root / docs / collection_of_examples / server.rst @ 7806f19d
History | View | Annotate | Download (6.4 kB)
1 |
Creating Servers (Virtual Machines) |
---|---|
2 |
=================================== |
3 |
|
4 |
A `server` (also known as `virtual machine`), is created based on a registered |
5 |
`image` and a reconfigured hardware setup (also known as `flavor`). |
6 |
|
7 |
Create a virtual server |
8 |
----------------------- |
9 |
|
10 |
List available flavors |
11 |
|
12 |
.. code-block:: console |
13 |
|
14 |
[kamaki]: flavor list -l |
15 |
1 C1R128D1drbd |
16 |
SNF:disk_template: drbd |
17 |
disk: 1 |
18 |
id: 1 |
19 |
links: |
20 |
href: https://example.com/cyclades/compute/v2.0/flavors/1 |
21 |
rel: bookmark |
22 |
. . . . . . . |
23 |
href: https://example.com/cyclades/compute/v2.0/flavors/1 |
24 |
rel: self |
25 |
name: C1R128D1drbd |
26 |
ram: 128 |
27 |
vcpus: 1 |
28 |
2 C1R128D1plain |
29 |
SNF:disk_template: plain |
30 |
disk: 1 |
31 |
id: 2 |
32 |
links: |
33 |
href: https://example.com/cyclades/compute/v2.0/flavors/2 |
34 |
rel: bookmark |
35 |
. . . . . . . |
36 |
href: https://example.com/cyclades/compute/v2.0/flavors/2 |
37 |
rel: self |
38 |
name: C1R128D1plain |
39 |
ram: 128 |
40 |
vcpus: 1 |
41 |
[kamaki]: |
42 |
|
43 |
List available images |
44 |
|
45 |
.. code-block:: console |
46 |
|
47 |
[kamaki]: image compute list |
48 |
f1r57-1m4g3-1d Debian Base Alpha |
49 |
53c0nd-1m4g3-1d Beta Debian Base |
50 |
[kamaki]: |
51 |
|
52 |
Let's pick the `C1R128D1drbd` (id: 1) flavor and the `Debian Base Alpha` (id: |
53 |
f1r57-1m4g3-1d) image to create a new VM called 'My First Server' |
54 |
|
55 |
.. code-block:: console |
56 |
|
57 |
[kamaki]: server create 'My First Server' 1 f1r57-1m4g3-1d |
58 |
accessIPv4: |
59 |
accessIPv6: |
60 |
addresses: |
61 |
adminPass: Y0uW0nt5eeMeAg4in |
62 |
attachments: |
63 |
config_drive: |
64 |
created: 2013-06-19T12:34:47.362078+00:00 |
65 |
diagnostics: |
66 |
flavor: |
67 |
id: 1 |
68 |
hostId: |
69 |
id: 141 |
70 |
image: |
71 |
id: f1r57-1m4g3-1d |
72 |
key_name: None |
73 |
metadata: |
74 |
os: debian |
75 |
users: root |
76 |
name: My First Server |
77 |
progress: 0 |
78 |
security_groups: |
79 |
name: default |
80 |
status: BUILD |
81 |
suspended: False |
82 |
tenant_id: s0m3-u53r-1d |
83 |
updated: 2013-06-19T12:34:48.512867+00:00 |
84 |
user_id: s0m3-u53r-1d |
85 |
[kamaki]: |
86 |
|
87 |
.. note:: The adminPass field is not stored anywhere, therefore users would |
88 |
rather write it down and change it the first time they use the VM |
89 |
|
90 |
Wait for the VM with id 141 to build (optional) |
91 |
|
92 |
.. code-block:: console |
93 |
|
94 |
[kamaki]: server wait 141 |
95 |
<bar showing build progress, until 100%> |
96 |
Server 141 is not in ACTIVE mode |
97 |
[kamaki]: |
98 |
|
99 |
Destroy the VM (wait is still optional) |
100 |
|
101 |
.. code-block:: console |
102 |
|
103 |
[kamaki]: server delete 141 |
104 |
[kamaki]: server wait 141 ACTIVE |
105 |
<bar showing destruction progress, until 100%> |
106 |
Server 141 is not in DELETED mode |
107 |
[kamaki]: |
108 |
|
109 |
Inject ssh keys to a debian server |
110 |
---------------------------------- |
111 |
|
112 |
Assume that the servers build from the image `Debian Base Alpha` accept ssh |
113 |
connections. We need to build servers that can log us as roots without a |
114 |
password. This can be achieved if the `/root/.ssh/authorized_keys` file exists |
115 |
and contains the public key of the current user. |
116 |
|
117 |
Assume that the public key file of the current user is located at |
118 |
`/home/someuser/.ssh/id_rsa.pub` . We need a method of injecting this file as |
119 |
`/root/.ssh/authorized_keys` while creating the virtual server. |
120 |
|
121 |
Luckily, Synnefo fully supports the OpenStack suggestion for file injections on |
122 |
VMs and kamaki allows it by using the **-p** argument (p stands for |
123 |
`PERSONALITY` and is the term used in the |
124 |
`respective OpenStack <http://docs.openstack.org/api/openstack-compute/2/content/CreateServers.html>`_ description). |
125 |
|
126 |
The syntax of the -p argument is something called "the personlity string":: |
127 |
|
128 |
-p <local file path>[,<remote path>[,<remote owner>[,<remote group>[,<mode>]]]] |
129 |
|
130 |
e.g. |
131 |
|
132 |
-p /home/someuser/.ssh/id_rsa.pub,/root/.ssh/authorized_keys,root,root,0777 |
133 |
|
134 |
.. note:: In case of omitting an optional part of the personality string, the |
135 |
default behavior depends on the remote server, e.g. for a debian image we |
136 |
expect the file to have root ownership, if the ownership is not specified. |
137 |
|
138 |
Create a vm while injecting current users public key to root account |
139 |
|
140 |
.. code-block:: console |
141 |
|
142 |
[kamaki]: server |
143 |
[server]: create 'NoPassword Server' 1 f1r57-1m4g3-1d -p /home/someuser/.ssh/id_rsa.pub,/root/.ssh/authorized_keys |
144 |
accessIPv4: |
145 |
accessIPv6: |
146 |
addresses: |
147 |
adminPass: Th1s1s4U5elessTh1ngN0w |
148 |
attachments: |
149 |
config_drive: |
150 |
created: 2013-06-19T12:34:47.362078+00:00 |
151 |
diagnostics: |
152 |
flavor: |
153 |
id: 1 |
154 |
hostId: |
155 |
id: 142 |
156 |
image: |
157 |
id: f1r57-1m4g3-1d |
158 |
key_name: None |
159 |
metadata: |
160 |
os: debian |
161 |
users: root |
162 |
name: No Password Server |
163 |
progress: 0 |
164 |
security_groups: |
165 |
name: default |
166 |
status: BUILD |
167 |
suspended: False |
168 |
tenant_id: s0m3-u53r-1d |
169 |
updated: 2013-06-19T12:34:48.512867+00:00 |
170 |
user_id: s0m3-u53r-1d |
171 |
[server]: |
172 |
|
173 |
When the VM is ready, get the VMs external IP from the web UI. Let's assume the |
174 |
IP is 123.456.78.90 . |
175 |
|
176 |
.. code-block:: console |
177 |
|
178 |
[server]: /exit |
179 |
$ ssh 123.456.78.90 |
180 |
Linux remote-vm-4241 2.6.32-5-amd64 #1 SMP XXXX x86_64 |
181 |
|
182 |
The programs included with the Debian GNU/Linux system are free software; |
183 |
the exact distribution terms for each program are described in the |
184 |
individual files in /usr/share/doc/*/copyright. |
185 |
|
186 |
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent |
187 |
permitted by applicable law. |
188 |
root@remote-vm-4241:~# ls -l .ssh/ |
189 |
total 4 |
190 |
-rw-r--r-- 1 root root 399 Jun 19 12:34 authorized_keys |
191 |
root@remote-vm-4241:~# |
192 |
|
193 |
You can now log to your remote VM as root, without a password. Well done! |
194 |
|
195 |
.. note:: There is no reason to limit injections to ssh keys. Users with an |
196 |
adequate understanding of the remote OS are encouraged to prepare and |
197 |
inject all kinds of useful files, e.g. **lists of package sources**, |
198 |
**default user profiles**, **device mount configurations**, etc. |