Synnefo » snf-image

h2. snf-image

!snf-image-logo.png!

h2. Introduction - Features

snf-image is a "Ganeti":http://code.google.com/p/ganeti/ OS Definition, primarily used by "Synnefo":https://code.grnet.gr/projects/synnefo .

It is rewritten from scratch and allows Ganeti to launch instances from predefined or untrusted custom Images. The whole process of deploying an Image onto the block device, as provided by Ganeti, is done in complete isolation from the physical host, enhancing robustness and security (currently supports only KVM based ganeti clusters).

There are also additional hooks that can be enabled at image deployment. They allow for:

 * changing the password of root or arbitrary users

 * injecting files at arbitrary locations inside the filesystem, e.g., SSH keys

 * setting a custom hostname

 * re-creating SSH host keys to ensure the image uses unique keys

snf-image has been used successfully to deploy many major Linux distributions (Debian, Ubuntu/Kubuntu, CentOS, Fedora), as well as Windows 2008 R2.  

The snf-image Ganeti OS Definition is released under [[Licence|GNU Generic Public Lisence version 2]].

h2. Ganeti OS Interface

snf-image requires ganeti-os-interface v20 to operate.

It introduces the following OS parameters:

 * @img_id@ (_required if @config_url@ is missing_): the unique id of the image as known by the storage backend

 * @img_format@ (_required if @config_url@ is missing_): the image format type (see [[Image Format|here]])

 * @img_passwd@ (_required if @config_url@ is missing_): the passwd to be injected inside the image

 * @img_properties@ (_optional_): additional image properties used to customize the image ([[Image_Format#Image-Properties|details]])

 * @img_personality@ (_optional_): files to be injected into the image filesystem ([[Personality OS Parameter|details]]).

 * @config_url@ (_optional_): the url to download configuration data from

h2. Architecture

snf-image is split in two components: A part running on the Ganeti host, with full root privilege (@snf-image-host@), and a part running inside an unprivileged, helper VM (@snf-image-helper@).

h3. snf-image-host

This part implements the Ganeti OS interface. It extracts the Image onto the Ganeti-provided block device, using streaming block I/O (@dd@ with @oflag=direct@), then passes control to @snf-image-helper@ running inside a helper VM. The helper VM is created using KVM, runs as an unprivileged user, @nobody@ by default.

There is no restriction on the distribution running inside the helper VM, as long as it executes the @snf-image-helper@ component automatically upon bootup. The @snf-image-update-helper@ script is provided with @snf-image-host@ to automate the creation of a helper VM image based on Debian Stable, using @debootstrap@.

The @snf-image-helper@ component is spawned inside a specific hardware environment:

* The VM features a virtual floppy, containing an @ext2@ filesystem with all parameters needed for image customization.

* The hard disk of the VM being deployed is accessible as the first @virtio@ hard disk.

* All kernel/console output is redirected to the first virtual serial console, and eventually finds its way into the OS definition log files that Ganeti maintains.

* The helper VM is expected to output "SUCCESS" to its second serial port if image customization was successful inside the VM.

  In any other case, execution of the helper VM or @snf-image-helper@ has failed.

* The helper VM is expected to shutdown automatically once it is done. Its execution is time-limited; if it has not terminated after a number of seconds, configurable via @/etc/default/snf-image@, it is sent a @SIGTERM@ and/or a @SIGKILL@.

KVM is currently a dependency for @snf-image@, meaning it is needed to spawn the helper VM. There is no restriction on the hypervisor used for the actual Ganeti instances. This is not a strict requirement; KVM could be replaced by @qemu@, doing full CPU virtualization without any kernel support for spawning the helper VM.

h3. snf-image-helper

This part runs inside the helper VM and undertakes customization of the VM being deployed using a number of hooks, or _[[Configuration Tasks|tasks]]_. The tasks run in an environment, specified by rules found in a virtual floppy, placed there by the @snf-image-host@ component. @snf-image-helper@ uses @runparts@ to run tasks found under @/usr/lib/snf-image-helper/tasks@ by default.

The architecture is presented below:

h3. Graphical Representation

!snf-image_arch.png!

h3. Image Names

snf-image assumes all image files have the following format:

<pre><image_id>.<image_format></pre>

In order to create an instance with ganeti using an image with filename @debian_base-6.0-5-x86_64.extdump@, you need to specify the following OS parameters:

<pre>img_format=extdump

img_id=debian_base-6.0-5-x86_64</pre>

h2. Download

h3. Packages

Download the latest debian packages (v0.4):

* "@snf-image-host@":https://code.grnet.gr/attachments/download/1632/snf-image-host_0.6-1_all.deb

* "@snf-image-helper@":https://code.grnet.gr/attachments/download/1631/snf-image-helper_0.6-1_all.deb

Previous versions and source tarballs can be found here:

https://code.grnet.gr/projects/snf-image/files

You can also download the packages from our @apt@ repo:

http://apt.dev.grnet.gr

h3. Sample Images

While developing snf-image, we created and tested a number of images. The following images are basic installations of some popular Linux distributions, that have been tested with snf-image and provided here for testing purposes:

* Debian Squeeze Base System ["diskdump":https://pithos.okeanos.grnet.gr/public/grv9n] ["md5sum":https://pithos.okeanos.grnet.gr/public/vdwf3] ["metadata":https://pithos.okeanos.grnet.gr/public/zt6mc]

* Debian Desktop ["diskdump":https://pithos.okeanos.grnet.gr/public/n8dh4] ["md5sum":https://pithos.okeanos.grnet.gr/public/byvsw] ["metadata":https://pithos.okeanos.grnet.gr/public/cu92b]

* CentOS 6.0 ["diskdump":https://pithos.okeanos.grnet.gr/public/mw8vg] ["md5sum":https://pithos.okeanos.grnet.gr/public/85k8d] ["metadata":https://pithos.okeanos.grnet.gr/public/cm6tz]

* Fedora Desktop 17 ["diskdump":https://pithos.okeanos.grnet.gr/public/wf6c7] ["md5sum":https://pithos.okeanos.grnet.gr/public/j76kv] ["metadata":https://pithos.okeanos.grnet.gr/public/yss35]

* Ubuntu Desktop 12.04 ["diskdump":https://pithos.okeanos.grnet.gr/public/vjkyy] ["md5sum":https://pithos.okeanos.grnet.gr/public/z4wgs] ["metadata":https://pithos.okeanos.grnet.gr/public/mejnd]

* Kubuntu Desktop 12.04 ["diskdump":https://pithos.okeanos.grnet.gr/public/8xd6f] ["md5sum":https://pithos.okeanos.grnet.gr/public/cvkzx] ["metadata":https://pithos.okeanos.grnet.gr/public/wpwh6]

After getting familiar with snf-image you can build your own Images ([[Image Format|more...]]), or build upon the ones listed above.

h2. Installation

Before installing snf-image be sure to have a working Ganeti installation in your cluster. The installation process should take place in *all* ganeti nodes. Here we will describe the installation in a single node. The process is identical for all nodes and should be repeated manually or automatically, e.g., with puppet.

# Download the snf-image-host debian package as described in the download section.

# Install the snf-image-host debian package:

<pre>

 # dpkg -i snf-image-host_version.deb

</pre>

# If the dependencies are not met, install all the dependencies using @apt-get install@ (or install @snf-image-host@ with @apt-get@).

# Download the snf-image-helper debian package as described in the download section and store it in a handy location.

# *Do NOT install the snf-image-helper debian package* in the Ganeti node (the @deb@ file should be present in all nodes, but NOT installed in any node).

# Configure the package, as described in the next section, before you can start using the new OS Definition.

h2. Configuration

In this section, we assume that the image file you want to deploy resides under a local directory.

Once you have installed snf-image-host in the Ganeti node, you may need to overwrite the value of some of the following variables in @/etc/default/snf-image@:

# *IMAGE_DIR*: This should point to the location where the image files are stored [default: @/var/lib/snf-image@].

# *HELPER_DIR*: This should point to a directory which will host all helper VM files [default: @/var/lib/snf-image/helper@]. This directory should be able to host 700MB.

# *HELPER_PKG*: This should point to the snf-image-helper debian package [default: @/var/lib/snf-image/helper/snf-image-helper_version.deb@].

After all variables are properly set, execute @snf-image-update-helper@ command to populate @HELPER_DIR@ with the needed files: <pre>$ /usr/bin/snf-image-update-helper</pre>

The above will create the helper VM, install the snf-image-helper package inside it and store all the above under @HELPER_DIR@. If no errors are displayed, you are ready to use the snf-image OS Definition.

h2. Sample Usage

h3. @diskdump@ images

If you want to deploy an image of type @diskdump@, you need to provide the corresponding @img_properties@ as described in the [[Image_Format#OS-parameter-img_properties|Image Format]] section. If using a diskdump found in the Sample Images list, use the @img_properties@ described in the image's metadata file. For example:

<pre>gnt-instance add -o snf-image+default --os-parameters img_passwd=SamplePassw0rd,img_format=diskdump,img_id=debian_base-6.0-7-x86_64,img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}' -t plain --disk=0:size=10G --no-name-check --no-ip-check --no-nics test1</pre>

h3. @extdump@/@ntfsdump@ images

To create a ganeti instance with snf-image using @debian_base-6.0-5-x86_64.extdump@ hosted under @IMAGE_DIR@, use a command like the one below:

<pre>gnt-instance add -o snf-image+default --os-parameters img_passwd=SamplePassw0rd,img_format=extdump,img_id=debian_base-6.0-5-x86_64 -t plain --disk=0:size=10G --no-name-check --no-ip-check --no-nics test1</pre>

h2. Advanced Usage

If you want to learn more and use the advanced features of snf-image please refer to following sections:

1. [[Image Format|Supported Image formats]]

2. [[Image Store|Supported Image store locations]]

3. [[PMI|Progress Monitor Interface]]

h2. Developers

If you are a developer or want to use the latest source code you can download the latest development version by cloning the snf-image git repository:

<pre>$ git clone https://code.grnet.gr/git/snf-image</pre>

The _master_ branch contains the latest development version

The _debian_ branch contains the _master_ plus the debian packaging directories.

For more information on how to configure, install or package from source, see the [[Developer|Developer's page]].

h2. Community & Support

Your help is very important. Any contributions and bug reports will be highly appreciated. You can contact the team at:

* Bug reports - feedback - support: synnefo@lists.grnet.gr