Cloud Service K5 Bare Metal Servers – Deploying Alternate Operating Systems

Overview of the Bare Metal

Fujitsu Cloud Service K5 enables their customers to deploy Bare Metal servers, there are four types of bare metal servers available today:

  • BS-256 – 36 cores and 256GB RAM
  • BS-512 – 36 cores and 512GB RAM
  • BM-1T – 72 cores and 1TB RAM
  • BM-2T – 72 cores and 2TB RAM

Bare Metal can be orchestrated and consumed only through the APIs, when deploying the Bare Metal Server you can only deploy RHEL for SAP 6.6 as an Image, it is not possible to directly install any other operating system.

This guide will walk you through the steps necessary to install KVM on top of the RHEL on the Bare Metal Servers and then deploy Windows Server 2012 Trial Edition in to a Virtual Machine running on KVM.

Preparing for Bare Metal

Before you can deploy a Bare Metal server the K5 Project that you are deploying to needs to be prepared first. The following steps will walk you through preparing a K5 Project for a Bare Metal Server.

Step 1: Prepare a Project

First we need to instruct K5 to prepare the Project for Bare Metal and pull in the correct images for deployment.

Make a POST request to https://compute-b.uk-1.cloud.global.fujitsu.com with the following in the body of the request:

INSERT_PROJECT_ID_HERE

The following is an example of a curl command that can be used to execute the request.

Curl –I –X “POST” –d “INSERT_PROJECT_ID_HERE” –H “X-Auth-Token: YOUR_TOKEN” –H “Accept:application/xml” –H “Content-Type:application/xml” https://compute-b.uk-1.cloud.global.fujitsu.com
Step 2: Create a K5 Network

Bare Metal servers cannot be connected directly to normal K5 networks, a special network configuration needs to be created. Firstly we need to create a network in K5 using the APIs:

Make a POST request to https://networking.uk-1.cloud.global.fujitsu.com/v2.0/networks with the following body:

{“network”: {“name”: “nw-fcx_subnet-b:”,”admin_state_up”: true,”availability_zone”:””}}

The following is an example of a curl command that can be used to execute the request.

Curl –I –X “POST” –d “{“network”:{“name”: “nw-fcx_subnet-b:”,”admin_state_up”: true,”availability_zone”:””}}” –H “X-Auth-Token: YOUR_TOKEN” –H “Accept:application/json” –H “Content-Type:application/json” https://networking.uk-1.cloud.global.fujitsu.com/v2.0/networks

NOTE: The network name must start with the prefix “nw-fcx_subnet-b:”

Step 3: Create a K5 Subnet

Next we need to create a K5 Subnet to attach to the Network we just created.

Make a POST request to https://networking.uk-1.cloud.global.fujitsu.com/v2.0/subnets  with the following body:

{“subnet”:{“network_id”: ” “,”name”:”fcx_subnet-b:”,”ip_version”: 4,”cidr”:””,”availability_zone”:””,”allocation_pools”:[{“start”: “”, “end”:””}]}}

NOTE: The field in the command needs to be replaced with the Network ID of the Network created in Step 2.

The following is an example of a curl command that can be used to execute the request.

Curl –I –X “POST” –d “{“subnet”: {“network_id”: ” “,”name”:”fcx_subnet-b:”,”ip_version”: 4,”cidr”:””,”availability_zone”:””, “allocation_pools”: [{“start”: “”, “end”:””}]}}” –H “X-Auth-Token: YOUR_TOKEN” –H “Accept:application/json” –H “Content-Type:application/json” https://networking.uk-1.cloud.global.fujitsu.com/v2.0/subnets

NOTE: The subnet name must start with the prefix “nw-fcx_subnet-b:”

Step 4: Creating a Bare Metal Network

Now that we have a K5 Network and Subnet created we can create a Bare Metal network and attach it to the Subnet we create in Step.

Make a POST request to https://compute-b.uk-1.cloud.global.fujitsu.com/networks with the following body:

Note: Replace with the subnet created in Step 3 and replace AZ with the Availability Zone the Subnet is in eg UK-1a.

The following is an example of a curl command that can be used to execute the request.

Curl –I –X “POST” –d ” –H “X-Auth-Token: YOUR_TOKEN” –H “Accept:application/xml” –H “Content-Type:application/xml” https://compute-b.uk-1.cloud.global.fujitsu.com/networks
Step 5: Creating a Bare Metal Server

We now have the perquisites in place to deploy a Bare Metal server.

Make a POST request to https://compute-b.uk-1.cloud.global.fujitsu.com/l_servers with the following body:

NOTE: Replace with either RHEL_6_6_SAP_HANA_en_for_BS (if the template is BS-256 or BS-512) or RHEL_6_6_SAP_HANA_en_for_BM (if the template is BM-1T or BM-2T)

NOTE: Replace with the name you want the Bare Metal Server to have

NOTE: Replace with either BS-256, BS-512, BM-1T or BM-2T

NOTE: Replace with the Bare Metal Network ID created in Step 4 (eg ror-svror1_17967)

NOTE: Replace with the Availability Zone you are deploying to.

The following is an example of a curl command that can be used to execute the request.

Curl –I –X “POST” –d “”/>” />” –H “X-Auth-Token: YOUR_TOKEN” –H “Accept:application/xml” –H “Content-Type:application/xml” https://compute-b.uk-1.cloud.global.fujitsu.com/l_servers

This will initiate the deployment of the Bare Metal server which can take up to an hour.

Step 6: Checking the progress of deployment

When you initiate the deployment of a Bare Metal server, a successful request will return a Task ID that you can use to track the deployment process.

Make a GET to https://compute-b.uk-1.cloud.global.fujitsu.com/tasks/

The response body will include details on the progress of the Task. The following is an example of a curl command that can be used to execute the request.

Curl –I –X “GET” –H “X-Auth-Token: YOUR_TOKEN” –H “Accept:application/xml” –H “Content-Type:application/xml” https://compute-b.uk-1.cloud.global.fujitsu.com/tasks/
Step 7: Accessing the Bare Metal Server

Once the Bare Metal Server has been created you will be able to SSH to it. However you cannot assign a Global IP to Bare Metal Servers so you will need to create a Jump box (Linux or Windows) running in K5 to SSH to first and then SSH to the Bare Metal Server.

Note: For the purpose of this guide you will need both a Linux (Ubuntu) and a Windows Jump Box.

If you do not already have a Jump Box in your project:

  1. Create a Virtual Network
  2. Create a Linux VM and attach it to that Network
  3. Create a Virtual Router
  4. Connect the Virtual Router to the Virtual Network you have just created and to the Virtual Network created in Step 2.
  5. Assign a Global IP to the new Linux Machine.
  6. Create a Security Group to all SSH traffic in from an External IP
Step 8: Deploying Squid3 to Ubuntu Jump Box

Squid3 is a proxy server that we will use to provide internet connectivity to the Bare Metal Server. This will need to be installed on an Ubuntu box that has a Global IP assigned and attached to the Network created previously.

To install Squid3, connected to the Ubuntu server via SSH and run the following command:

sudo apt-get install squid3

No changes are required from the default installation of squid.

Step 9: Deploying BIND9 to Ubuntu Jump Box

BIND9 is a DNS server that can be deployed to Ubuntu. We will need to deploy a DNS server to act in forwarding mode that the bare metal server will use to look up domain names for internet access.

To install BIND9, connect to the Ubuntu server via SSH and run the following command:

sudo apt-get install bind9
Step 10: Configuring BIND9

We will need to configure BIND9 to act as a DNS forwarder. To do this we need to edit the following file:

/etc/bind/named.conf.options

Replace the contents of this file with the following:

acl goodclients {

192.168.1.0/24;

localhost;

192.168.87.0/24;

};

options {

directory “/var/cache/bind”;

recursion yes;

allow-query { goodclients; };

forwarders {

8.8.8.8;

};

forward only;

dnssec-validation auto;

auth-nxdomain no;    # conform to RFC1035

listen-on-v6 { any; };

};

NOTE: This file create an Access Control List Group called “goodclients” and allows a range of IP address to use the DNS Server.

NOTE: This file assumes that the network the Ubuntu Server is connected to a Network with the CIDR of 192.168.1.0/24 – update this to reflect the actual Network CIDR.

NOTE: This file assumes that the network the Bare Metal Server is connected to a Network with the CIDR of 192.168.87.0/24 – update this to reflect the actual Network CIDR.

Once you update this file, save changes and restart the BIND9 service:

sudo service bind9 restart
Step 11: Updating Security Groups

Once we have installed SQUID3 and BIND9 we need to update the Security Group for the Ubuntu box to allow DNS traffic in and SQUID3 traffic in.

In the security group add the following rules:

  • Allow DNS in from 192.168.87.0/24 (Or the IP Range of the Bare Metal Network)
  • Allow TCP port 3128 traffic in from 192.168.87.0/24 (Or the IP Range of the Bare Metal Network)
Step 12: Installing the RHUI Entitlement

The first step we need to carry out is deploying the RHUI Entitlement package that will grant the Bare Metal Server access to the Red Hat repositories that Fujitsu host. Obtain the following file:

rhui-entitlement6-2.0-1.noarch.rpm

Execute the following command on the Bare Metal Server:

yum install rhui-entitlement6-2.0-1.noarch.rpm
Step 13: Installing KVM

On the Bare Metal Server run the following command:

yum install kvm

Once the installation has completed run the following command to install the supporting tools:

yum install virt-manager libvirt libvirt-python python-virtinst virt-viewer
Step 14: Downloading Windows Server 2012 ISO

This guide will walk you through preparing a Windows Server 2012 Trial ISO to use as the source to build a Virtual Machine in KVM. Navigate to the following folder on the Bare Metal Server:

/var/lib/libvirt/images

Execute the following command to download the Windows Server 2012 ISO:

wget http://care.dlservice.microsoft.com/dl/download/6/D/A/6DAB58BA-F939-451D-9101-7DE07DC09C03/9200.16384.WIN8_RTM.120725-1247_X64FRE_SERVER_EVAL_EN-US-HRM_SSS_X64FREE_EN-US_DV5.ISO
Step 15: Downloading VirtIO drivers

When deploying Windows Server 2012 from the ISO you will also need to get the VirtIO drivers for the installation process to be able to access the disks that will be attached to the virtual machine. Navigate to the following folder on the Bare Metal Server:

/var/lib/libvirt/images

Execute the following command to download the Windows Server 2012 ISO:

wget https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso
Step 16: Creating Disk for VM

We can now create a disk that we will later use to attach to the Virtual Machine. Navigate to the following folder on the Bare Metal Server:

/var/lib/libvirt/images

Execute the following command to create a disk:

qemu-img create –f qcow2 ws2012.qcow2 100GB

NOTE: This will create a 100GB disk.

Step 17: Create the Virtual Machine

We are now ready to create a Virtual Machine and power it on to deploy the Operating System from the ISO. Navigate to the following folder on the Bare Metal Server:

/var/lib/libvirt/images

Execute the following command to create a disk:

virt-install –connect qemu:///system –name ws2012 –ram 2048 –vcpus 2 –network network=default,model=virtio –disk path=ws2012.qcow2,format=qcow2,device=disk,bus=virtio –cdrom 9200.16384.WIN8_RTM.120725-1247_X64FRE_SERVER_EVAL_EN-US-HRM_SSS_X64FREE_EN-US_DV5.ISO –disk path=virtio-win.iso,device=cdrom –vnc –os-type windows –os-variant win2k8

NOTE: This will create a VM with 2 vCPUS and 2GB RAM.

You can check the virtual machine has been created and powered on by running the following command:

virsh list –all
Step 18: Connect to console on Virtual Machine

To connect to the console of the Virtual Machine we have just deployed we will need to use a Windows Jump Box Server. On this Windows Server the following applications are required to be installed:

You will need to configure Putty to enable X11 forwarding, this can be done by going to:

Connections -> SSH -> X11 -> Enable X11 forwarding:

Using Putty on the Windows Jump Box, connect directly to the Bare Metal Server and execute the following command:

Virt-viewer –c qemu+ssh:///system ws2012

This will use XMing to display the console of the Virtual Machine.

NOTE: ws2012 is the name of the server we are connecting to

You can now configure the installation of Windows Server 2012 Trial edition.

Step 19: Post Installation Steps

Once Windows Server 2012 has been installed you will need to install the VirtIO network drivers to enable network communication from the Virtual Machine. You can find the drivers for this on the ISO Image Mounted inside the guest operating system.

Navigate to Device Manager and install the drivers.

Creating a Virtual Machine on a Dedicated Host in K5

Fujitsu’s Cloud Service K5 provides customers with the ability to deploy Virtual Machines that run on dedicated hosts assigned to a customers environment, Fujitsu call this Virtual Private Cloud.

In order to create Virtual Machines you will first need to ensure that you have asked Fujitsu to provide some dedicated hosts to your environment.

NOTE: You can mix a K5 Public Cloud and K5 Virtual Private Cloud environment within a single account.

Virtual Machines running on dedicated hosts can only be configured through the K5 APIs, the following details out how to create a KVM based Virtual Machine on a dedicated host on K5:

Step 1: Authenticate

Authenticate and scope to the project in K5 where your dedicated hosts have been assigned. See theFujitsu K5 GitHub repository for an example of how to do this:

https://github.com/fujitsuk5/K5-Auth-API

Step 2: Retrieve a List of Virtual Machine Flavors

Once you have authenticated and obtained a Token you can then go on and retrieve a list of Virtual Machine Flavors that K5 provides.

You will need to issue a GET request to the Compute API endpoint in the region you want to query, for example to query the UK region of K5 for a list of Flavors:

GET https://compute.uk-1.cloud.global.fujitsu.com/v2/flavors

An example of this request using curl:

curl -i -H "X-Auth-Token: TOKEN_ID" -H "accepts:application/json" https://compute.uk-1.cloud.global.fujitsu.com/v2/flavors

At the time of writing this blog the following Flavors are available:

ID Name CPU RAM
1101 S-1 1 vCPU 4GB
1102 S-2 2 vCPU 8GB
1103 S-4 4 vCPU 16GB
1104 S-8 8 vCPU 32GB
1105 S-16 16 vCPU 64GB
1201 M-1 1 vCPU 8GB
1202 M-2 2 vCPU 16GB
1203 M-4 4 vCPU 32GB
1204 M-8 8 vCPU 64GB
1205 M-16 16 vCPU 128GB
1503 XM-4 4 vCPU 128GB

Step 3: Retrieve a List of Images

Now that we have the list of available images to choose for deployment we need to obtain a list of Images that we can deploy.

You will need execute the following to obtain a list of Images.

GET https://image.uk-1.cloud.global.fujitsu.com/v2/images

An example of the request using curl:

curl -i -H "X-Auth-Token: TOKEN_ID" -H "accepts:application/json" https://image.uk-1.cloud.global.fujitsu.com/v2/images

At the time of writing this blog the following Images are available in the UK deployment of K5:

ID Name
37a9d80a-f014-4424-826e-a6e5ae397a3d Windows Server 2012 R2 SE 64bit + SQL Server 2014 SE SP2 (English) 01
41857965-6ee8-4393-94b3-299a0c6988cc Red Hat Enterprise Linux 7.2 64bit (English) 01
20403cb8-4ada-4c5a-b524-d1ff393f0bb7 Windows Server 2008 R2 SE SP1 64bit (English) 01
6e1610db-1115-4260-8dc2-bcdd526a54be Windows Server 2012 R2 SE 64bit (English) 01
58fd966f-b055-4cd0-9012-cf6af7a4c32b CentOS 7.2 64bit (English) 01
0e330855-aeff-423c-99b2-7ee16adb5f68 FJK5-NAS-V02
2d1b7b6b-93cf-4a9b-aacc-43ce61b8073c CentOS 6.5 64bit (English) 04
ffa17298-537d-40b2-a848-0a4d22b49df5 Ubuntu Server 14.04 LTS (English) 01
db9766f0-c95c-4f1c-bb29-304a90405e3e Red Hat Enterprise Linux 6.5 64bit (English) 02

Step 4: Retrieve a List of Networks

Assuming that you already have a virtual network created within your K5 project then you can obtain a list of networks by:

GET https://network.uk-1.cloud.global.com/v2/networks

An example of the request using curl:

curl -i -H "X-Auth-Token: TOKEN_ID" -H "accepts:application/json" https://network.uk-1.cloud.global.fujitsu.com/v2/networks

This will return a list of networks and their associated details that we’ll need later.

Step 5: Create Virtual Machine

We now have all the prerequisite pieces of information we need to build a virtual machine in K5. This time we will make a POST request to the compute API endpoint and pass a JSON payload in the request that tells K5 what to deploy.

An example of the JSON payload we will be sending:

{
"server":
{
"name": "<SOME_NAME>",
"availability_zone": "UK-1a",
"imageRef": "",
"flavorRef": "<FLAVOR_ID_WE_GOT_EARLIER",
"block_device_mapping_v2":
[{
"boot_index": "0",
"uuid":"<IMAGE_ID_WE_GOT_EARLIER>",
"volume_size": "100",
"device_name":"/dev/vda",
"source_type": "image",
"destination_type": "volume",
"delete_on_termination": "True"
}],
"key_name": "<KEY_PAIR_NAME>",
"max_count": 1,
"min_count": 1,
"networks":
[{
"uuid": "<NETWORK_ID_WE_GOT_EARLIER>"
}],
"security_groups":
[{
"name": ""
}]
},
"OS-SCH-HNT:scheduler_hints":
{
"fcx.dedicated": "True"
}
}

You will need to replace the variables in the above JSON payload example with the ones you want (Availability Zone, Image ID, Flavor ID, Network ID, Key Name).

Take note of the last section “OS-SCH-HNT:scheduler_hints”. It’s the “fcx.dedicted: True” part of the JSON payload that tells K5 that this Virtual Machine request should be deployed on the Dedicated Hosts.

Execute a POST request to the following URL passing the JSON above as the payload:

POST https://compute.uk-1.cloud.global.fujitsu.com/v2/<PROJECT_ID>/servers

Replace <PROJECT_ID> with the Project ID you want to deploy the Virtual Server to.

And there we have it, K5 will now be provisioning a Virtual Machine on a Dedicated Host and should appear in the K5 portal for you to manage.