Red Hat Training

A Red Hat training course is available for RHEL 8

Deploying Red Hat Enterprise Linux 8 on public cloud platforms

Red Hat Enterprise Linux 8

Choosing RHEL images, or creating them manually, for use on cloud deployments

Red Hat Customer Content Services

Abstract

This document provides procedures for deploying a Red Hat Enterprise Linux 8 virtual machine (VM) on several major public cloud platforms.

Providing feedback on Red Hat documentation

We appreciate your input on our documentation. Please let us know how we could make it better. To do so:

  • For simple comments on specific passages:

    1. Make sure you are viewing the documentation in the Multi-page HTML format. In addition, ensure you see the Feedback button in the upper right corner of the document.
    2. Use your mouse cursor to highlight the part of text that you want to comment on.
    3. Click the Add Feedback pop-up that appears below the highlighted text.
    4. Follow the displayed instructions.
  • For submitting more complex feedback, create a Bugzilla ticket:

    1. Go to the Bugzilla website.
    2. As the Component, use Documentation.
    3. Fill in the Description field with your suggestion for improvement. Include a link to the relevant part(s) of documentation.
    4. Click Submit Bug.

Chapter 1. Deploying a RHEL image as a virtual machine on Microsoft Azure

You have a number of options for deplaying a Red Hat Enterprise Linux 8 image on Azure. This chapter discusses your options for choosing an image, and lists or refers to system requirements for your host system and VM. This chapter also provides procedures for creating a custom image, uploading it to Azure, and launching an Azure VM instance.

This chapter refers to the Azure documentation in a number of places. For many procedures, go to the referenced Azure documentation for additional detail.

Note

For a list of Red Hat products that you can use securely on Azure, see Red Hat on Microsoft Azure.

Prerequisites

  • Sign up for a Red Hat Customer Portal account.
  • Sign up for a Microsoft Azure account.
  • Enable your subscriptions in the Red Hat Cloud Access program. The Red Hat Cloud Access program allows you to move your Red Hat subscriptions from physical or on-premise systems onto Azure with full support from Red Hat.

1.1. Red Hat Enterprise Linux image options on Azure

The following table lists image choices and notes the differences in the image options.

Table 1.1. Image options

Image OptionSubscriptionsSample scenarioConsiderations

Choose to deploy a Red Hat Gold image

Leverage your existing Red Hat subscriptions

Enable subscriptions through the Red Hat Cloud Access program, and then choose a Red Hat Gold image on Azure. See the Red Hat Cloud Access Reference Guide for details on Gold images and how to access them on Azure.

You pay Azure for all other instance costs, but the subscription itself includes the Red Hat product cost.

Red Hat Gold images are called "cloud access" images because you leverage your existing Red Hat subscriptions. Red Hat provides support directly for cloud access images.

Choose to deploy a custom image that you move to Azure.

Leverage your existing Red Hat subscriptions

Enable subscriptions through the Red Hat Cloud Access program, upload your custom image, and attach your subscriptions.

You pay all other instance costs, but the subscription itself includes the Red Hat product cost.

Custom images that you move to Azure are "cloud access" images because you leverage your existing Red Hat subscriptions. Red Hat provides support directly for cloud access images.

Choose to deploy an existing Azure image that includes RHEL

The Azure images include a Red Hat product.

Choose a Red Hat Enterprise Linux image when you create a virtual machine using the Azure console, or choose a virtual machine from the Azure Marketplace.

You pay Amazon hourly on a pay-as-you-go model. Such images are called "on-demand". Azure provides support for on-demand images through a support agreement.

Red Hat provides updates to the images. Azure makes the updates available through Red Hat Enterprise Linux Satellite or Red Hat Subscription Management (RHSM).

Note

You can create a custom image for Azure using Red Hat Image Builder. See Composing a Customized RHEL System Image for more information.

The remainder of this chapter includes information and procedures pertaining to Red Hat Enterprise Linux custom images.

1.2. Using a custom base image

To manually configure a public cloud VM (or instance), you start with a base (starter) VM image. Once the base VM image is created, you modify configuration settings and add the packages required for the VM (or instance) to operate on the public cloud platform. Further configuration changes may be made after the image is uploaded and operating. This is typically required when the VM is used for a specific application.

To prepare a KVM cloud image of RHEL, follow the instructions below. To prepare a Hyper-V cloud image of RHEL, see the Microsoft Documentation.

The recommended base VM image to use for all public cloud platforms is the Red Hat Enterprise Linux 8 KVM Guest Image downloaded from the Red Hat Customer Portal. The KVM Guest Image is pre-configured with the following cloud configuration settings.

  • The root account is disabled. For several public cloud platforms, you temporarily enable root account access to make configuration changes and install packages required for the public cloud. The instructions for temporarily enabling root account access are provided in this guide.
  • A user account named cloud-user is pre-configured on the image. The cloud-user account has sudo access.
  • The image has cloud-init installed and enabled. cloud-init is a service that handles provisioning of the VM (or instance) at initial boot.

You can choose to use a custom Red Hat Enterprise Linux ISO image. However, note that when using a custom ISO image, additional configuration tasks may be necessary for the resulting VM to operate on the public cloud platform.

Additional resources

Red Hat Enterprise Linux

1.2.1. Required system packages

The procedure assumes you are creating a VM image for Azure using Red Hat Enterprise Linux or Fedora. To successfully complete the procedure, you need to have the packages listed in the following table installed. Note that these packages are located in the base fedora repository (if using Fedora).

Table 1.2. System Packages

PackageRepositoryDescription

libvirt

rhel-8-for-x86_64-appstream-rpms

Open source API, daemon, and management tool for managing platform virtualization

virt-install

rhel-8-for-x86_64-appstream-rpms

A command-line utility for building VMs

libguestfs

rhel-8-for-x86_64-appstream-rpms

A library for accessing and modifying virtual machine file systems

libguestfs-tools

rhel-8-for-x86_64-appstream-rpms

System administration tools for virtual machines; includes the guestfish utility

1.2.2. Azure virtual machine configuration settings

Microsoft Azure VMs must have the following configuration settings. Some of these settings are enabled during the initial VM creation. Other settings are set when provisioning the VM image for Microsoft Azure. Keep these settings in mind as you move through the procedure and refer back to them if you need to.

Table 1.3. VM Configuration Settings

SettingRecommendation

ssh

ssh must be enabled to provide remote access to your Azure VMs.

dhcp

The primary virtual adapter should be configured for dhcp (IPv4 only).

Swap Space

Do not create a dedicated swap file or swap partition. Swap space may be configured in the Windows Azure Linux Agent.

NIC

Choose virtio for the primary virtual network adapter.

encryption

Do not use full disk encryption for the operating system disk. Red Hat does not currently support operating system disk encryption for RHEL VMs in Microsoft Azure. Data disks can be encrypted.

1.2.3. Creating a base image from a KVM Guest image

Red Hat and the open source community continually optimize the KVM Guest image for virtualized environments. Once you have the image configured, you can use this image as a template for creating additional virtual machine instances.

Procedure

  1. Download the latest Red Hat Enterprise Linux 8 KVM Guest image from the Red Hat Customer Portal.
  2. Create and start a basic Red Hat Enterprise Linux VM. For instructions, see the Configuring and managing virtualization document. When creating the VM, use the following configuration settings.

    • Change the default memory and CPUs to the capacity settings you want for the VM.
    • Select virtio for the virtual network interface.
  3. Shut down the new VM after a login prompt appears.
  4. Set up root access to the VM. From your system, use virt-customize to generate a root password for the VM.

    # virt-customize -a <guest-image-path> --root-password password:<PASSWORD>

    Example:

    # virt-customize -a /var/lib/libvirt/images/rhel-guest-image-8.0-120.x86_64.qcow2 --root-password password:redhat!
    [   0.0] Examining the guest ...
    [ 103.0] Setting a random seed
    [ 103.0] Setting passwords
    [ 112.0] Finishing off
  5. Verify root access by starting the RHEL VM and logging in as root.
  6. Once you are logged in as root you can configure the image.

1.2.4. Creating a base image from an ISO image

The following procedure lists the steps and initial configuration requirements for creating a custom ISO image. Once you have the image configured, you can use this image as a template for creating additional virtual machine instances.

Procedure

  1. Download the latest Red Hat Enterprise Linux 8 Binary DVD ISO image from the Red Hat Customer Portal.
  2. When creating the base VM from the ISO image, use the following initial configuration settings:

    • Choose the memory and CPUs you want to use for the VM.
    • Select virtio for the virtual network interface.
    • Set a generic host name and verify that ens3 is enabled.
  3. Review the following additional installation selection and modifications.

    • Select Minimal Install.
    • For Installation Destination, select Custom Storage Configuration. Use the following configuration information to make your selections.

      • Verify at least 500 MB for /boot. The remaining space may be used for root /.
      • Logical Volume Management (LVM) may be used but Standard Partitions are recommended.
      • File System: xfs, ext4, or ext3 may be used.
    • Microsoft Azure only: Remove swap space. Swap space is configured on the physical blade server in Azure by the WALinuxAgent.
  4. When the install starts:

    • Create a root password.
    • Create an administrative user account.
  5. When installation is complete, reboot the VM and log in to the root account.
  6. Once you are logged in as root you can configure the image.

1.3. Configuring the base image for Microsoft Azure

The base image requires configuration changes to serve as your Red Hat Enterprise Linux 8 VM image in Microsoft Azure. The following sections provide the additional configuration changes required.

1.3.1. Installing Hyper-V device drivers

Microsoft provides network and storage device drivers as part of their Linux Integration Services for Hyper-V package. Hyper-V device drivers may need to be installed on the VM image prior to provisioning it as a Microsoft Azure VM. Use the lsinitrd | grep hv command to verify that the drivers are installed.

Procedure

  1. Enter the following grep command to determine if all of the required Hyper-V device drivers are installed.

    # lsinitrd | grep hv

    In the example below, all the drivers are installed.

    # lsinitrd | grep hv
    drwxr-xr-x   2 root     root            0 Aug 12 14:21 usr/lib/modules/3.10.0-932.el7.x86_64/kernel/drivers/hv
    -rw-r--r--   1 root     root        31272 Aug 11 08:45 usr/lib/modules/3.10.0-932.el7.x86_64/kernel/drivers/hv/hv_vmbus.ko.xz
    -rw-r--r--   1 root     root        25132 Aug 11 08:46 usr/lib/modules/3.10.0-932.el7.x86_64/kernel/drivers/net/hyperv/hv_netvsc.ko.xz
    -rw-r--r--   1 root     root         9796 Aug 11 08:45 usr/lib/modules/3.10.0-932.el7.x86_64/kernel/drivers/scsi/hv_storvsc.ko.xz

    If all the drivers are not installed, complete the remaining steps.

    Note

    An hv_vmbus driver may already exist in the environment. Even if this driver is present, complete the following steps.

  2. Create a file named dracut.conf in /etc/dracut.conf.d.
  3. Add the following driver parameters to the dracut.conf file.

    add_drivers+=" hv_vmbus "
    add_drivers+=" hv_netvsc "
    add_drivers+=" hv_storvsc "
    Note

    Note the spaces before and after the quotes, for example, add_drivers+=" hv_vmbus ". This ensures that unique drivers are loaded in the event that other Hyper-V drivers already exist in the environment.

  4. Regenerate the initramfs image.

    # dracut -f -v --regenerate-all
  5. Verify that the drivers are installed by running the lsinitrd | grep hv command.

1.3.2. Making additional configuration changes

The VM requires further configuration changes to operate in Microsoft Azure. Complete the following steps to make these changes.

Procedure

  1. If necessary, power on the VM.
  2. Stop the cloud-init service (if present).

    # systemctl stop cloud-init
  3. Remove the cloud-init software.

    # yum remove cloud-init
  4. Edit the /etc/ssh/sshd_config file and enable password authentication.

    PasswordAuthentication yes
  5. Set a generic host name.

    # hostnamectl set-hostname localhost.localdomain
  6. Edit (or create) the /etc/sysconfig/network-scripts/ifcfg-eth0 file. Use only the parameters listed below.

    Note

    The ifcfg-eth0 file does not exist on the RHEL 8 DVD ISO image and needs to be created.

    DEVICE="eth0"
    ONBOOT="yes"
    BOOTPROTO="dhcp"
    TYPE="Ethernet"
    USERCTL="yes"
    PEERDNS="yes"
    IPV6INIT="no"
  7. Remove all persistent network device rules (if present).

    # rm -f /etc/udev/rules.d/70-persistent-net.rules
    # rm -f /etc/udev/rules.d/75-persistent-net-generator.rules
    # rm -f /etc/udev/rules.d/80-net-name-slot-rules
  8. Set ssh to start automatically.

    # systemctl enable sshd
    # systemctl is-enabled sshd
  9. Modify the kernel boot parameters.

    1. Add crashkernel=256M to the start of the GRUB_CMDLINE_LINUX line in /etc/default/grub file. If crashkernel=auto is present, change it to crashkernel=256M.
    2. Add the following lines to the end of the GRUB_CMDLINE_LINUX line (if not present).

      earlyprintk=ttyS0
      console=ttyS0
      rootdelay=300
    3. Remove the following options, if they are present.

      rhgb
      quiet
  10. Regenerate the grub.cfg file.

    # grub2-mkconfig -o /boot/grub2/grub.cfg
  11. Register the VM and enable the Red Hat Enterprise Linux 8 repository.

    # subscription-manager register --auto-attach
  12. Install and enable the Windows Azure Linux Agent (WALinuxAgent). The WALinuxAgent is included in Red Hat Enterprise Linux 8 Application Stream (AppStream). See Using Application Stream for more information.

    # yum install WALinuxAgent -y
    # systemctl enable waagent
  13. Edit the following lines in the /etc/waagent.conf file to configure swap space for provisioned VMs. Set swap space for whatever is appropriate for your provisioned VMs.

    Provisioning.DeleteRootPassword=n
    ResourceDisk.Filesystem=ext4
    ResourceDisk.EnableSwap=y
    ResourceDisk.SwapSizeMB=2048
  14. Unregister the VM from Red Hat Subscription Manager.

    # subscription-manager unregister
  15. Prepare the VM for Microsoft Azure provisioning by cleaning up the existing provisioning details. Azure reprovisions the VM in Azure. This command generates warnings, which is expected.

    # waagent -force -deprovision
  16. Clean the shell history and shut down the VM.

    # export HISTSIZE=0
    # poweroff

1.4. Converting the image to a fixed VHD format

All Azure VM images must be in a fixed VHD format. The image must be aligned on a 1 MB boundary before it is converted to VHD. This section describes how to convert the image from qcow2 to a fixed VHD format and align the image if necessary. Once you have converted the image, it can be uploaded to Microsoft Azure.

Procedure

Verifying the image size

  1. Convert the image from qcow2 to raw format.

    $ qemu-img convert -f qcow2 -O raw <image-xxx>.qcow2 <image-xxx>.raw
  2. Create a shell script using the contents below.

    #!/bin/bash
    MB=$((1024 * 1024))
    size=$(qemu-img info -f raw --output json "$1" | gawk 'match($0, /"virtual-size": ([0-9]+),/, val) {print val[1]}')
    rounded_size=$((($size/$MB + 1) * $MB))
    if [ $(($size % $MB)) -eq  0 ]
    then
     echo "Your image is already aligned. You do not need to resize."
     exit 1
    fi
    echo "rounded size = $rounded_size"
    export rounded_size
  3. Run the script. The name align.sh is used in the example.

    $ sh align.sh <image-xxx>.raw
    • If the message "Your image is already aligned. You do not need to resize." is displayed, proceed to the following step.
    • If a value is displayed, your image is not aligned. Go to Aligning the image and convert it to a fixed VHD format. Use the value displayed to resize the image.
  4. Use the command below to convert the file to a fixed VHD format. The additional option force_size must be added when using Fedora 22 or later.

    RHEL server or workstation (using qemu-image version 1.5.3)

    $ qemu-img convert -f raw -o subformat=fixed -O vpc <image-xxx>.raw <image.xxx>.vhd

    Fedora 22 or later (using qemu-img version 2.6 or later)

    $ qemu-img convert -f raw -o subformat=fixed,force_size -O vpc <image-xxx>.raw <image.xxx>.vhd

    Once converted, the VHD file is ready for uploading to Microsoft Azure.

Aligning the image

Complete the steps below only if the raw file is not aligned.

  1. Resize the raw file using the rounded value displayed when you ran the verification script.

    $ qemu-img resize -f raw <image-xxx>.raw <rounded-value>
  2. Convert the raw image file to a VHD format.

    RHEL server or workstation (using qemu-image version 1.5.3)

    $ qemu-img convert -f raw -o subformat=fixed -O vpc <image-xxx>.raw <image.xxx>.vhd

    Fedora 22 or later (using qemu-img version 2.6 or later)

    $ qemu-img convert -f raw -o subformat=fixed,force_size -O vpc <image-xxx>.raw <image.xxx>.vhd

    Once converted, the VHD file is ready for uploading to Microsoft Azure.

1.5. Installing the Azure CLI

Complete the following steps to install the Azure command-line interface (Azure CLI 2.0). Azure CLI 2.0 is a Python-based utility that is used to create and manage VMs in Microsoft Azure.

Prerequisites

  • You need to have an account with Microsoft Azure before you can use Azure CLI.
  • The Azure CLI installation requires Python 2.7.x or Python 3.x and OpenSSL 1.0.2.

Procedure

  1. Import the Microsoft repository key.

    $ sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc
  2. Create a local Azure CLI repository entry.

    $ sudo sh -c 'echo -e "[azure-cli]\nname=Azure CLI\nbaseurl=https://packages.microsoft.com/yumrepos/azure-cli\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" > /etc/yum.repos.d/azure-cli.repo'
  3. Update the yum package index.

    $ yum check-update
  4. Install python2.

    $ sudo yum install python2
  5. Install the Azure CLI.

    $ sudo yum install -y azure-cli
  6. Run the Azure CLI.

    $ az

1.6. Creating resources in Microsoft Azure

Complete the procedures in the following sections to upload the vhd file, create a base Azure custom image, and start a RHEL VM in Microsoft Azure.

Procedure

  1. Enter the following command to authenticate your system with Microsoft Azure and log in.

    $ az login

    Example:

    [clouduser@localhost]$ az login
    To sign in, use a web browser to open the page https://aka.ms/devicelogin and enter the code FDMSCMETZ to authenticate.
      [
        {
          "cloudName": "AzureCloud",
          "id": "",
          "isDefault": true,
          "name": "",
          "state": "Enabled",
          "tenantId": "",
          "user": {
            "name": "",
            "type": "user"
          }
        }
      ]
  2. Create a resource group in an Azure region.

    $ az group create --name <resource-group> --location <azure-region>

    Example:

    [clouduser@localhost]$ az group create --name azrhelclirsgrp --location southcentralus
    {
      "id": "/subscriptions//resourceGroups/azrhelclirsgrp",
      "location": "southcentralus",
      "managedBy": null,
      "name": "azrhelclirsgrp",
      "properties": {
        "provisioningState": "Succeeded"
      },
      "tags": null
    }
  3. Create a storage account. See SKU Types for more information about valid SKU values.

    $ az storage account create -l <azure-region> -n <storage-account-name> -g <resource-group> --sku <sku_type>

    Example:

    [clouduser@localhost]$ az storage account create -l southcentralus -n azrhelclistact -g azrhelclirsgrp --sku Standard_LRS
    {
      "accessTier": null,
      "creationTime": "2017-04-05T19:10:29.855470+00:00",
      "customDomain": null,
      "encryption": null,
      "id": "/subscriptions//resourceGroups/azrhelclirsgrp/providers/Microsoft.Storage/storageAccounts/azrhelclistact",
      "kind": "Storage",
      "lastGeoFailoverTime": null,
      "location": "southcentralus",
      "name": "azrhelclistact",
      "primaryEndpoints": {
        "blob": "https://azrhelclistact.blob.core.windows.net/",
        "file": "https://azrhelclistact.file.core.windows.net/",
        "queue": "https://azrhelclistact.queue.core.windows.net/",
        "table": "https://azrhelclistact.table.core.windows.net/"
    },
    "primaryLocation": "southcentralus",
    "provisioningState": "Succeeded",
    "resourceGroup": "azrhelclirsgrp",
    "secondaryEndpoints": null,
    "secondaryLocation": null,
    "sku": {
      "name": "Standard_LRS",
      "tier": "Standard"
    },
    "statusOfPrimary": "available",
    "statusOfSecondary": null,
    "tags": {},
      "type": "Microsoft.Storage/storageAccounts"
    }
  4. Get the storage account connection string.

    $ az storage account show-connection-string -n <storage-account-name> -g <resource-group>

    Example:

    [clouduser@localhost]$ az storage account show-connection-string -n azrhelclistact -g azrhelclirsgrp
    {
      "connectionString": "DefaultEndpointsProtocol=https;EndpointSuffix=core.windows.net;AccountName=azrhelclistact;AccountKey=NreGk...=="
    }
  5. Export the connection string. Copy the connection string and paste it into the following command. This string connects your system to the storage account.

    $ export AZURE_STORAGE_CONNECTION_STRING="<storage-connection-string>"

    Example:

    [clouduser@localhost]$ export AZURE_STORAGE_CONNECTION_STRING="DefaultEndpointsProtocol=https;EndpointSuffix=core.windows.net;AccountName=azrhelclistact;AccountKey=NreGk...=="
  6. Create the storage container.

    $ az storage container create -n <container-name>

    Example:

    [clouduser@localhost]$ az storage container create -n azrhelclistcont
    {
      "created": true
    }
  7. Create a virtual network.

    $ az network vnet create -g <resource group> --name <vnet-name> --subnet-name <subnet-name>

    Example:

    [clouduser@localhost]$ az network vnet create --resource-group azrhelclirsgrp --name azrhelclivnet1 --subnet-name azrhelclisubnet1
    {
      "newVNet": {
        "addressSpace": {
          "addressPrefixes": [
          "10.0.0.0/16"
          ]
      },
      "dhcpOptions": {
        "dnsServers": []
      },
      "etag": "W/\"\"",
      "id": "/subscriptions//resourceGroups/azrhelclirsgrp/providers/Microsoft.Network/virtualNetworks/azrhelclivnet1",
      "location": "southcentralus",
      "name": "azrhelclivnet1",
      "provisioningState": "Succeeded",
      "resourceGroup": "azrhelclirsgrp",
      "resourceGuid": "0f25efee-e2a6-4abe-a4e9-817061ee1e79",
      "subnets": [
        {
          "addressPrefix": "10.0.0.0/24",
          "etag": "W/\"\"",
          "id": "/subscriptions//resourceGroups/azrhelclirsgrp/providers/Microsoft.Network/virtualNetworks/azrhelclivnet1/subnets/azrhelclisubnet1",
          "ipConfigurations": null,
          "name": "azrhelclisubnet1",
          "networkSecurityGroup": null,
          "provisioningState": "Succeeded",
          "resourceGroup": "azrhelclirsgrp",
          "resourceNavigationLinks": null,
          "routeTable": null
        }
      ],
      "tags": {},
      "type": "Microsoft.Network/virtualNetworks",
      "virtualNetworkPeerings": null
      }
    }

1.7. Uploading and creating an Azure image

Complete the following steps to upload the VHD file to your container and create an Azure custom image.

Note

The exported storage connection string does not persist after a system reboot. If any of commands in the following steps fail, export the connection string again. See Step 5 in Creating resources in Microsoft Azure.

Procedure

  1. Upload the vhd file to the storage container. It may take several minutes. To get a list of storage containers, enter az storage container list.

    $ az storage blob upload --account-name <storage-account-name> --container-name <container-name> --type page --file <path-to-vhd> --name <image-name>.vhd

    Example:

    [clouduser@localhost]$ az storage blob upload --account-name azrhelclistact --container-name azrhelclistcont --type page --file rhel-image-8.vhd --name rhel-image-8.vhd
    Percent complete: %100.0
  2. Get the URL for the uploaded vhd file. You will use this URL in the following step.

    $ az storage blob url -c <container-name> -n <image-name>.vhd

    Example:

    [clouduser@localhost]$ az storage blob url -c azrhelclistcont -n rhel-image-8.vhd "https://azrhelclistact.blob.core.windows.net/azrhelclistcont/rhel-image-8.vhd"
  3. Create the Azure custom image.

    $ az image create -n <image-name> -g <resource-group> -l <azure-region> --source <URL> --os-type linux
    Note

    The command may return the error "Only blobs formatted as VHDs can be imported." This error may mean that the image was not aligned to the nearest 1 MB boundary before it was converted to VHD. See Converting the image to fixed VHD format for more information.

    Example:

    [clouduser@localhost]$ az image create -n rhel8 -g azrhelclirsgrp2 -l southcentralus --source https://azrhelclistact.blob.core.windows.net/azrhelclistcont/rhel-image-8.vhd --os-type linux

1.8. Creating and starting the VM in Microsoft Azure

The following steps provide the minimum command options to create a managed-disk Azure VM from the image. See az vm create for additional options.

Procedure

  1. Enter the following command to create the VM.

    Note

    The option --generate-ssh-keys creates a private/public key pair. Private and public key files are created in ~/.ssh on your system. The public key is added to the authorized_keys file on the VM for the user specified by the --admin-username option. See Other authentication methods for additional information.

    $ az vm create -g <resource-group> -l <azure-region> -n <vm-name> --vnet-name <vnet-name> --subnet <subnet-name> --size Standard_A2 --os-disk-name <simple-name> --admin-username <administrator-name> --generate-ssh-keys --image <path-to-image>

    Example:

    [clouduser@localhost]$ az vm create -g azrhelclirsgrp2 -l southcentralus -n rhel-azure-vm-1 --vnet-name azrhelclivnet1 --subnet azrhelclisubnet1  --size Standard_A2 --os-disk-name vm-1-osdisk --admin-username clouduser --generate-ssh-keys --image rhel8
    
    {
      "fqdns": "",
      "id": "/subscriptions//resourceGroups/azrhelclirsgrp/providers/Microsoft.Compute/virtualMachines/rhel-azure-vm-1",
      "location": "southcentralus",
      "macAddress": "",
      "powerState": "VM running",
      "privateIpAddress": "10.0.0.4",
      "publicIpAddress": "<public-IP-address>",
      "resourceGroup": "azrhelclirsgrp2"

    Note the publicIpAddress. You need this to log in to the VM in the following step.

  2. Start an SSH session and log in to the VM.

    [clouduser@localhost]$ ssh  -i /home/clouduser/.ssh/id_rsa clouduser@<public-IP-address>.
    The authenticity of host ',<public-IP-address>' can't be established.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '<public-IP-address>' (ECDSA) to the list of known hosts.
    
    [clouduser@rhel-azure-vm-1 ~]$

If you see a user prompt, you have successfully deployed your Azure VM.

You can now go to the Microsoft Azure portal and check the audit logs and properties of your resources. You can manage your VMs directly in the Microsoft Azure portal. If you are managing multiple VMs, you should use the Azure CLI. The Azure CLI provides a powerful interface to your resources in Azure. Enter az --help in the CLI or see the Azure CLI Command Reference to learn more about the commands you use to manage your VMs in Microsoft Azure.

1.9. Other authentication methods

While recommended for increased security, the use of the Azure-generated key pair is not a requirement. The following examples show two other methods for SSH authentication.

Example 1: These command options provision a new VM without generating a public key file. They allow SSH authentication using a password.

$ az vm create -g <resource-group> -l <azure-region> -n <vm-name> --vnet-name <vnet-name> --subnet <subnet-name> --size Standard_A2 --os-disk-name <simple-name> --authentication-type password --admin-username <administrator-name> --admin-password <ssh-password> --image <path-to-image>
$ ssh <admin-username>@<public-ip-address>

Example 2: These command options provision a new Azure VM and allow SSH authentication using an existing public key file.

$ az vm create -g <resource-group> -l <azure-region> -n <vm-name> --vnet-name <vnet-name> --subnet <subnet-name> --size Standard_A2 --os-disk-name <simple-name> --admin-username <administrator-name> --ssh-key-value <path-to-existing-ssh-key> --image <path-to-image>
$ ssh -i <path-to-existing-ssh-key> <admin-username>@<public-ip-address>

Chapter 2. Deploying a RHEL image as an EC2 instance on Amazon Web Services

You have a number of options for deploying a Red Hat Enterprise Linux 8 image as an EC2 instance on Amazon Web Services (AWS). This chapter discusses your options for choosing an image, and lists or refers to system requirements for your host system and VM. The chapter also provides procedures for creating a custom image, uploading it to EC2, and launching an EC2 instance.

This chapter refers to the Amazon documentation in a number of places. For many procedures, go to the referenced Amazon documentation for additional detail.

Note

For a list of Red Hat products that you can use securely on AWS, see Red Hat on Amazon Web Services.

Prerequisites

2.1. Red Hat Enterprise Linux Image Options on AWS

The following table lists image choices and notes the differences in the image options.

Table 2.1. Image options

Image OptionSubscriptionsSample scenarioConsiderations

Choose to deploy a Red Hat Gold image

Leverage your existing Red Hat subscriptions

Enable subscriptions through the Red Hat Cloud Access program, and then choose a Red Hat Gold image on AWS.

You pay Amazon for all other instance costs, but the subscription itself includes the Red Hat product cost.

Red Hat Gold images are called "cloud access" images because you leverage your existing Red Hat subscriptions. Red Hat provides support directly for cloud access images.

Choose to deploy a custom image that you move to AWS.

Leverage your existing Red Hat subscriptions

Enable subscriptions through the Red Hat Cloud Access program, upload your custom image, and attach your subscriptions.

You pay all other instance costs, but the subscription itself includes the Red Hat product cost.

Custom images that you move to AWS are "cloud access" images because you leverage your existing Red Hat subscriptions. Red Hat provides support directly for cloud access images.

Choose to deploy an existing Amazon image that includes RHEL

The AWS EC2 images include a Red Hat product.

Choose a Red Hat Enterprise Linux image when you launch an instance on the AWS Management Console, or choose an image from the AWS Marketplace.

You pay Amazon hourly on a pay-as-you-go model. Such images are called "on-demand". Amazon provides support for on-demand images.

Red Hat provides updates to the images. AWS makes the updates available through the Red Hat Update Infrastructure (RHUI).

Note

You can create a custom image for AWS using Red Hat Image Builder. See Composing a Customized RHEL System Image for more information.

Important

You cannot convert an on-demand instance to a Red Hat Cloud Access instance. To change from an on-demand image to a Red Hat Cloud Access (BYOS) image, create a new Red Hat Cloud Access instance and migrate data from your on-demand instance. Cancel your on-demand instance after you migrate your data to avoid double billing.

The remainder of this chapter includes information and procedures pertaining to custom images.

2.2. Understanding base images

This section includes information on using preconfigured base images and their configuration settings.

2.2.1. Using a custom base image

To manually configure a VM, you start with a base (starter) VM image. Once you have created the base VM image, you can modify configuration settings and add the packages the VM requires to operate on the cloud. You can make additional configuration changes for your specific application after the image is uploaded and operating.

The recommended base VM image is the Red Hat Enterprise Linux 8 KVM Guest Image, which you download from the Red Hat Customer Portal. The KVM Guest Image is preconfigured with the following cloud configuration settings.

  • The root account is disabled. You temporarily enable root account access to make configuration changes and install packages that the cloud may require. This guide provides instructions for enabling root account access.
  • A user account named cloud-user is preconfigured on the image. The cloud-user account has sudo access.
  • The image has cloud-init installed and enabled. cloud-init is a service that handles provisioning of the VM (or instance) at initial boot.

You can choose to use a custom Red Hat Enterprise Linux ISO image; however, when using a custom ISO image, you may need to make additional configuration changes.

Additional resources

Red Hat Enterprise Linux

2.2.2. Virtual machine configuration settings

Cloud VMs must have the following configuration settings.

Table 2.2. VM Configuration Settings

SettingRecommendation

ssh

ssh must be enabled to provide remote access to your VMs.

dhcp

The primary virtual adapter should be configured for dhcp.

2.3. Creating a base image from a KVM Guest Image

Follow the procedures in this section to create a base image from a KVM Guest Image.

Prerequisites

2.3.1. Downloading the KVM Guest Image

Procedure

  1. Download the latest Red Hat Enterprise Linux KVM Guest Image from the Red Hat Customer Portal.
  2. Move the image to /var/lib/libvirt/images.

2.3.2. Creating the VM from the KVM Guest Image

Procedure

  1. Ensure that you have enabled your host machine for virtualization. Refer to Enabling virtualization in RHEL 8 for information and procedures.
  2. Create and start a basic Red Hat Enterprise Linux VM. Refer to Creating virtual machines for instructions. Use the following configuration settings when creating the VM.

    • Change the default memory and CPUs to the capacity settings you want for the VM.
    • Select virtio for the virtual network interface.
  3. Shut down the new VM after a login prompt appears.

2.3.3. Setting up root access to your KVM Guest Image

You need root access to make additional configuration changes to your image. You can also use root as one method of accessing your image once you have uploaded the image to the cloud. Perform the following procedure to enable root access to your VM.

Procedure

  1. From your host system, use the virt-customize command to generate a root password for the VM.

    # virt-customize -a <guest-image-path> --root-password password:<PASSWORD>

    Example:

    # virt-customize -a /var/lib/libvirt/images/rhel-guest-image-8.0-120.x86_64.qcow2 --root-password password:redhat!
    [   0.0] Examining the guest ...
    [ 103.0] Setting a random seed
    [ 103.0] Setting passwords
    [ 112.0] Finishing off
  2. Use the virt-edit command to edit the cloud.cfg file on your VM. Within the file, enable root login and password authentication by setting disable_root to 0 and ssh_pwauth to 1.

    # virt-edit -a <guest-image-path> /etc/cloud/cloud.cfg
  3. Verify root access by starting the RHEL VM and logging in as root.
  4. Configure the image.
  5. Power down the VM.

2.4. Creating a base VM from an ISO image

Follow the procedures in this section to create a base image from an ISO image.

Prerequisites

2.4.1. Downloading the ISO image

Procedure

  1. Download the latest Red Hat Enterprise Linux ISO image from the Red Hat Customer Portal.
  2. Move the image to /var/lib/libvirt/images.

2.4.2. Creating a VM from the ISO image

Procedure

  1. Ensure that you have enabled your host machine for virtualization. Refer to Enabling virtualization in RHEL 8 for information and procedures.
  2. Create and start a basic Red Hat Enterprise Linux VM. Refer to Creating virtual machines for instructions. Use the following initial configuration settings when creating the base VM from the ISO image.

    • Choose the memory and CPUs you want to use for the VM.
    • Select virtio for the virtual network interface.
    • Set a generic host name and verify that ens3 is enabled.

2.4.3. Completing the RHEL installation

Perform the following steps to complete the installation and to enable root access once the VM launches.

Procedure

  1. Choose the language you want to use during the installation process.
  2. On the Installation Summary view:

    1. Click Software Selection and check Minimal Install.
    2. Click Done.
    3. Click Installation Destination and check Custom under Storage Configuration.

      • Verify at least 500 MB for /boot. You can use the remaining space for root /.
      • Standard partitions are recommended, but you can use Logical Volume Management (LVM).
      • You can use xfs, ext4, or ext3 for File System.
      • Click Done when you are finished with changes.
  3. Click Begin Installation.
  4. Set a Root Password. Create other users as applicable.
  5. Reboot the VM and log in as root once the installation completes.
  6. Configure the image.
  7. Power down the VM.

2.5. Uploading the RHEL image to AWS

Follow the procedures in this section to upload your image to AWS.

2.5.1. Installing the AWS CLI

Many of the procedures in this chapter include using the AWS CLI. Complete the following steps to install the AWS CLI.

Prerequisites

  • You need to have created and have access to an AWS Access Key ID and an AWS Secret Access Key. Refer to Quickly Configuring the AWS CLI for information and instructions.

Procedure

  1. Install Python 3 and the pip tool:

    # yum install python3
    # yum install python3-pip
  2. Install the AWS command line tools with the pip command:

    # pip3 install awscli
  3. Run the aws --version command to verify that you have installed the AWS CLI.

    $ aws --version
    aws-cli/1.16.182 Python/2.7.5 Linux/3.10.0-957.21.3.el7.x86_64 botocore/1.12.172
  4. Configure the AWS command line client according to your AWS access details:

    $ aws configure
    AWS Access Key ID [None]:
    AWS Secret Access Key [None]:
    Default region name [None]:
    Default output format [None]:

2.5.2. Creating an S3 bucket

Importing to AWS requires an Amazon S3 bucket. An Amazon S3 bucket is an Amazon resource where you store objects. As part of the process for uploading your image, you create an S3 bucket and then move your image to the bucket. Complete the following steps to create a bucket.

Procedure

  1. Launch the Amazon S3 Console.
  2. Click Create Bucket. The Create Bucket dialog appears.
  3. In the Name and region view:

    1. Enter a Bucket name.
    2. Enter a Region.
    3. Click Next.
  4. In the Configure options view, select desired options and click Next.
  5. In the Set permissions view, change or accept the default options and click Next.
  6. Review your bucket configuration.
  7. Click Create bucket.

2.5.3. Creating the vmimport role

Perform the following procedure to create the vmimport role, which is required by VM import. Refer to VM Import Service Role in the Amazon documentation for more information.

Procedure

  1. Create a file named trust-policy.json and include the following policy. Save the file anywhere on your system and note its location.

    {
       "Version": "2012-10-17",
       "Statement": [
          {
             "Effect": "Allow",
             "Principal": { "Service": "vmie.amazonaws.com" },
             "Action": "sts:AssumeRole",
             "Condition": {
                "StringEquals":{
                   "sts:Externalid": "vmimport"
                }
             }
          }
       ]
    }
  2. Use the create role command to create the vmimport role. Specify the full path to the location of the trust-policy.json file. Prefix file:// to the path. A sample follows.

    aws iam create-role --role-name vmimport --assume-role-policy-document file:///home/sample/ImportService/trust-policy.json
  3. Create a file named role-policy.json and include the following policy. Replace s3-bucket-name with the name of your s3 bucket.

    {
       "Version":"2012-10-17",
       "Statement":[
          {
             "Effect":"Allow",
             "Action":[
                "s3:GetBucketLocation",
                "s3:GetObject",
                "s3:ListBucket"
             ],
             "Resource":[
                "arn:aws:s3:::s3-bucket-name",
                "arn:aws:s3:::s3-bucket-name/*"
             ]
          },
          {
             "Effect":"Allow",
             "Action":[
                "ec2:ModifySnapshotAttribute",
                "ec2:CopySnapshot",
                "ec2:RegisterImage",
                "ec2:Describe*"
             ],
             "Resource":"*"
          }
       ]
    }
  4. Use the put-role-policy command to attach the policy to the role you created. Specify the full path of the role-policy.json file. A sample follows.

    aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file:///home/sample/ImportService/role-policy.json

2.5.4. Converting and pushing your image to S3

Complete the following procedure to convert and push your image to S3. The samples are representative; they convert an image formatted in the qcow2 file format to raw format. Amazon accepts images in OVA, VHD, VHDX, VMDK, and raw formats. Refer to How VM Import/Export Works for more information on image formats that Amazon accepts.

Procedure

  1. Run the qemu-img command to convert your image. A sample follows.

    qemu-img convert -f qcow2 -O raw rhel-server-7.7-beta-1-x86_64-kvm.qcow2 rhel-server-7.7-beta-1-x86_64-kvm.raw
  2. Push the image to S3.

    aws s3 cp rhel-server-7.7-beta-1-x86_64-kvm.raw s3://s3-bucket-name
    Note

    This could take a number of minutes. After completion, you can check that your image uploaded successfully to your S3 bucket using the AWS S3 Console.

2.5.5. Importing your image as a snapshot

Perform the following procedure to import an image as a snapshot.

Procedure

  1. Create a file to specify a bucket and path for your image. Name the file containers.json. In the sample that follows, replace s3-bucket-name with your bucket name and s3-key with your key. You can get the key for the image using the Amazon S3 console.

    {
        "Description": "rhel-server-7.7-beta-1-x86_64-kvm.raw",
        "Format": "raw",
        "UserBucket": {
            "S3Bucket": "s3-bucket-name",
            "S3Key": "s3-key"
        }
    }
  2. Import the image as a snapshot. This example uses a public Amazon S3 file; you can use the Amazon S3 console to change permissions settings on your bucket.

    aws ec2 import-snapshot --disk-container file://containers.json

    The terminal displays a message such as the following. Note the ImportTaskID within the message.

    {
        "SnapshotTaskDetail": {
            "Status": "active",
            "Format": "RAW",
            "DiskImageSize": 0.0,
            "UserBucket": {
                "S3Bucket": "s3-bucket-name",
                "S3Key": "rhel-server-7.7-beta-1-x86_64-kvm.raw"
            },
            "Progress": "3",
            "StatusMessage": "pending"
        },
        "ImportTaskId": "import-snap-06cea01fa0f1166a8"
    }
  3. Track the progress of the import using the describe-import-snapshot-tasks command. Include the ImportTaskID.

    aws ec2 describe-import-snapshot-tasks --import-task-ids import-snap-06cea01fa0f1166a8

    The returned message shows the current status of the task. When complete, Status shows completed. Within the status, note the snapshot ID.

2.5.6. Creating an AMI from the uploaded snapshot

Within EC2, you must choose an Amazon Machine Image (AMI) when launching an instance. Perform the following procedure to create an AMI from your uploaded snapshot.

Procedure

  1. Go to the AWS EC2 Dashboard.
  2. Under Elastic Block Store, select Snapshots.
  3. Search for your snapshot ID (for example, snap-0e718930bd72bcda0).
  4. Right-click on the snapshot and select Create image.
  5. Name your image.
  6. Under Virtualization type, choose Hardware-assisted virtualization.
  7. Click Create. In the note regarding image creation, there is a link to your image.
  8. Click on the image link. Your image shows up under Images>AMIs.

2.5.7. Launching an instance from the AMI

Perform the following procedure to launch and configure an instance from the AMI.

Procedure

  1. From the AWS EC2 Dashboard, select Images and then AMIs.
  2. Right-click on your image and select Launch.
  3. Choose an Instance Type that meets or exceeds the requirements of your workload.

    Refer to Amazon EC2 Instance Types for information on instance types.

  4. Click Next: Configure Instance Details.

    1. Enter the Number of instances you want to create.
    2. For Network, select the VPC you created when setting up your AWS environment. Select a subnet for the instance or create a new subnet.
    3. Select Enable for Auto-assign Public IP.

      Note

      These are the minimum configuration options necessary to create a basic instance. Review additional options based on your application requirements.

  5. Click Next: Add Storage. Verify that the default storage is sufficient.
  6. Click Next: Add Tags.

    Note

    Tags can help you manage your AWS resources. Refer to Tagging Your Amazon EC2 Resources for information on tagging.

  7. Click Next: Configure Security Group. Select the security group you created when setting up your AWS environment.
  8. Click Review and Launch. Verify your selections.
  9. Click Launch. You are prompted to select an existing key pair or create a new key pair. Select the key pair you created when setting up your AWS environment.

    Note

    Verify that the permissions for your private key are correct. Use the command options chmod 400 <keyname>.pem to change the permissions, if necessary.

  10. Click Launch Instances.
  11. Click View Instances. You can name the instance(s).

You can now launch an SSH session to your instance(s) by selecting an instance and clicking Connect. Use the example provided for A standalone SSH client.

2.5.8. Attaching Red Hat subscriptions

Complete the following steps to attach the subscriptions you previously enabled through the Red Hat Cloud Access program.

Prerequisites

  • You must have enabled your subscriptions.

Procedure

  1. Register your system.

    subscription-manager register --auto-attach
  2. Attach your subscriptions.

Chapter 3. Deploying a RHEL image as a Compute Engine instance on Google Cloud Platform

You have a number of options for deploying a Red Hat Enterprise Linux 8 image as Compute Engine instance on Google Cloud Platform (GCP). This chapter discusses your options for choosing an image, and lists or refers to system requirements for your host system and VM. The chapter provides procedures for creating a custom image, uploading to GCP Compute Engine, and launching an instance.

This chapter refers to the Google documentation in a number of places. For many procedures, go to the referenced Google documentation for additional detail.

Note

For a list of Red Hat product certifications for Google Cloud Platform (GCP), see Red Hat on Google Cloud Platform.

Prerequisites

  • You need a Red Hat Customer Portal account to complete the procedures in this chapter.
  • Create an account with GCP to access the Google Cloud Platform Console. Refer to Google Cloud for more information.
  • Enable your Red Hat subscriptions through the Red Hat Cloud Access program. The Red Hat Cloud Access program allows you to move your Red Hat subscriptions from physical or on-premise systems onto GCP with full support from Red Hat.

3.1. Red Hat Enterprise Linux image options on GCP

The following table lists image choices and notes the differences in the image options.

Table 3.1. Image options

Image OptionSubscriptionsSample scenarioConsiderations

Choose to deploy a custom image that you move to GCP.

Leverage your existing Red Hat subscriptions

Enable subscriptions through the Red Hat Cloud Access program, upload your custom image, and attach your subscriptions.

You pay all other instance costs, but the subscription itself includes the Red Hat product cost.

Custom images that you move to GCP are called "cloud access" images because you leverage your existing Red Hat subscriptions. Red Hat provides support directly for cloud access images.

Choose to deploy an existing GCP image that includes RHEL

The GCP images include a Red Hat product.

Choose a Red Hat Enterprise Linux image when you launch an instance on the GCP Compute Engine, or choose an image from the Google Cloud Platform Marketplace.

You pay GCP hourly on a pay-as-you-go model. Such images are called "on-demand". GCP offers support for on-demand images through a support agreement.

Note

You can create a custom image for GCP using Red Hat Image Builder. See Composing a Customized RHEL System Image for more information.

Important

You cannot convert an on-demand instance to a Red Hat Cloud Access instance. To change from an on-demand image to a Red Hat Cloud Access (BYOS) image, create a new Red Hat Cloud Access instance and migrate data from your on-demand instance. Cancel your on-demand instance after you migrate your data to avoid double billing.

The remainder of this chapter includes information and procedures pertaining to custom images.

3.2. Understanding base images

This section includes information on using preconfigured base images and their configuration settings.

3.2.1. Using a custom base image

To manually configure a VM, you start with a base (starter) VM image. Once you have created the base VM image, you can modify configuration settings and add the packages the VM requires to operate on the cloud. You can make additional configuration changes for your specific application after the image is uploaded and operating.

The recommended base VM image is the Red Hat Enterprise Linux 8 KVM Guest Image, which you download from the Red Hat Customer Portal. The KVM Guest Image is preconfigured with the following cloud configuration settings.

  • The root account is disabled. You temporarily enable root account access to make configuration changes and install packages that the cloud may require. This guide provides instructions for enabling root account access.
  • A user account named cloud-user is preconfigured on the image. The cloud-user account has sudo access.
  • The image has cloud-init installed and enabled. cloud-init is a service that handles provisioning of the VM (or instance) at initial boot.

You can choose to use a custom Red Hat Enterprise Linux ISO image; however, when using a custom ISO image, you may need to make additional configuration changes.

Additional resources

Red Hat Enterprise Linux

3.2.2. Virtual machine configuration settings

Cloud VMs must have the following configuration settings.

Table 3.2. VM Configuration Settings

SettingRecommendation

ssh

ssh must be enabled to provide remote access to your VMs.

dhcp

The primary virtual adapter should be configured for dhcp.

3.3. Creating a base image from a KVM Guest Image

Follow the procedures in this section to create a base image from a KVM Guest Image.

Prerequisites

3.3.1. Downloading the KVM Guest Image

Procedure

  1. Download the latest Red Hat Enterprise Linux KVM Guest Image from the Red Hat Customer Portal.
  2. Move the image to /var/lib/libvirt/images.

3.3.2. Creating the VM from the KVM Guest Image

Procedure

  1. Ensure that you have enabled your host machine for virtualization. Refer to Enabling virtualization in RHEL 8 for information and procedures.
  2. Create and start a basic Red Hat Enterprise Linux VM. Refer to Creating virtual machines for instructions. Use the following configuration settings when creating the VM.

    • Change the default memory and CPUs to the capacity settings you want for the VM.
    • Select virtio for the virtual network interface.
  3. Shut down the new VM after a login prompt appears.

3.3.3. Setting up root access to your KVM Guest Image

You need root access to make additional configuration changes to your image. You can also use root as one method of accessing your image once you have uploaded the image to the cloud. Perform the following procedure to enable root access to your VM.

Procedure

  1. From your host system, use the virt-customize command to generate a root password for the VM.

    # virt-customize -a <guest-image-path> --root-password password:<PASSWORD>

    Example:

    # virt-customize -a /var/lib/libvirt/images/rhel-guest-image-8.0-120.x86_64.qcow2 --root-password password:redhat!
    [   0.0] Examining the guest ...
    [ 103.0] Setting a random seed
    [ 103.0] Setting passwords
    [ 112.0] Finishing off
  2. Use the virt-edit command to edit the cloud.cfg file on your VM. Within the file, enable root login and password authentication by setting disable_root to 0 and ssh_pwauth to 1.

    # virt-edit -a <guest-image-path> /etc/cloud/cloud.cfg
  3. Verify root access by starting the RHEL VM and logging in as root.
  4. Configure the image.
  5. Power down the VM.

3.4. Creating a base VM from an ISO image

Follow the procedures in this section to create a base image from an ISO image.

Prerequisites

3.4.1. Downloading the ISO image

Procedure

  1. Download the latest Red Hat Enterprise Linux ISO image from the Red Hat Customer Portal.
  2. Move the image to /var/lib/libvirt/images.

3.4.2. Creating a VM from the ISO image

Procedure

  1. Ensure that you have enabled your host machine for virtualization. Refer to Enabling virtualization in RHEL 8 for information and procedures.
  2. Create and start a basic Red Hat Enterprise Linux VM. Refer to Creating virtual machines for instructions. Use the following initial configuration settings when creating the base VM from the ISO image.

    • Choose the memory and CPUs you want to use for the VM.
    • Select virtio for the virtual network interface.
    • Set a generic host name and verify that ens3 is enabled.

3.4.3. Completing the RHEL installation

Perform the following steps to complete the installation and to enable root access once the VM launches.

Procedure

  1. Choose the language you want to use during the installation process.
  2. On the Installation Summary view:

    1. Click Software Selection and check Minimal Install.
    2. Click Done.
    3. Click Installation Destination and check Custom under Storage Configuration.

      • Verify at least 500 MB for /boot. You can use the remaining space for root /.
      • Standard partitions are recommended, but you can use Logical Volume Management (LVM).
      • You can use xfs, ext4, or ext3 for File System.
      • Click Done when you are finished with changes.
  3. Click Begin Installation.
  4. Set a Root Password. Create other users as applicable.
  5. Reboot the VM and log in as root once the installation completes.
  6. Configure the image.
  7. Power down the VM.

3.5. Uploading the RHEL image to GCP

Follow the procedures in this section to upload your image to GCP.

3.5.1. Creating a new project on the Google Cloud Platform

Complete the following steps to create a new project on the Google Cloud Platform (GCP).

Prerequisites

You must have created an account with the GCP. If you have not, refer to Google Cloud for more information.

Procedure

  1. Launch the GCP Console.
  2. Click the drop-down to the right of Google Cloud Platform.
  3. From the pop-up, click NEW PROJECT.
  4. From the New Project window, enter a name for your new project.
  5. Check the Organization. Click the drop-down to change the organization if necessary.
  6. Confirm the Location of your parent organization or folder. Click Browse to search for and change this value if necessary.
  7. Click CREATE to create your new GCP project.

    Note

    You can also create a new project under the GCP Manage resources page.

Additional resources

3.5.2. Installing the Google Cloud SDK

Complete the following steps to install the Google Cloud SDK.

Prerequisites

Procedure

  1. Follow the GCP instructions for downloading and extracting the Google Cloud SDK archive. Refer to the CGP document, Quickstart for Linux.
  2. Follow the same instructions for initializing the Google Cloud SDK.

    Note

    Once you have initialized the Google Cloud SDK, you can use the gcloud cli commands to perform tasks and obtain information about your project and instances. For example, you can display project information with the command:

    gcloud compute project-info describe --project <project-name>`

3.5.3. Creating SSH keys for Google Compute Engine

Perform the following procedure to generate and register SSH keys with Google Compute Engine so that you can SSH directly into an instance using its public IP address.

Procedure

  1. Use the ssh-keygen command to generate an SSH keypair for use with Google Compute Engine.

    # ssh-keygen -t rsa -f ~/.ssh/google_compute_engine
  2. From the GCP Console Dashboard page, click the Navigation menu to the left of the Google Cloud Console banner and select Compute Engine and then Metadata.
  3. Click SSH Keys and then click Edit.
  4. Enter the output generated from the ~/.ssh/google_compute_engine.pub file, and click Save.

    Note

    If the Red Hat image you configured was a KVM guest image, the user name for your key must be cloud-user, which is the default user.

  5. Run the following commands to enable the SSH agent to use this identity file for each new local console session.

    # eval $(ssh-agent)
    # ssh-add ~/.ssh/google_compute_engine
  6. Add the following to your ~/.ssh/config file to automate the command.

    IdentityFile ~/.ssh/google_compute_engine
    Note

    If necessary, create the config file (for example, nano ~/.ssh/config).

    You can now connect to your instance using standard SSH.

    # ssh -i ~/.ssh/google_compute_engine <username>@<instance_external_ip>
Note

You can run the command gcloud compute config-ssh to populate your config file with aliases for your instances. The aliases allow simple SSH connections by instance name. For information on the gcloud compute config-ssh command, refer to gcloud compute config-ssh.

3.5.4. Creating a storage bucket in GCP Storage

Importing to GCP requires a GCP Storage Bucket. Complete the following steps to create a bucket.

Procedure

  1. If you are not already logged in to Google Cloud, login with the following command.

    # gcloud auth login
  2. Create a storage bucket.

    # gsutil mb gs://bucket_name
Note

Alternatively, you can use the Google Cloud console to create a bucket. Refer to the GCP document, Create a bucket for information.

Additional resources

3.5.5. Converting and uploading your image to your GCP Bucket

Complete the following procedure to convert and upload your image to your GCP Bucket. The samples are representative; they convert a qcow2 image to raw format, and then tar that image for upload.

Procedure

  1. Run the qemu-img command to convert your image. The converted image must have the name disk.raw.

    # qemu-img convert -f qcow2 -O raw gc-iso-dvd.qcow2 disk.raw
  2. Tar the image.

    # tar --format=oldgnu -Sczf disk.raw.tar.gz disk.raw
  3. Upload the image to the bucket you created previously. Upload could take a number of minutes.

    # gsutil cp disk.raw.tar.gz gs://bucket_name
  4. From the Google Cloud Platform home screen, click the collapsed menu icon and select Storage and then Browser.
  5. Click the name of your bucket.

    The tarred image is listed under your bucket name.

    Note

    You can also upload your image using the GCP Console. To do so, click the name of your bucket and then click Upload files.

3.5.6. Creating an image from the object in the GCP bucket

Perform the following procedure to create an image from the object in your GCP bucket.

Procedure

  1. Run the following command to create an image for Google Compute Engine. Specify the name of the image you are creating, the bucket name, and the name of the tarred image.

    # gcloud compute images create my-image-name --source-uri gs://my-bucket-name/disk.raw.tar.gz
    Note

    Alternatively, you can use the Google Cloud console to create an image. Refer to the GCP document, Creating, deleting, and deprecating custom images for information.

  2. Optionally, find the image in the GCP console.

    1. Click the navigation menu to the left of the Google Cloud Console banner.
    2. Select Compute Engine and then Images.

3.5.7. Creating a Compute Engine instance from an image

Complete the following steps to configure a Compute Engine VM instance using the GCP Console.

Note

The following procedure provides instructions for creating a basic VM instance using the GCP Console. Refer to Creating and starting a VM instance for more information on Compute Engine VM instances and their configuration options.

Procedure

  1. From the GCP Console Dashboard page, click the Navigation menu to the left of the Google Cloud Console banner and select Compute Engine and then Images.
  2. Select your image.
  3. Click Create Instance.
  4. On the Create an instance page, enter a Name for your instance.
  5. Choose a Region and Zone.
  6. Choose a Machine configuration that meets or exceeds the requirements of your workload.
  7. Ensure that Boot disk specifies the name of your image.
  8. Optionally, under Firewall, select Allow HTTP traffic or Allow HTTPS traffic.
  9. Click Create.

    Note

    These are the minimum configuration options necessary to create a basic instance. Review additional options based on your application requirements.

    Find your image under VM instances. From the GCP Console Dashboard, click the Navigation menu to the left of the Google Cloud Console banner and select Compute Engine and then VM instances.

3.5.8. Connecting to your instance

Perform the following procedure to connect to your Google Compute Engine instance using its public IP address.

Procedure

  1. Run the following command to ensure that your instance is running. The command lists information about your Google Compute Engine instance, including whether the instance is running, and, if so, the public IP address of the running instance.

    # gcloud compute instances list
  2. Connect to your instance using standard SSH. The example uses the google_compute_engine key created earlier.

    Note

    If the Red Hat image you configured was a KVM guest image, use the user name cloud-user, which is the default user.

    # ssh -i ~/.ssh/google_compute_engine <user_name>@<instance_external_ip>
    Note

    Google Cloud Platform offers a number of ways to SSH into your instance. Refer to the Google document Connecting to instances for more information. You can also connect to your instance using the root account and password you set previously.

3.5.9. Attaching Red Hat subscriptions

Complete the following steps to attach the subscriptions you previously enabled through the Red Hat Cloud Access program.

Prerequisites

  • You must have enabled your subscriptions.

Procedure

  1. Register your system.

    subscription-manager register --auto-attach
  2. Attach your subscriptions.

Legal Notice

Copyright © 2020 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.