A Virtual Machine Host

· sysadmin hacking zfs
This blog post is more than two years old. It is preserved here in the hope that it is useful to someone, but please be aware that links may be broken and that opinions expressed here may not reflect my current views. If this is a technical article, it may no longer reflect current best practice.

It’s very easy to set up libvirt with QEMU/KVM on a Linux box and have it work for a while. It’s more difficult to have a system set up that’s going to be somewhat robust and maintainable over a longer period of time.

I am using a dedicated server from Hetzner. I have not personally had any serious problems with Hetzner, and price is the main reason that I’ve chosen them over other providers.

Operating System Install

Hetzner provides a “rescue” system that you can boot your dedicated server into and this allows for a customisable installation of Debian. My server has two HDDs and by default the install script will set up software RAID for you. I’d like to use ZFS and give ZFS as much direct control over the disks as possible so the default installation wouldn’t work for me.

From the web interface, set your server to boot into the “rescue” system for Linux 64-bit and select your SSH key. You will need to reboot the server as a seperate step.

$ ssh root@YOURSERVER


  Welcome to the Hetzner Rescue System.

  This Rescue System is based on Debian 8.0 (jessie) with a newer
  kernel. You can install software as in a normal system.

  To install a new operating system from one of our prebuilt
  images, run 'installimage' and follow the instructions.

  More information at http://wiki.hetzner.de


Hardware data:

   CPU1: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz (Cores 8)
   Memory:  32044 MB
   Disk /dev/sda: 2000 GB (=> 1863 GiB) 
   Disk /dev/sdb: 2000 GB (=> 1863 GiB) 
   Total capacity 3726 GiB with 2 Disks

Network data:
   eth0  LINK: yes
         MAC:  xx:xx:xx:xx:xx:xx
         IP:   xxx.xxx.xxx.xxx
         IPv6: xxxx:xxxx:xxxx:xxxx::2/64
         RealTek RTL-8169 Gigabit Ethernet driver

root@rescue ~ # 

You’ll see here information about your disks. In general this blog post is going to assume your server is pretty much identical to this one if you are following this.

Run installimage to start the installation script and you’ll see the following menu:

Select Debian (the first choice) from the menu and you’ll then be given a list of available Debian images. Choose Debian-93-stretch-64-minimal from this menu. You’ll then be shown a notice to tell you that an editor will now be opened to allow you to edit the parameters for the installation. Just press Enter to start the editor. (In case you were wondering, the editor is mcedit.)

Look for SWRAID 1 and change this to SWRAID 0 to disable the use of software RAID. You can also set the hostname for the installed system in the script by changing the HOSTNAME line. Finally set up the partitions for the new system. The installation script doesn’t know about ZFS so this will happen later, for now change the PART lines to look like:

PART /boot ext3 512M
PART / ext4 55G

These partitions will be created on /dev/sda and /dev/sdb will be left untouched by the installer. Press to exit the editor, and save your changes. The installation will then run:

                Hetzner Online GmbH - installimage

  Your server will be installed now, this will take some minutes
             You can abort at any time with CTRL+C ...

         :  Reading configuration                           done 
         :  Loading image file variables                    done 
         :  Loading debian specific functions               done 
   1/15  :  Deleting partitions                             done 
   2/15  :  Test partition size                             done 
   3/15  :  Creating partitions and /etc/fstab              done 
   4/15  :  Formatting partitions
         :    formatting /dev/sda1 with ext3                done 
         :    formatting /dev/sda2 with ext4                done 
   5/15  :  Mounting partitions                             done 
   6/15  :  Sync time via ntp                               done 
         :  Importing public key for image validation       done 
   7/15  :  Validating image before starting extraction     done 
   8/15  :  Extracting image (local)                        done 
   9/15  :  Setting up network config                       done 
  10/15  :  Executing additional commands
         :    Setting hostname                              done 
         :    Generating new SSH keys                       done 
         :    Generating ramdisk                            done 
         :    Generating ntp config                         done 
  11/15  :  Setting up miscellaneous files                  done 
  12/15  :  Configuring authentication
         :    Fetching SSH keys                             done 
         :    Disabling root password                       done 
         :    Disabling SSH root login without password     done 
         :    Copying SSH keys                              done 
  13/15  :  Installing bootloader grub                      done 
  14/15  :  Running some debian specific functions          done 
  15/15  :  Clearing log files                              done 

   You can now reboot and log in to your new system with
  the same password as you logged in to the rescue system.

root@rescue ~ # 

Now that you have installed the operating system, reboot. Your new system will have generated its own SSH host keys, so you’ll need to remove the old host keys from the rescue system from your known_hosts file:

ssh-keygen -R xxx.xxx.xxx.xxx

Once logged in to the new system, you’ll need to create partitions on sda and sdb for ZFS to make use of. Use fdisk to create a third partition on sda to use all the remaining space and then again to create a partition on sdb using the entire disk. As sda is currently in use by the system you’ll see the following message when you write the changes to disk:

The partition table has been altered.
Calling ioctl() to re-read partition table.
Re-reading the partition table failed.: Device or resource busy

The kernel still uses the old table. The new table will be used at the next
reboot or after you run partprobe(8) or kpartx(8).

This is fine. Once all the changes are made, reboot.

ZFS Install

Now it’s time to install ZFS. ZFS is not in Debian main, but is available in Debian contrib. In the Hetzner Debian images, the contrib and non-free archive areas are enabled by default. A freshly installed Hetzner system will not have any package lists cached, so an update is needed first.

apt update
apt install linux-headers-$(uname -r) zfs-dkms

You’ll be shown a warning about the license conditions. They should not be a problem here. The ZFS kernel module and userspace services are not loaded unless there is a zpool to use them, so when they are first installed they won’t be loaded. You can load them with:

modprobe zfs
systemctl restart zfs-import-cache
systemctl restart zfs-import-scan
systemctl restart zfs-mount
systemctl restart zfs-share

You can then create a zpool. (You need to do this before you reboot or else the zfs module will again not be loaded!)

zpool create tank mirror sda3 sdb1
zpool status

Some space on sdb1 is wasted here, as sda3 is smaller than sdb1 but this is not something that particularly bothers me.

Open vSwitch Installation

Next up is Open vSwitch. I’d like to have some flexibility in how the networking for the virtual machines is configured and Open vSwitch is a nice way to provide that. Installation is simple:

apt install openvswitch-switch
ovs-vsctl show

libvirt and QEMU/KVM Installation

Next up is QEMU/KVM. Again, a simple installation:

apt install libvirt-daemon-system qemu-kvm
virsh nodeinfo

Next Steps

Now that all the software is installed, next up will be configuring the components to work together and turn it into a nice flexible and robust virtualisation system. My next steps will be:

  • Set up some basic networking with NAT
  • Create the first VM
  • Use ZFS snapshots and replication to backup the VMs automatically

If you would like to contact me with comments, please send me an email.
If you would like to support my free software work, you can support me on Patreon or donate via PayPal.

This post was syndicated on: