libvirt hypervisor - kvm
based libvirt hypervisor
establish a standart reference configuration
get almalinux iso
> curl -OL https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux
> gpg --import RPM-GPG-KEY-AlmaLinux
> curl -OL https://repo.almalinux.org/almalinux/8.4/isos/x86_64/CHECKSUM
> gpg --verify CHECKSUM
gpg: Good signature from "AlmaLinux <packager@almalinux.org>" [unknown]
> curl -OL https://mirror.netzwerge.de/almalinux/8.4/isos/x86_64/AlmaLinux-8.4-x86_64-boot.iso
> echo 76e8f56892e6d90706b142868eec51b6b8c015ec3792f8d9e0730da93a2d1162 AlmaLinux-8.4-x86_64-boot.iso|sha256sum -c
AlmaLinux-8.4-x86_64-boot.iso: OK
...
AlmaLinux-8.4-x86_64-boot.iso: FAILED
sha256sum: WARNING: 1 computed checksum did NOT match
1)
> First screen "english"
2)
> "de" keyboard
> timezone "europe/berlin"
> set root pw
> create user
> enable network
> repo "https" "ftp.fau.de/almalinux/8.4/BaseOS/x86_64/os/"
> software installation > minimal
> Disk > manuell
...
/tmp 5G
/var 5G
/home 60G
/swap 8G
/boot 512M
/boot/efi 512M
/ 100%FREE (40GB)
...
hetzner root server configuration
centos84 official
SWRAIDLEVEL 0
PART /boot ext3 512M
PART lvm vg0 all
LV vg0 root / xfs 40G
LV vg0 tmp /tmp xfs 5G
LV vg0 var /var xfs 100G
LV vg0 home /home xfs 40G
LV vg0 swap swap swap 8
# uncomment 3 PART vars above
after installation switch to alma or whatever
run ansible playbook “gpconf for rhel based os hypervisor”
add network
# as root
> virsh net-autostart --network default --disable
> brctl addbr br0
> brctl addif br0 enp3s0
> nmcli con add ifname br0 type bridge con-name br0
> nmcli con add type bridge-slave ifname enp3s0 master br0
> nmcli con show
> nmcli con show --active
# run in session or simply rebbot
#!/bin/bash
nmcli con down enp3s0
nmcli con up br0
storage pool
> chown -R vmadmin:vmadmin /var/lib/libvirt/images
> virsh pool-define-as pool-001 dir - - - - /var/lib/libvirt/images
> virsh pool-build pool-001
> virsh pool-start pool-001
> virsh pool-autostart pool-001
# test
> virsh vol-create-as pool-001 \
test-001-volume 1GiB \
--format qcow2
# delete
> virsh vol-delete --pool pool-001 test-001-volume
test VM network
> virt-install \
--name debian-023 \
--ram 1024 \
--disk pool=pool-001,size=10,bus=virtio,format=qcow2 \
--vcpus 1 \
--os-type linux \
--os-variant debian10 \
--network bridge=br0 \
--graphics none \
--location http://deb.debian.org/debian/dists/bullseye/main/installer-amd64 \
--extra-args 'console=ttyS0,115200n8 serial' \
--console pty,target_type=serial \
--force --debug
spindown hdds
## hdparm settings
> mkdir -p /opt/scripts
# edit /opt/scripts/hdparm.sh
#!/bin/bash
hdparm -B 127 -S 180 /dev/sdc
hdparm -B 127 -S 180 /dev/sdd
hdparm -B 127 -S 180 /dev/sde
hdparm -B 127 -S 180 /dev/sdf
hdparm -B 127 -S 180 /dev/sdg
hdparm -B 127 -S 180 /dev/sdh
echo "00" > /tmp/HDPARM
# make it executable
> chmod 700 /opt/scripts/hdparm.sh
edit /usr/lib/systemd/system/hdparm.service
[Unit]
Description=hdparm
[Service]
Type=simple
ExecStart=/opt/scripts/hdparm.sh
[Install]
WantedBy=multi-user.target
edit /usr/lib/systemd/system/hdparm.timer
[Unit]
Description=hdparm
[Timer]
OnBootSec=1min
Unit=hdparm.service
[Install]
WantedBy=multi-user.target
enable services
> systemctl enable hdparm.timer
> systemctl start hdparm.timer
proxmox extract images
> zstd -d vzdump-qemu-5048-2020_12_04-15_20_53.vma.zst
> vma extract -v vzdump-qemu-5048-2020_12_04-15_20_53.vma ../newfolder-not-created
disk-drive-scsi0.raw qemu-server.conf
> qemu-img convert -O qcow2 disk-drive-scsi0.raw disk-drive-scsi0.qcow2
> zstd disk-drive-scsi0.qcow2
edit grub config to use serial console
> mkdir TMP
> guestmount -d imported-odoo -i TMP
> TMP/etc/default/grub
...
GRUB_CMDLINE_LINUX=""
...
GRUB_CMDLINE_LINUX='console=tty0 console=ttyS0,19200n8'
GRUB_TERMINAL=serial
GRUB_SERIAL_COMMAND="serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1"
> guestunmount TMP
> guestfish -a disk-drive-scsi0.qcow2 run \
: mount /dev/sda1 / \
: command "update-grub
run imported image
> virt-install \
--name imported-odoo \
--memory 2048 \
--vcpus 2 \
--disk disk-drive-scsi0.qcow2,bus=virtio \
--import \
--os-variant debian10 \
--network bridge=virbr0,model=virtio \
--noautoconsole \
--console pty,target_type=serial
install alpine
> wget https://nl.alpinelinux.org/alpine/v3.5/releases/x86_64/alpine-virt-3.5.2-x86_64.iso
> virt-install \
--virt-type kvm \
--name alpine \
--memory 1024 \
--disk size=10 \
--noautoconsole \
--cdrom alpine-virt-3.5.2-x86_64.iso \
--network bridge=virbr0,model=virtio
> virsh console --domain alpine
install debian
virt-install \
--name debian-023 \
--ram 1024 \
--disk pool=default,size=100,bus=virtio,format=qcow2 \
--vcpus 1 \
--os-type linux \
--os-variant archlinux \
--network bridge=virbr0,model=virtio \
--graphics none \
--location http://deb.debian.org/debian/dists/bullseye/main/installer-amd64 \
--extra-args 'console=ttyS0,115200n8 serial' \
--console pty,target_type=serial \
--force --debug
adding disk to lvm
> lvs
> df
target: /dev/mapper/almalinux-var
> fdisk /dev/sdb
>> "o" (np partitioan required)
> pvcreate /dev/sdb
> lvmdiskscan -l
> vgextend almalinux /dev/sdb
> lvm lvextend -l +100%FREE /dev/mapper/almalinux-var
>> Logical volume almalinux/var successfully resized.
> xfs_growfs -d /dev/mapper/almalinux-var
## ssh forwarding
> dnf install autossh
# as user
> ssh-keygen -b 4096 (without pw)
# on target
> create user (sameuser name)
# add both public keys
# on targets ssh auth file strict access
command="echo 'Tunnel only!'" ssh-rsa AAA
# test regular ssh connection > failed
# test tunnel connection
> autossh -M 30360 -N \
-R 3303:localhost:3303 \
-o "ServerAliveInterval 30" \
-o "ServerAliveCountMax 3" \
-p22 \
vmadmin@x33u.xyz
# add cronjob
> nano /etc/cron.d/autossh
@reboot autossh -M 30360 -N -R 3303:localhost:3303 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -p22 vmadmin@x33u.xyz
edit /etc/systemd/system/tunnel.service
```shell
cat <<EOF >/etc/systemd/system/tunnel.service
[Unit]
Description=SSH tunnel service
After=network.target network-online.target sshd.service
[Service]
ExecStart=/usr/bin/autossh -M 30360 -N -R 3303:localhost:3303 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -p22 vmadmin@x33u.xyz -i /home/vmadmin/.ssh/id_rsa
[Install]
WantedBy=multi-user.target
EOF
snapshots
# live
> virsh snapshot-create-as --domain ho-hassos-03 \
--name "test-snapshot" \
--description "Snapshot" \
--live
>> error: Operation not supported: live snapshot creation is supported only during full system snapshots
> virsh domblklist ho-hassos-03
...
Target Source
------------------------------------------------------
vda /var/lib/libvirt/images/haos_ova-6.6.qcow2
# use "disk-only"
> virsh snapshot-create-as --domain ho-hassos-03 \
--name "test-snapshot" \
--description "Snapshot" \
--disk-only
...
Domain snapshot test-snapshot created
> virsh snapshot-list ho-hassos-03
...
Name Creation Time State
------------------------------------------------------------
test-snapshot 2021-11-22 19:38:37 +0100 disk-snapshot
> virsh snapshot-info ho-hassos-03 --current
...
Name: test-snapshot
Domain: ho-hassos-03
Current: yes
State: disk-snapshot
Location: external
Parent: -
Children: 0
Descendants: 0
Metadata: yes
resize images
> qemu-img resize \
/var/lib/libvirt/images/almalinux8.qcow2 +10G
# start vm
# add correct size
> virsh blockresize \
--domain almalinux8 /var/lib/libvirt/images/almalinux8.qcow2 20G
26-09-2021