Install

We are setting up the virtual server smt as a guest on teapot. It will store its SMT data (/srv/www/htdocs/) in a directory in teapot which it will access via 9p sharing.

We have set up teapot using the Virtual Machine Host pattern, so we already have br0.

In /etc/qemu/bridge.conf add the line

allow br0

Create image file:

teapot:~ # mkdir /smt-vm
teapot:~ # qemu-img create /smt-vm/smt.img 8G

Install using virt-install:

teapot:~ # virt-install --boot menu=on,useserial=on                                          \
           --name smt                                                                        \
           --disk /smt-vm/smt.img --memory 4096                                              \
           --location /ext1/isos/suse/sles/11/sp3/x86_64/SLES-11-SP3-DVD-x86_64-GM-DVD1.iso  \
           --boot cdrom                                                                      \
           --extra-args="console=ttyS0,115200"

Run the install. Log in and check the MAC address:

smt:~ # ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:4b:70:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.141/24 brd 192.168.1.255 scope global eth0
    inet6 fe80::5054:ff:fe4b:7002/64 scope link
      valid_lft forever preferred_lft forever

(Add MAC address in a fixed-address stanza on the DHCP server, and add the IP address to the DNS.)

Control using virsh

Shut down the virtual machine and test that we can control it and get a console on it using virsh:

teapot:~ # virsh
virsh # start smt
virsh # console smt

Exit the virsh console with Ctrl-].

How to look inside the image for possible future repair

teapot:~ # losetup -fv /smt-vm/smt.img
teapot:~ # kpartx -av /dev/loop0
add map loop0p1 (254:0): 0 4206592 linear /dev/loop0 2048
add map loop0p2 (254:1): 0 29345792 linear /dev/loop0 4208640
teapot:~ # mount /dev/mapper/loop0p2 /mnt

Adding the storage

teapot:~ # virsh
virsh edit smt

add this for the SMT data directory:

<filesystem type='mount' accessmode='mapped'>
  <source dir='/ext1/smtdata'/>
  <target dir='smtdata'/>
</filesystem>

and this for the installation directory:

<filesystem type='mount' accessmode='mapped'>
  <source dir='/i/install/sles11-sp3'/>
  <target dir='install'/>
</filesystem>

Corresponding to these, add the following entries in /etc/fstab on smt:

smtdata  /srv/www/htdocs  9p  rw,trans=virtio,access=user,version=9p2000.L  0 0
install  /install         9p  ro,trans=virtio,access=user,version=9p2000.L  0 0

Note about permissions / ownership

To avoid problems with permissions / ownership the following combination seemed to be the only thing that worked:

On smt, the mount option version=9p2000.L

On teapot, in /etc/libvirt/qemu.conf the three options:

user = "root"
group = "root"
clear_emulator_capabilities = 0

Without the last of these it seemed impossible for root (smt-mirror runs as root) to create directories under /srv/www/htdocs/repo (owned by smt.www).

The above options are all potentially insecure.

Complete the install

Register the system, install SMT, run yast smt-server (the setup wizard), update.

Switch from NCC to SCC

Changes

I have changed the filesystem definitions so that they look like this:

    <filesystem type='mount' accessmode='passthrough'>
      <source dir='/ext1/smtdata'/>
      <target dir='smtdata'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
    </filesystem>
    <filesystem type='mount' accessmode='passthrough'>
      <source dir='/i/install/sles11-sp3'/>
      <target dir='install'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
    </filesystem>

(Note that the "address type" entries are added automatically when you do virsh edit smt.

And the /etc/fstab entries so that they look like this:

smtdata   /srv/www/htdocs   9p      rw,trans=virtio,version=9p2000.L,posixacl,access=client 0 0
install   /install          9p      ro,trans=virtio,version=9p2000.L,posixacl,access=client 0 0

And on teapot /etc/exports looks like this:

/nfs       *(fsid=0,ro,sync,no_subtree_check)
/nfs/isos  *(ro,all_squash,anonuid=100,anongid=100,no_subtree_check)
/nfs/repo/ *(ro,no_root_squash,no_subtree_check,crossmnt)