You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by pd...@apache.org on 2015/03/08 15:32:55 UTC
[5/7] cloudstack-docs-admin git commit: split templates.rst to
multiple files
split templates.rst to multiple files
Project: http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/commit/04505cae
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/tree/04505cae
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/diff/04505cae
Branch: refs/heads/master
Commit: 04505cae4391c9509d8ae777f52cf8064e775bf7
Parents: 9b36171
Author: Pierre-Luc Dion <pd...@apache.org>
Authored: Sun Mar 8 10:25:11 2015 -0400
Committer: Pierre-Luc Dion <pd...@apache.org>
Committed: Sun Mar 8 10:25:11 2015 -0400
----------------------------------------------------------------------
source/templates/_create_linux.rst | 261 ++++++++++++++++++++++++++++++
source/templates/_create_windows.rst | 220 +++++++++++++++++++++++++
2 files changed, 481 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/blob/04505cae/source/templates/_create_linux.rst
----------------------------------------------------------------------
diff --git a/source/templates/_create_linux.rst b/source/templates/_create_linux.rst
new file mode 100644
index 0000000..24a9061
--- /dev/null
+++ b/source/templates/_create_linux.rst
@@ -0,0 +1,261 @@
+.. Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information#
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+
+Creating a Linux Template
+-------------------------
+
+Linux templates should be prepared using this documentation in order to
+prepare your linux VMs for template deployment. For ease of
+documentation, the VM which you are configuring the template on will be
+referred to as "Template Master". This guide currently covers legacy
+setups which do not take advantage of UserData and cloud-init and
+assumes openssh-server is installed during installation.
+
+An overview of the procedure is as follow:
+
+#. Upload your Linux ISO.
+
+ For more information, see `“Adding an
+ ISO” <virtual_machines.html#adding-an-iso>`_.
+
+#. Create a VM Instance with this ISO.
+
+ For more information, see `“Creating
+ VMs” <virtual_machines.html#creating-vms>`_.
+
+#. Prepare the Linux VM
+
+#. Create a template from the VM.
+
+ For more information, see `“Creating a Template from an Existing
+ Virtual Machine” <#creating-a-template-from-an-existing-virtual-machine>`_.
+
+
+System preparation for Linux
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The following steps will prepare a basic Linux installation for
+templating.
+
+#. **Installation**
+
+ It is good practice to name your VM something generic during
+ installation, this will ensure components such as LVM do not appear
+ unique to a machine. It is recommended that the name of "localhost"
+ is used for installation.
+
+ .. warning::
+ For CentOS, it is necessary to take unique identification out of the
+ interface configuration file, for this edit
+ /etc/sysconfig/network-scripts/ifcfg-eth0 and change the content to
+ the following.
+
+ .. code:: bash
+
+ DEVICE=eth0
+ TYPE=Ethernet
+ BOOTPROTO=dhcp
+ ONBOOT=yes
+
+ The next steps updates the packages on the Template Master.
+
+ - Ubuntu
+
+ .. code:: bash
+
+ sudo -i
+ apt-get update
+ apt-get upgrade -y
+ apt-get install -y acpid ntp
+ reboot
+
+ - CentOS
+
+ .. code:: bash
+
+ ifup eth0
+ yum update -y
+ reboot
+
+#. **Password management**
+
+ .. note::
+ If preferred, custom users (such as ones created during the Ubuntu
+ installation) should be removed. First ensure the root user account
+ is enabled by giving it a password and then login as root to continue.
+
+ .. code:: bash
+
+ sudo passwd root
+ logout
+
+ As root, remove any custom user accounts created during the
+ installation process.
+
+ .. code:: bash
+
+ deluser myuser --remove-home
+
+ See :ref:`adding-password-management-to-templates` for
+ instructions to setup the password management script, this will allow
+ CloudStack to change your root password from the web interface.
+
+#. **Hostname Management**
+
+ CentOS configures the hostname by default on boot. Unfortunately
+ Ubuntu does not have this functionality, for Ubuntu installations use
+ the following steps.
+
+ - Ubuntu
+
+ The hostname of a Templated VM is set by a custom script in
+ `/etc/dhcp/dhclient-exit-hooks.d`, this script first checks if the
+ current hostname is localhost, if true, it will get the host-name,
+ domain-name and fixed-ip from the DHCP lease file and use those
+ values to set the hostname and append the `/etc/hosts` file for
+ local hostname resolution. Once this script, or a user has changed
+ the hostname from localhost, it will no longer adjust system files
+ regardless of its new hostname. The script also recreates
+ openssh-server keys, which should have been deleted before
+ templating (shown below). Save the following script to
+ `/etc/dhcp/dhclient-exit-hooks.d/sethostname`, and adjust the
+ permissions.
+
+ .. code:: bash
+
+ #!/bin/sh
+ # dhclient change hostname script for Ubuntu
+ oldhostname=$(hostname -s)
+ if [ $oldhostname = 'localhost' ]
+ then
+ sleep 10 # Wait for configuration to be written to disk
+ hostname=$(cat /var/lib/dhcp/dhclient.eth0.leases | awk ' /host-name/ { host = $3 } END { printf host } ' | sed 's/[";]//g' )
+ fqdn="$hostname.$(cat /var/lib/dhcp/dhclient.eth0.leases | awk ' /domain-name/ { domain = $3 } END { printf domain } ' | sed 's/[";]//g')"
+ ip=$(cat /var/lib/dhcp/dhclient.eth0.leases | awk ' /fixed-address/ { lease = $2 } END { printf lease } ' | sed 's/[";]//g')
+ echo "cloudstack-hostname: Hostname _localhost_ detected. Changing hostname and adding hosts."
+ printf " Hostname: $hostname\n FQDN: $fqdn\n IP: $ip"
+ # Update /etc/hosts
+ awk -v i="$ip" -v f="$fqdn" -v h="$hostname" "/^127/{x=1} !/^127/ && x { x=0; print i,f,h; } { print $0; }" /etc/hosts > /etc/hosts.dhcp.tmp
+ mv /etc/hosts /etc/hosts.dhcp.bak
+ mv /etc/hosts.dhcp.tmp /etc/hosts
+ # Rename Host
+ echo $hostname > /etc/hostname
+ hostname -b -F /etc/hostname
+ echo $hostname > /proc/sys/kernel/hostname
+ # Recreate SSH2
+ export DEBIAN_FRONTEND=noninteractive
+ dpkg-reconfigure openssh-server
+ fi
+ ### End of Script ###
+
+ chmod 774 /etc/dhcp/dhclient-exit-hooks.d/sethostname
+
+ .. warning::
+ The following steps should be run when you are ready to template
+ your Template Master. If the Template Master is rebooted during
+ these steps you will have to run all the steps again. At the end
+ of this process the Template Master should be shutdown and the
+ template created in order to create and deploy the final template.
+
+#. **Remove the udev persistent device rules**
+
+ This step removes information unique to your Template Master such as
+ network MAC addresses, lease files and CD block devices, the files
+ are automatically generated on next boot.
+
+ - Ubuntu
+
+ .. code:: bash
+
+ rm -f /etc/udev/rules.d/70*
+ rm -f /var/lib/dhcp/dhclient.*
+
+ - CentOS
+
+ .. code:: bash
+
+ rm -f /etc/udev/rules.d/70*
+ rm -f /var/lib/dhclient/*
+
+#. **Remove SSH Keys**
+
+ This step is to ensure all your Templated VMs do not have the same
+ SSH keys, which would decrease the security of the machines
+ dramatically.
+
+ .. code:: bash
+
+ rm -f /etc/ssh/*key*
+
+#. **Cleaning log files**
+
+ It is good practice to remove old logs from the Template Master.
+
+ .. code:: bash
+
+ cat /dev/null > /var/log/audit/audit.log 2>/dev/null
+ cat /dev/null > /var/log/wtmp 2>/dev/null
+ logrotate -f /etc/logrotate.conf 2>/dev/null
+ rm -f /var/log/*-* /var/log/*.gz 2>/dev/null
+
+#. **Setting hostname**
+
+ In order for the Ubuntu DHCP script to function and the CentOS
+ dhclient to set the VM hostname they both require the Template
+ Master's hostname to be "localhost", run the following commands to
+ change the hostname.
+
+ .. code:: bash
+
+ hostname localhost
+ echo "localhost" > /etc/hostname
+
+#. **Set user password to expire**
+
+ This step forces the user to change the password of the VM after the
+ template has been deployed.
+
+ .. code:: bash
+
+ passwd --expire root
+
+#. **Clearing User History**
+
+ The next step clears the bash commands you have just run.
+
+ .. code:: bash
+
+ history -c
+ unset HISTFILE
+
+#. **Shutdown the VM**
+
+ Your now ready to shutdown your Template Master and create a
+ template!
+
+ .. code:: bash
+
+ halt -p
+
+#. **Create the template!**
+
+ You are now ready to create the template, for more information see
+ `“Creating a Template from an Existing Virtual
+ Machine” <#creating-a-template-from-an-existing-virtual-machine>`_.
+
+.. note::
+ Templated VMs for both Ubuntu and CentOS may require a reboot after
+ provisioning in order to pickup the hostname.
http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/blob/04505cae/source/templates/_create_windows.rst
----------------------------------------------------------------------
diff --git a/source/templates/_create_windows.rst b/source/templates/_create_windows.rst
new file mode 100644
index 0000000..cb1d554
--- /dev/null
+++ b/source/templates/_create_windows.rst
@@ -0,0 +1,220 @@
+.. Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information#
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+
+Creating a Windows Template
+---------------------------
+
+Windows templates must be prepared with Sysprep before they can be
+provisioned on multiple machines. Sysprep allows you to create a generic
+Windows template and avoid any possible SID conflicts.
+
+.. note::
+ (XenServer) Windows VMs running on XenServer require PV drivers, which
+ may be provided in the template or added after the VM is created. The
+ PV drivers are necessary for essential management functions such as
+ mounting additional volumes and ISO images, live migration, and
+ graceful shutdown.
+
+An overview of the procedure is as follows:
+
+#. Upload your Windows ISO.
+
+ For more information, see `“Adding an
+ ISO” <virtual_machines.html#adding-an-iso>`_.
+
+#. Create a VM Instance with this ISO.
+
+ For more information, see `“Creating
+ VMs” <virtual_machines.html#creating-vms>`_.
+
+#. Follow the steps in Sysprep for Windows Server 2008 R2 (below) or
+ Sysprep for Windows Server 2003 R2, depending on your version of
+ Windows Server
+
+#. The preparation steps are complete. Now you can actually create the
+ template as described in Creating the Windows Template.
+
+
+System Preparation for Windows Server 2008 R2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+For Windows 2008 R2, you run Windows System Image Manager to create a
+custom sysprep response XML file. Windows System Image Manager is
+installed as part of the Windows Automated Installation Kit (AIK).
+Windows AIK can be downloaded from `Microsoft Download
+Center <http://www.microsoft.com/en-us/download/details.aspx?id=9085>`_.
+
+Use the following steps to run sysprep for Windows 2008 R2:
+
+.. note::
+ The steps outlined here are derived from the excellent guide by
+ Charity Shelbourne, originally published at `Windows Server 2008
+ Sysprep Mini-Setup.
+ <http://blogs.technet.com/askcore/archive/2008/10/31/automating-the-oobe-process-during-windows-server-2008-sysprep-mini-setup.aspx>`_
+
+#. Download and install the Windows AIK
+
+ .. note::
+ Windows AIK should not be installed on the Windows 2008 R2 VM you
+ just created. Windows AIK should not be part of the template you
+ create. It is only used to create the sysprep answer file.
+
+#. Copy the install.wim file in the \\sources directory of the Windows
+ 2008 R2 installation DVD to the hard disk. This is a very large file
+ and may take a long time to copy. Windows AIK requires the WIM file
+ to be writable.
+
+#. Start the Windows System Image Manager, which is part of the Windows
+ AIK.
+
+#. In the Windows Image pane, right click the Select a Windows image or
+ catalog file option to load the install.wim file you just copied.
+
+#. Select the Windows 2008 R2 Edition.
+
+ You may be prompted with a warning that the catalog file cannot be
+ opened. Click Yes to create a new catalog file.
+
+#. In the Answer File pane, right click to create a new answer file.
+
+#. Generate the answer file from the Windows System Image Manager using
+ the following steps:
+
+ #. The first page you need to automate is the Language and Country or
+ Region Selection page. To automate this, expand Components in your
+ Windows Image pane, right-click and add the
+ Microsoft-Windows-International-Core setting to Pass 7 oobeSystem.
+ In your Answer File pane, configure the InputLocale, SystemLocale,
+ UILanguage, and UserLocale with the appropriate settings for your
+ language and country or region. Should you have a question about
+ any of these settings, you can right-click on the specific setting
+ and select Help. This will open the appropriate CHM help file with
+ more information, including examples on the setting you are
+ attempting to configure.
+
+ |sysmanager.png|
+
+ #. You need to automate the Software License Terms Selection page,
+ otherwise known as the End-User License Agreement (EULA). To do
+ this, expand the Microsoft-Windows-Shell-Setup component.
+ High-light the OOBE setting, and add the setting to the Pass 7
+ oobeSystem. In Settings, set HideEULAPage true.
+
+ |software-license.png|
+
+ #. Make sure the license key is properly set. If you use MAK key, you
+ can just enter the MAK key on the Windows 2008 R2 VM. You need not
+ input the MAK into the Windows System Image Manager. If you use
+ KMS host for activation you need not enter the Product Key.
+ Details of Windows Volume Activation can be found at
+ `http://technet.microsoft.com/en-us/library/bb892849.aspx
+ <http://technet.microsoft.com/en-us/library/bb892849.aspx>`_
+
+ #. You need to automate is the Change Administrator Password page.
+ Expand the Microsoft-Windows-Shell-Setup component (if it is not
+ still expanded), expand UserAccounts, right-click on
+ AdministratorPassword, and add the setting to the Pass 7
+ oobeSystem configuration pass of your answer file. Under Settings,
+ specify a password next to Value.
+
+ |change-admin-password.png|
+
+ You may read the AIK documentation and set many more options that
+ suit your deployment. The steps above are the minimum needed to
+ make Windows unattended setup work.
+
+#. Save the answer file as unattend.xml. You can ignore the warning
+ messages that appear in the validation window.
+
+#. Copy the unattend.xml file into the c:\\windows\\system32\\sysprep
+ directory of the Windows 2008 R2 Virtual Machine
+
+#. Once you place the unattend.xml file in
+ c:\\windows\\system32\\sysprep directory, you run the sysprep tool as
+ follows:
+
+ .. code:: bash
+
+ cd c:\Windows\System32\sysprep
+ sysprep.exe /oobe /generalize /shutdown
+
+ The Windows 2008 R2 VM will automatically shut down after sysprep is
+ complete.
+
+
+System Preparation for Windows Server 2003 R2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Earlier versions of Windows have a different sysprep tool. Follow these
+steps for Windows Server 2003 R2.
+
+#. Extract the content of \\support\\tools\\deploy.cab on the Windows
+ installation CD into a directory called c:\\sysprep on the Windows
+ 2003 R2 VM.
+
+#. Run c:\\sysprep\\setupmgr.exe to create the sysprep.inf file.
+
+ #. Select Create New to create a new Answer File.
+
+ #. Enter “Sysprep setup” for the Type of Setup.
+
+ #. Select the appropriate OS version and edition.
+
+ #. On the License Agreement screen, select “Yes fully automate the
+ installation”.
+
+ #. Provide your name and organization.
+
+ #. Leave display settings at default.
+
+ #. Set the appropriate time zone.
+
+ #. Provide your product key.
+
+ #. Select an appropriate license mode for your deployment
+
+ #. Select “Automatically generate computer name”.
+
+ #. Type a default administrator password. If you enable the password
+ reset feature, the users will not actually use this password. This
+ password will be reset by the instance manager after the guest
+ boots up.
+
+ #. Leave Network Components at “Typical Settings”.
+
+ #. Select the “WORKGROUP” option.
+
+ #. Leave Telephony options at default.
+
+ #. Select appropriate Regional Settings.
+
+ #. Select appropriate language settings.
+
+ #. Do not install printers.
+
+ #. Do not specify “Run Once commands”.
+
+ #. You need not specify an identification string.
+
+ #. Save the Answer File as c:\\sysprep\\sysprep.inf.
+
+#. Run the following command to sysprep the image:
+
+ .. code:: bash
+
+ c:\sysprep\sysprep.exe -reseal -mini -activated
+
+ After this step the machine will automatically shut down