kvm的基础使用

发表于 | 分类于

当前宿主机使用的 debian12 操作系统

环境检查

CPU 需要开启硬件虚拟化支持,vmware 需要开启嵌套虚拟化

1
egrep -c 'vmx|svm' /proc/cpuinfo

输出结果大于0

或者

1
2
3
4
5
apt install -y cpu-checker

root@debian12:~# kvm-ok
INFO: /dev/kvm exists
KVM acceleration can be used

安装 kvm

主要软件安装

1
2
3
4
5
6
## qemu+kvm
root@debian12:~# apt install -y qemu-kvm 
## libvirt
root@debian12:~# apt install -y virt-manager libvirt-daemon-system virtinst libvirt-clients
## bridge tool
root@debian12:~# apt install -y bridge-utils
  1. qemu-kvm - 为 KVM 管理程序提供硬件模拟的软件程序
  2. libvirt-daemon-system - 将 libvirt 守护程序作为系统服务运行的配置文件
  3. libvirt-clients - 用来管理虚拟化平台的软件
  4. bridge-utils - 用来配置网络桥接的命令行工具
  5. virtinst - 用来创建虚拟机的命令行工具

检验

1
2
3
4
5
root@debian12:~# systemctl is-active libvirtd
active
# 给 非 root 用户权限 USER=test
root@debian12:~#  sudo usermod -aG kvm $USER
root@debian12:~#  sudo usermod -aG libvirt $USER

定制 镜像

使用osinfo-query命令可以列出–os-variant选项支持的所有参数

1
2
$ apt install -y libosinfo-bin
$ osinfo-query os

eg: jammy(Ubuntu Server 22.04 LTS)
获取安装镜像

1
2
3
4
apt install -y guestfs-tools
wget https://mirrors.tuna.tsinghua.edu.cn/ubuntu-cloud-images/jammy/current/jammy-server-cloudimg-amd64.img
mkdir -p /var/lib/libvirt/images/templates
cp jammy-server-cloudimg-amd64.img /var/lib/libvirt/images/templates/

个性化定制

  1. 创建 ubuntu 用户,密码为 ubuntu123,并赋予sudo权限
  2. 开启sshd服务,并允许密码登录,关闭 root登录
  3. 安装 qemu-guest-agent
1
2
3
4
5
6
7
8
9
10
export image=/var/lib/libvirt/images/templates/jammy-server-cloudimg-amd64.img
virt-customize -a $image --run-command 'adduser ubuntu'
virt-customize -a $image --run-command 'echo "ubuntu:ubuntu123" | chpasswd'
virt-customize -a $image --run-command 'adduser ubuntu sudo'
virt-customize -a $image --run-command 'apt update -y'
virt-customize -a $image --run-command 'apt install -y qemu-guest-agent'
virt-customize -a $image --run-command 'ssh-keygen -A'
virt-customize -a $image --run-command 'rm -rf /etc/ssh/sshd_config.d/60-cloudimg-settings.conf'
virt-customize -a $image --run-command "sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config;"
virt-customize -a $image --run-command "sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config;"

配置网络

具体网络类型可以搜索, 主要使用到的是 nat, host-only 与桥接

1. NAT (Network Address Translation)

特点

  • 虚拟机通过宿主机的网络连接访问外部网络。
  • 虚拟机有自己的私有 IP 地址,但在外部网络中显示为宿主机的 IP 地址。
  • 外部网络无法直接访问虚拟机。

用途

  • 适用于需要虚拟机访问外部网络但不需要外部访问虚拟机的场景。
  • 开发和测试环境。

这个是默认配置, 安装完会自动创建,不指定网络类型默认这个

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# virsh net-dumpxml default
<network connections='1'>
  <name>default</name>
  <uuid>1cf5acd7-96d6-4474-b04c-1eb5c94f3253</uuid>
  <forward mode='nat'>
    <nat>
      <port start='1024' end='65535'/>
    </nat>
  </forward>
  <bridge name='virbr0' stp='on' delay='0'/>
  <mac address='52:54:00:2e:64:3d'/>
  <ip address='192.168.122.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.122.2' end='192.168.122.254'/>
    </dhcp>
  </ip>
</network>

使用此网络创建虚拟机后,查看网络信息

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
root@debian12:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
   link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:5b:d8:53 brd ff:ff:ff:ff:ff:ff
    altname enp2s0
    inet 192.168.2.235/24 brd 192.168.2.255 scope global dynamic ens32
       valid_lft 83466sec preferred_lft 83466sec
    inet6 fe80::20c:29ff:fe5b:d853/64 scope link 
       valid_lft forever preferred_lft forever
3: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:54:00:2e:64:3d brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master virbr0 state UNKNOWN group default qlen 1000
    link/ether fe:54:00:dc:ef:93 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc54:ff:fedc:ef93/64 scope link 
       valid_lft forever preferred_lft forever

2. 桥接网络 (Bridged Network) 与 MacVTap

特点

  • 虚拟机直接连接到宿主机的物理网络。
  • 虚拟机获得与物理网络相同的 IP 地址范围,可以被外部网络直接访问。
  • 需要配置桥接接口。

用途

  • 虚拟机需要与物理网络中的其他设备通信。
  • 虚拟机需要提供网络服务给外部网络访问。

使用 --network type=direct,source=ens32,source_mode=bridge,model=virtio 可以达到桥接网络的效果,简化操作

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
root@debian12:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
   link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:5b:d8:53 brd ff:ff:ff:ff:ff:ff
    altname enp2s0
    inet 192.168.2.235/24 brd 192.168.2.255 scope global dynamic ens32
       valid_lft 83466sec preferred_lft 83466sec
    inet6 fe80::20c:29ff:fe5b:d853/64 scope link 
       valid_lft forever preferred_lft forever
3: macvtap0@ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 500
    link/ether 52:54:00:24:65:e4 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::5054:ff:fe24:65e4/64 scope link 
       valid_lft forever preferred_lft forever

或者创建桥接网络

原始信息

1
2
3
4
5
6
7
8
9
10
11
root@debian12:/home/imwl# cat /etc/network/interfaces

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens32
iface ens32 inet dhcp

创建 br0 网桥

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
root@debian12:/home/imwl#  cat /etc/network/interfaces
source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens32
iface ens32 inet manual

auto br0
iface br0 inet dhcp
    bridge_ports ens32
    bridge_stp off
    bridge_fd 0
    bridge_maxwait 0

# 重启网络
root@debian12:~# systemctl restart networking.service
root@debian12:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute
       valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UP group default qlen 1000
    link/ether 00:0c:29:5b:d8:53 brd ff:ff:ff:ff:ff:ff
    altname enp2s0
    inet6 fe80::20c:29ff:fe5b:d853/64 scope link
       valid_lft forever preferred_lft forever
6: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 62:3c:38:0f:36:ce brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.67/24 brd 192.168.2.255 scope global dynamic br0
       valid_lft 86398sec preferred_lft 86398sec
    inet6 fe80::603c:38ff:fe0f:36ce/64 scope link
       valid_lft forever preferred_lft forever

查看网桥及接口

1
2
3
root@debian12:~# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.000c2915v3w4    no              ens32

添加网桥到 kvm

1
2
3
4
5
6
7
8
mkdir -p /etc/kvm/
cat >/etc/kvm/host-bridge.xml<<EOF
<network>
  <name>host-bridge</name>
  <forward mode="bridge"/>
  <bridge name="br0"/>
</network>
EOF

启用

1
2
3
virsh net-define /etc/kvm/host-bridge.xml
virsh net-start host-bridge
virsh net-autostart host-bridge

查看信息

1
2
3
4
5
 root@debian12:~# virsh net-list
 Name          State    Autostart   Persistent
------------------------------------------------
 default       active   yes         yes
 host-bridge   active   yes         yes

3. 仅主机网络配置

创建仅主机网络定义文件 /etc/kvm/host-only.xml

1
2
3
4
5
6
7
8
9
<network>
  <name>host-only</name>
  <bridge name="virbr1" stp="on" delay="0"/>
  <ip address="192.168.200.1" netmask="255.255.255.0">
    <dhcp>
      <range start="192.168.200.2" end="192.168.200.254"/>
    </dhcp>
  </ip>
</network>

定义并启动网络:

1
2
3
sudo virsh net-define  /etc/kvm/host-only.xml
sudo virsh net-start host-only
sudo virsh net-autostart host-only

查看

1
2
3
4
5
6
root@debian12:~# virsh net-list
 Name          State    Autostart   Persistent
------------------------------------------------
 default       active   yes         yes
 host-bridge   active   yes         yes
 host-only     active   yes         yes

使用 kvm

使用镜像模板

1
2
mkdir -p /var/lib/libvirt/images/ubuntu01
cp /var/lib/libvirt/images/templates/jammy-server-cloudimg-amd64.img /var/lib/libvirt/images/ubuntu01/

创建虚拟机

1
2
3
4
5
6
7
8
9
10
virt-install \
  --name ubuntu02 \
  --vcpus 1 \
  --memory 2048 \
  --disk path=/var/lib/libvirt/images/ubuntu02/jammy-server-cloudimg-amd64.img \
  --os-variant ubuntu22.04 \
  --import \
  --autostart \
  --noautoconsole \
  --network network=host-only

连接虚拟机

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 # ctrl +] 退出 # enter 进入
root@debian12:~# virsh console ubuntu01

Connected to domain 'ubuntu01'
Escape character is ^] (Ctrl + ])

root@debian12:~# virsh console ubuntu01
Connected to domain 'ubuntu01'
Starting Time & Date Service...
[ OK ] Started Time & Date Service.
Starting Time & Date Service...
[ OK ] Reached target Multi-User System.
[ OK ] Reached target Graphical Interface.
Starting Record Runlevel Change in UTMP...
[ OK ] Finished Record Runlevel Change in UTMP.

Ubuntu 22.04.4 LTS ubuntu ttyS0

ubuntu login: ubuntu
Password:

ubuntu@ubuntu:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 52:54:00:dc:ef:93 brd ff:ff:ff:ff:ff:ff

配置 dhcp 网络, 或者固定网络

enp1s0 卡名字

1
2
3
4
5
6
7
8
9
10
root@ubuntu:~$ cat >/etc/netplan/00-installer-config.yaml<<EOF
network:
  version: 2
  renderer: networkd
  ethernets:
    enp1s0:
      dhcp4: true
EOF
root@ubuntu:~# chmod 600 /etc/netplan/00-installer-config.yaml
root@ubuntu:~# netplan apply

固定网络示例

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
cat >/etc/netplan/00-installer-config.yaml<<EOF
network:
  version: 2
  ethernets:
    enp1s0:
      dhcp4: false
      addresses:
        - 192.168.2.100/24
      nameservers:
        addresses:
          - 223.5.5.5
          - 223.6.6.6
      routes:
        - to: default
          via: 192.168.2.1
EOF

chmod 600 /etc/netplan/00-installer-config.yaml
netplan apply

宿主机上查看 ip 信息

1
2
3
4
5
6
7
8
root@debian12:~# virsh domifaddr ubuntu01 --source agent
setlocale: No such file or directory
 Name       MAC address          Protocol     Address
-------------------------------------------------------------------------------
 lo         00:00:00:00:00:00    ipv4         127.0.0.1/8
 -          -                    ipv6         ::1/128
 enp1s0     52:54:00:dc:ef:93    ipv4         192.168.122.10/24
 -          -                    ipv6         fe80::5054:ff:fedc:ef93/64

virsh 常用命令

开机:virsh start vm
关机:virsh shutdown vm 如果不生效,需要在 vm 中执行:yum install -y acpid
强关:virsh destroy vm
删除:virsh undefine vm
定义:virsh define vm
挂起:virsh suspend vm
恢复:virsh resume vm
编辑:virsh edit vm
导出信息: virsh dumpxml vm > vm.xml

虚拟机列表:virsh list
包含关机的虚机:virsh list –all
设置自动启动:virsh autostart vm
关闭自动启动:virsh autostart –disable vm
登陆虚机控制台:virsh console vm # 只对指定了console的虚机才管用,方式一
退出虚机控制台:ctrl + ]