MAAS with KVM

From UNamur InfoSec
Jump to navigation Jump to search

Introduction

In addition to provision bare metal machines. MAAS supports adding KVM and LXD servers to the MAAS clous, which allow MAAS to compose VMs in KVM server and manages like any other machines.

Adding existing KVM to MAAS

  1. Creating virtual network in KVM

MAAS need to provide DHCP for VMs to PXE boot. So we can either disable DHCP in existing network, or create new network with DHCP disabled.

To create new virtual network with virt-manager: Start virt-manager -> select QEMU/KVM -> select "edit" -> "connection detail" -> click plus sign to add new connection -> uncheck enable "dhcp4"

  • Allow MAAS to SSH to KVM host
    • Enable SSH on hosts:

      sudo apt install openssh-server

    • Create private and public key for MAAS

      MAAS will use the private key named "id_rsa" in the /var/snap/maas/current/root/.ssh directory. To generate it:

   sudo mkdir -p /var/snap/maas/current/root/.ssh
   cd /var/snap/maas/current/root/.ssh
   sudo ssh-keygen -f id_rsa
  • Add MAAS public key to authorized_keys file
  ssh-copy-id -i id_rsa.pub $USER@$VM_HOST_IP
  Note: the keys generated by previous command need root permission to access them. 
  • Test qemu+ssh command
  If we have virsh client installed, we can use the command check if it is working. 
  virsh -c qemu+ssh://$USER@$VM_HOST_IP/system list --all
  • Add KVM to MAAS
  Go to MAAS dashboard -> KVM -> Add KVM -> select "virsh" -> enter "qemu+ssh://$USER@$VM_HOST_IP/system" with correct user and IP in the address field -> click save
  • To add new VMs
  Click KVM -> select KVM host from list -> Take Action -> Compose -> Fill VM specs -> click Compose

References

https://maas.io/docs/snap/3.1/ui/how-to-manage-vm-hosts