vPotato
/
virtuallypotato
mirror of https://github.com/jbowdre/virtuallypotato.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: vPotato:40c26f8767ff46de7f478b1b6a7e79048529032b
Branches Tags
vPotato:main
vPotato:drafts
vPotato:staging
vPotato:vanilla
...
compare: vPotato:88419a34d948ed369ef860ac1019cac180f07472
Branches Tags
vPotato:main
vPotato:drafts
vPotato:staging
vPotato:vanilla

9 Commits
40c26f8767 ... 88419a34d9

Author SHA1 Message Date
John Bowdre 88419a34d9 update draft 2023-02-18 18:11:30 -06:00
John Bowdre 77b97ca4d9 change title 2023-02-18 17:44:15 -06:00
John Bowdre 98ccc3c8ad new draft: manage-vms-with-vagrant-on-chromebook 2023-02-18 17:39:11 -06:00
John Bowdre 65cf8cd7fb Merge branch 'main' into drafts 2023-02-18 17:17:19 -06:00
John Bowdre 6bc248acb8 don't use alias in script 2023-02-17 13:58:15 -06:00
John Bowdre 08386267ab add link to Secure Boot documentation 2023-02-17 13:35:46 -06:00
John Bowdre 30ca751dea sidebar: use embed for vExpert badge 2023-02-17 13:30:03 -06:00
John Bowdre ac1f90c800 minor formatting tweak 2023-02-17 13:21:53 -06:00
John Bowdre 0f170fc9fc update post 2023-02-17 13:16:51 -06:00
3 changed files with 101 additions and 9 deletions
Show Stats Expand all files Collapse all files

9
content/posts/psa-microsoft-kb5022842-breaks-ws2022-secure-boot/index.md
View File

@ -30,15 +30,16 @@ Microsoft released [a patch](https://msrc.microsoft.com/update-guide/releaseNote
So yeah. That's, uh, *not great.*
If you've got any **Windows Server 2022** VMs with **Secure Boot** enabled on **ESXi 6.7/7.x**, you'll want to make sure they *do not* get **KB5022842** until this problem is resolved.
If you've got any **Windows Server 2022** VMs with **[Secure Boot](https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-898217D4-689D-4EB5-866C-888353FE241C.html)** enabled on **ESXi 6.7/7.x**, you'll want to make sure they *do not* get **KB5022842** until this problem is resolved.
I put together a quick PowerCLI query to help identify impacted VMs in my environment:
```powershell
$secureBoot2022VMs = foreach($datacenter in (Get-Datacenter)) {
$datacenter | Get-VM |
Where {$_.Guest.OsFullName -Match 'Microsoft Windows Server 2022' -And $_.ExtensionData.Config.BootOptions.EfiSecureBootEnabled} |
Select @{N="Datacenter";E={$datacenter.Name}},
Name, @{N="Running OS";E={$_.Guest.OsFullName}},
Where-Object {$_.Guest.OsFullName -Match 'Microsoft Windows Server 2022' -And $_.ExtensionData.Config.BootOptions.EfiSecureBootEnabled} |
Select-Object @{N="Datacenter";E={$datacenter.Name}},
Name,
@{N="Running OS";E={$_.Guest.OsFullName}},
@{N="Secure Boot";E={$_.ExtensionData.Config.BootOptions.EfiSecureBootEnabled}},
PowerState
}

91
content/posts/run-vms-chromebook-hashicorp-vagrant/index.md Normal file
View File

@ -0,0 +1,91 @@
---
title: "Run Virtual Machines on a Chromebook with HashiCorp Vagrant" # Title of the blog post.
date: 2023-02-18T17:22:02-06:00 # Date of post creation.
# lastmod: 2023-02-18T17:22:02-06:00 # Date when last modified
description: "Pairing the powerful Linux Development Environment on modern Chromebooks with HashiCorp Vagrant for managing local virtual machines for development and testing" # Description used for search engine.
featured: false # Sets if post is a featured post, making appear on the home page side bar.
draft: true # Sets whether to render this page. Draft of true will not be rendered.
toc: true # Controls if a table of contents should be generated for first-level links automatically.
usePageBundles: true
# menu: main
# featureImage: "file.png" # Sets featured image on blog post.
# featureImageAlt: 'Description of image' # Alternative text for featured image.
# featureImageCap: 'This is the featured image.' # Caption (optional).
# thumbnail: "thumbnail.png" # Sets thumbnail image appearing inside card on homepage.
# shareImage: "share.png" # Designate a separate image for social media sharing.
codeLineNumbers: false # Override global value for showing of line numbers within code block.
series: Projects
tags:
- linux
- chromeos
- homelab
- infrastructure-as-code
comment: true # Disable comment if false.
---
I've lately been trying to do more with [Salt](https://saltproject.io/) at work, but I'm still very much a novice with that tool. I thought it would be great to have a nice little lab environment where I could deploy a few lightweight VMs and practice managing them with Salt - without impacting any systems that are actually being used for anything. I thought it might be fun to create and manage the VMs with [HashiCorp Vagrant](https://www.vagrantup.com/), which provides a declarative way to define what the VMs should look like. That will make it easy to build up, destroy, and redeploy a development environment in a simple, repeatable way.
Also, because I'm a bit of a sadist, I wanted to do this all on my new [Framework Chromebook](https://frame.work/laptop-chromebook-12-gen-intel). I might as well put my 32GB of RAM to good use, right? It took a bit of fumbling, but this article describes what it took to get a Vagrant VM up and running in the [Linux Development Environment](https://chromeos.dev/en/linux) on my Chromebook (which is currently running ChromeOS v111 beta).
### Install the prerequisites
There are are a few packages which need to be installed before we can move on to the Vagrant-specific stuff. It's quite possible that these are already on your system.... but if they *aren't* already present you'll have a bad problem[^problem].
```shell
sudo apt update
sudo apt install \
build-essential \
gpg \
lsb-release \
wget
```
[^problem]: and [will not go to space today](https://xkcd.com/1133/).
I'll be configuring Vagrant to use [`libvirt`](https://libvirt.org/) to interface with the [Kernel Virtual Machine (KVM)](https://www.linux-kvm.org/page/Main_Page) virtualization solution (rather than something like VirtualBox that would bring more overhead) so I'll need to install some packages for that as well:
```shell
sudo apt install virt-manager libvirt-dev
```
And to avoid having to `sudo` each time I interact with `libvirt`, I'll add myself to that group:
```shell
sudo gpasswd -a $USER libvirt ; newgrp libvirt
```
Add HashiCorp repo:
```shell
wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
```
Install `vagrant` and plugins:
```shell
sudo apt update
sudo apt install vagrant
vagrant plugin install vagrant-libvirt
```
Prepare a Vagrant directory:
```shell
mkdir vagrant-bullseye
cd vagrant-bullseye
vagrant init debian/bullseye64
```
Install `rsync`:
```shell
sudo apt install rsync
```
Enable `rsync` (and disable NFS, which isn't supported within LXD) for Vagrant by editing the `Vagrantfile` to include:
```
config.nfs.verify_installed = false
config.vm.synced_folder '.', '/vagrant', type: 'rsync'
```
Start the VM:
```shell
vagrant up
```
Log in:
```shell
vagrant ssh
```

10
layouts/partials/sidebar.html
View File

@ -28,7 +28,7 @@
{{ markdownify $introDescription }}
</div>
<div>
<a href="https://vexpert.vmware.com/directory/9430"><img class="sidebar_badge" src="/logos/vexpert.png" alt="VMware vExpert"></a>
<a href="https://vexpert.vmware.com/directory/9430"><img src="https://vexpert.vmware.com/directory/9430/vexpert-badge-year.png" class="sidebar_badge" alt="vExpert Badge" title="vExpert Badge" /></a>
</div>
{{- if ( ne $s.introURL false ) }}
{{- $r := T "read_more" }}
@ -37,11 +37,11 @@
{{- end }}
{{ if .Site.Params.sidebardisclaimer }}
<div class="sidebardisclaimer">
<h2 class="mt-4">Disclaimer</h2>
<div class="sidebardisclaimer">
<h2 class="mt-4">Disclaimer</h2>
{{ .Site.Params.disclaimerText }}
</div>
{{ end }}
</div>
{{ end }}
{{- $relatedInSidebar := true }}
{{- if eq $s.showRelatedInSidebar false }}