Menu Close
Settings Close

Language and Page Formatting Options

Red Hat Training

A Red Hat training course is available for RHEL 8

Chapter 10. Preparing and Uploading cloud images with Image Builder

Image Builder can create custom system images ready for use in clouds of various providers. To use your customized RHEL system image in a cloud, create the system image with Image Builder using the respective output type, configure your system for uploading the image, and upload the image to your cloud account. From Red Hat Enterprise Linux 8.3, the ability to push customized image clouds through the Image Builder application in the RHEL web console is available for a subset of the service providers that we support, such as AWS and Azure clouds. See Pushing images to AWS Cloud AMI and Pushing VHD images to Azure cloud.

10.1. Preparing for uploading AWS AMI images

This describes steps to configure a system for uploading AWS AMI images.

Prerequisites

Procedure

  1. Install Python 3 and the pip tool:

    # yum install python3
    # yum install python3-pip
  2. Install the AWS command-line tools with pip:

    # pip3 install awscli
  3. Run the following command to set your profile. The terminal prompts you to provide your credentials, region and output format:

    $ aws configure
    AWS Access Key ID [None]:
    AWS Secret Access Key [None]:
    Default region name [None]:
    Default output format [None]:
  4. Define a name for your bucket and use the following command to create a bucket:

    $ BUCKET=bucketname
    $ aws s3 mb s3://$BUCKET

    Replace bucketname with the actual bucket name. It must be a globally unique name. As a result, your bucket is created.

  5. Then, to grant permission to access the S3 bucket, create a vmimport S3 Role in IAM, if you have not already done so in the past:

    $ printf '{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "vmie.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals":{ "sts:Externalid": "vmimport" } } } ] }' > trust-policy.json
    $ printf '{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket" ], "Resource":[ "arn:aws:s3:::%s", "arn:aws:s3:::%s/*" ] }, { "Effect":"Allow", "Action":[ "ec2:ModifySnapshotAttribute", "ec2:CopySnapshot", "ec2:RegisterImage", "ec2:Describe*" ], "Resource":"*" } ] }' $BUCKET $BUCKET > role-policy.json
    $ aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
    $ aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json

10.2. Uploading an AMI image to AWS in the CLI

You can use Image Builder to build .ami images and push them directly to Amazon AWS Cloud service provider using the CLI.

Prerequisites

  • You have an Access Key ID configured in the AWS IAM account manager.
  • You have a writable S3 bucket prepared.
  • You have a defined blueprint.

Procedure

  1. Using the text editor, create a configuration file with the following content:

    provider = "aws"
    
    [settings]
    accessKeyID = "AWS_ACCESS_KEY_ID"
    secretAccessKey = "AWS_SECRET_ACCESS_KEY"
    bucket = "AWS_BUCKET"
    region = "AWS_REGION"
    key = "IMAGE_KEY"

    Replace values in the fields with your credentials for accessKeyID, secretAccessKey, bucket, region. The IMAGE_KEY value is the name of your VM Image to be uploaded to EC2.

  2. Save the file as CONFIGURATION-FILE.toml and close the text editor.
  3. Start the compose:

    # composer-cli compose start BLUEPRINT-NAME IMAGE-TYPE IMAGE_KEY CONFIGURATION-FILE.toml

    Replace:

    • BLUEPRINT-NAME with the name of the blueprint you created
    • IMAGE-TYPE with the ami image type.
    • IMAGE_KEY with the name of your VM Image to be uploaded to EC2.
    • CONFIGURATION-FILE.toml with the name of the configuration file of the cloud provider.

      Note

      You must have the correct IAM settings for the bucket you are going to send your customized image to. You have to set up a policy to your bucket before you are able to upload images to it.

  4. Check the status of the image build and upload it to AWS:

    # composer-cli compose status

    After the image upload process is complete, you can see the "FINISHED" status.

Verification

To confirm that the image upload was successful:

  1. Access EC2 on the menu and choose the correct region in the AWS console. The image must have the "available" status, to indicate that it was successfully uploaded.
  2. On the dashboard, select your image and click Launch.

10.3. Pushing images to AWS Cloud AMI

The ability to push the output image that you create to AWS Cloud AMI is available this time. This describes steps to push .ami images you create using Image Builder to Amazon AWS Cloud service provider.

Prerequisites

  • You must have root or wheel group user access to the system.
  • You have opened the Image Builder interface of the RHEL web console in a browser.
  • You must have an Access Key ID configured in the AWS IAM account manager.
  • You must have a writable S3 bucket prepared.

Procedure

  1. Click Create blueprint to create a blueprint. See Creating an Image Builder blueprint in the web console interface.
  2. Select the components and packages that you want as part of the image you are creating.
  3. Click Commit to commit the changes you made to the blueprint.

    A small pop-up on the superior right side informs you of the saving progress and then the result of the changes you commited.

  4. Click blueprint name link on the left banner.
  5. Select the tab Images.
  6. Click Create Image to create your customized image.

    A pop-up window opens.

    1. From the "Type" drop-down menu list, select the `"Amazon Machine Image Disk (.ami)"' image.
    2. Check the "Upload to AWS" check box to upload your image to the AWS Cloud and click Next.
    3. To authenticate your access to AWS, type your "AWS access key ID" and "AWS secret access key" in the corresponding fields. Click Next.

      Note

      You can view your AWS secret access key only when you create a new Access Key ID. If you do not know your Secret Key, generate a new Access Key ID.

    4. Type the name of the image in the "Image name" field, type the Amazon bucket name in the "Amazon S3 bucket name" field and type the "AWS region" field for the bucket you are going to add your customized image to. Click Next.
    5. Review the information and click Finish.

      Optionally, you can click Back to modify any incorrect detail.

      Note

      You must have the correct IAM settings for the bucket you are going to send your customized image. We are using the IAM Import and Export, so you have to set up a policy to your bucket before you are able to upload images to it. For more information, see Required Permissions for IAM Users.

  7. A small pop-up on the superior right side informs you of the saving progress. It also informs that the image creation has been initiated, the progress of this image creation and the subsequent upload to the AWS Cloud.

    After the process is complete, you can see the "Image build complete" status.

  8. Click Service→EC2 on the menu and choose the correct region in the AWS console. The image must have the "Available" status, to indicate that it is uploaded.
  9. On the dashboard, select your image and click Launch.
  10. A new window opens. Choose an instance type according to the resources you need to launch your image. Click Review and Launch.
  11. Review your instance launch details. You can edit each section if you need to make any change. Click Launch
  12. Before you launch the instance, you must select a public key to access it.

    You can either use the key pair you already have or you can create a new key pair. Alternatively, you can use Image Builder to add a user to the image with a preset public key. See Creating a user account with SSH key for more details.

    Follow the next steps to create a new key pair in EC2 and attach it to the new instance.

    1. From the drop-down menu list, select "Create a new key pair".
    2. Enter the name to the new key pair. It generates a new key pair.
    3. Click "Download Key Pair" to save the new key pair on your local system.
  13. Then, you can click Launch Instance to launch your instance.

    You can check the status of the instance, it shows as "Initializing".

  14. After the instance status is "running", the Connect button becomes available.
  15. Click Connect. A popup window appears with instructions on how to connect using SSH.

    1. Select the preferred connection method to "A standalone SSH client" and open a terminal.
    2. In the location you store your private key, make sure that your key is publicly viewable for SSH to work. To do so, run the command:

      $ chmod 400 <your-instance-name.pem>_
    3. Connect to your instance using its Public DNS:

      $ ssh -i "<_your-instance-name.pem_"> ec2-user@<_your-instance-IP-address_>
    4. Type "yes" to confirm that you want to continue connecting.

      As a result, you are connected to your instance using SSH.

Verification steps

  1. Check if you are able to perform any action while connected to your instance using SSH.

10.4. Preparing for uploading Azure VHD images

This describes steps to upload an VHD image to Microsoft Azure cloud.

Prerequisites

  • You must have a usable Microsoft Azure resource group and storage account.

Procedure

  1. Install python2:

    # yum install python2
    Note

    python2 package must be installed because since the AZ CLI depends specifically on python 2.7

  2. Import the Microsoft repository key:

    # rpm --import https://packages.microsoft.com/keys/microsoft.asc
  3. Create a local azure-cli repository information:

    # sh -c 'echo -e "[azure-cli]\nname=Azure CLI\nbaseurl=https://packages.microsoft.com/yumrepos/azure-cli\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" > /etc/yum.repos.d/azure-cli.repo'
  4. Install the Azure CLI:

    # yumdownloader azure-cli
    # rpm -ivh --nodeps azure-cli-2.0.64-1.el7.x86_64.rpm
    Note

    The downloaded version of the Azure CLI package may vary depending on the current downloaded version.

  5. Run the Azure CLI:

    $ az login

    The terminal shows the message 'Note, we have launched a browser for you to login. For old experience with device code, use "az login --use-device-code"' and open a browser where you can login.

    Note

    If you are running a remote (SSH) session, the link will not open in the browser. In this case, you can use the link provided and thus be able to login and authenticate your remote session. To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code XXXXXXXXX to authenticate.

  6. List the keys for the storage account in Azure:

    $ GROUP=resource-group-name
    $ ACCOUNT=storage-account-name
    $ az storage account keys list --resource-group $GROUP --account-name $ACCOUNT

    Replace resource-group-name with name of the Azure resource group and storage-account-name with name of the Azure storage account.

    Note

    You can list the available resources using the command:

    $ az resource list
  7. Make note of value key1 in the output of the previous command, and assign it to an environment variable:

    $ KEY1=value
  8. Create a storage container:

    $ CONTAINER=storage-account-name
    $ az storage container create --account-name $ACCOUNT \
    --account-key $KEY1 --name $CONTAINER

    Replace storage-account-name with name of the storage account.

Additional resources

10.5. Uploading VHD images to Microsoft Azure cloud

This describes steps to upload an VHD image to Microsoft Azure.

Prerequisites

  • Your system must be set up for uploading Azure VHD images.
  • You must have an Azure VHD image created by Image Builder. Use the vhd output type in CLI or Azure Disk Image (.vhd) in GUI when creating the image.

    Procedure

    1. Push the image to Microsoft Azure and create an instance from it:

      $ VHD=25ccb8dd-3872-477f-9e3d-c2970cd4bbaf-disk.vhd
      $ az storage blob upload --account-name $ACCOUNT --container-name $CONTAINER --file $VHD --name $VHD --type page
      ...
    2. After the upload to the Microsoft Azure BLOB completes, create an Azure image from it:

      $ az image create --resource-group $GROUP --name $VHD --os-type linux --location eastus --source https://$ACCOUNT.blob.core.windows.net/$CONTAINER/$VHD
       - Running ...
    3. Create an instance either with the Microsoft Azure portal, or a command similar to the following:

      $ az vm create --resource-group $GROUP --location eastus --name $VHD --image $VHD --admin-username azure-user --generate-ssh-keys
       - Running ...
    4. Use your private key via SSH to access the resulting instance. Log in as azure-user.

10.6. Uploading VMDK images to vSphere

Image Builder can generate images suitable for uploading to a VMware ESXi or vSphere system. This describes steps to upload an VMDK image to VMware vSphere.

Prerequisites

  • You must have an VMDK image created by Image Builder. Use the vmdk output type in CLI or VMware Virtual Machine Disk (.vmdk) in GUI when creating the image.

Procedure

  1. Upload the image into vSphere via HTTP. Click on Upload Files in the vCenter:

    composer vmware upload image

  2. When you create a VM, on the Device Configuration, delete the default New Hard Disk and use the drop-down to select an Existing Hard Disk disk image:

    composer vmware existing disk

  3. Make sure you use an IDE device as the Virtual Device Node for the disk you create. The default value SCSI results in an unbootable virtual machine.

    composer vmware existing ide

10.7. Uploading images to GCP with Image Builder

With Image Builder you can build a gce image, provide credentials for your user or GCP service account, and then upload the gce image directly to the GCP environment.

10.7.1. Uploading a gce image to GCP using the CLI

Follow the procedure to set up a configuration file with credentials to upload your gce image to GCP.

Prerequisites

  • You have a user or service account Google credentials to upload images to GCP. The account associated with the credentials must have at least the following IAM roles assigned:

    • roles/storage.admin - to create and delete storage objects
    • roles/compute.storageAdmin - to import a VM image to Compute Engine.
  • You have an existing GCP bucket.

Procedure

  1. Using a text editor, create a gcp-config.toml configuration file with the following content:

    provider = "gcp"
    
    [settings]
    bucket = "GCP_BUCKET"
    region = "GCP_STORAGE_REGION"
    object = "OBJECT_KEY"
    credentials = "GCP_CREDENTIALS"

    Where:

    • GCP_BUCKET points to an existing bucket. It is used to store the intermediate storage object of the image which is being uploaded.
    • GCP_STORAGE_REGION is both a regular Google storage region and, a dual or multi region.
    • OBJECT_KEY is the name of an intermediate storage object. It must not exist before the upload, and it is deleted when the upload process is done. If the object name does not end with .tar.gz, the extension is automatically added to the object name.
    • GCP_CREDENTIALS is a Base64-encoded scheme of the credentials JSON file downloaded from GCP. The credentials determine which project the GCP uploads the image to.

      Note

      Specifying GCP_CREDENTIALS in the gcp-config.toml is optional if you use a different mechanism to authenticate with GCP. For more details on different ways to authenticate with GCP, see Authentication with GCP.

  2. Create a compose with an additional image name and cloud provider profile:

    $ sudo composer-cli compose start BLUEPRINT-NAME gce IMAGE_KEY gcp-config.toml

    Note: The image build, upload, and cloud registration processes can take up to ten minutes to complete.

Verification

  • Verify that the image status is FINISHED:

    $ sudo composer-cli compose status

10.7.2. Authenticating with GCP

You can use several different types of credentials with Image Builder to authenticate with GCP. If Image Builder configuration is set to authenticate with GCP using multiple sets of credentials, it uses the credentials in the following order of preference:

  1. Credentials specified with the composer-cli command in the configuration file.
  2. Credentials configured in the osbuild-composer worker configuration.
  3. Application Default Credentials from the Google GCP SDK library, which tries to automatically find a way to authenticate using the following options:

    1. If the GOOGLE_APPLICATION_CREDENTIALS environment variable is set, Application Default Credentials tries to load and use credentials from the file pointed to by the variable.
    2. Application Default Credentials tries to authenticate using the service account attached to the resource that is running the code. For example, Google Compute Engine VM.

      Note

      You must use the GCP credentials to determine which GCP project to upload the image to. Therefore, unless you want to upload all of your images to the same GCP project, you always must specify the credentials in the gcp-config.toml configuration file with the composer-cli command.

10.7.2.1. Specifying credentials with the composer-cli command

You can specify GCP authentication credentials in the provided upload target configuration gcp-config.toml. Use a Base64-encoded scheme of the Google account credentials JSON file to save time.

Procedure

  • In the provided upload target configuration gcp-config.toml, set the credentials:

    provider = "gcp"
    
    [settings]
    provider = "gcp"
    
    [settings]
    ...
    credentials = "GCP_CREDENTIALS"
  • To get the encoded content of the Google account credentials file with the path stored in GOOGLE_APPLICATION_CREDENTIALS environment variable, run the following command:

    $ base64 -w 0 "${GOOGLE_APPLICATION_CREDENTIALS}"

10.7.2.2. Specifying credentials in the osbuild-composer worker configuration

You can configure GCP authentication credentials to be used for GCP globally for all image builds. This way, if you ways imports images to the same GCP project, you can use the same credentials for all image uploads to GCP.

Procedure

  • In the /etc/osbuild-worker/osbuild-worker.toml worker configuration, set the following credential value:

    [gcp]
    credentials = "PATH_TO_GCP_ACCOUNT_CREDENTIALS"

10.8. Pushing VMware images to vSphere

You can build VMware images and push them directly to your vSphere instance, to avoid having to download the image file and push it manually. This describes steps to push .vmdk images you create using Image Builder directly to vSphere instances service provider.

Prerequisites

  • You have root or wheel group user access to the system.
  • You have opened the Image Builder interface of the RHEL web console in a browser.
  • You have a vSphere Account.

Procedure

  1. Click Create blueprint.

    See Creating an Image Builder blueprint in the web console interface.

  2. Select the components and packages that you want as part of the image you are creating.
  3. Click Commit to commit the changes you made to the blueprint.

    A pop-up on the upper right side informs you of the saving progress and then the result of the changes you commited.

  4. Click blueprint name link on the left banner.
  5. Select the Customizations tab to create a user account for the blueprint.

    See Creating a user account for a blueprint.

  6. Select the Images tab .
  7. Click Create Image to create your customized image.

    The Image type window opens.

  8. In the Image type window:

    1. From the dropdown menu, select the Type: VMware VSphere (.vmdk).
    2. Check the Upload to VMware checkbox to upload your image to the vSphere.
    3. Optional: Set the size of the image you want to instantiate. The minimal default size is 2GB.
    4. Click Next.
  9. In the Upload to VMware window, under Authentication, enter the following details:

    1. Username: username of the vSphere account.
    2. Password: pasword of the vSphere account.
  10. In the Upload to VMware window, under Destination, enter the following details:

    1. Image name: a name for the image to be uploaded.
    2. Host: The URL of your VMware vSphere where the image will be uploaded.
    3. Cluster: The name of the cluster where the image will be uploaded.
    4. Data center: The name of the datacenter where the image will be uploaded.
    5. Data store:The name of the Data store where the image will be uploaded.
    6. Click Next.
  11. In the Review window, review the details about the image creation and click Finish.

    You can click Back to modify any incorrect detail.

    Image Builder adds the compose of a RHEL vSphere image to the queue, and creates and uploads the image to the Cluster on the vSphere instance you specified.

    Note

    The image build and upload processes take a few minutes to complete.

    After the process is complete, you can see the Image build complete status.

Verification

After the image status upload is completed successfully, you can create a Virtual Machine (VM) from the image you uploaded and login into it. Follow the steps for that:

  1. Access VMware vSphere Client.
  2. Search for the image in the Cluster on the vSphere instance you specified.
  3. You can create a new Virtual Machine from the image you uploaded. For that:

    1. Select the image you uploaded.
    2. Click the right button on the selected image.
    3. Click New Virtual Machine.

      A New Virtual Machine window opens.

      In the New Virtual Machine window, provide the following details:

      1. Select a creation type: You can choose to create a New Virtual Machine.
      2. Select a name and a folder: For example, Virtual Machine name: vSphere Virtual Machine and location of your choice inside vSphere Client.
      3. Select a computer resource: choose a destination computer resource for this operation.
      4. Select storage: For example, select NFS-Node1
      5. Select compatibility: The image should be BIOS only.
      6. Select a guest OS: For example, select Linux and _Red Hat Fedora (64-bit).
      7. Customize hardware: When you create a VM, on the Device Configuration button on the upper right, delete the default New Hard Disk and use the drop-down to select an Existing Hard Disk disk image:
      8. Ready to complete: Review the details and click Finish to create the image.
    4. Navigate to the VMs tab.

      1. From the list, select the VM you created.
      2. Click the Start button from the panel. A new window appears, showing the VM image loading.
      3. Log in with the credentials you created for the blueprint.
      4. You can verify if the packages you added to the blueprint are installed. For example:

        $ rpm -qa | grep firefox

Additional resources

10.9. Pushing VHD images to Microsoft Azure cloud

You can create .vhd images using Image Builder. Then, you can push the .vhd images to a Blob Storage of the Microsoft Azure Cloud service provider.

Prerequisites

  • You must have root access to the system.
  • You have opened the Image Builder interface of the RHEL web console in a browser.
  • You must have a Microsoft Storage Account created.
  • You must have a writable Blob Storage prepared.

Procedure

  1. Click Create blueprint to create a blueprint. See Creating an Image Builder blueprint in the web console interface.
  2. Select the components and packages that you want as part of the image you are creating.
  3. Click Commit to commit the changes you made to the blueprint.

    A small pop-up on the upper right side informs you of the saving progress and then the result of the changes you commited.

  4. Click blueprint name link on the left banner.
  5. Select the tab Images.
  6. Click Create Image to create your customized image.

    A pop-up window opens.

    1. From the "Type" drop-down menu list, select the Azure Disk Image (.vhd) image.
    2. Check the "Upload to Azure" check box to upload your image to the Microsoft Azure Cloud and click Next.
    3. To authenticate your access to Azure, type your "Storage account" and "Storage access key" in the corresponding fields. Click Next.

      You can find your Microsoft Storage account details in the Settings→Access Key menu list.

    4. Type a "Image name" to be used for the image file that will be uploaded and the Blob "Storage container" in which the image file you want to push the image into. Click Next.
    5. Review the information you provided and click Finish.

      Optionally, you can click Back to modify any incorrect detail.

  7. A small pop-up on the upper right side displays when the image creation process starts with the message: "Image creation has been added to the queue".

    After the image process creation is complete, click the blueprint you created an image from. You can see the "Image build complete" status for the image you created within the Images tab.

  8. To access the image you pushed into Microsoft Azure Cloud, access Microsoft Azure Portal.
  9. On the search bar, type Images and select the first entry under Services. You are redirected to the Image dashboard.
  10. Click +Add. You are redirected to the Create an Image dashboard.

    Insert the below details:

    1. Name: Choose a name for your new image.
    2. Resource Group: Select a resource group.
    3. Location: Select the location that matches the regions assigned to your storage account. Otherwise you will not be able to select a blob.
    4. OS Type: Set the OS type to Linux.
    5. VM Generation: Keep the VM generation set on Gen 1.
    6. Storage Blob: Click Browse on the right of Storage blob input. Use the dialog to find the image you uploaded earlier.

      Keep the remaining fields as in the default choice.

  11. Click Create to create the image. After the image is created, you can see the message "Successfully created image" in the upper right corner.
  12. Click Refresh to see your new image and open your newly created image.
  13. Click + Create VM. You are redirected to the Create a virtual machine dashboard.
  14. In the Basic tab, under Project Details, your *Subscription and the Resource Group are already pre-set.

    If you want to create a new resource Group

    1. Click Create new.

      A pop-up prompts you to create the Resource Group Name container.

    2. Insert a name and click OK.

      If you want to keep the Resource Group that is already pre-set.

  15. Under Instance Details, insert:

    1. Virtual machine name
    2. Region
    3. Image: The image you created is pre-selected by default.
    4. Size: Choose a VM size that better suits your needs.

      Keep the remaining fields as in the default choice.

  16. Under Administrator account, enter the below details:

    1. Username: the name of the account administrator.
    2. SSH public key source: from the drop-down menu, select Generate new key pair.

      You can either use the key pair you already have or you can create a new key pair. Alternatively, you can use Image Builder to add a user to the image with a preset public key. See Creating a user account with SSH key for more details.

    3. Key pair name: insert a name for the key pair.
  17. Under Inbound port rules, select:

    1. Public inbound ports: Allow selected ports.
    2. Select inbound ports: Use the default set SSH (22).
  18. Click Review + Create. You are redirected to the Review + create tab and receive a confirmation that the validation passed.
  19. Review the details and click Create.

    Optionally, you can click Previous to fix previous options selected.

  20. A pop-up generates new key pair window opens. Click Download private key and create resources.

    Save the key file as "yourKey.pem".

  21. After the deployment is complete, click Go to resource.
  22. You are redirected to a new window with your VM details. Select the public IP address on the top right side of the page and copy it to your clipboard.

Now, to create an SSH connection with the VM to connect to the Virtual Machine.

  1. Open a terminal.
  2. At your prompt, open an SSH connection to your virtual machine. Replace the IP address with the one from your VM, and replace the path to the .pem with the path to where the key file was downloaded.

    # ssh -i ./Downloads/yourKey.pem azureuser@10.111.12.123
  3. You are required to confirm if you want to continue to connect. Type yes to continue.

As a result, the output image you pushed to the Microsoft Azure Storage Blob is ready to be provisioned.

10.10. Uploading QCOW2 image to OpenStack

Image Builder can generate images suitable for uploading to OpenStack cloud deployments, and starting instances there. This describes steps to upload an QCOW2 image to OpenStack.

Prerequisites

  • You must have an OpenStack-specific image created by Image Builder. Use the openstack output type in CLI or OpenStack Image (.qcow2) in GUI when creating the image.

    Warning

    Image Builder also offers a generic QCOW2 image type output format as qcow2 or QEMU QCOW2 Image (.qcow2). Do not mistake it with the OpenStack image type which is also in the QCOW2 format, but contains further changes specific to OpenStack.

Procedure

  1. Upload the image to OpenStack and start an instance from it. Use the Images interface to do this:

    composer openstack upload image

  2. Start an instance with that image:

    composer openstack start instance

  3. You can run the instance using any mechanism (CLI or OpenStack web UI) from the snapshot. Use your private key via SSH to access the resulting instance. Log in as cloud-user.

10.11. Preparing for uploading images to Alibaba

This section describes steps to verify custom images that you can deploy on Alibaba Cloud. The images will need a specific configuration to boot successfully, because Alibaba Cloud requests the custom images to meet certain requirements before you use it. For this, it is recommended that you use the Alibaba image_check tool.

Note

The custom image verification is an optional task. Image Builder generates images that conform to Alibaba’s requirements.

Prerequisites

  • You must have an Alibaba image created by Image Builder.

Procedure

  1. Connect to the system containing the image you want to check it by the Alibaba image_check tool.
  2. Download the image_check tool:

    $ curl -O http://docs-aliyun.cn-hangzhou.oss.aliyun-inc.com/assets/attach/73848/cn_zh/1557459863884/image_check
  3. Change the file permission of the image compliance tool:

    # chmod +x image_check
  4. Run the command to start the image compliance tool checkup:

    # ./image_check

    The tool verifies the system configuration and generates a report that is displayed on your screen. The image_check tool saves this report in the same folder where the image compliance tool is running.

  5. If any of the Detection Items fail, follow the instructions to correct it. For more information, see link: Detection items section.

Additional resources

10.12. Uploading images to Alibaba

This section describes how to upload an Alibaba image to Object Storage Service (OSS).

Prerequisites

  • Your system is set up for uploading Alibaba images.
  • You must have an Alibaba image created by Image Builder. Use the ami output type on RHEL 7 or Alibaba on RHEL 8 when creating the image.
  • You have a bucket. See Creating a bucket.
  • You have an active Alibaba Account.
  • You activated OSS.

Procedure

  1. Log in to the OSS console.
  2. On the left side Bucket menu, select the bucket to which you want to upload an image.
  3. On the right upper menu, click the Files tab.
  4. Click Upload. A window dialog opens on the right side. Choose the following information:

    • Upload To: Choose to upload the file to the Current directory or to a Specified directory.
    • File ACL: Choose the type of permission of the uploaded file.
  5. Click Upload.
  6. Choose the image you want to upload.
  7. Click Open.

As a result, the custom image is uploaded to OSS Console.

10.13. Importing images to Alibaba

This section describes how to import an Alibaba image to Elastic Cloud Console (ECS).

Prerequisites

  • You have uploaded the image to Object Storage Service (OSS).

Procedure

  1. Log in to the ECS console.

    1. On the left side menu, click Images.
    2. On the right upper side, click Import Image. A window dialog opens.
    3. Confirm that you have set up the correct region where the image is located. Enter the following information:

      1. OSS Object Address: See how to obtain OSS Object Address.
      2. Image Name:
      3. Operating System:
      4. System Disk Size:
      5. System Architecture:
      6. Platform: Red Hat
    4. Optionally, provide the following details:

      1. Image Format: qcow2 or ami, depending on the uploaded image format.
      2. Image Description:
      3. Add Images of Data Disks:

        The address can be determined in the OSS management console after selecting the required bucket in the left menu, select Files section and then click the Details link on the right for the appropriate image. A window will appear on the right side of the screen, showing image details. The OSS object address is in the URL box.

  2. Click OK.

    Note

    The importing process time can vary depending on the image size.

As a result, the custom image is imported to ECS Console. You can create an instance from the custom image.

10.14. Creating an instance of a custom image using Alibaba

You can create instances of the custom image using Alibaba ECS Console.

Prerequisites

  • You have activated OSS and uploaded your custom image.
  • You have successfully imported your image to ECS Console.

Procedure

  1. Log in to the ECS console.
  2. On the left side menu, choose Instances.
  3. In the top corner, click Create Instance. You are redirected to a new window.
  4. Fill in all the required information. See Creating an instance by using the wizard for more details.
  5. Click Create Instance and confirm the order.

    Note

    You can see the option Create Order instead of Create Instance, depending on your subscription.

As a result, you have an active instance ready for deployment.