debootstrap does not verify stuff by default. How broken is that

[mirror/dsa-wiki.git] / input / howto / install-kvm.creole

== Setup a new kvm domain fast ==

=== guest setup ===

or: how to install Debian.

Define a shell function

{{{
# set up environment
setup_env() {
 echo -n "New hostname: " &&
 export LC_ALL=C &&
 read guest &&
 target=/mnt/target &&
 mirror=`cat /etc/apt/sources.list /etc/apt/sources.list.d/debian.list 2>/dev/null | awk '/^deb.*debian/ {print $2; exit}'` &&
 vgdefault=`vgdisplay -c | awk -F: '{print $1;exit}' | sed 's/ *//g'` &&
 echo -n "Volume group? [$vgdefault]: " &&
 read vg &&
 if [ "$vg" = "" ]; then vg="$vgdefault"; fi &&
 echo -n "Use lvm for non-swap partitions? [Y/n] " &&
 read use_lvm &&
 if [ "$use_lvm" = "n" ]; then
   : SAN, as in the msa2012i at ubcece &&
   : requires that it is already setup &&
   dev_root="/dev/mapper/$guest-root" &&
   dev_boot="/dev/mapper/$guest-boot" &&
   echo "Root device will be $dev_root" &&
   echo "Boot device will be $dev_boot" &&
   echo "Make sure they exist already." &&
   fs=xfs
 else
   use_lvm="y" &&
   dev_root="/dev/mapper/$vg-$guest--root" &&
   dev_boot="/dev/mapper/$vg-$guest--boot" &&
   echo "Root device will be $dev_root" &&
   echo "Boot device will be $dev_boot" &&
   fs=ext3
 fi &&
 dev_swap="/dev/mapper/$vg-$guest--swap" &&
 echo -n "Use a /boot filesystem? [Y/n] " &&
 read use_boot &&
 echo "Swap device will be $dev_swap" &&
 echo "fs is $fs"
 echo "Chosen mirror is $mirror"
}
}}}

And run it

{{{
setup_env
}}}

Then install base:

The way we lay out the filesystems by default is that we have one 4g /
filesystem, a swap, and a tiny boot filesystem.  On the host we make
a new LVM logical volume for each of the three.  Only the LV that will
take the guest's boot will actually be partitioned - into a single boot
partition.  That's so we can install grub into the MBR and have the system
start just like a real system.  Root and swap are put directly onto the
logical volume, without partitioning it at all.  This makes getting to the
data from the host easier - no need to run kpartx - and it makes growing
trivial.

{{{
#######
# install base

 apt-get install debootstrap debian-archive-keyring kpartx &&
 if [ "$use_lvm" = "y" ]; then
   if [ "$use_boot" != "n" ] ; then
     lvcreate -L 128m -n "$guest"-boot /dev/"$vg"
   fi &&
   lvcreate -L 4g -n "$guest"-root /dev/"$vg"
 fi &&
 lvcreate -L 4g -n "$guest"-swap /dev/"$vg" &&
 : &&
 if [ "$use_boot" != "n" ] ; then
   ( echo ',,L,*' | sfdisk "$dev_boot" ) &&
   kpartx -v -a "$dev_boot" &&
   mkfs."$fs" "$dev_boot"1
 fi &&
 mkfs."$fs" "$dev_root" &&
 mkswap "$dev_swap" &&
 : &&
 mkdir -p "$target" &&
 mount "$dev_root" "$target" &&
 if [ "$use_boot" != "n" ] ; then
   mkdir -p "$target/boot" &&
   mount "$dev_boot"1 "$target/boot"
 fi &&

 cd "$target" &&
 debootstrap --variant=minbase --keyring=/usr/share/keyrings/debian-archive-keyring.gpg lenny . "$mirror"
}}}

And finalize the setup:

{{{
#######
# finish setup
 echo "$guest" > etc/hostname &&
 cat > etc/hosts << EOF &&
127.0.0.1       localhost

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
EOF
 rm -fv etc/apt/sources.list &&
 ( ! [ -e /etc/apt/sources.list ] || cp /etc/apt/sources.list etc/apt/sources.list)
 (cp -v /etc/apt/sources.list.d/* etc/apt/sources.list.d/ || true ) &&
 cp -v /etc/apt/preferences etc/apt/ &&
 apt-key exportall | chroot . apt-key add - &&
 chroot . apt-get update &&
 echo "Apt::Install-Recommends 0;" > etc/apt/apt.conf.d/local-recommends &&
 chroot . apt-get install net-tools iproute ifupdown dialog vim netbase xfsprogs &&
 if [ "$use_boot" != "n" ] ; then
   chroot . apt-get install grub &&
   cp -av usr/lib/grub/x86_64-pc boot/grub &&
   grub << EOF &&
device (hd0) $dev_boot
root (hd0,0)
setup (hd0)
quit
EOF
   # install a kernel image
   cat > etc/kernel-img.conf << EOF &&
do_symlinks = yes
link_in_boot = yes
do_initrd = yes
EOF
   chroot . apt-get install linux-image-2.6-amd64 &&
   cat >> etc/kernel-img.conf << EOF
postinst_hook = /usr/sbin/update-grub
postrm_hook   = /usr/sbin/update-grub
EOF
  else
    cat > etc/kernel-img.conf << EOF &&
do_symlinks = no
do_initrd = yes
EOF
    chroot . apt-get install linux-image-2.6-amd64 &&
   cat >> etc/kernel-img.conf << EOF
postinst_hook = update-grub
postrm_hook   = update-grub
EOF
    chroot . apt-get install grub2 &&
    cp -av $dev_root dev/ &&
    echo "(hd0) /dev/`basename $dev_root`" > boot/grub/device.map &&
    chroot . grub-install /dev/"`basename $dev_root`" &&
    sed -i -e 's/^#GRUB_TERMINAL=console/GRUB_TERMINAL=console/' etc/default/grub &&
    chroot . update-grub &&
    rm -v dev/"`basename $dev_root`" boot/grub/device.map &&
    sed -i -e "s#dev/`basename $dev_root`#dev/vda#g" boot/grub/grub.cfg
  fi
}}}

And a fstab and a boot loader config

{{{
 # doesn't work: chroot . update-grub
 rootuuid=`vol_id "$dev_root" "$target" | awk -F= '$1=="ID_FS_UUID" {print $2}'` &&
 swapuuid=`vol_id "$dev_swap" "$target" | awk -F= '$1=="ID_FS_UUID" {print $2}'` &&
 if [ "$use_boot" != "n" ] ; then
   bootuuid=`vol_id "$dev_boot"1  | awk -F= '$1=="ID_FS_UUID" {print $2}'` &&
   cat > boot/grub/menu.lst << EOF
default 0
timeout 5
color cyan/blue white/blue

### BEGIN AUTOMAGIC KERNELS LIST
# kopt=root=UUID=$rootuuid ro

## ## End Default Options ##
title Debian
root (hd0,0)
kernel /vmlinuz root=UUID=$rootuuid ro
initrd /initrd.img

### END DEBIAN AUTOMAGIC KERNELS LIST
EOF
 fi &&
 if [ "$fs" = "ext3" ]; then
   rootopts="errors=remount-ro"
 else
   rootopts="defaults"
 fi
 cat > etc/fstab << EOF &&
UUID=$rootuuid    /               $fs    $rootopts 0       1
UUID=$swapuuid    none            swap    sw              0       0
EOF
 if [ "$use_boot" != "n" ] ; then
    echo "UUID=$bootuuid    /boot           $fs    defaults        0       2" >> etc/fstab
 fi
 cat > etc/network/interfaces << EOF
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual
  pre-up ip link set up dev \$IFACE
  post-down ip link set down dev \$IFACE
EOF
}}}

Maybe fix/setup networking properly:

{{{
vi etc/network/interfaces
}}}

And unmount:

{{{
  cd / &&
 if [ "$use_boot" != "n" ] ; then
   umount "$target"/boot &&
   kpartx -v -d "$dev_boot"
 fi &&
 umount "$target" &&
 rmdir "$target"
}}}

=== virsh setup ===

Setup a new kvm domain by creating a new file in /etc/da-virt/`hostname/$guest.xml.

* Properly configure hostname
* Pick a new uuid ({{{uuidgen}}})
* Setup block devices properly
* pick a new and unique mac address (on d.o every kvm host has their own mac address space and the last block is changed for the guests, as in {{{..:..:..:..:<host byte>:<guest byte>}}}. )
* virsh commands:
** {{{virsh help}}}
** {{{virsh define foo.xml}}}
** {{{virsh start foo}}}
** {{{virsh destroy foo}}}
** {{{virsh vncdisplay foo}}} (and ssh -L 5900:localhost:<5900+x> $host  and  vnc localhost)

=== post processing ===

Do not forget to set a sane root password before installing ssh in the new kvm domain.

=== when stuff goes wrong ===

To get to the guest data from the host:

{{{
  setup_env
 kpartx -v -a "$dev_boot" &&
 mkdir -p "$target" &&
 mount "$dev_root" "$target" &&
 mkdir -p "$target/boot" &&
 mount "$dev_boot"1 "$target/boot"
}}}

and once you're done:
{{{
 cd / &&
 umount "$target"/boot &&
 umount "$target" &&
 kpartx -v -d "$dev_boot" &&
 rmdir "$target"
}}}

Make sure that the filesystem isn't being mounted twice - i.e. never start the guest while the filesystems are mounted, and never mount them while the guest is running.