Linux Image Preparation for OpenStack

This describes how to prepare a Linux guest VM for SCM. CentOS is used in the examples, but any version of Linux can be used as a guest VM.

Install CentOS manually

  • Use the CentOS netinstall ISO and the following URLs for the packages:
  • Create an account. In these examples, we’ll use the account name sam.
  • Choose workstation software group.
  • Skip KDE.
  • After installation, log in as sam.
  • Add sam to the wheel group.
  • visudo to enable %wheel without password.
  • As root:
    • yum update
    • yum install epel-release

Network

Edit the /etc/sysconfig/network-scripts/ifcfg-eth0 file. Remove:

  • UUIDs
  • MAC addresses (assigned by OpenStack)

Change:

NM_CONTROLLED="no"

Verify:

ONBOOT="yes"
BOOTPROTO
# yum remove NetworkManager

Finally, remove this file:

# rm /lib/udev/rules.d/75-persistent-net-generator.rules

This prevents the automatic creation of a /etc/udev/rules.d/70-persistent-net.rules file, which would rename network interfaces and interfere with the reuse of SCM images.

fstab

Replace UUIDs in /etc/fstab with device names like /dev/vda for the /boot partition, so the system will boot when replicated to a new boot volume.

nVidia GPU steps (optional)

If you are using an nVidia GPU:

# echo "blacklist nouveau" >> /etc/modprobe.d/blacklist.conf

Add these lines to /etc/grub.conf:

serial --unit=0 --speed=115200
terminal --timeout=10 console serial

Change each kernel line by replacing rhgb quiet at the end of each line with:

rdblacklist=nouveau console=tty0 console=ttyS0,115200n8

Install driver prerequisites:

# yum install dkms
# yum groupinstall "Development Tools"

Download the nVidia drivers:

# wget http://us.download.nvidia.com/XFree86/Linux-x86_64/352.41/NVIDIA-Linux-x86_64-352.41.run

Drop back to runlevel 3:

# telinit 3

Install the nVidia drivers:

# chmod +x NVIDIA-Linux-x86_64-352.41.run
# ./NVIDIA-Linux-x86_64-352.41.run --silent --dkms

Edit /etc/inittab and change the default runlevel from 5 to 3.

Install Scyld Cloud Workstation (optional)

Obtain the appropriate version of SCW from Penguin Computing as a RPM.

Install the RPM

yum localinstall scyld-cloud-workstation-$VERSION-rpm.

Configure SCW following the User Guide - http://www.penguincomputing.com/documentation/scyld-cloud-workstation/user-guide/

Install cloud-init

Install the prerequisites for cloud-init:

# yum install \
     acpid cloud-init cloud-utils cloud-utils-growpart \
     dracut-kernel dracut dracut-modules-growroot

Edit /etc/cloud/cloud.cfg and change the values at the top of the file to these:

disable_root: 0
ssh_pwauth:   1
ssh_deletekeys:   0

Empty the /var/lib/cloud directory for the full cloud-init run on first boot:

# rm -rf /var/lib/cloud/*

Integrate Scyld Cloud Workstation with SCM (optional)

Scyld Cloud Workstation can be integrated with SCM so only the user who created the VM can login and/or is automatically logged into their desktop after authenticating with Scyld Cloud Workstation.

SCM stores the username and email of the user who created the VM in OpenStack metadata, available from inside the VM as JSON at http://169.254.169.254/openstack/latest/meta_data.json

Relevant content of example meta_data.json:

{"meta": {
  "scm_username": "testuser",
  "scm_users": "[email protected]"
  },
}

As discussed in the SCW User Guide, if using Scyld CloudAuth for SCW authentication, the Server.Auth.ScyldCloudAuth.Allow config setting controls which users can authenticate to the SCW instance. Example relevant lines allowing login by username or email:

<config>
 <Server>
  <Auth>
   <ScyldCloudAuth>
    <URL>https:/auth.scm.example.com</URL>
    <Allow>
     <Username>testuser</Username>
     <Username>[email protected]</Username>
    </Allow>
   </ScyldCloudAuth>
  </Auth>
 </Server>
</config>

Penguin Computing can provide a cloud-init script that reads from the metadata and configures Server.Auth.ScyldCloudAuth.Allow setting from the OpenStack metadata.

By default, after authenticating Scyld Cloud Workstation presents the user with a login screen. The login node can be customized so the user will be automatically logged in.

For CentOS 6 using the GNOME desktop with GDM, autologin is configured in /etc/gdm/custom.conf as:

[daemon]
AutomaticLoginEnable = true
AutomaticLogin = testuser

For Centos 7 using MATE and LightDM, autologin can be configured in /etc/lightdm.conf.d/50-autologin.conf as:

[Seat:*]
autologin-user=testuser
autologin-user-timeout=0

Penguin Computing can provide a cloud-init script that reads from the metadata and customizes the appropriate autologin setting from the OpenStack metadata.

Shutdown the VM

# shutdown -h now

Create a CentOS VM

With virt-manager, create a CentOS VM, using a qcow2 file for the boot disk. Details are available here.

Prep the image for reuse

Get the name of the new VM:

# virsh list --all

Prep the image:

# virt-sysprep -d centos-6.7

Install libguestfs

# yum install libguestfs-tools

Compress the image to upload

# qemu-img convert -c \
    -f qcow2 \
    -O qcow2  \
    /var/lib/libvirt/images/centos-6.7-scw.qcow2 \
    /tmp/centos-6.7-scw.qcow2

Convert qcow2 to a sparse raw file for Glance

# qemu-img convert \
    -f qcow2 \
     -O raw \
     /tmp/centos-6.7-scw.qcow2 \
     /tmp/centos-6.7-working.raw

Load the raw file into Glance

# glance image-create \
    --name centos_image  \
    --is-public true \
    --file /tmp/centos6.7-working.raw  \
    --disk-format raw \
    --container-format bare \
    --min-disk 8 \
    --min-ram 512 \
    --progress \
    --property image_type=loginnode \
    --property hw_video_model=qxl \
    --property hw_video_ram=8

If the image will include Scyld Cloud Workstation, add –property service_url=’https://{}/’

Modifying image file properties

Once the image is uploaded, it can be updated through the Horizon dashboard, openstack image set <IMAGE_ID>, or glance image-update <IMAGE_ID>