Changes between Version 22 and Version 23 of install_kvm


Ignore:
Timestamp:
Jun 23, 2011, 1:16:26 PM (9 years ago)
Author:
Jamie McClelland
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • install_kvm

    v22 v23  
    11This page documents the procedure for creating a new KVM guest on a mayfirst server.
    2 
    3 This document is not complete! Do not use it to actually create a new KVM guest yet.
    42
    53= Creating a new KVM guest =
    64
    7  1. In these direcitons, the host (or <hostname>) refers to the name of the kvm host computer (e.g. negri, or bolivar, etc.). The guest (or <guestname>) refers to the name of the virtualized server you are creating. The examples use negri as the host and hay as the guest.
    8  1. Install the [https://support.mayfirst.org/wiki/install_debian_kvm_manager kvm-manager] scripts (this should already be done on existing hardware) on the host
    9  1. Run kvm-creator to create the new LV for the guest and the needed directory and files in /etc/sv/kvm/:
     5In these direcitons, the host (or <hostname>) refers to the name of the kvm host computer (e.g. negri, or bolivar, etc.). The guest (or <guestname>) refers to the name of the virtualized server you are creating. The examples use negri as the host and hay as the guest.
     6
     7== Initial steps ==
     8
     9 * Pick an activist to name the server after. Find the wikipedia page (or a similar page) describing your activist.
     10 * Edit the [wiki:ip_allocation ip allocation] wiki page, assigning yourself a new IP address
     11 * Add a Host record in the May First/People Link -> mayfirst.org -> DNS section of the control panel matching your server name with the IP you have allocated for it.
     12 * Copy an existing puppet node file, preferably one from the same host, naming it after your activist (pick either the first or last name of the activist, up to you)
     13  * Replace all instances of the old guest name with your new guest name and change the namesake URL and description text and anything else (be sure that the onsite/rdiff-backup server is in the same colo center as the server you are creating).
     14  * Replace the IP address in the nagios stanza with the correct IP address
     15 * Edit the puppet configuration file for the host server. Copy an existing m_kvm::guest stanza, replacing values as needed
     16 * commit changes to the puppet repo and git push to the host machine
     17
     18== While root on the host machine ==
     19
     20 * Fix the permissions of the created ISO file (hopefully this bug will get fixed soon...).
    1021{{{
    11 USAGE: kvm-creator create|destroy|demo guestname [volumegroup [disksize [ram [tap [mac] ] ] ]
     22chmod a+r /usr/local/share/ISOs/<guestname>.iso
    1223}}}
    13  1. Initially it's a good idea to run the demo. This will give you a breakdown of how the server will be created.
     24 * Create a symlink to the ISO in the newly created user's home directory...
    1425{{{
    15 kvm-creator demo <guestname>
     26ln -s /usr/local/share/ISOs/<guestname>.iso /home/<guestname>/vms/<guestname>/cd.iso
    1627}}}
    17  1. After determining the settings you want the machine to have, run the demo command and then the 'create' command.
     28 * Add access to the new guest to all root users:
    1829{{{
    19 EXAMPLE WITH OUTPUT:
    20 0 negri:~/preseed-repo/squeeze# kvm-creator demo hay vg_negri0 15G 512
    21 NAME : hay
    22 VG : vg_negri0
    23 SIZE : 15G
    24 RAM : 512
    25 TAP : tap5
    26 MAC : 02:01:00:00:00:06
    27 DISK : /dev/mapper/vg_negri0-hay
    28 0 negri:~/preseed-repo/squeeze# kvm-creator create hay vg_negri0 15G 512
    29 Adding user `hay' ...
    30 Adding new group `hay' (1005) ...
    31 Adding new user `hay' (1005) with group `hay' ...
    32 Creating home directory `/home/hay' ...
    33 Copying files from `/etc/skel' ...
    34   Logical volume "hay" created
    35 0 negri:~/preseed-repo/squeeze#
     30cat /root/.monkeysphere/authorized_user_ids >> /home/<guestname>/.monkeysphere/authorized_user_ids
     31monkeysphere-authentication update-users <guestname>
    3632}}}
    37  1. Add at least one user to the access list for the new KVM guest's serial console
    38   1. Monkeysphere way: Add a uid to the /home/<guestname>/.monkeysphere/authorized_user_ids file or copy /root/.monkeysphere/authorized_user_ids to /home/<guestname>/.monkeysphere
    39   1. SSH key way: Add an SSH key to the /home/<guestname>/.ssh/authorized_keys file
    40   1. Rebuild the monkeysphere-controlled SSH authorized_keys files:
    41 {{{
    42 monkeysphere-authentication u USERNAME
     33 * Start the new guest
     34{{{
     35update-server --add /etc/sv/kvm/<guestname>
    4336}}}
    44  1. If you are installing an operating system to the new KVM guest:
    45   1. Customize the details for the server you are installing
    46    1. Edit /root/preseed-repo/squeeze/server-specifics.cfg with the new server's info. You will need to have chosen the hostname at this point. The a simple file currently looks something like:
    47 {{{
    48 d-i netcfg/get_hostname string algernon
    49 
    50 # Static network configuration.
    51 d-i netcfg/get_nameservers string 209.51.163.29
    52 d-i netcfg/get_ipaddress string 209.51.180.21
    53 d-i netcfg/get_netmask string 255.255.255.240
    54 d-i netcfg/get_gateway string 209.51.180.17
    55 
    56 # Set Volume Group Name
    57 d-i partman-auto-lvm/new_vg_name string vg_algernon0
    58 }}}
    59      * This is the time where you want to check the [wiki:ip_allocation] page, claim a new IP and look at the other network settings you will need for this device.
    60      * Now would also be a good time to [https://members.mayfirst.org/cp go to the control panel] and set up a DNS Entry for this server. This should me done in the "mayfirst.org hosting order. That way, when it comes time to use the new kvm guest, you will have workin nameservice to it.
    61    1. Change into /usr/local/share/ISOs: {{{ cd /usr/local/share/ISOs }}}
    62    1. Run:
    63 {{{
    64 0 negri: di-maker hay-squeeze.iso /root/preseed-repo/squeeze/preseed.cfg /root/preseed-repo/squeeze/server-specifics.cfg /root/preseed-repo/squeeze/late_command                                   
    65 --2011-03-05 15:22:04--  http://ftp.nl.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/linux                                                                               
    66 Resolving ftp.nl.debian.org... 130.89.149.21, 2001:610:1908:a000::149:21                                       
    67 Connecting to ftp.nl.debian.org|130.89.149.21|:80... connected.                                               
    68 HTTP request sent, awaiting response... 200 OK                                                                 
    69 Length: 2417312 (2.3M) [application/octet-stream]                                                             
    70 Saving to: “linux”                                                                                             
    71                                                                                                                
    72 100%[=====================================================================>] 2,417,312   1.81M/s   in 1.3s     
    73                                                                                                                
    74 2011-03-05 15:22:05 (1.81 MB/s) - “linux” saved [2417312/2417312]                                             
    75                                                                                                                
    76 --2011-03-05 15:22:05--  http://ftp.nl.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz                                                                           
    77 Reusing existing connection to ftp.nl.debian.org:80.
    78 HTTP request sent, awaiting response... 200 OK
    79 Length: 6747069 (6.4M) [application/octet-stream]
    80 Saving to: “initrd.gz”
    81 
    82 100%[=====================================================================>] 6,747,069   3.40M/s   in 1.9s   
    83 
    84 2011-03-05 15:22:07 (3.40 MB/s) - “initrd.gz” saved [6747069/6747069]
    85 
    86 FINISHED --2011-03-05 15:22:07--
    87 Downloaded: 2 files, 8.7M in 3.2s (2.76 MB/s)
    88 38743 blocks
    89 38772 blocks
    90 Enabling BIOS support ...
    91 xorriso 0.5.6 : RockRidge filesystem manipulator, libburnia project.
    92 
    93 0 negri:/usr/local/share/ISOs#
    94 }}}
    95   1. Create a symlink called cd.iso in the /home/<guestname>/vms/<guestname>/ directory with a target of the desired ISO:
    96 {{{
    97 ln -s  /usr/local/share/ISOs/<some-installer>.iso /home/<guestname/vms/<guestname>/cd.iso
    98 }}}
    99  1. Tell runit to start the guest automatically
    100 {{{
    101 update-service --add /etc/sv/kvm/<guestname>
    102 }}}
    103  1. Log into the new guest via ssh: {{{ ssh <guestname>@<hostname>.mayfirst.org }}}
    104  1. Start screen: {{{ screen -x}}}. You should see a grub menu waiting for you to hit enter on the installer.
    105  1. After hitting enter, watch the installer fly by.
    106  1. Before it completes, be sure to delete the symlink you created to the cd.iso installer (as root):
     37 * Remove the symlink to the ISO in the newly created user's home directory...
    10738{{{
    10839rm /home/<guestname>/vms/<guestname>/cd.iso
    10940}}}
    110  1. Login with root and no password
    111  1. The preseed file will leave all leftover space on the disk in a logical volume called "delete". You can remove this logical volume (so the extra space is available to enlarge other logical volumes): with:
     41
     42== While logged in as <guestname>@<host> ==
     43
     44 * Enter the screen session:
     45{{{
     46screen -x
     47}}}
     48 * Press enter to start the install. Confirm the disk format.
     49 * Afer installation, Login with root and no password
     50 * The preseed file will leave all leftover space on the disk in a logical volume called "delete". You can remove this logical volume (so the extra space is available to enlarge other logical volumes): with:
    11251{{{
    11352lvremove vg_<guestname>0/delete
     
    11756lvremove vg_hay0/delete
    11857}}}
     58 * Set the root password. Generate one locally with pwgen.
     59 * Record new password in MFPL [wiki:keyringer keyringer]
     60
     61== While in your puppet conf directory on your local machine ==
     62
     63 * Setup a remote for the new server:
     64{{{
     65freepuppet-helper gsr:<guestname>
     66}}}
     67 * Initialize the new server for puppet with:
     68{{{
     69freepuppet-helper is:<guestname>
     70}}}
     71 You will be prompted to approve the ssh key. You can confirm the key by running the following on the guest:
     72{{{
     73ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub
     74}}}
     75 * Run puppet:
     76{{{
     77freepuppet-helper pr:<guestname>
     78}}}
     79 * Sign host key:
     80{{{
     81freepuppet-helper gshk:<guestname>
     82}}}
     83 * Sign root user key:
     84{{{
     85freepuppet-helper gsrk:<guestname>
     86}}}