Kvm

From Nuclear Physics Group Documentation Pages
Jump to navigationJump to search

KVM is a Linux-based full virtualization tool which utilizes the virutalization extensions available with several models of Intel and AMD processors.

Installation

Prerequisites

KVM will only work on systems with processors offer virtualization support. To find out if a system's processor supports virtualization you can look in /proc/cpuinfo for the vmx (Intel) or svm (AMD) flags. This command should do the trick:

egrep '(vmx|svm)' --color=always /proc/cpuinfo

NPG Systems With Virtualization Support

Installing the Software

If you're using a RHEL system you need to enable the virtualization add-on entitlement to your RHEL license. You can install the packages via yum. This is the list of packages you will need:

libvirt-python
kvm
virt-manager
libvirt
kvm-qemu-img
kmod-kvm
kvm-tools
python-virtinst

Configuration

Start the libvirtd service, and configure it to start at boot.

chkconfig --level 345 libvirtd on
service libvirtd start

Network Bridging

KVM requires bridged networks to be configured manually. The configuration for RHEL 5 systems should look something like this:

/etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
ONBOOT=yes
HWADDR=FF:FF:FF:FF:FF:FF
BRIDGE=br0

/etc/sysconfig/network-scripts/ifcfg-br0

ONBOOT=yes
TYPE=Bridge
DEVICE=br0
BOOTPROTO=static
IPADDR=10.0.0.2
NETMASK=255.0.0.0
NM_CONTROLLED=no
DELAY=0


There are some problems (detailed here) with using bridged interfaces and iptables firewalls. There are two solutions to this problem, both of which effectively stop the host machine's firewall from filtering packets destined for the bridges. The first, and preferred solution is to add these values to /etc/sysctl.conf:

net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

and then run

sysctl -p /etc/sysctl.conf

An alternative solution is to tell iptables to forward packets intended for bridge interfaces using this rule:

-I FORWARD -m physdev --physdev-is-bridge -j ACCEPT

Aliases and Network Bridging

Some systems use network aliases to allow a second IP address on an interface. If the system in question is a VM host with bridged interfaces it can be a bit trickier to add a network alias. Here is an example of an ifcfg script for a network alias attached to a KVM bridged interface:

ONBOOT=yes
TYPE=Ethernet
DEVICE=farmbr:1
BOOTPROTO=static
IPADDR=10.0.0.88
NETMASK=255.0.0.0
NM_CONTROLLED=no
ONPARENT=yes

Note that the device name is the bridge interface name with a :1 on the end. This should be the bridge interface, and not the eth# interface for the alias to work correctly. Also, the filename of the alias configuration should be in the form if ifcfg-bridgename:# where bridgname is the name of the bridge interface and the number is the n-th alias that this interface represents. If the filename is not in this format the aliased interface will not come up correctly when the system's network service is restarted. In the case of the previous example the filename must be "ifcfg-farmbr:1", otherwise the alias will not work correctly.

Managing Virtual Machines

The virt-manager tool
The virt-manager hardware interface
CentOS booting in the virt-manager console

The virt-manager utility can be used to add and remove virtual machines, start and stop VMs, view virtual machine details, add and remove virtual hardware, and access the system console.

The virt-manager tool provides a GUI for creating and managing VMs. It's fairly simple and straightforward to use. There are also command line tools.

Moving a Virtual Machine

See Moving A Virtual Machine

KVM Command Reference

Creating a new VM

Before creating a VM you need to create a new virtual disk. Use the qemu-img command to specify the image type, file name and size. The typical file type for a kvm system is in the qcow2 format.

qemu-img create -f qcow2 testvm.img 10G

To install a new VM from the command line use the virt-install command. There are a lot of different options that can be given to this command. It's a good idea to review the manual if you plan on creating a new VM this way. There's a really useful detailed list of options at [this website].

Here's one example:

virt-install -v --name=newvm -r 512 --os-type=linux --os-variant=rhel5 --cdrom=/path/to/rhel5-install-DVD.iso \ 
--disk path=/kvm/newvm.img,size=10 --network=bridge:br0 --network=bridge:br1 --vnc --vncport=5904

The options are specified in such a way that they should be easy to figure out. This command generates RHEL 5 guest using full virtualization (-v) with the name "testvm". The system will have 512 MB of memory, one CPU, a DVD .iso image as a cd-rom drive, and two NICs which utilize bridge interfaces (one for the farm and one for the UNH network, in this case). The system console will also be accessible via a VNC connection over port 5904 on the host system.

If a disk image already exists, simply use the --disk path=/path/to/disk.img option. If the path points to a nonexistent file a new image will be created. If you want to create a new image in this way make sure to add the size option (in Gigabytes). This will create a dynamically expanding virtual disk of that size.

If the command is successful the new virtual system will be created and the console will be opened with the virt-view command.

Controlling VMs

To control virtual machines from the command line use the virsh tool. It is provided by the package libvirt on CentOS/RHEL systems. Commonly used functions will be listed here. More detailed command options can be found in the virsh manual.

Viewing VM Details

To list all systems available on a host system:

[root@tomato ~]# virsh list --all
 Id Name                 State
----------------------------------
 1 testvm               running
 - testvm2              shut off

To view details about a guest VM:

[root@tomato ~]# virsh dominfo testvm
Id:             1
Name:           testvm
UUID:           b15052ba-d844-0d13-3d39-ced4a3be4a66
OS Type:        hvm
State:          running
CPU(s):         1
CPU time:       13043.0s
Max memory:     524288 kB
Used memory:    524288 kB
Persistent:     yes
Autostart:      disable

Connecting to VMs through Console

In the /etc/grub.conf in the VM operating system add these lines to the grub.conf:

kernel /vmlinuz-2.6.32-431.5.1.el6.x86_64 ro root=/dev/mapper/vg_corn-lv_root rd_LVM_LV=vg_corn/lv_root rd_LVM_LV=vg_corn/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us crashkernel=auto rhgb quiet console=tty0 console=ttyS0,115200

Also make sure that these lines exist in the xml file loated at /etc/libvirtd/qemu/<domainid>.xml:

<serial type='pty'>
     <target port='0'/>
</serial>
<console type='pty'>
     <target port='0'/>
</console>

Then you must restart the VM. By this you can now access the VM directly from the Host OS and see the boot process. This also enables you to access the VM when the VM has no connection to the internet. The command to use when connecting to the VM is:

virsh console <domainid>

or for example:

virsh console corn.unh.edu

Start, Stop and Reboot Guest VMs

Add the --console flag after the guest name in this command you want to open a graphical console when the machine starts:

virsh start <guest name>

The shutdown command will instruct the guest OS to attempt a graceful shutdown:

virsh shutdown <guest name>

The following command will reboot a guest VM:

virsh reboot <guest name> 

If a system is not responding and you wish to forcefully shut it down, use this command (but obviously if other more graceful methods have not worked):

virsh destroy <guest name> 

You can configure guest systems to start when the host system boots. Add the --disable flag before the guest name in the if you want to turn off starting at boot time.

virsh autostart <guest name>

Changing VM Properties

Set the current memory allocation (in kilobytes) for a guest system:

virsh setmem <guest name> kilobytes

Set the maximum memory allocation for a guest vm:

virsh setmaxmem <guest name> kilobytes

Set the current number of virtual CPUs in a guest system:

virsh setvcpus <guest name> count

Converting VMWare to KVM

On the VMWare Machine

1. Make a copy of the system's .vmdk virtual disk file.

2. Convert disk to type 2 (preallocated disk) with vmware-vdiskmanager:

vmware-vdiskmanager -r <original>.vmdk -t 2 <newfile>.vmdk

NOTE: This command with create a version of the file called <newfile>-flat.vmdk, this is the one you want to use.

3. Copy the .vmdk file to a machine with KVM.

On the KVM Machine

4. Use qemu-img to convert the vmware disk to a qemu disk image.

qemu-img convert -O qcow2 testvm_copy-flat.vmdk testvm.qcow

5. Create a new VM and attach the image as an IDE disk.

6. The network interfaces have different MAC addresses. Therefore the system needs to be reconfigured to use the new MAC addresses. The display configuration may also need to be changed.

Changing the MAC Addresses

NOTE: Numbers 1-3 do not apply to CentOS 5.

1. Open /etc/udev/rules.d/70-persistent-net.rules

2. Comment out lines for eth0/eth1 with old MAC addresses

3. Replace the old lines with ones with the new MAC addresses so that the interfaces match the device names you would normally expect. They should be something like eth2 and eth3, and you want to change those to eth0 and eth1

4. Make sure the MAC address changes are reflected in the ifcfg-ethX network scripts.