snf-image

snf-image logo (400x100px)

Warning: This wiki page is obsolete. The up-to-date documentation of snf-image is hosted here

Introduction - Features

snf-image is a Ganeti OS Definition, primarily used by Synnefo .

It is rewritten from scratch and allows Ganeti to launch instances from predefined or untrusted custom Images. The whole process of deploying an Image onto the block device, as provided by Ganeti, is done in complete isolation from the physical host, enhancing robustness and security.

snf-image supports KVM and Xen based ganeti clusters.

There are also additional hooks that can be enabled at image deployment. They allow for:

  • changing the password of root or arbitrary users
  • injecting files at arbitrary locations inside the filesystem, e.g., SSH keys
  • setting a custom hostname
  • re-creating SSH host keys to ensure the image uses unique keys

snf-image has been used successfully to deploy many major Linux distributions (Debian, Ubuntu/Kubuntu, CentOS, Fedora), Windows 2008 R2 & Windows Server 2012, as well as FreeBSD 9.1

The snf-image Ganeti OS Definition is released under GNU Generic Public Lisence version 2.

Ganeti OS Interface

snf-image requires ganeti-os-interface v20 to operate.
It introduces the following OS parameters:

  • img_id (required if config_url is missing): the URI used to identify the image (see here)
  • img_format (required if config_url is missing): the image format type (see here)
  • img_passwd (required if config_url is missing): the passwd to be injected inside the image
  • img_properties (optional): additional image properties used to customize the image (details)
  • img_personality (optional): files to be injected into the image filesystem (details).
  • config_url (optional): the url to download configuration data from

Architecture

snf-image is split in two components: The main program running on the Ganeti host, with full root privilege (snf-image previously snf-image-host), and a part running inside an unprivileged, helper VM (snf-image-helper).

snf-image

This part implements the Ganeti OS interface. It extracts the Image onto the Ganeti-provided block device, using streaming block I/O (dd with oflag=direct), then passes control to snf-image-helper running inside a helper VM. The helper VM is created using KVM, runs as an unprivileged user, nobody by default.

There is no restriction on the distribution running inside the helper VM, as long as it executes the snf-image-helper component automatically upon bootup. The snf-image-update-helper script is provided with snf-image to automate the creation of a helper VM image based on Debian Stable, using multistrap.

The snf-image-helper component is spawned inside a specific hardware environment:

  • The VM features a virtual floppy, containing an ext2 filesystem with all parameters needed for image customization.
  • The hard disk of the VM being deployed is accessible as the first virtio hard disk.
  • All kernel/console output is redirected to the first virtual serial console, and eventually finds its way into the OS definition log files that Ganeti maintains.
  • The helper VM is expected to output "SUCCESS" to its second serial port if image customization was successful inside the VM.
    In any other case, execution of the helper VM or snf-image-helper has failed.
  • The helper VM is expected to shutdown automatically once it is done. Its execution is time-limited; if it has not terminated after a number of seconds, configurable via /etc/default/snf-image, it is sent a SIGTERM and/or a SIGKILL.

KVM is currently a dependency for snf-image, meaning it is needed to spawn the helper VM. There is no restriction on the hypervisor used for the actual Ganeti instances. This is not a strict requirement; KVM could be replaced by qemu, doing full CPU virtualization without any kernel support for spawning the helper VM.

snf-image-helper

This part runs inside the helper VM and undertakes customization of the VM being deployed using a number of hooks, or tasks. The tasks run in an environment, specified by rules found in a virtual floppy, placed there by snf-image. snf-image-helper uses runparts to run tasks found under /usr/lib/snf-image-helper/tasks by default.

The architecture is presented below:

Graphical Representation

snf-image architecture

Image Names

snf-image assumes all image files have the following format:

<image_id>.<image_format>

In order to create an instance with ganeti using an image with filename debian_base-6.0-5-x86_64.extdump, you need to specify the following OS parameters:

img_format=extdump
img_id=debian_base-6.0-5-x86_64

Download

Source

The latest source packages for snf-image (v0.9.1) can be found here:

Packages (for debian squeeze)

The latest debian package for snf-image (v0.9.1) can be found here:

Previous versions and source tarballs can be found here:
https://code.grnet.gr/projects/snf-image/files

You can also download the package from our apt repo:

http://apt2.dev.grnet.gr

Fixed snf-image-helper image

If you installed snf-image using the provided package, you can create the helper VM by launching `snf-image-update-helper' command. People who installed the program from source may use the fixed helper VM image provided below:

Sample Images

While developing snf-image, we created and tested a number of images. The following images are basic installations of some popular Linux distributions, that have been tested with snf-image and provided here for testing purposes:

After getting familiar with snf-image you can build your own Images (more...), or build upon the ones listed above.

Installation

Before installing snf-image be sure to have a working Ganeti installation in your cluster. The installation process should take place in all ganeti nodes. Here we will describe the installation in a single node. The process is identical for all nodes and should be repeated manually or automatically, e.g., with puppet.

Installing snf-image using apt (Debian-based distributions)

Add the following lines in your sources.list file:

deb http://apt2.dev.grnet.gr stable/
deb-src http://apt2.dev.grnet.gr stable/

and then run:

# apt-get update
# apt-get install snf-image
# snf-image-update-helper

The last command may take a while. If it exits without errors, you have installed snf-image successfully and you can move on to the configuration section.

Installing snf-image from source

  1. Download the provided source package:
    $ wget https://code.grnet.gr/attachments/download/2609/snf-image_0.9.1.orig.tar.gz
  2. Untar, configure and compile the source:
    $ tar -xvf snf-image_0.9.orig.tar.gz
    $ cd snf-image-0.9.1
    $ ./autoget.sh
    $ ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
    $ make
  3. Install snf-image:
    $ make install
    $ install -Dm600 defaults /etc/default/snf-image
  4. Download the fixed snf-image-helper appliance
  5. Extract it's content under /var/lib/snf-image/helper/:
    $ mkdir -p /var/lib/snf-image/helper
    $ cd /var/lib/snf-image/helper
    $ tar -xvf /place/where/you/stored/snf_image_helper_image-0.9.1-1.tar.xz

You have now installed successfully snf-image and the helper VM. You should now configure snf-image before it is ready for use.

Configuration

In this section, we assume that the image file you want to deploy resides under a local directory (e.g.: /srv/myimages/)
Once you have installed snf-image in the Ganeti node, you need to overwrite the value of the corresponding option in /etc/default/snf-image:

IMAGE_DIR = /srv/myimages/

IMAGE_DIR should point to the location where the image files are stored [default: /var/lib/snf-image].

Sample Usage

Download Image

Download a Sample Image and store it under IMAGE_DIR. Make sure you also have its corresponding metadata file.

Spawn a diskdump image

If you want to deploy an image of type diskdump, you need to provide the corresponding img_properties as described in the Image Format section. If using a diskdump found in the Sample Images list, use the img_properties described in the image's metadata file. For example:

gnt-instance add -o snf-image+default --os-parameters img_passwd=SamplePassw0rd,img_format=diskdump,img_id=debian_base-6.0-7-x86_64,img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}' -t plain --disk=0:size=10G --no-name-check --no-ip-check --no-nics test1

Spawn an extdump/ntfsdump image

To create a ganeti instance with snf-image using debian_base-6.0-5-x86_64.extdump hosted under IMAGE_DIR, use a command like the one below:

gnt-instance add -o snf-image+default --os-parameters img_passwd=SamplePassw0rd,img_format=extdump,img_id=debian_base-6.0-5-x86_64 -t plain --disk=0:size=10G --no-name-check --no-ip-check --no-nics test1

Advanced Usage

If you want to learn more and use the advanced features of snf-image please refer to following sections:

  1. Image Configuration Tasks
  2. Supported Image formats
  3. Supported Image store locations
  4. Progress Monitor Interface

Developers

If you are a developer or want to use the latest source code you can download the latest development version by cloning the snf-image git repository:

$ git clone https://code.grnet.gr/git/snf-image

The master branch contains the latest development version
The debian branch contains the master plus the debian packaging directories.

For more information on how to configure, install or package from source, see the Developer's page.

Community & Support

Your help is very important. Any contributions and bug reports will be highly appreciated. You can contact the team at:

snf-image_arch.png - snf-image architecture (55.1 kB) Constantinos Venetsanopoulos, 10/10/2011 07:33 pm

snf-image-logo.png - snf-image logo (400x100px) (9.3 kB) Constantinos Venetsanopoulos, 10/11/2011 02:24 pm