Network/Procedures/Create a new VM

From Makers Local 256
Jump to: navigation, search

This setup will create two logical volumes on two different boxes, set up replication between them, create a new VM backed by the replicated storage, and put Debian stable on it. The example hosts I will be using are vm2 and vm3. I will be creating the newvpn VM.

  • Create the block devices (do this on both hosts, so vm2 and vm3 in this case):
vm2$ sudo lvcreate vm2_storage --name newvpn_root --size 10G
vm3$ sudo lvcreate vm3_storage --name newvpn_root --size 10G
  • Create the drbd resource config on both boxes; for example, /etc/drbd.d/newvpn_root:
 resource newvpn_root { #change this to match the name of the volume
        protocol C;
        meta-disk internal;
        device /dev/drbd_newvpn_root minor 13; #change this. I like to make it match the IP the box will have
        syncer {
                verify-alg sha1;
                rate 5M;
        }
        net {
                allow-two-primaries;# yes;
                cram-hmac-alg sha1;
                shared-secret "newvpn_root"; #change this
                after-sb-0pri discard-zero-changes;
                after-sb-1pri consensus;
                after-sb-2pri disconnect;
        }
        on vm3 {
                disk /dev/vm3_storage/newvpn_root; #change this
                address 10.56.0.30:7813; #change the port and such. I use 78xx where xx is the minor
        }
        on vm2 {
                disk /dev/vm2_storage/newvpn_root; #change this
                address 10.56.0.20:7813; #should match the other host, but address different
        }
}
  • Set up the drbd resource (do this on both hosts):
sudo drbdadm create-md newvpn_root #creates metadata on underlying slice
sudo drbdadm adjust newvpn_root #set up the resource and connect to the other box
sudo drbd-overview | grep newvpn_root #make sure the states are Secondary/Secondary indicating connection
  • On only one of the hosts, invalidate the current state of the volume:
sudo drbdadm invalidate newvpn_root
  • Then, only on the other host, set the volume to primary:
sudo drbdadm primary newvpn_root

The volume will start replicating between hosts.

  • On the host you selected as primary, debootstrap a new install using xen-tools.
sudo xen-create-image --fs=ext4 --genpass_len=64 --image-dev=/dev/drbd_newvpn_root --memory=256M --pygrub --bridge=br.200 --ip=10.56.0.13 --gateway=10.56.0.1 --netmask=255.255.255.0 --hostname=newvpn --noswap --verbose

This part takes a LONG time (like 10-30 minutes depending on Internet download speeds). Note the root password provided!

  • Now the box exists. Try to start it:
sudo xl create newvpn.cfg
  • Copy /etc/xen/newvpn.cfg to the other VM host so that you could start it there if you had to.
  • Shell into your new VM and do what you need to do! Use the root password from the xen-create-image tool to log in. Make a username for yourself and then mind-wipe that root password.
  • Go edit Network/DMZ to add your new box to the list.
  • Don't forget to set up backups.