feat: 添加LXD开设Windows虚拟机内容

docs/.vitepress/config.mts

@@ -175,7 +175,8 @@ function getGuideSidebarZhCN() {
       items: [
         { text: '系统和硬件配置要求', link: '/guide/lxd/lxd_precheck.html' },
         { text: 'LXD主体安装', link: '/guide/lxd/lxd_install.html' },
-        { text: 'LXC虚拟化', link: '/guide/lxd/lxd_lxc.html' },
+        { text: 'Linux容器(LXC)', link: '/guide/lxd/lxd_lxc.html' },
+        { text: 'Windows虚拟机(QEMU)', link: '/guide/lxd/lxd_windows.html' },
         { text: '更多配置', link: '/guide/lxd/lxd_extra_config.html' },
         { text: '自定义', link: '/guide/lxd/lxd_custom.html' },
         { text: '致谢', link: '/guide/lxd/lxd_thanks.html' },
@@ -303,7 +304,8 @@ function getGuideSidebarEnUS() {
       items: [
         { text: 'Configuration requirements', link: '/en/guide/lxd/lxd_precheck.html' },
         { text: 'LXD main installation', link: '/en/guide/lxd/lxd_install.html' },
-        { text: 'LXC Virtualization', link: '/en/guide/lxd/lxd_lxc.html' },
+        { text: 'Linux Container(LXC)', link: '/en/guide/lxd/lxd_lxc.html' },
+        { text: 'Windows Virtual Machine(QEMU)', link: '/en/guide/lxd/lxd_windows.html' },
         { text: 'Extra configuration', link: '/en/guide/lxd/lxd_extra_config.html' },
         { text: 'Custom', link: '/en/guide/lxd/lxd_custom.html' },
         { text: 'Acknowledgements', link: '/en/guide/lxd/lxd_thanks.html' },

docs/en/guide/lxd/lxd_windows.md

@@ -0,0 +1,150 @@
+# Running Windows Virtual Machines in LXD
+
+## Verify the LXD Driver
+
+Ensure that `lxc info` output contains `qemu`, otherwise you cannot create VMs:
+
+```shell
+lxc info | grep -i driver:
+```
+
+If it only shows `lxc`, no need to read the subsequent tutorials, lxd drivers don't support opening a VM.
+
+## Prepare the Environment and Patch the Image
+
+Execute the following commands in sequence in the `/root` directory:
+
+```shell
+apt update
+apt install -y snapd libguestfs-tools wimtools rsync libhivex-bin libwin-hivex-perl genisoimage || apt install -y mkisofs
+snap install lxd-imagebuilder --classic --edge
+# reboot to load some config
+reboot
+```
+
+Download the image and apply the patch. If you're using a different image, replace the download link accordingly.
+
+(You don't need to download the image that comes with virtio, the original image will suffice)
+
+Windows image download link: https://down.idc.wiki/ISOS/Windows/
+
+The following guide will use Windows 2019 as an example:
+
+```shell
+wget https://down.idc.wiki/ISOS/Windows/Server%202019/cn_windows_server_2019_updated_july_2020_x64_dvd_2c9b67da.iso -O win.iso
+lxd-imagebuilder repack-windows \
+  --windows-arch=amd64 \
+  win.iso \
+  win.lxc.iso
+```
+
+The patching time depends on when the program adds the drivers needed for booting (it will add one by one until successful).
+
+Some may take a short time, others may take longer, potentially exceeding 10~30 minutes. It's recommended to run this in `screen` or `tmux`.
+
+After patching is complete, you can delete the original image:
+
+```shell
+rm -f win.iso
+```
+
+## Create the VM and Mount the Installation ISO
+
+Here I'm using a configuration of 3 CPUs, 5GB RAM, and 30GB storage. If you're using Windows 10 or newer versions, you'll need at least 4 CPUs, 6GB RAM, and 40GB storage.
+
+It's recommended to use more CPU and RAM than the resources I have set up now to avoid the system getting stuck to the point of crashing.
+
+If you don't have enough memory, we recommend checking the Add SWAP item in the Other Useful Items section of this guide to add more virtual memory on your own.
+
+```shell
+lxc init winvm --vm --empty
+lxc config device override winvm root size=30GiB
+lxc config set winvm limits.cpu=3 limits.memory=5GiB
+lxc config device add winvm vtpm tpm path=/dev/tpm0
+lxc config device add winvm install disk source=/root/win.lxd.iso boot.priority=10
+```
+
+## Start the VM and Access the Desktop Remotely via Browser
+
+Install the components needed for browser access:
+
+```shell
+apt update
+apt install -y spice-html5 websockify lsof
+```
+
+Start the VM:
+
+```shell
+lxc start winvm
+```
+
+Start remote access components:
+
+```shell
+SERVER_IP=$(hostname -I | awk '{print $1}')
+nohup websockify --web /usr/share/spice-html5 6080 \
+         --unix-target=/var/snap/lxd/common/lxd/logs/winvm/qemu.spice \
+       > /var/log/websockify-winvm.log 2>&1 &
+echo "SPICE HTML5 console on http://${SERVER_IP}:6080/spice_auto.html"
+```
+
+At the first boot, you'll need to press the `Ctrl+Alt+Delete` button in the upper left corner of the browser page. After restarting, follow the prompts on the default interface. You'll need to wait 5-10 minutes for the ISO to be loaded for the actual installation.
+
+Eventually, the Zabbly icon will appear and spin for at least 2 minutes. Please be patient.
+
+![](images/win1.png)
+
+Once the spinning stops, you'll enter the normal Windows VM installation process, similar to PVE operations.
+
+![](images/win2.jpg)
+
+![](images/win3.jpg)
+
+![](images/win4.jpg)
+
+If the installation is complete(Execute to blue screen, mouse stuck and can't move, wait more than 5 minutes), first shut down/exit Windows (from the browser), then remove the ISO device to ensure it boots from the hard disk next time:
+
+```shell
+lxc stop winvm
+lxc config device remove winvm install
+lxc start winvm
+```
+
+The following image can be seen after startup
+
+![](images/win5.jpg)
+
+![](images/win6.jpg)
+
+![](images/win7.jpg)
+
+No need to configure your own network, lxd will automatically assign IPV4 addresses and connect to the network.
+
+## Remove the remote component to restart the browser mapping
+
+If you need to delete the VM and recreate it due to resource limitations or other reasons, use `pkill -f websockify` to terminate all SPICE signal forwarding, then `lxc delete -f winvm` to forcibly delete the VM.
+
+```shell
+lsof -i :6080
+```
+
+Check if the PID for the corresponding port still exists to ensure it has completely stopped (if you have signal forwarding for multiple VMs, it's better not to use `pkill` to delete all of them; use `kill -9` to delete the PID for the specific port).
+
+## If it crashes and stops within a few minutes of first startup
+
+Need to add CPU passthrough
+
+```shell
+lxc config set winvm raw.qemu -- "-cpu host"
+```
+
+Just start the virtual machine again
+
+## Disadvantages
+
+The frontend lacks authentication, so you can't set user passwords.
+
+If you need frontend authentication, you'll need to use `Guacamole` with additional settings to implement it, which won't be covered in detail here.
+
+The VM piece doesn't have some well established interactive panels and adaptations, ```spice``` is too [old](https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/considerations_in_adopting_rhel_9/index) (although there is a web-based spice client), and the official panels don't support rbac with a username and password and can only be used with certificates.

docs/guide/lxd/lxd_windows.md

@@ -1,3 +1,8 @@
+---
+outline: deep
+---
+
+# 在 LXD 中运行 Windows 虚拟机
 
 ## 检查 lxd 驱动
 
@@ -16,7 +21,8 @@ lxc info | grep -i driver:
 ```shell
 apt update
 apt install -y snapd libguestfs-tools wimtools rsync libhivex-bin libwin-hivex-perl genisoimage || apt install -y mkisofs
-sudo snap install lxd-imagebuilder --classic --edge
+snap install lxd-imagebuilder --classic --edge
+# 重启加载一些配置
 reboot
 ```
 
@@ -24,8 +30,6 @@ reboot
 
 自行下载Windows镜像的地址：https://down.idc.wiki/ISOS/Windows/
 
-支持修补的Windows镜像版本：https://linuxcontainers.org/distrobuilder/docs/latest/tutorials/use/#repack-windows-iso
-
 下面的指南将以windows2019作为示例进行
 
 ```shell
@@ -93,10 +97,58 @@ echo "SPICE HTML5 console on http://${SERVER_IP}:6080/spice_auto.html"
 
 最终会显示三个立方体的图标，这个图标在这里转圈圈需要至少2分钟，请耐心等待。
 
+![](images/win1.png)
 
+转圈圈完毕就会进入正常的Win虚拟机安装流程，类比PVE的操作即可。
+
+![](images/win2.jpg)
+
+![](images/win3.jpg)
+
+![](images/win4.jpg)
+
+如果已经安装完成(执行到蓝屏，鼠标卡住不能动了，等待超过5分钟)，先关闭/退出Windows(在浏览器上关机)，然后移除 ISO 设备，保证下次从硬盘启动
 
 ```shell
 lxc stop winvm
 lxc config device remove winvm install
 lxc start winvm
 ```
+
+启动后可见如下图
+
+![](images/win5.jpg)
+
+![](images/win6.jpg)
+
+![](images/win7.jpg)
+
+无需自行进行网络配置，lxd将自动分配IPV4地址和连接网络
+
+## 删除远程组件重新启动浏览器映射
+
+如果发现资源没给够等原因需要删虚拟机重新开设，那么需要使用```pkill -f websockify```终止所有的spice信号转发，然后```lxc delete -f winvm```强行删除虚拟机。
+
+```shell
+lsof -i :6080
+```
+
+查询对应端口的PID号是否还存在，确保已完全停止(如果你有多个虚拟机的信号转发，那么最好不要用```pkill```删除所有，用```kill -9```删除对应端口的PID即可)。
+
+## 如果首次启动没过几分钟就崩溃停机了
+
+需要添加CPU直通
+
+```shell
+lxc config set winvm raw.qemu -- "-cpu host"
+```
+
+再次启动虚拟机即可
+
+## 缺点
+
+前端无权限校验，没法设置用户密码
+
+如果需要前端鉴权，那么得使用```Guacamole```添加一些设置来实现，这里就不赘述了
+
+虚拟机这块没有成型的一些交互面板和适配，```spice```太[古老](https://docs.redhat.com/zh-cn/documentation/red_hat_enterprise_linux/9/html/considerations_in_adopting_rhel_9/ref_changes-to-spice_assembly_virtualization)了(虽然有网页端的spice客户端)，官方的面板又不支持rbac使用用户名密码，只能通过证书使用