Tutorial

Creating OVA images for Red Hat OpenShift Container Platform on IBM Power Systems Virtual Servers

Create and upload OVA files as boot images for RHEL and RHCOS

Save Like

By Shilpi Das, Sudeesh John
Published December 15, 2020

Introduction

A Red Hat® OpenShift® cluster in IBM® Power Systems™ Virtual Server requires two images:

  • The Red Hat Enterprise Linux (RHEL) 8.3 image – This is used by the bastion node
  • Red Hat Enterprise Linux CoreOS (RHCOS) image – This is used on the OpenShift cluster nodes

This tutorial shows how to create OVA formatted images for both RHEL and RHCOS, and upload them to IBM Cloud Object Storage. You can then import these images as boot images in your IBM Power Systems Virtual Server service. Note that the image disk should be a minimum of 120 GB in size.

Note that the tutorial Creating OVA images using a CentOS instance in IBM Power Systems Virtual Servers provides a simpler, scripted approach as an alternative way to prepare and import the necessary OVA images.

Prerequisites

Make sure that the following prerequisites are met before you begin creating the OVA images:

  • Access to shell on an IBM Power® logical partition (LPAR) running RHEL 8.x or CentOS 8.x with internet connectivity and minimum 250 GB of free disk space. This LPAR should have package repositories configured. You can also provision a CentOS 8.x instance on Power Systems Virtual server and use it for the steps described in this tutorial.
  • RHEL subscription ID and password (not required if using CentOS image).
  • IBM Cloud API key.

Estimated time

It requires approximately 15-20 minutes for creating the OVA image and uploading them to IBM Cloud Object Storage. Another 15-20 minutes to import the OVA image to the Power Systems Virtual Server instance.

Creating and uploading OVA files as boot images

Open a terminal on the IBM Power logical partition (LPAR) and perform the following steps to create and upload OVA files as boot images for RHEL and RHCOS:

  1. Install the following packages:

     sudo dnf install -y  qemu-img cloud-utils-growpart

  2. Download the latest pvsadm helper tool from https://github.com/ppc64le-cloud/pvsadm/releases

    
sudo curl -sL https://github.com/ppc64le-cloud/pvsadm/releases/download/v0.1/pvsadm-linux-ppc64le -o /usr/local/bin/pvsadm
sudo chmod +x /usr/local/bin/pvsadm
pvsadm version
pvsadm image –help

  3. Download the Qcow2 images.

    Download the RHEL (or CentOS) and RHCOS Qcow2 images.

    Note:

    • Although the RHEL image is named as KVM guest image, it works for both KVM and IBM PowerVM® systems.
    • The pvsadm tool supports only official RHEL/CentOS cloud images and RHCOS images.

  4. Convert the Qcow2 image to OVA format.

    Run the pvsadm command in the given format: 

    
pvsadm image qcow2ova  --image-name <image-name> --image-url  <image-url> --image-dist <image-dist> --image-size <size-of-image> --rhn-user <rhel-user> --rhn-password <rhel-password> --os-password <os-password> --temp-dir <temp-directory>

    Examples:

    
pvsadm image qcow2ova  --image-name rhel-83-12112020 --image-url  ./rhel-8.3-ppc64le-kvm.qcow2.gz --image-dist rhel --image-size 120 --rhn-user john@example.com --rhn-password someValidPassword --os-password sOmeComplexpassword
pvsadm image qcow2ova  --image-name centos-8.3-12112020 --image-url  ./CentOS-8-GenericCloud-8.3.2011-20201204.2.ppc64le.qcow2.gz --image-dist centos --image-size 120 --os-password sOmeComplexpassword
pvsadm image qcow2ova  --image-name rhcos-45-12112020 --image-url  ./rhcos-4.5.4-ppc64le-openstack.ppc64le.qcow2.gz --image-dist coreos --image-size 120
pvsadm image qcow2ova  --image-name rhcos-46-12112020 --image-url  ./rhcos-4.6.1-ppc64le-openstack.ppc64le.qcow2.gz --image-dist coreos --image-size 120

    The following table describes the parameters used in the command to convert a Qcow2 image to the OVA format.

    Parameter Description
    --image-name Name of the resultant image (required)
    --image-url URL or absolute local file path to the .gz image (required)
    --image-dist Image distribution (supported: rhel, centos, coreos) (required)
    --image-size Size (in GB) of the resultant OVA image (default 120) (optional)
    --rhn-user Red Hat subscription username. Required when image distribution is rhel
    --rhn-password Red Hat subscription password. Required when image distribution is rhel
    --os-password Root user password. Will auto-generate the 12-bit password (applicable only for Red Hat and CentOS distributions) (optional)
    -t, --temp-dir Scratch space to use for OVA generation (default “/tmp”) (optional)

    For more options, run the following command:

    pvsadm image qcow2ova –help

    Sample RHEL image output

         I1210 20:13:13.694904   33333 qcow2ova.go:116] OS root password is: sOmeComplexpassword
     I1210 20:13:13.694948   33333 validate.go:26] Checking: user
     I1210 20:13:13.694955   33333 validate.go:26] Checking: platform
     I1210 20:13:13.694961   33333 validate.go:26] Checking: tools
     I1210 20:13:13.695003   33333 tools.go:29] qemu-img found at /usr/bin/qemu-img
     I1210 20:13:13.695027   33333 tools.go:29] growpart found at /usr/bin/growpart
     I1210 20:13:13.695034   33333 validate.go:26] Checking: diskspace
     I1210 20:13:13.695068   33333 diskspace.go:33] free: 196G, need: 170G
     I1210 20:33:15.990768   33333 qcow2ova.go:161] copied the file at: /tmp/qcow2ova776147420/rhel-8.3-ppc64le-kvm.qcow2?user=4007d887c3f4f13ad2afa91e33bdae41&_auth_=1607650546_f87917ff5a6c94a377304dca6a5c2559
     I1210 20:33:15.990943   33333 qcow2ova.go:189] Converting Qcow2(/tmp/qcow2ova776147420/rhel-8.3-ppc64le-kvm.qcow2?user=4007d887c3f4f13ad2afa91e33bdae41&_auth_=1607650546_f87917ff5a6c94a377304dca6a5c2559) image to raw(/tmp/qcow2ova776147420/ova-img-dir/disk.raw) format
     I1210 20:33:21.097336   33333 qcow2ova.go:194] Conversion completed
     I1210 20:33:21.097377   33333 qcow2ova.go:196] Resizing the image /tmp/qcow2ova776147420/ova-img-dir/disk.raw to 120G
     WARNING: Image format was not specified for '/tmp/qcow2ova776147420/ova-img-dir/disk.raw' and probing guessed raw.
             Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restricted.
             Specify the 'raw' format explicitly to remove the restrictions.
     Image resized.
     I1210 20:33:24.907519   33333 qcow2ova.go:201] Resize completed
     I1210 20:33:24.907538   33333 qcow2ova.go:203] Preparing the image
     /dev/loop0
     CHANGED: partition=2 start=10240 old: size=16384000 end=16394240 new: size=251647967 end=251658207
     xfs
     meta-data=/dev/loop0p2           isize=512    agcount=4, agsize=512000 blks
             =                       sectsz=512   attr=2, projid32bit=1
             =                       crc=1        finobt=1, sparse=1, rmapbt=0
             =                       reflink=1
     data     =                       bsize=4096   blocks=2048000, imaxpct=25
             =                       sunit=0      swidth=0 blks
     naming   =version 2              bsize=4096   ascii-ci=0, ftype=1
     log      =internal log           bsize=4096   blocks=2560, version=2
             =                       sectsz=512   sunit=0 blks, lazy-count=1
     realtime =none                   extsz=4096   blocks=0, rtextents=0
     data blocks changed from 2048000 to 31455995
     nameserver 9.9.9.9
     Registering to: subscription.rhsm.redhat.com:443/subscription
     The system has been registered with ID: 07f9ee13-329d-408d-aa9a-a83f7fbd106a
     ...
     [snip]
     ...
     Installed:
     DynamicRM-2.0.7-7.ppc64le                                                     
     devices.chrp.base.ServiceRM-3.2.5.3-20185.ppc64le                             
     ksh-20120801-254.el8.ppc64le                                                  
     rsct.basic-3.2.5.3-20185.ppc64le                                              
     rsct.core-3.2.5.3-20185.ppc64le                                               
     rsct.core.utils-3.2.5.3-20185.ppc64le                                         
     rsct.opt.storagerm-3.2.5.3-20185.ppc64le                                      
     src-3.2.5.3-20185.ppc64le                                                     

     Complete!
     Updating Subscription Management repositories.
     Last metadata expiration check: 0:00:23 ago on Thu 10 Dec 2020 08:35:27 PM EST.
     Dependencies resolved.

     Complete!
     dracut: Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE_[AMD|INTEL]!=y
     Generating initramfs for kernel version: 4.18.0-240.1.1.el8_3.ppc64le
     dracut: Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE_[AMD|INTEL]!=y
     Generating grub configuration file ...
     Generating boot entries from BLS files...
     done
     Changing password for user root.
     passwd: all authentication tokens updated successfully.
     Unregistering from: subscription.rhsm.redhat.com:443/subscription
     System has been unregistered.
     All local data removed
     I1210 20:36:41.550609   33333 qcow2ova.go:208] Preparation completed
     I1210 20:36:41.550643   33333 qcow2ova.go:210] Creating an OVA bundle
     I1210 20:39:36.549582   33333 qcow2ova.go:215] OVA bundle creation completed: /tmp/qcow2ova776147420/rhel-83-12102020.ova
     I1210 20:39:36.549624   33333 qcow2ova.go:217] Compressing an OVA file
     I1210 20:43:07.062772   33333 qcow2ova.go:223] OVA file Compression completed

     Successfully converted Qcow2 image to OVA format, find at /root/rhel-83-12102020.ova.gz
     OS root password: sOmeComplexpassword

    Sample RHCOS output

    
 I1210 20:46:30.589296   53324 validate.go:26] Checking: user
 I1210 20:46:30.589303   53324 validate.go:26] Checking: platform
 I1210 20:46:30.589308   53324 validate.go:26] Checking: tools
 I1210 20:46:34.590811   53324 tools.go:29] growpart found at /usr/bin/growpart
 I1210 20:46:34.590831   53324 tools.go:29] qemu-img found at /usr/bin/qemu-img
 I1210 20:46:34.590835   53324 validate.go:26] Checking: diskspace
 I1210 20:46:34.590843   53324 diskspace.go:33] free: 191G, need: 170G
 I1210 20:48:22.263348   53324 qcow2ova.go:161] copied the file at: /tmp/qcow2ova119224656/rhcos-openstack.ppc64le.qcow2.gz
 I1210 20:48:22.263392   53324 qcow2ova.go:170] Image /tmp/qcow2ova119224656/rhcos-openstack.ppc64le.qcow2.gz is in gzip format, extracting it
 I1210 20:48:43.702708   53324 qcow2ova.go:176] Extract complete
 I1210 20:48:43.703924   53324 qcow2ova.go:189] Converting Qcow2(/tmp/qcow2ova119224656/disk.qcow2) image to raw(/tmp/qcow2ova119224656/ova-img-dir/disk.raw) format
 I1210 20:48:44.932742   53324 qcow2ova.go:194] Conversion completed
 I1210 20:48:44.932768   53324 qcow2ova.go:196] Resizing the image /tmp/qcow2ova119224656/ova-img-dir/disk.raw to 120G
 WARNING: Image format was not specified for '/tmp/qcow2ova119224656/ova-img-dir/disk.raw' and probing guessed raw.
         Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restricted.
         Specify the 'raw' format explicitly to remove the restrictions.
 Image resized.
 I1210 20:48:52.820675   53324 qcow2ova.go:201] Resize completed
 I1210 20:48:52.820709   53324 qcow2ova.go:203] Preparing the image
 I1210 20:48:52.820726   53324 prepare.go:132] No image preparation required for the coreos...
 I1210 20:48:52.820738   53324 qcow2ova.go:208] Preparation completed
 I1210 20:48:52.820747   53324 qcow2ova.go:210] Creating an OVA bundle
 I1210 20:51:39.510987   53324 qcow2ova.go:215] OVA bundle creation completed: /tmp/qcow2ova119224656/rhcos-46-12102020.ova
 I1210 20:51:39.511020   53324 qcow2ova.go:217] Compressing an OVA file
 I1210 20:54:12.903203   53324 qcow2ova.go:223] OVA file Compression completed
 Successfully converted Qcow2 image to OVA format, find at /root/rhcos-46-12102020.ova.gz
 OS root password:

  5. Upload the image to IBM Cloud Object Storage using the following command.

    export IBMCLOUD_API_KEY=<IBM_CLOUD_API_KEY>
pvsadm image upload  --bucket <bucket-name> --file <image-name>.ova.gz --cos-instance-name <cos-instance-name>

    Example:

    
pvsadm image upload --bucket ocp4-images-bucket  --file rhel-83-12112020.ova.gz --cos-instance-name ocp4-on-power

    Where:

    Parameter Description
    -b, --bucket Name of the Cloud Object Storage instance bucket (required)
    -f, --file he file to be uploaded to storage (required)
    -n, --cos-instance-name Name of the Cloud Object Storage instance to be used (required if not using region)
    -r, --bucket-region Cloud Object Storage bucket region. (default “us-south”) (required if not using instance-name`)

    For more options, run the following command: 

    pvsadm image upload –help

    Sample output when uploading RHEL OVA image

    pvsadm image upload  --bucket ocp4-images-bucket --file rhel-83-12112020.ova.gz --cos-instance-name ocp4-on-power  
I1210 20:54:30.805608   54430 root.go:29] Using an API key from IBMCLOUD_API_KEY environment variable
I1210 20:55:28.492076   54430 s3client.go:130] uploading the object rhel-83-12112020.ova.gz
I1210 20:55:02.858272   54430 s3client.go:156] Upload completed successfully in 51.366164 seconds to location https://s3.us-south.cloud-object-storage.appdomain.cloud/ocp4-images-bucket/rhel-83-12102020.ova.gz

    Sample output when uploading RHCOS OVA image

    pvsadm image upload  --bucket ocp4-images-bucket --file  rhcos-46-12102020.ova.gz --cos-instance-name ocp4-on-power 
I1211 09:28:20.698105   97006 root.go:29] Using an API key from IBMCLOUD_API_KEY environment variable 
I1211 09:28:27.184596   97006 s3client.go:130] uploading the object rhcos-46-12102020.ova.gz 
I1211 09:29:17.979843   97006 s3client.go:156] Upload completed successfully in 50.795222 seconds to location https://s3.us-south.cloud-object-storage.appdomain.cloud/ocp4-images-bucket/rhcos-46-12102020.ova.gz

  6. Import the image into the Power Systems Virtual Server instances.

    As a best practice please name the image using the following pattern <distro>-<xy>-<timestamp>, where distro is either rhel, centos or rhcos and xy is the release version like 83 (for 8.3), 46 (for 4.6) and timestamp is of the format – ddmmyyyy or mmddyyyy. Take a look at the values of the pvs-image-name argument in the examples below for concrete examples.

    Run the following command:

    export IBMCLOUD_API_KEY=<IBM_CLOUD_API_KEY>
pvsadm image import –pvs-instance-name <instance-name> --bucket <bucket-name> --object <object-name> --pvs-image-name <image-name> --bucket-region <region>

    Example:

    pvsadm image import --pvs-instance-name ocp-cicd-london-06 -b ocp4-images-bucket --object rhel-83-12102020.ova.gz  --pvs-image-name rhel-83-12102020 --bucket-region us-south 
pvsadm image import --pvs-instance-name ocp-cicd-london-06 -b ocp4-images-bucket --object rhcos-46-12102020.ova.gz  --pvs-image-name rhcos-46-12102020 --bucket-region us-south

    Where:

    Parameter Description
    -n, --pvs-instance-name Name of the Power Systems Virtual Server instance (required)
    --pvs-image-name Name of the Power Systems Virtual Server imported image (required)
    --object Cloud storage image file name(required)
    -b,--bucket Cloud storage bucket name (required)
    -r,--bucket-region Cloud storage bucket region (required)

    For more options, run the following command:

    pvsadm image import –help

    Sample output

    pvsadm image import --pvs-instance-name ocp-cicd-london-06 -b ocp4-images-bucket --object rhel-83-12102020.ova.gz  --pvs-image-name rhel-83-12102020 --bucket-region us-south  
I1211 09:33:49.374803   97212 import.go:120] ocp4-images-bucket bucket found in the ocp4-on-power[ID:crn:v1:bluemix:public:cloud-object-storage:global:a/65b64c1f1c29460e8c2e4bbfbd893c2c:8aeefa98-c07b-4d22-aa7a-1694374ae275::] COS instance 
I1211 09:33:50.028868   97212 import.go:127] rhel-83-12102020.ova.gz object found in the ocp4-images-bucket bucket 
I1211 09:33:50.485569   97212 import.go:159] Reading the existing service credential: pvsadm-service-cred 
2020/12/11 09:33:51 the apiendpoint url for power is lon.power-iaas.cloud.ibm.com 
2020/12/11 09:33:51 Calling the New Auth Method in the IBMPower Session Code 
2020/12/11 09:33:51 Calling the crn constructor that is to be passed back to the caller  65b64c1f1c29460e8c2e4bbfbd893c2c 
2020/12/11 09:33:51 the region is lon and the zone is  lon06 
2020/12/11 09:33:51 the crndata is ... crn:v1:bluemix:public:power-iaas:lon06:a/65b64c1f1c29460e8c2e4bbfbd893c2c:729b4527-6709-4ecb-8803-e0f1709ea945:: 
I1211 09:33:55.926843   97212 image.go:72] Post is successful 923883cf-2093-4d5c-9d85-b90fc2aaeb92 
I1211 09:33:55.926860   97212 import.go:195] Importing Image rhel-83-12102020 is currently in queued state, Please check the Progress in the IBM Cloud UI

    Note: You can check the progress of the imported image in the IBM Cloud UI.

Summary

In this tutorial, we have successfully created the RHEL and RHCOS OVA image from the respective Qcow2 images, uploaded the images to the Cloud Object Storage instance, and imported the images in IBM Power Systems Virtual Server. You are now all set for deploying OpenShift.

Legend
Tutorial

Setting up IBM Power Systems Virtual Server for Red Hat OpenShift Container Platform

August 12, 2021
Tutorial

Installing Red Hat OpenShift Container Platform 4.x on IBM Power Systems Virtual Servers

July 1, 2021
Tutorial

Securely access IBM Cloud services from Red Hat OpenShift Container Platform deployed on IBM Power Systems Virtual Server

December 15, 2020