Template Virtual Machines: Difference between revisions

From Sea of Fate
Jump to navigationJump to search
← Older edit
 
(2 intermediate revisions by the same user not shown)
Line 116: Line 116:
====Customizing Identity (Hostname & IP)====
====Customizing Identity (Hostname & IP)====


The original template was setting the hostname and IP address with cloud-init however it has too many conflicts with mint to be viable. Instead the base template sets an IP address of 192.168.99.200 and a random hostname. To set a new hostname and IP address there is a script that can be run as root to reset them to something more suitable
The original template was setting the hostname and IP address with cloud-init however it has too many conflicts with mint to be viable. Instead the base template sets an IP address of 192.168.99.200 and a random hostname. To set a new hostname, IP address and Gateway IP Address there is a script that can be run as root to reset them to something more suitable
  sudo ./set-identity.sh NewHostname IPAddress
  sudo ./set-identity.sh NewHostname IPAddress GatewayAddress
The script should delete any old ssh identity keys and set the region to UK as well as the new IP and hostname, it does not reboot.
The script should delete any old ssh identity keys and set the region to UK as well as the new IP and hostname, it does not reboot.  
 
===Troubleshooting the "Locked" Desktop===
 
If the cidata disk remains on the desktop or the hostname doesn't change:
* Ensure you clicked Regenerate Image before the first boot.
* If you need to change the IP after the first boot, you must change it in the Cloud-Init tab, click Regenerate Image, and then Reboot the VM.
 
===Troubleshooting: Static IP Failures (NetworkManager Conflict)===
 
If your Cloud-Init static IP settings are being ignored and the VM keeps pulling a DHCP address (or has no IP at all), follow these steps:
====Force the Cloud-Init Renderer====
The most common fix is telling Cloud-Init that it must talk to NetworkManager specifically.
** Open the VM terminal and run:
sudo nano /etc/cloud/cloud.cfg.d/99-network-manager.cfg
** Ensure the file contains only these lines:
system_info:
  network:
    renderers: [NetworkManager]
Save and exit. This ensures Cloud-Init creates a NetworkManager "profile" instead of a generic system config.
 
====Clean the "Stale" Connections====
Sometimes NetworkManager has a saved "Wired Connection 1" profile that is set to DHCP, which overrides the Cloud-Init config.
* List active connections:
nmcli connection show
* If there are multiple connections for the same interface (eth0), delete the old one:
sudo nmcli connection delete "Wired connection 1"
* Cloud-Init will now be able to recreate the correct static profile on the next reboot.
 
====Verify the Config File Location====
 
When Cloud-Init works correctly with NetworkManager, it creates a file in the following location:
/etc/NetworkManager/system-connections/cloud-init-eth0.nmconnection
* If this file exists: Check its contents (sudo cat ...) to see if the static IP matches what you put in Proxmox.
* If it does NOT exist: Cloud-Init failed to write the config. Check the logs:
sudo grep "network" /var/log/cloud-init.log.
 
====The "Nuclear" Option (Manual Fix)====
 
If you are in a hurry and Cloud-Init is still being stubborn, you can manually set the static IP via the command line, which will persist in NetworkManager:
sudo nmcli con mod "cloud-init-eth0" ipv4.addresses 192.168.110.50/24 ipv4.gateway 192.168.110.1 ipv4.dns "192.168.110.11" ipv4.method manual
sudo nmcli con up "cloud-init-eth0"


The NIC is set to VLAN 99 so it will need to be changed in the Hardware section of the web GUI to whatever VLAN is required if not the new IP will not work inside a alternative VLAN


===Remote Access (ssh)===
===Remote Access (ssh)===
You can now jump straight into the machine from Grape, Lemon, satsuma, elric@walnut, elric@wahoo or Raisin without a password:
You can now jump straight into the machine from Grape, Lemon, satsuma, elric@walnut, elric@wahoo or Raisin without a password:
  ssh nigel@<new-IP-address>
  ssh nigel@<new-IP-address>

Latest revision as of 05:42, 15 February 2026

Introduction

To have a consistent base for Virtual Machines we need to have some templates we are going to have Debian 13.3 and Mint 22.3 Zena Cinnamon Edition for the desktop

Debian Gold Master (v1.0)

Overview

The Debian Gold Master is a stripped-down, optimized Proxmox template based on Debian GNU/Linux 13.3 (Trixie). It is designed for rapid deployment of "Sea of Fate" infrastructure services.

  • Standard User: nigel (Sudoer)
  • Access: SSH Passwordless (Authorized keys from Lemon pre-staged)
  • Virtualization: QEMU Guest Agent pre-installed and enabled.
  • DNS: Standardized to 192.168.110.11 with search domains seaoffate.net, seaoffate.uk, seaoffate.local.

Deployment Workflow (How to use)

  • Clone: In Proxmox, right-click the template -> Full Clone.
  • Power On: Start the new VM.
  • SSH: Connect from Lemon (no password required).
    • Note: If you get a "Host Identification Changed" error, run: ssh-keygen -R [New_IP]
  • Initialize: Run the setup script:
sudo clone-init.sh
  • Identify: Provide the new Hostname and Static IP when prompted. The VM will auto-reboot and flip the login banner to "INITIALIZED."

The Initialization Script (/usr/local/bin/clone-init.sh)

This script automates the unique identity of every clone. It performs the following:

  • Sets Hostname in /etc/hostname and /etc/hosts.
  • Configures static networking in /etc/network/interfaces.
  • Regenerates SSH Host Keys to ensure cryptographic uniqueness.
  • Resets Machine-ID to prevent DHCP/log conflicts.
  • Updates MOTD to show the node is active and configured.

Maintenance (How to update the Master)

Every few months, or when a major security vulnerability is announced, the Gold Master should be updated:

  • Right-click Template -> Clone (Name it "Master-Update-Temp").
  • Start VM and log in.
  • Update Packages:
su -
apt update && apt upgrade -y
apt autoremove && apt clean
  • Reset to "Template State":
    • Set /etc/motd back to the WARNING: UNINITIALIZED text
nano /etc/motd

edit the text to read 

###########################################################
#                                                         #
#   WARNING: THIS VM HAS NOT BEEN INITIALIZED!            #
#   PLEASE RUN: sudo clone-init.sh                        #
#                                                         #
###########################################################
    • Truncate histories:
cat /dev/null > ~/.bash_history && history -c
  • Shutdown:
sudo /usr/sbin/poweroff
  • Finalize:
    • Delete the old template
    • Convert this updated VM into the new Debian Gold Master

Troubleshooting

  • SSH Connection Refused: Ensure the service is running. If host keys were deleted but not regenerated,
ssh-keygen -A.
  • No IP in Proxmox: Ensure the "QEMU Guest Agent" is enabled in the VM Options tab in the Proxmox WebGUI.
  • Path Errors: Always use absolute paths (e.g., /usr/sbin/reboot) in scripts to bypass Debian's minimal shell environment.


Mint-22.3-Zena-Cinnamon

Created: Feb 2026 | OS: Linux Mint 22.3 (Ubuntu 24.04.3 Base) | Kernel: 6.14+

Proxmox Hardware Configuration

  • BIOS OVMF (UEFI) Modern standard for Mint 22.3
  • Machine q35 Better PCIe bus handling for VirtIO
  • Display VirtIO-GPU Crucial: Required for Cinnamon 6.6 performance
  • CPU x86-64-v2-AES (or Host) Minimum 2 Cores for a smooth desktop
  • Memory 4096 MiB 2GB is minimum, 4GB is the "comfort" sweet spot
  • Network VirtIO (paravirtualized) Standard bridge (vmbr0)
  • Guest Agent Enabled Checkbox in 'Options' tab must be ON
  • Added Serial port

Installed Optimizations

  • QEMU Guest Agent: Installed (apt install qemu-guest-agent) for graceful shutdowns and IP reporting.
  • SPICE vdagent: Installed and modified with a 5-second boot delay (via systemd override) to fix VirtIO-GPU clipboard sync issues.
  • Cloud-Init: disabled due to conflicts with mint
    • User: nigel (Primary Admin)
    • Network Renderer: Forced to NetworkManager for desktop compatibility.
  • Apt Repositories: Fixed manual pathing for Ubuntu Noble and Mint Zena to prevent 404 errors.
  • Access Credentials
    • Default User: nigel
    • SSH Keys Preloaded: Grape (Windows), Lemon, Raisin.
    • Console: Supports SPICE (for Desktop/Clipboard) and xterm.js (via Serial Port 0).

Maintenance Commands

If we ever need to update the base template, run these before converting back to a new template

  • Update:
sudo apt update && sudo apt upgrade -y
  • Generalize:
sudo truncate -s 0 /etc/machine-id
  • Final Seal:
history -c && sudo shutdown -h now

How to Deploy a New VM from Template

Cloning the Template

  • Right-click the Mint-22.3-Zena-Cinnamon template in the Proxmox sidebar.
  • Select Clone.
  • Mode: * Linked Clone: Uses very little disk space (reaches back to the template for data). Best for standard desktops.
    • Full Clone: Completely independent copy. Best if you plan on deleting the template later.
  • Assign a VM ID and a Name (e.g., Mint-Workstation-01).
  • Click Clone.

Customizing Identity (Hostname & IP)

The original template was setting the hostname and IP address with cloud-init however it has too many conflicts with mint to be viable. Instead the base template sets an IP address of 192.168.99.200 and a random hostname. To set a new hostname, IP address and Gateway IP Address there is a script that can be run as root to reset them to something more suitable 

sudo ./set-identity.sh NewHostname IPAddress GatewayAddress

The script should delete any old ssh identity keys and set the region to UK as well as the new IP and hostname, it does not reboot.

The NIC is set to VLAN 99 so it will need to be changed in the Hardware section of the web GUI to whatever VLAN is required if not the new IP will not work inside a alternative VLAN

Remote Access (ssh)

You can now jump straight into the machine from Grape, Lemon, satsuma, elric@walnut, elric@wahoo or Raisin without a password: 

ssh nigel@<new-IP-address>
Retrieved from "https://wiki.seaoffate.net/index.php?title=Template_Virtual_Machines&oldid=1099"