First, KVM Introduction
(KVM is a shorthand for kernel virtual module) KVM is the latest virtualization technology product from Red Hat's 5.4 release. It and vpc,virtual box are all part of a fully virtualized product, and Xen is a semi-virtualized product. While KVM is fully virtualized, support for semi-virtualized virtio on critical hard drives and network cards is largely improved, KVM is a lightweight virtualization representative, and hardware VT support is required, and from the interface, Xen and KVM are Virt-manager tools, The difference is not great, but it is not possible to install and run Xen and KVM on the same machine at the same time, and KVM can only be run on Red Hat Enterprise 64-bit systems while the selinux needs to be turned off. KVM refers to a Linux kernel-based virtual machine (kernel-based). Adding KVM to the Linux kernel is an important milestone in Linux development and is the first virtualization technology to be integrated into the Linux mainline core.
The method used by KVM is to convert the Linux kernel to a hypervisor by simply loading the kernel modules. This kernel module exports a device called/DEV/KVM, which enables the kernel's customer mode (in addition to the traditional kernel mode and user mode). With the/DEV/KVM device, the VM makes its own address space independent of the address space of the kernel or any other VM running. Devices in the device tree (/dev) are common to all user-space processes. But each process that opens the/DEV/KVM sees a different mapping (in order to support isolation between VMS). After KVM installs KVM, you can start the guest operating system in user space. Each guest operating system is a single process for the host operating system (or hypervisor).
1.1 Management tools for KVM virtual machines
To be exact, KVM is only a module in the linux kernel. Management and creation of KVM virtual machines requires more accessibility tools. QEMU-KVM: In Linux system, first we can load KVM module with modprobe command, if use RPM install  KVM software package, the system will load the module automatically at startup. After the module is loaded, you can further create the virtual machine from another tool. But only the KVM module is not enough, because the user can not directly control the kernel module to do things, but also must have a user space tool. The developer of the tool for user space,kvm has chosen the open source virtualization software qemu that has been formed. qemu is a powerful virtualization software that can virtual different CPU architectures. For example, on x86 CPU virtual a Power CPU, and use it to compile a program that can run on the Power . KVM uses a x86 -based part of QEMU and is slightly modified to form a user-space tool QEMU-KVM that can control KVM kernel modules. So the Linux release is divided into kernel parts KVM kernel modules and QEMU-KVM tools. This is the relationship between KVM and QEMU . libvirt, Virsh, Virt-manager: Although QEMU-KVM tools can create and manage KVM virtual machines,redhat as  KVM has developed more auxiliary tools, such as libvirt, libguestfs and so on. The reason is that QEMU tools are inefficient and not easy to use. libvirt is a set of  API that provides multiple language interfaces, provides a convenient and reliable programming interface for various virtualization tools, supports not only  KVM, but also supports other virtual machines such as Xen . With libvirt, you only need to connect to   with the functions provided by libvirt ; kvm or Xen host, you can use the same command to control different virtual machines. libvirt not only provides  API, but also comes with a set of command virsh for managing virtual machines based on text, which you can use by using the virsh command libvirt All the functions. But the end user is more eager for the graphical user interface, which is virt-manager. He is a set of python -authored virtual machine Management graphical interface that allows users to intuitively manipulate different virtual machines. virt-manager is the use of libvirt API implementation.
Second, KVM Server deployment
Turn on the CPU virtualization feature
BIOS Open Virtualization Technology
# egrep ' VMX|SVM '/proc/cpuinfo
#查看CPU是否支持虚拟化, VMX represents an Intel processor, and SVM represents an AMD processor
2.2 Minimizing the installation of the system
The following virtualization packages are installed, mainly:
@virtualization
@Base
@Core
@additional-devel
@base
@large-systems
@storage-CLIENT-ISCSI
@system-MANAGE-SNMP
@virtualization
@virtualization-client
@virtualization-platform
@virtualization-toolsk
2.3 Installing the KVM-related RPM package file
#yum install–y kvmpython-virtinst libvirt bridge-utils virt-manager qemu-kvm-tools virt-viewervirt-viewer virt-v2v Libguestfs-tools
#rpm –qa|grep–e ' Qemu|libvirt|virt '
#查看装了哪些包
#libvirt-client is the client of Libvirt, one of the most important functions is to notify the VM when the host machine is also shutdown, so that the virtual machine system shuts down properly, instead of being forced to shut down, resulting in data loss
#gpxe-rom-qemu is the boot firmware for the virtual machine ipxe, enabling the virtual machine to boot from the network
#libvirt-python is the API Libvirt provides for Python
#python-virtinst is a set of Python virtual machine installation tools
#qemu-KVM is a program that KVM runs in user space
#virt-manager is a libvirt-based graphical virtual machine management software
#libvirt is for managing virtual machines, it provides a set of virtual machine operations APIs that can be used with commands such as Virsh
#virt-viewer console for virtual machine consoles
#virt-top to view resource usage for virtual machines similar to the top command
#virt-what inside the virtual machine to see the virtualized platform that the virtual machine is running on
#qemu-img for creating, viewing, and formatting virtual machine hard disk images
#kvm软件包包含有kvm内核模块, it can provide the KVM hypervisor in the default Linux kernel
#bridge-utils Install network support, set up bridging
2.4 Homestay Host System Configuration
Turn off the firewall and turn off SELinux
#由于防火墙和selinux会阻止libvirt为虚拟机创建网络设备
2.5 Verify that the KVM module is loaded
#lsmod |grep KVM
Kvm_intel 53484 0
KVM 316506 1 Kvm_intel
If it is not loaded correctly, load the module manually
#modprobe Kvm-intel
Reboot re-verify
2.6 Bridge Bridging principle
Bridge mode is the network connection mode of virtual bridge, and the machines inside the client and subnet can communicate with each other. You can make a virtual machine a host with a separate IP in the network. A bridged network (also called a physical device share) is used to replicate a physical device to a single virtual machine. A bridge is used as an advanced setting, especially if the host has multiple network interfaces.
650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M02/82/80/wKiom1dXc8PCvlAlAABfETCyr1g092.jpg-wh_500x0-wm_3 -wmp_4-s_1038674526.jpg "title=" bridge.jpg "alt=" Wkiom1dxc8pcvlalaabfetcyr1g092.jpg-wh_50 "/>
For example, the basic principle of a bridge is to create a bridging interface, BR0, to pass data between physical and virtual network interfaces.
2.7 Host machine configuration bridging network
2.7.1 See if the network is working
Make sure that the NIC you want to use the bridge Bridge can provide network connectivity to the KVM virtual machine module and that the NIC works. The NIC should be able to provide the same network support to the guest's KVM virtual machine. The next example illustrates the configuration of the NIC and can be accessed by the external network. In this example , use the eth0 NIC.
650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M02/82/7F/wKioL1dXdPCy-bsSAADmIw9WNpw377.jpg-wh_500x0-wm_3 -wmp_4-s_2720601030.jpg "title=" wk1.jpg "alt=" Wkiol1dxdpcy-bssaadmiw9wnpw377.jpg-wh_50 "/>
2.7.2 backing up network-scripts network script files
The backup network is configured in a different directory and can be used to restore the network configuration in the future. Ifcfg-eth0 the network script to the/tmp directory according to the following command:
#cp/etc/sysconfig/network-scripts/ifcfg-eth0/tmp
Note: Do not copy the file to the/etc/sysconfig/network-scripts/directory or its subdirectories
2.7.3 new configuration file for bridging
Create a new configuration file for the Linux bridge for/etc/sysconfig/network-scripts/ifcfg-br0, where Br0 is the name of Bridge Bridge, similar to eth0. Use the following command
#cp Ifcfg-eth0 Ifcfg-br0
2.7.4 editing bridge bridge configuration files
Edit the configuration file to allow the packet to go online through bridge. Your network configuration is likely to be online via a static IP (bootproto=static) or from a DHCP server to get the IP (BOOTPROTO=DHCP) internet.
If your network is configured with a static IP address, your configuration is likely to be the same as the following:
Device=eth0
Bootproto=static
Hwaddr=00:14:5e:c2:1e:40
ipaddr=10.10.1.152
netmask=255.255.255.0
Onboot=yes
The following table shows the static IP configuration contents of eth0 and Br0, which can be edited according to the following
650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M02/82/7F/wKioL1dXdbCR0dFgAABL-nhsw0s071.jpg-wh_500x0-wm_3 -wmp_4-s_3758239201.jpg "title=" static.jpg "alt=" Wkiol1dxdbcr0dfgaabl-nhsw0s071.jpg-wh_50 "/>
650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M00/82/80/wKiom1dXdMrA_9MtAABDs8VSJ-g372.jpg-wh_500x0-wm_3 -wmp_4-s_3889782213.jpg "title=" dhcp.jpg "alt=" Wkiom1dxdmra_9mtaabds8vsj-g372.jpg-wh_50 "/>
2.7.5 Restart Network Service
Restart the network to verify that the network configuration is working, and if the network configuration is incorrect, the network connection will be disconnected and your computer will lose access. In this case, check the following configuration file, and then use the following command to restart the following network services:
#service Network Restart
2.7.6 System Kernel parameter configuration
To disable network filters:
Add the following code to the file/etc/sysctl.conf:
net.bridge.bridge-nf-call-ip6tables= 0
net.bridge.bridge-nf-call-iptables= 0
net.bridge.bridge-nf-call-arptables= 0
Reload the kernel parameter:
# sysctl-p
Verify that the configuration is successful
Verify that the following configuration is successful by running ifconfig. If there are two items, that is, the br0 of the bridge and the eth0 that are now working:
Br0 Link encap:ethernet HWaddr 00:14:5e:c2:1e:40
inetaddr:10.10.1.152 bcast:10.10.1.255 mask:255.255.255.0
INET6ADDR:FE80::214:5EFF:FEC2:1E40/64 Scope:link
Upbroadcast RUNNING Multicast mtu:1500 metric:1
rxpackets:125 errors:0 dropped:0 overruns:0 frame:0
txpackets:81 errors:0 dropped:0 overruns:0 carrier:0
collisions:0txqueuelen:0
rxbytes:16078 (15.7 KiB) TX bytes:18542 (18.1 KiB)
Eth0 Link encap:ethernet HWaddr 00:14:5e:c2:1e:40
INET6ADDR:FE80::214:5EFF:FEC2:1E40/64 Scope:link
Upbroadcast RUNNING Multicast mtu:1500 metric:1
rxpackets:206 errors:0 dropped:0 overruns:0 frame:0
txpackets:58 errors:0 dropped:0 overruns:0 carrier:0
collisions:0txqueuelen:1000
rxbytes:27308 (26.6 KiB) TX bytes:13881 (13.5 KiB)
interrupt:74memory:da000000-da012800
Note: You may find that there is no IPv4 address in Eth0 's network information. or your GUI interface network shows that you are off-grid. Don't worry about it. Because Eth0 's network capabilities have been working through BR0. Your host network is still working properly.
You can also use the following commands to see if the Network Bridge is working.
# Brctlshow
Bridgename Bridgeid STP enabled interfaces
Virbr0 8000.000000000000 Yes
Br0 8000.000e0cb30550 No eth0
If it is a similar output, then your Linux bridge bridges are almost configured.
2.7.7 Open the appropriate service
#/etc/init.d/messagebus start
#开启Linux ICP Service, this is the IPC (interprocess communication, interprocess communication) service for Linux. To be exact, it interacts with Dbus and is an important system service. It is highly recommended to open it.
#/etc/init.d/libvirtd restart
#启动virbr0
2.7.8 to close Virbr0
After installing KVM, you will find that there is a virtual network interface called VIRBR0 in the network interface.
#ifconfig
...
Virbr0 Link encap:ethernet HWaddr D2:91:97:B8:3D:FC
inet addr:192.168.122.1 bcast:192.168.122.255 mask:255.255.255.0
Up broadcast multicast mtu:1500 metric:1
RX packets:0 errors:0 dropped:0 overruns:0frame:0
TX packets:0 errors:0 dropped:0 overruns:0carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
...
This is due to the installation and activation of the Libvirt service, Libvirt generates a virtual network switch (VIRBR0) on the server (host), and all virtual machines (guests) on the host are connected through this virbr0. By default, VIRBR0 uses NAT mode (with IP masquerade), so guest can access the external through host in this case.
650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M00/82/80/wKiom1dXdSvQd5vTAACEJmGll4g405.jpg-wh_500x0-wm_3 -wmp_4-s_1768963878.jpg "title=" host.jpg "alt=" Wkiom1dxdsvqd5vtaacejmgll4g405.jpg-wh_50 "/>
Most of the time our virtual machine uses Bridge (bridge) to connect directly to the LAN, so this virbr0 is not necessary (note: Do not confuse, bridge and the Virbr0 Bridge here are irrelevant). How do you turn off this virbr0? First Net-destroy then Net-undefine, and finally don't forget to restart LIBVIRTD let the settings take effect:
# virshnet-list
Name State Autostart
-----------------------------------------
Default Active Yes
# Virsh Net-destroy Default
Network default destroyed
# Virsh Net-undefine Default
Network Default has been undefined
# Service LIBVIRTD Restart
Stopping LIBVIRTD daemon: [OK]
Starting LIBVIRTD daemon: [OK]
Iii.. Virt-install command to deploy virtual machines
Virt-install is a tool for creating a KVM virtual machine on the command line, using Virt-install with some configuration parameters that can eventually generate a complete. XML virtual machine configuration file.
3.1 Installing and configuring the VNC service
#yum Install–y Tigervnc
#yum install-y Tigervnc-server
#vim/etc/sysconfig/vncserver
Vncservers= "1:root"
#配置宿主机VNC显示器为1, the port is 5901
#vncpasswd
#设置VNC密码
3.2 Create a new virtual machine disk
The disk image of a KVM virtual machine can be divided into two types, the first way is to store on file system, the second way is to use bare device directly. Bare devices can be used in direct use of bare disks, or in the way LVM can be used. Raw and qcow2 are often used.
3.2.1 Creating a RAW format image
#qemu-img Create Test 50G
3.2.2 Creating a Qcow2 format image
#qemu-img Create test.qcow2-f qcow2 50G
3.2.3 Image Information View
[Email protected] network-scripts]# qemu-img info/data/kvm/rhel01.img
Image:/data/kvm/rhel01.img
File Format:qcow2
Virtual size:20g (21474836480 bytes)
Disk size:5.5g
cluster_size:65536
3.3 Virtual Machine creation
#virt-install--name=rhel01--ram=1024--vcpu=2--os-type=linux--HVM--cdrom=/tmp/rhel-server-6.5-x86_64-dvd.iso- Disk Path=/data/kvm/rhel01.qcow2,format=qcow2,size=20,bus=virtio--bridge=br0--vnc--vnclisten=0.0.0.0--vncport= 5910--accelerate
#--ram Configuring virtual machine memory, in megabytes
#--name Configuring the name of a virtual machine
#--vcpu Configuring the number of CPUs
#--os-type Specifies the operating system type, such as Linux, Windows
#--hvm Configuration using Full virtualization
#--cdrom using the CDROM installation system, specify the ISO location
#--disk path to set virtual machine disk files
#format the format of the disk file
#size the size of the disk file
#bus =virtio specifying the disk bus
#--bridge Configuring the Bridged NIC
#--vnc Opening VNC support
#--vcport specifying the VNC port
#--vnclisten Specify the address of the listener
#--acclerate when installing the QEMU client, support for available KVM or KQEMU kernel acceleration capability. Unless a client operating system is not compatible with acceleration, this option is recommended best added. If both KVM and KQEMU are supported, the KVM Accelerator will be used first.
Note When installing the WINDOWS2012 system, additional virtio drivers are required, which can be referred to
#virt-install--name=windows01--ram=1024--vcpu=2--os-type=windows--HVM--cdrom=/tmp/cn_windows_server_2012_x64_ Dvd_915588.iso--disk Path=/data/kvm/windows01.qcow2, Format=qcow2,size=50,bus=virtio--bridge=br0--vnc--vnclisten =0.0.0.0--vncport=5920--accelerate--os-variant=win2k8--diskpath=/tmp/virtio-win-0.1.117_amd64.vfd,device= Floppy
Iv. managing virtual Machines
4.1 Viewing the virtual machine list and status
[Email protected] tmp]# Virsh list--all
Id Name State
----------------------------------------------------
-Rhel01 shut off
-Rhel02 shut off
4.2 Starting the virtual machine
[Email protected] tmp]# Virsh start rhel01
Domain Rhel01 started
4.3 Shutting down the virtual machine
Graceful shutdown of virtual machines
#virsh shutdown rhel01
Force shutdown of virtual machines
#virsh Destroy Rhel01
4.4 Deleting a virtual machine
#virsh undefinerhel01
#rm –rf/data/kvm/rhel01.img
And then delete the disk file
4.5 Editing a virtual machine
#virsh editrhel01
Note that direct VI modification of the XML file does not take effect
4.6 Viewing virtual machine-initiated VNC ports
[Email protected]]# virsh Vncdisplay rhel01
: 101
Shown as 101, this is not what we said in the traditional sense of the port, the actual port should be 5900+101=6001
4.7 Viewing log information
4.7.1 viewing the running log for LINVIRTD
When we run the LIBVIRTD, we need to get the LBIVIRTD running information. So we need to find his log file. In general, it is under the/var/log/libvirt/libvirtd.log path. This log file may not be found in this directory. Then we have to configure some LIBVITD parameters.
Edit the file/etc/libvirt/libvirtd.conf set the log level to 1 (debug), #指定日志输出文件名称
Log_level = 1
Log_outputs= "1:file:/var/log/libvirt/libvirtd.log"
Note: LIBVIRTD. Log files may grow rapidly. Users should configure logrotate, otherwise your/var file system will eventually fill up with content. The output level of the log above is the debug level. This level of log is the most, generally only in the development and testing time to use. In a production run environment, the log level is info,warn,error,fatal. The previous numbers below are their level.
· 1 Debug
· 2 Info
· 3 warn
· 4 error
· 5 Fatal
Restart LIBVIRTD. LIBVIRTD can be restarted when the guest operating system of the virtual machine is running.
#/etc/init.d/libvirtd restart
If the log file is still not found in the directory, then you may need to use the command to run LIBVIRTD.
#libvirtd--daemon--listen--config/etc/libvirt/libvirtd.conf
4.7.2 View Virsh managing QEMU virtual Machine information
When using Virsh to manage QEMU's virtual machine, there is also the output of the log, the specific log under the directory/var/log/livirt/qemu/, the specific log file name associated with the virtual machine name.
KVM Virtualization Deployment Documentation V1.0