Skip to content

Data Capsule Guest VM image creation

Jump to bottom
Suraj Gupta Gudla edited this page Apr 5, 2022 · 8 revisions

Pre-requisites:

Any Operating System that is capable of running packer and Qemu.

Below is a brief demo on how to create a DC Guest VM image on a Linux based OS.

Steps

1. Install Packer (https://www.packer.io/downloads) by running the below commands,

$ sudo apt install curl
$ curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
$ sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
$ sudo apt-get update && sudo apt-get install packer
  • One can verify the installation of the packer by running
$ packer --version

2. Install Qemu [qemu-system-x86_64 ] by running the below commands,

$ sudo apt-get update -y 
$ sudo apt-get install -y qemu-system-x86-64

3. Clone the GitHub repo (https://github.com/TempleDSS/data-capsule-appliance.git)

4. Setting the SSH keys and dc user permissions

a. Navigate to the directory "Data Capsule Guest/uploads" of the cloned repo.

b. Create GitHub SSH keys (ed25519, RSA) and then replace the contents of the ‘uploads/root_authorized_keys” file with the created public keys (one key per line).

c. Create a file "dcuserSudoAccessRestrictions" using the below command,

$ touch dcuserSudoAccessRestrictions

d. edit the file using,

$ sudo visudo dcuserSudoAccessRestrictions

e. Then enter the below lines manually (DO NOT COPY !!! - as this might add hidden unwanted characters and corrupt the file)

Cmnd_Alias SHELLS=/usr/bin/bash,/usr/bin/sh, /usr/bin/tsh, /usr/bin/csh, /usr/bin/zsh, /usr/bin/ksh,/usr/bin/screen
Cmnd_Alias SU=/usr/bin/su,/usr/bin/login
Cmnd_Alias ALLOWESCAPE=/usr/bin/vi, /usr/bin/vim,/usr/bin/less,/usr/bin/more, /usr/bin/find, /usr/bin/emacs, /usr/bin/ex, /usr/bin/ed
dcuser ALL=(root)NOPASSWD:ALL,!SU,!SHELLS
dcuser ALL=(root)NOEXEC:ALLOWESCAPE

f. Validate the dcuserSudoAccessRestrictions file using,

$ sudo visudo dcuserSudoAccessRestrictions -c

g. If you find any errors, crosscheck the manually entered content, make changes if required and validate again till you do not get any errors.

h. Then navigate back to the "Data Capsule Guest" directory.

4. Building the DC VM image,

  1. Validate the JSON file
$ packer validate ubuntu_vanilla.json
  1. Fix the syntactical errors in the JSON file if any
$ packer fix ubuntu_vanilla.json
  1. Finally, Build the image
$ packer build ubuntu_vanilla.json

The build process is going to take a lot of time depending on the system configuration (about 2 to 3 hours), So please be patient and do not halt the execution in midway.

5. Once the image is built, it will be present in the output folder "output-ubuntu1604".

The image would be of the format Qemu QCOW disk image and the file name would be "ubuntu1604".

This image would be copied to the target machine to create the Data capsule virtual machine.

Troubleshooting:

Ubuntu iso version issues:

Update the Ubuntu 16.04 iso image details ubuntu_vanilla.json with the latest information. Check for the below fields and update accordingly,

Time to build the image.

Please know that the build process is going to take a lot of time depending on system configuration (from a minimum of 1 hour to a maximum of 3 hours)

Do not halt the process in the mid, wait till you get some error or response output.

Extended debugging:

In order to debug the issues of the build process, set PACKER_LOG=1 to view a detailed log of the setup process.

Clone this wiki locally