Using Oracle VM messages to configure a Virtual Machine.

In the previous blog entry, I walked through the steps on how to set up a VM with the necessary packages to enable Oracle VM template configuration. The template configuration scripts are add-ons one can install inside a VM running in an Oracle VM 3 environment. Once installed, it is possible to enable the configuration scripts and shutdown the VM so that after cloning or reboot, we go through an initial setup dialog.

At startup time, if ovmd is enabled, it will start executing configuration scripts that need input to configure and continue. It is possible to send this configuration data through the virtual console of the VM or through the Oracle VM API. To use the Oracle VM API to send configuration messages, you have two options :

(1) use the Oracle VM CLI. As of Oracle VM 3.1, we include an Oracle VM CLI server by default when installing Oracle VM Manager. This process starts on port 10000 on the Oracle VM Manager node and acts as an ssh server. You can log into this cli using the admin username/password and then execute cli commands.

# ssh admin@localhost -p 10000
admin@localhost's password: 
OVM> sendVmMessage Vm name=ol6u3apitest key=foo message=bar log=no
Command: sendVmMessage Vm name=ol6u3apitest key=foo message=bar log=no
Status: Success
Time: 2012-12-27 09:04:29,890 PST

The cli command for sending a message is sendVmMessage Vm name=[vmname] key=[key] message=[value]

If you do not want to log the out of the commands then add log=no

(2) use the Oracle VM utilities. If you install the Oracle VM Utilities, see here to get started, then :

# ./ovm_vmmessage -u admin -p ######## -h localhost -v ol6u3apitest -k foo -V bar
Oracle VM VM Message utility 0.5.2.
Connected.
VM : 'ol6u3apitest' has status :  Running.
Sending message.
Message sent successfully.

The ovm_vmmessage command connects to Oracle VM Manager and sends a key/value pair to the VM you select.

ovm_vmmessage -u [adminuser] -p [adminpassword] -h [managernode] -v [vmname] -k [key] -V [value]

These two commands basically allow the admin user to send simple key - value pair messages to a given VM. This is the basic mechanism we rely on to remotely configure a VM using the Oracle VM template config scripts.

For the template configuration we provide, and depending on the scripts you installed, there is a well-defined set of variables (keys) that you can set, listed below. In our scripts we have one variable that is required and this has to be set/send at the end of the configuration. This is configuring the root password. Everything else is optional. Sending the root password variable triggers the reconfiguration to execute. As an example, if you install the ovm-template-config-selinux package, then part of the configuration can be to set the selinux mode. The variable is com.oracle.linux.selinux.mode and the values can be enforcing,permissive or disabled. So to set the value of SELinux, you basically send a message with key com.oracle.linux.selinux.mode and value enforcing (or so..).

# ./ovm_vmmessage -u admin -p ######## -h localhost -v ol6u3apitest \
        -k com.oracle.linux.selinux.mode -V enforcing

Do this for every variable you want to define and at the end send the root password.

# ./ovm_vmmessage -u admin -p ######## -h localhost -v ol6u3apitest \ 
        -k com.oracle.linux.root-password -V "mypassword"

Once the above message gets sent, the ovm-template-config scripts will set up all the values and the VM will end up in a configured state. You can use this to send ssh keys, set up extra users, configure the virtual network devices etc.. To get the list of configuration variables just run # ovm-template-config --human-readable --enumerate configure and it will list the variables with a description like below.

It is also possible to selectively enable and disable scripts. This work very similar to chk-config. # ovm-chkconfig --list will show which scripts/modules are registered and whether they are enabled to run at configure time and/or cleanup time. At this point, the other options are not implemented (suspend/resume/..). If you have installed datetime but do not want to have it run or be an option, then a simple # ovm-chkconfig --target configure datetime off will disable it. This allows you, for each VM or template, to selectively enable or disable configuration options. If you disable a module then the output of ovm-template-config will reflect those changes.

The next blog entry will talk about how to make generic use of the VM message API and possible extend the ovm-template-configure modules for your own applications.

[('30',
  'selinux',
  [{u'description': u'SELinux mode: enforcing, permissive or disabled.',
    u'hidden': True,
    u'key': u'com.oracle.linux.selinux.mode'}]),
 ('41',
  'firewall',
  [{u'description': u'Whether to enable network firewall: True or False.',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.firewall'}]),
 ('50',
  'datetime',
  [{u'description': u'System date and time in format year-month-day-hour-minute-second, e.g., "2011-4-7-9-2-42".',
    u'hidden': True,
    u'key': u'com.oracle.linux.datetime.datetime'},
   {u'description': u'System time zone, e.g., "America/New_York".',
    u'hidden': True,
    u'key': u'com.oracle.linux.datetime.timezone'},
   {u'description': u'Whether to keep hardware clock in UTC: True or False.',
    u'hidden': True,
    u'key': u'com.oracle.linux.datetime.utc'},
   {u'description': u'Whether to enable NTP service: True or False.',
    u'hidden': True,
    u'key': u'com.oracle.linux.datetime.ntp'},
   {u'description': u'NTP servers separated by comma, e.g., "time.example.com,0.example.pool.ntp.org".',
    u'hidden': True,
    u'key': u'com.oracle.linux.datetime.ntp-servers'},
   {u'description': u'Whether to enable NTP local time source: True or False.',
    u'hidden': True,
    u'key': u'com.oracle.linux.datetime.ntp-local-time-source'}]),
 ('50',
  'network',
  [{u'description': u'System host name, e.g., "localhost.localdomain".',
    u'key': u'com.oracle.linux.network.hostname'},
   {u'description': u'Hostname entry for /etc/hosts, e.g., "127.0.0.1 localhost.localdomain localhost".',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.host.0'},
   {u'description': u'Network device to configure, e.g., "eth0".',
    u'key': u'com.oracle.linux.network.device.0'},
   {u'depends': u'com.oracle.linux.network.device.0',
    u'description': u'Network device hardware address, e.g., "00:16:3E:28:0F:4E".',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.hwaddr.0'},
   {u'depends': u'com.oracle.linux.network.device.0',
    u'description': u'Network device MTU, e.g., "1500".',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.mtu.0'},
   {u'choices': [u'yes', u'no'],
    u'depends': u'com.oracle.linux.network.device.0',
    u'description': u'Activate interface on system boot: yes or no.',
    u'key': u'com.oracle.linux.network.onboot.0'},
   {u'choices': [u'dhcp', u'static'],
    u'depends': u'com.oracle.linux.network.device.0',
    u'description': u'Boot protocol: dhcp or static.',
    u'key': u'com.oracle.linux.network.bootproto.0'},
   {u'depends': u'com.oracle.linux.network.bootproto.0',
    u'description': u'IP address of the interface.',
    u'key': u'com.oracle.linux.network.ipaddr.0',
    u'requires': [u'com.oracle.linux.network.bootproto.0',
                  [u'static', u'none', None]]},
   {u'depends': u'com.oracle.linux.network.bootproto.0',
    u'description': u'Netmask of the interface.',
    u'key': u'com.oracle.linux.network.netmask.0',
    u'requires': [u'com.oracle.linux.network.bootproto.0',
                  [u'static', u'none', None]]},
   {u'depends': u'com.oracle.linux.network.bootproto.0',
    u'description': u'Gateway IP address.',
    u'key': u'com.oracle.linux.network.gateway.0',
    u'requires': [u'com.oracle.linux.network.bootproto.0',
                  [u'static', u'none', None]]},
   {u'depends': u'com.oracle.linux.network.bootproto.0',
    u'description': u'DNS servers separated by comma, e.g., "8.8.8.8,8.8.4.4".',
    u'key': u'com.oracle.linux.network.dns-servers.0',
    u'requires': [u'com.oracle.linux.network.bootproto.0',
                  [u'static', u'none', None]]},
   {u'description': u'DNS search domains separated by comma, e.g., "us.example.com,cn.example.com".',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.dns-search-domains.0'},
   {u'description': u'Network device to configure, e.g., "eth0".',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.device.1'},
   {u'depends': u'com.oracle.linux.network.device.1',
    u'description': u'Network device hardware address, e.g., "00:16:3E:28:0F:4E".',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.hwaddr.1'},
   {u'depends': u'com.oracle.linux.network.device.1',
    u'description': u'Network device MTU, e.g., "1500".',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.mtu.1'},
   {u'choices': [u'yes', u'no'],
    u'depends': u'com.oracle.linux.network.device.1',
    u'description': u'Activate interface on system boot: yes or no.',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.onboot.1'},
   {u'choices': [u'dhcp', u'static'],
    u'depends': u'com.oracle.linux.network.device.1',
    u'description': u'Boot protocol: dhcp or static.',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.bootproto.1'},
   {u'depends': u'com.oracle.linux.network.bootproto.1',
    u'description': u'IP address of the interface.',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.ipaddr.1',
    u'requires': [u'com.oracle.linux.network.bootproto.1',
                  [u'static', u'none', None]]},
   {u'depends': u'com.oracle.linux.network.bootproto.1',
    u'description': u'Netmask of the interface.',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.netmask.1',
    u'requires': [u'com.oracle.linux.network.bootproto.1',
                  [u'static', u'none', None]]},
   {u'depends': u'com.oracle.linux.network.bootproto.1',
    u'description': u'Gateway IP address.',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.gateway.1',
    u'requires': [u'com.oracle.linux.network.bootproto.1',
                  [u'static', u'none', None]]},
   {u'depends': u'com.oracle.linux.network.bootproto.1',
    u'description': u'DNS servers separated by comma, e.g., "8.8.8.8,8.8.4.4".',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.dns-servers.1',
    u'requires': [u'com.oracle.linux.network.bootproto.1',
                  [u'static', u'none', None]]},
   {u'description': u'DNS search domains separated by comma, e.g., "us.example.com,cn.example.com".',
    u'hidden': True,
    u'key': u'com.oracle.linux.network.dns-search-domains.1'}]),
 ('60',
  'user',
  [{u'description': u'Name of the user on which to perform operation.',
    u'hidden': True,
    u'key': u'com.oracle.linux.user.name.0'},
   {u'description': u'Action to perform on the user: add, del or mod.',
    u'hidden': True,
    u'key': u'com.oracle.linux.user.action.0'},
   {u'description': u'User ID.',
    u'hidden': True,
    u'key': u'com.oracle.linux.user.uid.0'},
   {u'description': u'User initial login group.',
    u'hidden': True,
    u'key': u'com.oracle.linux.user.group.0'},
   {u'description': u'Supplementary groups separated by comma.',
    u'hidden': True,
    u'key': u'com.oracle.linux.user.groups.0'},
   {u'description': u'User password.',
    u'hidden': True,
    u'key': u'com.oracle.linux.user.password.0',
    u'password': True},
   {u'description': u'New name of the user.',
    u'hidden': True,
    u'key': u'com.oracle.linux.user.new-name.0'},
   {u'description': u'Name of the group on which to perform operation.',
    u'hidden': True,
    u'key': u'com.oracle.linux.group.name.0'},
   {u'description': u'Action to perform on the group: add, del or mod.',
    u'hidden': True,
    u'key': u'com.oracle.linux.group.action.0'},
   {u'description': u'Group ID.',
    u'hidden': True,
    u'key': u'com.oracle.linux.group.gid.0'},
   {u'description': u'New name of the group.',
    u'hidden': True,
    u'key': u'com.oracle.linux.group.new-name.0'}]),
 ('70',
  'ssh',
  [{u'description': u'Host private rsa1 key for protocol version 1.',
    u'hidden': True,
    u'key': u'com.oracle.linux.ssh.host-key'},
   {u'description': u'Host public rsa1 key for protocol version 1.',
    u'hidden': True,
    u'key': u'com.oracle.linux.ssh.host-key-pub'},
   {u'description': u'Host private rsa key.',
    u'hidden': True,
    u'key': u'com.oracle.linux.ssh.host-rsa-key'},
   {u'description': u'Host public rsa key.',
    u'hidden': True,
    u'key': u'com.oracle.linux.ssh.host-rsa-key-pub'},
   {u'description': u'Host private dsa key.',
    u'hidden': True,
    u'key': u'com.oracle.linux.ssh.host-dsa-key'},
   {u'description': u'Host public dsa key.',
    u'hidden': True,
    u'key': u'com.oracle.linux.ssh.host-dsa-key-pub'},
   {u'description': u'Name of the user to add a key.',
    u'hidden': True,
    u'key': u'com.oracle.linux.ssh.user.0'},
   {u'description': u'Authorized public keys.',
    u'hidden': True,
    u'key': u'com.oracle.linux.ssh.authorized-keys.0'},
   {u'description': u'Private key for authentication.',
    u'hidden': True,
    u'key': u'com.oracle.linux.ssh.private-key.0'},
   {u'description': u'Private key type: rsa, dsa or rsa1.',
    u'hidden': True,
    u'key': u'com.oracle.linux.ssh.private-key-type.0'},
   {u'description': u'Known hosts.',
    u'hidden': True,
    u'key': u'com.oracle.linux.ssh.known-hosts.0'}]),
 ('90',
  'authentication',
  [{u'description': u'System root password.',
    u'key': u'com.oracle.linux.root-password',
    u'password': True,
    u'required': True}])]
Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Wim Coekaerts is the Senior Vice President of Linux and Virtualization Engineering for Oracle. He is responsible for Oracle's complete desktop to data center virtualization product line and the Oracle Linux support program.

You can follow him on Twitter at @wimcoekaerts

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
9
10
11
12
13
14
15
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today