Versions Compared

Old Version 12

changes.mady.by.user Frank Peeler

Saved on

compared with

New Version Current

changes.mady.by.user Mark Gardner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Excerpt

This page describes how to create a Linux base image.

These instructions should work regardless of the provisioning engine being used. If you are using these instructions to create an xCAT bare metal image, ignore the sections with titles beginning with VMware Only:. This document assumes familiarity with xCAT and VMware.

Terminology

  • Management node: Linux server with the following components installed:
  • Compute node: Refers to the target blade or virtual machine on which Windows is installed.
  • Provisioning engine: Software which is able to interact with the compute node making it possible to install an OS on it
    • VCL can utilize several different provisioning engines including xCAT, VMware Server, VMware ESX, and VMware ESXi.  xCAT is a cluster management tool used to install images on bare metal blades.
    • The provisioning engine may be a hypervisor if the compute nodes are virtual machines (VMware)
    • The provisioning engine may interact with the BladeCenter's management module if the compute nodes are IBM blades (xCAT)
    • The provisioning engine may utilize IPMI if the compute nodes support it (xCAT)

Requirements

You will need the following:

Requirements

  • Computer being captured has Compute node has already been added to the VCL database
  • Compute node Computer has been installed with Linux distro, distro's currently supported are CentOS,Redhat AS,Fedora core, Ubuntu
  • Two network adapters are enabled on compute node OS, i.e. eth0, eth1the computer:
    • eth0 - connected to the private network
    • eth1 - connected to the public network
  • The ability to log in as root via SSH using an Ability to login as root via ssh identity key on the private network from management node

Configure SSH Identity Key Authentication

  1. On the Linux computer being captured, create a /root/.

...

  1. ssh directory:
    Tip

    mkdir /root/.ssh

  2. On the management node, copy the public SSH identity key to the authorized_keys file on the Linux computer being captured:
    Tip

    scp /etc/vcl/vcl.key.pub <hostname or IP address>:/root/.ssh/authorized_keys

...

Setting up the OS so VCL can manage it

The main dependency for linux OS's is that the vcl management node has to able to login as root over ssh using an ssh identity key on the private network, which is normally eth0. This means there are two distinct ssh services, one for the private network and one for the external public network.

  • Private ssh service uses /etc/ssh/sshd_config
    • Started by default sshd startup file /etc/init.d/sshd
    • Purpose is to listen only on the private IP address and allows root access from the management node only using an ssh identity key
  • Public ssh service uses /etc/ssh/external_sshd_config
    • Started by custom ext_sshd startup file /etc/init.d/ext_sshd
    • Purpose is to listen only of the public IP address and only allow userid of requesting user to gain ssh access.
    • Gets created and modified during startup of use using /etc/rc.local.

Configuring /etc/rc.local for loading on different nodes with different IP addresses.

Note this will be automated in a future release.

The script /etc/rc.local is used to determine the correct IP addresses and update sshd_config and external_sshd_config files.

  • Copy the following to /etc/rc.local
Code Block

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.ORIG
perl -pi -e 's/^X11Forwarding .*$/X11Forwarding yes/' /etc/ssh/sshd_config
perl -pi -e 's/^KeyRegenerationInterval .*$/KeyRegenerationInterval 0/' /etc/ssh/sshd_config
perl -pi -e 's/(.*MaxStartups.*)/#\1/' /etc/ssh/sshd_config
	
cp /etc/ssh/sshd_config /etc/ssh/external_sshd_config
perl -pi -e 's/.*PidFile .*$/PidFile \/var\/run\/ext_sshd.pid/' /etc/ssh/external_sshd_config

IP0=\$(ifconfig eth0 | grep 'inet addr' | awk '{print \$2}' | awk -F: '{print \$2}')
IP1=\$(ifconfig eth1 | grep 'inet addr' | awk '{print \$2}' | awk -F: '{print \$2}')
perl -pi -e 's/^AllowUsers .*\n//' /etc/ssh/sshd_config
perl -pi -e 's/^AllowUsers .*\n//' /etc/ssh/external_sshd_config
perl -pi -e 's/^ListenAddress .*\n//' /etc/ssh/sshd_config
perl -pi -e 's/^ListenAddress .*\n//' /etc/ssh/external_sshd_config
echo \"AllowUsers root\" >> /etc/ssh/sshd_config
echo \"ListenAddress \$IP0\" >> /etc/ssh/sshd_config
echo \"ListenAddress \$IP1\" >> /etc/ssh/external_sshd_config
/etc/rc.d/init.d/sshd stop
sleep 2
/etc/rc.d/init.d/sshd start
  • Note: If adapters are reserved i.e, private network is on eth1 and public is eth0. Change the above IP0 and IP1 lines.
    Code Block
    
IP1=\$(ifconfig eth0 | grep 'inet addr' | awk '{print \$2}' | awk -F: '{print \$2}')
IP0=\$(ifconfig eth1 | grep 'inet addr' | awk '{print \$2}' | awk -F: '{print \$2}')

Create the startup script ext_sshd

Note this will be automated in a future release.

  • copy /etc/init.d/sshd /etc/init.d/ext_sshd
    Code Block
    
cp /etc/init.d/sshd /etc/init.d/ext_sshd
  • Edit /etc/init.d/ext_sshd with your favorite editor
    Set or change the following variables: OPTIONS, PID_FILE
    Code Block
    
OPTIONS='-f /etc/ssh/external_sshd_config'
PID_FILE=/var/run/ext_sshd.pid

Add a New Image to the VCL Database

Add the image to the VCL database. A row needs to be added to the following tables:

  • image
  • imagerevision
  • resource

These rows need to be added to the database manually either by using SQL commands or phpMyAdmin.  The following SQL statements assume the following properties of the image:

  • Image ID: 8
  • Image name: vmwarelinux-base8-v1
  • Image prettyname: No Apps (Linux distro name)
  • OS: Linux under VMWare - NOTE: If you are using something else, make sure you set OSid to correctly match the OS table.
Code Block

INSERT INTO `vcl`.`image` (
`id` ,
`name` ,
`prettyname` ,
`ownerid` ,
`platformid` ,
`OSid` ,
`imagemetaid` ,
`minram` ,
`minprocnumber` ,
`minprocspeed` ,
`minnetwork` ,
`maxconcurrent` ,
`reloadtime` ,
`deleted` ,
`test` ,
`lastupdate` ,
`forcheckout` ,
`maxinitialtime` ,
`project` ,
`size` ,
`architecture` ,
`description` ,
`usage` ,
`basedoffrevisionid`
)
VALUES (
'8' , 'vmwarelinux-base8-v1', 'No Apps (Linux)', '1', '1', '16', NULL,
'512', '1', '1024', '100', NULL , '5', '0', '0', NOW(), '1', '0', 'vcl', '1500',
'x86', NULL , NULL , '0'
);
Code Block

 INSERT INTO `vcl`.`imagerevision` (
`id` ,
`imageid` ,
`revision` ,
`userid` ,
`datecreated` ,
`deleted` ,
`datedeleted` ,
`production` ,
`comments` ,
`imagename`
)
VALUES (
NULL , '8', '1', '1', NOW(), '0', NULL , '1', NULL , 'vmwarelinux-base8-v1'
)

...

  2. Or replace the above two steps with the following on the management node:
    Tip

    ssh-copy-id -i /etc/vcl/vcl.key <hostname or IP address>

  3. Make sure you can login from the management node to the Linux computer being captured using the identity key:
    Tip

    ssh -i /etc/vcl/vcl.key <hostname or IP address>

Configure the ifcfg-* Files

  1. Navigate to the network-scripts directory:
    Tip

    cd /etc/sysconfig/network-scripts

  2. Delete any ifcfg-*.bak files:
    Tip

    rm -f /etc/sysconfig/network-scripts/ifcfg-*.bak

  3. Edit every ifcfg-eth* file in the network-scripts directory. Remove the HWADDRESS= line:
    Tip

    vi ifcfg-eth0

    Tip

    vi ifcfg-eth1

    The ifcfg-eth0 file should contain the following:
    No Format
    
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
    The ifcfg-eth1 file should contain the following:
    No Format
    
DEVICE=eth1
BOOTPROTO=dhcp
ONBOOT=yes
  4. Reboot the computer:
    Tip

    shutdown -r now

  5. Check the ifcfg-eth* files to make sure there are no ifcfg-eth* files and that the HWADDRESS= lines have not been automatically added back:
    Tip

    ls /etc/sysconfig/network-scripts

    Tip

    cat /etc/sysconfig/network-scripts/ifcfg-eth0

    Tip

    cat /etc/sysconfig/network-scripts/ifcfg-eth1

Include Page
Capture A Base Image
Capture A Base Image