Building a QEMU image with Ubuntu

Creating an OpenMRS virtual appliance using QEMU

These are very rough notes for creating a runnable image of OpenMRS on Ubuntu in a virtual machine. You should also look here: http://openmrs.org/wiki/Installing_An_OpenMRS_Server_On_Linux

1.0 Creating the initial image

0) Download an install image for linux - for this exercise we are using Ubuntu server 7.04

a) Make sure that the QEMU directory is in your path

b) Create a project directory for the image

c) Under the project directory, create a bios directory. Copy all the .bin files from your QEMU directory to %PROJECT%\bios. You will need these files to boot your image.

d) Create a raw disk image using qemu-img:

qemu-img create -f raw OpenMRS.img 3G

  The raw format is used to facilitate conversion to other image formats, particularly to VMWare. The initial size of 3 Gigabytes is to be sure to have enough space without making an image that is too large.

e) Install Ubuntu on the disk image using the Ubuntu Server ISO image

qemu -L bios -cdrom ubuntu-7.04-server-i386.iso -hda OpenMRS.img -boot d

f) Installing Ubuntu server 1. Select your keyboard and locale 2. For the hostname, enter OpenMRS 3. Choose guided partitioning a) Select the QEMU hard drive (if you've created a 3GB image, you will see a 3GB harddrive) b) Accept the defaults NOTE: This sets up swap space as well as a single ext3 partition - we will need to revisit this vis-a-vis performance and host requirements for the image. 4. Set the system clock to UTC 5. For the real user name, specify "OpenMRS Administrator" 6. Use openmrs for the user account name 7. Set the user password - that's up to you (I'm using abc123) 8. Do not install DNS or LAMP server, just press continue 9. The installer will continue adding and configuring software to the system. When complete, it will ask to reboot the system. Allow it to do so - when the reboot has failed, terminate QEMU and restart it without using the Ubuntu Server ISO image.

qemu -L bios -hda OpenMRS.img

This now leaves you with a usable base image of Ubuntu 7.04 Server 10. [Optional] shutdown the server image and terminate qemu in order to do a preliminary backup of the image file. Use the command:

qemu-img convert OpenMRS.img OpemMRS_backup_1.img

This will create a backup file called OpenMRS_backup_1.img. You should use the qemu-img command rather than a normal copy - The image file is a sparse file which takes up only a fraction of the advertized file size on the physical disk. A straight copy of this file will cause it to fill in the unoccupied space. This wont affect the use of the file but will make it significantly larger.

g) Setting up networking

  We'll want the appliance to be accessible as a network service from the host computer so that we can use Firefox and Microsoft Infopath on the local desktop.
  There's multiple ways of doing this:

a) you can either download OpenVPN (Current stable latest version is 2.0.9) and install the TAP device driver which will create a virtual ethernet interface to which you can attach QEMU or b) Redirect a local host port to a port on the emulated machine using a QEMU command line switch, -redir, as follows:

qemu -redir tcp:8080::8080 ......

This example maps TCP port 8080 on your host machine to tcp port 8080 on the guest (emulated) machine.

h) Installing software

  If your host computer has an internet connection, your Ubuntu server image should be able to access the network when invoked as follows:

qemu -L bios -cdrom ubuntu-7.04-server-i386.iso -hda OpenMRS.img

  In this mode the emulator will be using a user space stack which allows whatever is running in the image to access the network through the host's network connection.  Note that the host is not able to access services running inside the image at this point - we'll get to that later. We're mounting the Ubuntu CDROM image as well since that will be required at various time when using "aptitude" to get packages.

1. Log in as "openmrs" using the password you specified during installation 2. Run aptitude as root (You will need to provide the password for the "openmrs" account)

sudo aptitude

3. Install the following packages: sun-java5-jre sun-java5-jdk tomcat5.5 tomcat5.5-admin mysql-server-5.0

Notes: a) If you are asked for a postfix configuration, select "No configuration" or "Local"

Fixes to run tomcat as of this writing (June 1, 2007) In order to run tomcat, you will need to edit the /etc/tomcat5.5/server.xml file and change the catalina connector port from 8180 to 8080, then make sure that the server.xml file is readable (chmod oug+r server.xml, and chmod oug+rx /etc/tomcat5.5). There is currently an issue with the logging system which causes tomcat to block until the file /usr/share/tomcat5.5/logs/catalina.out is read (It is currently implemented as a named pipe). There are two options here: a) leave the pipe as is and tail the file after tomcat has started (you can add this to the /etc/init.d/tomcat.5.5 script) or b) you can delete the file and recreate it as a regular file c) You will need to add an entry to the /usr/share/tomcat5.5/conf/tomcat-users.xml file: More on this issue when a proper fix is available.

Installing OpenMRS

Look here: http://openmrs.org/wiki/Installing_An_OpenMRS_Server_On_Linux those instructions are much more complete.

a) Run the database scripts b) Copy the war file into Tomcat's webapps directory (/usr/share/tomcat5/webapps) c) Create the runtime properties file: 1. login as user openmrs 2. mkdir ~/.OpenMRS 3. chmod oug+rx ~/.OpenMRS 4. cd ./OpenMRS 5. Create the file OpenMRS-runtime.properties and enter this text into it:

 #
 # OpenMRS Runtime Properties file 
 #
 # (comments starting with a pound sign "#" are ignored)

 ### Database connection properties
 connection.username=test
 connection.password=test
 connection.url=jdbc:mysql://localhost:3306/openmrs?autoReconnect=true

 # Allow/Disallow uploading of a module via the web
 module.allow_web_admin=false

 ### Debugging options
 hibernate.show_sql=false

 ###Customization Options
 # If the custom setting is a folder, only files contained in the customization will be overwritten
 #custom.images.dir=%APPDATA%/OpenMRS/custom/images
 #custom.template.dir=%APPDATA%/OpenMRS/custom/template
 #custom.style.css.file=%APPDATA%/OpenMRS/custom/style.css
 #custom.index.jsp.file=%APPDATA%/OpenMRS/custom/index.jsp
 #custom.messages=%APPDATA%/OpenMRS/custom/messages.properties
 #custom.messages_fr=%APPDATA%/OpenMRS/custom/messages_fr.properties

 #
 ##  
 ### The following properties are deprecated as of 1.0.43
 ### Properties can be modified in the Global Properties section of the webapp
 ###
 ###formentry.infopath.output_dir=%APPDATA%/OpenMRS/FormEntry/forms
 ###formentry.starter_xsn_folder_path=C:/Program Files/Apache  Group/Tomcat/webapps/openmrs/formentry/forms/starter
 ###formentry.infopath.server_url=http://localhost:8080/openmrs
 ###formentry.infopath.initial_url=http://localhost:8080/openmrs/formTaskpane.htm
 ###formentry.infopath.taskpane_caption=Welcome!
 ###scheduler.username=admin
 ###scheduler.password=test

6. set the environment variable OPENMRS_RUNTIME_PROPERTIES_FILE to point to the above file. I've done this in the Tomcat5 startup script in /etc/init.d 7. Restart tomcat

Add the following block to /etc/tomcat5/policy.d/04webapps.policy. This will allow the code in OpenMRS to execute certain functions which are normally not allowed for applications running under tomcat (note that I havent quite gotten this part right, so the last line solves the problem with the sledgehammer approach)

 grant {
 permission java.lang.RuntimePermission "getenv.*";
 permission java.util.PropertyPermission "user.home", "read";
 permission java.io.FilePermission "user.home", "read";
 permission java.io.FilePermission "<<ALL FILES>>", "read";
 permission java.lang.RuntimePermission "createClassLoader";
 permission java.lang.RuntimePermission "setContextClassLoader";
 permission java.lang.RuntimePermission "accessDeclareMembers";
  
 
 permission java.security.AllPermission;
 }

Note that the last line gives all permissions and makes some of the above lines currently redundant. This has to be fixed to state specific permissions.

Had to create the directory /usr/share/tomcat5/.OpenMRS/modules and set ownership to tomcat5. This is because openmrs looks for the modules directory somewhere underneath the home directory - since tomcat is run by the tomcat user, this is where the directory ends up. Need to look at this as well.