Centos 7 Template

Setting some reasonable default settings

Installer

Since I have a lot of ram and cpu I've opted to set the default template at 4GB ram and 2 cores CPU and 16GB ssd. Ethernet adapter connected to vmbr1 bridge that is on the LAN side of the firewall, and set to boot from a Centos7 installer CD.

The CentOS installer just needs keyboard, language, disk selection etc set to sensible defaults.

The network configuration gets a generic hostname, but complete FQDN, like templatecentos7.lan.example.com Set IPv4 config to Automatic(DHCP)

Install the packages that you want to be included in all your servers. In my case:

yum install epel-release -y
yum install nmap ipa-client nano htop mc ansible oddjob-mkhomedir

Note that oddjob-mkhomedir will enable you to create a homedir for LDAP users logging in - it will be automatically installed if you just run the following ipa client installer, but it seems like the oddjobd service fails to start properly until after the first reboot.

After a reboot the template should be ready for use, but for my uses I want to configure a static IP, DNS, hostname and to join the freeipa realm as soon as it is cloned and booted as a clone for the first time. To do this easily I put the following bash script in /root/template-config-script.sh and set it to executable so I can run it easily:

#!/bin/bash
while true ; do
    echo -n "Enter the last octet of the IP - 10.0.5.X (lower than 100 plz) : "
    read IP
    if [ "$IP" -eq "$IP" ] 2> /dev/null ; then
        if [ "$IP" -lt "255" ] && [ "$IP" -gt "0" ]  ; then
            break
        fi
    fi
done
while true ; do
    echo -n "Enter hostname - alphanumeric only: "
    read HOSTNAME
        if [[ $HOSTNAME =~ [[:alnum:]] ]] ; then 
            break
        fi
done
echo "IP will be set to 10.0.5.$IP using FQDN $HOSTNAME.lan.example.com"
#exit 1
nmcli con mod eth0 ipv4.dns 10.0.5.20
nmcli con mod eth0 ipv4.address 10.0.5.$IP/24
nmcli con mod eth0 ipv4.gateway 10.0.5.1
nmcli con mod eth0 ipv4.method manual
hostnamectl set-hostname $HOSTNAME.lan.example.com
systemctl restart network
echo "network settings changed - ipa-client-install starting..."
ipa-client-install --mkhomedir

This script will not handle errors - it only validates the input as a valid 1-255 integer for the IP and that the hostname is alphanumeric. It does not check for conflicts. The ipa client install also registers the machines hostname in freeipa's DNS with including a reverse entry.

Shutdown the vm, right click it in proxmox an convert it to template.

After template cloning

To deploy a new machine from template, simply click the vm in proxmox and choose clone. Use full clone if you want to make it fully independent of the template.

Simply boot it up and run the script to finish configuration and realm join. Afterwards you can login with users created in FreeIPA.

CentOS 8 Instructions

Install, select server (no gui), add "Guest Agents" and "Headless Management"

yum update -y yum install nmap ipa-client htop mc oddjob-mkhomedir yum -y install python3-pip pip3 install --upgrade pip pip3 install ansible

New post-clone-setup script

#!/bin/bash
while true ; do
    echo -n "Enter the last octet of the IP - 10.0.5.X (lower than 100 plz) : "
    read IP
    if [ "$IP" -eq "$IP" ] 2> /dev/null ; then
        if [ "$IP" -lt "255" ] && [ "$IP" -gt "0" ]  ; then
            break
        fi
    fi
done
while true ; do
    echo -n "Enter hostname - alphanumeric only: "
    read HOSTNAME
        if [[ $HOSTNAME =~ [[:alnum:]] ]] ; then 
            break
        fi
done
echo "IP will be set to 10.0.5.$IP using FQDN $HOSTNAME.lan.example.com"
#exit 1
nmcli con mod ens18 ipv4.dns 10.0.5.20
nmcli con mod ens18 ipv4.address 10.0.5.$IP/24
nmcli con mod ens18 ipv4.gateway 10.0.5.1
nmcli con mod ens18 ipv4.method manual
hostnamectl set-hostname $HOSTNAME.lan.example.com
systemctl restart NetworkManager
echo "network settings changed - ipa-client-install starting..."
ipa-client-install --mkhomedir