Wiki

Version 49 (Nikos Skalkotos, 04/19/2012 11:50 am) → Version 50/133 (Constantinos Venetsanopoulos, 05/02/2012 04:11 pm)

h2. snf-image

!snf-image-logo.png!

h2. Introduction - Features

snf-image is a "Ganeti":http://code.google.com/p/ganeti/ OS Definition, primarily used by Synnefo.

It is rewritten from scratch and allows Ganeti to launch instances from predefined or untrusted custom Images. The whole process of deploying an Image onto the block device, as provided by Ganeti, is done in complete isolation from the physical host, enhancing robustness and security.

There are also additional hooks that can be enabled at image deployment. They allow for:

* changing the password of root or arbitrary users
* injecting files at arbitrary locations inside the filesystem, e.g., SSH keys
* setting a custom hostname
* re-creating SSH host keys to ensure the image uses unique keys

snf-image has been used successfully to deploy many major Linux distributions (Debian, Ubuntu/Kubuntu, CentOS, Fedora), as well as Windows 2008 R2.

The snf-image Ganeti OS Definition is released under [[Licence|GNU Generic Public Lisence version 2]].

h2. Ganeti OS Interface

snf-image requires ganeti-os-interface v20 to operate.
It introduces the following OS parameters:

* @img_id@ (_required_): the unique id of the image as known by the storage backend
* @img_format@ (_required_): the image format type (see [[Image Format|here]])
* @img_passwd@ (_required_): the passwd to be injected inside the image
* @img_properties@ (_optional_): additional image properties used to customize the image ([[Image_Format#Image-Properties|details]])
* @img_personality@ (_optional_): files to be injected into the image filesystem. It is a JSON-encoded list of files to be injected: every file is defined by its path and base64-encoded data. This format follows the notation proposed by the "OpenStack Compute API v1.1":http://docs.openstack.org/api/openstack-compute/1.1/content/CreateServers.html. ["more...":http://docs.openstack.org/api/openstack-compute/1.1/content/Server_Personality-d1e2543.html ] for defining server personalities.

h2. Architecture

snf-image is split in two components: A part running on the Ganeti host, with full root privilege (@snf-image-host@), and a part running inside an unprivileged, helper VM (@snf-image-helper@).

h3. snf-image-host

This part implements the Ganeti OS interface. It extracts the Image onto the Ganeti-provided block device, using streaming block I/O (@dd@ with @oflag=direct@), then passes control to @snf-image-helper@ running inside a helper VM. The helper VM is created using KVM, runs as an unprivileged user, @nobody@ by default.

There is no restriction on the distribution running inside the helper VM, as long as it executes the @snf-image-helper@ component automatically upon bootup. The @snf-image-update-helper@ script is provided with @snf-image-host@ to automate the creation of a helper VM image based on Debian Stable, using @debootstrap@.

The @snf-image-helper@ component is spawned inside a specific hardware environment:

* The VM features a virtual floppy, containing an @ext2@ filesystem with all parameters needed for image customization.
* The hard disk of the VM being deployed is accessible as the first @virtio@ hard disk.
* All kernel/console output is redirected to the first virtual serial console, and eventually finds its way into the OS definition log files that Ganeti maintains.
* The helper VM is expected to output "SUCCESS" to its second serial port if image customization was successful inside the VM.
In any other case, execution of the helper VM or @snf-image-helper@ has failed.
* The helper VM is expected to shutdown automatically once it is done. Its execution is time-limited; if it has not terminated after a number of seconds, configurable via @/etc/default/snf-image@, it is sent a @SIGTERM@ and/or a @SIGKILL@.

KVM is currently a dependency for @snf-image@, meaning it is needed to spawn the helper VM. There is no restriction on the hypervisor used for the actual Ganeti instances. This is not a strict requirement; KVM could be replaced by @qemu@, doing full CPU virtualization without any kernel support for spawning the helper VM.

h3. snf-image-helper

This part runs inside the helper VM and undertakes customization of the VM being deployed using a number of hooks, or _[[Configuration Tasks|tasks]]_. The tasks run in an environment, specified by rules found in a virtual floppy, placed there by the @snf-image-host@ component. @snf-image-helper@ uses @runparts@ to run tasks found under @/usr/lib/snf-image-helper/tasks@ by default.

The architecture is presented below:

h3. Graphical Representation

!snf-image_arch.png!

h3. Image Names

snf-image assumes all image files have the following format:
<pre><image_id>.<image_format></pre>

In order to create an instance with ganeti using an image with filename @debian_base-6.0-5-x86_64.extdump@, you need to specify the following OS parameters:
<pre>img_format=extdump
img_id=debian_base-6.0-5-x86_64</pre>

h2. Download

h3. Packages

Download the latest debian packages (v0.3): (v0.2):
* "@snf-image-host@":https://code.grnet.gr/attachments/download/1065/snf-image-host_0.3.6-1_all.deb "@snf-image-host@":https://code.grnet.gr/attachments/download/593/snf-image-host_0.2-1_all.deb
* "@snf-image-helper@":https://code.grnet.gr/attachments/download/1068/snf-image-helper_0.3.6-1_all.deb "@snf-image-helper@":https://code.grnet.gr/attachments/download/589/snf-image-helper_0.2-1_all.deb

Previous versions and source tarballs can be found here:
https://code.grnet.gr/projects/snf-image/files

h3. Sample Images

While developing snf-image, we created and tested a number of images. The following images are basic installations of some popular Linux distributions, that have been tested with snf-image and provided here for testing purposes:

* Debian Squeeze Base System ["diskdump":https://pithos.okeanos.grnet.gr/public/9epgb] ["md5sum":https://pithos.okeanos.grnet.gr/public/2yy2m] ["metadata":https://pithos.okeanos.grnet.gr/public/gwqcv]
* Debian Desktop ["diskdump":https://pithos.okeanos.grnet.gr/public/vfcs2] ["md5sum":https://pithos.okeanos.grnet.gr/public/7medy] ["metadata":https://pithos.okeanos.grnet.gr/public/m6446]
* CentOS 6.0 ["diskdump":http://pithos.okeanos.grnet.gr/public/4sty6] ["md5sum":https://pithos.okeanos.grnet.gr/public/82trb] ["metadata":https://pithos.okeanos.grnet.gr/public/27qa4]
* Fedora Desktop 16 ["diskdump":https://pithos.okeanos.grnet.gr/public/gdzew] ["md5sum":https://pithos.okeanos.grnet.gr/public/6b7w2] ["metadata":https://pithos.okeanos.grnet.gr/public/pgc9y]
* Ubuntu Desktop 11.10 ["diskdump":https://pithos.okeanos.grnet.gr/public/4kpqv] ["md5sum":https://pithos.okeanos.grnet.gr/public/9fqm5] ["metadata":https://pithos.okeanos.grnet.gr/public/n4ybj]
* Kubuntu Desktop 11.10 ["diskdump":https://pithos.okeanos.grnet.gr/public/bvqpp] ["md5sum":https://pithos.okeanos.grnet.gr/public/cecur] ["metadata":https://pithos.okeanos.grnet.gr/public/wxek9]

After getting familiar with snf-image you can build your own Images ([[Image Format|more...]]), or build upon the ones listed above.

h2. Installation

Before installing snf-image be sure to have a working Ganeti installation in your cluster. The installation process should take place in *all* ganeti nodes. Here we will describe the installation in a single node. The process is identical for all nodes and should be repeated manually or automatically, e.g., with puppet.

# Download the snf-image-host debian package as described in the download section.
# Install the snf-image-host debian package:
<pre>
# dpkg -i snf-image-host_version.deb
</pre>
# If the dependencies are not met, install all the dependencies using @apt-get install@
# Download the snf-image-helper debian package as described in the download section and store it in a handy location.
# *Do NOT install the snf-image-helper debian package* in the Ganeti node (the @deb@ file should be present in all nodes, but NOT installed in any node).
# Configure the package, as described in the next section, before you can start using the new OS Definition.

h2. Configuration

Once you have installed snf-image-host in the Ganeti node, you may need to overwrite the value of some of the following variables in @/etc/default/snf-image@:
# *IMAGE_DIR*: This should point to the location where the image files are stored [default: @/var/lib/snf-image@].
# *HELPER_DIR*: This should point to a directory which will host all helper VM files [default: @/var/lib/snf-image/helper@]. This directory should be able to host 700MB.
# *HELPER_PKG*: This should point to the snf-image-helper debian package [default: @/var/lib/snf-image/helper/snf-image-helper_version.deb@].

After all variables are properly set, execute @snf-image-update-helper@ command to populate @HELPER_DIR@ with the needed files: <pre>$ /usr/bin/snf-image-update-helper</pre>
If no errors are displayed, you are ready to use snf-image OS Definition.

h2. Sample Usage

To create an ganeti instance with snf-image using @debian_base-6.0-5-x86_64.extdump@ hosted under @IMAGE_DIR@, use a command like the one below:
<pre>gnt-instance add -o snf-image+default --os-parameters img_passwd=SamplePassw0rd,img_format=extdump,img_id=debian_base-6.0-5-x86_64 -t plain --disk=0:size=10G --no-name-check --no-ip-check --no-nics test1</pre>

If you want to deploy an image of type @diskdump@, you need to provide the corresponding @img_properties@ as described in the [[Image_Format#OS-parameter-img_properties|Image Format]] section. If you want to use the diskdump found in the Sample Images list, use the @img_properties@ described in the diskdump readme file.

h2. Developers

If you are a developer or want to use the latest source code you can download the latest development version by cloning the snf-image git repository:
<pre>$ git clone https://code.grnet.gr/git/snf-image</pre>
The _master_ branch contains the latest development version
The _debian_ branch contains the _master_ plus the debian packaging directories.

For more information on how to configure, install or package from source, see the [[Developer|Developer's page]].
For more information on the image format used in snf-image, see [[Image Format]].

h2. Community & Support

Your help is very important. Any contributions and bug reports will be highly appreciated. You can contact the team at:

* Bug reports - feedback - support: synnefo@lists.grnet.gr