Microsoft Loves Linux Deep Dive #7: Managing Linux in System Center Virtual Machine Manager

This post was written by Michael Kelley, Principal PM Manager, Cloud + Enterprise team.

This blog post is #7 in a series of technical posts about running and managing Linux and FreeBSD in your on-premises datacenter. Other posts in the series are here:

Overview

• Microsoft Loves Linux

Running Linux and FreeBSD as a guest operating system on Hyper-V

• Microsoft Loves Linux Deep Dive #1: Introduction to Linux and FreeBSD on Hyper-V
• Microsoft Loves Linux Deep Dive #2: Linux and FreeBSD Integration Services Core Features
• Microsoft Loves Linux Deep Dive #3: Linux Dynamic Memory and Live Backup
• Microsoft Loves Linux Deep Dive #4: Linux Network Features and Performance
• Microsoft Loves Linux Deep Dive #5: FreeBSD Overview and Status

Managing Linux and UNIX using System Center and PowerShell DSC

• Microsoft Loves Linux Deep Dive #6: Linux and UNIX Systems Management Overview
• Microsoft Loves Linux Deep Dive #7: Managing Linux in System Center Virtual Machine Manager
• Microsoft Loves Linux Deep Dive #8: Linux and UNIX Monitoring with Operations Manager
• Microsoft Loves Linux Deep Dive #9: Monitoring Open Source Middleware
• Microsoft Loves Linux Deep Dive #10:  Managing the Software Configuration on Linux and UNIX Servers
• Microsoft Loves Linux Deep Dive #11:  Linux Configuration Management with PowerShell DSC
• Microsoft Loves Linux Deep Dive #12:  Summary of Running and Managing Linux and FreeBSD in Your Datacenter

Managing Linux in System Center Virtual Machine Manager

As described in the previous blog post, System Center Virtual Machine Manager (VMM) is used in virtualized and private cloud environments to do fabric management. As the fabric manager, VMM controls multiple Hyper-V hosts, and automates the lifecycle of individual virtual machines that are running Windows or Linux. You can use the VMM console to create new virtual machines and deploy them to an appropriate Hyper-V host. You can delete virtual machines that are no longer used, as well as start, stop, suspend, and resume virtual machines. VMM can migrate virtual machines from one Hyper-V host to another. All of these operations are applicable to virtual machines running Linux, just like for virtual machines running Windows.

Linux OS Specialization

Like for Windows, VMM creates new Linux virtual machines from a template, which is meta data describing the virtual machine to be created and includes a reference to a virtual hard disk (VHD or VHDX) containing the Linux operating system. The virtual hard disk is “cloned”, and the copy becomes the operating system disk for the new virtual machine. The usual scenario is to create lots of virtual machines from the same template. But if all of the new virtual machines have exactly the same cloned OS disk, how does each virtual machine get a unique identity? For Windows, the template is a sysprep’ed image, and VMM generates an unattend.xml file to specialize the new operating system the first time it boots up. The sysprep specialization process assigns a unique hostname, an appropriate IP address, etc. so that the new virtual machine has a unique identity.

For Linux, VMM implements the steps to do the equivalent of Windows sysprep. When you create a template in the VMM console, you specify the hardware profile, including MAC address and IP address information, and enter additional Linux-specific information. This Linux-specific information is the hostname and domain suffix, the root password and public ssh key, the time zone, and “run once” command lines (more about “run once” commands later).

Using this template information, the specialization is performed by the VMM Linux agent, which must be present in the virtual hard disk referenced by the template. The specialization process works as shown in this diagram:

The VMM server generates a Linux specialization document (as an .xml file) using information from the template – the hardware configuration and operating system configuration as entered in the console screenshot above.

1. The VMM server creates an ISO file with the specialization document and a copy of the latest version of the VMM Linux agent. The ISO file is sent to the VMM host agent on the Hyper-V host where the new virtual machine will run.
2. The VMM host agent creates a new virtual machine, using a copy of the Linux VHD/VHDX referenced by the template as the OS disk for the new virtual machine. The ISO file from Step 2 is mounted into the virtual DVD drive of the new virtual machine.
3. The VMM host agent starts the new virtual machine, and the new virtual machine goes through the standard Linux boot process.
4. When the new virtual machine completes the boot process, the VMM Linux agent in the virtual machine checks the virtual DVD drive for a new version of the agent. If the DVD drive contains a newer version than what is already running in the virtual machine, the VMM Linux agent upgrades itself to the newer version. This self-upgrade process means you don’t have to update your virtual disks in the library if an updated agent is available on the server.
5. The VMM Linux agent does the specialization process using information in the specialization document on the virtual DVD drive. The specialization process includes setting the hostname and assigning an IP address, either a static IP from the specialization document or a dynamic IP via DHCP. Specialization also removes items like the shell command history so the virtual machine really starts fresh. Finally, the “run once” commands are executed. Then the virtual machine shuts itself down.

"Run Once” Commands

“Run once” commands are single line Linux commands – anything that can be run by an “exec” call. They are typically used to install software packages and do configuration of the Linux virtual machine so that it assumes its intended functional role. A commonly used pattern consists of a shell invocation and a string to be executed by the shell. For example, this “run once” command installs Microsoft’s PowerShell DSC for Linux v1.1 package, which is in the /tmp directory:

/bin/sh –c "rpm –Uvh /tmp/dsc-1.1.0-599.ssl_100.x64.rpm”

The “run once” commands are run at the end of the specialization process as described in Step 6 above. If multiple “run once” commands are specified, they are run sequentially. When the commands run, the network configuration is already complete, so the commands can access network resources.

Windows Azure Pack

The Windows Azure Pack (WAP) extends VMM to provide a full private cloud experience using the familiar Azure portal user interface. The WAP portal enables your end users to create virtual machines and manage their lifecycle without IT intervention. As an IT Pro, you can define the specific offers, configurations, and quotas to be made available to end users, and then allow end users to self-service within those boundaries.

The WAP user interface gives visibility to templates defined in VMM, so that your end users can create virtual machines based on those templates just like in the VMM console itself. Such virtual machines are referred to as “standalone VMs”.

The WAP user interface also provides the ability to create virtual machines based on VM Role definitions. A variety of pre-built VM Role definitions are available for download as described in this wiki. You can also create your own VM Role definitions using the VM Role Authoring Tool. Using the tool you can specify additional parameters for the end user to provide when creating a virtual machine, and define the “run once” commands to be run when a virtual machine is created from the role. Those parameter values provided by the end user can be substituted into the “run once” commands to provide fully parameterized deployment behavior. For example, you might define a VM Role for a MySQL server virtual machine, with additional parameters for the MySQL admin username and password. The “run once” commands will install MySQL from a package repo on the network, and then set the MySQL configuration, including the admin username and password.

Here’s a view of the VM Role Authoring Tool with the Linux specific options visible. This particular VM Role defines a CentOS 7 Linux server that has PowerShell DSC for Linux v1.1 installed and running. The VM Role has several “run once” commands defined. These commands do the following:

• Set up an unprivileged user account with a username and password supplied by the end user when he creates the VM. You’ll see that these “run once” commands reference parameter values.
• Retrieves over the network some packages that make up PowerShell DSC for Linux v1.1
• Installs those packages
• Starts PowerShell DSC for Linux

VM Roles can also be scaled using WAP. For example, you can create an instance of a VM Role that is an Apache web server running on Linux, and specify a scale of “2." WAP will create two virtual machines using the VM role definition. Then later, if the incoming workload increases, you can go back into the WAP user interface and simply increase the scale from “2” to “3." WAP will immediately create a third virtual machine using the same VM Role definition.

Summary

System Center Virtual Machine Manager and Windows Azure Pack are the core of a private cloud that runs Windows and Linux equally well. Building on the core ability to run Linux as a guest on Hyper-V, VMM provides the fabric for the private cloud, and manages the lifecycle of Linux virtual machines. WAP provides a portal that makes it super easy for an end user to create role-specific virtual machines and to scale them out as necessary.

Next week the topic is OS and workload monitoring for Linux and UNIX using System Center Operations Manager. I’ll describe the architecture of Linux/UNIX monitoring in OpsMgr, the health and performance monitoring functionality provided by the Linux/UNIX management packs, and how to extend and customize that monitoring.