[conspire] Church of Get It Done Now ... linuxmafia.com --> virtual? :-)

Michael Paoli Michael.Paoli at cal.berkeley.edu
Sat May 25 02:26:56 PDT 2019 

> From: "Rick Moen" <rick at linuxmafia.com>
> Subject: Re: [conspire] Church of Get It Done Now ... linuxmafia.com  
> --> virtual? :-)
> Date: Fri, 24 May 2019 11:15:33 -0700

> Quoting Michael Paoli (Michael.Paoli at cal.berkeley.edu)

> security-hard and totally minimal.  It's enough Linux to run a kernel

Hmmm, so I presume that means no X?  Or just the minimal client bits? -
E.g. enough to run client(s) and display on some other X server (such
as securely forwarded over ssh), but no X server.

So, ... building VMs, etc. ... no X server, but minimal X client
stuff, etc. - can do that and display elsewhere ... no biggie.
Or ... no X at all - that'd be more challenging, but (mostly?) doable.
As for building the VMs, sans GUI, maybe about 3 options:
o use (virtual) serial console - hard bit would be specifying that
   to the boot loader, without graphics console at all - would probably
   have to tweak the typical ISO image - and even if booted with serial
   console, the particular OS installation may - or may not - support
   doing an install driven from serial console
o PXE boot - wee bit more infrastructure to install - either on the
   physical host - or ... don't want it there?  Can go elsewhere on
   network - but if not that physical host, then that means putting it
   elsewhere that can access the physical network - so bridging the
   VM to that, not, e.g. behind qemu-kvm's (default if I recall correctly)
   NAT/SNAted RFC-1918 'lil subnet for the VM(s).  In any case, you'll
   likely want PXE boot set up and accessible *somehow* ... and can then
   do, e.g. Debian (or (most?) derivatives thereof
   FAI (Fully Automatic Installation),
   or Kickstart for Fedora & (most?) derivatives, etc.

Also, for the existing linuxmafia.com host - presuming one will just
copy the image over - with zero to minimal changes (at least initially),
would be best to set serial console up on that first; Linux can even do
multiple consoles - e.g. serial *and* graphics (or at least via whatever
the graphics card - can still just be text) ... however only one
is used for input - if multiple are specified for console, the last
specified is used for input, ... e.g. my balug VM:
# cat /proc/cmdline
BOOT_IMAGE=/vmlinuz-4.9.0-9-amd64 root=/dev/mapper/balug-root ro  
consoleblank=0 console=tty0 console=ttyS0,9600n8
#
 From the above, one can see console input is the serial.  That doesn't
prevent one from having getty or the like on both, just that some stuff
will only input from one ... e.g. if some initialization before going
multi-user says it wants fsck and goes interactive on console, it will
only be taking input from one.

Also, most boot loaders can use serial console and/or graphics card &
keyboard.  Some will even automagically use for input whichever they
first see input on - or will even use both for input ... of course
this may require bit of config on the boot loader ... don't know that
any of 'em do that (or use serial at all?) by default.

As far as linuxmafia.com image goes, & boot loader and serial, etc.,
might set up two "menu" entries or selections,
one using keyboard for kernel console input, the other serial,
set keyboard as default, and just before copying to do migration to VM,
change the default to serial.

>> Once you've set that up, I can make some general recommendations
>> (e.g. [virtual] network bits, VM format, etc.) - even have a very
>> handy TEMPLATE file I use for quick and convenient creation of
>> virtual machines - copy it, tweak some common settings, execute
>> it, and VM is created up and running.
>
> Yeah, I'll definitely want that.

Here 'ya go :-) ... you'll want to tweak it at least some bit,
e.g. by default mine determines and uses a particular location where
it expects a bootable (nominally ISO) "CDROM" image (I nominally have
most current Debian stable there, 64-bit, CD-1).  You may also well
want to nix (or change) the X related bits, and if totally dropping
out the X stuff, there might possibly be some options to add/tweak
especially regarding serial?
In the end, it just executes virt-install,
could prepend a set -x if one wants to see what that results in,
or prepend it with an echo if wants it to talk big but do nothing
I just have the file called TEMPLATE, and will typically copy it to
file having name I want to use for the VM (e.g. ...
# find * -type d -prune -o \( -type f ! -name TEMPLATE ! -name  
*.migrate ! -name *.unmigrate -print \) | sort -R | head | sort
deb81l
debian-stretch-DI-rc3-amd64
debian9amd64
deblive64
demo-02-loopup
kubuntu
lmrecover.xml.ide+3scsi+link
lmrecover.xml.scsi0virio+scsi2+link+512MiB
lubuntupxeci386
solaris9
#
Hmmm, I think those lm* ones were ones I used when working to fix
linuxmafia.com's software (, etc.) configuration.
):
# <TEMPLATE expand -t 4
#!/bin/sh

# these have defaults
NAME=
MiB=

# boot/install from this (if set and non-null)
# if unset or null use first --disk
PATHTOISO=
# default PATHTOISO:
PATHTOISO="${PATHTOISO:-$(awk '/^[  ]*#/  
{next;};{if($2=="/media/cdrom9"){print $1;exit;};}' /etc/fstab)}"

# set non-null for PXE boot
PXE=

# specify first disk (will boot if PATHTOISO and PXE both unset or null
# unset or null for none
DISK=
#DISK=/dev/tigger/LV,format=raw
#DISK=/dev/sr0,device=cdrom,bus=scsi,perms=ro
#DISK=/var/tmp/scratch/HD,format=raw,sparse=true

# set non-null to skip OS installation, build guest image around disk image
IMPORT=

# set non-null to configure permanently to boot from CDROM
LIVECD=

# unset or null for none
NETWORK=
NETWORK=network=default
#NETWORK=bridge=br0
#NETWORK=bridge=br0,mac=52:54:00:3f:c0:75

# set non-null for don't automatically reboot after install completes
NOREBOOT=

# minutes to wait for VM to install (-1 forever); null or unset for default
WAIT=
WAIT=-1

# autodetection attempted if unset or null, none for no autodetection
#OS_VARIANT=
OS_VARIANT=debian9
#OS_VARIANT=fedora16
#OS_VARIANT=ubuntusaucy
#OS_VARIANT=none

# Request a non-native CPU architecture
# null or unset to use default
ARCH=
#ARCH=arm i386 i486 i586 i686 mips mipsel ppc sparc x86_64
#ARCH=486
#ARCH=athlon
#ARCH=core2duo
#ARCH=coreduo
#ARCH=kvm64
#ARCH=n270
#ARCH=pentium
#ARCH=pentium2
#ARCH=pentium3
#ARCH=phenom
#ARCH=qemu32
#ARCH=qemu64

### DEFAUTLTS ###
# default name:
NAME="${NAME:-$(basename $0)}"
# default MiB:
MiB="${MiB:-1024}"

# common options
#VIRTINSTALLOPTS='--virt-type qemu --hvm'
VIRTINSTALLOPTS='--virt-type kvm --hvm'
# virtualization type
# --virt-type kvm \
# full hardware virtualization
# --hvm \

if [ x"$DISK" = x ]; then
     DISKarg=--nodisks
else
     DISKarg=--disk="$DISK"
fi

if [ x"$NETWORK" = x ]; then
     NETWORKarg=--nonetworks
else
     NETWORKarg=--network="$NETWORK"
fi

DISPLAY="${DISPLAY:-:0.0}" export DISPLAY
XAUTHORITY="${XAUTHORITY:-/home/m/michael/.Xauthority}" export XAUTHORITY

virt-install \
     --name="$NAME" \
     ${PATHTOISO:+--cdrom="$PATHTOISO"} \
     ${PXE:+--pxe} \
     ${DISKarg:+"$DISKarg"} \
     ${IMPORT:+--import} \
     ${LIVECD:+--livecd} \
     ${NETWORKarg:+"$NETWORKarg"} \
     --ram="$MiB" \
     ${NOREBOOT:+--noreboot} \
     ${WAIT:+--wait="$WAIT"} \
     ${OS_VARIANT:+--os-variant="$OS_VARIANT"} \
     ${ARCH:+--arch="$ARCH"} \
     $VIRTINSTALLOPTS
#

More information about the conspire mailing list