Re: ssvm and system vm confusion

[Chip Childers <ch...@sungard.com>]

Chiradeep (others),

Pedro Marques is working on a POC for an integration of Juniper's Contrail
technology. He's Cc'ed on this thread.

There are a number of questions related to system VM's below. Can someone
please help answer them for him?

On Tuesday, May 14, 2013, Pedro Marques wrote:

> Chip,
> Perhaps you can help me a bit...
>
> I'm trying to understand how to get the system vms working and i'm very
> confused...
>
> The cloudstack install instructions tell one to download a .vhd image that
> is installed as a template in the secondary storage. This template is
> instantiated when CS tries to start the SSVM.
>
> Cloudstack also has a systemvm.iso that is present in console-proxy/dist
>
> When CS initializes it goes through a process in which it tries to mount
> this iso and change the SSH keys in it. This process fails since the
> scripts that it uses assume sudo which requires console access.
>
> How is the systemvm.iso image supposed to actually get launched on a
> server ? i'm not seen any way in which this image gets copied... and there
> is no way to create a Xen VM from this (non-bootable iso), correct ?
>
> Given that the SSVM is a .vhd image that is downloaded from citrix how is
> CS expected to be able to place its keys in it and be able to login ?
>
> The tools/appliance scripts don't work for me.
>
> I managed to work around an auth failure... the
> definitions/systemvmtemplate scripts assume user root with password
> "password" but preseed.cfg doesn't create a root account... and would use
> "vagrant" as the password...
>
> But after this auth failure i see that the post install script does the
> following...
>
> ++ chroot . apt-get --no-install-recommends -q -y --force-yes install
> rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny
> netbase iptables openssh-server grub-legacy e2fsprogs dhcp3-client dnsmasq
> tcpdump socat wget python bzip2 sed gawk diff grep gzip less tar telnet ftp
> rsync traceroute psmisc lsof procps monit inetutils-ping iputils-arping
> httping dnsutils zip unzip ethtool uuid file iproute acpid
> iptables-persistent virt-what sudo
> chroot: failed to run command `apt-get': No such file or directory
> ERROR: exit code 127
> Error executing command ./postinstall.sh : Exitcode was not what we
> expected
> Exitcode was not what we expected
>
> I'm assuming that "." is supposed to be /root on the VM... what is this
> attempting to do ?
> There is no apt-get in /root/usr/bin so the command will fail... what is
> the intent here...
>
> Saving this VM in this state, i can start it in the compute node, but it
> comes up with a single interface (eth0)...
>
> I'm trying to figure out how it is possible to build an SSVM that CS would
> be able to log into... but i'm confused...
>
>   Pedro.
>

Re: ssvm and system vm confusion

[Chiradeep Vittal <Ch...@citrix.com>]

On 5/14/13 10:58 PM, "Pedro Marques" <ro...@juniper.net> wrote:

>I guess i'll answer my own question...
>
>On May 14, 2013, at 4:35 PM, Chip Childers wrote:
>
>> Chiradeep (others),
>> 
>> Pedro Marques is working on a POC for an integration of Juniper's
>>Contrail
>> technology. He's Cc'ed on this thread.
>> 
>> There are a number of questions related to system VM's below. Can
>>someone
>> please help answer them for him?
>> 
>> On Tuesday, May 14, 2013, Pedro Marques wrote:
>> 
>>> Chip,
>>> Perhaps you can help me a bit...
>>> 
>>> I'm trying to understand how to get the system vms working and i'm very
>>> confused...
>>> 
>>> The cloudstack install instructions tell one to download a .vhd image
>>>that
>>> is installed as a template in the secondary storage. This template is
>>> instantiated when CS tries to start the SSVM.
>>> 
>>> Cloudstack also has a systemvm.iso that is present in
>>>console-proxy/dist
>>> 
>>> When CS initializes it goes through a process in which it tries to
>>>mount
>>> this iso and change the SSH keys in it. This process fails since the
>>> scripts that it uses assume sudo which requires console access.
>>> 
>>> How is the systemvm.iso image supposed to actually get launched on a
>>> server ? i'm not seen any way in which this image gets copied... and
>>>there
>>> is no way to create a Xen VM from this (non-bootable iso), correct ?
>
>From what i can gather the systemvm has two components: the debian
>appliance distributed as a virtual machine (in a vhd image) and extra
>packages on the .iso. The iso is mounted as an extra disk in the VM and
>there must be a magic installer that does the trick. i.e. read the keys
>plus the java app that is distributed in the iso.
>
>I couldn't find the magic installer though... for sure not under
>tools/appliance [I'm using the 4.1.0 branch].

That magic is in 
./patches/systemvm/debian/config/etc/init.d/cloud-early-config. This
script runs early in the boot of the systemvm to mount the iso and patch
it. The iso itself is built by maven
(services/console-proxy/server/pom.xml) . When the management server first
starts up, it generates keys (ConfigurationServerImpl.updateKeyPairs())
and injects them (scripts/vm/systemvm/injectkeys.sh ) into the ISO. When
you add a host to the management server, the ISO is copied to the host.
When the systemvm is started, the ISO is attached to the systemvm as
/dev/xvdd (usually).

>
>>> 
>>> Given that the SSVM is a .vhd image that is downloaded from citrix how
>>>is
>>> CS expected to be able to place its keys in it and be able to login ?
>>> 
>>> The tools/appliance scripts don't work for me.
>>> 
>>> I managed to work around an auth failure... the
>>> definitions/systemvmtemplate scripts assume user root with password
>>> "password" but preseed.cfg doesn't create a root account... and would
>>>use
>>> "vagrant" as the password...
>>> 
>>> But after this auth failure i see that the post install script does the
>>> following...
>>> 
>>> ++ chroot . apt-get --no-install-recommends -q -y --force-yes install
>>> rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny
>>> netbase iptables openssh-server grub-legacy e2fsprogs dhcp3-client
>>>dnsmasq
>>> tcpdump socat wget python bzip2 sed gawk diff grep gzip less tar
>>>telnet ftp
>>> rsync traceroute psmisc lsof procps monit inetutils-ping iputils-arping
>>> httping dnsutils zip unzip ethtool uuid file iproute acpid
>>> iptables-persistent virt-what sudo
>>> chroot: failed to run command `apt-get': No such file or directory
>>> ERROR: exit code 127
>>> Error executing command ./postinstall.sh : Exitcode was not what we
>>> expected
>>> Exitcode was not what we expected
>>> 
>>> I'm assuming that "." is supposed to be /root on the VM... what is this
>>> attempting to do ?
>>> There is no apt-get in /root/usr/bin so the command will fail... what
>>>is
>>> the intent here...
>
>I'm still curious as to whether the scripts under tools/appliance should
>work. Or if this is just a work in progress....


The scripts in tools/appliance are used to automate the build of the
'seed' systemvm images. These are also available from jenkins.
http://jenkins.cloudstack.org/view/master/job/build-systemvm-master/

Certainly 
cd tools/appliance
veewee vbox build 'systemvmtemplate'

works on my MacOS X Lion

--
Chiradeep

Re: ssvm and system vm confusion

[Pedro Marques <ro...@juniper.net>]

I guess i'll answer my own question...

On May 14, 2013, at 4:35 PM, Chip Childers wrote:

> Chiradeep (others),
> 
> Pedro Marques is working on a POC for an integration of Juniper's Contrail
> technology. He's Cc'ed on this thread.
> 
> There are a number of questions related to system VM's below. Can someone
> please help answer them for him?
> 
> On Tuesday, May 14, 2013, Pedro Marques wrote:
> 
>> Chip,
>> Perhaps you can help me a bit...
>> 
>> I'm trying to understand how to get the system vms working and i'm very
>> confused...
>> 
>> The cloudstack install instructions tell one to download a .vhd image that
>> is installed as a template in the secondary storage. This template is
>> instantiated when CS tries to start the SSVM.
>> 
>> Cloudstack also has a systemvm.iso that is present in console-proxy/dist
>> 
>> When CS initializes it goes through a process in which it tries to mount
>> this iso and change the SSH keys in it. This process fails since the
>> scripts that it uses assume sudo which requires console access.
>> 
>> How is the systemvm.iso image supposed to actually get launched on a
>> server ? i'm not seen any way in which this image gets copied... and there
>> is no way to create a Xen VM from this (non-bootable iso), correct ?

>From what i can gather the systemvm has two components: the debian appliance distributed as a virtual machine (in a vhd image) and extra packages on the .iso. The iso is mounted as an extra disk in the VM and there must be a magic installer that does the trick. i.e. read the keys plus the java app that is distributed in the iso.

I couldn't find the magic installer though... for sure not under tools/appliance [I'm using the 4.1.0 branch].

>> 
>> Given that the SSVM is a .vhd image that is downloaded from citrix how is
>> CS expected to be able to place its keys in it and be able to login ?
>> 
>> The tools/appliance scripts don't work for me.
>> 
>> I managed to work around an auth failure... the
>> definitions/systemvmtemplate scripts assume user root with password
>> "password" but preseed.cfg doesn't create a root account... and would use
>> "vagrant" as the password...
>> 
>> But after this auth failure i see that the post install script does the
>> following...
>> 
>> ++ chroot . apt-get --no-install-recommends -q -y --force-yes install
>> rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny
>> netbase iptables openssh-server grub-legacy e2fsprogs dhcp3-client dnsmasq
>> tcpdump socat wget python bzip2 sed gawk diff grep gzip less tar telnet ftp
>> rsync traceroute psmisc lsof procps monit inetutils-ping iputils-arping
>> httping dnsutils zip unzip ethtool uuid file iproute acpid
>> iptables-persistent virt-what sudo
>> chroot: failed to run command `apt-get': No such file or directory
>> ERROR: exit code 127
>> Error executing command ./postinstall.sh : Exitcode was not what we
>> expected
>> Exitcode was not what we expected
>> 
>> I'm assuming that "." is supposed to be /root on the VM... what is this
>> attempting to do ?
>> There is no apt-get in /root/usr/bin so the command will fail... what is
>> the intent here...

I'm still curious as to whether the scripts under tools/appliance should work. Or if this is just a work in progress....

>> 
>> Saving this VM in this state, i can start it in the compute node, but it
>> comes up with a single interface (eth0)...
>> 
>> I'm trying to figure out how it is possible to build an SSVM that CS would
>> be able to log into... but i'm confused...
>> 
>>  Pedro.
>>