: Never dd a cloud image directly to a block device without resizing partitions. Always use qemu-img resize followed by a boot that runs growpart and resize2fs . And always, always keep a serial console log.
virsh dumpxml vm-name | grep "driver name" # Look for cache='none' or cache='writethrough' Ubuntu’s kernel sees vCPUs as separate cores. For NUMA-aware workloads (databases), pin vCPUs to physical cores:
| Format | Primary Use Case | Key Characteristics | |--------|------------------|----------------------| | ( .qcow2 ) | OpenStack, KVM, Proxmox | No graphical installer; uses cloud-init ; minimal package set; optimized for first-boot configuration | | Cloud Images ( .img ) | AWS, GCP, Azure (after conversion) | Raw format with partition table; requires cloud-specific agents (e.g., waagent for Azure) | | Vagrant Boxes ( box file) | Development (VirtualBox, libvirt) | Includes VirtualBox Guest Additions or virtio drivers; user vagrant with insecure key; shared folder support | | OVA/OVF | vSphere, ESXi | VMX descriptor + VMDK disk; typically pre-configured for VMware paravirtual SCSI and vmxnet3 | | Live Server ISO | Manual interactive install | Contains debian-installer or Subiquity; not a VM image per se but can generate one post-install | ubuntu vm images
| Component | Desktop Default | Cloud Image Default | |-----------|----------------|----------------------| | Root password | Set by user | Locked ( * in shadow) | | SSH | Not installed | Installed and enabled | | Password auth | Allowed | Disabled (key-only) | | Firewall | None (ufw inactive) | None (cloud security groups handle isolation) | | Automatic updates | Unattended-upgrades off | Unattended-upgrades on (security updates only) | | Kernel livepatch | Off | Available via UA subscription |
virt-customize -a ubuntu.qcow2 --install prometheus-node-exporter virt-customize -a ubuntu.qcow2 --ssh-inject ubuntu:file:/home/me/key.pub This tool mounts the filesystem offline – significantly faster than booting. Even a perfect image can perform badly if the hypervisor configuration mismatches. 6.1 Disk I/O: Writeback vs. None Libvirt’s default cache mode for QCOW2 is writeback . This is dangerous: host crash = data loss in guest. Change to writethrough or none (if using persistent memory). To check: : Never dd a cloud image directly to
cloud-localds seed.iso user-data meta-data # Attach seed.iso as a CDROM to the VM This allows testing cloud-init behavior without a real metadata service. For quick fixes without booting the VM:
<memoryBacking> <locked/> </memoryBacking> The serial console is your only lifeline. Common failures: virsh dumpxml vm-name | grep "driver name" #
Packer launches a VM, runs an autoinstall (Ubuntu's new declarative installer), provisions with shell/Ansible, and outputs QCOW2, VMDK, or raw. Generate a fake metadata disk: