How to reset a KVM clone virtual Machines with virt-sysprep on Linux

by Vivek Gite

I know how to clone a KVM VM. Once cloned I would like to reset cloned VM. How do I reset, unconfigure or customize a virtual machine so clones can be made? How can I reset a KVM clone virtual Machines with virt-sysprep command on a Linux server based hypervisor?

Introduction: You need to use the virt-sysprep command to reset a virtual machine. You can remove ssh-keys, hostname, network mac configuration, user accounts and more. You can enable or disable specific features. This page shows how to use the virt-clone and virt-sysprep commands together to clone a KVM VM on a Linux based server.

Syntax to reset a KVM clone virtual Machines with virt-sysprep command

The syntax is:
virt-sysprep -d kvmDomain
virt-sysprep -d kvmDomainHere options

A list of sysprep operations to perform on a KVM VM to reset it

abrt-data Remove the crash data generated by ABRT
backup-files Remove editor backup files from the guest
bash-history Remove the bash history in the guest
blkid-tab Remove blkid tab in the guest
ca-certificates Remove CA certificates in the guest
crash-data Remove the crash data generated by kexec-tools
cron-spool Remove user at-jobs and cron-jobs
customize Customize the guest
dhcp-client-state Remove DHCP client leases
dhcp-server-state Remove DHCP server leases
dovecot-data Remove Dovecot (mail server) data
firewall-rules Remove the firewall rules
flag-reconfiguration Flag the system for reconfiguration
fs-uuids Change filesystem UUIDs
kerberos-data Remove Kerberos data in the guest
logfiles Remove many log files from the guest
lvm-uuids Change LVM2 PV and VG UUIDs
machine-id Remove the local machine ID
mail-spool Remove email from the local mail spool directory
net-hostname Remove HOSTNAME and DHCP_HOSTNAME in network interface configuration
net-hwaddr Remove HWADDR (hard-coded MAC address) configuration
pacct-log Remove the process accounting log files
package-manager-cache Remove package manager cache
pam-data Remove the PAM data in the guest
passwd-backups Remove /etc/passwd- and similar backup files
puppet-data-log Remove the data and log files of puppet
rh-subscription-manager Remove the RH subscription manager files
rhn-systemid Remove the RHN system ID
rpm-db Remove host-specific RPM database files
samba-db-log Remove the database and log files of Samba
script Run arbitrary scripts against the guest
smolt-uuid Remove the Smolt hardware UUID
ssh-hostkeys Remove the SSH host keys in the guest
ssh-userdir Remove “.ssh” directories in the guest
sssd-db-log Remove the database and log files of sssd
tmp-files Remove temporary files
udev-persistent-net Remove udev persistent net rules
user-account Remove the user accounts in the guest
utmp Remove the utmp file
yum-uuid Remove the yum UUID

You can choose which sysprep operations to perform. Give a comma-separated list of operations, for example:
virt-sysprep -d {vmDomainHere} --enable ssh-hostkeys,udev-persistent-net

Step 1. Clone your VM and spawn new instances in KVM

First use the virsh list command to get a list of all running VM domains/guest:
virsh list
Sample outputs:

    1     openbsd62                      running    2     freebsd11-nixcraft             running    3     fedora28-nixcraft              running    4     rhel7                          running    5     centos7-nixcraft               running    6     sles12sp3                      running    16    bionic                         running   

First suspend the KVM, run:
virsh suspend bionic
Domain bionic suspended

To clone vm named ‘bionic’ as testvm using the virt-clone command, run:
virt-clone --original bionic --name testvm --auto-clone
virt-clone linux command demo
You may resume bionic VM, run:
virsh suspend bionic
Domain bionic resumed

Step 2. Use virt-sysprep command

Simply run as follows to reset everything:
virt-sysprep -d testvm
reset a KVM clone virtual Machines with virt-sysprep command
You can setup the hostname of the guest and force to keep the user account named vivek in the guest:
virt-sysprep -d testvm --hostname testvm --keep-user-accounts vivek
You can create a new Linux user account called tom and force password change on first login as follows:
virt-sysprep -d testvm --firstboot-command 'useradd -s /bin/bash -m -G sudo tom; chage -d 0 tom'
You can set root user account password too:
virt-sysprep -d testvm --root-password password:MySuperSecureRootPasswordHere
Or combine all of them:
virt-sysprep -d testvm --hostname testvm --keep-user-accounts vivek --root-password password:MySuperSecureRootPasswordHere

How to skip certain guest VM reset features

You can enable specific operations with –enable. For example, enable all options except resetting fs-uuids ( Change filesystem UUIDs), lvm-uuids ( Change LVM2 PV and VG UUIDs), and ssh-userdir ( Remove “.ssh” directories in the guest):

   w=$(virt-sysprep --list-operations | egrep -v 'fs-uuids|lvm-uuids|ssh-userdir' | awk '{ printf "%s,", $1}' | sed 's/,$//')   echo "$w"   

w=$(virt-sysprep –list-operations | egrep -v ‘fs-uuids|lvm-uuids|ssh-userdir’ | awk ‘{ printf “%s,”, $1}’ | sed ‘s/,$//’) echo “$w”

Now run it as follows:
virt-sysprep -d testvm --hostname testvm --keep-user-accounts vivek --enable $w
Another example:
virt-sysprep -d testvm --hostname testvm --keep-user-accounts vivek --enable $w --firstboot-command 'dpkg-reconfigure openssh-server'

virt-sysprep command list options

     -a, --add                     Add disk image file     --append-line            Append line(s) to the file     -c, --connect                  Set libvirt URI     --chmod           Change the permissions of a file     --color, --colors, --colour, --colours                                         Use ANSI colour sequences even if not tty     --commands-from-file      Read customize commands from file     --copy                 Copy files in disk image     --copy-in      Copy local files or directories into image     -d, --domain                Set libvirt guest name     --delete                      Delete a file or directory     -n, --dryrun, --dry-run             Perform a dry run     --echo-keys                         Don't turn off echo for passphrases     --edit                   Edit file using Perl expression     --enable                Enable specific operations     --firstboot 

-a, –add Add disk image file –append-line Append line(s) to the file -c, –connect Set libvirt URI –chmod Change the permissions of a file –color, –colors, –colour, –colours Use ANSI colour sequences even if not tty –commands-from-file Read customize commands from file –copy Copy files in disk image –copy-in Copy local files or directories into image -d, –domain Set libvirt guest name –delete Delete a file or directory -n, –dryrun, –dry-run Perform a dry run –echo-keys Don’t turn off echo for passphrases –edit Edit file using Perl expression –enable Enable specific operations –firstboot

Step 3. Start the VM

virsh start testvm
Domain testvm started

Verify it with the following virsh command:
virsh list

Step 4. Login to the VM

Find/get the DHCP IP address of testvm using the following command along with the grep command:
virsh net-dhcp-leases default
virsh net-dhcp-leases default | grep testvm
virsh net-dhcp-leases default | grep testvm | awk '{ print $5}'

Sample outputs:

   192.168.122.174/24   

Use the ssh command:
ssh vivek@192.168.122.174

Conclusion

You just learned how to clone a KVM VM and reset the data. I strongly suggest that you read virt-sysprep help page here.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Shared via Inoreader