-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathGDPRuler_VMs_setup.sh
More file actions
executable file
·123 lines (103 loc) · 4.32 KB
/
GDPRuler_VMs_setup.sh
File metadata and controls
executable file
·123 lines (103 loc) · 4.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#!/bin/sh
set -e
# Script to setup up a server and controller VM images for GDPRuler
THIS_DIR=$(dirname "$(readlink -f "$0")")
# Preparation Steps and checks
# check for cloud-localds - required for cloud-init
CLOUD_LOCALDS_BIN=$(command -v cloud-localds)
if [[ -z "$CLOUD_LOCALDS_BIN" ]]; then
echo "cloud-localds not found, please install it" >&2
exit 1
fi
# check for qemu version
QEMU_BIN=$(command -v qemu-system-x86_64)
QEMU_IMG_BIN=$(command -v qemu-img)
MIN_QEMU_VERSION="9.2.0"
if [[ -z "$QEMU_BIN" ]]; then
echo "QEMU not installed." >&2
exit 1
fi
QEMU_VERSION=$("$QEMU_BIN" --version 2>/dev/null | grep -oP 'version \K\d+\.\d+\.\d+')
if [[ -z "$QEMU_VERSION" ]] || [[ $(echo -e "$QEMU_VERSION\n9.2.0" | sort -V | head -n1) != "9.2.0" ]]; then
echo "QEMU version $QEMU_VERSION is < 9.2.0 or not found."
exit 1
fi
# check for ovmf
OVMF_DIR=${THIS_DIR}/AMDSEV/ovmf
OVMF=${THIS_DIR}/AMDSEV/usr/local/share/qemu/OVMF.fd
OVMF_CODE=${THIS_DIR}/AMDSEV/usr/local/share/qemu/OVMF_CODE.fd
OVMF_VARS=${THIS_DIR}/AMDSEV/usr/local/share/qemu/OVMF_VARS.fd
OVMF_FILES_DIR=${THIS_DIR}/firmware
if [[ ! -d ${OVMF_DIR} ]] ; then
echo "${OVMF_DIR} does not exist. Please build it by running \"bash ./build.sh ovmf\" in the AMDSEV directory"
exit 1
fi
if [[ ! -f ${OVMF} ]] || [[ ! -f "${OVMF_CODE}" ]] || [[ ! -f "${OVMF_VARS}" ]] ; then
echo "OVMF files do not exist. Please generate them by running \"bash ./build.sh ovmf\" in the AMDSEV directory"
exit 1
fi
# check for the existence of the virtual bridge for networking
BRIDGE_NAME=virbr0
BRIDGE_IP=192.168.122.1
NETMASK=255.255.255.0
# Check for brctl
if ! command -v brctl &> /dev/null; then
echo "Error: brctl not found. Install bridge-utils first."
exit 1
fi
# Remove existing bridge if present
if [ -d "/sys/class/net/$BRIDGE_NAME" ]; then
echo "Removing existing $BRIDGE_NAME..."
sudo ip link set dev $BRIDGE_NAME down
sudo brctl delbr $BRIDGE_NAME || exit 1
fi
# Create new bridge
echo "Creating new $BRIDGE_NAME..."
sudo brctl addbr $BRIDGE_NAME || exit 1
sudo brctl stp $BRIDGE_NAME on || exit 1
# Configure bridge IP
sudo ip link set dev $BRIDGE_NAME up || exit 1
sudo ip addr add $BRIDGE_IP/$NETMASK dev $BRIDGE_NAME || exit 1
echo "Bridge $BRIDGE_NAME reconfigured:"
ip addr show $BRIDGE_NAME
# Setup the VMs
IMAGES_DIR=${THIS_DIR}/images
# Create the appropriate directories for the images and OVMF files
mkdir -p ${IMAGES_DIR}
mkdir -p ${OVMF_FILES_DIR}
# Retrieve the initial image
IMG_URL=https://cloud-images.ubuntu.com/noble/current
CLOUD_IMG=noble-server-cloudimg-amd64.img
if [[ ! -f ${THIS_DIR}/${CLOUD_IMG} ]] ; then
wget ${IMG_URL}/${CLOUD_IMG}
fi
# Set-up the controller VM
echo "[1/3] Setting up the controller VM files"
LD_LIBRARY_PATH=$LD_LIBRARY_PATH ${QEMU_IMG_BIN} convert ${THIS_DIR}/${CLOUD_IMG} ${IMAGES_DIR}/gdpr.img
LD_LIBRARY_PATH=$LD_LIBRARY_PATH ${QEMU_IMG_BIN} resize ${IMAGES_DIR}/gdpr.img +20G
mkdir -p ${OVMF_FILES_DIR}/gdpr
cp ${OVMF} ${OVMF_FILES_DIR}/gdpr/OVMF.fd
cp ${OVMF_CODE} ${OVMF_FILES_DIR}/gdpr/OVMF_CODE.fd
cp ${OVMF_VARS} ${OVMF_FILES_DIR}/gdpr/OVMF_VARS.fd
echo "[2/3] Installing software in the controller VM image -- to be used as a base"
virt-customize --add ${IMAGES_DIR}/gdpr.img \
--root-password password:123456 \
--edit '/etc/ssh/sshd_config:s/#PermitRootLogin prohibit-password/PermitRootLogin yes/' \
--edit '/etc/ssh/sshd_config:s/PasswordAuthentication no/PasswordAuthentication yes/' \
--run-command 'growpart /dev/sda 1' \
--run-command 'resize2fs /dev/sda1' \
--run-command 'ssh-keygen -A' \
--run-command 'systemctl mask pollinate.service' \
--copy-in ${THIS_DIR}/setup_vm.sh:/root \
--smp $(nproc) \
--memsize 16384 \
--run-command /root/setup_vm.sh
# Import the network config for the controller in the VM image
# note: Enable idle polling (idle=poll) and Update the GRUB configuration
echo "[3/3] Setting up the controller network configuration and copying ssh key"
bash ${THIS_DIR}/prepare_net_cfg.sh -br ${BRIDGE_NAME} -cfg ${THIS_DIR}/network_configs/netplan-gdpr.yaml
virt-customize --add ${IMAGES_DIR}/gdpr.img \
--copy-in ${THIS_DIR}/network_configs/netplan-gdpr.yaml:/etc/netplan/ \
--ssh-inject root:file:/home/$(whoami)/.ssh/id_rsa.pub \
--run-command "echo 'GRUB_CMDLINE_LINUX_DEFAULT=\"\$GRUB_CMDLINE_LINUX_DEFAULT idle=poll\"' >> /etc/default/grub.d/50-cloudimg-settings.cfg" \
--run-command "update-grub"