|
|
# installation: libvirt
|
|
|
|
|
|
|
|
|
[[_TOC_]]
|
|
|
|
|
|
|
|
|
## host: logiciels
|
|
|
|
|
|
*[add backports as in [[installation/debian|installation/debian]]]*
|
|
|
|
|
|
# apt-get install -t wheezy-backports \
|
|
|
libvirt-bin \
|
|
|
qemu-kvm qemu-utils \
|
|
|
netcat-openbsd \
|
|
|
bridge-utils dnsmasq-base ebtables
|
|
|
|
|
|
[RAISON:<br />
|
|
|
dnsmasq-base: default NATed network<br />
|
|
|
netcat-openbsd: qemu+ssh (nc's -U, <https://bugs.debian.org/614291>)<br />
|
|
|
qemu-utils: qemu-img<br />
|
|
|
]
|
|
|
|
|
|
*[si /srv sur une partition différente]*
|
|
|
|
|
|
# service libvirt-bin stop
|
|
|
# mkdir /srv/libvirt
|
|
|
# echo '/srv/libvirt /var/lib/libvirt none defaults,bind 0 0' >>/etc/fstab
|
|
|
# mv /var/lib/libvirt/* /srv/libvirt/
|
|
|
# mount /var/lib/libvirt
|
|
|
# service libvirt-bin restart
|
|
|
# etckeeper commit 'fstab: bind mount /srv/libvirt'
|
|
|
|
|
|
*[si dnsmasq est déjà installé]*
|
|
|
|
|
|
# nano /etc/dnsmasq.conf
|
|
|
[uncomment]
|
|
|
> --8<---------------cut here---------------start------------->8---
|
|
|
> ## <https://bugs.debian.org/690540>
|
|
|
> bind-interfaces
|
|
|
> --8<---------------cut here---------------end--------------->8---
|
|
|
|
|
|
*[de toute façon]*
|
|
|
|
|
|
# virsh net-autostart default
|
|
|
Network default marked as autostarted
|
|
|
# service libvirt-bin restart
|
|
|
# etckeeper commit 'libvirt/qemu/networks/autostart/default.xml: new file'
|
|
|
|
|
|
# adduser rescue libvirt
|
|
|
# etckeeper commit 'adduser rescue libvirt'
|
|
|
|
|
|
*[images in /var/lib/libvirt/images/]*
|
|
|
|
|
|
|
|
|
## guest
|
|
|
|
|
|
*[sur machine locale]*
|
|
|
|
|
|
$ sudo apt-get install virt-install
|
|
|
$ export MACHINE=NOM.DOMAIN
|
|
|
|
|
|
*[- si target GNU/Linux]*
|
|
|
|
|
|
$ virt-install \
|
|
|
--connect qemu+ssh://$HOSTNAME.$DOMAIN/system \
|
|
|
--name "$MACHINE" \
|
|
|
--ram 1024 \
|
|
|
--os-type linux \
|
|
|
--os-variant debianwheezy \
|
|
|
--disk /var/lib/libvirt/images/"$MACHINE".img,size=20,format=qcow2 \
|
|
|
--autostart \
|
|
|
--location http://ftp.ch.debian.org/debian/dists/wheezy/main/installer-amd64/ \
|
|
|
--graphics none \
|
|
|
--extra-args console=ttyS0
|
|
|
|
|
|
*[- si target Windows]*
|
|
|
|
|
|
$ virt-install \
|
|
|
--connect qemu+ssh://$HOSTNAME.$DOMAIN/system \
|
|
|
--name "$MACHINE" \
|
|
|
--ram 1024 \
|
|
|
--os-type windows \
|
|
|
--os-variant win$VERS \
|
|
|
--disk /var/lib/libvirt/images/"$MACHINE".img,size=10,format=qcow2 \
|
|
|
--autostart \
|
|
|
--cdrom /var/lib/libvirt/images/Microsoft_Windows_$VERS_$LANG_$ARCH.iso \
|
|
|
--graphics vnc
|
|
|
|
|
|
|
|
|
## host: finalisation
|
|
|
|
|
|
*[de toute façon]*
|
|
|
|
|
|
# virsh destroy $MACHINE
|
|
|
# grep 'mac address' /etc/libvirt/qemu/$MACHINE.xml | cut -d "'" -f 2
|
|
|
[MAC du genre 52:54:00:nn:nn:nn]
|
|
|
# virsh net-destroy default
|
|
|
# virsh net-edit default
|
|
|
[insert after
|
|
|
<range start="192.168.122.2" end="192.168.122.254"/>]
|
|
|
<host mac="52:54:00:nn:nn:nn" name="$MACHINE" ip="192.168.122.$IP" />
|
|
|
# virsh net-start default
|
|
|
|
|
|
*[si connexions depuis l'extérieur]*
|
|
|
|
|
|
# cp /home/rescue/bin/etc___libvirt___hooks___qemu /etc/libvirt/hooks/qemu
|
|
|
# chown root:root !$
|
|
|
# nano /etc/libvirt/hooks/qemu
|
|
|
[add in the case statement]
|
|
|
--8<---------------cut here---------------start------------->8---
|
|
|
HOST_IP=$HOST_IP
|
|
|
|
|
|
case "$1" in
|
|
|
MACHINE)
|
|
|
GUEST_IP=192.168.122.$IP
|
|
|
# 22(300 + $IP)/SSH
|
|
|
/sbin/iptables -t nat "$IPTABLES_ACTION" PREROUTING -p tcp -m tcp -d "$HOST_IP"/32 --dport 22(300 + $IP) -j DNAT --to-destination "$GUEST_IP"
|
|
|
/sbin/iptables "$IPTABLES_ACTION" FORWARD -p tcp -m tcp -d "$GUEST_IP"/32 --dport 22(300 + IP) -m state --state NEW -j ACCEPT
|
|
|
# 8(300 + $IP)/HTTP
|
|
|
/sbin/iptables -t nat "$IPTABLES_ACTION" PREROUTING -p tcp -m tcp -d "$HOST_IP"/32 --dport 8(300 + $IP) -j DNAT --to-destination "$GUEST_IP":80
|
|
|
/sbin/iptables "$IPTABLES_ACTION" FORWARD -p tcp -m tcp -d "$GUEST_IP"/32 --dport 80 -m state --state NEW -j ACCEPT
|
|
|
# 44(300 + $IP)/HTTPS
|
|
|
/sbin/iptables -t nat "$IPTABLES_ACTION" PREROUTING -p tcp -m tcp -d "$HOST_IP"/32 --dport 44(300 + $IP) -j DNAT --to-destination "$GUEST_IP":443
|
|
|
/sbin/iptables "$IPTABLES_ACTION" FORWARD -p tcp -m tcp -d "$GUEST_IP"/32 --dport 443 -m state --state NEW -j ACCEPT
|
|
|
# 49(300 + $IP)/Bacula-FD
|
|
|
/sbin/iptables -t nat "$IPTABLES_ACTION" PREROUTING -p tcp -m tcp -d "$HOST_IP"/32 --dport 49(300 + $IP) -j DNAT --to-destination "$GUEST_IP"
|
|
|
/sbin/iptables "$IPTABLES_ACTION" FORWARD -p tcp -m tcp -d "$GUEST_IP"/32 --dport 49(300 + $IP) -m state --state NEW -j ACCEPT
|
|
|
;;
|
|
|
*)
|
|
|
exit 0
|
|
|
;;
|
|
|
--8<---------------cut here---------------end--------------->8---
|
|
|
|
|
|
*[de toute façon]*
|
|
|
|
|
|
# virsh edit $MACHINE
|
|
|
[remove if present]
|
|
|
<source file='/var/lib/libvirt/images/Microsoft_Windows_$VERS_$LANG_$ARCH.iso'/>
|
|
|
# virsh start $MACHINE
|
|
|
# etckeeper commit 'libvirt/qemu/$MACHINE.xml: new file'
|
|
|
|
|
|
*[connexions successives si VNC]*
|
|
|
|
|
|
$ virt-viewer qemu+ssh://$HOSTNAME.$DOMAIN/system "$MACHINE" |