1. Information

  • 2022-05-24 Updated BIOS from 1.12.0 to 1.14.0 using PER410-011400C.exe and a FreeDOS bootable USB key.

  • 2022-05-24 Updated BCM5716 network driver from 7.8.16 to 7.12.19 using Network_Firmware_35RF5_LN_7.12.19.BIN and CentOS-7-livecd-x86_64.iso bootable USB key.

  • 2022-05-24 Updated Dell 32 Bit Diagnostics from 5118A0, 5118.3 to 5162A0, 5162.# using Diagnostics_Application_2MM6J_LN_5162A0_5162.1.BIN and CentOS-7-livecd-x86_64.iso bootable USB key.

2. Sophos Firewall

  • Browse to SMRU-SFW-MRM.

  • Logon as admin.

  • Select PROTECT > Rules and policies.

  • Select Outgoing traffic - DMZ.

  • Add or modify the Allow DNS HTTP HTTPS NTP SMTP for Linux servers rule.

    Source zones                    DMZ
Source networks and devices     MST DMZ Network
Destination zones               WAN
Destination networks            Any
Services                        DNS, HTTP, HTTPS, NTP, SMTP(S), PING

3. Firmware

3.1. Debian Install Image

  • The firmware-bnx2_20210315-3_all.deb package is needed for the Broadcom BCM5716 network interface cards.

  • Use Rufus to create a bootable USB key from the debian-11.6.0-amd64-DVD-1.iso file.

  • Download firmware-bnx2_20210315-3_all.deb from https://packages.debian.org/bullseye/all/firmware-bnx2/download.

  • Copy the firmware-bnx2_20210315-3_all.deb file to the /firmware folder on the bootable USB key.

  • The Debian installer will automatically install the firmware-bnx2_20210315-3_all.deb package during installation.

3.2. Debian Live Image

  • The firmware-bnx2_20210315-3_all.deb package is needed for the Broadcom BCM5716 network interface cards.

  • Use Rufus to create a bootable USB key from the debian-live-11.6.0-amd64-standard.iso file.

  • Download firmware-bnx2_20210315-3_all.deb from https://packages.debian.org/bullseye/all/firmware-bnx2/download.

  • Copy the firmware-bnx2_20210315-3_all.deb file to the root folder on the bootable USB key.

  • Boot the computer from the Debian Live USB key.

  • Enter the following commands at a Command Line.

    sudo dpkg -i /usr/lib/live/mount/medium/firmware-bnx2_20210315-3_all.deb
sudo dhclient
ip address
sudo apt-get update
sudo apt-get --yes install openssh-server
sudo systemctl start ssh

  • Remote to Debian Live with PuTTY.

  • Log in as user with the default live password.

  • Enter the following commands at a Command Line.

    sudo apt-get install hdparm
sudo fdisk -l
sudo hdparm -t /dev/sda
sudo hdparm -t /dev/sdb
    /dev/sdb: Timing buffered disk reads: 138 MB in  3.01 seconds =  45.81 MB/sec
/dev/sdb: Timing buffered disk reads: 124 MB in  3.01 seconds =  41.23 MB/sec
/dev/sdb: Timing buffered disk reads: 122 MB in  3.01 seconds =  40.58 MB/sec

4. Installation

  • Attach the debian-11.6.0-amd64-DVD-1.iso installation media.

  • Boot the computer from the installation media.

    • Press F11 to enter the BIOS Boot Manager.

    • Select the installation media and press Enter.

  • Select Install and press Enter.

  • Step through the installation with the following choices.

  • Language: English - English

  • Country, territory or area: other

  • Continent or region: Asia

  • Country, territory or area: Thailand

  • Country to base default locale settings on: United States - en_US.UTF-8

  • Keymap to use: American English

  • Primary network interface: eno1: Broadcom Inc. and subsidiaries NetXtreme II BCM5716 Gigabit Ethernet

  • Hostname: tbhf-lxd-dmz

  • Domain name: smru.shoklo-unit.com

  • Root password: level 1 password

  • Re-enter password to verify: level 1 password

  • Full name for the new user: Delta

  • Username for your account: delta

  • Choose a password for the new user: level 2 password

  • Re-enter password to verify: level 2 password

  • Partitioning method: Guided - use entire disk

  • Select disk to partition: SCSI6 (1,0,0) (sdb) - 127.4 GB Dell VIRTUAL DISK

  • Partitioning scheme: All files in one partition (recommended for new users)

  • Partition disks: Finish partitioning and write changes to disk

  • Write the changes to disk? Yes

  • Note: The following disk partitions will be created.

    Device     Boot     Start       End   Sectors   Size Id Type
/dev/sda1  *         2048 246773759 246771712 117.7G 83 Linux
/dev/sda2       246775806 248772607   1996802   975M  5 Extended
/dev/sda5       246775808 248772607   1996800   975M 82 Linux swap / Solaris

  • Use a network mirror? No

  • Participate in the package usage survey? No

    Choose software to install:                     [ ] Debian desktop environment
                                                [ ] ... GNOME
                                                [ ] ... Xfce
                                                [ ] ... GNOME Flashback
                                                [ ] ... KDE Plasma
                                                [ ] ... Cinnamon
                                                [ ] ... MATE
                                                [ ] ... LXDE
                                                [ ] ... LXQt
                                                [ ] web server
                                                [*] SSH server
                                                [*] standard system utilities

  • Choose software to install: Continue

  • Device for boot loader installation: /dev/sdb

  • Detach the installation media.

  • Select Continue to reboot and press Enter.

5. Configuration

  • Log in as delta at the console of the tbhf-lxd-dmz server.

  • Type ip address and press Enter.

  • Log in as delta on tbhf-lxd-dmz using PuTTY.

  • Enter the following commands at a Command Line with root privileges.

    ip address
lspci -D | grep Ether
sudo systemctl --type service
cp -a  /etc/network/interfaces /etc/network/interfaces.org

  • Remove the iface eno1 inet dhcp line in the /etc/network/interfaces file.

  • Append the following lines to the /etc/network/interfaces file.

    auto eno1
iface eno1 inet static
    address 10.10.0.11
    gateway 10.10.0.170
    netmask 255.255.255.0
    network 10.10.0.0

  • Restart the server.

  • Log in as delta on tbhf-anc-mrm using PuTTY.

  • Enter the following commands at a Command Line.

    scp -p /media/Windows/Software/_Delta/delta-linux-tools-#.#.#-1-all.deb delta@tbhf-lxd-dmz:
scp -p /media/Windows/Software/_Delta/delta-linux-tools-#.#.#-1-all.deb delta@10.10.0.11:

  • Log in as delta on tbhf-lxd-dmz using PuTTY.

  • Enter the following commands at a Command Line with root privileges.

    dpkg -i ~delta/delta-linux-tools-#.#.#-1-all.deb

delta config apt                        # Configure apt repositories.
delta config bash                       # Configure bash shell for each user.
delta config cron                       # Configure cron jobs.
delta config editor                     # Set default editor to vim.tiny for each user.
delta config kernel acpi=off            # Prevent ACPI syslog errors.
delta config locale                     # Configure locale settings.

delta setup inventory                   # Install and configure inventory.
delta setup openssh                     # Install and configure openssh server.
delta setup sudo                        # Install and configure sudo for each user.
delta setup timezone                    # Install and configure time zone.

6. Network

The KVM server is running on a Dell PowerEdge R320 that has two network cards. Because of this it makes sense to use predictable network interface names, which is the default for Debian 10 and later and to use NIC Bonding, also called NIC Teaming. Bridging should be enabled for the virtual machines to have direct access to the LAN.

  • Log in as delta on tbhf-kvm-mrm using PuTTY.

6.1. Legacy Networking

  • Enter the following commands at a Command Line.

    sudo apt-get install bridge-utils ifenslave

  • Bridging:

    • Remove the primary network interface section from the /etc/network/interfaces file.

    • Append the following lines to the /etc/network/interfaces file.

      # This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

## The primary network interface
#auto eno1
#iface eno1 inet static
#    address 10.10.0.11
#    gateway 10.10.0.170
#    netmask 255.255.255.0
#    network 10.10.0.0

# Requires bridge-utils package
allow-hotplug br0
auto br0
iface br0 inet static
    address 10.10.0.11
    gateway 10.10.0.170
    netmask 255.255.255.0
    network 10.10.0.0
    bridge_fd 0
    bridge_maxwait 0
    bridge_ports eno1
    bridge_stp off
    bridge_waitport 0

  • Bonding + Bridging:

    • Remove the primary network interface section from the /etc/network/interfaces file.

    • Append the following lines to the /etc/network/interfaces file.

      # The primary network interface
#allow-hotplug eno1
#iface eno1 inet dhcp

## The primary network interface
#allow-hotplug eno1
#iface eno1 inet static
#    address 10.10.0.11
#    netmask 255.255.255.0
#    network 10.10.0.0
#    gateway 10.10.0.170

## The primary network interface
#auto eno1
#iface eno1 inet manual

## The secondary network interface
#auto eno2
#iface eno2 inet manual

# The bond interface
auto bond0
iface bond0 inet manual
    bond-slaves eno1 eno2
    bond-mode active-backup
    bond-miimon 100
    bond-downdelay 200
    bond-updelay 200

# The bridge interface
auto br0
iface br0 inet static
    address 10.10.0.11
    netmask 255.255.255.0
    network 10.10.0.0
    gateway 10.10.0.170
    bridge_ports bond0
    bridge_stp off
    bridge_fd 0
    bridge_maxwait 0
    bridge_waitport 0

  • Restart the computer.

  • Enter the following commands at a Command Line.

    cat /proc/net/bonding/bond0
ip address

  • Note: You will see that the primary and secondary network interfaces have the same MAC address.

6.2. Systemd Networking

  • Bridging:

    • Create a /etc/systemd/network/br0.netdev file with the following contents.

      [NetDev]
Name=br0
Kind=bridge

    • Create a /etc/systemd/network/eno8303.network file with the following contents.

      [Match]
Name=eno8303

[Network]
Bridge=br0

    • Create a /etc/systemd/network/br0.network file with the following contents.

      [Match]
Name=br0

[Network]
DHCP=yes
#Address=10.10.1.241/24
#Gateway=10.10.1.170
#DNS=10.10.1.1

  • Bonding + Bridging:

    • Create a /etc/systemd/network/bond1.netdev file with the following contents.

      [NetDev]
Name=bond1
Kind=bond

[Bond]
Mode=active-backup

    • Create a /etc/systemd/network/bond1.network file with the following contents.

      [Match]
Name=eno1
Name=eno2

[Network]
Bond=bond1

    • Create a /etc/systemd/network/static.network file with the following contents.

      [Match]
Name=br0

[Network]
Address=10.10.1.11/24
Gateway=10.10.1.170

    • Create a /etc/systemd/network/br0.netdev file with the following contents.

      [NetDev]
Name=br0
Kind=bridge

    • Create a /etc/systemd/network/br0.network file with the following contents.

      [Match]
Name=bond1

[Network]
Bridge=br0

    • Enter the following commands at a Command Line with root privileges.

      mkdir -p /etc/systemd/system/systemd-networkd-wait-online.service.d
mv /etc/network/interfaces /etc/network/interfaces.org
systemctl disable networking
systemctl enable systemd-networkd

    • See https://askubuntu.com/questions/972215/a-start-job-is-running-for-wait-for-network-to-be-configured-ubuntu-server-17-1.

    • Create a /etc/systemd/system/systemd-networkd-wait-online.service.d/override.conf file with the following contents.

      [Service]
ExecStart=
ExecStart=/lib/systemd/systemd-networkd-wait-online --any

  • Restart the computer.

  • Log in as delta on the tbhf-kvm-mrm server using PuTTY.

  • Enter the following commands at a Command Line.

    ip address
ip link list
systemctl --type service
ls -al /etc/resolv.conf
cat /etc/resolv.conf
    domain smru.shoklo-unit.com
search smru.shoklo-unit.com
nameserver 10.10.1.1

7. iDRAC

  • Enter the following commands at a Command Line.

    sudo apt-get update
sudo apt-get --yes install ipmitool

sudo ipmitool mc getsysinfo system_name
sudo ipmitool mc setsysinfo system_name tbhf-lxd-dmz.smru.shoklo-unit.com
sudo ipmitool mc getsysinfo system_name

sudo ipmitool mc getsysinfo primary_os_name
sudo ipmitool mc setsysinfo primary_os_name "Debian GNU/Linux 11"
sudo ipmitool mc getsysinfo primary_os_name

8. Configuration

  • Log in as delta on tbhf-kvm-mrm using PuTTY.

  • Enter the following commands at a Command Line.

    # Prevent ethtool syslog messages.
sudo apt-get remove ethtool

# Prevent os-prober syslog messages.
sudo apt-get remove os-prober

sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
sudo apt-get autoremove
sudo apt-get autoclean

cat /etc/debian_version
df

sudo apt-get --yes install net-tools    # Contains ifconfig command.
sudo delta setup snmp-server 10.10.1.12 # Install and configure snmp server.
sudo delta setup vim                    # Install and configure vim editor for each user.

sudo check-syslog
sudo zgrep -i 'systemd-networkd-wait-online' /var/log/syslog*
sudo zgrep -i 'lost carrier' /var/log/syslog*

9. PowerChute Network Shutdown

9.1. Installation

  • Enter the following commands at a Command Line.

    sudo delta setup apache         # Set up apache web server.

scp -p delta@tbhf-anc-mrm:/media/Windows/Software/APC/pcns441Linux-x86-64.tar.gz .
tar xfz pcns441Linux-x86-64.tar.gz
cd Linux_x64
sudo ./install.sh

  • Press Enter for the default English language.

  • Type q to quit the license terms.

  • Type yes and press Enter to agree with the license terms.

  • Press Enter for the default /opt/APC/PowerChute installation directory.

  • Type Yes and press Enter to install PCNS.

  • Enter the following commands at a Command Line.

    cd
rm -rf Linux_x64
sudo service PowerChute status

9.2. Configuration

  • Note: Make sure to disable the proxy server.

  • Browse to https://10.10.1.11:6547.

  • Click Next.

  • Uncheck Join PowerChute Customer Experience Improvement Program ("CEIP").

  • Click Next.

  • Choose IPv4.

  • Click Next.

  • Choose Redundant.

  • Click Next.

  • Password requirements:

    • Must be between 8-128 characters.

    • Must contain at least one digit character.

    • Must contain at least one lower case character.

    • Must contain at least one upper case character.

    • Must contain at least one special character.

  • Type the Network Card Management user name (apc) in the User Name field.

  • Type the APC PowerChute password in the Password field.

  • Type the Network Management Card PowerChute authentication phrase in the Authentication Phrase field.

  • Click Next.

  • Select Protocol | http.

  • Click Network Management Cards | Add IP Address.

  • Type 10.10.1.57 and click OK.

  • Click Network Management Cards | Add IP Address.

  • Type 10.10.1.58 and click OK.

    Protocol                                http
Port                                    80
Network Management Cards
10.10.1.57
10.10.1.58

  • Click Next.

    Username:                               apc
Password:                               *****
Authentication Phrase:                  *****
PowerChute IP:                          10.10.1.11
UPS Configuration:                      Redundant
Network Management Card IP:             10.10.1.57
                                        10.10.1.58
Network Management Card Protocol:       http
Network Management Card Port:           80

  • Click Apply.

  • Wait.

  • Click Next.

  • Select Outlet Group: | UPS Outlets: On for the 10.10.1.58 UPS.

  • Click Apply.

  • Click Next.

  • Choose Do not turn off the UPS.

  • Click Next.

    Automatically check for PowerChute update notifications.        ■

  • Click Finish.

  • Select Logout.

9.3. Uninstallation

  • Enter the following commands at a Command Line.

    sudo /opt/APC/PowerChute/uninstall

  • Type Yes and press Enter to uninstall PowerChute Network Shutdown.

9.4. Usage

  • Note: Make sure to disable the proxy server.

  • Browse to https://10.10.1.11:6547.

  • Type apc for the user name.

  • Type the PowerChute password.

  • Click Log on.

  • Select Logout.

10. KVM

10.1. Installation

  • Enter the following commands at a Command Line.

    sudo delta setup kernel-firmware                # Install and configure kernel firmware.
sudo delta setup kvm                            # Install and configure kvm type 1 hypervisor.
sudo systemctl status libvirtd

# Make Debian 11 known as an os variant.
sudo apt-get install curl
sudo apt-get install libosinfo-bin
# Browse to http://http.us.debian.org/debian/pool/main/o/osinfo-db to find latest package.
curl -L -O http://http.us.debian.org/debian/pool/main/o/osinfo-db/osinfo-db_0.20220214-1_all.deb
sudo dpkg -i osinfo-db_0.20220214-1_all.deb

# List os variants for Debian.
osinfo-query os | grep -i debian

10.2. Configuration

  • Enter the following commands at a Command Line.

    sudo mkdir -p /home/kvm/images
mkdir -p /home/delta/images

sudo adduser delta kvm
sudo adduser delta libvirt

# log of & log on
# sudo systemctl restart libvirtd

ls -al /usr/lib/qemu/qemu-bridge-helper
sudo chmod u+s /usr/lib/qemu/qemu-bridge-helper
ls -al /usr/lib/qemu/qemu-bridge-helper

# https://blog.christophersmart.com/2016/08/31/configuring-qemu-bridge-helper-after-access-denied-by-acl-file-error
sudo mkdir -p /etc/qemu
echo "allow all" | sudo tee /etc/qemu/delta.conf
echo "include /etc/qemu/delta.conf" | sudo tee --append /etc/qemu/bridge.conf
cat /etc/qemu/bridge.conf               # include /etc/qemu/delta.conf
cat /etc/qemu/delta.conf                        # allow all
sudo chmod 640 /etc/qemu/delta.conf
sudo chown root:delta /etc/qemu/delta.conf
ls -al /etc/qemu/bridge.conf            # -rw-r--r-- 1 root root 28 2022-03-16 16:35:56 /etc/qemu/bridge.conf
ls -al /etc/qemu/delta.conf             # -rw-r----- 1 root delta 10 2022-03-16 16:34:30 /etc/qemu/delta.conf

10.3. Create KVM vm

  • Enter the following commands at a Command Line.

    # Create virtual machine in user space.
virt-install \
  --disk format=qcow2,path=/home/delta/images/tbhf-anc-mrm.qcow2,size=100 \
  --extra-args "console tty0 console=ttyS0,115200n8 serial" \
  --graphics none \
  --location http://deb.debian.org/debian/dists/stable/main/installer-amd64 \
  --memory 2048 \
  --name tbhf-anc-mrm \
  --network bridge=br0 \
  --os-variant debian11 \
  --vcpus 1 \
  --virt-type kvm

10.4. Destroy KVM vm

  • Enter the following commands at a Command Line.

    sudo ls -al /home/kvm/images
sudo ls -al /home/delta/images
sudo virsh list --all
sudo virsh shutdown <vm>        # Graceful shut down.
sudo virsh list --all
sudo virsh destroy <vm>         # Forced shut down.
sudo virsh undefine --domain <vm> --remove-all-storage
sudo virsh list --all
sudo ls -al /home/kvm/images
sudo ls -al /home/delta/images

10.5. Usage

  • Enter the following commands at a Command Line.

    sudo virsh list --all
sudo virsh pool-list --all
sudo virsh start <vm>
sudo virsh shutdown <vm>

sudo ls -al /var/lib/libvirt/images
sudo ls -al /home/kvm/images

10.5.1. Idle VM Backup

  • Enter the following commands at a Command Line.

    ls -al /home/kvm/images
sudo virsh list --all
sudo virsh shutdown tbhf-tst-mrm
ls -al /home/kvm/images
sudo chown libvirt-qemu:libvirt-qemu /home/kvm/images/tbhf-tst-mrm.qcow2
ls -al /home/kvm/images
sudo virsh list --all
sudo cp -a /home/kvm/images/tbhf-tst-mrm.qcow2 /home/kvm/backups
sudo cp -a /etc/libvirt/qemu/tbhf-tst-mrm.xml   /home/kvm/backups
sudo virsh dumpxml tbhf-tst-mrm > /home/kvm/backups/tbhf-tst-mrm-dump.xml
sudo chown delta:delta /home/kvm/backups/tbhf-tst-mrm.qcow2
sudo chown delta:delta /home/kvm/backups/tbhf-tst-mrm.xml
ls -al /home/kvm/backups
sudo virsh start tbhf-tst-mrm
sudo virsh list --all
ls -al /home/kvm/images

10.5.2. Live VM Backup

  • Enter the following commands at a Command Line.

    sudo virsh domblklist tbhf-tst-mrm
sudo virsh snapshot-create-as --domain tbhf-tst-mrm tbhf-tst-mrm \
  --diskspec vda,file=/home/kvm/overlays/tbhf-tst-mrm.qcow2 \
  --disk-only --atomic --no-metadata
sudo virsh domblklist tbhf-tst-mrm

sudo cp -a /home/kvm/images/tbhf-tst-mrm.qcow2 /home/kvm/backups/tbhf-tst-mrm.qcow2
sudo virsh blockcommit --domain tbhf-tst-mrm vda --active --pivot --verbose
sudo virsh domblklist tbhf-tst-mrm
sudo rm -f /home/kvm/overlays/tbhf-tst-mrm.qcow2

sudo cp -a /etc/libvirt/qemu/tbhf-tst-mrm.xml /home/kvm/backups
sudo virsh dumpxml tbhf-tst-mrm > /home/kvm/backups/tbhf-tst-mrm-dump.xml
sudo chown delta:delta /home/kvm/backups/tbhf-tst-mrm.qcow2
sudo chown delta:delta /home/kvm/backups/tbhf-tst-mrm.xml

qemu-img convert -O qcow2 /home/kvm/backups/tbhf-tst-mrm.qcow2 /home/kvm/backups/tbhf-tst-mrm-shrunk.qcow2
qemu-img info /home/kvm/backups/tbhf-tst-mrm-shrunk.qcow2

qemu-img resize /home/kvm/backups/tbhf-tst-mrm-shrunk.qcow2 +5G
qemu-img info /home/kvm/backups/tbhf-tst-mrm-shrunk.qcow2

10.5.3. Restore

  • Enter the following commands at a Command Line.

    sudo virsh list --all
sudo virsh shutdown tbhf-tst-mrm
sudo virsh undefine --domain tbhf-tst-mrm --remove-all-storage
sudo virsh list --all
sudo vdir /home/kvm/images
sudo cp -a /home/kvm/backups/tbhf-tst-mrm.qcow2 /home/kvm/images
qemu-img resize /home/kvm/images/tbhf-tst-mrm.qcow2 +5G
sudo vdir /home/kvm/images
sudo vdir /etc/libvirt/qemu
sudo cp -a /home/kvm/backups/tbhf-tst-mrm.xml /etc/libvirt/qemu
sudo vdir /etc/libvirt/qemu
sudo virsh list --all
sudo virsh define /etc/libvirt/qemu/tbhf-tst-mrm.xml
sudo virsh list --all
sudo virsh start tbhf-tst-mrm
sudo virsh list --all

10.5.4. Restore Test

  • Enter the following commands at a Command Line.

    backup="tbhf-tst-mrm"
target="delta-restore"
/bin/cp -a      "/home/kvm/backups/${backup}-conv.qcow2" "/home/kvm/images/${target}.qcow2"
sudo chown libvirt-qemu:libvirt-qemu "/home/kvm/images/${target}.qcow2"
ls -al /home/kvm/images

sudo virsh list --all
sudo virsh shutdown "${backup}"
sudo virsh list --all

sudo virt-install --name=${target} \
--check all=off \
--disk path=/home/kvm/images/${target}.qcow2,format=qcow2,size=100 \
--graphics none \
--import \
--network bridge:br0 \
--os-variant=debian10 \
--ram=2048 \
--vcpus=1

  • Press Ctrl + ] to quit the KVM guest console.

    sudo virsh list --all

  • Log in as delta on tbhf-tst-mrm using PuTTY.

  • Enter the following commands at a Command Line.

    hostname
ip address
exit

  • Enter the following commands at a Command Line.

    sudo virsh list --all
sudo virsh shutdown "${target}"
sudo virsh start "${backup}"

sudo virsh undefine --domain "${target}"
rm -f "/home/kvm/images/${target}.qcow2"

sudo virsh list --all
ls -al /home/kvm/images

10.5.5. Snapshots

  • Note: snapshot-revert: Be aware that this is a destructive action. Any changes in the domain since the last snapshot was taken will be lost. Also note that the state of the domain after snapshot-revert has completed will be the state of the domain at the time the original snapshot was taken.

  • Enter the following commands at a Command Line.

    # Create snapshot.
sudo virsh list --all                                   # List domains.
sudo virsh shutdown --domain <domain>                   # Shut down domain.
sudo virsh list --all                                   # Check domain is shut off.
sudo virsh snapshot-create-as --domain <domain>         # Create snapshot.
sudo virsh start --domain <domain>                      # Start domain.
sudo virsh list --all                                   # Check domain is running.

# List domain info.
sudo virsh snapshot-list --domain <domain>              # List snapshots.
sudo virsh snapshot-info --current --domain <domain>    # List detailed info
sudo qemu-img info --force-share /home/kvm/images/<domain>.qcow2        # List snapshot sizes.

# Do your thing on <domain>.

# Delete snapshot (keep changes).
sudo virsh snapshot-delete --current --domain <domain>  # Delete current snapshot.

# Revert snapshot (lose changes).
sudo virsh snapshot-revert --current --domain <domain>  # Revert current snapshot.
sudo virsh start --domain <domain>                      # Start domain.
sudo virsh list --all                                   # Check domain is running.
sudo virsh snapshot-delete --current --domain <domain>  # Delete current snapshot.

10.6. Cron Jobs

  • Enter the following commands at a Command Line.

    sudo delta setup exim                           # Install and configure exim message transfer agent.
sudo delta setup share SMRU-SRV Teams$          # Add Teams$ (itadmin) share to /etc/fstab.
sudo delta setup share SMRU-HyperV01 Windows$   # Add Windows$ (winaccess) share to /etc/fstab.
sudo crontab -e                                 # Append following line to cron jobs.
    00 20 * * * /usr/local/sbin/backup kvm tbhf-ops-mrm tbhf-tst-mrm

10.7. Smartmontools

  • Enter the following commands at a Command Line.

    sudo delta setup smartmontools          # Install and configure smartmontools.

11. LXC

11.1. Installation

  • Enter the following commands at a Command Line.

    sudo apt-get install bridge-utils debootstrap lxc
sudo systemctl status lxc-net
sudo systemctl --type service
ip address

11.2. Configuration

  • Enter the following commands at a Command Line.

    sudo mkdir -p /home/lxc
sudo mount --bind /home/lxc /var/lib/lxc
sudo cp -a /etc/fstab /etc/fstab.org

file="/etc/lxc/default.conf"
# Back up original file if backup file is missing.
if [ -f "${file}" ] && [ ! -f "${file}.org" ]; then cp -a "${file}" "${file}.org"; fi

sudo sed -i "s/lxcbr0/br0/" "${file}"
sudo sed -i "$ a lxc.start.auto = 1" "${file}"
sudo sed -i "$ a lxc.start.delay = 5" "${file}"
diff /etc/lxc/default.conf.org /etc/lxc/default.conf
sudo systemctl restart lxc-net
sudo systemctl status lxc-net

  • Contents of the /etc/fstab file.

    /home/lxc       /var/lib/lxc    none    bind

11.3. Create LXC container

  • Enter the following commands at a Command Line.

    # Note: The very first time debootstrap is called which takes about 2 minutes.
# Note: The update-rc.d: errors can be safely ignored.
# Note: The invoke-rc.d: errors can be safely ignored.
# Note: Type "lxc-create -t debian -h" to see the template options.

# Create privileged container.
sudo lxc-create --name tbhf-aaa-mrm --template debian -- -r bullseye
sudo ls -al /home/lxc

# Make sure to modify the /etc/network/interfaces file.
sudo lxc-info tbhf-aaa-mrm

11.4. Destroy LXC container

  • Enter the following commands at a Command Line.

    sudo lxc-ls
sudo lxc-destroy --name tbhf-aaa-mrm

11.5. Backup LXC container

  • Enter the following commands at a Command Line.

    sudo lxc-snapshot --logpriority=LEVEL --name tbhf-aaa-mrm

11.6. Restore LXC container

  • Enter the following commands at a Command Line.

11.7. Usage

  • Enter the following commands at a Command Line.

    sudo lxc-info tbhf-aaa-mrm
sudo lxc-ls
sudo lxc-ls --fancy
sudo lxc-start  --name tbhf-aaa-mrm
sudo lxc-attach --name tbhf-aaa-mrm

# Inside container.
ip address
cat /etc/network/interfaces
cat /etc/resolv.conf
ls -al /etc/resolv.conf

apt-get install iputils-ping
apt-get install vim.tiny

exit

12. LXD

12.1. Installation

  • Enter the following commands at a Command Line.

    sudo apt-get update
sudo apt-get install snapd
sudo snap install lxd


file="/etc/sudoers"
# Back up original file if backup file is missing.
if [ -f "${file}" ] && [ ! -f "${file}.org" ]; then cp -a "${file}" "${file}.org"; fi
# Add path.
sudo sed -i "s|secure_path=\"\(.*\)\"|secure_path=\"\1:/snap/bin\"|g" "${file}"

# Log off and log in again.
which lxd
sudo which lxd                          # /snap/bin/lxd
lxd --version                           # 5.0.0
sudo lxd --version                      # 5.0.0

12.2. Configuration

  • Enter the following commands at a Command Line.

    ls -al /home

#
sudo lxc config set core.https_address :8443
sudo lxc config set core.trust_password ********        # Use level 2 password.

12.2.1. Shared btrfs partition

  • Enter the following commands at a Command Line.

    sudo lxd init
# Press Enter (default=no) for no LXD clustering.
# Press Enter (default=yes) to configure a new storage pool.
# Press Enter (default=default) for the name of the new storage pool.
# Press Enter (default=btrfs) for btrfs storage backend.
# Type "no" and press Enter (default=yes) to skip creating a new btrfs storage pool.
# Type "/home" and press Enter for the name to the existing BTRFS pool or dataset.
# Press Enter (default=no) to skip connecting to a MAAS server.
# Type "no" and Press Enter (default=yes) to skip creating a new local network bridge.
# Type "yes" and Press Enter (default=no) to use an existing bridge or host interface.
# Type "br0" and press Enter for the name of the existing bridge or host interface.
# Press Enter (default=no) for the LXD server not to be available over the network.
# Type "no" and press Enter (default=yes) for stale cached images not to be updated automatically.
# Type "yes" and press Enter (default=no) for a YAML "lxd init" preseed to be printed.
    Would you like to use LXD clustering? (yes/no) [default=no]:
Do you want to configure a new storage pool? (yes/no) [default=yes]:
Name of the new storage pool [default=default]:
Name of the storage backend to use (btrfs, dir, lvm, ceph) [default=btrfs]:
Create a new BTRFS pool? (yes/no) [default=yes]: no
Name of the existing BTRFS pool or dataset: /home
Would you like to connect to a MAAS server? (yes/no) [default=no]:
Would you like to create a new local network bridge? (yes/no) [default=yes]: no
Would you like to configure LXD to use an existing bridge or host interface? (yes/no) [default=no]: yes
Name of the existing bridge or host interface: br0
Would you like the LXD server to be available over the network? (yes/no) [default=no]:
Would you like stale cached images to be updated automatically? (yes/no) [default=yes]: no
Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: yes
    config:
  images.auto_update_interval: "0"
networks: []
storage_pools:
- config:
    source: /home
  description: ""
  name: default
  driver: btrfs
profiles:
- config: {}
  description: ""
  devices:
    eth0:
      name: eth0
      nictype: bridged
      parent: br0
      type: nic
    root:
      path: /
      pool: default
      type: disk
  name: default
projects: []
cluster: null

12.2.2. Separate btrfs partition

  • Enter the following commands at a Command Line.

    sudo apt-get install btrfs-progs
sudo mkdir -p /pool
sudo mkfs.btrfs /dev/sdb1

sudo fdisk -l /dev/sdb
sudo lsblk -f /dev/sdb
cat /etc/fstab
    Disk /dev/sdb: 223.5 GiB, 239981297664 bytes, 468713472 sectors
Disk model: VIRTUAL DISK
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xa7fdfc65

Device     Boot Start       End   Sectors   Size Id Type
/dev/sdb1        2048 468713471 468711424 223.5G 83 Linux


NAME   FSTYPE FSVER LABEL UUID                                 FSAVAIL FSUSE% MOUNTPOINT
sdb
└─sdb1 btrfs              49b6ebdc-364f-4765-83cf-d27fe1e9e84c


# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# systemd generates mount units based on this file, see systemd.mount(5).
# Please run 'systemctl daemon-reload' after making changes here.
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
# / was on /dev/sda1 during installation
UUID=42b357fb-6846-4ae7-9ada-65de2568c180 /               ext4    errors=remount-ro 0       1
# swap was on /dev/sda5 during installation
UUID=eb183fe3-5eca-4f36-a4b3-86907bb68175 none            swap    sw              0       0
/dev/sr0        /media/cdrom0   udf,iso9660 user,noauto     0       0
# /pool was on /dev/sdb1 during installation
UUID=49b6ebdc-364f-4765-83cf-d27fe1e9e84c /pool           btrfs    defaults       0       0

  • Enter the following commands at a Command Line.

    sudo lxd init
# Press Enter (default=no) for no LXD clustering.
# Press Enter (default=yes) to configure a new storage pool.
# Press Enter (default=default) for the name of the new storage pool.
# Press Enter (default=btrfs) for btrfs storage backend.
# Type "no" and press Enter (default=yes) to skip creating a new btrfs storage pool.
# Type "/pool" and press Enter for the name to the existing BTRFS pool or dataset.
# Press Enter (default=no) to skip connecting to a MAAS server.
# Type "no" and Press Enter (default=yes) to skip creating a new local network bridge.
# Type "yes" and Press Enter (default=no) to use an existing bridge or host interface.
# Type "br0" and press Enter for the name of the existing bridge or host interface.
# Press Enter (default=no) for the LXD server not to be available over the network.
# Type "no" and press Enter (default=yes) for stale cached images not to be updated automatically.
# Type "yes" and press Enter (default=no) for a YAML "lxd init" preseed to be printed.
    config:
  images.auto_update_interval: "0"
networks: []
storage_pools:
- config:
    source: /pool
  description: ""
  name: default
  driver: btrfs
profiles:
- config: {}
  description: ""
  devices:
    eth0:
      name: eth0
      nictype: bridged
      parent: br0
      type: nic
    root:
      path: /
      pool: default
      type: disk
  name: default
projects: []
cluster: null

12.3. Images

  • Note: All images use systemd-networkd.service instead of networking.service.

  • Enter the following commands at a Command Line.

  • Enter the following commands at a Command Line with root privileges.

    lxc remote list
lxc image list images: debian bullseye amd64

12.4. Usage

  • Enter the following commands at a Command Line.

  • Enter the following commands at a Command Line with root privileges.

    sudo lxc list -c ns46tS,boot.autostart

# Create container.
sudo lxc launch images:debian/11 tbhf-aaa-mrm

# Create virtual machine.
sudo lxc launch images:debian/11 tbhf-bbb-mrm --vm

sudo lxc list
sudo lxc info tbhf-aaa-mrm
sudo lxc info tbhf-bbb-mrm

# Prevent apparmor="DENIED" operation="mount" syslog messages for containers.
# See https://discuss.linuxcontainers.org/t/apparmor-denied-operation-mount/2424/17
sudo lxc config set tbhf-aaa-mrm security.nesting true

# Attach to console, to detach from console, press <ctrl>+a q
sudo lxc console tbhf-aaa-mrm
sudo lxc console tbhf-bbb-mrm

# Start shell inside container or virtual machine.
sudo lxc exec tbhf-aaa-mrm -- /bin/bash
sudo lxc exec tbhf-bbb-mrm -- /bin/bash

# Delete container.
sudo lxc stop   tbhf-aaa-mrm
sudo lxc stop   debian11 --force
sudo lxc delete tbhf-aaa-mrm

# Backup container.
sudo lxc snapshot tbhf-aaa-mrm 2022-04-13
sudo ls -al /home/containers-snapshots/tbhf-aaa-mrm/2022-04-13
sudo lxc info tbhf-aaa-mrm
sudo lxc publish --force tbhf-aaa-mrm/2022-04-13 --alias tbhf-aaa-mrm-BACKUP-2022-04-13-IMAGE
sudo lxc image info tbhf-aaa-mrm-BACKUP-2022-04-13-IMAGE
# Export lxc image to image.tar.gz file.
sudo lxc image export tbhf-aaa-mrm-BACKUP-2022-04-13-IMAGE tbhf-aaa-mrm-BACKUP-2022-04-13-IMAGE
ls -al tbhf-aaa-mrm-BACKUP-2022-04-13-IMAGE.tar.gz

# Cleanup container snapshots.
sudo lxc delete tbhf-aaa-mrm/2022-04-13                         # Delete snapshot.
sudo lxc image delete tbhf-aaa-mrm-BACKUP-2022-04-13-IMAGE      # Delete image.
# sudo rm tbhf-aaa-mrm-BACKUP-2022-04-13-IMAGE.tar.gz           # Delete published image.

# Restore container.
sudo lxc image import tbhf-aaa-mrm-BACKUP-2022-04-13-IMAGE.tar.gz --alias tbhf-aaa-mrm-restored
sudo lxc image list
sudo lxc launch tbhf-aaa-mrm-restored tbhf-aaa-mrm
sudo lxc list

# Backup virtual machine.
sudo lxc snapshot debian11 2022-04-26
sudo ls -al /home/virtual-machines-snapshots/debian11/2022-04-26
sudo lxc info debian11
sudo lxc publish --force debian11/2022-04-26 --alias debian11-BACKUP-2022-04-26-IMAGE
#       qemu-img convert -f raw -O qcow2 -c -T none -t none /var/snap/lxd/common/lxd/storage-pools/default/virtual-machines-snapshots/win10b/2022-04-27/root.img /var/snap/lxd/common/lxd/images/lxd_export_2189678916/rootfs.img
#       See https://github.com/lxc/lxd/issues/5509
        sudo lxc storage show default
        sudo lxc storage list

# Export lxc image to image.tar.gz file.
sudo lxc image export debian11-BACKUP-2022-04-26-IMAGE debian11-BACKUP-2022-04-26-IMAGE
ls -al debian11-BACKUP-2022-04-26-IMAGE.tar.gz

# Cleanup virtual machine snapshots.
sudo lxc delete debian11/2022-04-26                     # Delete snapshot.
sudo lxc image delete debian11-BACKUP-2022-04-26-IMAGE  # Delete image.
sudo lxc image delete debian11                          # Delete image.                 ???
# sudo rm debian11-BACKUP-2022-04-26-IMAGE.tar.gz       # Delete published image.

# Restore virtual machine.
sudo lxc stop debian11
sudo lxc delete debian11/2022-04-26     # Remove snapshot.
#       Error: Failed setting subvolume writable "/var/snap/lxd/common/lxd/storage-pools/default/virtual-machines-snapshots/debian11/2022-04-26":
#       Failed to run: btrfs property set -ts /var/snap/lxd/common/lxd/storage-pools/default/virtual-machines-snapshots/debian11/2022-04-26 ro false:
#       ERROR: Could not set subvolume flags: Read-only file system
# Workaround:   sudo btrfs subvolume delete /home/images/b5230ba66e21c7718f887d3f58235ae204bc3d4aa9093a983e25a82d76026dd0
# Workaround:   sudo btrfs subvolume delete /home/virtual-machines-snapshots/debian11/2022-04-26

# Moving to a different storage pool.
# See https://discuss.linuxcontainers.org/t/change-storage-size-and-driver/6097

sudo lxc delete debian11
sudo lxc image import debian11-BACKUP-2022-04-26-IMAGE.tar.gz --alias debian11-restored
sudo lxc image list
sudo lxc launch debian11-restored debian11
sudo lxc list

sudo lxc delete debian11
sudo lxc init debian11-restored debian11 --vm --config security.secureboot=false --config limits.cpu=1 --config limits.memory=2GB
sudo lxc start debian11

sudo lxc stop debian11 --force
sudo lxc delete debian11
sudo lxc launch debian11-restored debian11 --console --vm
sudo lxc start debian11 --console

#       BdsDxe: failed to load Boot0001 "UEFI QEMU QEMU HARDDISK " from PciRoot(0x0)/Pci(0x1,0x1)/Pci(0x0,0x0)/Scsi(0x0,0x1): Not Found
#       >>Start PXE over IPv4.

sudo lxc stop win10 --force
sudo lxc delete win10
sudo lxc launch win10-restored win10 --console --vm
sudo lxc start win10 --console

#       BdsDxe: failed to load Boot0001 "UEFI QEMU QEMU HARDDISK " from PciRoot(0x0)/Pci(0x1,0x1)/Pci(0x0,0x0)/Scsi(0x0,0x1): Not Found
#       >>Start PXE over IPv4.



# See https://pve.proxmox.com/wiki/OVMF/UEFI_Boot_Entries
# See https://mricher.fr/post/boot-from-an-efi-shell
# Press Esc during boot to enter ?UEFI boot menu?

# Linux:
# Wait several minutes for the SHELL> prompt to show up.
# Wait several minutes for the UEFI Interactive Shell.
# map
# FS0:
# ls
# cd EFI
# ls
# cd debian
# ls
# grubx64.efi
# IF: Command Error Status: Access Denied THEN Disable Secure Boot.
# sudo fdisk -l
# Fix boot error.
# sudo grub-install /dev/sda


# Windows:
# Wait several minutes for the SHELL> prompt to show up.
# Wait several minutes for the UEFI Interactive Shell.
# map
# BLK0:
# exit  -->



# Auto start.
sudo lxc config set <instance> boot.autostart false
sudo lxc config set <instance> boot.autostart true
sudo lxc list -c ns46tS,boot.autostart
sudo find /home -iname backup.yaml -print -exec sudo grep boot.autostart {} \;
sudo lxc image info debian11-BACKUP-2022-04-26-IMAGE

# Profiles.
sudo lxc profile list
sudo lxc profile show default

13. VGA Console Access

  • Install LXC Client.

  • Install VirtViewer.

  • Enter the following commands at a Command Prompt.

    lxc.exe remote add tbhf-lxd-mrm 10.10.1.8
lxc.exe remote add tbhf-tst-mrm 10.10.1.8
# Type "y" and press Enter to accept the fingerprint.
# Type the level 2 password and press Enter.

lxc.exe remote switch tbhf-lxd-mrm
lxc.exe remote switch tbhf-tst-mrm
lxc.exe config show
lxc.exe list
lxc.exe list -c ns46tS,boot.autostart
lxc.exe console win10 --type=vga

  • Press Shift+F10 to open a Command Prompt.

  • Enter the following commands at the Command Line.

    setup.exe /unattend:D:\Unattend-x64-Enterprise.xml

14. Instance Configuration

  • Enter the following commands at a Command Line with root privileges.

    cat /etc/debian_version
ip address
systemctl --type service
ls -al /etc/resolv.conf
cat    /etc/resolv.conf

scp -p delta@10.10.1.2:/media/Windows/Software/_Delta/delta-linux-tools-#.#.#-1-all.deb .
dpkg -i delta-linux-tools-#.#.#-1-all.deb

delta config systemd-ethernet eth0   10.10.1.241 10.10.1.170 10.10.1.1 smru.shoklo-unit.com     # container.
delta config systemd-ethernet enp5s0 10.10.1.242 10.10.1.170 10.10.1.1 smru.shoklo-unit.com     # vm.

# Only do for virtual machines.
delta config kernel net.ifnames=0       # Disable consistent network device names.

  • Restart the computer.

  • Enter the following commands at a Command Line with root privileges.

    ip address
ls -al /etc/resolv.conf
cat    /etc/resolv.conf

delta config apt                        # Configure apt repositories.
delta config apt 10.10.1.170:8080       # Configure apt repositories with proxy server.

delta install basic-tools               # Install basic commands like curl and wget.

delta setup bash                        # Install and configure bash shell for each user.
delta setup cron                        # Install and configure cron.
delta setup editor                      # Install and set default editor to vim.tiny for each user.
delta setup locale                      # Install and configure locale.
delta setup timezone                    # Install and configure time zone.
delta setup user "delta" "Delta" "live" # Add "delta" user account with "live" password.
passwd                                  # Change password of "root" user account.
passwd delta                            # Change password of "delta" user account.

delta setup inventory                   # Install and configure inventory.
delta setup openssh                     # Install and configure openssh server.
delta setup sudo                        # Install and configure sudo for each user.

  • Restart the computer.

  • Enter the following commands at a Command Line.

    sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
sudo apt-get autoremove
sudo apt-get autoclean

cat /etc/debian_version
df

sudo delta setup snmp-server 10.10.1.12 # Install and configure snmp server.
sudo delta setup vim                    # Install and configure vim editor for each user.

# Only do for virtual machines.
sudo check-syslog
sudo grep -Ei --color=always "bad |brok|cann|crit|deni|err:|erro|fail|igno|insu|leak|lost|miss|not |such|unab|warn" /var/log/syslog
sudo zgrep -i 'systemd-networkd-wait-online' /var/log/syslog*
sudo zgrep -i 'lost carrier' /var/log/syslog*

15. Advanced Instance Configuration

  • Contents of the /etc/apt/apt.conf.d/proxy.conf file.

    Acquire::http::Proxy "http://10.10.1.170:8080";
Acquire::https::Proxy "http://10.10.1.170:8080";

#Acquire {
#  HTTP::proxy "http://127.0.0.1:8080";
#  HTTPS::proxy "http://127.0.0.1:8080";
#}

  • Enter the following commands at a Command Line.

    apt-get update
apt-get install spice-client-gtk
apt-get install lxde
apt-get install xrdp

snap set system proxy.http="http://10.10.1.170:8080"
snap set system proxy.https="http://10.10.1.170:8080"

16. Debian VM On LXD

  • Enter the following commands at a Command Line.

    folder="/media/Windows/Images/Debian/Debian 11"
file="debian-11.6.0-amd64-netinst.iso"

# Create an empty virtual machine.
sudo lxc init debian11 --empty --vm --config security.secureboot=false --config limits.cpu=1 --config limits.memory=2GB
# Add iso file as boot drive.
# By default root disk has boot priority of 1.
sudo lxc config device add debian11 iso disk source="${folder}/${file}" boot.priority=10
sudo lxc config show debian11

sudo lxc list
sudo lxc start debian11

# Remote to the virtual machine from Windows.
# lxc.exe console debian11 --type=vga

# Remove boot drive.
sudo lxc config device remove debian11 iso

17. Windows VM On LXD

17.1. Preparation

  • First create a new iso file with the unattend files included.

  • Install Windows ADK.

  • Enter the following commands at a Command Prompt with administrative privileges.

    # Extract iso file and add unattend files.
set "Folder=W:\Images\Windows\Windows 10\21H2"
set "File=en-us_windows_10_business_editions_version_21h2_x64_dvd_ce067768.iso"
rmdir /q /s "%Folder%\Tmp"
"C:\Program Files\7-Zip\7z.exe" x -y -o"%Folder%\Tmp" "%Folder%\%File%"
copy W:\Unattend-x64-*.xml "%Folder%\Tmp"
copy W:\Unattend-x86-*.xml "%Folder%\Tmp"

# Create new iso file with unattend files.
set "BootFile="%Folder%\Tmp\boot\etfsboot.com"
set "Label=Windows-10-Enterprise-x64"
set "SourceRoot="%Folder%\Tmp"
set "TargetFile=W:\Windows-10-Enterprise-Unattend-x64.iso"
set "Folder=C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\Oscdimg"
"%Folder%\oscdimg.exe" -u2 -o -l%Label% -b%BootFile% %SourceRoot% %TargetFile%

17.2. Installation

  • Enter the following commands at a Command Line.

    sudo snap install distrobuilder --classic
sudo apt-get install -y libguestfs-tools wimtools

folder="/media/Windows"
file="Windows-10-Enterprise-Unattend-x64.iso"
sudo distrobuilder repack-windows "${folder}/${file}" "${file}"
# Wait about 5 minutes for it to finish.

# Create an empty virtual machine.
sudo lxc init win10 --empty --vm --config security.secureboot=false --config limits.cpu=1 --config limits.memory=2GB
sudo lxc config device override win10 root size=30GiB
# Add iso file as boot drive.
# By default root disk has boot priority of 1.
sudo lxc config device add win10 iso disk source="$(pwd)/${file}" boot.priority=10
sudo lxc config show win10

sudo lxc list
sudo lxc start win10

# Remote to the virtual machine from Windows.
# lxc.exe console win10 --type=vga

# Remove boot drive.
sudo lxc config device remove win10 iso

17.3. Configuration

  • Change the built-in Administrator password.

    • Press Ctrl+Alt+Del.

  • Enable Proxy Server.

    • Start Internet Options (inetcpl.cpl).

    • Select the Connections tab.

    • Click LAN settings.

    • Check Use a proxy server for your LAN.

    • Type 10.10.1.170 in the Address field.

    • Type 8080 in the Port field.

    • Check Bypass proxy server for local addresses.

    • Click OK.

    • Click OK.

    • Close Internet Options.

  • Enable RDP.

    • Start System Properties (sysdm.cpl).

    • Select the Remote tab.

    • Choose Allow remote connections to this computer.

    • Check Allow connections only from computers running Remote Desktop with Network Level Authentication.

    • Click Apply.

    • Click OK.

    • Close System Properties.

18. PMP