OpenStack Trove disk-image-builder

The documentation for this process absolutely sucks.. and the fact that no ones updated it (shame on me for even saying that about an opensource project that i can push a branch to…) is pitiful. So.. here’s some useful info for completing an image!

Useful post:
1: https://docs.openstack.org/trove/latest/admin/building_guest_images.html
2: https://ask.openstack.org/en/question/95078/how-do-i-build-a-trove-image/

yum install epel-release git -y
git clone https://git.openstack.org/openstack/diskimage-builder
yum install python2-pip
pip install -r requirements.txt
python setup.py install

Now we clone the trove git repo and add the extra elements as a environment variable.

git clone https://github.com/openstack/trove.git

# Guest Image to be used
export DISTRO=fedora
export DISTRO_VERSION=fedora-minimal
# Guest database to be provisioned
export SERVICE_TYPE=mariadb
export HOST_USERNAME=root
export HOST_SCP_USERNAME=root
export GUEST_USERNAME=trove
export CONTROLLER_IP=controller
export TROVESTACK_SCRIPTS="/root/trove/integration/scripts"
export PATH_TROVE="/opt/trove"
export ESCAPED_PATH_TROVE=$(echo $PATH_TROVE | sed 's/\//\\\//g')
export GUEST_LOGDIR="/var/log/trove"
export ESCAPED_GUEST_LOGDIR=$(echo $GUEST_LOGDIR | sed 's/\//\\\//g')

#path to the ssh keys you want installed on the guest.
export SSH_DIR=~/trove-image/sshkeys/

export DIB_CLOUD_INIT_DATASOURCES="ConfigDrive"
# DATASTORE_PKG_LOCATION defines the location from where the datastore packages can be accessed by the DIB elements. This is applicable only for datastores that do not have a public repository from where their packages can be accessed. This can either be a url to a private repository or a location on the local filesystem that contains the datastore packages.
export DATASTORE_PKG_LOCATION=~/trove-image
export ELEMENTS_PATH=$TROVESTACK_SCRIPTS/files/elements
export DIB_APT_CONF_DIR=/etc/apt/apt.conf.d
export DIB_CLOUD_INIT_ETC_HOSTS=true
#WTF Is this?
#local QEMU_IMG_OPTIONS="--qemu-img-options compat=1.1"

#build the disk image in our home dir.
disk-image-create -a amd64 -o ~/trove-${DISTRO_VERSION}-${SERIVCE_TYPE}.qcow2 -x ${DISTRO_VERSION} ${DISTRO}-guest vm cloud-init-datasources ${DISTRO}-${SERVICE_TYPE}

Your own CentOS 7 SSL CA

Create your CA keys and install them.

mkdir ~/newca
cd ~/newca
openssl genrsa -des3 -out myCA.key 4096
openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out myCA.pem
cp myCA.key /etc/pki/CA/private/cakey.pem
cp myCA.pem /etc/pki/CA/cacert.pem
touch /etc/pki/CA/index.txt
echo '1000' > /etc/pki/CA/serial

Create a certificate request and sign it.

openssl req -newkey rsa:2048 -nodes -keyout client.key -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" -out client.csr
openssl ca -in client.csr -days 1000 -out client-.pem

Building Octavia Images with CentOS 7 and Haproxy

Do this in your python virtual env

pip install diskimage-builder
git clone https://github.com/openstack/octavia.git
cd octavia/diskimage-create/
./diskimage-create.sh -b haproxy -a amd64 -o amphora-x64-haproxy -t qcow2 -s 3 -i centos
openstack image create --tag amphora --container-format bare --disk-format qcow2 --file amphora-x64-haproxy.qcow2 Amphora-CentOS7-x64-Haproxy

#Or update an existing image with the tag
glance image-tag-update e4af2c6c-f7fd-4b45-a512-145282236044 amphora