pici and ziti

Introduction

This page describes the installation of pici and ziti, which form my new virtualisation platform.

Procedure

1. This is a PM with a 24-core CPU, 64GB RAM, 3 NICs (one public, one attached to backlan, one unused).
2. Complete Installing Debian 12 on a PM or KVM VM.
3. Edit /etc/pcms/pcms.conf to contain only:

   MAKE_FLAG=false
   

   (This will allow pcms to perform nightly upgrades, but will not let pcms re-configure the system, which could trigger a reboot.)

4. Complete Configuring virtualisation services (revision 5).
5. Complete Finalising a Linux installation.
6. Setup inadyn, etc for emergency access and test from phone.
7. Recently, I’ve had a couple of crashes. Work around each symptom as follows:
   1. Ensure kernel panics trigger reboots by running:

      echo 'kernel.panic = 10' > /etc/sysctl.d/local.conf
      sysctl --quiet --system
      sysctl kernel.panic

   2. Ensure ssh hanging or having exited triggers a reboot as follows:
      1. Run:

         mkdir -p /etc/watchdog.d

         (The directory is not created by installing the package below, but we also want to have the script in place when the package is installed.)

      2. Create /etc/watchdog.d/check-port-22-open containing:

         #!/bin/bash
         PROGNAME=${0##*/}
         
         DELAY_FILE=/tmp/$PROGNAME.delay
         PORT=22
         
         log() { logger -t "$PROGNAME[$$]" "$1"; }
         
         if [ ! -f $DELAY_FILE ]; then
             log "delay file doesn't exist; creating ..."
             touch $DELAY_FILE
         # Don't check in first five minutes of uptime
         elif (($(date +%s) - $(stat -c %Y $DELAY_FILE) < 300)); then
             log "delay file is too young; waiting ..."
         elif fgrep -q ": 00000000:$(printf "%04x\n" $PORT) 00000000:0000 " /proc/net/tcp; then
             log "localhost is listening on $PORT; test passing ..."
         else
             log "localhost is *not* listening on $PORT; test failing ..."
             exit 1
         fi

      3. Run:

         chmod 755 /etc/watchdog.d/check-port-22-open
         apt-get -y install watchdog

      4. Edit /etc/watchdog.conf and set:

         ...
         interval = 10
         ...

      5. Run:

         systemctl stop watchdog
         systemctl start watchdog

         (systemctl restart watchdog won’t work due to BTS#835496.)

      6. Monitor /var/log/syslog with:

         tail -f /var/log/syslog

      7. There should be new entries like:

         2025-04-17T14:56:25.763943+02:00 pici check-port-22-open[19652]: localhost is listening on 22; test passing ...

See also

• Computing