Proxmox VE Full Course: Class 8 – Creating Container Templates

Welcome back to LearnLinuxTV’s full course on Proxmox Virtual Environment! In class #8, we look at the process of converting a container into a template, that can then be used as a basis for launching additional containers.

Subscribe to LearnLinuxTV

Notable Replies

  1. I just wanted to note that @jay says at 5:30 that you don’t want to disconnect your ssh session after deleting the host keys…

    One really nice thing about proxmox is that you can always log in to the console from the GUI even if you have screwed up your ssh config.

    Very helpful for people like me.

  2. In the end of this video, @jay assigns the homework of how to automate the process of creating a template.

    Below is a script I use to prepare a container to become a template. I am also learning systemd at the same time so this might be a bit overly complicated.

    # I use apt-cacher-ng to cache .deb file before installation 
    echo 'Acquire::http::Proxy "http://apt-cacher.lan.arpa:3142";' | sudo tee -a /etc/apt/apt.conf.d/00aptproxy
    
    
    # Update cache and upgrade
    apt update
    apt dist-upgrade -y
    
    
    # Delete machine-id and ssh_host_* files to prevent potential conflict
    truncate -s 0 /etc/machine-id
    rm /etc/ssh/ssh_host_*
    
    
    # Every container is pre populated with an ansible user, password, and public key
    # so ansible can contact the container as needed.
    useradd ansible -s /bin/bash -m -G sudo
    #FIXME figure out how to set password without needing to hardcode it here.
    echo ansible:******** | chpasswd
    sudo -H -u ansible bash -c 'ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa'
    echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZU7YrdJij2vchTR5csMI+C2I13FYbrpsvnWTO+yGhy/Zw+rAC64slHp57f6E3qhimX0t+CeVV0UBAmRKt9gdi3ZeeOLu0BpzC2RMjOvhTlqBkZ8CoGysRqoaeBQG8loMRlaaOWifFcdAEILEgp6wri4xwHJwt2SLV9FeNJ9eRb0i/IflPbzwMP7EIm4Kn0vtl8XIdsSfqO1FT+2hR3SvrnY7GB7vNcQhb0WB8vaszcNxy9E1T1shBNiBlZKstoMFtV8uN2BuupIzNrG+y4ySMWa/+g2jN8QUu095EhTSNaVzK46A72j23mOvxOKJp/IFUvAZQvscj6uTZAwxESsax4Q2zdGKeYKmkErc8Vjee6rRSsUfk+1NRS/60I/Z99f7zGmvQcXRGuMuYh9QxNXMvlY/Fn9XT7CQbPsqWxG/ehpIBGmV65yPE9T21hKg7bVlo0PnyHa3A+Dt/7rKTfVCev/h+80BzBe6rmCZx/PdRb9bHiKs/tMKi6ePvDmkzECc= ansible@ansible' | sudo tee -a /home/ansible/.ssh/authorized_keys
    
    
    # Create a systemd service which runs whenever the cloned system boots
    tee /etc/systemd/system/firstboot.service <<EOF
    [Unit]
    Description=One time boot script
    [Service]
    Type=simple
    ExecStart=/firstboot.sh
    [Install]
    WantedBy=multi-user.target 
    EOF
    
    # Enable the firstboot service
    systemctl enable firstboot.service
    
    
    #Create the script which run by the firstboot serivce
    # The special sauce is that the scrip disables the firstboot service, deletes
    # the firstboot.service file and itself after running.
    tee /firstboot.sh <<EOF
    #!/bin/bash
    rm /etc/ssh/ssh_host_* 
    dpkg-reconfigure openssh-server
    
    systemctl disable firstboot.service 
    rm -rf /etc/systemd/system/firstboot.service
    rm -f /firstboot.sh
    EOF
    
    # Make firstboot exacutable
    chmod +x /firstboot.sh
    
    #Clean the apt cache and unnesessary packages
    apt clean
    apt autoremove
    
    #convert to template
    

Continue the discussion at community.learnlinux.tv

Participants