Difference between revisions of "Kvm"
(11 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
KVM is a Linux-based full virtualization tool which utilizes the virutalization extensions available with several models of Intel and AMD processors. | KVM is a Linux-based full virtualization tool which utilizes the virutalization extensions available with several models of Intel and AMD processors. | ||
+ | |||
+ | = Useful Information = | ||
+ | |||
+ | Standard locations on our systems: | ||
+ | * Standard location for configuration: /etc/libvirt | ||
+ | * Virtual machine definitions: /etc/libvirt/qemu | ||
+ | * The images can be in /kvm or /var/lib/libvirt/images/ | ||
= Installation = | = Installation = | ||
+ | |||
+ | * See How to use Grub2: https://wiki.centos.org/HowTos/Grub2 | ||
+ | ** Add "console=ttyS0" to the end of the Linux kernel line. | ||
== Prerequisites == | == Prerequisites == | ||
Line 11: | Line 21: | ||
'''NPG Systems With Virtualization Support''' | '''NPG Systems With Virtualization Support''' | ||
− | + | *[[Gourd]] -- Main system - runs Einstein, Roentgen | |
− | *[[Gourd]] | + | *[[Taro]] -- TOO OLD |
− | *[[Taro]] | + | *[[Pumpkin]] -- Secondary system -- runs Jalapeno, Corn = No access to server net. |
− | *[[ | + | *[[Endeavour]] -- Test machine. |
− | *[[ | ||
− | |||
== Installing the Software == | == Installing the Software == | ||
Line 60: | Line 68: | ||
DELAY=0 | DELAY=0 | ||
− | + | ||
+ | There are some problems (detailed [https://bugzilla.redhat.com/show_bug.cgi?id=512206 here]) with using bridged interfaces and iptables firewalls. There are two solutions to this problem, both of which effectively stop the host machine's firewall from filtering packets destined for the bridges. The first, and preferred solution is to add these values to /etc/sysctl.conf: | ||
+ | |||
+ | net.bridge.bridge-nf-call-ip6tables = 0 | ||
+ | net.bridge.bridge-nf-call-iptables = 0 | ||
+ | net.bridge.bridge-nf-call-arptables = 0 | ||
+ | |||
+ | and then run | ||
+ | |||
+ | sysctl -p /etc/sysctl.conf | ||
+ | |||
+ | An alternative solution is to tell [[iptables]] to forward packets intended for bridge interfaces using this rule: | ||
-I FORWARD -m physdev --physdev-is-bridge -j ACCEPT | -I FORWARD -m physdev --physdev-is-bridge -j ACCEPT | ||
+ | |||
+ | === Aliases and Network Bridging === | ||
+ | |||
+ | Some systems use network aliases to allow a second IP address on an interface. If the system in question is a VM host with bridged interfaces it can be a bit trickier to add a network alias. Here is an example of an ifcfg script for a network alias attached to a KVM bridged interface: | ||
+ | |||
+ | ONBOOT=yes | ||
+ | TYPE=Ethernet | ||
+ | DEVICE=farmbr:1 | ||
+ | BOOTPROTO=static | ||
+ | IPADDR=10.0.0.88 | ||
+ | NETMASK=255.0.0.0 | ||
+ | NM_CONTROLLED=no | ||
+ | ONPARENT=yes | ||
+ | |||
+ | Note that the device name is the bridge interface name with a :1 on the end. This should be the bridge interface, and not the eth# interface for the alias to work correctly. Also, the filename of the alias configuration should be in the form if ifcfg-bridgename:# where bridgname is the name of the bridge interface and the number is the n-th alias that this interface represents. If the filename is not in this format the aliased interface will not come up correctly when the system's network service is restarted. In the case of the previous example the filename must be "ifcfg-farmbr:1", otherwise the alias will not work correctly. | ||
= Managing Virtual Machines = | = Managing Virtual Machines = | ||
Line 78: | Line 112: | ||
The virt-manager tool provides a GUI for creating and managing VMs. It's fairly simple and straightforward to use. There are also command line tools. | The virt-manager tool provides a GUI for creating and managing VMs. It's fairly simple and straightforward to use. There are also command line tools. | ||
+ | == Moving a Virtual Machine == | ||
+ | |||
+ | See [[Moving A Virtual Machine]] | ||
== KVM Command Reference == | == KVM Command Reference == | ||
Line 90: | Line 127: | ||
Here's one example: | Here's one example: | ||
+ | |||
+ | |||
+ | |||
virt-install -v --name=newvm -r 512 --os-type=linux --os-variant=rhel5 --cdrom=/path/to/rhel5-install-DVD.iso \ | virt-install -v --name=newvm -r 512 --os-type=linux --os-variant=rhel5 --cdrom=/path/to/rhel5-install-DVD.iso \ | ||
Line 113: | Line 153: | ||
1 testvm running | 1 testvm running | ||
- testvm2 shut off | - testvm2 shut off | ||
+ | |||
+ | To view details about a guest VM: | ||
+ | |||
+ | [root@tomato ~]# virsh dominfo testvm | ||
+ | Id: 1 | ||
+ | Name: testvm | ||
+ | UUID: b15052ba-d844-0d13-3d39-ced4a3be4a66 | ||
+ | OS Type: hvm | ||
+ | State: running | ||
+ | CPU(s): 1 | ||
+ | CPU time: 13043.0s | ||
+ | Max memory: 524288 kB | ||
+ | Used memory: 524288 kB | ||
+ | Persistent: yes | ||
+ | Autostart: disable | ||
+ | |||
+ | '''Connecting to VMs through Console''' | ||
+ | |||
+ | In the /etc/grub.conf in the VM operating system add these lines to the grub.conf: | ||
+ | |||
+ | kernel /vmlinuz-2.6.32-431.5.1.el6.x86_64 ro root=/dev/mapper/vg_corn-lv_root rd_LVM_LV=vg_corn/lv_root rd_LVM_LV=vg_corn/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us crashkernel=auto rhgb quiet console=tty0 console=ttyS0,115200 | ||
+ | |||
+ | Also make sure that these lines exist in the xml file loated at /etc/libvirtd/qemu/<domainid>.xml: | ||
+ | |||
+ | <serial type='pty'> | ||
+ | <target port='0'/> | ||
+ | </serial> | ||
+ | <console type='pty'> | ||
+ | <target port='0'/> | ||
+ | </console> | ||
+ | |||
+ | Then you must restart the VM. By this you can now access the VM directly from the Host OS and see the boot process. This also enables you to access the VM when the VM has no connection to the internet. The command to use when connecting to the VM is: | ||
+ | |||
+ | virsh console <domainid> | ||
+ | |||
+ | or for example: | ||
+ | |||
+ | virsh console corn.unh.edu | ||
'''Start, Stop and Reboot Guest VMs''' | '''Start, Stop and Reboot Guest VMs''' | ||
Line 123: | Line 201: | ||
virsh shutdown <guest name> | virsh shutdown <guest name> | ||
+ | |||
+ | The following command will reboot a guest VM: | ||
+ | |||
+ | virsh reboot <guest name> | ||
+ | |||
+ | If a system is not responding and you wish to forcefully shut it down, use this command (but obviously if other more graceful methods have not worked): | ||
+ | |||
+ | virsh destroy <guest name> | ||
You can configure guest systems to start when the host system boots. Add the --disable flag before the guest name in the if you want to turn off starting at boot time. | You can configure guest systems to start when the host system boots. Add the --disable flag before the guest name in the if you want to turn off starting at boot time. | ||
− | virsh autostart <guest name> | + | virsh autostart <guest name> |
+ | |||
+ | '''Changing VM Properties''' | ||
+ | |||
+ | Set the current memory allocation (in kilobytes) for a guest system: | ||
+ | |||
+ | virsh setmem <guest name> kilobytes | ||
+ | |||
+ | Set the maximum memory allocation for a guest vm: | ||
+ | virsh setmaxmem <guest name> kilobytes | ||
+ | Set the current number of virtual CPUs in a guest system: | ||
− | + | virsh setvcpus <guest name> count | |
= Converting VMWare to KVM = | = Converting VMWare to KVM = |
Latest revision as of 16:35, 11 February 2021
KVM is a Linux-based full virtualization tool which utilizes the virutalization extensions available with several models of Intel and AMD processors.
Useful Information
Standard locations on our systems:
- Standard location for configuration: /etc/libvirt
- Virtual machine definitions: /etc/libvirt/qemu
- The images can be in /kvm or /var/lib/libvirt/images/
Installation
- See How to use Grub2: https://wiki.centos.org/HowTos/Grub2
- Add "console=ttyS0" to the end of the Linux kernel line.
Prerequisites
KVM will only work on systems with processors offer virtualization support. To find out if a system's processor supports virtualization you can look in /proc/cpuinfo for the vmx (Intel) or svm (AMD) flags. This command should do the trick:
egrep '(vmx|svm)' --color=always /proc/cpuinfo
NPG Systems With Virtualization Support
- Gourd -- Main system - runs Einstein, Roentgen
- Taro -- TOO OLD
- Pumpkin -- Secondary system -- runs Jalapeno, Corn = No access to server net.
- Endeavour -- Test machine.
Installing the Software
If you're using a RHEL system you need to enable the virtualization add-on entitlement to your RHEL license. You can install the packages via yum. This is the list of packages you will need:
libvirt-python kvm virt-manager libvirt kvm-qemu-img kmod-kvm kvm-tools python-virtinst
Configuration
Start the libvirtd service, and configure it to start at boot.
chkconfig --level 345 libvirtd on service libvirtd start
Network Bridging
KVM requires bridged networks to be configured manually. The configuration for RHEL 5 systems should look something like this:
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0 ONBOOT=yes HWADDR=FF:FF:FF:FF:FF:FF BRIDGE=br0
/etc/sysconfig/network-scripts/ifcfg-br0
ONBOOT=yes TYPE=Bridge DEVICE=br0 BOOTPROTO=static IPADDR=10.0.0.2 NETMASK=255.0.0.0 NM_CONTROLLED=no DELAY=0
There are some problems (detailed here) with using bridged interfaces and iptables firewalls. There are two solutions to this problem, both of which effectively stop the host machine's firewall from filtering packets destined for the bridges. The first, and preferred solution is to add these values to /etc/sysctl.conf:
net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-arptables = 0
and then run
sysctl -p /etc/sysctl.conf
An alternative solution is to tell iptables to forward packets intended for bridge interfaces using this rule:
-I FORWARD -m physdev --physdev-is-bridge -j ACCEPT
Aliases and Network Bridging
Some systems use network aliases to allow a second IP address on an interface. If the system in question is a VM host with bridged interfaces it can be a bit trickier to add a network alias. Here is an example of an ifcfg script for a network alias attached to a KVM bridged interface:
ONBOOT=yes TYPE=Ethernet DEVICE=farmbr:1 BOOTPROTO=static IPADDR=10.0.0.88 NETMASK=255.0.0.0 NM_CONTROLLED=no ONPARENT=yes
Note that the device name is the bridge interface name with a :1 on the end. This should be the bridge interface, and not the eth# interface for the alias to work correctly. Also, the filename of the alias configuration should be in the form if ifcfg-bridgename:# where bridgname is the name of the bridge interface and the number is the n-th alias that this interface represents. If the filename is not in this format the aliased interface will not come up correctly when the system's network service is restarted. In the case of the previous example the filename must be "ifcfg-farmbr:1", otherwise the alias will not work correctly.
Managing Virtual Machines
The virt-manager utility can be used to add and remove virtual machines, start and stop VMs, view virtual machine details, add and remove virtual hardware, and access the system console.
The virt-manager tool provides a GUI for creating and managing VMs. It's fairly simple and straightforward to use. There are also command line tools.
Moving a Virtual Machine
KVM Command Reference
Creating a new VM
Before creating a VM you need to create a new virtual disk. Use the qemu-img command to specify the image type, file name and size. The typical file type for a kvm system is in the qcow2 format.
qemu-img create -f qcow2 testvm.img 10G
To install a new VM from the command line use the virt-install command. There are a lot of different options that can be given to this command. It's a good idea to review the manual if you plan on creating a new VM this way. There's a really useful detailed list of options at [this website].
Here's one example:
virt-install -v --name=newvm -r 512 --os-type=linux --os-variant=rhel5 --cdrom=/path/to/rhel5-install-DVD.iso \ --disk path=/kvm/newvm.img,size=10 --network=bridge:br0 --network=bridge:br1 --vnc --vncport=5904
The options are specified in such a way that they should be easy to figure out. This command generates RHEL 5 guest using full virtualization (-v) with the name "testvm". The system will have 512 MB of memory, one CPU, a DVD .iso image as a cd-rom drive, and two NICs which utilize bridge interfaces (one for the farm and one for the UNH network, in this case). The system console will also be accessible via a VNC connection over port 5904 on the host system.
If a disk image already exists, simply use the --disk path=/path/to/disk.img option. If the path points to a nonexistent file a new image will be created. If you want to create a new image in this way make sure to add the size option (in Gigabytes). This will create a dynamically expanding virtual disk of that size.
If the command is successful the new virtual system will be created and the console will be opened with the virt-view command.
Controlling VMs
To control virtual machines from the command line use the virsh tool. It is provided by the package libvirt on CentOS/RHEL systems. Commonly used functions will be listed here. More detailed command options can be found in the virsh manual.
Viewing VM Details
To list all systems available on a host system:
[root@tomato ~]# virsh list --all Id Name State ---------------------------------- 1 testvm running - testvm2 shut off
To view details about a guest VM:
[root@tomato ~]# virsh dominfo testvm Id: 1 Name: testvm UUID: b15052ba-d844-0d13-3d39-ced4a3be4a66 OS Type: hvm State: running CPU(s): 1 CPU time: 13043.0s Max memory: 524288 kB Used memory: 524288 kB Persistent: yes Autostart: disable
Connecting to VMs through Console
In the /etc/grub.conf in the VM operating system add these lines to the grub.conf:
kernel /vmlinuz-2.6.32-431.5.1.el6.x86_64 ro root=/dev/mapper/vg_corn-lv_root rd_LVM_LV=vg_corn/lv_root rd_LVM_LV=vg_corn/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us crashkernel=auto rhgb quiet console=tty0 console=ttyS0,115200
Also make sure that these lines exist in the xml file loated at /etc/libvirtd/qemu/<domainid>.xml:
<serial type='pty'> <target port='0'/> </serial> <console type='pty'> <target port='0'/> </console>
Then you must restart the VM. By this you can now access the VM directly from the Host OS and see the boot process. This also enables you to access the VM when the VM has no connection to the internet. The command to use when connecting to the VM is:
virsh console <domainid>
or for example:
virsh console corn.unh.edu
Start, Stop and Reboot Guest VMs
Add the --console flag after the guest name in this command you want to open a graphical console when the machine starts:
virsh start <guest name>
The shutdown command will instruct the guest OS to attempt a graceful shutdown:
virsh shutdown <guest name>
The following command will reboot a guest VM:
virsh reboot <guest name>
If a system is not responding and you wish to forcefully shut it down, use this command (but obviously if other more graceful methods have not worked):
virsh destroy <guest name>
You can configure guest systems to start when the host system boots. Add the --disable flag before the guest name in the if you want to turn off starting at boot time.
virsh autostart <guest name>
Changing VM Properties
Set the current memory allocation (in kilobytes) for a guest system:
virsh setmem <guest name> kilobytes
Set the maximum memory allocation for a guest vm:
virsh setmaxmem <guest name> kilobytes
Set the current number of virtual CPUs in a guest system:
virsh setvcpus <guest name> count
Converting VMWare to KVM
On the VMWare Machine
1. Make a copy of the system's .vmdk virtual disk file.
2. Convert disk to type 2 (preallocated disk) with vmware-vdiskmanager:
vmware-vdiskmanager -r <original>.vmdk -t 2 <newfile>.vmdk
NOTE: This command with create a version of the file called <newfile>-flat.vmdk, this is the one you want to use.
3. Copy the .vmdk file to a machine with KVM.
On the KVM Machine
4. Use qemu-img to convert the vmware disk to a qemu disk image.
qemu-img convert -O qcow2 testvm_copy-flat.vmdk testvm.qcow
5. Create a new VM and attach the image as an IDE disk.
6. The network interfaces have different MAC addresses. Therefore the system needs to be reconfigured to use the new MAC addresses. The display configuration may also need to be changed.
Changing the MAC Addresses
NOTE: Numbers 1-3 do not apply to CentOS 5.
1. Open /etc/udev/rules.d/70-persistent-net.rules
2. Comment out lines for eth0/eth1 with old MAC addresses
3. Replace the old lines with ones with the new MAC addresses so that the interfaces match the device names you would normally expect. They should be something like eth2 and eth3, and you want to change those to eth0 and eth1
4. Make sure the MAC address changes are reflected in the ifcfg-ethX network scripts.