[Openstack-operators] Windows images

Luis Fernandez Alvarez luis.fernandez.alvarez at cern.ch
Tue Nov 18 14:47:13 UTC 2014

Hi Abel,

At CERN, we're also working hard on how to address the problem of 
managing the image life-cycle sustainably. We've found your talk really 
interesting as it hits some of the issues we've dealing with since we 
went to production with our service.

In case you (or anyone else) find it useful, I'll give you some input 
about how we're working...

We offer our users both Windows and Linux (SLC, our RedHat clone) 
images, updated every 3 months. For each of these OS, we provide 
different 'flavors' (architectures, server or desktop oriented images, 
base installations or CERN-specific customizations).

During the first part of the process (image creation), we decided to go 
for a common tool for both operating systems. We've been happily using 
Oz since we started the service. It allows us to automate the 
installations and all the additional steps of customization that our 
images require.

In the case of Windows, we had to hack Oz in different ways, but the 
result is promising. All this code has been pushed upstream (Chris has 
been doing a great work with Oz) and we're trying to consolidate the 
final part of this work in the following pull request: 

After creation, the testing part is done using custom scripts. We didn't 
find yet the right tool to automate all the testing for the images 
(we're open to suggestions).

Once the image is tested, we upload it following a naming convention 
like: "SLC6 Server - x86_64 [2014-11-06]" or "Windows Server 2012 R2 - 
x64 [2014-04-17]". This part we don't like, and we're working now in 
adding new metadata. This metadata will be used by a new image panel in 
Horizon we're creating to offer a more concise output of our images to 
the users. This data can be also consumed easily by other tools, as it's 
easier than parsing a name. The end of life of the images is something 
that we've been also struggling with (now, they are public to ensure 
operations like resize work with existing old vms), we are considering 
going in the direction of "make private + shared with active users of 
the image".

The contextualization of the VMs is done using cloud-init on Linux and 
cloudbase-init on Windows (with some additional post-installation tasks 
not available yet in cloudbase-init and group policies), the activation 
is triggered to contact the KMS.

Other things we're currently taking a look to, apart from the work on 
the image list for Horizon, is the integration with Jenkins or Rundeck 
and testing ImageFactory.

Said that... this is the big picture of our life-cycle for images :-)


More information about the OpenStack-operators mailing list