939
Comment:
|
← Revision 87 as of 2024-05-14 20:31:59 ⇥
6528
|
Deletions are marked like this. | Additions are marked like this. |
Line 1: | Line 1: |
== TODO == | = TODO = |
Line 3: | Line 3: |
=== guest_cleanup.sh === missing option to replace hostname properly |
== Various Articles == |
Line 6: | Line 5: |
=== misc === This is all that has no yet been done or documented. |
* https://serverfault.com/questions/122042/kvm-online-disk-resize * https://serverfault.com/questions/378086/how-to-extend-a-linux-pv-partition-online-after-virtual-disk-growth * https://eioki.eu/2013/07/02/live-resize-libvirt-disk-lvm-multipath (tested and works, no downtime on guest) * http://www.unixarena.com/2015/12/linux-kvm-how-to-addresize-virtual-disk-on-fly.html * apt-get install libguestfs-tools to get virt-resize * https://forum.proxmox.com/threads/extend-rescan-virtio-disk-in-guest-vm.7989/ * debug io trouble: sysstat package + iosat -x 2 5 http://bencane.com/2012/08/06/troubleshooting-high-io-wait-in-linux/ do a page on debugging iostat and how to solve * http://thomasmullaly.com/2014/11/16/the-list-of-os-variants-in-kvm/ * http://lists.gluster.org/pipermail/gluster-users/2015-February/020798.html * https://www.linux.com/news/carp-your-way-high-availability * https://www.server-world.info/en/note?os=Debian_9&p=mariadb&f=1 * http://galeracluster.com/documentation-webpages/sslconfig.html * http://galeracluster.com/documentation-webpages/sslcert.html * http://galeracluster.com/documentation-webpages/sslconfig.html#securing-replication-traffic * http://galeracluster.com/documentation-webpages/sslcert.html |
Line 9: | Line 21: |
* mailserver * firewall * monitoring diskspace * disable saving .debs af download * configure apt to remove .deb files after download /var/cache/apt/archives/ * network planning * keyscript should try thrice * lower memory after installation |
== misc == * IOMMU enable: https://us.informatiweb.net/tutorials/it/9-bios/215--enable-iommu-or-vt-d-in-your-motherboard-bios.html * Mailserver * Firewall * Monitoring diskspace * Network planning * Keyscript should try thrice * Create a page about manual DNSs updates and nsupdate * Spice and TLS write a ssection about spice and TLS, check this to set up the TLS certificates on kvm02 /etc/libvirt/qemu.conf * KVM guest types are in package osinfo-db * move gluster07 to dedicated hardware, so the arbiter works as expected. * Do some pages on optimizations, this is both network, diskio etc. BUT redundancy and stability comes first. * Do some pages on security, for now redundancy comes first * virsh capabilities to check what the hardware can do * debian package, debian-goodies, contains command checkrestart * spice compression protocols https://libvirt.org/formatdomain.html#elementsGraphics * describe the use of debian command "virt-host-validate" * describe installing XP, floppy, and remove floppy when cloning * https://bugzilla.redhat.com/show_bug.cgi?id=1058526 * describe installing win7, two cdroms, but set up as disks with device=cdrom instead of --cdrom option * spice protocol https://www.spice-space.org/spice-user-manual.html * spice clients https://virt-manager.org/download/ * take a look at mandos to boot from encrypted root filesystem * perhaps we should change to powerdns at some point, since it can run a master/master setup * delete all crm configuration "rm /var/lib/heartbeat/crm/cib*" * https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.cdot-famg-nfs%2FGUID-0D282583-0A6F-4556-AF94-4B08FC5ADDE8.html * https://wiki.debian.org/OpenStackCephHowto * ceph, drbd, tahoe-lafs, moosefs, sheepdog, petasan * bug in virt-clone https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947150 * https://www.dedoimedo.com/computers/kvm-bridged.html * https://www.dedoimedo.com/computers/kvm-intro.html --accelerate * syncthing on central server https://theselfhostingblog.com/posts/how-to-set-up-a-headless-syncthing-network/ * https://wiki.libvirt.org/page/Networking * https://unix.stackexchange.com/questions/148794/how-to-create-kvm-guest-with-spice-graphics-but-tls-disabled-using-virt-install * Debian does raid resync on sundays, https://serverfault.com/questions/255544/reason-for-automatic-raid-resync * https://www.techspot.com/guides/287-default-router-ip-addresses/ * https://www.youtube.com/watch?v=_yIq3GM4gjA * https://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file alternative bridge settings might be required {{{ # bridging eth0 as br0 auto br0 iface br0 inet dhcp # bridge specific settings #bridge_stp on #bridge_maxwait 0 #bridge_fd 0 #bridge_ports eth0 bridge_ports eth0 bridge_fd 9 bridge_hello 2 bridge_maxage 12 bridge_stp off # network settings }}} * https://fedoraproject.org/wiki/Xfce * https://community.volumio.org/t/raspberry-pi-zero-w-and-buildin-bluetooth-chip-not-detected/7312/8 * https://www.youtube.com/watch?v=Ow5rhYTbT34 * spice client for windows systems: https://virt-manager.org/download/ * https://wiki.libvirt.org/page/VNCTLSSetup * https://libvirt.org/formatdomain.html * https://unix.stackexchange.com/questions/344756/is-there-anything-similar-to-rsync-to-syncing-block-devices |
Line 19: | Line 88: |
Space used on vanilla Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg1-root 1,9G 791M 954M 46% / /dev/md0 243M 53M 162M 25% /boot |
run that readlink on remote host first rsync --progress --verbose -I --copy-devices --write-devices --no-whole-file --inplace "$(readlink -f "/dev/vg_storage/kvm_saphira_vda")" kvm01:"$(readlink -f "/dev/vg_storage/kvm_saphira_vda")" |
Line 25: | Line 93: |
mail we will configure this system with a mail server this server will later be configured to forward its mails to another mail account |
usage example that works {{{ #!/bin/sh |
Line 29: | Line 97: |
* write a ssection about spice and TLS, check this to set up the TLS certificates on kvm02 /etc/libvirt/qemu.conf | DISK="/dev/vg_storage/kvm_saphira_vda" SOURCE=$(readlink -f ${DISK}) DESTINATION=$(ssh kvm01 "readlink -f ${DISK}") echo rsync --progress --verbose -I --copy-devices --write-devices --no-whole-file --inplace ${SOURCE} kvm01:${DESTINATION} rsync --progress --verbose -I --copy-devices --write-devices --no-whole-file --inplace ${SOURCE} kvm01:${DESTINATION} }}} |
Line 32: | Line 107: |
host migration virsh migrate --live --copy-storage-all dhcp02 qemu+ssh://kvm01/system and back virsh migrate --verbose --live --copy-storage-all dhcp02 qemu+ssh://kvm02/system Migration: [100 %] works with the following cpu settings {{{ <cpu mode='custom' match='exact' check='full'> <model fallback='forbid'>Nehalem</model> <vendor>Intel</vendor> <feature policy='require' name='vme'/> <feature policy='require' name='vmx'/> <feature policy='require' name='pdcm'/> <feature policy='require' name='x2apic'/> <feature policy='require' name='tsc-deadline'/> <feature policy='require' name='hypervisor'/> <feature policy='require' name='arat'/> <feature policy='require' name='tsc_adjust'/> <feature policy='require' name='umip'/> <feature policy='require' name='arch-capabilities'/> <feature policy='require' name='rdtscp'/> <feature policy='require' name='skip-l1dfl-vmentry'/> <feature policy='require' name='pschange-mc-no'/> </cpu> |
|
Line 33: | Line 132: |
http://thomasmullaly.com/2014/11/16/the-list-of-os-variants-in-kvm/ | }}} |
TODO
Various Articles
https://serverfault.com/questions/122042/kvm-online-disk-resize
https://eioki.eu/2013/07/02/live-resize-libvirt-disk-lvm-multipath (tested and works, no downtime on guest)
http://www.unixarena.com/2015/12/linux-kvm-how-to-addresize-virtual-disk-on-fly.html
- apt-get install libguestfs-tools to get virt-resize
https://forum.proxmox.com/threads/extend-rescan-virtio-disk-in-guest-vm.7989/
debug io trouble: sysstat package + iosat -x 2 5 http://bencane.com/2012/08/06/troubleshooting-high-io-wait-in-linux/ do a page on debugging iostat and how to solve
http://thomasmullaly.com/2014/11/16/the-list-of-os-variants-in-kvm/
http://lists.gluster.org/pipermail/gluster-users/2015-February/020798.html
https://www.server-world.info/en/note?os=Debian_9&p=mariadb&f=1
http://galeracluster.com/documentation-webpages/sslconfig.html
http://galeracluster.com/documentation-webpages/sslcert.html
http://galeracluster.com/documentation-webpages/sslconfig.html#securing-replication-traffic
http://galeracluster.com/documentation-webpages/sslcert.html
misc
IOMMU enable: https://us.informatiweb.net/tutorials/it/9-bios/215--enable-iommu-or-vt-d-in-your-motherboard-bios.html
- Mailserver
- Firewall
- Monitoring diskspace
- Network planning
- Keyscript should try thrice
- Create a page about manual DNSs updates and nsupdate
- Spice and TLS write a ssection about spice and TLS, check this to set up the TLS certificates on kvm02 /etc/libvirt/qemu.conf
- KVM guest types are in package osinfo-db
- move gluster07 to dedicated hardware, so the arbiter works as expected.
- Do some pages on optimizations, this is both network, diskio etc. BUT redundancy and stability comes first.
- Do some pages on security, for now redundancy comes first
- virsh capabilities to check what the hardware can do
- debian package, debian-goodies, contains command checkrestart
spice compression protocols https://libvirt.org/formatdomain.html#elementsGraphics
- describe the use of debian command "virt-host-validate"
- describe installing XP, floppy, and remove floppy when cloning
- describe installing win7, two cdroms, but set up as disks with device=cdrom instead of --cdrom option
spice protocol https://www.spice-space.org/spice-user-manual.html
spice clients https://virt-manager.org/download/
- take a look at mandos to boot from encrypted root filesystem
- perhaps we should change to powerdns at some point, since it can run a master/master setup
- delete all crm configuration "rm /var/lib/heartbeat/crm/cib*"
- ceph, drbd, tahoe-lafs, moosefs, sheepdog, petasan
bug in virt-clone https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947150
https://www.dedoimedo.com/computers/kvm-intro.html --accelerate
syncthing on central server https://theselfhostingblog.com/posts/how-to-set-up-a-headless-syncthing-network/
Debian does raid resync on sundays, https://serverfault.com/questions/255544/reason-for-automatic-raid-resync
https://www.techspot.com/guides/287-default-router-ip-addresses/
alternative bridge settings might be required
# bridging eth0 as br0 auto br0 iface br0 inet dhcp # bridge specific settings #bridge_stp on #bridge_maxwait 0 #bridge_fd 0 #bridge_ports eth0 bridge_ports eth0 bridge_fd 9 bridge_hello 2 bridge_maxage 12 bridge_stp off # network settings
https://community.volumio.org/t/raspberry-pi-zero-w-and-buildin-bluetooth-chip-not-detected/7312/8
spice client for windows systems: https://virt-manager.org/download/
run that readlink on remote host first rsync --progress --verbose -I --copy-devices --write-devices --no-whole-file --inplace "$(readlink -f "/dev/vg_storage/kvm_saphira_vda")" kvm01:"$(readlink -f "/dev/vg_storage/kvm_saphira_vda")"
usage example that works
DISK="/dev/vg_storage/kvm_saphira_vda" SOURCE=$(readlink -f ${DISK}) DESTINATION=$(ssh kvm01 "readlink -f ${DISK}") echo rsync --progress --verbose -I --copy-devices --write-devices --no-whole-file --inplace ${SOURCE} kvm01:${DESTINATION} rsync --progress --verbose -I --copy-devices --write-devices --no-whole-file --inplace ${SOURCE} kvm01:${DESTINATION}
host migration virsh migrate --live --copy-storage-all dhcp02 qemu+ssh://kvm01/system and back virsh migrate --verbose --live --copy-storage-all dhcp02 qemu+ssh://kvm02/system Migration: [100 %] works with the following cpu settings
<cpu mode='custom' match='exact' check='full'> <model fallback='forbid'>Nehalem</model> <vendor>Intel</vendor> <feature policy='require' name='vme'/> <feature policy='require' name='vmx'/> <feature policy='require' name='pdcm'/> <feature policy='require' name='x2apic'/> <feature policy='require' name='tsc-deadline'/> <feature policy='require' name='hypervisor'/> <feature policy='require' name='arat'/> <feature policy='require' name='tsc_adjust'/> <feature policy='require' name='umip'/> <feature policy='require' name='arch-capabilities'/> <feature policy='require' name='rdtscp'/> <feature policy='require' name='skip-l1dfl-vmentry'/> <feature policy='require' name='pschange-mc-no'/> </cpu>