mnl/VM-Operator
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 4 Wiki Activity Actions
VM-Operator/webpages/vm-operator/pools.md

1.6 KiB
Raw Blame History

title layout
VM-Operator: VM pools — assigning VMs to users dynamically vm-operator

VM Pools

Since 4.0.0

Prepare the VM

Shared file system

Mount a shared file system as home file system on all VMs in the pool.

Restrict access

The only possibility to access the VMs should be via a desktop started by the VM-Operator.

  • Disable the display manager.

    # systemctl disable gdm
# systemctl stop gdm

  • Disable getty on tty1.

    # systemctl mask getty@tty1
# systemctl stop getty@tty1

    You can, of course, disable getty completely. If you do this, make sure that you can still access your master VM through ssh, else you have locked yourself out.

  • Prevent suspend/hibernate, because it will lock the VM.

    # systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target

Install the VM-Operator agent

The VM-Operator agent runs as a systemd service. Sample configuration files can be found here. Copy

  • 99-vmop-agent.rules to /usr/local/lib/udev/rules.d/99-vmop-agent.rules,
  • vmop-agent to /usr/local/libexec/vmop-agent and
  • vmop-agent.service to /usr/local/lib/systemd/system/vmop-agent.service.

Note that some of the target directories do not exist by default and have to be created first. Don't forget to run restorecon on systems with SELinux.

Enable everything:

# udevadm control --reload-rules
# systemctl enable vmop-agent
# udevadm trigger