Setting up your own hypervisor at OVH

So, you’ve decided it’s time to rent a beefy dedicated server and set up a hypervisor so you can spin up as many VPSes as you want according to your needs and not have to worry about jacking up the monthly bill for a cloud provider. Let’s talk a bit about doing so at OVH.

Choosing & setting up a server

So let’s start with the server. OVH has two very impressive ranges of servers that are great for hosting hypervisors. The SoyouStart servers are powerful enough to handle the job and at a fantastic price. Probably the best price on the internet for a beefy server. The OVH.com Dedicated server class is also a respectable choice, bringing even beefier servers, more modern hardware, and better support for a still very competitive price. The services also allow you to add additional IPv4 addresses for use on your virtual machines at no additional monthly cost and only a small setup fee (16 per machine for SoyouStart and 256 per machine with OVH.com), which is a very desirable feature for hypervisors.

Once you have a server, it’s time to install the operating system for the hypervisor itself. OVH has a few specialty hypervisor OSes available from their control panel, but I personally just installed Debian Jessie, and that’s the path the rest of this post is going down. It is worth noting that I used a very complicated partitioning configuration that I’m not going to go into detail about right now because it’s not really that important for the functionality of the hypervisor, but I might detail it in a later post. Once the OS is installed, I cleaned up the OVH bits and secured the operating system (which I may make a post about in the future), and installed KVM and libvirt. This is simple enough with a quick apt command: sudo apt-get install qemu-kvm libvirt-bin virtinst. On my local machine, I installed virt-manager for easy GUI based remote management. It’s also worth noting that it would be wise to add yourself to the kvm and libvirt groups on your hypervisor to avoid having to use the root account to manage machines. This can be achieved with a simple sudo adduser coltondrg kvm; sudo adduser coltondrg libvirt. Obviously you should also replace my username with your own.

Getting some IP addresses

We could set up some virtual machines right now, but first let’s order some failover IPs from OVH and set them up appropriately. It shouldn’t be too tricky to find the IP section of your OVH control panel. Just keep in mind that you will have to fork over a small setup fee for each IP you add. I recommend adding larger blocks if possible, as it will give you more expandability in the future and let you set up more machines with less time waiting for orders to be activated. I currently have one block of 4 and one block of 8 on my SoyouStart hypervisor. It’s worth noting that you can have up to 128 individual IPs or 16 blocks (whichever is lower) on SoyouStart, but only the first 16 individual IPs will be free. This is not the same for the OVH.com servers. That also doesn’t include the default IP for your hypervisor.

Creating & configuring a virtual machine

Once you have some IP addresses, now it’s time to create a machine. The first thing you have to do is have OVH assign a MAC address for your virtual machine’s network card so that their routers will set it up properly. When you visit the IP list on your OVH control panel, click the little gear next to the individual IP address that you want to assign to the virtual machine, then click “Add a virtual MAC”. In the window that pops up, make sure the virtual MAC type is “ovh” and that you want to create a new virtual MAC address. The VM name can be anything, the entry for this field really doesn’t matter. After submitting the form, the page will reload and all of the IPs will go wonky. Wait a minute or two for the configuration to be applied across the network and reload the page. You should be able to see the newly assigned virtual MAC in the table. Copy it.

Now that you have an IP and a virtual MAC address, you’re finally ready to create the virtual machine. I’m using virt-manager for this. You should download the ISO of the operating system to the hypervisor so you can mount it. If you want to use a temporary network card to get it installed, the netinst image will work fine, but if you’re going to set up the OVH network card right away, you’ll need to use a complete install image as you will not be able to get online until after the OS is installed. For this example, I’m installing Debian Jessie, but it’s certainly worth noting that the install process changes drastically depending on the operating system you choose. I might do more posts about other operating systems in the future.

After connecting to the hypervisor in virt-manager, create a new machine and make sure you select “Local install media” as the install option. Also make sure that the selected architecture is x86_64. You can create VMs with other architectures, but in most cases you won’t want to do this. Proceed and tell virt-manager where your installer image is and what OS you’re using. The OS options don’t make too much difference in the long run, but it’s good to have them be accurate. For the installer image, just type the full path to it on the filesystem. If it’s downloaded to one of the pools defined in libvirt, you can use the browse button to search for it, but this is not required if you simply type out the path. Proceed to change the memory and CPUs for the machine (these can be changed later), create a virtual disk for the machine, and finally, name the machine. Note that here you should use a short name that is alphanumeric (hyphens and dots are OK too), all lowercase, and describes the machine’s purpose. A good choice might be the hostname or FQDN of the server in question. Finally, tick the box that says “Customize configuration before install” so you can tweak the networking hardware before you install the OS.

Alright, now it’s time to configure the networking hardware. You have two options here. You can reconfigure the default card that virt-manager created to be compliant with OVH’s required settings, or you can create a new card that will be the OVH card and leave the original card there as a NAT card during the installation process. I am going to create a new card for the OVH settings and leave the NAT card there, as this will give me the advantage of having internet access while I’m installing the operating system and before I properly configure the OVH networking. It also will come in handy for something I want to do later, but that’s a story for a different post. So, create a network card (or edit the existing one), and choose the eth0 macvtap for the network source and make sure it’s in bridge mode. For device model I use virtio, but they should all work OK. Finally, make sure the MAC address is changed to the virtual MAC that OVH gave you in the IP table earlier. It’s important that you change the MAC correctly because OVH will not route traffic correctly if you don’t, and you can’t change it again without deleting the card and creating a new one. Also, while we’re here, go ahead and set the VM to start at boot in the Boot Options tab.

Installing Debian Jessie

Now we’re ready to install. Click “Begin Installation” and you will be connected to the graphical console of the machine, hopefully booting up the installation disk you picked. Proceed to install the operating system as you normally would. The only things I have to note here are that if you chose to change the existing interface to match OVH’s settings, make sure you skip the networking configuration, because you won’t be able to get online from the installer. If you chose to use a NAT, when the installer asks you which network interface to use, you can’t really know which is which, so take a guess and if the DHCP configuration fails, go back and pick the other one. After installation, you’re free to go back and delete the NAT network card if you used it for the install, but I’m going to keep it and disable the network within the VM so I can use it later.

The fun part: Getting the VM connected to OVH’s network

Once the OS is installed and ready to go, we can start configuring the network interfaces. This is the fun part. This is also where it starts getting a bit tricky, so I’m including pictures.

First, we’re going to find out what the network cards are called according to the system. Note that this may have changed from the installation process to the installed system, so you can’t just go off of what you found there. Run ip link to get a list of network interfaces. The card that has the MAC with a lot of zeroes in it is most likely the OVH card. In my experience, the virt-manager generated MAC addresses that started with 52: and the OVH card generated MAC addresses that started with 02:. Refer to the image below for what you should be looking for. (Note that if you only have one card in your machine, it’s probably just eth0, but it’s still worth checking this to make sure.)

Now we’re going to take a look at the file /etc/network/interfaces. This file contains the instructions that tell Debian how it should go about connecting to the network. Edit the file using your favourite editor. Remember to add sudo if you’re not at a root shell.

In this file, you should only see a few lines. If you used NAT during the installation, you’ll see some lines related to hotplugging and DHCP. Delete those if you have them. you’ll also see a few lines relating to the interface lo. This is the interface that handles localhost and should not be messed with.

Now we’re going to add the OVH configuration. This should basically look like the following.

# OVH IPv4
auto <INTERFACE>
iface <INTERFACE> inet static
        address <VM IP>
        netmask 255.255.255.255
        broadcast <VM IP>
        post-up route add <GATEWAY IP> dev <INTERFACE>
        post-up route add default gw <GATEWAY IP>
        pre-down route del <GATEWAY IP> dev <INTERFACE>
        pre-down route del default gw <GATEWAY IP>

<VM IP> obviously should be replaced with your VM’s IP address and <INTERFACE> should be the name of the interface we found earlier. But wait, what is the <GATEWAY IP>? Well, it’s actually quite simple. Use the first three octets of the hypervisor’s public IP address with the fourth octet being 254. For example, if your hypervisor’s IP address is 123.145.167.189, your <GATEWAY IP> is 123.145.167.254. Note that the first three octets need to be from the hypervisor’s IP, NOT the failover IP you’re using for the guest. For example, if your failover IP is 12.34.56.78, the <GATEWAY IP> is not 12.34.56.254, and that won’t work. After adding these lines, your /etc/network/interfaces should look something like the image below.

Now restart the networking service. You can acomplish this by rebooting the virtual machine using systemctl reboot or by simply restarting the networking service using systemctl restart networking. Either way, you need to be root, so use sudo if you’re not using a root shell. Now let’s see if we can get online by pinging Google’s DNS server, 8.8.8.8.

Hooray! We’re online! But we’re not quite done yet. You’ll notice that you won’t be able to resolve any domain names. For example, if you try to ping google.com you’ll get an error stating that google.com is an unknown host. We need to set up DNS servers. You can use any DNS servers you like, but I’ll use Google’s DNS. Edit /etc/resolv.conf using your favourite text editor. There should be only two lines looking something like this. If any other lines are present, delete or replace them with these.

nameserver 8.8.8.8
nameserver 8.8.4.4

Success!

Once you’ve fixed that, you should be good to go. Go ahead and upgrade your packages, set up your user accounts, install and configure OpenSSH and your firewall, and set up your VPS however you like it. You should also configure DNS names for your server so you don’t have to remember it’s IP and configure the reverse DNS for your IPs in OVH’s control panel as well. To create more VMs, repeat the process from the “Creating & configuring a virtual machine” part all the way back to here. If you want to install other OSes, I’ll probably make some more of these in the future, but for now you can check out OVH’s documentation on the subject. They should have included a link to their documentation in your failover IP confirmation email.

Conclusion & final thoughts

Despite some networking configuration oddities, OVH is an excellent choice for your hypervisor. The pricing on their dedicated machines (especially the SoyouStart ones) is killer and the free failover IPs sweeten the deal even more. Their network’s reliability is also pretty impressive and they’re a very trusted ISP in Europe. Is running a hypervisor for everyone? No. If you’re only hosting a few websites you’re probably better off just getting a cheap VPS and having fun setting that up, but if you’ve got lots of servers and like to mess around with machines on the internet, setting up your own hypervisor is fun and nerdy, plus you might learn something and save a buck or two while you’re at it.

Comment with your ColtonDRG.com, Twitter, Facebook, Google, or WordPress.com account