Part Two: Install virtualisation and a base virtual server

This is the second part of the tutorial on installing a mail server, refer the overview, or hit the tutorials menu at the top, and look at the mail server tutorial category.

In this section, I explain how to install the virtualisation software on an existing Debian (or, possibly, Ubuntu) server, and create a new virtual machine. I’m assuming that you want to use lvm as the backing store, if you don’t want to do this then you can set up the virtual within a LVM volume or a file, I note where you’d do things differently if you wanted to do that. You can also use drbd as a backing store to allow you to run the same mail server across two different servers without data loss, described here. I’ll mention the point where you should look at that post if you want to do this.

You should check that you’ve installed the right OS version for your base operating system – whilst you can run virtualisation on a 32-bit Linux kernel, it’s generally better to run on 64-bit. A 64-bit host can support 32-bit guests, a 32-bit host cannot support 64-bit guests. There are also memory limitations on 32-bit that get annoying (although unlikely to matter for a mail server).

I also assume that you have a gui environment (an x server, and KDE, Gnome or xfce installed). You can do all this from the command line, but you’ll need to derive the commands for that yourself. Note that you can install the virt-manager package on another machine to manager your server, so you just need to have the gui environment somewhere, not necessarily on your server.

All through this guide I’m assuming you’re logged on as root. If you’re following good system administrator practice and logging on as a relatively unprivileged user, then using sudo when needed, then you’ll need to prefix many of these commands with sudo.

First, make sure your machine is fully up-to-date by issuing an upgrade, if you don’t you may end up being forced into an upgrade part way through, which is annoying.

From the command line, issue the upgrade commands

 aptitude update
 aptitude full-upgrade

Once the upgrades are complete to your satisfaction, install the virtualisation software. Most standard kernels should have everything built-in, so you really just need to install the user-space management tools.

 aptitude install kvm libvirt-bin virtinst bridge-utils virt-manager

You also need to add the user you typically log on as to the libvirt group, allowing that user to start and stop the virtual machines and generally run the admin console.

 adduser root libvirt
 adduser <your-user-name> libvirt

Run the command line console to check that the virtualisation kit is installed and operational:

 virsh -c qemu:///system list

This should give you output along the lines of the below, no actual virtual machines will be shown as you haven’t create any yet. If you get an error instead, something when wrong in the earlier commands – try googling the error message. One potential issue is that you don’t have the virtualisation extensions turned on in your bios:

  Id    Name                           State
 ----------------------------------------------------

Next, you need to create a network bridge on your ethernet interface so that your new virtual machines can have their own network interface. It’s possible to put your machines on their own virtual subnet so that they can’t talk to the outside world, since we’re trying to create a mail server that can connect to the outside world, we want to set it up as externally addressable.

The reference guide for this process I found at http://wiki.libvirt.org/page/Networking.

  • Stop network manager, if it’s running. Network manager breaks lots of stuff, better without it. If you need it for wireless networks, then you may be able to set it to run over your wireless networks only, that’s outside of the scope of this tutorial. If you are running a server though, you’re unlike*ly to be running it on wireless.
 /etc/init.d/network-manager stop
  • Create some files to permanently prevent network manager from starting
 echo "exit" > /etc/default/NetworkManager
 echo "exit" > /etc/default/NetworkManagerDispatcher
  • edit /etc/sysctl.conf, add following lines to the end
 net.bridge.bridge-nf-call-ip6tables = 0
 net.bridge.bridge-nf-call-iptables = 0
 net.bridge.bridge-nf-call-arptables = 0
  • edit /etc/sysctl.conf, uncomment the following line
 net.ipv4.ip_forward=1
  • reload sysctl settings
 sysctl -p /etc/sysctl.conf
  • check that you’re directly on your server console/screen, not coming in over ssh, we’re about to stop the network, and if you’re on ssh you’ll lose access to start it again
  • work out what interface you’re using – typically eth0 or eth1. You can issue the following command to list adapters
 ifconfig
  • shut down your old ethernet
 ifdown eth1
  • edit /etc/network/interfaces, replace your old ethernet with a new bridge interface (the old interface in my case is eth1, which you can see has been commented out and then used in the bridge interface)
 # auto eth1
 # iface eth1 inet dhcp
 auto br0
 iface br0 inet dhcp
   bridge_ports eth1
   bridge_stp on
   bridge_maxwait 0
   bridge_fd 0
 start br0
  • start up your new bridge interface, and see if you still have internet connectivity
 ifup br0
  • I also typically reboot at this stage, just to be sure things are working

I am assuming you have LVM installed, if not install it too. If you don’t want to use LVM as the tool for managing your virtual file systems, and plan to use a file instead, you don’t need to do this. If you wanted to use drbd per this post, now is the time to read it and complete that configuration.

 aptitude install lvm2

If you haven’t previously installed lvm, then you need to create a volume group. This implies you have some unformatted disk somewhere – a spare partition, md device or complete disk. You probably want to read up a bit on LVM if this is all new to you. If you already have the gist of it, you can create a volume group by:

 pvcreate /dev/<my_disk_partition>
 vgcreate <my_volume_group> /dev/<my_disk_partition>

At this point, you should have a machine with the capability to have new virtual servers created on it. We now move into creating the mail server virtual.

Because I create and destroy virtuals reasonably frequently, I have downloaded the minimal debian installer to my local filesystem – I typically use the netinst version of amd64 (which also runs on Intel 64-bit processors) that can be found on this page: http://www.debian.org/devel/debian-installer/. You should do the same.

  • Open the virtual machine manager (virt-manager), which should now be available on your desktop. Select edit..connection details, and verify that your lvm volume group is shown in there (or, if you’re not using LVM, that you have a drive specified with free space). If you don’t have your volume group specified, click the + to add it, and follow the wizard to make it available.
  • Create a volume for the file system. You can create separate volumes for the root filesystem and the swap space, but I haven’t found any advantage to doing that at the current time. I always give my logical volumes the same name as the server hostname – in my case my server is called mail, note that hostnames can’t have spaces or underscores in them, so name appropriately. I leave a reasonable amount of space for mail – if you use 2GB for swap, and 2GB for the base install, then a 25G logical volume gives about 20GB of space for mail. You can grow this later if you run out of space.
  • Close the connection details, and click the “create new” button, near the top left of the window (an asterisk icon).
  • Enter the machine name you’ve chosen, and select local media. Click forward.
  • Select “use an iso image” and browse to the cd iso image that you downloaded earlier
  • Set the OS type to Linux and Debian Wheezy. Click forward.
  • Select 3024MB of memory (unless you have a 32-bit host, in which case select 2048MB which is the maximum, or unless your machine is short of physical memory, in which case pick any number down to about 384MB) and 3 CPUs. This is only the maximum setting for this virtual, and is convenient during install, later we set the actual used memory and CPU lower. Click forward.
  • Select managed or other existing storage, then browse and select the logical volume you created earlier
  • Tick the box to to customise the configuration before install, and in the advanced options copy the MAC address
  • Go to your firewall and/or DHCP server, and set a static IP address and a hostname for your server, using the MAC address that you’ve copied, so that this new virtual machine gets a static internal ip address
  • Once you’re taken to the custom options page:
    • Set the current memory to a number you like more
    • I’d leave the CPUs as they are, but you could change to a smaller number
    • Change the boot options to start on host boot (you want this virtual to restart on host restart)
    • Change the type of disk 1 to be virtio, which should be faster
    • Change the performance options on disk 1 to be nocache and native.  I am toying with the though that you can set cache to be writeback during the install, and change it later to none, which might make the install a lot less faster (at the risk that if your server crashes during your install it might corrupt it – which is unlikely anyway and easy to recover from by just reinstalling)
    • I always set video to VGA, but I’m not sure it’s necessary
    • Click begin installation
    • During the Debian installation, make sure you set some swap space within the allocated disk, I’d recommend around 2G, although my mail server has never used any swap that I have seen
    • During the installation, select to install the base server and ssh, but nothing else. We’ll manually install the mail packages we want

Once the installation finishes, select to reboot the server. Try to ssh into it from your server command line, and run a full upgrade just in case your installation media wasn’t fully up-to-date.

 aptitude update
 aptitude full-upgrade

Edit /etc/defaults/grub to modify some options that should improve performance – turn off the io scheduler (since this machine leverages the underlying host’s io scheduler), and to turn off the tickless timer, which can apparently generate superfluous interrupts.

 GRUB_CMDLINE_LINUX="nohz=off elevator=noop"
 update-grub

Reboot the guest.

On the host, you may want to turn on kernel shared memory, which identifies memory pages that are identical between your various virtuals, and collapses them. This allows you to run many more virtuals in a given memory footprint.

 echo 1 > /sys/kernel/mm/ksm/run

If you want this to be permanent, you can add it to /etc/rc.local. You can check whether this has any effect by looking for pages shared through the following. Note that by default it won’t run until at least half the RAM on your machine is consumed:

cat /sys/kernel/mm/ksm/pages_sharing

All going well, you now have a base virtual machine running on your server, ready for install of the mail software.

Advertisements

3 thoughts on “Part Two: Install virtualisation and a base virtual server

  1. Pingback: Part One: Install a secure Debian Wheezy imap mail server into a virtual using Exim, Dovecot, Fetchmail | technpol

  2. Pingback: Part Three: Configuring Exim to accept and deliver mail, and for secure outbound SMTP mail | technpol

  3. Pingback: Compiling and testing RAID6 on btrfs | technpol

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s