2015년 5월 14일 목요일

ksvalidator - linter for kickstart automated install config files

Unattended installations with anaconda and Kickstart files are a must when installing RHEL/CentOS on multiple machines via PXE. One problem, however, is that you often don't know if you've made a typo or some syntax error within your Kickstart file until the anaconda installer tells you something is wrong with the configuration parameters. Once such an error occurs, you have no choice but to reboot.

This is a big headache when working on servers that have super-long reboot times, like the HP Proliant DL980 Gen 8 and 9 machines that take 10 minutes or more to reboot. Several reboots caused by invalid Kickstart files will easily eat up an hour or two during tight maintenance windows at night.

Thankfully, there is a python-based linter for Kickstart files called ksvalidator which is available from the pykickstart package on RHEL and CentOS or the python2-pykickstart package from AUR for Archlinux.

The most important option flag is -v (--version) which takes the argument RHELX where X is some number denoting the RHEL version, i.e. RHEL5, 6, 7.

If you don't specify a version, it will use the highest current RHEL version by default, which is RHEL7 (as of May 2015).

Here is some sample output:

[archjun@arch pxe]$ ksvalidator ks5_sk_20140701.cfg 
The following problem occurred on line 8 of the kickstart file:

Unknown command: key

The following problem occurred on line 24 of the kickstart file:

Unknown command: interactive

The following problem occurred on line 204 of the kickstart file:

Section %packages does not end with %end

Running ksvalidator on a kickstart file for RHEL5 shows the errors above, but these would only be errors according to the kickstart syntax for RHEL7!

The command above with no option flags is equivalent to executing ksvalidator -v RHEL7 ...

If we re-run ksvalidator on the same file, this time specifying version RHEL5, no syntax errors are found:

[archjun@arch pxe]$ ksvalidator -v RHEL5 ks5_sk_20140701.cfg

This is all well and good, but you should note that ksvalidator cannot catch logic errors, for example, trying to format a partition with an unsupported partition type. For instance, RHEL5.X on Linux kernel 2.6.18-X does not support ext4, but if you try to format a partition as ext4 in a RHEL5.X kickstart file, the linter will not catch the error! ksvalidator also cannot catch the incorrect use of mbr partition table type on a system using UEFI instead of legacy BIOS. In such a case, the kickstart file would have to specify use of gpt partition table.

For these types of mistakes, you must create your own error-checking.

Let's look at an excerpt from a problematic kickstart file for RHEL5 containing the following lines:

...
clearpart --initlabel --all
zerombr # no prompt when deleting all partitions
part /boot --fstype ext4 --size=20482 --ondisk=cciss/c0d0 --asprimary
#part /usr/local --fstype ext3 --size=30720 --ondisk=cciss/c0d0
part /usr --fstype ext4 --size=30720 --ondisk=cciss/c0d0
part /var --fstype ext4 --size=18432 --ondisk=cciss/c0d0
part / --fstype ext5 --size=10240 --ondisk=cciss/c0d0 --asprimary
part swap --size=8192 --ondisk=cciss/c0d0 --asprimary
part /workspace --fstype ext3 --size=2048 --ondisk=cciss/c0d0
firstboot --disable
...

There are several problems above. As mentioned earlier, RHEL5.X does not support ext4, so trying to format /usr and /var/ as ext4 will cause the anaconda installer to terminate. Another problem is the typo ext5 which is a non-existent partition type.

You could do RHEL5.X kickstart filesystem error checking with the following one-liner:

[archjun@arch pxe]$ grep -wi "part" ks5-err-example.cfg | grep -v "ext3"
part /boot --fstype ext4 --size=20482 --ondisk=cciss/c0d0 --asprimary
part /usr --fstype ext4 --size=30720 --ondisk=cciss/c0d0
part /var --fstype ext4 --size=18432 --ondisk=cciss/c0d0
part / --fstype ext5 --size=10240 --ondisk=cciss/c0d0 --asprimary
part swap --size=8192 --ondisk=cciss/c0d0 --asprimary

This returns all the problematic lines containing non-ext3 partitions. It would be great if ksvalidator added functionality for catching some obvious partitioning errors.