Just moozing

Before you can check your notes, you must make them…

Vagrant and openbsd

leave a comment »

I have decided to work with OpenBSD for my virtual routers. For me that requires vagrant boxes. This blog post is about how to make OpenBSD vagrant boxes.

If you are impatient, just scroll down to the last sections.


Initial installation

Doing a basic OpenBSD installation is pretty straight-forward (when you know how these things work….).


Download image

We will use OpenBSD version 5.7 which I download from here.

It is the minimal installation iso, that will pull whatever it needs from the net during install.


Create virtual machine

I use Libvirt and virt-manager. Any virtualization software should work.

To ensure the same hardware across different machine, I specify that the network hardware is virtio, otherwise I get issues with interface names on different hosts/versions.

And as with most OS installations, the trick is to boot using the cd57.iso file mentioned above.


Go through the installation procedure

It is mostly trivial yes/no questions.

The complete list is here:

• Installation: install
• keymap: dk
• hostname: ob
• configure interface: vio0
• address: dhcp
• ipv6 address: none
• other interface: Done
• root password: vagrant
• start sshd by default: yes
• start ntpd: no
• run X window: no
• X started by xdm: no
• default console to com0: no
• add a user: vagrant
• full name:
• password: vagrant
• disable sshd logins to root: yes
• Timezone: Europe/Copenhagen
• root disk: wd0
• Use DUID: yes
• Use whole disk: whole
• Layout: auto layout
• Location of sets: http
• proxy: none
• http server: ftp.openbsd.dk
• Server directory: pub/OpenBSD/5.7/amd64
• set name(s): select all
• Location of sets: done
• reboot

This is the easy way to install Openbsd.  I suspect that a non-automatic disk layout might be better, but it will suffice for now.


Install python

Since we will be using Ansible, Python is necessary.

pkg_add python


It will ask which version you want. Ansible requires version 2.x. Currently, that means version 2.7.9p0.

It suggest to make symbolic links. Do that.

 ln -sf /usr/local/bin/python2.7 /usr/local/bin/python
 ln -sf /usr/local/bin/python2.7-2to3 /usr/local/bin/2to3
 ln -sf /usr/local/bin/python2.7-config /usr/local/bin/python-config
 ln -sf /usr/local/bin/pydoc2.7 /usr/local/bin/pydoc


Applying ansible

I have created an ansible playbook to vagrantify a base box. All ansible stuff is on a server or other host, than the one being modified.

The is a readme file in the vagrantify project. It will be kept up-to-date as the project evolves, below are guides on how it works now.


Install ansible

On the host (not virtual machine)

apt-get install ansible

You need at least version 1.9. Check it by

ansible --version


Get the playbook

I have created a github project with the appropriate files. So you need to get the files

git clone https://github.com/moozer/vagrantify.git


Update the inventory file

In the github project there is a inventory.orig file, that is intended to be used as template. It looks something like this

ob ansible_ssh_user=vagrant ansible_ssh_host= ansible_python_interpreter=/usr/local/bin/python ansible_become_pass=vagrant

Quick descriptions:

  • Use vagrant as the ssh user
  • The part with ansible_ssh_host=ob must correspond to name or the ip of the virtual machine. Ssh to the virtual machine to check the ssh access, and to add the vm to .ssh/known_hosts.
  • The python interpreter is not in the location vagrant expects
  • In the playbook, we specify to run the commands as root., hence the ansible_become_pass.


Apply the playbook

ansible-playbook --verbose -i inventory --ask-pass playbook.yml

The –ask-pass parameter requires the program sshpass to be installed.


Now the virtual machine should be ready to be converted to a vagrant box.


Creating box and uploading to Hashicorps

I made a separate blog entry about that.


Using it!

Now I have done all the hard work, so to create a vagrant box with openbsd 5.7, you do the following

$ cd <somewhere>
$ vagrant init moozer/base-ob57
$ vagrant up --provider=libvirt

Then you can add whatever vagrant compatible provisioning, you want. See the vagrant docs for details.

The box is available on hashicorp now, so the above commands should get you started.

You want to change passwords and keys. See notes below.


Some (important) notes about vagrant and openBSD

I encountered some issues working my way through this.

  • rsync is default for /vagrant shares on some machines and not on others. I now specify it in the default Vagrantfile.
  • Vagrant replaces insecure keys when it detect them. This doesn’t work on OpenBSD due to some issue with “sed -i …”, but that is resolved in OpenBSD 5.8, so I just disabled checking for insecure keys. This might not be good in your context.
  • Some Libvirt installations have pcnet as default network card, others have virtio. On the inside of the OpenBSD box, this translates to different interface names (ie. pcn0 or vio0). It now specify network cards to be virtio in the default Vagrantfile.

Written by moozing

July 30, 2015 at 12:00

Posted in Tech

Tagged with , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: