The kernel has to be either a freaking custom domU kernel or the official Ubuntu/xen one. In any case, NO INSTALL RAMDISK IS NEEDED.
Note REISER4 is an invalid file-system for docker storage overlays. You need EXT4 or XFS.
Check for latest existing ubuntu (more) or debian releases and proceed.
Prepare the guest skeleton
guest=focal guest=buster mkdir -p /data/guests/$guest/lala/ cd /data/guests/$guest/ # right below the tar and ustar format file size limits #dd if=/dev/zero of=$guest.ext4 bs=1M count=0 seek=8191 dd if=/dev/zero of=$guest.ext4 bs=1G count=0 seek=25 mkfs.ext4 $guest.ext4 mount $guest.ext4 lala/ #dd if=/dev/zero of=$guest.swap bs=1G count=0 seek=1 #mkswap $guest.swap
See debootstrap
Ubuntu
# RUSSIA mirror=http://ru.archive.ubuntu.com/ubuntu/ # FRANCE #mirror=http://fr.archive.ubuntu.com/ubuntu/ #mirror=http://ftp.free.fr/mirrors/ftp.ubuntu.com/ mirror=http://mirrors.online.net/ubuntu/
Debian
# RUSSIA mirror=http://ftp.ru.debian.org/debian/ # FRANCE #mirror=http://ftp.fr.debian.org/debian/ #mirror=http://ftp.free.fr/mirrors/ftp.debian.org/ mirror=http://mirrors.online.net/debian/
proceed
dist=$guest #cacher=http://x.x.x.x:3142 time debootstrap --arch=amd64 $dist lala/ $mirror #$cacher/ftp.ru.debian.org/debian/ #--arch=i386 #--print-debs #--no-check-gpg #real 8m14.002s // pro5s1 #real 7m56.284s // pro5s1 #real 4m18.475s // pro5s1 without fetch and while GFS2 is in use #focal 2m20.461s from online mirror #focal 1m48,263s from ... du -sh lala/ # trustyx32 242M # xenial 248M, 247M # artful 302M, 307M # bionic 306M ??862M # stretch 644M # buster 653M // 278M sep2020 # focal 340M sep2020 also on bare-metal (ext4) # focal 340M may2021 cat lala/etc/hostname # no exist or same as host... echo $guest > lala/etc/hostname
Using xvda1 instead of xvda so in case grub gets installed, it will not be able to override anything on an absent area
vi lala/etc/fstab /dev/xvda1 / ext4 defaults 0 1 proc /proc proc defaults 0 0 tmpfs /tmp tmpfs rw,nodev,nosuid,noatime,relatime 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 #/dev/xvdb1 none swap sw 0 0
Enable TMEM
mkdir lala/lib/modules/ tar xzf /data/kernels/5.2.21.domureiser4.modules.tar.gz -C lala/lib/modules/ ls -lF lala/lib/modules/ echo tmem >> lala/etc/modules cat lala/etc/modules #for ver in `ls -1 /lib/modules/`; do # echo -n $ver... # depmod -a $ver && echo done #done; unset ver
echo $dist echo $mirror cat lala/etc/apt/sources.list
Ubuntu
cat > lala/etc/apt/sources.list <<-EOF deb $mirror $dist main restricted universe deb $mirror $dist-updates main restricted universe deb $mirror $dist-security main restricted universe #multiverse #$dist-backports EOF
Debian
cat > lala/etc/apt/sources.list <<-EOF
deb $mirror buster main contrib
deb $mirror buster-updates main contrib
#deb $mirror stable main contrib
#deb $mirror stable-updates main contrib
#non-free
#stable-backports
EOF
eventually setup a package proxy
vi /etc/apt/apt.conf.d/02proxy
Acquire::http { Proxy "http://x.x.x.x:3142"; };
vi lala/etc/netplan/nethence.yaml
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
addresses:
- $ip/24
gateway4: ${ip%\.*}.254
nameservers:
addresses: [62.210.16.6, 62.210.16.7]
search: [nethence.com]
rmdir lala/etc/network/interfaces.d/
vi lala/etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address IP_ADDRESS/24
gateway GATEWAY_IP
dns-search nethence.com
dns-nameservers 62.210.16.6 62.210.16.7
#208.67.222.222 208.67.220.220
cat lala/etc/hosts
cat > lala/etc/hosts <<-EOF
127.0.0.1 localhost $guest
::1 localhost ip6-localhost ip6-loopback $guest
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
EOF
No NTP is required, as this is XEN/PV, but a timezone will help
ls -lF lala/etc/localtime ln -sf ../usr/share/zoneinfo/Europe/Moscow lala/etc/localtime ln -sf ../usr/share/zoneinfo/Europe/Paris lala/etc/localtime cat lala/etc/timezone echo Europe/Moscow > lala/etc/timezone echo Europe/Paris > lala/etc/timezone
To make Perl packages happy, you need to tweak bash.bashrc, not profile
cat >> lala/etc/bash.bashrc <<-EOF
export LANGUAGE="en_US:en"
export LC_ALL="C.UTF-8"
export LC_COLLATE="C.UTF-8"
export LANG="C.UTF-8"
alias ll='ls -alhF'
alias cp='cp -i'
alias mv='mv -i'
alias rm='rm -i'
EOF
console requires a password unless you play with getty – disabling it instead
chroot lala/ /bin/bash passwd -d root #usermod -p '*' root
and proceed with package updates
export DEBIAN_FRONTEND=noninteractive
apt update
apt -y full-upgrade
apt autoremove --purge
apt -y install man-db manpages openssh-server openssh-client mlocate
# 386M
#bsd-mailx
#ls -lF /etc/postfix/main.cf
#ls -lF ll /etc/exim4/
systemctl get-default
systemctl set-default multi-user
Ubuntu only
systemctl disable systemd-timesyncd
Debian needs this
dpkg -l ifupdown apt -y install resolvconf
and it does not hurt an Ubuntu system either
apt -y install net-tools
that’s right, you’re done!
^D umount lala/ rmdir lala/
INTERNAL NETWORK (br0)
cat > $guest <<-EOF
kernel = "/data/kernels/5.2.21.domureiser4.vmlinuz"
root = "/dev/xvda1 ro console=hvc0 net.ifnames=0 biosdevname=0 mitigations=off"
memory = 7168
name = "$guest"
vcpus = 3
maxvcpus = 8
disk = ['tap:tapdisk:aio:/data/guests/$guest/$guest.ext4,xvda1,w']
vif = [ 'bridge=br0, vifname=$guest.0' ]
type = "pvh"
EOF
#netcfg/do_not_use_netplan=true ipv6.disable=1
#extra = "init=/bin/bash"
#memory = 8192
#memory = 10240
#memory = 12288
#memory = 16384
#memory = 32768
#disk = ['phy:/dev/drbd1,xvda1,w']
#disk = ['phy:/dev/vdisks/thin1,xvda1,w']
xl create $guest -c
login and check that everything is fine
ifconfig netstat -rn ls -lF /etc/resolv.conf* cat /etc/resolv.conf ping -c3 opendns.com cat /sys/devices/system/clocksource/clocksource0/current_clocksource dpkg -l | grep ntp #noexist systemctl get-default lsmod | grep tmem free -m updatedb history -c #poweroff ^] xl shu $guest
It’s time to make a template out of it
cd ../ newtemplate.bash $guest rm -rf $guest/ #renameguest.bash $guest NEW-NAME
–OR– eventually do it manually and avoid doing this on an NFS share
#fsck.ext4 $guest/$guest.ext4 fsck.reiser4 -y $guest.reiser4 #xfs_repair $guest.xfs cd ../ tar czSf /data/templates/$guest.tar.gz $guest/
while deploying it, regenerate host-keys first
mkdir lala mount $guest.ext4 lala echo NEW-HOST > lala/etc/hostname ls -lF lala/etc/ssh/ssh_host_* rm -f lala/etc/ssh/ssh_host_* ssh-keygen -q -t ed25519 -f lala/etc/ssh/ssh_host_ed25519_key -C "root@$guest" -N "" #chroot lala dpkg-reconfigure openssh-server umount lala rmdir lala
you might even consider re-creating the snakeoil cert
openssl x509 -text -noout < lala/etc/ssl/certs/ssl-cert-snakeoil.pem ...
apt install lvm2 xen-tools pvcreate /dev/sdaX vgcreate guestsvg /dev/sdaX vi /etc/xen-tools/xen-tools.conf lvm = guestsvg install-method = debootstrap size = 10Gb memory = 2Gb swap = 1Gb fs = ext4 ext4_options = noatime,nodiratime,errors=remount-ro dist = `xt-guess-suite-and-mirror --suite` image = sparse kernel = /boot/vmlinuz-`uname -r` initrd = /boot/initrd.img-`uname -r` pygrub = 1 mirror = `xt-guess-suite-and-mirror --mirror`
ready to build a guest,
xen-create-image --hostname $guest --ip x.x.x.x --netmask x.x.x.x --gateway x.x.x.x --vcpus 2 --dist stretch vi /etc/xen/$guest.cfg vif = [ 'script=vif-bridge, bridge=xenbr0' ] xl create /etc/xen/$guest.cfg -c
W: Cannot check Release signature; keyring file not available /usr/share/keyrings/debian-archive-keyring.gpg
==> Double-check debootstrap.
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LC_COLLATE = "C",
LANG = "en_US.UTF-8"
are supported and installed on your system.
and also
Setting up resolvconf (1.79) ... locale: Cannot set LC_CTYPE to default locale: No such file or directory locale: Cannot set LC_MESSAGES to default locale: No such file or directory locale: Cannot set LC_ALL to default locale: No such file or directory
==> Define those missing variables in bashrc and not profile, as seen above.
https://www.virtuatopia.com/index.php/Building_a_Xen_Virtual_Guest_Filesystem_on_a_Physical_Disk_Partition_(Cloning_Host_System)
https://wiki.debian.org/DebianKeyring#Obtaining_Keys
https://askubuntu.com/questions/958795/how-to-use-the-mirror-option-of-apt-cacher-ng-for-debootstrap
https://superuser.com/questions/1318220/ubuntu-18-04-disable-dnsmasq-base-and-enable-full-dnsmasq
https://www.thomas-krenn.com/en/wiki/Perl_warning_Setting_locale_failed_in_Debian
https://xenbits.xen.org/docs/unstable/SUPPORT.html#blkback
https://xenbits.xen.org/docs/unstable/man/xen-vbd-interface.7.html
https://xenbits.xen.org/docs/unstable/man/xl-disk-configuration.5.html
https://askubuntu.com/questions/162391/how-do-i-fix-my-locale-issue
https://www.linuxsecrets.com/discussions/5940-howto-linux-mount-devpts-file-system-on-dev-pts
https://wiki.debian.org/chroot#A.2Fdev.2Fpts
https://www.cyberciti.biz/faq/linux-mount-devpts/