
I know how to clone a KVM VM. Once cloned I would like to reset cloned VM. How do I reset, unconfigure or customize a virtual machine so clones can be made? How can I reset a KVM clone virtual Machines with virt-sysprep command on a Linux server based hypervisor?
Introduction: You need to use the virt-sysprep command to reset a virtual machine. You can remove ssh-keys, hostname, network mac configuration, user accounts and more. You can enable or disable specific features. This page shows how to use the virt-clone and virt-sysprep commands together to clone a KVM VM on a Linux based server.
Syntax to reset a KVM clone virtual Machines with virt-sysprep command
The syntax is:
virt-sysprep -d kvmDomain
virt-sysprep -d kvmDomainHere options
A list of sysprep operations to perform on a KVM VM to reset it
abrt-data | Remove the crash data generated by ABRT |
backup-files | Remove editor backup files from the guest |
bash-history | Remove the bash history in the guest |
blkid-tab | Remove blkid tab in the guest |
ca-certificates | Remove CA certificates in the guest |
crash-data | Remove the crash data generated by kexec-tools |
cron-spool | Remove user at-jobs and cron-jobs |
customize | Customize the guest |
dhcp-client-state | Remove DHCP client leases |
dhcp-server-state | Remove DHCP server leases |
dovecot-data | Remove Dovecot (mail server) data |
firewall-rules | Remove the firewall rules |
flag-reconfiguration | Flag the system for reconfiguration |
fs-uuids | Change filesystem UUIDs |
kerberos-data | Remove Kerberos data in the guest |
logfiles | Remove many log files from the guest |
lvm-uuids | Change LVM2 PV and VG UUIDs |
machine-id | Remove the local machine ID |
mail-spool | Remove email from the local mail spool directory |
net-hostname | Remove HOSTNAME and DHCP_HOSTNAME in network interface configuration |
net-hwaddr | Remove HWADDR (hard-coded MAC address) configuration |
pacct-log | Remove the process accounting log files |
package-manager-cache | Remove package manager cache |
pam-data | Remove the PAM data in the guest |
passwd-backups | Remove /etc/passwd- and similar backup files |
puppet-data-log | Remove the data and log files of puppet |
rh-subscription-manager | Remove the RH subscription manager files |
rhn-systemid | Remove the RHN system ID |
rpm-db | Remove host-specific RPM database files |
samba-db-log | Remove the database and log files of Samba |
script | Run arbitrary scripts against the guest |
smolt-uuid | Remove the Smolt hardware UUID |
ssh-hostkeys | Remove the SSH host keys in the guest |
ssh-userdir | Remove “.ssh” directories in the guest |
sssd-db-log | Remove the database and log files of sssd |
tmp-files | Remove temporary files |
udev-persistent-net | Remove udev persistent net rules |
user-account | Remove the user accounts in the guest |
utmp | Remove the utmp file |
yum-uuid | Remove the yum UUID |
You can choose which sysprep operations to perform. Give a comma-separated list of operations, for example:
virt-sysprep -d {vmDomainHere} --enable ssh-hostkeys,udev-persistent-net
Step 1. Clone your VM and spawn new instances in KVM
First use the virsh list command to get a list of all running VM domains/guest:
virsh list
Sample outputs:
1 openbsd62 running 2 freebsd11-nixcraft running 3 fedora28-nixcraft running 4 rhel7 running 5 centos7-nixcraft running 6 sles12sp3 running 16 bionic running
First suspend the KVM, run:
virsh suspend bionic
Domain bionic suspended
To clone vm named ‘bionic’ as testvm using the virt-clone command, run:
virt-clone --original bionic --name testvm --auto-clone
You may resume bionic VM, run:
virsh resume bionic
Domain bionic resumed
Step 2. Use virt-sysprep command
Simply run as follows to reset everything:
virt-sysprep -d testvm
You can setup the hostname of the guest and force to keep the user account named vivek in the guest:
virt-sysprep -d testvm --hostname testvm --enable user-account --keep-user-accounts vivek
You can create a new Linux user account called tom and force password change on first login as follows:
virt-sysprep -d testvm --firstboot-command 'useradd -s /bin/bash -m -G sudo tom; chage -d 0 tom'
You can set root user account password too:
virt-sysprep -d testvm --root-password password:MySuperSecureRootPasswordHere
Or combine all of them:
virt-sysprep -d testvm --hostname testvm --keep-user-accounts vivek --root-password password:MySuperSecureRootPasswordHere
How to skip certain guest VM reset features
You can enable specific operations with --enable. For example, enable all options except resetting fs-uuids ( Change filesystem UUIDs), lvm-uuids ( Change LVM2 PV and VG UUIDs), and ssh-userdir ( Remove “.ssh” directories in the guest):
w=$(virt-sysprep --list-operations | egrep -v 'fs-uuids|lvm-uuids|ssh-userdir' | awk '{ printf "%s,", $1}' | sed 's/,$//') echo "$w" |
Now run it as follows:
virt-sysprep -d testvm --hostname testvm --keep-user-accounts vivek --enable $w
Another example:
virt-sysprep -d testvm --hostname testvm --keep-user-accounts vivek --enable $w --firstboot-command 'dpkg-reconfigure openssh-server'
Step 3. Start the VM
virsh start testvm
Domain testvm started
Verify it with the following virsh command:
virsh list
Step 4. Login to the VM
Find/get the DHCP IP address of testvm using the following command along with the grep command:
virsh net-dhcp-leases default
virsh net-dhcp-leases default | grep testvm
virsh net-dhcp-leases default | grep testvm | awk '{ print $5}'
Sample outputs:
192.168.122.174/24
Use the ssh command:
ssh vivek@192.168.122.174