8 Configuring with Combustion #
This chapter describes Combustion‐the tool used to configure your system on first boot according to your configuration.
8.1 About Combustion #
Combustion is a dracut module that enables you to configure your system on
its first boot. Combustion reads a provided file, called
script
and executes commands in it and thus perform
changes to the file system. You can use Combustion to change the default
partitions, set users' passwords, create files, install packages, etc.
The Combustion dracut module is invoked after the
ignition.firstboot
argument is passed to the kernel
command line. Combustion then reads configuration from
script
. Combustion tries to configure network, if the
network flag has been found in script
. After
/sysroot
is mounted, Combustion tries to activate all
mount points in /etc/fstab
and then call
transactional-update
to apply other changes (like setting
root
password or installing packages).
When using Combustion, you need to label the configuration device with the
name combustion
, create a specific directory structure in
that configuration medium, and include a configuration file named
script
. In the root directory of the configuration
medium, create a directory called combustion
and place
the script
into this directory along with other
files—SSH key, configuration files, etc. The directory structure then
should look as follows:
<root directory> └── combustion └── script └── other files
You can use Combustion to configure your QEMU/KVM virtual machine. In this
case, pass the location of the script
file using the
fw_cfg
parameter of the qemu
command:
-fw_cfg name=opt/org.opensuse.combustion/script,file=/var/combustion-script
Combustion can be used along with Ignition. If you intend to do so, label
your configuration medium ignition
and include the
ignition
directory with the
config.ign
to your directory structure as shown below:
<root directory> └── combustion └── script └── other files └── ignition └── config.ign
In this scenario, Ignition runs before Combustion.
8.2 The script
configuration file #
The script
configuration file is a set of commands that
are executed on your system in a transactional-update shell. This section
provides examples for performing various configuration tasks by using
Combustion.
As the script
file is interpreted by shell, make sure
to start the file with the interpreter declaration at the first line, for example for Bash:
#!/bin/bash
If you want to log in to your system, include at least the root
password. Though it is recommend to establish the authentication using SSH
keys. If you need to use a root
password, make sure to configure a
secure password. In case you use a randomly generated password, use at least
10 characters. If you create your password manually, use even more than 10
characters and combine uppercase and lowercase letters, and numbers.
8.2.1 Network configuration #
To configure and use network connection during the first boot, add the
following statement to your script
:
# combustion: network
Using this statement will pass the rd.neednet=1
argument
to dracut. If you do not use the statement, the system will be configured
without any network connection.
8.2.2 Partitioning #
SLE Micro raw images are delivered with a default partitioning scheme as
described in Section 5.1, “Default partitioning”. You might want to
use a different partitioning. The following set of example snippets moves the
/home
to a different partition.
The following script performs changes that are not included in snapshots.
If the script fails and the snapshot get discarded, some changes remains
visible and cannot be reverted (like the changes to the
/dev/vdb
device.)
The following snippet creates a GPT with a single partition on the
/dev/vdb
device:
sfdisk /dev/vdb <<EOF label: gpt type=linux EOF partition=/dev/vdb1
As the sfdisk
command may take longer time to complete, postpone
label
by using the
sleep
command after sfdisk
.
The partition is formatted to BTRFS:
wipefs --all ${partition} mkfs.btrfs ${partition}
Possible content of /home
is moved to the new
/home
folder location by the following snippet:
mount /home mount ${partition} /mnt rsync -aAXP /home/ /mnt/ umount /home /mnt
The snippet below removes an old entry in /etc/fstab
and creates a new entry:
awk -i inplace '$2 != "/home"' /etc/fstab echo "$(blkid -o export ${partition} | grep ^UUID=) /home btrfs defaults 0 0" >>/etc/fstab
8.2.3 Setting a password for root
#
Before you set the root
password, generate a hash of the password,
e.g. by using the openssl passwd -6
. To set the
password, add the following to your script
:
echo 'root:$5$.wn2BZHlEJ5R3B1C$TAHEchlU.h2tvfOpOki54NaHpGYKwdNhjaBuSpDotD7' | chpasswd -e
8.2.4 Adding SSH keys #
The following snippet creates a directory to store the root
's SSH key
and then copies the public SSH key located on the configuration device to
the authorized_keys
file.
mkdir -pm700 /root/.ssh/ cat id_rsa_new.pub >> /root/.ssh/authorized_keys
The SSH service must be enabled in case you need to use remote login via SSH. For details, refer to Section 8.2.5, “Enabling services”.
8.2.5 Enabling services #
You may need to enable some services, for example the SSH service. To
enable the SSH service add the following line to
script
:
systemctl enable sshd.service
8.2.6 Installing packages #
As some package may require additional subscription, you might need to register your system beforehand. Also available network connection may be needed to install additional packages.
During the first boot configuration, you can install additional packages to
your system. For example, you can install the vim
editor
by adding:
zypper --non-interactive install vim-small
Bear in mind that you will not be able to use zypper
after the configuration is complete and you boot to the configured system.
To perform changes later, you must use the
transactional-update
command to create a changed
snapshot. For details, refer to Section 2, “Administration using transactional updates”.