| 15 |
15 |
| 1. Fill the newly provisioned disk with Image data
|
| 16 |
16 |
| 2. Customize the Image accordingly
|
| 17 |
17 |
|
| 18 |
|
For (1), snf-image can fetch the Image from a number of backends, as we describe
|
| 19 |
|
later. For (2) snf-image spawns a helper VM and runs a number of configuration
|
| 20 |
|
tasks inside the isolated environment. Once the last task returns successfully,
|
| 21 |
|
the helper VM ceases and snf-image returns the newly configured disk to Ganeti.
|
|
18 |
For (1), snf-image can fetch the Image from a number of back-ends, as we
|
|
19 |
describe later. For (2) snf-image spawns a helper VM and runs a number of
|
|
20 |
configuration tasks inside the isolated environment. Once the last task returns
|
|
21 |
successfully, the helper VM ceases and snf-image returns the newly configured
|
|
22 |
disk to Ganeti.
|
| 22 |
23 |
|
| 23 |
24 |
The whole procedure is configurable via OS interface parameters, that can be
|
| 24 |
25 |
passed to snf-image from the Ganeti command line or RAPI.
|
| ... | ... | |
| 47 |
48 |
The snf-image-helper component runs inside a specific environment, which is
|
| 48 |
49 |
created and ensured by snf-image:
|
| 49 |
50 |
|
| 50 |
|
* The VM features a virtual floppy, containing an ext2 filesystem with all
|
|
51 |
* The VM features a virtual floppy, containing an ext2 file system with all
|
| 51 |
52 |
parameters needed for image customization.
|
| 52 |
53 |
* The hard disk provided by Ganeti that we want to deploy and customize is
|
| 53 |
|
accessible as the first virtio hard disk.
|
|
54 |
accessible as the first VirtIO hard disk.
|
| 54 |
55 |
* All kernel/console output is redirected to the first virtual serial console,
|
| 55 |
56 |
and eventually finds its way into the OS definition log files that Ganeti
|
| 56 |
57 |
maintains.
|
| ... | ... | |
| 66 |
67 |
snf-image-helper
|
| 67 |
68 |
^^^^^^^^^^^^^^^^
|
| 68 |
69 |
|
| 69 |
|
This part runs inside the helper VM during bootup and undertakes customization
|
|
70 |
This part runs inside the helper VM during boot-up and undertakes customization
|
| 70 |
71 |
of the target disk. It does so, by running a number of :ref:`configuration
|
| 71 |
72 |
tasks <image-configuration-tasks>`. The exact tasks that should run, are
|
| 72 |
73 |
specified by rules found in the virtual floppy, placed there by *snf-image*,
|
| ... | ... | |
| 83 |
84 |
|
| 84 |
85 |
.. _storage-backends:
|
| 85 |
86 |
|
| 86 |
|
Storage backends
|
| 87 |
|
^^^^^^^^^^^^^^^^
|
|
87 |
Storage back-ends
|
|
88 |
^^^^^^^^^^^^^^^^^
|
| 88 |
89 |
|
| 89 |
90 |
As stated above, for step (1), *snf-image* is capable of fetching images that
|
| 90 |
|
are stored in a variety of different backends and then extracting them onto the
|
| 91 |
|
newly created block device. The following backends are supported:
|
| 92 |
|
|
| 93 |
|
* **Local backend**:
|
| 94 |
|
The local backend is used to retrieve images that are stored on the Ganeti
|
| 95 |
|
node that the image deployment takes place. All local images are expected to be
|
| 96 |
|
found under a predifined image directory. By default */var/lib/snf-image* is
|
| 97 |
|
used, but the user may change this by overwriting the value of the
|
|
91 |
are stored in a variety of different back-ends and then extracting them onto
|
|
92 |
the newly created block device. The following back-ends are supported:
|
|
93 |
|
|
94 |
* **Local back-end**:
|
|
95 |
The local back-end is used to retrieve images that are stored on the Ganeti
|
|
96 |
node that the image deployment takes place. All local images are expected to
|
|
97 |
be found under a predefined image directory. By default */var/lib/snf-image*
|
|
98 |
is used, but the user may change this by overwriting the value of the
|
| 98 |
99 |
*IMAGE_DIR* variable under ``/etc/default/snf-image``.
|
| 99 |
100 |
|
| 100 |
|
* **Network backend**:
|
| 101 |
|
The network backend is used to retrieve images that are accessible from the
|
| 102 |
|
network. snf-image can fetch images via *http:*, *https:*, *ftp:* or *ftps:*,
|
| 103 |
|
using `cURL <http://curl.haxx.se/>`_.
|
|
101 |
* **Network back-end**:
|
|
102 |
The network back-end is used to retrieve images that are accessible from the
|
|
103 |
network. snf-image can fetch images via *http:*, *https:*, *ftp:* or
|
|
104 |
*ftps:*, using `cURL <http://curl.haxx.se/>`_.
|
| 104 |
105 |
|
| 105 |
|
* **Pithos backend**:
|
|
106 |
* **Pithos back-end**:
|
| 106 |
107 |
*snf-image* contains a special command-line tool (*pithcat*) for retrieving
|
| 107 |
|
images residing on a Pithos installation. To set up snf-image's Pithos backend
|
| 108 |
|
the user needs to setup the ``PITHOS_DATA`` and ``PITHOS_DB`` variables inside
|
| 109 |
|
``/etc/default/snf-image`` accordingly.
|
|
108 |
images residing on a Pithos installation. To set up snf-image's Pithos
|
|
109 |
back-end the user needs to setup the ``PITHOS_DATA`` and ``PITHOS_DB``
|
|
110 |
variables inside ``/etc/default/snf-image`` accordingly.
|
| 110 |
111 |
|
| 111 |
|
* **Null backend**:
|
| 112 |
|
If the null backend is selected, no image copying is performed. This actually
|
| 113 |
|
is meant for bypassing step (1) alltogether. This is useful, if the disk
|
| 114 |
|
provisioned by Ganeti already contains an OS installation before *snf-image* is
|
| 115 |
|
executed (for example if the disk was created as a clone of an existing VM's
|
| 116 |
|
hard disk).
|
|
112 |
* **Null back-end**:
|
|
113 |
If the null back-end is selected, no image copying is performed. This
|
|
114 |
actually is meant for bypassing step (1) altogether. This is useful, if the
|
|
115 |
disk provisioned by Ganeti already contains an OS installation before
|
|
116 |
*snf-image* is executed (for example if the disk was created as a clone of
|
|
117 |
an existing VM's hard disk).
|
| 117 |
118 |
|
| 118 |
119 |
.. _image-configuration-tasks:
|
| 119 |
120 |
|
| ... | ... | |
| 138 |
139 |
by *SNF_IMAGE_TARGET*. The script will fail if any of those 3 variables has a
|
| 139 |
140 |
non-sane value.
|
| 140 |
141 |
|
| 141 |
|
**AddSwap**: Formats the swap partion added by *FixPartitionTable* task and
|
|
142 |
**AddSwap**: Formats the swap partition added by *FixPartitionTable* task and
|
| 142 |
143 |
adds an appropriate swap entry in the system's ``/etc/fstab``. The script will
|
| 143 |
144 |
only run if *SNF_IMAGE_PROPERTY_SWAP* is present and will fail if
|
| 144 |
145 |
*SNF_IMAGE_TARGET* in not defined.
|
| 145 |
146 |
|
| 146 |
|
**DeleteSSHKeys**: For linux images, this script will clear out any ssh keys
|
| 147 |
|
found in the image and for debian, it will recreate them too. In order to find
|
|
147 |
**DeleteSSHKeys**: For Linux images, this script will clear out any ssh keys
|
|
148 |
found in the image and for Debian, it will recreate them too. In order to find
|
| 148 |
149 |
the ssh keys, the script looks in default locations (/etc/ssh/ssh_*_key) and
|
| 149 |
150 |
also parses ``/etc/ssh/sshd_config`` file if present. The script will fail if
|
| 150 |
151 |
*SNF_IMAGE_TARGET* is not set.
|
| ... | ... | |
| 158 |
159 |
needed by windows in order to perform an unattended setup. The
|
| 159 |
160 |
*SNF_IMAGE_TARGET* variables needs to be present for this task to run.
|
| 160 |
161 |
|
| 161 |
|
**SELinuxAutorelabel**: Creates *.autorelabel* file in RedHat images. This is
|
|
162 |
**SELinuxAutorelabel**: Creates *.autorelabel* file in Red Hat images. This is
|
| 162 |
163 |
needed if SELinux is enabled to enforce an automatic file system relabeling at
|
| 163 |
|
the next boot. The only enviromental variable required by this task is
|
|
164 |
the next boot. The only environmental variable required by this task is
|
| 164 |
165 |
*SNF_IMAGE_TARGET*.
|
| 165 |
166 |
|
| 166 |
167 |
**AssignHostname**: Assigns or changes the hostname in a Linux or Windows
|
| 167 |
168 |
image. The task will fail if the Linux distribution is not supported. For now,
|
| 168 |
|
we support Debian, Redhat, Slackware, SUSE and Gentoo derived distros. The
|
| 169 |
|
hostname is read from *SNF_IMAGE_HOSTNAME* variable. In addition to the latter,
|
| 170 |
|
*SNF_IMAGE_TARGET* is also required.
|
|
169 |
we support Debian, Red Hat, Slackware, SUSE and Gentoo derived distributions.
|
|
170 |
The hostname is read from *SNF_IMAGE_HOSTNAME* variable. In addition to the
|
|
171 |
latter, *SNF_IMAGE_TARGET* is also required.
|
| 171 |
172 |
|
| 172 |
173 |
**ChangePassword**: Changes the password for a list of users. For Linux systems
|
| 173 |
174 |
this is accomplished by directly altering the image's ``/etc/shadow`` file. For
|
| 174 |
175 |
Windows systems a script is injected into the VM's hard disk. This script will
|
| 175 |
|
be executed during the specialize pass of the Windows setup. The list of users
|
| 176 |
|
whose passwords will changed is determined by the *SNF_IMAGE_PROPERTY_USERS*
|
| 177 |
|
variable (see :ref:`image-properties`). For this task to run *SNF_IMAGE_TARGET*
|
| 178 |
|
and *SNF_IMAGE_PASSWORD* variables need to be present.
|
|
176 |
be executed during the specialize pass of the Windows setup. For FreeBSD
|
|
177 |
``/etc/master.passwd`` is altered, ``/etc/spwd.db`` is removed and a script is
|
|
178 |
injected into the VM's hard disk that will recreate the aforementioned file.
|
|
179 |
The list of users whose passwords will changed is determined by the
|
|
180 |
*SNF_IMAGE_PROPERTY_USERS* variable (see :ref:`image-properties`). For this
|
|
181 |
task to run *SNF_IMAGE_TARGET* and *SNF_IMAGE_PASSWORD* variables need to be
|
|
182 |
present.
|
| 179 |
183 |
|
| 180 |
184 |
**FilesystemResizeMounted**: Injects a script into a Windows image file system
|
| 181 |
185 |
that will enlarge the last file system to cover up the whole partition. The
|