Linux Template Creation Guide How to build your own Linux VM templates for deployment in Cloudturk.
TABLE OF CONTENTS 1. Installing Xen Hypervisor... 2 2. Installing DomU (Paravirtualized)... 5 3. Installing DomU (Paravirtualized) via VNC Console... 18 4. Cloudturk Template Naming Convention... 20 5. Generate Template SQL... 22 6. Installing DomU (HVM)... 23 1
1. Installing Xen Hypervisor 1. Install OS for Xen Hypervisor: Cloudturk supports the following operating systems for Xen Hypervisor: CentOS release 5.x (x86_64) Red Hat Enterprise Linux Server release 5 (x86_64) 2. Partition the Xen hypervisor box: The disk can be partitioned any way you like, with one exception: you must create a separate partition with LVM. This will be used to deploy block devices as hard disks for virtual machines. 3. Install essential utilities on the Xen Hypervisor box: We recommend the following software is preinstalled on the Xen Hypervisor box: vim command- line editor. This guide uses vim in examples where files need to be edited. GNU tar utility and GNU zip archive tool. They are used to pack the template. X window system. We will use it to run some GUI applications. Apache web server. It will be used to run local distributive mirrors, and access KickStart files during installation. virt- manager. Not mandatory, but sometimes it makes creating VMs easier. vncviewer. Used for connecting to VMs via VNC. LVM utilities. All of them will be required while creating VMs and Linux templates for Cloudturk. 4. Add YUM repository: An extra YUM repository is used to get the Xen Hypervisor installed manually. Please download extra repository configuration file and place it into standard YUM repositories configuration files location (/etc/yum.repos.d/): 2
# wget http://www.gitco.de/repo/gitco-xen3.4.3_x86_64.repo -O /etc/yum.repos.d/ GITCO-XEN3.4.3_x86_64.repo 5. Install Xen Hypervisor: a) Clean YUM meta- data: # yum -y -q clean all b) Remove old Xen if installed: # yum remove xen c) Install the latest Xen from GITCO: # yum install xen d) Remove i386 libvirt: # yum remove libvirt.i386 xen-libs.i386 e) Configure xend service to start on system boot: # chkconfig --add xend # chkconfig xend on f) Install Xen Hypervisor (Dom0) kernel: # yum install kernel-xen g) Verify the kernel- xen package is installed, and determine the version: # rpm q kernel-xen h) Configure GRUB boot loader to use Xen kernel as default (check GRUB s configuration file): # vim /boot/grub/grub.conf 3
It should look like the following image: The default option value must be the number of the title, which includes Xen kernel. There are two title sections on the image above: title CentOS (2.6.18-194.32.1.el5xen) title CentOS (2.6.18-194.32.1.el5) Titles are numbered starting from 0. So the first has number 0, and the second, number 1. The default option value should be the number of the title with Xen kernel. In the example here it is number 0 (the first title). i) Reboot the box: # shutdown r now j) Check if Xen Hypervisor is running when the box boots: # xm info If Xen is running, this should display a range of information about the system. 4
2. Installing DomU (Paravirtualized) This method describes how to install Xen DomU using kernel and ramdisk images provided by a distribution/os vendor. After the installation, Xen DomU s / file- system will be converted into Cloudturk template. The example here uses the latest CentOS 5.x x86_64 OS installation for conversion. 1. Get the netboot kernel and initrd.img compiled for Xen DomU from nearest CentOS mirror: #cd /etc/xen # wget ftp://ftp.tlkl.net/pub/mirrors/centos.org/5.5/os/x86_64/images/xen/vmlinuz -O vmlinuz-centos-5.5-x86_64-install # wget ftp://ftp.tlkl.net/pub/mirrors/centos.org/5.5/os/x86_64/images/xen/initrd.i mg -O initrd-centos-5.5-x86_64-install 2. Create LVM in the separate partition you have prepared: # pvcreate /dev/<disk><partition_number> # vgcreate -s 16M vg0 /dev/<disk><partition_number> 3. Create two LVM logical volumes for primary disk (size 5Gb) and the SWAP (size 1Gb): In the example here, the Volume Group is vg0 and Volumes are lvol32 and lvol48. # lvcreate -L 5G -n lvol32 vg0 # lvcreate -L 1G -n lvol48 vg0 4. Create Xen DomU configuration file to process with network CentOS 5.5 x86_64 VM installation: # cd /etc/xen # vim centos-5.5-x86_64 The simple configuration file should look like: 5
kernel = "/etc/xen/vmlinuz-centos-5.5-x86_64-install" ramdisk = "/etc/xen/initrd-centos-5.5-x86_64-install" extra = "text # ks=http://192.168.128.37/centos-55.ks name = "centos-5.5-x86_64" memory = "512" vcpus=1 disk =['phy:/dev/vg0/lvol32,xvda,w','phy:/dev/mapper/vg0- lvol48,xvdb,w' ] vif = [ 'bridge=xenbr0', ] on_reboot = 'destroy' on_crash = 'destroy The kernel and the ramdisk options determine what DomU is booting from. extra - defines additional kernel parameters. For example, you can set installation mode to be text only (text option), or define KickStart file location (commented in the example). name - DomU name. memory - RAM allocated by DomU. vcpus - number of CPUs for DomU. disk - determines what is used as disk. In our case, phy means we use real block device (Logical volume), which Xen translates into block devices as xvd* for DomU. vif - network device used as a bridge for DomU networking. on_reboot, on_crash - determines action applied to DomU in case it is rebooted or crashes. 5. Create the DomU with command: # xm create centos-5.5-x86_64 c If successful, you will be redirected to DomU s main console where the installation process has just started: 6
6. Proceed with a standard CentOS installation from network, in text mode: Choose the Use text mode for the installation method when prompted. 7. Proceed with create custom layout while partitioning disks: The partition table you create should look like this: 7
There should be only one primary partition on each disk. The first primary partition will be used as primary disk for the VM where the / file- system resides. The second partition is the VM s SWAP space. This partitioning makes template creation easier. 8. Boot Loader Configuration use default GRUB settings: At the Boot Loader Configuration stage you should use default settings for GRUB boot loader installation and configuration. Cloudturk uses GRUB (version 0.97) to boot both Xen and KVM based virtual machines. 9. Networking Configuration: This stage does nothing for Cloudturk, because it totally recreates all network- related configuration files while a VM is deployed. However, you should still configure networking properly at this stage, in case you need net access for the machine for some additional, post- installation task. 10. Root Password: Enter your choice of password for root user. The password will be changed by Cloudturk 8
while the VM is being provisioned, anyway, so a strong password isn t too significant at this stage. 11. Packages Selection: Select the software required, depending what your template will be used for. 12. Finish the installation: A reboot will be requested when the installation has finished. The VM will be destroyed (because on_reboot = destroy is set in the VM s Xen configuration file) just after you confirm the reboot. 13. Prepare the system to boot from the VM s disk: Next we need to prepare the system we ve just installed to be booted by Xen Hypervisor from the VM s disk (not from kernel or ramdisk images). To do this we need to mount the VM s primary disk on the hypervisor. Take a look at the VM s primary disk partition table. Remember, that the disk is created on the one of logical volumes. In our example it is the logical volume named lvol32: # fdisk -ul /dev/vg0/lvol32 The partition table should look like: Disk /dev/vg0/lvol32: 5368 MB, 5368709120 bytes 255 heads, 63 sectors/track, 652 cylinders, total 10485760 sectors Units = sectors of 1 * 512 = 512 bytes Device Boot Start End Blocks Id /dev/vg0/lvol32p1 * 63 10474379 5237158+ 83 Syste Linux m The next step is creating a device map from the partition table: # kpartx -a /dev/vg0/lvol32 That will create the corresponding block device for our primary disk partition. You can 9
check the device with: # stat /dev/mapper/lvol32p1 File: `/dev/mapper/lvol32p1' Size: 0 Blocks: 0 IO Block: 4096 block special file Device: 10h/16d Inode: 1820076 Links: 1 Device type: fd,27 Access: (0660/brw-rw----) Uid: ( 0/ root) Gid: ( 6/ disk) Access: 2011-04-11 13:43:26.058711763 +0300 Modify: 2011-04-11 13:43:26.058711763 +0300 Change: 2011-04-11 13:43:26.058711763 +030 14. Now we can mount our partition: # mkdir /mnt/tmp # mount /dev/mapper/lvol32p1 /mnt/tmp As the result we get the VM s / file- system mounted on /mnt/tmp # cd /mnt/tmp 15. Change GRUB boot loader configuration file: # vim boot/grub/grub.conf PLEASE NOTE that you are not going to change hosts GRUB config! a) Correct the root device so it is not LABEL or UUID, but the full path to the block device: /dev/sda1 : root=/dev/sda1 b) Correct console set to tty0: console=tty0 As the result, the VM s GRUB configuration file should look like this: 10
16. Correct fstab: The next thing to correct is fstab. It should set corresponded devices for / and SWAP. Cloudturk configures /dev/sda1 to be / file- system, and /dev/sda2 for SWAP. As the result, /etc/fstab should look like: # cat etc/fstab /dev/sda1 / ext3 defaults 1 1 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 /dev/sda2 swap swap defaults 0 0 17. Disable Selinux: Open etc/selinux/config and set SELINUX=disabled there: # cat etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. 11
# permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted 18. Create a temporary Cloudturk Xen- ready template: We are finished with internal VM configuration for now. Next we create a temporary Cloudturk Xen ready template. An Cloudturk template is the VM s / file- system packed with GNU tar (+ GNU zip). Run: # cd /mnt/tmp/ # tar zcp --numeric-owner --file=/tmp/centos-5.5- x86_64.tar.gz./ Please ignore messages like: tar:./dev/log: socket ignored 19. Clean up the partition table on the logical volume used for primary disk: a) Umount the partition and remove its map: # cd # umount /dev/vg0/lvol32p1 # kpartx -d /dev/vg0/lvol32 Recommended approach - you can just delete LVM logical volume and then create it again: # lvremove /dev/vg0/lvol32 # lvcreate -L 5G -n lvol32 vg0 Or, you can remove the existing partition with fdisk: # fdisk /dev/vg0/lvol32 12
Then press d on fdisk s interface to delete partition. And after that, press w to write new partition table and exit. b) Run the same process again on the logical volume where SWAP resides. c) Initialize SWAP on the corresponding LVM logical volume: # mkswap /dev/vg0/lvol48 20. Create an ext3 file system on the block device: We need to create an ext3 file- system on the block device, but not on any of its partitions: # mkfs.ext3 /dev/vg0/lvol32 21. Deploy our temporary template to the ext3 file system: # mount /dev/vg0/lvol32 /mnt/tmp # cd /mnt/tmp # tar pzxf /tmp/centos-5.5-x86_64.tar.gz 22. Go back to /etc/xen directory and umount the device: # cd /etc/xen # umount /dev/vg0/lvol32 23. Change VM configuration file: # vim centos-5.5-x86_64 We need to change the way the VM boots and rename some devices in the configuration file. After the changes the configuration file should look like: bootloader="/usr/bin/pyg 13
rub" name = "centos-5.5- x86_64" memory = "512" vcpus=1 disk =[ 'phy:/dev/vg0/lvol32,sda1,w', 'phy:/dev/vg0/lvol48,sda2,w' ] vif = [ 'bridge=xenbr0', ] on_reboot = 'destroy' on_crash = 'destroy' Note: now the VM is booted by Xen s boot loader PyGrub. The device for the VM s primary disk is translated as sda1 and the device for SWAP is translated as sda2. These changes are the same as those we made inside the VM for grub.conf and fstab. 24. Boot/create the VM: # xm create centos-5.5-x86_64 c You will see PyGrub boot loader prompt to boot the VM according to the settings we made inside the VM s grub.conf. After that the VM will start and all kernel and init services startup messages appear. Finally we get the login prompt. In case of CentOS/RHEL 5.x installation you will probably be prompted with some initial configuration using Setup Agent. You will be able to disable firewall there if required. Please do not re- enable Selinux. 14
The next few steps are to configure the box to be ready to boot under both Xen and KVM. Log into the VM using root user and the password you specified during the installation. 25. While logged in, copy grub.conf and fstab: (as they are ready to work with Xen now): # cp -av /boot/grub/grub.conf /boot/grub/grub.conf.xen # cp -av /etc/fstab /etc/fstab.xen 26. Install the plain Linux kernel: The kernel will be used to boot the VM under KVM. Xen DomU compatible kernel ( kernel- xen package) was installed during the installation: # yum install kernel 27. Copy grub.conf and fstab, so we can make them ready for KVM: 15
# cp -av /boot/grub/grub.conf /boot/grub/grub.conf.kvm # cp -av /etc/fstab /etc/fstab.kvm 28. Correct grub.conf.kvm to boot the VM under KVM: KVM uses plain, not Xen DomU kernel, so remove all Xen instances from the grub.conf.kvm file. Also set root kernel option value to /dev/hda1, remove the console kernel option, and check the default value is 0. # vi /boot/grub/grub.conf.kvm As the result grub.conf.kvm should look like: 29. Correct fstab.kvm to match KVM devices and mount them correctly: The /dev/hda1 (primary device first partition) is used for / file- system, and /dev/hdb is used as SWAP. # vi /etc/fstab.kvm 16
The fstab.kvm after the changes should look like: /dev/hda1 / ext3 defaults 1 1 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=62 0 0 sysfs /sys sysfs 0 defaults 0 0 proc /proc proc defaults 0 0 /dev/hdb swap swap defaults 0 0 30. Complete some other basic preparations for the template: You need to disable the kudzu service. It does nothing for VMs under Xen or KVM because the hardware translated for virtual machines is the same each time. # chkconfig --del kudzu Clean yum metadata: # yum clean all 31. Restore the GRUB boot loader configuration file, since it changed while plain kernel was installed: # cp -av /boot/grub/grub.conf.xen /boot/grub/grub.conf 32. Turn off the VM: # shutdown h now You will be automatically returned to the hypervisor s console when the VM is shutdown. Now we are ready to create the final Cloudturk template based on the VM we have just set up and configured. 33. Mount the VM s / file- system which is situated on the LVM logical volume lvol32: # mount /dev/vg0/lvol32 /mnt/tmp 17
34. Pack the /mnt/tmp directory content: # tar zcp --numeric-owner -- file=/data/templates/linux/centos-5.5-x64-1.0.tar.gz./ 3. Installing DomU (Paravirtualized) via VNC Console 1. Being with 1-3 from chapter 2 2. Create Xen DomU configuration file to process with network CentOS 5.5 x86_64 VM installation: # cd /etc/xen # vim centos-5.5-x86_64 The configuration file with VNC console enabled should look like the example below: kernel = "/etc/xen/vmlinuz-centos-5.5-x86_64- install" ramdisk = "/etc/xen/initrd-centos-5.5- x86_64-install" extra = "text # ks=http://192.168.128.37/centos-55.ks name = "centos-5.5-x86_64" memory = "512" vcpus=1 disk = [ 'phy:/dev/vg0/lvol32,xvda,w', 'phy:/dev/mapper/vg0- lvol48,xvdb,w' ] vif = [ 'bridge=xenbr0', ] vfb = [ "type=vnc, vncpasswd=, vnclisten=0.0.0.0" ] on_reboot = 'destroy' on_crash = 'destroy' 18
The relevant VNC settings are those highlighted: vfb VirtualFrameBuffer connection configuration o type=vnc o vncpassword= o vnclisten=0.0.0.0 type of the connection, VNC console the VNC console password (empty in the example) IP for hosts to accept connection from See step 4 of chapter 2 for a description of all other parameters. 3. Create the DomU with command: # xm create centos-5.5-x86_64 4. Determine the port where VNC console is available: # xm list --long centos-5.5-x86_64 grep location grep : You will get the output like this: (location 0.0.0.0:5903) In this case the output tells us that the DomU is available via VNC on the hypervisor s port #5903. 5. Connect to the VNC console: You can use any VNC client to connect to the console from your desktop. Use the hypervisor s main IP address, the port you got on the previous step, and an empty password (it is not in the DomU config). You can also start the vncviewer application directly on the hypervisor. However, in this case, you have to connect to the hypervisor via ssh from any other Linux box with X output redirection: # ssh X root@<hypervisor_ip # vncviewer 127.0.0.1:5903 > /dev/null 2>&1 & If connection is successful you will be prompted to start OS installation. The VNC 19
console will look like this: 6. Now proceed with steps 6-34 from chapter 2. 4. Cloudturk Template Naming Convention Cloudturk templates should follow this naming convention: <DISTRONAME>-<DISTROVERSION>[- <LOCALE>_<APPNAME>_<APPVERSION>]-<ARCH>- <TEMPLATEVERSION>[-<VIRTUALIZATION>].tar.gz Mandatory naming elements are: 20
<DISTRONAME> - distribution short name, like rhel, centos, ubuntu, debian, gentoo <DISTROVERSION> - distribution version, like 5.5, 10.04, 5.0 <ARCH> - hardware platforms. Allowable terms are: o x64 for x86_64/amd64 o x86 for i386 <TEMPLATEVERSION> - version of the current template o An x.x numbering format is sufficient - so valid versions would include 1.0, 1.1, 2.5 o Please keep versions unique for a single template Please note that the - symbol is used as a separator for mandatory naming elements (<DISTRONAME>, <DISTROVERSION> etc). Do not use it inside elements. Optional naming elements are: <LOCALE> - the template locale. Example: JP <APPNAME> - the name of the application installed inside the VM. For example, Plesk <APPVERSION> - the version of the application installed inside the VM. For example, 9.5.2. o You can put any information you need here, but do not split with -. Use _ for splitting here. <VIRTUALIZATION> - the virtualization platform the template is compatible with. Available values are: xen or kvm. Skip this parameter if the template is compatible with both Xen and KVM (like one we prepared in the example earlier in this document). Some correct template name examples: centos- 6.0- x64-1.0.tar.gz centos- 6.0- JP_Apache- x86-1.1.tar.gz ubuntu- 11.04- x86-1.1- xen.kvm.kvm_virtio.tar.gz centos- 5.3- Trixbox_2.6.2.3- x86-1.1.tar.gz 21
5. Generate Template SQL We have created a script to generate the SQL needed to add templates to the Cloudturk Control Panel. 1. Download the script: # wget http://templates.repo.cloudturk.com/generatecloudturk-templates-sql.sh 2. Run the script: For example, to get the SQL for the template in our example, for Cloudturk CP version 2.1.1: # sh ~/generate-cloudturk-templates-sql.sh -v 2.1.1 -m SQL -d /data/templates/linux/ -t centos-5.5-x64-1.0.tar.gz And the result will be: INSERT INTO `templates` (label, created_at, version, file_name, operating_system, operating_system_distro, allowed_swap, state, checksum, allow_resize_without_reboot, min_disk_size, template_size, operating_system_arch, operating_system_edition, operating_system_tail, allowed_hot_migrate, virtualization) VALUES ('CentOS 5.5 x64', NOW(), '1.0', 'centos-5.5-x64-1.0.tar.gz', 'linux', 'rhel', 1, 'active', 'fe520abaff0b0fbe85b3a359c50e7027', 1, 5, '312468', 'x64', NULL, NULL, 1, 'xen,kvm'); 22
6. Installing DomU (HVM) Download distribution installation ISO image to proceed with a DomU installation in HVM mode. 23