diff options
author | Luc Provoost <luc.provoost@intel.com> | 2021-02-15 15:01:20 +0100 |
---|---|---|
committer | Luc Provoost <luc.provoost@intel.com> | 2021-02-18 14:38:16 +0100 |
commit | 480fcf799c1c30421e10abb78b91303ade4bc059 (patch) | |
tree | f314b637e94ccca6c49cbb59c1c4f5d76886d9b4 /rapidvm | |
parent | 849357bb9ca1d27993c9e96b93156ec69b3ac3a9 (diff) |
Using disk image builder to create rapid VM
All files are now availavle to build a qcow2 image using disk image builder.
This image is based on centos 7. DPDK and PROX are installed together
with some optimizations.
Change-Id: I61aa91206ea7f8b3b6a3ff7d490d1804e7e784c8
Signed-off-by: Luc Provoost <luc.provoost@intel.com>
Diffstat (limited to 'rapidvm')
-rw-r--r-- | rapidvm/README.rst | 38 | ||||
-rwxr-xr-x | rapidvm/dib/build-image.sh | 101 | ||||
-rw-r--r-- | rapidvm/dib/elements/rapid/element-deps | 5 | ||||
-rw-r--r-- | rapidvm/dib/elements/rapid/package-installs.yaml | 20 | ||||
-rwxr-xr-x | rapidvm/dib/elements/rapid/post-install.d/40-mlib | 30 | ||||
-rwxr-xr-x | rapidvm/dib/elements/rapid/post-install.d/50-compile-dpdk | 36 | ||||
-rwxr-xr-x | rapidvm/dib/elements/rapid/post-install.d/60-compile-prox | 27 | ||||
-rwxr-xr-x | rapidvm/dib/elements/rapid/post-install.d/70-os-cfg | 50 | ||||
-rwxr-xr-x | rapidvm/dib/elements/rapid/post-install.d/80-change-permissions | 18 | ||||
-rwxr-xr-x | rapidvm/dib/elements/rapid/post-install.d/81-clean-rpms | 20 | ||||
-rw-r--r-- | rapidvm/dib/elements/rapid/source-repository-dpdk | 1 | ||||
-rw-r--r-- | rapidvm/dib/elements/rapid/source-repository-samplevnf | 1 | ||||
-rwxr-xr-x | rapidvm/dib/verify-image.sh | 20 |
13 files changed, 367 insertions, 0 deletions
diff --git a/rapidvm/README.rst b/rapidvm/README.rst new file mode 100644 index 00000000..9ab02f10 --- /dev/null +++ b/rapidvm/README.rst @@ -0,0 +1,38 @@ +RAPID VM IMAGE +++++++++++++++ + +This repo will build a centos 7 image with dpdk and prox installed. +Optimizations for dpdk will also be done. + +BUILD INSTRUCTIONS +================== + +Build the image +--------------- +- cd dib +- update the version number for the image (if needed) by modifying __version__ in build-image.sh +- setup your http_proxy if needed +- bash build-image.sh + +IMAGE INSTANCE AND CONFIG +========================= + +VM Requirements +--------------- +The instance must be launched with: +- 1 network interface for the management network +- at least 1 interface for the dataplane networks +- at least 4 vCPUs +- 4 GB RAM +- cpu pinning set to exclusive + +Auto-configuration +------------------ +The rapid scripts will configure the prox instances and drive the testing. + + +Hardcoded Username and Password +-------------------------------- +In case of problems, you can ssh into the VM: +- Username: rapid +- Password: rapid diff --git a/rapidvm/dib/build-image.sh b/rapidvm/dib/build-image.sh new file mode 100755 index 00000000..e7b337e5 --- /dev/null +++ b/rapidvm/dib/build-image.sh @@ -0,0 +1,101 @@ +#!/usr/bin/env bash +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# A shell script to build the PROX VM image using diskimage-builder +# +usage() { + echo "Usage: $0 [-v]" + echo " -v verify only (build but do not push to google storage)" + exit 1 +} + +# Takes only 1 optional argument +if [ $# -gt 1 ]; then + usage +fi +verify_only=0 + +if [ $# -eq 1 ]; then + if [ $1 = "-v" ]; then + verify_only=1 + else + usage + fi +fi +set -e + +# Artifact URL +gs_url=artifacts.opnfv.org/samplevnf/images + +# image version number +__version__=0.01 +image_name=rapid-$__version__ + +# if image exists skip building +echo "Checking if image exists in google storage..." +if command -v gsutil >/dev/null; then + if gsutil -q stat gs://$gs_url/$image_name.qcow2; then + echo "Image already exists at http://$gs_url/$image_name.qcow2" + echo "Build is skipped" + exit 0 + fi + echo "Image does not exist in google storage, starting build..." + echo +else + echo "Cannot check image availability in OPNFV artifact repository (gsutil not available)" +fi + +# check if image is already built locally +if [ -f $image_name.qcow2 ]; then + echo "Image $image_name.qcow2 already exists locally" +else + + # install diskimage-builder + if [ -d dib-venv ]; then + . dib-venv/bin/activate + else + virtualenv dib-venv + . dib-venv/bin/activate + pip install diskimage-builder + fi + # Add rapid elements directory to the DIB elements path + export ELEMENTS_PATH=`pwd`/elements + # canned user/password for direct login + export DIB_DEV_USER_USERNAME=prox + export DIB_DEV_USER_PASSWORD=prox + export DIB_DEV_USER_PWDLESS_SUDO=Y + # Set the data sources to have ConfigDrive only + export DIB_CLOUD_INIT_DATASOURCES="Ec2, ConfigDrive, OpenStack" + # Use ELRepo to have latest kernel + export DIB_USE_ELREPO_KERNEL=True + echo "Building $image_name.qcow2..." + time disk-image-create -o $image_name centos7 cloud-init rapid vm +fi + +ls -l $image_name.qcow2 + + +if [ $verify_only -eq 1 ]; then + echo "Image verification SUCCESS" + echo "NO upload to google storage (-v)" +else + if command -v gsutil >/dev/null; then + echo "Uploading $image_name.qcow2..." + gsutil cp $image_name.qcow2 gs://$gs_url/$image_name.qcow2 + echo "You can access to image at http://$gs_url/$image_name.qcow2" + else + echo "Cannot upload new image to the OPNFV artifact repository (gsutil not available)" + exit 1 + fi +fi diff --git a/rapidvm/dib/elements/rapid/element-deps b/rapidvm/dib/elements/rapid/element-deps new file mode 100644 index 00000000..c6be0aa3 --- /dev/null +++ b/rapidvm/dib/elements/rapid/element-deps @@ -0,0 +1,5 @@ +vm +cloud-init-datasources +install-static +package-installs +devuser diff --git a/rapidvm/dib/elements/rapid/package-installs.yaml b/rapidvm/dib/elements/rapid/package-installs.yaml new file mode 100644 index 00000000..8b3a3cf3 --- /dev/null +++ b/rapidvm/dib/elements/rapid/package-installs.yaml @@ -0,0 +1,20 @@ +deltarpm: +yum-utils: +git: +wget: +gcc: +unzip: +libpcap-devel: +ncurses-devel: +libedit-devel: +lua-devel: +kernel-devel: +iperf3: +pciutils: +numactl-devel: +vim: +tuna: +openssl-devel: +wireshark: +make: +driverctl: diff --git a/rapidvm/dib/elements/rapid/post-install.d/40-mlib b/rapidvm/dib/elements/rapid/post-install.d/40-mlib new file mode 100755 index 00000000..34dc1b9c --- /dev/null +++ b/rapidvm/dib/elements/rapid/post-install.d/40-mlib @@ -0,0 +1,30 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2021 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +MULTI_BUFFER_LIB_VER="0.52" +BUILD_DIR="/opt/rapid" +export AESNI_MULTI_BUFFER_LIB_PATH="${BUILD_DIR}/intel-ipsec-mb-${MULTI_BUFFER_LIB_VER}" +# Downloading the Multi-buffer library. Note that the version to download is linked to the DPDK version being used +pushd ${BUILD_DIR} > /dev/null 2>&1 +wget https://www.nasm.us/pub/nasm/releasebuilds/2.14.02/linux/nasm-2.14.02-0.fc27.x86_64.rpm +rpm -ivh nasm-2.14.02-0.fc27.x86_64.rpm +wget https://github.com/01org/intel-ipsec-mb/archive/v${MULTI_BUFFER_LIB_VER}.zip +unzip v${MULTI_BUFFER_LIB_VER}.zip +pushd ${AESNI_MULTI_BUFFER_LIB_PATH} +make -j`getconf _NPROCESSORS_ONLN` +make install +popd > /dev/null 2>&1 +popd > /dev/null 2>&1 diff --git a/rapidvm/dib/elements/rapid/post-install.d/50-compile-dpdk b/rapidvm/dib/elements/rapid/post-install.d/50-compile-dpdk new file mode 100755 index 00000000..38d07486 --- /dev/null +++ b/rapidvm/dib/elements/rapid/post-install.d/50-compile-dpdk @@ -0,0 +1,36 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2021 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# pick up the kernel version for the target image +BUILD_DIR="/opt/rapid" +export RTE_SDK="${BUILD_DIR}/dpdk" +export RTE_TARGET="x86_64-native-linuxapp-gcc" + +LATEST_KERNEL_INSTALLED=`ls -v1 /lib/modules/ | tail -1` +export RTE_KERNELDIR="/lib/modules/${LATEST_KERNEL_INSTALLED}/build" + +pushd ${RTE_SDK} > /dev/null 2>&1 +make config T=${RTE_TARGET} +#sed -i 's/CONFIG_RTE_EAL_IGB_UIO=n/CONFIG_RTE_EAL_IGB_UIO=y/g' ${RTE_SDK}/build/.config +#sed -i 's/CONFIG_RTE_LIBRTE_PMD_AESNI_MB=n/CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y/g' ${RTE_SDK}/build/.config +sed -i 's/CONFIG_RTE_APP_TEST=y/CONFIG_RTE_APP_TEST=n/g' ${RTE_SDK}/build/.config +sed -i 's/CONFIG_RTE_TEST_PMD=y/CONFIG_RTE_TEST_PMD=n/g' ${RTE_SDK}/build/.config +sed -i 's/CONFIG_RTE_TEST_BBDEV=y/CONFIG_RTE_TEST_BBDEV=n/g' ${RTE_SDK}/build/.config +sed -i 's/CONFIG_RTE_APP_COMPRESS_PERF=y/CONFIG_RTE_APP_COMPRESS_PERF=n/g' ${RTE_SDK}/build/.config +sed -i 's/CONFIG_RTE_APP_CRYPTO_PERF=y/CONFIG_RTE_APP_CRYPTO_PERF=n/g' ${RTE_SDK}/build/.config +#sed -i 's/CONFIG_RTE_APP_EVENTDEV=y/CONFIG_RTE_APP_EVENTDEV=n/g' ${RTE_SDK}/build/.config +make -j`getconf _NPROCESSORS_ONLN` +popd > /dev/null 2>&1 diff --git a/rapidvm/dib/elements/rapid/post-install.d/60-compile-prox b/rapidvm/dib/elements/rapid/post-install.d/60-compile-prox new file mode 100755 index 00000000..2ae1c3cb --- /dev/null +++ b/rapidvm/dib/elements/rapid/post-install.d/60-compile-prox @@ -0,0 +1,27 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2021 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +BUILD_DIR="/opt/rapid" +export RTE_SDK="${BUILD_DIR}/dpdk" +export RTE_TARGET="build" +pushd ${BUILD_DIR}/samplevnf/VNFs/DPPD-PROX > /dev/null 2>&1 +make -j`getconf _NPROCESSORS_ONLN` +cp ${BUILD_DIR}/samplevnf/VNFs/DPPD-PROX/build/app/prox ${BUILD_DIR}/prox +cp helper-scripts/rapid/check_prox_system_setup.sh ${BUILD_DIR} +cp helper-scripts/rapid/check-prox-system-setup.service ${BUILD_DIR} +cp helper-scripts/rapid/sharkproxlog.sh ${BUILD_DIR} +cp helper-scripts/rapid/deploycentostools.sh ${BUILD_DIR} +popd > /dev/null 2>&1 diff --git a/rapidvm/dib/elements/rapid/post-install.d/70-os-cfg b/rapidvm/dib/elements/rapid/post-install.d/70-os-cfg new file mode 100755 index 00000000..64bbad5a --- /dev/null +++ b/rapidvm/dib/elements/rapid/post-install.d/70-os-cfg @@ -0,0 +1,50 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2021 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +BUILD_DIR="/opt/rapid" +# huge pages to be used by DPDK +sh -c '(echo "vm.nr_hugepages = 1024") > /etc/sysctl.conf' + +sh -c '(echo "options vfio enable_unsafe_noiommu_mode=1") > /etc/modprobe.d/vfio.conf' +sh -c '(echo "vfio") > /etc/modules-load.d/vfio.conf' +sh -c '(echo "vfio-pci") > /etc/modules-load.d/vfio.conf' +# Enabling tuned with the realtime-virtual-guest profile +pushd ${BUILD_DIR} > /dev/null 2>&1 +#wget http://linuxsoft.cern.ch/cern/centos/7/rt/x86_64/Packages/tuned-profiles-realtime-2.8.0-5.el7_4.2.noarch.rpm +wget http://linuxsoft.cern.ch/cern/centos/7/rt/x86_64/Packages/tuned-profiles-realtime-2.9.0-1.el7_5.2.noarch.rpm +#wget http://linuxsoft.cern.ch/cern/centos/7/rt/x86_64/Packages/tuned-profiles-nfv-guest-2.8.0-5.el7_4.2.noarch.rpm +wget http://linuxsoft.cern.ch/cern/centos/7/rt/x86_64/Packages/tuned-profiles-nfv-guest-2.9.0-1.el7_5.2.noarch.rpm +# Install with --nodeps. The latest CentOS cloud images come with a tuned version higher than 2.8. These 2 packages however +# do not depend on v2.8 and also work with tuned 2.9. Need to be careful in the future +#rpm -ivh ${BUILD_DIR}/tuned-profiles-realtime-2.8.0-5.el7_4.2.noarch.rpm --nodeps +#rpm -ivh ${BUILD_DIR}/tuned-profiles-nfv-guest-2.8.0-5.el7_4.2.noarch.rpm --nodeps +rpm -ivh ${BUILD_DIR}/tuned-profiles-realtime-2.9.0-1.el7_5.2.noarch.rpm --nodeps +rpm -ivh ${BUILD_DIR}/tuned-profiles-nfv-guest-2.9.0-1.el7_5.2.noarch.rpm --nodeps +# Although we do no know how many cores the VM will have when begin deployed for real testing, we already put a number for the +# isolated CPUs so we can start the realtime-virtual-guest profile. If we don't, that command will fail. +# When the VM will be instantiated, the check_kernel_params service will check for the real number of cores available to this VM +# and update the realtime-virtual-guest-variables.conf accordingly. +echo "isolated_cores=1-3" | tee -a /etc/tuned/realtime-virtual-guest-variables.conf +tuned-adm profile realtime-virtual-guest + +# Install the check_tuned_params service to make sure that the grub cmd line has the right cpus in isolcpu. The actual number of cpu's +# assigned to this VM depends on the flavor used. We don't know at this time what that will be. +chmod +x ${BUILD_DIR}/check_prox_system_setup.sh +mv ${BUILD_DIR}/check_prox_system_setup.sh /usr/local/libexec/ +mv ${BUILD_DIR}/check-prox-system-setup.service /etc/systemd/system/ +systemctl daemon-reload +systemctl enable check-prox-system-setup.service +popd > /dev/null 2>&1 diff --git a/rapidvm/dib/elements/rapid/post-install.d/80-change-permissions b/rapidvm/dib/elements/rapid/post-install.d/80-change-permissions new file mode 100755 index 00000000..86368431 --- /dev/null +++ b/rapidvm/dib/elements/rapid/post-install.d/80-change-permissions @@ -0,0 +1,18 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2021 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +BUILD_DIR="/opt/rapid" +chmod ugo+rwx ${BUILD_DIR} diff --git a/rapidvm/dib/elements/rapid/post-install.d/81-clean-rpms b/rapidvm/dib/elements/rapid/post-install.d/81-clean-rpms new file mode 100755 index 00000000..0fc166e3 --- /dev/null +++ b/rapidvm/dib/elements/rapid/post-install.d/81-clean-rpms @@ -0,0 +1,20 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2021 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +BUILD_DIR="/opt/rapid" +rm ${BUILD_DIR}/tuned-profiles-realtime-2.9.0-1.el7_5.2.noarch.rpm +rm ${BUILD_DIR}/tuned-profiles-nfv-guest-2.9.0-1.el7_5.2.noarch.rpm +rm ${BUILD_DIR}/nasm-2.14.02-0.fc27.x86_64.rpm diff --git a/rapidvm/dib/elements/rapid/source-repository-dpdk b/rapidvm/dib/elements/rapid/source-repository-dpdk new file mode 100644 index 00000000..ce19a904 --- /dev/null +++ b/rapidvm/dib/elements/rapid/source-repository-dpdk @@ -0,0 +1 @@ +dpdk tar /opt/rapid/dpdk http://fast.dpdk.org/rel/dpdk-20.05.tar.gz * diff --git a/rapidvm/dib/elements/rapid/source-repository-samplevnf b/rapidvm/dib/elements/rapid/source-repository-samplevnf new file mode 100644 index 00000000..80331875 --- /dev/null +++ b/rapidvm/dib/elements/rapid/source-repository-samplevnf @@ -0,0 +1 @@ +samplevnf git /opt/rapid/samplevnf https://git.opnfv.org/samplevnf diff --git a/rapidvm/dib/verify-image.sh b/rapidvm/dib/verify-image.sh new file mode 100755 index 00000000..a5d798fd --- /dev/null +++ b/rapidvm/dib/verify-image.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# A shell script to verify that a VM image is present in google storage +# If not present in google storage, verify it is present locally +# If not present locally, build it but do not uplaod to google storage + +bash build-image.sh -v |