Creating the Fabric Services System virtual machine

Complete the following steps to deploy a Fabric Services System node as a virtual machine.

  1. Ensure that the virt-install tool is installed on the KVM hypervisor.
    If you need to install the tool, use the following command:
    # yum install virt-install
  2. Copy the base OS image to the hypervisor in the appropriate location where the virtual disks should be stored.
  3. Resize the base OS image.
    By default, the Fabric Services System base OS image comes with a small partition to lower the download size of the image. To assign the appropriate size to the image, execute the following command:
    # qemu-img resize /path/to/fss-node01.qcow2 200G

    The actual root partition is resized later in the procedure.

  4. Optional: If the node is also going to be used as a storage node, create the necessary extra disk for the storage cluster to be formed.
    Create the virtual disk using the following command:
    # qemu-img create -f qcow2 /path/to/fss-node01-storage.qcow2 300G
  5. Create the virtual machine.
    The following command creates a node that also serves as a storage node. If a storage node is not needed, omit the second line that starts with --disk.
    # virt-install --import --name fss-node01 \
     --memory 65536 --vcpus 32 --cpu host \
     --disk /path/to/fss-node01.qcow2,format=qcow2,bus=virtio \
     --disk /path/to/fss-node01-storage.qcow2,format=qcow2,bus=virtio \
     --network bridge=br0,model=virtio \
     --network bridge=br1,model=virtio \
     --os-type=linux \
     --os-variant=centos7.0 \
     --noautoconsole
  6. From the KVM console, log in to the node VM.

    Use the following credentials:

    Username: root

    Password: N0ki@FSSb4se!

  7. If your environment does not support or use the cloud-init services, disable and stop these services.
    # systemctl stop cloud-init cloud-init-local cloud-config cloud-final
    # systemctl disable cloud-init cloud-init-local cloud-config cloud-final
  8. Resize the root partition.
    The base OS image comes with a smaller partition than needed. Use the following commands to resize the root partition. Verify that you are using the right disk (in this example /dev/sda).
    # fdisk /dev/sda
    Welcome to fdisk (util-linux 2.23.2).
    
    Changes will remain in memory only, until you decide to write them.
    Be careful before using the write command.
    
    
    Command (m for help): p
    
    Disk /dev/sda: 214.7 GB, 214748364800 bytes, 419430400 sectors
    Units = sectors of 1 * 512 = 512 bytes
    Sector size (logical/physical): 512 bytes / 512 bytes
    I/O size (minimum/optimal): 512 bytes / 512 bytes
    Disk label type: dos
    Disk identifier: 0x000b050e
    
       Device Boot      Start         End      Blocks   Id  System
    /dev/sda1   *        2048    16777215     8387584   83  Linux
    
  9. Delete the existing partition.
    Command (m for help): d
    Selected partition 1
    Partition 1 is deleted
  10. Create a new partition that fills the entire disk.
    Accept the default settings presented.
    Command (m for help): n
    Partition type:
     p primary (0 primary, 0 extended, 4 free)
     e extended
    Select (default p):
    Using default response p
    Partition number (1-4, default 1):
    First sector (2048-419430399, default 2048):
    Using default value 2048
    Last sector, +sectors or +size{K,M,G} (2048-419430399, default 419430399):
    Using default value 419430399
    Partition 1 of type Linux and of size 200 GiB is set
  11. Set the boot flag for this partition.
    Command (m for help): a
    Selected partition 1
  12. Write the partition table.
    Command (m for help): w
    The partition table has been altered!
     
    Calling ioctl() to re-read partition table.
     
    WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
    The kernel still uses the old table. The new table will be used at
    the next reboot or after you run partprobe(8) or kpartx(8)
    Syncing disks.
  13. Optional: Configure a standard Linux partition on the storage disk, /dev/sdb in this example.
    # fdisk /dev/sdb
    Welcome to fdisk (util-linux 2.23.2).
     
    Changes will remain in memory only, until you decide to write them.
    Be careful before using the write command.
     
    Device does not contain a recognized partition table
    Building a new DOS disklabel with disk identifier 0x8891800b.
     
    Command (m for help): n
    Partition type:
     p primary (0 primary, 0 extended, 4 free)
     e extended
    Select (default p):
    Using default response p
    Partition number (1-4, default 1):
    First sector (2048-629145599, default 2048):
    Using default value 2048
    Last sector, +sectors or +size{K,M,G} (2048-629145599, default 629145599):
    Using default value 629145599
    Partition 1 of type Linux and of size 300 GiB is set
     
    Command (m for help): w
    The partition table has been altered!
     
    Calling ioctl() to re-read partition table.
    Syncing disks.
  14. Reboot the node to register the change in partition sizes in the system.
    # reboot
  15. Grow the root partition file system to its full size.
    # xfs_growfs -d /
    meta-data=/dev/sda1 isize=512 agcount=4, agsize=524224 blks
     = sectsz=512 attr=2, projid32bit=1
     = crc=1 finobt=0 spinodes=0
    data = bsize=4096 blocks=2096896, imaxpct=25
     = sunit=0 swidth=0 blks
    naming =version 2 bsize=4096 ascii-ci=0 ftype=1
    log =internal bsize=4096 blocks=2560, version=2
     = sectsz=512 sunit=0 blks, lazy-count=1
    realtime =none extsz=4096 blocks=0, rtextents=0
    data blocks changed from 2096896 to 52428544
  16. Enable SSH.
    The base image is a hardened image so SSH is disabled by default for the root user. To enable SSH, update the /etc/ssh/sshd_config file and change the following lines:
    PasswordAuthentication no
    PermitRootLogin no
    to:
    PasswordAuthentication yes
    PermitRootLogin yes
    Note: You can keep password authentication disabled to provide extra security. In this case, only key-based authentication works, and you must configure the appropriate public SSH keys for the root user so it can log in over SSH. In any case, this configuration is needed for the deployer VM to reach the nodes.
  17. Edit the /etc/sysconfig/network-scripts/ifcfg-eth0 file to configure the correct static IP address, DNS servers, and gateway for the OAM network.
    The final content should look similar to the following, except with the IP address, DNS, and domain details specific to the target environment:
    BOOTPROTO=static
    DEVICE=eth0
    ONBOOT=yes
    TYPE=Ethernet
    USERCTL=no
    IPADDR=192.0.2.10
    PREFIX=24
    GATEWAY=192.0.2.1
    DNS1=192.0.2.5
    DNS2=192.0.2.6
    DOMAIN=fss.nokia.local
    MTU=9000
    
  18. Edit the /etc/sysconfig/network-scripts/ifcfg-eth1 file to configure the correct static IP address for the Fabric Management network.
    The final content should look similar to the following, except with the IP address, DNS, and domain details specific to the target environment:
    BOOTPROTO=static
    DEVICE=eth0
    ONBOOT=yes
    TYPE=Ethernet
    USERCTL=no
    IPADDR=192.0.2.10
    PREFIX=24
    MTU=9000
    

    Ensure that you set the MTU parameter to 9000 for all the interfaces.

  19. Restart the network to apply the new configuration.
    # systemctl restart network
  20. Configure the appropriate NTP servers.
    Edit the /etc/chrony.conf configuration file and replace all lines that begin with server with the correct server lines for the environment.
  21. Restart the chronyd service.
    # systemctl restart chronyd
  22. Verify that time synchronization is functioning properly.
    # chronyc tracking

    If the Reference ID field is not set to any of the configured servers, but instead refers to something like 127.127.1.1, time synchronization is not functioning properly.

    Reference ID    : 87E30FFE (192.0.2.5)
    Stratum         : 4
    Ref time (UTC)  : Wed Feb 16 01:20:36 2022
    System time     : 0.000014215 seconds slow of NTP time
    Last offset     : -0.000001614 seconds
    RMS offset      : 0.000106133 seconds
    Frequency       : 11.863 ppm slow
    Residual freq   : -0.071 ppm
    Skew            : 0.187 ppm
    Root delay      : 0.063009784 seconds
    Root dispersion : 0.018440660 seconds
    Update interval : 64.5 seconds
    Leap status     : Normal
    
  23. Change the hostname.
    # hostnamectl set-hostname fss-node01.domain.tld
  24. Set up key-based authentication from the Fabric Services System deployer VM.
    If password authentication has been enabled on the node for SSH, enter the following command from the deployer VM.
    # ssh-copy-id root@<node IP/FQDN>