Chapter 1. Deploying and Installing

Chapter 1. Deploying and Installing¶

Contents

1.1. System Requirements
1.2. Deploying SUSE Studio Onsite
1.3. Deploying SUSE Studio Onsite on IBM System z
1.4. Installing IBM System z Runner for SUSE Studio
1.5. Supporting Special Hardware
1.6. Configuring SUSE Studio Onsite
1.7. Customizing SUSE Studio Onsite
1.8. Keeping SUSE Studio Onsite Up-to-Date
1.9. Upgrading from SUSE Studio 1.0 to Version 1.1
1.10. Upgrading from SUSE Studio 1.1 to Version 1.2

Abstract

To deploy SUSE Studio Onsite, install it on your server and proceed with the installation in a Web browser. This chapter provides a step-by-step instruction to successfully complete deployment and installation of SUSE Studio Onsite on your designated server.

SUSE Studio Onsite is delivered in two variants, a compressed raw image and a CD. The raw image is a bitwise copy of a complete hard disk and contains a full Linux operating system including a boot sector and partition information. The CD is bootable and deploys the SUSE Studio Onsite image.

	Erasing Your Disk
Installing SUSE Studio Onsite will erase your disk completely. If you have any important data on this disk, make a backup before you proceed.

1.1. System Requirements¶

Before you install SUSE Studio Onsite on your server, boot a Live CD and check if your machine fulfills the following system requirements:

CPU: 64-Bit and Virtualization Support

The CPU must support 64-bit and full virtualization. Check if your CPU supports 64-bit by executing the following command:

grep lm /proc/cpuinfo

The grep command will only provide output if the processor supports long mode, indicated by the lm flag. If the grep command returns no output, your selected system only supports 32-bit addressing and does not meet the SUSE Studio Onsite requirements.

Virtualization support is needed for building appliances and using the test drive. Test the capabilities of your CPU by executing the following command in the text console or shell (the vmx flag is used by Intel, svm by AMD):

egrep '(vmx|svm)' /proc/cpuinfo

If there is no output from the egrep command, your processor does not support full virtualization or the feature has been disabled in the BIOS. Enable the setting in your BIOS and try again. Depending on your BIOS the entry can be named differently: Virtualization Technology, VT or something similar. Consult your mainboard manual.

RAM

A minimum of 8 GB of RAM should be installed on the server machine. RAM in addition to the 8 GB minimum is recommended. SUSE Studio Onsite requires 2 GB of RAM for the user interface, 4 GB of RAM for each logged in appliance creator and KIWI slot, and 2 GB of RAM for the test drive slot.

Free Disk Space

The available disk space on the server should at least be 100 GB. Additional disk space is recommended. The following table provides an overview of the size requirements for ISO based repositories for the various distributions (only binary, no source or updates):

Table 1.1. Minimal Amount of Disk Space for Different Products (Approximate Values)¶

Product	Size
SLES 10	~6 GB
SLED 10	~11 GB
SDK 10	~8 GB
SLES 11	~7 GB
SLED 11	~10 GB
SDK 11	~8 GB
openSUSE 11.1 DVD	~4.3 GB
openSUSE 11.2 DVD	~4.4 GB

1.2. Deploying SUSE Studio Onsite¶

The following sections describe two methods for the installation of SUSE Studio Onsite: using the installation from the installation CD and the raw disk image. Using the raw image requires network access and a second machine on your network to store the raw image.

	Additional Information
Additional information for the administration are contained in the file `/srv/studio/README.onsite_user` after the installation is completed. The Release Notes contain important information regarding SUSE Studio Onsite as well as updates not reflected in this manual.

1.2.1. Installing from CD¶

To start the installation process, proceed as follows:

Procedure 1.1. Deploying a Raw Image from CD¶

Boot your future SUSE Studio Onsite server with the installation CD. Select Install/Restore SUSE Studio Onsite.
Answer the question This will destroy ALL data on /dev/sda, continue? with Yes to proceed. The deployment process is taking over.
Remove the CD and reboot your server. The boot loader GRUB is started and the firstboot system takes over.

This completes the installation of SUSE Studio Onsite using the install CD. Proceed with Section 1.6, “Configuring SUSE Studio Onsite”.

1.2.2. Installing Over a Network¶

This method is useful if your server does not have a CD/DVD drive or you prefer installation over a network. You need two machines which are connected to your network: the first machine contains the raw image, the second machine is your future SUSE Studio Onsite server. Installing over a network usually takes these steps:

Procedure 1.2. Preparing Your Future SUSE Studio Onsite Server¶

Boot your future SUSE Studio Onsite server with a rescue system. Such systems are available on all SUSE installation CDs or DVDs. Alternatively boot from a Live CD.
Log in as root. A password is not needed.
If the network in the rescue image has not been configured automatically via DHCP, it must be configured. Check for an IP address with the following command:
```
ifconfig
```
If you only get one item with an 127.0.0.1 address, you must configure your network. To configure a DHCP-based network setup use:
```
ifup-dhcp eth0
```
Remember the IP address of your system, it is needed later.
Set up a listener on an unused port (in our example, 1234) and dump the incoming data to the system disk. Generally, this is the first hard drive, in our example /dev/sda. This will destroy any data on this disk! To use the example parameters enter the following command:
```
netcat -l -v -p1234 | dd of=/dev/sda
```
Make sure you do not clean the screen as you need the output of the last step to compare it with the output of another command later.

Procedure 1.3. Decompressing the Image on the Client¶

Check the file type of your image with file IMAGENAME:

If you get the following output (as one line), skip this procedure and proceed with Procedure 1.4, “Deploying the Raw Image”:

...raw: x86 boot sector; GRand Unified Bootloader, 
stage1 version 0x3, stage2 address 0x2000, stage2 segment 0x200, 
GRUB version 0.97; partition 1: ID=0x83, active, starthead 1, 
startsector 63, 4192902 sectors

If you get one of the following outputs, your raw image is compressed:

gzip compressed data, extra field, from Unix, last modified: ...

bzip2 compressed data, block size = 900k

Decompress the raw image with one of the following commands, depending on the file extension of the image:
- For an image compressed with gzip (file extension .gz), use:
```
gunzip IMAGENAME
```
- For an image compressed with bzip2 (file extension .bz2), use:
```
bunzip2 IMAGENAME
```
- For an image compressed with tar and gzip (file extension .tar.gz), use:
```
tar xzvf IMAGENAME
```
At the end of decompression you will have a raw image with the .raw extension.

Procedure 1.4. Deploying the Raw Image¶

Send the raw image to the machine designated as the SUSE Studio Onsite server using the following command. Replace the RAW_IMAGE with the path to your image and IP_of_Client with the IP address from Step 3 of Procedure 1.2:
```
dd if=RAW_IMAGE | netcat IP_of_Client 1234
```
Compare the output from the last step with the output from Step 5 of Procedure 1.2. The following shows an example of the output:
```
2625536+0 records in
2625536+0 records out
1344274432 bytes (1.3 GB) copied, 113.989 s, 11.8 MB/s
```
The time (113.989 s), the throughput (11.8 MB/s), the number of records (2625536+0), and the total size (1.3 GB) may be different in your case. However, the records in and records out as well as the size must match between the two machines. If you see any discrepancies, repeat the previous steps.
Reboot the server and remove the rescue medium from your CD or DVD drive. The boot loader GRUB is started and the firstboot system takes over.

This completes the deployment of SUSE Studio Onsite using the raw disk image. Proceed with Section 1.6, “Configuring SUSE Studio Onsite”.

1.3. Deploying SUSE Studio Onsite on IBM System z¶

From version 1.2, SUSE Studio supports building appliances for IBM System z. For this reason, you need a runner who is able to build IBM System z appliances. Make sure you fullfill all of the following prerequisites:

SUSE Linux Enterprise Server11 SP1 for System z with all service packs installed
Minimum of 3 GB RAM
Minimum of 6 GB disk space
The downloaded runner add-on for System z on a System z instance

To install the SUSE Studio add-on product on IBM System z, proceed as follows:

Prepare your IBM System z machine:
1. Add the following parameter line in /etc/zipl.conf:
```
switch_amode
```
2. Run zipl
3. Reboot the runner
4. After the reboot, run yast2 add-on
5. Select Add and go to Local ISO image....
6. Select the add-on image for System z and accept the End User License Agreement (EULA). The software selection dialog appears.
Select the filter SUSE Studio Upgrade for System z for add-on repository.
Select all packages in that repository.
Choose Install and accept the suggestion.
Finish with Ok to close the YaST module.

Your System z runner is successfully installed.

1.4. Installing IBM System z Runner for SUSE Studio¶

This section describe how to install a runner dedicated for building appliances for IBMs System z. It is assumed you have sucessfully setup your system as described in Section 1.3, “Deploying SUSE Studio Onsite on IBM System z”.

To create an IBM System z runner, proceed as follows:

Log in to your SUSE Studio Onsite server.
Click the Admin User and Advanced links.
Click the Manage extension for System z link.
Enter the hostname or IP address of your previously configured System z runner. SUSE Studio requests all relevant information from the System z runner and creates a /studio/filestore directory. This directory will be made available to the System z runner host.
Wait until all the System z repositories and templates are added. This step is run automatically after the runner setup and takes some time.
Use a NFS share from SUSE Studio server on your IBM System z runner:
1. Log in as root on your IBM System z runner.
2. Open the file /etc/fstab and add the following line:
```
UI_SERVER:/studio:filestore /studio/filestore nfs rw,nolock,auto 0 0
```
  Replace UI_SERVER with the name or IP address of your SUSE Studio Onsite server.
3. Mount the share:
```
mount /studio/filestore
```
4. Open the file /srv/studio/runner/config/options.yml and locate the section production:. Change it to the following line (observe the two spaces before scheduler):
```
production:
  scheduler: UI_SERVER:80
```
  Replace UI_SERVER with the name or IP address of your SUSE Studio Onsite server.
5. Restart the Apache Web server:
```
rcapache2 restart
```
6. Enable and start Samba:
```
insserv smb
rcsmb start
```

Your IBM System z is now correctly configured.

If you want to disable the System z template, proceed as follows:

Log in to your SUSE Studio Onsite server.
Click the Admin User and Advanced links.
Choose Repositories+Software.
Click the Hide button on the SLES11_SP1 System z template.

If a users want to create a new appliance, it will not be shown in the list of available templates. To enable the template again, click the Show button.

1.5. Supporting Special Hardware¶

In almost all cases, the installation as described in Section 1.2, “Deploying SUSE Studio Onsite” is sufficient and you can skip this section. However, special hardware may not be supported directly by SUSE Studio, for example, the driver cannot be included for legal reasons. In such case you need to integrate a third-party driver into your appliance using KIWI.

In order to repair the faulty driver you need to understand KIWI's build process. More details of KIWI's build process can be found in the PDF file under /usr/share/doc/packages/kiwi/kiwi.pdf, package kiwi-doc. The following procedure gives you a general overview of how to do this:

Install the image description for KIWI where you locate the faulty driver. For example, kiwi-desc-oemboot if you want to build an OEM images with a special driver.
Get to know the path of the image description, the product name and locate the config file. In our example, KIWI's OEM image description is installed under /usr/share/kiwi/image/oemboot/. If you want to change that for SUSE Linux Enterprise Server 11, add suse-SLES11 to the previous path. The full path yields /usr/share/kiwi/image/oemboot/suse-SLES11.
Insert the missing driver in the configuration file. Depending on the driver, you have several options:
- If your driver is part of the standard Kernel, extend the drivers section as described in Step 4.
- If your driver is not part of the standard Kernel, build a KMP package of your driver as described in http://developer.novell.com/wiki/index.php/Creating_a_Kernel_Module_Package_%28KMP%29. Insert the following highlighted line in the packages section:
```
<packages type="image">
  <package name="..."/>
  <package name="YOUR_KMP_PACKAGE"/>
</packages>
```
  Additionally create a repository for your driver RPM. Usually this is an ordinary directory for KIWI. Edit the file /usr/share/kiwi/image/oemboot/suse-SLE11/config.xml and insert:
```
<repository type="rpm-dir">
  <source path="/path/to/your/repo"/>/>
</repository>
```
- If your driver is not part of the standard Kernel and you do not want to create a KMP package, the only option is to copy your binary driver into the overlay tree of the boot image description. The overlay tree is the directory in the image description, in our case /usr/share/kiwi/image/oemboot/suse-SLES11/root/. The overlay tree contains all the overlay files which you have changed or added. Note that binary drivers in the overlay tree are hard to maintain as the module has to match with the Kernel version. Use this method only as your last option.
Extend the drivers section as indicated with the highlighted line. Replace the dots with the corresponding driver name (extension .ko):
```
<drivers type="drivers">
  <file name="..."/>
  <file name="drivers/..."/>
</drivers>
```
One additional note for KIWI users: KIWI tries to make the initrd as small as possible. As such, it removes everything which is not specified in the drivers section.

Create a new boot image with the following commands and replace URL with the repository URL:

kiwi -p /usr/share/kiwi/image/oemboot/suse-SLES11 \
    --root /tmp/fixed-oemboot --set-repo URL

kiwi --create /tmp/fixed-oemboot -d /tmp/myfixed-oemboot

Copy the initrd and the Kernel file on a USB stick (usually mounted as /media/disk). Name them initrd.kexec and linux.kexec:
```
cp /tmp/myfixed-oemboot/kernel /media/disk/linux.kexec
cp /tmp/myfixed-oemboot/initrd /media/disk/initrd.kexec
```
The stick can only contain these two files.
Boot the media with the Kernel option hotfix=1.

If there is a reboot during deployment, pass hotfix=1 again. Usually this is not necessary for normal installation.

1.6. Configuring SUSE Studio Onsite¶

	Avoid Changing `root` Password
Do not change the `root` in a shell by yourself. The `root` password will be changed and synced during the configuration of SUSE Studio. If you have already changed the password, change it back to `linux`.

It is assumed you successfully completed one of the two installation methods in Section 1.2, “Deploying SUSE Studio Onsite”. Before you continue, get the IP address of your server and proceed as follows:

Procedure 1.5. Obtaining IP Address of your SUSE Studio Server¶

During the boot process, press the Esc key to enter verbose boot mode.
Follow the boot messages and assure that one of the following messages is displayed:
```
Loading KVM for intel
```
or:
```
Loading KVM for amd
```
If you receive an error message check Section 1.1, “System Requirements”.
If you need to change your network parameters, log in as root (with password linux). The password is changed later in Step 5 of Procedure 1.6. Run yast network and select Network Card. There configure your network according to your needs. Find more information in the section Configuring a Network Connection with YaST under http://www.novell.com/documentation/sles11/book_sle_admin/data/sec_basicnet_yast.html.
If you want to customize more than the network, use YaST to configure additional settings of your SUSE Studio Onsite server.

Proceed with the configuration of SUSE Studio Onsite using a Web browser as described in Procedure 1.6.

Procedure 1.6. Configuring Your SUSE Studio Onsite Server¶

Start a browser on a different machine and point the browser to your SUSE Studio Onsite instance. In our example it is https://192.168.1.1.
Accept the license agreement.

Register your SUSE Studio server with SMT or with the Novell Customer Center. The registration process is needed to get the necessary repositories in order to update SUSE Studio Onsite and to provide packages for all the images in the build step. Either way, without a successful registration you cannot proceed and SUSE Studio Onsite will not work. Choose the registration with SMT or Novell Customer Center:

	Licenses and Expiring
If an evaluation license expires, SUSE Studio will no longer work. If a full license expires, each user will see a red message on every page telling that the license has expired. In such case, SUSE Studio will still be functional. The administrator will see a message on his home screen two months before the license eventually expires.

If you have an SMT server (Subscription Management Tool), click Use SMT and enter the server hostname (without the protocol) to continue. Find detailed information in the section How to Get Mirroring Credentials of the SUSE Lifecycle Management Server Manual.
If you do not have an SMT server, register your product in the Novell Customer Center. Enter the following data to complete the registration procedure:
- your e-mail address that you have used for registration in the Novell Customer Center,
- your SUSE Linux Enterprise Server registration code,
- your SUSE Studio registration code.

If you have used the Novell Customer Center for registration, enter username and password for your mirror credentials from the Novell Customer Center. Get your credentials from the link aside. In case you used SMT, skip this step.
Create the administrator account and enter the login name, password and e-mail address. Finish with Continue.
Changed Password for root
Your administrator password for your SUSE Studio server is also synced with the system's root account. Use a safe and secure password.

	Changed Password for `root`
Your administrator password for your SUSE Studio server is also synced with the system's `root` account. Use a safe and secure password.

The previous procedure completes the setup of SUSE Studio Onsite. Prior to building your first appliance you will need to wait a few minutes to let the server initialize all the repositories and complete automated setup tasks.

1.7. Customizing SUSE Studio Onsite¶

This section introduces the SUSE Studio Onsite configuration file and two system and network monitoring tools that are part of the standard installation.

1.7.1. The SUSE Studio Onsite Configuration File¶

The file /srv/studio/options.yml serves as the SUSE Studio Onsite configuration file. Certain aspects of the SUSE Studio Onsite application behavior can be controlled with the settings in this file, for example, restricting access to users or setting feedback options, repository notifications, or announcements. When modifying this configuration file, you need to restart the Apache Web server to apply your changes. Restart Apache as user root with the rcapache2 restart command.

	Avoiding Syntax Errors
When modifying the configuration file, do not change the indentation and leave one or more spaces after the colon contained in each option. Find more information about the syntax at http://www.yaml.org.

Example 1.1. Central Configuration File /srv/studio/options.yml¶

default: 
  ### Invitation mode settings
  #invitation_required: true    # default: true 
  #invitation_expires: false    # default: false 
  #invitation_from: "studio@example.com" 


  ### Email Settings 
  #feedback_to: 
  #feedback_to_name: 'The SUSE Studio Team' 
  #feedback_from: '"SUSE Studio Feedback" <feedback@example.com>'
  
  
  ### Notification Settings 
  #repo_added_default_and_fallback_from: 'studio-status@example.com' 
  #repo_added_to: 
  #repo_added_host: 'studio.example.com' 


  ### Announcement Settings 
  #announcement_enabled: false 
  #announcement_message:

  ### Authentication method
  #ldap_authentication: false

	As SUSE Studio Onsite administrator you can either choose to let users apply for accounts on the SUSE Studio Onsite login screen or you can restrict the access to SUSE Studio Onsite to certain users. For more information, refer to Section 3.2, “Inviting New Users”. If this option is set to `true`, users can request an account by entering their e-mail address on the SUSE Studio Onsite login screen. After the administrator has approved the request, users will receive an e-mail invitation to activate the requested account. Setting this option to `false` prevents users from requesting request access to the system. Users can only be added via invitation from SUSE Studio Onsite administrator.
	Setting this option to `true` causes invitations to expire one week after the invitation has been mailed to the user. If the user does not accept the invitation within one week, a new invitation must be issued.
	Specifies the e-mail address that is used as return address for invitation e-mails.
	Configure the feedback feature of SUSE Studio Onsite with `feedback_to`, `feedback_to_name`, and `feedback_from`. If all keywords are enabled, users will see a Send Feedback link on the left pane when creating appliances. Clicking the link will display a text field in the interface, allowing the user to enter feedback comments. Once a user clicks Send feedback, an e-mail will be sent to the address specified in the `feedback_to` option. As the return address of the e-mail the value of the `feedback_from` option will be used.
	Use the `Notification Settings` to enable a notification e-mail when a user adds one or more additional repositories to a given appliance configuration. This generally indicates that the user is using a package not available in the preconfigured repositories. Set `repo_added_host` to the hostname of your SUSE Studio Onsite server. This will ensure that all generated URLs in the notification e-mails are correct. Set the recipient of the notification e-mail with the `repos_added_to` option.
	Setting these options allows you to display messages on the SUSE Studio Onsite login screen.
	Enables or disables the LDAP authentication method for SUSE Studio Onsite. For more information, see Section 1.7.2, “Enabling LDAP Authentication”.

1.7.2. Enabling LDAP Authentication¶

The Lightweight Directory Access Protocol (LDAP) is a set of protocols designed to access and maintain information directories. LDAP can be used for user and group management, system configuration management, address management, and more.

To enable LDAP for SUSE Studio Onsite, proceed as follows:

Log in as root in your SUSE Studio Onsite server.
Edit the file /srv/studio/ui-server/config/initializers/omniauth.rb and set the variables to your LDAP server settings.
Set ldap_authentication to true in /srv/studio/options.yml (see Section 1.7.1, “The SUSE Studio Onsite Configuration File”.)
Set invitation_required to true in /srv/studio/options.yml.
Restart the Apache Web server:
```
rcapache2 restart
```
Set a new root password

1.7.3. Setting Administrator Passwords for Nagios and Munin¶

Nagios and Munin are network monitoring tools (see Section 2.3, “Monitor with Nagios and Munin” for more details). It is recommended to set administrator passwords for both Nagios and Munin in case you need to configure these tools later. Both services can be accessed through a Web interface with the passwords set in the following procedure:

Procedure 1.7. Setting Login Name and Passwords for Nagios and Munin

Set the Nagios password with:

htpasswd2 -c /etc/nagios/htpasswd.users nagiosadmin

Set the Munin password with:

htpasswd2 -c /etc/munin/htpasswd.users admin

Authenticate with the above usernames and passwords as follows (replace 192.168.1.1 with the IP address of your server):
1. Start a Web browser and login into Nagios with the URL http://192.168.1.1/nagios/index.html.
  By default, Nagios starts and monitors some services automatically. Refer to Appendix A, Services to get an overview of these services.
2. Open another window in your Web browser and log in to Munin here http://192.168.1.1/munin/index.html.

In general it is sufficient to use the default configuration of Nagios and Munin to monitor the SUSE Studio Onsite server. For custom configuration of the services refer to the Nagios and Munin documentation.

1.8. Keeping SUSE Studio Onsite Up-to-Date¶

If you previously registered SUSE Studio Onsite with the Novell Customer Center as described in Section 1.6, “Configuring SUSE Studio Onsite”, this registration enables the system to check for updates relating to bug fixes, improvements, and security fixes. Apply available updates with zypper by executing:

zypper patch

Find more information about zypper at http://www.novell.com/documentation/sles11/book_sle_admin/?page=/documentation/sles11/book_sle_admin/data/sec_zypper.html.

1.9. Upgrading from SUSE Studio 1.0 to Version 1.1¶

To upgrade your SUSE Studio Onsite server from version 1.0 to version 1.1, the upgrade process has to be done in the following order:

Log in as root into your SUSE Studio Onsite server 1.0.
Do a maintenance update.
Run the export_from_onsite10.sh script. This script is part of the maintenance update. Replace the PATH placeholder where you want to store the resulting tar archives:
```
/srv/studio/scripts/export_from_onsite10.sh PATH
```
The script stops the services (RMDS, Thoth, Apache), packs the /studio directory, and creates a database dump. After running this script, you will get the files studio.tar.gz and studio_db.tar.gz.
Save the archives from Step 3 on a external storage device.
Shut down your SUSE Studio Onsite server 1.0 and deploy version 1.1 as described in Section 1.2, “Deploying SUSE Studio Onsite”. Do NOT run the setup wizard yet!
Log in as root into your SUSE Studio Onsite server 1.1.
Run the import_to_onsite11.sh script and insert the directory where the tar archives from Step 4 are stored, for example:
```
/srv/studio/scripts/import_to_onsite11.sh /media/studio-backup
```
The script migrates database dumps and populates the database with the old values.
Run the setup wizard manually by entering the domain of your SUSE Studio server and the path /admin/onsite/license. For example http://YOUR-STUDIO-SERVER/admin/onsite/license.

1.10. Upgrading from SUSE Studio 1.1 to Version 1.2¶

To upgrade your SUSE Studio Onsite server from version 1.1 to version 1.2, the upgrade process has to be done in the following order::

Log in as root into your SUSE Studio Onsite server 1.1.
Do a maintenance update.
Run the export_from_onsite11.sh script. This script is part of the maintenance update. Replace the PATH placeholder where you want to store the resulting tar archives:
```
/srv/studio/scripts/export_from_onsite11.sh PATH
```
The script stops the services (RMDS, Thoth, Apache), packs the /studio directory, and creates a database dump. After running this script, you will get the file studio_export-1.1.tar.gz.
Save the archive from Step 3 on a external storage device.
Deploy version 1.2 on a different server as described in Section 1.2, “Deploying SUSE Studio Onsite”. Do NOT run the setup wizard yet!
Log in as root into your SUSE Studio Onsite server 1.2.
Run the import_to_onsite12.sh script and insert the directory where the tar archive from Step 4 are stored, for example:
```
/srv/studio/scripts/import_to_onsite12.sh /media/studio-backup
```
The script migrates database dumps and populates the database with the old values.