文章目錄
- 1. 虛拟化介紹
- 2. kvm介紹
- 3. kvm部署
-
- 3.1 kvm安裝
- 3.2 kvm web管理界面安裝
- 3.3 kvm web界面管理
-
- 3.3.1 kvm連接配接管理
- 3.3.2 kvm存儲管理
- 3.3.3 kvm網絡管理
- 3.3.4 執行個體管理
- 4.故障案例
-
- 4.1 案例1
- 4.2 案例2
1. 虛拟化介紹
虛拟化是雲計算的基礎。簡單的說,虛拟化使得在一台實體的伺服器上可以跑多台虛拟機,虛拟機共享實體機的 CPU、記憶體、IO 硬體資源,但邏輯上虛拟機之間是互相隔離的。
實體機我們一般稱為主控端(Host),主控端上面的虛拟機稱為客戶機(Guest)。
那麼 Host 是如何将自己的硬體資源虛拟化,并提供給 Guest 使用的呢?
這個主要是通過一個叫做 Hypervisor 的程式實作的。
根據 Hypervisor 的實作方式和所處的位置,虛拟化又分為兩種:
- 全虛拟化
- 半虛拟化
全虛拟化:
Hypervisor 直接安裝在實體機上,多個虛拟機在 Hypervisor 上運作。Hypervisor 實作方式一般是一個特殊定制的 Linux 系統。Xen 和 VMWare 的 ESXi 都屬于這個類型
半虛拟化:
實體機上首先安裝正常的作業系統,比如 Redhat、Ubuntu 和 Windows。Hypervisor 作為 OS 上的一個程式子產品運作,并對管理虛拟機進行管理。KVM、VirtualBox 和 VMWare Workstation 都屬于這個類型
理論上講:
全虛拟化一般對硬體虛拟化功能進行了特别優化,性能上比半虛拟化要高;
半虛拟化因為基于普通的作業系統,會比較靈活,比如支援虛拟機嵌套。嵌套意味着可以在KVM虛拟機中再運作KVM。
2. kvm介紹
kVM 全稱是 Kernel-Based Virtual Machine。也就是說 KVM 是基于 Linux 核心實作的。
KVM有一個核心子產品叫 kvm.ko,隻用于管理虛拟 CPU 和記憶體。
那 IO 的虛拟化,比如存儲和網絡裝置則是由 Linux 核心與Qemu來實作。
作為一個 Hypervisor,KVM 本身隻關注虛拟機排程和記憶體管理這兩個方面。IO 外設的任務交給 Linux 核心和 Qemu。
大家在網上看 KVM 相關文章的時候肯定經常會看到 Libvirt 這個東西。
Libvirt 就是 KVM 的管理工具。
其實,Libvirt 除了能管理 KVM 這種 Hypervisor,還能管理 Xen,VirtualBox 等。
Libvirt 包含 3 個東西:背景 daemon 程式 libvirtd、API 庫和指令行工具 virsh
- libvirtd是服務程式,接收和處理 API 請求;
- API 庫使得其他人可以開發基于 Libvirt 的進階工具,比如 virt-manager,這是個圖形化的 KVM 管理工具;
- virsh 是我們經常要用的 KVM 指令行工具
3. kvm部署
環境說明:
| 系統類型 | IP |
|---|---|
| RHEL7 | 192.168.93.129 |
3.1 kvm安裝
部署前請確定你的CPU虛拟化功能已開啟。分為兩種情況:
- 虛拟機要關機設定CPU虛拟化
- 實體機要在BIOS裡開啟CPU虛拟化
//關閉防火牆與selinux
[[email protected] ~]# systemctl stop firewalld
[[email protected] ~]# systemctl disable firewalld
[[email protected] ~]# setenforce 0
[[email protected] ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
//配置網絡源
[[email protected] ~]# cd /etc/yum.repos.d/
[[email protected] yum.repos.d]# curl -o /etc/yum.repos.d/CentOS7-Base-163.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:100 1572 100 1572 0 0 24843 0 --:--:-- --:--:-- --:--:-- 24952
[[email protected] yum.repos.d]# ls
2019.repo CentOS7-Base-163.repo
[[email protected] yum.repos.d]# sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[[email protected] yum.repos.d]# sed -i 's/^enabled=.*/enabled=1/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[[email protected] ~]# yum -y install epel-release vim wget net-tools unzip zip gcc gcc-c++
//驗證CPU是否支援KVM;如果結果中有vmx(Intel)或svm(AMD)字樣,就說明CPU的支援的
[[email protected] ~]# egrep -o 'vmx|svm' /proc/cpuinfo
vmx
//kvm安裝
[[email protected] ~]# yum -y install qemu-kvm qemu-kvm-tools qemu-img virt-manager libvirt libvirt-python libvirt-client virt-install virt-viewer bridge-utils libguestfs-tools
//因為虛拟機中網絡,我們一般都是和公司的其他伺服器是同一個網段,是以我們需要把
KVM伺服器的網卡配置成橋接模式。這樣的話KVM的虛拟機就可以通過該橋接網卡和公司内部
其他伺服器處于同一網段
//此處我的網卡是ens33,是以用br0來橋接ens33網卡
[[email protected] ~]# cd /etc/sysconfig/network-scripts/
[[email protected] network-scripts]# ls
ifcfg-ens33 ifdown-Team ifup-post
ifcfg-lo ifdown-TeamPort ifup-ppp
ifdown ifdown-tunnel ifup-routes
ifdown-bnep ifup ifup-sit
ifdown-eth ifup-aliases ifup-Team
ifdown-ib ifup-bnep ifup-TeamPort
ifdown-ippp ifup-eth ifup-tunnel
ifdown-ipv6 ifup-ib ifup-wireless
ifdown-isdn ifup-ippp init.ipv6-global
ifdown-post ifup-ipv6 network-functions
ifdown-ppp ifup-isdn network-functions-ipv6
ifdown-routes ifup-plip
ifdown-sit ifup-plusb
[[email protected] network-scripts]# cp ifcfg-ens33 ifcfg-br0
[[email protected] network-scripts]# vim ifcfg-br0
[[email protected] network-scripts]# cat ifcfg-br0
TYPE=Bridge
BOOTPROTO=static
NM_CONTROLLED=no
DEFROUTE=yes
NAME=br0
DEVICE=br0
ONBOOT=yes
IPADDR=192.168.93.129
NETMASK=255.255.255.0
GATEWAY=192.168.93.2
DNS1=192.168.93.2
[[email protected] network-scripts]# vim ifcfg-ens33
[[email protected] network-scripts]# cat ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=static
NAME=ens33
DEVICE=ens33
ONBOOT=yes
BRIDGE=br0
NM_CONTROLLED=no
//重新開機網絡
[[email protected] network-scripts]# systemctl restart network
[[email protected] network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP qlen 1000
link/ether 00:0c:29:cb:3e:e9 brd ff:ff:ff:ff:ff:ff
inet6 fe80::20c:29ff:fecb:3ee9/64 scope link
valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 52:54:00:c1:99:30 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
link/ether 52:54:00:c1:99:30 brd ff:ff:ff:ff:ff:ff
6: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 00:0c:29:cb:3e:e9 brd ff:ff:ff:ff:ff:ff
inet 192.168.93.129/24 brd 192.168.93.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fecb:3ee9/64 scope link
valid_lft forever preferred_lft forever
//啟動服務
[[email protected] ~]# systemctl start libvirtd
[[email protected] ~]# systemctl enable libvirtd
//驗證安裝結果
[[email protected] ~]# lsmod|grep kvm
kvm_intel 170086 0
kvm 566340 1 kvm_intel
irqbypass 13503 1 kvm
//測試并驗證安裝結果
[[email protected] ~]# virsh -c qemu:///system list
Id 名稱 狀态
----------------------------------------------------
[[email protected] ~]# virsh --version
4.5.0
[[email protected] ~]# virt-install --version
1.5.0
[[email protected] ~]# ln -s /usr/libexec/qemu-kvm /usr/bin/qemu-kvm
[[email protected] ~]# ll /usr/bin/qemu-kvm
lrwxrwxrwx 1 root root 21 8月 31 11:25 /usr/bin/qemu-kvm -> /usr/libexec/qemu-kvm
[[email protected] ~]# lsmod|grep kvm
kvm_intel 170086 0
kvm 566340 1 kvm_intel
irqbypass 13503 1 kvm
//檢視網橋資訊
[[email protected] ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000c29cb3ee9 no ens33
virbr0 8000.525400c19930 yes virbr0-nic
3.2 kvm web管理界面安裝
kvm 的 web 管理界面是由 webvirtmgr 程式提供的。
//安裝依賴包
[[email protected] ~]# yum -y install git python-pip libvirt-python libxml2-python python-websockify supervisor nginx python-devel
//更新pip
[[email protected] ~]# pip install --upgrade pip
//從github上下載下傳webvirtmgr代碼
[[email protected] ~]# cd /usr/local/src/
[[email protected] src]# git clone git://github.com/retspen/webvirtmgr.git
正克隆到 'webvirtmgr'...
remote: Enumerating objects: 5614, done.
remote: Total 5614 (delta 0), reused 0 (delta 0), pack-reused 5614
接收對象中: 100% (5614/5614), 2.98 MiB | 56.00 KiB/s, done.
處理 delta 中: 100% (3602/3602), done.
//安裝webvirtmgr
[[email protected] src]# cd webvirtmgr/
[[email protected] webvirtmgr]# pip install -r requirements.txt
Collecting lockfile>=0.9 (from -r requirements.txt (line 5))
WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'ReadTimeoutError("HTTPSConnectionPool(host='pypi.org', port=443): Read timed out. (read timeout=15)",)': /simple/lockfile/
Downloading https://files.pythonhosted.org/packages/c8/22/9460e311f340cb62d26a38c419b1381b8593b0bb6b5d1f056938b086d362/lockfile-0.12.2-py2.py3-none-any.whl
Installing collected packages: django, gunicorn, lockfile
Running setup.py install for django ... done
Successfully installed django-1.5.5 gunicorn-19.5.0 lockfile-0.12.2
//檢查sqlite3是否安裝
[[email protected] webvirtmgr]# python
Python 2.7.5 (default, Jun 20 2019, 20:27:34)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-36)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import sqlite3
>>> exit()
//初始化帳号資訊
[[email protected] webvirtmgr]# python
Python 2.7.5 (default, Jun 20 2019, 20:27:34)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-36)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import sqlite3
>>> exit()
[[email protected] webvirtmgr]# python manage.py syncdb
WARNING:root:No local_settings file found.
Creating tables ...
Creating table auth_permission
Creating table auth_group_permissions
Creating table auth_group
Creating table auth_user_groups
Creating table auth_user_user_permissions
Creating table auth_user
Creating table django_content_type
Creating table django_session
Creating table django_site
Creating table servers_compute
Creating table instance_instance
Creating table create_flavor
You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes //是否建立超級管理者帳号
Username (leave blank to use 'root'): //指定超級管理者帳号使用者名,預設留白為root
Email address: [email protected] //設定超級管理者郵箱
Password: //設定超級管理者密碼
Password (again): //再次輸入超級管理者密碼
Superuser created successfully.
Installing custom SQL ...
Installing indexes ...
Installed 6 object(s) from 1 fixture(s)
//拷貝web網頁至指定目錄
[[email protected] webvirtmgr]# mkdir /var/www
[[email protected] webvirtmgr]# cp -r /usr/local/src/webvirtmgr /var/www/
[[email protected] webvirtmgr]# chown -R nginx.nginx /var/www/webvirtmgr/
[[email protected] webvirtmgr]# ll /var/www/webvirtmgr/ -d
drwxr-xr-x 20 nginx nginx 4096 8月 31 15:38 /var/www/webvirtmgr/
//生成密鑰
[[email protected] ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:dbv+s4F2IKYeA7NJjdxLIeoXwKkTHAKsdwqrOgpMxio [email protected]
The key's randomart image is:
+---[RSA 2048]----+
|= . |
| + o . |
|. o + . . . . |
|+ .o.+ = o . . |
| Boo. B S o o |
|* .o . B + . + |
|E. . + = + o |
|= . . o o ... |
|=. . ..oo |
+----[SHA256]-----+
//由于這裡webvirtmgr和kvm服務部署在同一台機器,是以這裡本地信任。如果kvm部署在其他機器,那麼這個是它的ip
[[email protected] ~]# ssh-copy-id 192.168.93.129
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.93.129'"
and check to make sure that only the key(s) you wanted were added.
//配置端口轉發
[[email protected] ~]# ssh 192.168.93.129 -L localhost:8000:localhost:8000 -L localhost:6080:localhost:60
Last login: Sat Aug 31 14:02:32 2019 from 192.168.93.1
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:111 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6080 *:*
LISTEN 0 128 127.0.0.1:8000 *:*
LISTEN 0 128 :::111 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 ::1:6080 :::*
LISTEN 0 128 ::1:8000 :::*
//配置nginx
[[email protected] ~]# vim /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name localhost;
include /etc/nginx/default.d/*.conf;
location / {
root html;
index index.html index.html;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
[[email protected] ~]# vim /etc/nginx/conf.d/webvirtmgr.conf
server {
listen 80 default_server;
server_name $hostname;
#access_log /var/log/nginx/webvirtmgr_access_log;
location /static/ {
root /var/www/webvirtmgr/webvirtmgr;
expires max;
}
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $remote_addr;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
client_max_body_size 1024M;
}
}
//確定bind綁定的是本機的8000端口
[[email protected] ~]# vim /var/www/webvirtmgr/conf/gunicorn.conf.py
//搜尋bind,修改綁定本機的8000端口
bind = '0.0.0.0:8000' //確定此處綁定的是本機的8000端口,這個在nginx配置中定義了,被代理的端口
backlog = 2048
//重新開機nginx
[[email protected] ~]# systemctl restart nginx
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:111 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 :::111 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 ::1:6010 :::*
//設定supervisor
[[email protected] ~]# vim /etc/supervisord.conf
//省略上面的内容,在最後一行添加以下内容
[program:webvirtmgr]
command=/usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
logfile=/var/log/supervisor/webvirtmgr.log
log_stderr=true
user=nginx
[program:webvirtmgr-console]
command=/usr/bin/python2 /var/www/webvirtmgr/console/webvirtmgr-console
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
stdout_logfile=/var/log/supervisor/webvirtmgr-console.log
redirect_stderr=true
user=nginx
//啟動supervisor并設定開機自啟
[[email protected] ~]# systemctl start supervisord
[[email protected] ~]# systemctl enable supervisord
Created symlink from /etc/systemd/system/multi-user.target.wants/supervisord.service to /usr/lib/systemd/system/supervisord.service.
[[email protected] ~]# systemctl status supervisord
● supervisord.service - Process Monitoring and Control Daemon
Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2019-08-31 16:40:06 CST; 12s ago
Main PID: 4616 (supervisord)
CGroup: /system.slice/supervisord.service
├─4616 /usr/bin/python /usr/bin/supervisord -c ...
├─4617 /usr/bin/python2 /var/www/webvirtmgr/con...
├─4618 /usr/bin/python2 /var/www/webvirtmgr/man...
├─4624 /usr/bin/python2 /var/www/webvirtmgr/man...
├─4625 /usr/bin/python2 /var/www/webvirtmgr/man...
└─4626 /usr/bin/python2 /var/www/webvirtmgr/man...
Aug 31 16:40:06 server1 systemd[1]: Starting Process Monit...
Aug 31 16:40:06 server1 systemd[1]: Started Process Monito...
Hint: Some lines were ellipsized, use -l to show in full.
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:111 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 *:8000 *:*
LISTEN 0 100 *:6080 *:*
LISTEN 0 128 :::111 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 ::1:6010 :::*
//配置nginx使用者
[[email protected] ~]# su - nginx -s /bin/bash
-bash-4.2$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/var/lib/nginx/.ssh/id_rsa):
Created directory '/var/lib/nginx/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/lib/nginx/.ssh/id_rsa.
Your public key has been saved in /var/lib/nginx/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:6k0jd1Y0y153caoNCEOdXTYe0N2WSm4MeGOYkgPy3/c [email protected]
The key's randomart image is:
+---[RSA 2048]----+
| . .. o.+o.+=.o|
| o = +o=.+.++|
| . = o O oo.|
| . .o + B .o|
| .S...* o o|
| . .o.= ..|
| o + o oE. |
| . = + |
| . . |
+----[SHA256]-----+
-bash-4.2$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config
-bash-4.2$ chmod 0600 ~/.ssh/config
-bash-4.2$ ssh-copy-id [email protected]
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/var/lib/nginx/.ssh/id_rsa.pub"
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Warning: Permanently added '192.168.93.129' (ECDSA) to the list of known hosts.
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
-bash-4.2$ exit
登出
[[email protected] ~]# vim /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
[[email protected] ~]# cat /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
bvirt SSH access]
Identity=unix-user:root
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes
[[email protected] ~]# chown -R root.root /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
[[email protected] ~]# systemctl restart nginx
[[email protected] ~]# systemctl restart libvirtd
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:111 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 *:8000 *:*
LISTEN 0 100 *:6080 *:*
LISTEN 0 128 :::111 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 ::1:6010 :::*
3.3 kvm web界面管理
通過ip位址在浏覽器上通路kvm,例如我這裡就是:http://192.168.93.129/login
3.3.1 kvm連接配接管理
建立SSH連接配接:
3.3.2 kvm存儲管理
建立存儲:
進入存儲:
通過遠端連接配接軟體上傳ISO鏡像檔案至存儲目錄/var/lib/libvirt/images/
[[email protected] ~]# cd /var/lib/libvirt/images/
[[email protected] images]# ls
[[email protected] images]# ls
rhel-server-7.4-x86_64-dvd.iso
在 web 界面檢視ISO鏡像是否存在
建立系統安裝鏡像
添加成功如下圖所示
3.3.3 kvm網絡管理
添加橋接網絡
3.3.4 執行個體管理
執行個體(虛拟機)建立
虛拟機插入CD光牒
設定在 web 上通路虛拟機的密碼
啟動虛拟機
虛拟機安裝
以上就是虛拟機的安裝步驟
4.故障案例
4.1 案例1
web界面配置完成後可能會出現以下錯誤界面
解決方法是安裝novnc并通過novnc_server啟動一個vnc
[[email protected] ~]# ll /etc/rc.local
lrwxrwxrwx. 1 root root 13 Aug 6 2018 /etc/rc.local -> rc.d/rc.local
[[email protected] ~]# ll /etc/rc.d/rc.local
-rw-r--r-- 1 root root 513 Mar 11 22:35 /etc/rc.d/rc.local
[[email protected] ~]# chmod +x /etc/rc.d/rc.local
[[email protected] ~]# ll /etc/rc.d/rc.local
-rwxr-xr-x 1 root root 513 Mar 11 22:35 /etc/rc.d/rc.local
[[email protected] ~]# vim /etc/rc.d/rc.local
......此處省略N行
# that this script will be executed during boot.
touch /var/lock/subsys/local
nohup novnc_server 172.16.12.128:5920 &
[[email protected] ~]# . /etc/rc.d/rc.local
做完以上操作後再次通路即可正常通路
4.2 案例2
第一次通過web通路kvm時可能會一直通路不了,一直轉圈,而指令行界面一直報錯(too many open files)
此時需要對nginx進行配置
[[email protected] ~]# vim /etc/nginx/nginx.conf
....此處省略N行
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
worker_rlimit_nofile 655350; //添加此行配置
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
....此處省略N行
[[email protected] ~]# systemctl restart nginx
然後對系統參數進行設定
[[email protected] ~]# vim /etc/security/limits.conf
....此處省略N行
# End of file
* soft nofile 655350
* hard nofile 655350
到此問題即可解決