Add documentation of the os_admin_user property to the Useful Image Properties guide. Change-Id: I10e1e738aeacc708350993f05d373eaa1293fd27 Closes-Bug: 1850412
27 KiB
Useful image properties
You can set image properties that can be consumed by other services to affect the behavior of those other services. For example:
- Image properties can be used to override specific behaviors defined for Nova flavors
- Image properties can be used to affect the behavior of the Nova scheduler
- Image properties can be used to affect the behavior of particular Nova hypervisors
Using image properties
Some important points to keep in mind:
In order to allow custom image properties, Glance must be configured with the
glance-api.conf
settingallow_additional_image_properties
set to True. (This is the default setting.)The
glance-api.conf
settingimage_property_quota
should be sufficiently high to allow any additional desired properties. (The default is 128.)You can use Glance property protections to control access to specific image properties, should that be desirable. See the
property-protections
section of this Guide for more information.You can use a plugin to the interoperable image import process to set specific properties on non-admin images imported into Glance. See
iir_plugins
for more information. See the original spec, Inject metadata properties automatically to non-admin images for a discussion of the use case addressed by this plugin.The Nova ImagePropertiesFilter, enabled by default in the Compute Service, consumes image properties to determine proper scheduling of builds to compute hosts. See the Compute schedulers section of the Nova Configuration Guide for more information.
Nova has a setting,
non_inheritable_image_properties
, that allows you to specify which image properties from the image a virtual machine was booted from will not be propagated to a snapshot image of that virtual machine. See the Configuration Options section of the Nova Configuration Guide for more information.Some properties recognized by Nova may have no effect unless a corresponding property is enabled in the server flavor. For example, the
hw_rng_model
image property has no effect unless the Nova flavor has been configured to havehw_rng:allowed
set to True in the flavor's extra_specs.In a mixed hypervisor environment, the Compute Service uses the
hypervisor_type
image property to match images to the correct hypervisor type.Depending upon what hypervisors are in use in your Nova installation, there may be other image properties that these hypervisors can consume to affect their behavior. Read through the configuration information for your hypervisors in the Hypervisors section of the Nova Configuration Guide for more information.
In particular, the VMware hypervisor driver requires that particular image properties be set for optimal functioning. See the VMware vSphere section of the Nova Configuration Guide for more information.
Image property keys and values
Here is a list of useful image properties and the values they expect.
Specific to | Key | Description | Supported values |
---|---|---|---|
All | architecture |
The CPU architecture that must be supported by the hypervisor. For
example, x86_64 , arm , or ppc64 .
Run uname -m to get
the architecture of a machine. We strongly recommend using the
architecture data vocabulary defined by the libosinfo project for this
purpose. |
|
All | hypervisor_type |
The hypervisor type. Note that qemu is used for both
QEMU and KVM hypervisor types. |
hyperv , ironic , lxc ,
qemu , uml , vmware , or
xen . |
All | instance_type_rxtx_factor |
Optional property allows created servers to have a different
bandwidth cap than that defined in the network they are attached to.
This factor is multiplied by the rxtx_base property of the
network. The rxtx_base property defaults to
1.0 , which is the same as the attached network. This
parameter is only available for Xen or NSX based systems. |
Float (default value is 1.0 ) |
All | instance_uuid |
For snapshot images, this is the UUID of the server used to create this image. | Valid server UUID |
All | img_config_drive |
Specifies whether the image needs a config drive. | mandatory or optional (default if property
is not used). |
All | kernel_id |
The ID of an image stored in the Image service that should be used as the kernel when booting an AMI-style image. | Valid image ID |
All | os_admin_user |
The name of the user with admin privileges. | Valid username (defaults to root for Linux guests and
Administrator for Windows guests). |
All | os_distro |
The common name of the operating system distribution in lowercase (uses the same data vocabulary as the libosinfo project). Specify only a recognized value for this field. Deprecated values are listed to assist you in searching for the recognized value. |
|
All | os_version |
The operating system version as specified by the distributor. | Valid version number (for example, 11.10 ). |
All |
|
Secure Boot is a security standard. When the instance starts, Secure Boot first examines software such as firmware and OS by their signature and only allows them to run if the signatures are valid. For Hyper-V: Images must be prepared as Generation 2 VMs. Instance
must also contain |
|
All | os_shutdown_timeout |
By default, guests will be given 60 seconds to perform a graceful shutdown. After that, the VM is powered off. This property allows overriding the amount of time (unit: seconds) to allow a guest OS to cleanly shut down before power off. A value of 0 (zero) means the guest will be powered off immediately with no opportunity for guest OS clean-up. | Integer value (in seconds) with a minimum of 0 (zero). Default is 60. |
All | ramdisk_id |
The ID of image stored in the Image service that should be used as the ramdisk when booting an AMI-style image. | Valid image ID. |
All |
|
Added in the Rocky release. Functionality is similar to traits specified in flavor extra specs. Traits allow specifying a server to build on a compute node with the set of traits specified in the image. The traits are associated with the resource provider that represents the compute node in the Placement API. The syntax of specifying traits is trait:<trait_name>=value, for example:
The nova scheduler will pass required traits specified on the image to the Placement API to include only resource providers that can satisfy the required traits. Traits for the resource providers can be managed using the osc-placement plugin. Image traits are used by the nova scheduler even in cases of volume backed instances, if the volume source is an image with traits. |
Only valid value is
|
All | vm_mode |
The virtual machine mode. This represents the host/guest ABI (application binary interface) used for the virtual machine. |
|
libvirt API driver | hw_cpu_sockets |
The preferred number of sockets to expose to the guest. | Integer. |
libvirt API driver | hw_cpu_cores |
The preferred number of cores to expose to the guest. | Integer. |
libvirt API driver | hw_cpu_threads |
The preferred number of threads to expose to the guest. | Integer. |
libvirt API driver | hw_cpu_policy |
Used to pin the virtual CPUs (vCPUs) of instances to the host’s physical CPU cores (pCPUs). Host aggregates should be used to separate these pinned instances from unpinned instances as the latter will not respect the resourcing requirements of the former. |
|
libvirt API driver | hw_cpu_thread_policy |
Further refine hw_cpu_policy=dedicated by stating how
hardware CPU threads in a simultaneous multithreading-based (SMT)
architecture be used. SMT-based architectures include Intel processors
with Hyper-Threading technology. In these architectures, processor cores
share a number of components with one or more other cores. Cores in such
architectures are commonly referred to as hardware threads, while the
cores that a given core share components with are known as thread
siblings. |
|
libvirt API driver | hw_cdrom_bus |
Specifies the type of disk controller to attach CD-ROM devices to. | As for hw_disk_bus . |
libvirt API driver | hw_disk_bus |
Specifies the type of disk controller to attach disk devices to. | Options depend on the value of nova's
virt_type config option:
|
libvirt API driver | hw_firmware_type |
Specifies the type of firmware with which to boot the guest. | One of bios or uefi . |
libvirt API driver | hw_mem_encryption |
Enables encryption of guest memory at the hardware level, if there are compute hosts available which support this. See nova's documentation on configuration of the KVM hypervisor for more details. | true or false (default). |
libvirt API driver | hw_pointer_model |
Input devices that allow interaction with a graphical framebuffer, for example to provide a graphic tablet for absolute cursor movement. Currently only supported by the KVM/QEMU hypervisor configuration and VNC or SPICE consoles must be enabled. | usbtablet |
libvirt API driver |
|
Adds a random-number generator device to the image's instances. This image property by itself does not guarantee that a hardware RNG will be used; it expresses a preference that may or may not be satisfied depending upon Nova configuration. The cloud administrator can enable and control device behavior by configuring the instance's flavor. By default:
|
|
libvirt API driver | hw_time_hpet |
Adds support for the High Precision Event Timer (HPET) for x86
guests in the libvirt driver when hypervisor_type=qemu and
architecture=i686 or architecture=x86_64 . The
timer can be enabled by setting hw_time_hpet=true . By
default HPET remains disabled. |
true or false (default) |
libvirt API driver, Hyper-V driver |
|
For libvirt: Enables booting an ARM system using the specified
machine type. If an ARM image is used and its machine type is not
explicitly specified, then Compute uses the For Hyper-V: Specifies whether the Hyper-V instance will be a generation 1 or generation 2 VM. By default, if the property is not provided, the instances will be generation 1 VMs. If the image is specific for generation 2 VMs but the property is not provided accordingly, the instance will fail to boot. |
For libvirt: Valid types can be viewed by using the For hyper-V: Acceptable values are either |
libvirt API driver, XenAPI driver | os_type |
The operating system installed on the image. The
libvirt API driver and XenAPI driver contains
logic that takes different actions depending on the value of the
os_type parameter of the image. For example, for
os_type=windows images, it creates a FAT32-based swap
partition instead of a Linux swap partition, and it limits the injected
host name to less than 16 characters. |
linux or windows . |
libvirt API driver | hw_scsi_model |
Enables the use of VirtIO SCSI (virtio-scsi ) to provide
block device access for compute instances; by default, instances use
VirtIO Block (virtio-blk ). VirtIO SCSI is a
para-virtualized SCSI controller device that provides improved
scalability and performance, and supports advanced SCSI hardware. |
virtio-scsi |
libvirt API driver | hw_serial_port_count |
Specifies the count of serial ports that should be provided. If
hw:serial_port_count is not set in the flavor's
extra_specs, then any count is permitted. If
hw:serial_port_count is set, then this provides the default
serial port count. It is permitted to override the default serial port
count, but only with a lower value. |
Integer |
libvirt API driver | hw_video_model |
The graphic device model presented to the guest. hw_video_model=none disables the graphics device in the guest and should generally be used when using gpu passthrough. | vga , cirrus , vmvga ,
xen , qxl , virtio ,
gop or none . |
libvirt API driver | hw_video_ram |
Maximum RAM for the video image. Used only if a
hw_video:ram_max_mb value has been set in the flavor's
extra_specs and that value is higher than the value set in
hw_video_ram . |
Integer in MB (for example, 64 ). |
libvirt API driver | hw_watchdog_action |
Enables a virtual hardware watchdog device that carries out the
specified action if the server hangs. The watchdog uses the
i6300esb device (emulating a PCI Intel 6300ESB). If
hw_watchdog_action is not specified, the watchdog is
disabled. |
|
libvirt API driver | os_command_line |
The kernel command line to be used by the libvirt
driver, instead of the default. For Linux Containers (LXC), the value is
used as arguments for initialization. This key is valid only for Amazon
kernel, ramdisk , or machine images (aki ,
ari , or ami ). |
|
libvirt API driver and VMware API driver | hw_vif_model |
Specifies the model of virtual network interface device to use. |
|
libvirt API driver | hw_vif_multiqueue_enabled |
If true , this enables the
virtio-net multiqueue feature. In this case, the driver
sets the number of queues equal to the number of guest vCPUs. This makes
the network performance scale across a number of vCPUs. |
true | false |
libvirt API driver | hw_boot_menu |
If true , enables the BIOS bootmenu. In cases where both
the image metadata and Extra Spec are set, the Extra Spec setting is
used. This allows for flexibility in setting/overriding the default
behavior as needed. |
true or false |
libvirt API driver | hw_pmu |
Controls emulation of a virtual performance monitoring unit (vPMU) in the guest. To reduce latency in realtime workloads disable the vPMU by setting hw_pmu=false. | true or false |
libvirt API driver | img_hide_hypervisor_id |
Some hypervisors add a signature to their guests. While the presence
of the signature can enable some paravirtualization features on the
guest, it can also have the effect of preventing some drivers from
loading. Hiding the signature by setting this property to
true may allow such drivers to load and work. |
true or false |
VMware API driver | vmware_adaptertype |
The virtual SCSI or IDE controller used by the hypervisor. | lsiLogic , lsiLogicsas ,
busLogic , ide , or
paraVirtual . |
VMware API driver | vmware_ostype |
A VMware GuestID which describes the operating system installed in
the image. This value is passed to the hypervisor when creating a
virtual machine. If not specified, the key defaults to
otherGuest . |
See thinkvirt.com. |
VMware API driver | vmware_image_version |
Currently unused. | 1 |
XenAPI driver | auto_disk_config |
If true , the root partition on the disk is
automatically resized before the instance boots. This value is only
taken into account by the Compute service when using a Xen-based
hypervisor with the XenAPI driver. The Compute service will
only attempt to resize if there is a single partition on the image, and
only if the partition is in ext3 or ext4
format. |
true or false |