Templating Debian GNU/Linux (2/2)

In the previous article (Templating Debian GNU/Linux (1/2) I gave an overview about steps which should be taken in preparation of creating a VM template (dehydration), steps required after deployment of a VM template (rehydration) and the idea of applying customizations using the OVF environment. This article shows how to use ovfdep to support the VM template life-cycle on the VMware vSphere virtualization platform.

The dehydration/rehydration steps works on any virtualization platform, too. The same approach could be applied on mass-deployment of physical systems - the ovfdep package does not rely on any virtualization for the dehydration/rehydration steps. Although the OVF environment is part of the independant OVF fileformat it seems to be implemented by VMware only.

Dehydration

With the following steps the VM is prepared to be bundled up:

Switch to single mode:

root@newtemplate:~# telinit 1
INIT: Switching to runlevel: 1
INIT: Sending processes the TERM signal
[info] Using makefile-style concurrent boot in runlevel 1.
[ ok ] Stopping deferred execution scheduler: atd.
[ ok ] Stopping MTA: exim4_listener.
[ ok ] Stopping enhanced syslogd: rsyslogd.
[....] Asking all remaining processes to terminate...acpid: exiting
done.
[ ok ] All processes ended within 1 seconds....done.
INIT: Going single user
INIT: Sending processes the TERM signal
INIT: Sending processes the KILL signal
Give root password for maintenance
(or type Control-D to continue):
root@newtemplate:~#

Call ovfdep cleanup to drop unwanted stuff:

root@newtemplate:~# ovfdep cleanup
Removing root's password...
passwd: password expiry information changed.
Removing openssh-server's host keys...
removed `/etc/ssh/ssh_host_dsa_key'
removed `/etc/ssh/ssh_host_dsa_key.pub'
removed `/etc/ssh/ssh_host_ecdsa_key'
removed `/etc/ssh/ssh_host_ecdsa_key.pub'
removed `/etc/ssh/ssh_host_rsa_key'
removed `/etc/ssh/ssh_host_rsa_key.pub'
Clean up apt cache...
removed `/var/cache/apt/archives/dpkg_1.16.15_amd64.deb'
removed `/var/cache/apt/archives/dselect_1.16.15_amd64.deb'
removed `/var/cache/apt/archives/lock'
Clean up ntp...
removed `/var/lib/ntp/ntp.drift'
removed `/var/lib/ntp/ntp.conf.dhcp'
Clean up .bash_history...
removed `/root/.bash_history'
Clean up dhcp leases...
Clean up /var/mail...
Clean up udev rules...
removed `/etc/udev/rules.d/70-persistent-cd.rules'
Clean up urandom seed...
removed `/var/lib/urandom/random-seed'
Clean up .cache...
Clean up backups...
removed `/var/backups/apt.extended_states.0'
removed `/var/backups/aptitude.pkgstates.0'
removed `/var/backups/dpkg.status.0'
removed `/var/backups/group.bak'
removed `/var/backups/gshadow.bak'
removed `/var/backups/passwd.bak'
removed `/var/backups/shadow.bak'
removed `/etc/shadow-'
Clean up /var/log...
root@newtemplate:~#

Finally clear bash’s history buffer and shutdown:

root@newtemplate:~# history -c
root@newtemplate:~# halt
INIT: Switching to runlevel: 0
INIT: Sending processes the TERM signal
INIT: Sending processes the KILL signal

Now the VM template is ready for exporting and deployment in other environments.

Rehydration

After deployment and initial boot of the template the VM is prepared for the new environment:

INIT: Entering runlevel: 2
[info] Using makefile-style concurrent boot in runlevel 2.

ROOT PASSWORD IS REQUIRED TO BE SET!

Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Configuring openssh-server...
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Creating SSH2 ECDSA key; this may take some time ...
[ ok ] Restarting OpenBSD Secure Shell server: sshd.
[ ok ] Starting enhanced syslogd: rsyslogd.
[ ok ] Starting deferred execution scheduler: atd.
[ ok ] Starting ACPI services....
[ ok ] Starting periodic command scheduler: cron.
[ ok ] Starting MTA: exim4.
[ ok ] Starting NTP server: ntpd.
[ ok ] Starting OpenBSD Secure Shell server: sshd.

Debian GNU/Linux 7 template tty1

template login:

See also


Comments !