cloudstack templates with openvm
DESCRIPTION
Lucian-Paul Burlacu (aka Nux) talks about building CloudStack templates using OpenVMTRANSCRIPT
Cloudstack Templates - OpenVM.EU
$whoami
Lucian-Paul Burlacu aka Nux
Apache Cloudstack
CentOS Cloud Instance SIG
What is a template?
VM template – the base model from which one can deploy virtual machines
The 3 laws of building templates:
- a template must be functional- a template must be secure- a template must be unique
Functional
A VM template must be able to start and run normally, without any serious errors, without missing basic features; on a multitudeof hypervisors.A template must expand its disk and partitions to match the underlyingvolume.
Special thanks to Marcus Sorensen @ Cloudstack for implementing the root resize feature forKVM hypervisor.
Waiting for root resize support in the other hypervisors as it makes working with templates a better experience.
Secure
A VM template must be secure.Templates must be kept up to date so as to not distribute outdatedsoftware.Templates will be regenerated on a regular basis.
Unique
A VM template must be unique. This is a special security feature.Because multiple machines will spawn from it, a template must notpass down to them essential security components suchas SSL keys, passwords and other content as this will put users at risk.
Building a template
OpenVM started out as an effort to contribute both to Cloudstack and to the CentOSInstance SIG and was as such focused on this distribution.
CentOS templates are built using virt-install and kickstart files that are available onlineat dl.openvm.eu as well as github.com.
Debian templates are contributed by Ian Duffy and are built using Packer. https://github.com/imduffy15/cloudstack-templates/tree/master/debian
Ubuntu templates are actually the official Ubuntu cloud images with the Cloudstack specific config files and scripts injected (cloudstack cloud-init config file, password changer etc).
Due to lack of automated installation tools, the FreeBSD and OpenBSD templates are builtad-labam and then sysprepped.
Windows templates are not being provided, but we can help with some tips and tricks on how toget them built.
Template agents
Alas the trend for hypervisors is to require certain software running insidethe VM to perform certain actions; Xenserver, VMWare.This complicates matters; logic must be added to the templates to determine the underlying platform and start the required agents (in progress).Not all OSes/distros are supported by said agent software.
Configuration management
What should we provide via templates and what can we achieve withConfiguration Management engines?
Where do we draw the line?
The future
Better templates, launchers on different Cloudstack public clouds etc.
Ideas, comments and questions welcome.