XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Home
    2. dj423
    3. Best
    D
    • Profile
    • Following 1
    • Followers 0
    • Topics 9
    • Posts 31
    • Best 8
    • Controversial 0
    • Groups 0

    Best posts made by dj423

    • RE: % characters in cloud-init configs render as 0 in instance

      @julien-f said in % characters in cloud-init configs render as 0 in instance:

      @dj423 It should be fixed in the master branch: https://github.com/vatesfr/xen-orchestra/commit/30e6d4b4f14ddbb6ee34cd456e4ca707486df2db

      • {index} is now used in place of %
      • % is still working when Multiple VMs is enabled
      • % and \% will be replaced by % when Multiple VMs is disabled

      Wow! First of all big Thank you for getting that in place so fast. I updated, and for grins provisioned an Oracle 9.4 VM in XO using the same templated config (without the escaped /%) and it worked flawless.

      snippet:
{% if distro == 'rocky' or distro == 'centos' or distro == 'ol' or distro == 'almalinux' or distro == 'fedora' or distro == 'redhat' %}
{% set group = 'wheel' %}

      Thanks again Julien!

      posted in Infrastructure as Code
      D
      dj423
    • RE: Introduce yourself!

      Hello, I am a systems engineer for a mid sized ISP. I have been mostly a VMware/Vsphere admin going back to 2007 back in my enterprise days. Even played with XEN project a bit prior to jumping into ESX. I started using xcp-ng in my personal lab to prototype cloud-init scripts, Ansible playbooks and other IaC toolstacks, and to have a solid reliable virtualization stack to run my hosted apps, email, and websites. Thanks to the xcp-ng team for such a stable and easy to use system! The support is top notch!
      Dj

      posted in Off topic
      D
      dj423
    • Updated configs for cloud-init

      Re: Cloud-init success

      Had a chance to "refresh" some cloud-init configs for some later distros (Debian 12, Ubuntu 24.04, Rocky Linux 9.3, etc.) so thought I would share some example configs that are used mainly for bootstrapping new VM's and or containers.

      This first one is targeted at deb based distros and sets up an Incus container host. Like most configs I use this one is pretty specific pulling key files and configs from an NFS share, rsyslog target, etc., but gives an idea what can be done for detailed provisioning of instances, aside from just slapping your SSH keys on and letting ansible take over. With this I can have a fresh VM provisioned in about 5 minutes.

      I always like to run a status check after init:

      root@IncusTEST20:~# cloud-init status --long
status: done
boot_status_code: enabled-by-generator
last_update: Sat, 26 Jul 2024 17:29:50 +0000
detail:
DataSourceNoCloud [seed=/dev/xvdc][dsmode=net]

      Then we can query the user-data to see how it rendered from the config injected into the nocloud datasource:
      root@IncusTEST20:~# cloud-init query userdata

      #cloud-config
    hostname: IncusTEST20
    users:
      - name: foo
        groups: sudo
        lock_passwd: false
        passwd: $6$10023$EKz8eWTDXQO3x7.4ff0ZNJLsl9q6RB.l8pZN9nq8BzT42zzOn7O4r./ybHeVa/l0W0/FARK/2Ttg177ywAP0Z1
        ssh_authorized_keys:
          - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEqTfKkUKEGxOi62A9tCWMslqF5i9xm0aMN+ZxWgHuR6 foobar-ed25519-20240725
        shell: /bin/bash
      - name: bar
        groups: sudo
        lock_passwd: false
        passwd: $6$10023$EKz8eWTDXQO3x7.4ff0ZNJLsl9q6RB.l8pZN9nq8BzT42zzOn7O4r./ybHeVa/l0W0/FARK/2Ttg177ywAP0Z1
        ssh_authorized_keys:
          - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEqTfKkUKEGxOi62A9tCWMslqF5i9xm0aMN+ZxWgHuR6 foobar-ed25519-20240725
        shell: /bin/bash
    locale: en_US.UTF-8
    timezone: America/New_York
    resize_rootfs: true
    mounts:
      - ["192.168.99.2:/mnt/Vault/lxd", "/mnt/lxd", "nfs", "auto,nofail,noatime,nolock,intr,tcp,actimeo=1800,user,suid", "0", "0"]
      - ["192.168.0.54:/mnt/raid/backup", "/mnt/nas", "nfs", "auto,nofail,noatime,nolock,intr,tcp,actimeo=1800,user,suid", "0", "0"]
    rsyslog:
      remotes:
        log_serv: "192.168.50.35:5140"
    write_files:
      - path: /etc/init.d/incus.sh
        owner: root:root
        permissions: 0o755
        defer: true
        content: |
          #!/bin/bash
          curl -fsSL https://pkgs.zabbly.com/key.asc -o /etc/apt/keyrings/zabbly.asc
          sh -c 'cat <<EOF > /etc/apt/sources.list.d/zabbly-incus-lts-6.0.sources
          Enabled: yes
          Types: deb
          URIs: https://pkgs.zabbly.com/incus/lts-6.0
          Suites: $(. /etc/os-release && echo ${VERSION_CODENAME})
          Components: main
          Architectures: $(dpkg --print-architecture)
          Signed-By: /etc/apt/keyrings/zabbly.asc
          EOF'
          apt update -y
          dpkg --configure -a
          apt install incus incus-ui-canonical -y
          mkdir -p /root/.config
          mkdir -p /root/.config/rclone
          mount -a
          cp /mnt/lxd/.config/.encode /root/.encode
          cp /mnt/lxd/.config/rclone.conf /root/.config/rclone/rclone.conf
          chmod 600 /root/.config/rclone/rclone.conf
          # Delete self
          rm "${0}"
    runcmd:
      - mkdir /mnt/lxd
      - mkdir /mnt/nas
      - date > /etc/birth_certificate
      - [ mount /dev/cdrom /mnt ]
      - [ bash /mnt/Linux/install.sh ]
      - [ umount /dev/cdrom ]
      - [ sh, /etc/init.d/incus.sh ]
    package_update: true
    package_upgrade: true
    packages:
      - htop
      - nano
      - curl
      - wget
      - nfs-common
      - btrfs-progs
      - bridge-utils
      - build-essential
      - rclone

      Here is a more universal config with jinja templating syntax that can be targeted at many distros and using an 'if distro' will configure the instance based on the distro value in metadata:

      This one targets debian, ubuntu, centos, redhat and rocky linux 8 and up - notice the ##template: jinja at the top, this allows jinja to render and process:

      ## template: jinja
#cloud-config
{% set u1 = 'foobar' %}
{% set u1pass = '$6$10023$EKz8eWTDXQO3x7.4ff0ZNJLsl9q6RB.l8pZN9nq8BzT42zzOn7O4r./ybHeVa/l0W0/FARK/2Ttg177ywAP0Z1' %}
{% set u1key = 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEqTfKkUKEGxOi62A9tCWMslqF5i9xm0aMN+ZxWgHuR6 foobar-ed25519-20240725' %}
{% set u2 = 'ansible' %}
{% set u2pass = '$6$10023$EKz8eWTDXQO3x7.4ff0ZNJLsl9q6RB.l8pZN9nq8BzT42zzOn7O4r./ybHeVa/l0W0/FARK/2Ttg177ywAP0Z1' %}
{% set u2key = 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEqTfKkUKEGxOi62A9tCWMslqF5i9xm0aMN+ZxWgHuR6 foobar-ed25519-20240725' %}
locale: en_US.UTF-8
timezone: America/New_York
runcmd:
  - mkdir /mnt/v-nas
  - mkdir /mnt/home
  - date > /etc/birth_certificate
rsyslog:
  remotes:
    log_serv: "192.168.50.35:5140"
{% if distro == 'rocky' or distro == 'centos' or distro == 'redhat' %}
{% set group = 'wheel' %}
repo_update: true
repo_upgrade: all
yum_repos:
  epel-release:
    name: Extra Packages for Enterprise Linux 9 - Release
    baseurl: http://download.fedoraproject.org/pub/epel/9/Everything/$basearch
    enabled: true
    failovermethod: priority
    gpgcheck: true
    gpgkey: http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-9
package_upgrade: true
packages:
  - htop
  - nano
{% elif distro == 'ubuntu' or distro == 'debian' %}
{% set group = 'sudo' %}
package_update: true
package_upgrade: true
packages:
  - htop
  - nano
  - build-essential
users:
  - name: {{ u1 }}
    groups: {{ group }}
    lock_passwd: false
    passwd: {{ u1pass }}
    ssh_authorized_keys:
      - {{ u1key }}
    shell: /bin/bash
  - name: {{ u2 }}
    groups: {{ group }}
    lock_passwd: false
    passwd: {{ u2pass }}
    ssh_authorized_keys:
      - {{ u2key }}
    shell: /bin/bash
{%- endif %}

      Just a note, to consume jinja templating, you need cloud-init 22.x or higher, with the jinja package installed in your template/image.

      For anyone wanting to tinker with these, (these are not my keys or password hashes, these I just threw in for demonstration purposes and for the wiki page). The password for the accounts is "foobar" and the matching private key is:

      -----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACBKk3ypFChBsToutgPbQljLJaheYvcZtGjDfmcVoB7kegAAAKADtgJ2A7YC
dgAAAAtzc2gtZWQyNTUxOQAAACBKk3ypFChBsToutgPbQljLJaheYvcZtGjDfmcVoB7keg
AAAEC1DHPxJPEU3Ywf14x7k7IMXt1nKPvwBmG6vAXsZceiVUqTfKkUKEGxOi62A9tCWMsl
qF5i9xm0aMN+ZxWgHuR6AAAAF2Zvb2Jhci1lZDI1NTE5LTIwMjQwNzI1AQIDBAUG
-----END OPENSSH PRIVATE KEY-----

      Enjoy!

      posted in Advanced features
      D
      dj423
    • Cloud-init success

      I thought I would share some success with cloud-init. I know it has been a pain for others to get working. Please disregard if this is old news.

      Just for fun, I wanted to see if I could just use the stock/prebuilt Ubuntu 22.04-LTS cloud ready images I have used in production. Almost like magic it worked fantastic. I expected hours of pain and debugging like others have had to suffer. However to it took me about 2 minutes to spin up a fully configured Ubuntu VM with all my PKI keys, users, updates, packages, configs, etc.

      So here is what I did, just in case this is helpful for any other noobies like myself getting acquainted with XO and using cloud-init.

      So I used the prebuilt cloud image for Ubuntu found here: https://cloud-images.ubuntu.com/jammy/current/

      Step 1:
      I selected the "jammy-server-cloudimg-amd64.ova" stock file for vmware/virtual box and downloaded.

      Step 2:
      Then in XO, I imported the file as a VM - import - VM.

      Step 3:
      Then I went into settings, and created a new cloud config with my usual user, ssh, packages, and other custom settings as I normally use in the lab for testing prior to rolling into production. I just copy/pasted my full config, and saved it.

      Step 4:
      Then I converted the cloud image VM I imported in step 2 into a template.

      Step 5:
      Then I created a fresh VM, using this new template, making sure to select my cloud-init config by checking the "Custom config" selection under Install settings.

      Step 6:
      Then I opened the console to watch for FAIL errors. Everything looked good. Then I logged in with my ansible account configured in the cloud-init. Then I tested from my ansible control node, and logged in. I inspected /var/log/cloud-init.log for any errors, and finally I ran "cloud-init query userdata" to see how it rendered the config settings. Everything works as it should.

      Next I will try the cloud-init config with jinja2 template directives and see if the jinja engine works as well, so I can use one config for all distros I will be using. Then test network config settings. Then test on Centos, Rocky, RHEL cloud-ready images and report back if I run into any snags on those.

      posted in Advanced features
      D
      dj423
    • RE: Virtualbox OVA import an option?

      @olivierlambert
      Yes. It should be said, that XCP-ng FAR exceeds my expectations! No matter what I throw at it, it just works fantastic. 😁

      posted in Compute
      D
      dj423
    • RE: Virtualbox OVA import an option?

      @dj423

      Update: In case anyone runs across this OVA/app, It imported fine, with no issues at all. I did not end up running it since the apps fell short of my expectations, but the process of importing it worked flawlessly.

      Have a great day!

      posted in Compute
      D
      dj423
    • RE: Virtualbox OVA import an option?

      @olivierlambert
      Ok thanks Oliver! I will report back how it goes.

      posted in Compute
      D
      dj423
    • RE: Backup - Error: Lock file is already being held

      @olivierlambert
      Got it, sorry I glossed right over the updates. Ran the updates and everything is green with success. Thanks for taking the time to answer my noob questions!

      posted in Xen Orchestra
      D
      dj423