If you’re virtualizing server workloads, do yourself a favor and create a golden image. Go ahead, be as meticulous as you want, because you’ll only have to do it once.
I’m a fan of using Ubuntu for Linux servers, simply because of Ubuntu’s “free-forever” mantra and aggressive update cycle. Don’t get me wrong, I love using CentOS in an anally retentive security environment (check out SELINUX), but inherent security features tend to cause a hang up on using built in package managers to install the latest and greatest versions of apps (PHP for example).
That being said, this is how I set up my golden Ubuntu Server images in vSphere….
- Create a new VM
- Select Ubuntu Linux x64 as the flavor. Accept the defaults.
- Remove floppy (not needed). Set the CD-ROM to be an ISO of Ubuntu Server.
- Force boot into bios to disable unneeded stuff
- Boot into bios and disable floppy.
- Go to the advanced tab and select IO device config.
- Disable unneeded serial devices and floppy controller.
- Exit saving changes
- Select all the defaults. Set your hostname.
- Select your time zone
- For partitioning disks, select the default = guided use entire disk and setup LVM
- Select to write changes to disk
- Setup the a user. Create a user account (create username/pass) (I’m not sharing my username for security reasons). Encrypt your home directory if you want.
- Setup your proxy info if you have a proxy server filtering your outgoing web traffic
- Install will commence. You will be prompted to setup how you want to install automatic updates. I choose to install security updates automatically.
- You will be prompted to select which packages to install, don’t select any of them<./li>
- Select to install grub to the master boot record.
- After install is complete, select to restart the server.
- After the server comes backup, login and install an ssh server for management
$ sudo apt-get install openssh-server - Check out what the IP is so you can ssh to it
$ ifconfig - Now switch to a ssh client (putty) and connect to your vm. Go to the root prompt to avoid typing sudo all the time.
$ sudo bash - Update your packages
# apt-get update # apt-get upgrade - Reboot.
# reboot - Log back in and install open-vm-tools
$ sudo apt-get install --no-install-recommends open-vm-tools - Enable the firewall to allow all outgoing traffic and deny all incoming except ssh
# ufw default deny incoming # ufw default allow outgoing # ufw allow ssh # ufw enable - The firewall is now active and will be enabled on reboot. Check the status and rules:
# ufw status verbose - Setup nics so they can be cloned. For Ubuntu server clone (image) creation (moving preparation) use next command on master clone (Source server) before final poweroff (shutdown).
# sed -i 's/SUBSYSTEM/#SUBSYSTEM/g' /etc/udev/rules.d/70-persistent-net.rules
The VM will restart and boot from the Ubuntu Server ISO. Install Ubuntu.
Shutdown ubuntu, you’re done!
# sudo shutdown -h now
If you get the error “eth0 error while getting interface flags no such device” after you’ve cloned
SOLUTION:
Comment all lines in /etc/udev/rules.d/70-persistent-net.rules
# vi /etc/udev/rules.d/70-persistent-net.rulesExample:
# PCI device 0x8086:0x100f (e1000)
# SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:00:00:00:xx:01", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
# PCI device 0x8086:0x100f (e1000)
# SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:00:xx:00:00:02", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
Reboot the Ubuntu server on VMware ESXi.
For Ubuntu server clone (image) creation (moving preparation) use next command on master clone (Source server) before final poweroff (shutdown).
# sed -i 's/SUBSYSTEM/#SUBSYSTEM/g' /etc/udev/rules.d/70-persistent-net.rules