Posts filed under 'General'
The goal of this article is to document the process of setting up a basic KVM instance the hard way. That is, without using GUI tools, magic scripts, VNC’d installers, etc.
Pretty much all of the KVM guides I’ve seen assume you’re sitting at the physical box you’re deploying the VMs on and have access to the local display (i.e. they use GUI tools). Or they assume you just want a magic script to do it all for you. Or they assume you want to sit there and click through the debian-installer over a VNC session.
None of those options sound particularly fun or interesting. Below is a step-by-step guide to getting a KVM instance running the hard way. Most of the information can actually be found by pulling apart Hardy’s ubuntu-vm-builder script. I’m using Debian Lenny as Etch doesn’t have some of the necessary tools, for example kpartx for mapping partitions on a loopback device. Also we assume a 64-bit host and guest, though it should be fairly obvious how to use other numbers of bits. I decided to document the process mainly as a reference, but also as an education in the underlying process.
Let’s begin. First, we need a disk image to work with. Create a 5GB raw image using qemu-img:
$ qemu-img create -f raw lenny-base.raw 5G
Now, create a loopback device for it:
# losetup /dev/loop0 lenny-base.raw
Partition the loopback device using fdisk. I use a single primary partition in this article.
# fdisk /dev/loop0
Now we need to create device-mapper entries for each of the partitions on the loopback device:
# kpartx -a /dev/loop0
If you made a single partition on /dev/loop0, there will now be a device-mapper block device at /dev/mapper/loop0p1, which you can go ahead and make a filesystem on and bootstrap to whatever flavour of Debian/Ubuntu you’d like. You’ll also want to remember the UUID of the root filesystem for later. For example,
# mke2fs -j /dev/mapper/loop0p1
# vol_id --uuid /dev/mapper/loop0p1 > target.uuid
# mkdir /mnt/target
# mount /dev/mapper/loop0p1 /mnt/target
# debootstrap lenny /mnt/target http://ftp.nz.debian.org/debian
At this point, the bootstrapped filesystem will need some manual setting up. In particular you’ll need to
- Set up /etc/hostname
- Set up /etc/hosts
- Set up /etc/fstab (you’ll want to use the UUID you saved before)
- Enable serial getty in /etc/inittab (important, we’ll use this for initial login)
Copy the following into the target’s /etc/kernel-img.conf:
do_symlinks = yes
relative_links = yes
do_bootfloppy = no
do_initrd = yes
link_in_boot = no
postinst_hook = update-grub
postrm_hook = update-grub
do_bootloader = no
Now we need to install a kernel and set up the boot-loader.
# chroot /mnt/target
target # apt-get install linux-image-amd64 grub
target # mkdir -p /boot/grub
target # cp /usr/lib/grub/x86_64-pc/* /boot/grub
Exit from the target’s chroot. Now we’re back in the host, we need to install grub into the MBR of the disk image. You’ll need that UUID for the root filesystem from before. This step requires the host’s /dev to be bind-mounted into the target’s filesystem
# mount --bind /dev /mnt/target/dev
# echo "(hd0) lenny-base.raw" >> device.map
# grub --device-map=device.map
grub>root (hd0,0)
grub>setup (hd0)
grub>quit
# echo "(hd0) UUID=UUID of target root fs goes here" >> /mnt/target/boot/grub/device.map
# chroot /mnt/target
target # update-grub
update-grub will have written a basic menu.lst, but because it’s using the host’s /dev it will be pointing to the wrong place. Edit the target’s /boot/grub/menu.lst to use the UUID of the filesystem and not use the loop0 device. So, open up the target’s /boot/grub/menu.lst, search for the line:
# kopt_2_6 root=/dev/mapper/loop0p1 ro
and replace /dev/mapper/loop0p1 with
UUID=the uuid of the root filesystem
so it will look something like (make sure the # is still at the start of the line):
# kopt_2_6 root=UUID=81af6388-cca5-4bf2-99dc-a47c81c00445 ro
Also, replace the line groot=(loop0p1) with groot=(hd0,0). Again, it’s “commented out”. Now we need to update grub again.
# chroot /mnt/target
target # update-grub
target # exit
Almost done… At this point check that you’ve enabled the serial getty in the target’s /etc/inittab file as we’re going to boot the VM and use the serial console to do the initial login. Of course, you could install SSH in the chroot, set up networking and forget about the serial console, but it’s interesting none the less. The other alternative is to use VNC to connect to the console, but that’s the easy way out, though you will get boot messages, so if something goes wrong you’ll get to see why.
Unmount everything:
# umount /mnt/target/dev
# umount /mnt/target
# kpartx -d /dev/loop0
# losetup -d /dev/loop0
Now boot your shiny new VM:
# kvm -nographic -serial pty -drive file=lenny-base.raw,if=virtio,index=0,boot=on -daemonize
If all goes well you’ll see something like:
char device redirected to /dev/pts/10
Use minicom to connect to that pseudo-terminal and login to your new VM. Done! Sure it would have been easier if you’d just used a script or a graphical tool, but we got there in the end.
At this point the VM isn’t overly useful without networking, but there’s plenty of documentation in the qemu man pages about the options to enable a virtual NIC. There’s also options for changing the amount of RAM the guest is allocated, the number of CPUs, virtual disks, etc. Go RTFM.
Another option from here is to create a libvirt XML description of your VM and use virsh to manage it. This makes networking and management a bit easier, but isn’t necessary.
Enjoy!
August 28th, 2008
A few days ago I received my copy of “Ghosts” in the mail. I paid $10USD about a month ago and got the FLACs that day and have been listening to them ever since. Having the physical CDs now is a nice bonus - in fact, I haven’t even bothered to take them out of the shrink-wrap plastic 
You might remember that “Ghosts” was released under a Creative Commons license and the MP3 versions were available for free (legitimately) via Bittorrent. Paying a bit extra got you the physical CDs (or Blu-ray or vinyl depending on how much you wanted to spend). “Ghosts” was released independent of any major label with no advertising yet the album was a huge success for Nine Inch Nails.
So, I was having a kick around musicbrainz and noticed a NIN release I hadn’t heard of - “The Slip”. I went to nin.com and this is what I found:
Click HERE to get the new full-length nine inch nails record: the slip (thank you for your continued and loyal support over the years - this one’s on me)
A couple of clicks later and I’m downloading FLACs of a brand new NIN album via Bittorrent for free and contemplating whether I want to spend 1.2GB of my monthly data cap on the 24kbit/96kHz WAV files So, if you’re a NIN fan, join the swarm!
It’s a great time to be a Nine Inch Nails fan.
May 9th, 2008
On the weekend Emily and I decided that we needed to do more outdoorsy stuff, so we went and found a nice little walk on Mt. Pirongia, just out of Hamilton. We did the “Mangakara Nature Walk“, which is a loop through some native bush and crosses the Mangakara stream. It took us about an hour which included a stop of about twenty minutes for a picnic by the stream - how quaint. The walk itself was very easy and the track was well-formed the entire way. The scenery was stunning - apparently that part of the forest is pretty much pristine native bush as it has never been cleared.
The plan is to make our way through the various walks and then move on to something a little more challenging. Eventually I’d like to take Emily on the Tongariro Northern Crossing which was part of a three-day hike I did when I was in high-school.
Photos on flickr as I can’t seem to get this flickr plugin working 
October 29th, 2007
Leopard now comes with a built-in SSH agent. The really nice thing about it is that it integrates with your user’s Keychain. So, the first time you try to unlock your SSH key a dialog will appear asking you for its password along with an option to save that password in your Keychain.
On Tiger I was using SSHKeychain to achieve this, but it had a nasty bug where it would randomly start to consume 100% of a CPU. This chewed through my Macbook Pro’s battery, which was a pain. If you’ve been using a third party SSH agent and want to switch to the built-in agent, make sure to check that you’re not manually setting the SSH_AUTH_SOCK environment variable, which is something I had to do to get SSHKeychain working.
If launch-services is managing your SSH agent, it should look something like:
kenshin:~ scottr$ echo $SSH_AUTH_SOCK
/tmp/launch-fTiPvL/Listeners
Otherwise, check your various profile settings, and check to make sure your third party agent isn’t set as a launch item. You’ll have to log out for this to take effect. Once launch-services is managing your SSH_AUTH_SOCK, logging into OS X will unlock your keychain and allow the ssh-agent to unlock your SSH keys without having to enter another password.
October 28th, 2007
I installed Leopard last night and as I was browsing my local network I noticed something kinda funny… apparently this is what a Windows PC looks like:
October 27th, 2007
I’m sure that no-one has noticed that I’ve been fairly silent on the blogging front for a while. I took a three month break from the Ph.D to do some work for Cambridge Silicon Radio. The experience working on a real-world project was great and the project itself was both interesting and challenging.
I am however looking forward to getting back into the Ph.D work. I’ve still got a week or so before the Ph.D kicks back in so at the moment I’m doing some driver work for RuralLink - specifically getting MadWiFi working better on the CPE/AP devices.
I spent a week or so before the CSR work started looking into performance improvements for MadWiFi. After spending quite a bit of time with oprofile I found a couple of areas in the driver which were causing a large number of PCI transactions to take place unnecessarily. Now, on a laptop or desktop platform this didn’t really make much difference. On an already resource-starved platform such as the Soekris 4526 however, this was resulting in some pretty significant overhead. A couple of patches to MadWiFi later (a couple merged upstream already, one that’s a bit more of a hack specific to our needs) and we’re seeing some much nicer throughput numbers. Off the top of my head, we went from being able to bridge about 9-10 Mbit/s of traffic over wireless through the wired ethernet to about ~15 Mbit/s.
The other neat hack we did was to create a transparent wireless bridge by hacking the ad-hoc demo mode to use 4-address 802.11 frames. This could already be done in other modes, but we really like ad-hoc demo due to its utter simplicity - no associations, no beacons, nothing - just passing frames.
Right now we’re working on implementing our own rate control algorithm. We seem to run into far too many problems on our networks with rate control and Perry came up with a neat idea - as is his wont - so we’re running with it. At the same time we’re looking at using it as a chance to collect large amounts of performance data to give us some deeper knowledge as to what’s going on on our networks. Hopefully lots more info on that soon.
At some point in the (very) near future I need to start thinking about the Ph.D again - I’m starting to think that I should be putting more of a measurement focus into it, but I need to nail down a few ideas first. And maybe play a bit of Guitar Hero as well 
August 9th, 2007
I was playing with setting up bind for my local network at home yesterday and forgot a semi-colon at the end of the localdomain zone. Of course, I’d removed localhost and mugen (the name of the machine I was using) from /etc/hosts so that I could test bind. Restart bind, ping mugen, fail. Oh well… sudo vim /etc/bind/named.conf… sudo can’t look up mugen using gethostbyname(). Shit. No sudo for me. No root user either. Eventually fixed by connecting a monitor and keyboard and starting in single user mode.
Moral of the story? Don’t screw up your resolver if you like having sudo.
March 1st, 2007
Go check out FON. What a cool idea. Basically if you share your WiFi, you’ll get free access to other Fonero’s (members of the FON community) WiFi. You can either buy a FON WiFi “social” router straight from their website, or if you’ve got a compatible router (such as the Linksys WRT54G) you can download a customised version of OpenWRT and roll your own FON AP.
The APs broadcast two ESSID’s, one for your private WiFi network, and another that others can connect to after authenticating as part of the FON community. One of the really cool things about it is that you’ve got different types of Fonero. For example, a “Linus” will give away free WiFi to other Foneros, and in return gets free roaming to other FON APs. An “Alien” is someone who isn’t part of the FON community, but they can still use the FON network by buying a day pass for 3 euros. Finally, a “Bill” can forego the free roaming side of things and instead opt for a 50% cut of the money that Aliens pay to access the network through their AP.
FON’s got some pretty major investment partners too. They’ve partnered with Skype to launch a WiFi handset that will allow free Skype calls from FON APs. Google’s in as well, although it’s not clear what they are offering, besides money. Google does run some fairly large WiFi networks IIRC, so it’s possible those will turn into FON AP’s as well.
Of course, there’s the obligatory Web 2.0 mash-up, where you can bring up a Google Maps interface and find FON APs around the globe. I had a quick look and there don’t seem to be any in Oceania at all.
Unfortunately I can’t really see the relevance of this in a place like Hamilton. Free WiFi would work in built-up cities that consist of nothing but high-rise apartments, but who’s going to want to sit outside my house in Hamilton East and use my FON AP? It’s not like there’s a nice cafe close enough to sit and swill coffee while you surf. Most New Zealand towns just don’t have the population density to support it. Then again, that might be a good thing. Open up a FON AP, watch as no one uses your monthly data allowance and then get access to free FON points around the world. Now all I need to do is travel. At least I know I’ll be able to get WiFi when I next visit Muscat, Oman.
Hmm…
February 1st, 2007
The best thing about the OpenMoko platform is the fact that it’s open. Don’t like something about your phone? Well, change it! It also means that someone can have an idea for a feature and see it come to fruition very quickly. As well as that, we can integrate right into the phone’s UI and core functionality, rather than being restricted to being a separate Java (or whatever) applet.
So I was thinking about some of the things I’d like my phone to do. One of those things would be timed profile activation, but with a twist. You’ve got a smartphone, so it syncs with iCal, Evolution, Exchange, whatever, so it knows when your meetings/lectures/appointments are already. So why not automatically switch the phone to it’s “meeting” profile when you’re in a meeting? You’re not explicitly telling the phone to go silent from 3-4pm, it just “knows” that when you’re in a meeting (which you have with Bob today at 3, by the way - would you like me to send him an SMS reminder?) you’d like it to be quiet. Wouldn’t that be nice. Maybe modern smartphones already do this… who knows.
Location-based profile activation via GPS came to mind as well, but without coverage indoors and GPS’s relatively low fix resolution it might not be completely feasible. You could of course say “When I’m at work do this, and when I’m at home do that”, but you wouldn’t be able to say, “When I’m in the tearoom do something else”.
I’m sure there are plenty of other interesting things that could be done. I think I need to go find something to do or I’m going to be up all night thinking about it
January 30th, 2007
… but I’ve found someone else. It was a brief romance, based mainly on that special kind of geek lust. The promise of something totally revolutionary, a wake up call for the handset industry busy basking in it’s own mediocrity. And, it was shiny. But as the Reality Distortion Field wore off, and we came to find out more about you, things started to look grim. The killer was the closed ecosystem.
Enter OpenMoko. Yes, it’s “old news”, and mattb blogged about it a few days ago, but I only became aware of it today, and boy did it hit that last nail into iPhone’s coffin (well, for me at least).
The Neo1973 lacks some of the nicer features of the iPhone, such as WiFi and built-in storage. However, WiFi is being worked on for a future release, and given the micro-SD slot, storage shouldn’t be an issue (plus, it’s upgradeable). It lacks a camera, but to be honest, I don’t care. The Neo1973 also lacks decent mobile data support with GPRS. Then again, iPhone isn’t 3G either. Both phones are quad-band GSM.
But even with all these “lacking” features, the Neo1973 has some really nice things that iPhone doesn’t. GPS, for instance. It also sports a very nice sounding 2.8″ TFT screen at 640×480 pixels compared to iPhone’s bigger but lower resolution screen (3.5″ at 320×480). That’s a hell of a resolution for a 2.8″ screen. The Neo1973 will also be carrier neutral and be sold directly from the manufacturer from their website, with worldwide shipping.
And the kicker of course is that it runs Linux and the whole stack is open. I like the fact that developers (well, anyone really) will be able to buy one before public release, as this will ensure that there are some really good apps available when it does come out. I really really want one, but I’m not sure I want to buy a smartphone without WiFi. I think I’ll wait for version 2 (developer release in September ‘07 according to the current timeline) to see if it gets WiFi and better mobile data. If it does, I’ll be all over it. Until then, I’ll continue to live with my trusty three-year-old Nokia.
January 30th, 2007
Previous Posts