[Qemu-devel] Virt Tools Survey: What to do about virt-clone

[Qemu-devel] Virt Tools Survey: What to do about virt-clone

[Richard W.M. Jones]

I've volunteered for the task of fixing virt-clone[0].  There are a
number of bugs which need to be addressed.  Unfortunately the current
virt-clone is broken-by-design since it cannot make changes inside the
guest.

  [0] http://linux.die.net/man/1/virt-clone

The bugs boil down to what Microsoft calls "sysprepping" the clone,
which is to say, removing its existing identity, hostname, ssh host
keys, persistent network rules, host SID and workgroup name (for
Windows).  It's helpful for Linux guests to remove some of this
stuff[1] -- it will make the cloning process smoother.  For Windows
it's absolutely required[2].

  [1] https://rwmj.wordpress.com/2010/09/24/tip-my-procedure-for-cloning-a-fedora-vm/
  [2] http://technet.microsoft.com/en-us/library/cc721940%28WS.10%29.aspx

All that virt-clone can do now is to copy the guest and make some
simple changes to the libvirt XML (eg. giving it a new MAC address).
It doesn't even address the sysprepping problem.

The problem with sysprepping is that it's hard to do, and it's
different for every operating system.  I've summarized some of the
techniques below.  Worse than that, for some OSes there are different
levels of sysprepping that an administrator might want; also see
below.

So I'd like feedback from "virt-clone next generation" users:

(a) Is cloning guests useful for you or not?  Often or infrequently?

(b) Do you currently use virt-clone to clone guests?

(c) Do you have a homebrew method to clone guests?  What does it do?

(d) Do you use another tool to clone guests?  (And how is it?)

(e) When you clone a guest, do you "sysprep" it or would you like to?
(Using the term "sysprep" generically here, I mean any sort of
reinitialization for Linux or Windows guests).

(f) How do you feel about a multi-step process?

  virt-clone -> virt-sysprep -> virt-resize (for example)

(g) Have you had other problems with cloning guests?

(h) What have I missed out in this analysis?  What other features have
you missed in virt-clone?

Sysprepping Windows
-------------------

This is a complex, manual process.  We do some steps to automate it in
RHEV.  It's best to read Microsoft's online documentation at
[2][3][4].

  [3] http://support.microsoft.com/kb/302577
  [4] http://blogs.technet.com/b/megand/archive/2005/01/20/357570.aspx

Fedora
------

In theory you can just write a file /.unconfigured in the root, and
Fedora will go through the firstboot process at next boot (it will
reset timezone, root password, netconfig, keyboard, authentication).

Some admins will *not* want all of these things to be reset, and will
want either a lesser degree of unconfiguration, or will want to
control each thing manually.

I'm not totally convinced that this hasn't been broken by systemd
introduction in Fedora 15.

general Linux
-------------

See [1].

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine.  Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/

Re: [Qemu-devel] [fedora-virt] Virt Tools Survey: What to do about virt-clone

[Chris Lalancette]

On 05/10/11 - 12:56:30PM, Richard W.M. Jones wrote:
> Sysprepping Windows
> -------------------
> 
> This is a complex, manual process.  We do some steps to automate it in
> RHEV.  It's best to read Microsoft's online documentation at
> [2][3][4].
> 
>   [3] http://support.microsoft.com/kb/302577
>   [4] http://blogs.technet.com/b/megand/archive/2005/01/20/357570.aspx

Note that Oz[1] can do some of this.  There is a side-branch of Oz called
"win2k8customize" that has some of this sysprepping functionality built-in.
It's not on master at the moment because it requires something of a hacked-up
tool called "winexe", but we are in the process of finding a replacement
for "winexe" at the moment.

-- 
Chris Lalancette

[1] http://aeolusproject.org/oz.html

Re: [Qemu-devel] Virt Tools Survey: What to do about virt-clone

[Michal Suchanek]

On 10 May 2011 13:56, Richard W.M. Jones <rjones@redhat.com> wrote:

> So I'd like feedback from "virt-clone next generation" users:
>
> (a) Is cloning guests useful for you or not?  Often or infrequently?

I clone guests quite often.

>
> (b) Do you currently use virt-clone to clone guests?

no

>
> (c) Do you have a homebrew method to clone guests?  What does it do?
>
> (d) Do you use another tool to clone guests?  (And how is it?)

I use cp(1)
>
> (e) When you clone a guest, do you "sysprep" it or would you like to?
> (Using the term "sysprep" generically here, I mean any sort of
> reinitialization for Linux or Windows guests).

I don't clone Linux much. I would find a script to goes through the
steps like resetting
/etc/udev/rules.d/70-persistent-net.rules and SSH keys handy. However,
not all needs resetting in all cases. Also this is not specific to
virt-clone, this is just a guest application which could be packaged
for distributions regardless of qemu virt-clone or whatever. Adding an
option to trigger it would be handy I guess (eg. a kernel boot
parameter which could be controlled from outside and also read by an
initscript included with such application).

Also the administrator might pre-configure this sysprepping
application to do the right thing, by default it could be interactive
I guess.

For Windows I uninstall the "ACPI compliant computer" device and run
my sysprep script when I want to run multiple instances of the guest
later. This requires a PS/2 keyboard (or emulation).

I don't think you can find a solution to easily trigger such process
on Windows. If you manage to do the above fully automatically you can
also include a script that checks for a file (or a kernel option of
that is possible in Windows) and triggers the process.

>
> (f) How do you feel about a multi-step process?
>
>  virt-clone -> virt-sysprep -> virt-resize (for example)

It's ok to have multiple tools.

Some people would want to use them separately or from scripts some
would want an UI to run all at once so it's good idea to design the
interface both intelligible and machine-usable.


Thanks

Michal

Re: [Qemu-devel] [virt-tools-list] Virt Tools Survey: What to do about virt-clone

[Bruno Lamps]

[-- Attachment #1: Type: text/plain, Size: 5212 bytes --]

>
> (a) Is cloning guests useful for you or not?  Often or infrequently?
>

I clone VMs once os twice a month. It's usefull for creating test
environments for the applications this company runs, and to safely backup a
VM before doing some change of update.

(b) Do you currently use virt-clone to clone guests?
>

I use virt-manager. Don't know what command virt-manager uses. I just right
click the VM and clone it.

(c) Do you have a homebrew method to clone guests?  What does it do?


I don't. If I need to clone a VM without virt-manager, I would make copies
of VM hard disk and vm XML, you know, manually copy the stuff.

(d) Do you use another tool to clone guests?  (And how is it?)


No, I don't.

(e) When you clone a guest, do you "sysprep" it or would you like to?
> (Using the term "sysprep" generically here, I mean any sort of
> reinitialization for Linux or Windows guests).
>

I don't. Just change the MAC address (specially in windows guests).

(f) How do you feel about a multi-step process?


I really would enjoy having more options when cloning machine, could save
lots of time in here. I don't resize cloned machines, for example. When I
need to change the size of the cloned machine, I just create a new one from
scratch.

(g) Have you had other problems with cloning guests?
>

If I change the Mac address of the NICs of a linux guest, O.S. can't find
the NIC anymore. It's a problem to me, since I started working with linux
servers about a year ago and I'm still (! lol) not familiar with "manually
adding hardware"...

(h) What have I missed out in this analysis?  What other features have
> you missed in virt-clone?
>

Can't remember any right now... =D

On Tue, May 10, 2011 at 8:56 AM, Richard W.M. Jones <rjones@redhat.com>wrote:

> I've volunteered for the task of fixing virt-clone[0].  There are a
> number of bugs which need to be addressed.  Unfortunately the current
> virt-clone is broken-by-design since it cannot make changes inside the
> guest.
>
>  [0] http://linux.die.net/man/1/virt-clone
>
> The bugs boil down to what Microsoft calls "sysprepping" the clone,
> which is to say, removing its existing identity, hostname, ssh host
> keys, persistent network rules, host SID and workgroup name (for
> Windows).  It's helpful for Linux guests to remove some of this
> stuff[1] -- it will make the cloning process smoother.  For Windows
> it's absolutely required[2].
>
>  [1]
> https://rwmj.wordpress.com/2010/09/24/tip-my-procedure-for-cloning-a-fedora-vm/
>  [2] http://technet.microsoft.com/en-us/library/cc721940%28WS.10%29.aspx
>
> All that virt-clone can do now is to copy the guest and make some
> simple changes to the libvirt XML (eg. giving it a new MAC address).
> It doesn't even address the sysprepping problem.
>
> The problem with sysprepping is that it's hard to do, and it's
> different for every operating system.  I've summarized some of the
> techniques below.  Worse than that, for some OSes there are different
> levels of sysprepping that an administrator might want; also see
> below.
>
> So I'd like feedback from "virt-clone next generation" users:
>
> (a) Is cloning guests useful for you or not?  Often or infrequently?
>
> (b) Do you currently use virt-clone to clone guests?
>
> (c) Do you have a homebrew method to clone guests?  What does it do?
>
> (d) Do you use another tool to clone guests?  (And how is it?)
>
> (e) When you clone a guest, do you "sysprep" it or would you like to?
> (Using the term "sysprep" generically here, I mean any sort of
> reinitialization for Linux or Windows guests).
>
> (f) How do you feel about a multi-step process?
>
>  virt-clone -> virt-sysprep -> virt-resize (for example)
>
> (g) Have you had other problems with cloning guests?
>
> (h) What have I missed out in this analysis?  What other features have
> you missed in virt-clone?
>
> Sysprepping Windows
> -------------------
>
> This is a complex, manual process.  We do some steps to automate it in
> RHEV.  It's best to read Microsoft's online documentation at
> [2][3][4].
>
>  [3] http://support.microsoft.com/kb/302577
>  [4] http://blogs.technet.com/b/megand/archive/2005/01/20/357570.aspx
>
> Fedora
> ------
>
> In theory you can just write a file /.unconfigured in the root, and
> Fedora will go through the firstboot process at next boot (it will
> reset timezone, root password, netconfig, keyboard, authentication).
>
> Some admins will *not* want all of these things to be reset, and will
> want either a lesser degree of unconfiguration, or will want to
> control each thing manually.
>
> I'm not totally convinced that this hasn't been broken by systemd
> introduction in Fedora 15.
>
> general Linux
> -------------
>
> See [1].
>
> Rich.
>
> --
> Richard Jones, Virtualization Group, Red Hat
> http://people.redhat.com/~rjones
> virt-df <http://people.redhat.com/%7Erjones%0Avirt-df> lists disk usage of
> guests without needing to install any
> software inside the virtual machine.  Supports Linux and Windows.
> http://et.redhat.com/~rjones/virt-df/
>
> _______________________________________________
> virt-tools-list mailing list
> virt-tools-list@redhat.com
> https://www.redhat.com/mailman/listinfo/virt-tools-list
>

[-- Attachment #2: Type: text/html, Size: 7475 bytes --]

Re: [Qemu-devel] [virt-tools-list] Virt Tools Survey: What to do about virt-clone

[Decker, Schorschi]

(a) Is cloning guests useful for you or not?  Often or infrequently?

Our end-users are quite virtualization aware, they have demanded that we
support a number of features in our virtual infrastructure, this
included.  It will be used frequently and often, maybe 100s of times a
day across our global infrastructure.

(b) Do you currently use virt-clone to clone guests?

Only in the lab, cloning or templating is a new initiative in our
maturing design, so the timing of revamping this is perfect for our
plans over the next few months.

(c) Do you have a homebrew method to clone guests?  What does it do?

Yes, we often migrate and/or clone VMs in the lab between VMware and KVM
and Hyper-V and back again.  VMware and KVM is quite easy, given the
flexibility of common shared storage support and VM disks in RAW format
adaptable to VMware and KVM.  Hyper-V has its own challenges given its
limitations by design.  For VMware to KVM and back, we have a few bash
scripts that we use.  Migrations are straight-forward, since no
personality customization is needed, but true clones, which we use for
SPECVirt analysis for example, we have to remove/reapply personality.
This is not trivial, since we have a lot of applications in our base
image that are infrastructure aware, and require reconfiguration, or
re-initialization, beyond the typical sysprep or OS level changes.
Windows is especially painful on this point.  Our personality management
scripting is in a constant state of change because we are routinely
updating our core images.

(d) Do you use another tool to clone guests?  (And how is it?)

We have used platespin off and on, and of course use various tools and
methods core to WAIK tool set for Windows.  But custom scripting is the
significant 800 pound gorilla in the room on this point.  A specific in
VM agent or service that would explicitly support re-personalization
regardless of OS or application level would be of great benefit, since
meta-data or a back-end database could drive the re-personalization,
provided a more stateless model.  Especially for Windows this might be
an idea worth consideration.  BladeLogic, Ops-ware, Altaris, etc. all
use some form of this idea, but they are also focused on provisioning in
general so the meta-data driven re-personalization gets lost in the
overall product.

(e) When you clone a guest, do you "sysprep" it or would you like to?
(Using the term "sysprep" generically here, I mean any sort of
reinitialization for Linux or Windows guests).

Sysprep is fine as a place to start, but even when Microsoft wrote
sysprep, it was an idea that was ignored for a long time, and it was
never focused on, the world has since gone forward, so sysprep is at
best, only a starting point for what is needed to abstract personality.
A better solution would be that we image/clone the personality specific
deltas and archive them to a library, rather than complete clones that
have personality logic staged for implementation on first boot.

(f) How do you feel about a multi-step process?

  virt-clone -> virt-sysprep -> virt-resize (for example)

As long as any GUI and CLI (as well as API) are consistent in feature
set and flow, multi-step is fine.   We need to be able to completely
automate the process, since we would drive it from a self-serve web
portal concept.

(g) Have you had other problems with cloning guests?

Nothing beyond what was outlined above.  Abstracting of personality at
OS and application level is key for us.

(h) What have I missed out in this analysis?  What other features have
you missed in virt-clone?

No specifically to virt-clone but in general, abstracting the common
code, to common library or binary, so that virt-manager, virsh, etc. all
reference the same design, feature, and executables, is the strategic
direction that should be followed.  The idea that different code is
trying to implement same concepts in different tools makes no long term
strategic sense for the KVM platform in general.


Schorschi Decker

VP; Sr. Consultant Engineer
ET&D Emerging Technologies / Virtualization Platform Engineering Team
Bank of America

-----Original Message-----
From: virt-tools-list-bounces@redhat.com
[mailto:virt-tools-list-bounces@redhat.com] On Behalf Of Richard W.M.
Jones
Sent: Tuesday, 10 May, 2011 04:57
To: virt-tools-list@redhat.com; Cole Robinson
Cc: virt@lists.fedoraproject.org; qemu-devel@nongnu.org
Subject: [virt-tools-list] Virt Tools Survey: What to do about
virt-clone

I've volunteered for the task of fixing virt-clone[0].  There are a
number of bugs which need to be addressed.  Unfortunately the current
virt-clone is broken-by-design since it cannot make changes inside the
guest.

  [0] http://linux.die.net/man/1/virt-clone

The bugs boil down to what Microsoft calls "sysprepping" the clone,
which is to say, removing its existing identity, hostname, ssh host
keys, persistent network rules, host SID and workgroup name (for
Windows).  It's helpful for Linux guests to remove some of this stuff[1]
-- it will make the cloning process smoother.  For Windows it's
absolutely required[2].

  [1]
https://rwmj.wordpress.com/2010/09/24/tip-my-procedure-for-cloning-a-fed
ora-vm/
  [2]
http://technet.microsoft.com/en-us/library/cc721940%28WS.10%29.aspx

All that virt-clone can do now is to copy the guest and make some simple
changes to the libvirt XML (eg. giving it a new MAC address).
It doesn't even address the sysprepping problem.

The problem with sysprepping is that it's hard to do, and it's different
for every operating system.  I've summarized some of the techniques
below.  Worse than that, for some OSes there are different levels of
sysprepping that an administrator might want; also see below.

So I'd like feedback from "virt-clone next generation" users:

(a) Is cloning guests useful for you or not?  Often or infrequently?

(b) Do you currently use virt-clone to clone guests?

(c) Do you have a homebrew method to clone guests?  What does it do?

(d) Do you use another tool to clone guests?  (And how is it?)

(e) When you clone a guest, do you "sysprep" it or would you like to?
(Using the term "sysprep" generically here, I mean any sort of
reinitialization for Linux or Windows guests).

(f) How do you feel about a multi-step process?

  virt-clone -> virt-sysprep -> virt-resize (for example)

(g) Have you had other problems with cloning guests?

(h) What have I missed out in this analysis?  What other features have
you missed in virt-clone?

Sysprepping Windows
-------------------

This is a complex, manual process.  We do some steps to automate it in
RHEV.  It's best to read Microsoft's online documentation at [2][3][4].

  [3] http://support.microsoft.com/kb/302577
  [4] http://blogs.technet.com/b/megand/archive/2005/01/20/357570.aspx

Fedora
------

In theory you can just write a file /.unconfigured in the root, and
Fedora will go through the firstboot process at next boot (it will reset
timezone, root password, netconfig, keyboard, authentication).

Some admins will *not* want all of these things to be reset, and will
want either a lesser degree of unconfiguration, or will want to control
each thing manually.

I'm not totally convinced that this hasn't been broken by systemd
introduction in Fedora 15.

general Linux
-------------

See [1].

Rich.

--
Richard Jones, Virtualization Group, Red Hat
http://people.redhat.com/~rjones virt-df lists disk usage of guests
without needing to install any software inside the virtual machine.
Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/

_______________________________________________
virt-tools-list mailing list
virt-tools-list@redhat.com
https://www.redhat.com/mailman/listinfo/virt-tools-list

----------------------------------------------------------------------
This message w/attachments (message) is intended solely for the use of the intended recipient(s) and may contain information that is privileged, confidential or proprietary. If you are not an intended recipient, please notify the sender, and then please delete and destroy all copies and attachments, and be advised that any review or dissemination of, or the taking of any action in reliance on, the information contained in or attached to this message is prohibited. 
Unless specifically indicated, this message is not an offer to sell or a solicitation of any investment products or other financial product or service, an official confirmation of any transaction, or an official statement of Sender. Subject to applicable law, Sender may intercept, monitor, review and retain e-communications (EC) traveling through its networks/systems and may produce any such EC to regulators, law enforcement, in litigation and as required by law. 
The laws of the country of each sender/recipient may impact the handling of EC, and EC may be archived, supervised and produced in countries other than the country in which you are located. This message cannot be guaranteed to be secure or free of errors or viruses. 

References to "Sender" are references to any subsidiary of Bank of America Corporation. Securities and Insurance Products: * Are Not FDIC Insured * Are Not Bank Guaranteed * May Lose Value * Are Not a Bank Deposit * Are Not a Condition to Any Banking Service or Activity * Are Not Insured by Any Federal Government Agency. Attachments that are part of this EC may have additional important disclosures and disclaimers, which you should read. This message is subject to terms available at the following link: 
http://www.bankofamerica.com/emaildisclaimer. By messaging with Sender you consent to the foregoing.

Re: [Qemu-devel] [virt-tools-list] Virt Tools Survey: What to do about virt-clone

[Decker, Schorschi]

Given a couple of questions I have gotten in response to my survey
responses... let me clarify, although I imply we do a significant volume
of V2V, which we do as well, the responses below are targeted and
applicable to cloning.  Especially the need to re-personalize clones
beyond the OS scope to the application scope when and where possible.

We maintain the original VMs in the original environment, often running
clones in parallel on different environments, so cloning is done, both
within the same hypervisor scope and across different hypervisor
environments.  Our work with SPECVirt is one concrete example where we
use cloning routinely, to build multiple tiers or tiles.  Our focus thus
far has been in the lab/test/development space, but our client base is
pushing for same flexibility in QA/production environments, so the need
for better/mature tools and methods in the KVM space, including cloning,
is key to our future goals.


Schorschi Decker

VP; Sr. Consultant Engineer
ET&D Emerging Technologies / Virtualization Platform Engineering Team
Bank of America


-----Original Message-----
From: Decker, Schorschi 
Sent: Tuesday, 10 May, 2011 07:01
To: virt-tools-list@redhat.com; Cole Robinson
Cc: virt@lists.fedoraproject.org; qemu-devel@nongnu.org
Subject: RE: [virt-tools-list] Virt Tools Survey: What to do about
virt-clone

(a) Is cloning guests useful for you or not?  Often or infrequently?

Our end-users are quite virtualization aware, they have demanded that we
support a number of features in our virtual infrastructure, this
included.  It will be used frequently and often, maybe 100s of times a
day across our global infrastructure.

(b) Do you currently use virt-clone to clone guests?

Only in the lab, cloning or templating is a new initiative in our
maturing design, so the timing of revamping this is perfect for our
plans over the next few months.

(c) Do you have a homebrew method to clone guests?  What does it do?

Yes, we often migrate and/or clone VMs in the lab between VMware and KVM
and Hyper-V and back again.  VMware and KVM is quite easy, given the
flexibility of common shared storage support and VM disks in RAW format
adaptable to VMware and KVM.  Hyper-V has its own challenges given its
limitations by design.  For VMware to KVM and back, we have a few bash
scripts that we use.  Migrations are straight-forward, since no
personality customization is needed, but true clones, which we use for
SPECVirt analysis for example, we have to remove/reapply personality.
This is not trivial, since we have a lot of applications in our base
image that are infrastructure aware, and require reconfiguration, or
re-initialization, beyond the typical sysprep or OS level changes.
Windows is especially painful on this point.  Our personality management
scripting is in a constant state of change because we are routinely
updating our core images.

(d) Do you use another tool to clone guests?  (And how is it?)

We have used platespin off and on, and of course use various tools and
methods core to WAIK tool set for Windows.  But custom scripting is the
significant 800 pound gorilla in the room on this point.  A specific in
VM agent or service that would explicitly support re-personalization
regardless of OS or application level would be of great benefit, since
meta-data or a back-end database could drive the re-personalization,
provided a more stateless model.  Especially for Windows this might be
an idea worth consideration.  BladeLogic, Ops-ware, Altaris, etc. all
use some form of this idea, but they are also focused on provisioning in
general so the meta-data driven re-personalization gets lost in the
overall product.

(e) When you clone a guest, do you "sysprep" it or would you like to?
(Using the term "sysprep" generically here, I mean any sort of
reinitialization for Linux or Windows guests).

Sysprep is fine as a place to start, but even when Microsoft wrote
sysprep, it was an idea that was ignored for a long time, and it was
never focused on, the world has since gone forward, so sysprep is at
best, only a starting point for what is needed to abstract personality.
A better solution would be that we image/clone the personality specific
deltas and archive them to a library, rather than complete clones that
have personality logic staged for implementation on first boot.

(f) How do you feel about a multi-step process?

  virt-clone -> virt-sysprep -> virt-resize (for example)

As long as any GUI and CLI (as well as API) are consistent in feature
set and flow, multi-step is fine.   We need to be able to completely
automate the process, since we would drive it from a self-serve web
portal concept.

(g) Have you had other problems with cloning guests?

Nothing beyond what was outlined above.  Abstracting of personality at
OS and application level is key for us.

(h) What have I missed out in this analysis?  What other features have
you missed in virt-clone?

No specifically to virt-clone but in general, abstracting the common
code, to common library or binary, so that virt-manager, virsh, etc. all
reference the same design, feature, and executables, is the strategic
direction that should be followed.  The idea that different code is
trying to implement same concepts in different tools makes no long term
strategic sense for the KVM platform in general.


Schorschi Decker

VP; Sr. Consultant Engineer
ET&D Emerging Technologies / Virtualization Platform Engineering Team
Bank of America

-----Original Message-----
From: virt-tools-list-bounces@redhat.com
[mailto:virt-tools-list-bounces@redhat.com] On Behalf Of Richard W.M.
Jones
Sent: Tuesday, 10 May, 2011 04:57
To: virt-tools-list@redhat.com; Cole Robinson
Cc: virt@lists.fedoraproject.org; qemu-devel@nongnu.org
Subject: [virt-tools-list] Virt Tools Survey: What to do about
virt-clone

I've volunteered for the task of fixing virt-clone[0].  There are a
number of bugs which need to be addressed.  Unfortunately the current
virt-clone is broken-by-design since it cannot make changes inside the
guest.

  [0] http://linux.die.net/man/1/virt-clone

The bugs boil down to what Microsoft calls "sysprepping" the clone,
which is to say, removing its existing identity, hostname, ssh host
keys, persistent network rules, host SID and workgroup name (for
Windows).  It's helpful for Linux guests to remove some of this stuff[1]
-- it will make the cloning process smoother.  For Windows it's
absolutely required[2].

  [1]
https://rwmj.wordpress.com/2010/09/24/tip-my-procedure-for-cloning-a-fed
ora-vm/
  [2]
http://technet.microsoft.com/en-us/library/cc721940%28WS.10%29.aspx

All that virt-clone can do now is to copy the guest and make some simple
changes to the libvirt XML (eg. giving it a new MAC address).
It doesn't even address the sysprepping problem.

The problem with sysprepping is that it's hard to do, and it's different
for every operating system.  I've summarized some of the techniques
below.  Worse than that, for some OSes there are different levels of
sysprepping that an administrator might want; also see below.

So I'd like feedback from "virt-clone next generation" users:

(a) Is cloning guests useful for you or not?  Often or infrequently?

(b) Do you currently use virt-clone to clone guests?

(c) Do you have a homebrew method to clone guests?  What does it do?

(d) Do you use another tool to clone guests?  (And how is it?)

(e) When you clone a guest, do you "sysprep" it or would you like to?
(Using the term "sysprep" generically here, I mean any sort of
reinitialization for Linux or Windows guests).

(f) How do you feel about a multi-step process?

  virt-clone -> virt-sysprep -> virt-resize (for example)

(g) Have you had other problems with cloning guests?

(h) What have I missed out in this analysis?  What other features have
you missed in virt-clone?

Sysprepping Windows
-------------------

This is a complex, manual process.  We do some steps to automate it in
RHEV.  It's best to read Microsoft's online documentation at [2][3][4].

  [3] http://support.microsoft.com/kb/302577
  [4] http://blogs.technet.com/b/megand/archive/2005/01/20/357570.aspx

Fedora
------

In theory you can just write a file /.unconfigured in the root, and
Fedora will go through the firstboot process at next boot (it will reset
timezone, root password, netconfig, keyboard, authentication).

Some admins will *not* want all of these things to be reset, and will
want either a lesser degree of unconfiguration, or will want to control
each thing manually.

I'm not totally convinced that this hasn't been broken by systemd
introduction in Fedora 15.

general Linux
-------------

See [1].

Rich.

--
Richard Jones, Virtualization Group, Red Hat
http://people.redhat.com/~rjones virt-df lists disk usage of guests
without needing to install any software inside the virtual machine.
Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/

_______________________________________________
virt-tools-list mailing list
virt-tools-list@redhat.com
https://www.redhat.com/mailman/listinfo/virt-tools-list

----------------------------------------------------------------------
This message w/attachments (message) is intended solely for the use of the intended recipient(s) and may contain information that is privileged, confidential or proprietary. If you are not an intended recipient, please notify the sender, and then please delete and destroy all copies and attachments, and be advised that any review or dissemination of, or the taking of any action in reliance on, the information contained in or attached to this message is prohibited. 
Unless specifically indicated, this message is not an offer to sell or a solicitation of any investment products or other financial product or service, an official confirmation of any transaction, or an official statement of Sender. Subject to applicable law, Sender may intercept, monitor, review and retain e-communications (EC) traveling through its networks/systems and may produce any such EC to regulators, law enforcement, in litigation and as required by law. 
The laws of the country of each sender/recipient may impact the handling of EC, and EC may be archived, supervised and produced in countries other than the country in which you are located. This message cannot be guaranteed to be secure or free of errors or viruses. 

References to "Sender" are references to any subsidiary of Bank of America Corporation. Securities and Insurance Products: * Are Not FDIC Insured * Are Not Bank Guaranteed * May Lose Value * Are Not a Bank Deposit * Are Not a Condition to Any Banking Service or Activity * Are Not Insured by Any Federal Government Agency. Attachments that are part of this EC may have additional important disclosures and disclaimers, which you should read. This message is subject to terms available at the following link: 
http://www.bankofamerica.com/emaildisclaimer. By messaging with Sender you consent to the foregoing.

Re: [Qemu-devel] Virt Tools Survey: What to do about virt-clone

[Gerd Hoffmann]

   Hi,

> (a) Is cloning guests useful for you or not?  Often or infrequently?

I'm almost never do that.

Usually I use qcow2 copy-on-write images for testing, so I can easily 
rollback stuff by just zapping and re-creating the copy-on-write image.

When I need a fresh VM I install one.  Have kickstart in place for 
RHEL/Fedora guests.  Also a custom windows xp install cd which 
autoinstalls via unattended.txt, so I don't have to babysit the 
installs.  Includes sp3 and some extra drivers (e1000, virtio-net, ...) too.

cheers,
   Gerd

Re: [Qemu-devel] [virt-tools-list] Virt Tools Survey: What to do about virt-clone

[Juerg Haefliger]

> (a) Is cloning guests useful for you or not?  Often or infrequently?

I don't 'clone' in the strict sense of the word. I create a base raw
OS image and provide that image to other users as a common starting
point for them to setup their guests. I don't care about the XML
definition, just the raw image file. Hopefully I won't have to do that
too often once the base image is stable/mature. But it needs to be
done every time I'll have to support a new OS variant.


> (b) Do you currently use virt-clone to clone guests?

Nope. Don't know what it does, never looked into it.


> (c) Do you have a homebrew method to clone guests?  What does it do?

Plain 'cp' to 'clone' the image.


> (e) When you clone a guest, do you "sysprep" it or would you like to?
> (Using the term "sysprep" generically here, I mean any sort of
> reinitialization for Linux or Windows guests).

Before making the image available to potential users, I 'sanitize'
(what you call 'sysprep') the image. Currently, I only support SL6 and
all this step accomplishes is purging the persistent-net udev rule and
removing the MACADDR from ifcfg-eth0 so that eth0 comes up when the
image is used in a new KVM instance. This is done by loading a little
script into the guest, running it and then removing it again, using
libguestfs.


> (f) How do you feel about a multi-step process?
>
>  virt-clone -> virt-sysprep -> virt-resize (for example)

Sounds fine to me as long as there is sufficient control over what
each step is doing and as long as it can be automated without the need
for a fancy GUI.


...Juerg

Re: [Qemu-devel] [virt-tools-list] Virt Tools Survey: What to do about virt-clone

[Alexander Boström]

On tis, 2011-05-10 at 12:56 +0100, Richard W.M. Jones wrote:

> Fedora
> ------
> 
> In theory you can just write a file /.unconfigured in the root, and

Perhaps this could also be triggered by a change in the system UUID (see
dmidecode). Store the UUID in a file during kickstart/firstboot and
check it at every boot. If it changed then the disk was either moved or
cloned to new hardware (physical or virtual doesn't really matter), so
perhaps the system could ask for a root password and after confirmation
start the re-setup process.

> Some admins will *not* want all of these things to be reset, and will
> want either a lesser degree of unconfiguration, or will want to
> control each thing manually.

Yeah, it's rather analogous to kickstart.

I think every guest OS needs to have support for this internally because
it gets too complicated to do it from the outside but it should be
possible to trigger the process and control it using the virt tools.

The OS needs to back out some changes from the system and then redo part
of the kickstart/firstboot. (The division between Anaconda and Firstboot
seems a bit arbitrary, so I'm treating them as one thing here.)

Stuff that can happen at boot after cloning:

1. (If virt-clone triggered the boot, skip this step.)
Ask the admin if this is a clone or a move. If it's a move, exit and
continue with the normal boot. Otherwise, ask for the root password.

2. Eradicate as thoroughly as possible any host-private data. This can
be Smolt ID, Spacewalk, RHN data, SSH key pairs, Kerberos keys, Puppet
registration, reset the hostname to localhost.localdomain and so on.

3. Forget about any hardware that doesn't seem to exist anymore (so eth0
is removed from udev and the configuration is deleted from NM).

4. At this point it should be possible to shut down, thereby creating a
clean slate template.

5. Re-run some parts of kickstart/firstboot. This should be scriptable
and virt-clone should be able to provide this info.
* Network config.
* (Hash of) the root password, bootloader password.
* Smolt, Kerberos hostkey, Spacewalk, RHN, Puppet...
* %post script.

/abo