Hello,
I have a Debian virtual machine and I use it as a web server. I need three more web servers and want to clone this virtual machine. I heard that I should use virt-sysprep, but I don't know what to do. Do I need to install virt-sysprep on the virtual machine?

Thank you.

Depends what technology you are using to run your VMs.
They usually have a cloning tool.

1 members found this post helpful.

https://libguestfs.org/virt-sysprep.1.html after https://docs.oracle.com/en/virtualiz...ser/clone.html so maybe not(?)

1 members found this post helpful.

Hello,
Thank you so much for your reply.
I use XCP-ng and Citrix XenServer. Do you mean that using the cloning tool they provide will do all the required work? Tasks such as removing SSH host keys, removing persistent network MAC configuration, etc.

Not using Citrix XenServer myself now (have used it in the past), but it's functionality is pretty similar to VMWare for example. In VMWare ( an in Citrix too ) you can export an import your VM to Open Virtualization Format (OVF and OVA) or clone VM. These tools will not make changes to the OS configuration. Your ssh keys, users, network config and other settings will remain the same on the clone. You will need to make changes eg. hostname, IP address etc yourself. Only the MAC address of your NIC's will change as this is on the virtual hardware side and is managed by virtualization platform.

However, do you really need to use virt-sysprep? You would if you wanted to create a clone to share with the world to avoid revealing your ssh private keys, password hashes or other confidential data. If you will be the one using clones I see no need to do that.

I used to do a lot of VM cloning in the past. The downside is that if you use the free version of virtualization platform you need to shut your VM down (at least in VMWare). With paid version you can actually clone a running VM. What I was doing on the paid version of VMWare was:

1. Clone running VM
2. Disconnect NIC's (network interfaces) in the clone to avoid IP address conflicts with the running original VM and power on the clone
3. Log in with virtual remote console and ( in Debian ) edit /etc/hostname , /etc/network/interfaces and /etc/hosts to assign new name, IP address and mapping of the new host name to the IP address.
4. Shut down the clone, re-enable NIC's and power it back on.

If you use the host name or IP somewhere else in your configs you may need to make changes to these as well eg. /etc/ssh/sshd_config, your web server configs (you don't mention what web server you use), your Exim config (if you use default MTA), firewall rules. Otherwise you may end up with your daemons listening on the IP address you do not have on this machine and in result not be able to connect. I would just grep your /etc directory for your old host name/IP and change everywhere.
If you use free version you will need to power of your VM before cloning, the rest remains the same. Don't forget to power it back on when done ;-)

However these days I'm using CFEngine to build a server from scratch in unattended way rather than cloning. This way I get a fresh machine with all the latest security updates quicker than if I was to copy the VM especially if it is big. There are plenty of other tools like Puppet, Ansimble, Chef that do the same. With these tools setting up a web server takes 5-10 mins of work (most of it to choose the hostname and the IP address and write it down in CMDB) and 30 - 60 mins (depending on the internet connection and disk storage speed) of drinking coffee and waiting for the server to be prepared.

I'm still using the feature to export VM's though on for my critical infrastructure hosts to be able to quickly recover in case of a disaster. I have them exported into OVA (sigle file) format and keep them offsite on a NAS storage as a backup.

1 members found this post helpful.

@Ladowny, nice write up