ZStack Cloud 4.8.0>Tutorials>Private Cloud>CentOS 8 Template Tutorial>Template

Template

Install an Operating System

To install an operating system, follow these steps:

Create a VM instance.
Install CentOS 8.

Create a VM instance.

For the detailed information about how to create a VM instance on ZStack Cloud, and how to use an installation image to boot the VM instance, see the chapter "Create a VM Instance" in User Guide.
Note: To install and apply CentOS 8, make sure that you choose a memory of at least 2 GB for the VM instance. We recommend that you choose a memory greater or equal to 4 GB.
Install CentOS 8.
1. Select the boot item.
  
  Launch the VM console, and the CentOS 8 installation page appears. Then, select Install CentOS Linux 8 to begin the operating system installation.
  
  Figure 1. CentOS 8 Installation Page
2. Choose an installation language.
  
  This tutorial chooses English as the default language for the installer and the system. You can choose other languages as needed.
3. Configure parameters on the INSTALLATION SUMMARY page.
  This page displays system installation configurations. You can set the following configurations based on your needs:
  - LOCALIZATION: Set the keyboard, language, and time zone for the system.
  - SOFTWARE: Select the installation source and software.
  - SYSTEM: Set the installation destination, network, host name, and security policy. Select whether to enable Kdump.
  - USER SETTINGS: Set the root password. Complete the user creation.
  Figure 2. Installation Summary
4. (Optional) Configure disk partitioning.
  
  This tutorial selects Automatically configure partitioning to complete the installation. If you want to customize partitioning, click INSTALLATION DESTINATION on the INSTALLATION SUMMARY page, and begin customized configuration on the INSTALLATION DESTINATION page.
  
  Figure 3. Disk Partitioning
5. Install the system.
  
  After finishing disk partitioning, go back to the INSTALLATION SUMMARY page, and click Begin Installation at the bottom right of the page to begin system installation. After finishing system installation, click Reboot to restart the system. Then, click I accept the license agreement to enter the system.

Configure the Template System

To configure the template system, follow these steps:

Specify the hostname.
Configure the network.
Install the QEMU Guest Agent.
(Optional) Install the cloud-init.
(Optional) Install the GuestTools.
(Optional) Close vulnerability patches.

Specify the hostname.

In the CentOS 8, run hostnamectl set-hostname localhost.localdomain && bash. This command specifies the hostname of the VM instance created with the template as the IP address of the NIC.

Configure the network.

To enable the VM instance created with the template to automatically obtain an IP address, you need to modify the NIC configurations. Run the following commands:

[root@localhost ~]# sed -i '/ONBOOT=/cONBOOT=yes' /etc/sysconfig/network-scripts/ifcfg-ens3     #Set the NIC to be activated automatically at boot [root@localhost ~]# sed -i '/^UUID'/d /etc/sysconfig/network-scripts/ifcfg-ens3    #Delete the UUID in the NIC configuration file [root@localhost ~]# sed -i '/^HWADDR'/d /etc/sysconfig/network-scripts/ifcfg-ens3    #Delete the MAC in the NIC configuration file

Install the QEMU Guest Agent.
1. Run yum install qemu-guest-agent -y to install the QGA.
  
  Note: You can also install the QEMU Guest Agent for a CentOS 8.0 VM instance by installing the VM GuestTools. For detailed information, see (Optional) Install the GuestTools.
2. Run systemctl enable qemu-guest-agent to enable the QGA whenever the VM instance starts.
3. Run getenforce to check the status of SELINUX. If it returns Enforcing, run vi /etc/selinux/config to change the status of SELINUX to disabled. Then, save the change and exit.
(Optional) Install the cloud-init.
To ensure the customized configuration features such as User Data and SSH Public Key are available when you create a VM instance with the template, you need to install the cloud-init before encapsulating the template. We recommend that you install the cloud-init of 0.7.9, 17.1, 19.4 or latter versions. You can select and install the version you need.
Note: Notice the following points when installing the cloud-init:
- Please install the versions recommended, otherwise, the User Data or SSH Public Key may become unavailable during VM instance creation.
- SSH key authentication is disabled by default after you install the cloud-init. If you want to enable the authentication, please run vi /etc/cloud/cloud.cfg to set the value of ssh_pwauth as 1.
(Optional) Install VM GuestTools
1. Attach GuestTools ISO to the VM instance.
  Click to install GuestTools on the VM details page and install the GuestTools ISO.
2. Run installation commands.
  Run the following command on the VM instance console to finish the installation.
```
[root@localhost ~]# mkdir /mnt/cdrom    #Create a monut point. [root@localhost ~]# mount /dev/cdrom /mnt/cdrom    #Attach CD-ROM image. [root@localhost ~]# cd /mnt/cdrom/ bash ./zs-tools-install.sh     #Install GuestTools. [root@localhost ~]# cd ~ umount /mnt/cdrom    #Unmount CD-ROM (optional).
```
Note: Notice the following points:
- Run yum install tar -y to install the tar command before installing the GuestTools.
- If you attach data volumes to the Linux system image created, do not write the attachment information of the data volumes into /etc/fstab. Otherwise, the VM instances created with this template may fail to start.
- If you want to attach the data volumes to a VM instance when it starts, we recommend the following method:
  [root@localhost ~]# echo "mount -t ext4 -U "d0shC2-2GO1-Vyuc-XKXf-Pb3c-uvG5-92Fzeu" /mnt" >> /etc/rc.d/rc.local [root@localhost ~]# # -t indicates the file system of the disk; -U indicates using UUID to attach the disk;/mnt indicates the mount path [root@localhost ~]# # run blkid to obtain the device UUID [root@localhost ~]# chmod +x /etc/rc.d/rc.local [root@localhost ~]# # We recommend you to attach the disk with the device UUID instead of the disk symbol such as /dev/vdb.
(Optional) Close vulnerability patches.
For CentOS 8.x, closing the patches for spectre and meltdown can effectively improve the performance of the VM instances. To close the patches, follow these steps:
1. Check whether the patch is on.
  Run grep . /sys/devices/system/cpu/vulnerabilities/*. You can check whether the patch is on by viewing /sys. For example:
  # grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/itlb_multihit:KVM: Mitigation: Split huge pages /sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT disabled /sys/devices/system/cpu/vulnerabilities/mds:Mitigation: Clear CPU buffers; SMT Host state unknown /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation: Speculative Store Bypass disabled via prctl and seccomp /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: usercopy/swapgs barriers and __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline, IBPB: conditional, IBRS_FW, STIBP: disabled, RSB filling /sys/devices/system/cpu/vulnerabilities/srbds:Not affected /sys/devices/system/cpu/vulnerabilities/tsx_async_abort:Mitigation: Clear CPU buffers; SMT Host state unknown
  You can check the patch status through the last result returned. Mitigation means that the patch is on, while vulnerable means the patch is closed.
2. View the vulnerability fix method.
  If the patch is on, check the bug fix method through the last result returned in the previous step. There are two bug fix methods: Retpoline without IBPB and Enhanced IBRS.
  
  Retpoline without IBPB: This method has a smaller impact on the performance of the system. You can either close the patch or keep it on. This depends on your needs.
  
  Enhanced IBRS: This method has a greater impact on the performance of the system. We recommend that you close the patch to improve the system performance. (The performance can improve by about 30% as measured.)
3. Close the vulnerability patch.
  To close the vulnerability patch, following these steps:
  
  In the /etc/default/grub file, set the value as noibrs noibpb nopti spectre_v2=off nospectre_v1 l1tf=off nospec_store_bypass_disable no_stf_barrier mds=off mitigations=off for the parameter GRUB_CMDLINE_LINUX.
  
  Run grub2-mkconfig > /boot/grub2/grub.cfg to apply the configuration.
  
  Reboot the VM instance to make the configuration effective.
  
  Refer to the following example:
  [root@10-0-5-87 ~]# cat /etc/default/grub #view /etc/default/grub file configuration.Make configurations based on your needs. GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)" GRUB_DEFAULT=saved GRUB_DISABLE_SUBMENU=true GRUB_TERMINAL_OUTPUT="console" GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=zstack/root rd.lvm.lv=zstack/swap rhgb quiet noibrs noibpb nopti spectre_v2=off nospectre_v1 l1tf=off nospec_store_bypass_disable no_stf_barrier mds=off mitigations=off" GRUB_DISABLE_RECOVERY="true" [root@10-0-5-87 ~]# grub2-mkconfig > /boot/grub2/grub.cfg #Apply the configuration [root@10-0-5-87 ~]# reboot #Restart the VM instance to make the configuration effective

Create a System Template

To create a system template, follow these steps:

Create an image.
Export the image.

Create an Image.
On the details page of the VM instance created, choose Actions > Snapshot and Image > Create Image. Then, the Create Image page is displayed.
On the displayed page, set the following parameters:
- Name: Enter a name for the image.
- Description: Optional. Enter a description for the image.
- Image Type: Select System Image here.
- Backup Storage: Select a backup storage created before.
Figure 1. Create an Image
Export the image.
You can use the image exported to create VM instances on other cloud platforms directly. The method to export images varies according to backup storage types.
- ImageStore backup storage.
  On the Image page, choose Actions > Export Image. This button helps export the image.
  After generating the image, you can copy the URL of the image exported on the Overview page to download the image. Or, you can copy the URL of the exported image on the Exported page. You can also click Download on the page to download the image directly.
- Ceph backup storage. If you use a Ceph backup storage, you can export the image on the UI or from the backup storage.
  - Export on the UI:
    On the Image page, choose Actions > Export Image. This button helps export the image.
    After generating the image, you can copy the URL of the image exported on the Overview page to download the image. Or, you can copy the URL of the exported image on the Exported page. You can also click Download on the page to download the image directly.
  - Export from the backup storage:
    
    On the Overview page of the created image, copy Installation Path.
    
    Login to the terminal of the Ceph backup storage, run rbd export to export the image. For example:
    If you obtain the installation path ceph://bak-t-cac5eee23a204c1a914d1743f1584644/7232237c0059409babcd1c7a69452b98, you can run the following commands to export the image:
    [root@ceph-node1 ~]# rbd export bak-t-cac5eee23a204c1a914d1743f1584644/7232237c0059409babcd1c7a69452b98 /root/export-test.qcow2 [root@ceph-node1 ~]# # bak-t indicates the installation path of the image [root@ceph-node1 ~]# # /root/export-test.qcow2 indicates the target path and the file name of the exported image
    Note: The command rbd export does not include such a prefix as ceph://.

Now, you have completed the encapsulation of a CentOS 8 system template. You can use this image to create VM instances in bulk.

Next Chapter:Glossary

Template

Install an Operating System

Configure the Template System

Create a System Template

Products

Solutions

Help & Support

Contact Us