CSR Geomatics Server Setup » History » Version 2
Version 1 (Giulio Di Anastasio, 03/05/2021 11:17) → Version 2/7 (Giulio Di Anastasio, 03/05/2021 11:18)
h1. CSR Geomatics Server Setup
A dedicated server has been setup in CSR, for hosting the software and database.
Here below, technical information about the setup.
dream.csr.av (192.168.0.12)
- Debian 9
- Xen hypervisor
- libvirt for the orchestration of VMs
- management with ansible
h2. Dom0
h3. Installation
Found minor issues with the installation (eg. issues with HDDs, Dell EFI boot).
This document starts from a working Debian Xen server.
-Installed on a mirror of 2*2TB drives with btrfs.-
Update (see #7156): re-installed the OS on /dev/sdc2, ext4, without RAID/LVM.
h3. Storage for domUs
A LVM dream.csr has been created for the domUs.
h3. Networking
With systemd.networkd: bridge "br0" to the physical ethernet.
h3. Create a VM
Adjust the parameters from:
<pre>
export vm_name=infra.csr.av
export vm_ip_addr=172.16.0.3
export vm_password=foobar
</pre>
Create the domU:
<pre>
root@dream:~# xen-create-image --broadcast=172.16.0.255 --dist=stretch --fs=ext4 --gateway=172.16.0.1 --hostname ${vm_name} --ip=${vm_ip_addr} --lvm=dream.csr --maxmem=512M --memory=256M --mirror=http://ftp.de.debian.org/debian/ --netmask=255.255.255.0 --password=${vm_password} --size=10G --swap=1G --vcpus=1 --bridge=br0
</pre>
Note that IP address will be set in the VM, and the vm_ip_addr isn't actually used.
h2. DomUs
h3. Migrate XL to libvirt
After creation using xen-create-image, migrate the definition of the domU to libvirt:
<pre>
virsh -c xen:/// domxml-from-native xen-xm /etc/xen/${vm_name}.cfg > /tmp/${vm_name}.xml
virsh define /tmp/${vm_name}.xml
</pre>
From this point onward, one can log out from the dom0's console and use virsh or "Virtual Machine Manager" from your computer to administer the VM, eg:
* Set "Auto start" on dom0 boot
* Set memory limits, etc
h3. Start the domU
Use "Virtual Machine Manager" or the command:
<pre>
virsh -c xen+ssh://root@dream.csr.av/ start ${vm_name}
</pre>
h3. To do in a libvirt shell
Start a libvirt shell, with "Virtual Machine Manager" or with the command:
<pre>
virsh -c xen+ssh://root@dream.csr.av/ console ${vm_name}
</pre>
Log in as root in the libvirt console.
h4. Network config
Add @/etc/systemd/network/50-wired.network@ (adjust the IP):
<pre>
[Match]
Name=eth0
[Network]
Address=192.168.0.14/24
Gateway=192.168.0.10
DNS=192.168.0.10
</pre>
Then:
<pre>
systemctl enable --now systemd-networkd.socket
systemctl enable --now systemd-networkd.service
systemctl disable --now networking.service
</pre>
h4. Post-install ssh config
Allow ssh root login with password in @/etc/ssh/sshd_config@:
<pre>
sed -i -e 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
systemctl restart ssh.service
</pre>
From this point onwards, one can close the console session opened via @libvirt@.
h3. DNS
Log in to the local DNS server with:
<pre>
ssh root@infra.csr.av
</pre>
Update the 2 files in @/etc/bind/zones@ (@zones/db.csr.av@ @zones/db.192.168.0@) and reload the DNS with:
<pre>
rndc reload
</pre>
h3. DNS
Log in to the local DNS server, *update the 2 files in @/etc/bind9/zones@*, and run:
<pre>
rndc reload
</pre>
h3. Allow yourself to log in easily with your ssh key
Copy your ssh key to the domU: run from your own computer:
<pre>
ssh-copy-id root@${ip_addr}
</pre>
h2. Ansible
Using the Ansible project developed in Blue Light: https://redmine.bluelightav.org/projects/ansible
h3. Prepare the host
Install Python
<pre>
apt install -y python
</pre>
h2. Database
The Postgis database runs on its specific domU (gisdb.csr.av, 192.168.0.18).
h3. Installation
After installing the Postgis package (eg. assign the "postgis" Ansible's role), follow up to [[Db-support]]
h2. Jupyter
The Jupyter server runs on its specific domU (jupyter.csr.av, 192.168.0.19).
h3. Installation
See #6990 .
A dedicated server has been setup in CSR, for hosting the software and database.
Here below, technical information about the setup.
dream.csr.av (192.168.0.12)
- Debian 9
- Xen hypervisor
- libvirt for the orchestration of VMs
- management with ansible
h2. Dom0
h3. Installation
Found minor issues with the installation (eg. issues with HDDs, Dell EFI boot).
This document starts from a working Debian Xen server.
-Installed on a mirror of 2*2TB drives with btrfs.-
Update (see #7156): re-installed the OS on /dev/sdc2, ext4, without RAID/LVM.
h3. Storage for domUs
A LVM dream.csr has been created for the domUs.
h3. Networking
With systemd.networkd: bridge "br0" to the physical ethernet.
h3. Create a VM
Adjust the parameters from:
<pre>
export vm_name=infra.csr.av
export vm_ip_addr=172.16.0.3
export vm_password=foobar
</pre>
Create the domU:
<pre>
root@dream:~# xen-create-image --broadcast=172.16.0.255 --dist=stretch --fs=ext4 --gateway=172.16.0.1 --hostname ${vm_name} --ip=${vm_ip_addr} --lvm=dream.csr --maxmem=512M --memory=256M --mirror=http://ftp.de.debian.org/debian/ --netmask=255.255.255.0 --password=${vm_password} --size=10G --swap=1G --vcpus=1 --bridge=br0
</pre>
Note that IP address will be set in the VM, and the vm_ip_addr isn't actually used.
h2. DomUs
h3. Migrate XL to libvirt
After creation using xen-create-image, migrate the definition of the domU to libvirt:
<pre>
virsh -c xen:/// domxml-from-native xen-xm /etc/xen/${vm_name}.cfg > /tmp/${vm_name}.xml
virsh define /tmp/${vm_name}.xml
</pre>
From this point onward, one can log out from the dom0's console and use virsh or "Virtual Machine Manager" from your computer to administer the VM, eg:
* Set "Auto start" on dom0 boot
* Set memory limits, etc
h3. Start the domU
Use "Virtual Machine Manager" or the command:
<pre>
virsh -c xen+ssh://root@dream.csr.av/ start ${vm_name}
</pre>
h3. To do in a libvirt shell
Start a libvirt shell, with "Virtual Machine Manager" or with the command:
<pre>
virsh -c xen+ssh://root@dream.csr.av/ console ${vm_name}
</pre>
Log in as root in the libvirt console.
h4. Network config
Add @/etc/systemd/network/50-wired.network@ (adjust the IP):
<pre>
[Match]
Name=eth0
[Network]
Address=192.168.0.14/24
Gateway=192.168.0.10
DNS=192.168.0.10
</pre>
Then:
<pre>
systemctl enable --now systemd-networkd.socket
systemctl enable --now systemd-networkd.service
systemctl disable --now networking.service
</pre>
h4. Post-install ssh config
Allow ssh root login with password in @/etc/ssh/sshd_config@:
<pre>
sed -i -e 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
systemctl restart ssh.service
</pre>
From this point onwards, one can close the console session opened via @libvirt@.
h3. DNS
Log in to the local DNS server with:
<pre>
ssh root@infra.csr.av
</pre>
Update the 2 files in @/etc/bind/zones@ (@zones/db.csr.av@ @zones/db.192.168.0@) and reload the DNS with:
<pre>
rndc reload
</pre>
h3. DNS
Log in to the local DNS server, *update the 2 files in @/etc/bind9/zones@*, and run:
<pre>
rndc reload
</pre>
h3. Allow yourself to log in easily with your ssh key
Copy your ssh key to the domU: run from your own computer:
<pre>
ssh-copy-id root@${ip_addr}
</pre>
h2. Ansible
Using the Ansible project developed in Blue Light: https://redmine.bluelightav.org/projects/ansible
h3. Prepare the host
Install Python
<pre>
apt install -y python
</pre>
h2. Database
The Postgis database runs on its specific domU (gisdb.csr.av, 192.168.0.18).
h3. Installation
After installing the Postgis package (eg. assign the "postgis" Ansible's role), follow up to [[Db-support]]
h2. Jupyter
The Jupyter server runs on its specific domU (jupyter.csr.av, 192.168.0.19).
h3. Installation
See #6990 .