From Fedora Project Wiki
Cloud image generation short cuts for noobs
Introduction
Purpose
Scope
Acronyms, descriptions
References
- http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/index.html?creating-loopback-s3-linux.html
- http://aws.amazon.com/developertools/351?_encoding=UTF8&jiveRedirect=1 The tools download page.
- http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/index.html?creating-an-ami.html
- http://docs.amazonwebservices.com/AWSEC2/2011-05-15/CommandLineReference/
- http://www.linuxplanet.com/linuxplanet/tutorials/6546/1
- http://alestic.com/2010/01/ec2-ebs-boot-ubuntu
- http://cssoss.wordpress.com/2010/05/10/eucalyptus-beginner%E2%80%99s-guide-%E2%80%93-uec-edition-chapter-4-%E2%80%93-image%C2%A0management/
- http://rwmj.wordpress.com/2011/05/19/rhel-6-1-is-out-new-virtualization-guide-covers-libguestfs/
- https://help.ubuntu.com/community/UEC/CDInstall
- https://help.ubuntu.com/community/UEC/Images
- http://cloud.ubuntu.com/docs/uec-book/
- http://cloud.ubuntu.com/docs/
- http://home.comcast.net/~fbui/bandwidth.html
- http://www.osc.edu/~troy/lperfex/
- [Home page]
Preping the environment
Getting the credentials
Eucalyptus credentials
See: https://help.ubuntu.com/community/UEC/CDInstall#STEP%205:%20Obtain%20Credentials
Creating an image
- Get the OS
- create loop back image
- configure image.
- bundle image.
- Install the bundle on UEC.
- Test the Ubuntu i386 bundle on AWS.
- Test the bundle on AWS
Installing the tools
Installing the EC2 tools
- get the tools zip file: EC2 AMI Tools
- The AMI tools uses ruby: yum install ruby
- cd /opt
- unzip ec2-ami-tools.zip
- export JAVA_HOME=/usr
- export EC2_AMITOOL_HOME=/opt/ec2-ami-tools-1.3-66634
- export PATH=$PATH:${EC2_AMITOOL_HOME:-EC2_HOME}/bin
For the API tools
- export EC2_HOME=/opt/ec2-api-tools-1.4.3.0
- Use the PATH set above. export PATH=$PATH:$EC2_HOME/bin
Creating a Fedora image
- dd if=/dev/zero of=fedora.fs bs=1M count=2048
- mke2fs -F -j fedora.fs
- mkdir /mnt/fedora
- mount -o loop fedora.fs /mnt/fedora
- mkdir /mnt/fedora/dev
- /sbin/MAKEDEV -d /mnt/fedora/dev -x console
- /sbin/MAKEDEV -d /mnt/fedora/dev -x null
- /sbin/MAKEDEV -d /mnt/fedora/dev -x zero
- mkdir /mnt/fedora/etc
- vi /mnt/fedora/etc/fstab
- See fstab content below.
- cat /etc/yum.conf /etc/yum.repos.d/fedora.repo >> /mnt/fedora/etc/yum.conf
- vi /mnt/fedora/etc/yum.conf
- See yum.conf content below.
- mkdir /mnt/fedora/proc
- mount -t proc none /mnt/fedora/proc
- yum -c /mnt/fedora/etc/yum.conf --installroot=/mnt/fedora -y groupinstall Base
- vi /mnt/fedora/etc/sysconfig/network-scripts/ifcfg-eth0
- See blow
- echo "NETWORKING=yes" > /mnt/fedora/etc/sysconfig/network
- Update /mnt/fedora/etc/fstab
- See below
- chroot /mnt/ec2-fs /bin/sh
- chkconfig --level 345 my-service on
- exit
- umount /mnt/fedora/proc/
- umount -d /mnt/fedora
- ec2-bundle-image -i /disk2/fedora.fs -k ~/.euca/mykey.priv -c ~/.euca/euca2-ME-CODE-cert.pem -u 123456789012 -r x86_64 -d /disk2/product
fstab
/dev/sda1 / ext3 defaults 1 1 none /dev/pts devpts gid=5,mode=620 0 0 none /dev/shm tmpfs defaults 0 0 none /proc proc defaults 0 0 none /sys sysfs defaults 0 0 # This is for c1.small and m1.medium # For others please see: http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/index.html?instance-storage-concepts.html /dev/sda2 /mnt ext3 defaults 0 0 /dev/sda3 swap swap defaults 0 0
yum.conf
[main] cachedir=/mnt/fedora/var/cache/yum/$basearch/$releasever keepcache=0 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 plugins=1 installonly_limit=3 color=never exclude=*-debuginfo gpgcheck=0 reposdir=/dev/null # This is the default, if you make this bigger yum won't see if the metadata # is newer on the remote and so you'll "gain" the bandwidth of not having to # download the new metadata and "pay" for it by yum not having correct # information. # It is esp. important, to have correct metadata, for distributions like # Fedora which don't keep old packages around. If you don't like this checking # interupting your command line usage, it's much better to have something # manually check the metadata once an hour (yum-updatesd will do this). # metadata_expire=90m # PUT YOUR REPOS HERE OR IN separate files named file.repo # in /etc/yum.repos.d [fedora] name=Fedora $releasever - $basearch failovermethod=priority #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-14&arch=$basearch enabled=1 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch [fedora-debuginfo] name=Fedora $releasever - $basearch - Debug failovermethod=priority #baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/debug/ mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-debug-$releasever&arch=$basearch enabled=0 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch [fedora-source] name=Fedora $releasever - Source failovermethod=priority [main] cachedir=/mnt/fedora/var/cache/yum/$basearch/$releasever keepcache=0 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 plugins=1 installonly_limit=3 color=never exclude=*-debuginfo gpgcheck=0 reposdir=/dev/null # This is the default, if you make this bigger yum won't see if the metadata # is newer on the remote and so you'll "gain" the bandwidth of not having to # download the new metadata and "pay" for it by yum not having correct # information. # It is esp. important, to have correct metadata, for distributions like # Fedora which don't keep old packages around. If you don't like this checking # interupting your command line usage, it's much better to have something # manually check the metadata once an hour (yum-updatesd will do this). # metadata_expire=90m # PUT YOUR REPOS HERE OR IN separate files named file.repo # in /etc/yum.repos.d [fedora] name=Fedora $releasever - $basearch failovermethod=priority #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-14&arch=$basearch enabled=1 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch [fedora-debuginfo] name=Fedora $releasever - $basearch - Debug failovermethod=priority #baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/debug/ mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-debug-$releasever&arch=$basearch enabled=0 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch [fedora-source] name=Fedora $releasever - Source failovermethod=priority #baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/source/SRPMS/ mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-source-$releasever&arch=$basearch enabled=0 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch #baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/source/SRPMS/ mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-source-$releasever&arch=$basearch enabled=0 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch
ifcfg-eth0
DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes TYPE=Ethernet USERCTL=yes PEERDNS=yes IPV6INIT=no
Open issues
Creating an Ubuntu image
- apt-get install python-vm-builder
- vi image_def.txt
root 1000 /mnt/ephemeral 2000 /dev/sda2 swap 100 /dev/sda3
- vmbuilder xen ubuntu --part ./image_def.txt
- clear; vmbuilder qemu ubuntu -d /disk2/tmp/tut --verbose --part ./image_def.txt
- mkdir /mnt/ubuntu
- mount ubuntu-xen /mnt/ubuntu -o loop
- chroot /mnt/ubuntu/ apt-get update
- chroot /mnt/ubuntu/ apt-get install openssh-server
- chroot /mnt/ubuntu/ passwd -d root
- chroot /mnt/ubuntu vi /etc/rc.local
- Add the code before the “exit 0“
depmod -a modprobe acpiphp # simple attempt to get the user ssh key using the meta-data service mkdir -p /root/.ssh echo >> /root/.ssh/authorized_keys curl -m 10 -s http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key | grep 'ssh-rsa' >> /root/.ssh/authorized_keys echo "AUTHORIZED_KEYS:" echo "************************" cat /root/.ssh/authorized_keys echo "************************"
- chroot /mnt/ubuntu apt-get install curl
- cp 2.6.28-11-generic /chroot/lib/modules -R
- euca-bundle-image -i ubuntu-xen/root.img --kernel eki-CD7D185A --ramdisk eri-18301945 --prefix vmbuilder-test7
- euca-upload-bundle -b imagestore-vmbuildertest6 -m /tmp/vmbuilder-test7.manifest.xml
- euca-register imagestore-vmbuildertest6/vmbuilder-test7.manifest.xml
- umount -l /mnt/ubuntu
Vanilla image creation
Seems like EKI and ERI are something that is provide from outside the image. So it boot of of a kernel that is provided by the cloud vendor.
- yum install qemu-img
- qemu-img create -f qcow2 fedora.img 5G
- qemu-kvm -m 256 -cdrom ../isos/fedora14.iso -drive file=fedora.img,if=scsi,index=0 -boot d -net nic -net user
- Why use vnc?: -nographic -vnc :0
creating a RHEL server image on ubuntu
- sudo su -
- if the kvm is run as an ordinary user then there seems to be some timer hw issue in the guest.
- qemu-img create -f qcow2 diskimage.img 5G
- kvm -m 512 -cdrom rhel-server-6.1-i386-dvd.iso -drive file=diskimage.img,if=scsi,index=0 -boot d -net nic -net user