OpenStack Nova CentOS Instance

I’ve been working on tweaking a CentOS 5.3 image you can download from http://open.eucalyptus.com/wiki/EucalyptusUserImageCreatorGuide_v1.6 as there seems to be a big bias towards running Ubuntu under OpenStack. This is great for getting OpenStack up and running, but for us evangelists that operate a RHEL family house, its crucial to be able to demonstrate like-for-like offerings against what you currently run to help promote its use.

This guide should get you to a point where you have a usable, useful CentOS image for your environment. When I get around to it I’ll upload my version for use in your environment with the modifications laid out in this blog post.

The Guide

  • Start off by downloading a compatible image from Eucalyptus: http://open.eucalyptus.com/wiki/EucalyptusUserImageCreatorGuide_v1.6. I’ll work on the 64-Bit CentOS 5.3 image for this guide.
  • mkdir cloud/images and unpack the tarball here
    • mkdir -p cloud/images
    • cd cloud/images
    • tar zxvf <path_to_tarball>/euca-centos-5.3-x86_64.tar.gz
    • cd euca-centos-5.3-x86_64
    • At this stage we’d normally upload the image to OpenStack but some modifications are needed such as increasing the size of the image to accommodate some new packages so we must first mount the image (read-only because we’re not needing to make edits to this yet) as follows
      • mkdir image
      • sudo mount centos.5-3.x86-64.img image -o loop,ro
    • Increase the size of the image as follows and copy the contents
      • dd if=/dev/zero of=newcentos.img bs=1M count=2048
      • mkfs.ext3 newcentos.img
      • mkdir newcentos
      • sudo mount newcentos.img newcentos -o loop,rw
      • sudo cp -pR image/* newcentos/
      • sudo umount image
  • Modify the image as follows
  • IMPORTANT! (ensure you’re chrooted as described below to your mounted image and you have verified that you’re not modifying your running environment – I accept no responsibility because you can’t read)
    • sudo su -
    • chroot ~/cloud/images/euca-centos-5.3-x86_64/newcentos
    • mount proc -t proc /proc
  • Now to modify the image and install some new packages…
    • yum update
    • yum install redhat-lsb sudo enhanced-vim
    • Remove /etc/udev/rules.d/* to stop the lengthy wait on boot
    • edit /etc/sysconfig/network and disable ZEROCONF (your instance will fail to download meta data from OpenStack nova-api otherwise)
      • NOZEROCONF=yes
    • Edit /etc/profile.d/vim.sh
      • if [ -n "$BASH_VERSION" -o -n "$KSH_VERSION" -o -n "$ZSH_VERSION" ]
        then
        [ -x /usr/bin/id ] || return
        tmpid=$(/usr/bin/id -u)
        [ "$tmpid" = "" ] && tmpid=0
        # for bash and zsh, only if no alias is already set
        alias vi >/dev/null 2>&1 || alias vi=vim
        alias view >/dev/null 2>&1 || alias view='vim -R'
        fi
    • Ensure /dev/null is writeable by all
      • chmod 777 /dev/null
  • That’s the modifications done, but feel free to add your own to suit your own environment so to wrap it up
    • umount /proc
    • logout
    • logout
    • sudo umount newcentos
    • To make things neat rename it appropriately
      • mv newcentos.img centos-5.5-x86_64.img

Upload CentOS image to OpenStack

  • Now you have a CentOS image suitable for OpenStack you need to upload it to OpenStack.
  • The tarball ships with 2 lots of kernels and ramdisks. I’ll assume you’ll be using KVM, but change the instructions to suit a Xen hypervisor.
    • Upload the kernel and make note of the ami
      • euca-bundle-image -i kvm-kernel/vmlinuz-2.6.28-11-generic
        --kernel true
      • euca-upload-bundle -b mybucket
        -m /tmp/vmlinuz-2.6.28-11-generic.manifest.xml
      • euca-register mybucket/vmlinuz-2.6.28-11-generic.manifest.xml
    • Upload the ramdisk and make a note of the ami
      • euca-bundle-image -i kvm-kernel/initrd.img-2.6.28-11-generic
        --ramdisk true
      • euca-upload-bundle -b mybucket
        -m /tmp/initrd.img-2.6.28-11-generic.manifest.xml
      • euca-register mybucket/initrd.img-2.6.28-11-generic.manifest.xml
    • Upload the machine image you modifed above, specifying the ami values from the steps above to specify the kernel and ramdisk to load with this
      • euca-bundle-image -i centos-5.5-x86_64.img
        --kernel aki-XXXXXXXX --ramdisk ari-XXXXXXXX
      • euca-upload-bundle -b mybucket
        -m /tmp/centos-5.5-x86_64.img.manifest.xml
      • euca-register mybucket/centos-5.5-x86_64.img.manifest.xml
  • That’s it done (you may have to wait a short while whilst it uploads to the nova-objectstore server) – you should now see your new AMI available
    • euca-describe-images
      • IMAGE    ami-reey5wk5    mybucket/centos.5-5.x86-64.img.manifest.xml   
        myproject    available    private        x86_64    machine    ami-f4ks8moj   
        ami-jqxvgtmd
  • You can now use this to launch an instance
    • euca-run-instances ami-reey5wk5 -k openstack -t m1.tiny

Auto mount (autofs) sshfs access

1. Install autofs

Ubuntu/Debian: sudo apt-get install autofs
Red Hat/Fedora based: sudo yum install autofs

2. Edit /etc/auto.master and add a line:

/media/sshfs   /etc/auto.sshfs uid=1000,gid=1000,--timeout=30,--ghost

3. Edit /etc/auto.sshfs

mountpoint   -fstype=fuse,rw,nodev,nonempty,allow_other,reconnect,uid=1000
,gid=1000,max_read=65536,compression=yes,auto_cache,no_check_root,
kernel_cache :sshfs\#user@server\:/remotedir

4. Make the autofs mount point

mkdir -p /media/sshfs

5. SSH Access using Keys – for root

To make efficient use of sshfs access and a prequisite for autofs you need to set up host based key authentication. It is required that you can ssh from the root user to the target user on the remote filesystem using keys.

ssh-keygen -t rsa
scp .ssh/id_rsa.pub user@server:
ssh user@server
mkdir --mode=0700 -p .ssh
cat id_rsa.pub >> .ssh/authorized_keys
chmod 0600 .ssh/authorized_keys

Now test you can log in to user@remote from the root user without it prompting for a password

6. Start Autofs

Ubuntu/Debian: sudo autofs start
RedHat/Fedora: sudo service autofs start

7. Access your remote filesystem by going to /media/sshfs/mountpoint

cd /media/sshfs/mountpoint

You should now be access the remote machine as if it was part of your local filesystem

Red Hat Enterprise Linux 6 Beta 1 – Publically Available

Red Hat may have actually gone and impressed me.

I’ve been using Red Hat since the dark days when hardware support was just a pipe-dream.  When RH9 progressed into Fedora and businesses were suddenly against using “free” to host their applications, Red Hat became the clunky but trusted supported Linux vendor or choice for many.  RHEL3 was old – but worked. RHEL4 was better and worked and RHEL5 was marred by Ubuntu but finally brought virtualization out of the box.  Ubuntu became desktop choice for many, dividing the Linux desktop community into Fedora (and others) and Ubuntu (and Debian derivatives).  Ubuntu was also creeping into the enterprise and was becoming as ubiquitous to businesses as more and more people who ran Linux at home were becoming to be employed basically because of the progress that Ubuntu has made on the desktop.

As a server OS, Red Hat ticks all the right boxes – so much so that over the last 6 years of setting up and maintaining one of the busiest websites in the UK, running on Red Hat, support calls can be counted on a single hand with fingers to spare.  Red Hat was right at home on servers where the sysadmins realm began with a $ or a #.  On the desktop – you’d be crazy, or forced to by company policy, to run RHEL.  It wasn’t mature enough to go beyond the basics.

RHEL6 seems to have changed this.

With an updated kernel supporting the goodness you expect from mature kernels (including the much needed hardware virtualisation features of modern chips), Gnome 2.28, OpenOffice.org 3, Firefox 3.5.3 (as at time of this writing and beta) – it now bares the hallmarks of the polished interface we expect of a modern distributions.  I can genuinely see this on enterprise desktops and people not look around in as much jealousy at the Microsoft alternative.

On the server side, default filesystem is EXT4 providing read and write caching capabilities and improvements to file access, booting the server (under vbox) to a shell took 10 seconds – a speed that is noticeable.  The usually increase in software versions are all there such as Apache 2.2.14 and Samba 3.4.4.

I highly recommend checking out the public beta at ftp://ftp.redhat.com/pub/redhat/rhel/beta/6/ and more information can be found in Red Hat’s press release http://press.redhat.com/2010/04/21/red-hat-enterprise-linux-6-beta-available-today-for-public-download/

With Ubuntu’s impending 10.04 LTS release due out imminently it will be interesting to see how Red Hat fares against the much preferred Linux distro deskop of choice and its pitch against the enterprise server market.