Russian-language documentation for Ubuntu. Using KVM to create virtual machines on a server Kvm virtualization installation
Today, many tasks that traditionally required multiple physical servers are moving to virtual environments. Virtualization technologies are also in demand by software developers, as they allow comprehensive testing of applications in various operating systems. At the same time, while simplifying many issues, virtualization systems themselves need to be managed, and this cannot be done without special solutions.
Vagrant
Virtual VirtualBox machine deservedly enjoys popularity among administrators and developers, allowing you to quickly create the desired environments using GUI or interface command line. If the number of VMs does not exceed three, no difficulties arise in deployment and management, but modern projects tend to become overgrown with configurations, and the result is a very complex infrastructure, which becomes difficult to cope with. This is the problem that the Vagrant virtual environment manager is designed to solve, allowing you to create copies virtual machines with a predefined configuration and dynamically redistribute VM resources (Provisioning) as needed. In the basic package, Vagrant works with VirtualBox, but the plugin system allows you to connect another virtualization system. Today, the code for plugins for AWS and Rackspace Cloud is open; a plugin for VMware support Fusion/Workstation.
Vagrant does not create a virtual machine from scratch. For convenience, the project offers several basic images (boxes), which are imported and subsequently used for rapid deployment system, a guest OS with the required configuration is assembled on the basis of boxes.
To simplify application deployment, boxes come pre-installed with Chef and Puppet. Besides, necessary settings can be set using the shell. The environments include a complete set for launching and developing applications in Ruby. SSH is used to access the VM; file exchange is possible through a shared directory.
Vagrant is written using Ruby and can be installed on any platform that has VirtualBox and Ruby components. Packages for Windows, Linux (deb and rpm) and OS X are available on the download page.
The installation and use process on Ubuntu is simple. Download the VirtualBox and Vagrant packages and install:
$ sudo dpkg -i virtualbox-4.2.10_amd64.deb $ sudo dpkg -i vagrant_1.2.2_x86_64.deb
At the time of writing this article, the latest current version VirtualBox 4.2.14 had problems running Vagrant, so for now it's better to use 4.2.12 or the test 4.2.15. Alternatively, you can do:
$ cd ~/.vagrant.d/boxes/BoxName/virtualbox $ openssl sha1 *.vmdk *.ovf > box.mf
I'll bring you alternative option Vagrant installations - using Ruby:
$ sudo apt-get install ruby1.8 ruby1.8-dev rubygems1.8 $ sudo gem install vagrant
All project settings are made in special file Vagrantfile. To avoid creating the template manually, you can generate it as follows:
$ mkdir project $ cd project $ vagrant init
Now you can look into the created settings file and fill in: VM settings (config.vm. ), SSH connection options (config.ssh.), parameters of Vagrant itself (config.vagrant). All of them are well documented, the meaning of some is clear without explanation.
In fact, several such files are used at startup, each subsequent one overriding the previous one: built into Vagrant (it cannot be changed), supplied with boxes (packaged using the "--vagrantfile" switch), located in ~/.vagrant.d and the project file . This approach allows you to use default settings, overriding only what is necessary in a specific project.
All installations are performed using the vagrant command; the list of available keys can be viewed using "-h". After installation we do not have a single image, running vagrant box list will display empty list. The finished box can be located in the local file system or on a remote server; its name is set as a parameter, by which we will refer in projects. For example, we use the official Box Ubuntu 12.04 LTS, offered by the Vagrant developers.
$ vagrant box add precise64 http://files.vagrantup.com/precise64.box
Now it can be accessed from Vagrantfile:
Config.vm.box = "precise64"
Although it’s easier to immediately specify it when initializing the project:
$vagrant init precise64
The easiest way, which does not require learning Chef and Puppet, is to use standard shell commands to configure the VM, which can be written directly in the Vagrantfile or, even better, combined into a script that is connected like this:
Vagrant.configure("2") do |config| config.vm.provision:shell, :inline => "script.sh" end
Now all commands specified in script.sh will be executed when the VM starts. When the project starts, an ovf file is created; its settings can be viewed using the VirtualBox graphical interface or the VBoxManage command:
$ VBoxManage import /home/user/.vagrant.d/boxes/precise64/virtualbox/box.ovf Virtual system 0: 0: Suggested OS type: "Ubuntu_64" (change with "--vsys 0 --ostype
They do not always satisfy the specified conditions, but using the provider settings, you can easily change the settings of a specific VM (see the “change with ...” tips):
Config.vm.provider:virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1024"] end
Launch and connect to the system via SSH:
$vagrant up $vagrant ssh
To stop the VM, use the halt or destroy parameter (the second - with clearing all files, next time all operations will be performed from the beginning), if you need to send it into hibernation - vagrant suspend , return - vagrant resume . For an example of working with Chef, you can use a ready-made recipe to configure APT and Apache2:
Config.vm.provision:chef_solo do |chef| chef.recipe_url = "http://files.vagrantup.com/getting_started/cookbooks.tar.gz" chef.add_recipe("vagrant_main") end
To access the VM “from the outside”, you will need to configure port forwarding. By default, the forwarding is 22 -> 2222, allowing you to connect via SSH. Add to Vagrantfile:
Vagrant::Config.run do |config| config.vm.forward_port 80, 1111 end
The web server can now be accessed by going to http://127.0.0.1:1111/. In order not to configure the environment every time, it is better to assemble a ready-made package based on it.
$ vagrant package --vagrantfile Vagrantfile --output project.box
Now the project.box file can be distributed to other administrators, developers or ordinary users who will connect it using the vagrant box add project.box command.
ConVirt
Xen/KVM virtualization systems, released under free licenses, do not have a user-friendly interface, which is often interpreted not in their favor. However, this deficiency is easy to make up for. ConVirt allows you to deploy virtual machines across multiple Xen and KVM servers with just one click, using an easy-to-use interface. All necessary operations are available with virtual machines: starting, stopping, creating snapshots, controlling and redistributing resources, connecting to a VM via VNC, automating administration tasks. Ajax technology makes the interface interactive and similar to a desktop application. For example, you can simply drag and drop a VM from one server to another. The interface is not localized, but the controls are intuitive.
Pooling servers makes it possible to configure and control virtual machines and resources at the server pool level, rather than at the individual server level. No agents are installed on virtual systems; only the convirt-tool package is required on the physical server. This simplifies administration and deployment.
Once a new server is added, ConVirt will automatically collect its configuration and performance data, providing summary information at multiple levels - from the individual virtual machine, the physical server, to the entire pool. The collected data is used to automatically host new guests. This information is also displayed in the form of visual graphs.
To create virtual machines, templates are used - descriptions of the virtual machine settings, containing data about the allocated resources, the path to the OS files and additional settings. After installation there are several available ready-made templates, but if necessary, they are easy to create yourself.
All technologies are supported: load balancing, hot migration, virtual disks with growing capacity, allowing you to use resources as needed, and many other features implemented in Xen and KVM. The VM does not need to be stopped to reallocate resources.
Implemented the ability to manage a virtual environment for several administrators with the ability to audit and control their actions.
ConVirt is being developed by the Convirture company, and uses the open core concept, when only a basic set of functions is freely distributed along with the source code, the rest is available in a commercial version. The open source version lacks High Availability support, VLAN integration, backup and recovery, command line management, notifications and official support.
During development, the TurboGears2 framework, ExtJs and FLOT libraries were used, MySQL was used to store information, dnsmasq was used as a DHCP and DNS server. Required package can be found in the repositories of popular Linux distributions.
Karesansui
All features for managing virtual environments are implemented: installing the OS, creating configurations of the disk subsystem and virtual network cards, managing quotas, replication, freezing VMs, creating snapshots, viewing detailed statistics and log data, download monitoring. From one console you can manage several physical servers and virtual machines hosted on them. Multi-user work with shared rights is possible. As a result, the developers managed to implement a virtual environment in the browser that allows them to fully manage the systems.
Posted by Karesansui on Python language, SQLite is used as a DBMS for a single-node system. If you plan to manage Karesansui installations located on several physical servers, you should use MySQL or PostgreSQL.
You can deploy Karesansui on any Linux. The developers themselves prefer CentOS (for which the site has detailed instructions), although Karesansui works well on both Debian and Ubuntu. Before installation, you must complete all dependencies specified in the documentation. Next, the installation script is launched and the database is initialized. If a multi-server configuration is used, then you just need to specify the external database.
Subsequent work will fully compensate for the inconvenience of installation. All settings are divided into seven tabs, the purpose of which is clear from the name: Guest, Settings, Job, Network, Storage, Report and Log. Depending on the user's role, not all of them will be available to him.
You can create a new VM from a local ISO file or by specifying an HTTP/FTP resource with installation images. You will also need to set other attributes: the system name that will be displayed in the list, the network name (hostname), virtualization technology (Xen or KVM), RAM size and hard drive(Memory Size and Disk Size) - and select an image that will correspond to the virtual OS, simplifying its quick visual selection in the console.
WebVirtMgr
The capabilities of the solutions described are often redundant, and their installation is not always clear to an administrator with little experience. But there is a way out here too. The service for centralized management of virtual machines WebVirtMgr was created as a simple replacement for virt-manager, which will provide comfortable work with VMs using a browser with a Java plug-in installed. KVM settings management is supported: creation, installation, configuration, launch of VMs, snapshots and backup of virtual machines. Provides management of network pool and storage pool, work with ISO, cloning images, viewing CPU and RAM load. The virtual machine is accessed via VNC. All transactions are recorded in logs. You can manage multiple KVM servers with a single installation of WebVirtMgr. To connect to them, use RPC libvirt (TCP/16509) or SSH.
The interface is written in Python/Django. For installation you will need a server under Linux control. Distributed in source code and RPM packages for CentOS, RHEL, Fedora and Oracle Linux 6. The deployment process itself is simple and well described in the project documentation (in Russian), you just need to configure libvirt and install webvirtmgr. The whole process takes five minutes. After connecting to the Dashboard, select Add Connection and specify the node parameters, then we can configure the VM.
Let's script the creation of a VM
The simplest script for creating and launching a virtual machine using VirtualBox:
#!/bin/bash vmname="debian01" VBoxManage createvm --name $(vmname) --ostype "Debian" --register VBoxManage modifyvm $(vmname) --memory 512 --acpi on --boot1 dvd VBoxManage createhd - -filename "$(vmname).vdi" --size 10000 --variant Fixed VBoxManage storagectl $(vmname) --name "IDE Controller" --add ide --controller PIIX4 VBoxManage storageattach $(vmname) --storagectl "IDE Controller" --port 0 --device 0 --type hdd --medium "$(vmname).vdi" VBoxManage storageattach $(vmname) --storagectl "IDE Controller" --port 0 --device 1 --type dvddrive --medium /iso/debian-7.1.0-i386-netinst.iso VBoxManage modifyvm $(vmname) --nic1 bridged --bridgeadapter1 eth0 --cableconnected1 on VBoxManage modifyvm $(vmname) --vrde on screen VBoxHeadless --startvm $(vmname)
Proxmox VE
The previous solutions are good for situations where some infrastructure already exists. But if you just need to deploy it, it’s worth thinking about specialized platforms that allow you to quickly get the desired result. An example here is Proxmox Virtual Environment, which is a Linux distribution (based on Debian 7.0 Wheezy) that allows you to quickly build an infrastructure virtual servers using OpenVZ and KVM and is practically not inferior to such products as VMware vSphere, MS Hyper-V and Citrix XenServer.
In fact, the system only needs to be installed (a couple of simple steps), everything else already works out of the box. You can then create a VM using the web interface. For this purpose, the easiest way is to use OpenVZ templates and containers, which are loaded from external resources directly from the interface with one click (if manually, copy to the /var/lib/vz/template directory). But templates can also be created by cloning already created systems in linking mode. This option allows you to save disk space, since all associated environments use only one common copy of the reference template data without duplicating information. The interface is localized and understandable; you don’t experience any particular inconvenience when working with it.
There is support for clusters, tools for backup virtual environments, it is possible to migrate VMs between nodes without stopping work. Access control to existing objects (VM, storage, nodes) is implemented based on roles, various authentication mechanisms are supported (AD, LDAP, Linux PAM, built-in Proxmox VE). The web interface allows you to access the VM using VNC and SSH consoles, you can view job status, logs, monitoring data and much more. True, some operations specific to HA systems will still have to be performed the old fashioned way in the console, for example, creating an authorized iSCSI connection, setting up a cluster, creating a multipath and some other operations.
System requirements are small: CPU x64 (preferably with Intel VT/AMD-V), 1+ GB of RAM. The project offers a ready-made ISO image and repository for Debian.
Conclusion
All the solutions described are good in their own way and cope well with the assigned tasks. You just need to choose the one that best suits your specific situation.
I believe many people have encountered ordinary KVM switches. The abbreviation "KVM" stands for "Keyboard Video Mouse". A KVM device allows you, having only one set of keyboard+monitor+mouse (K.M.M.), to control several computers ( system units). In other words, we take N system units, connect their outputs from the K.M.M. into a KVM device, and to the device itself we connect a real monitor, keyboard and mouse. Switching from using KVM between computers, we can see what is happening on the screen of the selected computer, as well as control it as if we were connected to it directly.
This is convenient if we need several machines for work, but access to them at the same time is not necessary. In addition, it saves a lot of space - monitors, even LCD ones, take up quite a lot of space on the table. Yes, and they cost quite a bit. And in a pile of keyboards and mice on the table you can quickly get confused...
Advanced readers will object - why such complexity if computers are most likely connected to one local network and you can use programs built into the operating system (or external) remote access, for example Terminal Services or Radmin under Windows, VNC, ssh under *nix-like operating systems. Everything is correct, but what should you do if you need, for example, to enter the computer’s BIOS or operating system stopped loading because we installed something wrong driver or program? Or do we have several operating systems installed on our computer and we needed to choose a different one from the one that starts by default? In general, all these programs are really good, but up to certain limits - as long as the computer's OS is functional and we only need access to the computer after this OS boots.
For example, let's look at several typical KVM switches using devices manufactured by the company as an example.
Device Specifications
CN-6000 supports the division of powers between users and allows you to create up to 64 administrative or user accounts, of which up to 16 accounts can work with the device simultaneously. The device has a built-in WEB administration interface, and its small size allows you to place it on a table or mount it (using a special bracket included in the kit) on the side truss of a rack (0U rack mountable). The CN-6000 supports firmware updates via an Ethernet connection (from the web interface or native utility). The maximum video resolution that the device supports is 1600x1200 pixels.
Specification summary table:
| Hardware requirement (remote client) | Pentium III 1Ghz | ||
| Interfaces | Local console | Keyboard | 1 × Mini-DIN-6 F(Purple) |
| Video | 1 × HDB-15 F(Blue) | ||
| Mouse | 1 × HDB-15 F(green) | ||
| System (KVM) | 1 × SPHD-15 F(Yellow) | ||
| LAN port | 1 × RJ-45(F) | ||
| Power on the net (reserved) | 1 x DB9(M) | ||
| Power interface | 1 | ||
| Buttons/switches | KVM Reset | 1 × semi-hidden, front | |
| Indicators | nutrition | 1 x orange | |
| remote user connection | 1 x green | ||
| LAN 10/100 Mbps | 1 x green/orange | ||
| Supported protocols | 10baseT Ethernet and 100baseTX Fast Ethernet. TCP/IP | ||
| Video Resolutions | Up to 1600×1200 60Hz | ||
| Frame | metal | ||
| Dimensions (length × width × height) | 200 × 80 × 25mm | ||
Let's move on to the tests.
On the included CD you can find four utilities:
- CN6000 Client is a client program for Windows with which you can connect to remote computer
- a similar client program written in Java (in jar format)
- CN6000 Admin Tool - device configuration manager (for Windows)
- log server - a program that can be configured to receive and store log files from the CN-6000
In addition, the KVM switch has a built-in WEB server, so the device can be accessed through a WEB browser. But we’ll return to the web interface a little later, first we’ll look at the individual utilities.
Configuring CN-6000 through the Admin Tool utility.
The program is designed to configure the device, set access passwords, security, etc.
When it was launched, there was a funny thing:
The first time you launch all utilities from the supplied disk, you must enter serial number. In the documentation (even latest version, which is on the manufacturer’s website) it is said that the serial number is printed at the bottom of the CN-6000 case. And there really is some kind of serial number printed there, only it is much shorter than what the programs require. In general, after suffering a little, entering the found serial number this way and that, adding zeros or spaces to it and not achieving anything more than the “Invalid Serial Number” window, I already wanted to finish testing the device that day. Having taken the CD out of the CD-ROM (I inserted it into the CD drive first - I had to install the software), I discovered a strange sticker on the disk - this turned out to be the treasured serial number.
Of course, theoretically, a person can pay attention to what is written or pasted on a CD when inserting it into the drive. But how many people immediately pay attention to this? :) And, one might ask, why was it necessary to write deliberately false information in the documentation? I repeat - there is more on the site new version documentation and this “typo” is not corrected there. I note that this is not the last inaccuracy that appears in the documentation, so sometimes you have to act according to the saying “don’t believe your eyes.”
The CN-6000 administration utility is useful in that it allows us to find a device on the network, even if its IP address does not belong to the subnet we are in, it is enough that we (the computer from which we are trying to access the CN-6000 ) were in the same local network segment as the KVM switch.
After entering the user login and password, we are taken to the device configuration menu:
ATEN has taken a good approach to the issue of device security. When we first enter the device configuration, we are warned that it would be a good idea to change the standard login and password...
In the section Network the IP addressing of the device is configured, ports are set for remote access to computers controlled by the CN-6000. And here you can also specify the MAC address of the machine on which the “Log Server” program is located, which stores log files (events) sent from the KVM switch (if you do not specify it, the logs will be stored on the KVM itself and you can view them from the web interface). This machine (for the Log server) can be any computer running Windows and running the program under discussion. The only problem is that the computer must be in the same network segment (roughly speaking, connected to the same switch) as the KVM CN-6000 itself, so the usefulness of this “feature” is questionable.
Bookmarked Security filters are configured (by MAC and/or IP addresses) for access to the remote screen of administered computers, as well as a filter for the administration of the CN-6000 itself.
The next tab specifies user names and passwords, as well as their rights. What’s noteworthy is that you can limit logins for configuring the CN-6000 and using the JAVA client. The minimum password length that the configuration utility accepts is eight characters. It’s a pity, of course, that the password is not checked for “simplicity,” but even checking the password length indicates that ATEN pays attention to security.
The last tab allows you to update the device’s firmware, enable the ability for several people to simultaneously connect to a remote computer (though the mouse and keyboard are still the same, from the point of view of the controlled computer, so one controls, the rest watch... or interfere with each other by dragging the mouse in different directions) . The reaction to an incorrect authentication process is immediately configured, as well as the inclusion of various “hiding” modes of the CN-6000 (no response to ping and a ban on showing oneself when automatic search devices on the local network through the client utility or administration utility).
In the same tab there is another item - Reset on Exit. I would assume that this is resetting the settings to default, but in this case this involves rebooting the device when exiting the configuration utility. IN otherwise(if you don’t reboot it), although the new settings will be remembered, they will not be applied (until a reboot).
At this point, the consideration of the configuration utility can be considered complete (another aspect will be discussed in the section about the Java client).
Let's move on to the web interface.
Configuration via WEB interface
In order to get to the device’s web interface, just enter the IP address that is installed on the CN-6000 in any browser.
It is noteworthy that the browser immediately redirects the client to the connection via HTTPS://, i.e. all further work occurs through a secure SSL connection.
After entering your login and password, the icons on the left and top of the web interface become active (you can click on them).
The top icons open sections related to configuring the CN-6000. For the most part, all the options there repeat the options in the Windows utility interface Admin Tool, but there are some differences. For example, in this window (configuring network addresses) we can only specify the device's IP address, but we cannot specify the subnet mask and gateway. In addition, setting the IP address works somewhat crookedly - I was never able to change the device’s IP address from the web interface (it was changed without problems using the Admin Tools utility).
This is what you can observe in the Admin Tool utility when you try to change the address through the web interface from 10.0.0.9 to 192.168.0.1. For some reason, the subnet mask changed from the standard 255.255.255.0 to 10.0.0.9, and the device (after a reboot) responds to the address 192.168.0.1 for 5 seconds, and then starts responding to 10.0.0.9 (it completely forgets about 192.168.0.1). This may be a bug in the current firmware version (1.5.141), but this version, at the time of testing, was the newest that could be found on the company's website.
No more bugs related to the web interface were found during testing.
Chapter Security repeats a similar section in the Admin Tool utility.
A similar situation with the section User Manager…
...and section Customization.
Icon Log, located on the left side of the web interface, allows you to view the events that occurred during the operation of the device. In this case, the screenshot reflects the logs that appeared when the device was tested by the Nessus program.
As mentioned above, logs can be dumped to an external log server (but with certain restrictions on its location).
Kimchi is a HTML5 based web interface for KVM. It is provides easy and flexible interface to create and manage a guest virtual machines. Kimchi is installed and runs as a daemon on the KVM host. It manages KVM guests with the help of libvirt. Kimchi interface supports all latest version of the browsers with -1 version, it also supports mobile browsers.
Kimchi can be installed on the latest version of RHEL, Fedora, openSUSE and Ubuntu. In this guide, i used Ubuntu 14.10 as a KVM host.
Before configuring kimchi, you must install the following dependent packages.
$ sudo apt-get install gcc make autoconf automake gettext git python-cherrypy3 python-cheetah python-libvirt libvirt-bin python-imaging python-pam python-m2crypto python-jsonschema qemu-kvm libtool python-psutil python-ethtool sosreport python-ipaddr python-ldap python-lxml nfs-common open-iscsi lvm2 xsltproc python-parted nginx firewalld python-guestfs libguestfs-tools python-requests websockify novnc spice-html5 wget
System would ask you the following details during the installation of packages.
1. OK on Postfix configuration.
2. Select Internet Site on general type of mail configuration.
3. Type your FQDN and then select OK.
Once installed, download the latest version of kimchi from github.
$ wget https://github.com/kimchi-project/kimchi/archive/master.zip
Unzip the downloaded file.
$ unzip master.zip $ cd kimchi-master/
Build kimchi using the following command.
$ ./autogen.sh --system
$ make $ sudo make install # Optional if running from the source tree
$ sudo kimchid --host=0.0.0.0
Access kimchi using web browser, https://localhost:8001. You would be asked to login, use your system credential which you normally use for login to system.
Once you logged in, you will get a page like below. This show the list of running guest virtual machines on current host, you have buttons to perform shutdown, restart and connect to console by clicking on action.
To create a new guest machine, click on the + sign in the right corner. If you use this option to create a machine, it will be done through templates.
You can manage templates by visiting templates menu. To create a new template, click on the + sign in the right corner. You can create a template using ISO images, you can place iso images on /var/lib/kimchi/isos or use remote one.
You can manage storage pool by going to storage menu, there you can add a new storage by clicking on + sign. It supports adding NFS, iSCSI and SCSI fiber channel storage.
Network can be managed by going to network menu, you can create a new network with isolated, NAT and bridged networking.
I am writing this note to demonstrate step-by-step installation and setting up a KVM-based virtual machine in Linux. I previously wrote about virtualization, where I used the wonderful .
Now I'm faced with the issue of rent good server with large volume RAM and volumetric hard drive. But I don’t want to run projects directly on the host machine, so I will separate them into separate small virtual servers running Linux or Docker containers (I’ll talk about them in another article).
All modern cloud hostings work on the same principle, i.e. hoster on good gland raises a bunch of virtual servers, which we used to call VPS/VDS, and distributes them to users, or automates this process (hello, DigitalOcean).
KVM (kernel-based virtual machine) is software for Linux, using x86-compatible processor hardware to work with Intel VT/AMD SVM virtualization technology.
Installing KVM
I will carry out all the machinations of creating a virtual machine on Ubuntu 16.04.1 LTS OS. To check whether your processes support hardware virtualization on Intel based VT/AMD SVM, execute:
Grep -E "(vmx|svm)" /proc/cpuinfo
If the terminal is not empty, then everything is in order and KVM can be installed. Ubuntu officially only supports the KVM hypervisor (part of the Linux kernel) and recommends using the libvirt library as a tool to manage it, which is what we will do next.
You can also check hardware virtualization support in Ubuntu using the command:
If successful, you will see something like this:
INFO: /dev/kvm exists KVM acceleration can be used
Install packages for working with KVM:
Sudo apt-get install qemu-kvm libvirt-bin ubuntu-vm-builder bridge-utils
If you have access to the system's graphical shell, you can install the libvirt GUI manager:
Sudo apt-get install virt-manager
Using virt-manager is quite simple (no more difficult than VirtualBox), so in this article we will talk about the console option for installing and configuring a virtual server.
Installing and configuring a virtual server
In the console version of installation, configuration and system management, an indispensable tool is the virsh utility (an add-on to the libvirt library). She has large number options and parameters, detailed description can be obtained like this:
Man virsh
or call the standard "help":
Virsh help
I always adhere to the following rules when working with virtual servers:
- I keep iso images OS in /var/lib/libvirt/boot directory
- I store virtual machine images in the /var/lib/libvirt/images directory
- I explicitly assign each new virtual machine its own static IP address via DHCP server hypervisor.
Let's start installing the first virtual machine (64-bit server Ubuntu 16.04 LTS):
Cd /var/lib/libvirt/boot sudo wget http://releases.ubuntu.com/16.04/ubuntu-16.04.1-desktop-amd64.iso
After downloading the image, start the installation:
Sudo virt-install \ --virt-type=kvm \ --name ubuntu1604\ --ram 1024 \ --vcpus=1 \ --os-variant=ubuntu16.04 \ --hvm \ --cdrom=/var/ lib/libvirt/boot/ubuntu-16.04.1-server-amd64.iso \ --network network=default,model=virtio \ --graphics vnc \ --disk path=/var/lib/libvirt/images/ubuntu1604. img,size=20,bus=virtio
Translating all these parameters into “human language”, it turns out that we are creating a virtual machine with Ubuntu 16.04 OS, 1024 MB of RAM, 1 processor, a standard network card (the virtual machine will access the Internet as if due to NAT), 20 GB HDD.
It is worth paying attention to the parameter --os-variant, it tells the hypervisor which OS the settings should be adapted to.
A list of available OS options can be obtained by running the command:
Osinfo-query os
If such a utility is not on your system, then install:
Sudo apt-get install libosinfo-bin
After starting the installation, the following message will appear in the console:
Domain installation still in progress. You can reconnect to the console to complete the installation process.
This is a normal situation, we will continue the installation via VNC.
Let's look at which port it was raised on our virtual machine (in the next terminal, for example):
Virsh dumpxml ubuntu1604...
Port 5900, on local address 127.0.0.1. To connect to VNC, you need to use Port Forwarding via ssh. Before doing this, make sure that tcp forwarding is enabled in the ssh daemon. To do this, go to the sshd settings:
Cat /etc/ssh/sshd_config | grep AllowTcpForwarding
If nothing was found or you see:
AllowTcpForwarding no
Then we edit the config to
AllowTcpForwarding yes
and reboot sshd.
Setting up port forwarding
We execute the command on the local machine:
Ssh -fN -l login -L 127.0.0.1:5900:localhost:5900 server_ip
Here we have configured ssh port forwarding from local port 5900 to server port 5900. Now you can connect to VNC using any VNC client. I prefer UltraVNC because of its simplicity and convenience.
After successful connection, the standard welcome window for starting Ubuntu installation will be displayed on the screen:
After the installation is complete and the usual reboot, the login window will appear. After logging in, we determine the IP address of the newly created virtual machine in order to later make it static:
Ifconfig
We remember and go to the host machine. We pull out the mac address of the virtual machine’s “network” card:
Virsh dumpxml ubuntu1604 | grep "mac address"
Let's remember our mac address:
Editing network settings hypervisor:
Sudo virsh net-edit default
We look for DHCP and add this:
It should look something like this:
In order for the settings to take effect, you need to restart the DHCP server of the hypervisor:
Sudo virsh net-destroy default sudo virsh net-start default sudo service libvirt-bin restart
After this, we reboot the virtual machine, now it will always have the IP address assigned to it - 192.168.122.131.
There are other ways to set a static IP for a virtual machine, for example, by directly editing the network settings inside the guest system, but here it’s whatever your heart desires. I just showed the option that I prefer to use.
To connect to the virtual machine terminal, run:
Ssh 192.168.122.131
The car is ready for battle.
Virsh: command list
To see running virtual hosts(all available ones can be obtained by adding --all):
Sudo virsh list
You can reboot the host:
Sudo virsh reboot $VM_NAME
Stop a virtual machine:
Sudo virsh stop $VM_NAME
Execute halt:
Sudo virsh destroy $VM_NAME
Sudo virsh start $VM_NAME
Disable:
Sudo virsh shutdown $VM_NAME
Add to autorun:
Sudo virsh autostart $VM_NAME
Very often it is necessary to clone a system in order to use it in the future as a framework for other virtual operating systems; for this, the virt-clone utility is used.
Virt-clone --help
It clones an existing virtual machine and changes host-sensitive data, for example, mac address. Passwords, files and other user-specific information in the clone remain the same. If the IP address on the cloned virtual machine was registered manually, then problems with SSH access to the clone may arise due to a conflict (2 hosts with the same IP).
In addition to installing a virtual machine via VNC, it is also possible to use X11Forwarding through the virt-manager utility. On Windows, for example, you can use Xming and PuTTY for this.
