Line 17: Line 17:
 You should see either vmx or svm in the output. You should see either vmx or svm in the output.
-Now, install the basic packages needed, a couple of utilities, but not all the extra crud.+Now, install the basic packages needed, a couple of utilities, but not all the extra crud. //​netcat-openbsd//​ is only needed if you're going to cluster and migrate virtuals from one hypervisor to another, from what I can tell. **virt-top** is a nice little //top// for seeing what is running and what resources they are using in real time.
 <code bash> <code bash>
-apt install -y --no-install-recommends qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils libguestfs-tools genisoimage virtinst libosinfo-bin virt-top+apt install -y --no-install-recommends qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils libguestfs-tools genisoimage virtinst libosinfo-bin virt-top ​netcat-openbsd
 reboot # brings libraries online reboot # brings libraries online
 </​code>​ </​code>​
Line 174: Line 174:
 I'm lazy, so I just created all three, then imported them all at one time. I'm lazy, so I just created all three, then imported them all at one time.
-<​code ​xml br_wan.xml+<​code ​bash
-<​network>​ +#! /usr/bin/env bash
-  <​name>​br_wan<​/name> +
-  <forward mode="​bridge"​/+
-  <bridge name="​br_wan"​/+
-</​network>​ +
-<​code ​xml br_dmz.xml+# create the xml definitionsThe br is prepended.  
-<​network>​ +# Add/remove interfaces if needed 
-  <​name>​br_dmz</​name>​ +for interface in wan lan dmz 
-  <forward mode="​bridge"/>​ +do  
-  <bridge name="br_dmz"/>​ +cat << EOF br_$interface.xml 
-</​network>​ +       ​<​network>​ 
-</​code>​+         ​<​name>​br_$interface</​name>​ 
 +         ​<forward mode="​bridge"/>​ 
 +         ​<bridge name="br_$interface"/>​ 
 +       ​</​network>​ 
 +# uncomment this if you want to view your xml files but 
 +# not process them 
 +# exit
-<code xml br_lan.xml>​ 
-  <​name>​br_lan</​name>​ 
-  <forward mode="​bridge"/>​ 
-  <bridge name="​br_lan"/>​ 
-And imported them all at once.+# find all xml files and do the net-define 
 +for interface in `ls *.xml` 
 +   virsh net-define --file $interface 
-<code bash> +# since the bridge name is followed by xml, simply remove that 
-for interface in `ls *.xml` ; do virsh net-define --file $interface ; done +# and set to autostart and start it 
-for interface in `ls *.xml | cut -d'​.'​ -f1` do virsh net-autostart $interface ​virsh net-start $interface ​done+for interface in `ls *.xml | cut -d'​.'​ -f1` 
 +   virsh net-autostart $interface ​ 
 +   virsh net-start $interface 
 +# show me the list of network names
 virsh net-list virsh net-list
 </​code>​ </​code>​
-After the last command, you should see your three interfaces defined. That means you can now use them.+This script assumes your network names are of the form br_//​something//​ and it creates the file name as br_//​something//​.xml. It then looks for all XML files (so, you don't want any others in the current directory), the processes ​them
 +The last loop assumes there are no periods in the network name. Be warned.
 ===== Using Storage ===== ===== Using Storage =====
Line 236: Line 243:
 <code bash> <code bash>
-virt-install ​                  ​+virt-install \ 
-   ​--hvm ​                      ​\+   --hvm \
    ​--connect ​   qemu:///​system \    ​--connect ​   qemu:///​system \
-   ​--name ​      ​router-a ​      ​+   ​--name ​      ​router-a \ 
-   ​--memory ​    ​4096 ​          ​+   ​--memory ​    4096 \ 
-   ​--vcpus ​     4              +   ​--vcpus ​     4 \ 
-   ​--disk ​      ​path=/​dev/​vg0/​router-a.disk0,​bus=scsi              ​+   ​--disk ​      ​path=/​dev/​vg0/​router-a.disk0,​bus=virtio,​target=sda ​
-   ​--graphics vnc,​port=5901 ​                                        ​+   ​--graphics vnc,​port=5901 \ 
-   ​--noautoconsole ​                                                 \+   ​--noautoconsole \
    ​--cdrom ​    /​media/​xen-store/​OPNsense-20.1-OpenSSL-dvd-amd64.iso \    ​--cdrom ​    /​media/​xen-store/​OPNsense-20.1-OpenSSL-dvd-amd64.iso \
-   ​--os-variant freebsd11.1 ​                                            ​\+   ​--os-variant freebsd11.1 \
    ​--metadata uuid=d9510e01-e461-461f-9aa8-3cee223cb4a0,​name=router-a,​title=router-a,​description='​Primary Router'​ \    ​--metadata uuid=d9510e01-e461-461f-9aa8-3cee223cb4a0,​name=router-a,​title=router-a,​description='​Primary Router'​ \
-   ​--boot ​    ​hd,​cdrom,​menu=on ​                                     +   ​--boot ​    ​hd,​cdrom,​menu=on \ 
-   ​--network ​ bridge=br_wan,​mac=00:​16:​3e:​bd:​26:​70 ​                     +   ​--network ​ bridge=br_wan,​mac=00:​16:​3e:​bd:​26:​70,​model=virtio ​
-   ​--network ​ bridge=br_dmz,​mac=00:​16:​3e:​bd:​26:​71 ​                  ​+   ​--network ​ bridge=br_dmz,​mac=00:​16:​3e:​bd:​26:​71,​model=virtio ​
-   ​--network ​ bridge=br_lan,​mac=00:​16:​3e:​bd:​26:​72+   ​--network ​ bridge=br_lan,​mac=00:​16:​3e:​bd:​26:​72,​model=virtio
 </​code>​ </​code>​
 +Other useful options are
 +  * --dry-run # don't really do it
 +  * --controller virtio-scsi # this is specific to KVM, but faster there
 +  * osinfo-query os # this shows the OS's available for the --os-variant flag
 +most of the parameters are self evident, but I'll quickly talk about why I did some of them.
 +  * --graphics vnc,​port=5901 - Our servers are headless and have no GUI. I want to be able to connect during install using VNC. By defining the port here, it is not auto-selected (and changeable) across boots
 +  * --noautoconsole - When starting the virtual, virt-lib tries to bring up a GUI for virtviewer to take over, or run virsh console to bring up a serial console. Since I don't want either, I disable it here
 +  * --os-variant freebsd11.1 - By defining this, virt-install can set up some defaults that work well with the known OS.
 +  * --metadata uuid=d9510e01-e461-461f-9aa8-3cee223cb4a0,​name=router-a,​title=router-a,​description='​Primary Router'​
 +    * title, name and description will show up in some reports. ​
 +    * uuid is good so the virtual does not get a new, randomly generated UUID every time it runs. Use the uuidgen command to get a randomly generated one for each new machine
 +===== Performing Installation =====
 +For most systems, I use VNC to do the install. Since I'm remote, I use the following ssh command:
 +<code bash>ssh -L localhost:​5910:​localhost:​5901 server</​code>​
 +  * 5910 is the local VNC port I'll attach to (ie, localhost:​5910)
 +  * 5901 is the VNC port I told virt-install to use
 +  * server is the name of the hypervisor
 +Then, when I run the virt-install command, I simply make a VNC connection to localhost:​5910 and can do my install.
 +===== Setting other parameters =====
 +If you want the domain to come up automatically when the hypervisor is turned on, the autostart flag needs to be set. Do this with <code bash>​virsh autostart domainname</​code>​
 +===== Links =====
