[Openstack-operators] Windows images
Luis Fernandez Alvarez
luis.fernandez.alvarez at cern.ch
Tue Nov 18 14:47:13 UTC 2014
At CERN, we're also working hard on how to address the problem of
managing the image life-cycle sustainably. We've found your talk really
interesting as it hits some of the issues we've dealing with since we
went to production with our service.
In case you (or anyone else) find it useful, I'll give you some input
about how we're working...
We offer our users both Windows and Linux (SLC, our RedHat clone)
images, updated every 3 months. For each of these OS, we provide
different 'flavors' (architectures, server or desktop oriented images,
base installations or CERN-specific customizations).
During the first part of the process (image creation), we decided to go
for a common tool for both operating systems. We've been happily using
Oz since we started the service. It allows us to automate the
installations and all the additional steps of customization that our
In the case of Windows, we had to hack Oz in different ways, but the
result is promising. All this code has been pushed upstream (Chris has
been doing a great work with Oz) and we're trying to consolidate the
final part of this work in the following pull request:
After creation, the testing part is done using custom scripts. We didn't
find yet the right tool to automate all the testing for the images
(we're open to suggestions).
Once the image is tested, we upload it following a naming convention
like: "SLC6 Server - x86_64 [2014-11-06]" or "Windows Server 2012 R2 -
x64 [2014-04-17]". This part we don't like, and we're working now in
adding new metadata. This metadata will be used by a new image panel in
Horizon we're creating to offer a more concise output of our images to
the users. This data can be also consumed easily by other tools, as it's
easier than parsing a name. The end of life of the images is something
that we've been also struggling with (now, they are public to ensure
operations like resize work with existing old vms), we are considering
going in the direction of "make private + shared with active users of
The contextualization of the VMs is done using cloud-init on Linux and
cloudbase-init on Windows (with some additional post-installation tasks
not available yet in cloudbase-init and group policies), the activation
is triggered to contact the KMS.
Other things we're currently taking a look to, apart from the work on
the image list for Horizon, is the integration with Jenkins or Rundeck
and testing ImageFactory.
Said that... this is the big picture of our life-cycle for images :-)
More information about the OpenStack-operators