OpenBSD is a free and open-source Unix-like operating system known for its emphasis on security, correctness, and a strong commitment to free and open-source software principles. Developed by a community of volunteers, OpenBSD prioritizes code quality and rigorous security auditing, making it a preferred choice for security-conscious users and organizations. The system's proactive security features, such as privilege separation and a focus on secure coding practices, contribute to its reputation as one of the most secure operating systems available. OpenBSD supports various hardware architectures and includes a range of built-in utilities and services. Its commitment to simplicity, clarity, and a secure default configuration has established OpenBSD as a reliable platform for network infrastructure, firewalls, and security-focused applications.

OpenBSD with American Cloud

American Cloud offers two OpenBSD options.

OpenBSD (Beta) -Predefined with a 25GB startup disk and cloud init allowing interaction with CMP functions.
OpenBSD (Beta) -Self-Install version which requires more robust technical knowledge to utilze all the resources within the CMP. This documentation will discuss both.

OpenBSD (Beta) -Predefined

Build Instance

Login to the Web Portal with a valid American Cloud account
On the left navigation column choose 'Cloud Compute'
Click on "Create an Instance" select your "Project" and click "Proceed"
Select your location and network. Under "Choose Server Image" select "Other Services" tab and choose "OpenBSD 7.4 Beta"
Choose server size

Important: The base template will provide a 25GB root disk no matter the SSD selected. Therefore, only choose a 25GB root disk for pricing purposes. Later in the documentation, more storage will be allocated.
Click on Review and Deploy once reviewed click on Deploy Now

Upon initial boot the American Cloud CMP will show a running status moments before the full boot is complete. By opening the console the boot process can be observed.

Add Additional Storage

As discussed previously additional storage may be required. American Cloud provides this through block storage. Select here for additional documentation on building Block Storage Click Here. Ensure when building the block storage volume that the newly built instance is selected.

OpenBSD lacks a hot-add function. Therefore, a reboot is required following the build of block storage Reboot the system either through the CMP or command sudo reboot.

Retrieve Disk Information

Upon reboot, use the command sysctl -a | grep -i disk. The disk count will be printed onto the screen.

ac-openbsd$ sysctl -a | grep -i disk
hw.disknames=cd0:,sd0:5ca267e7629f19b2,sd1:,fd0:
hw.diskcount=4
machdep.bios.diskinfo.128=bootdev = 0xa0000204, cylinders = 1023, heads = 255, sectors = 63

Access root using sudo -i and run the command disklabel sd1 to print the drive information

ac-openbsd# disklabel sd1
# /dev/rsd1c:
type: SCSI
disk: SCSI disk
label: Block Device
duid: 0000000000000000
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 6527
total sectors: 104857600
boundstart: 0
boundend: 104857600

16 partitions:
#                size           offset  fstype [fsize bsize   cpg]
  c:        104857600                0  unused

Partition the Drive

Command Function

help Display summary of available commands

manual Display fdisk man page

reinit Initialize the partition table

setpid Set identifier of table entry

edit Edit table entry

flag Set flag value of table entry

update Update MBR bootcode

select Select MBR extended table entry

swap Swap two table entries

print Print partition table

write Write partition table to disk

exit Discard changes and exit edit level

quit Save changes and exit edit level

abort Discard changes and terminate fdisk

Partition the drive using fdisk -e sd1

ac-openbsd# fdisk -e sd1
Enter 'help' for information
sd1: 1>

Use the print command to list the available partitions

sd1: 1> p
Disk: sd1  geometry: 6527/255/63 [104857600 Sectors]
Offset: 0  Signature: 0x0
            Starting         Ending         LBA Info:
 #: id      C   H   S -      C   H   S [       start:        size ]
-------------------------------------------------------------------------------
 0: 00      0   0   0 -      0   0   0 [           0:           0 ] Unused
 1: 00      0   0   0 -      0   0   0 [           0:           0 ] Unused
 2: 00      0   0   0 -      0   0   0 [           0:           0 ] Unused
 3: 00      0   0   0 -      0   0   0 [           0:           0 ] Unused

Determine how to partition the drive and use the edit command to make adjustments.

For this example a single 50GB partition will be built on partition 3
Select the partition id. To print a list of identifiers type ?. For an identifier of OpenBSD utilize A6
Determine to use CHS or not.

Determine the partition offset and size

sd1: 1> edit 3
Partition id ('0' to disable) [01 - FF]: [00] (? for help) A6
Do you wish to edit in CHS mode? [n] n
Partition offset [0 - 104857599]: [0] 0
Partition size [1 - 104857600]: [1] 104857600

Using the print command ensure the partition has been created. If satisfied use the quit command to save & exit fdisk
Build the new file system using the command newfs sd1c.

Mount Drive

Using either nano or vim, open /etc/fstab. Insert the drive info using (duid /location perms) ex...786d2bc033bfc8ff.c /mnt/test1 ffs rw,wxallowed 1 1
Using the mkdir command build the location for the drive
```
ac-openbsd# mkdir /mnt/test1
```
Using mount -a command will mount all drives in the /etc/fstab file.

Finally list the drives using df -h

ac-openbsd# df -h
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/sd0a     24.2G    1.4G   21.6G     7%    /
/dev/sd1c     48.4G    2.0K   46.0G     1%    /mnt/test1

/dev/sdc1c at /mnt/test1 has been added

OpenBSD (Beta) -Self-Install

Build Instance

Login to the Web Portal with a valid American Cloud account
On the left navigation column choose 'Cloud Compute'
Click on "Create an Instance" select your "Project" and click "Proceed"
Select your location and network. Under "Choose Server Image" select "Other Services" tab and choose "OpenBSD 7.4 Beta"
Choose server size
Click on Review and Deploy once reviewed click on Deploy Now

Upon initial boot the American Cloud CMP will show a running status moments before the full boot is complete. By opening the console the boot process can be observed.

Finalize Install

At first build the OpenBSD instances will not be receiving input from the CMP. Therefore, the console should be used to interact with the instance.

On the instance overview page launch the console utilizing the console toggle
An initial install page will be displayed. Hit the enter key to continue
Select the desired boot mode. This documentation will focus on normal boot mode

While conducting the initial setup options surrounded by "[ ]" are default.

Provide keyboard and hostname for the instance. This will be adjusted later in the documentation

Welcome to the OpenBSD/amd64 7.4 installation program.
(I)nstall, (U)pgrade, (A)utoinstall or (S)hell? I

Choose your keyboard layout ('?' or 'L' for list) [default]
System hostname? (short form, e.g. 'foo') ac_openbsd

Establish the network configuration

Available  network interfaces are: em0 vlan0.
Network interface to configure? (name, lladdr, '?', or 'done') [em0]
IPv4 address for em0? (or 'autoconf' or 'none') [autoconf]
IPv6 address for em0? (or 'autoconf' or 'none') [none]
Available  network interfaces are: em0 vlan0.
Network interface to configure? (name, lladdr, '?', or 'done') [done]

Configure root account information. This documentation is prohibiting-password for ssh login and should be adjusted to fit requirements

Password for root account? (will not echo)
Password for root account? (again)
Start sshd(8) by default? [yes]
Do you expect to run the X Window System? [yes] no
Change the default console to com0? [no]
Setup a user? (enter a lower-case loginname, or 'no') [no]
Allow root ssh login? (yes, no, prohibit-password) [no] prohibit-password
What timezone are you in? ('?' for list) [US/Eastern] UTC

Configure the required disk space. There are several options. This documentation a custom layout is utilized. The disk space was determined by step 5 in the Build Instance section

Available disks are: sd0.
Which disk is the root disk ('?' for details) [sd0]
Encrypt the root disk with a passphrase? [no]
Use (W)hole disk MBR, whole disk )G)PT or (E)dit? [whole]
Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout? [a] C
Label editor (enter '?' for help at any prompt)
sd0>a
partition to add: [a]
offset: [64]
size: [104857536]
FS type: [4.2BSD]
mount point: [none] /

Once the drive has been built and mounted utilize the p command to review the disk. When satisfied use 'q' to quit and write label
```
sd0*> p
sd0*> q
Write new label?: [y]
```

Install the sets utilizing the below information

Let's install the sets!
Location of sets? (cd0 disk http nfs or 'done') [http]
HTTP proxy URL? (e.g. 'http://proxy:8080' or 'none') [none]
HTTP Server? (hostname, list#, 'done' or '?') [ftp.usa.openbsd.org]
Server directory? [pub/OpenBSD/7.4/amd64]

Next select sets. Upon initial population all sets will be selected. Use the -all command to unselect all and type the desired set names and reboot the instance

Select sets by entering a set name, a file name pattern or 'all'.
Set name(s)? (or 'abort' or 'done') [done] -all
Set name(s)? (or 'abort' or 'done') [done] bsd bsd.rd base74.tgz bsd.mp man74.tgz
name(s)? (or 'abort' or 'done') [done]
Locations of sets? (cd0 disk http nfs or 'done') [done]
Exit to (S)hell, (H)alt or (R)eboot? [reboot]

Install Cloud init

In order for the machine to interact with American Cloud CMP cloud-init is required. Below are the necessary requirements.

Install python using 'pkg_add python git`.

When prompted, choose option 3: python-3.10.13

vm-play-w-9b186d# pkg_add python git
quirks-6.160 signed on 2023-12-14T11:48:02Z
Ambiguous: choose package for python
a  0: <None>
    1: python-2.7.18p11
    2: python-3.9.18
    3: python-3.10.13
    4: python-3.11.5
Your choice:

Clone cloud-init using git clone https://github.com/canonical/cloud-init.git
Navigate to the cloud-init directory using cd cloud-init/
Using ./tools/build-on-openbsd install the tools within the cloud-init directory
Install the preferred editor using pkg_add vim or pkg_add nano
Edit the rc.local file by running vim /etc/rc.local and inserting the below code under line number two. Also, comment out or remove the /usr/local/lib/cloud-init/ds-identify
```
rm -f var/run/.instance-id
rm -f var/run/instance-data

#/usr/local/lib/cloud-init/ds-identify
```

Edit the cloud.cfg file using the command vim /etc/cloud/cloud.cfg to match the below. Ensure to add the datasource_list.

# The modules that run in the 'init' stage
datasource_list: [ CloudStack ]
datasource:
  CloudStack: {}
  None: {}

# The modules that run in the 'init' stage
cloud_init_modules:
  - seed_random
  - bootcmd
  - write_files
  - [set_hostname, always]
  - update_hostname
  - update_etc_hosts
  - ca_certs
  - rsyslog
  - users_groups
  - ssh

# The modules that run in the 'config' stage
cloud_config_modules:
  - ssh_import_id
  - keyboard
  - locale
  - [set_passwords, always]
  - ntp
  - timezone
  - disable_ec2_metadata
  - [runcmd, always]

# System and/or distro specific settings
# (not accessible to handlers/transforms)
system_info:
  # This will affect which distro class gets used
  distro: openbsd
  # Default user name + that default users groups (if added/used)
  default_user:
    name: cloud
    lock_passwd: False
    gecos: cloud
    groups: [sudo, wheel]
    doas:
      - permit nopass cloud
    sudo: ["ALL=(ALL) NOPASSWD:ALL"]
    shell: /bin/ksh
  network:
    renderers: ['openbsd']

Reboot the system

The instance can now be managed completely using the American Cloud CMP. This can be tested by changing hostname or password.