Supplement to Admin User Guide and End User Guide
2 Managing Images
In the SUSE OpenStack Cloud context, images are virtual disk images that represent the contents and structure of a storage medium or device, such as a hard disk, in a single file. Images are used as a template from which a virtual machine can be started. For starting a virtual machine, SUSE OpenStack Cloud always uses a copy of the image.
Images have both content and metadata; the latter are also called image properties.
Permissions to manage images are defined by the cloud operator during setup of SUSE OpenStack Cloud. Image upload and management may be restricted to cloud administrators or cloud operators only.
Managing images for SUSE OpenStack Cloud requires the following basic steps:
Building Images with SUSE Studio.
For general and hypervisor-specific requirements, refer to Section 2.1, “Image Requirements”.
Uploading Disk Images to SUSE OpenStack Cloud.
Images can either be uploaded to SUSE OpenStack Cloud with the
glancecommand line tool or with the SUSE OpenStack Cloud Dashboard. As the Dashboard comes with some limitations with regards to image upload and modification of properties, it is recommended to use theglancecommand line tools for comprehensive image management.Specifying Image Properties. You can do so during image upload (using
glance image-create) or withglance image-updateafter the image has already been uploaded. Refer to Procedure 2.2, “Uploading Disk Images to SUSE OpenStack Cloud” and Procedure 2.3, “Modifying Image Properties”.
Important: Properties for Architecture, Hypervisor and VM Mode
OpenStack Image does not check nor automatically detect any image properties. Therefore you need to specify the image's properties manually.
This is especially important when using mixed virtualization environments to make sure that an image is only launched on appropriate hypervisors. The properties can specify a certain architecture, hypervisor type, or application binary interface (ABI) that the image requires.
2.1 Image Requirements #
To build the images to use within the cloud, use SUSE Studio or SUSE Studio Onsite as they provide automatic insertion of management scripts and agents. Make sure any images that you build for SUSE OpenStack Cloud fulfill the following requirements.
2.1.1 General Image Requirements #
The network is set to DHCP.
The image does not include YaST2 Firstboot.
The image does not include any end-user license agreement (EULA) dialogs.
The image contains the
cloud-initpackage. The package will be automatically added to the image if the following check box in SUSE Studio or SUSE Studio Onsite is enabled: .The
cloud-initpackage contains tools used for communication with the instance metadata API, which is provided by Compute. The metadata API is only accessible from inside the VM. The package is needed to pull keypairs into the virtual machine that will run the image.
If you intend to manage the image by the Orchestration module, you also
need to include the following package:
openstack-heat-cfntools (part
of the SUSE OpenStack Cloud ISO).
2.1.2 Image Requirements Depending on Hypervisor #
For a list of supported VM guests, refer to the SUSE® Linux Enterprise Server Virtualization Guide, section Supported VM Guests. It is available at https://www.suse.com/documentation/sles-12/book_virt/data/virt_support_guests.html.
Depending on the virtualization platform on which you want to use the image, make sure the image also fulfills the following requirements.
- KVM
Appliance format: If you are using SUSE Studio or SUSE Studio Onsite 1.3 to build images, use the
SUSE OpenStack Cloud/OpenStack/KVM (.qcow2)format.- Xen
Appliance format: If you are using SUSE Studio or SUSE Studio Onsite 1.3 to build images, use the
SUSE OpenStack Cloud/OpenStack/KVM (.qcow2)format.- VMware
Appliance format: If you are using SUSE Studio or SUSE Studio Onsite 1.3 to build images, use the
VMware/VirtualBox/KVM (.vmdk)format.If you are using SUSE Studio or SUSE Studio Onsite to build images, the resulting image will be a monolithic
sparsefile.
Note: Image Conversion
Sparse images can be uploaded to OpenStack Image. However, it is recommended to convert sparse images into a different format before uploading them to OpenStack Image (because starting VMs from sparse images may take longer).
For a list of supported image types, refer to http://docs.openstack.org/liberty/config-reference/content/vmware.html, section Supported image types.
For details on how to convert a sparse image into different formats, refer to http://docs.openstack.org/liberty/config-reference/content/vmware.html, section Optimize images.
- Hyper-V
Appliance format: If you are using SUSE Studio or SUSE Studio Onsite 1.3 to build images, use the
Hyper-V (.vhd), orSUSE OpenStack Cloud/OpenStack/KVM (.qcow2)format.As Hyper-V only supports images in
*.vhdformat, convert anyqcow2images before uploading them to SUSE OpenStack Cloud. For details, refer to Procedure 2.1.To ensure that an image is bootable on Hyper-V, check the
INITRD_MODULESlines in/etc/sysconfig/kernelfor the parametershv_storvscandmkinitrd. If the parameters are missing, add them. Otherwise the Kernel module for storage devices will not be loaded and the root file system will not be available.
2.1.3 Images for Use With Multiple Hypervisors #
If you build the images for SUSE OpenStack Cloud in SUSE Studio or SUSE Studio Onsite, they are compatible with multiple hypervisors by default—even if you may need to convert the resulting image formats before uploading them to OpenStack Image. See Procedure 2.1, “Converting Disk Images to Different Formats” for details.
If your image is not made in SUSE Studio or SUSE Studio Onsite, configure the image as follows to create an image that can be booted on KVM, Xen, and Hyper-V, for example:
- /etc/sysconfig/kernel
INITRD_MODULES="virtio_blk virtio_pci ata_piix ata_generic hv_storvsc"
The resulting disk device will be called
/dev/sdaon Hyper-V.- /boot/grub/menu.lst
To name the partition that should be booted, use:
root=UUID=...
To find the respective UUID value to use, execute the following command:
tune2fs -l /dev/sda2|grep UUID
- /etc/fstab
Do not use device names (
/dev/...), butUUID=...orLABEL=rootentries. For the latter, add the labelrootto the root file system of your image (in this case,/dev/sda2):tune2fs -L root /dev/sda2
- Disk Format
Use
*.qcow2as disk format for your image.- Image Properties in OpenStack Image
To upload the image to SUSE OpenStack Cloud only once and to use the same image for KVM, Xen, and Hyper-V, specify the following image options during or after upload:
--is-public=True --container-format=bare \ --property architecture=x86_64 \ --property vm_mode=hvm \ --disk-format=qcow2
2.2 Building Images with SUSE Studio #
When creating an appliance for SUSE OpenStack Cloud the following steps are essential:
In SUSE Studio or SUSE Studio Onsite, switch to the › tab.
Enable the check box.
On the tab, choose the respective appliance format. It mainly depends on the hypervisor on which you want to use the image—see Section 2.1.2, “Image Requirements Depending on Hypervisor”.
For more detailed information on how to build appliance images, refer to the SUSE Studio Onsite Quick Start or the SUSE Studio Onsite User Guide, available at http://www.suse.com/documentation/suse_studio/.
2.3 Image Properties #
Images have both contents and metadata; the latter are also called properties. The following properties can be attached to an image in SUSE OpenStack Cloud. Set them from the command line when uploading or modifying images.
Image Properties #
- Name (
--name, optional) Specifies a name with which the image will be listed in the SUSE OpenStack Cloud Dashboard and in the command line interface.
- Kernel ID (optional)
The image's kernel ID. This parameter is only needed if an external Kernel is associated with the image. The ID points to the Kernel glance image.
- Ramdisk ID (optional)
The image's ramdisk ID. This parameter is only needed if an external ramdisk is associated with the image. The ID points to the ramdisk glance image.
-
Container Format (
--container-format, optional) Indicates if the VM image's file format contains metadata about the actual virtual machine. Set it to
bareas the container format string is not currently used in any OpenStack components anyway. For details, refer to http://docs.openstack.org/developer/glance/formats.html.- Disk Format (
--disk-format, required) Specifies the image's disk format. Example formats include
raw,qcow2,ami,vhd, andvmdk. For details, refer to http://docs.openstack.org/developer/glance/formats.html.- Public (
--is-public, optional) Boolean value, default:
false. If set totrue, the image is publicly available.- Hypervisor Type (optional)
If your cloud consists of “mixed” hypervisor nodes (KVM, Xen, VMware, Hyper-V), specify at least the hypervisor type the image requires—otherwise it might be scheduled on an incompatible node. For example:
hypervisor_type=xen
Further examples are:
kvm,qemu,vmware,hyperv,xenapi, andpowervm.- Architecture (optional)
Specifies the architecture the image requires. For example:
architecture=x86_64
- VM Mode (optional)
Specify the hypervisor ABI (application binary interface) with the
vm_modeflag. At the moment, this is only useful for images on the Xen hypervisor. For Xen PV image import, usevm_mode=xen, for Xen HVM image import usevm_mode=hvm. For KVM, VMware, and Hyper-V the correct mode is selected automatically.
2.4 Uploading Images #
If you have created an image for
SUSE OpenStack Cloud/OpenStack/KVM with
SUSE Studio or with SUSE Studio Onsite 1.3, you can upload the image
directly as described in Procedure 2.2, “Uploading Disk Images to SUSE OpenStack Cloud”.
If you use Hyper-V, convert any qcow2 images
before uploading them to SUSE OpenStack Cloud.
Procedure 2.1: Converting Disk Images to Different Formats #
Make sure the
virt-utilspackage is installed on the machine used for conversion.Download the image from SUSE Studio.
To convert
qcow2tovhdimages, use the following command:qemu-img convert -O vpc CURRENT_IMAGE_FILE FINAL_IMAGE_FILE.vhd
Procedure 2.2: Uploading Disk Images to SUSE OpenStack Cloud #
Upload a disk image using the glance command line
tool that is contained in the package
python-glanceclient.
Images are owned by projects and can be private
(accessible to members of the particular project only) or
public (accessible to members of all
projects). Private images can also be explicitly shared with other
projects, so that members of those projects can access the images,
too. Any image uploaded to OpenStack Image will get an
owner attribute. By default, ownership is set to the
primary project of the user that uploads the image.
Set or modify hypervisor-specific properties with the
--property key=value
option. This can be done directly during image upload (as shown in the
examples below). To change the properties after image upload, refer to
Procedure 2.3, “Modifying Image Properties”.
In a shell, source the OpenStack RC file for the project that you want to upload an image to. For details, refer to http://docs.openstack.org/user-guide/common/cli_set_environment_variables_using_openstack_rc.html.
Upload the image using
glance image-create. Find some example commands for different hypervisors below:For KVM:
glance image-create --name="IMAGE_NAME" --progress \ --is-public=True --container-format=bare \ --property architecture=x86_64 \ --property hypervisor_type=kvm \ --disk-format=qcow2 < PATH_TO_FINAL_IMAGE_FILE.qcow2
For Xen:
glance image-create --name="IMAGE_NAME" --progress \ --is-public=True --container-format=bare \ --property architecture=x86_64 \ --property hypervisor_type=xen \ --property vm_mode=xen \ --disk-format=qcow2 < PATH_TO_FINAL_IMAGE_FILE.qcow2
Note: Value of
vm_modeFor Xen PV image import, use
vm_mode=xen, for Xen HVM image import usevm_mode=hvm.For Hyper-V:
glance image-create --name="IMAGE_NAME" --progress \ --is-public=True --container-format=bare \ --property architecture=x86_64 \ --property hypervisor_type=hyperv \ --property vm_mode=hvm \ --disk-format=vhd < PATH_TO_FINAL_IMAGE_FILE.vhd
For VMware:
glance image-create --name="IMAGE_NAME" --progress \ --is-public=true --container-format=bare \ --property vmware_adaptertype="lsiLogic" \ --property vmware_disktype="preallocated" \ --property hypervisor_type=vmware \ --disk-format=vmdk --file PATH_TO_FINAL_IMAGE_FILE.vmdk
Note: Value of
vmware_disktypeDepending on which disk type you use, adjust the value of
vmware_disktypeaccordingly. For an overview of which values to use, refer to http://docs.openstack.org/liberty/config-reference/content/vmware.html, Table 2.8. OpenStack Image Service disk type settings.For Docker:
Find an image in the Docker registry you want to use and save it locally with
docker pull IMAGE_NAME, where IMAGE_NAME is the name of the image in the Docker registry. The same name needs to be used with the--nameparameter when uploading the image with the following command:docker save IMAGE_NAME | glance image-create \ --is-public=true --property hypervisor_type=docker \ --container-format=docker --disk-format=raw --name "IMAGE_NAME"
Important: Docker Images Need to Run a Long-Living Process
Docker instances will only be able to spawn successfully, when running a long-living process, for example
sshd. Such a process can be configured with CMD or ENTRYPOINT in theDocker.Alternatively, such a process can be specified on the command line with the
glance imagepropertyos_command_line.glance image-update --property os_command_line='/usr/sbin/sshd -D' \ IMAGE_ID
If the image upload has been successful, a message appears, displaying the ID that has been assigned to the image.
Note: Updating Images
After having uploaded an image to SUSE OpenStack Cloud, the image contents cannot be modified—only the image's metadata, see Procedure 2.3. To update image contents, you need to delete the current image and upload a modified version of the image. You can also launch an instance from the respective image, change it, create a snapshot of the instance and use the snapshot as a new image.
2.5 Modifying Image Properties #
Set or modify hypervisor-specific properties with the
--property key=value
option. This can be done directly during image upload (see
Procedure 2.2) or
after the image has been uploaded (as described below).
Procedure 2.3: Modifying Image Properties #
In a shell, source the OpenStack RC file for the project that you want to upload an image to. For details, refer to http://docs.openstack.org/user-guide/common/cli_set_environment_variables_using_openstack_rc.html.
If you do not know the ID or the exact name of the image whose properties you want to modify, look it up with:
glance image-list
Use the
glance image-updatecommand to set the properties for architecture, hypervisor type, and virtual machine mode. In the following, find some examples with properties for different hypervisors:For KVM:
glance image-update IMAGE_ID_OR_NAME \ --property architecture=x86_64 \ --property hypervisor_type=kvm
For Xen:
glance image-update IMAGE_ID_OR_NAME \ --property architecture=x86_64 \ --property hypervisor_type=xen \ --property vm_mode=xen
Note: Value of
vm_modeFor Xen PV image import, use
vm_mode=xen, for Xen HVM image import usevm_mode=hvm.For VMware:
glance image-update IMAGE_ID_OR_NAME \ --property vmware_adaptertype="lsiLogic" \ --property vmware_disktype="preallocated" \ --property hypervisor_type=vmware
Note: Value of
vmware_disktypeDepending on which disk type you use, adjust the value of
vmware_disktypeaccordingly. For an overview of which values to use, refer to http://docs.openstack.org/liberty/config-reference/content/vmware.html, Table 2.8. OpenStack Image Service disk type settings.For Hyper-V:
glance image-update IMAGE_ID_OR_NAME \ --property architecture=x86_64 \ --property hypervisor_type=hyperv \ --property vm_mode=hvm
For more information about the architecture,
hypervisor_type, and
vm_mode properties, refer to
http://docs.openstack.org/image-guide/content/image-metadata.html.
2.6 Viewing Images and Image Properties, Deleting Images #
In the following, find some examples on how to view images or image properties or how to remove images from OpenStack Image.
- Listing Images
glance image-list
Lists ID, name, disk format, and container format for all images in Image that the current user can access.
- Showing Metadata for a Particular Image
glance image-show IMAGE_ID_OR_NAME
Shows metadata of the specified image.
- Removing Image Properties
glance image-update IMAGE_ID_OR_NAME --purge-props
- Deleting an Image
glance image-delete IMAGE_ID_OR_NAME
Removes the specified image from OpenStack Image.
2.7 Viewing and Modifying Membership of Private Images #
In the following, find some examples on how to view or modify membership of private images:
- Listing Members a Private Image is Shared With
glance member-list --image-id IMAGE_ID
Lists the IDs of the projects whose members have access to the private image.
- Listing Private Images Shared With a Member
glance member-list --tenant-id PROJECT_ID
Lists the IDs of private images that members of the specified project can access.
- Granting Members Access to a Private Image
glance member-create [--can-share] IMAGE_ID_OR_NAME PROJECT_ID_OR_NAME
Grants the specified member access to the specified private image.
By adding the
--can-shareoption, you can allow the members to further share the image.- Revoking Member Access to a Private Image
glance member-delete IMAGE_ID_OR_NAME PROJECT_ID_OR_NAME
Revokes the access of the specified member to the specified private image.