2013. június 22., szombat
2013. június 13., csütörtök
XenServer VM creation
As I promised earlier. If you want to create a new virtual machine in XenServer or XCP from an ISO file in the CLI and don't want to download it on-the-fly, here are the steps you should take.
Let's assume that you have only one 650megs cd image. Your 4 gigs size root fs will be enough to host that. If you have a dvd image or you want to store more then one cd image, it won't fit. Then, you have to create a new partition with LVM tools. So:
lvcreate -L15G -n /dev/VG_XenStorage-[PRESS_TAB_HERE]/MYISOS
mkfs.ext3 /dev/VG_XenStorage-[PRESS_TAB_HERE]/MYISOS
mkdir -p /myfiles/ && mount /dev/VG_XenStorage-[PRESS_TAB_HERE]/MYISOS /myfiles
Having done, here is the second step. Create a new Storage Repository.
xe sr-create name-label=MY-LITTLE-SR type=iso device-config:location=/myfiles/ device-config:legacy_mode=true content-type=iso
You'll see something like this cd0423d8-23db-5af4-bd70-43b60c901e17
That's the UUID of your newly created storage. Now, copy your install iso file, from example from an USB key:
cp /mnt/sdc1/CentOS-6.0-x86_64-LiveCD.iso /myfiles/
xe sr-scan uuid=cd0423d8-23db-5af4-bd70-43b60c901e17
xe cd-list
(always use TAB!). The reply is:
xe vm-install template=Other\ install\ media new-name-label=MY-LITTLE-VM sr-uuid=$(xe sr-list name-label="Local storage" --minimal)
a69f7844-1c4f-7e44-e072-978de5c1788c
That means you have succesfully created your VM on the disk storage named Local storage. (Default place to put VM's on.). Let's create a virtual interface for this machine and bind it to the physical interface eth0.
xe vif-create network-uuid=$(xe network-list name-label="Pool-wide network associated with eth0" --minimal) vm-uuid=$(xe vm-list name-label=MY-LITTLE-VM --minimal) device=0
It's time to create a new 25Gigs virtual disk and mount it to the VM as a Virtual Block Device.
xe vdi-create name-label=root-MY-VM sr-uuid=$(xe sr-list name-label="Local storage" --minimal) type=system virtual-size=25GiB sharable=false
xe vdb-create vdi-uuid=$(xe vdi-list name-label=root-MY-VM --minimal) vm-uuid=$(xe vm-list name-label=MY-LITTLE-VM --minimal) type=Disk bootable=true device=0
So far so good. Now, load the CD and set a new fixed RAM size, overwriting the template setting.
xe vm-cd-add vm=MY-LITTLE-VM cd-name=CentOS-6.0-x86_64-LiveCD.iso device=1
xe vm-memory-limits-set vm=MY-LITTLE-VM static-min=512MiB static-max=512MiB dynamic-min=512MiB dynamic-max=512MiB
To delegate a virtual quad-core vCPU to the VM:
xe vm-param-set platform:cores-per-socket=4 uuid=$(xe vm-list name-label=MY-LITTLE-VM --minimal)
or set the max virtual CPUs number to 8. (That's the number that a physical quad-core can drive)
xe vm-param-set VCPUs-max=8 uuid=$(xe vm-list name-label=MY-LITTLE-VM --minimal)
Now, fire up the VM and switch to its console:
xe vm-start name-label=MY-LITTLE-VM
xe console vm=MY-LITTLE-VM
Exit the console with: CTRL+5
Sometimes it is useful to identify your virtual network cards VIFs in connection with your VMs. Remember this command:
xe vm-list is-control-domain=false params=dom-id,name-label,uuid
It will tell your VMs' domain IDs. Just watch your ifconfig output and match the VIFs' IDs (vifx.y) to your VM domains' IDs. (x is your VM, y is the device number.)
While investigating which damn vlan, bridge, vif or whatever interface bound to what and where, this is the MOST USEFUL command I've ever seen:
brctl show
Let's assume that you have only one 650megs cd image. Your 4 gigs size root fs will be enough to host that. If you have a dvd image or you want to store more then one cd image, it won't fit. Then, you have to create a new partition with LVM tools. So:
lvcreate -L15G -n /dev/VG_XenStorage-[PRESS_TAB_HERE]/MYISOS
mkfs.ext3 /dev/VG_XenStorage-[PRESS_TAB_HERE]/MYISOS
mkdir -p /myfiles/ && mount /dev/VG_XenStorage-[PRESS_TAB_HERE]/MYISOS /myfiles
Having done, here is the second step. Create a new Storage Repository.
xe sr-create name-label=MY-LITTLE-SR type=iso device-config:location=/myfiles/ device-config:legacy_mode=true content-type=iso
You'll see something like this cd0423d8-23db-5af4-bd70-43b60c901e17
That's the UUID of your newly created storage. Now, copy your install iso file, from example from an USB key:
cp /mnt/sdc1/CentOS-6.0-x86_64-LiveCD.iso /myfiles/
xe sr-scan uuid=cd0423d8-23db-5af4-bd70-43b60c901e17
xe cd-list
(always use TAB!). The reply is:
xe vm-install template=Other\ install\ media new-name-label=MY-LITTLE-VM sr-uuid=$(xe sr-list name-label="Local storage" --minimal)
a69f7844-1c4f-7e44-e072-978de5c1788c
That means you have succesfully created your VM on the disk storage named Local storage. (Default place to put VM's on.). Let's create a virtual interface for this machine and bind it to the physical interface eth0.
xe vif-create network-uuid=$(xe network-list name-label="Pool-wide network associated with eth0" --minimal) vm-uuid=$(xe vm-list name-label=MY-LITTLE-VM --minimal) device=0
It's time to create a new 25Gigs virtual disk and mount it to the VM as a Virtual Block Device.
xe vdi-create name-label=root-MY-VM sr-uuid=$(xe sr-list name-label="Local storage" --minimal) type=system virtual-size=25GiB sharable=false
xe vdb-create vdi-uuid=$(xe vdi-list name-label=root-MY-VM --minimal) vm-uuid=$(xe vm-list name-label=MY-LITTLE-VM --minimal) type=Disk bootable=true device=0
So far so good. Now, load the CD and set a new fixed RAM size, overwriting the template setting.
xe vm-cd-add vm=MY-LITTLE-VM cd-name=CentOS-6.0-x86_64-LiveCD.iso device=1
xe vm-memory-limits-set vm=MY-LITTLE-VM static-min=512MiB static-max=512MiB dynamic-min=512MiB dynamic-max=512MiB
To delegate a virtual quad-core vCPU to the VM:
xe vm-param-set platform:cores-per-socket=4 uuid=$(xe vm-list name-label=MY-LITTLE-VM --minimal)
or set the max virtual CPUs number to 8. (That's the number that a physical quad-core can drive)
xe vm-param-set VCPUs-max=8 uuid=$(xe vm-list name-label=MY-LITTLE-VM --minimal)
Now, fire up the VM and switch to its console:
xe vm-start name-label=MY-LITTLE-VM
xe console vm=MY-LITTLE-VM
Exit the console with: CTRL+5
Sometimes it is useful to identify your virtual network cards VIFs in connection with your VMs. Remember this command:
xe vm-list is-control-domain=false params=dom-id,name-label,uuid
It will tell your VMs' domain IDs. Just watch your ifconfig output and match the VIFs' IDs (vifx.y) to your VM domains' IDs. (x is your VM, y is the device number.)
While investigating which damn vlan, bridge, vif or whatever interface bound to what and where, this is the MOST USEFUL command I've ever seen:
brctl show
2013. június 6., csütörtök
Hardening Hyper-V 2012 clusters, Deployment Bible
I've came across an awesome article, originally on http://social.technet.microsoft.com/Forums/en-US/winserverhyperv/thread/61e18aaf-de6a-42e7-aa41-3cee790a1236/. In case it disappers I'm taking an exact copy of it. I do hope it wont violate any law. :P Thanks Roger Osborne, anyway.
[...]
[...]
GENERAL (HOST):
⎕
Use Server Core, or the Windows Minimal Interface, to reduce OS
overhead, reduce the potential attack surface, and to minimize reboots
(due to fewer software updates).
- Server Core information: http://msdn.microsoft.com/en-us/library/windows/desktop/hh846313(v=vs.85).aspx
- Windows Minimal Interface Information: http://msdn.microsoft.com/en-us/library/windows/desktop/hh846317(v=vs.85).aspx
⎕
Ensure hosts are up-to-date with recommended Microsoft updates, to
ensure critical patches and updates – addressing security concerns or
fixes to the core OS – are applied.
⎕ Ensure all applicable Hyper-V hotfixes and Cluster hotfixes
(if applicable) have been applied. Review the following sites and
compare it to your environment, since not all hotfixes will be
applicable:
- A fellow Microsoft employee, Cristian Edwards, has recently posted a PowerShell script that detects which Hyper-V and Failover Clustering 2012 updates you are missing based on the list updated by the Microsoft Product Group! Check it out here: http://blogs.technet.com/b/cedward/archive/2013/05/24/validating-hyper-v-2012-and-failover-clustering-2012-hotfixes-and-updates-with-powershell.aspx
- Update List for Windows Server 2012 Hyper-V: http://social.technet.microsoft.com/wiki/contents/articles/15576.hyper-v-update-list-for-windows-server-2012.aspx
- List of Failover Cluster Hotfixes: http://social.technet.microsoft.com/wiki/contents/articles/15577.list-of-failover-cluster-hotfixes-for-windows-server-2012.aspx
- Failover Cluster Management snap-in crashes after you install update 2750149 on a Windows Server 2012-based failover cluster:
⎕
Ensure hosts have the latest BIOS version, as well as other hardware
devices (such as Synthetic Fibre Channel, NIC’s, etc.), to address any
known issues/supportability
⎕
Host should be domain joined, unless security standards dictate
otherwise. Doing so makes it possible to centralize the management of
policies for identity, security, and auditing. Additionally, hosts must
be domain joined before you can create a Hyper-V High-Availability
Cluster.
· For more information: http://technet.microsoft.com/en-us/library/ee941123(v=WS.10).aspx
⎕
RDP Printer Mapping should be disabled on hosts, to remove any chance
of a printer driver causing instability issues on the host machine.
- Preferred method: Use Group Policy with host servers in their own separate OU
- Computer Configuration –> Policies –> Administrative Templates –> Windows Components –> Remote Desktop Services –> Remote Desktop Session Host –> Printer Redirection –> Do not allow client printer redirection –> Set to "Enabled
⎕
Do not install any other Roles on a host besides the Hyper-V role and
the Remote Desktop Services roles (if VDI will be used on the host).
- When the Hyper-V role is installed, the host OS becomes the "Parent Partition" (a quasi-virtual machine), and the Hypervisor partition is placed between the parent partition and the hardware. As a result, it is not recommended to install additional (non-Hyper-V and/or VDI related) roles.
⎕ The only Features that should be installed on the host are: Failover Cluster Manager (if host will become part of a cluster), Multipath I/O (if host will be connecting to an iSCSI SAN, Spaces and/or Fibre Channel), or Remote Desktop Services if VDI is being used. (See explanation above for reasons why installing additional features is not recommended.)
[..]
Read the rest from on Technet or from here.
Feliratkozás:
Bejegyzések (Atom)