Wiki
Version 28 (Constantinos Venetsanopoulos, 10/20/2011 01:48 pm)
1 | 21 | Constantinos Venetsanopoulos | h2. snf-image |
---|---|---|---|
2 | 21 | Constantinos Venetsanopoulos | |
3 | 21 | Constantinos Venetsanopoulos | !snf-image-logo.png! |
4 | 1 | Constantinos Venetsanopoulos | |
5 | 10 | Vangelis Koukis | h2. Introduction - Features |
6 | 10 | Vangelis Koukis | |
7 | 20 | Vangelis Koukis | snf-image is a Ganeti OS Provider, primarily used by Synnefo. |
8 | 2 | Constantinos Venetsanopoulos | |
9 | 7 | Vangelis Koukis | It is written from scratch and allows Ganeti to launch instances from predefined or untrusted custom Images. The whole process of deploying an Image onto the block device, as provided by Ganeti, is done in complete isolation from the physical host, enhancing robustness and security. |
10 | 1 | Constantinos Venetsanopoulos | |
11 | 7 | Vangelis Koukis | There are also additional hooks that can be enabled at image deployment. They allow for: |
12 | 1 | Constantinos Venetsanopoulos | |
13 | 7 | Vangelis Koukis | * changing the password of root or arbitrary users |
14 | 7 | Vangelis Koukis | * injecting files at arbitrary locations inside the filesystem, e.g., SSH keys |
15 | 7 | Vangelis Koukis | * setting a custom hostname |
16 | 7 | Vangelis Koukis | * re-creating SSH host keys to ensure the image uses unique keys |
17 | 1 | Constantinos Venetsanopoulos | |
18 | 7 | Vangelis Koukis | snf-image has been used successfully to deploy many major Linux distributions (Debian, Ubuntu/Kubuntu, CentOS, Fedora), as well as Windows 2008 R2. |
19 | 7 | Vangelis Koukis | |
20 | 7 | Vangelis Koukis | snf-image requires ganeti-os-interface v20 to operate. |
21 | 7 | Vangelis Koukis | It introduces the following OS parameters: |
22 | 7 | Vangelis Koukis | |
23 | 8 | Vangelis Koukis | * @img_id@ (_required_): the unique id of the image as known by the storage backend |
24 | 8 | Vangelis Koukis | * @img_format@ (_required_): the image format (extdump and ntfsdump [dd] currently supported) |
25 | 8 | Vangelis Koukis | * @img_passwd@ (_required_): the passwd to be injected inside the image |
26 | 8 | Vangelis Koukis | * @img_personality@ (_optional_): files to be injected into the image filesystem. It is a JSON-encoded list of files to be injected: every file is defined by its path and base64-encoded data. This format follows the notation proposed by the "OpenStack Compute API v1.1":http://docs.openstack.org/api/openstack-compute/1.1/content/CreateServers.html. ["more...":http://docs.openstack.org/api/openstack-compute/1.1/content/Server_Personality-d1e2543.html ] for defining server personalities. |
27 | 1 | Constantinos Venetsanopoulos | |
28 | 1 | Constantinos Venetsanopoulos | The snf-image Ganeti OS Provider is released under a [[Licence|2-clause BSD Licence]]. |
29 | 1 | Constantinos Venetsanopoulos | |
30 | 1 | Constantinos Venetsanopoulos | h2. Architecture |
31 | 8 | Vangelis Koukis | |
32 | 8 | Vangelis Koukis | snf-image is split in two components: A part running on the Ganeti host, with full root privilege (@snf-image-host@), and a part running inside an unprivileged, helper VM (@snf-image-helper@). |
33 | 8 | Vangelis Koukis | |
34 | 8 | Vangelis Koukis | h3. snf-image-host |
35 | 8 | Vangelis Koukis | |
36 | 8 | Vangelis Koukis | This part implements the Ganeti OS interface. It extracts the Image onto the Ganeti-provided block device, using streaming block I/O (@dd@ with @oflag=direct@), then passes control to @snf-image-helper@ running inside a helper VM. The helper VM is created using KVM, runs as an unprivileged user, @nobody@ by default. |
37 | 8 | Vangelis Koukis | |
38 | 8 | Vangelis Koukis | There is no restriction on the distribution running inside the helper VM, as long as it executes the @snf-image-helper@ component automatically upon bootup. The @snf-image-update-helper@ script is provided with @snf-image-host@ to automate the creation of a helper VM image based on Debian Stable, using @debootstrap@. |
39 | 8 | Vangelis Koukis | |
40 | 8 | Vangelis Koukis | The @snf-image-helper@ component is spawned inside a specific hardware environment: |
41 | 8 | Vangelis Koukis | |
42 | 8 | Vangelis Koukis | * The VM features a virtual floppy, containing an @ext2@ filesystem with all parameters needed for image customization. |
43 | 8 | Vangelis Koukis | * The hard disk of the VM being deployed is accessible as the first @virtio@ hard disk. |
44 | 8 | Vangelis Koukis | * All kernel/console output is redirected to the first virtual serial console, and eventually finds its way into the OS provider log files that Ganeti maintains. |
45 | 8 | Vangelis Koukis | * The helper VM is expected to output "SUCCESS" to its second serial port if image customization was successful inside the VM. |
46 | 8 | Vangelis Koukis | In any other case, execution of the helper VM or @snf-image-helper@ has failed. |
47 | 8 | Vangelis Koukis | * The helper VM is expected to shutdown automatically once it is done. Its execution is time-limited; if it has not terminated after a number of seconds, configurable via @/etc/default/snf-image@, it is sent a @SIGTERM@ and/or a @SIGKILL@. |
48 | 8 | Vangelis Koukis | |
49 | 8 | Vangelis Koukis | KVM is currently a dependency for @snf-image@, meaning it is needed to spawn the helper VM. There is no restriction on the hypervisor used for the actual Ganeti instances. This is not a strict requirement; KVM could be replaced by @qemu@, doing full CPU virtualization without any kernel support for spawning the helper VM. |
50 | 8 | Vangelis Koukis | |
51 | 8 | Vangelis Koukis | h3. snf-image-helper |
52 | 8 | Vangelis Koukis | |
53 | 8 | Vangelis Koukis | This part runs inside the helper VM and undertakes customization of the VM being deployed using a number of hooks, or _tasks_. |
54 | 8 | Vangelis Koukis | The tasks run in an environment, specified by rules found in a virtual floppy, placed there by the @snf-image-host@ component. |
55 | 8 | Vangelis Koukis | @snf-image-helper@ uses @runparts@ to run tasks found under @/usr/lib/snf-image-helper/tasks@ by default. |
56 | 3 | Constantinos Venetsanopoulos | |
57 | 14 | Vangelis Koukis | The architecture is presented below: |
58 | 11 | Constantinos Venetsanopoulos | |
59 | 12 | Constantinos Venetsanopoulos | h3. Graphical Representation |
60 | 11 | Constantinos Venetsanopoulos | |
61 | 11 | Constantinos Venetsanopoulos | !snf-image_arch.png! |
62 | 11 | Constantinos Venetsanopoulos | |
63 | 1 | Constantinos Venetsanopoulos | h2. Download |
64 | 1 | Constantinos Venetsanopoulos | |
65 | 28 | Constantinos Venetsanopoulos | Download the latest debian packages (v0.1.2): |
66 | 28 | Constantinos Venetsanopoulos | * "@snf-image-host@":http://code.grnet.gr/attachments/download/490/snf-image-host_0.1.2-1_all.deb |
67 | 28 | Constantinos Venetsanopoulos | * "@snf-image-helper@":http://code.grnet.gr/attachments/download/495/snf-image-helper_0.1.2-1_all.deb |
68 | 10 | Vangelis Koukis | |
69 | 25 | Constantinos Venetsanopoulos | Previous versions and source tarballs can be found here: |
70 | 25 | Constantinos Venetsanopoulos | https://code.grnet.gr/projects/snf-image/files |
71 | 10 | Vangelis Koukis | |
72 | 1 | Constantinos Venetsanopoulos | h2. Installation |
73 | 1 | Constantinos Venetsanopoulos | |
74 | 9 | Vangelis Koukis | Before installing snf-image be sure to have a working Ganeti installation in your cluster. The installation process should take place in *all* ganeti nodes. Here we will describe the installation in a single node. The process is identical for all nodes and should be repeated manually or automatically, e.g., with puppet. |
75 | 5 | Constantinos Venetsanopoulos | |
76 | 5 | Constantinos Venetsanopoulos | # Download the snf-image-host debian package as described in the download section. |
77 | 5 | Constantinos Venetsanopoulos | # Install the snf-image-host debian package: |
78 | 5 | Constantinos Venetsanopoulos | <pre> |
79 | 5 | Constantinos Venetsanopoulos | # dpkg -i snf-image-host_version.deb |
80 | 5 | Constantinos Venetsanopoulos | </pre> |
81 | 5 | Constantinos Venetsanopoulos | # If the dependencies are not met, install all the dependencies using @apt-get install@ |
82 | 5 | Constantinos Venetsanopoulos | # Download the snf-image-helper debian package as described in the download section and store it in a handy location. |
83 | 16 | Constantinos Venetsanopoulos | # *Do NOT install the snf-image-helper debian package* in the Ganeti node (the @deb@ file should be present in all nodes, but NOT installed in any node). |
84 | 16 | Constantinos Venetsanopoulos | # Configure the package, as described in the next section, before you can start using the new OS Provider. |
85 | 5 | Constantinos Venetsanopoulos | |
86 | 5 | Constantinos Venetsanopoulos | h2. Configuration |
87 | 5 | Constantinos Venetsanopoulos | |
88 | 5 | Constantinos Venetsanopoulos | Once you have installed snf-image-host in the Ganeti node and also snf-image-helper is present, proceed with the following configuration: |
89 | 9 | Vangelis Koukis | |
90 | 24 | Constantinos Venetsanopoulos | # Edit @/etc/default/snf-image@ and set the @IMAGE_DIR@ variable to point at the location where you have stored all your disk image files (by default @/var/lib/snf-image@). All disk image files must have the following name format: @img_id-x86_64.img_format@ |
91 | 24 | Constantinos Venetsanopoulos | This means that if you have an image with img_id = debian_base_0.5-2 and img_format = extdump |
92 | 24 | Constantinos Venetsanopoulos | then it's filename should be @debian_base_0.5-2-x86_64.extdump@ |
93 | 5 | Constantinos Venetsanopoulos | # Edit @/etc/default/snf-image@ and set the @HELPER_DIR@ variable to a directory in which all snf-helper related stuff are going to be stored (the directory should be able to store at least 700MB of data) |
94 | 9 | Vangelis Koukis | # Move the snf-image-helper debian package inside this directory and edit the @HELPER_PKG@ variable in @/etc/default/snf-image@ accordingly: |
95 | 10 | Vangelis Koukis | <pre> |
96 | 5 | Constantinos Venetsanopoulos | $ mv /path/to/handy/location/snf-image-helper_version.deb $HELPER_DIR/ |
97 | 1 | Constantinos Venetsanopoulos | </pre> |
98 | 24 | Constantinos Venetsanopoulos | # Run snf-image-update-helper (installed as part of the snf-image-host package), which will take care of the creation of a Debian stable-based helper VM image and the installation of $HELPER_PKG in it: |
99 | 9 | Vangelis Koukis | <pre> |
100 | 1 | Constantinos Venetsanopoulos | $ /usr/bin/snf-image-update-helper |
101 | 1 | Constantinos Venetsanopoulos | </pre> |
102 | 23 | Constantinos Venetsanopoulos | # You are now ready to use the new snf-image OS Provider |
103 | 1 | Constantinos Venetsanopoulos | |
104 | 13 | Constantinos Venetsanopoulos | h2. Developers |
105 | 1 | Constantinos Venetsanopoulos | |
106 | 23 | Constantinos Venetsanopoulos | If you are a developer or want to use the latest source code you can |
107 | 22 | Constantinos Venetsanopoulos | download the latest development version; use @git@ to clone the snf-image repository: |
108 | 13 | Constantinos Venetsanopoulos | <pre> |
109 | 13 | Constantinos Venetsanopoulos | $ git clone https://code.grnet.gr/git/snf-image |
110 | 18 | Vangelis Koukis | </pre> |
111 | 18 | Vangelis Koukis | The _master_ branch contains the latest development version |
112 | 18 | Vangelis Koukis | The _debian_ branch contains the _master_ plus the debian packaging directories. |
113 | 18 | Vangelis Koukis | |
114 | 24 | Constantinos Venetsanopoulos | For more information on how to configure, install or package from source, see the [[Developer|Developer's page]]. |
115 | 27 | Nikos Skalkotos | For more information on the image format used in snf-image, see [[Image Format]]. |
116 | 19 | Vangelis Koukis | |
117 | 1 | Constantinos Venetsanopoulos | h2. Community & Support |
118 | 13 | Constantinos Venetsanopoulos | |
119 | 13 | Constantinos Venetsanopoulos | Your help is very important. Any contributions and bug reports will be highly appreciated. You can contact the team at: |
120 | 1 | Constantinos Venetsanopoulos | |
121 | 9 | Vangelis Koukis | * Bug reports - feedback - support: synnefo@lists.grnet.gr |