Prepare FreeBSD 10 for Google Compute Engine

freebsd10-gce.txt

I was able to install FreeBSD on GCE in a very direct way, without the hurdles of Qemu, gcutil, and the FreeBSD installer. All are great tools, but I think my apporach is somewhat more suitable for GCE, or at least much simpler. Much of this is well-known practice for installing manually, with some fluff for managing it as a disk image, as well as the few odd networking requirements of GCE (MTU and netmask).



My basic approach is to:

* Use my FreeBSD machine at home to build a self-hosting "rescue" disk image for GCE.

* Start a temporary Linux machine in GCE from a provided image.

* Copy my image from home to a raw block device.

* Start a FreeBSD machine in GCE using that block device as the root.



Once bootstrapped, I used this "rescue" machine to turn up more machines, then shut down this machine. I kept this "rescue" disk image handy for future rescues and turn-ups. Naturally, this is the bare minimum; you'll still want to install gcutil and stuff once you have your space bootstrapped. Although I typically prefer ZFS, I used UFS here for a smaller memory footprint and because the data on this filesystem is not precious. Either GPT or legacy partitioning schemes work.



1. On your FreeBSD machine at home, create a disk image:

# truncate -s 2G /tmp/rescue.img

# mdconfig -a -t vnode -f /tmp/rescue.img

[adjust below if it says other than md0]



2a. Partition it with gpart:

# gpart create -s gpt /dev/md0

# gpart add -s 222 -t freebsd-boot -l rescue-boot md0

# gpart add -t freebsd-ufs -l rescue-root md0

# gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 md0

# newfs -U /dev/md0p2

# mount /dev/md0p2 /mnt



2b. OR partition it the legacy way:

# fdisk -B -b /boot/boot0 /dev/md0

# bsdlabel -w -B /dev/md0s1 

# newfs -U /dev/md0s1a

# mount /dev/md0s1a /mnt



3. Install the base OS:

# tar -C /mnt -xpf base.txz

# tar -C /mnt -xpf doc.txz

# tar -C /mnt -xpf games.txz

# tar -C /mnt -xpf kernel.txz

# tar -C /mnt -xpf lib32.txz

[Add ports.txz and/or src.txz if you prefer.]



4. Configure stuff:

# chroot /mnt csh

# newaliases

# passwd root

[Set a password.]

# mkdir /root/.ssh

# cat > /root/.ssh/authorized_keys << EOF

[your key]

EOF

# echo '/dev/da0p2 / ufs rw,noatime,suiddir 1 1' > /etc/fstab  [change da0p1 to da0s1a if old style partition tables]

# echo -Dh > /boot.config

# echo 'console="comconsole"' > /boot/loader.conf

# cat > /etc/rc.conf << EOF

console="comconsole"

hostname="rescue"

ifconfig_vtnet0="DHCP"

ntpd_enable="YES"

ntpd_sync_on_start="YES"

sshd_enable="YES"

EOF

# cat > /etc/ssh/sshd_config << EOF

PasswordAuthentication no

PermitRootLogin yes

UseDNS no

UsePAM no  # Otherwise PAM will allow password auth.

Subsystem sftp /usr/libexec/sftp-server

EOF

# cat > /etc/ntp.conf << EOF

server 169.254.169.254 burst iburst

EOF

# cat > /etc/dhclient.conf << EOF

interface "vtnet0" {

  supersede subnet-mask 255.255.0.0;

}

EOF

# cat > /etc/rc.local << EOF

ifconfig vtnet0 mtu 1460

EOF

# ln -s /usr/share/zoneinfo/Asia/Calcutta /etc/localtime

# exit

(You may also want to change your timezone from UTC.)



5. Dismount the image:

# umount /mnt

# mdconfig -d -u md0



6. Start a Linux machine on GCE. If you'll be subsequently creating machines with ZFS, choose one with enough RAM.

7. Copy rescue.img to it. (Remember, it must be dismounted first.)

8. Create a blank disk for FreeBSD and attach it to your Linux machine. I suggest naming the disk Rescue.

9. cat rescue.img > /dev/sdb [assuming your FreeBSD disk is sdb]

10. Detach Rescue from your Linux machine.

11. Create a new machine with Rescue attached as root.

12. After allowing time for it to boot, you should be able to ssh in as root.

13. Destroy the Linux machine to save expense, if desired.





Create the MBR partitioning scheme:

# gpart create -s mbr da0
Make it bootable by installing bootcode.

# gpart bootcode -b /boot/mbr da0
Create an MBR partition. FreeBSD calls these "slices". Set it active so the system will boot from it.

# gpart add -t freebsd da0
# gpart set -a active -i 1 da0
Inside the FreeBSD slice, create a bsdlabel partitioning scheme. Bootcode is needed here also.

# gpart create -s bsd da0s1
# gpart bootcode -b /boot/boot da0s1
Create the FreeBSD "partitions" inside the slice.

# gpart add -t freebsd-ufs  -a 4k -s 2g   da0s1
# gpart add -t freebsd-swap -a 4k -s 512m da0s1
# gpart add -t freebsd-ufs  -a 4k -s 1g   da0s1
# gpart add -t freebsd-ufs  -a 4k -s 256m da0s1
# gpart add -t freebsd-ufs  -a 4k         da0s1

Format and label the filesystems before they are mounted, enabling soft updates for better performance:

# glabel label swap /dev/da0s1b
# newfs -L rootfs -U /dev/da0s1a
# newfs -L varfs  -U /dev/da0s1d
# newfs -L tmpfs  -U /dev/da0s1e
# newfs -L usrfs  -U /dev/da0s1f

See http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/disks.html#SAFE-SOFTUPDATES for more information on using soft updates on the root filesystem.

Restore data to the new filesystems:

# mount /dev/da0s1a /mnt
# gzcat root.dump.gz | (cd /mnt && restore -rf -)
# umount /mnt
Repeat for /var, /tmp, /usr.

Modify /etc/fstab:

# Device                Mountpoint      FStype  Options         Dump    Pass#
/dev/label/swap         none            swap    sw              0       0
/dev/ufs/rootfs         /               ufs     rw              1       1
/dev/ufs/tmpfs          /tmp            ufs     rw              2       2
/dev/ufs/usrfs          /usr            ufs     rw              2       2
/dev/ufs/varfs          /var            ufs     rw              2       2
Done!


# echo newPassword | pw mod user chitra -h 0

Super helpful, very easy, and worked first time for me.

Hello Mitchel,
I know that it is very helpful post. I am looking for help who is able to install and run PFSense on Google Compute Engine (GCE). If you are interested, please let me know the price to complete this job. We may depend on you to configure the PFSense as per our requirement for additional amount also. If you are interested, please send an email to mouli999 at gmail dot com
Thank you.
Chandra.