mirror of
https://github.com/libguestfs/libguestfs.git
synced 2026-03-22 07:03:38 +00:00
ee78c06b7f
SUSE VMDP comes with a replacement for rhsrvany.exe named pvvxsvc.exe. Check for either one of them instead of only rhsrvany.
593 lines
17 KiB
Plaintext
593 lines
17 KiB
Plaintext
=head1 NAME
|
|
|
|
virt-sysprep - Reset, unconfigure or customize a virtual machine so clones can be made
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
virt-sysprep [--options] -d domname
|
|
|
|
virt-sysprep [--options] -a disk.img [-a disk.img ...]
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
Virt-sysprep can reset or unconfigure a virtual machine so that
|
|
clones can be made from it. Steps in this process include removing
|
|
SSH host keys, removing persistent network MAC configuration, and
|
|
removing user accounts. Virt-sysprep can also customize a virtual
|
|
machine, for instance by adding SSH keys, users or logos. Each step
|
|
can be enabled or disabled as required.
|
|
|
|
Virt-sysprep modifies the guest or disk image I<in place>. The guest
|
|
must be shut down. If you want to preserve the existing contents of
|
|
the guest, I<you must snapshot, copy or clone the disk first>. See
|
|
L</COPYING AND CLONING> below.
|
|
|
|
You do I<not> need to run virt-sysprep as root. In fact we'd
|
|
generally recommend that you don't. The time you might want to run it
|
|
as root is when you need root in order to access the disk image, but
|
|
even in this case it would be better to change the permissions on the
|
|
disk image to be writable as the non-root user running virt-sysprep.
|
|
|
|
"Sysprep" stands for "system preparation" tool. The name comes from
|
|
the Microsoft program F<sysprep.exe> which is used to unconfigure
|
|
Windows machines in preparation for cloning them. Having said that,
|
|
virt-sysprep does I<not> currently work on Microsoft Windows guests.
|
|
We plan to support Windows sysprepping in a future version, and we
|
|
already have code to do it.
|
|
|
|
=head1 OPTIONS
|
|
|
|
=over 4
|
|
|
|
=item B<--help>
|
|
|
|
Display brief help.
|
|
|
|
=item B<-a> file
|
|
|
|
=item B<--add> file
|
|
|
|
Add I<file> which should be a disk image from a virtual machine.
|
|
|
|
The format of the disk image is auto-detected. To override this and
|
|
force a particular format use the I<--format> option.
|
|
|
|
=item B<-a> URI
|
|
|
|
=item B<--add> URI
|
|
|
|
Add a remote disk. The URI format is compatible with guestfish.
|
|
See L<guestfish(1)/ADDING REMOTE STORAGE>.
|
|
|
|
=item B<-c> URI
|
|
|
|
=item B<--connect> URI
|
|
|
|
If using libvirt, connect to the given I<URI>. If omitted, then we
|
|
connect to the default libvirt hypervisor.
|
|
|
|
If you specify guest block devices directly (I<-a>), then libvirt is
|
|
not used at all.
|
|
|
|
=item B<-d> guest
|
|
|
|
=item B<--domain> guest
|
|
|
|
Add all the disks from the named libvirt guest. Domain UUIDs can be
|
|
used instead of names.
|
|
|
|
=item B<-n>
|
|
|
|
=item B<--dry-run>
|
|
|
|
Perform a read-only "dry run" on the guest. This runs the sysprep
|
|
operation, but throws away any changes to the disk at the end.
|
|
|
|
=item B<--enable> operations
|
|
|
|
Choose which sysprep operations to perform. Give a comma-separated
|
|
list of operations, for example:
|
|
|
|
--enable ssh-hostkeys,udev-persistent-net
|
|
|
|
would enable ONLY C<ssh-hostkeys> and C<udev-persistent-net> operations.
|
|
|
|
If the I<--enable> option is not given, then we default to trying most
|
|
sysprep operations (see I<--list-operations> to show which are
|
|
enabled).
|
|
|
|
Regardless of the I<--enable> option, sysprep operations are skipped
|
|
for some guest types.
|
|
|
|
Use I<--list-operations> to list operations supported by a particular
|
|
version of virt-sysprep.
|
|
|
|
See L</OPERATIONS> below for a list and an explanation of each
|
|
operation.
|
|
|
|
=item B<--operation> operations
|
|
|
|
=item B<--operations> operations
|
|
|
|
Choose which sysprep operations to perform. Give a comma-separated
|
|
list of operations, for example:
|
|
|
|
--operations ssh-hostkeys,udev-persistent-net
|
|
|
|
would enable ONLY C<ssh-hostkeys> and C<udev-persistent-net> operations.
|
|
|
|
I<--operations> allows you to enable and disable any operation, including
|
|
the default ones (which would be tried when specifying neither
|
|
I<--operations> nor I<--enable>) and all the available ones; prepending
|
|
a C<-> in front of an operation name removes it from the list of enabled
|
|
operations, while the meta-names C<defaults> and C<all> represent
|
|
respectively the operations enabled by default and all the available ones.
|
|
For example:
|
|
|
|
--operations firewall-rules,defaults,-tmp-files
|
|
|
|
would enable the C<firewall-rules> operation (regardless whether it is enabled by
|
|
default), all the default ones, and disable the C<tmp-files> operation.
|
|
|
|
I<--operations> can be specified multiple times; the first time the set
|
|
of enabled operations is empty, while any further I<--operations> affects
|
|
the operations enabled so far.
|
|
|
|
If the I<--operations> option is not given, then we default to trying most
|
|
sysprep operations (see I<--list-operations> to show which are
|
|
enabled).
|
|
|
|
Regardless of the I<--operations> option, sysprep operations are skipped
|
|
for some guest types.
|
|
|
|
Use I<--list-operations> to list operations supported by a particular
|
|
version of virt-sysprep.
|
|
|
|
See L</OPERATIONS> below for a list and an explanation of each
|
|
operation.
|
|
|
|
=item B<--format> raw|qcow2|..
|
|
|
|
=item B<--format> auto
|
|
|
|
The default for the I<-a> option is to auto-detect the format of the
|
|
disk image. Using this forces the disk format for I<-a> options which
|
|
follow on the command line. Using I<--format auto> switches back to
|
|
auto-detection for subsequent I<-a> options.
|
|
|
|
For example:
|
|
|
|
virt-sysprep --format raw -a disk.img
|
|
|
|
forces raw format (no auto-detection) for F<disk.img>.
|
|
|
|
virt-sysprep --format raw -a disk.img --format auto -a another.img
|
|
|
|
forces raw format (no auto-detection) for F<disk.img> and reverts to
|
|
auto-detection for F<another.img>.
|
|
|
|
If you have untrusted raw-format guest disk images, you should use
|
|
this option to specify the disk format. This avoids a possible
|
|
security problem with malicious guests (CVE-2010-3851).
|
|
|
|
=item B<--list-operations>
|
|
|
|
List the operations supported by the virt-sysprep program.
|
|
|
|
These are listed one per line, with one or more single-space-separated
|
|
fields, eg:
|
|
|
|
$ virt-sysprep --list-operations
|
|
bash-history * Remove the bash history in the guest
|
|
cron-spool * Remove user at-jobs and cron-jobs
|
|
dhcp-client-state * Remove DHCP client leases
|
|
dhcp-server-state * Remove DHCP server leases
|
|
[etc]
|
|
|
|
The first field is the operation name, which can be supplied
|
|
to I<--enable>. The second field is a C<*> character if the
|
|
operation is enabled by default or blank if not. Subsequent
|
|
fields on the same line are the description of the operation.
|
|
|
|
Before libguestfs 1.17.33 only the first (operation name) field was
|
|
shown and all operations were enabled by default.
|
|
|
|
=item B<--mount-options> mp:opts[;mp:opts;...]
|
|
|
|
Set the mount options used when libguestfs opens the disk image. Note
|
|
this has no effect on the guest. It is used when opening certain
|
|
guests such as ones using the UFS (BSD) filesystem.
|
|
|
|
Use a semicolon-separated list of C<mountpoint:options> pairs.
|
|
You may need to quote this list to protect it from the shell.
|
|
|
|
For example:
|
|
|
|
--mount-options "/:noatime"
|
|
|
|
will mount the root directory with C<notime>. This example:
|
|
|
|
--mount-options "/:noatime;/var:rw,nodiratime"
|
|
|
|
will do the same, plus mount F</var> with C<rw,nodiratime>.
|
|
|
|
=item B<-q>
|
|
|
|
=item B<--quiet>
|
|
|
|
Don't print log messages.
|
|
|
|
To enable detailed logging of individual file operations, use I<-x>.
|
|
|
|
=item B<-v>
|
|
|
|
=item B<--verbose>
|
|
|
|
Enable verbose messages for debugging.
|
|
|
|
=item B<-V>
|
|
|
|
=item B<--version>
|
|
|
|
Display version number and exit.
|
|
|
|
=item B<-x>
|
|
|
|
Enable tracing of libguestfs API calls.
|
|
|
|
__EXTRA_OPTIONS__
|
|
|
|
=back
|
|
|
|
=head1 OPERATIONS
|
|
|
|
If the I<--enable>/I<--operations> option is I<not> given,
|
|
then most sysprep operations are enabled.
|
|
|
|
Use C<virt-sysprep --list-operations> to list all operations for your
|
|
virt-sysprep binary. The ones which are enabled by default are marked
|
|
with a C<*> character. Regardless of the I<--enable>/I<--operations>
|
|
options, sysprep operations are skipped for some guest types.
|
|
|
|
Operations can be individually enabled using the
|
|
I<--enable>/I<--operations> options.
|
|
Use a comma-separated list, for example:
|
|
|
|
virt-sysprep --operations ssh-hostkeys,udev-persistent-net [etc..]
|
|
|
|
Future versions of virt-sysprep may add more operations. If you are
|
|
using virt-sysprep and want predictable behaviour, specify only the
|
|
operations that you want to have enabled.
|
|
|
|
C<*> = enabled by default when no I<--enable>/I<--operations> option
|
|
is given.
|
|
|
|
__OPERATIONS__
|
|
|
|
=head1 COPYING AND CLONING
|
|
|
|
Virt-sysprep can be used as part of a process of cloning guests, or to
|
|
prepare a template from which guests can be cloned. There are many
|
|
different ways to achieve this using the virt tools, and this section
|
|
is just an introduction.
|
|
|
|
A virtual machine (when switched off) consists of two parts:
|
|
|
|
=over 4
|
|
|
|
=item I<configuration>
|
|
|
|
The configuration or description of the guest. eg. The libvirt
|
|
XML (see C<virsh dumpxml>), the running configuration of the guest,
|
|
or another external format like OVF.
|
|
|
|
Some configuration items that might need to be changed:
|
|
|
|
=over 4
|
|
|
|
=item *
|
|
|
|
name
|
|
|
|
=item *
|
|
|
|
UUID
|
|
|
|
=item *
|
|
|
|
path to block device(s)
|
|
|
|
=item *
|
|
|
|
network card MAC address
|
|
|
|
=back
|
|
|
|
=item I<block device(s)>
|
|
|
|
One or more hard disk images, themselves containing files,
|
|
directories, applications, kernels, configuration, etc.
|
|
|
|
Some things inside the block devices that might need to be changed:
|
|
|
|
=over 4
|
|
|
|
=item *
|
|
|
|
hostname and other net configuration
|
|
|
|
=item *
|
|
|
|
UUID
|
|
|
|
=item *
|
|
|
|
SSH host keys
|
|
|
|
=item *
|
|
|
|
Windows unique security ID (SID)
|
|
|
|
=item *
|
|
|
|
Puppet registration
|
|
|
|
=back
|
|
|
|
=back
|
|
|
|
=head2 COPYING THE BLOCK DEVICE
|
|
|
|
Starting with an original guest, you probably wish to copy the guest
|
|
block device and its configuration to make a template. Then once you
|
|
are happy with the template, you will want to make many clones from
|
|
it.
|
|
|
|
virt-sysprep
|
|
|
|
|
v
|
|
original guest --------> template ---------->
|
|
\------> cloned
|
|
\-----> guests
|
|
\---->
|
|
|
|
You can, of course, just copy the block device on the host using
|
|
L<cp(1)> or L<dd(1)>.
|
|
|
|
dd dd
|
|
original guest --------> template ---------->
|
|
\------> cloned
|
|
\-----> guests
|
|
\---->
|
|
|
|
There are some smarter (and faster) ways too:
|
|
|
|
snapshot
|
|
template ---------->
|
|
\------> cloned
|
|
\-----> guests
|
|
\---->
|
|
|
|
You may want to run virt-sysprep twice, once to reset the guest (to
|
|
make a template) and a second time to customize the guest for a
|
|
specific user:
|
|
|
|
virt-sysprep virt-sysprep
|
|
(reset) (add user, keys, logos)
|
|
| |
|
|
dd v dd v
|
|
original guest ----> template ---------> copied ------> custom
|
|
template guest
|
|
|
|
=over 4
|
|
|
|
=item *
|
|
|
|
Create a snapshot using qemu-img:
|
|
|
|
qemu-img create -f qcow2 -o backing_file=original snapshot.qcow
|
|
|
|
The advantage is that you don't need to copy the original (very fast)
|
|
and only changes are stored (less storage required).
|
|
|
|
Note that writing to the backing file once you have created guests on
|
|
top of it is not possible: you will corrupt the guests.
|
|
|
|
=item *
|
|
|
|
Create a snapshot using C<lvcreate --snapshot>.
|
|
|
|
=item *
|
|
|
|
Other ways to create snapshots include using filesystems-level tools
|
|
(for filesystems such as btrfs).
|
|
|
|
Most Network Attached Storage (NAS) devices can also create cheap
|
|
snapshots from files or LUNs.
|
|
|
|
=item *
|
|
|
|
Get your NAS to duplicate the LUN. Most NAS devices can also
|
|
duplicate LUNs very cheaply (they copy them on-demand in the
|
|
background).
|
|
|
|
=item *
|
|
|
|
Prepare your template using L<virt-sparsify(1)>. See below.
|
|
|
|
=back
|
|
|
|
=head2 VIRT-CLONE
|
|
|
|
A separate tool, L<virt-clone(1)>, can be used to duplicate the block
|
|
device and/or modify the external libvirt configuration of a guest.
|
|
It will reset the name, UUID and MAC address of the guest in the
|
|
libvirt XML.
|
|
|
|
L<virt-clone(1)> does not use libguestfs and cannot look inside the
|
|
disk image. This was the original motivation to write virt-sysprep.
|
|
|
|
=head2 SPARSIFY
|
|
|
|
virt-sparsify
|
|
original guest --------> template
|
|
|
|
L<virt-sparsify(1)> can be used to make the cloning template smaller,
|
|
making it easier to compress and/or faster to copy.
|
|
|
|
Notice that since virt-sparsify also copies the image, you can use it
|
|
to make the initial copy (instead of C<dd>).
|
|
|
|
=head2 RESIZE
|
|
|
|
virt-resize
|
|
template ---------->
|
|
\------> cloned
|
|
\-----> guests
|
|
\---->
|
|
|
|
If you want to give people cloned guests, but let them pick the size
|
|
of the guest themselves (eg. depending on how much they are prepared
|
|
to pay for disk space), then instead of copying the template, you can
|
|
run L<virt-resize(1)>. Virt-resize performs a copy and resize, and
|
|
thus is ideal for cloning guests from a template.
|
|
|
|
=head1 FIRSTBOOT VS SCRIPT
|
|
|
|
The two options I<--firstboot> and I<--script> both supply shell
|
|
scripts that are run against the guest. However these two options are
|
|
significantly different.
|
|
|
|
I<--firstboot script> uploads the file C<script> into the guest
|
|
and arranges that it will run, in the guest, when the guest is
|
|
next booted. (The script will only run once, at the "first boot").
|
|
|
|
I<--script script> runs the shell C<script> I<on the host>, with its
|
|
current directory inside the guest filesystem.
|
|
|
|
If you needed, for example, to C<yum install> new packages, then you
|
|
I<must not> use I<--script> for this, since that would (a) run the
|
|
C<yum> command on the host and (b) wouldn't have access to the same
|
|
resources (repositories, keys, etc.) as the guest. Any command that
|
|
needs to run on the guest I<must> be run via I<--firstboot>.
|
|
|
|
On the other hand if you need to make adjustments to the guest
|
|
filesystem (eg. copying in files), then I<--script> is ideal since (a)
|
|
it has access to the host filesystem and (b) you will get immediate
|
|
feedback on errors.
|
|
|
|
Either or both options can be used multiple times on the command line.
|
|
|
|
=head1 SECURITY
|
|
|
|
Although virt-sysprep removes some sensitive information from the
|
|
guest, it does not pretend to remove all of it. You should examine
|
|
the L</OPERATIONS> above and the guest afterwards.
|
|
|
|
Sensitive files are simply removed. The data they contained may still
|
|
exist on the disk, easily recovered with a hex editor or undelete
|
|
tool. The I<--scrub> option can be used to scrub files instead of
|
|
just deleting them. L<virt-sparsify(1)> is another way to remove this
|
|
content. See also the L<scrub(1)> command to get rid of deleted
|
|
content in directory entries and inodes.
|
|
|
|
=head2 RANDOM SEED
|
|
|
|
I<(This section applies to Linux guests only)>
|
|
|
|
For supported guests, virt-sysprep writes a few bytes of randomness
|
|
from the host into the guest's random seed file.
|
|
|
|
If this is just done once and the guest is cloned from the same
|
|
template, then each guest will start with the same entropy, and things
|
|
like SSH host keys and TCP sequence numbers may be predictable.
|
|
|
|
Therefore you should arrange to add more randomness I<after> cloning
|
|
from a template too, which can be done by enabling just the customize
|
|
module:
|
|
|
|
cp template.img newguest.img
|
|
virt-sysprep --enable customize -a newguest.img
|
|
|
|
=head1 SELINUX
|
|
|
|
For guests which make use of SELinux, special handling for them might
|
|
be needed when using operations which create new files or alter
|
|
existing ones.
|
|
|
|
For further details, see L<virt-builder(1)/SELINUX>.
|
|
|
|
=head1 WINDOWS 8
|
|
|
|
Windows 8 "fast startup" can prevent virt-sysprep from working.
|
|
See L<guestfs(3)/WINDOWS HIBERNATION AND WINDOWS 8 FAST STARTUP>.
|
|
|
|
=head1 EXIT STATUS
|
|
|
|
This program returns 0 on success, or 1 if there was an error.
|
|
|
|
=head1 ENVIRONMENT VARIABLES
|
|
|
|
=over 4
|
|
|
|
=item C<VIRT_TOOLS_DATA_DIR>
|
|
|
|
This can point to the directory containing data files used for Windows
|
|
firstboot installation.
|
|
|
|
Normally you do not need to set this. If not set, a compiled-in
|
|
default will be used (something like F</usr/share/virt-tools>).
|
|
|
|
This directory may contain the following files:
|
|
|
|
=over 4
|
|
|
|
=item F<rhsrvany.exe>
|
|
|
|
This is the RHSrvAny Windows binary, used to install a "firstboot"
|
|
script in Windows guests. It is required if you intend to use the
|
|
I<--firstboot> or I<--firstboot-command> options with Windows guests.
|
|
|
|
See also: C<https://github.com/rwmjones/rhsrvany>
|
|
|
|
=item F<pvvxsvc.exe>
|
|
|
|
This is a Windows binary shipped with SUSE VMDP, used to install a "firstboot"
|
|
script in Windows guests. It is required if you intend to use the
|
|
I<--firstboot> or I<--firstboot-command> options with Windows guests.
|
|
|
|
=back
|
|
|
|
=back
|
|
|
|
For other environment variables, see L<guestfs(3)/ENVIRONMENT VARIABLES>.
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<guestfs(3)>,
|
|
L<guestfish(1)>,
|
|
L<virt-builder(1)>,
|
|
L<virt-clone(1)>,
|
|
L<virt-customize(1)>,
|
|
L<virt-rescue(1)>,
|
|
L<virt-resize(1)>,
|
|
L<virt-sparsify(1)>,
|
|
L<virsh(1)>,
|
|
L<lvcreate(8)>,
|
|
L<qemu-img(1)>,
|
|
L<scrub(1)>,
|
|
L<http://libguestfs.org/>,
|
|
L<http://libvirt.org/>.
|
|
|
|
=head1 AUTHORS
|
|
|
|
Richard W.M. Jones L<http://people.redhat.com/~rjones/>
|
|
|
|
Wanlong Gao, Fujitsu Ltd.
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright (C) 2011-2016 Red Hat Inc.
|
|
|
|
Copyright (C) 2012 Fujitsu Ltd.
|