(57 intermediate revisions by the same user not shown) | |||
Line 13: | Line 13: | ||
=== References === | === References === | ||
* http://linux.die.net/man/1/qemu-kvm | |||
* http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/index.html?creating-loopback-s3-linux.html | * http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/index.html?creating-loopback-s3-linux.html | ||
* http://aws.amazon.com/developertools/351?_encoding=UTF8&jiveRedirect=1 The tools download page. | * http://aws.amazon.com/developertools/351?_encoding=UTF8&jiveRedirect=1 The tools download page. | ||
Line 27: | Line 28: | ||
* http://home.comcast.net/~fbui/bandwidth.html | * http://home.comcast.net/~fbui/bandwidth.html | ||
* http://www.osc.edu/~troy/lperfex/ | * http://www.osc.edu/~troy/lperfex/ | ||
* [[http://www.eucalyptus.com|Eucalyptus Home page]] | |||
= Preping the environment = | |||
== Installing the required tools == | |||
# yum install qemu-kvm | |||
# yum install qemu-img | |||
== Getting the credentials == | == Getting the credentials == | ||
Line 36: | Line 42: | ||
See: | See: | ||
https://help.ubuntu.com/community/UEC/CDInstall#STEP%205:%20Obtain%20Credentials | https://help.ubuntu.com/community/UEC/CDInstall#STEP%205:%20Obtain%20Credentials | ||
= Creating an image = | = Creating an image = | ||
Line 51: | Line 56: | ||
=== Installing the EC2 tools === | === Installing the EC2 tools === | ||
# get the tools zip file. | # get the tools zip file: [http://aws.amazon.com/developertools/368|Amazon EC2 AMI Tools] | ||
#* The AMI tools uses ruby: yum install ruby | |||
# cd /opt | # cd /opt | ||
# unzip ec2- | # unzip ec2-ami-tools.zip | ||
# export JAVA_HOME=/usr | # export JAVA_HOME=/usr | ||
# export EC2_AMITOOL_HOME=/opt/ec2-ami-tools-1.3-66634 | |||
# export PATH=$PATH:${EC2_AMITOOL_HOME:-EC2_HOME}/bin | |||
For the API tools | |||
# export EC2_HOME=/opt/ec2-api-tools-1.4.3.0 | # export EC2_HOME=/opt/ec2-api-tools-1.4.3.0 | ||
* Use the PATH set above. export PATH=$PATH:$EC2_HOME/bin | |||
=== Configuring the credentials === | |||
# Get the credentials file | |||
## firefox https://192.168.1.10:8443 | |||
## login | |||
## click: Download Credentials | |||
## save to file | |||
# install the credentials | |||
## unzip -d ~/.euca ~/Downloads/euca2-*-x509.zip | |||
# update env | |||
## echo "[ -r ~/.euca/eucarc ] && . ~/.euca/eucarc" >> ~/.bashrc | |||
# verify | |||
## bash | |||
## env | grep EC2 | |||
## euca-describe-images -a | |||
==== Installing the admin credentials ==== | |||
# login and get teh admin credentials | |||
# unzip -d ~/.euca_admin /home/larkadm/Downloads/euca2-admin-x509.zip | |||
# . ~/.euca_admin/eucarc | |||
== Creating a Fedora image using virt-manager == | |||
# sudo su - | |||
# yum install @Virtualization | |||
# chkconfig libvirtd on | |||
# service libvirtd start | |||
# virt-manager | |||
# create guest | |||
## select iso install | |||
## do not fill entire disc | |||
## Use 768 MB mem. | |||
## 2GB Storage | |||
## select linux and Fedora 15 ad the OS | |||
## on last (5 of 5) Expand and select arch i686 | |||
# Install Fedora | |||
## Custom storage | |||
### / 1500 bytes EXT4 | |||
### swap (rest) | |||
## use 'Minimal' | |||
## select 'customize now' | |||
### In Base System; select Base. | |||
# login | |||
# fix up the configuration | |||
## vi /etc/sysconfig/network-scripts/ifcfg-eth0 | |||
##* Add BOOTPROTO=dhcp | |||
## service network restart | |||
## chkconfig network on | |||
## vi /etc/selinux/config | |||
##* SELINUX=disabled | |||
# vi /etc/fstab | |||
##* LABEL=uec-rootfs / ext4 defaults 0 0 | |||
##* /dev/sda2 none swap sw,comment=cloudconfig 0 0 | |||
## tune2fs -L uec-rootfs /dev/vda1 | |||
## reboot | |||
# Create user: ec2-user | |||
## useradd -d /home/ec2-user -c "Default user." -m ec2-user | |||
# vi /etc/rc.local | |||
# rm /etc/udev/rules.d/70-persistent-net.rules | |||
# scp the initramfs and the vmlinuz to the host. | |||
# halt | |||
#* Halt the guest. | |||
#* The image is in: /var/lib/libvirt/images | |||
# yum install euca2ools | |||
# . ~/.euca_admin/eucarc | |||
#* Change to the admin account. | |||
# cd /tmp | |||
# Bundle the kernel | |||
## euca-bundle-image -i vmlinuz-2.6.38.6-26.rc1.fc15.i686.PAE --kernel true | |||
## euca-upload-bundle -b mybucket -m /tmp/vmlinuz-2.6.38.6-26.rc1.fc15.i686.PAE.manifest.xml | |||
## euca-register mybucket/vmlinuz-2.6.38.6-26.rc1.fc15.i686.PAE.manifest.xml | |||
##* Save the IMAGE eki number. | |||
# Bundle the ramdisk image | |||
## euca-bundle-image -i initramfs-2.6.38.6-26.rc1.fc15.i686.PAE.img --ramdisk true | |||
## euca-upload-bundle -b mybucket -m /tmp/initramfs-2.6.38.6-26.rc1.fc15.i686.PAE.img.manifest.xml | |||
## euca-register mybucket/initramfs-2.6.38.6-26.rc1.fc15.i686.PAE.img.manifest.xml | |||
##* Save the IMAGE eri- number. | |||
# Bundle the image | |||
## euca-bundle-image -i larc1.img --kernel eki-44FF1575 --ramdisk eri-DD621799 --arch i386 | |||
## euca-upload-bundle -b i386 -m /tmp/larc1.img.manifest.xml | |||
## euca-register i386/larc1.img.manifest.xml | |||
# testing | |||
## euca-run-instances emi-090A0C1A -k helloworld -t m1.large | |||
## euca-describe-instances | |||
##* wait for the instance to come up in running state. | |||
## euca-get-console-output i-4CF107FF | |||
== Creating a Fedora image == | == Creating a Fedora image using qemu == | ||
# sudo su - | |||
#* if the kvm is run as an ordinary user then there seems to be some timer hw issue in the guest. | |||
# qemu-img create -f qcow2 diskimage.img 5G | |||
# qemu-kvm -m 768 -cdrom Fedora-15-i386-DVD.iso -drive file=diskimage.img,if=scsi,index=0 -boot d -net nic -net user | |||
# go through the RHEL installation | |||
#* select keyboard, language etc. | |||
# qemu-kvm -m 512 -drive file=diskimage.img,if=ide,index=0 -net nic -net user | |||
# login | |||
## fix up the configuration | |||
## vi /etc/sysconfig/networ-scripts/ifcfg-eth0 | |||
##* Add BOOTPROTO=dhcp | |||
## service network restart | |||
## chkconfig network on | |||
## vi /etc/selinux/config | |||
##* SELINUX=disabled | |||
## reboot | |||
# ::: install curl | |||
== Creating a Fedora image - old school == | |||
Line 88: | Line 205: | ||
# umount /mnt/fedora/proc/ | # umount /mnt/fedora/proc/ | ||
# umount -d /mnt/fedora | # umount -d /mnt/fedora | ||
# ec2-bundle-image -i /disk2/fedora.fs -k ~/.euca/mykey.priv -c ~/.euca/euca2-ME-CODE-cert.pem -u 123456789012 -r x86_64 -d /disk2/product | |||
=== fstab === | === fstab === | ||
Line 215: | Line 333: | ||
=== Open issues === | === Open issues === | ||
== Creating an Ubuntu image == | |||
* [http://megam.info/2010/01/07/building-an-ubuntu-emi-ground-up | Building an Ubuntu EMI: Ground Up] | |||
# apt-get install python-vm-builder | |||
# vi image_def.txt | |||
<pre> | |||
root 1000 | |||
/mnt/ephemeral 2000 /dev/sda2 | |||
swap 100 /dev/sda3 | |||
</pre> | |||
# vmbuilder xen ubuntu --part ./image_def.txt | |||
#* clear; vmbuilder qemu ubuntu -d /disk2/tmp/tut --verbose --part ./image_def.txt | |||
# mkdir /mnt/ubuntu | |||
# mount ubuntu-xen /mnt/ubuntu -o loop | |||
# chroot /mnt/ubuntu/ apt-get update | |||
# chroot /mnt/ubuntu/ apt-get install openssh-server | |||
# chroot /mnt/ubuntu/ passwd -d root | |||
# chroot /mnt/ubuntu vi /etc/rc.local | |||
#* Add the code before the “exit 0“ | |||
<pre> | |||
depmod -a | |||
modprobe acpiphp | |||
# simple attempt to get the user ssh key using the meta-data service | |||
mkdir -p /root/.ssh | |||
echo >> /root/.ssh/authorized_keys | |||
curl -m 10 -s http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key | grep 'ssh-rsa' >> /root/.ssh/authorized_keys | |||
echo "AUTHORIZED_KEYS:" | |||
echo "************************" | |||
cat /root/.ssh/authorized_keys | |||
echo "************************" | |||
</pre> | |||
# chroot /mnt/ubuntu apt-get install curl | |||
# cp 2.6.28-11-generic /chroot/lib/modules -R | |||
# euca-bundle-image -i ubuntu-xen/root.img --kernel eki-CD7D185A --ramdisk eri-18301945 --prefix vmbuilder-test7 | |||
# euca-upload-bundle -b imagestore-vmbuildertest6 -m /tmp/vmbuilder-test7.manifest.xml | |||
# euca-register imagestore-vmbuildertest6/vmbuilder-test7.manifest.xml | |||
# umount -l /mnt/ubuntu | |||
== Vanilla image creation == | |||
* [http://cssoss.wordpress.com/2010/05/10/eucalyptus-beginner%E2%80%99s-guide-%E2%80%93-uec-edition-chapter-4-%E2%80%93-image%C2%A0management/ | Creating an Eucalyptus image] | |||
* [[Make_QEMU_image_with_kickstart]] | |||
Seems like EKI and ERI are something that is provide from outside the image. | |||
So it boot of of a kernel that is provided by the cloud vendor. | |||
# yum install qemu-img | |||
# qemu-img create -f qcow2 fedora.img 5G | |||
# qemu-kvm -m 256 -cdrom ../isos/fedora14.iso -drive file=fedora.img,if=scsi,index=0 -boot d -net nic -net user | |||
#* Why use vnc?: -nographic -vnc :0 | |||
# | |||
# | |||
# | |||
# | |||
== creating a RHEL server image on ubuntu == | |||
# sudo su - | |||
#* if the kvm is run as an ordinary user then there seems to be some timer hw issue in the guest. | |||
# qemu-img create -f qcow2 diskimage.img 5G | |||
# kvm -m 512 -cdrom rhel-server-6.1-i386-dvd.iso -drive file=diskimage.img,if=scsi,index=0 -boot d -net nic -net user | |||
# go through the RHEL installation | |||
## select keyboard, language etc. | |||
# ::: install curl | |||
* Eucalyptus beginners guide UEC at http://cssoss.wordpress.com/ | |||
* RHEL 6.1 AMI: http://aws.amazon.com/amis/0471856266979567 | |||
== Trouble shooting == | == Trouble shooting == | ||
== KVM Issues == | |||
=== qemu network issues === | |||
==== Unable to connect to host os from within the guest ==== | |||
ping hosts does not get a response. | |||
=== qemu-kvm issues === | |||
==== Boot failed: could not read the boot disk ==== | |||
* if=''ide'' | |||
kvm -m 768 -drive file=diskimage.img,if=scsi,index=0 -net nic -net user | |||
Running a the rescue op from the DVD fdisk provides: | |||
* fdisk -l /dev/sda | |||
** Partition 1 has different physical/logical beginnigs (non-linux?): | |||
*** phys=(0, 32, 33) logical=(99, 115, 10) | |||
** Partition 1 does not end on cylinder boundary. | |||
Show the same errors for partition 2, which is the LVM. | |||
==== qemu-kvm: -net use: Parameter 'type' expects a network client type ==== | |||
* it should be ''-net user'' | |||
qemu-kvm -m 768 -cdrom Fedora-15-i386-DVD.iso -drive file=diskimage.img,if=scsi,index=0 -boot d -net nic -net use | |||
=== Guest issues=== | |||
==== Bringing up interface eth0: Device eth0 has different MAC address than expected, ignoring. ==== | |||
remove HWADDR from /etc/sysconfig/network-scripts/ifcfg-eth0 | |||
==== ImageVerify: Failed check! Invalidating registration: i386/initramfs-2.6.32-131.0.15.el6.i686.img.manifest.xml ==== | |||
=== Yum issues === | |||
==== Cannot retrieve repository metadata (repomd.xml) for repository ==== | |||
yum -c /mnt/fedora/etc/yum.conf --installroot=/mnt/fedora -y groupinstall Base | |||
Loaded plugins: langpacks, presto, refresh-packagekit | |||
Error: Cannot retrieve repository metadata (repomd.xml) for repository: fedora. Please verify its path and try again | |||
= Image management = | |||
# euca-add-keypair helloworld > ~/.euca/helloworld.priv | |||
# euca-describe-images | |||
# euca-run-instances emi-1E9911E8 -k helloworld -t c1.medium | |||
# euca-describe-instances | |||
# euca-get-console-output | |||
# ssh -i ~/.euca/helloworld.priv ec2-user@172.16.1.100 | |||
# euca-terminate-instances | |||
==== remove image ==== | |||
# euca-deregister emi-09AF0C32 | |||
# euca-delete-bundle -b i386 /tmp/larc3.img.manifest.xml | |||
== Cloud issues == | |||
==== Permission denied (publickey). ==== | |||
*A: user name was wrong. | |||
** Correct: ssh -i ~/.euca/helloworld.priv ubuntu@172.16.1.100 | |||
* ssh -i ~/.euca/helloworld.priv user@172.16.1.100 | |||
<pre> | |||
ssh -i /home/larkadm/.euca/helloworld.priv user@172.16.1.100 -v | |||
OpenSSH_5.5p1 Debian-4ubuntu6, OpenSSL 0.9.8o 01 Jun 2010 | |||
debug1: Reading configuration data /etc/ssh/ssh_config | |||
debug1: Applying options for * | |||
debug1: Connecting to 172.16.1.100 [172.16.1.100] port 22. | |||
debug1: Connection established. | |||
debug1: identity file /home/larkadm/.euca/helloworld.priv type -1 | |||
debug1: identity file /home/larkadm/.euca/helloworld.priv-cert type -1 | |||
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-1ubuntu3 | |||
debug1: match: OpenSSH_5.8p1 Debian-1ubuntu3 pat OpenSSH* | |||
debug1: Enabling compatibility mode for protocol 2.0 | |||
debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu6 | |||
debug1: SSH2_MSG_KEXINIT sent | |||
debug1: SSH2_MSG_KEXINIT received | |||
debug1: kex: server->client aes128-ctr hmac-md5 none | |||
debug1: kex: client->server aes128-ctr hmac-md5 none | |||
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent | |||
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP | |||
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent | |||
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY | |||
debug1: Host '172.16.1.100' is known and matches the RSA host key. | |||
debug1: Found key in /home/larkadm/.ssh/known_hosts:8 | |||
debug1: ssh_rsa_verify: signature correct | |||
debug1: SSH2_MSG_NEWKEYS sent | |||
debug1: expecting SSH2_MSG_NEWKEYS | |||
debug1: SSH2_MSG_NEWKEYS received | |||
debug1: Roaming not allowed by server | |||
debug1: SSH2_MSG_SERVICE_REQUEST sent | |||
debug1: SSH2_MSG_SERVICE_ACCEPT received | |||
debug1: Authentications that can continue: publickey | |||
debug1: Next authentication method: publickey | |||
debug1: Trying private key: /home/larkadm/.euca/helloworld.priv | |||
debug1: read PEM private key done: type RSA | |||
debug1: Authentications that can continue: publickey | |||
debug1: No more authentication methods to try. | |||
Permission denied (publickey). | |||
</pre> |
Latest revision as of 12:41, 19 August 2011
Cloud image generation short cuts for noobs
Introduction
Purpose
Scope
Acronyms, descriptions
References
- http://linux.die.net/man/1/qemu-kvm
- http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/index.html?creating-loopback-s3-linux.html
- http://aws.amazon.com/developertools/351?_encoding=UTF8&jiveRedirect=1 The tools download page.
- http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/index.html?creating-an-ami.html
- http://docs.amazonwebservices.com/AWSEC2/2011-05-15/CommandLineReference/
- http://www.linuxplanet.com/linuxplanet/tutorials/6546/1
- http://alestic.com/2010/01/ec2-ebs-boot-ubuntu
- http://cssoss.wordpress.com/2010/05/10/eucalyptus-beginner%E2%80%99s-guide-%E2%80%93-uec-edition-chapter-4-%E2%80%93-image%C2%A0management/
- http://rwmj.wordpress.com/2011/05/19/rhel-6-1-is-out-new-virtualization-guide-covers-libguestfs/
- https://help.ubuntu.com/community/UEC/CDInstall
- https://help.ubuntu.com/community/UEC/Images
- http://cloud.ubuntu.com/docs/uec-book/
- http://cloud.ubuntu.com/docs/
- http://home.comcast.net/~fbui/bandwidth.html
- http://www.osc.edu/~troy/lperfex/
- [Home page]
Preping the environment
Installing the required tools
- yum install qemu-kvm
- yum install qemu-img
Getting the credentials
Eucalyptus credentials
See: https://help.ubuntu.com/community/UEC/CDInstall#STEP%205:%20Obtain%20Credentials
Creating an image
- Get the OS
- create loop back image
- configure image.
- bundle image.
- Install the bundle on UEC.
- Test the Ubuntu i386 bundle on AWS.
- Test the bundle on AWS
Installing the tools
Installing the EC2 tools
- get the tools zip file: EC2 AMI Tools
- The AMI tools uses ruby: yum install ruby
- cd /opt
- unzip ec2-ami-tools.zip
- export JAVA_HOME=/usr
- export EC2_AMITOOL_HOME=/opt/ec2-ami-tools-1.3-66634
- export PATH=$PATH:${EC2_AMITOOL_HOME:-EC2_HOME}/bin
For the API tools
- export EC2_HOME=/opt/ec2-api-tools-1.4.3.0
- Use the PATH set above. export PATH=$PATH:$EC2_HOME/bin
Configuring the credentials
- Get the credentials file
- firefox https://192.168.1.10:8443
- login
- click: Download Credentials
- save to file
- install the credentials
- unzip -d ~/.euca ~/Downloads/euca2-*-x509.zip
- update env
- echo "[ -r ~/.euca/eucarc ] && . ~/.euca/eucarc" >> ~/.bashrc
- verify
- bash
- env | grep EC2
- euca-describe-images -a
Installing the admin credentials
- login and get teh admin credentials
- unzip -d ~/.euca_admin /home/larkadm/Downloads/euca2-admin-x509.zip
- . ~/.euca_admin/eucarc
Creating a Fedora image using virt-manager
- sudo su -
- yum install @Virtualization
- chkconfig libvirtd on
- service libvirtd start
- virt-manager
- create guest
- select iso install
- do not fill entire disc
- Use 768 MB mem.
- 2GB Storage
- select linux and Fedora 15 ad the OS
- on last (5 of 5) Expand and select arch i686
- Install Fedora
- Custom storage
- / 1500 bytes EXT4
- swap (rest)
- use 'Minimal'
- select 'customize now'
- In Base System; select Base.
- Custom storage
- login
- fix up the configuration
- vi /etc/sysconfig/network-scripts/ifcfg-eth0
- Add BOOTPROTO=dhcp
- service network restart
- chkconfig network on
- vi /etc/selinux/config
- SELINUX=disabled
- vi /etc/sysconfig/network-scripts/ifcfg-eth0
- vi /etc/fstab
- LABEL=uec-rootfs / ext4 defaults 0 0
- /dev/sda2 none swap sw,comment=cloudconfig 0 0
- tune2fs -L uec-rootfs /dev/vda1
- reboot
- Create user: ec2-user
- useradd -d /home/ec2-user -c "Default user." -m ec2-user
- vi /etc/rc.local
- rm /etc/udev/rules.d/70-persistent-net.rules
- scp the initramfs and the vmlinuz to the host.
- halt
- Halt the guest.
- The image is in: /var/lib/libvirt/images
- yum install euca2ools
- . ~/.euca_admin/eucarc
- Change to the admin account.
- cd /tmp
- Bundle the kernel
- euca-bundle-image -i vmlinuz-2.6.38.6-26.rc1.fc15.i686.PAE --kernel true
- euca-upload-bundle -b mybucket -m /tmp/vmlinuz-2.6.38.6-26.rc1.fc15.i686.PAE.manifest.xml
- euca-register mybucket/vmlinuz-2.6.38.6-26.rc1.fc15.i686.PAE.manifest.xml
- Save the IMAGE eki number.
- Bundle the ramdisk image
- euca-bundle-image -i initramfs-2.6.38.6-26.rc1.fc15.i686.PAE.img --ramdisk true
- euca-upload-bundle -b mybucket -m /tmp/initramfs-2.6.38.6-26.rc1.fc15.i686.PAE.img.manifest.xml
- euca-register mybucket/initramfs-2.6.38.6-26.rc1.fc15.i686.PAE.img.manifest.xml
- Save the IMAGE eri- number.
- Bundle the image
- euca-bundle-image -i larc1.img --kernel eki-44FF1575 --ramdisk eri-DD621799 --arch i386
- euca-upload-bundle -b i386 -m /tmp/larc1.img.manifest.xml
- euca-register i386/larc1.img.manifest.xml
- testing
- euca-run-instances emi-090A0C1A -k helloworld -t m1.large
- euca-describe-instances
- wait for the instance to come up in running state.
- euca-get-console-output i-4CF107FF
Creating a Fedora image using qemu
- sudo su -
- if the kvm is run as an ordinary user then there seems to be some timer hw issue in the guest.
- qemu-img create -f qcow2 diskimage.img 5G
- qemu-kvm -m 768 -cdrom Fedora-15-i386-DVD.iso -drive file=diskimage.img,if=scsi,index=0 -boot d -net nic -net user
- go through the RHEL installation
- select keyboard, language etc.
- qemu-kvm -m 512 -drive file=diskimage.img,if=ide,index=0 -net nic -net user
- login
- fix up the configuration
- vi /etc/sysconfig/networ-scripts/ifcfg-eth0
- Add BOOTPROTO=dhcp
- service network restart
- chkconfig network on
- vi /etc/selinux/config
- SELINUX=disabled
- reboot
- ::: install curl
Creating a Fedora image - old school
- dd if=/dev/zero of=fedora.fs bs=1M count=2048
- mke2fs -F -j fedora.fs
- mkdir /mnt/fedora
- mount -o loop fedora.fs /mnt/fedora
- mkdir /mnt/fedora/dev
- /sbin/MAKEDEV -d /mnt/fedora/dev -x console
- /sbin/MAKEDEV -d /mnt/fedora/dev -x null
- /sbin/MAKEDEV -d /mnt/fedora/dev -x zero
- mkdir /mnt/fedora/etc
- vi /mnt/fedora/etc/fstab
- See fstab content below.
- cat /etc/yum.conf /etc/yum.repos.d/fedora.repo >> /mnt/fedora/etc/yum.conf
- vi /mnt/fedora/etc/yum.conf
- See yum.conf content below.
- mkdir /mnt/fedora/proc
- mount -t proc none /mnt/fedora/proc
- yum -c /mnt/fedora/etc/yum.conf --installroot=/mnt/fedora -y groupinstall Base
- vi /mnt/fedora/etc/sysconfig/network-scripts/ifcfg-eth0
- See blow
- echo "NETWORKING=yes" > /mnt/fedora/etc/sysconfig/network
- Update /mnt/fedora/etc/fstab
- See below
- chroot /mnt/ec2-fs /bin/sh
- chkconfig --level 345 my-service on
- exit
- umount /mnt/fedora/proc/
- umount -d /mnt/fedora
- ec2-bundle-image -i /disk2/fedora.fs -k ~/.euca/mykey.priv -c ~/.euca/euca2-ME-CODE-cert.pem -u 123456789012 -r x86_64 -d /disk2/product
fstab
/dev/sda1 / ext3 defaults 1 1 none /dev/pts devpts gid=5,mode=620 0 0 none /dev/shm tmpfs defaults 0 0 none /proc proc defaults 0 0 none /sys sysfs defaults 0 0 # This is for c1.small and m1.medium # For others please see: http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/index.html?instance-storage-concepts.html /dev/sda2 /mnt ext3 defaults 0 0 /dev/sda3 swap swap defaults 0 0
yum.conf
[main] cachedir=/mnt/fedora/var/cache/yum/$basearch/$releasever keepcache=0 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 plugins=1 installonly_limit=3 color=never exclude=*-debuginfo gpgcheck=0 reposdir=/dev/null # This is the default, if you make this bigger yum won't see if the metadata # is newer on the remote and so you'll "gain" the bandwidth of not having to # download the new metadata and "pay" for it by yum not having correct # information. # It is esp. important, to have correct metadata, for distributions like # Fedora which don't keep old packages around. If you don't like this checking # interupting your command line usage, it's much better to have something # manually check the metadata once an hour (yum-updatesd will do this). # metadata_expire=90m # PUT YOUR REPOS HERE OR IN separate files named file.repo # in /etc/yum.repos.d [fedora] name=Fedora $releasever - $basearch failovermethod=priority #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-14&arch=$basearch enabled=1 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch [fedora-debuginfo] name=Fedora $releasever - $basearch - Debug failovermethod=priority #baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/debug/ mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-debug-$releasever&arch=$basearch enabled=0 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch [fedora-source] name=Fedora $releasever - Source failovermethod=priority [main] cachedir=/mnt/fedora/var/cache/yum/$basearch/$releasever keepcache=0 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 plugins=1 installonly_limit=3 color=never exclude=*-debuginfo gpgcheck=0 reposdir=/dev/null # This is the default, if you make this bigger yum won't see if the metadata # is newer on the remote and so you'll "gain" the bandwidth of not having to # download the new metadata and "pay" for it by yum not having correct # information. # It is esp. important, to have correct metadata, for distributions like # Fedora which don't keep old packages around. If you don't like this checking # interupting your command line usage, it's much better to have something # manually check the metadata once an hour (yum-updatesd will do this). # metadata_expire=90m # PUT YOUR REPOS HERE OR IN separate files named file.repo # in /etc/yum.repos.d [fedora] name=Fedora $releasever - $basearch failovermethod=priority #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-14&arch=$basearch enabled=1 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch [fedora-debuginfo] name=Fedora $releasever - $basearch - Debug failovermethod=priority #baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/debug/ mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-debug-$releasever&arch=$basearch enabled=0 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch [fedora-source] name=Fedora $releasever - Source failovermethod=priority #baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/source/SRPMS/ mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-source-$releasever&arch=$basearch enabled=0 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch #baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/source/SRPMS/ mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-source-$releasever&arch=$basearch enabled=0 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch
ifcfg-eth0
DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes TYPE=Ethernet USERCTL=yes PEERDNS=yes IPV6INIT=no
Open issues
Creating an Ubuntu image
- apt-get install python-vm-builder
- vi image_def.txt
root 1000 /mnt/ephemeral 2000 /dev/sda2 swap 100 /dev/sda3
- vmbuilder xen ubuntu --part ./image_def.txt
- clear; vmbuilder qemu ubuntu -d /disk2/tmp/tut --verbose --part ./image_def.txt
- mkdir /mnt/ubuntu
- mount ubuntu-xen /mnt/ubuntu -o loop
- chroot /mnt/ubuntu/ apt-get update
- chroot /mnt/ubuntu/ apt-get install openssh-server
- chroot /mnt/ubuntu/ passwd -d root
- chroot /mnt/ubuntu vi /etc/rc.local
- Add the code before the “exit 0“
depmod -a modprobe acpiphp # simple attempt to get the user ssh key using the meta-data service mkdir -p /root/.ssh echo >> /root/.ssh/authorized_keys curl -m 10 -s http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key | grep 'ssh-rsa' >> /root/.ssh/authorized_keys echo "AUTHORIZED_KEYS:" echo "************************" cat /root/.ssh/authorized_keys echo "************************"
- chroot /mnt/ubuntu apt-get install curl
- cp 2.6.28-11-generic /chroot/lib/modules -R
- euca-bundle-image -i ubuntu-xen/root.img --kernel eki-CD7D185A --ramdisk eri-18301945 --prefix vmbuilder-test7
- euca-upload-bundle -b imagestore-vmbuildertest6 -m /tmp/vmbuilder-test7.manifest.xml
- euca-register imagestore-vmbuildertest6/vmbuilder-test7.manifest.xml
- umount -l /mnt/ubuntu
Vanilla image creation
Seems like EKI and ERI are something that is provide from outside the image. So it boot of of a kernel that is provided by the cloud vendor.
- yum install qemu-img
- qemu-img create -f qcow2 fedora.img 5G
- qemu-kvm -m 256 -cdrom ../isos/fedora14.iso -drive file=fedora.img,if=scsi,index=0 -boot d -net nic -net user
- Why use vnc?: -nographic -vnc :0
creating a RHEL server image on ubuntu
- sudo su -
- if the kvm is run as an ordinary user then there seems to be some timer hw issue in the guest.
- qemu-img create -f qcow2 diskimage.img 5G
- kvm -m 512 -cdrom rhel-server-6.1-i386-dvd.iso -drive file=diskimage.img,if=scsi,index=0 -boot d -net nic -net user
- go through the RHEL installation
- select keyboard, language etc.
- ::: install curl
- Eucalyptus beginners guide UEC at http://cssoss.wordpress.com/
- RHEL 6.1 AMI: http://aws.amazon.com/amis/0471856266979567
Trouble shooting
KVM Issues
qemu network issues
Unable to connect to host os from within the guest
ping hosts does not get a response.
qemu-kvm issues
Boot failed: could not read the boot disk
- if=ide
kvm -m 768 -drive file=diskimage.img,if=scsi,index=0 -net nic -net user
Running a the rescue op from the DVD fdisk provides:
- fdisk -l /dev/sda
- Partition 1 has different physical/logical beginnigs (non-linux?):
- phys=(0, 32, 33) logical=(99, 115, 10)
- Partition 1 does not end on cylinder boundary.
- Partition 1 has different physical/logical beginnigs (non-linux?):
Show the same errors for partition 2, which is the LVM.
qemu-kvm: -net use: Parameter 'type' expects a network client type
- it should be -net user
qemu-kvm -m 768 -cdrom Fedora-15-i386-DVD.iso -drive file=diskimage.img,if=scsi,index=0 -boot d -net nic -net use
Guest issues
Bringing up interface eth0: Device eth0 has different MAC address than expected, ignoring.
remove HWADDR from /etc/sysconfig/network-scripts/ifcfg-eth0
ImageVerify: Failed check! Invalidating registration: i386/initramfs-2.6.32-131.0.15.el6.i686.img.manifest.xml
Yum issues
Cannot retrieve repository metadata (repomd.xml) for repository
yum -c /mnt/fedora/etc/yum.conf --installroot=/mnt/fedora -y groupinstall Base
Loaded plugins: langpacks, presto, refresh-packagekit Error: Cannot retrieve repository metadata (repomd.xml) for repository: fedora. Please verify its path and try again
Image management
- euca-add-keypair helloworld > ~/.euca/helloworld.priv
- euca-describe-images
- euca-run-instances emi-1E9911E8 -k helloworld -t c1.medium
- euca-describe-instances
- euca-get-console-output
- ssh -i ~/.euca/helloworld.priv ec2-user@172.16.1.100
- euca-terminate-instances
remove image
- euca-deregister emi-09AF0C32
- euca-delete-bundle -b i386 /tmp/larc3.img.manifest.xml
Cloud issues
Permission denied (publickey).
- A: user name was wrong.
- Correct: ssh -i ~/.euca/helloworld.priv ubuntu@172.16.1.100
- ssh -i ~/.euca/helloworld.priv user@172.16.1.100
ssh -i /home/larkadm/.euca/helloworld.priv user@172.16.1.100 -v OpenSSH_5.5p1 Debian-4ubuntu6, OpenSSL 0.9.8o 01 Jun 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 172.16.1.100 [172.16.1.100] port 22. debug1: Connection established. debug1: identity file /home/larkadm/.euca/helloworld.priv type -1 debug1: identity file /home/larkadm/.euca/helloworld.priv-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-1ubuntu3 debug1: match: OpenSSH_5.8p1 Debian-1ubuntu3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu6 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '172.16.1.100' is known and matches the RSA host key. debug1: Found key in /home/larkadm/.ssh/known_hosts:8 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/larkadm/.euca/helloworld.priv debug1: read PEM private key done: type RSA debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey).