I've been playing a bit lately with Oracle VM on a few different platforms (ODA, Exalytics, Private Cloud Appliance) and was tasked with creating a good Oracle VM template image for Oracle Linux 7. Oracle makes templates available on eDelivery (https://edelivery.oracle.com) that present you with VM configuration questions on first boot, but those VM templates have a few limitations that make them hard to use:
- The templates have a minimal Linux installation, and are missing key RPMs needed for installing Oracle database or application software.
- Very small initial disk sizes are created initially and aren't sized to be really useful
- Logical Volume Management isn't used, which makes resolving the above item extra painful
In the past, I'd managed to take the existing templates available from Oracle and convert them over to an LVM format, but I decided to go with a fresh installation and build the template from there. This post goes through the process of taking an existing "gold image" VM and building a configuration script that runs upon first boot of the VM.
First, build a virtual machine with all of the packages and mount points the way that you want it. I'm working off of an Oracle Linux 7.2 virtual machine in this example. Once that is complete, check your yum repositories to see if the "Add Ons" channel is enabled. If not, find it in the /etc/yum.repos.d/public-yum-ol7.repo file and change "enabled=0" to "enabled=1". Here is the relevant content from my repository configuration file:
[root@localhost ~]# grep -A 4 addons /etc/yum.repos.d/public-yum-ol7.repo
[ol7_addons]
name=Oracle Linux $releasever Add ons ($basearch)
baseurl=http://public-yum.oracle.com/repo/OracleLinux/OL7/addons/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1
It can be validated with a simple "yum repolist" command. If the "ol7_addons/x86_64" line shows up, then you're good to go.
yum repolist
Loaded plugins: ulninfo
repo id repo name status
ol7_UEKR3/x86_64 Latest Unbreakable Enterprise Kernel Release 3 for Oracle Linux 7Server (x86_64) 489
ol7_addons/x86_64 Oracle Linux 7Server Add ons (x86_64) 183
ol7_latest/x86_64 Oracle Linux 7Server Latest (x86_64) 14,996
repolist: 15,668
Now that we have that here, the following packages need to be installed via yum:
- xenstoreprovider
- ovm-template-config*
- libovmapi
- ovmd
[root@localhost ~]# yum -y install xenstoreprovider ovm-template-config* libovmapi ovmd
Loaded plugins: ulninfo
Resolving Dependencies
--> Running transaction check
---> Package libovmapi.x86_64 0:3.0-7.el7 will be installed
---> Package ovm-template-config.noarch 0:3.7-5.el7 will be installed
---> Package ovm-template-config-authentication.noarch 0:3.7-5.el7 will be installed
---> Package ovm-template-config-datetime.noarch 0:3.7-5.el7 will be installed
---> Package ovm-template-config-firewall.noarch 0:3.7-5.el7 will be installed
---> Package ovm-template-config-network.noarch 0:3.7-5.el7 will be installed
---> Package ovm-template-config-selinux.noarch 0:3.7-5.el7 will be installed
---> Package ovm-template-config-ssh.noarch 0:3.7-5.el7 will be installed
---> Package ovm-template-config-system.noarch 0:3.7-5.el7 will be installed
---> Package ovm-template-config-user.noarch 0:3.7-5.el7 will be installed
---> Package ovmd.x86_64 0:3.7-3.el7 will be installed
---> Package xenstoreprovider.x86_64 0:3.0-12.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
========================================================================================================================================================================================================================================================================
Package Arch Version Repository Size
========================================================================================================================================================================================================================================================================
Installing:
libovmapi x86_64 3.0-7.el7 ol7_addons 20 k
ovm-template-config noarch 3.7-5.el7 ol7_addons 40 k
ovm-template-config-authentication noarch 3.7-5.el7 ol7_addons 4.5 k
ovm-template-config-datetime noarch 3.7-5.el7 ol7_addons 5.2 k
ovm-template-config-firewall noarch 3.7-5.el7 ol7_addons 4.4 k
ovm-template-config-network noarch 3.7-5.el7 ol7_addons 5.8 k
ovm-template-config-selinux noarch 3.7-5.el7 ol7_addons 4.6 k
ovm-template-config-ssh noarch 3.7-5.el7 ol7_addons 5.3 k
ovm-template-config-system noarch 3.7-5.el7 ol7_addons 4.8 k
ovm-template-config-user noarch 3.7-5.el7 ol7_addons 5.1 k
ovmd x86_64 3.7-3.el7 ol7_addons 30 k
xenstoreprovider x86_64 3.0-12.el7 ol7_addons 26 k
Transaction Summary
========================================================================================================================================================================================================================================================================
Install 12 Packages
Total download size: 155 k
Installed size: 331 k
Downloading packages:
(1/12): ovm-template-config-3.7-5.el7.noarch.rpm | 40 kB 00:00:00
(2/12): libovmapi-3.0-7.el7.x86_64.rpm | 20 kB 00:00:00
(3/12): ovm-template-config-authentication-3.7-5.el7.noarch.rpm | 4.5 kB 00:00:00
(4/12): ovm-template-config-datetime-3.7-5.el7.noarch.rpm | 5.2 kB 00:00:00
(5/12): ovm-template-config-firewall-3.7-5.el7.noarch.rpm | 4.4 kB 00:00:00
(6/12): ovm-template-config-network-3.7-5.el7.noarch.rpm | 5.8 kB 00:00:00
(7/12): ovm-template-config-ssh-3.7-5.el7.noarch.rpm | 5.3 kB 00:00:00
(8/12): ovm-template-config-selinux-3.7-5.el7.noarch.rpm | 4.6 kB 00:00:00
(9/12): ovm-template-config-system-3.7-5.el7.noarch.rpm | 4.8 kB 00:00:00
(10/12): ovm-template-config-user-3.7-5.el7.noarch.rpm | 5.1 kB 00:00:00
(11/12): ovmd-3.7-3.el7.x86_64.rpm | 30 kB 00:00:00
(12/12): xenstoreprovider-3.0-12.el7.x86_64.rpm | 26 kB 00:00:00
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 139 kB/s | 155 kB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : ovm-template-config-3.7-5.el7.noarch 1/12
Installing : libovmapi-3.0-7.el7.x86_64 2/12
Installing : ovmd-3.7-3.el7.x86_64 3/12
Installing : xenstoreprovider-3.0-12.el7.x86_64 4/12
Installing : ovm-template-config-user-3.7-5.el7.noarch 5/12
Installing : ovm-template-config-datetime-3.7-5.el7.noarch 6/12
Installing : ovm-template-config-ssh-3.7-5.el7.noarch 7/12
Installing : ovm-template-config-system-3.7-5.el7.noarch 8/12
Installing : ovm-template-config-firewall-3.7-5.el7.noarch 9/12
Installing : ovm-template-config-network-3.7-5.el7.noarch 10/12
Installing : ovm-template-config-selinux-3.7-5.el7.noarch 11/12
Installing : ovm-template-config-authentication-3.7-5.el7.noarch 12/12
Verifying : ovm-template-config-user-3.7-5.el7.noarch 1/12
Verifying : ovm-template-config-datetime-3.7-5.el7.noarch 2/12
Verifying : ovm-template-config-ssh-3.7-5.el7.noarch 3/12
Verifying : ovmd-3.7-3.el7.x86_64 4/12
Verifying : xenstoreprovider-3.0-12.el7.x86_64 5/12
Verifying : ovm-template-config-system-3.7-5.el7.noarch 6/12
Verifying : ovm-template-config-3.7-5.el7.noarch 7/12
Verifying : ovm-template-config-firewall-3.7-5.el7.noarch 8/12
Verifying : ovm-template-config-network-3.7-5.el7.noarch 9/12
Verifying : libovmapi-3.0-7.el7.x86_64 10/12
Verifying : ovm-template-config-selinux-3.7-5.el7.noarch 11/12
Verifying : ovm-template-config-authentication-3.7-5.el7.noarch 12/12
Installed:
libovmapi.x86_64 0:3.0-7.el7 ovm-template-config.noarch 0:3.7-5.el7 ovm-template-config-authentication.noarch 0:3.7-5.el7 ovm-template-config-datetime.noarch 0:3.7-5.el7 ovm-template-config-firewall.noarch 0:3.7-5.el7
ovm-template-config-network.noarch 0:3.7-5.el7 ovm-template-config-selinux.noarch 0:3.7-5.el7 ovm-template-config-ssh.noarch 0:3.7-5.el7 ovm-template-config-system.noarch 0:3.7-5.el7 ovm-template-config-user.noarch 0:3.7-5.el7
ovmd.x86_64 0:3.7-3.el7 xenstoreprovider.x86_64 0:3.0-12.el7
Complete!
Now that we have the packages in place, it's time to start configuring ovmd so that we can finalize the interactive prompts.
[root@localhost ~]# systemctl enable ovm-template-initial-config.service
[root@localhost ~]# systemctl enable ovmd.service
[root@localhost ~]# systemctl start ovmd.service
[root@localhost ~]# systemctl start ovm-template-initial-config
Configuration scripts have been categorized, so that you can enable specific items that are interesting to your configuration. You can view/enable/disable these with the ovm-chkconfig command. There are two main options that are relevant in the output - configure and cleanup. When preparing a virtual machine as a template, the cleanup script will remove all settings for the items where "cleanup" is set to on. On next boot of the virtual machine, scripts marked with "configuration" set to on will be run when the VM is placed in configuration mode. In the example below, the cleanup process will remove settings for all modules with the exception of firewall and selinux (they're set to off).
[root@localhost ~]# ovm-chkconfig --list
name configure unconfigure reconfigure cleanup suspend resume migrate shutdown
authentication on:90 off off on:10 off off off off
datetime on:50 off off on:50 off off off off
firewall on:41 off off off off off off off
network on:50 off off on:50 off off off off
selinux on:30 off off off off off off off
ssh on:70 off off on:30 off off off off
system on:60 off off on:60 off off off off
user on:60 off off on:40 off off off off
If I want the cleanup script to leave the datetime and user modules alone, I can configure those with the ovm-chkconfig command as follows:
[root@localhost ~]# ovm-chkconfig --target cleanup user off
[root@localhost ~]# ovm-chkconfig --target cleanup datetime off
[root@localhost ~]# ovm-chkconfig --list
name configure unconfigure reconfigure cleanup suspend resume migrate shutdown
authentication on:90 off off on:10 off off off off
datetime on:50 off off off off off off off
firewall on:41 off off off off off off off
network on:50 off off on:50 off off off off
selinux on:30 off off off off off off off
ssh on:70 off off on:30 off off off off
system on:60 off off on:60 off off off off
user on:60 off off off off off off off
The scripts are built to receive sets of key/value pairs for various configuration items that can be passed through a number of methods (more on that in a later post). You can use the ovm-template-config command to see the key/value pairs that are available for a specific module. A good example is the network module, shown below. Items listed with "'hidden': True" will not be queried, but can be set through the various APIs made available by Oracle.
[root@localhost ~]# ovm-template-config --human-readable --enumerate --script network configure
[('50',
'network',
[{u'description': u'System host name, e.g., "localhost.localdomain".',
u'key': u'com.oracle.linux.network.hostname'},
{u'description': u'Hostname entry for /etc/hosts, e.g., "127.0.0.1 localhost localhost.localdomain".',
u'hidden': True,
u'key': u'com.oracle.linux.network.host.0'},
{u'description': u'Network device to configure, e.g., "eth0".',
u'key': u'com.oracle.linux.network.device.0'},
{u'depends': u'com.oracle.linux.network.device.0',
u'description': u'Network device hardware address, e.g., "00:16:3E:28:0F:4E".',
u'hidden': True,
u'key': u'com.oracle.linux.network.hwaddr.0'},
{u'depends': u'com.oracle.linux.network.device.0',
u'description': u'Network device MTU, e.g., "1500".',
u'hidden': True,
u'key': u'com.oracle.linux.network.mtu.0'},
{u'choices': [u'yes', u'no'],
u'depends': u'com.oracle.linux.network.device.0',
u'description': u'Activate interface on system boot: yes or no.',
u'key': u'com.oracle.linux.network.onboot.0'},
{u'choices': [u'dhcp', u'static'],
u'depends': u'com.oracle.linux.network.device.0',
u'description': u'Boot protocol: dhcp or static.',
u'key': u'com.oracle.linux.network.bootproto.0'},
{u'depends': u'com.oracle.linux.network.bootproto.0',
u'description': u'IP address of the interface.',
u'key': u'com.oracle.linux.network.ipaddr.0',
u'requires': [u'com.oracle.linux.network.bootproto.0',
[u'static', u'none', None]]},
{u'depends': u'com.oracle.linux.network.bootproto.0',
u'description': u'Netmask of the interface.',
u'key': u'com.oracle.linux.network.netmask.0',
u'requires': [u'com.oracle.linux.network.bootproto.0',
[u'static', u'none', None]]},
{u'depends': u'com.oracle.linux.network.bootproto.0',
u'description': u'Gateway IP address.',
u'key': u'com.oracle.linux.network.gateway.0',
u'requires': [u'com.oracle.linux.network.bootproto.0',
[u'static', u'none', None]]},
{u'depends': u'com.oracle.linux.network.bootproto.0',
u'description': u'DNS servers separated by comma, e.g., "8.8.8.8,8.8.4.4".',
u'key': u'com.oracle.linux.network.dns-servers.0',
u'requires': [u'com.oracle.linux.network.bootproto.0',
[u'static', u'none', None]]},
{u'description': u'DNS search domains separated by comma, e.g., "us.example.com,cn.example.com".',
u'hidden': True,
u'key': u'com.oracle.linux.network.dns-search-domains.0'}])]
In order to see all of the options available at the time of configuration, remove the "--script network" piece of the above command. At this point, everything is in place to clean up the current VM and enable the configuration script. Run these commands and shut down the VM. The first command runs the cleanup script, and the second command enables the configuration mode.
[root@localhost ~]# ovmd -s cleanup
[root@localhost ~]# sed -i 's/^INITIAL_CONFIG=.*/INITIAL_CONFIG=yes/g' /etc/sysconfig/ovm-template-initialconfig
[root@localhost ~]# shutdown -h now
It can now be used as the source for all new VMs created. When the cloned VM boots up, it will ask for a hostname, IP address, subnet mask, gateway, DNS server, and root password.
This functionality can be extended even further using the VM messaging functionality in Oracle's VM Manager or the OVMcli interface. More on that in a future post.
Pingback: Automatiser la configuration des VM avec OVM Manager - ArKZoYd