root / docs / examplesdir / server.rst @ 16d7b9ff
History | View | Annotate | Download (6.3 kB)
| 1 |
Creating Servers (Virtual Machines) |
|---|---|
| 2 |
=================================== |
| 3 |
|
| 4 |
A `server` (also known as `virtual machine`), is created based on a registered |
| 5 |
`image` and a preconfigured hardware setup (also known as `flavor`). |
| 6 |
|
| 7 |
Create a virtual server |
| 8 |
----------------------- |
| 9 |
|
| 10 |
List available flavors |
| 11 |
|
| 12 |
.. code-block:: console |
| 13 |
|
| 14 |
[kamaki]: flavor list -l |
| 15 |
1 C1R128D1drbd |
| 16 |
SNF:disk_template: drbd |
| 17 |
disk: 1 |
| 18 |
id: 1 |
| 19 |
links: |
| 20 |
href: https://example.com/cyclades/compute/v2.0/flavors/1 |
| 21 |
rel: bookmark |
| 22 |
. . . . . . . |
| 23 |
href: https://example.com/cyclades/compute/v2.0/flavors/1 |
| 24 |
rel: self |
| 25 |
name: C1R128D1drbd |
| 26 |
ram: 128 |
| 27 |
vcpus: 1 |
| 28 |
2 C1R128D1plain |
| 29 |
SNF:disk_template: plain |
| 30 |
disk: 1 |
| 31 |
id: 2 |
| 32 |
links: |
| 33 |
href: https://example.com/cyclades/compute/v2.0/flavors/2 |
| 34 |
rel: bookmark |
| 35 |
. . . . . . . |
| 36 |
href: https://example.com/cyclades/compute/v2.0/flavors/2 |
| 37 |
rel: self |
| 38 |
name: C1R128D1plain |
| 39 |
ram: 128 |
| 40 |
vcpus: 1 |
| 41 |
[kamaki]: |
| 42 |
|
| 43 |
List available images |
| 44 |
|
| 45 |
.. code-block:: console |
| 46 |
|
| 47 |
[kamaki]: image compute list |
| 48 |
f1r57-1m4g3-1d Debian Base Alpha |
| 49 |
53c0nd-1m4g3-1d Beta Debian Base |
| 50 |
[kamaki]: |
| 51 |
|
| 52 |
Let's pick the `C1R128D1drbd` (id: 1) flavor and the `Debian Base Alpha` (id: |
| 53 |
f1r57-1m4g3-1d) image to create a new virtual server called 'My First Server' |
| 54 |
|
| 55 |
.. code-block:: console |
| 56 |
|
| 57 |
[kamaki]: server create 'My First Server' 1 f1r57-1m4g3-1d |
| 58 |
accessIPv4: |
| 59 |
accessIPv6: |
| 60 |
addresses: |
| 61 |
adminPass: Y0uW0nt5eeMeAg4in |
| 62 |
attachments: |
| 63 |
config_drive: |
| 64 |
created: 2013-06-19T12:34:47.362078+00:00 |
| 65 |
diagnostics: |
| 66 |
flavor: |
| 67 |
id: 1 |
| 68 |
hostId: |
| 69 |
id: 141 |
| 70 |
image: |
| 71 |
id: f1r57-1m4g3-1d |
| 72 |
key_name: None |
| 73 |
metadata: |
| 74 |
os: debian |
| 75 |
users: root |
| 76 |
name: My First Server |
| 77 |
progress: 0 |
| 78 |
security_groups: |
| 79 |
name: default |
| 80 |
status: BUILD |
| 81 |
suspended: False |
| 82 |
tenant_id: s0m3-u53r-1d |
| 83 |
updated: 2013-06-19T12:34:48.512867+00:00 |
| 84 |
user_id: s0m3-u53r-1d |
| 85 |
[kamaki]: |
| 86 |
|
| 87 |
.. note:: The adminPass field is not stored anywhere, therefore users would |
| 88 |
rather write it down and change it the first time they use the virtual server |
| 89 |
|
| 90 |
Wait for the virtual server with id 141 to build (optional) |
| 91 |
|
| 92 |
.. code-block:: console |
| 93 |
|
| 94 |
[kamaki]: server wait 141 |
| 95 |
<bar showing build progress, until 100%> |
| 96 |
Server 141 is now in ACTIVE mode |
| 97 |
[kamaki]: |
| 98 |
|
| 99 |
Destroy the virtual server (wait is still optional) |
| 100 |
|
| 101 |
.. code-block:: console |
| 102 |
|
| 103 |
[kamaki]: server delete 141 |
| 104 |
[kamaki]: server wait 141 ACTIVE |
| 105 |
<bar showing destruction progress, until 100%> |
| 106 |
Server 141 is now in DELETED mode |
| 107 |
[kamaki]: |
| 108 |
|
| 109 |
Inject ssh keys to a debian server |
| 110 |
---------------------------------- |
| 111 |
|
| 112 |
Assume that the servers build from the image `Debian Base Alpha` accept ssh |
| 113 |
connections. We need to build servers that can log us as root without a |
| 114 |
password. This can be achieved if the `/root/.ssh/authorized_keys` file exists |
| 115 |
and contains the public key of the current user. |
| 116 |
|
| 117 |
Assume that the public key file of the current user is located at |
| 118 |
`/home/someuser/.ssh/id_rsa.pub` . We need a method of injecting this file as |
| 119 |
`/root/.ssh/authorized_keys` while creating the virtual server. |
| 120 |
|
| 121 |
Luckily, Synnefo fully supports the OpenStack suggestion for file injections on |
| 122 |
virtual servers and kamaki allows it by using the **-p** argument (p stands for |
| 123 |
`PERSONALITY` and is the term used in the |
| 124 |
`respective OpenStack <http://docs.openstack.org/api/openstack-compute/2/content/CreateServers.html>`_ description). |
| 125 |
|
| 126 |
The syntax of the -p argument is something called "the personlity string":: |
| 127 |
|
| 128 |
-p <local file path>[,<remote path>[,<remote owner>[,<remote group>[,<mode>]]]] |
| 129 |
|
| 130 |
e.g., |
| 131 |
|
| 132 |
-p /home/someuser/.ssh/id_rsa.pub,/root/.ssh/authorized_keys,root,root,0777 |
| 133 |
|
| 134 |
.. note:: In case of omitting an optional part of the personality string, the |
| 135 |
default behavior depends on the remote server, e.g., for a debian image we |
| 136 |
expect the file to have root ownership, if the ownership is not specified. |
| 137 |
|
| 138 |
Create a virtual server while injecting current user public key to root account |
| 139 |
|
| 140 |
.. code-block:: console |
| 141 |
|
| 142 |
[kamaki]: server |
| 143 |
[server]: create 'NoPassword Server' 1 f1r57-1m4g3-1d -p /home/someuser/.ssh/id_rsa.pub,/root/.ssh/authorized_keys |
| 144 |
accessIPv4: |
| 145 |
accessIPv6: |
| 146 |
addresses: |
| 147 |
adminPass: Th1s1s4U5elessTh1ngN0w |
| 148 |
attachments: |
| 149 |
config_drive: |
| 150 |
created: 2013-06-19T12:34:47.362078+00:00 |
| 151 |
diagnostics: |
| 152 |
flavor: |
| 153 |
id: 1 |
| 154 |
hostId: |
| 155 |
id: 142 |
| 156 |
image: |
| 157 |
id: f1r57-1m4g3-1d |
| 158 |
key_name: None |
| 159 |
metadata: |
| 160 |
os: debian |
| 161 |
users: root |
| 162 |
name: No Password Server |
| 163 |
progress: 0 |
| 164 |
security_groups: |
| 165 |
name: default |
| 166 |
status: BUILD |
| 167 |
suspended: False |
| 168 |
tenant_id: s0m3-u53r-1d |
| 169 |
updated: 2013-06-19T12:34:48.512867+00:00 |
| 170 |
user_id: s0m3-u53r-1d |
| 171 |
[server]: |
| 172 |
|
| 173 |
When the virtual server is ready, get the virtual servers external IP from the web UI. Let's assume the |
| 174 |
IP is 123.456.78.90 . |
| 175 |
|
| 176 |
.. code-block:: console |
| 177 |
|
| 178 |
[server]: /exit |
| 179 |
$ ssh 123.456.78.90 |
| 180 |
Linux remote-virtual server-4241 2.6.32-5-amd64 #1 SMP XXXX x86_64 |
| 181 |
|
| 182 |
The programs included with the Debian GNU/Linux system are free software; |
| 183 |
the exact distribution terms for each program are described in the |
| 184 |
individual files in /usr/share/doc/*/copyright. |
| 185 |
|
| 186 |
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent |
| 187 |
permitted by applicable law. |
| 188 |
root@remote-virtual server-4241:~# ls -l .ssh/ |
| 189 |
total 4 |
| 190 |
-rw-r--r-- 1 root root 399 Jun 19 12:34 authorized_keys |
| 191 |
root@remote-virtual server-4241:~# |
| 192 |
|
| 193 |
You can now log to your remote virtual server as root, without a password. Well done! |
| 194 |
|
| 195 |
.. note:: There is no reason to limit injections to ssh keys. Users with an |
| 196 |
adequate understanding of the remote OS are encouraged to prepare and |
| 197 |
inject all kinds of useful files, e.g., **lists of package sources**, |
| 198 |
**default user profiles**, **device mount configurations**, etc. |