SecGen icon indicating copy to clipboard operation
SecGen copied to clipboard
verified publisher icon cliffe

Requirements for Ovirt Vagrant Base Box/Template

Open jeremytourville opened this issue 6 years ago • 2 comments

I would like to contribute to the project by creating Vagrant base boxes or templates for Ovirt and making them publicly available.

I would like to know if the cloud-init package is required by this project within the vm? I did find and review the README file- https://github.com/cliffe/SecGen/blob/master/README-Creating-Bases.md

I am reviewing the general requirements for Vagrant as well as the comments provided by Marcus Young who developed the Ovirt plugin- https://www.vagrantup.com/docs/boxes/base.html https://github.com/myoung34/vagrant-ovirt4

What about network requirement? VirtualBox seems to be pretty specific but I couldn't find much about Ovirt. :( Does a single NIC work or does there need to be two? (with one being host only)

Thanks for your input.

jeremytourville avatar Jan 21 '20 17:01 jeremytourville

Hi @jeremytourville,

Could you please have a look at the discussion in #163, re: the potential to define and build the bases using Packer.

Networking is a source of mild-frustration.

Currently, cloud-init needs to be installed in the base, but disabled.

Currently, all our bases have one NIC, which SecGen re-configures (after a successful build) to a specified network (as per SecGen's arguments). Until a recent commit, the oVirt plugin for Vagrant only supported one NIC. Apparently, it might support more than one now, but we haven't tested that.

Due to our proxied network, our bases all have our proxy settings (in /etc/environment, /apt/.., and in docker config files (otherwise without Docker pre-installed in the base, SecGen installs it if needed).

We build VMs on one network, and once built they are moved to various networks. For now, these have all been pre-created outside of SecGen. We are looking into introducing OVN networks, which SecGen may be able to create isolated networks per set of VMs built.

Getting Windows bases to work, is requiring changes to Vagrant and the oVirt plugin (partly due to our requirement to use WinSSH rather than WinRM, which Vagrant doesn't have complete support for) -- probably easier to leave that discussion for once you have Linux boxes working though :)

cliffe avatar Jan 29 '20 12:01 cliffe

Also, we use affinity groups to force all the VMs from a set of VMs built by SecGen to run on the same host, when we need that to be the case.

cliffe avatar Jan 29 '20 12:01 cliffe