11.2. Sealing Virtual Machines in Preparation for Deployment as Templates

⁠11.2. Sealing Virtual Machines in Preparation for Deployment as Templates

11.2.1. Sealing a Linux Virtual Machine for Deployment as a Template
11.2.2. Sealing a Windows Virtual Machine for Deployment as a Template
11.2.3. Using Cloud-Init to Automate the Configuration of Virtual Machines

This section describes procedures for sealing Linux virtual machines and Windows virtual machines. Sealing is the process of removing all system-specific details from a virtual machine before creating a template based on that virtual machine. Sealing is necessary to prevent the same details from appearing on multiple virtual machines created based on the same template. It is also necessary to ensure the functionality of other features, such as predictable vNIC order.

⁠11.2.1. Sealing a Linux Virtual Machine for Deployment as a Template

There are two main methods for sealing a Linux virtual machine in preparation for using that virtual machine to create a template: manually, or using the sys-unconfig command. Sealing a Linux virtual machine manually requires you to create a file on the virtual machine that acts as a flag for initiating various configuration tasks the next time you start that virtual machine. The sys-unconfig command allows you to automate this process. However, both of these methods also require you to manually delete files on the virtual machine that are specific to that virtual machine or might cause conflicts amongst virtual machines created based on the template you will create based on that virtual machine. As such, both are valid methods for sealing a Linux virtual machine and will achieve the same result.

⁠11.2.1.1. Sealing a Linux Virtual Machine Manually for Deployment as a Template

Summary

You must generalize (seal) a Linux virtual machine before creating a template based on that virtual machine.

⁠

Procedure 11.1. Sealing a Linux Virtual Machine

Log in to the virtual machine.
Flag the system for re-configuration by running the following command as root:
```
# touch /.unconfigured
```
Run the following command to remove ssh host keys:
```
# rm -rf /etc/ssh/ssh_host_*
```
Set HOSTNAME=localhost.localdomain in /etc/sysconfig/network for Red Hat Enterprise Linux 6 or /etc/hostname for Red Hat Enterprise Linux 7.
Run the following command to remove /etc/udev/rules.d/70-*:
```
# rm -rf /etc/udev/rules.d/70-*
```
Remove the HWADDR line and UUID line from /etc/sysconfig/network-scripts/ifcfg-eth*.
Optionally, delete all the logs from /var/log and build logs from /root.
Run the following command to shut down the virtual machine:
```
# poweroff
```

Result

The virtual machine is sealed and can be made into a template. You can deploy Linux virtual machines from this template without experiencing configuration file conflicts.

Note

The steps provided are the minimum steps required to seal a Red Hat Enterprise Linux virtual machine for use as a template. Additional host and site-specific custom steps are available.

⁠11.2.1.2. Sealing a Linux Virtual Machine for Deployment as a Template using sys-unconfig

Summary

You must generalize (seal) a Linux virtual machine before creating a template based on that virtual machine.

⁠

Procedure 11.2. Sealing a Linux Virtual Machine using sys-unconfig

Log in to the virtual machine.
Run the following command to remove ssh host keys:
```
# rm -rf /etc/ssh/ssh_host_*
```
Set HOSTNAME=localhost.localdomain in /etc/sysconfig/network for Red Hat Enterprise Linux 6 or /etc/hostname for Red Hat Enterprise Linux 7.
Remove the HWADDR line and UUID line from /etc/sysconfig/network-scripts/ifcfg-eth*.
Optionally, delete all the logs from /var/log and build logs from /root.
Run the following command:
```
# sys-unconfig
```

Result

The virtual machine shuts down; it is now sealed and can be made into a template. You can deploy Linux virtual machines from this template without experiencing configuration file conflicts.

⁠11.2.2. Sealing a Windows Virtual Machine for Deployment as a Template

A template created for Windows virtual machines must be generalized (sealed) before being used to deploy virtual machines. This ensures that machine-specific settings are not reproduced in the template.

The Sysprep tool is used to seal Windows templates before use.

Important

Do not reboot the virtual machine during this process.

Before starting the Sysprep process, verify that the following settings are configured:

The Windows Sysprep parameters have been correctly defined.
If not, click Edit and enter the required information in the Operating System and Domain fields.
The correct product key has been defined in an override file on the Manager.
The override file needs to be created under /etc/ovirt-engine/osinfo.conf.d/, have a filename that puts it after /etc/ovirt-engine/osinfo.conf.d/00-defaults.properties, and end in .properties. For example, /etc/ovirt-engine/osinfo.conf.d/10-productkeys.properties. The last file will have precedent and override any other previous file.
If not, copy the default values for your Windows operating system from /etc/ovirt-engine/osinfo.conf.d/00-defaults.properties into the override file, and input your values in the productKey.value and sysprepPath.value fields.
⁠
Example 11.1. Windows 7 Default Configuration Values
```
# Windows7(11, OsType.Windows, false),false
os.windows_7.id.value = 11
os.windows_7.name.value = Windows 7
os.windows_7.derivedFrom.value = windows_xp
os.windows_7.sysprepPath.value = ${ENGINE_USR}/conf/sysprep/sysprep.w7
os.windows_7.productKey.value =
os.windows_7.devices.audio.value = ich6
os.windows_7.devices.diskInterfaces.value.3.3 = IDE, VirtIO_SCSI, VirtIO
os.windows_7.devices.diskInterfaces.value.3.4 = IDE, VirtIO_SCSI, VirtIO
os.windows_7.devices.diskInterfaces.value.3.5 = IDE, VirtIO_SCSI, VirtIO
os.windows_7.isTimezoneTypeInteger.value = false
```

⁠11.2.2.1. Sealing a Windows XP Template

Summary

Seal a Windows XP template using the Sysprep tool before using the template to deploy virtual machines.

Note

You can also use the procedure above to seal a Windows 2003 template. The Windows 2003 Sysprep tool is available at http://www.microsoft.com/download/en/details.aspx?id=14830.

⁠

Procedure 11.3. Sealing a Windows XP Template

Download sysprep to the virtual machine to be used as a template.
The Windows XP Sysprep tool is available at http://www.microsoft.com/download/en/details.aspx?id=11282
Create a new directory: c:\sysprep.
Open the deploy.cab file and add its contents to c:\sysprep.
Execute sysprep.exe from within the folder and click OK on the welcome message to display the Sysprep tool.
Select the following check boxes:
- Don't reset grace period for activation
- Use Mini-Setup
Ensure that the shutdown mode is set to Shut down and click Reseal.
Acknowledge the pop-up window to complete the sealing process; the virtual machine shuts down automatically upon completion.

Result

The Windows XP template is sealed and ready for deploying virtual machines.

⁠11.2.2.2. Sealing a Windows 7, Windows 2008, or Windows 2012 Template

Seal a Windows 7, Windows 2008, or Windows 2012 template before using the template to deploy virtual machines.

⁠

Procedure 11.4. Sealing a Windows 7, Windows 2008, or Windows 2012 Template

Launch Sysprep from C:\Windows\System32\sysprep\sysprep.exe.
Enter the following information into the Sysprep tool:
- Under System Cleanup Action, select Enter System Out-of-Box-Experience (OOBE).
- Select the Generalize check box if you need to change the computer's system identification number (SID).
- Under Shutdown Options, select Shutdown.
Click OK to complete the sealing process; the virtual machine shuts down automatically upon completion.

The Windows 7, Windows 2008, or Windows 2012 template is sealed and ready for deploying virtual machines.

⁠11.2.3. Using Cloud-Init to Automate the Configuration of Virtual Machines

Cloud-Init is a tool for automating the initial setup of virtual machines such as configuring the host name, network interfaces, and authorized keys. It can be used when provisioning virtual machines that have been deployed based on a template to avoid conflicts on the network.

To use this tool, the cloud-init package must first be installed on the virtual machine. Once installed, the Cloud-Init service starts during the boot process to search for instructions on what to configure. You can then use options in the Run Once window to provide these instructions one time only, or options in the New Virtual Machine, Edit Virtual Machine and Edit Template windows to provide these instructions every time the virtual machine starts.

⁠11.2.3.1. Cloud-Init Use Case Scenarios

Cloud-Init can be used to automate the configuration of virtual machines in a variety of scenarios. Several common scenarios are as follows:

Virtual Machines Created Based on Templates: You can use the Cloud-Init options in the Initial Run section of the Run Once window to initialize a virtual machine that was created based on a template. This allows you to customize the virtual machine the first time that virtual machine is started.
Virtual Machine Templates: You can use the Use Cloud-Init/Sysprep options in the Initial Run tab of the New Template and Edit Template windows to specify options for customizing virtual machines created based on that template.
Virtual Machine Pools: You can use the Use Cloud-Init/Sysprep options in the Initial Run tab of the New Pool window to specify options for customizing virtual machines taken from that virtual machine pool. This allows you to specify a set of standard settings that will be applied every time a virtual machine is taken from that virtual machine pool. You can inherit or override the options specified for the template on which the virtual machine is based, or specify options for the virtual machine pool itself.

⁠11.2.3.2. Installing Cloud-Init

This procedure describes how to install Cloud-Init on a virtual machine.

⁠

Procedure 11.5. Installing Cloud-Init

Log on to the virtual machine.

Enable the Red Hat Common repository.

# subscription-manager repos --enable=rhel-6-server-rh-common-rpms

Install the cloud-init package and dependencies:
```
# yum install cloud-init
```

⁠11.2.3.3. Using Cloud-Init to Initialize a Virtual Machine

Summary

Use Cloud-Init to automate the initial configuration of a Linux virtual machine that has been provisioned based on a template.

⁠

Procedure 11.6. Using Cloud-Init to Initialize a Virtual Machine

Click the Virtual Machines tab and select a virtual machine.
Click Run Once to open the Run Virtual Machine(s) window.
Expand the Initial Run section and select the Cloud-Init check box.
Enter a host name in the VM Hostname text field.
Select the Configure Time Zone check box and select a time zone from the Time Zone drop-down menu.
Select the Use already configured password check box to use the existing credentials, or clear that check box and enter a root password in the Password and Verify Password text fields to specify a new root password.
Enter any SSH keys to be added to the authorized hosts file on the virtual machine in the SSH Authorized Keys text area.
Select the Regenerate SSH Keys check box to regenerate SSH keys for the virtual machine.
Enter any DNS servers in the DNS Servers text field.
Enter any DNS search domains in the DNS Search Domains text field.
Select the Network check box and use the + and - buttons to add or remove network interfaces to or from the virtual machine.
Enter any custom scripts in the Custom Script text area.
Click OK.

Important

Cloud-Init is only supported on cluster compatibility version 3.3 and higher.

Result

The virtual machine boots and the specified settings are applied.

⁠11.2.3.4. Using Cloud-Init to Prepare a Template

Summary

Use Cloud-Init to specify a set of standard settings to be included in a template.

Note

While the following procedure outlines how to use Cloud-Init when preparing a template, the same settings are also available in the New Virtual Machine and Edit Template windows.

⁠

Procedure 11.7. Using Cloud-Init to Prepare a Template

Click the Virtual Machines tab and select a virtual machine.
Click Edit to open the Edit Virtual Machine window.
Click the Initial Run tab and select the Use Cloud-Init/Sysprep check box.
Enter a host name in the VM Hostname text field.
Select the Configure Time Zone check box and select a time zone from the Time Zone drop-down menu.
Expand the Authentication section and select the Use already configured password check box to user the existing credentials, or clear that check box and enter a root password in the Password and Verify Password text fields to specify a new root password.
Enter any SSH keys to be added to the authorized hosts file on the virtual machine in the SSH Authorized Keys text area.
Select the Regenerate SSH Keys check box to regenerate SSH keys for the virtual machine.
Expand the Networks section and enter any DNS servers in the DNS Servers text field.
Enter any DNS search domains in the DNS Search Domains text field.
Select the Network check box and use the + and - buttons to add or remove network interfaces to or from the virtual machine.
Expand the Custom Script section and enter any custom scripts in the Custom Script text area.
Click Ok.

Important

Cloud-Init is only supported on cluster compatibility version 3.3 and higher.

Result

The virtual machine boots and the specified settings are applied.