Preparing ISO image for Yandex Cloud platform

Started by jinxray, July 26, 2024, 11:55:08 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 26, 2024, 11:55:08 AM
Faced problem with required preconfiguration to install OPNSense in cloud environment.
There is instructions:
https://yandex.cloud/en/docs/compute/operations/image-create/custom-image
Quote
Boot disk images must meet the following requirements:
   

    The virtio-net, virtio-blk, and virtio-pci drivers are installed. If you are going to attach file storages to your VM, you also need to install the virtiofs driver. For more information, refer to this guide.
        The ttyS0 terminal (COM1 port) is set up as a serial console. For more information, refer to this guide.
        The network interface runs correctly when starting a VM and obtains the IP address via DHCP.
        The cloud-init package is installed and configured to work with our metadata service. To install the package for CentOS, run the sudo yum install cloud-init command. To install it for Debian or Ubuntu, run sudo apt update && sudo apt install -y cloud-init.
        If you created an image based on an Amazon Machine Image (AMI), verification of the cloud platform where the VM instance is run is disabled in the cloud-init settings. For more information, refer to this guide.
        In the system firewall settings, the minimum required set of ports for running your applications and a port for SSH access (by default, 22 TCP) are open.
        The SSH server starts automatically at VM startup.
        Services running your application are resistant to VM reboots.
        The boot disk uses MBR partitioning.
        The disk is mounted by its UUID rather than by name.
        The file system is not encrypted.

I guess there is 2 ways:
1) Use prebuild VHD, VDI to place it on cloud plarform
2) Build an image, that can correctly be used to install instances of OPNSense
I guess having an prebuild preparted image is a more correct and convinient way, so now I'm trying to move this way.

So i assume, my current step-by-step guide is:
1) Install FBSD 13.2 on some virtualization platform(I'm using VirtualBox)
2) Make required changes by Yandex Cloud
3) Build OPNSense dvd, using "tools" repository - https://github.com/opnsense/tools

So, I need clear OPNSense but with some modification, required for cloud platform Yandex Cloud
I though "tools" repository will copnfigure OPNSense on top of FreeBSD, but seems it's not.
Also found bootstrap script https://github.com/opnsense/update?tab=readme-ov-file#opnsense-bootstrap, but getting exit code "Must be amd64 architecture", despite "uname -p" returning "amd64".
So need to say I'm absolute noob at FreeBSD and OPNSense, so just need a way to create my image and then learn and maintain FreeBSD with OPNSense. Will be grateful for any help!

Maybe wrong topic, sorry
July 26, 2024, 12:04:02 PM #1
The toolchain in tools does not build an OPNsense from an existing and possibly tuned/configured installation. It builds an OPNsense install medium from the source code.

So your best approach would probably be to install and tune inside some hypervisor. I do not know if the cloud-init requirement can be met.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
July 29, 2024, 01:03:19 PM #2
So I just used opnsense-bootstrap script on clear FreeBSD(didnt do any changes), rebooted and cant see any difference on system. Also cant see any errors either.
Also, I guess opnsense after installation must be on /usr/local/opnsense/, but there is nothing but some files(image included)
Am I getting this right, that the 'opnsense-bootstrap' script will build an OPNSense on my FreeBSD system?
July 29, 2024, 01:07:09 PM #3
Yes, but there is a bug in FreeBSD that prevents opnsense-bootstrap from running correctly.

Delete the line (205 in HEAD):
Code Select
                pkg unlock -ya

and try again.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
July 30, 2024, 11:53:11 AM #4
Figured out how to install opnsense on freebsd with cloud-init. Connected to machine via COM port and run bootstrap script. Machine reboots and then I dont have any output and cant perform any input on that stage. Before that tried to install with ssh session, but as documentation says(https://docs.opnsense.org/manual/how-tos/serial_access.html#connecting-to-the-serial-console), if I'm using serial in installation process, this wont be disabled. So is it something with serial or opnsense in general?
July 30, 2024, 12:01:40 PM #5
Also an assumption: it stops to give any output and probably losing connectivity, because its assigning default(?) ip's for interfaces, and that is not the addresses, assigned to VM by cloud platform. Is there any way to specify ip and mask during bootstrap installation ?
Print
Go Up Pages1
User actions