Creating the Fabric Services System virtual machine

Complete the following steps to deploy a Fabric Services System node as a virtual machine.

  1. Ensure that the virt-install tool is installed on the KVM hypervisor.
    If you need to install the tool, use the following command:
    # yum install virt-install
  2. Copy the base OS image to the hypervisor in the appropriate location where the virtual disks should be stored.
  3. Resize the base OS image.
    By default, the Fabric Services System base OS image comes with a small partition to lower the download size of the image. To assign the appropriate size to the image, execute the following command:
    # qemu-img resize /path/to/fss-node01.qcow2 200G

    The actual root partition is resized later in the procedure.

  4. Optional: If the node is also going to be used as a storage node, create the necessary extra disk for the storage cluster to be formed.
    Create the virtual disk using the following command:
    # qemu-img create -f qcow2 /path/to/fss-node01-storage.qcow2 300G
  5. Create the virtual machine.
    The following command creates a node that also serves as a storage node. If a storage node is not needed, omit the second line that starts with --disk. 
    # virt-install --import --name fss-node01 \
 --memory 65536 --vcpus 32 --cpu host \
 --disk /path/to/fss-node01.qcow2,format=qcow2,bus=virtio \
 --disk /path/to/fss-node01-storage.qcow2,format=qcow2,bus=virtio \
 --network bridge=br0,model=virtio \
 --network bridge=br1,model=virtio \
 --os-type=linux \
 --os-variant=centos7.0 \
 --noautoconsole
  6. From the KVM console, log in to the node VM.

    Use the following credentials:

    Username: root

    Password: N0ki@FSSb4se!

  7. If your environment does not support or use the cloud-init services, disable and stop these services. 
    # systemctl stop cloud-init cloud-init-local cloud-config cloud-final
# systemctl disable cloud-init cloud-init-local cloud-config cloud-final
  8. Resize the root partition.
    The base OS image comes with a smaller partition than needed. Use the following commands to resize the root partition. Verify that you are using the right disk (in this example /dev/sda).
    # fdisk /dev/sda
Welcome to fdisk (util-linux 2.23.2).

Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.


Command (m for help): p

Disk /dev/sda: 214.7 GB, 214748364800 bytes, 419430400 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x000b050e

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *        2048    16777215     8387584   83  Linux
  9. Delete the existing partition. 
    Command (m for help): d
Selected partition 1
Partition 1 is deleted
  10. Create a new partition that fills the entire disk.
    Accept the default settings presented.
    Command (m for help): n
Partition type:
 p primary (0 primary, 0 extended, 4 free)
 e extended
Select (default p):
Using default response p
Partition number (1-4, default 1):
First sector (2048-419430399, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-419430399, default 419430399):
Using default value 419430399
Partition 1 of type Linux and of size 200 GiB is set
  11. Set the boot flag for this partition. 
    Command (m for help): a
Selected partition 1
  12. Write the partition table. 
    Command (m for help): w
The partition table has been altered!
 
Calling ioctl() to re-read partition table.
 
WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.
  13. Optional: Configure a standard Linux partition on the storage disk, /dev/sdb in this example. 
    # fdisk /dev/sdb
Welcome to fdisk (util-linux 2.23.2).
 
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
 
Device does not contain a recognized partition table
Building a new DOS disklabel with disk identifier 0x8891800b.
 
Command (m for help): n
Partition type:
 p primary (0 primary, 0 extended, 4 free)
 e extended
Select (default p):
Using default response p
Partition number (1-4, default 1):
First sector (2048-629145599, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-629145599, default 629145599):
Using default value 629145599
Partition 1 of type Linux and of size 300 GiB is set
 
Command (m for help): w
The partition table has been altered!
 
Calling ioctl() to re-read partition table.
Syncing disks.
  14. Reboot the node to register the change in partition sizes in the system. 
    # reboot
  15. Grow the root partition file system to its full size. 
    # xfs_growfs -d /
meta-data=/dev/sda1 isize=512 agcount=4, agsize=524224 blks
 = sectsz=512 attr=2, projid32bit=1
 = crc=1 finobt=0 spinodes=0
data = bsize=4096 blocks=2096896, imaxpct=25
 = sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal bsize=4096 blocks=2560, version=2
 = sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
data blocks changed from 2096896 to 52428544
  16. Enable SSH.
    The base image is a hardened image so SSH is disabled by default for the root user. To enable SSH, update the /etc/ssh/sshd_config file and change the following lines:
    PasswordAuthentication no
PermitRootLogin no
    to:
    PasswordAuthentication yes
PermitRootLogin yes
    Note: You can keep password authentication disabled to provide extra security. In this case, only key-based authentication works, and you must configure the appropriate public SSH keys for the root user so it can log in over SSH. In any case, this configuration is needed for the deployer VM to reach the nodes.
  17. Edit the /etc/sysconfig/network-scripts/ifcfg-eth0 file to configure the correct static IP address, DNS servers, and gateway for the OAM network.
    The final content should look similar to the following, except with the IP address, DNS, and domain details specific to the target environment:
    BOOTPROTO=static
DEVICE=eth0
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPADDR=192.0.2.10
PREFIX=24
GATEWAY=192.0.2.1
DNS1=192.0.2.5
DNS2=192.0.2.6
DOMAIN=fss.nokia.local
MTU=9000
  18. Edit the /etc/sysconfig/network-scripts/ifcfg-eth1 file to configure the correct static IP address for the Fabric Management network.
    The final content should look similar to the following, except with the IP address, DNS, and domain details specific to the target environment:
    BOOTPROTO=static
DEVICE=eth0
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPADDR=192.0.2.10
PREFIX=24
MTU=9000

    Ensure that you set the MTU parameter to 9000 for all the interfaces.

  19. Restart the network to apply the new configuration. 
    # systemctl restart network
  20. Configure the appropriate NTP servers.
    Edit the /etc/chrony.conf configuration file and replace all lines that begin with server with the correct server lines for the environment.
  21. Restart the chronyd service. 
    # systemctl restart chronyd
  22. Verify that time synchronization is functioning properly. 
    # chronyc tracking

    If the Reference ID field is not set to any of the configured servers, but instead refers to something like 127.127.1.1, time synchronization is not functioning properly.

    Reference ID    : 87E30FFE (192.0.2.5)
Stratum         : 4
Ref time (UTC)  : Wed Feb 16 01:20:36 2022
System time     : 0.000014215 seconds slow of NTP time
Last offset     : -0.000001614 seconds
RMS offset      : 0.000106133 seconds
Frequency       : 11.863 ppm slow
Residual freq   : -0.071 ppm
Skew            : 0.187 ppm
Root delay      : 0.063009784 seconds
Root dispersion : 0.018440660 seconds
Update interval : 64.5 seconds
Leap status     : Normal
  23. Change the hostname. 
    # hostnamectl set-hostname fss-node01.domain.tld
  24. Set up key-based authentication from the Fabric Services System deployer VM.
    If password authentication has been enabled on the node for SSH, enter the following command from the deployer VM.
    # ssh-copy-id root@<node IP/FQDN>