使用libvirt管理KVM虚拟机
一、安装虚拟化管理工具
1、yum install virt-manager libvirt libvirt-python python-virtinst
- 1、kmod-kvm : kvm kernel module(s)
- 2、kvm : Kernel-based Virtual Machine
- 3、kvm-qemu-img : Qemu disk image utility
- 4、kvm-tools : KVM debugging and diagnostics tools
- 5、python-virtinst : Python modules and utilities for installing virtual machines
- 6、virt-manager : Virtual Machine Manager (GUI app, to install and configure VMs)
- 7、virt-viewer: Virtual Machine Viewer (another lightweight app to view VM console and/or install VMs)
- 9、bridge-utils : Utilities for configuring the Linux Ethernet bridge (this is recommended for KVM networking)
KVM Package Group
RHEL comes with KVM software group which includes full virtualization support with KVM. You can list all packages in the group as follows:
# yum groupinfo KVM
2、Start the libvirtd daemon service
service libvirtd start
关于错误:
注:该错误出现在centos5.4,libvirtd 0.6.3
重启libvirtd后,启动guest时会出现下面的问题。
Apr 22 09:16:20 srv4 kernel: libvirtd[27156]: segfault at 00000000444e3000 rip 0000003e5501e161 rsp 00000000444dfcd0 error 4
Apr 22 09:16:20 srv4 libvirtd: 09:16:20.739: error : internal error Unable to daemonize QEMU process
重启了host,问题解决
原因:https://bugzilla.redhat.com/show_bug.cgi?id=505625
Everytime the virGetCapabilities() method is run, it destroys the existing virCapsPtr object and creates it again....without any of the selinux info. virt-manager runs this method. so once virt-manager has run, subsequent calls to get the security info will give the crash you see.
二、有关网络
1、一般网络(又名NAT):guest可以访问外网,外网不能访问guest。
安装了libvirt后,一个NAT网络即可用。host被设置为192.168.122.1(virbr0),所有的guest将被分配为192.168.122.x
如果看不到virbr0
或者在
virsh start <Name of KVM>时出现下面的错误:
Apr 22 08:50:37 srv4 libvirtd: 08:50:37.839: error : internal error Failed to add tap interface 'vnet%d' to bridge 'virbr0' : No such device
查看/var/log/message.log
Apr 22 08:57:10 srv4 dnsmasq[26000]: failed to open pidfile /var/run/libvirt/network/default.pid: Permission denied
Apr 22 08:57:10 srv4 dnsmasq[26000]: FAILED to start up
手动启动default network
virsh net-start default
error: Failed to start network default
error: internal error '/usr/sbin/dnsmasq --strict-order --bind-interfaces --pid-file=/var/run/libvirt/network/default.pid --conf-file= --listen-address 192.168.122.1 --except-interface lo --dhcp-range 192.168.122.2,192.168.122.254 --dhcp-lease-max=253' exited with non-zero status 3 and signal 0:
dnsmasq: failed to open pidfile /var/run/libvirt/network/default.pid: Permission denied
解决办法:
我的当前系统:selinux-policy.noarch 2.4.6-203.el5
yum updata selinux-policy.noarch
selinux-policy.noarch 2.4.6-279.el5_5.2
service libvirtd restart
注:需要重启host,上面写了原因
- # ifconfig virbr0
- virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
- inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
- inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
- UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- RX packets:0 errors:0 dropped:0 overruns:0 frame:0
- TX packets:57 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:0 (0.0 b) TX bytes:10962 (10.7 KiB)
一个故障:
不论是NAT,还是Bridge模式,guest都无法与其他服务器通信,而且NAT模式时无法通过dhcp获取IP。没有查到错误原因。
另:virsh启动的log文件位于:/var/log/libvirt/qemu/
20110711:
nat方式无法获取IP,service libvirtd restart 重启服务,恢复。
关于NAT方式,guest可以获取ip,但无法与访问公网:
有多个网卡?你的物理机由哪个网卡访问公网?例如,我的物理机由br0访问公网,则,修改default.xml文件,添加forward的dev参数。
- virsh # net-dumpxml default
-
<network>
- <name>default</name>
- <uuid>8d004490-ee73-4e36-b9ef-821d7e73f9f6</uuid>
- <forward dev='br0' mode='nat'/>
- <bridge name='virbr0' stp='on' forwardDelay='0' />
- <ip address='192.168.122.1' netmask='255.255.255.0'>
- <dhcp>
- <range start='192.168.122.2' end='192.168.122.254' />
- </dhcp>
- </ip>
-
</network>
- virsh # net-define /etc/libvirt/qemu/network/default.xml
- virsh # net-destroy default
- virsh # net-start default
2、Bridge网络(又名:共享物理网卡):guest可以访问外网,外网也可以访问guest
# cd /etc/sysconfig/network-scripts/
#
cp ifcfg-eth0 ifcfg-br0
两个配置文件内容分别为:
/etc/sysconfig/network-scripts/ifcfg-eth0
- DEVICE=eth0
- TYPE=Ethernet
- ONBOOT=yes
- NM_CONTROLLED=no
- BRIDGE=br0
/etc/sysconfig/network-scripts/ifcfg-br0
- DEVICE=br0
- TYPE=Bridge
- NM_CONTROLLED=no
- BOOTPROTO=static
- IPADDR=221.193.136.121
- NETMASK=255.255.255.0
- ONBOOT=yes
The NM_CONTROLLED=no option was added because both device should not be controlled by the Network Manager for bridge to work.
重启network(
当前连接会丢失,确保你总是可以访问host,否则要格外小心)
service network restart
关于错误:Bringing up interface eth0: tg3 device eth0 does not seem to be present, delaying initialization.
原因:br0里没有加配置 TYPE=Bridge
对于rhel6和centos6,需要关闭NetworkManager
service NetworkManager stop
chkconfig --level 35 NetworkManager off
Disable Netfilter processing in the bridged traffic.
在
/etc/sysctl.conf文件中添加:
- net.bridge.bridge-nf-call-ip6tables = 0
- net.bridge.bridge-nf-call-iptables = 0
- net.bridge.bridge-nf-call-arptables = 0
- net.bridge.bridge-nf-filter-vlan-tagged = 0
验证是否生效
ifconfig
br0现在扮演eth0的角色。
br0 Link encap:E
