| Tutorial details | |
|---|---|
| Difficulty | Advanced (rss) |
| Root privileges | Yes |
| Requirements | VT enabled server |
| Estimated completion time | 1h |
Install required KVM RPMs/packages
Type the following yum command
OR
Sample outputs:
# yum groupinstall "Virtualisation Tools" "Virtualization Platform"
# yum install python-virtinstOR
# yum install kvm qemu-kvm python-virtinst libvirt libvirt-python virt-manager libguestfs-toolsSample outputs:
Loaded plugins: product-id, protectbase, rhnplugin This system is receiving updates from RHN Classic or RHN Satellite. 0 packages excluded due to repository protections Setting up Install Process Package libvirt-0.10.2-18.el6_4.15.x86_64 already installed and latest version Resolving Dependencies --> Running transaction check ---> Package libguestfs-tools.x86_64 1:1.16.34-2.el6 will be installed --> Processing Dependency: libguestfs-tools-c = 1:1.16.34-2.el6 for package: 1:libguestfs-tools-1.16.34-2.el6.x86_64 .... .. .. spice-glib.x86_64 0:0.14-7.el6_4.3 spice-gtk.x86_64 0:0.14-7.el6_4.3 spice-gtk-python.x86_64 0:0.14-7.el6_4.3 spice-server.x86_64 0:0.12.0-12.el6_4.5 vgabios.noarch 0:0.6b-3.7.el6 vte.x86_64 0:0.25.1-8.el6_4 Complete!
Turn on libvirtd service
The libvirtd program is the server side daemon component of the libvirt virtualization management system. Type the following chkconfig command to turn it on:
Start the libvirtd service by typing the following service command:
Sample outputs:
# chkconfig libvirtd onStart the libvirtd service by typing the following service command:
# service libvirtd startSample outputs:
Starting libvirtd daemon: [ OK ]
You can verify the libvirtd service by tying the following commands:
# service libvirtd status libvirtd (pid 31128) is running... # virsh -c qemu:///system list Id Name State ----------------------------------------------------
Sample setup
+-------------+
| CentOS/RHEL | |-----|
-->ISP router---+ Box Host w/ +--- eth0 -->-+ br0 + Private IP
| KVM | | |
+-------------+--- eth1 -->-+ br1 | Public IP
|-----|
|
vm1-+---vm2----vm3---vm4
*** NOTE: each VMs will have two interface i.e. Private and Public *****
Where,
- eth0 - KVM servers' LAN interface.
- eth1 - KVM servers' WAN/Internet interface.
- br0 - KVM servers' bridge interface to give VM direct access to all the resources on the LAN.
- br1 - KVM servers' bridge interface to give VM direct access to all the resources on the WAN/Internet. Users can ssh into VMs or you can host HTTPD/SMTPD using this interface.
- obsd-vm1 (vm1) - OpenBSD VM name.
- rhel-vm1 (vm2) - RHEL VM name.
Install and configure a network bridge
All VMs will only have network access to host and other VMs on same physical server via private network. You need to crate a network bridge so that the VMs can access your LAN and possible the Internet/WAN from outside. Type the following yum command to install bridge-utils package:
# yum install bridge-utilsSetup a default gateway
Edit /etc/sysconfig/network as follows
# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=kvm-42.cyberciti.biz
## I am routing internet traffic via br1 ##
GATEWAYDEV=br1Configure bridging
Update /etc/sysconfig/network-scripts/ifcfg-eth0 (private) as follows:
Update /etc/sysconfig/network-scripts/ifcfg-eth1 (public) as follows:
Create/edit the /etc/sysconfig/network-scripts/ifcfg-br0 file to setup private/lan ip address for br0:
Create/edit the /etc/sysconfig/network-scripts/ifcfg-br1 file to setup public/wan/internet ip address for br1:
I need to route all lan traffic (subnet 10.0.0.0/8) via 10.10.29.65 gateway. Create/edit file /etc/sysconfig/network-scripts/route-br0 as follows:
# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
HWADDR=00:30:48:C6:0A:D8
BRIDGE=br0Update /etc/sysconfig/network-scripts/ifcfg-eth1 (public) as follows:
# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
ONBOOT=yes
HWADDR=00:30:48:C6:0A:D9
BRIDGE=br1Create/edit the /etc/sysconfig/network-scripts/ifcfg-br0 file to setup private/lan ip address for br0:
# cat /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
ONBOOT=yes
## setup LAN/VLAN ips as per your needs ##
IPADDR=10.10.29.66
NETMASK=255.255.255.192
DELAY=0Create/edit the /etc/sysconfig/network-scripts/ifcfg-br1 file to setup public/wan/internet ip address for br1:
# cat /etc/sysconfig/network-scripts/ifcfg-br1
DEVICE=br1
TYPE=Bridge
BOOTPROTO=static
ONBOOT=yes
## setup INTERNET ips as per your needs ##
IPADDR=74.ww.xx.yy
NETMASK=255.255.255.248
GATEWAY=74.ww.xx.yy
DELAY=0I need to route all lan traffic (subnet 10.0.0.0/8) via 10.10.29.65 gateway. Create/edit file /etc/sysconfig/network-scripts/route-br0 as follows:
# cat /etc/sysconfig/network-scripts/route-br0
10.0.0.0/8 via 10.10.29.65
Warning: Restarting network service over the ssh session may result into total loss of the connectivity to the server. So make sure br0 and br1 configuration including routing set correctly.
A note about SELinux
I have not disabled SELinux on CentOS / RHEL. I do not recommend disabling SELinux. So make sure the config file has correct SELinux permissions:
Sample outputs:
# ls -Z /etc/sysconfig/network-scripts/{route-br0,ifcfg-eth?,ifcfg-br?}Sample outputs:
-rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/sysconfig/network-scripts/ifcfg-br0 -rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/sysconfig/network-scripts/ifcfg-br1 -rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/sysconfig/network-scripts/ifcfg-eth0 -rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/sysconfig/network-scripts/ifcfg-eth1 -rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/sysconfig/network-scripts/route-br0
Use restorecon command to set or restore file(s) default SELinux security contexts:
If you are going to reboot the SELinux enabled server, make sure you type the following command:
# restorecon -Rv /etc/sysconfig/If you are going to reboot the SELinux enabled server, make sure you type the following command:
# touch /.autorelabel
# rebootRestart the networking service
Verify br0/br1 settings
Type the following commands:
# brctl show
# ip addr show br0
# ip addr show br1
# ip route
# ping cyberciti.bizCreating VMs
You need to use virt-install command.
Example: Create OpenBSD VM
Grab, installation media:
In this example, I am using virt-install to create a OpenBSD 5.4_amd64 VM named obsd-vm1 with one virtual CPU, 1 GB memory and 10 GB of disk space:
# cd /var/lib/libvirt/boot/
# wget http://ftp.openbsd.org/pub/OpenBSD/5.4/amd64/install54.isoIn this example, I am using virt-install to create a OpenBSD 5.4_amd64 VM named obsd-vm1 with one virtual CPU, 1 GB memory and 10 GB of disk space:
# virt-install \
-n obsd-vm1 \
--description "cyberciti.biz OpenBSD 5.4 64 bit VM1" \
--ram=1024 \
--vcpus=1 \
--cpu host \
--os-variant=openbsd4 \
--accelerate \
--hvm \
--cdrom /var/lib/libvirt/boot/install54.iso \
--network bridge:br0,model=virtio --network bridge:br1,model=virtio \
--graphics vnc \
--disk path=/var/lib/libvirt/images/openbsd-vm1-cyberciti.biz.img,bus=virtio,size=10virt-install options
- -n obsd-vm1 : The name of the VM.
- --description "cyberciti.biz OpenBSD 5.4 64 bit VM1" : The long description of the VM.
- --ram=1024 : 1024MB is the amount of memory allocated to the VM.
- --vcpus=1 : The number of virtual CPU(s) for the VM.
- --cpu host : Optimize CPU properties for the VM.
- --os-variant=openbsd4 : This is the VM OS type.
- --accelerate : Prefer KVM or KQEMU (in that order) if installing a QEMU guest. This option is no longer required.
- --hvm : Request the use of full virtualization.
- --cdrom /var/lib/libvirt/boot/install54.iso : Install OpeBSD v5.4 from an iso the location parameter.
- --network bridge:br0,model=virtio --network bridge:br1,model=virtio : Create a network bridge using br0 and br1 i.e. the VM will have two network interface for LAN and Internet.
- --graphics vnc : Use VNC to access installation using vnc server/viewer from your local Linux/OSX/Unix/Windows desktop.
- --disk path=/var/lib/libvirt/images/openbsd-vm1-cyberciti.biz.img,bus=virtio,size=10 : This is is the image file for the VM, the size is specified in GBs and I am forcing vio driver. The virtio driver provides support service for paravirtualized devices using the VirtIO protocol.
How do I connect to OpenBSD installer from my local desktop?
Type the following command on your local desktop:
OR
Use VNC client to connect to 127.0.0.1:5900. Now, just follow on-screen instructions:
# ssh -L 5900:127.0.0.1:5900 root@KVM-Server-IP-HereOR
# ssh -L 5900:127.0.0.1:5900 -N -f -l root kvm-42.cyberciti.bizUse VNC client to connect to 127.0.0.1:5900. Now, just follow on-screen instructions:
Fig.01: OpenBSD installation started over the VNC session
Before rebooting the installer make sure you setup com0 console for the VM. For example, for a OpenBSD VM, append the following parameters to the file /etc/boot.conf and then reboot the VM:
stty com0 115200
set tty com0
stty com0 115200
set tty com0
See how to stup SSH to tunnel VNC traffic though the Internets for more information.
How do I start my VM after OpenBSD install is finished?
The virt-install will create a config file for VM at /etc/libvirt/qemu/obsd-vm1.xml. To start VM called obsd-vm1, enter:
# virsh start obsd-vm1How do I access a VMs console?
Login to KVM host and type the following command:
Sample outputs:
# virsh console obsd-vm1Sample outputs:
Fig.02: Getting access to a OpenBSD VM console when networking is down
Final example: Create RHEL VM using DVD
Type the following command:
# virt-install \ --name RHEL-vm1 \ --description "cyberciti.biz RHEL 6.4 64 bit VM1" \ --ram=2048 \ --vcpus=2 \ --disk path=/var/lib/libvirt/images/rhel-vm1-cyberciti.biz.img,size=20 \ --cdrom /var/lib/libvirt/boot/RHEL.6.4.Server-DVD1.iso \ --network bridge:br0 --network bridge:br1 \ --graphics vnc
Before rebooting the installer make sure you setup com0 console for the VM. For example, for a RHEL/CentOS VM, append the following parameters to the kernel boot line in /boot/grub.conf file and then reboot the VM:
console=tty0 console=ttyS1,19200n8
console=tty0 console=ttyS1,19200n8
Source Cyberciti.
0 comments:
Post a Comment