| 7 | | 1. In these direcitons, the host (or <hostname>) refers to the name of the kvm host computer (e.g. negri, or bolivar, etc.). The guest (or <guestname>) refers to the name of the virtualized server you are creating. The examples use negri as the host and hay as the guest. |
| 8 | | 1. Install the [https://support.mayfirst.org/wiki/install_debian_kvm_manager kvm-manager] scripts (this should already be done on existing hardware) on the host |
| 9 | | 1. Run kvm-creator to create the new LV for the guest and the needed directory and files in /etc/sv/kvm/: |
| | 5 | In these direcitons, the host (or <hostname>) refers to the name of the kvm host computer (e.g. negri, or bolivar, etc.). The guest (or <guestname>) refers to the name of the virtualized server you are creating. The examples use negri as the host and hay as the guest. |
| | 6 | |
| | 7 | == Initial steps == |
| | 8 | |
| | 9 | * Pick an activist to name the server after. Find the wikipedia page (or a similar page) describing your activist. |
| | 10 | * Edit the [wiki:ip_allocation ip allocation] wiki page, assigning yourself a new IP address |
| | 11 | * Add a Host record in the May First/People Link -> mayfirst.org -> DNS section of the control panel matching your server name with the IP you have allocated for it. |
| | 12 | * Copy an existing puppet node file, preferably one from the same host, naming it after your activist (pick either the first or last name of the activist, up to you) |
| | 13 | * Replace all instances of the old guest name with your new guest name and change the namesake URL and description text and anything else (be sure that the onsite/rdiff-backup server is in the same colo center as the server you are creating). |
| | 14 | * Replace the IP address in the nagios stanza with the correct IP address |
| | 15 | * Edit the puppet configuration file for the host server. Copy an existing m_kvm::guest stanza, replacing values as needed |
| | 16 | * commit changes to the puppet repo and git push to the host machine |
| | 17 | |
| | 18 | == While root on the host machine == |
| | 19 | |
| | 20 | * Fix the permissions of the created ISO file (hopefully this bug will get fixed soon...). |
| 19 | | EXAMPLE WITH OUTPUT: |
| 20 | | 0 negri:~/preseed-repo/squeeze# kvm-creator demo hay vg_negri0 15G 512 |
| 21 | | NAME : hay |
| 22 | | VG : vg_negri0 |
| 23 | | SIZE : 15G |
| 24 | | RAM : 512 |
| 25 | | TAP : tap5 |
| 26 | | MAC : 02:01:00:00:00:06 |
| 27 | | DISK : /dev/mapper/vg_negri0-hay |
| 28 | | 0 negri:~/preseed-repo/squeeze# kvm-creator create hay vg_negri0 15G 512 |
| 29 | | Adding user `hay' ... |
| 30 | | Adding new group `hay' (1005) ... |
| 31 | | Adding new user `hay' (1005) with group `hay' ... |
| 32 | | Creating home directory `/home/hay' ... |
| 33 | | Copying files from `/etc/skel' ... |
| 34 | | Logical volume "hay" created |
| 35 | | 0 negri:~/preseed-repo/squeeze# |
| | 30 | cat /root/.monkeysphere/authorized_user_ids >> /home/<guestname>/.monkeysphere/authorized_user_ids |
| | 31 | monkeysphere-authentication update-users <guestname> |
| 44 | | 1. If you are installing an operating system to the new KVM guest: |
| 45 | | 1. Customize the details for the server you are installing |
| 46 | | 1. Edit /root/preseed-repo/squeeze/server-specifics.cfg with the new server's info. You will need to have chosen the hostname at this point. The a simple file currently looks something like: |
| 47 | | {{{ |
| 48 | | d-i netcfg/get_hostname string algernon |
| 49 | | |
| 50 | | # Static network configuration. |
| 51 | | d-i netcfg/get_nameservers string 209.51.163.29 |
| 52 | | d-i netcfg/get_ipaddress string 209.51.180.21 |
| 53 | | d-i netcfg/get_netmask string 255.255.255.240 |
| 54 | | d-i netcfg/get_gateway string 209.51.180.17 |
| 55 | | |
| 56 | | # Set Volume Group Name |
| 57 | | d-i partman-auto-lvm/new_vg_name string vg_algernon0 |
| 58 | | }}} |
| 59 | | * This is the time where you want to check the [wiki:ip_allocation] page, claim a new IP and look at the other network settings you will need for this device. |
| 60 | | * Now would also be a good time to [https://members.mayfirst.org/cp go to the control panel] and set up a DNS Entry for this server. This should me done in the "mayfirst.org hosting order. That way, when it comes time to use the new kvm guest, you will have workin nameservice to it. |
| 61 | | 1. Change into /usr/local/share/ISOs: {{{ cd /usr/local/share/ISOs }}} |
| 62 | | 1. Run: |
| 63 | | {{{ |
| 64 | | 0 negri: di-maker hay-squeeze.iso /root/preseed-repo/squeeze/preseed.cfg /root/preseed-repo/squeeze/server-specifics.cfg /root/preseed-repo/squeeze/late_command |
| 65 | | --2011-03-05 15:22:04-- http://ftp.nl.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/linux |
| 66 | | Resolving ftp.nl.debian.org... 130.89.149.21, 2001:610:1908:a000::149:21 |
| 67 | | Connecting to ftp.nl.debian.org|130.89.149.21|:80... connected. |
| 68 | | HTTP request sent, awaiting response... 200 OK |
| 69 | | Length: 2417312 (2.3M) [application/octet-stream] |
| 70 | | Saving to: “linux” |
| 71 | | |
| 72 | | 100%[=====================================================================>] 2,417,312 1.81M/s in 1.3s |
| 73 | | |
| 74 | | 2011-03-05 15:22:05 (1.81 MB/s) - “linux” saved [2417312/2417312] |
| 75 | | |
| 76 | | --2011-03-05 15:22:05-- http://ftp.nl.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz |
| 77 | | Reusing existing connection to ftp.nl.debian.org:80. |
| 78 | | HTTP request sent, awaiting response... 200 OK |
| 79 | | Length: 6747069 (6.4M) [application/octet-stream] |
| 80 | | Saving to: “initrd.gz” |
| 81 | | |
| 82 | | 100%[=====================================================================>] 6,747,069 3.40M/s in 1.9s |
| 83 | | |
| 84 | | 2011-03-05 15:22:07 (3.40 MB/s) - “initrd.gz” saved [6747069/6747069] |
| 85 | | |
| 86 | | FINISHED --2011-03-05 15:22:07-- |
| 87 | | Downloaded: 2 files, 8.7M in 3.2s (2.76 MB/s) |
| 88 | | 38743 blocks |
| 89 | | 38772 blocks |
| 90 | | Enabling BIOS support ... |
| 91 | | xorriso 0.5.6 : RockRidge filesystem manipulator, libburnia project. |
| 92 | | |
| 93 | | 0 negri:/usr/local/share/ISOs# |
| 94 | | }}} |
| 95 | | 1. Create a symlink called cd.iso in the /home/<guestname>/vms/<guestname>/ directory with a target of the desired ISO: |
| 96 | | {{{ |
| 97 | | ln -s /usr/local/share/ISOs/<some-installer>.iso /home/<guestname/vms/<guestname>/cd.iso |
| 98 | | }}} |
| 99 | | 1. Tell runit to start the guest automatically |
| 100 | | {{{ |
| 101 | | update-service --add /etc/sv/kvm/<guestname> |
| 102 | | }}} |
| 103 | | 1. Log into the new guest via ssh: {{{ ssh <guestname>@<hostname>.mayfirst.org }}} |
| 104 | | 1. Start screen: {{{ screen -x}}}. You should see a grub menu waiting for you to hit enter on the installer. |
| 105 | | 1. After hitting enter, watch the installer fly by. |
| 106 | | 1. Before it completes, be sure to delete the symlink you created to the cd.iso installer (as root): |
| | 37 | * Remove the symlink to the ISO in the newly created user's home directory... |
| | 58 | * Set the root password. Generate one locally with pwgen. |
| | 59 | * Record new password in MFPL [wiki:keyringer keyringer] |
| | 60 | |
| | 61 | == While in your puppet conf directory on your local machine == |
| | 62 | |
| | 63 | * Setup a remote for the new server: |
| | 64 | {{{ |
| | 65 | freepuppet-helper gsr:<guestname> |
| | 66 | }}} |
| | 67 | * Initialize the new server for puppet with: |
| | 68 | {{{ |
| | 69 | freepuppet-helper is:<guestname> |
| | 70 | }}} |
| | 71 | You will be prompted to approve the ssh key. You can confirm the key by running the following on the guest: |
| | 72 | {{{ |
| | 73 | ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub |
| | 74 | }}} |
| | 75 | * Run puppet: |
| | 76 | {{{ |
| | 77 | freepuppet-helper pr:<guestname> |
| | 78 | }}} |
| | 79 | * Sign host key: |
| | 80 | {{{ |
| | 81 | freepuppet-helper gshk:<guestname> |
| | 82 | }}} |
| | 83 | * Sign root user key: |
| | 84 | {{{ |
| | 85 | freepuppet-helper gsrk:<guestname> |
| | 86 | }}} |
