linux_wiki:os_install_vm_template

This is an old revision of the document!


OS Install: VM Template

General Information

Creating a VM template “golden image” for Linux.

Checklist

  • Distro(s): Enterprise Linux 6 or 7
  • Other: VMware ESXi 5+

Create the Virtual Machine

  • Create a new virtual machine.
    • Virtual Hardware:
      • Enable CPU → CPU Hot Plug → check “Enable CPU Hot Add” (Allows you to add CPUs to a VM while running)
      • Enable Memory → Memory Hot Plug → check “Enable” (Allows you to add Memory to a VM while running)
  • Install the EL OS.
    • If the screen resolution is too small
      • Press “TAB” on the “Install CentOS..” to edit the boot options
      • Add the following to the boot line, which will use a 1024×768 resolution
        vga=791

Red Hat Recommendations

LVM provides a very flexible partitioning layout. The goal is to create a small disk footprint and allow elastic growing for partitions depending upon the type of server being deployed.

  • Disk Total Size: 20 GB
    • /boot = 512 MB
    • LVM = 19.5 GB
      • swap = 4 GB
      • / = 4 GB
      • /home = 2 GB
      • /tmp = 2 GB
      • /var = 4 GB
    • LVM Allocated: 16 GB
    • LVM Free: 3.5 GB (Available for minor partition expansion)

NOTE: Contrary to a lot of online documentation, it is a BAD idea to put /usr on a separate partition. Especially with CentOS 7.2 (which symlinks /bin, /lib, and /sbin into /usr/{bin,lib,sbin} respectively), there are important files in /usr that should be mounted along with /.


After a CentOS 6.7 minimal install, the disk usage with that partitioning looks like this:
TODO - SCREENSHOT

After a CentOS 7.2 minimal install, the disk usage with that partitioning looks like this:
TODO - SCREENSHOT


System Configuration

Modify the OS with changes you want to be included on ALL systems. They should be server role generic.


The following are some useful post install configuration done to a CentOS 6 minimal install.
All of the following will be included in the VM template. Keep it server role generic.

# System Update
yum update
 
# Extra system packages
yum -y install bash-completion bind-utils dmidecode iotop lsof mailx man mlocate nc nfs-utils openssh-clients rsync tcpdump vim-enhanced wget
 
# Install VMware Tools
See: https://www.owlbearconsulting.com/doku.php?id=linux_wiki:vmware_tools
 
# Disable SELinux (/etc/sysconfig/selinux SHOULD be a symlink to first original file)
sed -i "s/^SELINUX=.*/SELINUX=disabled/" /etc/selinux/config
sed -i "s/^SELINUX=.*/SELINUX=disabled/" /etc/sysconfig/selinux
 
# Reboot for selinux to not interfere with the rest of the config changes
shutdown -r now
 
# Remove Global Network Gateway
sed -i "/GATEWAY/d" /etc/sysconfig/network
 
# Grub Config => /boot/grub/grub.conf
timeout=3
removed 'hiddenmenu'
removed 'rhgb quiet' from kernel boot lines
 
# Root's bashrc (/root/.bashrc) => Red Prompt and service shortcut
PS1='\[\033[01;31m\]\u@\h \[\033[01;31m\]\W $ \[\033[00m\]'
 
#service shortcut
alias sv='service'
 
# Reboot and verify all changes persistent
shutdown -r now

Proceed to “CentOS 6: VM Cleanup” before creating template.


Perform any other customizations/installs prior to the following steps.

# Cleanup => Remove ssh host keys (so each deployed VM has a different fingerprint)
rm -f /etc/ssh/ssh_host_*
 
# Cleanup => Remove persistent rules and network hw address - prevents eth0 from incrementing
rm -f /etc/udev/rules.d/70-persistent-*
sed -i "/HWADDR/d" /etc/sysconfig/network-scripts/ifcfg-eth0
sed -i "/UUID/d" /etc/sysconfig/network-scripts/ifcfg-eth0
 
# Cleanup => Remove some of root's files
rm -f /root/anaconda-ks.cfg /root/install.log*
 
# Cleanup => remove tmp files
rm -rf /tmp/*
 
# Cleanup => stop auditd from logging, remove log files
# Stop any other service that actively logs to sub directories of /var/log
# Recommended to install sysstat (sar) during a post deployment phase.
service auditd stop
rm -rf /var/log/*
mkdir /var/log/audit
 
# Update locate's database
updatedb
 
# Clear history and shutdown for template cloning
history -c && history -w
shutdown -P now
  • Create a VM Template from the powered off system.

The following are some useful post install configuration done to a CentOS 7 minimal install.
All of the following will be included in the VM template. Keep it server role generic.

# System Update
yum update
 
# Extra system packages (dmidecode,man,openssh-clients installed by default)
yum -y install bash-completion bind-utils iotop lsof mailx mlocate nfs-utils open-vm-tools perl rsync tcpdump vim-enhanced wget
 
# Update man pages
mandb
 
# Install VMware Tools (open-vm-tools included in CentOS 7 base repo) - Installed above
 
# Disable SELinux (/etc/sysconfig/selinux SHOULD be a symlink to first original file)
sed -i "s/^SELINUX=.*/SELINUX=disabled/" /etc/selinux/config
sed -i "s/^SELINUX=.*/SELINUX=disabled/" /etc/sysconfig/selinux
 
# Reboot for selinux to not interfere with the rest of the config changes
shutdown -r now
 
# Grub Config => kernel options and change network interface names back to legacy
vim /etc/default/grub
 
timeout=3
#removed 'rhgb quiet' from kernel boot lines ("GRUB_CMDLINE_LINUX")
#append the 'net.ifnames=0 biosdevname=0' to GRUB_CMDLINE_LINUX:
GRUB_CMDLINE_LINUX="rd.lvm.lv=vglocal/lvswap rd.lvm.lv=vglocal/lvroot net.ifnames=0 biosdevname=0"
 
#generate new grub2 boot file
grub2-mkconfig -o /boot/grub2/grub.cfg
 
# Change network interface back to legacy scheme (continued)
mv /etc/sysconfig/network-scripts/ifcfg-en0XXXX /etc/sysconfig/network-scripts/ifcfg-eth0
 
vim /etc/sysconfig/network-scripts/ifcfg-eth0
 
Name="eth0"
Device="eth0"
#removed UUID
 
systemctl restart NetworkManager
 
# Root's bashrc (/root/.bashrc) => Red Prompt and systemctl shortcut
 
# systemctl shortcut
alias sc='systemctl'
 
# Turn root's prompt red
PS1='\[\033[01;31m\]\u@\h \[\033[01;31m\]\W $ \[\033[00m\]'
 
# Disable NetworkManager for old style network scripts
vim /etc/sysconfig/network-scripts/ifcfg-eth0
 
NM_CONTROLLED="no"
PEERDNS="no"
IPV6_PEERDNS="no"
 
systemctl stop NetworkManager
systemctl disable NetworkManager
systemctl mask NetworkManager
systemctl start network
systemctl enable network
 
# Reboot and verify all changes persistent
shutdown -r now

Proceed to “CentOS 7: VM Cleanup” before creating template.


Perform any other customizations/installs prior to the following steps.

# Cleanup => Remove ssh host keys (so each deployed VM has a different fingerprint)
rm -f /etc/ssh/ssh_host_*
 
# Cleanup => Remove network hw address - prevents eth0 from incrementing
sed -i "/HWADDR/d" /etc/sysconfig/network-scripts/ifcfg-eth0
sed -i "/UUID/d" /etc/sysconfig/network-scripts/ifcfg-eth0
 
# Cleanup => Remove some of root's files
rm -f /root/anaconda-ks.cfg /root/install.log*
 
# Cleanup => remove tmp files
rm -rf /tmp/*
 
# Cleanup => stop auditd from logging, remove log files
# Stop any other service that actively logs to sub directories of /var/log
# Recommended to install sysstat (sar) during a post deployment phase.
systemctl stop auditd
rm -rf /var/log/*
mkdir {/var/log/audit,/var/log/chrony,/var/log/tuned}
touch /var/log/spooler && chmod 600 /var/log/spooler
 
# Update locate's database
updatedb
 
# Clear history and shutdown for template cloning
history -c && history -w
shutdown -P now
  • Create a VM Template from the powered off system.

Add/Expand Storage

After deploying a VM from the template, you may need to expand storage on one of the partitions.

  1. Add an additional hard disk to the VM. (Either from initial deployment or hot add to the VM)
  2. Verify disk device name to use:
    fdisk -l
  3. Create a new partition on the disk and format it as a “8e” (Linux LVM) type
    1. fdisk /dev/sdb
      1. Command: n
      2. Command action (primary partition): p
      3. Partition number: 1
      4. First cylinder: enter for default of the first
      5. Last cylinder: enter for default of the last
      6. Command: t
      7. Selected partition 1 (message displayed when only 1 partition exists)
      8. Hex code: 8e (for LVM)
      9. Command: w
  4. Create a LVM physical disk from the partition
    pvcreate /dev/sdb1
  5. Add the new physical disk to the existing volume group
    vgextend vglocal /dev/sdb1
  6. Extend the logical volume that needs the space (/home will be used in this example)
    1. Option 1 (Preferred): Move the physical extents of the logical volume to the new disk, so all of it resides on the same VMDK, and then use all of that new disk's space.
      • This method is preferred because there is a performance hit when a partition spans VMDKs
        pvmove --name lvhome /dev/sda2 /dev/sdb1
        lvextend --resizefs /dev/mapper/vglocal-lvhome /dev/sdb1
    2. Option 2: Give the logical volume all of the space from the newly added physical volume
      lvextend --resizefs --extents +100%PVS /dev/mapper/vglocal-lvhome /dev/sdb1
    3. Option 3: Give the logical volume a specific amount of additional free space from a specific physical volume
      lvextend --resizefs --size +10G /dev/mapper/vglocal-lvhome /dev/sdb1
    4. Option 4: Give the logical volume all of the free space available to the volume group (potentially across multiple physical disks)
      lvextend --resizefs --extents +100%FREE /dev/mapper/vglocal-lvhome
  7. Verify LVM Allocation
    1. Logical Volume:
      lvs
    2. Volume Group:
      vgs
    3. Physical Volumes:
      pvs
  8. Grow the file system (Not required if you used “–resizefs” during lvextend)
    1. Ext2/3/4
      resize2fs /dev/mapper/vglocal-lvhome
    2. XFS
      xfs_growfs /dev/mapper/vglocal-lvhome
  9. Verify filesystem space
    df -h

  • linux_wiki/os_install_vm_template.1475114729.txt.gz
  • Last modified: 2019/05/25 23:50
  • (external edit)