The kernel has to be either a freaking custom domU kernel or the official Ubuntu/xen one. In any case, NO INSTALL RAMDISK IS NEEDED.
Note REISER4 is an invalid file-system for docker storage overlays. You need EXT4 or XFS.
Check for latest existing ubuntu (more) or debian releases and proceed.
Prepare the guest skeleton
guest=focal guest=buster cd /data/guests/ mkdir -p $guest/lala/ cd $guest/ #right below the tar and ustar format file size limits dd if=/dev/zero of=$guest.ext4 bs=1M count=0 seek=8191 mkfs.ext4 $guest.ext4 mount $guest.ext4 lala/ #dd if=/dev/zero of=ubuntu.swap bs=1G count=0 seek=1 #mkswap ubuntu.swap
See debootstrap
Ubuntu
# RUSSIA mirror=http://ru.archive.ubuntu.com/ubuntu/ # FRANCE #mirror=http://fr.archive.ubuntu.com/ubuntu/ #mirror=http://ftp.free.fr/mirrors/ftp.ubuntu.com/ mirror=http://mirrors.online.net/ubuntu/
Debian
# RUSSIA mirror=http://ftp.ru.debian.org/debian/ # FRANCE #mirror=http://ftp.fr.debian.org/debian/ #mirror=http://ftp.free.fr/mirrors/ftp.debian.org/ mirror=http://mirrors.online.net/debian/
proceed
dist=$guest #cacher=http://x.x.x.x:3142 time debootstrap --arch=amd64 $dist lala/ $mirror #$cacher/ftp.ru.debian.org/debian/ #--arch=i386 #--print-debs #--no-check-gpg #real 8m14.002s // pro5s1 #real 7m56.284s // pro5s1 #real 4m18.475s // pro5s1 without fetch and while GFS2 is in use #focal 2m20.461s from online mirror du -sh lala/ # trustyx32 242M # xenial 248M, 247M # artful 302M, 307M # bionic 306M ??862M # stretch 644M # buster 653M // 278M sep2020 # focal 340M sep2020 also on bare-metal (ext4) cat lala/etc/hostname #noexist echo $guest > lala/etc/hostname
Using xvda1
instead of xvda
so in case grub gets installed, it will not be able to override anything on an absent area
vi lala/etc/fstab /dev/xvda1 / ext4 defaults 0 1 proc /proc proc defaults 0 0 tmpfs /tmp tmpfs rw,nodev,nosuid,noatime,relatime 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 #/dev/xvdb1 none swap sw 0 0
Enable TMEM
mkdir lala/lib/modules/ tar xzf /data/kernels/5.2.21.domureiser4.modules.tar.gz -C lala/lib/modules/ ls -lF lala/lib/modules/ echo tmem >> lala/etc/modules cat lala/etc/modules #for ver in `ls -1 /lib/modules/`; do # echo -n $ver... # depmod -a $ver && echo done #done; unset ver
echo $dist echo $mirror cat lala/etc/apt/sources.list
Ubuntu
cat > lala/etc/apt/sources.list <<-EOF deb $mirror $dist main restricted universe deb $mirror $dist-updates main restricted universe deb $mirror $dist-security main restricted universe #multiverse #$dist-backports EOF
Debian
cat > lala/etc/apt/sources.list <<-EOF deb $mirror buster main contrib deb $mirror buster-updates main contrib #deb $mirror stable main contrib #deb $mirror stable-updates main contrib #non-free #stable-backports EOF
eventually setup a package proxy
vi /etc/apt/apt.conf.d/02proxy Acquire::http { Proxy "http://x.x.x.x:3142"; };
vi lala/etc/netplan/nethence.yaml network: version: 2 renderer: networkd ethernets: eth0: dhcp4: no dhcp6: no addresses: - $ip/24 gateway4: ${ip%\.*}.1 nameservers: search: [nethence.com] addresses: [62.210.16.6, 62.210.16.7]
rmdir lala/etc/network/interfaces.d/ vi lala/etc/network/interfaces auto lo iface lo inet loopback auto eth0 iface eth0 inet static address IP_ADDRESS/24 gateway GATEWAY_IP dns-search nethence.com dns-nameservers 62.210.16.6 62.210.16.7 #208.67.222.222 208.67.220.220 cat lala/etc/hosts cat > lala/etc/hosts <<-EOF 127.0.0.1 localhost $guest ::1 localhost ip6-localhost ip6-loopback $guest ff02::1 ip6-allnodes ff02::2 ip6-allrouters EOF
No NTP is required, as this is XEN/PV, but a timezone will help
ls -lF lala/etc/localtime ln -sf ../usr/share/zoneinfo/Europe/Moscow lala/etc/localtime ln -sf ../usr/share/zoneinfo/Europe/Paris lala/etc/localtime cat lala/etc/timezone echo Europe/Moscow > lala/etc/timezone echo Europe/Paris > lala/etc/timezone
To make Perl packages happy, you need to tweak bash.bashrc, not profile
cat >> lala/etc/bash.bashrc <<-EOF export LANGUAGE="en_US:en" export LC_ALL="C.UTF-8" export LC_COLLATE="C.UTF-8" export LANG="C.UTF-8" alias ll='ls -alhF' alias cp='cp -i' alias mv='mv -i' alias rm='rm -i' EOF
console requires a password unless you play with getty – disabling it instead
chroot lala/ /bin/bash passwd -d root #usermod -p '*' root
and proceed with package updates
export DEBIAN_FRONTEND=noninteractive apt update apt -y full-upgrade apt autoremove --purge apt -y install man-db manpages openssh-server openssh-client mlocate #bsd-mailx #ls -lF /etc/postfix/main.cf #ls -lF ll /etc/exim4/ systemctl get-default systemctl set-default multi-user
Ubuntu only
systemctl disable systemd-timesyncd
Debian needs this
dpkg -l ifupdown apt -y install resolvconf
and it does not hurt an Ubuntu system either
apt -y install net-tools
that’s right, you’re done!
^D umount lala/ rmdir lala/
INTERNAL NETWORK (br0
)
cat > $guest <<-EOF kernel = "/data/kernels/5.2.21.domureiser4.vmlinuz" root = "/dev/xvda1 ro console=hvc0 net.ifnames=0 biosdevname=0 mitigations=off" memory = 7168 name = "$guest" vcpus = 3 maxvcpus = 8 disk = ['tap:tapdisk:aio:/data/guests/$guest/$guest.ext4,xvda1,w'] vif = [ 'bridge=br0, vifname=$guest.0' ] type = "pvh" EOF #netcfg/do_not_use_netplan=true ipv6.disable=1 #extra = "init=/bin/bash" #memory = 8192 #memory = 10240 #memory = 12288 #memory = 16384 #memory = 32768 #disk = ['phy:/dev/drbd1,xvda1,w'] #disk = ['phy:/dev/vdisks/thin1,xvda1,w']
xl create $guest -c
login and check that everything is fine
ifconfig netstat -rn ls -lF /etc/resolv.conf* cat /etc/resolv.conf ping -c3 opendns.com cat /sys/devices/system/clocksource/clocksource0/current_clocksource dpkg -l | grep ntp #noexist systemctl get-default lsmod | grep tmem free -m updatedb history -c #poweroff ^] xl shu $guest
It’s time to make a template out of it
cd ../ newtemplate.bash $guest rm -rf $guest/ #renameguest.bash $guest NEW-NAME
–OR– eventually do it manually and avoid doing this on an NFS share
#fsck.ext4 $guest/$guest.ext4 fsck.reiser4 -y $guest.reiser4 #xfs_repair $guest.xfs cd ../ tar czSf /data/templates/$guest.tar.gz $guest/
while deploying it, regenerate host-keys first
mkdir lala mount $guest.ext4 lala echo NEW-HOST > lala/etc/hostname ls -lF lala/etc/ssh/ssh_host_* rm -f lala/etc/ssh/ssh_host_* ssh-keygen -q -t ed25519 -f lala/etc/ssh/ssh_host_ed25519_key -C "root@$guest" -N "" #chroot lala dpkg-reconfigure openssh-server umount lala rmdir lala
you might even consider re-creating the snakeoil cert
openssl x509 -text -noout < lala/etc/ssl/certs/ssl-cert-snakeoil.pem ...
apt install lvm2 xen-tools pvcreate /dev/sdaX vgcreate guestsvg /dev/sdaX vi /etc/xen-tools/xen-tools.conf lvm = guestsvg install-method = debootstrap size = 10Gb memory = 2Gb swap = 1Gb fs = ext4 ext4_options = noatime,nodiratime,errors=remount-ro dist = `xt-guess-suite-and-mirror --suite` image = sparse kernel = /boot/vmlinuz-`uname -r` initrd = /boot/initrd.img-`uname -r` pygrub = 1 mirror = `xt-guess-suite-and-mirror --mirror`
ready to build a guest,
xen-create-image --hostname $guest --ip x.x.x.x --netmask x.x.x.x --gateway x.x.x.x --vcpus 2 --dist stretch vi /etc/xen/$guest.cfg vif = [ 'script=vif-bridge, bridge=xenbr0' ] xl create /etc/xen/$guest.cfg -c
W: Cannot check Release signature; keyring file not available /usr/share/keyrings/debian-archive-keyring.gpg
==> Double-check debootstrap.
perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = (unset), LC_ALL = (unset), LC_COLLATE = "C", LANG = "en_US.UTF-8" are supported and installed on your system.
and also
Setting up resolvconf (1.79) ... locale: Cannot set LC_CTYPE to default locale: No such file or directory locale: Cannot set LC_MESSAGES to default locale: No such file or directory locale: Cannot set LC_ALL to default locale: No such file or directory
==> Define those missing variables in bashrc and not profile, as seen above.
https://www.virtuatopia.com/index.php/Building_a_Xen_Virtual_Guest_Filesystem_on_a_Physical_Disk_Partition_(Cloning_Host_System)
https://wiki.debian.org/DebianKeyring#Obtaining_Keys
https://askubuntu.com/questions/958795/how-to-use-the-mirror-option-of-apt-cacher-ng-for-debootstrap
https://superuser.com/questions/1318220/ubuntu-18-04-disable-dnsmasq-base-and-enable-full-dnsmasq
https://www.thomas-krenn.com/en/wiki/Perl_warning_Setting_locale_failed_in_Debian
https://xenbits.xen.org/docs/unstable/SUPPORT.html#blkback
https://xenbits.xen.org/docs/unstable/man/xen-vbd-interface.7.html
https://xenbits.xen.org/docs/unstable/man/xl-disk-configuration.5.html
https://askubuntu.com/questions/162391/how-do-i-fix-my-locale-issue
https://www.linuxsecrets.com/discussions/5940-howto-linux-mount-devpts-file-system-on-dev-pts
https://wiki.debian.org/chroot#A.2Fdev.2Fpts
https://www.cyberciti.biz/faq/linux-mount-devpts/