diff --git a/jumper-server/root/bin/iptables-all b/jumper-server/root/bin/iptables-all
index 61611e76a9e1de6233221be4cee11034f946469b..d4d64cffa3400c8cd6ed48ce925378568e7bd761 100755
--- a/jumper-server/root/bin/iptables-all
+++ b/jumper-server/root/bin/iptables-all
@@ -53,6 +53,21 @@ do
iptables -t nat -A PREROUTING -p tcp -i $PUB_IFACE --dport $dport -j DNAT --to-destination $ip:22
done
done
+# kvm ssh ports, 28000~31999, total 4000, should be enough
+for c in {9..9}
+do
+ for s in {21..254}
+ do
+ ip=192.18.$c.$s
+ dport=$((28000 + (c-1)*240 + s))
+ [ "$dport" -gt 31999 ] && {
+ echo "Failed!Port number > 31999!"
+ exit 1
+ }
+ printf "%15s %s\n" $ip "$pubip:$dport" >> $output
+ iptables -t nat -A PREROUTING -p tcp -i $PUB_IFACE --dport $dport -j DNAT --to-destination $ip:22
+ done
+done
rsync -aPz $output pxe:/srv/openlab-jobs/ > /dev/null
output=/root/tbox-service-ports
diff --git a/kvm-server/deploy b/kvm-server/deploy
new file mode 100755
index 0000000000000000000000000000000000000000..e07e3c9fbf709f2a1f0751de1e7d1a9375ec88e9
--- /dev/null
+++ b/kvm-server/deploy
@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+# Before run this script, make sure you have created large LVM storage mounted on /kvm
+
+yum -y install qemu* libvirt* AAVMF virt-install --nobest
+ln -sv /usr/libexec/qemu-kvm /usr/bin/
+systemctl enable libvirtd && systemctl restart libvirtd
+nmcli con add type bridge con-name br0 ifname br0 autoconnect yes
+nmcli con add type bridge-slave ifname enp125s0f0 master br0
+tail -n5 /etc/sysconfig/network-scripts/ifcfg-enp125s0f0 >> /etc/sysconfig/network-scripts/ifcfg-br0 && sed -i "s/dhcp/static/g" /etc/sysconfig/network-scripts/ifcfg-br0
+nmcli con down enp125s0f0; nmcli con up br0
+mkdir -p /kvm/images
+mkdir -p /root/kvm-xml
+mkdir -p /root/kvm-log
+chown root:root /kvm/images && chmod 755 /kvm/images
+virsh pool-define-as StoragePool --type dir --target /kvm/images
+virsh pool-build StoragePool
+virsh pool-start StoragePool
+virsh pool-autostart StoragePool
+
+for i in usr
+do
+ rsync -avPz $i /
+done
+
+chmod +x /usr/local/bin/*
+
+# after this script, you should transfer base images here from other kvm server
diff --git a/kvm-server/usr/local/bin/deploy_kvm b/kvm-server/usr/local/bin/deploy_kvm
new file mode 100755
index 0000000000000000000000000000000000000000..9d6db57a1ad1480849112b1a57aa7a91f673b4be
--- /dev/null
+++ b/kvm-server/usr/local/bin/deploy_kvm
@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+
+kvm="$1"
+base="$2"
+base_img="$3"
+uuid="$4"
+mac="$5"
+today=$(date "+%Y%m%d")
+
+log=/root/kvm-log/$kvm-$today-DEPLOY
+cd /kvm/images && qemu-img create -b $base_img -f qcow2 $kvm.img
+printf "KVM image %s duplicated to %s.\n" $base_img $kvm.img >> $log
+cd /root/kvm-xml && virsh dumpxml $base > $kvm.xml
+printf "KVM configuration dumped to %s.\n" $kvm.xml >> $log
+sed -i "s#[^<]\+#$kvm#g" /root/kvm-xml/$kvm.xml
+sed -i "s#[^<]\+#$uuid#g" /root/kvm-xml/$kvm.xml
+sed -i "s#[0-9a-fA-F]\{2\}\(:[0-9a-fA-F]\{2\}\)\{5\}#$mac#g" /root/kvm-xml/$kvm.xml
+sed -i "s#1\.img#$kvm\.img#g" /root/kvm-xml/$kvm.xml
+printf "KVM configuration modification complete." >> $log
+virsh define /root/kvm-xml/$kvm.xml
+printf "KVM %s registered." $kvm >> $log
+virsh autostart $kvm
+printf "KVM %s assigned autostart." $kvm >> $log
+virsh start $kvm
+printf "KVM %s booted." $kvm >> $log
+
+echo "KVM $kvm deploy progress complete."
diff --git a/kvm-server/usr/local/bin/remove_kvm b/kvm-server/usr/local/bin/remove_kvm
new file mode 100755
index 0000000000000000000000000000000000000000..930e0f97b5e96091f6dd0722538b6a240b4af4d9
--- /dev/null
+++ b/kvm-server/usr/local/bin/remove_kvm
@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+kvm="$1"
+today=$(date "+%Y%m%d")
+
+log=/root/kvm-log/$kvm-$today-REMOVE
+virsh destroy $kvm
+printf "KVM %s destroyed\n" $kvm >> $log
+virsh undefine $kvm --nvram
+printf "KVM %s undefined\n" $kvm >> $log
+virsh vol-delete --pool StoragePool --vol $kvm.img
+printf "KVM volume %s.img unregistered\n" $kvm >> $log
+rm -f /kvm/images/$kvm.img
+printf "KVM image %s.img deleted\n" $kvm >> $log
+
+echo "KVM $kvm remove progress complete."
+