Managing images and templates

Last updated 28 February, 2019

Creating images and templates

In HPE OneSphere, you select images and templates from the Catalog to deploy virtual machines and containers.

For more information about the Catalog in the HPE OneSphere web portal, see Managing the catalog.

HPE OneSphere requires that VMware Windows templates are prepared with cloud-init and sysprep. HPE OneSphere does not impose any special requirements on KVM images.

For information about creating the VMware templates and KVM images that are automatically added to HPE OneSphere from your connected private cloud, refer to the following:

Using a VMware template for images in the HPE OneSphere catalog

Using VMware templates for images in the HPE OneSphere catalog is an easy way to launch virtual machine instances from HPE OneSphere, because templates are directly cloned at the vSphere layer.

HPE OneSphere attaches the VMXNET3 (VMXNET Generation 3) virtual network adapter, which is designed to deliver high performance in virtual machines running on the VMware vSphere platform.

NOTE:

The CPU, memory, and disk size configuration of the VMware template is overridden based on the flavor selected during virtual machine instance deployment.

If you enable the hot plug option for CPU and RAM while deploying the virtual machine from a template, you can later change later the CPU and RAM of the virtual machine without rebooting.

Prerequisites

The administrator:

  • Installed VMware Tools in the VMware template.

  • Removed existing NICs and CD-ROM drives attached to the VMware template. When a virtual machine is deployed based on the template, HPE OneSphere attaches networks and drives in order to pass in cloud-init metadata.

  • Ensured that only one disk is attached to the template. The disk will be resized as needed, based on the flavor selected during deployment.

  • Ensured that the VMware template name does not contain special characters. Use alphanumeric characters and the hyphen (-) and underscore (_) characters only.

Procedure
  1. Clone or migrate any existing VMware vSphere templates to a datastore connected to HPE OneSphere.
  2. After about 10 minutes, verify that the templates appear on the Catalog screen in the HPE OneSphere portal.

The following table shows the disk type options you can configure in a VMware template, and the actions performed by vCenter for the selected disk type when deploying a virtual machine from the template.

Option Action

Same format as source

Use the same format as the source virtual machine.

Thick Provision Eager Zeroed

Create a thick disk that supports clustering features such as Fault Tolerance. Space required for the virtual disk is allocated at creation time. In contrast to the thick provision lazy zeroed format, the data remaining on the physical device is zeroed out during creation. It might take longer to create disks in this format than to create other types of disks. Increasing the size of an Eager Zeroed Thick virtual disk causes a significant stun time for the virtual machine.

Thick Provision Lazy Zeroed

Create a virtual disk in a default thick format. Space required for the virtual disk is allocated during creation. Any data remaining on the physical device is not erased during creation, but is zeroed out on demand at a later time on first write from the virtual machine.

Thin Provision

Use the thin provisioned format. At first, a thin provisioned disk uses only as much datastore space as the disk initially needs. If the thin disk needs more space later, it can grow to the maximum capacity allocated to it. Thin provisioning is the fastest method to create a virtual disk because it creates a disk with just the header information. It does not allocate or zero out storage blocks. Storage blocks are allocated and zeroed out when they are first accessed.

Customizing a Windows virtual machine instance with cloudbase-init and sysprep

HPE OneSphere uses OpenStack software to deploy virtual machines. 

IMPORTANT:

Windows images must be prepared with cloud-init and sysprep in VMware vSphere before the images can be used by HPE OneSphere to deploy virtual machines to a VMware private cloud.

HPE suggests using cloudbase-init from Cloudbase Solutions to automate Windows guest operating system initialization.  For more information, see Leveraging cloud-init with HPE OneSphere.

The following procedure describes how to create and modify a Windows VM that you can use to create a template. The template will be automatically imported into the HPE OneSphere catalog when HPE OneSphere is connected to your VMware environment.

Procedure
  1. In VMware vSphere, create a new VM with a single virtual disk with sufficient storage and memory allocations.
  2. Deploy the Windows operating system in the VM.
  3. Install VMware Tools on the VM after Windows installation is complete.

    In the vSphere VM menu, select Guest, then Install/Upgrade VMware Tools.

  4. Install cloudbase-init on the virtual machine.
    1. Download the installer from https://cloudbase.it/cloudbase-init/#download.
    2. Run the installer.
    3. Enter the correct administrator user name for your version of Windows.
    4. Check the Use metadata password option.
    5. Click Next and wait until the installation completes.
    6. At the end of the installation, select the option to run the Sysprep package to create a generalized image.
    7. Click Finish to close the installer.
  5. (Optional) Modify the configuration settings of cloudbase-init.
    1. Open the file cloudbase-init.conf in an editor. The default location is C:\Program Files (x86)\Cloudbase Solutions\Cloudbase-Init\conf\cloudbase-init.conf on the new VM.
    2. Modify the file with details specific to your environment. Following is an example cloudbase-init.conf file.

      See http://cloudbase-init.readthedocs.io/en/latest/userdata.html for more information.

      [DEFAULT]
      username=Admin
      groups=Administrators
      inject_user_password=true
      config_drive_raw_hhd=true
      config_drive_cdrom=true
      config_drive_vfat=true
      bsdtar_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\bsdtar.exe
      mtools_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin
      verbose=true
      debug=true
      logdir=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log
      logfile=cloudbase-init.log
      default_log_levels=comtypes=INFO,suds=INFO,iso8601=WARN,requests=WARN
      logging_serial_port_settings=
      mtu_use_dhcp_config=true
      ntp_use_dhcp_config=true
      local_scripts_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\LocalScripts
  6. Create a template from the VM. This template is imported into the HPE OneSphere Catalog, and can be selected when deploying virtual machines from your project in HPE OneSphere.

    See "Clone a Virtual Machine to a Template in the vSphere Web Client" in VMware Documentation.

Custom attributes on Microsoft Windows images

When a Windows image (VMDK file) is automatically uploaded to HPE OneSphere from your VMware vCenter environment, the OpenStack Glance service may populate incorrect values for your SCSI controller (vmware_adaptertype) and for your NIC type (hw_vif_model). Examine the output from the glance image-create command to verify the correct settings.

  • If you are using a virtual SCSI controller, the vmware_adaptertype property might be incorrectly set to lsiLogic instead of lsiLogicsas. You can change the property using the command:

    glance image-update --property vmware_adaptertype=lsiLogicsas <vm-id>
  • If you did not specify a value for hw_vif_model, the default VirtualE1000 is used. For a Windows instance, use a Vmxnet3 virtual NIC (VirtualVmxnet3).

    glance image-update --property hw_vif_model=VirtualVmxnet3 <vm-id>

Following are the values of hw_vif_model for various adapter types.

Adapter Type

Value of hw_vif_model

E1000 (default)

VirtualE1000

E1000e

VirtualE1000e

Flexible

VirtualPCNet32

Vmxnet

VirtualVmxnet

Vmxnet3

VirtualVmxnet3

For more information, see Create or update an image (glance) and Images with VMware vSphere from OpenStack Documentation.

Creating a CentOS virtual machine image from scratch

Creating a virtual machine image from scratch, instead of using a prebuilt image, gives you the flexibility to customize the image for your specific requirements.

Prerequisites

You have a CentOS system with libvirt and all the dependencies installed.

See http://virt-manager.org/

Procedure
  1. Download the ISO file from CentOS or its mirrors.
  2. Copy the ISO to the images folder.
    cd /var/lib/libvirt/images
    wget http://mirror.hmc.edu/centos/6.6/isos/x86_64/CentOS-6.6-x86_64-minimal.iso
  3. From virt-manager, create a new virtual machine.
    1. Select Local install media (ISO or CDROM).
    2. Select the ISO you just downloaded.
    3. Select OS type = Linux, Version= Red Hat Enterprise Linux 6.
    4. Select the amount of CPU, Memory and Storage.
    5. Check Enable storage for this virtual machine.
    6. Select Create a disk image on the computer's hard drive and Allocate entire disk now.
  4. Install and configure the operating system.

    Select the options for your environment. You can configure the users, password, and SSH configuration (no-password or password logon).

    Setting up a specific admin user with a password/SSH key that can be used by administrators to log in is recommended. HPE OneSphere (through OpenStack) allows the owner of the virtual machine to pass an SSH key at boot time, but this specific admin user can be used exclusively by a system administrator as a powerful debugging tool.

  5. (Optional) Install cloud-init.

    After the OS is installed, reboot and log in; by default the OS comes up with DHCP configured. Install the epel repository to fetch cloud-init and then install cloud-init.

    sudo yum install epel-release
    sudo yum install cloud-init
  6. (Optional) Configure cloud-init.

    Cloud-init is a popular tool for Linux operating systems that lets you configure the OS on first time boot (when creating a new instance) on various cloud platforms including OpenStack.

    The most important setting is the user account that you want your users to log in as. On Amazon EC2 images it is typically ec2-user, but you may want to create your own user account.

    Edit /etc/cloud/cloud.cfg to change the user setting at the end of the file. Make sure that user exists on the system and is part of the admin group with sudo access. The following example uses a user named centos, but you can pick something different.

    system_info:
      default_user:
        name: centos
        lock_passwd: true
        gecos: Cloud User
        groups: [wheel, adm]
        sudo: ["All=(ALL) NOPASSWD:ALL"]
        shell: /bin/bash
      distro: rhel
      paths:
        cloud_dir: /var/lib/cloud
        templates.dir: /etc/cloud/templates
      ssh_svcname: sshd
  7. Power off the virtual machine.
  8. Call virt-sysprep.
    cd /var/lib/libvirt/images/
    virt-sysprep -a 

Creating an Ubuntu 16.04 virtual machine image with cloud-init in a VMware vSphere environment

This procedure describes how to prepare a template using Ubuntu images with the cloud-init package in a vSphere environment.

NOTE:

HPE recommends the latest prebuilt cloud image from the official Ubuntu website: https://cloud-images.ubuntu.com/xenial/current/. This cloud image contains all of the basic components to build a Kubernetes cluster "out-of-the-box."

If you need to configure an image with your preferred NTP, DNS and proxy details, follow the steps in the procedure below.

Procedure
  1. Download the Ubuntu Xenial Xerus Server 64-bit image: http://releases.ubuntu.com/16.04.5/
  2. Upload the ISO to a VMware vSphere datastore using the Datastore browser. Note the location of the ISO.
  3. Create a virtual machine in vSphere using the ISO, and accept the default values for virtual machine resources.
  4. Create a non-admin user when prompted to do so.
  5. Manually configure disk partitioning.
    1. Create a single Primary partition in the free space.
    2. Write table to disk acknowledging there is no swap partition.
  6. Do not configure proxies.
  7. Select the OpenSSH software package.
  8. When the Ubuntu installation is completed, detach the Xenial ISO from the virtual machine.
  9. After the virtual machine reboots, log in using the non-admin user account created in step 4.
  10. (Optional) Export proxy server settings.
    export http_proxy="http://PROXY_SERVER:<PORT>"
    export https_proxy="https://PROXY_SERVER:<PORT>"
    export no_proxy="<PROXY_EXCEPTIONS>"
    
  11. Update package lists to get information about the newest versions of packages and their dependencies.

    Specify the -E argument if you exported proxy server settings in step 10.

    sudo -E apt update
  12. Fetch new versions of packages existing on the machine.

    Specify the -E argument if you exported proxy server settings in step 10.

    sudo -E apt upgrade
  13. Install NTP and cloud-init.

    The NTP service starts by default after it is installed. For more information, see Leveraging cloud-init with HPE OneSphere.

    sudo apt install ntp cloud-init
  14. (Optional) If your VMware environment is isolated from the internet, consider configuring your NTP server for your organization instead of using the stock Ubuntu time servers listed in /etc/ntp.conf. For more information, see Time Synchronization from Ubuntu Documentation.

    TIP:

    Look for the following in your /etc/ntp.conf file, and adjust the servers as appropriate to those used in your organization to synchronize time.

    pool 0.ubuntu.pool.ntp.org iburst
    pool 1.ubuntu.pool.ntp.org iburst
    pool 2.ubuntu.pool.ntp.org iburst
    pool 3.ubuntu.pool.ntp.org iburst
  15. Verify that the open-vm-tools package (VMware Tools) is installed. (It is installed by default on Ubuntu 16.04.5 LTS.)
  16. (Optional) Configure DNS, if necessary. To configure DNS, edit the file /etc/network/interfaces as follows. Otherwise, keep the default values.
    # This file describes the network interfaces available on your system
    # and how to activate them. For more information, see interfaces(5).
    
    # source /etc/network/interfaces.d/*
    
    # The loopback network interface
    auto lo
    iface lo inet loopback
    
    # The primary network interface
    auto ens160
    iface ens160 inet dhcp
    
    # Source interfaces
    source /etc/network/interfaces.d/*.cfg
  17. (Optional) If you plan to use this image to create the nodes in a private (not internet accessible) Kubernetes cluster in your vSphere environment, add a trusted root certificate to the server.
    1. Copy your CA to the ca-certificates directory.
      sudo cp <cert-name>.crt /usr/local/share/ca-certificates/<cert-name>.crt
    2. Update the CA store.
      sudo update-ca-certificates
  18. Shut down the virtual machine.
  19. Edit the VM settings.
    1. Delete the CDROM/DVD device.
    2. Delete the network adapter device.
  20. Save and convert the virtual machine to a template.

The template will be available for provisioning in approximately 10 minutes.

To create a VMDK image, download the virtual machine VMDK from the datastore and upload it to OpenStack Glance as an image using the Glance command line.

Obtaining prebuilt KVM images 

Prebuilt KVM images, including images for CentOS, RedHat Enterprise Linux, and Ubuntu are available from OpenStack Cloud Software.

OpenStack Get images

As an alternative, you can build a KVM image using diskimage-builder from OpenStack Cloud Software.

OpenStack Building an image

Configuring high availability for the image library on KVM servers 

Use the following procedure to configure the Image Library for high availability (HA).

After performing these steps, you can enable one server per zone for the Image library registry service (the ImageLibrary role) in the HPE OneSphere portal. You can enable additional server(s) using the HPE OneSphere REST API.

Prerequisites

The administrator:

  • Installed Network File System (NFS) on a machine that is reachable from your KVM hypervisor.

    HPE recommends that you do not install NFS on the server machine.

  • Installed NFS client on your KVM hypervisor.

Procedure
  1. Connect HPE OneSphere to your KVM server using HPE OneSphere Connect.
  2. Log in to the KVM server as a sudo user.
  3. Create the following directory.
    mkdir –p /var/opt/hpe/imagelibrary/data/
  4. Assign roles to the following directories.
    chown pf9:pf9group /var/opt/hpe/
    chown pf9:pf9group /var/opt/hpe/imagelibrary/
    chown pf9:pf9group /var/opt/hpe/imagelibrary/data/
  5. Mount NFS to the data directory.
    mount <IP>:<shared-directory> /var/opt/hpe/imagelibrary/data/
  6. Enable one server per zone with the Image library registry service in the HPE OneSphere portal.

    Enable the server on the Providers > Private Zones > Update Zone screen.

  7. (Optional) Enable additional server(s) with the ImageLibrary role using the HPE OneSphere REST API.
    1. Use a GET call to /rest/zones to fetch the ZoneID from the list of zones.
    2. Use a GET call to /rest/zones/zoneid to fetch the serverUri of the server that you want to enable.
    3. Use a PATCH call to /rest/zones/zoneid to enable the server.
      zone
      [
       {
        "op": "add",
        "path": "/inTransitKVMServers",
        "value":[{"serverUri": "/rest/servers/3ac6afa0-9145-4120-bccc-88205939674b", 
        "state":"Enabled", 
        "roles": ["ImageLibrary"]
       }]
      } 
      ]

Creating images and networks for KVM servers using the OpenStack CLI

Before deploying a virtual machine to a KVM server, you must create an image and a network using the OpenStack CLI.

Prerequisites

The administrator:

  • Connected a KVM server to HPE OneSphere using HPE OneSphere Connect.

  • Enabled the KVM server in the Server Connection section of the Providers > Private Zones > Update Zone screen in the HPE OneSphere portal.

  • Created a project. Select the project in the HPE OneSphere portal in your browser, and note the project ID at the end of the URL. An example is shown in bold below, beginning with 2b64. The project ID is required while creating a network.

    Example: /project?uri=%2Frest%2Fprojects%2F2b64d9fa5f3b4e99bbd62986aaed828c

Procedure
  1. Log in to the KVM server where the OpenStack CLI is installed and source the OpenStack RC file. See Installing OpenStack CLI clients for more information.
  2. (Optional) Configure high availability for the image library on KVM servers.
  3. Create an image using one of the following methods.
    1. Use the OpenStack CLI to create an image.
      openstack image create --disk-format <disk format> --container-format 
       <container format> --public --file <image file with path> <image name>
    2. Download and copy an existing image to /var/opt/hpe/imagelibrary/data/ on the KVM server where the Image Library role is enabled.

      NOTE:

      • The server on which you are executing OpenStack commands must be in the same network as the KVM server where the Image Library role is enabled.

      • If you configured a proxy server when you connected HPE OneSphere to the KVM server where the Image Library role is enabled, exclude the server's IP address from your proxy configuration.

  4. Create a network.
    neutron net-create --provider:physical_network <physnet-name> 
    --provider:network_type vlan --provider:segmentation_id <vlan-id> <network-name>

    NOTE:

    You must obtain the physnet-name from the enabled KVM server. If the bridge that is created in the KVM server is br-physnet1, the physnet name will be physnet1.

  5. Create a subnet.
    neutron subnet-create <net-name> <cidr>
  6. Assign the network to the respective project.

    Obtain the project ID by selecting the project in the HPE OneSphere portal in your browser. The project ID is appended to the URL.

    neutron rbac-create --target-tenant <project-id> --action access_as_shared --type network 
    <network-id>

    NOTE:

    Do not use the OpenStack client for this network to project association. Use the neutron client only, as in the above example.

    NOTE:

    It takes approximately 10 minutes to reflect the newly created image and network in the HPE OneSphere portal.