User:Tsu2/chroot-nspawn-OpenStack

Deploying OpenStack Folsom on openSUSE 12.3 using a chroot

z Important Update!

Pre-Introduction

If you are viewing this as a Machine Translated page, be aware that the content may be modified in unexpected ways. Although a Machine Translated version can be helpful, do keep the original English language version available as the reliable original text. In particular, console commands will depend on your configured system language and repo URI likely need to be in English. Use Machine Translation at your own Risk!

Introduction

Among other reasons, installing a chroot has a major advantage... When testing or deploying virtualization, creating a virtual machine within another virtual machine can be dog slow. Since chroot creates a mostly isolated OS on hardware without paravirtualization, this removes a virtualization layer so the result is fast and responsive as expected.

This Guide assumes that the User is new to chroot and has never set up one before. This Guide also includes current (updated) information on the Folsom repositories, how to install the Folsom pattern and implementing with systemd-nspawn (recommended).

If you arrived on this page only to setup and not deploy OpenStack, you only need to follow steps 1-3.

The console naming convention used in this Guide,
A single hash(#) indicates using the Host console,
"openstack:~#" indicates using the chroot console.

1. Setting up the chroot

Create chroot Base filesystem(so can be replicated, is a Best Practice so you don't have to always re-create new root file systems), in this example, called "base." Many guides recommend creating your chroots in /var, but because I personally categorize these chroots as Development Environments I prefer to deploy them in my data partition (/home). Regardless where you place your chroot file systems, there must be plenty of available space, minimum 150MB for the base, maybe 1 GB and much more for each additional chroot file system. Currently, a complete openSUSE Folsom file system at the end of this Guide is approx 750MB before further customization. Copying "resolv.conf" enables your chroot to resolve URI/URL names.

# mkdir /home/<username>/chroots/base<br />
# zypper --root /home/<username>/chroots/base zypper in zypper wget vi rpm <br />
# cp /etc/resolv.conf base/etc/

For those new to chroot,

This will create the basis for a new openSUSE isolated file system to be run within your Host creating necessary mount points but without populating /proc, /sys and /dev

This is your most basic portable file system, if you wish you can further install new packages or chroot into the system(described next) and modify if you wish.

2. Chrooting into the file system

At this point, you have 3 basic options (maybe more, am investigating whether UML, QEMU, and the other fully virtualized technologies like KVM, VMware, Virtualbox and others can use this file system)

- chroot The traditional way to "change root" into a virtual file system. By default security is minimal, only the file system is restrictive but the jail can be escaped. Since /proc and /sys are not populated by default, the first time you run on a new system you need to bind mount the mount points. Should be fine for running trusted applications
- systemd-nspawn With systemd 195(openSUSE 12.3 and later), this new method will automatically mount and populate /proc and /sys providing a somewhat more isolated virtualization than Traditional Chroot. Also, by launching as a systemd Unit and unlike a traditional chroot, the child processes spawned theoretically should be managed within a Linux cgroup which means that they should all shutdown properly when exiting.
- lxc The most secure, isolated method which also supports select virtualized services like networking

chroot

# mount --bind /proc /home/<username>/chroots/openstack/proc/
# mount --bind /sys /home/<username>/chroots/openstack/sys/
# chroot ~/chroots/openstack

When you want to exit

openstack#:exit

Perhaps a good idea to verify no running chroot processes

# umount /home/<username>/chroots/openstack/proc/
# umount /home/<username>/chroots/openstack/sys/

systemd-nspawn

(Recommended!)

# systemd-nspawn -D /home/<username>/chroots/openstack

When you want to exit

openstack#: exit

lxc

- Not covered in this Guide

3. Basic recommended modiifications

You'll want to install and regularly update your new file system, right? So add the Oss and Update repositories. Although you can do this from "outside" the chroot, let's do this from within to also test how zypper is running in the chroot

openstack:~# zypper ar http://download.opensuse.org/distribution/12.3/repo/oss/ openSUSE-12.3-Oss
openstack:~# zypper ar http://download.opensuse.org/update/12.3/ openSUSE-12.3-Update

Verify your repo list

openstack:~# zypper lr

Test your repos by updating all the packages in your new system

openstack:~# zypper ref
openstack:~# zypper up

4. Preserve your template, work on a Copy

When you are satisfied with your base system(install any additional packages you may want), copy it so you now have a new working directory.

# cp -r /home/<username>/chroots/base /home/<username>/chroots/openstack

5. Setting up OpenStack on 12.3

Currently Folsom is the approved stable release for openSUSE 12.3. If you're runnining on 12.2, Essex is the approved OpenStack release and you likely had to chroot because systemd-nspawn wasn't/isn't available.

Curiously, although running zypper from within the chroot works to install many packages, installing the OpenStack packages failed. So, I installed Folsom from the Host (outside the chroot).

Assuming you're now logged into your OpenStack (you should see openstack at the console prompt instead of your usual Host directory location), open a second console on the Host

First, although you won't be able to install new packages into the chroot from within you'll still want the repo installed for updating

openstack:~# zypper ar http://download.opensuse.org/repositories/Cloud:/OpenStack:/Folsom/openSUSE_12.3/ Cloud_OpenStack_Folsom

From your Host console, Add the Folsom repository

# zypper ar http://download.opensuse.org/repositories/Cloud:/OpenStack:/Folsom/openSUSE_12.3/ Cloud_OpenStack_Folsom

Refresh your local package database including the repo you just added

# zypper ref

Let's see what new OpenStack packages are now available,

# zypper se openstack

As you will see the OpenStack "patterns" isn't invoked the usual way with the "-t pattern" flag, it's implemented as a regular package. So, the following will download and install the recommended packages to deploy entirely on a single node, complete with the Quickstart script. But there's a gotcha! I found that libvirt and various other packages wouldn't install properly from within the chroot, So, the solution is to install from outside the chroot.

Open a new console on the Host (You don't have to close the chroot console, you can run both side by side). From the Host console,

# zypper --root  /home/<username>/chroots/openstack/ in patterns-openstack-controller patterns-openstack-compute-node openstack-quickstart

Now, from within the chroot console you can verify the new installed packages

openstack#:~# zypper se openstack

And run the demosetup script to complete the Test setup

openstack#:~# /usr/sbin/openstack-quickstart-demosetup

Play on!

Additional Notes:

If you are running a previous version of openSUSE (eg openSUSE 12.2), although untested the above instructions should work by replacing "Folsom" with "Essex" and using traditional chroot.

It's unknown as of yet how "Grizzly" which is currently in "Build Beta" status will be implemented, this document will be updated when officially released.