Skip to content. | Skip to navigation

Personal tools

Navigation

You are here: Home / Wiki / Creategenericimage

Creategenericimage

How to make a generic image from a Utah one:

1. Load up the current FBSD+RHL image.

2. FreeBSD:

2a. Update the Emulab software
   See for example, ~mike/obj/doclient.

2b. Turn off cvsup
	sudo rm -rf /root/.cvsup
	sudo cp /dev/null /etc/emulab/nosup
	sudo rm /etc/emulab/supfile

2c. Change the root password.
   Set it to something generic like the newnode MFS password via
	sudo passwd root
   Once you set it in master.passwd, you will have to hand copy
   the password hash to /etc/emulab/master.passwd.  Make sure you change
   both the root and toor password hashes (in the /etc/emulab file).

2d. Remove root's known_hosts file and authorized_keys.
	sudo sh -c 'rm /root/.ssh/*'
    Note that we used to leave our boss' authorized_keys file in the image,
    but now that file is automatically overwritten as part of node setup
    so there is no point.

2e. Install generic kernels.

   [ As of 8/13/07 there are prebuilt versions of these in
     http://www.emulab.net/downloads/generic-kernels-4.10.tar.gz.
     For Utah, there are prebuilt kernels (and master.passwd files
     with the usual newnode root password) in
     ~mike/distimages/generic-image/fbsd* ]

   Build kernels from the various TESTBED-* configs and install them.
   For FBSD 4.x:
	TESTBED-GENERIC		  -> /kernel.100HZ
	TESTBED-LINKDELAY-GENERIC -> /kernel.1000HZ
	TESTBED-DELAY-GENERIC	  -> /kernel.10000HZ
	TESTBED-JAIL-GENERIC	  -> /kernel.jail
   Make sure that all the proper aliases exist too:
   	ln -f /kernel.1000HZ /kernel.linkdelay
   	ln -f /kernel.10000HZ /kernel.delay
	cp -p /kernel.100HZ /kernel

   For FBSD 5.x and higher:
	TESTBED-GENERIC		  -> /boot/kernel
	TESTBED-LINKDELAY-GENERIC -> /boot/kernel.linkdelay
	TESTBED-DELAY-GENERIC	  -> /boot/kernel.delay
   (there is no vnode/jail support on FBSD 5+).

2f. Shutdown to single user and run the prepare script.
   I always first umount NFS directories:
	umount -h fs
   Then I remove /users and /proj mount points:
	rmdir /users/* /proj/*
   (Note that this looks really dangerous, in the case where something is
    still NFS mounted, but it isn't since I use "rmdir" which will not
    remove a directory that isn't empty or a mount point.)
   Then run prepare:
	cd /usr/local/etc/emulab
	./prepare

2g. Remove the Utah SSL certs and SSH host keys
	rm /etc/ssh/ssh_host*
	rm /etc/emulab/*.pem

2h. Reboot into Linux

3. Linux:

3a. Update the Emulab software.

3b. Turn off cvsup
	sudo rm -rf /root/.cvsup
	sudo cp /dev/null /etc/emulab/nosup
	sudo rm /etc/emulab/supfile

3c. Change the root password.
   Set it to something generic like the newnode MFS password via
	sudo passwd root
   Once you set it in /etc/shadow, you will have to hand copy
   the password hash to /etc/emulab/shadow.  Make sure you change
   both the root and toor password hashes (in the /etc/emulab file).

3d. Remove root's known_hosts file and authorized_keys.
	sudo sh -c 'rm -f /root/.ssh/*'
    Note that we used to leave our boss' authorized_keys file in the image,
    but now that file is automatically overwritten as part of node setup
    so there is no point.

3e. Install a generic kernel.
   We do not yet have such a thing for Linux.  So we hope the
   current kernel is "generic enough".

3f. Shutdown to single user and run the prepare script.
   I always first umount NFS directories:
	umount -at nfs
   Then I remove /users and /proj mount points:
	rmdir /users/* /proj/*
   (Note that this looks really dangerous, in the case where something is
    still NFS mounted, but it isn't since I use "rmdir" which will not
    remove a directory that isn't empty or a mount point.)
   Then run prepare:
	cd /usr/local/etc/emulab
	./prepare

3g. Remove the Utah SSL certs and SSH host keys
	rm /etc/ssh/ssh_host*
	rm /etc/emulab/*.pem

3h. Reboot into the admin MFS

4. Minor admin stuff.
   Once in the admin MFS, I run fsck on the filesystems just to be safe:

	fsck /dev/ad0s1[aef]
	e2fsck -f -y /dev/ad0s2

   The latter in particular ensures that the last-fsck timestamp is updated
   so the filesystem won't be forced into an fsck for another 180 days or so.

5. Create the image.

	cd /proj/<pid>/images
	imagezip -o /dev/ad0 <somename>-GENERIC.ndz