Orange Box

Merge lp:~thomnico/orange-box/mirror-dev into lp:orange-box

mirror-dev
Merge into trunk

Proposed by Nicolas Thomas on 2015-07-07

Status:	Needs review
Proposed branch:	lp:~thomnico/orange-box/mirror-dev
Merge into:	lp:orange-box
Diff against target:	2555 lines (+747/-727) 42 files modified debian/changelog (+73/-11) debian/control (+13/-8) debian/install (+3/-0) debian/links (+1/-1) debian/postinst (+0/-310) debian/postrm (+0/-23) debian/preinst (+0/-136) debian/source/format (+1/-1) etc/apache2/sites-available/archive.conf (+0/-13) etc/apache2/sites-available/archive.ubuntu.com.conf (+14/-0) etc/apache2/sites-available/cdimage.ubuntu.com.conf (+14/-0) etc/apache2/sites-available/cloud-images.ubuntu.com.conf (+14/-0) etc/apache2/sites-available/ports.ubuntu.com.conf (+14/-0) etc/apache2/sites-available/releases.ubuntu.com.conf (+14/-0) etc/apache2/sites-available/ubuntu-cloud.archive.canonical.com.conf (+12/-0) etc/apache2/sites-available/ubuntu-cloud.conf (+0/-12) etc/apt/orange-box-mirror.list (+43/-20) etc/bind/named.conf.wildcard-archive (+6/-0) etc/bind/zones.wildcard-archive (+20/-0) etc/cron.d/charmstore-mirror (+0/-4) etc/cron.d/orange-box-mirror (+0/-1) etc/debconf-selections (+0/-2) etc/orangebox-mirror.state (+1/-0) etc/ucloudexclude.list (+26/-0) usr/bin/orange-box-add-node (+7/-4) usr/bin/orange-box-add-physical-nodes (+7/-2) usr/bin/orange-box-add-virtual-nodes (+24/-12) usr/bin/orange-box-amt-monitor (+3/-1) usr/bin/orange-box-apm-power-fix (+0/-38) usr/bin/orange-box-bootstrap-juju (+5/-1) usr/bin/orange-box-create-package-mirror (+14/-1) usr/bin/orange-box-demo-cleanup (+3/-1) usr/bin/orange-box-hacks (+32/-0) usr/bin/orange-box-mirror (+235/-0) usr/bin/orange-box-purge-everything (+1/-0) usr/bin/orange-box-resetproxy (+34/-0) usr/bin/orange-box-run (+21/-18) usr/bin/orange-box-setup-nat (+0/-99) usr/bin/orange-box-status-all-nodes (+11/-8) usr/lib/orange-box/templates/mirror-bind/named.conf.template (+6/-0) usr/lib/orange-box/templates/mirror-bind/zones.template (+17/-0) usr/lib/orange-box/templates/ubumirror.conf (+58/-0)
To merge this branch:	bzr merge lp:~thomnico/orange-box/mirror-dev
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Orange Box		2015-07-07	Pending
Review via email: mp+264038@code.launchpad.net

Description of the change

This branch (include 2.9 modif new net as not accepted yet) ..

It add orange-box-mirror cli to sync/enable etc mirroring most of the software used.

lp:~thomnico/orange-box/mirror-dev updated on 2015-07-17

546. By Nicolas Thomas on 2015-07-17

Fix zone issue
Fix ssh-keyscan for maas asking user intervention

547. By Nicolas Thomas on 2015-07-17

fix default to em1 for internal_interface

548. By Nicolas Thomas on 2015-07-17

Rebase on ~cpe-sa/orange-box/staging for collaborating with other SAs

* Enable local mirroring
* Reduce the number of dns redirects
* remove dep on ubumirror and do a faster sync to cloud-images
* use lftp instead of apt-mirror for cloud-archive
[ Nicolas Thomas ]
* Adding support for mirror

Unmerged revisions

548. By Nicolas Thomas on 2015-07-17

Rebase on ~cpe-sa/orange-box/staging for collaborating with other SAs

547. By Nicolas Thomas on 2015-07-17

fix default to em1 for internal_interface

546. By Nicolas Thomas on 2015-07-17

Fix zone issue
Fix ssh-keyscan for maas asking user intervention

545. By Nicolas Thomas on 2015-06-15

updates on ssh maas to ubuntu automation

modified:
debian/changelog
usr/bin/orange-box-add-virtual-nodes

544. By Nicolas Thomas on 2015-06-15

releasing 2.9~ppa2

543. By Nicolas Thomas on 2015-06-15

Update source/format so zbr-buildpackages works
make ssh works correctly in add-virutal-nodes

modified:
debian/source/format
usr/bin/orange-box-add-virtual-nodes

542. By Nicolas Thomas on 2015-06-15

releasing 2.9~ppa1

541. By Nicolas Thomas on 2015-06-15

releasing 2.8~ppa1

540. By Nicolas Thomas on 2015-06-15

* Add biosdevname cmd in scripts
* Add a check/heal for VMs powermanagement ssh keys
*

539. By Nicolas Thomas on 2015-06-11

releasing 2.8ubuntu1~trusty

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Adam Collard

Darryl Weaver

Dustin Kirkland 

Ivan Zoratti

Malte Menkhoff

Nicolas Thomas

Nobuto Murata

 === modified file 'debian/changelog'
 --- debian/changelog	2015-01-21 22:04:42 +0000
 +++ debian/changelog	2015-07-17 17:14:52 +0000
@@ -1,20 +1,82 @@
--orange-box (1.90) unreleased; urgency=medium
--
--  * etc/apt/orange-box-mirror.list, usr/bin/orange-box-create-package-
--    mirror:
--    - we're not currently using postmirror.sh, so set to /bin/true
--
-- -- Dustin Kirkland <kirkland@ubuntu.com>  Fri, 09 Jan 2015 11:13:51 -0600
--
--orange-box (1.89-0ubuntu1) vivid; urgency=medium
--
++orange-box (2.10~ppa6) UNRELEASED; urgency=medium
++
++  * Enable local mirroring
++  * Reduce the number of dns redirects
++  * remove dep on ubumirror and do a faster sync to cloud-images
++  * use lftp instead of apt-mirror for cloud-archive
++
++ -- Nicolas Thomas <nicolas.thomas@canonical.com>  Mon, 15 Jun 2015 23:24:05 +0200
++
++orange-box (2.9ubuntu1~trusty) trusty; urgency=medium
++
++  * Change source/format for bzr-buildpackage to work
++  * Fix issue with the ssh checking for power management of VMs
++  *
++  *
++
++ -- Nicolas Thomas <nicolas.thomas@canonical.com>  Mon, 15 Jun 2015 13:32:06 +0200
++
++orange-box (2.9-0ubuntu1) trusty; urgency=medium
++
++  * Add biosdevname cmd in scripts
++  * Add a check/heal for VMs powermanagement ssh keys
++  *
++
++ -- Nicolas Thomas <nicolas.thomas@canonical.com>  Mon, 15 Jun 2015 10:40:23 +0200
++
++orange-box (2.8ubuntu1~trusty-0ubuntu1) trusty; urgency=medium
++
++  [ Nicolas Thomas ]
++  * Remove synccharmstore etc..
++  * Adapt a number of changes to network setup etc..
++  * Assume ob number in preinst and check in postinst in case network is not up
++  * preinst bridgeutils
++
++ -- Nicolas Thomas <nicolas.thomas@canonical.com>  Thu, 11 Jun 2015 20:59:08 +0200
++
++orange-box (2.7) trusty; urgency=medium
++
++  [ Takenori Matsumoto ]
++  * usr/bin/orange-box-setup-nat:
++    - Fix net.ipv4.conf.all.accept_redirects
++  * usr/bin/orange-box-add-virtual-node
++    - Fix Add maas's ssh key into /home/ubuntu/.ssh/authorized_keys so that MAAS can control power via virsh
++
++ -- Takenori Matsumoto <takenori.matsumoto@canonical.com>  Fri, 02 May 2015 14:13:51 -0600
++
++orange-box (2.6) trusty; urgency=medium
++
++  [ Takenori Matsumoto ]
++  * Re-write pachtes based on PPA (orange-box_1.89-0ubuntu1~trusty.debian.tar.xz, orange-box_1.89.orig.tar.gz) rather than trunk codes
++
++  [ takenori ]
++  * usr/bin/orange-box-add-virtual-nodes:
++  * usr/bin/orange-box-add-virtual-nodes:
++  * usr/bin/orange-box-add-virtual-nodes:
++  * :
++
++ -- Takenori Matsumoto <takenori.matsumoto@canonical.com>  Fri, 02 May 2015 01:13:51 -0600
++
++orange-box (1.90-0mirror-0ubuntu1) utopic; urgency=medium
++
++  [ Nicolas Thomas ]
++  * Adding support for mirror
++
++ -- thomas <nicolas.thomas@canonical.com>  Sat, 17 Jan 2015 00:31:37 +0100
++
++orange-box (1.89-0ubuntu1~trusty) trusty; urgency=medium
++
++  [ Dustin Kirkland ]
    * usr/bin/orange-box-bootstrap-juju:
      - go back to --upload-tools, please keep this!
    * usr/bin/orange-box-add-virtual-nodes:
      - use ~maas rather than hard coding to /home/maas
        + note that maas 1.7 has created a home directory in /var/lib/maas
-- -- Dustin Kirkland <kirkland@ubuntu.com>  Fri, 09 Jan 2015 11:13:49 -0600
++  [ takenori ]
++  * :
++
++ -- Dustin Kirkland <kirkland@ubuntu.com>  Wed, 29 Oct 2014 09:58:53 -0500
  orange-box (1.88-0ubuntu1) unstable; urgency=medium
 === modified file 'debian/control'
 --- debian/control	2014-09-24 12:15:15 +0000
 +++ debian/control	2015-07-17 17:14:52 +0000
@@ -3,13 +3,17 @@
  Priority: optional
  Maintainer: Dustin Kirkland <kirkland@ubuntu.com>
  Build-Depends: debhelper (>= 7.0.50~),
--Standards-Version: 3.9.4
++Standards-Version: 3.9.5
  Homepage: http://launchpad.net/orange-box
  Package: orange-box
  Architecture: all
  Pre-Depends:
-- run-one,
++ run-one,
++ maas,
++ maas-cluster-controller,
++ nmap,
++ bridge-utils,
  Depends: ${misc:Depends},
   amtterm,
   apache2,
@@ -27,10 +31,7 @@
   libglib2.0-bin,
   libvirt-bin,
   openssh-server,
-- maas,
-- maas-cluster-controller,
   network-manager,
-- nmap,
   pastebinit,
   qemu-kvm,
   remmina,
@@ -43,12 +44,16 @@
   vlan,
   wsmancli,
   x11vnc,
--Recommends:
-- landscape-client,
++ biosdevname,
++ lftp,
++ rsync,
++ simplestreams,
   python-keystone,
   python-neutronclient,
   python-novaclient,
-- python-glanceclient
++ python-glanceclient,
++Recommends:
++ landscape-client,
  Description: Orange Box master node easy installation
   This package can be installed on an Ubuntu Orange Box's master node
   to automatically configure MAAS and Juju.
 === added file 'debian/install'
 --- debian/install	1970-01-01 00:00:00 +0000
 +++ debian/install	2015-07-17 17:14:52 +0000
@@ -0,0 +1,3 @@
++etc/
++home/
++usr/
 === modified file 'debian/links'
 --- debian/links	2014-05-08 23:10:25 +0000
 +++ debian/links	2015-07-17 17:14:52 +0000
@@ -1,1 +1,1 @@
--/usr/bin/orange-box-setup-nat /etc/network/if-up.d/orange-box-setup-nat
++
 === added file 'debian/postinst'
 --- debian/postinst	1970-01-01 00:00:00 +0000
 +++ debian/postinst	2015-07-17 17:14:52 +0000
@@ -0,0 +1,332 @@
++#!/bin/bash
++
++set -e
++set -x
++
++PKG="orange-box"
++RETRY=120
++
++. /usr/lib/orange-box/inc/common
++. /etc/orange-box.conf
++
++check_orangebox_number() {
++## be sure to wake AMT first give some time and ping again.
++nmap -p 16992 -oG - 172.27.${orangebox_number}.11-20 > /dev/null
++sleep 12
++nmap -p 16992 -oG - 172.27.${orangebox_number}.11-20 > /dev/null
++NUMAMTS=`nmap -p 16992 -oG - 172.27.${orangebox_number}.11-20 |grep open |wc -l`
++[[ $NUMAMTS < 3 ]] && (echo "AMT or hostname not set correctly"; rm -f /etc/orange-box.conf;exit 2)
++true
++}
++
++
++router_ip=172.27.${orangebox_number}.1
++static_low=172.27.`expr ${orangebox_number} + 2`.1
++static_high=172.27.`expr ${orangebox_number} + 2`.254
++dhcp_low=172.27.`expr ${orangebox_number} + 1`.1
++dhcp_high=172.27.`expr ${orangebox_number} + 1`.254
++br0_broadcast=172.27.`expr ${orangebox_number} + 3`.255
++
++setup_maas_admin() {
++	# Configure the MAAS admin user
++	# Sadly, there's no way to test if the user has been created already,
++	# so ignore errors for idempotence
++	maas-region-admin createadmin --username admin --email maas-admin@example.com --password="admin" 2>/dev/null || true
++	. /etc/maas/maas_cluster.conf
++	APIKEY=$(maas-region-admin apikey --username admin | tail -n1)
++	maas login admin $MAAS_URL $APIKEY
++}
++
++setup_maas_networking() {
++	count=0
++	while ! maas admin node-group-interfaces list $CLUSTER_UUID >/dev/null 2>&1; do
++		count=$((count+1))
++		sleep 1
++		if [ $count -gt $RETRY ]; then
++			error "[maas admin node-group-interfaces list] failed [$RETRY] times"
++		fi
++	done
++	internal_interface=$(route -n | grep "^172\.27\.${orangebox_number}\." | sed -e "s/.* //")
++	# Support MAAS 1.5, and 1.6
++	maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
++	if dpkg --compare-versions $maas_ver lt 1.6; then
++                maas admin node-group-interface update $CLUSTER_UUID $internal_interface ip_range_low=$static_low ip_range_high=$static_high management=2 broadcast_ip=$br0_broadcast router_ip=$router_ip
++
++	else
++		sh -x /var/lib/dpkg/info/maas-dns.postinst configure
++                run-one-until-success maas admin node-group-interface update $CLUSTER_UUID $internal_interface ip_range_low=$dhcp_low ip_range_high=$dhcp_high static_ip_range_low=$static_low static_ip_range_high=$static_high management=2 broadcast_ip=$br0_broadcast router_ip=$router_ip
++
++	fi
++	# Setup nat
++	# Ensure we have an external connection
++	orange-box-test-uplink
++	orange-box-setup-nat
++	# Redirect to MAAS web interface
++	cat >/var/www/html/index.html <<EOF
++<meta http-equiv="refresh" content="0; url=/MAAS">
++EOF
++}
++
++setup_dns() {
++	# Set MAAS upstream DNS
++	maas admin maas set-config name=upstream_dns value=172.27.252.1
++        sed -i -e "/^nameserver ${router_ip}$/d" /etc/resolvconf/resolv.conf.d/head
++        echo "nameserver ${router_ip}" >> /etc/resolvconf/resolv.conf.d/head
++	resolvconf -u
++	sed -e 's/dnssec-validation  auto;/dnssec-enable no;dnssec-validation no;/g' -i /etc/bind/named.conf.options
++}
++
++setup_squid() {
++	maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
++	if dpkg --compare-versions $maas_ver lt 1.6; then
++		# This is now a transparent proxy
++		if [ -d "/etc/squid-deb-proxy" ]; then
++			echo > /etc/squid-deb-proxy/squid-deb-proxy.conf
++		fi
++		cat /usr/lib/orange-box/inc/squid.conf > /etc/squid3/squid.conf
++		# Enable squid3, disable squid-deb-proxy
++		update-rc.d -f squid-deb-proxy remove || true
++		invoke-rc.d squid-deb-proxy stop || true
++		# Create directories, if necessary
++		squid3 -z -N || true
++		ensure_running squid3
++	fi
++	true
++}
++
++setup_local_mirror() {
++	# Set up the local mirror
++#	a2ensite archive
++#	a2ensite ubuntu-cloud
++# Must enable this to make sstream and others works
++	a2ensite 000-default
++	mkdir -p /srv/mirrors/archive.ubuntu.com
++	echo '<meta http-equiv="refresh" content="0; url=MAAS/">' > /srv/mirrors/archive.ubuntu.com/index.html
++	invoke-rc.d apache2 stop || true
++	invoke-rc.d apache2 start
++}
++
++setup_boot_resources() {
++	# Importing boot resources
++	# This might take a long time.
++	# MAAS won't work very well until this is done, so we're going to block
++	# until this completes.
++	orange-box-test-uplink
++	# Support MAAS 1.5, and newer
++	maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
++	if dpkg --compare-versions $maas_ver lt 1.6; then
++		cat /usr/lib/orange-box/inc/bootresources_1.5.yaml > /etc/maas/bootresources.yaml
++		run-this-one maas-import-pxe-files --config-file /etc/maas/bootresources.yaml
++	else
++		maas admin boot-resources import
++		while [ $(maas admin boot-images read $CLUSTER_UUID | wc -l) -lt 10 ]; do
++			# Waiting for images to download
++			sleep 10
++		done
++		# add precise to the list but don't wait it is not necessary now.
++		# usual failure is already there..
++		maas admin boot-source-selections create 1 os="ubuntu" release="precise" arches="amd64" subarches="*" labels="*" || true
++		maas admin boot-resources import
++	fi
++}
++
++setup_desktop() {
++	sudo -u ubuntu dbus-launch gsettings set org.gnome.desktop.background picture-uri file:///usr/share/orange-box/orange-box-background.png
++	sudo -u ubuntu dbus-launch gsettings set com.canonical.Unity.Launcher favorites "['firefox.desktop', 'byobu.desktop', 'remmina.desktop']"
++	sudo -u ubuntu dbus-launch gsettings set org.gnome.desktop.session idle-delay 999999
++	sudo -u ubuntu dbus-launch gsettings set org.gnome.desktop.screensaver idle-activation-enabled false
++	sudo -u ubuntu dbus-launch gsettings set org.gnome.desktop.screensaver lock-enabled false
++	if [ -e /etc/lightdm/lightdm.conf ]; then
++		sed -i -e "/autologin-user=/d" /etc/lightdm/users.conf
++		echo "autologin-user=ubuntu" >> /etc/lightdm/users.conf
++	fi
++	echo "enabled=0" > /etc/default/apport
++	invoke-rc.d apport stop || true
++}
++
++setup_ssh_keys() {
++	# Disable remote password authentication, since our username/password
++	# combo is very well known
++	if ! grep -qs "^PasswordAuthentication no" /etc/ssh/sshd_config 2>/dev/null; then
++		echo "PasswordAuthentication no" >> /etc/ssh/sshd_config
++		invoke-rc.d ssh stop || true
++		invoke-rc.d ssh start
++	fi
++	if [ ! -e /home/ubuntu/.ssh/id_rsa ]; then
++		su -l ubuntu -c "ssh-keygen -N '' -f /home/ubuntu/.ssh/id_rsa"
++	fi
++	maas admin sshkeys new key="$(cat /home/ubuntu/.ssh/id_rsa.pub)" || true
++	if ! grep -qs "^Host.*maas$" /home/ubuntu/.ssh/config; then
++		cat <<EOF >>/home/ubuntu/.ssh/config
++
++Host *.maas
++UserKnownHostsFile /dev/null
++StrictHostKeyChecking no
++CheckHostIP no
++
++EOF
++	fi
++	chmod 600 /home/ubuntu/.ssh/config
++	chown -R ubuntu:ubuntu /home/ubuntu/.ssh/config
++
++}
++
++setup_juju() {
++	mkdir -p /home/ubuntu/.juju
++	cat >/home/ubuntu/.juju/environments.yaml <<EOF
++default: maas
++environments:
++    maas:
++        type: maas
++        maas-server: 'http://${router_ip}/MAAS/'
++        maas-oauth: '$APIKEY'
++        default-series: trusty
++        #enable-os-upgrade: false
++        authorized-keys-path: /home/ubuntu/.ssh/id_rsa.pub
++        admin-secret: 'admin'
++        logging-config: '<root>=DEBUG'
++        lxc-clone: true
++EOF
++	rm -rf /home/ubuntu/.juju-plugins
++	git clone https://github.com/juju/plugins /home/ubuntu/.juju-plugins
++	sudo chown -R ubuntu:ubuntu /home/ubuntu/
++	echo "PATH=\$PATH:/home/ubuntu/.juju-plugins:/home/ubuntu/Examples/bin" >> /home/ubuntu/.bashrc
++	#Required for local charm deployments to work.
++	sed -i -e '/^export JUJU_REPOSITORY=/d' /home/ubuntu/.bashrc
++}
++
++ensure_running() {
++	job="$1"
++	count=1
++	while true; do
++		if (service $job status | grep -qs "running"); then
++			break
++		fi
++		invoke-rc.d $job start
++		sleep 1
++		count=$((count+1))
++		if [ $count -gt $RETRY ]; then
++			error "[$job] refused to start [$RETRY] times"
++		fi
++	done
++}
++
++ensure_running_maas() {
++	maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
++	if dpkg --compare-versions $maas_ver lt 1.6; then
++		ensure_running maas-region-celery
++		ensure_running maas-cluster-celery
++		ensure_running maas-txlongpoll
++		ensure_running maas-pserv
++		ensure_running maas-dhcp-server
++		ensure_running squid3
++	else
++		ensure_running apache2
++		ensure_running maas-clusterd
++		ensure_running maas-dhcpd
++		ensure_running maas-proxy
++	fi
++	invoke-rc.d tgt stop || true
++	invoke-rc.d tgt start
++	ensure_running tgt
++}
++
++setup_all_nodes() {
++	# Ensure that pxe and dhcp are running
++	ensure_running_maas
++	maas admin node-groups import-boot-images
++	orange-box-add-physical-nodes
++	orange-box-add-virtual-nodes
++}
++
++apply_patches() {
++	# This is a DISGUSTING HACK that needs to go away
++	# as soon as MAAS ships these fixes
++	cd /
++	cat /usr/lib/orange-box/patches/acquire_languages_none.patch | patch -p0 -N || true
++	maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
++	if dpkg --compare-versions $maas_ver lt 1.6; then
++		cat /usr/lib/orange-box/patches/arp_ip_order.patch | patch -p0 -N || true
++		cat /usr/lib/orange-box/patches/try_amt_harder.patch | patch -p0 -N || true
++		rm -f /usr/lib/python2.7/dist-packages/provisioningserver/utils/__init__.pyc
++		invoke-rc.d maas-cluster-celery stop || true
++		invoke-rc.d maas-cluster-celery start
++	fi
++	cd -
++}
++
++setup_landscape() {
++	# The master node will be managed by Landscape
++	# TODO: this is currently hardcoded to our own landscape account
++	if which landscape-config; then
++		case "$(hostname)" in
++			OrangeBox*|orangebox*)
++				landscape-config -a canonical-orange -t "$(hostname)__$(dmidecode -s baseboard-serial-number)" -p ubuntu-aubergine --script-users=ALL --silent --include-manager-plugins=ScriptExecution || true
++			;;
++		esac
++	fi
++}
++
++setup_examples() {
++	mkdir -p /home/ubuntu
++	if [ -d /home/ubuntu/Examples/.bzr ]; then
++		bzr pull >/dev/null 2>&1 || true
++	elif [ -d /home/ubuntu/Examples ]; then
++		mv -f /home/ubuntu/Examples /home/ubuntu/.Examples
++		bzr branch lp:orange-box-examples /home/ubuntu/Examples >/dev/null 2>&1 || true
++	else
++		bzr branch lp:orange-box-examples /home/ubuntu/Examples >/dev/null 2>&1 || true
++	fi
++	chown -R ubuntu:ubuntu /home/ubuntu
++}
++
++case "$1" in
++	configure)
++		check_orangebox_number
++		setup_desktop
++		###apply_patches
++		setup_maas_admin
++		setup_dns
++		if [ -n "$2" ]; then
++			echo
++			echo "INFO: Skipping importing boot resources, since this is a package upgrade"
++			echo "INFO: If you want to update boot resources, run:"
++			echo "INFO:   sudo maas-import-pxe-files"
++			echo "INFO:   sudo maas admin node-groups import-boot-images"
++			echo
++		else
++			setup_boot_resources
++		fi
++		setup_maas_networking
++		maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
++		if dpkg --compare-versions $maas_ver lt 1.6; then
++			setup_squid
++		fi
++		setup_local_mirror
++		setup_ssh_keys
++		setup_juju
++		if [ -n "$2" ]; then
++			echo
++			echo "INFO: Skipping adding all nodes, since this is a package upgrade"
++			echo "INFO: If you want to delete and add all nodes again, run:"
++			echo "INFO:   sudo orange-box-add-physical-nodes"
++			echo "INFO:   sudo orange-box-add-virtual-nodes"
++			echo
++		else
++			# Only add all nodes and configure landscape on initial install, not upgrades
++			setup_landscape
++			setup_all_nodes
++		fi
++#		setup_examples
++	;;
++	abort-upgrade|abort-remove|abort-deconfigure)
++	;;
++	*)
++		echo "postinst called with unknown argument \`$1'" >&2
++	exit 1
++	;;
++esac
++
++#DEBHELPER#
++
++exit 0
 === removed file 'debian/postinst'
 --- debian/postinst	2014-11-27 23:56:37 +0000
 +++ debian/postinst	1970-01-01 00:00:00 +0000
@@ -1,310 +0,0 @@
--#!/bin/sh
--
--set -e
--set -x
--
--PKG="orange-box"
--RETRY=120
--
--. /usr/lib/orange-box/inc/common
--
--setup_maas_admin() {
--	# Configure the MAAS admin user
--	# Sadly, there's no way to test if the user has been created already,
--	# so ignore errors for idempotence
--	maas-region-admin createadmin --username admin --email maas-admin@example.com --password="admin" 2>/dev/null || true
--	. /etc/maas/maas_cluster.conf
--	APIKEY=$(maas-region-admin apikey --username admin | tail -n1)
--	maas login admin $MAAS_URL $APIKEY
--}
--
--setup_maas_networking() {
--	count=0
--	while ! maas admin node-group-interfaces list $CLUSTER_UUID >/dev/null 2>&1; do
--		count=$((count+1))
--		sleep 1
--		if [ $count -gt $RETRY ]; then
--			error "[maas admin node-group-interfaces list] failed [$RETRY] times"
--		fi
--	done
--	internal_interface=$(route -n | grep "^10\.14\." | sed -e "s/.* //")
--	# Support MAAS 1.5, and 1.6
--	maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
--	if dpkg --compare-versions $maas_ver lt 1.6; then
--		maas admin node-group-interface update $CLUSTER_UUID $internal_interface ip_range_low=10.14.100.1 ip_range_high=10.14.199.254 management=2 broadcast_ip=10.14.255.255 router_ip=10.14.4.1
--	else
--		sh -x /var/lib/dpkg/info/maas-dns.postinst configure
--		run-one-until-success maas admin node-group-interface update $CLUSTER_UUID $internal_interface ip_range_low=10.14.50.1 ip_range_high=10.14.99.254 static_ip_range_low=10.14.100.1 static_ip_range_high=10.14.199.254 management=2 broadcast_ip=10.14.255.255 router_ip=10.14.4.1
--	fi
--	# Setup nat
--	# Ensure we have an external connection
--	orange-box-test-uplink
--	orange-box-setup-nat
--	# Redirect to MAAS web interface
--	cat >/var/www/html/index.html <<EOF
--<meta http-equiv="refresh" content="0; url=/MAAS">
--EOF
--}
--
--setup_dns() {
--	# Set MAAS upstream DNS
--	external_interface=$(ip route ls | grep ^default | awk '{print $5}')
--	dns=$(nmcli d list iface $external_interface | grep -m 1 "^IP4.DNS" | awk '{ print $2 }')
--	maas admin maas set-config name=upstream_dns value=$dns
--	sed -i -e "/^nameserver 10.14.4.1$/d" /etc/resolvconf/resolv.conf.d/head
--	echo "nameserver 10.14.4.1" >> /etc/resolvconf/resolv.conf.d/head
--	resolvconf -u
--	sed -e 's/dnssec-validation  auto;/dnssec-enable no;dnssec-validation no;/g' -i /etc/bind/named.conf.options
--}
--
--setup_squid() {
--	maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
--	if dpkg --compare-versions $maas_ver lt 1.6; then
--		# This is now a transparent proxy
--		if [ -d "/etc/squid-deb-proxy" ]; then
--			echo > /etc/squid-deb-proxy/squid-deb-proxy.conf
--		fi
--		cat /usr/lib/orange-box/inc/squid.conf > /etc/squid3/squid.conf
--		# Disable squid3, enable squid-deb-proxy
--		update-rc.d -f squid-deb-proxy remove || true
--		invoke-rc.d squid-deb-proxy stop || true
--		# Create directories, if necessary
--		squid3 -z -N || true
--		ensure_running squid3
--	fi
--	true
--}
--
--setup_local_mirror() {
--	# Set up the local mirror
--	a2ensite archive
--	a2ensite ubuntu-cloud
--	a2dissite 000-default
--	mkdir -p /srv/mirrors/archive.ubuntu.com
--	echo '<meta http-equiv="refresh" content="0; url=MAAS/">' > /srv/mirrors/archive.ubuntu.com/index.html
--	invoke-rc.d apache2 stop || true
--	invoke-rc.d apache2 start
--	# Sync the charm store to /srv/charmstore
--	# Note: This is going to take a LONG time
--	orange-box-sync-charmstore &
--}
--
--setup_boot_resources() {
--	# Importing boot resources
--	# This might take a long time.
--	# MAAS won't work very well until this is done, so we're going to block
--	# until this completes.
--	orange-box-test-uplink
--	# Support MAAS 1.5, and newer
--	maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
--	if dpkg --compare-versions $maas_ver lt 1.6; then
--		cat /usr/lib/orange-box/inc/bootresources_1.5.yaml > /etc/maas/bootresources.yaml
--		run-this-one maas-import-pxe-files --config-file /etc/maas/bootresources.yaml
--	else
--		maas admin boot-resources import
--		while [ $(maas admin boot-images read $CLUSTER_UUID | wc -l) -lt 10 ]; do
--			# Waiting for images to download
--			sleep 10
--		done
--	fi
--}
--
--setup_desktop() {
--	sudo -u ubuntu dbus-launch gsettings set org.gnome.desktop.background picture-uri file:///usr/share/orange-box/orange-box-background.png
--	sudo -u ubuntu dbus-launch gsettings set com.canonical.Unity.Launcher favorites "['firefox.desktop', 'byobu.desktop', 'remmina.desktop']"
--	sudo -u ubuntu dbus-launch gsettings set org.gnome.desktop.session idle-delay 999999
--	sudo -u ubuntu dbus-launch gsettings set org.gnome.desktop.screensaver idle-activation-enabled false
--	sudo -u ubuntu dbus-launch gsettings set org.gnome.desktop.screensaver lock-enabled false
--	if [ -e /etc/lightdm/lightdm.conf ]; then
--		sed -i -e "/autologin-user=/d" /etc/lightdm/users.conf
--		echo "autologin-user=ubuntu" >> /etc/lightdm/users.conf
--	fi
--	echo "enabled=0" > /etc/default/apport
--	invoke-rc.d apport stop || true
--}
--
--setup_ssh_keys() {
--	# Disable remote password authentication, since our username/password
--	# combo is very well known
--	if ! grep -qs "^PasswordAuthentication no" /etc/ssh/sshd_config 2>/dev/null; then
--		echo "PasswordAuthentication no" >> /etc/ssh/sshd_config
--		invoke-rc.d ssh stop || true
--		invoke-rc.d ssh start
--	fi
--	if [ ! -e /home/ubuntu/.ssh/id_rsa ]; then
--		su -l ubuntu -c "ssh-keygen -N '' -f /home/ubuntu/.ssh/id_rsa"
--	fi
--	maas admin sshkeys new key="$(cat /home/ubuntu/.ssh/id_rsa.pub)" || true
--	if ! grep -qs "^Host.*maas$" /home/ubuntu/.ssh/config; then
--		cat <<EOF >>/home/ubuntu/.ssh/config
--
--Host *.maas
--UserKnownHostsFile /dev/null
--StrictHostKeyChecking no
--CheckHostIP no
--
--EOF
--	fi
--	chmod 600 /home/ubuntu/.ssh/config
--	chown -R ubuntu:ubuntu /home/ubuntu/.ssh/config
--}
--
--setup_juju() {
--	mkdir -p /home/ubuntu/.juju
--	cat >/home/ubuntu/.juju/environments.yaml <<EOF
--default: maas
--environments:
--    maas:
--        type: maas
--        maas-server: 'http://10.14.4.1/MAAS/'
--        maas-oauth: '$APIKEY'
--        default-series: trusty
--        #enable-os-upgrade: false
--        authorized-keys-path: /home/ubuntu/.ssh/id_rsa.pub
--        admin-secret: 'admin'
--        logging-config: '<root>=DEBUG'
--        lxc-clone: true
--EOF
--	rm -rf /home/ubuntu/.juju-plugins
--	git clone https://github.com/juju/plugins /home/ubuntu/.juju-plugins
--	sudo chown -R ubuntu:ubuntu /home/ubuntu/
--	echo "PATH=\$PATH:/home/ubuntu/.juju-plugins:/home/ubuntu/Examples/bin" >> /home/ubuntu/.bashrc
--	#Required for local charm deployments to work.
--	sed -i -e '/^export JUJU_REPOSITORY=/d' /home/ubuntu/.bashrc
--	echo "export JUJU_REPOSITORY=/srv/charmstore" >> /home/ubuntu/.bashrc
--}
--
--ensure_running() {
--	job="$1"
--	count=1
--	while true; do
--		if (service $job status | grep -qs "running"); then
--			break
--		fi
--		invoke-rc.d $job start
--		sleep 1
--		count=$((count+1))
--		if [ $count -gt $RETRY ]; then
--			error "[$job] refused to start [$RETRY] times"
--		fi
--	done
--}
--
--ensure_running_maas() {
--	maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
--	if dpkg --compare-versions $maas_ver lt 1.6; then
--		ensure_running maas-region-celery
--		ensure_running maas-cluster-celery
--		ensure_running maas-txlongpoll
--		ensure_running maas-pserv
--		ensure_running maas-dhcp-server
--		ensure_running squid3
--	else
--		ensure_running apache2
--		ensure_running maas-clusterd
--		ensure_running maas-dhcpd
--		ensure_running maas-proxy
--	fi
--	invoke-rc.d tgt stop || true
--	invoke-rc.d tgt start
--	ensure_running tgt
--}
--
--setup_all_nodes() {
--	# Ensure that pxe and dhcp are running
--	ensure_running_maas
--	maas admin node-groups import-boot-images
--	orange-box-add-physical-nodes
--	orange-box-add-virtual-nodes
--}
--
--apply_patches() {
--	# This is a DISGUSTING HACK that needs to go away
--	# as soon as MAAS ships these fixes
--	cd /
--	cat /usr/lib/orange-box/patches/acquire_languages_none.patch | patch -p0 -N || true
--	maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
--	if dpkg --compare-versions $maas_ver lt 1.6; then
--		cat /usr/lib/orange-box/patches/arp_ip_order.patch | patch -p0 -N || true
--		cat /usr/lib/orange-box/patches/try_amt_harder.patch | patch -p0 -N || true
--		rm -f /usr/lib/python2.7/dist-packages/provisioningserver/utils/__init__.pyc
--		invoke-rc.d maas-cluster-celery stop || true
--		invoke-rc.d maas-cluster-celery start
--	fi
--	cd -
--}
--
--setup_landscape() {
--	# The master node will be managed by Landscape
--	# TODO: this is currently hardcoded to our own landscape account
--	if which landscape-config; then
--		case "$(hostname)" in
--			OrangeBox*|orangebox*)
--				landscape-config -a canonical-orange -t "$(hostname)__$(dmidecode -s baseboard-serial-number)" -p ubuntu-aubergine --script-users=ALL --silent --include-manager-plugins=ScriptExecution || true
--			;;
--		esac
--	fi
--}
--
--setup_examples() {
--	mkdir -p /home/ubuntu
--	if [ -d /home/ubuntu/Examples/.bzr ]; then
--		bzr pull >/dev/null 2>&1 || true
--	elif [ -d /home/ubuntu/Examples ]; then
--		mv -f /home/ubuntu/Examples /home/ubuntu/.Examples
--		bzr branch lp:orange-box-examples /home/ubuntu/Examples >/dev/null 2>&1 || true
--	else
--		bzr branch lp:orange-box-examples /home/ubuntu/Examples >/dev/null 2>&1 || true
--	fi
--	chown -R ubuntu:ubuntu /home/ubuntu
--}
--
--case "$1" in
--	configure)
--		setup_desktop
--		apply_patches
--		setup_maas_admin
--		setup_dns
--		if [ -n "$2" ]; then
--			echo
--			echo "INFO: Skipping importing boot resources, since this is a package upgrade"
--			echo "INFO: If you want to update boot resources, run:"
--			echo "INFO:   sudo maas-import-pxe-files"
--			echo "INFO:   sudo maas admin node-groups import-boot-images"
--			echo
--		else
--			setup_boot_resources
--		fi
--		setup_maas_networking
--		maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
--		if dpkg --compare-versions $maas_ver lt 1.6; then
--			setup_squid
--		fi
--		setup_local_mirror
--		setup_ssh_keys
--		setup_juju
--		if [ -n "$2" ]; then
--			echo
--			echo "INFO: Skipping adding all nodes, since this is a package upgrade"
--			echo "INFO: If you want to delete and add all nodes again, run:"
--			echo "INFO:   sudo orange-box-add-physical-nodes"
--			echo "INFO:   sudo orange-box-add-virtual-nodes"
--			echo
--		else
--			# Only add all nodes and configure landscape on initial install, not upgrades
--			setup_landscape
--			setup_all_nodes
--		fi
--		setup_examples
--	;;
--	abort-upgrade|abort-remove|abort-deconfigure)
--	;;
--	*)
--		echo "postinst called with unknown argument \`$1'" >&2
--	exit 1
--	;;
--esac
--
--#DEBHELPER#
--
--exit 0
 === added file 'debian/postrm'
 --- debian/postrm	1970-01-01 00:00:00 +0000
 +++ debian/postrm	2015-07-17 17:14:52 +0000
@@ -0,0 +1,23 @@
++#!/bin/sh
++
++set -e
++
++webserver="apache2"
++
++case "$1" in
++	remove)
++		for i in archive ubuntu-cloud archive.ubuntu.com cdimage.ubuntu.com cloud-images.ubuntu.com ports.ubuntu.com releases.ubuntu.com ubuntu-cloud.archive.canonical.com; do
++			if [ -e "/etc/apache2/sites-enabled/${i}.conf" ]; then
++				a2dissite $i
++			fi
++		done
++		invoke-rc.d $webserver reload
++		rm -f /var/log/orange-box-mirror.log
++#		rm -rf /etc/maas
++		rm -rf /var/lib/orange-box
++	;;
++esac
++
++#DEBHELPER#
++
++exit 0
 === removed file 'debian/postrm'
 --- debian/postrm	2014-07-17 04:12:46 +0000
 +++ debian/postrm	1970-01-01 00:00:00 +0000
@@ -1,23 +0,0 @@
--#!/bin/sh
--
--set -e
--
--webserver="apache2"
--
--case "$1" in
--	remove)
--		for i in archive ubuntu-cloud; do
--			if [ -e "/etc/apache2/sites-enabled/${i}.conf" ]; then
--				a2dissite $i
--			fi
--		done
--		invoke-rc.d $webserver reload
--		rm -f /var/log/orange-box-mirror.log
--		rm -rf /etc/maas
--		rm -rf /var/lib/orange-box
--	;;
--esac
--
--#DEBHELPER#
--
--exit 0
 === added file 'debian/preinst'
 --- debian/preinst	1970-01-01 00:00:00 +0000
 +++ debian/preinst	2015-07-17 17:14:52 +0000
@@ -0,0 +1,168 @@
++#!/bin/sh
++set -e
++set -x
++
++get_orangebox_number() {
++## assume hostname as been set correctly .. will be checked in postinst
++OBNum=`hostname | cut -c 10- -`
++echo $OBNum
++echo "## Script generated file, others rely, know what your doing if tempering" > /etc/orange-box.conf
++echo "orangebox_number=$OBNum" >> /etc/orange-box.conf
++echo "orangebox_mirror=INIT">> /etc/orange-box.conf
++}
++
++### According to OB networking re-design
++orangebox_number=`get_orangebox_number`
++default_maas_ip=172.27.${orangebox_number}.1
++gateway_ip=172.27.252.1
++external_ip=172.27.252.${orangebox_number}
++internal_ip=172.27.${orangebox_number}.1
++br0_broadcast=172.27.`expr ${orangebox_number} + 3`.255
++
++#unnecessary comment
++
++preflight_checks() {
++	if [ "$(id -u ubuntu)" != "1000" ]; then
++		echo "ERROR: Read the docs; a proper OrangeBox setup requires the default user to be [ubuntu]" 1>&2
++		exit 1
++	fi
++	#ensure em1 is the correct name
++	biosdevname -i eth1 || (echo "biosdevname should have been run already assume it does"; true)
++	# TODO: Check that the AMTs are on static IPs
++	# TODO: Check dual hard drives, which one is which
++	# TODO: Ensure we have two interfaces, one internal, one external
++}
++
++setup_debconf() {
++	echo "debconf maas/default-maas-url string $default_maas_ip" | debconf-set-selections -
++	echo "debconf maas-cluster-controller/maas-url string http://${default_maas_ip}/MAAS" | debconf-set-selections -
++	echo "debconf maas/installation-note boolean true" | debconf-set-selections -
++	echo "debconf iptables-persistent/autosave_done boolean true" | debconf-set-selections -
++	echo "debconf iptables-persistent/autosave_v4 boolean true" | debconf-set-selections -
++	echo "debconf iptables-persistent/autosave_v6 boolean true" | debconf-set-selections -
++}
++
++setup_networking() {
++	modprobe 8021q || true
++	sed -i -e "/8021q/d" /etc/modules || true
++	echo "8021q" >> /etc/modules
++	# Set up the two network interfaces
++	external_interface=$(ip route ls | grep ^default | awk '{print $5}')
++	# TODO: ip addr ls
++	for interface in $(ifconfig -a -s | grep -v ^Iface | awk '{print $1}'); do
++		case "$interface" in
++			lo|br*|wlan*|vnet*)
++				continue
++			;;
++			$external_interface)
++				continue
++			;;
++			*)
++				internal_interface="$interface"
++				break
++			;;
++		esac
++	done
++	# Set a sane default as em1 because the biosdevname should have been installed and run
++	[ -z "$internal_interface" ] && internal_interface=em1
++	# TODO: use ip
++	default_mac=$(ifconfig "$internal_interface" | grep "^$internal_interface" | sed -e "s/.*HWaddr //")
++	# Tell NetworkManager to piss off
++	sed -i -e "/^unmanaged-devices=mac:$default_mac$/d" /etc/NetworkManager/NetworkManager.conf
++	cat >>/etc/NetworkManager/NetworkManager.conf <<EOF
++[keyfile]
++unmanaged-devices=mac:$default_mac
++EOF
++	invoke-rc.d network-manager stop || true
++	invoke-rc.d network-manager start
++        cat >/etc/network/interfaces <<EOF
++auto lo
++iface lo inet loopback
++
++auto $external_interface
++iface $external_interface inet static
++        address ${external_ip}
++        netmask 255.255.252.0
++        broadcast 172.27.255.255
++        gateway ${gateway_ip}
++        dns-nameservers ${gateway_ip}
++
++auto $internal_interface
++iface $internal_interface inet manual
++
++
++auto br0
++iface br0 inet static
++        address ${internal_ip}
++        netmask 255.255.252.0
++        broadcast $br0_broadcast
++        bridge_ports $internal_interface
++        bridge_stp off
++        bridge_fd 0
++        bridge_maxwait 0
++
++# VLAN 2, Uplink network
++iface ${internal_interface}.2 inet dhcp
++vlan-raw-device $internal_interface
++
++# Network management alias
++iface br0:1 inet static
++address 10.90.90.91
++netmask 255.255.255.0
++broadcast 10.90.90.255
++
++EOF
++	ifdown --force $internal_interface || true
++	ifdown --force br0 || true
++	ifup $internal_interface
++	ifup br0
++        ### Same for $external_interface
++        ifdown --force $external_interface || true
++        ifup $external_interface
++
++        # Wait a moment for the network to normalize
++	echo "INFO: Ensure networking has settled"
++	run-one-until-success ping -c 10 maas.ubuntu.com
++}
++
++setup_external_drive() {
++	# External drive must be:
++	#       a) partitioned into 1 big partition
++	#       b) ext4 formatted
++	# Find root disk
++	root_disk=$(mount | grep " on / " | awk '{print $1}' | sed -e "s/[0-9]\+$//")
++	# Find biggest non-root disk
++	ext_disk=$(fdisk -l | grep "^Disk /" | grep -v $root_disk | sort -k4 -n -r | awk '{print $2}' | awk -F: '{print $1}')
++	partition="${ext_disk}1"
++	if [ -b "$ext_disk" ]; then
++		if [ ! -b "$partition" ]; then
++			# Create the partition, if it doesn't exist already
++			echo "n
++p
++1
++
++
++w
++"|fdisk "$ext_disk"
++			mkfs.ext4 "$partition"
++		fi
++		sed -i -e "/ \/srv/d" /etc/fstab
++		# Add the fstab entry
++		uuid=$(blkid -s UUID -o value "$partition")
++		echo "UUID=$uuid /srv    ext4    defaults        1 1" >> /etc/fstab
++	fi
++	umount $partition || true
++	mount -a
++	chown root:root /srv
++	chmod 755 /srv
++}
++
++
++preflight_checks
++setup_external_drive
++setup_debconf
++setup_networking
++
++#DEBHELPER#
++
++exit 0
 === removed file 'debian/preinst'
 --- debian/preinst	2014-08-25 14:32:16 +0000
 +++ debian/preinst	1970-01-01 00:00:00 +0000
@@ -1,136 +0,0 @@
--#!/bin/sh
--set -e
--set -x
--
--#unnecessary comment
--
--preflight_checks() {
--	if [ "$(id -u ubuntu)" != "1000" ]; then
--		echo "ERROR: Read the docs; a proper OrangeBox setup requires the default user to be [ubuntu]" 1>&2
--		exit 1
--	fi
--	# TODO: Check that the AMTs are on static IPs
--	# TODO: Check dual hard drives, which one is which
--	# TODO: Ensure we have two interfaces, one internal, one external
--}
--
--setup_debconf() {
--	echo "debconf maas/default-maas-url string 10.14.4.1" | debconf-set-selections -
--	echo "debconf maas-cluster-controller/maas-url string http://10.14.4.1/MAAS" | debconf-set-selections -
--	echo "debconf maas/installation-note boolean true" | debconf-set-selections -
--	echo "debconf iptables-persistent/autosave_done boolean true" | debconf-set-selections -
--	echo "debconf iptables-persistent/autosave_v4 boolean true" | debconf-set-selections -
--	echo "debconf iptables-persistent/autosave_v6 boolean true" | debconf-set-selections -
--}
--
--setup_networking() {
--	modprobe 8021q || true
--	sed -i -e "/8021q/d" /etc/modules || true
--	echo "8021q" >> /etc/modules
--	# Set up the two network interfaces
--	external_interface=$(ip route ls | grep ^default | awk '{print $5}')
--	# TODO: ip addr ls
--	for interface in $(ifconfig -a -s | grep -v ^Iface | awk '{print $1}'); do
--		case "$interface" in
--			lo|br*|wlan*)
--				continue
--			;;
--			$external_interface)
--				continue
--			;;
--			*)
--				internal_interface="$interface"
--				break
--			;;
--		esac
--	done
--	# Set a sane default
--	[ -z "$internal_interface" ] && internal_interface=eth0
--	# TODO: use ip
--	default_mac=$(ifconfig "$internal_interface" | grep "^$internal_interface" | sed -e "s/.*HWaddr //")
--	# Tell NetworkManager to piss off
--	sed -i -e "/^unmanaged-devices=mac:$default_mac$/d" /etc/NetworkManager/NetworkManager.conf
--	cat >>/etc/NetworkManager/NetworkManager.conf <<EOF
--[keyfile]
--unmanaged-devices=mac:$default_mac
--EOF
--	invoke-rc.d network-manager stop || true
--	invoke-rc.d network-manager start
--        cat >/etc/network/interfaces <<EOF
--auto lo
--iface lo inet loopback
--
--auto $internal_interface
--iface $internal_interface inet manual
--
--auto br0
--iface br0 inet static
--        address 10.14.4.1
--        netmask 255.255.0.0
--        broadcast 10.14.255.255
--	bridge_ports $internal_interface
--	bridge_stp off
--	bridge_fd 0
--	bridge_maxwait 0
--
--# VLAN 2, Uplink network
--iface eth0.2 inet dhcp
--vlan-raw-device eth0
--
--# Network management alias
--iface br0:1 inet static
--address 10.90.90.91
--netmask 255.255.255.0
--broadcast 10.90.90.255
--
--EOF
--	ifdown --force $internal_interface || true
--	ifdown --force br0 || true
--	ifup $internal_interface
--	ifup br0
--        # Wait a moment for the network to normalize
--	echo "INFO: Ensure networking has settled"
--	run-one-until-success ping -c 10 maas.ubuntu.com
--}
--
--setup_external_drive() {
--	# External drive must be:
--	#       a) partitioned into 1 big partition
--	#       b) ext4 formatted
--	# Find root disk
--	root_disk=$(mount | grep " on / " | awk '{print $1}' | sed -e "s/[0-9]\+$//")
--	# Find biggest non-root disk
--	ext_disk=$(fdisk -l | grep "^Disk /" | grep -v $root_disk | sort -k4 -n -r | awk '{print $2}' | awk -F: '{print $1}')
--	partition="${ext_disk}1"
--	if [ -b "$ext_disk" ]; then
--		if [ ! -b "$partition" ]; then
--			# Create the partition, if it doesn't exist already
--			echo "n
--p
--1
--
--
--w
--"|fdisk "$ext_disk"
--			mkfs.ext4 "$partition"
--		fi
--		sed -i -e "/ \/srv/d" /etc/fstab
--		# Add the fstab entry
--		uuid=$(blkid -s UUID -o value "$partition")
--		echo "UUID=$uuid /srv    ext4    defaults        1 1" >> /etc/fstab
--	fi
--	umount $partition || true
--	mount -a
--	chown root:root /srv
--	chmod 755 /srv
--}
--
--
--preflight_checks
--setup_external_drive
--setup_debconf
--setup_networking
--
--#DEBHELPER#
--
--exit 0
 === modified file 'debian/source/format'
 --- debian/source/format	2014-04-04 19:40:10 +0000
 +++ debian/source/format	2015-07-17 17:14:52 +0000
@@ -1,1 +1,1 @@
--3.0 (quilt)
++3.0 (native)
 === removed file 'etc/apache2/sites-available/archive.conf'
 --- etc/apache2/sites-available/archive.conf	2014-04-11 05:16:52 +0000
 +++ etc/apache2/sites-available/archive.conf	1970-01-01 00:00:00 +0000
@@ -1,13 +0,0 @@
--<VirtualHost *:80>
--	ServerName archive.ubuntu.com
--	ServerAdmin webmaster@localhost
--	DocumentRoot /srv/mirrors/archive.ubuntu.com/
--	ErrorLog ${APACHE_LOG_DIR}/error.log
--	CustomLog ${APACHE_LOG_DIR}/access.log combined
--	<Directory /srv/mirrors/archive.ubuntu.com/>
--	        Options Indexes FollowSymLinks Multiviews
--		Require all granted
--	</Directory>
--</VirtualHost>
--
--# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
 === added file 'etc/apache2/sites-available/archive.ubuntu.com.conf'
 --- etc/apache2/sites-available/archive.ubuntu.com.conf	1970-01-01 00:00:00 +0000
 +++ etc/apache2/sites-available/archive.ubuntu.com.conf	2015-07-17 17:14:52 +0000
@@ -0,0 +1,14 @@
++<VirtualHost *:80>
++	ServerName archive.ubuntu.com
++        ServerAlias *.archive.ubuntu.com
++	ServerAdmin webmaster@localhost
++	DocumentRoot /srv/mirrors/archive.ubuntu.com/
++	ErrorLog ${APACHE_LOG_DIR}/error.log
++	CustomLog ${APACHE_LOG_DIR}/access.log combined
++	<Directory /srv/mirrors/archive.ubuntu.com/>
++	        Options Indexes FollowSymLinks Multiviews
++		Require all granted
++	</Directory>
++</VirtualHost>
++
++# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
 === added file 'etc/apache2/sites-available/cdimage.ubuntu.com.conf'
 --- etc/apache2/sites-available/cdimage.ubuntu.com.conf	1970-01-01 00:00:00 +0000
 +++ etc/apache2/sites-available/cdimage.ubuntu.com.conf	2015-07-17 17:14:52 +0000
@@ -0,0 +1,14 @@
++<VirtualHost *:80>
++	ServerName cdimage.ubuntu.com
++        ServerAlias *.cdimage.ubuntu.com
++	ServerAdmin root@localhost
++	DocumentRoot /srv/mirrors/cdimage.ubuntu.com/
++	ErrorLog ${APACHE_LOG_DIR}/cdimage.ubuntu.com-error.log
++	CustomLog ${APACHE_LOG_DIR}/cdimage.ubuntu.com-access.log combined
++	<Directory /srv/mirrors/cdimage.ubuntu.com/>
++	        Options Indexes FollowSymLinks Multiviews
++		Require all granted
++	</Directory>
++</VirtualHost>
++
++# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
 === added file 'etc/apache2/sites-available/cloud-images.ubuntu.com.conf'
 --- etc/apache2/sites-available/cloud-images.ubuntu.com.conf	1970-01-01 00:00:00 +0000
 +++ etc/apache2/sites-available/cloud-images.ubuntu.com.conf	2015-07-17 17:14:52 +0000
@@ -0,0 +1,14 @@
++<VirtualHost *:80>
++	ServerName cloud-images.ubuntu.com
++        ServerAlias *.cloud-images.ubuntu.com
++	ServerAdmin root@localhost
++	DocumentRoot /srv/mirrors/cloud-images.ubuntu.com/
++	ErrorLog ${APACHE_LOG_DIR}/cloud-images.ubuntu.com-error.log
++	CustomLog ${APACHE_LOG_DIR}/cloud-images.ubuntu.com-access.log combined
++	<Directory /srv/mirrors/cloud-images.ubuntu.com/>
++	        Options Indexes FollowSymLinks Multiviews
++		Require all granted
++	</Directory>
++</VirtualHost>
++
++# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
 === added file 'etc/apache2/sites-available/ports.ubuntu.com.conf'
 --- etc/apache2/sites-available/ports.ubuntu.com.conf	1970-01-01 00:00:00 +0000
 +++ etc/apache2/sites-available/ports.ubuntu.com.conf	2015-07-17 17:14:52 +0000
@@ -0,0 +1,14 @@
++<VirtualHost *:80>
++	ServerName ports.ubuntu.com
++        ServerAlias *.ports.ubuntu.com
++	ServerAdmin root@localhost
++	DocumentRoot /srv/mirrors/ports.ubuntu.com/
++	ErrorLog ${APACHE_LOG_DIR}/ports.ubuntu.com-error.log
++	CustomLog ${APACHE_LOG_DIR}/ports.ubuntu.com-access.log combined
++	<Directory /srv/mirrors/ports.ubuntu.com/>
++	        Options Indexes FollowSymLinks Multiviews
++		Require all granted
++	</Directory>
++</VirtualHost>
++
++# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
 === added file 'etc/apache2/sites-available/releases.ubuntu.com.conf'
 --- etc/apache2/sites-available/releases.ubuntu.com.conf	1970-01-01 00:00:00 +0000
 +++ etc/apache2/sites-available/releases.ubuntu.com.conf	2015-07-17 17:14:52 +0000
@@ -0,0 +1,14 @@
++<VirtualHost *:80>
++	ServerName releases.ubuntu.com
++        ServerAlias *.releases.ubuntu.com
++	ServerAdmin root@localhost
++	DocumentRoot /srv/mirrors/releases.ubuntu.com/
++	ErrorLog ${APACHE_LOG_DIR}/releases.ubuntu.com-error.log
++	CustomLog ${APACHE_LOG_DIR}/releases.ubuntu.com-access.log combined
++	<Directory /srv/mirrors/releases.ubuntu.com/>
++	        Options Indexes FollowSymLinks Multiviews
++		Require all granted
++	</Directory>
++</VirtualHost>
++
++# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
 === added file 'etc/apache2/sites-available/ubuntu-cloud.archive.canonical.com.conf'
 --- etc/apache2/sites-available/ubuntu-cloud.archive.canonical.com.conf	1970-01-01 00:00:00 +0000
 +++ etc/apache2/sites-available/ubuntu-cloud.archive.canonical.com.conf	2015-07-17 17:14:52 +0000
@@ -0,0 +1,12 @@
++<VirtualHost *:80>
++	ServerName ubuntu-cloud.archive.canonical.com
++	ServerAdmin webmaster@localhost
++	DocumentRoot /srv/mirrors/ubuntu-cloud.archive.canonical.com/
++	ErrorLog ${APACHE_LOG_DIR}/error.log
++	CustomLog ${APACHE_LOG_DIR}/access.log combined
++	<Directory /srv/mirrors/ubuntu-cloud.archive.canonical.com/>
++	        Options Indexes FollowSymLinks Multiviews
++		Require all granted
++	</Directory>
++</VirtualHost>
++# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
 === removed file 'etc/apache2/sites-available/ubuntu-cloud.conf'
 --- etc/apache2/sites-available/ubuntu-cloud.conf	2014-04-11 05:16:52 +0000
 +++ etc/apache2/sites-available/ubuntu-cloud.conf	1970-01-01 00:00:00 +0000
@@ -1,12 +0,0 @@
--<VirtualHost *:80>
--	ServerName ubuntu-cloud.archive.canonical.com
--	ServerAdmin webmaster@localhost
--	DocumentRoot /srv/mirrors/ubuntu-cloud.archive.canonical.com/
--	ErrorLog ${APACHE_LOG_DIR}/error.log
--	CustomLog ${APACHE_LOG_DIR}/access.log combined
--	<Directory /srv/mirrors/ubuntu-cloud.archive.canonical.com/>
--	        Options Indexes FollowSymLinks Multiviews
--		Require all granted
--	</Directory>
--</VirtualHost>
--# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
 === modified file 'etc/apt/orange-box-mirror.list'
 --- etc/apt/orange-box-mirror.list	2015-01-21 22:04:42 +0000
 +++ etc/apt/orange-box-mirror.list	2015-07-17 17:14:52 +0000
@@ -8,7 +8,7 @@
  set var_path     $base_path/var
  set cleanscript  /bin/true
  set defaultarch  amd64
--set postmirror_script /bin/true
++set postmirror_script /srv/var/postmirror.sh
  # set run_postmirror 0
  set nthreads     20
  set _tilde 0
@@ -16,28 +16,51 @@
  ############# end config ##############
  ## Trusty
--deb http://orange-box.archive.ubuntu.com/ubuntu trusty main restricted universe multiverse
--deb http://orange-box.archive.ubuntu.com/ubuntu trusty-security main restricted universe multiverse
--deb http://orange-box.archive.ubuntu.com/ubuntu trusty-updates main restricted universe multiverse
--deb-i386 http://orange-box.archive.ubuntu.com/ubuntu trusty main restricted universe multiverse
--deb-i386 http://orange-box.archive.ubuntu.com/ubuntu trusty-security main restricted universe multiverse
--deb-i386 http://orange-box.archive.ubuntu.com/ubuntu trusty-updates main restricted universe multiverse
++deb http://archive.ubuntu.com/ubuntu trusty main restricted universe multiverse
++deb http://archive.ubuntu.com/ubuntu trusty-security main restricted universe multiverse
++deb http://archive.ubuntu.com/ubuntu trusty-updates main restricted universe multiverse
++deb http://archive.ubuntu.com/ubuntu trusty-backports main restricted universe multiverse
++deb-i386 http://archive.ubuntu.com/ubuntu trusty-backports main restricted universe multiverse
++deb-i386 http://archive.ubuntu.com/ubuntu trusty main restricted universe multiverse
++deb-i386 http://archive.ubuntu.com/ubuntu trusty-security main restricted universe multiverse
++deb-i386 http://archive.ubuntu.com/ubuntu trusty-updates main restricted universe multiverse
++
++
++deb-src http://archive.ubuntu.com/ubuntu trusty main restricted universe multiverse
++deb-src http://archive.ubuntu.com/ubuntu trusty-security main restricted universe multiverse
++deb-src http://archive.ubuntu.com/ubuntu trusty-updates main restricted universe multiverse
++deb-src http://archive.ubuntu.com/ubuntu trusty-backports main restricted universe multiverse
++
  ## precise
--deb http://orange-box.archive.ubuntu.com/ubuntu precise main restricted universe multiverse
--deb http://orange-box.archive.ubuntu.com/ubuntu precise-security main restricted universe multiverse
--deb http://orange-box.archive.ubuntu.com/ubuntu precise-updates main restricted universe multiverse
--deb-i386 http://orange-box.archive.ubuntu.com/ubuntu precise main restricted universe multiverse
--deb-i386 http://orange-box.archive.ubuntu.com/ubuntu precise-security main restricted universe multiverse
--deb-i386 http://orange-box.archive.ubuntu.com/ubuntu precise-updates main restricted universe multiverse
++deb http://archive.ubuntu.com/ubuntu precise main restricted universe multiverse
++deb http://archive.ubuntu.com/ubuntu precise-security main restricted universe multiverse
++deb http://archive.ubuntu.com/ubuntu precise-updates main restricted universe multiverse
++deb http://archive.ubuntu.com/ubuntu precise-backports main restricted universe multiverse
++
++deb-i386 http://archive.ubuntu.com/ubuntu precise main restricted universe multiverse
++deb-i386 http://archive.ubuntu.com/ubuntu precise-security main restricted universe multiverse
++deb-i386 http://archive.ubuntu.com/ubuntu precise-updates main restricted universe multiverse
++deb-src http://archive.ubuntu.com/ubuntu precise main restricted universe multiverse
++deb-src http://archive.ubuntu.com/ubuntu precise-security main restricted universe multiverse
++deb-src http://archive.ubuntu.com/ubuntu precise-updates main restricted universe multiverse
++
++##http://ubuntu-cloud.archive.canonical.com precise-updates/cloud-tools/main Sources
  ## Cloud-archive
--deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/cloud-tools main
--deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/havana main
--deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/icehouse main
--deb-i386 http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/cloud-tools main
--deb-i386 http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/havana main
--deb-i386 http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/icehouse main
++#deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/cloud-tools main
++#deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/havana main
++#deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/icehouse main
++#deb http://ubuntu-cloud.archive.canonical.com/ubuntu trusty-updates/juno main
++#deb-i386 http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/cloud-tools main
++#deb-i386 http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/havana main
++#deb-i386 http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/icehouse main
++#deb-i386 http://ubuntu-cloud.archive.canonical.com/ubuntu trusty-updates/juno main
++#deb-src  http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/cloud-tools main
++#deb-src http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/havana main
++#deb-src http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/icehouse main
++#deb-src http://ubuntu-cloud.archive.canonical.com/ubuntu trusty-updates/juno main
++
  clean http://archive.ubuntu.com/ubuntu
--clean http://ubuntu-cloud.archive.canonical.com/ubuntu
++#clean http://ubuntu-cloud.archive.canonical.com/ubuntu
 === added directory 'etc/bind'
 === added file 'etc/bind/named.conf.wildcard-archive'
 --- etc/bind/named.conf.wildcard-archive	1970-01-01 00:00:00 +0000
 +++ etc/bind/named.conf.wildcard-archive	2015-07-17 17:14:52 +0000
@@ -0,0 +1,6 @@
++# Zone declarations.
++zone "archive.ubuntu.com" {
++    type master;
++    file "/etc/bind/zones.wildcard-archive";
++};
++
 === added file 'etc/bind/zones.wildcard-archive'
 --- etc/bind/zones.wildcard-archive	1970-01-01 00:00:00 +0000
 +++ etc/bind/zones.wildcard-archive	2015-07-17 17:14:52 +0000
@@ -0,0 +1,20 @@
++$TTL    300
++@  IN  SOA archive.ubuntu.com  ubuntu.com (
++              999 ; serial
++              600 ; Refresh
++              1800 ; Retry
++              604800 ; Expire
++              300 ; TTL
++              )
++
++         IN   NS      archive.ubuntu.com
++
++
++
++
++ns        IN   CNAME   archive.ubuntu.com
++archive.ubuntu.com.   IN   A       10.14.4.1
++archive.ubuntu.com   IN   A       10.14.4.1
++ubuntu-cloud.archive.canonical.com.  IN   A       10.14.4.1
++* IN A 10.14.4.1
++
 === removed directory 'etc/cron.d'
 === removed file 'etc/cron.d/charmstore-mirror'
 --- etc/cron.d/charmstore-mirror	2014-07-30 20:05:45 +0000
 +++ etc/cron.d/charmstore-mirror	1970-01-01 00:00:00 +0000
@@ -1,4 +0,0 @@
--#Run every Staurday at 03:23 in the morning, if plugged in and internet is accessible the charmstore will be updated.
--#Remove any charmstore directories inot modified in the last 90 days to save space.
--23 3 * * 6	root	run-one orange-box-sync-charmstore >>/var/log/orange-box-sync-charmstore.log 2>&1
--38 4 1 * *	root	run-one find /srv/charmstore/ -maxdepth 1 -mindepth 1 -type d -mtime +90 -exec rm -rf {} \;
 === removed file 'etc/cron.d/orange-box-mirror'
 --- etc/cron.d/orange-box-mirror	2014-06-02 15:43:19 +0000
 +++ etc/cron.d/orange-box-mirror	1970-01-01 00:00:00 +0000
@@ -1,1 +0,0 @@
--42 * * * *	root	run-one apt-mirror /etc/apt/orange-box-mirror.list >>/var/log/orange-box-mirror.log 2>&1
 === modified file 'etc/debconf-selections'
 --- etc/debconf-selections	2014-04-04 19:42:22 +0000
 +++ etc/debconf-selections	2015-07-17 17:14:52 +0000
@@ -1,5 +1,3 @@
--maas-cluster-controller maas-cluster-controller/maas-url        string  http://10.14.4.1/MAAS
--maas-region-controller-min      maas/default-maas-url   string  10.14.4.1
  maas-region-controller-min      maas/installation-note   boolean true
  iptables-persistent     iptables-persistent/autosave_v6 boolean true
  iptables-persistent     iptables-persistent/autosave_v4 boolean true
 === added file 'etc/orangebox-mirror.state'
 --- etc/orangebox-mirror.state	1970-01-01 00:00:00 +0000
 +++ etc/orangebox-mirror.state	2015-07-17 17:14:52 +0000
@@ -0,0 +1,1 @@
++INIT
 \ No newline at end of file
 === added file 'etc/ucloudexclude.list'
 --- etc/ucloudexclude.list	1970-01-01 00:00:00 +0000
 +++ etc/ucloudexclude.list	2015-07-17 17:14:52 +0000
@@ -0,0 +1,26 @@
++lost+found/
++desktop/
++lucid/
++full/
++*jaunty*
++*hardy*
++*karmic*
++*lucid*
++*maverick*
++*natty*
++*oneiric*
++*quantal*
++*vagrant*
++*proposed*
++*raring*
++*saucy*
++*utopic*
++*vivid*
++*wily*
++*alpha*
++*snappy*
++*beta*
++*.ova
++*arm*
++*ppc*
++.bzr
 === modified file 'usr/bin/orange-box-add-node'
 --- usr/bin/orange-box-add-node	2014-10-27 20:54:45 +0000
 +++ usr/bin/orange-box-add-node	2015-07-17 17:14:52 +0000
@@ -23,6 +23,9 @@
  set -e
  set -x
++## According to OB network re-design
++. /etc/orange-box.conf
++
  ip_to_mac() {
  	local ip="$1"
  	arp -n | sort | grep -m1 "^$ip\s" | awk '{print $3}'
@@ -31,7 +34,7 @@
  node_name() {
  	local num="${1##*.}"
  	num=$((num-10))
--	echo "node${num}"
++	echo "node${num}ob${orangebox_number}"
+ }
  hostname_to_system_id() {
@@ -60,20 +63,20 @@
  maas admin zone read zone2 || maas admin zones create name=zone2 description="Physical machines on right side of Orange Box"
  #Create maas-br0 network if it does not already exist
--maas admin network read maas-br0 || maas admin networks create name=maas-br0 ip=10.14.0.0 netmask=255.255.0.0 default_gateway=10.14.4.1 dns_servers=10.14.4.1 description="Auto created when running orange-box-add-node"
++maas admin network read maas-br0 || maas admin networks create name=maas-br0 ip=172.27.${orangebox_number}.0 netmask=255.255.252.0 default_gateway=172.27.${orangebox_number}.1 dns_servers=172.27.${orangebox_number}.1 description="Auto created when running orange-box-add-node"
  # Loop over the list of ip addresses listening on 16992
  for ip in $@; do
  	mac=$(ip_to_mac $ip)
  	hostname=$(node_name $ip)
--	node=${hostname#node}
++	node=`echo ${hostname}| sed "s/node\(.*\)ob${orangebox_number}/\1/"`
  	if [ $node -lt 5 ]; then
  		zone="zone1"
  	else
  		zone="zone2"
  	fi
  	info "$ip --> $hostname --> $mac"
--	if [ -z "$ip" ] || [ "$ip" = "10.14.4.1" ]; then
++	if [ -z "$ip" ] || [ "$ip" = "172.27.${orangebox_number}.1" ]; then
  		continue
  	fi
  	# Remove it, if it's already here
 === modified file 'usr/bin/orange-box-add-physical-nodes'
 --- usr/bin/orange-box-add-physical-nodes	2014-07-11 18:27:46 +0000
 +++ usr/bin/orange-box-add-physical-nodes	2015-07-17 17:14:52 +0000
@@ -25,11 +25,16 @@
  oauth_login
++## According to OB network re-design
++. /etc/orange-box.conf
++
++
++
  # Search for nodes listening on AMT's 16992
  info "Searching for all nodes on the local network listening on 16992; this will take 60 seconds...."
--ips=$(time for i in $(seq 1 10); do nmap -p 16992 -oG - 10.14.4.1/24 | grep 16992/open | awk '{print $2}' ; done | sort -u -r)
++ips=$(time for i in $(seq 1 10); do nmap -p 16992 -oG - 172.27.${orangebox_number}.1/22 | grep 16992/open | awk '{print $2}' ; done | sort -u -r)
  if [ -z "$ips" ]; then
--	error "nmap did not find any nodes listening on [16992] on the [10.14.4.1/24] network"
++	error "nmap did not find any nodes listening on [16992] on the [172.27.${orangebox_number}.1/22] network"
  fi
  info "Found: [$ips]"
 === modified file 'usr/bin/orange-box-add-virtual-nodes'
 --- usr/bin/orange-box-add-virtual-nodes	2015-02-07 16:07:08 +0000
 +++ usr/bin/orange-box-add-virtual-nodes	2015-07-17 17:14:52 +0000
@@ -18,6 +18,13 @@
  #    You should have received a copy of the GNU General Public License
  #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
++##
++##
++. /etc/orange-box.conf
++
++external_ip="172.27.252.${orangebox_number}"
++internal_ip="172.27.${orangebox_number}.1"
++internal_network="172.27.${orangebox_number}.0"
  if [ "$(id -u)" != "0" ]; then
    echo "Must be run with sudo or by root"
@@ -29,13 +36,20 @@
  virsh net-info default && virsh net-destroy default && virsh net-undefine default
--[ -d ~maas ] || install -d /var/lib/maas --owner maas --group maas
++[ -d /var/lib/maas ] || install -d /var/lib/maas --owner maas --group maas
  chsh maas -s /bin/bash
--[ -d ~maas/.ssh ] || echo -e "\n\n\n" | sudo -u maas ssh-keygen -N "" -t rsa -f ~maas/.ssh/id_rsa
--grep 'maas@' /home/ubuntu/.ssh/authorized_keys || cat ~maas/.ssh/id_rsa.pub | tee -a /home/ubuntu/.ssh/authorized_keys
--printf "%s,%s %s %s\n" "node0.maas" "10.14.4.1" $(awk '{print $1 " " $2}' /etc/ssh/ssh_host_ecdsa_key.pub) | tee -a ~maas/.ssh/known_hosts
++[ -d /var/lib/maas/.ssh ] || mkdir /var/lib/maas/.ssh && chown maas:maas /var/lib/maas/.ssh
++[ -f /var/lib/maas/.ssh/id_rsa ] || echo -e "\n\n\n" | sudo -u maas ssh-keygen -N "" -t rsa -f /var/lib/maas/.ssh/id_rsa
++[ -f /var/lib/maas/.ssh/known_hosts ] || sudo -u maas ssh-keyscan 172.27.${orangebox_number}.1 |sudo -u maas  tee -a /var/lib/maas/.ssh/known_hosts > /dev/null
++#Always add host keys .. not an issue if files grows
++sudo -u maas ssh-keyscan 172.27.${orangebox_number}.1 |sudo -u maas  tee -a /var/lib/maas/.ssh/known_hosts > /dev/null
++sudo -u maas virsh -c qemu+ssh://ubuntu@172.27.${orangebox_number}.1/system list > /dev/null || sed -i '/ maas@/d' /home/ubuntu/.ssh/authorized_keys
++#If there is no key /new install or just removed add it"
++grep 'maas@' /home/ubuntu/.ssh/authorized_keys || cat /var/lib/maas/.ssh/id_rsa.pub | tee -a /home/ubuntu/.ssh/authorized_keys
++printf "%s,%s %s %s\n" "node0.maas" "$internal_ip" $(awk '{print $1 " " $2}' /etc/ssh/ssh_host_ecdsa_key.pub) | tee -a /var/lib/maas/.ssh/known_hosts
  chown -R ubuntu:ubuntu /home/ubuntu
++
  maas admin tags new name=virtual || true
  maas admin tags new name=bootstrap || true
  maas admin tags new name=neutron || true
@@ -53,25 +67,23 @@
  maas admin zone read zone0 || maas admin zones create name=zone0 description="Virtual machines on node0"
  #Create maas-br0 network if it does not already exist
--maas admin network read maas-br0 || maas admin networks create name=maas-br0 ip=10.14.0.0 netmask=255.255.0.0 default_gateway=10.14.4.1 dns_servers=10.14.4.1 description="Auto created when running orange-box-add-virtual-nodes"
++### For APAC Roadshow
++maas admin network read maas-br0 || maas admin networks create name=maas-br0 ip=${internal_network} netmask=255.255.252.0 default_gateway=${internal_ip} dns_servers=${internal_ip} description="Auto created when running orange-box-add-virtual-nodes"
++
  for i in $(seq 0 2 | sort -r); do
--	hostname="node0vm${i}.maas"
++	hostname="node0vm${i}ob${orangebox_number}.maas"
  	virsh destroy $hostname || true
  	virsh undefine $hostname || true
  	echo "INFO: Installing virtual machine"
--	virt-install --debug --name $hostname --ram 4096 --disk=path=/var/lib/orange-box/${hostname}-1.img,size=20 --disk=path=/var/lib/orange-box/${hostname}-2.img,size=2 --vcpus=2 --os-type=linux --pxe --network=bridge=br0,model=virtio --network=bridge=br0,model=rtl8139 --boot network --video=cirrus --graphics vnc|| true
++	virt-install --debug --name $hostname --ram 4096 --disk=path=/var/lib/orange-box/${hostname}-1.img,size=20 --disk=path=/var/lib/orange-box/${hostname}-2.img,size=2 --vcpus=2 --os-type=linux --pxe --network=bridge=br0 --network=bridge=br0 --boot network --video=cirrus --graphics vnc|| true
  	virsh console $hostname || true
--        #Workaround for bug: https://bugs.launchpad.net/maas/+bug/1367482
--        virsh dumpxml $hostname > /tmp/${hostname}.xml
--        sed -i -e "s#<model type='rtl8139'/>#<model type='rtl8139'/> <rom file=''/>#" /tmp/${hostname}.xml
--        virsh define /tmp/${hostname}.xml
  	virsh autostart $hostname
  	mac=$(virsh dumpxml $hostname | python -c 'import sys, lxml.etree; print list(lxml.etree.parse(sys.stdin).iter("mac"))[0].get("address")')
  	mac2=$(virsh dumpxml $hostname | python -c 'import sys, lxml.etree; print list(lxml.etree.parse(sys.stdin).iter("mac"))[0].get("address")')
  	system_id=$(maas admin nodes list mac_address=$mac | grep system_id | cut -d'"' -f4)
  	if [ -n "$system_id" ]; then
--		maas admin node update $system_id hostname=$hostname power_type=virsh power_parameters_power_address=qemu+ssh://ubuntu@10.14.4.1/system power_parameters_power_id=$hostname
++		maas admin node update $system_id hostname=$hostname power_type=virsh power_parameters_power_address=qemu+ssh://ubuntu@${internal_ip}/system power_parameters_power_id=$hostname
  		maas admin tag update-nodes "virtual" add=$system_id
  		case $i in
 )
 === modified file 'usr/bin/orange-box-amt-monitor'
 --- usr/bin/orange-box-amt-monitor	2014-04-16 22:26:52 +0000
 +++ usr/bin/orange-box-amt-monitor	2015-07-17 17:14:52 +0000
@@ -1,3 +1,5 @@
  #!/bin/sh
--watch -n 10 "sudo nmap -p 16992 -oG - 10.14.4.1/24 | grep 16992/open | sort"
++. /etc/orange-box.conf
++watch -n 10 "sudo nmap -p 16992 -oG - 172.27.${orangebox_number}.0/22 | grep 16992/open | sort"
++
 === removed file 'usr/bin/orange-box-apm-power-fix'
 --- usr/bin/orange-box-apm-power-fix	2014-10-31 09:19:40 +0000
 +++ usr/bin/orange-box-apm-power-fix	1970-01-01 00:00:00 +0000
@@ -1,38 +0,0 @@
--#!/bin/sh
--#
--#    orange-box-apm-power-fix - fix for issue with orange-box-apm-power
--#    Copyright (C) 2014 Canonical Ltd.
--#
--#    Authors: Darryl Weaver <darryl.weaver@canonical.com>
--#
--#    This program is free software: you can redistribute it and/or modify
--#    it under the terms of the GNU General Public License as published by
--#    the Free Software Foundation, version 3 of the License.
--#
--#    This program is distributed in the hope that it will be useful,
--#    but WITHOUT ANY WARRANTY; without even the implied warranty of
--#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
--#    GNU General Public License for more details.
--#
--#    You should have received a copy of the GNU General Public License
--#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
--
--set -x
--
--if [ ! -f  /var/lib/maas/boot-resources/current/syslinux/poweroff-APM.com ]
--then
--cd /srv/data
--wget https://launchpadlibrarian.net/187530745/acpioff.c32
--cd /var/lib/maas/boot-resources/current/syslinux
--sudo mv poweroff.com poweroff-APM.com
--sudo mv /srv/data/acpioff.c32 poweroff.c32
--fi
--
--#fixing the AMT template
--cd /srv/data
--wget https://launchpadlibrarian.net/187911231/not-permitted.patch
--cd /etc/maas/templates/power
--patch < /srv/data/not-permitted.patch
--
--exit
--
 === modified file 'usr/bin/orange-box-bootstrap-juju'
 --- usr/bin/orange-box-bootstrap-juju	2015-01-07 23:15:31 +0000
 +++ usr/bin/orange-box-bootstrap-juju	2015-07-17 17:14:52 +0000
@@ -24,8 +24,12 @@
          timeout 1m run-one-until-success nc -w 10 -zvv $@ 2>&1
+ }
++## According to OB network re-disign
++. /etc/orange-box.conf
++
  juju status && echo "Existing deployment found, exiting." && exit 0
--juju bootstrap --to node0vm0.maas --show-log --upload-tools
++###juju bootstrap --to node0ob${orangebox_number}vm0.maas --show-log --upload-tools
++juju bootstrap --to node0vm0ob${orangebox_number}.maas --show-log --upload-tools
  juju set-constraints "tags="
  juju deploy --to 0 --repository=/srv/charmstore/ local:trusty/juju-gui
  juju expose juju-gui
 === modified file 'usr/bin/orange-box-create-package-mirror'
 --- usr/bin/orange-box-create-package-mirror	2015-01-21 22:04:42 +0000
 +++ usr/bin/orange-box-create-package-mirror	2015-07-17 17:14:52 +0000
@@ -27,7 +27,9 @@
  fi
  home=$PWD
--IP=10.14.4.1
++. /etc/orange-box.conf
++
++IP=172.27.${orangebox_number}.1
  function run_mirror {
      echo "apt-mirror /etc/apt/orange-box-mirror.list >>/var/log/orange-box-mirror.log 2>&1"
@@ -95,6 +97,17 @@
  echo Making mirror directories ...
  mkdir -p /srv/mirrors /srv/skel /srv/var
++echo Creating postmirror.sh script ...
++# This created a blank file, for some reason :/
++echo << 'EOF' > /srv/var/postmirror.sh
++#!/bin/sh
++/srv/var/clean.sh
++EOF
++
++echo Making postmirror.sh executable ...
++chmod +x /srv/var/postmirror.sh
++echo Done. && echo
++
  echo Setting up the web dirs for mirroring ...
  ln -s /srv/mirrors/archive.ubuntu.com/ubuntu /var/www/html/archive.ubuntu.com
  ln -s /srv/mirrors/ubuntu-cloud.archive.canonical.com/ubuntu /var/www/html/ubuntu-cloud.archive.canonical.com
 === modified file 'usr/bin/orange-box-demo-cleanup'
 --- usr/bin/orange-box-demo-cleanup	2014-10-23 22:18:49 +0000
 +++ usr/bin/orange-box-demo-cleanup	2015-07-17 17:14:52 +0000
@@ -20,6 +20,8 @@
  ENVIRONMENT=`juju env`
++. /etc/orange-box.conf
++
  #Destroy juju environment
  juju destroy-environment $ENVIRONMENT
  #make sure AMTs are all powered off
@@ -27,6 +29,6 @@
  if dpkg --compare-versions $maas_ver lt 1.6; then
  	export AMT_PASSWORD=Password1+
  	for i in $(seq 11 19); do
--        	yes | amttool 10.14.4.$i powerdown >/dev/null 2>&1
++                yes | amttool 172.27.${orangebox_number}.$i powerdown >/dev/null 2>&1
  	done
  fi
 === added file 'usr/bin/orange-box-hacks'
 --- usr/bin/orange-box-hacks	1970-01-01 00:00:00 +0000
 +++ usr/bin/orange-box-hacks	2015-07-17 17:14:52 +0000
@@ -0,0 +1,32 @@
++#!/bin/sh
++
++okay() {
++	echo "OK: $@"
++}
++
++error() {
++	echo "ERROR: $@"
++}
++
++# Check powerstate in AMT
++for i in $(seq 1 9); do
++	amtoutput=$(yes | amttool 10.14.4.1${i} info)
++	if [ "$amthostname" = "node${i}amt" ]; then
++		okay "[node${i}]: AMT is responsive"
++	else
++		error "[node${i}]: AMT is not responsive"
++	fi
++	amtpowerstate=$(echo "$amtoutput" | grep "^Powerstate:" | awk '{print $2}')
++	if [ -n "$amtpowerstate" ]; then
++		okay "[node${i}]: AMT powerstate [$amtpowerstate]"
++	else
++		error "[node${i}]: AMT powerstate unknown [$amtpowerstate]"
++	fi
++	uptime=$(ssh node$i.maas "uptime" 2>/dev/null)
++	if [ -n "$uptime" ]; then
++		okay "[node${i}]: SSH to node successful; uptime=[$uptime]"
++	else
++		error "[node${i}]: SSH to node unsuccessful; uptime=[$uptime]"
++	fi
++	echo
++done
 === added file 'usr/bin/orange-box-mirror'
 --- usr/bin/orange-box-mirror	1970-01-01 00:00:00 +0000
 +++ usr/bin/orange-box-mirror	2015-07-17 17:14:52 +0000
@@ -0,0 +1,235 @@
++#!/bin/bash
++#
++#    orange-box-mirror
++#    Copyright (C) 2014 Canonical Ltd.
++#
++#    Authors:         Nicolas Thomas <nicolas.thomas@canonical.com>
++#
++#    This program is free software: you can redistribute it and/or modify
++#    it under the terms of the GNU General Public License as published by
++#    the Free Software Foundation, version 3 of the License.
++#
++#    This program is distributed in the hope that it will be useful,
++#    but WITHOUT ANY WARRANTY; without even the implied warranty of
++#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++#    GNU General Public License for more details.
++#
++#    You should have received a copy of the GNU General Public License
++#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
++
++set -ex
++. /etc/orange-box.conf
++#TODO# merge State in orange-box.conf
++STATE=`cat /etc/orangebox-mirror.state`
++
++# looking for inconsistency / self healing
++dig +short xyz.archive.ubuntu.com | grep 172.27.${orangebox_number}.1 > /dev/null && CHECKEDSTATE=ENABLED || CHECKEDSTATE=DISABLED
++if [[ $STATE != $CHECKEDSTATE ]]
++then
++    if [[ $STATE == MIRRORING ]]
++    then
++	echo "WAS MIRRORING"
++	# IF nobody use the log then it is not mirroring
++	if ( sudo fuser /var/log/orange-box-mirror.log )
++	then
++	    CHECKEDSTATE=MIRRORING
++	else
++	    dig +short xyz.archive.ubuntu.com | grep 172.27.${orangebox_number}.1 && CHECKEDSTATE=ENABLED || CHECKEDSTATE=DISABLED
++	fi
++    fi
++    STATE=$CHECKEDSTATE
++    echo $CHECKEDSTATE > /etc/orangebox-mirror.state
++    echo "Some script end up in error or been screwed healing"
++fi
++
++is-root()
++{
++    if [ "$(id -u)" != "0" ]; then
++	echo "Must be run with sudo or by root"
++	exit 77
++    fi
++}
++
++control_c()
++# run if user hits control-c
++{
++  echo -en "\n*** Ouch! Exiting ***\n"
++  [[ $STATE = MIRRORING ]] &&  echo "DISABLED" > /etc/orangebox-mirror.state
++  exit $?
++}
++
++# trap keyboard interrupt (control-c)
++trap control_c SIGINT
++
++
++usage()
++{
++cat << EOF
++
++orange-box-mirror - control usage and sync of local to OrangeBox mirrors
++
++USAGE: <action>
++
++  The options  must be passed as follows:
++  <action>
++          enable   - enable dns modification to point to local
++          disable  - disable usage of the local mirror
++          sync     - synchronize the mirror with archive disabling it during sync
++	  status    - describe current state
++
++ Note: actions requires root privileges use sudo
++
++EOF
++exit 0
++}
++
++enable-dns-usage()
++{
++[[ $STATE = MIRRORING ]] && { echo "wait for mirroring to end"; exit 2; }
++[[ $STATE = ENABLED ]] && { echo "Already enabled"; exit 0; }
++is-root
++
++#important for templating
++export TTL='$TTL'
++PWDBACK=$PWD
++rm -f /etc/bind/named.conf.orange-box-mirror
++touch /etc/bind/named.conf.orange-box-mirror
++for web_site in archive.ubuntu.com cdimage.ubuntu.com cloud-images.ubuntu.com releases.ubuntu.com ubuntu-cloud.archive.canonical.com
++do
++
++a2ensite  ${web_site}
++## TODO check sed regex if name are other then a-z and "-"
++
++## MUST export for envsubst to work
++export web_site
++export web_site_root=`echo ${web_site} |sed 's/^[a-z,-]*.//'`
++export orangebox_number
++
++envsubst < /usr/lib/orange-box/templates/mirror-bind/zones.template > /etc/bind/zones.${web_site}
++
++envsubst < /usr/lib/orange-box/templates/mirror-bind/named.conf.template >> /etc/bind/named.conf.orange-box-mirror
++done
++# avoid conflict in etc/ files with ubumirror
++envsubst < /usr/lib/orange-box/templates/ubumirror.conf > /etc/ubumirror.conf
++
++# make sure no duplicates and enable only if reach that point
++TMPFILE=`mktemp`
++grep -v "named.conf.orange-box-mirror" /etc/bind/named.conf > $TMPFILE || echo "was already off continue"
++mv $TMPFILE  /etc/bind/named.conf
++chown bind:bind /etc/bind/named.conf
++echo 'include "/etc/bind/named.conf.orange-box-mirror";' >> /etc/bind/named.conf
++service bind9 restart
++service apache2 restart
++echo "ENABLED" > /etc/orangebox-mirror.state
++}
++
++disable-dns-usage()
++{
++[[ $STATE = MIRRORING ]] && { echo "Mirroring in progress usage disabled"; exit 0; }
++[[ $STATE = DISABLED ]] && { echo "Already disabled"; exit 0; }
++is-root
++TMPFILE=`mktemp`
++grep -v "named.conf.orange-box-mirror" /etc/bind/named.conf > $TMPFILE || echo "was already off continue"
++mv $TMPFILE /etc/bind/named.conf
++chown bind:bind /etc/bind/named.conf
++service bind9 restart
++echo "DISABLED" > /etc/orangebox-mirror.state
++}
++
++sync-mirror()
++{
++[[ $STATE = MIRRORING ]] && { echo "already mirroring" ;exit 2; }
++PREVIOUSSTATE=$STATE
++#trick to not rewrite disabling
++STATE="ENABLED"
++disable-dns-usage
++echo "MIRRORING" > /etc/orangebox-mirror.state
++
++echo "Updating cloud-archive mirror"
++/usr/bin/lftp -c mirror -eP=8 -x icons http://ubuntu-cloud.archive.canonical.com /srv/mirrors/ubuntu-cloud.archive.canonical.com
++
++echo "Updating cloud-images mirror"
++
++ROOTDIR="/srv/mirrors/"
++RELEASES="precise trusty"
++
++cd $ROOTDIR
++lftp -c mirror -eP=4  http://cloud-images.ubuntu.com/query
++for r in $RELEASES
++do
++cd $ROOTDIR/
++IDREL=`grep $r cloud-images.ubuntu.com/query/released.latest.txt |awk '{print $4}' `
++IDDAY=`grep -e "server" cloud-images.ubuntu.com/query/daily.latest.txt| grep -v "server-"|grep $r |awk '{print $4}' `
++mkdir -p  $ROOTDIR/cloud-images.ubuntu.com/server/releases/$r/
++cd $ROOTDIR/cloud-images.ubuntu.com/server/releases/$r/
++lftp -c mirror -eP=4 http://cloud-images.ubuntu.com/server/releases/$r/release-$IDREL/
++mkdir -p $ROOTDIR/cloud-images.ubuntu.com/releases/$r/
++cd $ROOTDIR/cloud-images.ubuntu.com/releases/$r/
++lftp -c mirror -eP=4 http://cloud-images.ubuntu.com/releases/$r/release-$IDREL/
++
++mkdir -p $ROOTDIR/cloud-images.ubuntu.com/server/daily/$r/
++cd $ROOTDIR/cloud-images.ubuntu.com/server/daily/$r/
++lftp -c mirror -eP=4 http://cloud-images.ubuntu.com/server/daily/$r/$IDDAY/ || true
++
++mkdir -p $ROOTDIR/cloud-images.ubuntu.com/daily/server/$r/
++cd $ROOTDIR/cloud-images.ubuntu.com/daily/server/$r/
++lftp -c mirror -eP=4 http://cloud-images.ubuntu.com/daily/server/$r/$IDDAY/
++
++done
++
++
++echo " apt mirror sync .... "
++cat > /srv/var/postmirror.sh<<EOF
++wget -nH --cut-dirs 4  -r --no-parent -P /srv/mirrors/archive.ubuntu.com/ubuntu/dists/trusty-updates/main/  http://archive.ubuntu.com/ubuntu/dists/trusty/main/uefi/grub2-amd64/
++
++EOF
++chmod 755 /srv/var/postmirror.sh
++run-one apt-mirror /etc/apt/orange-box-mirror.list |tee -a /var/log/orange-box-mirror.log
++
++
++run-one sstream-mirror --keyring=/usr/share/keyrings/ubuntu-cloudimage-keyring.gpg http://maas.ubuntu.com/images/ephemeral-v2/daily/ /var/www/html/maas/images/ephemeral-v2/daily 'arch=amd64' 'subarch~(generic|hwe-t)' 'release~(trusty|precise)' --max=1
++run-one sstream-mirror --keyring=/usr/share/keyrings/ubuntu-cloudimage-keyring.gpg http://maas.ubuntu.com/images/ephemeral-v2/releases/ /var/www/html/maas/images/ephemeral-v2/releases 'arch=amd64' 'subarch~(generic|hwe-t)' 'release~(trusty|precise)' --max=1
++
++maas admin boot-source update 1 url="http://172.27.${orangebox_number}.1/maas/images/ephemeral-v2/daily/streams/v1/index.sjson"
++
++
++
++chmod -R g+rx,o+rx /srv/mirrors/*.com
++echo "SYNCED" > /etc/orangebox-mirror.state
++STATE=SYNCED
++case $PREVIOUSSTATE in
++    ENABLED)
++	enable-dns-usage
++	;;
++    DISABLED)
++	disable-dns-usage
++	;;
++esac
++}
++
++status()
++{
++echo "This OrangeBox state is "$STATE
++}
++
++[ $# -lt 1 ] && usage
++
++ACTION=$1
++
++case $ACTION in
++    enable)
++	enable-dns-usage
++	;;
++    disable)
++	disable-dns-usage
++	;;
++    sync)
++	sync-mirror
++	;;
++    status)
++	status
++	;;
++    *)
++	usage
++	;;
++esac
 === modified file 'usr/bin/orange-box-purge-everything'
 --- usr/bin/orange-box-purge-everything	2014-10-08 11:51:07 +0000
 +++ usr/bin/orange-box-purge-everything	2015-07-17 17:14:52 +0000
@@ -21,6 +21,7 @@
  sudo apt-get purge $(dpkg -l | egrep "orange-box|maas|squid" | awk '{print $2}') bind9
  rm -rf /srv/boot-resources/* /etc/bind /root/.maascli.db
++rm -rf /home/ubuntu/.juju/environments/
  echo
  echo "=== IT IS HIGHLY RECOMMENDED THAT YOU REBOOT NOW! ==="
  echo
 === added file 'usr/bin/orange-box-resetproxy'
 --- usr/bin/orange-box-resetproxy	1970-01-01 00:00:00 +0000
 +++ usr/bin/orange-box-resetproxy	2015-07-17 17:14:52 +0000
@@ -0,0 +1,34 @@
++#!/bin/bash
++#
++#    orange-box-resetproxy
++#    Copyright (C) 2014 Canonical Ltd.
++#
++#    Authors: Nicolas Thomas <nicolas.thomas@canonical.com>
++#
++#    This program is free software: you can redistribute it and/or modify
++#    it under the terms of the GNU General Public License as published by
++#    the Free Software Foundation, version 3 of the License.
++#
++#    This program is distributed in the hope that it will be useful,
++#    but WITHOUT ANY WARRANTY; without even the implied warranty of
++#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++#    GNU General Public License for more details.
++#
++#    You should have received a copy of the GNU General Public License
++#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
++
++set -ex
++# Only run this as root
++if [ $EUID -ne 0 ]
++then
++        echo Execute as root or with \"sudo $0\"
++        exit 1
++fi
++
++
++
++service maas-proxy stop
++rm -rf  /var/spool/maas-proxy/*
++squid3 -z -f /etc/maas/maas-proxy.conf
++sleep 20
++service maas-proxy start
 === modified file 'usr/bin/orange-box-run'
 --- usr/bin/orange-box-run	2014-06-11 01:00:16 +0000
 +++ usr/bin/orange-box-run	2015-07-17 17:14:52 +0000
@@ -24,22 +24,25 @@
  	cmd="tail -f /var/log/cloud-init-output.log | ccze -A"
  fi
--tmux new-window -n all-nodes "ssh node1.maas $cmd" \; \
--	split-window -v "ssh node2.maas $cmd" \; \
--	select-layout tiled \; \
--	split-window -h "ssh node2.maas $cmd" \; \
--	select-layout tiled \; \
--	split-window -v "ssh node3.maas $cmd" \; \
--	select-layout tiled \; \
--	split-window -h "ssh node4.maas $cmd" \; \
--	select-layout tiled \; \
--	split-window -v "ssh node5.maas $cmd" \; \
--	select-layout tiled \; \
--	split-window -h "ssh node6.maas $cmd" \; \
--	select-layout tiled \; \
--	split-window -v "ssh node7.maas $cmd" \; \
--	select-layout tiled \; \
--	split-window -h "ssh node8.maas $cmd" \; \
--	select-layout tiled \; \
--	split-window -v "ssh node9.maas $cmd" \; \
++## According to OB network re-design
++. /etc/orange-box.conf
++
++tmux new-window -n all-nodes "ssh node1ob${orangebox_number}.maas $cmd" \; \
++	split-window -v "ssh node2ob${orangebox_number}.maas $cmd" \; \
++	select-layout tiled \; \
++	split-window -h "ssh node2ob${orangebox_number}.maas $cmd" \; \
++	select-layout tiled \; \
++	split-window -v "ssh node3ob${orangebox_number}.maas $cmd" \; \
++	select-layout tiled \; \
++	split-window -h "ssh node4ob${orangebox_number}.maas $cmd" \; \
++	select-layout tiled \; \
++	split-window -v "ssh node5ob${orangebox_number}.maas $cmd" \; \
++	select-layout tiled \; \
++	split-window -h "ssh node6ob${orangebox_number}.maas $cmd" \; \
++	select-layout tiled \; \
++	split-window -v "ssh node7ob${orangebox_number}.maas $cmd" \; \
++	select-layout tiled \; \
++	split-window -h "ssh node8ob${orangebox_number}.maas $cmd" \; \
++	select-layout tiled \; \
++	split-window -v "ssh node9ob${orangebox_number}.maas $cmd" \; \
  	select-layout tiled
 === added file 'usr/bin/orange-box-setup-nat'
 --- usr/bin/orange-box-setup-nat	1970-01-01 00:00:00 +0000
 +++ usr/bin/orange-box-setup-nat	2015-07-17 17:14:52 +0000
@@ -0,0 +1,127 @@
++#!/bin/bash
++#
++#    orange-box-setup-nat - Setup NAT for external network access by nodes
++#    Copyright (C) 2014 Canonical Ltd.
++#
++#    Authors: Ronald McCollam <ronald.mccollam@canonical.com>
++#             Dustin Kirkland <kirkland@canonical.com>
++#
++#    This program is free software: you can redistribute it and/or modify
++#    it under the terms of the GNU General Public License as published by
++#    the Free Software Foundation, version 3 of the License.
++#
++#    This program is distributed in the hope that it will be useful,
++#    but WITHOUT ANY WARRANTY; without even the implied warranty of
++#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++#    GNU General Public License for more details.
++#
++#    You should have received a copy of the GNU General Public License
++#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
++
++set -x
++
++if [ "$(id -u)" != "0" ]; then
++	echo "Must be run with sudo or by root"
++	exit 77
++fi
++
++# Don't bother to restart sshd when lo is configured.
++if [ "$IFACE" = lo ]; then
++	exit 0
++fi
++
++# According to OB network re-design
++. /etc/orange-box.conf
++
++
++##internal=$(route -n | grep "^10\.14\." | sed -e "s/.* //")
++internal=$(route -n | grep "^172\.27\.${orangebox_number}\." | sed -e "s/.* //")
++external=$(ip route ls | grep ^default | awk '{print $5}')
++
++if [ -z "$internal" ] || [ -z "$external" ]; then
++	echo "usage: $0 [INTERNAL_INTERFACE] [EXTERNAL_INTERFACE]" 1>&2
++	exit 1
++fi
++
++set -e
++
++# Update MAAS upstream DNS
++maas admin maas set-config name=upstream_dns value=172.27.252.1 || true
++
++# Intel Centrino Advanced-N 6235 and Ubuntu don't work well with Wireless-N
++if lspci -v 2>/dev/null | grep -qs "Centrino Advanced-N 6235" 2>/dev/null; then
++	sed -i -e "/options iwlwifi 11n_disable=1/d" /etc/modprobe.d/iwlwifi.conf
++	echo "options iwlwifi 11n_disable=1" >> /etc/modprobe.d/iwlwifi.conf
++fi
++
++# Configure NAT and IP forwarding, giving slave NUCs external network access
++# through the master.
++
++# Enable IP forwarding and save for next boot
++echo 1 > /proc/sys/net/ipv4/ip_forward
++echo "net.ipv4.ip_forward=1" > /etc/sysctl.d/10-maas-ip-forward.conf
++echo "net.ipv4.conf.all.accept_redirects=1 >> /etc/sysctl.d/10-maas-ip-forward.conf"
++echo "net.ipv6.conf.all.accept_redirects=1 >> /etc/sysctl.d/10-maas-ip-forward.conf"
++echo "net.ipv4.conf.all.send_redirects=1 >> /etc/sysctl.d/10-maas-ip-forward.conf"
++sysctl --system
++
++#Create the static ip tables for multi OBs.
++cat > /etc/rc.local <<EOF
++#!/bin/sh -e
++#
++# rc.local
++#
++# This script is executed at the end of each multiuser runlevel.
++# Make sure that the script will "exit 0" on success or any other
++# value on error.
++#
++# In order to enable or disable this script just change the execution
++# bits.
++#
++# By default this script does nothing.
++
++EOF
++for obn in `seq 4 4 80`
++do
++    [[ $obn == ${orangebox_number} ]] ||echo " ip route add 172.27.$obn.0/22 via 172.27.252.$obn "  >> /etc/rc.local
++done
++echo "exit 0" >>  /etc/rc.local
++
++# Note that this script assumes no existing iptables rules. If you do have
++# any, they will be deleted.
++iptables --flush
++iptables --table nat --flush
++iptables --delete-chain
++iptables --table nat --delete-chain
++
++# Firewalling this machine
++# Allow incoming SSH
++iptables -A INPUT -i $external -p tcp --dport 22 -j ACCEPT
++iptables -A INPUT -i $external -m state --state ESTABLISHED,RELATED -j ACCEPT
++###iptables -A INPUT -i $external -j DROP
++
++# Some things use the MAAS proxy - some things don't. So turn on NAT.
++echo "Setting up ip forwarding"
++iptables -t nat -A POSTROUTING -o $external -j MASQUERADE
++iptables -A FORWARD -i $external -o $internal -m state --state RELATED,ESTABLISHED -j ACCEPT
++iptables -A FORWARD -i $internal -o $external -j ACCEPT
++# The following line sets up a transparent proxy
++iptables -A PREROUTING -t nat -i br0 -p tcp -m multiport --dports 80 -j REDIRECT --to-port 3128
++
++iptables-save > /etc/iptables/rules.v4
++
++# 14.10 deprecates the iptables-persistent service in favor of netfilter-persistent
++service iptables-persistent restart || service netfilter-persistent restart
++
++# It seems we need to restart squid3 after making these network changes
++maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
++if dpkg --compare-versions $maas_ver lt 1.6; then
++# We now run squid3, and NOT squid-deb-proxy
++	update-rc.d -f squid-deb-proxy remove || true
++	service squid-deb-proxy stop || true
++	service squid3 stop || true
++	service squid3 start
++else
++	service maas-proxy stop || true
++	service maas-proxy start || true
++fi
 === removed file 'usr/bin/orange-box-setup-nat'
 --- usr/bin/orange-box-setup-nat	2014-10-08 11:51:07 +0000
 +++ usr/bin/orange-box-setup-nat	1970-01-01 00:00:00 +0000
@@ -1,99 +0,0 @@
--#!/bin/bash
--#
--#    orange-box-setup-nat - Setup NAT for external network access by nodes
--#    Copyright (C) 2014 Canonical Ltd.
--#
--#    Authors: Ronald McCollam <ronald.mccollam@canonical.com>
--#             Dustin Kirkland <kirkland@canonical.com>
--#
--#    This program is free software: you can redistribute it and/or modify
--#    it under the terms of the GNU General Public License as published by
--#    the Free Software Foundation, version 3 of the License.
--#
--#    This program is distributed in the hope that it will be useful,
--#    but WITHOUT ANY WARRANTY; without even the implied warranty of
--#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
--#    GNU General Public License for more details.
--#
--#    You should have received a copy of the GNU General Public License
--#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
--
--set -x
--
--if [ "$(id -u)" != "0" ]; then
--	echo "Must be run with sudo or by root"
--	exit 77
--fi
--
--# Don't bother to restart sshd when lo is configured.
--if [ "$IFACE" = lo ]; then
--	exit 0
--fi
--
--internal=$(route -n | grep "^10\.14\." | sed -e "s/.* //")
--external=$(ip route ls | grep ^default | awk '{print $5}')
--
--
--if [ -z "$internal" ] || [ -z "$external" ]; then
--	echo "usage: $0 [INTERNAL_INTERFACE] [EXTERNAL_INTERFACE]" 1>&2
--	exit 1
--fi
--
--set -e
--
--# Update MAAS upstream DNS
--dns=$(nmcli d list iface $external | grep -m 1 "^IP4.DNS" | awk '{ print $2 }')
--maas admin maas set-config name=upstream_dns value=$dns || true
--
--# Intel Centrino Advanced-N 6235 and Ubuntu don't work well with Wireless-N
--if lspci -v 2>/dev/null | grep -qs "Centrino Advanced-N 6235" 2>/dev/null; then
--	sed -i -e "/options iwlwifi 11n_disable=1/d" /etc/modprobe.d/iwlwifi.conf
--	echo "options iwlwifi 11n_disable=1" >> /etc/modprobe.d/iwlwifi.conf
--fi
--
--# Configure NAT and IP forwarding, giving slave NUCs external network access
--# through the master.
--
--# Enable IP forwarding and save for next boot
--echo 1 > /proc/sys/net/ipv4/ip_forward
--echo "net.ipv4.ip_forward=1" > /etc/sysctl.d/10-maas-ip-forward.conf
--sysctl --system
--
--# Note that this script assumes no existing iptables rules. If you do have
--# any, they will be deleted.
--iptables --flush
--iptables --table nat --flush
--iptables --delete-chain
--iptables --table nat --delete-chain
--
--# Firewalling this machine
--# Allow incoming SSH
--iptables -A INPUT -i $external -p tcp --dport 22 -j ACCEPT
--iptables -A INPUT -i $external -m state --state ESTABLISHED,RELATED -j ACCEPT
--iptables -A INPUT -i $external -j DROP
--
--# Some things use the MAAS proxy - some things don't. So turn on NAT.
--echo "Setting up ip forwarding"
--iptables -t nat -A POSTROUTING -o $external -j MASQUERADE
--iptables -A FORWARD -i $external -o $internal -m state --state RELATED,ESTABLISHED -j ACCEPT
--iptables -A FORWARD -i $internal -o $external -j ACCEPT
--# The following line sets up a transparent proxy
--iptables -A PREROUTING -t nat -i br0 -p tcp -m multiport --dports 80 -j REDIRECT --to-port 3128
--
--iptables-save > /etc/iptables/rules.v4
--
--# 14.10 deprecates the iptables-persistent service in favor of netfilter-persistent
--service iptables-persistent restart || service netfilter-persistent restart
--
--# It seems we need to restart squid3 after making these network changes
--maas_ver=$(dpkg -l maas | tail -n1 | awk '{print $3}')
--if dpkg --compare-versions $maas_ver lt 1.6; then
--# We now run squid3, and NOT squid-deb-proxy
--	update-rc.d -f squid-deb-proxy remove || true
--	service squid-deb-proxy stop || true
--	service squid3 stop || true
--	service squid3 start
--else
--	service maas-proxy stop || true
--	service maas-proxy start || true
--fi
 === modified file 'usr/bin/orange-box-status-all-nodes'
 --- usr/bin/orange-box-status-all-nodes	2014-10-20 11:58:14 +0000
 +++ usr/bin/orange-box-status-all-nodes	2015-07-17 17:14:52 +0000
@@ -22,6 +22,9 @@
  export AMT_PASSWORD=Password1+
  ERRORS=0
++## According to OB network re-design
++. /etc/orange-box.conf
++
  okay() {
          echo "OK:    $@"
+ }
@@ -35,23 +38,23 @@
  status_all_nodes() {
          # Check all VM nodes
          for i in $(seq 0 2); do
--                if virsh list --all | grep node0vm${i} | grep running >/dev/null 2>&1; then
--                        okay "[node0vm${i}]: Is running"
--                        uptime=$(ssh node0vm${i}.maas "uptime" 2>/dev/null)
++                if virsh list --all | grep node0ob${orangebox_number}vm${i} | grep running >/dev/null 2>&1; then
++                        okay "[node0ob${orangebox_number}vm${i}]: Is running"
++                        uptime=$(ssh node0ob${orangebox_number}vm${i}.maas "uptime" 2>/dev/null)
                          if [ -n "$uptime" ]; then
--                                okay "[node0vm${i}]:  SSH to node successful; uptime=[$uptime]"
++                                okay "[node0ob${orangebox_number}vm${i}]:  SSH to node successful; uptime=[$uptime]"
                          else
--                                error "[node0vm${i}]:  SSH to node unsuccessful; uptime=[$uptime]"
++                                error "[node0ob${orangebox_number}vm${i}]:  SSH to node unsuccessful; uptime=[$uptime]"
                          fi
                  else
--                        error "[node0vm${i}]: Is not running"
++                        error "[node0ob${orangebox_number}vm${i}]: Is not running"
                  fi
          done
          # Check all AMT nodes
          for i in $(seq 1 9); do
--                hostname="node${i}.maas"
++                hostname="node${i}ob${orangebox_number}.maas"
                  # (1) Ping AMT IP Addresses
--                amt_ip="10.14.4.1$i"
++                amt_ip="172.27.${orangebox_number}.1$i"
                  if ping -c 1 -q $amt_ip >/dev/null 2>&1; then
                          okay "[$hostname]: AMT responding to ping [$amt_ip]"
                  else
 === added directory 'usr/lib/orange-box/templates'
 === added directory 'usr/lib/orange-box/templates/mirror-bind'
 === added file 'usr/lib/orange-box/templates/mirror-bind/named.conf.template'
 --- usr/lib/orange-box/templates/mirror-bind/named.conf.template	1970-01-01 00:00:00 +0000
 +++ usr/lib/orange-box/templates/mirror-bind/named.conf.template	2015-07-17 17:14:52 +0000
@@ -0,0 +1,6 @@
++# Zone declarations for ${web_site}
++zone "${web_site}" {
++    type master;
++    file "/etc/bind/zones.${web_site}";
++};
++
 === added file 'usr/lib/orange-box/templates/mirror-bind/zones.template'
 --- usr/lib/orange-box/templates/mirror-bind/zones.template	1970-01-01 00:00:00 +0000
 +++ usr/lib/orange-box/templates/mirror-bind/zones.template	2015-07-17 17:14:52 +0000
@@ -0,0 +1,17 @@
++$TTL    300
++@  IN  SOA ${web_site} ${web_site_root} (
++              999 ; serial
++              600 ; Refresh
++              1800 ; Retry
++              604800 ; Expire
++              300 ; TTL
++              )
++
++         IN   NS     ${web_site}
++
++ns        IN   CNAME ${web_site}
++
++${web_site}.   IN   A       172.27.${orangebox_number}.1
++${web_site}    IN   A        172.27.${orangebox_number}.1
++* IN A  172.27.${orangebox_number}.1
++
 === added file 'usr/lib/orange-box/templates/ubumirror.conf'
 --- usr/lib/orange-box/templates/ubumirror.conf	1970-01-01 00:00:00 +0000
 +++ usr/lib/orange-box/templates/ubumirror.conf	2015-07-17 17:14:52 +0000
@@ -0,0 +1,58 @@
++#
++# ubumirror.conf - configuration file for the ubumirror scripts.
++#
++
++# Please set the variables below to fit your site.
++# Which email address/user that will receive failure notices.
++EMAIL=root@orangebox${orangebox_number}
++
++# Server's FQDN.
++HOSTNAME=orangebox${orangebox_number}
++
++# Bandwidth limit for all mirror scripts - set to 0 for no limit.
++SPEED=0
++
++# I/O timeout for all mirror scripts - defaults to 600 seconds.
++IO_TIMEOUT=600
++
++# UBUARC_DIR is the destination for the base of the archive directory
++# The script won't run if this variable isn't set
++UBUARC_DIR="/srv/mirrors/archive.ubuntu.com/"
++
++# UBUCDI_DIR is the destination for the base of the cdimage directory
++# The script won't run if this variable isn't set
++UBUCDI_DIR="/srv/mirrors/cdimage.ubuntu.com/"
++
++# UBUREL_DIR is the destination for the base of the releases directory
++# The script won't run if this variable isn't set
++UBUREL_DIR="/srv/mirrors/releases.ubuntu.com/"
++
++# UBUPOR_DIR is the destination for the base of the ports directory
++# The script (ubuports) won't run if this variable isn't set
++UBUPOR_DIR="/srv/mirrors/ports.ubuntu.com/"
++#
++# UBUCLOUD_DIR is the destination for the base of the cloud-image directory
++# The script (ubucloudimage) won't run if this variable isn't set
++UBUCLOUD_DIR="/srv/mirrors/cloud-images.ubuntu.com/"
++
++# LOGDIR is the destination directory of all the logs
++LOGDIR="/var/log/ubumirrors/"
++
++# UBU{ARC,CDI,REL}_MIRROR is the rsync path in the form of host::directory/ of the
++# upstream mirrors where the ubumirror scripts will mirror from.
++UBUARC_MIRROR=rsync://rsync.archive.ubuntu.com/ubuntu
++UBUCDI_MIRROR=rsync://rsync.cdimage.ubuntu.com/cdimage
++UBUREL_MIRROR=rsync://rsync.releases.ubuntu.com/releases
++UBUPOR_MIRROR=rsync://rsync.ports.ubuntu.com/ubuntu-ports
++UBUCLOUD_MIRROR=rsync://cloud-images.ubuntu.com/cloud-images
++
++# UBU{ARC,CDI,REL}_EXCLUDE is what things you want to exclude
++UBUARC_EXCLUDE="--exclude binary-powerpc/ --exclude binary-sparc/ --exclude daily-installer-powerpc/ --exclude daily-installer-sparc/ --exclude installer-powerpc/ --exclude installer-sparc/ --exclude *_powerpc.deb --exclude *_powerpc.udeb --exclude *_sparc.deb --exclude *_sparc.udeb --exclude Contents-powerpc.gz --exclude Contents-sparc.gz "
++
++UBUCDI_EXCLUDE="--exclude *-powerpc.* --exclude *-sparc.* --exclude source/ "
++
++UBUREL_EXCLUDE="--exclude *-powerpc.* --exclude *-sparc.* "
++
++UBUPOR_EXCLUDE="--exclude binary-powerpc/ --exclude binary-sparc/ --exclude daily-installer-powerpc/ --exclude daily-installer-sparc/ --exclude installer-powerpc/ --exclude installer-sparc/ --exclude *_powerpc.deb --exclude *_powerpc.udeb --exclude *_sparc.deb --exclude *_sparc.udeb --exclude Contents-powerpc.gz --exclude Contents-sparc.gz "
++
++UBUCLOUD_EXCLUDE=""