我正在尝试使用 cloud-init 和 autoinstall 排除 Ubuntu 自动安装程序的故障。理想情况下,我尝试在安装程序运行后加密和分区笔记本电脑上的主操作系统磁盘。以下文件中的所有内容均正常工作,除了存储部分,我在以交互方式运行安装程序后复制了该部分。
这是我查看了一些不同的资源后整理的用户数据文件:
autoinstall:
version: 1
refresh-installer: # start with an up-to-date installer
update: yes
channel: stable # update from the ubuntu stable branch only
interactive-sections: # Install groups listed here will wait for user input
- network
- identity
locale: en_US.UTF-8
keyboard:
layout: us
ssh:
allow-pw: false
install-server: false
storage:
config:
- grub_device: false
id: disk-nvme0n1
name: ''
path: /dev/nvme0n1
preserve: false
ptable: gpt
serial: KINGSTON SNVS1000G_50026B7784415179
type: disk
wipe: superblock
wwn: eui.00000000000000000026b77844151795
- device: disk-nvme0n1
flag: boot
grub_device: true
id: partition-0
number: 1
preserve: false
size: 536870912
type: partition
wipe: superblock
- fstype: fat32
id: format-0
preserve: false
type: format
volume: partition-0
- device: disk-nvme0n1
flag: ''
grub_device: false
id: partition-1
number: 2
preserve: false
size: 1073741824
type: partition
wipe: superblock
- fstype: ext4
id: format-1
preserve: false
type: format
volume: partition-1
- device: disk-nvme0n1
flag: ''
grub_device: false
id: partition-2
number: 3
preserve: false
size: 998591430656
type: partition
wipe: superblock
- id: dm_crypt-0
keyfile: /tmp/luks-key-em_r7gfw
preserve: false
type: dm_crypt
volume: partition-2
- devices:
- dm_crypt-0
id: lvm_volgroup-0
name: ubuntu-vg
preserve: false
type: lvm_volgroup
- id: lvm_partition-0
name: ubuntu-lv
preserve: false
size: 107374182400B
type: lvm_partition
volgroup: lvm_volgroup-0
wipe: superblock
- fstype: ext4
id: format-2
preserve: false
type: format
volume: lvm_partition-0
- device: format-2
id: mount-2
path: /
type: mount
- device: format-1
id: mount-1
path: /boot
type: mount
- device: format-0
id: mount-0
path: /boot/efi
type: mount
version: 1
apt:
preserve_sources_list: false
primary:
- arches: [amd64, i386]
uri: http://us.archive.ubuntu.com/ubuntu
- arches: [default]
uri: http://ports.ubuntu.com/ubuntu-ports
conf: | # APT config
APT {
Get {
Assume-Yes "true";
Fix-Broken "true";
};
};
sources:
ignored1: # for yaml formatting. below adds graphics drivers ppa
source: ppa:graphics-drivers/ppa
snaps:
- name: slack
classic: true
channel: stable
packages:
- build-essential
- ubuntu-desktop
- dkms
# Zoom dependencies
- libgl1-mesa-glx
- libegl1-mesa
- libxcb-xtest0
- libxcb-xinerama0
# - wormhole for an easy to use encrypted file transfer
- wormhole
- emacs
#- Commented out desktop environments for future selection menu via grub
#- ubuntu-mate-desktop
#- xfce4
#- kde-full
- git
- libreoffice
# pavucontrol for bluetooth/pulseaudio
- pavucontrol
#- gnome-session - used for ubuntu-minimal-desktop
#- gdm3 - ubuntu-minimal-desktop
# ClamAV packages
- clamav
- clamtk
#- clamtk-gnome
- clamav-daemon
- clamav-docs
# - chrome & some dependencies for the user experience
- google-chrome-stable
- chromium-codecs-ffmpeg-extra
# Bluetooth dependencies
- bluez-btsco
- bluez-dbg
- bluez-hcidump
- bluez-tools
- libbluetooth3-dbg
# End of Bluetooth dependencies
# These packages are for adding a repo that requires https, in particular for Sublime Text which we install later
- dirmngr
- gnupg
- apt-transport-https
- ca-certificates
- software-properties-common
- sublime-text
# End https repo/sublime dependencies
# Uncomment for OEM kernel
#- linux-oem-20.04b
package_update: true
package_upgrade: true
late-commands:
# Transfer RHR wallpaper from USB to user backgrounds
# Changing from networkd to NetworkManager
# move existing config out of the way
- find /target/etc/netplan/ -name "*.yaml" -exec sh -c 'mv "$1" "$1-orig"' _ {} \;
# Create a new netplan and enable it
- |
cat <<EOF | sudo tee /target/etc/netplan/01-netcfg.yaml
network:
version: 2
renderer: NetworkManager
EOF
- curtin in-target --target /target netplan generate
- curtin in-target --target /target netplan apply
- curtin in-target --target /target systemctl enable NetworkManager.service
#- cp /target/cdrom/extras/desktop-wp.png /target/usr/share/backgrounds/
user-data: # Commands here run during first boot (cannot be interactive)
runcmd: # The script below will be dropped in /var/lib/cloud/instance/scripts/runcmd.sh and will be executed at first boot
- [ apt-get, update ]
- [ apt-get, dist-upgrade, --yes ]
# Install Google Chrome from the official repository setup earlier
- [ apt, install, --assume-yes, google-chrome-stable ]
# Make a directory for additional post-installers
- [ mkdir, -p, /run/post-install/ ]
# Download & install Zoom
- [ wget, "https://zoom.us/client/latest/zoom_amd64.deb", -O, /run/post-install/zoom_amd64.deb]
- [ dpkg, -i, /run/post-install/zoom_amd64.deb ]
- [ apt, --fix-broken, --assume-yes, install ]
# Remove packages we don't need
- apt-get --assume-yes purge firefox thunderbird byobu
- apt autoremove --assume-yes
#- [ sudo, -u, ubuntu, dbus-launch, gsettings, set, org.gnome.desktop.background, picture-uri, file:///usr/share/backgrounds/desktop-wp.png]
- apt update
- apt install --assume-yes sublime-text
# Add chrome & sublime text to favorites (currently not working)
- gsettings set org.gnome.shell favorite-apps "$(gsettings get org.gnome.shell favorite-apps | sed s/.$//), 'google-chrome.desktop', 'sublime_text.desktop']"
- gsettings set org.gnome.shell.extensions.dash-to-dock click-action 'minimize'
我尝试注释掉“serial”部分贮存看看是否会带来变化,但即使复制curtin-安装-cfg.yaml为了贮存部分似乎不起作用。
我发现这个错误报告似乎暗示将来可能会出现一些更简单的事情,但目前还没有出现:https://bugs.launchpad.net/subiquity/+bug/1913986
在构建此内容时参考了以下内容:
- https://ubuntu.com/server/docs/install/autoinstall-reference#storage
- https://curtin.readthedocs.io/en/latest/topics/storage.html
- https://www.pugetsystems.com/labs/hpc/How-To-Make-Ubuntu-Autoinstall-ISO-with-Cloud-init-2213/
由于长度原因,Chrome 和 Sublime-Text 的 PGP 密钥已被省略,但它们仍在使用。只是无法获取存储设置!
任何指导都值得感激!
答案1
基于我对此的挣扎,这只是一个猜测,但我认为你的问题是卷组声明。
这应该可行(我知道这没有意义):
- devices: [dm_crypt-0]
id: lvm_volgroup-0
name: ubuntu-vg
preserve: false
type: lvm_volgroup
以下是可自动安装 LUKS 的使用存储配置:
storage:
grub:
update_nvram: true
remove_duplicate_entries: true
probe_additional_os: false
reorder_uefi: false
swap:
filename: swap.img
maxsize: 8GB
config:
# Disks
- id: disk0
type: disk
ptable: gpt
wipe: superblock
grub_device: false
match:
ssd: yes
size: largest
# Partitions
- id: bios
type: partition
device: disk0
size: 1MB
flag: bios_grub
- id: esp
type: partition
device: disk0
grub_device: true
size: 512MB
flag: boot
- id: boot
type: partition
device: disk0
size: 1GB
# LVM Physical Volumes and DM-CRYPT disk encryption
- id: pv
type: partition
device: disk0
size: -1
- id: client_encrypted
type: dm_crypt
preserve: false
key: 'SECRET_KEY'
volume: pv
# LVM Volume Groups and Partitions
- id: volumegroup
name: ubuntu-volumegroup
type: lvm_volgroup
devices: [client_encrypted]
preserve: false
- id: lv_root
name: root
volgroup: volumegroup
size: 100%
type: lvm_partition
# Filesystems
- id: esp_filesystem
type: format
volume: esp
fstype: fat32
label: EFI
- id: boot_filesystem
type: format
volume: boot
fstype: ext4
- id: root_filesystem
type: format
fstype: ext4
volume: lv_root
# Filesystem Mountpoints
- id: esp_mount
type: mount
device: esp_filesystem
path: /boot/efi
- id: boot_mount
type: mount
device: boot_filesystem
path: /boot
- id: root_mount
type: mount
device: root_filesystem
path: /
答案2
您的用户数据文件的问题可能是您指定了“密钥文件”,安装后加密密码就存储在其中。该 /tmp 目录是安装后密钥的存储位置,并且每次自动安装时都可能发生变化。
不要在 yaml 中指定密钥文件目录,而是尝试使用“key”键指定实际密码。
钥匙:
这钥匙key 指定加密密钥的密码。目标系统将提示输入此密码才能挂载磁盘。
密钥文件:
这密钥文件包含加密密钥密码的 /tmp 目录。
必须提供密钥和密钥文件中的一个。
例子:
- id: lvm_partition_1
type: dm_crypt
dm_name: crypto
volume: sdb1
key: changeme