Add new articles to documentation
Add converted into rst fromat the following articles: * Windows image builder * Linux image builder * Uploading image to Glance * Lab preparation and system requiremnts added in installation section * SSL configuration Change-Id: I6b4c7e7e6670690e5722ea906e6464faff2a369b Signed-off-by: Ekaterina Fedorova <efedorova@mirantis.com>
This commit is contained in:
parent
4603c2a48d
commit
e2e00a2382
doc/source
25
doc/source/image_builders/index.rst
Normal file
25
doc/source/image_builders/index.rst
Normal file
@ -0,0 +1,25 @@
|
||||
..
|
||||
Copyright 2014 Mirantis, Inc.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
not use this file except in compliance with the License. You may obtain
|
||||
a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
License for the specific language governing permissions and limitations
|
||||
under the License.
|
||||
|
||||
=====================
|
||||
Building Murano Image
|
||||
=====================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 2
|
||||
|
||||
windows
|
||||
linux
|
||||
upload
|
226
doc/source/image_builders/linux.rst
Normal file
226
doc/source/image_builders/linux.rst
Normal file
@ -0,0 +1,226 @@
|
||||
..
|
||||
Copyright 2014 Mirantis, Inc.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
not use this file except in compliance with the License. You may obtain
|
||||
a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
License for the specific language governing permissions and limitations
|
||||
under the License.
|
||||
|
||||
===========
|
||||
Linux Image
|
||||
===========
|
||||
|
||||
**Create a VM**
|
||||
|
||||
This section describes steps required to build an image of Linux Virtual
|
||||
Machine which could be used with Murano. There are two possible ways to
|
||||
create it - from CLI or using GUI tools. We describe both in this
|
||||
section.
|
||||
|
||||
**Note**
|
||||
|
||||
Run all commands as root.
|
||||
|
||||
**Way 1: Using CLI Tools**
|
||||
|
||||
This section describes the required step to launch a VM using CLI tools
|
||||
only.
|
||||
|
||||
1. Preallocate disk image
|
||||
|
||||
::
|
||||
|
||||
># qemu-img create -f qcow2 /var/lib/libvirt/images/cloud-linux.img 10G
|
||||
|
||||
|
||||
2. Start the VM
|
||||
|
||||
::
|
||||
|
||||
># virt-install --connect qemu:///system --hvm --name cloud-linux \
|
||||
--ram 2048 --vcpus 2 --cdrom /PATH_TO_YOUR_LINUX.ISO \
|
||||
--disk path=/var/lib/libvirt/images/cloud-linux.img, \
|
||||
format=qcow2,bus=virtio,cache=none \
|
||||
--network network=default,model=virtio \
|
||||
--memballoon model=virtio --vnc --os-type=linux \
|
||||
--accelerate --noapic --keymap=en-us --video=cirrus --force
|
||||
|
||||
**Way 2: Using virt-manager UI**
|
||||
|
||||
A VM also could be lauched via GUI tools like virt-manager.
|
||||
|
||||
1. Launch *virt-manager* from shell as root
|
||||
|
||||
2. Set a name for VM and select Local install media
|
||||
|
||||
3. Add one cdrom and attach your linux ISO image to it
|
||||
|
||||
4. Select OS type **Linux** and it's version **choose yours**
|
||||
|
||||
5. Set CPU and RAM amount
|
||||
|
||||
6. Deselect option **Enable storage for this virtual machine**
|
||||
|
||||
7. Select option **Customize configuration before install**
|
||||
|
||||
8. Add (or create new) HDD image with Disk bus **VirtIO** and storage
|
||||
format **QCOW2**
|
||||
|
||||
9. Set network device model **VirtIO**
|
||||
|
||||
10. Start installation process and open guest vm screen through
|
||||
**Console** button
|
||||
|
||||
Guest VM Linux OS preparation
|
||||
=============================
|
||||
|
||||
**Ubuntu 12.04 LTS x86\_64**
|
||||
|
||||
::
|
||||
|
||||
># for action in update upgrade dist-upgrade;do apt-get -y $action;done
|
||||
># apt-get install -y git unzip make cmake gcc python-dev python-pip openssh-server sudo
|
||||
|
||||
|
||||
**CentOS 6.4 x86\_64**
|
||||
|
||||
::
|
||||
|
||||
># rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
|
||||
># for action in update upgrade;do yum -y $action; done
|
||||
># yum install -y git unzip make cmake gcc python-devel python-pip openssh-server openssh-clients sudo
|
||||
|
||||
|
||||
**murano-agent installation steps**
|
||||
|
||||
::
|
||||
|
||||
># mkdir -p /opt/git
|
||||
># cd /opt/git
|
||||
># git clone https://github.com/stackforge/murano-agent.git
|
||||
># cd murano-agent/python-agent
|
||||
># git checkout release-0.5
|
||||
># chmod a+x setup*.sh
|
||||
|
||||
# To install Murano Agent on run the following command:
|
||||
- **Ubuntu**
|
||||
># ./setup.sh install
|
||||
- **CentOS**
|
||||
># ./setup-centos.sh install
|
||||
|
||||
|
||||
**cloud-init installation steps**
|
||||
|
||||
- **Ubuntu**
|
||||
|
||||
::
|
||||
|
||||
># apt-get install -y cloud-init cloud-initramfs-growroot
|
||||
|
||||
|
||||
- **CentOS**
|
||||
|
||||
::
|
||||
|
||||
># yum install -y cloud-init
|
||||
|
||||
|
||||
**Note**
|
||||
|
||||
**Ubuntu only**
|
||||
|
||||
::
|
||||
|
||||
># dpkg-reconfigure cloud-init
|
||||
|
||||
|
||||
Mark **EC2** data source support, save and exit or add manualy
|
||||
**Ec2** to the datasource\_list variable in the
|
||||
/etc/cloud/cloud.cfg.d/90\_dfkg.cfg
|
||||
|
||||
- **Minimal cloud-init configuration options**
|
||||
|
||||
::
|
||||
|
||||
># vi /etc/cloud/cloud.cfg:
|
||||
user: ec2-user
|
||||
disable_root: 1
|
||||
preserve_hostname: False
|
||||
|
||||
|
||||
**Security setup**
|
||||
|
||||
Create user and make it able to run commands through sudo without
|
||||
password prompt.
|
||||
|
||||
- **Ubuntu**
|
||||
|
||||
::
|
||||
|
||||
># useradd -m -G sudo -s /bin/bash ec2-user
|
||||
># passwd ec2-user
|
||||
|
||||
|
||||
- **CentOS**
|
||||
|
||||
::
|
||||
|
||||
># useradd -m -G wheel -s /bin/bash ec2-user
|
||||
># passwd ec2-user
|
||||
|
||||
|
||||
- **Sudo**
|
||||
|
||||
::
|
||||
|
||||
># echo "ec2-user ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/ec2-user
|
||||
># chmod 440 /etc/sudoers.d/ec2-user
|
||||
|
||||
**Disable SSH password-based logins in the /etc/ssh/sshd\_config.**
|
||||
|
||||
::
|
||||
|
||||
...
|
||||
GSSAPIAuthentication no
|
||||
PasswordAuthentication no
|
||||
PermitRootLogin no
|
||||
...
|
||||
|
||||
|
||||
</itemizedlist> </para>
|
||||
**Network handling**
|
||||
|
||||
- **Ubuntu**
|
||||
|
||||
::
|
||||
|
||||
># rm -rf /etc/udev/rules.d/70-persistent-net.rules
|
||||
|
||||
|
||||
- **CentOS** Remove or comment out HWADDR and UUID in
|
||||
/etc/sysconfig/network-scripts/ifcfg-eth\*
|
||||
|
||||
::
|
||||
|
||||
># rm -rf /etc/udev/rules.d/70-persistent-net.rules
|
||||
|
||||
|
||||
**Shutdown VM**
|
||||
|
||||
**Convert the image from RAW to QCOW2 format if you made it as RAW.**
|
||||
|
||||
The image must be converted from RAW format to QCOW2 before being
|
||||
imorted into Glance.
|
||||
|
||||
::
|
||||
|
||||
># qemu-img convert -O qcow2 /var/lib/libvirt/images/cloud-linux.img \
|
||||
/var/lib/libvirt/images/cloud-linux.img.qcow2
|
||||
|
81
doc/source/image_builders/upload.rst
Normal file
81
doc/source/image_builders/upload.rst
Normal file
@ -0,0 +1,81 @@
|
||||
..
|
||||
Copyright 2014 Mirantis, Inc.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
not use this file except in compliance with the License. You may obtain
|
||||
a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
License for the specific language governing permissions and limitations
|
||||
under the License.
|
||||
|
||||
========================
|
||||
Upload Image Into Glance
|
||||
========================
|
||||
|
||||
To deploy applications with Murano, virtual machine images should be uploaded into Glance in a special way - *murano_image_info* property should be set
|
||||
|
||||
1. Use the glance image-create command to import your disk image to
|
||||
Glance:
|
||||
|
||||
::
|
||||
|
||||
>$ glance image-create --name <NAME> --is-public true --disk-format qcow2 --container-format bare --file <IMAGE_FILE> --property <IMAGE_METADATA>
|
||||
|
||||
Replace the command line arguments to glance image-create with the
|
||||
appropriate values for your environment and disk image:
|
||||
|
||||
* Replace **<NAME>** with the name that users will refer to the disk
|
||||
image by. E.g. '**ws-2012-std**\ '
|
||||
|
||||
* Replace **<IMAGE\_FILE>** with the local path to the image file to
|
||||
upload. E.g. '**ws-2012-std.qcow2**\ '.
|
||||
|
||||
* Replace **<IMAGE\_METADATA>** with the following property string
|
||||
|
||||
::
|
||||
|
||||
murano_image_info='{"title": "Windows 2012 Standart Edition", "type": "windows.2012"}'
|
||||
|
||||
where
|
||||
|
||||
* title - user-friendly description of the image
|
||||
* type - is a image type, for example 'windows.2012'
|
||||
|
||||
2. To update metadata of the existing image run the command:
|
||||
|
||||
::
|
||||
|
||||
>$ glance image-update <IMAGE-ID> --property <IMAGE_MATADATA>
|
||||
|
||||
* Replace **<IMAGE-ID>** with image id from the previous command
|
||||
output.
|
||||
|
||||
* Replace **<IMAGE\_METADATA>** with murano\_image\_info property, e.g.
|
||||
|
||||
::
|
||||
|
||||
murano_image_info='{"title": "Windows 2012 Standart Edition", "type": "windows.2012"}'
|
||||
|
||||
**Warning**
|
||||
|
||||
The value of the **--property** argument named
|
||||
**murano\_image\_info** is a JSON string. Only double quotes are
|
||||
valid in JSON, so please type the string exactly as in the example
|
||||
above.
|
||||
|
||||
**Note**
|
||||
|
||||
Already existing image could be marked in a simple way in Horizon UI with Murano dashboard installed. Navigate to *Murano -> Manage -> Images -> Mark Image* and fill up a form:
|
||||
|
||||
- **Image** - ws-2012-std
|
||||
|
||||
- **Title** - My Prepared Image
|
||||
|
||||
- **Type** - Windows Server 2012
|
||||
|
||||
After these steps desired image can be chosen in application creation wizard.
|
438
doc/source/image_builders/windows.rst
Normal file
438
doc/source/image_builders/windows.rst
Normal file
@ -0,0 +1,438 @@
|
||||
..
|
||||
Copyright 2014 Mirantis, Inc.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
not use this file except in compliance with the License. You may obtain
|
||||
a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
License for the specific language governing permissions and limitations
|
||||
under the License.
|
||||
|
||||
=============
|
||||
Windows Image
|
||||
=============
|
||||
|
||||
Murano requires a Windows Image in QCOW2 format to be builded and
|
||||
uploaded into Glance.
|
||||
|
||||
The easiest way to build Windows image for Murano is to build it on the
|
||||
host where your OpenStack is installed.
|
||||
|
||||
Install Required Packages
|
||||
=========================
|
||||
|
||||
**Note**
|
||||
|
||||
Please check that hardware virtualization supported and enabled in
|
||||
BIOS.
|
||||
|
||||
The following packages should be installed on any host which will be
|
||||
used to build Windows Image:
|
||||
|
||||
* ipxe-qemu
|
||||
* kvm-ipxe
|
||||
* qemu-kvm
|
||||
* munin-libvirt-plugins
|
||||
* python-libvirt
|
||||
* virt-goodies
|
||||
* virt-manager
|
||||
* virt-top
|
||||
* virt-what
|
||||
* virtinst
|
||||
* python
|
||||
|
||||
On Ubuntu you could install them using the command below:
|
||||
|
||||
::
|
||||
|
||||
># apt-get install ipxe-qemu kvm-ipxe qemu-kvm virt-goodies \
|
||||
virtinst virt-manager libvirt0 libvirt-bin \
|
||||
munin-libvirt-plugins python python-libvirt \
|
||||
python-libxml2 python-minimal python-pycurl \
|
||||
python-pyorbit python-requests python-six \
|
||||
samba samba-common openssh-server virt-top virt-what
|
||||
|
||||
|
||||
Configure Shared Resource
|
||||
=========================
|
||||
|
||||
**Configure samba based share.**
|
||||
|
||||
::
|
||||
|
||||
># mkdir -p /opt/samba/share
|
||||
># chown -R nobody:nogroup /opt/samba/share
|
||||
|
||||
**Configure samba server (/etc/samba/smb.conf).**
|
||||
|
||||
::
|
||||
|
||||
...
|
||||
[global]
|
||||
...
|
||||
security = user
|
||||
...
|
||||
[share]
|
||||
comment = Deployment Share
|
||||
path = /opt/samba/share
|
||||
browsable = yes
|
||||
read only = no
|
||||
create mask = 0755
|
||||
guest ok = yes
|
||||
guest account = nobody
|
||||
...
|
||||
|
||||
**Restart services.**
|
||||
|
||||
::
|
||||
|
||||
># service smbd restart
|
||||
># service nmbd restart
|
||||
|
||||
Prerequisites
|
||||
===============
|
||||
|
||||
Download the files below and copy them into their places in your
|
||||
**${SHARE\_PATH}** folder (we usually use **/opt/samba/share** as
|
||||
**${SHARE\_PATH}**):
|
||||
|
||||
* *Windows 2012 Server ISO evaluation version*
|
||||
|
||||
* ${SHARE\_PATH}/libvirt/images/ws-2012-eval.iso
|
||||
* `http://technet.microsoft.com/en-us/evalcenter/hh670538.aspx`_
|
||||
|
||||
* *VirtIO drivers for Windows*
|
||||
|
||||
* ${SHARE\_PATH}/libvirt/images/virtio-win-0.1-74.iso
|
||||
* `http://alt.fedoraproject.org/pub/alt/virtio-win/stable/virtio-win-0.1-74.iso`_
|
||||
|
||||
* *CloudBase-Init for Windows*
|
||||
|
||||
* ${SHARE\_PATH}/share/files/CloudbaseInitSetup\_Beta.msi
|
||||
* `https://www.cloudbase.it/downloads/CloudbaseInitSetup_Beta.msi`_
|
||||
|
||||
* *Far Manager*
|
||||
|
||||
* ${SHARE\_PATH}/share/files/Far30b3367.x64.20130717.msi
|
||||
* `http://www.farmanager.com/files/Far30b3525.x64.20130717.msi`_
|
||||
|
||||
* Git client
|
||||
|
||||
* ${SHARE\_PATH}/share/files/Git-1.8.1.2-preview20130601.exe
|
||||
* `https://msysgit.googlecode.com/files/Git-1.8.3-preview20130601.exe`_
|
||||
|
||||
* *Sysinternals Suite*
|
||||
|
||||
* ${SHARE\_PATH}/share/files/SysinternalsSuite.zip
|
||||
* `http://download.sysinternals.com/files/SysinternalsSuite.zip`_
|
||||
|
||||
* *unzip.exe tool*
|
||||
|
||||
* ${SHARE\_PATH}/share/files/unzip.exe
|
||||
* `https://www.dropbox.com/sh/zthldcxnp6r4flm/AACwiyfcrlGDt3ygCFHrbwMra/unzip.exe`_
|
||||
|
||||
* *PowerShell v3*
|
||||
|
||||
* ${SHARE\_PATH}/share/files/Windows6.1-KB2506143-x64.msu
|
||||
* `http://www.microsoft.com/en-us/download/details.aspx?id=34595`_
|
||||
* *.NET 4.0*
|
||||
|
||||
* ${SHARE\_PATH}/share/files/dotNetFx40\_Full\_x86\_x64.exe
|
||||
* `http://www.microsoft.com/en-us/download/details.aspx?id=17718`_
|
||||
|
||||
|
||||
* *.NET 4.5*
|
||||
|
||||
* ${SHARE\_PATH}/share/files/dotNetFx45\_Full\_setup.exe
|
||||
* `http://www.microsoft.com/en-us/download/details.aspx?id=30653`_
|
||||
|
||||
|
||||
* *Murano Agent*
|
||||
|
||||
* ${SHARE\_PATH}/share/files/MuranoAgent.zip
|
||||
* `https://www.dropbox.com/sh/zthldcxnp6r4flm/AADh6LkVkcw2j8nKZevqedHja/MuranoAgent.zip`_
|
||||
|
||||
|
||||
.. _`http://technet.microsoft.com/en-us/evalcenter/hh670538.aspx`: http://technet.microsoft.com/en-us/evalcenter/hh670538.aspx
|
||||
.. _`http://alt.fedoraproject.org/pub/alt/virtio-win/stable/virtio-win-0.1-74.iso`: http://alt.fedoraproject.org/pub/alt/virtio-win/stable/virtio-win-0.1-74.iso
|
||||
.. _`https://www.cloudbase.it/downloads/CloudbaseInitSetup_Beta.msi`: https://www.cloudbase.it/downloads/CloudbaseInitSetup_Beta.msi
|
||||
.. _`http://www.farmanager.com/files/Far30b3525.x64.20130717.msi`: http://www.farmanager.com/files/Far30b3525.x64.20130717.msi
|
||||
.. _`https://msysgit.googlecode.com/files/Git-1.8.3-preview20130601.exe`: https://msysgit.googlecode.com/files/Git-1.8.3-preview20130601.exe
|
||||
.. _`http://download.sysinternals.com/files/SysinternalsSuite.zip`: http://download.sysinternals.com/files/SysinternalsSuite.zip
|
||||
.. _`https://www.dropbox.com/sh/zthldcxnp6r4flm/AACwiyfcrlGDt3ygCFHrbwMra/unzip.exe`: https://www.dropbox.com/sh/zthldcxnp6r4flm/AACwiyfcrlGDt3ygCFHrbwMra/unzip.exe
|
||||
.. _`http://www.microsoft.com/en-us/download/details.aspx?id=34595`: http://www.microsoft.com/en-us/download/details.aspx?id=34595
|
||||
.. _`http://www.microsoft.com/en-us/download/details.aspx?id=17718`: http://www.microsoft.com/en-us/download/details.aspx?id=17718
|
||||
.. _`http://www.microsoft.com/en-us/download/details.aspx?id=30653`: http://www.microsoft.com/en-us/download/details.aspx?id=30653
|
||||
.. _`https://www.dropbox.com/sh/zthldcxnp6r4flm/AADh6LkVkcw2j8nKZevqedHja/MuranoAgent.zip`: https://www.dropbox.com/sh/zthldcxnp6r4flm/AADh6LkVkcw2j8nKZevqedHja/MuranoAgent.zip
|
||||
|
||||
|
||||
Additional Software
|
||||
===================
|
||||
|
||||
This section describes additional software which is required to build an
|
||||
Windows Image.
|
||||
|
||||
**Windows ADK**
|
||||
|
||||
*Windows Assessment and Deployment Kit (ADK) for Windows® 8* is required
|
||||
to build your own answer files for auto unattended Windows installation.
|
||||
|
||||
You can dowload it from `http://www.microsoft.com/en-us/download/details.aspx?id=30652`_.
|
||||
|
||||
**PuTTY**
|
||||
|
||||
PuTTY is a useful tool to manage your Linux boxes via SSH.
|
||||
|
||||
You can download it from
|
||||
`http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html`_.
|
||||
|
||||
**Windows Server ISO image**
|
||||
|
||||
We use the following Windows installation images:
|
||||
|
||||
* Windows Server 2008 R2
|
||||
|
||||
* Image Name:
|
||||
7601.17514.101119-1850\_x64fre\_server\_eval\_en-us-GRMSXEVAL\_EN\_DVD.iso
|
||||
* URL:
|
||||
`http://www.microsoft.com/en-us/download/details.aspx?id=11093`_
|
||||
|
||||
* Windows Server 2012
|
||||
|
||||
* Image Name:
|
||||
9200.16384.WIN8\_RTM.120725-1247\_X64FRE\_SERVER\_EVAL\_EN-US-HRM\_SSS\_X64FREE\_EN-US\_DV5.iso
|
||||
* URL:
|
||||
`http://technet.microsoft.com/en-US/evalcenter/hh670538.aspx?ocid=&wt.mc\_id=TEC\_108\_1\_33`_
|
||||
|
||||
|
||||
**VirtIO Red Hat drivers ISO image**
|
||||
|
||||
**Warning**
|
||||
|
||||
Please, choose stable version instead of latest, We’ve got errors
|
||||
with unstable drivers during guest unattended install.
|
||||
|
||||
Download drivers from
|
||||
`http://alt.fedoraproject.org/pub/alt/virtio-win/stable/`_
|
||||
|
||||
**Floppy Image With Unattended File**
|
||||
|
||||
Run following commands as root:
|
||||
|
||||
1. Create emtpy floppy image in your home folder
|
||||
|
||||
::
|
||||
|
||||
># dd bs=512 count=2880 \
|
||||
if=/dev/zero of=~/floppy.img \
|
||||
mkfs.msdos ~/floppy.img
|
||||
|
||||
2. Mount the image to **/media/floppy**
|
||||
|
||||
::
|
||||
|
||||
># mkdir /media/floppy mount -o loop \
|
||||
~/floppy.img /media/floppy
|
||||
|
||||
3. Download **autounattend.xml** file from
|
||||
`https://raw.githubusercontent.com/stackforge/murano-deployment/master/image-builder/share/files/ws-2012-std/autounattend.xml.template`_
|
||||
|
||||
::
|
||||
|
||||
># cd ~
|
||||
># wget https://raw.githubusercontent.com/stackforge/murano-deployment/master/image-builder/share/files/ws-2012-std/autounattend.xml.template
|
||||
|
||||
|
||||
4. Copy our **autounattend.xml** to **/media/floppy**
|
||||
|
||||
::
|
||||
|
||||
># cp ~/autounattend.xml /media/floppy
|
||||
|
||||
5. Unmount the image
|
||||
|
||||
::
|
||||
|
||||
># umount /media/floppy
|
||||
|
||||
.. _`http://www.microsoft.com/en-us/download/details.aspx?id=30652`: http://www.microsoft.com/en-us/download/details.aspx?id=30652
|
||||
.. _`http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html`: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
|
||||
.. _`http://www.microsoft.com/en-us/download/details.aspx?id=11093`: http://www.microsoft.com/en-us/download/details.aspx?id=11093
|
||||
.. _`http://technet.microsoft.com/en-US/evalcenter/hh670538.aspx?ocid=&wt.mc\_id=TEC\_108\_1\_33`: http://technet.microsoft.com/en-US/evalcenter/hh670538.aspx?ocid=&wt.mc\_id=TEC\_108\_1\_33
|
||||
.. _`http://alt.fedoraproject.org/pub/alt/virtio-win/stable/`: http://alt.fedoraproject.org/pub/alt/virtio-win/stable/
|
||||
.. _`https://raw.githubusercontent.com/stackforge/murano-deployment/master/image-builder/share/files/ws-2012-std/autounattend.xml.template`: https://raw.githubusercontent.com/stackforge/murano-deployment/master/image-builder/share/files/ws-2012-std/autounattend.xml.template
|
||||
|
||||
Build Windows Image (Automatic Way)
|
||||
===================================
|
||||
|
||||
1. Clone **murano-deployment** repository
|
||||
|
||||
::
|
||||
|
||||
># git clone git://github.com/stackforge/murano-deployment.git
|
||||
|
||||
2. Change directory to **murano-deployment/image-builder** folder.
|
||||
|
||||
3. Create folder structure for image builder
|
||||
|
||||
::
|
||||
|
||||
># make build-root
|
||||
|
||||
4. Create shared resource
|
||||
|
||||
**Add to /etc/samba/smb.conf.**
|
||||
|
||||
::
|
||||
|
||||
[image-builder-share]
|
||||
comment = Image Builder Share
|
||||
browsable = yes
|
||||
path = /opt/image-builder/share
|
||||
guest ok = yes
|
||||
guest user = nobody
|
||||
read only = no
|
||||
create mask = 0755
|
||||
|
||||
**Restart samba services.**
|
||||
|
||||
::
|
||||
|
||||
># restart smbd && restart nmbd
|
||||
|
||||
5. Test that all required files are in place
|
||||
|
||||
::
|
||||
|
||||
># make test-build-files
|
||||
|
||||
6. Get list of available images
|
||||
|
||||
::
|
||||
|
||||
># make
|
||||
|
||||
7. Run image build process
|
||||
|
||||
::
|
||||
|
||||
># make ws-2012-std
|
||||
|
||||
8. Wait until process finishes
|
||||
|
||||
9. The image file **ws-2012-std.qcow2** should be stored under
|
||||
**/opt/image-builder/share/images** folder.
|
||||
|
||||
Build Windows Image (Manual Way)
|
||||
================================
|
||||
|
||||
**Warning**
|
||||
|
||||
Please note that the preferred way to build images is to use
|
||||
**Automated Build** described in the previous chapter.
|
||||
|
||||
**Get Post-Install Scripts**
|
||||
|
||||
There are a few scripts which perform all the required post-installation
|
||||
tasks.
|
||||
|
||||
Package installation tasks are performed by script named **wpi.ps1**.
|
||||
|
||||
Download it from `https://raw.github.com/stackforge/murano-deployment/master/image-builder/share/scripts/ws-2012-std/wpi.ps1`_
|
||||
|
||||
**Note**
|
||||
|
||||
There are a few scripts named **wpi.ps1**, each supports only one
|
||||
version of Windows image. The script above is intended to be used to
|
||||
create Windows Server 2012 Standard. To build other version of
|
||||
Windows please use appropriate script from **scripts** folder.
|
||||
|
||||
Clean-up actions to finish image preparation are performed by
|
||||
**Start-Sysprep.ps1** script.
|
||||
|
||||
Download it from `https://raw.github.com/stackforge/murano-deployment/master/image-builder/share/scripts/ws-2012-std/Start-Sysprep.ps1`_
|
||||
|
||||
These scripts should be copied to the shared resource folder, subfolder
|
||||
**Scripts**.
|
||||
|
||||
**Create a VM**
|
||||
|
||||
This section describes steps required to build an image of Windows
|
||||
Virtual Machine which could be used with Murano. There are two possible
|
||||
ways to create it - from CLI or using GUI tools. We describe both in
|
||||
this section.
|
||||
|
||||
**Note**
|
||||
|
||||
Run all commands as root.
|
||||
|
||||
**Way 1: Using CLI Tools**
|
||||
|
||||
This section describes the required step to launch a VM using CLI tools
|
||||
only.
|
||||
|
||||
1. Preallocate disk image
|
||||
|
||||
::
|
||||
|
||||
># qemu-img create -f raw /var/lib/libvirt/images/ws-2012.img 40G
|
||||
|
||||
2. Start the VM
|
||||
|
||||
::
|
||||
|
||||
># virt-install --connect qemu:///system --hvm --name WinServ \
|
||||
--ram 2048 --vcpus 2 --cdrom /opt/samba/share/9200.16384.WIN8_RTM\
|
||||
.120725-1247_X64FRE_SERVER_EVAL_EN-US-HRM_SSS_X64FREE_EN-US_DV5.ISO \
|
||||
--disk path=/opt/samba/share/virtio-win-0.1-52.iso,device=cdrom \
|
||||
--disk path=/opt/samba/share/floppy.img,device=floppy \
|
||||
--disk path=/var/lib/libvirt/images/ws-2012.qcow2\
|
||||
,format=qcow2,bus=virtio,cache=none \
|
||||
--network network=default,model=virtio \
|
||||
--memballoon model=virtio --vnc --os-type=windows \
|
||||
--os-variant=win2k8 --noautoconsole \
|
||||
--accelerate --noapic --keymap=en-us --video=cirrus --force
|
||||
|
||||
**Way 2: Using virt-manager UI**
|
||||
|
||||
A VM also could be lauched via GUI tools like virt-manager.
|
||||
|
||||
1. Launch *virt-manager* from shell as root
|
||||
|
||||
2. Set a name for VM and select Local install media
|
||||
|
||||
3. Add one cdrom and attach Windows Server ISO image to it
|
||||
|
||||
4. Select OS type **Windows**
|
||||
|
||||
5. Set CPU and RAM amount
|
||||
|
||||
6. Deselect option **Enable storage for this virtual machine**
|
||||
|
||||
7. Add second cdrom for ISO image with virtio drivers
|
||||
|
||||
8. Add a floppy drive and attach our floppy image to it
|
||||
|
||||
9. Add (or create new) HDD image with Disk bus **VirtIO** and storage format **RAW**
|
||||
|
||||
10. Set network device model **VirtIO**
|
||||
|
||||
11. Start installation process and open guest vm screen through **Console** button
|
||||
|
||||
**Convert the image from RAW to QCOW2 format.**
|
||||
|
||||
The image must be converted from RAW format to QCOW2 before being
|
||||
imported into Glance.
|
||||
|
||||
::
|
||||
|
||||
># qemu-img convert -O qcow2 /var/lib/libvirt/images/ws-2012.raw \
|
||||
/var/lib/libvirt/images/ws-2012-ref.qcow2
|
||||
|
||||
.. _`https://raw.github.com/stackforge/murano-deployment/master/image-builder/share/scripts/ws-2012-std/wpi.ps1`: https://raw.github.com/stackforge/murano-deployment/master/image-builder/share/scripts/ws-2012-std/wpi.ps1
|
||||
.. _`https://raw.github.com/stackforge/murano-deployment/master/image-builder/share/scripts/ws-2012-std/Start-Sysprep.ps1`: https://raw.github.com/stackforge/murano-deployment/master/image-builder/share/scripts/ws-2012-std/Start-Sysprep.ps1
|
@ -58,7 +58,7 @@ Table of contents
|
||||
guidelines
|
||||
install/index
|
||||
articles/index
|
||||
|
||||
image_builders/index
|
||||
|
||||
Indices and tables
|
||||
==================
|
||||
|
@ -22,5 +22,7 @@
|
||||
.. toctree::
|
||||
:maxdepth: 2
|
||||
|
||||
prepare
|
||||
development
|
||||
manual
|
||||
ssl
|
||||
|
187
doc/source/install/prepare.rst
Normal file
187
doc/source/install/prepare.rst
Normal file
@ -0,0 +1,187 @@
|
||||
..
|
||||
Copyright 2014 2014 Mirantis, Inc.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
not use this file except in compliance with the License. You may obtain
|
||||
a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
License for the specific language governing permissions and limitations
|
||||
under the License.
|
||||
|
||||
========================
|
||||
Prepare A Lab For Murano
|
||||
========================
|
||||
This section provides basic information about lab's system requirements.
|
||||
It also contains a description of a test which you may use to check if
|
||||
your hardware fits the requirements. To do this, run the test and
|
||||
compare the results with baseline data provided.
|
||||
|
||||
System prerequisites
|
||||
=====================
|
||||
**Supported Operation Systems**
|
||||
|
||||
* Ubuntu Server 12.04 LTS
|
||||
* RHEL/CentOS 6.4
|
||||
|
||||
**System packages are required for Murano**
|
||||
|
||||
*Ubuntu*
|
||||
|
||||
* gcc
|
||||
|
||||
* python-pip
|
||||
|
||||
* python-dev
|
||||
|
||||
* libxml2-dev
|
||||
|
||||
* libxslt-dev
|
||||
|
||||
* libffi-dev
|
||||
|
||||
*CentOS*
|
||||
|
||||
* gcc
|
||||
|
||||
* python-pip
|
||||
|
||||
* python-devel
|
||||
|
||||
* libxml2-devel
|
||||
|
||||
* libxslt-devel
|
||||
|
||||
* libffi-devel
|
||||
|
||||
|
||||
Lab Requirements
|
||||
================
|
||||
|
||||
+------------+--------------------------------+----------------------+
|
||||
| Criteria | Minimal | Recommended |
|
||||
+============+================================+======================+
|
||||
| CPU | 4 core @ 2.4 GHz | 24 core @ 2.67 GHz |
|
||||
+------------+--------------------------------+----------------------+
|
||||
| RAM | 8 GB | 24 GB or more |
|
||||
+------------+--------------------------------+----------------------+
|
||||
| HDD | 2 x 500 GB (7200 rpm) | 4 x 500 GB (7200 rpm |
|
||||
+------------+--------------------------------+----------------------+
|
||||
| RAID | Software RAID-1 (use mdadm as | Hardware RAID-10 |
|
||||
| | it will improve read | |
|
||||
| | performance almost two times) | |
|
||||
+------------+--------------------------------+----------------------+
|
||||
|
||||
Table: Hardware requirements
|
||||
|
||||
There are a few possible storage configurations except the shown above.
|
||||
All of them were tested and were working well.
|
||||
|
||||
* 1x SSD 500+ GB
|
||||
|
||||
* 1x HDD (7200 rpm) 500+ GB and 1x SSD 250+ GB (install the system onto
|
||||
the HDD and mount the SSD drive to folder where VM images are)
|
||||
|
||||
* 1x HDD (15000 rpm) 500+ GB
|
||||
|
||||
Test Your Lab Host Performance
|
||||
==============================
|
||||
|
||||
We have measured time required to boot 1 to 5 instances of Windows
|
||||
system simultaneously. You can use this data as the baseline to check if
|
||||
your system is fast enough.
|
||||
|
||||
You should use sysprepped images for this test, to simulate VM first
|
||||
boot.
|
||||
|
||||
Steps to reproduce test:
|
||||
|
||||
1. Prepare Windows 2012 Standard (with GUI) image in QCOW2 format. Let's
|
||||
assume that its name is ws-2012-std.qcow2
|
||||
|
||||
2. Ensure that there is NO KVM PROCESSES on the host. To do this, run
|
||||
command:
|
||||
|
||||
::
|
||||
|
||||
># ps aux | grep kvm
|
||||
|
||||
3. Make 5 copies of Windows image file:
|
||||
|
||||
::
|
||||
|
||||
># for i in $(seq 5); do \
|
||||
cp ws-2012-std.qcow2 ws-2012-std-$i.qcow2; done
|
||||
|
||||
4. Create script start-vm.sh in the folder with .qcow2 files:
|
||||
|
||||
::
|
||||
|
||||
#!/bin/bash
|
||||
[ -z $1 ] || echo "VM count not provided!"; exit 1
|
||||
for i in $(seq $1); do
|
||||
echo "Starting VM $i ..."
|
||||
kvm -m 1024 -drive file=ws-2012-std-$i.qcow2,if=virtio -net user -net nic,model=virtio -nographic -usbdevice tablet -vnc :$i & done
|
||||
|
||||
5. Start ONE instance with command below (as root) and measure time
|
||||
between VM’s launch and the moment when Server Manager window
|
||||
appears. To view VM’s desktop, connect with VNC viewer to your host
|
||||
to VNC screen :1 (port 5901):
|
||||
|
||||
::
|
||||
|
||||
># ./start-vm.sh 1
|
||||
|
||||
6. Turn VM off. You may simply kill all KVM processes by
|
||||
|
||||
::
|
||||
|
||||
># killall kvm
|
||||
|
||||
7. Start FIVE instances with command below (as root) and measure time
|
||||
interval between ALL VM’s launch and the moment when LAST Server Manager
|
||||
window appears. To view VM’s desktops, connect with VNC viewer to your
|
||||
host to VNC screens :1 thru :5 (ports 5901-5905):
|
||||
|
||||
::
|
||||
|
||||
># ./start-vm.sh 5
|
||||
|
||||
8. Turn VMs off. You may simply kill all KVM processes by
|
||||
|
||||
::
|
||||
|
||||
># killall kvm
|
||||
|
||||
Baseline Data
|
||||
=============
|
||||
|
||||
The table below provides baseline data which we've got in our
|
||||
environment.
|
||||
|
||||
**Avg. Time** refers to the lab with recommended hardware configuration,
|
||||
while **Max. Time** refers to minimal hardware configuration.
|
||||
|
||||
+--------------------------+--------------------------+---------------------+
|
||||
| | Boot ONE instance | Boot FIVE instances |
|
||||
+==========================+==========================+=====================+
|
||||
| Avg. Time | 3m:40s | 8m |
|
||||
+--------------------------+--------------------------+---------------------+
|
||||
| Max. Time | 5m | 20m |
|
||||
+--------------------------+--------------------------+---------------------+
|
||||
|
||||
Host Optimizations
|
||||
==================
|
||||
|
||||
Default KVM installation could be improved to provide better
|
||||
performance.
|
||||
|
||||
The following optimizations may improve host performance up to 30%:
|
||||
|
||||
* change default scheduler from **CFQ** to **Deadline**
|
||||
* use **ksm**
|
||||
* use **vhost-net**
|
136
doc/source/install/ssl.rst
Normal file
136
doc/source/install/ssl.rst
Normal file
@ -0,0 +1,136 @@
|
||||
..
|
||||
Copyright 2014 2014 Mirantis, Inc.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
not use this file except in compliance with the License. You may obtain
|
||||
a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
License for the specific language governing permissions and limitations
|
||||
under the License.
|
||||
|
||||
=================
|
||||
SSL configuration
|
||||
=================
|
||||
Murano components are able to work with SSL. This chapter will help your
|
||||
to make proper settings with SSL configuration.
|
||||
|
||||
HTTPS for Murano API
|
||||
====================
|
||||
|
||||
SSL for Murano API service can be configured in *ssl* section in
|
||||
``/etc/murano/murano-api.conf``. Just point to a valid SSL certificate.
|
||||
See the example below:
|
||||
|
||||
::
|
||||
|
||||
|
||||
[ssl]
|
||||
cert_file = PATH
|
||||
key_file = PATH
|
||||
ca_file = PATH
|
||||
|
||||
- *cert\_file* Path to the certificate file the server should use when binding to an SSL-wrapped socket.
|
||||
- *key\_file* Path to the private key file the server should use when binding to an SSL-wrapped socket.
|
||||
- *ca\_file* Path to the CA certificate file the server should use to validate client certificates provided during an SSL handshake. This is ignored if cert\_file and "key\_file" are not set.
|
||||
|
||||
The use of SSL is automatically started after point to HTTPS protocol
|
||||
instead of HTTP during registration Murano API service in endpoints
|
||||
(Change publicurl argument to start with \https://).
|
||||
SSL for Murano API is implemented like in any other Openstack component.
|
||||
This realization is based on ssl python module so more information about
|
||||
it can be found `here`_.
|
||||
|
||||
.. _`here`: https://docs.python.org/2/library/ssl.html
|
||||
|
||||
SSL for RabbitMQ
|
||||
================
|
||||
|
||||
All Murano components communicate with each other by RabbitMQ. This
|
||||
interaction can be encrypted with SSL. By default all messages in Rabbit
|
||||
MQ are not encrypted. Each RabbitMQ Exchange should be configured
|
||||
separately.
|
||||
|
||||
**Murano API <-> Rabbit MQ exchange <-> Murano Engine**
|
||||
|
||||
Edit ssl parameters in default section of ``/etc/murano/murano-api.conf``. Set ``rabbit_use_ssl`` option to *true* and configure ssl kombu parameters.
|
||||
Specify the path to the SSL keyfile and SSL CA certificate in a regular format: /path/to/file without quotes or leave it empty to
|
||||
allow self-signed certificates.
|
||||
|
||||
::
|
||||
|
||||
# connect over SSL for RabbitMQ (boolean value)
|
||||
#rabbit_use_ssl=false
|
||||
|
||||
# SSL version to use (valid only if SSL enabled). valid values
|
||||
# are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some
|
||||
# distributions (string value)
|
||||
#kombu_ssl_version=
|
||||
|
||||
# SSL key file (valid only if SSL enabled) (string value)
|
||||
#kombu_ssl_keyfile=
|
||||
|
||||
# SSL cert file (valid only if SSL enabled) (string value)
|
||||
#kombu_ssl_certfile=
|
||||
|
||||
# SSL certification authority file (valid only if SSL enabled)
|
||||
# (string value)
|
||||
#kombu_ssl_ca_certs=
|
||||
|
||||
|
||||
**Murano Agent -> Rabbit MQ exchange**
|
||||
|
||||
In main murano-api configuration file there is a section ,named *rabbitmq*, that is responsible for set up communication between Murano Agent and Rabbit MQ.
|
||||
Just set *ssl* parameter to True to enable ssl.
|
||||
|
||||
::
|
||||
|
||||
[rabbitmq]
|
||||
host = localhost
|
||||
port = 5672
|
||||
login = guest
|
||||
password = guest
|
||||
virtual_host = /
|
||||
ssl = True
|
||||
|
||||
If you want to configure Murano Agent in a different way change
|
||||
the default template. It can be found in Murano Core Library, located at */https://github.com/stackforge/murano-api/blob/master/meta/io.murano/Resources/Agent-v1.template.* Take
|
||||
a look at appSettings section:
|
||||
|
||||
::
|
||||
|
||||
<appSettings>
|
||||
<add key="rabbitmq.host" value="%RABBITMQ_HOST%"/>
|
||||
<add key="rabbitmq.port" value="%RABBITMQ_PORT%"/>
|
||||
<add key="rabbitmq.user" value="%RABBITMQ_USER%"/>
|
||||
<add key="rabbitmq.password" value="%RABBITMQ_PASSWORD%"/>
|
||||
<add key="rabbitmq.vhost" value="%RABBITMQ_VHOST%"/>
|
||||
<add key="rabbitmq.inputQueue" value="%RABBITMQ_INPUT_QUEUE%"/>
|
||||
<add key="rabbitmq.resultExchange" value=""/>
|
||||
<add key="rabbitmq.resultRoutingKey" value="%RESULT_QUEUE%"/>
|
||||
<add key="rabbitmq.durableMessages" value="true"/>
|
||||
|
||||
<add key="rabbitmq.ssl" value="%RABBITMQ_SSL%"/>
|
||||
<add key="rabbitmq.allowInvalidCA" value="true"/>
|
||||
<add key="rabbitmq.sslServerName" value=""/>
|
||||
|
||||
</appSettings>
|
||||
|
||||
|
||||
Desired parameter should be set directly to the value of the key that
|
||||
you want to change. Quotes are need to be kept. Thus you can change
|
||||
"rabbitmq.ssl" and "rabbitmq.port" values to make Rabbit MQ work with
|
||||
this exchange in a different from Murano-Engine way.
|
||||
After modification, don't forget to zip and re-upload core library.
|
||||
|
||||
SSL for Murano Dashboard
|
||||
========================
|
||||
|
||||
If you are going not to use self-signed certificates additional
|
||||
configuration do not need to be done. Just point https in the URL.
|
||||
Otherwise, set *MURANO_API_INSECURE = True* on horizon config. You can
|
||||
find it in ``/etc/openstack-dashboard/local_settings.py.``.
|
Loading…
x
Reference in New Issue
Block a user