云计算之KVM虚拟化实战
?
1 基礎環境規劃
1.1 主機環境規劃
| 系統版本 | 主機名 | IP地址 | 內存 | 磁盤 |
| CentOS6.9 | kvm-node1 | 10.0.0.200 | 2G | 20G |
| CentOS6.9 | kvm-node2 | 10.0.0.201 | 2G | 20G |
| CentOS6.9 | kvm-manager | 10.0.0.210 | 2G | 20G |
| CentOS6.9 | nfs01 | 10.0.0.31 | 2G | 20G |
1.2 Linux系統基礎優化
#更改主機名
[root@kvm-node1 ~]# hostname
kvm-node1
#查看系統內核版本
[root@kvm-node1 ~]# uname -r
2.6.32-696.el6.x86_64
#查看selinux狀態
[root@kvm-node1 ~]# getenforce
Disabled
#查看防火墻iptables狀態
[root@kvm-node1 ~]# /etc/init.d/iptables status
iptables: Firewall is not running.
#查看本地hosts解析
[root@kvm-node1 ~]# cat /etc/hosts
10.0.0.200 kvm-node1
10.0.0.201 kvm-node2
10.0.0.210 kvm-manager
10.0.0.31 nfs01
1.3 檢查虛擬化支持是否開啟
#執行以下命令輸出結果中包好vmx則表示已經開啟,沒有任何輸出則表示沒有啟用
[root@kvm-node1 ~]# grep -E 'vmx|svm' /proc/cpuinfo
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm constant_tsc up arch_perfmon pebs bts xtopology tsc_reliable nonstop_tsc aperfmperf unfair_spinlock pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch ida arat xsaveopt pln pts dtherm hwp hwp_noitfy hwp_act_window hwp_epp tpr_shadow vnmi ept vpid fsgsbase bmi1 avx2 smep bmi2 invpcid rdseed adx
#VMware Workstation虛擬機開啟虛擬化支持方法如下:
1.4 安裝KVM虛擬化軟件
#KVM虛擬化組件說明
? qemu虛擬化軟件,可以虛擬不同的IO設備,如網卡、聲卡、顯卡等
? libvirt 用于管理kvm虛擬機的工具
? virt-install 命令行安裝虛擬機工具
? virt-manager 圖形化管理虛擬機工具
? openssh-askpass 遠程連接kvm主機
#KVM軟件安裝命令
[root@kvm-node1 ~]# yum install qemu-kvm qemu-kvm-tools libvirt virt-manager virt-install openssh-askpass -y
# kvm是linux內核的一個模塊,驗證KVM模塊是否加載到linux內核
[root@kvm-node1 ~]# lsmod | grep kvm
kvm_intel 55432 0
kvm 346318 1 kvm_intel
1.5 啟動libvirtd服務并添加開機自啟動
[root@kvm-node1 ~]# /etc/init.d/libvirtd start
Starting libvirtd daemon:
[root@kvm-node1 ~]# /etc/init.d/libvirtd status
libvirtd (pid 1649) is running...
[root@kvm-node1 ~]# chkconfig --list libvirtd
libvirtd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
1.6 開啟ipv4路由轉發(NAT模式必選,網橋模式略過)
#修改/etc/sysctl.conf配置文件net.ipv4.ip_forward = 1
[root@kvm-node1 ~]# sed -i 's#net.ipv4.ip_forward = 0#net.ipv4.ip_forward = 1#g' /etc/sysctl.conf
#更改linux內核使其立即生效
[root@kvm-node1 ~]# sysctl -p /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
1.7 配置網絡(網橋模式生產環境)
# 修改網卡配置文件NM_CONTROLLED=no,使其不受NetworkManager控制
[root@kvm-node1 ~]# sed -i 's#NM_CONTROLLED=yes#NM_CONTROLLED=no#g' /etc/sysconfig/network-scripts/ifcfg-eth0
[root@kvm-node1 ~]# sed -i 's#NM_CONTROLLED=yes#NM_CONTROLLED=no#g' /etc/sysconfig/network-scripts/ifcfg-eth1
#創建br0網橋配置文件,并設置網卡eth0橋接到網橋br0上
[root@kvm-node1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BRIDGE=br0
[root@kvm-node1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
TYPE=Bridge
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=10.0.0.200
NETMASK=255.255.255.0
GATEWAY=10.0.0.1
DNS1=114.114.114.114
DNS2=223.5.5.5
[root@kvm-node1 ~]# /etc/init.d/network restart
1.8 查看網橋br0配置完成后的網絡信息
[root@kvm-node1 ~]# ifconfig
br0 Link encap:Ethernet HWaddr 00:0C:29:E2:34:26
inet addr:10.0.0.200 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee2:3426/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:224 errors:0 dropped:0 overruns:0 frame:0
TX packets:143 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:17610 (17.1 KiB) TX bytes:27692 (27.0 KiB)
eth0 Link encap:Ethernet HWaddr 00:0C:29:E2:34:26
inet6 addr: fe80::20c:29ff:fee2:3426/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:31570 errors:0 dropped:0 overruns:0 frame:0
TX packets:18074 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:40885315 (38.9 MiB) TX bytes:1455107 (1.3 MiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:E2:34:30
inet addr:172.16.1.200 Bcast:172.16.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee2:3430/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3 errors:0 dropped:0 overruns:0 frame:0
TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:180 (180.0 b) TX bytes:3312 (3.2 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
virbr0 Link encap:Ethernet HWaddr 52:54:00:80:89:7B
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
1.9 顯示當前系統網橋信息
[root@kvm-node1 ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000c29e23426 no eth0
virbr0 8000.52540080897b yes virbr0-nic
2 NFS存儲掛載
2.1 安裝NFS、rpcbind服務
[root@kvm-node1 ~]# rpm -qa nfs-utils rpcbind
rpcbind-0.2.0-16.el6.x86_64
nfs-utils-1.2.3-78.el6.x86_64
[root@kvm-node1 ~]# yum install nfs-utils rpcbind -y
2.2 啟動rpcbind服務并添加開機自啟動
[root@kvm-node1 ~]# /etc/init.d/rpcbind start
Starting rpcbind: [ OK ]
[root@kvm-node1 ~]# chkconfig rpcbind on
2.3 打印rpc信息
[root@kvm-node1 ~]# rpcinfo -p localhost
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
2.4 掛載NFS共享目錄
#顯示NFS服務器上的掛載信息
[root@kvm-node1 ~]# showmount -e 10.0.0.31
Export list for 10.0.0.31:
/mirror 10.0.0.0/24
/images 10.0.0.0/24
#創建相應的掛載目錄
[root@kvm-node1 ~]# mkdir /mirror
[root@kvm-node1 ~]# mkdir /images
#執行掛載命令
[root@kvm-node1 ~]# mount -t nfs 10.0.0.31:/mirror /mirror/
[root@kvm-node1 ~]# mount -t nfs 10.0.0.31:/images /images/
#顯示當前系統掛載信息
[root@kvm-node1 ~]# df -h | grep -E "mirror|images"
10.0.0.31:/mirror 18G 7.1G 9.2G 44% /mirror
10.0.0.31:/images 18G 7.1G 9.2G 44% /images
#設置nfs網絡文件系統開機自動掛載
[root@kvm-node1 ~]# echo "#share system mirror by wolf_dreams at 2018-8-01" >> /etc/rc.d/rc.local
[root@kvm-node1 ~]# echo "mount -t nfs 10.0.0.31:/mirror /mirror/" >> /etc/rc.d/rc.local
[root@kvm-node1 ~]# echo "mount -t nfs 10.0.0.31:/images /images/" >> /etc/rc.d/rc.local
#驗證/etc/rc.d/rc.local文件中nfs掛載是否寫入成功
[root@kvm-node1 ~]# tail -2 /etc/rc.d/rc.local
mount -t nfs 10.0.0.31:/mirror /mirror/
mount -t nfs 10.0.0.31:/images /images/
3 創建kvm虛擬機
3.1 創建虛擬機磁盤
#kvm虛擬機的磁盤格式支持兩種raw(固定大小)、qcow2(精簡模式)
[root@kvm-node1 ~]# qemu-img create -f qcow2 /images/VM-Centos.img 5G
Formatting '/images/VM-Centos.img', fmt=qcow2 size=5368709120 encryption=off cluster_size=65536
3.2 創建虛擬機實例
#參數說明
--virt-type:指定虛擬機類型(kvm、qemu、xen)
--os-type:指定虛擬機操作系統類型(linux、windows)
--name:指定虛擬機名稱
--raw:指定虛擬機使用內存大小
--cpu:指定cpu的核數(默認為1)
--cdrom:指定虛擬機安裝的ISO鏡像
--disk:指定虛擬機數據存儲磁盤格式(raw、qcow2)、存放位置、大小、磁盤接口類型等
--network:指定虛擬機網絡類型, 默認nat,生產環境常用bridge
--graphics:指定虛擬機可連接方式, 比如VNC、監聽IP、VNC連接端口等
--noautoconsole:不連接虛擬機圖形界面控制臺
#操作命令
[root@kvm-node1 ~]# virt-install --name VM-Centos --os-type=linux --virt-type kvm --ram 1024 --cdrom=/mirror/CentOS-6.9-x86_64-bin-DVD1.iso --disk path=/images/VM-Centos.img,format=qcow2,size=5,bus=scsi --network bridge=br0 --graphics vnc,listen=0.0.0.0,port=5901 --noautoconsole
Starting install...
Creating domain... | 0 B 00:00
Domain installation still in progress. You can reconnect to
the console to complete the installation process.
#特別提示
使用--disk參數時,一定要指定磁盤的格式、接口類型、大小,如果不明確制定安裝操作系統的時候識別的磁盤空間為0,不能安裝操作系統;安裝Centos6.9最小內存要設置為1G,要不安裝操作系統的時候會進入文本模式而不是圖形安裝模式
3.3 使用vnc客戶端連接KVM虛擬機,進行操作系統安裝
#vnc客戶端連接kvm虛擬機出現報錯如下(原因可能是數據溢出導致):
#解決辦法(調試圖形質量為Low或者High模式多試幾次即可解決):
3.4 開始安裝Centos操作系統
#省略余下的安裝過程,新入門的linux人員自行百度相關安裝步驟
3.5 SecureCRT使用virt-manager管理虛擬機
3.5.1 安裝X11相關軟件
[root@kvm-node1 ~]# yum install -y xorg-x11-font-utils.x86_64
xorg-x11-server-utils.x86_64 xorg-x11-utils.x86_64 xorg-x11-xauth.x86_64 xorg-x11-xinit.x86_64
3.5.2 查詢X11相關軟件包
[root@kvm-node1 ~]# rpm -qa | grep xorg-x11
xorg-x11-xauth-1.0.9-1.el6.x86_64
xorg-x11-server-utils-7.7-14.el6.x86_64
xorg-x11-xinit-1.0.9-14.el6.x86_64
xorg-x11-font-utils-7.2-11.el6.x86_64
xorg-x11-utils-7.5-14.el6.x86_64
3.5.3 SSH服務端開啟SSH隧道轉發X11
#修改/etc/ssh/sshd_config配置文件X11Forwarding no為X11Forwarding yes
[root@kvm-node1 ~]# sed -i 's#X11Forwarding no#X11Forwarding yes#g' /etc/ssh/sshd_config
[root@kvm-node1 ~]# grep "X11Forwarding*" /etc/ssh/sshd_config
#X11Forwarding no
X11Forwarding yes
# X11Forwarding no
#重啟SSH服務
[root@kvm-node1 ~]# /etc/init.d/sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
3.5.4 在客戶端機器上安裝Xming
Xming下載地址:https://sourceforge.net/projects/xming/
Xming安裝方法:windows系統上雙擊安裝即可
3.5.5 設置SecureCRT轉發
#在SSH服務端上驗證轉發設置是否成功
[root@kvm-node1 ~]# echo $DISPLAY
localhost:12.0
3.5.6 在SSH服務端運行virt-manager命令
#virt-manager出現亂碼現象
#解決virt-manager亂碼方法
[root@kvm-node1 ~]# yum list dejavu-lgc-sans-fonts -y
#再次運行virt-manager
#至此我們可以使用在不安裝圖形化界面也能使用圖形化管理kvm虛擬機了
4 KVM管理工具之Webvirtmgr實戰
4.1 基礎環境介紹
#系統基本設置
[root@kvm-manager ~]# cat /etc/redhat-release
CentOS release 6.9 (Final)
[root@kvm-manager ~]# uname -r
2.6.32-696.el6.x86_64
[root@kvm-manager ~]# hostname
kvm-manager
[root@kvm-manager ~]# getenforce
Disabled
[root@kvm-manager ~]# /etc/init.d/iptables status
iptables: Firewall is not running.
[root@kvm-manager ~]# for i in `echo -e "0\n1"`;do echo -n eth$i:;ifconfig eth$i | awk -F '[ :]+' 'NR==2{print $4}';done
eth0:10.0.0.210
eth1:172.16.1.210
#開啟yum源包緩存
[root@kvm-manager ~]# vi /etc/yum.conf
[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=1
debuglevel=2
logfile=/var/log/yum.log
4.2 安裝webvirtmgr軟件包
[root@kvm-manager ~]# yum -y install http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
[root@kvm-manager ~]# yum -y install git python-pip libvirt-python libxml2-python python-websockify supervisor nginx
4.3 安裝python需求并設置Django環境
[root@kvm-manager ~]# git clone git://github.com/retspen/webvirtmgr.git
Initialized empty Git repository in /root/webvirtmgr/.git/
remote: Counting objects: 5730, done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 5730 (delta 1), reused 0 (delta 0), pack-reused 5724
Receiving objects: 100% (5730/5730), 3.01 MiB | 131 KiB/s, done.
Resolving deltas: 100% (3686/3686), done.
[root@kvm-manager ~]cd webvirtmgr
[root@kvm-manager webvirtmgr]# pip install -r requirements.txt
[root@kvm-manager webvirtmgr]# ./manage.py syncdb
WARNING:root:No local_settings file found.
Creating tables ...
Creating table auth_permission
Creating table auth_group_permissions
Creating table auth_group
Creating table auth_user_groups
Creating table auth_user_user_permissions
Creating table auth_user
Creating table django_content_type
Creating table django_session
Creating table django_site
Creating table servers_compute
Creating table instance_instance
Creating table create_flavor
#輸入用戶信息:
You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes
Username (leave blank to use 'root'): root #輸入用戶名
Email address: gh1578@qq.com #輸入自己的郵箱賬戶
Password: #輸入你的用戶登錄密碼
Password (again): #再次確認登錄密碼
Superuser created successfully.
Installing custom SQL ...
Installing indexes ...
Installed 6 object(s) from 1 fixture(s)
[root@kvm-manager webvirtmgr]# ./manage.py collectstatic
#創建額外的超級用戶
[root@kvm-manager webvirtmgr]# ./manage.py createsuperuser
WARNING:root:No local_settings file found.
Username: admin #輸入超級用戶名
Email address: gh1578@qq.com #輸入你的郵箱
Password: #輸入超級用戶的登錄密碼
Password (again): #再次確認密碼
Superuser created successfully.
#修改額外超級用戶密碼
[root@kvm-manager webvirtmgr]# ./manage.py changepassword admin
WARNING:root:No local_settings file found.
Changing password for user 'admin'
Password:
Password (again):
Password changed successfully for user 'admin'
4.4 配置nginx
[root@kvm-manager webvirtmgr]# cd ..
[root@kvm-manager ~]# mkdir -pv /var/www
mkdir: created directory `/var/www'
[root@kvm-manager ~]# mv webvirtmgr/ /var/www/
#添加文件webvirtmgr.conf中/etc/nginx/conf.d目錄中
[root@kvm-manager ~]# cd /etc/nginx/conf.d/
[root@kvm-manager conf.d]# vim webvirtmgr.conf
server {
listen 80 default_server;
server_name $hostname;
#access_log /var/log/nginx/webvirtmgr_access_log;
location /static/ {
root /var/www/webvirtmgr/webvirtmgr;
expires max;
}
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
client_max_body_size 1024M; # Set higher depending on your needs
}
}
#啟動nginx服務報錯如下:
[root@kvm-manager nginx]# /etc/init.d/nginx start
Starting nginx: nginx: [emerg] a duplicate default server for 0.0.0.0:80 in /etc/nginx/conf.d/webvirtmgr.conf:2
[FAILED]
#報錯原因:在/etc/nginx/conf.d/目錄存在nginx服務默認的配置文件,從而引起沖突,導致nginx服務啟動失敗
[root@kvm-manager conf.d]# ls -ld default.conf.bak
-rw-r--r-- 1 root root 451 Oct 31 2016 default.conf
#解決辦法:
[root@kvm-manager conf.d]# mv default.conf{,.bak}
[root@kvm-manager conf.d]# ls -ld default.conf*
-rw-r--r-- 1 root root 451 Oct 31 2016 default.conf.bak
#啟動nginx服務并設置開機自啟動
[root@kvm-manager ~]# /etc/init.d/nginx status
nginx is stopped
[root@kvm-manager ~]# /etc/init.d/nginx start
Starting nginx: [ OK ]
[root@kvm-manager ~]# chkconfig nginx on
#查看nginx端口是否正常開通
[root@kvm-manager ~]# lsof -i :80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 25044 root 6u IPv4 63052 0t0 TCP *:http (LISTEN)
nginx 25046 nginx 6u IPv4 63052 0t0 TCP *:http (LISTEN)
#設置/var/www/webvirtmgr目錄屬主與屬組權限為nginx
[root@kvm-manager ~]# chown -R nginx:nginx /var/www/webvirtmgr/
[root@kvm-manager ~]# ls -ld /var/www/webvirtmgr/
drwxr-xr-x 21 nginx nginx 4096 Aug 4 16:39 /var/www/webvirtmgr/
4.5 配置Supervisor
#編輯/etc/supervisord.conf配置文件,在該文件尾部添加以下內容
[root@kvm-manager ~]# vim /etc/supervisord.conf
[program:webvirtmgr]
command=/usr/bin/python /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
logfile=/var/log/supervisor/webvirtmgr.log
log_stderr=true
user=nginx
[program:webvirtmgr-console]
command=/usr/bin/python /var/www/webvirtmgr/console/webvirtmgr-console
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
stdout_logfile=/var/log/superviso
4.6 啟動supervisord服務并設置開機自啟動
[root@kvm-manager ~]# /etc/init.d/supervisord status
supervisord is stopped
[root@kvm-manager ~]# /etc/init.d/supervisord start
Starting supervisord: [ OK ]
[root@kvm-manager ~]# chkconfig supervisord on
#查看supervisord服務是否正常運行
[root@kvm-manager ~]# ps -ef | grep supervisord | grep -v grep
root 25421 1 0 19:01 ? 00:00:03 /usr/bin/python /usr/bin/supervisord
4.7 調試webvirtmgr方法
[root@kvm-manager ~]# cd /var/www/webvirtmgr/
[root@kvm-manager webvirtmgr]# ./manage.py runserver
WARNING:root:No local_settings file found.
WARNING:root:No local_settings file found.
Validating models...
0 errors found
August 04, 2018 - 16:47:44
Django version 1.5.5, using settings 'webvirtmgr.settings'
Development server is running at http://127.0.0.1:8000/
Quit the server with CONTROL-C.
Error: That port is already in use.
4.8 打開webvirtmgr web登錄頁面
1、在瀏覽器中輸入http://10.0.0.210/login/
2、在瀏覽器中輸入http://192.168.1.8:8000/login/
#修改/var/www/webvirtmgr/conf/gunicorn.conf.py配置文件中bind = '127.0.0.1:8000'為
bind = '0.0.0.0:8000'即可
[root@kvm-manager ~]# vim /var/www/webvirtmgr/conf/gunicorn.conf.py
#bind = '127.0.0.1:8000'
bind = '0.0.0.0:8000'
#重啟supervisord服務
[root@kvm-manager ~]# /etc/init.d/supervisord restart
Stopping supervisord: [ OK ]
Starting supervisord: [ OK ]
4.9 添加KVM主機(TCP連接方式)
4.9.1 在webvirtmgr服務端主機上驗證KVM主機信息
[root@kvm-manager ~]# virsh -c qemu+tcp://10.0.0.200/system nodeinfo
CPU model: x86_64
CPU(s): 1
CPU frequency: 2501 MHz
CPU socket(s): 1
Core(s) per socket: 1
Thread(s) per core: 1
NUMA cell(s): 1
Memory size: 1004112 KiB
4.9.2 在webvirtmgr服務端上驗證KVM主機報錯解決方法
#出現報錯如下
[root@kvm-manager ~]# virsh -c qemu+tcp://10.0.0.200/system nodeinfo
error: unable to connect to server at '10.0.0.200:16509': No route to host
error: failed to connect to the hypervisor
#問題原因及解決辦法
1、KVM宿主機防火墻阻擋16509端口
方法一(關閉防火墻):
/etc/init.d/iptables stop
chkconfig iptables off
方法二(添加防火墻放行16509端口規則):
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 16509 -j ACCEPT
/etc/init.d/iptables save
2、KVM宿主機tcp監聽端口沒有啟用
#去掉/etc/sysconfig/libvirtd文件中以下內容的注釋,使libvirtd服務處于監聽狀態
[root@kvm-node1 ~]# vim /etc/sysconfig/libvirtd
LIBVIRTD_CONFIG=/etc/libvirt/libvirtd.conf
LIBVIRTD_ARGS="--listen"
#修改/etc/libvirt/libvirtd.conf文件中以下內容的注釋,使libvirtd服務允許tcp方式通訊
[root@kvm-node1 ~]# vim /etc/libvirt/libvirtd.conf
listen_tls = 0 #取消CA認證
listen_tcp = 1 #允許tcp監聽
tcp_port = "16509" #開放tcp端口
listen_addr = "0.0.0.0" #修改監聽地址為0.0.0.0
auth_tcp = "none" #修改tcp認證為none;如果auth_tcp = "sasl"則tcp方法連接采用sasl方式認證
#重啟libvirtd服務
[root@kvm-node1 ~]# /etc/init.d/libvirtd restart
Stopping libvirtd daemon: [ OK ]
Starting libvirtd daemon: [ OK ]
#查看libvirtd服務運行進程狀態
[root@kvm-node1 ~]# ps aux | grep libvirtd | grep -v grep
root 17418 0.0 0.7 494124 7036 ? Sl 22:53 0:00 libvirtd --daemon --config /etc/libvirt/libvirtd.conf --listen
#查看libvirtd服務運行相應端口
[root@kvm-node1 ~]# netstat -lntp | grep 16509
tcp 0 0 0.0.0.0:16509 0.0.0.0:* LISTEN 17418/libvirtd
#再次在webvirtmgr主機上執行驗證KVM宿主機命令,正常打印KVM宿主機基本硬件信息
[root@kvm-manager ~]# virsh -c qemu+tcp://10.0.0.200/system nodeinfo
4.9.3 基于TCP認證采用sasl加密添加特定用戶
提示說明:如果auth_tcp = "sasl"則tcp方式連接則采用sasl方式認證,所以要執行以
下saslpasswd2的命令來創建賬戶,如果為auth_tcp = "none"則可以直接使用kvm宿主機本地的賬戶以tcp方式添加到webvirtmgr進行管理
#使用saslpasswd2命令添加賬戶
[root@kvm-node1 ~]# saslpasswd2 -a libvirt gandalf #在KVM宿主機上創建用戶gandalf
Password: #輸入gandalf密碼
Again (for verification): #再次確認gandalf密碼
#使用sasldblistusers2命令查看創建的賬戶
[root@kvm-node1 ~]# sasldblistusers2 -f /etc/libvirt/passwd.db
gandalf@kvm-node1: userPassword
#使用saslpasswd2命令帶-d參數禁用用戶訪問權限
[root@kvm-node1 ~]# saslpasswd2 -a libvirt -d Gandalf
#在webvirtmgr服務端主機上進行驗證測試
[root@kvm-manager ~]# virsh -c qemu+tcp://10.0.0.200/system nodeinfo
Please enter your authentication name: gandalf
Please enter your password:
CPU model: x86_64
CPU(s): 1
CPU frequency: 2501 MHz
CPU socket(s): 1
Core(s) per socket: 1
Thread(s) per core: 1
NUMA cell(s): 1
Memory size: 1004112 KiB
4.9.4 在webvirtmgr web頁面添加KVM主機
4.9.4.1 TCP連接方式添加
4.9.4.2 添加KVM主機完成
4.9.4.3 管理KVM主機所有信息
5 KVM虛擬化故障案例
5.1 案例一:virsh shutdown VM-name無法關閉虛擬機
問題描述:
通過kvm虛擬化安裝虛擬機,通過virsh shutdown VM-name命令關閉虛擬機,命令已經執行成功,但是通過virsh list --all 查看虛擬機狀態仍然處于running,只能通過virsh destroy命令強制關閉
解決辦法:
在虛擬機上執行以下命令:
yum install acpid -y
/etc/init.d/acpid start
chkconfig acpid on
驗證效果:
再次執行virsh shutdown VM-name命令成功關閉虛擬機
5.2 案例二:KVM虛擬機在使用vnc連接時鼠標不同步
解決辦法:
virsh edit VM-name
<input type='mouse' bus='ps2'/> 改成? <input type=’tablet’ bus=’usb’/>
(該句位于<devices>配置中)
input元素:input元素含有一個強制的屬性,type屬性的值可以是mouse或者tablet,前者使用相對運動,后者使用絕對運動。bus屬性指定一個明確的設備類型,值可以是:xen、ps2、usb。
轉載于:https://www.cnblogs.com/Wolf-Dreams/p/9459909.html
總結
以上是生活随笔為你收集整理的云计算之KVM虚拟化实战的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 仅仅用几行python代码偷偷复制U盘文
- 下一篇: 神奇的HyperLogLog算法