KVM Usage Details

Introduced:

KVM (kernel-based virtual machine, or kernel-level VM) is an open-source system virtualization module that is used for virtualization infrastructure in the Linux core, and KVM was introduced into the Linux 2.6.20 core in February 2007 and is Introduction of FreeBSD. It is managed using Linux's own scheduler, so its core source code is few compared to Xen. KVM has become one of the mainstream VMM in academia today.
KVM requires modified QEMU software (QEMU-KVM) and VirT (libvirt)as the upper control interface of the virtual machine,KVM can run multiple virtual machines at the same time without changing Linux or Windows mirroring, and configure a personalized hardware environment for each virtual machine (network card, disk, graphics adapter ...). ), you can also load semi-virtualized drives on demand, and enhance collaboration with hardware.
in the mainstream Linux kernel, such as 2.6.20 above the core contains the KVM core, in the last two years of the Linux kernel update, also has enhanced KVM stability and load capacity modification.

Word, KVM is the same virtual machine tool as vmware,virtual box, but he doesn't have a Windows version. He is powerful, stable, and, above all, free-to-open source.

Installing KVM:

Before installation, you need to check the CPU support is not virtualization, otherwise, installed also meaningless.

Cat/proc/cpuinfo |grep-e ' VMX|SVM '

If the output contains VMX, it is the Intel processor virtual Machine Technical flag: If the SVM is included, the AMD processor virtual machine Technology logo, if nothing, the system does not support virtualization processing, not KVM, of course, in recent years, the majority of new CPUs are supported.

Then, you can install, KVM This tool is actually a tool cluster, so to compile and install, it is too difficult, so whether the article is recommended yum or apt installation, and fortunately the official and unofficial source of the KVM update follow up faster, so still can.

#redhat和centosyum install-y QEMU-KVM libvirt virt-manager python-virtinst libvirt-client libvirt-python#ubuntuapt-get Install-y QEMU-KVM libvirt-bin virt-manager virtinst python-libvirt# then start service LIBVIRTD start

Package Description:

QEMU-KVM:KVM basic functionality, but just installing KVM is not a full-on virtual machine, just installing a hypervisor (this step is the same as simply installing an ESXi product), you must install some management tool packages to use.

Libvirt: is an API library that can interact with the hypervisor. Libvirt uses the XM virtualization architecture and Virsh command-line tools to manage and control virtual machines.
Virt-manager: Also known as virtual Machine Manager, which provides graphical tools for managing virtual machines. It uses the Libvirt library as the management API.
Virtinst: Provides the Virt-install command to create a virtual machine.

Libvirt-python: The package contains a module that allows applications written in the Python programming language to use

There are other dependent packages that are not explained, to this KVM is the installation is complete, the following will see how to install the virtual machine.

To install a virtual machine:

Software is finished, then on the virtual machine, but before the installation, still need to do something to check the SELinux shutdown status and the bios of the virtualization has not opened, if the two did not do well, you can not install the virtual machine.

#关闭selinux # dynamic shutdown mode, restart will still open Setenforce 0# permanent shutdown mode, but need to restart to take effect sed-i '/^selinux=/c\selinux=disabled '/etc/selinux/config#    Check to see if the KVM module is loaded, does not load and needs to go to the BIOS setup (of course to reboot) Lsmod |grep-w kvm# This is the result of the open, will be seen 1 this digital KVM 540672 1 kvm_intel# #这是没有开的结果, will see is 0 this number #kvm 540672 0

I think the selinux will not have to say, this is a military-grade firewall, most people are not used, but also hinder the virtual machine and the external communication, not practical, unless you really have such a demand.

As for the BIOS does not open the problem of virtualization, as I said, the CPU in recent years support virtualization, but the server manufacturers for some security and performance reasons, the default shutdown, this time need to manually open, open options are different, I can not one example, if unfortunately not open virtualization, And I ask you to find out for yourselves. If you do not set the module load problem, then your virtual machine installed on the blue screen, it is equal to use.

--------------------------------Selection---Split line----------------------------------------

Then there is a problem with the network setup, like the KVM and other virtual machine software, support NAT and bridge network mode, although I think NAT mode to do iptables forwarding is enough, but there are always some people think that the bridge mode directly to obtain the local DHCP source IP is also very necessary, and the bridge mode needs to set the server's own network card into a network bridge.

#先配置一个网络桥接设备vim ifcfg-br0device=br0bootproto=staticonboot=yestype=bridgeipaddr=10.10.102.2netmask= 255.255.0.0gateway=10.10.77.254dns1=8.8.8.8delay=0# If you are dhcp#bootproto=dhcp# then configure the local NIC vim ifcfg-eth0device= eth0hwaddr=00:16:76:d6:c9:45onboot=yesbridge=br0nm_controlled=no# Restart the Network service restart# Restart the KVM tool service LIBVIRTD restart

To pay attention to the error message, is only an introduction, you forgive me.

---------------------------------------Split Line---------------------------------------------

OK, the preparation is ready, the following can be installed virtual machine, read just yum package, you should know, can be installed with the command, you can also use graphics to install, and then I do not intend to elaborate, only to say a few points, into the installation system interface Well, I will not say anything, System should be the basic skill of it.

Let's look at one of the most basic command-line installation examples:

#创建一个虚拟机virt-install--name rhel5--hvm--ram 1024x768--disk path=/tmp/win7.img,size=1--network network:default--vnc--os- Variant Vista--CDROM/MNT/CD1

The above operation command, using the network as the default network, the virtual machine name is RHEL5. Memory allocation is 1024M. The location of the virtual machine storage file is:/tmp/rhel5.img uses/MNT/CD1 as the installation source (the folder where ISO is already mounted). Then it will call a graphical interface virt-viewer to install, and then you generally installed the system like, slowly point "next" bar.

To install a virtual machine in a graphical interface, it's even easier:

#调用kvm图形界面安装工具, it is best to operate natively, or there may be a situation where the keyboard will not work Virt-manager

Then it pops up a box:

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/8B/DE/wKioL1hbcmLzdnj0AACW39t-0bg293.png "title=" 1.png " alt= "Wkiol1hbcmlzdnj0aacw39t-0bg293.png"/>

Then just click on [Create Virtual machine], the others will try it on their own, and then cut some of the pictures in detail to say.

Let's talk about some details below:

First of all, the virtual machine storage files, if you have learned about other virtual machine software, in fact, this is still a number of formats, but not to elaborate, just say one, and is the KVM comes with the qcow2 format, his characteristics are scalable, and there is actual storage data will occupy space, no, not accounted for,

#创建一个qcow2格式的虚拟硬盘, Volume 50gqemu-img create-f qcow2 windows2008.img 50g# View this virtual hard disk's information and see that this file actually occupies little space, Because this virtual hard disk does not have data qemu-img info windows2008.imgimage:windows2008.imgfile format:qcow2# #虚拟磁盘50G容量virtual size:50g ( 53687091200 bytes) # #实际占用136K空间disk size:136kcluster_size:65536

This is the compact mode of the disk. If you use Virt-manager to create, the capacity to create disk files cannot exceed the free capacity of the current disk, and it looks less flexible.

Then see where he's flexible and remember to turn off the virtual machine to do it,

#添加1G空间qemu-img Resize windows2008.img +1g qemu-img info windows2008.imgimage:windows2008.imgfile format:qcow2## The total space is 51Gvirtual size:51g (54760833024 bytes) disk size:5.9gcluster_size:65536# But the QCOW2 format cannot be reduced. QEMU-IMG Resize windows2008.img---30gqemu-img:this image format does not support resize

In fact, the QCOW2 format can only add less capacity, while the raw format allows for increased or reduced capacity.

QEMU-IMG Resize rhel-5.7.img---2GImage resized.qemu-img info rhel-5.7.imgimage:rhel-5.7.imgfile format:rawvirtual siz  e:18g (18824036352 bytes) disk size:16gqemu-img Resize Rhel-5.7.img--+2gimage resized.qemu-img info rhel-5.7.imgimage: Rhel-5.7.imgfile format:rawvirtual size:20g (20971520000 bytes) disk size:16g

Each image file format has advantages and disadvantages, want to use 666, is to be familiar with the characteristics of each format, but the personal feel, with good familiar with their own can also, most of the situation is not very different.

Then, you have the installation steps for the beginning of the command:

#先挂载一个iso系统盘mount-O Loop/data/vsftp/cn_windows_server_2008_r2_standard_xxxx.iso/mnt/cd1/mount:/dev/loop0 is write-protected, mounting read-only# installation command Virt-install--name win2008--hvm--ram 1024x768--disk path=/data/kvmimg/ windows2008.img,size=1--network network:default--vnc--os-variant Vista--cdrom/mnt/cd1# then, a box pops up and the system installation screen appears How to install the system I will not say, this people should know how to installation # Finally, after the installation, remember to remove the ISO-mount UMOUNT/MNT/CD1

Of course, as with other virtual machine software, he also supports cloning:

Turn off the demo virtual machine. This system as a template, from the template inside the link mode to do the clone.

#进入镜像的目录cd/data/kvmimg/## #创建一个名为mysqla. img Disk File qemu-img create-b demo.img-f qcow2 mysqla.imgformatting ' mysqla.img ' , Fmt=qcow2 size=53687091200 backing_file= ' demo.img ' Encryption=off cluster_size=0

Create a configuration file for a new virtual machine, in the Linux world, everything is a file

#进入/etc/libvirt/qemu is where KMV's configuration files are stored. cd/etc/libvirt/qemu# You can copy two copies. respectively, Mysqla.xml and MYSQLB.XMLCP demo.xml mysqla.xml# as a UUID to use, one will use the uuidgen50cb15eb-8f53-4d35-a1bb-0aafd7f280e7# Modify the configuration file, general modification of four places can be. Name/uuid/the/mac address of the disk source file. Vim mysqla.xml## #这个为虚拟机的机器名, the machine name is not equal to Hostname<name>mysqla</name> # # #修改新的uuid, because the UUID is a unique identifier for each virtual machine, the one just generated <uuid>50cb15eb-8f53-4d35-a1bb-0aafd7f280e7</uuid>## #磁盘新路径, which is the disk source file. <source file= '/data/kvmimg/mysqla.img '/> # # #修改其中一个mac地址的数字即可 to prevent duplicate MAC addresses <mac address= ' 52:54:00:a6:56:89 '/ > #修改好保存退出, and then restart/ETC/INIT.D/LIBVIRTD restart# You can start Mysqla this virtual machine using the Virt-manger graphical interface. You can also start with the command line. #域 Mysqla was created (from/etc/libvirt/qemu/mysqla.xml) Virsh Create/etc/libvirt/qemu/mysqla.xmlvirsh start Mysqla

By analogy, you can create many clones of images.

The graphical interface literally means:

Click on the "Create New virtual machine" shown in the first image, and then pop up a window, where no special needs, are the default, point [forward] Next

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/8B/E0/wKioL1hbmLfBQVirAADw_nZTEA0388.png "style=" float: none; "title=" 2.png "alt=" Wkiol1hbmlfbqviraadw_nztea0388.png "/>

Here Select the ISO file, as indicated by the arrow, click [Browse], then select the Mirror directory, here is [COP], then choose the ISO file you want to install

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8B/E4/wKiom1hbmLeAmjEMAAIz3ffVDIU400.png "style=" float: none; "title=" 3.png "alt=" Wkiom1hbmleamjemaaiz3ffvdiu400.png "/>

Then, select the memory and CPU you want to allocate, you want to install faster, you can split more points, you can easily change after

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/8B/E0/wKioL1hbmLjDwHUkAAC08QjYw0c507.png "style=" float: none; "title=" 4.png "alt=" Wkiol1hbmljdwhukaac08qjyw0c507.png "/>

Select the virtual hard disk, you want to use the default format directly to change the number, and then the next step is good, you want to create yourself, then click [Manage], then select the path you want to store the virtual hard disk image file, then click the Green [plus], then create the format and capacity you want, click [Finish], Finally select the virtual hard disk image you just created, then click [Foeward] Next

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/8B/E4/wKiom1hbmLmxz-0KAAJmg5xctVw125.png "style=" float: none; "title=" 5.png "alt=" Wkiom1hbmlmxz-0kaajmg5xctvw125.png "/>

Finally renamed, and select the network, generally only this NAT mode, you have to set the bridge to choose the Network Bridge you created on the line

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/8B/E0/wKioL1hbmLmD1ZXLAAD4Ljw07AE576.png "style=" float: none; "title=" 6.png "alt=" Wkiol1hbmlmd1zxlaad4ljw07ae576.png "/>

Still, install the system I will not say more, you operate on their own.

Virtual Machine Port mappings:

We installed the virtual machine of course not to play, is to use it, but the problem is, if not the Network Bridge mode, in the NAT mode, although the virtual machine can access the external network, the external network is not access to it, this can do? Don't panic, Linux has iptables, can achieve the routing function, to achieve packet forwarding.

First, there are two points to understand:

First, the new version of KVM in the LIBVIRTD boot, will be added to ensure that the virtual intranet network normal access to the NAT rules come in, in the old version is not, so some articles because the version of the old and new problems, and may not be able to use, because the rules of the two sides might have some conflict.

Second, the system comes with the iptables matching rules are successively divided, the default is bottom-up matching, with the last match to prevail, so there is a possibility and KVM self-rule conflict problem,-A is added to the bottom line,-I is added to the top row.

To see what to do, for example we have a Windows virtual machine, to open a remote 3389 port:

Master ip:192.168.1.132
Machine map Destination Port: 3389
NAT Gateway: 192.168.122.1
Virtual Machine ip:192.168.122.73
Virtual Machine Port: 3389

#开启路由转发功能, add change sed-i '/net\.ipv4\.ip\_forward/c\net\.ipv4\.ip\_forward\=1 '/etc/sysctl.conf# in/etc/sysctl.conf Some may not have this setting, so just add the echo "Net\.ipv4\.ip\_forward\=1" >>/etc/sysctl.conf# to the file at the end of the file to reload the parameters sysctl-p# Turn on the iptables of the KVM server, #让来自3389的请求透过防火墙连接到防火墙之后转发给192.168.122.73, and according to the following rules forwarded out, without this, the following two are not used. Iptables-i forward-d 192.168.122.73/32-p TCP--dport 3389-j accept# forwards all requests for access 192.168.1.132:3389 to 192.168.122.73 : 3389 on the port. Iptables-t nat-a prerouting-p tcp--dport 3389-d 192.168.1.132-j DNAT--to 192.168.122.73:3389

There is no need to do snat, because LIBVIRTD added the masquerade rule in the NAT table is equivalent to having done a snat conversion for you!

If your iptables is empty, that's exactly what you need to do,

The data for the #把所有访问192.168.122.73:3389 ports are all forwarded through the 192.168.122.1 gateway. Iptables-t nat-a postrouting-p tcp-d 192.168.122.73--dport 3389-j SNAT--to 192.168.122.1

If iptables too many rules, it is not good to save saving, then write a script.

Cat fow.sh#!/bin/bashguest_name=win2008host_external_ipaddr=192.168.1.132host_port=3389host_ipaddr= 192.168.122.1guest_ipaddr=192.168.122.73guest_port=3389if [  "${1}"  =  "${guest_name}"   ]; then  if [  "${2}"  =  "Start"  ]; then      iptables -t nat -a prerouting -p tcp --dport ${host_port} - d ${host_external_ipaddr}                -j dnat --to ${guest_ipaddr}:${guest_port}     iptables  -I FORWARD -d ${Guest_ipaddr}/32 -p tcp                --dport ${Guest_port} -j ACCEPTelif  [  "${2}"  =  "Stopped"  ]; then     iptables -t nat  -D PREROUTING -p tcp --dport ${host_port} -d ${host_external_ipaddr}                -j dnat --to ${guest_ipaddr}:${ Guest_port}     iptables -d forward -d ${guest_ipaddr}/32 -p  tcp               --dport  ${guest_port} -j accept fifi

This is a single match, of course you can be changed to a number of matches, this oneself slowly to grope.

KVM Usage Details