Differences

This shows you the differences between two versions of the page.

--- unix:virtualization:kvm:server [2020/10/17 00:21] – rodolico
+++ unix:virtualization:kvm:server [2024/03/30 00:04] (current) – rodolico
@@ Line 1: / Line 1: @@
-====== KVM on server with libvirt ======
+====== libvirt installation (virsh) ======
 **This is a work in progress, 20201015**
@@ Line 17: / Line 17: @@
 You should see either vmx or svm in the output.
-Now, install the basic packages needed, a couple of utilities, but not all the extra crud.
+Now, install the basic packages needed, a couple of utilities, but not all the extra crud. //netcat-openbsd// is only needed if you're going to cluster and migrate virtuals from one hypervisor to another, from what I can tell. **virt-top** is a nice little //top// for seeing what is running and what resources they are using in real time.
 <code bash>
-apt install -y --no-install-recommends qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils libguestfs-tools genisoimage virtinst libosinfo-bin virt-top
+apt install -y --no-install-recommends qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils libguestfs-tools genisoimage virtinst libosinfo-bin virt-top netcat-openbsd
 reboot # brings libraries online
 </code>
@@ Line 174: / Line 174: @@
 I'm lazy, so I just created all three, then imported them all at one time.
-<code xml br_wan.xml>
+<code bash import_bridge.sh>
-<network>
+#! /usr/bin/env bash
-  <name>br_wan</name>
-  <forward mode="bridge"/>
-  <bridge name="br_wan"/>
-</network>
-</code>
-<code xml br_dmz.xml>
+# create the xml definitions. The br is prepended.
-<network>
+# Add/remove interfaces if needed
-  <name>br_dmz</name>
+for interface in wan lan dmz
-  <forward mode="bridge"/>
+do
-  <bridge name="br_dmz"/>
+cat << EOF > br_$interface.xml
-</network>
+       <network>
-</code>
+         <name>br_$interface</name>
+         <forward mode="bridge"/>
+         <bridge name="br_$interface"/>
+       </network>
+EOF
+done
+# uncomment this if you want to view your xml files but
+# not process them
+# exit
-<code xml br_lan.xml>
-<network>
-  <name>br_lan</name>
-  <forward mode="bridge"/>
-  <bridge name="br_lan"/>
-</network>
-</code>
-And imported them all at once.
+# find all xml files and do the net-define
+for interface in `ls *.xml`
+do
+   virsh net-define --file $interface
+done
-<code bash>
+# since the bridge name is followed by xml, simply remove that
-for interface in `ls *.xml` ; do virsh net-define --file $interface ; done
+# and set to autostart and start it
-for interface in `ls *.xml | cut -d'.' -f1` ; do virsh net-autostart $interface ; virsh net-start $interface ; done
+for interface in `ls *.xml | cut -d'.' -f1`
+do
+   virsh net-autostart $interface
+   virsh net-start $interface
+done
+# show me the list of network names
 virsh net-list
 </code>
-After the last command, you should see your three interfaces defined. That means you can now use them.
+This script assumes your network names are of the form br_//something// and it creates the file name as br_//something//.xml. It then looks for all XML files (so, you don't want any others in the current directory), the processes them.
+The last loop assumes there are no periods in the network name. Be warned.
 ===== Using Storage =====
-In our example, we are going to use LVM2 to grab a piece of the disk for a new virtual. You can also use a file (File Backed Device, or FBD) by running //fallocate//, or set up access to an iSCSI.
+In our example, we are going to use LVM2 to grab a piece of the disk for a new virtual. You can also use a file (File Backed Device, or FBD) by running //fallocate//, or set up access to an iSCSI. virt-install will, by default, create an FBD in its default location, so if you're happy with that, ignore this whole section.
 ==== File Backed Device =====
@@ Line 230: / Line 237: @@
 ===== Doing the Install =====
+You can probably create a virtual by manually creating the XML file, but why do that when virt-install is your friend. Sure, there are a bunch of parameters, but they are very, very well documented, and will create your system for your rapidly
+This example creates a virtual installing the opnSense firewall/router.
+<code bash>
+virt-install \
+   --hvm \
+   --connect    qemu:///system \
+   --name       router-a \
+   --memory     4096 \
+   --vcpus      4 \
+   --disk       path=/dev/vg0/router-a.disk0,bus=virtio,target=sda \
+   --graphics vnc,port=5901 \
+   --noautoconsole \
+   --cdrom     /media/xen-store/OPNsense-20.1-OpenSSL-dvd-amd64.iso \
+   --os-variant freebsd11.1 \
+   --metadata uuid=d9510e01-e461-461f-9aa8-3cee223cb4a0,name=router-a,title=router-a,description='Primary Router' \
+   --boot     hd,cdrom,menu=on \
+   --network  bridge=br_wan,mac=00:16:3e:bd:26:70,model=virtio \
+   --network  bridge=br_dmz,mac=00:16:3e:bd:26:71,model=virtio \
+   --network  bridge=br_lan,mac=00:16:3e:bd:26:72,model=virtio
+</code>
+Other useful options are
+  * --dry-run # don't really do it
+  * --controller virtio-scsi # this is specific to KVM, but faster there
+  * osinfo-query os # this shows the OS's available for the --os-variant flag
+most of the parameters are self evident, but I'll quickly talk about why I did some of them.
+  * --graphics vnc,port=5901 - Our servers are headless and have no GUI. I want to be able to connect during install using VNC. By defining the port here, it is not auto-selected (and changeable) across boots
+  * --noautoconsole - When starting the virtual, virt-lib tries to bring up a GUI for virtviewer to take over, or run virsh console to bring up a serial console. Since I don't want either, I disable it here
+  * --os-variant freebsd11.1 - By defining this, virt-install can set up some defaults that work well with the known OS.
+  * --metadata uuid=d9510e01-e461-461f-9aa8-3cee223cb4a0,name=router-a,title=router-a,description='Primary Router'
+    * title, name and description will show up in some reports.
+    * uuid is good so the virtual does not get a new, randomly generated UUID every time it runs. Use the uuidgen command to get a randomly generated one for each new machine
+===== Performing Installation =====
+For most systems, I use VNC to do the install. Since I'm remote, I use the following ssh command:
+<code bash>ssh -L localhost:5910:localhost:5901 server</code>
+where
+  * 5910 is the local VNC port I'll attach to (ie, localhost:5910)
+  * 5901 is the VNC port I told virt-install to use
+  * server is the name of the hypervisor
+Then, when I run the virt-install command, I simply make a VNC connection to localhost:5910 and can do my install.
+===== Setting other parameters =====
+If you want the domain to come up automatically when the hypervisor is turned on, the autostart flag needs to be set. Do this with <code bash>virsh autostart domainname</code>
+===== Links =====
+  * https://www.cyberciti.biz/faq/install-kvm-server-debian-linux-9-headless-server/
+  * https://www.techotopia.com/index.php/Managing_KVM_on_RHEL_6_using_the_virsh_Command-line_Tool
+  * https://computingforgeeks.com/virsh-commands-cheatsheet/
+  * https://serverfault.com/questions/350806/convert-libvirt-xen-configuration-to-native
+  * https://libvirt.org/sources/virshcmdref/html/
+  * https://www.utappia.org/2016/04/how-to-migrate-your-virtual-box.html (migrate virtualbox images to kvm qcow2)
+  * https://serverfault.com/questions/627238/kvm-libvirt-how-to-configure-static-guest-ip-addresses-on-the-virtualisation-ho#627245 (set sticky IP's on KVM)