This is an old revision of the document!
Kernel-based Virtual Machine (KVM)
Description: KVM is “a full virtualization solution for Linux on x86 hardware containing virtualization extensions.” (KVM Main Page) It can be run on the desktop with GUI managers or on a headless server.
Assumption: Some Red Hat based distro is already installed. (CentOS, Scientific, RHEL, etc)
2015-02-13: These are rough notes and in progress as I learn KVM.
Installation
- Install: Virtualization Groups
yum groupinstall "Virtualization*"
Group Explanations This will install the following package groups:
- Virtualization Tools ⇒ Tools for offline virtual image management.
- Virtualization Platform ⇒ Provides an interface for accessing and controlling virtualized guests and containers.
- Virtualization Client ⇒ Clients for installing and managing virtualization instances.
- Virtualization ⇒ Provides an environment for hosting virtualized guests.
For detailed info and a list of packages that will be installed:
yum groupinfo "Virtualization*"
- Install: Additional Useful Packages
yum install bridge-utils dejavu-lgc-sans-fonts tigervnc xorg-x11-xauth
Packages Descriptions
- bridge-utils ⇒ network bridging to allow the VMs to use the host machine's physical interfaces as a bridge.
- dejavu-lgc-sans-fonts ⇒ Fonts for virt-manager (GUI VM manager)
- tigervnc ⇒ VNC to connect locally to VM console
- xorg-x11-xauth ⇒ X11 forwarding through ssh. (Remote virt-manager for headless servers)
Verify Installation and Start Services
- Ensure that the KVM kernel module is loaded
lsmod | grep kvm
- Start the libvirtd service
service libvirtd start
- Enable libvirtd on system boot
chkconfig libvirtd on
- Verify libvirtd is running successfully
service libvirtd status virsh -c qemu://system list
Setup Networking
By default, VMs will be on a private network with no access to the outside world unless they use a physical host network interface as a bridge.
NetworkManager vs network
- Turn off NetworkManager, which does not play nice with bridging.
chkconfig NetworkManager off service NetworkManager stop
- Ensure the network service is enabled and running.
chkconfig network on service network start
Create a Bridge
- Create a bridge interface called “br0” that will use the physical interface “eth0” the easy way.
virsh iface-bridge eth0 br0
This will create the new file “ifcfg-br0” and modify “ifcfg-eth0” to look as follows:
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0" HWADDR="00:04:4B:17:3C:FA" ONBOOT="yes" BRIDGE="br0"
/etc/sysconfig/network-scripts/ifcfg-br0
DEVICE="br0" ONBOOT="yes" TYPE="Bridge" BOOTPROTO="dhcp" STP="on" DELAY="0"
br0 will be the interface with an IP address. To make it static, simply edit ifcfg-br0 and change it:
DEVICE="br0" ONBOOT="yes" TYPE="Bridge" BOOTPROTO="none" STP="on" DELAY="0" IPADDR="192.168.0.100" NETMASK="255.255.255.0" GATEWAY="192.168.0.1"
IP Forwarding
- Enable ip forwarding
Edit /etc/sysctl.conf
inet.ipv4.ip_forward = 1
- Apply settings
sysctl -p /etc/sysctl.conf
- Restart the network service
service network restart
SELinux
If SELinux is in Enforcing mode, there is additional configuration if you change the default directory for VM images.
Default VM Image directory: /var/lib/libvirt/images/
Changing the Default VM Image Path
- Create the directory
mkdir /vm-images
- Install the following package to enable use of the “semanage” utility.
yum install policycoreutils-python
- Set security context for the vm-images directory and everything that is created under it.
semanage fcontext -a -t virt_image_t "/vm-images(/.*)?"
- Restore the security context (I don't know why you have to do this yet…but you do)
restorecon -R /vm-images
- Verify
ls -Z /vm-images