how to create a new kvm image for eucalyptus UEC
| November 15th, 2009Eucalyptus is a new cloud management software available with the latest version of ubuntu (karmic koala). It’s compatible with Amazon’s EC2 (in terms of images and CLI tools) and it’s opensource so anyone can build a EC2 like service. That is… when it becomes a little bit more stable… 
Eucalyptus comes with 2 images you can use to create vm instances on it – a 64 bit and 32 bit versions of ubuntu. These images are very well prepared and well integrated with EC2/Eucalyptus. But what if you want to run a different linux distro in your Eucalyptus based lab? Here’s a quick howto on creating a simple CentOS image on a ubuntu box with kvm installed:
Creating a new disk Image
This will be the main hdd in your virtual image, so make sure to give it as much space as you think you’ll need. Since we’re building a kvm image, we can use a qcow2 format for disk images. Qcow2 is an expandable image format, so it’ll only take as much storage space as it’s actually used withing the image.
OS Installation
Fetch an .iso of the distribution you want installed in the image.
and start the installation process:
nic,vlan=0,model=e1000,macaddr=00:16:3e:de:ad:01 -net tap
if your installation process requires more than 256MB of RAM change the -m option, and if you need more processors available, you can use the ‘-c’ option.
The command above will boot a new kvm instance, with the disk image you’ve created as the primary hdd and the iso as the first bootable device. Also the ‘-curses’ option will make the kvm display all console output to your ssh session. (I’m assuming here, you’re creating this image over a remote connection, if you’re not you can probably skip the -curses option and kvm should use sdl drivers instead)
After finishing the installation you can test the new virtual machine by running:
At this point you can add all the packages you want to have installed, all users, any settings that need to be present in your new UEC instances.
Now it’s also a good time to copy the kernel and the initrd image from your new vm image some place outside. They will be used later on to create and upload an complete virtual image to your UEC.
Before you shut your new shiny image down there’s one more step to be done:
Integration with UEC
Your new image needs to know what IP it has when started in UEC and also, it needs to know the public bit of the ssh key allowed to access it. The way it’s done in UEC (and EC2?) is via a restful interface provided by the cloud. The interface is available under this URL: http://169.254.169.254/latest/meta-data. You can use wget to see what information is provided:
What’s interesting for us here is the public key data which is available here:
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
As we need to automate the whole process a bit, let’s put it all into an init.d script:
#
. /etc/rc.d/init.d/functions
RETVAL=0
start()
{
fetch_ssh_key
regenerate_ssh_keys
}
stop()
{
echo “nothing to stop…”
}
regenerate_ssh_keys()
{
rm -f /etc/ssh/ssh_host_key /etc/ssh/ssh_host_rsa_key /etc/ssh_ssh_host_dsa_key
[ -f /etc/ssh/ssh_host_key ] || (ssh-keygen -f /etc/ssh/ssh_host_key -t rsa1 -C ‘host’ -N ” | logger -s -t “ec2″)
[ -f /etc/ssh/ssh_host_rsa_key ] || (ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -C ‘host’ -N ” | logger -s -t “ec2″)
[ -f /etc/ssh/ssh_host_dsa_key ] || (ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t dsa -C ‘host’ -N ” | logger -s -t “ec2″)
echo “—–BEGIN SSH HOST KEY FINGERPRINTS—–” |logger -s -t “ec2″
ssh-keygen -l -f /etc/ssh/ssh_host_key.pub |logger -s -t “ec2″
ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub |logger -s -t “ec2″
ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub |logger -s -t “ec2″
echo “—–END SSH HOST KEY FINGERPRINTS—–” |logger -s -t “ec2″
}
fetch_ssh_key()
{
if [ ! -d /root/.ssh ] ; then
mkdir -p /root/.ssh
chmod 700 /root/.ssh
fi
curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/ssh-key
if [ $? -eq 0 ] ; then
cat /tmp/ssh-key >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
rm /tmp/ssh-key
# disable password logging
sed -i.bkp ’s/^PasswordAuthentication yes/PasswordAuthentication no/’ /etc/ssh/sshd_config
fi
}
case “$1″ in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
condrestart)
echo “not implemented”
;;
status)
echo “not implemented”
;;
*)
echo $”Usage: $0 {start|stop|restart|reload|condrestart|status}”
RETVAL=1
esac
exit $RETVAL
Enable this script in your boot process. The script will not only download and install this key on root account. It also regenerates your instance’ keys and displays their fingerprints on the console (so you can see them by doing euca-get-console-output i-instance_number)
This script is just a simple example, you can also take the python uec backend available in ubuntu and use it to do the same thing i a slightly better and cleaner way.
Uploading to UEC
The last step is uploading your image to UEC:
bundle and upload the previously copied kernel first:
euca-upload-bundle -k mybucket -m /tmp/vmlinuz-2.6.28-11-generic.manifest.xml
euca-register mybucket/vmlinuz-2.6.28-11-generic.manifest.xml
save the k-* output produced by the last command above and proceed with initrd:
euca-upload-bundle -b mybucket /tmp/initrd.img-2.6.28-11-generic.manifest.xml
euca-register mybucket/initrd.img-2.6.28-11-generic.manifest.xml
as above, save the i-* output and upload the image now:
euca-upload-bundle -b mybucket -m /tmp/image.img.manifest.xml
euca-register mybucket/image.img.manifest.xml
All done, your new image should be visible after euca-describe-images -a.