Initial scratch notes on getting kvm working on fritz. This will need to be integrated into SetupNewMachines and AdminArea after everything is working.

See http://wiki.hcoop.net/Migration2009/SoftwareSetup for the gist of what ClintonEbadi is trying to do here, but s/OpenVZ/KVM via libvirt/g.

1. Test Setup Notes

Nothing in particular order since it's all quite fuzzy

• Account clinton_admin has been added to the libvirt group (permits ClintonEbadi to manage kvms as his user remotely using virt-manager

• Investigated bridging and firewalling: https://bugzilla.redhat.com/show_bug.cgi?id=512206

  • This also implies that using a separate bridge per VM is ideal
  • As advised in the bug, we have disabled netfilter on the bridge

• Installed and configured: less sudo vim emacs23-nox etckeeper changetrack  openssh-server debsums logcheck bzip2 denyhosts rkhunter openafs-client ntp nscd krb5-user libpam-krb5 ssmtp libpam-afs-session openafs-krb5

1.1. Packages Config

• ssmtp

  • forward all mail for UID < 1000 to logs

  • Masquerade as hcoop.net

• PAM
  • Newfangled pam-config framework for a fresh squeeze install looks quite promising... (enabled kerberos + unix + afs session)

2. Major Open issues

• Need a Debian mirror for libnss-afs (debarchiver?)
• Exim setup (have to add to forwardable domains on deleuze)
• Automated partitioning (looks like I might have to manually craft the partman template instead of dumping it from d-i)

CategorySystemAdministration CategoryWorkInProgress