12.06.2018: CernVM 4.1
CernVM 4 is a virtual machine image based on Scientific Linux 7 combined with a custom, virtualization-friendly Linux kernel.
CernVM 4 is based on the µCernVM bootloader. Its outstanding feature is that it does not require a hard disk image to be distributed (hence “micro”). Instead it is distributed as a read-only image of ~20MB containing a Linux kernel and the CernVM-FS client. The rest of the operating system is downloaded and cached on demand by CernVM-FS. The virtual machine still requires a hard disk as a persistent cache, but this hard disk is initially empty and can be created instantaneously, instead of being pre-created and distributed.
CernVM 4 comes with a number of extra packages from EPEL and other sources. If you believe an important package is missing, please let us know!
Enforce booting a previous version of CernVM
Booting a previous version of CernVM can be enforced using the following contextualization snippet:
[ucernvm-begin] cvmfs_tag=cernvm-system-<VERSION> [ucernvm-end]
The VERSION corresponds to the version of the cernvm-system RPM. For an interactive virtual machine, hit
<TAB> in the early boot menu and then
e to edit the entry. You can change the
cvmfs_repository_tag boot parameter from HEAD4 to VERSION.
Note that previous versions do not contain the latest security fixes.
Download the latest images from our download page. The image is generic and available in different file formats for different hypervisors. The image needs to be contextualized to become either a graphical development VM or a batch virtual machine for the cloud.
In most cases, a CernVM needs to be contextualized on first boot. The process of contextualization assigns a profile to the particular CernVM 4 instance. For instance, a CernVM can have the profile of a graphical VM used for development on a laptop; applying another context let the CernVM become a worker node in the cloud.
The CernVM Online portal lets you define and store VM profiles in one place. Once defined, the VM profiles can quickly be applied to any newly booted CernVM instance using a pairing mechanism on the login prompt. Please visit the following pages for more information about how to create new context templates and pair an instance with given template.
allows for instantiating CernVMs from text-based contexts, such as our public demo contexts.
Please find details on the various contextualiztion options on the contextualization page.
Updates and Version Numbers
When booted, CernVM will load the latest available CernVM 4 version and pin itself on this version. This ensures that your environment stays the same unless you explicitly take action. Both the µCernVM bootloader and the CernVM-FS provided operating system can be updated using the
cernvm-update script. CernVM machines show an update notification in /etc/motd and in the GUI. The support list will be notified when updates are ready and will post specific instructions for each update.
The CernVM 4 strong version number consists of 4 parts: 4.X.Y.Z. Major version 4 indicates an Scientific Linux 7 based CernVM. Minor version X will be changed when there is a significant change in the set of supported features. “Y” is the bugfix version. “Z” is the security hotfix version; changes in “Z” don’t change the set of packages but provide security fixes for selected packages.
Once booted and contextualized, you can use ssh to connect to your virtual machine. SSHFS and shared folders provide you an easy means to exchange files between the host and CernVM. If you use the vagrant image on a Linux or OS X host, shared folders are provided by NFS, which enables support for hard links.
For storing data and analysis results, we recommend not to use the root partition. Instead, attach a second hard drive to the virtual machine or use shared folders. This way, you can move data between virtual machines and the data remains intact even in case the virtual machine ends up in an unsuable state.
In order to start a stand-alone ROOT, click on the ROOT logo in the middle of the application launcher bar. In non-graphical mode, use
module load ROOT to set up the ROOT environemnt. Afterwards you can just use
root. If you want to clean the environment from that particular version of ROOT, use
module unload ROOT.
CernVM can run docker containers. In order to enable docker support, run
sudo systemctl start docker. In order to enable docker on boot, run
sudo systemctl enable docker.
By default, CernVM comes with a Java 8 environment. Java 7 is available if necessary. In order to change the default Java version, use
update-alternatives --config java.
Single Sign On
You can get a Kerberos token with
kinit. With the token, you can login to lxplus and work with subversion repositories without the need to provide a password. Note that due to DNS issues, this feature is not available in VirtualBox.
By default, CernVM has no swap space enabled. The following commands creates a 2G swap file
sudo fallocate -l 2G /mnt/.rw/swapfile sudo chmod 0600 /mnt/.rw/swapfile sudo mkswap /mnt/.rw/swapfile sudo swapon /mnt/.rw/swapfile
If a file /mnt/.rw/swapfile exists, it will picked up automatically on boot as a swap space. In order to activate a swap space through contextualization, add to your amiconfig user data
<SIZE> can be anything understood by
fallocate -l or it can be
auto, in which case CernVM uses 2G/core.
Resizing the Root Partition
If you increase your virtual hard drive, you can have CernVM increase your root partition accordingly. To do so, run
sudo touch /mnt/.rw/aux/resize
and reboot. Resizing the root partition is a delicate operation, please make a VM snapshot before you proceed.
- Unity feature in latest VMware Fusion does not work
In case you cannot login (any more) to your virtual machine, even though the machine was properly contextualized, you can boot CernVM in “debug mode”. In the early boot menu, select the “Debug” entry. This enables kernel debug messages and pauses the boot process just before the µCernVM bootloader hands over to the operating system. Here, type
reset_root_password followed by
Ctrl+D. Once booted, you can then login as root with password “password”.