Ubuntu MAAS KVM - hpaluch/hpaluch.github.io GitHub Wiki

Ubuntu MAAS in KVM/libvirt

Example how to setup Ubuntu MAAS (Metal As A Service) using KVM/libvirt instead of bare metal machines.

We will basically follow

However I want to rather reuse default NAT network created by libvirt instead of using second bridged NIC with manual NAT rules. However we must disable its DHCP (MAAS will provide his own DHCP, TFTP and DNS server).

Setup

You need HOST VM (must be capable of nested virtualization to run KVM+libvirt) or bare metal server.

WARNING! If you plan to test it in Azure you need to ensure that your VM supports nested virtualization. Here is article:

I use Azure VM of these parameters:

  • HW: Standard E2s v3 (4 vcpus, 16 GiB memory) (only Ev3 and Dv3 supports nested virtualization)
  • HDD: 30GB Standard HDD LRS
  • Network:
    • Private Network (accessed using Azure VPN Gateway)
    • NO Public IP
  • OS: ``Ubuntu 20.04.3 LTS

Verify that KVM is working:

ls -l /dev/kvm

crw-rw---- 1 root kvm 10, 232 Nov 14 15:56 /dev/kvm

# as last resort you can try:
sudo modprobe kvm-intel
# may not report error
ls -l /dev/kvm # must exist
sudo dmesg # in case of error - lookup for details
# out of luck: kvm: no hardware support

Now we must divert and follow this guide for installation (ppa 2.6 repo no longer exist):

sudo apt-add-repository ppa:maas/3.0
sudo apt update
sudo apt-get -y install maas

Now we will switch to:

And install KVM + libvirt (we omit bridge - we will not use it):

sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients

Now we will hack defult network of libvirt to not run DHCP:

  • query and backu current default network:

    # default network should exist
    
    $ virsh net-list
     Name      State    Autostart   Persistent
    --------------------------------------------
     default   active   yes         yes
    
    # backup it - just in case:
    virsh net-dumpxml default > backup-default-network.xml
  • now run this command and completely remove <dhcp>...</dhcp> lines:

    virsh net-edit default
  • now we have stop (called destroy! and start default network so changes will be effective:

    virsh net-destroy default
    virsh net-start default
  • to be sure that configuration is really updated, dump xml to different file:

    virsh net-dumpxml default > default-network-nodhcp.xml
  • and compare those two XML files

Finally we can continue with official tutorial:

Now follow https://maas.io/tutorials/create-kvm-pods-with-maas#6-maas-installation to create MASS Admin

sudo maas createadmin --username admin --password YOUR_ADMIN_PASSWORD --email root@localhost

Now we have to login with these credentials to MAAS Admin Web UI on address:

  • http://YOUR_HOST_IP:5240/MAAS/

You should be redirected to Introduction page (url ending with /MAAS/l/intro

  • you can leave default settings for all sections - all should be Green:
    • Welcome to MAAS (Region name is by default your Host's name)
    • Connectivity
    • Ubuntu
  • click on Continue
  • now we need to create SSH keys that will be used for provisioned VM access
  • in your terminal create ssh key-pair using:
    ssh-keygen
    # press ENTER for all questions (using password less keys)
  • back in Web UI
    • select Keys -> Source to Upload
    • and Paste content of your ~/.ssh/id_rsa.pub
  • after upload click on go-to dashboard
  • Now we have to follow:
  • we have to fix warning ``

    DHCP is not enabled on any VLAN. This will prevent machines from being able to PXE boot, unless an external DHCP server is being used.

  • click on Subnets (on top black ribbon)
  • now we need to recall which network is our default network
    $ virsh net-dumpxml default | fgrep '<ip'
      <ip address='192.168.122.1' netmask='255.255.255.0'>
  • look back into Web-UI - click on this line:
    fabric-1	untagged	No DHCP	192.168.122.0/24	100%
    
  • click on VLAN - untagged link
  • click on Enable DHCP
    • fill-in Gateway IP from our above fgrep output
      • 192.168.122.1
    • click on Configure DHCP to save changes
  • now you can click on MAAS logo to get back to Dashboard

Now we have to follow guide to create SSH keypair so user maas can login as any valid SSH user that has access to libvirt group

  • NOTE: in azure I have azureuser - therefore I created user ubuntu with libvirt membership to have all necessary rights:
    sudo /usr/sbin/useradd -c 'Ubuntu for LibVirt' -m -s /bin/bash -G libvirt,lxd,plugdev,netdev ubuntu
    # following guide
    sudo chsh -s /bin/bash maas  
    sudo su - maas  
    ssh-keygen -f ~/.ssh/id_rsa -N ''  
    logout 
    # my addition
    sudo bash
    mkdir -p ~ubuntu/.ssh
    cp ~maas/.ssh/id_rsa.pub ~ubuntu/.ssh/authorized_keys
    chown ubuntu:ubuntu -R ~ubuntu/.ssh
    chmod go-rwx ~ubuntu/.ssh
    exit
    # now you are again azure user
  • I strongly recommend to test that key SSH login works properly:
    $ sudo su - maas
    $ ssh ubuntu@localhost
    # confirm host key
    $ virsh list
    # should return empty list - no error
    logout # logout from ssh
    logout # logout from maas back to azureuser
  • now we can test access following guide - should return same output:
    $ sudo -H -u maas \
        bash -c 'virsh -c qemu+ssh://[email protected]/system list --all'
    # you may have to confirm localhost...
  • now we will follow guide
  • go back to web ui
  • click on Hardware ->KVM (sorry no Pod - documentation is old)
  • on Add KVM do this:
    • select KVM host type: virsh (was LXD)
    • Name: MAAS Pod
    • Address: (I use localhost): qemu+ssh://[email protected]/system
    • Password: empty (we use SSH key)
  • click on Save KVM
  • if it works you should see CPU cores, RAM and storage that matches your host!
  • now on list click on our MAAS Pod
  • on Detail click on Action -> Compose
  • you can keep defults and confirm parameters by clicking on Compose Machine
  • now go to Hardware -> Machines
  • you should see satuts of creating yoru VM in KVM/libvirt
  • after a while when you go back to Hardware -> Machines you should see assigned IP address

NOTE: After gathering information and testing this VM Machine, it will be powered off. To actually use it one must Acquire and Deploy such machine.

To use our VM we have to:

  • click on Hardware -> Machines in web ui
  • click on Your VM to get details
  • click on Take Action -> Acquire
  • confirm defaults
  • now click on Take Action -> Deploy
  • confirm defaults
  • click on Start deployment for machine
  • you can click on Logs tab to see what is going on...
  • once Machine is ready you can click on Network tab
  • and note IP Address Status column to get IP address of running VM
  • you can then try connecting using your terminal (account azureuser) with command like:
    azureuser$
    ssh -i ~/.ssh/id_rsa [email protected]
    # wow, you are there!!

Done.

⚠️ **GitHub.com Fallback** ⚠️