Building a Custom Oracle Linux Image with the LAMP Stack

Before You Begin

Purpose

This tutorial shows you how to build a custom Oracle Linux image that you can use to provision instances (virtual machines) in Compute Classic.

Time to Complete

Approximately 1 hour, excluding the time required for downloading the required software.

Background

Compute Classic includes several pre-built images. These images contain the packages that are necessary for running typical enterprise workloads. See About Oracle Provided Linux Images in Using Oracle Cloud Infrastructure Compute Classic. But certain applications may need a highly customized operating system. This tutorial illustrates how you can create one such image. Use this tutorial as a reference framework for developing your own images.

Scenario

This tutorial shows you how to build an Oracle Linux 6.7 image running the Unbreakable Enterprise Kernel (UEK) with the AMP stack (Apache HTTP Server, MySQL, and PHP). When you use this image to create an instance in Compute Classic, an Oracle Linux 6.7 virtual machine is provisioned with the LAMP stack fully installed and configured.

Here's an overview of the tasks in this tutorial:

Creating a VM in Oracle VM VirtualBox
Installing Oracle Linux on the VM
Configuring the VM for Internet access
Installing MySQL
Installing Apache HTTP Server
Installing PHP
Installing opc-init (Optional)
Creating a user, configuring key-based SSH access, and enabling sudo privileges
Changing the defaut kernel (optional)
Cleaning up the network settings of the VM
Converting the VM disk to an image

What Do You Need?

Oracle VM VirtualBox

To download the Oracle VM VirtualBox installer and for installation instructions, go to https://www.virtualbox.org/wiki/Downloads.

The instructions in this tutorial are for VirtualBox v4.3.28.
The Oracle Linux installer ISO
1. Go to https://edelivery.oracle.com.
2. Click Sign In, and sign in by using your Oracle.com credentials.
3. Read the export restrictions, and click Accept.
4. Select the Linux/OVM/VMs check box.
5. In the Product field, type Linux and wait for a few seconds.
6. In the drop-down list that appears, select Oracle Linux, and then click Select Platform.
7. In the resulting dialog box, select the x86 64 bit check box, and click Select.
  
  Oracle Linux x86 64 bit is displayed in the Selected Products pane, as shown in the following screenshot.
  
  Description of this image
8. Click Continue.
9. On the resulting page, select the Oracle Linux release that you want to download.
  
  For example, to download Oracle Linux 6.7, click Select Alternate Release. Then, from the drop-down list, select Oracle Linux 6.7.0.0.0 for x86 64 bit, and click Continue.
10. Read and accept the terms and restrictions, and then click Continue.
11. In the File Download dialog box, identify the required ISO file, note its size, and click the appropriate part_number.iso link.
  
  For example, if you had selected Oracle Linux 6.7 earlier, then you must download V77197-01.iso.
12. Note the directory in which you downloaded the ISO.
The qemu-img utility (optional)

This utility is available by default in most Linux distributions. For Windows, you should download and install it.
- On Windows:
  
  Download the QEMU installer from http://qemu.weilnetz.de/.
  
  Double-click the downloaded exe file and follow the instructions in the installation wizard.
- On Linux:
  
  Check whether the qemu-img package is installed:
```
rpm -qa | grep qemu-img
```
  - If qemu-img is installed, you'll see the following output:
```
qemu-img-0.12.1.2-2.295.el6.x86_64
```
  - If qemu-img is not installed, no output is displayed.
    
    To install qemu-img, enter the following command:
```
sudo yum install -y qemu-img
```

Creating a VM in Oracle VM VirtualBox

Start Oracle VM VirtualBox.

The Oracle VM VirtualBox Manager window is displayed.

Note: The instructions from this point on are based on version 4.3.28 of Oracle VM VirtualBox. Field names may be different in other versions of Oracle VM VirtualBox. See the Oracle VM VirtualBox documentation.
Click New.
In the Name and operating system screen, enter a name for your VM (for example, "OL67"), select Linux as the Type and Oracle (64-bit) as the Version, and click Next.
In the Memory size screen, select the amount of RAM for your VM (for example, 1024 MB), and click Next.

Note that the RAM you specify here won't affect the memory allocated for the VMs that you’ll create later using the image. That memory allocation will depend on the shape that you specify for the VM in Compute Classic.
In the Hard drive screen, select Create a virtual hard drive now, and click Create.
In the Hard drive file type screen, select VDI (VirtualBox Disk Image), and click Next.
In the Storage on physical hard drive screen, select Dynamically allocated, and click Next.
In the File location and size screen,
- Specify the directory where the VM disk should be stored.
  
  Note this directory path and name. You’ll need it later in this procedure.
- Select the size of the virtual disk.
  
  Note: This step determines the disk size of your image. Select the size carefully. Large image files require more time to be uploaded to Oracle Cloud Infrastructure Object Storage Classic, they consume more storage space, and they also take more time for instance creation in Compute Classic.
After selecting the virtual disk location and size, click Create.

Your new VM is created and displayed in Oracle VM VirtualBox Manager.

Description of this image

Installing Oracle Linux on the VM

In Oracle VM VirtualBox Manager, select your VM and click Start.
In the Select start-up disk dialog box, browse to the directory that contains the Oracle Linux installer ISO that you downloaded earlier, and click Start.
Follow the directions in the installation wizard.

During the installation process, you're prompted for the installation language, keyboard layout, and time zone. You also define the host name, set the root password, select the partitioning type, and so on.

If you need help making choices during the installation process, see the Oracle Linux Installation Guide.
Wait for the installation process to be completed.

After the operating system is installed, you’ll see the following screen.

Description of this image
Click Reboot.
After rebooting, the VM displays the login prompt. Log in to the VM as the root user, using the password that you specified during the installation process.

Next, configure the VM for access to the Internet.

Configuring the VM for Accessing the Internet

Before installing MySQL, Apache HTTP Server, and PHP on the VM, you must configure the network settings for the VM to enable access to the public Internet.

Shut down the VM.
```
shutdown -P now
```
In Oracle VM VirtualBox Manager, select the VM, and click the Settings button.
In the Settings dialog box, select Network in the left navigation pane.
In the Adapter 1 tab, do the following:
- Select Enable Network Adapter.
- In the Attached to field, select NAT.
  
  Description of this image
Click OK.
Start the VM by selecting it and clicking the Start button.
Log in as the root user.
Check whether the eth0 network interface of the VM is up:
```
ip address show eth0 | grep -w inet
```
This command should display output as shown in the following example:
```
inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
```
If the command doesn't return any output, enter the following command:
```
ifup eth0
```
If access to the Internet in your organization is routed through a proxy, specify the proxy server URL:
```
export http_proxy=http://proxy_host:port
export https_proxy=https://proxy_host:port
```
Verify that the VM can access the Oracle public yum server:
```
ping -c5 public-yum.oracle.com
```

Installing MySQL

Enable installation of MySQL through yum:
1. Open /etc/yum.repos.d/public-yum-ol6.repo in a text editor like vi:
  
  If /etc/yum.repos.d/public-yum-ol6.repo does not exist, download it:
```
cd /etc/yum.repos.d
wget http://public-yum.oracle.com/public-yum-ol6.repo
```
2. Look for the [public_ol6_MySQL] section in the /etc/yum.repos.d/public-yum-ol6.repo file.
3. Enable the public_ol6_MySQLrepository by setting the enabled parameter to 1, as follows:
```
[public_ol6_MySQL]
name=MySQL 5.5 for Oracle Linux 6 ($basearch)
baseurl=http://public-yum.oracle.com/repo/OracleLinux/OL6/MySQL/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1
```
Install the MySQL client.
```
yum install -y mysql
```
Wait till you see the following message:

Description of this image
Install the MySQL server.
```
yum install -y mysql-server
```
Wait till you see the followng message:

Description of this image
Verify that the mysql service has been installed.
```
chkconfig --list mysqld
```
The output should be as follows:
```
mysqld 0:off	1:off	2:off	3:off	4:off	5:off	6:off
```
Initialize the database.
```
service mysqld start
```
Wait till the following message is displayed:
```
Starting mysqld: [ OK ]
```
Enhance the security of the MySQL installation.
```
mysql_secure_installation
```
1. At the prompt for the current password for the root user, press Enter.
2. At the prompt to set the root password, enter y. Specify the password and re-enter it.
3. At the prompt to remove anonymous users, enter y.
4. At the prompt to disallow remote root login, enter y.
5. At the prompt to remove the test database, enter y.
6. At the prompt to reload privilege tables, enter y.
  
  You'll see the following message, indicating the MySQL installation has been completed:
```
All done! If you've completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!
```

Installing Apache HTTP Server

Create the group apache.
```
groupadd apache
```
Create the user apache.
```
useradd -g apache -s /bin/false apache
```
Install httpd.
```
yum install -y httpd
```
Wait till you see the following message:

Description of this image
Start the httpd service.
```
service httpd start
```
The output should be as follows:
```
Starting httpd: [ OK ]
```

Verify that the process is running:

ps -fea |grep httpd

This command should show output as shown in the following example:

apache 20094 20092 0 12:26 ? 00:00:00 /usr/sbin/httpd
apache 20095 20092 0 12:26 ? 00:00:00 /usr/sbin/httpd
apache 20096 20092 0 12:26 ? 00:00:00 /usr/sbin/httpd
apache 20097 20092 0 12:26 ? 00:00:00 /usr/sbin/httpd
apache 20098 20092 0 12:26 ? 00:00:00 /usr/sbin/httpd
apache 20099 20092 0 12:26 ? 00:00:00 /usr/sbin/httpd
apache 20101 20092 0 12:26 ? 00:00:00 /usr/sbin/httpd
apache 20103 20092 0 12:26 ? 00:00:00 /usr/sbin/httpd

Start the service:
```
chkconfig httpd on
```
Verify that the service has been started.
```
chkconfig --list httpd
```
The output should be as follows:
```
httpd 0:off	1:off	2:on	3:on	4:on	5:on	6:off
```

Installing PHP

Install php and php-mysql.
```
yum install -y php php-mysql
```
Wait till you see the following message

Description of this image

Create a PHP test page:

echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php

Change the ownership of the test page to apache.

chown -R apache:apache /var/www/html/phpinfo.php

Restart httpd to reflect the changes in php:
```
service httpd restart
```
Start a browser, enter http://IP_address_of_the_VirtualBox_VM/phpinfo.php in the address bar, and verify whether all the PHP environment variables are listed.

Installing opc-init (Optional)

The opc-init package contains scripts provided by Oracle that allow you to perform specified instance initialization tasks automatically every time an instance is created. For example, you can create users, install additional packages, add SSH keys, run prebootstrap scripts, and so on. You specify the required instance initialization tasks in the form of user data when you create an instance. The opc-init scripts query the metadata service on the instance for this user data. The specified user data is then used by the opc-init scripts to perform the required prebootstrap tasks.

Determine the version of Python on the VM:
```
python --version
```
To download the opc-init package, start a web browser and go to: http://www.oracle.com/technetwork/topics/cloud/downloads/opc-init-3096035.html.
Accept the terms and conditions and click All Supported Platforms to download the package. Make a note of the download location.
Go to the download location and extract the opc-init files. The opc-init package contains the following files:
- opc-init-py2.6-RELEASE.noarch.rpm — for Linux with Python 2.6
- opc-init-py2.7-RELEASE.noarch.rpm — for Linux with Python 2.7
- README
Here, RELEASE indicates the version of the opc-init package. For example, 16.4.2.
Use yum to install the appropriate version of the opc-init utility:
```
yum install ./opc-init-py2.6-RELEASE.noarch.rpm
```
Or
```
yum install ./opc-init-py2.7-RELEASE.noarch.rpm
```
For instance initialization tasks that you want to perform on all instances that use this image, add the required scripts and user data attributes in the image. For instance initialization tasks that must be performed only on a specific instance, not on all instances created using this image, provide the user data attributes while creating the instance, not in the image.

See Automating Instance Initialization Using opc-init in Using Oracle Cloud Infrastructure Compute Classic.
To set up opc-init to run automatically every time the instance boots, open the file /etc/rc.local.
```
vi /etc/rc.local
```
Add the line /usr/bin/opc-linux-init at the end of the file and save and close the file.

Adding a User, Configuring Key-Based SSH Access, and Enabling sudo Privileges

Create the required users.

For example, the following command creates the user, opc.
```
useradd opc
```
Note: If you've installed opc-init, you must create the opc user. If you've installed opc-init, you must also specify a password for the opc user, by using the --password option of the useradd command.
While creating an instance, you can specify one or more SSH public keys. The keys that you specify are stored as metadata on the instance. This metadata can be accessed from within the instance at http://192.0.0.192/latest/meta-data/public-keys/{index}/openssh-key, where {index} is a number starting from 0.

For these keys to be added to the authorized_keys file of users, you can write a script that runs automatically when the instance boots, retrieves the keys from http://192.0.0.192/latest/meta-data/public-keys/{index}/openssh-key within the instance, and adds the keys to the authorized_keys file of the appropriate users.

If you've installed opc-init, the opc-init scripts do this for you for the opc user.
To enable sudo privileges for a user, edit the /etc/sudoers file by using the visudo command:
```
visudo -f /etc/sudoers
```
In /etc/sudoers, look for the following lines:
```
## Same thing without a password
# %wheel    ALL=(ALL)       NOPASSWD: ALL 
```
Add the following line right after the preceding lines:
```
%opc   ALL=(ALL)       NOPASSWD: ALL
```
Here, opc is the autocreated group to which the new opc user belongs.

Changing the Default Kernel (Optional)

Beginning with Oracle Linux 5.5, you can choose to boot your Oracle Linux VM using the default Unbreakable Enterprise Kernel (UEK) or the Red Hat Compatible Kernel.

By default, the Oracle Linux VM boots using UEK, which is a modern, high performance kernel for enterprise applications.

uname -r
3.8.13-44.1.1.el6uek.x86_64

Oracle tests the UEK intensively with demanding Oracle workloads, and recommends the UEK for Oracle deployments and all other enterprise deployments. For more information about the UEK, see About the Unbreakable Enterprise Kernel in Oracle Linux Administrator's Solutions Guide.

If you want Compute Classic instances created using this image to boot using the Red Hat Compatible Kernel instead, then you must edit the /etc/grub.conf file and change the default kernel.

Open /etc/grub.conf in a text editor like vi.
Look for the following line:
```
default=0
```
The number 0 indicates that the VM must boot from the first kernel listed in grub.conf.
Identify the position in grub.conf of the Red Hat Compatible Kernel that you want to boot from.

If the kernel you want to boot from is the second in the list, then change the default parameter to 1. If the kernel you want is the third in the list, then set the default parameter to 2, and so on.
Save and close /etc/grub.conf.
Restart the VM.
```
shutdown -r now
```

The VM boots from the Red Hat Compatible Kernel.

To verify the kernel, enter the following command:

uname -r

The output should be as shown in the following example:

2.6.32-504.el6.x86_64

Configuring the Network Settings of the VM

Disable SELinux:

Open /etc/selinux/config in a text editor:
```
vi /etc/selinux/config
```
Look for the following line:
```
SELINUX=enforcing
```
Change this line to the following:
```
SELINUX=disabled
```
Note: Running SELinux in the permissive mode can clutter logs and consoles.
Save and close the file.

Stop the iptables service:

Note: You can use security lists and security rules in Compute Classic to implement firewall rules for the instance.
1. Enter the following command:
```
service iptables stop
```
  Wait till you see the following output:
  
  Description of this image
2. Enter the following command:
```
chkconfig iptables off
```
Ensure that there are no hard-coded MAC addresses:
1. Replace /etc/udev/rules.d/70-persistent-net.rules with an empty file, by entering the following command:
```
>| /etc/udev/rules.d/70-persistent-net.rules
```
2. Replace /lib/udev/rules.d/75-persistent-net-generator.rules with an empty file, by entering the following command:
```
>| /lib/udev/rules.d/75-persistent-net-generator.rules
```
Open /etc/sysconfig/network-scripts/ifcfg-eth0 in a text editor, and edit it so that it contains only the following lines:
```
DEVICE=eth0
ONBOOT=yes
TYPE=Ethernet
BOOTPROTO=dhcp
PERSISTENT_DHCLIENT=1
```

Note: The /etc/sysconfig/network-scripts/ifcfg-eth0 interface file that you just edited enables users to attach the instances that're created from this image to a single network. If you expect the instances to be attached to multiple networks, then create a separate interface file under /etc/sysconfig/network-scripts for each additional network. The interface files should be named ifcfg-eth1, ifcfg-eth2, and so on, up to ifcfg-eth7. The content in each interface file should be identical to ifcfg-eth0, except that the DEVICE attribute should be set to the appropriate interface name—that is eth1, eth2, and so on.

Here's an example of the /etc/sysconfig/network-scripts/ifcfg-eth1 interface file. Note the value of the DEVICE attribute.

DEVICE=eth1
ONBOOT=yes
TYPE=Ethernet
BOOTPROTO=dhcp
PERSISTENT_DHCLIENT=1

Open /etc/sysconfig/network in a text editor, and edit it so that it contains only the following lines:
```
NETWORKING=yes
HOSTNAME=localhost.localdomain
IPV6_AUTOCONF=no
NOZEROCONF=yes
```

Converting the VM Disk to an Image

Power off the VM.
```
shutdown -P now
```
Go to your Oracle VM VirtualBox installation directory, and enter the following command:
```
VBoxManage internalcommands converttoraw /path/to/myVM.vdi /path/to/myImage.img
```
- /path/to/myImage.img is the full path and name of the resulting .img file.
- /path/to/myVM.vdi is the full path and name of the virtual disk file of your VM.
  
  If you don’t know the path and name of the .vdi file, select the VM in the Oracle VM VirtualBox Manager window and click Settings. In the resulting dialog box, select Storage from the navigation pane on the left, and select your .vdi file in the Storage Tree pane. Note the value of the Location field, as shown in the following example:
  
  Description of this image
The process of converting the VDI image to the raw format may take several minutes, particularly for large images. After the conversion, a .img file is created. The size of this file matches the disk size that you specified while creating the VM.

While creating the VM in Oracle VM VirtualBox, if you opted for a VMDK hard drive type, then to convert the VMDK disk to the raw format, enter the following command:
```
VBoxManage clonehd /path/to/myVM.vmdk /path/to/myImage.img --format raw
```
Note: Alternatively, you can use the qemu-img utility to convert the VMDK disk to the raw format.
```
qemu-img convert -f vmdk -O raw /path/to/myVM.vmdk /path/to/myImage.img
```
Convert the image file to the sparse format so that it uses less disk space and can be uploaded faster to Oracle Cloud Infrastructure Object Storage Classic.
```
cp --sparse=always /path/to/myImage.img /path/to/myImage_sparse.img
```
tar and gzip the .img file.

Remember to specify the -S option to ensure that thetar utility stores the sparse file appropriately.
```
tar -czSf /path/to/myImage.tar.gz /path/to/myImage_sparse.img
```
Note: Choose a tar.gz file name that you can use later to easily identify the essential characteristics of the image, such as the OS name, OS version, and the disk size. For example, you could use the name OL66_12GB_RE.tar.gz for a root-enabled (RE), Oracle Linux (OL) version 6 update 6 (6u6) image with a 12-GB disk.

To use the image that you just created to provision instances in Compute Classic, you must first upload the tar.gz image file to Oracle Cloud Infrastructure Object Storage Classic. See Uploading Image Files to Oracle Cloud Infrastructure Object Storage Classic in Using Oracle Cloud Infrastructure Compute Classic.

Want to Learn More?

Guidelines for Building Your Own Images in Using Oracle Cloud Infrastructure Compute Classic.
Uploading Image Files to Oracle Cloud Infrastructure Object Storage Classic in Using Oracle Cloud Infrastructure Compute Classic.
Registering a Machine Image in Compute Classic in Using Oracle Cloud Infrastructure Compute Classic.
About Oracle-Provided Images in Using Oracle Cloud Infrastructure Compute Classic.
Automating Instance Initialization Using opc-init in Using Oracle Cloud Infrastructure Compute Classic.

Credits

Lead Curriculum Developer: Kumar Dhanagopal
Other Contributors: Andrei Costache, Tom Eliason, Andrei Isaev, Octave Orgeron, Julian Ortiz Iregui, Raja Mukherjee, Jeff Pleau, Nitin Tomar, Michael Yang, Jeff Welsch, Anamika Mukherjee

Building a Custom Oracle Linux 6.7 Image with the LAMP Stack

Options