I bought a new PC and installed KVM, so I summarized the procedure.
First, install Linux. This time I installed Ubuntu 20.04.
See also: Ubuntu 20.04 LTS Installation
Make sure your PC supports virtualization. If the result is something like 0, check his BIOS settings on the CPU.
$ egrep -c '(vmx|svm)' /proc/cpuinfo
12
You don't have to do this. Make the default editor vi so that you can run sudo without a password.
$ sudo update-alternatives --config editor
$ sudo visudo
[username] ALL=(ALL:ALL) NOPASSWD:ALL
Add the above line after the following line. Change Username to the username you are using.
%sudo ALL=(ALL:ALL) ALL
Reference: Set Vim as your default editor for Unix
Install the VM-related packages on the KVM host.
$ sudo apt update
$ sudo apt install -y qemu qemu-kvm libvirt-daemon libvirt-clients bridge-utils virt-manager
$ sudo reboot
Then add the user you are using to the libvirt and kvm groups. Not required if it has already been added.
$ sudo adduser `id -un` libvirt
Adding user '<username>' to group 'libvirt' ...
$ sudo adduser `id -un` kvm
Adding user '<username>' to group 'kvm' ...
You may also want to install tools such as virt-top and virt-df. Install Python, jq, etc. if necessary.
See also: KVM/Installation
Check if libvirtd is active and if hardware virtualization is enabled on QEMU as well.
$ sudo systemctl is-active libvirtd
active
$ virt-host-validate
QEMU: Checking for hardware virtualization : PASS
QEMU: Checking if device /dev/kvm exists : PASS
<snip>
QEMU: Checking for secure guest support : WARN (AMD Secure Encrypted Virtualization appears to be disabled in kernel. Add kvm_amd.sev=1 to the kernel cmdline arguments)
See also: KVM: Bare metal virtualization on Ubuntu with KVM
AMD Secure Encrypted Virtualization seems to be a technology that hardware supports memory encryption used in virtual machines, but since it is not used to share a KVM host, it is ignored here.
See also: AMD Secure Encrypted Virtualization (SEV) (https://developer.amd.com/sev/)
For example, if you want to use a disk other than the system disk for the qcow2 image, format the disk. First of all, the parted used for partition creation was helpful here.
See also: Parted
Talk about whether KVM needs swap. It seems that there may be.
See also: Chapter 7 Overcommit with KVM
I tried to lighten the file system comparison with here. I think I like this area.
The following changes the storage pool settings in KVM and changes the directory used by default.
Shows a list of storage pools for the current pool.
$ virsh pool-list
Name State Autostart
-------------------------------
default active yes
Delete the default.
$ virsh pool-destroy default
Pool default destroyed
~$ virsh pool-undefine default
Pool default has been undefined
$ virsh pool-list
Name State Autostart
------------------------------
Create a new default. Here, the directory of the new storage pool is/datasotore1/images.
$ virsh pool-define-as --name default --type dir --target /datastore1/images
Pool default defined
$ virsh pool-autostart default
Pool default marked as autostarted
$ virsh pool-start default
Pool default started
$ virsh pool-list
Name State Autostart
-------------------------------
default active yes
See also: How do I change the default storage pool from libvirt? ](https://www.it-swarm-ja.tech/ja/kvm-virtualization/%E3%83%87%E3%83%95%E3%82%A9%E3%83%AB%E3%83%88%E3%81%AE%E3%82%B9%E3%83%88%E3%83%AC%E3%83%BC%E3%82%B8%E3%83%97%E3%83%BC%E3%83%AB%E3%82%92libvirt%E3%81%8B%E3%82%89%E5%A4%89%E6%9B%B4%E3%81%99%E3%82%8B%E3%81%AB%E3%81%AF%E3%81%A9%E3%81%86%E3%81%99%E3%82%8C%E3%81%B0%E3%82%88%E3%81%84%E3%81%A7%E3%81%99%E3%81%8B%EF%BC%9F/959998247/)
The permissions of the target directory were as follows.
drwxrwxr-x 2 libvirt-qemu kvm 247 Jan 11 18:10 images
It may be faster to modify the existing settings as virsh pool-edit --pool default.
By default, a virtual bridge called virbr0 is created during KVM installation.
$ ip addr show virbr0
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:5e:9e:a2 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
$ brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.5254005e9ea2 yes virbr0-nic
$ virsh net-list
Name State Autostart Persistent
--------------------------------------------
default active yes yes
This bridge can be used as NAT to allow virtual machines to access the outside network. If you don't use it, you can delete it. Of course, you don't have to erase it. If you want to erase it, this is the area.
$ virsh net-destroy default
$ virsh net-undefine default
See also: https://www.cyberciti.biz/faq/linux-kvm-disable-virbr0-nat-interface/
If you look at here, it says that the following sysctl parameters should be set to 0.
net.bridge.bridge-nf-call-ip6tables=0
net.bridge.bridge-nf-call-iptables=0
net.bridge.bridge-nf-call-arptables=0
This is probably the case when a module called br_netfilter is loaded. I don't think it's needed in Ubuntu 20.04 as it wasn't loaded by default. Maybe w
If you want to communicate from the outside to the IP address assigned to the virtual machine, create a bridge on Linux. When using netplan on Ubuntu 20.04, it looks like this.
$ cat /etc/netplan/60-eno1-config.yaml
network:
version: 2
ethernets:
eno1:
dhcp4: false
dhcp6: false
bridges:
br0:
interfaces:
- eno1
dhcp4: false
dhcp6: false
addresses:
- 10.0.0.249/24
gateway4: 10.0.0.1
nameservers:
addresses:
- 1.1.1.1
- 1.0.0.1
parameters:
forward-delay: 0
stp: false
optional: true
You can explicitly register the above with KVM, but the KVM guest will be visible when you create the bridge on the KVM host. What to do with STP depends on the text, but many are invalid. It doesn't seem to fall even if it is effective.
Reference: I investigated the virtual network used by KVM on CentOS
This is probably because it is used by default on CentOS, but there are many examples using Network Manager. You can also go around here.
You can check the created bridge with the brctl command.
$ brctl show
bridge name bridge id STP enabled interfaces
br0 8000.a0369fa9f098 no enp4s0f0
By assigning the bridge created above to the KVM guest and assigning an IP address, the corresponding IP can be accessed from outside the KVM environment.
Create a network for use inside KVM. You can also create it with virt-manager, but here I will create it from an xml file.
First, create an xml file. I think the following is probably the simplest description. You can also set the IP address, DHCP, etc. here.
$ cat virbr1.xml
<network>
<name>virbr1</name>
<bridge name='virbr1' stp='on' delay='0' />
</network>
Create a bridge in KVM with the following command so that it is automatically configured at startup.
$ virsh net-define ./virbr1.xml
Network virbr1 defined from ./virbr1.xml
$ virsh net-autostart virbr1
Network virbr1 marked as autostarted
$ virsh net-start virbr1
Network virbr1 started
You can check if it was created normally with the following command.
$ brctl show
bridge name bridge id STP enabled interfaces
virbr1 8000.525400a99a82 yes virbr1-nic
$ virsh net-list
Name State Autostart Persistent
--------------------------------------------
default active yes yes
virbr1 active yes yes
The actual config file is here. The uuid and mac address are automatically assigned. Once registered, it can be edited with the virsh net-edit command.
$ sudo cat /etc/libvirt/qemu/networks/virbr1.xml
<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
virsh net-edit virbr1
or other application using the libvirt API.
-->
<network>
<name>virbr1</name>
<uuid>379d3199-365e-4c99-b331-77d50ed7b2ac</uuid>
<bridge name='virbr1' stp='on' delay='0'/>
<mac address='52:54:00:a9:9a:82'/>
</network>
See also: net-define
You may not want to log in directly to the KVM host, such as with ssh. In virsh and virt-manager he configures KVM, but it can also be run remotely.
To run virsh remotely, first install libvirt-clients on your client.
$ sudo apt install libvirt-clients
Then execute the following command.
$ virsh -c qemu+ssh://[email protected]/system list
Id Name State
----------------------
1 c20h running
In the above case, since you are connecting with ssh, you need to make settings such as ssh public key authentication. Also, it may be convenient to write the following in .bash_aliases etc.
$ cat .bash_aliases | grep vir
alias virsh='virsh -c qemu+ssh://[email protected]/system'
$ virsh list
Id Name State
----------------------
1 c20h running
virt-manager can be configured from the GUI File> Add Connection. Both virsh and virt-manager are convenient because they can be executed on Linux on Windows Subsystem for Linux (WSL).
See also: SSH Setup (https://wiki.libvirt.org/page/SSHSetup)
At least two files must be copied from the old KVM host to the new KVM host when migrating KVM guests. The KVM guest image body (qcow2) and configuration file (xml) file.
The KVM guest image has a qcow2 extension, and there may be a better way, but you can find the location with the virsh dumpxml command. When copying the qcow2 file, I think it is better to shut down her KVM guest in advance.
$ virsh dumpxml c20h | grep .qcow2
<driver name='qemu' type='qcow2'/>
<source file='/mnt/datastore1/images/c20h.qcow2'/>
To get the KVM guest configuration file (xml), use the virsh dumpxml command as well.
$ virsh dumpxml c20h > c20h.xml
To register a KVM guest to migrate to a new KVM host, run the following command.
$ virsh define c20h.xml
The first thing to consider before running the above command is the location of the qcow2 file. If you place the qcow2 file in the same directory, you do not need to change it, but if it is different, pre-edit the xml file with a text editor.
<source file='/mnt/datastore1/images/c20h.qcow2'/>
Also, there may be a description of the cpu type in the xml file. If the CPU type is different, change this description.
<cpu mode='custom' match='exact' check='partial'>
<model fallback='allow'>Haswell-noTSX-IBRS</model>
</cpu>
I think it's a good idea to simply change it so that it inherits the CPU information of the KVM host.
<cpu mode='host-model' check='partial'/>
The above settings can also be changed with virtsh or virt-manage after using the virsh define command. It may be easy and good to change it with virt-manager.
Executing the virsh define command creates a configuration file under/etc/libvirt/qemu.
$ ls -al /etc/libvirt/qemu/c20h.xml
-rw------- 1 root root 4663 Jan 10 18:10 /etc/libvirt/qemu/c20h.xml
See also: Linux Notes Moving Virtual Machines Between KVM Virtualization Hosts (https://oplern.hatenablog.com/entry/2016/11/06/212257)
After migration, the KVM guest can be started by connecting to the console with virt-manager or virt-viewer and changing the settings.
You can mount and edit KVM guest disks by installing libguestfs-tools. This way you can change the settings before starting the KVM guest.
$ sudo guestmount -d c20h -i /mnt/c20h/
$ sudo ls /mnt/c20h/etc/netplan
50-cloud-init.yaml
$ sudo vi /mnt/c20h/etc/netplan
$ sudo vi /mnt/c20h/etc/netplan/50-cloud-init.yaml
See also: How to mount VM virtual disk on KVM hypervisor with Libguestfs Tools (https://computingforgeeks.com/how-to-mount-vm-virtual-disk-on-kvm-hypervisor/)
See also: virsh commands cheatsheet to manage KVM guest virtual machines
Recommended Posts