Skip to content

User supplied images

Along with the centrally supported images, there are many sources of images around the Internet.

Procedure for uploading images

Along with the standard images, it is possible to create your own images. In many cases, it is better to use a standard image and a configuration management system such as Puppet to make the customisations through contextualisation.

However, in some cases, a custom image may be more efficient although regular maintenance to ensure patches are kept up to date is required.

Image sizes are limited to 25GB.

Note:

  • The Cloud Infrastructure service does not support any images other than those listed previously. If there are issues using other images, support should be requested from the image provider rather than from the cloud infrastructure support team. This may also apply to higher level services such as configuration management and monitoring thus contextualisation should be considered if the operating system is one of the standard configurations listed above.
  • Users with private images should keep a copy of the image they have uploaded in their private archives. If an image is accidentally deleted or corrupted, the user should upload a new copy as no archive is maintained within the cloud.
  • Data inside images can be accessed by members of the project. Thus, passwords should not be stored in the images and security information should be passed as part of contextualisation.
  • If you are uploading a Windows based image, please make sure that you have the VirtIO drivers installed. You can get them from here

Project members can upload their own images to their projects. These images are private, meaning that they are only available to the users of the projects they are uploaded for.

Many open source projects such as Ubuntu and Fedora now produce pre-build images which can be used for certain clouds.

Building your own images is also possible but support for these images and the virtual machines created from them should be via the image provider, such as the community mailing lists on the Internet rather than the formal CERN IT support lines.

As for all resources in the cloud, the owner of the instance is responsible that

  • There is automatic software updating enabled on a regular basis
  • Access to and usage of the instance is limited according to the CERN Computing Rules

If you create your own images, please ensure that

  • There is automatic software updating on a regular basis to ensure security updates
  • A time synchronisation process such as NTP is enabled

As an example of how images can be uploaded, the following steps are provided.

Taking an example of the Ubuntu image, the steps to upload such an image (using the command line tools available on lxplus) are as follows

$ wget https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img

Having retrieved the image, it can be uploaded as a private image (i.e. only available in the project you are authenticated for)

If not otherwise specified, it will default to LINUX image.

$ openstack image create "Ubuntu Noble" \
      --disk-format=qcow2 --container-format=bare \
      --file noble-server-cloudimg-amd64.img 

This can then be checked using openstack image list.

Once loaded, the image can then be used to create a virtual machine. The my-key key-name should be replaced by the appropriate one for the project concerned.

$ openstack server create --key-name my-key --flavor m2.small --image "Ubuntu Noble" my-vm-name
+------------------------+--------------------------------------+
| Property               | Value                                |
+------------------------+--------------------------------------+
| OS-DCF:diskConfig      | MANUAL                               |
| OS-EXT-STS:power_state | 0                                    |
| OS-EXT-STS:task_state  | scheduling                           |
| OS-EXT-STS:vm_state    | building                             |
| accessIPv4             |                                      |
| accessIPv6             |                                      |
| config_drive           |                                      |
| created                | 2021-12-15T10:12:11Z                 |
| flavor                 | m2.small                             |
| hostId                 |                                      |
| id                     | 00135d38-b646-465c-9fc9-a0ab541d11fd |
| image                  | Ubuntu Noble                         |
| key_name               | my-key                               |
| metadata               | {}                                   |
| name                   | my-vm-name                           |
| progress               | 0                                    |
| security_groups        | [{u'name': u'default'}]              |
| status                 | BUILD                                |
| project_id             | c7f08856cf7640a7a79fee4a8ef4f686     |
| updated                | 2021-12-15T10:12:11Z                 |
| user_id                | my-user-name                         |
+------------------------+--------------------------------------+

The machine can then be accessed using ssh as root. If you used a key other than your lxplus ssh key, you should add -i

$ ssh root@my-vm-name.cern.ch

Many of these images include the cloud-init package for contextualisation. This allows easy customisation of the image after installation. See the contextualisation chapter for more details on how to use this feature.

Similar techniques can be applied to the other images in the list.

The image can be tagged with a number of different properties. The properties used at CERN are covered in Image Properties. Full details are available in the OpenStack documentation. It is recommended that the following properties be set

  • os
  • release_date

In addition, the following options can have a performance impact

  • hw_rng_model

Error Messages

Error Description
Denying attempt to upload image larger than 2147483648 bytes.(HTTP 400) The maximum image size for users to upload has been exceeded. Re-build the image to be a smaller size with techniques such as ephemeral disks or external volumes
403 Forbidden.Access was denied to this resource. (HTTP 403) Only administrators can set images to be public. The --public option should not be used by non-administrators. To share images between projects, use the image sharing functions

Image Deletion

Images should only be deleted if no VM is running which was booted from that image.

Images can be deleted using the openstack image delete command.

$ openstack image delete BOSH-b1d714e1-2b02-4ab4-ad5e-a9a4a253484e

Sources of images

Support for images other than the standard ones should be obtained from the provider of the image rather than the CERN cloud support.

Only use images from a reputable source as they could contain security issues.

Operating System Link and descriptions
CernVM 3 The CernVM team provide images that can be shared with user projects. Please see Running CernVM on CERN OpenStack for details.
Fedora Image repository
Ubuntu Image repository

Boot from ISO

If you have an ISO image with the operating system installation media you can follow the OpenStack documentation link

Note: the CERN Cloud team have tested this procedure, but please take into account that this procedure comes directly from the OpenStack community. This is provided "as is" and may not work in certain situations.

Additional Information

The OpenStack documentation contains more details of how to work with images. Some features may not be configured on the CERN cloud.