KVM

From Wildsong
Revision as of 19:32, 21 March 2015 by Brian Wilson (talk | contribs)
Jump to navigationJump to search

KVM is a virtualization engine, like VirtualBox or VMWare. It is not locked to a Gui; this makes it more suitable for use on servers. Along the same line, it automatically sets up a virtual console using SPICE(http://www.spice-space.org/) or VNC. This allows out of band access to a virtual machine, sort of like IPMI.

KVM and QEMU are the back end components. libvirt is a wrapper making the VMs easier to manage.

I am testing it on Dart, a server that runs Debian 7.

Primary goals

I want to migrate wildsong.biz and hupi.org to virtual machines so that I can host them on Dart but still keep them walled off in their own worlds to make them easier to manage.

Also I need to be able to run Ubuntu to test out BigBlueButton. (It seemed the easiest path at the moment.)

Set up

Package installation

sudo apt-get install qemu-kvm virtinst virt-top

Usage

= Create a new machne

This is how I did it the first time, before discovering libvirt.

mkdir /var/kvm
cd /var/kvm
qemu-img create -f qcow2 hupi.img 10G
kvm -hda hupi.img -cdrom ~bwilson/LinuxImages/debian-7.8.0-amd64-netinst.iso -boot d -m 2048 -vnc :0 &

Now connect via VNC client. On my Mac, I use Chicken of the VNC.

Using VNC server on Dart, I can connect and disconnect any time without worrying about the session state as I do when using ssh. Once the installation is completed I can shut down and restart with:

sudo kvm -hda /var/kvm/hupi.img -vnc :0 -device e1000,netdev=user.0 -netdev user,id=user.0,hostfwd=tcp::5555-:22 &

This command redirects localhost port 5555 to guest port 22, so I can connect with "ssh -p 5555 localhost"

Now that I know about libvirt I wan to import the machine.

sudo virt-install --name hupi --ram=1024 --import --disk path=/var/kvm/hupi.img,format=qcow2 --network bridge=br0 --graphics vnc,password=supersecret

Securing access

Seems quite open at the moment. I need my password in the guest, that's all. If I don't need VNC from the big Internet I can disable the port forwarding in my firewall.

Bridged network

Refer to: http://www.linux-kvm.org/page/Networking

Host

Change the host /etc/network/interfaces file. Restart networking.

# Replace old eth0 config with br0
auto eth0 br0

# Use old eth0 config for br0, plus bridge stuff
iface br0 inet dhcp
   bridge_ports    eth0
   bridge_stp      off
   bridge_maxwait  0
   bridge_fd       0

So far, sudo service networking restart has worked for me! Even remotely, w no long bike rides to fix it. (Also, I have IPMI access when I remember to plug in the extra ethernet cable.)

Guest

Refer to http://www.mediaonfire.com/tech_tips/QEMUNetworking.html

Remote access

SPICE

VNC - I am using because it's built in. Once the machine is running properly I have no immediate need for a GUI console.

Virtualbricks

Looks quite promising but I need to get off Tektonic today so --- back burner.

http://virtualbricks.eu/wiki/index.php/Main_Page

Don't install from Debian, that version is old.

sudo apt-get install python-twisted

I get this error

virtualbricks.errors.InvalidNameError: /home/bwilson/.virtualbricks/.virtualbricks.vbl