9 Configuring with Combustion #
This chapter describes Combustion, the tool used to configure your system on first boot according to your configuration.
9.1 About Combustion #
Combustion is a dracut module that enables you to configure your system on
its first boot. Combustion reads a provided file called
script and executes commands in it and thus performs
changes to the file system. You can use Combustion to change the default
partitions, set users' passwords, create files, install packages, etc.
The Combustion dracut module is invoked after the
ignition.firstboot argument is passed to the kernel
command line. Combustion then reads the configuration from
script. Combustion tries to configure the network, if the
network flag has been found in script. After
/sysroot is mounted, Combustion tries to activate all
mount points in /etc/fstab and then call
transactional-update to apply other changes (like setting
root password or installing packages).
When using Combustion, you need to label the configuration device with the
name combustion, create a specific directory structure in
that configuration medium, and include a configuration file named
script. In the root directory of the configuration
medium, create a directory called combustion and place
the script into this directory along with other
files—SSH key, configuration files, etc. The directory structure then
should look as follows:
<root directory>
└── combustion
└── script
└── other files
You can use Combustion to configure your QEMU/KVM virtual machine. In this
case, pass the location of the script file using the
fw_cfg parameter of the qemu command:
-fw_cfg name=opt/org.opensuse.combustion/script,file=/var/combustion-script
Combustion can be used along with Ignition. If you intend to do so, label
your configuration medium ignition and include the
ignition directory with the
config.ign to your directory structure as shown below:
<root directory>
└── combustion
└── script
└── other files
└── ignition
└── config.ignIn this scenario, Ignition runs before Combustion.
9.2 The script configuration file #
The script configuration file is a set of commands that
are executed on your system in a transactional-update shell. This section
provides examples for performing various configuration tasks by using
Combustion.
As the script file is interpreted by shell, make sure
to start the file with the interpreter declaration at the first line, for example for Bash:
#!/bin/bash
If you want to log in to your system, include at least the root
password. However, it is recommended to establish the authentication using SSH
keys. If you need to use a root password, make sure to configure a
secure password. If you use a randomly generated password, use at least
10 characters. If you create your password manually, use even more than 10
characters and combine uppercase and lowercase letters, and numbers.
9.2.1 Network configuration #
To configure and use the network connection during the first boot, add the
following statement to your script:
# combustion: network
Using this statement will pass the rd.neednet=1 argument
to dracut. If you do not use the statement, the system will be configured
without any network connection.
9.2.2 Partitioning #
SLE Micro raw images are delivered with a default partitioning scheme as
described in Section 5.1, “Default partitioning”. You might want to
use a different partitioning. The following set of example snippets moves the
/home to a different partition.
The following script performs changes that are not included in snapshots.
If the script fails and the snapshot is discarded, some changes remain
visible and cannot be reverted (like the changes to the
/dev/vdb device.)
The following snippet creates a GPT with a single partition on the
/dev/vdb device:
sfdisk /dev/vdb <<EOF label: gpt type=linux EOF partition=/dev/vdb1
As the sfdisk command may take longer time to complete, postpone
label by using the
sleep command after sfdisk.
The partition is formatted to BTRFS:
wipefs --all ${partition}
mkfs.btrfs ${partition}
Possible content of /home is moved to the new
/home folder location by the following snippet:
mount /home
mount ${partition} /mnt
rsync -aAXP /home/ /mnt/
umount /home /mnt
The snippet below removes an old entry in /etc/fstab
and creates a new entry:
awk -i inplace '$2 != "/home"' /etc/fstab
echo "$(blkid -o export ${partition} | grep ^UUID=) /home btrfs defaults 0 0" >>/etc/fstab9.2.3 Setting a password for root #
Before you set the root password, generate a hash of the password,
e.g. by using the openssl passwd -6. To set the
password, add the following to your script:
echo 'root:$5$.wn2BZHlEJ5R3B1C$TAHEchlU.h2tvfOpOki54NaHpGYKwdNhjaBuSpDotD7' | chpasswd -e
9.2.4 Adding SSH keys #
The following snippet creates a directory to store the root's SSH key
and then copies the public SSH key located on the configuration device to
the authorized_keys file.
mkdir -pm700 /root/.ssh/ cat id_rsa_new.pub >> /root/.ssh/authorized_keys
The SSH service must be enabled in case you need to use remote login via SSH. For details, refer to Section 9.2.5, “Enabling services”.
9.2.5 Enabling services #
You may need to enable some services, for example the SSH service. To
enable the SSH service, add the following line to
script:
systemctl enable sshd.service
9.2.6 Installing packages #
As some packages may require additional subscription, you might need to register your system beforehand. An available network connection may also be needed to install additional packages.
During the first boot configuration, you can install additional packages to
your system. For example, you can install the vim editor
by adding:
zypper --non-interactive install vim-small
Bear in mind that you will not be able to use zypper
after the configuration is complete and you boot to the configured system.
To perform changes later, you must use the
transactional-update command to create a changed
snapshot. For details, refer to Article “Administration Guide”, Section 2 “Administration using transactional updates”.