Berikut ini adalah cara untuk membuat template sistem operasi debian11 (Bullseye) , tujuan pembuatan template ini adalah untuk mempermudah dan mempercepat proses installasi virtual machine di proxmox. ( How To Create Debian (image/qcow2/raw) Template For Proxmox )
Siapkan image debian 11
Silahkan kunjungi cloud.debian.org dan cari image sesuai kebutuhanmu, kali ini kami akan mendapatkan image generic-amd64 cloud.debian.org
Dapatkan image itu melalui paket wget,
wget http://cloud.debian.org/images/cloud/bullseye/20220911-1135/debian-11-generic-arm64-20220911-1135.qcow2
Konfigurasi image Bullseye
Gunakan root user untuk menjalankan paket libguestfs-tools,
guestfish --rw -a debian-11-generic-arm64-20220911-1135.qcow2
run
Show filesystems
Show mount point pada image debian11 (Bullseye):
list-filesystems /dev/sda1: ext4 /dev/sda14: unknown /dev/sda15: vfat
lalu mount /dev/sda1 ke /
mount /dev/sda1 /
Modifikasi cloud.cfg
Edit cloud config,
edit /etc/cloud/cloud.cfg
samakan nilai dari cloud.cfg seperti dibawah ini:
# The top level settings are used as module
# and system configuration.
# A set of users which may be applied and/or used by various modules
# when a 'default' entry is found it will reference the 'default_user'
# from the distro configuration specified below
users:
- root
# If this is set, 'root' will not be able to ssh in and they
# will get a message to login instead as the above $user (debian)
disable_root: false
ssh_pwauth: true
# This will cause the set+update hostname module to not operate (if true)
preserve_hostname: false
# This prevents cloud-init from rewriting apt's sources.list file,
# which has been a source of surprise.
apt_preserve_sources_list: true
# Example datasource config
# datasource:
# Ec2:
# metadata_urls: [ 'blah.com' ]
# timeout: 5 # (defaults to 50 seconds)
# max_wait: 10 # (defaults to 120 seconds)
# The modules that run in the 'init' stage
cloud_init_modules:
- migrator
- seed_random
- bootcmd
- write-files
- growpart
- resizefs
- disk_setup
- mounts
- set_hostname
- update_hostname
- update_etc_hosts
- ca-certs
- rsyslog
- users-groups
- ssh
# The modules that run in the 'config' stage
cloud_config_modules:
# Emit the cloud config ready event
# this can be used by upstart jobs for 'start on cloud-config'.
- emit_upstart
- ssh-import-id
- locale
- set-passwords
- grub-dpkg
- apt-pipelining
- apt-configure
- ntp
- timezone
- disable-ec2-metadata
- runcmd
# The modules that run in the 'final' stage
cloud_final_modules:
- package-update-upgrade-install
- rightscale_userdata
- scripts-vendor
- scripts-per-once
- scripts-per-boot
- scripts-per-instance
- scripts-user
- ssh-authkey-fingerprints
- keys-to-console
- phone-home
- final-message
- power-state-change
# System and/or distro specific settings
# (not accessible to handlers/transforms)
system_info:
# This will affect which distro class gets used
distro: debian
# Other config here will be given to the distro class and/or path classes
paths:
cloud_dir: /var/lib/cloud/
templates_dir: /etc/cloud/templates/
upstart_dir: /etc/init/
package_mirrors:
- arches: [default]
failsafe:
primary: http://deb.debian.org/debian
security: http://security.debian.org/
ssh_svcname: ssh
Setup network
disini kami mematikan fitur dhcp untuk IPv4, dan mengaktifkan dhcp untuk IPv6,
edit /etc/network/cloud-interfaces-template
konfignya seperti dibawah ini:
auto $INTERFACE allow-hotplug $INTERFACE iface $INTERFACE inet6 dhcp
Cek dan aktifkan hotplug-cpu-mem.rules
fungsinya hotplug-cpu-mem.rules untuk memodifikasi cpu dan ram secara otomatis apabila ada perubahan spesifikasi.
ls /lib/udev/rules.d/ 50-firmware.rules 50-udev-default.rules 55-dm.rules 60-autosuspend.rules 60-block.rules 60-cdrom_id.rules 60-drm.rules 60-evdev.rules 60-fido-id.rules 60-input-id.rules 60-persistent-alsa.rules 60-persistent-input.rules 60-persistent-storage-dm.rules 60-persistent-storage-tape.rules 60-persistent-storage.rules 60-persistent-v4l.rules 60-sensor.rules 60-serial.rules 64-btrfs.rules 66-azure-ephemeral.rules 70-joystick.rules 70-mouse.rules 70-power-switch.rules 70-touchpad.rules 70-uaccess.rules 71-seat.rules 73-seat-late.rules 73-special-net-names.rules 75-net-description.rules 75-probe_mtd.rules 78-sound-card.rules 80-debian-compat.rules 80-drivers.rules 80-ifupdown.rules 80-net-setup-link.rules 85-hwclock.rules 95-dm-notify.rules 96-e2scrub.rules 99-systemd.rules
make sure:
ls /lib/udev/rules.d/ | grep hotplug
Jika hotplug tidak ada maka buat terlebih dahulu filenya, lalu edit:
touch /lib/udev/rules.d/100-hotplug-cpu-mem.rules edit /lib/udev/rules.d/100-hotplug-cpu-mem.rules
isi nilainya sebagai berikut:
SUBSYSTEM=="cpu", ACTION=="add", TEST=="online", ATTR{online}=="0", ATTR{online}="1"
SUBSYSTEM=="memory", ACTION=="add", TEST=="state", ATTR{state}=="offline", ATTR{state}="online"
SSH Setup
SSH setup sangat diperlukan, karena default nya root user tidak dapat login ke sistem, berikut caranya:
edit /etc/ssh/sshd_config
lalu samakan konfigurasinya seperti dibawah ini:
# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value. Include /etc/ssh/sshd_config.d/*.conf #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key # Ciphers and keying #RekeyLimit default none # Logging #SyslogFacility AUTH #LogLevel INFO # Authentication: #LoginGraceTime 2m PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 PubkeyAuthentication yes # Expect .ssh/authorized_keys2 to be disregarded by default in future. #AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 #AuthorizedPrincipalsFile none #AuthorizedKeysCommand none #AuthorizedKeysCommandUser nobody # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes #PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes #GSSAPIStrictAcceptorCheck yes #GSSAPIKeyExchange no # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes PrintMotd no #PrintLastLog yes #TCPKeepAlive yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS no #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 #PermitTunnel no #ChrootDirectory none #VersionAddendum none # no default banner path #Banner none # Allow client to pass locale environment variables AcceptEnv LANG LC_* # override default of no subsystems Subsystem sftp /usr/lib/openssh/sftp-server # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no # AllowTcpForwarding no # PermitTTY no # ForceCommand cvs server ClientAliveInterval 120
save and exit
exit
Pindahkan image ke proxmox-server
Transfer image itu ke server proxmox menggunakan scp:
scp debian-11-generic-arm64-20220911-1135.qcow2 root@<proxmox-server>:/root
langkah selanjutnya silahakan simak video berikut: