Revision 9 as of 2007-11-26 12:24:37

Clear message

UbuntuRelease: JeOS 7.10 (Gutsy Gibbon)

Introduction

This page is a work in progress which aims at documenting how to create virtual appliance using JeOS.

Initial setup

At this point in time, JeOS is meant to run under VMWare Server or WMWare ESX and may not work under other virtualization technologies yet. It is assumed in this tutorial that you have already installed a VMWare environment.

Download JeOS

The latest version of JeOS iso image can be downloaded from [http://cdimage.ubuntu.com/jeos/releases/].

wget http://cdimage.ubuntu.com/jeos/releases/7.10/release/ubuntu-7.10-jeos-i386.iso

It is always a good idea to verify the md5 sum of the downloaded file by comparing the content of [http://cdimage.ubuntu.com/jeos/releases/7.10/release/MD5SUMS] with the result of

md5sum ubuntu-7.10-jeos-i386.iso

If the values are not the same, you should try to reload the file again.

Installation of JeOS

Installation of JeOS is done the same way you would install any other OS in VMWare, but here are a few thing to consider:

  • Please note that in order to reduce the size of JeOS to a minimum SCSI drivers have not been included in the JeOS kernel. Please make sure that you instruct VMWare to use IDE drive instead.

  • If you plan on shipping a virtual appliance, do not assume that the end-user will know how to extend disk size to fit their need, so either plan for a large virtual disk to allow for your appliance to grow, or explain fairly well in your documentation how to allocate more space.
  • Given that RAM is much easier to allocate in a VM, RAM size should be set to whatever you think is a safe minimum for your appliance.
  • LVM setup, even though it is proposed in the installer, does not work at this time, so if LVM is needed, it will have to be set-up later on.

Defining the VMWare machine

attachment:IDE.png

The following example is based on using VMWare server:

  1. Create a new virtual machine.
  2. Click next.

  3. Select Custom configuration, click next.

  4. Select Linux, pick Ubuntu in the version drop down menu, click next.

  5. Pick a name for your virtual appliance (use something that makes sense for your product), click next.
  6. Pick one processor (always default to the lowest configuration you think your users may have), click next.
  7. Letting the machine be private is a good secure basis, click next.
  8. Pick the minimum RAM you think your appliance will need (this can be changed easily by the user later on). Click next.
  9. Bridged networking might seem a sensible default to simplify user set-up later on, click next.

  10. Do not use default SCSI at this point, use IDE, as SCSI drivers are not included in the kernel (see screenshot on the right). Click next.

  11. Pick a disk size that makes sense for your virtual appliance. A minimum of 8G seems reasonable, particularly if you do not pick allocate disk space now. Split the disk into 2Gb files makes sense if you want to allow storage on FAT volumes. Click next.

  12. Pick where you want to store the disk image, click Finish.

JeOS installation parameters

Once your machine has been defined, you need to start it, but before you do that you need to tell it to boot from the iso image you downloaded earlier. The installer for JeOS is very similar to the Ubuntu Server Installer, but as we are preparing a virtual appliance, there are a few steps that we want to change from a regular install.

Assigning a fixed IP address

As a virtual appliance that may be deployed on various very different networks, it is very difficult to know what the actual network will look like. In order to simplify configuration, it is a good idea to take an approach similar to what network hardware vendors usually do, namely assigning an initial fixed IP address to the appliance in a private class network that you will provide in your documentation. An address in the range 192.168.0.0/255 is usually a good choice.

When you arrive at the screen Configure your network asking you to provide a hostname for this machine:

  • press escape to access the network configuration menu

  • select Configure network manually in the next screen

  • Enter a fixed IP address and other network information in the subsequent screen.
  • once this is done, the installer will continue to its next steps automatically

Partitioning

Partitioning of the virtual appliance will have to take into consideration what you are planning to do with is. As stated before, do not pick one of the LVM choice as it will fail, LVM not being provided by default on JeOS at this time. Because most appliances will run as server, using separate /home, /usr, /var and /tmp partition would make sense.

User and password

Again setting up a virtual appliance, you will need to provide a default user and password that is generic so that you can include it in your documentation. We will see later on in this tutorial how we will provide some security by defining a script that will be run the first time a user actually logs in the appliance, that will, among other things, ask him to change his password. In this example I will use 'user' as my user name, and 'default' as the password.

Preparing the OS

Once we are done with the initial installation of JeOS and our virtual machine is now waiting with a login prompt, we now have to prepare our operating to accommodate our application. It is generally a good time to make a snapshot of your clean VMWare imge, so that if a mistake is made later on, it will be possible to revert to a blank page without having to reinstall everything.

In this example we will be installing a very simple application consisting of a web page that accesses a mysql database. We will therefore require our OS to provide us with :

  • Apache
  • PHP
  • MySQL

which is in the end a basic LAMP stack that we will conveniently pull in one single step using the tasksel command:

sudo tasksel install lamp-server

Note that at this point we could easily install any additional packages that we might need using, for example, the aptitude command.

Once we are done installing our base packages, it is another good time to do a snapshot our virtual machine. We also can save the intermediary steps by doing a full copy of the virtual machine by issuing the following command on our host after powering it down (you will have to adapt it to your particular environment) :

cp -rf /var/lib/vmware/Virtual\ Machines/JeOS /var/lib/vmware/Virtual\ Machines/JeOS-basePackages/

Security considerations

OpenSSH

Another convenient tool that we want to have on our appliance is OpenSSH, as it will provide our admins to access to access the appliance remotely. However, pushing in the wild an appliance with a pre-installed OpenSSH server is a big security risk as all these server will share the same secret key, making it very easy for hackers to target our appliance with all the tools they need to crack it open in a breeze. As for the user password, we will instead rely on a script that will install OpenSSH the first time a user logs in so that the key generated will be different for each appliance.

However, it might be simpler during the setup to access our appliance using ssh, so we still install it at this time, but we will need to make sure that fully removed by the time we ship our appliance, which is described in the last part of this tutorial. To install it, simply run:

sudo tasksel install openssh-server

MySQL

When we ran tasksel to install the lamp-server, the only question we were asked was to provide a default password for MySQL. It would not be wise to have all our deployed appliances to use the same password, so we will have to have it changed as well the first time a user logs in our appliance.

Installing and maintaining our application

Preparing first user boot

* openssh * mysql * apache-ssl

Cleaning before shipping

CategoryDocumentation