diff --git a/docs/.vitepress/config.mts b/docs/.vitepress/config.mts index c1f1a84eec..258503da12 100644 --- a/docs/.vitepress/config.mts +++ b/docs/.vitepress/config.mts @@ -175,7 +175,8 @@ function getGuideSidebarZhCN() { items: [ { text: '系统和硬件配置要求', link: '/guide/lxd/lxd_precheck.html' }, { text: 'LXD主体安装', link: '/guide/lxd/lxd_install.html' }, - { text: 'LXC虚拟化', link: '/guide/lxd/lxd_lxc.html' }, + { text: 'Linux容器(LXC)', link: '/guide/lxd/lxd_lxc.html' }, + { text: 'Windows虚拟机(QEMU)', link: '/guide/lxd/lxd_windows.html' }, { text: '更多配置', link: '/guide/lxd/lxd_extra_config.html' }, { text: '自定义', link: '/guide/lxd/lxd_custom.html' }, { text: '致谢', link: '/guide/lxd/lxd_thanks.html' }, @@ -303,7 +304,8 @@ function getGuideSidebarEnUS() { items: [ { text: 'Configuration requirements', link: '/en/guide/lxd/lxd_precheck.html' }, { text: 'LXD main installation', link: '/en/guide/lxd/lxd_install.html' }, - { text: 'LXC Virtualization', link: '/en/guide/lxd/lxd_lxc.html' }, + { text: 'Linux Container(LXC)', link: '/en/guide/lxd/lxd_lxc.html' }, + { text: 'Windows Virtual Machine(QEMU)', link: '/en/guide/lxd/lxd_windows.html' }, { text: 'Extra configuration', link: '/en/guide/lxd/lxd_extra_config.html' }, { text: 'Custom', link: '/en/guide/lxd/lxd_custom.html' }, { text: 'Acknowledgements', link: '/en/guide/lxd/lxd_thanks.html' }, diff --git a/docs/en/guide/lxd/images/win1.png b/docs/en/guide/lxd/images/win1.png new file mode 100644 index 0000000000..519e65aac4 Binary files /dev/null and b/docs/en/guide/lxd/images/win1.png differ diff --git a/docs/en/guide/lxd/images/win2.jpg b/docs/en/guide/lxd/images/win2.jpg new file mode 100644 index 0000000000..841a4a5cb3 Binary files /dev/null and b/docs/en/guide/lxd/images/win2.jpg differ diff --git a/docs/en/guide/lxd/images/win3.jpg b/docs/en/guide/lxd/images/win3.jpg new file mode 100644 index 0000000000..72fcdb651b Binary files /dev/null and b/docs/en/guide/lxd/images/win3.jpg differ diff --git a/docs/en/guide/lxd/images/win4.jpg b/docs/en/guide/lxd/images/win4.jpg new file mode 100644 index 0000000000..09d51df438 Binary files /dev/null and b/docs/en/guide/lxd/images/win4.jpg differ diff --git a/docs/en/guide/lxd/images/win5.jpg b/docs/en/guide/lxd/images/win5.jpg new file mode 100644 index 0000000000..f18e812329 Binary files /dev/null and b/docs/en/guide/lxd/images/win5.jpg differ diff --git a/docs/en/guide/lxd/images/win6.jpg b/docs/en/guide/lxd/images/win6.jpg new file mode 100644 index 0000000000..6e8501ec8a Binary files /dev/null and b/docs/en/guide/lxd/images/win6.jpg differ diff --git a/docs/en/guide/lxd/images/win7.jpg b/docs/en/guide/lxd/images/win7.jpg new file mode 100644 index 0000000000..7a3f671f34 Binary files /dev/null and b/docs/en/guide/lxd/images/win7.jpg differ diff --git a/docs/en/guide/lxd/lxd_windows.md b/docs/en/guide/lxd/lxd_windows.md new file mode 100644 index 0000000000..3adcd07650 --- /dev/null +++ b/docs/en/guide/lxd/lxd_windows.md @@ -0,0 +1,150 @@ +# Running Windows Virtual Machines in LXD + +## Verify the LXD Driver + +Ensure that `lxc info` output contains `qemu`, otherwise you cannot create VMs: + +```shell +lxc info | grep -i driver: +``` + +If it only shows `lxc`, no need to read the subsequent tutorials, lxd drivers don't support opening a VM. + +## Prepare the Environment and Patch the Image + +Execute the following commands in sequence in the `/root` directory: + +```shell +apt update +apt install -y snapd libguestfs-tools wimtools rsync libhivex-bin libwin-hivex-perl genisoimage || apt install -y mkisofs +snap install lxd-imagebuilder --classic --edge +# reboot to load some config +reboot +``` + +Download the image and apply the patch. If you're using a different image, replace the download link accordingly. + +(You don't need to download the image that comes with virtio, the original image will suffice) + +Windows image download link: https://down.idc.wiki/ISOS/Windows/ + +The following guide will use Windows 2019 as an example: + +```shell +wget https://down.idc.wiki/ISOS/Windows/Server%202019/cn_windows_server_2019_updated_july_2020_x64_dvd_2c9b67da.iso -O win.iso +lxd-imagebuilder repack-windows \ + --windows-arch=amd64 \ + win.iso \ + win.lxc.iso +``` + +The patching time depends on when the program adds the drivers needed for booting (it will add one by one until successful). + +Some may take a short time, others may take longer, potentially exceeding 10~30 minutes. It's recommended to run this in `screen` or `tmux`. + +After patching is complete, you can delete the original image: + +```shell +rm -f win.iso +``` + +## Create the VM and Mount the Installation ISO + +Here I'm using a configuration of 3 CPUs, 5GB RAM, and 30GB storage. If you're using Windows 10 or newer versions, you'll need at least 4 CPUs, 6GB RAM, and 40GB storage. + +It's recommended to use more CPU and RAM than the resources I have set up now to avoid the system getting stuck to the point of crashing. + +If you don't have enough memory, we recommend checking the Add SWAP item in the Other Useful Items section of this guide to add more virtual memory on your own. + +```shell +lxc init winvm --vm --empty +lxc config device override winvm root size=30GiB +lxc config set winvm limits.cpu=3 limits.memory=5GiB +lxc config device add winvm vtpm tpm path=/dev/tpm0 +lxc config device add winvm install disk source=/root/win.lxd.iso boot.priority=10 +``` + +## Start the VM and Access the Desktop Remotely via Browser + +Install the components needed for browser access: + +```shell +apt update +apt install -y spice-html5 websockify lsof +``` + +Start the VM: + +```shell +lxc start winvm +``` + +Start remote access components: + +```shell +SERVER_IP=$(hostname -I | awk '{print $1}') +nohup websockify --web /usr/share/spice-html5 6080 \ + --unix-target=/var/snap/lxd/common/lxd/logs/winvm/qemu.spice \ + > /var/log/websockify-winvm.log 2>&1 & +echo "SPICE HTML5 console on http://${SERVER_IP}:6080/spice_auto.html" +``` + +At the first boot, you'll need to press the `Ctrl+Alt+Delete` button in the upper left corner of the browser page. After restarting, follow the prompts on the default interface. You'll need to wait 5-10 minutes for the ISO to be loaded for the actual installation. + +Eventually, the Zabbly icon will appear and spin for at least 2 minutes. Please be patient. + +![](images/win1.png) + +Once the spinning stops, you'll enter the normal Windows VM installation process, similar to PVE operations. + +![](images/win2.jpg) + +![](images/win3.jpg) + +![](images/win4.jpg) + +If the installation is complete(Execute to blue screen, mouse stuck and can't move, wait more than 5 minutes), first shut down/exit Windows (from the browser), then remove the ISO device to ensure it boots from the hard disk next time: + +```shell +lxc stop winvm +lxc config device remove winvm install +lxc start winvm +``` + +The following image can be seen after startup + +![](images/win5.jpg) + +![](images/win6.jpg) + +![](images/win7.jpg) + +No need to configure your own network, lxd will automatically assign IPV4 addresses and connect to the network. + +## Remove the remote component to restart the browser mapping + +If you need to delete the VM and recreate it due to resource limitations or other reasons, use `pkill -f websockify` to terminate all SPICE signal forwarding, then `lxc delete -f winvm` to forcibly delete the VM. + +```shell +lsof -i :6080 +``` + +Check if the PID for the corresponding port still exists to ensure it has completely stopped (if you have signal forwarding for multiple VMs, it's better not to use `pkill` to delete all of them; use `kill -9` to delete the PID for the specific port). + +## If it crashes and stops within a few minutes of first startup + +Need to add CPU passthrough + +```shell +lxc config set winvm raw.qemu -- "-cpu host" +``` + +Just start the virtual machine again + +## Disadvantages + +The frontend lacks authentication, so you can't set user passwords. + +If you need frontend authentication, you'll need to use `Guacamole` with additional settings to implement it, which won't be covered in detail here. + +The VM piece doesn't have some well established interactive panels and adaptations, ```spice``` is too [old](https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/considerations_in_adopting_rhel_9/index) (although there is a web-based spice client), and the official panels don't support rbac with a username and password and can only be used with certificates. diff --git a/docs/guide/lxd/images/win1.png b/docs/guide/lxd/images/win1.png new file mode 100644 index 0000000000..519e65aac4 Binary files /dev/null and b/docs/guide/lxd/images/win1.png differ diff --git a/docs/guide/lxd/images/win2.jpg b/docs/guide/lxd/images/win2.jpg new file mode 100644 index 0000000000..841a4a5cb3 Binary files /dev/null and b/docs/guide/lxd/images/win2.jpg differ diff --git a/docs/guide/lxd/images/win3.jpg b/docs/guide/lxd/images/win3.jpg new file mode 100644 index 0000000000..72fcdb651b Binary files /dev/null and b/docs/guide/lxd/images/win3.jpg differ diff --git a/docs/guide/lxd/images/win4.jpg b/docs/guide/lxd/images/win4.jpg new file mode 100644 index 0000000000..09d51df438 Binary files /dev/null and b/docs/guide/lxd/images/win4.jpg differ diff --git a/docs/guide/lxd/images/win5.jpg b/docs/guide/lxd/images/win5.jpg new file mode 100644 index 0000000000..f18e812329 Binary files /dev/null and b/docs/guide/lxd/images/win5.jpg differ diff --git a/docs/guide/lxd/images/win6.jpg b/docs/guide/lxd/images/win6.jpg new file mode 100644 index 0000000000..6e8501ec8a Binary files /dev/null and b/docs/guide/lxd/images/win6.jpg differ diff --git a/docs/guide/lxd/images/win7.jpg b/docs/guide/lxd/images/win7.jpg new file mode 100644 index 0000000000..7a3f671f34 Binary files /dev/null and b/docs/guide/lxd/images/win7.jpg differ diff --git a/docs/guide/lxd/lxd_windows.md b/docs/guide/lxd/lxd_windows.md index 6cf6f976af..e6c5b57564 100644 --- a/docs/guide/lxd/lxd_windows.md +++ b/docs/guide/lxd/lxd_windows.md @@ -1,3 +1,8 @@ +--- +outline: deep +--- + +# 在 LXD 中运行 Windows 虚拟机 ## 检查 lxd 驱动 @@ -16,7 +21,8 @@ lxc info | grep -i driver: ```shell apt update apt install -y snapd libguestfs-tools wimtools rsync libhivex-bin libwin-hivex-perl genisoimage || apt install -y mkisofs -sudo snap install lxd-imagebuilder --classic --edge +snap install lxd-imagebuilder --classic --edge +# 重启加载一些配置 reboot ``` @@ -24,8 +30,6 @@ reboot 自行下载Windows镜像的地址:https://down.idc.wiki/ISOS/Windows/ -支持修补的Windows镜像版本:https://linuxcontainers.org/distrobuilder/docs/latest/tutorials/use/#repack-windows-iso - 下面的指南将以windows2019作为示例进行 ```shell @@ -93,10 +97,58 @@ echo "SPICE HTML5 console on http://${SERVER_IP}:6080/spice_auto.html" 最终会显示三个立方体的图标,这个图标在这里转圈圈需要至少2分钟,请耐心等待。 +![](images/win1.png) +转圈圈完毕就会进入正常的Win虚拟机安装流程,类比PVE的操作即可。 + +![](images/win2.jpg) + +![](images/win3.jpg) + +![](images/win4.jpg) + +如果已经安装完成(执行到蓝屏,鼠标卡住不能动了,等待超过5分钟),先关闭/退出Windows(在浏览器上关机),然后移除 ISO 设备,保证下次从硬盘启动 ```shell lxc stop winvm lxc config device remove winvm install lxc start winvm ``` + +启动后可见如下图 + +![](images/win5.jpg) + +![](images/win6.jpg) + +![](images/win7.jpg) + +无需自行进行网络配置,lxd将自动分配IPV4地址和连接网络 + +## 删除远程组件重新启动浏览器映射 + +如果发现资源没给够等原因需要删虚拟机重新开设,那么需要使用```pkill -f websockify```终止所有的spice信号转发,然后```lxc delete -f winvm```强行删除虚拟机。 + +```shell +lsof -i :6080 +``` + +查询对应端口的PID号是否还存在,确保已完全停止(如果你有多个虚拟机的信号转发,那么最好不要用```pkill```删除所有,用```kill -9```删除对应端口的PID即可)。 + +## 如果首次启动没过几分钟就崩溃停机了 + +需要添加CPU直通 + +```shell +lxc config set winvm raw.qemu -- "-cpu host" +``` + +再次启动虚拟机即可 + +## 缺点 + +前端无权限校验,没法设置用户密码 + +如果需要前端鉴权,那么得使用```Guacamole```添加一些设置来实现,这里就不赘述了 + +虚拟机这块没有成型的一些交互面板和适配,```spice```太[古老](https://docs.redhat.com/zh-cn/documentation/red_hat_enterprise_linux/9/html/considerations_in_adopting_rhel_9/ref_changes-to-spice_assembly_virtualization)了(虽然有网页端的spice客户端),官方的面板又不支持rbac使用用户名密码,只能通过证书使用