aws kvm
Tied up in a AWS announcement about a new EC2 high-end instance type (the C5) is a strong suggestion that Amazon’s cloud computing giant has begun to shift its hundreds of thousands of physical servers away from the open source Xen hypervisor that’s run them until now, to the open source alternative, KVM.
在有关新的EC2高端实例类型(C5)的AWS公告中, 强烈暗示着亚马逊的云计算巨头已经开始将其成千上万的物理服务器从运行它们的开源Xen虚拟机管理程序中转移出来。现在,使用开源替代方案KVM。
Whether you’ve got your career and/or home mortgage deeply invested in the future of Xen or whether you never knew it existed, you might be interested in learning more about KVM. So here’s a general introduction adapted from my book, Teach Yourself Linux Virtualization and High Availability: prepare for the LPIC-3 304 certification exam.
无论您是在Xen的未来上投入了职业和/或房屋抵押贷款,还是不知道Xen的存在,您可能都有兴趣了解有关KVM的更多信息。 因此,这是从我的书“ 自学 Linux虚拟化和高可用性”改编而来的一般介绍:为LPIC-3 304认证考试做准备 。
Need some more basic background on either Linux servers or AWS? My Linux in Action and Learn Amazon Web Services in a Month of Lunches books from Manning might help, along with my Linux server administration courses at Pluralsight. There’s also a hybrid course called Linux in Motion that’s made up of more than two hours of video and around 40% of the text of Linux in Action.
需要有关Linux服务器或AWS的更多基础知识吗? 我在 Manning上的一个月的午餐中使用 Linux并学习Amazon Web Services可能与我在Pluralsight上的Linux服务器管理课程一起提供帮助。 还有一门名为Linux in Motion的混合课程,由两个多小时的视频和大约40%的Linux in Action文本组成。
虚拟机 (KVM)
Like Xen, KVM (Kernel-based Virtual Machine) is an open source hypervisor technology for virtualizing compute infrastructure running on x86 compatible hardware. Also like Xen, KVM has both an active user community and significant enterprise deployments.
与Xen一样,KVM(基于内核的虚拟机)是一种开源虚拟机监控程序技术,用于虚拟化在x86兼容硬件上运行的计算基础架构。 与Xen一样,KVM具有活跃的用户社区和重要的企业部署。
A KVM host actually runs on the Linux kernel along with two KVM kernel modules (the kvm.ko module and either kvm-intel.ko or kvm-amd.ko). Through its tight kernel integration — including the I/O connectivity with kernel block and network drivers provided by Virtio — KVM can offer its guests more seamless access to all the complex hardware and networking profiles that they might encounter.
KVM主机实际上与两个KVM内核模块(kvm.ko模块以及kvm-intel.ko或kvm-amd.ko)一起在Linux内核上运行。 通过其紧密的内核集成(包括与Virtio提供的与内核块的I / O连接和网络驱动程序),KVM可以为其来宾提供对他们可能遇到的所有复杂硬件和网络配置文件的无缝访问。
Hardware virtualization extensions built into modern CPU designs and required for KVM deployments mean that, right out of the box, KVM guests can safely access only those hardware resources they need without the need to worry about leakage to the larger system.
内置于现代CPU设计中的硬件虚拟化扩展是KVM部署所必需的,这意味着KVM来宾可以立即安全地仅访问所需的那些硬件资源,而不必担心泄漏到更大的系统。
Where exactly does QEMU fit in with all this? Besides being able to act as a hypervisor, QEMU’s strength is as an emulator. KVM, in its hypervisor virtualization role, can tap on to QEMU’s emulation powers to compliment its own hardware acceleration features, presenting its guests with an emulated chipset and PCI bus. The whole, as they say, can be greater than the sum of its parts.
QEMU到底适合哪里? 除了能够充当虚拟机监控程序之外,QEMU的实力还在于充当仿真器。 KVM充当虚拟机管理程序虚拟化角色,可以利用QEMU的仿真功能来补充其自身的硬件加速功能,从而为来宾系统提供仿真的芯片组和PCI总线。 正如他们所说,整体可能大于其各个部分的总和。
A great deal of management functionality for KVM is often actually provided by Libvirt. Therefore, you might sometimes want to refer to the detailed information about KVM-related features like networking, storage, and file system layouts that’s found in the fifth chapter of the Teach Yourself Linux Virtualization and High Availability book (“Libvirt and Related Tools”).
Libvirt通常实际上提供了许多KVM管理功能。 因此,您有时可能需要参考有关KVM相关功能的详细信息,例如网络,存储和文件系统布局,这些信息可在“ 自学Linux虚拟化和高可用性”书(“ Libvirt和相关工具”)的第五章中找到。 。
安装 (Installation)
Before anything else, you’ll need to make sure that the physical machine you’re planning to use as a KVM host supports hardware virtualization. Besides the BIOS setting and the contents of /proc/cpuinfo (which we discussed in Chapter One), you can also quickly check this from a running Linux system using kvm-ok:$ kvm-ok
首先,您需要确保计划用作KVM主机的物理机支持硬件虚拟化。 除了BIOS设置和/ proc / cpuinfo的内容(我们已在第一章中讨论过)之外,您还可以使用kvm-ok从运行的Linux系统中快速检查此内容:$ kvm-ok
It’s also a good idea to be sure which hardware architecture — 64 or 32-bit — you’re working with:$ uname -m
确保使用哪种硬件体系结构(64位或32位)也是一个好主意:$ uname -m
But even if your hardware profile is up to the task, you’ll have to let the Linux kernel in on your plans. If they’re not already there, you should add the kvm and either kvm-intel or kvm-amd kernel modules.# modprobe kvm-intel
但是,即使您的硬件配置文件能够胜任该任务,您也必须让Linux内核进入您的计划。 如果还不存在它们,则应添加kvm以及kvm-intel或kvm-amd内核模块。#modprobe kvm-intel
If those modules fail to load (and there’s no /dev/kvm device in the file system), then there’s a good chance your CPU just isn’t up to the job you’d like it to to. However, if all that worked out, you’re ready to install the qemu-kvm package (and, if necessary, libvirt, virt-install, and bridge-utils as well).
如果这些模块无法加载(文件系统中没有/ dev / kvm设备),则很有可能您的CPU无法完成您想要的工作。 但是,如果一切顺利,您就可以安装qemu-kvm软件包了(如果需要,还可以安装libvirt,virt-install和bridge-utils)。
使用KVM管理工具 (Working with KVM Management Tools)
It’s no secret that virtualization platforms have a well-deserved reputation for being complicated. But there are two things that can make getting started with KVM just a bit more challenging than some of the others:
虚拟化平台因其复杂性而享有当之无愧的声誉已不是什么秘密。 但是,有两件事可以使KVM入门比其他一些挑战更具挑战性:
- There are quite a few management toolkits available, each offering similar — but not identical — functionality. 有很多可用的管理工具箱,每个工具箱都提供相似但不相同的功能。
- They have a nasty habit of changing the names used for the key binaries depending on which distribution and release you’re using. 他们习惯于根据所使用的发行版和发行版来更改用于密钥二进制文件的名称。
I’ll introduce you to Libvirt Tools and vmbuilder in Chapter Five, but here, we’ll discuss the KVM tool kit.
在第五章中,我将向您介绍Libvirt Tools和vmbuilder,但是在这里,我们将讨论KVM工具套件。
Building new guests using what we’ll call the “KVM” way is a two step process. First, you’ll use qemu-img to create a new image — or modify or convert an old one. Then you’ll use qemu-kvm to set up a virtual machine that will start up the installation.
使用我们称之为“ KVM”的方式来建立新的访客是一个两步过程。 首先,您将使用qemu-img创建新图像-或修改或转换旧图像。 然后,您将使用qemu-kvm设置将启动安装的虚拟机。
Did I just say “you’ll use qemu-kvm…”? Silly me. qemu-kvm was merged into qemu a long time ago and has been replaced by qemu-system-x86_64. In the meantime, some systems offer you kvm as a wrapper that executes qemu-system-x86_64 -enable-kvm — although you shouldn’t confuse the kvm wrapper with the old kvm binary that used a somewhat different syntax.
我只是说“您将使用qemu-kvm…”吗? 傻我 qemu-kvm早已合并到qemu中,并已由qemu-system-x86_64取代。 同时,某些系统为您提供kvm作为执行qemu-system-x86_64 -enable-kvm的包装器-尽管您不应该将kvm包装器与使用了不同语法的旧kvm二进制文件混淆。
So let’s see how these two steps work. You create a disk image with qemu-img (which, by the way, can be used very effectively for other hypervisors as well), where “my-disk” is the name of the image you’d like to create, the maximum size of the image will be 6 GB, and qcow2 is the file format. qcow, by the way, stands for “QEMU Copy On Write”.
因此,让我们看看这两个步骤是如何工作的。 您使用qemu-img创建磁盘映像(顺便说一下,它也可以非常有效地用于其他虚拟机管理程序),其中“ my-disk”是您要创建的映像的名称,最大大小图片的大小为6 GB,qcow2是文件格式。 顺便说一句,qcow代表“ QEMU写入时复制”。
qemu-img create -f qcow2 /home/username/myimages/my-disk.img 6G \
Formatting ‘/home/username/myimages/my-disk.img’, \
fmt=qcow2 size=6442450944 \
encryption=off \
cluster_size=65536 \
lazy_refcounts=off \
refcount_bits=16Choosing a file format will depend on your specific needs. If you need greater compatibility and flexibility — including the ability to generate sophisticated snapshots — then qcow2 is probably going to be your best choice.
选择文件格式将取决于您的特定需求。 如果您需要更大的兼容性和灵活性(包括生成复杂快照的能力),那么qcow2可能是您的最佳选择。
The qcow disk image format permits disk space allocation to grow only as needed, meaning the use of space is always as efficient as possible. Changes to a qcow read-only image can be saved to a separate file, which refers internally to the original image. qcow2 added the ability to create multiple image snapshots.
qcow磁盘映像格式允许磁盘空间分配仅根据需要增长,这意味着空间的使用始终尽可能高效。 对qcow只读图像的更改可以保存到单独的文件中,该文件内部引用原始图像。 qcow2添加了创建多个图像快照的功能。
We’re now ready for step two. Here’s how we’ll build our VM:
现在我们准备第二步。 这是我们构建虚拟机的方法:
kvm -name my-VM \
-hda /home/username/myimages/my-disk.img \
-cdrom /home/username/Downloads/ubuntu-16.04-server-amd64.iso \
-boot d -m 1024A new SDL window will often (although not necessarily for all distributions) pop up where you can complete the operating system installation process. Regaining control of your mouse from the Qemu terminal requires pressing CTRL+ALT.
通常会弹出一个新的SDL窗口(尽管不一定对于所有发行版),您可以在其中完成操作系统安装过程。 要从Qemu终端重新控制鼠标,需要按CTRL + ALT。
To explain: using “kvm” (although the precise command you’ll need for your version may differ), we’ll call our new guest “my-VM”, designate the my-disk.img file as hda (“hard drive a”), point to the location of the operating system ISO (Ubuntu 16.04 server, in this case), and set 1024 MB as the maximum memory alloted to the VM.
解释:使用“ kvm”(尽管您所需的确切命令可能有所不同),我们将新来宾称为“ my-VM”,将my-disk.img文件指定为hda(“硬盘” a”),指向操作系统ISO(在这种情况下为Ubuntu 16.04服务器)的位置,并将1024 MB设置为分配给VM的最大内存。
By default, KVM will configure your guest for user-level networking (as though the parameters -netdev user,id=user.0 -device e1000,netdev=user.0 were specified). This will provide the guest with an IP address through KVM’s own DHCP service and access to your host, the Internet, and to LAN-based recourses. While the default configuration is simple, it may be overly restrictive for some scenarios, as there are often some performance and feature limitations.
默认情况下,KVM将为您的访客配置用户级网络(就像指定了参数-netdev user,id = user.0 -device e1000,netdev = user.0一样)。 这将通过KVM自己的DHCP服务为访客提供IP地址,并访问您的主机,Internet和基于LAN的资源。 尽管默认配置很简单,但由于某些性能和功能限制,在某些情况下它可能过于严格。
Besides these, you can use command line flags to control various VM configuration parameters, including:
除此之外,您还可以使用命令行标志来控制各种VM配置参数,包括:
- -smp 2 provides two processors (“smp” = symmetric multiprocessing). -smp 2提供两个处理器(“ smp” =对称多处理)。
- The -net argument (example: -net nic,model=virtio,macaddr =52:54:00:05:11:11) establishes a network connection for your guest. -net参数(例如:-net nic,model = virtio,macaddr = 52:54:00:05:11:11)为来宾建立网络连接。
- You can provision a network bridge using something like -net bridge,vlan=0,br=br0 — although this will require a matching -net definition on the host. The two are connected through a special “vlan” parameter. 您可以使用-net bridge,vlan = 0,br = br0之类的方式来设置网桥-尽管这将需要主机上匹配的-net定义。 两者通过特殊的“ vlan”参数连接。
- -balloon virtio will allow me to expand or reduce a guest’s memory size without having to reboot it. -balloon virtio将允许我扩展或减小客户机的内存大小,而不必重新启动它。
- You can also use the -drive file= flag to define additional block storage devices. Adding a value for format= (qcow2, for instance). 您也可以使用-drive file =标志来定义其他块存储设备。 为format =添加值(例如qcow2)。
The -M flag will assign a specific machine type hardware emulation. pc. For example, will provide a standard PC profile. For a complete list of available machine types, you can run kvm -M ?:
-M标志将分配特定的机器类型硬件仿真。 个人电脑 例如,将提供标准的PC配置文件。 有关可用机器类型的完整列表,可以运行kvm -M?:
kvm -M ?
Supported machines are:
ubuntu Ubuntu 15.04 PC (i440FX + PIIX, 1996) (alias of pc-i440fx-wily)
pc-i440fx-wily Ubuntu 15.04 PC (i440FX + PIIX, 1996) (default)
ubuntu Ubuntu 15.04 PC (i440FX + PIIX, 1996) (alias of pc-i440fx-vivid)
pc-i440fx-vivid Ubuntu 15.04 PC (i440FX + PIIX, 1996) (default)
pc-i440fx-utopic Ubuntu 14.10 PC (i440FX + PIIX, 1996)
pc-i440fx-trusty Ubuntu 14.04 PC (i440FX + PIIX, 1996)
pc Standard PC (i440FX + PIIX, 1996) (alias of pc-i440fx-2.5)
pc-i440fx-2.5 Standard PC (i440FX + PIIX, 1996)
pc-i440fx-2.4 Standard PC (i440FX + PIIX, 1996)
pc-i440fx-2.3 Standard PC (i440FX + PIIX, 1996)
pc-i440fx-2.2 Standard PC (i440FX + PIIX, 1996)
pc-i440fx-2.1 Standard PC (i440FX + PIIX, 1996)
pc-i440fx-2.0 Standard PC (i440FX + PIIX, 1996)
pc-i440fx-1.7 Standard PC (i440FX + PIIX, 1996)
pc-i440fx-1.6 Standard PC (i440FX + PIIX, 1996)
pc-i440fx-1.5 Standard PC (i440FX + PIIX, 1996)
pc-i440fx-1.4 Standard PC (i440FX + PIIX, 1996)
pc-1.3 Standard PC (i440FX + PIIX, 1996)
pc-1.2 Standard PC (i440FX + PIIX, 1996)
pc-1.1 Standard PC (i440FX + PIIX, 1996)
pc-1.0 Standard PC (i440FX + PIIX, 1996)
pc-0.15 Standard PC (i440FX + PIIX, 1996)
pc-0.14 Standard PC (i440FX + PIIX, 1996)
pc-0.13 Standard PC (i440FX + PIIX, 1996)
pc-0.12 Standard PC (i440FX + PIIX, 1996)
pc-0.11 Standard PC (i440FX + PIIX, 1996)
pc-0.10 Standard PC (i440FX + PIIX, 1996)
q35 Standard PC (Q35 + ICH9, 2009) (alias of pc-q35–2.5)
pc-q35–2.5 Standard PC (Q35 + ICH9, 2009)
pc-q35–2.4 Standard PC (Q35 + ICH9, 2009)
pc-q35–2.3 Standard PC (Q35 + ICH9, 2009)
pc-q35–2.2 Standard PC (Q35 + ICH9, 2009)
pc-q35–2.1 Standard PC (Q35 + ICH9, 2009)
pc-q35–2.0 Standard PC (Q35 + ICH9, 2009)
pc-q35–1.7 Standard PC (Q35 + ICH9, 2009)
pc-q35–1.6 Standard PC (Q35 + ICH9, 2009)
pc-q35–1.5 Standard PC (Q35 + ICH9, 2009)
pc-q35–1.4 Standard PC (Q35 + ICH9, 2009)
isapc ISA-only PC
none empty machine
xenfv Xen Fully-virtualized PC
xenpv Xen Para-virtualized PCKVM监视器 (KVM Monitor)
While working with QEMU, you can open a monitor console and interact with your clients in ways that might be difficult or even impossible using a regular headless server. You can launch the KVM Monitor by pressing CTRL+ALT, and then SHIFT+2, and a new console will open on your desktop. SHIFT+1 will close the console. You can also access the console from the command line using something like:
使用QEMU时,您可以使用常规的无头服务器打开监视器控制台并以可能难以甚至无法实现的方式与客户端进行交互。 您可以通过按CTRL + ALT,然后按SHIFT + 2来启动KVM Monitor,然后将在您的桌面上打开一个新的控制台。 SHIFT + 1将关闭控制台。 您还可以使用以下命令从命令行访问控制台:
kvm -monitor stdioYou will probably NOT be able to launch the monitor as root (i.e., via sudo). Naturally, your version may require “qemu-system-x86_64” rather than kvm. This approach allows you to add command line arguments (like that -monitor which specified a console target). Consult man qemu-system-x86_64 for details on the kinds of operations the monitor allows.
您可能无法以root用户身份启动监视器(即,通过sudo)。 自然,您的版本可能需要“ qemu-system-x86_64”而不是kvm。 这种方法允许您添加命令行参数(例如,指定了控制台目标的-monitor)。 有关监视器允许的操作种类的详细信息,请咨询man qemu-system-x86_64。
This example (borrowed from en.wikibooks.org/wiki/QEMU/Monitor) will list all the block devices currently available to your system, and then point one of them to an ISO file you want to use:
此示例(从en.wikibooks.org/wiki/QEMU/Monitor借来)将列出系统当前可用的所有块设备,然后将其中一个指向要使用的ISO文件:
(qemu) info block
ide0-hd0: type=hd removable=0 file=/path/to/winxp.img
ide0-hd1: type=hd removable=0 file=/path/to/pagefile.raw
ide1-hd1: type=hd removable=0 file=/path/to/testing_data.img
ide1-cd0: type=cdrom removable=1 locked=0 file=/dev/sr0 ro=1 drv=host_device
floppy0: type=floppy removable=1 locked=0 [not inserted]
sd0: type=floppy removable=1 locked=0 [not inserted]
(qemu) change ide1-cd0 /home/images/my.iso联网 (Networking)
By default, a KVM guest will receive an IP address within the 10.0.2.0/24 subnet, and have outgoing access (including SSH access) both to its host, and to the wider network beyond. By that same default however, it won’t be able to host services for network clients. If you need to open up incoming network connectivity, you’ll probably want to create a network bridge on your host that’s similar to the one we used for Xen in the previous chapter. As before, you will install bridge-utils on the host and, assuming you’re running a Debian-based system and you want your host to receive its IP from a network DHCP server, edit the /etc/network/interfaces to look something like this (on CentOS machines, edit files in the /etc/sysconfig/network-scripts/ directory):
默认情况下,KVM guest虚拟机将在10.0.2.0/24子网中接收IP地址,并且对其主机以及更广泛的网络具有出站访问(包括SSH访问)。 但是,默认情况下,它将无法为网络客户端托管服务。 如果您需要打开传入的网络连接,则可能需要在主机上创建一个网桥,该网桥与上一章中用于Xen的网桥相似。 和以前一样,您将在主机上安装bridge-utils,并假设您正在运行基于Debian的系统,并且希望主机从网络DHCP服务器接收其IP,请编辑/ etc / network / interfaces以使其看起来像这样(在CentOS机器上,编辑/ etc / sysconfig / network-scripts /目录中的文件):
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet manual
auto br0
iface br0 inet dhcp
bridge_ports eth0
bridge_stp off
bridge_fd 0
bridge_maxwait 0On CentOS, you’ll need to create an ifcfg-br0 file in the /etc/sysconfig/network-scripts/ directory to look something like this:
在CentOS上,您需要在/ etc / sysconfig / network-scripts /目录中创建一个ifcfg-br0文件,如下所示:
DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
DNS1=192.168.0.1
GATEWAY=192.168.0.1
IPADDR=192.168.0.100
NETMASK=255.255.255.0
ONBOOT=yes
SEARCH=”example.com”…And then add a line reading BRIDGE=br0 line to your primary network interface file (which will often be: /etc/sysconfig/network-scripts/ifcfg-eth0).
…然后在主网络接口文件中添加一行读取BRIDGE = br0的行(通常为:/ etc / sysconfig / network-scripts / ifcfg-eth0)。
You will then stop and restart your network services (or reboot).
然后,您将停止并重新启动网络服务(或重新启动)。
Looking for a solid introduction to Linux or AWS administration? Check out my Linux in Action and Learn Amazon Web Services in a Month of Lunches books and the Linux in Motion text-video hybrid course from Manning. Prefer your tech learning in video? I’ve got Linux administration courses at Pluralsight just waiting to be watched.
寻找有关Linux或AWS管理的扎实介绍吗? 查阅我的 Linux in Action, 并 在一个月的午餐会 书籍中 学习Amazon Web Services, 以及 Manning 的 Linux in Motion 文本视频混合课程。 喜欢在视频中学习技术吗? 我 在Pluralsight上 有 Linux管理课程, 正等着大家观看。
翻译自: https://www.freecodecamp.org/news/aws-just-announced-a-move-from-xen-towards-kvm-so-what-is-kvm/
aws kvm
590
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
