > > ------------------------------------------------------------------------------ > Got visibility? > Most devs has no idea what their production app looks like. > Find out how fast your code is with AppDynamics Lite. > http://ad.doubleclick.net/clk;262219671;13503038;y? > http://info.appdynamics.com/FreeJavaPerformanceDownload.html > _______________________________________________ > xCAT-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/xcat-user > > ------------------------------------------------------------------------------ > Got visibility? > Most devs has no idea what their production app looks like. > Find out how fast your code is with AppDynamics Lite. > http://ad.doubleclick.net/clk;262219671;13503038;y? > http://info.appdynamics.com/FreeJavaPerformanceDownload.html_______________________________________________ > xCAT-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/xcat-user -- Thank you, Dmitri Chebotarov Virtual Computing Lab Systems Engineer, TSD - Ent Servers & Messaging 223 Aquia Building, Ffx, MSN: 1B5 Phone: (703) 993-6175 Fax: (703) 993-3404 ------------------------------------------------------------------------------ Got visibility? Most devs has no idea what their production app looks like. Find out how fast your code is with AppDynamics Lite. http://ad.doubleclick.net/clk;262219671;13503038;y? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user
