How do I install the QCOW2 image provided in the RHEL downloads?

Resolution

What is QCOW2?

QCOW2 is a storage format for virtual disks. QCOW stands for QEMU copy-on-write. The QCOW2 format decouples the physical storage layer from the virtual layer by adding a mapping between logical and physical blocks. Each logical block is mapped to its physical offset, which enables storage over-commitment and virtual machine snapshots, where each QCOW volume only represents changes made to an underlying virtual disk.

The initial mapping points all logical blocks to the offsets in the backing file or volume. When a virtual machine writes data to a QCOW2 volume after a snapshot, the relevant block is read from the backing volume, modified with the new information and written into a new snapshot QCOW2 volume. Then the map is updated to point to the new place.

How can I use the Red Hat Enterprise Linux QCOW2 image?

The Red Hat Enterprise Linux QCOW2 images (example:  RHEL 7 QCOW2 image) are for use with Red Hat Enterprise Linux OpenStack Platform, or Red Hat Enterprise Linux 6, 7 or 8 KVM hypervisors.  The images are configured with cloud-init to take advantage of ec2-compatible metadata services for provisioning ssh keys in order to function properly.

Red Hat Enterprise Linux OpenStack Platform is the preferred cloud environment for utilizing QCOW2 images.

Red Hat OpenStack Platform

How do I change/update the root password of the QCOW2 image?

• The root account in the image is locked.  The image's /etc/shadow file has "!!" in the root user's second field.
• Sudo access is granted to a special user named cloud-user.

For an OpenStack instance, we recommend that one generates a ssh keypair from the OpenStack dashboard or command line and use that key combination to perform a ssh public authentication to the instance as root.

When the instance is launched, this public key will be injected to it.  One can then authenticate using the private key downloaded while creating the keypair.

Hard requirements on root passwords

If one still needs to set a root password, please execute:

# virt-customize -a <qcow2 image file name> --root-password password:<password>
[   0.0] Examining the guest ...
[  13.8] Setting a random seed
[  13.8] Setting passwords
[  14.5] Finishing off

Alternatively, one can use guestfish to edit the disk image's /etc/shadow file, directly.  Note in the below example, the file system containing /etc/shadow is /dev/vda1.  This may be different, depending on the image file being edited.

# guestfish --rw -a <qcow2 image file name>
><fs> run
><fs> list-filesystems
><fs> mount /dev/vda1 /
><fs> vi /etc/shadow
><fs> umount /
><fs> exit

To modify the image and insert different root passwords for different instances when they are launched, use cloudinit to apply a password to an instance when they are launched.  For more information, please refer to the upstream documentation:  OpenStack.org Administration Guide.

Red Hat Enterprise Linux KVM

For use in a KVM/QEMU hypervisor on a Red Hat Enterprise Linux machine, one must set a root password and disable the cloud-init service.

# virt-customize -a <qcow2 image file name> --root-password password:<password> --uninstall cloud-init
[   0.0] Examining the guest ...
[  11.5] Setting a random seed
[  11.5] Uninstalling packages: cloud-init
[  13.9] Setting passwords
[  15.6] Finishing off

One then may import the QCOW2 image using the virt-manager graphical user interface or the virt-install text command.

Virt-manager will have an "Import existing disk image" option in the first window when creating a new virtual machine.  If one does not see it, one may have to update to a newer version of virt-manager.  Also, virt-manager assumes the storage format is whatever was last used.  Thus, one should Customize configuration before install and edit the disk's advanced options to ensure the storage format is set to "QCOW2".

An example virt-install command might be:

# virt-install \
  --name guest1-rhel7 \
  --memory 2048 \
  --vcpus 2 \
  --disk /path/to/imported/disk.qcow2 \
  --import \
  --os-variant rhel7