Project

General

Profile

History

Wiki » Software architecture »

CSR Geomatics Server Setup

A dedicated server has been setup in CSR, for hosting the software and database.

Here below, technical information about the setup.

dream.csr.av (192.168.0.12)

- Debian 9
- Xen hypervisor
- libvirt for the orchestration of VMs
- management with ansible

Dom0

Installation

Found minor issues with the installation (eg. issues with HDDs, Dell EFI boot).
This document starts from a working Debian Xen server.

Installed on a mirror of 2*2TB drives with btrfs.

Update (see #7156): re-installed the OS on /dev/sdc2, ext4, without RAID/LVM.

Storage for domUs

A LVM dream.csr has been created for the domUs.

Networking

With systemd.networkd: bridge "br0" to the physical ethernet.

Create a VM

Adjust the parameters from:

export vm_name=infra.csr.av
export vm_ip_addr=172.16.0.3
export vm_password=foobar

Create the domU:

root@dream:~# xen-create-image --broadcast=172.16.0.255 --dist=stretch --fs=ext4 --gateway=172.16.0.1 --hostname ${vm_name} --ip=${vm_ip_addr} --lvm=dream.csr --maxmem=512M --memory=256M --mirror=http://ftp.de.debian.org/debian/ --netmask=255.255.255.0 --password=${vm_password} --size=10G --swap=1G --vcpus=1 --bridge=br0

Note that IP address will be set in the VM, and the vm_ip_addr isn't actually used.

DomUs

Migrate XL to libvirt

After creation using xen-create-image, migrate the definition of the domU to libvirt:

virsh -c xen:/// domxml-from-native xen-xm /etc/xen/${vm_name}.cfg > /tmp/${vm_name}.xml
virsh define /tmp/${vm_name}.xml

From this point onward, one can log out from the dom0's console and use virsh or "Virtual Machine Manager" from your computer to administer the VM, eg:

  • Set "Auto start" on dom0 boot
  • Set memory limits, etc

Start the domU

Use "Virtual Machine Manager" or the command:

virsh -c xen+ssh://root@dream.csr.av/ start ${vm_name}

To do in a libvirt shell

Start a libvirt shell, with "Virtual Machine Manager" or with the command:

virsh -c xen+ssh://root@dream.csr.av/ console ${vm_name}

Log in as root in the libvirt console.

Network config

Add /etc/systemd/network/50-wired.network (adjust the IP):

[Match]
Name=eth0

[Network]
Address=192.168.0.14/24
Gateway=192.168.0.10
DNS=192.168.0.10

Then:

systemctl enable --now systemd-networkd.socket
systemctl enable --now systemd-networkd.service
systemctl disable --now networking.service

Post-install ssh config

Allow ssh root login with password in /etc/ssh/sshd_config:

sed -i -e 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
systemctl restart ssh.service

From this point onwards, one can close the console session opened via libvirt.

DNS

Log in to the local DNS server with:

ssh root@infra.csr.av

Update the 2 files in /etc/bind/zones (zones/db.csr.av zones/db.192.168.0) and reload the DNS with:

rndc reload

DNS

Log in to the local DNS server, update the 2 files in /etc/bind9/zones, and run:

rndc reload

Allow yourself to log in easily with your ssh key

Copy your ssh key to the domU: run from your own computer:

ssh-copy-id root@${ip_addr}

Ansible

Using the Ansible project developed in Blue Light: https://redmine.bluelightav.org/projects/ansible

%{color:#2369ff;font-size: 1.1em;} Prepare the host

Install Python

apt install -y python

Database

The Postgis database runs on its specific domU (gisdb.csr.av, 192.168.0.18).

Installation

After installing the Postgis package (eg. assign the "postgis" Ansible's role), follow up to Db-support

Jupyter

The Jupyter server runs on its specific domU (jupyter.csr.av, 192.168.0.19).

Installation

See #6990 .