虚拟化是什么?
虚拟化(Virtualization)是资源的逻辑表示,其不受物理限制的约束。将任何一种形式的资源抽象成另一种形式的技术都是虚拟化。
简单归纳一下就是:
1.虚拟化是资源的一种逻辑表示,并不会受限于物理资源。
2.运行的环境不在真实的硬件上,而是硬件之上的虚拟内存中的一段,或者说是虚拟的环境中。
3.虚拟化为数据、计算能力、存储资源等提供了一个逻辑视图,而不是物理视图。
4.虚拟化的发展,大幅降低了IT硬件成本,减少了资源的浪费,并且提升了系统的稳定性和安全性
虚拟化分几种?
-
全虚拟化裸金属(没有操作系统,只有硬件)上部署 性能强- 全虚拟化(FullVirtualization)也称为原始虚拟化技术,该模型使用虚拟机协调Guest操作系统和原始硬件,VMM在Guest操作系统和裸硬件之间用于工作协调,一些受保护指令必须由Hypervisor(虚拟机管理程序)来捕获处理。全虚拟化的运行速度要快于硬件模拟,但是性能方面不如裸机,因为Hypervisor需要占用一些资源。
-
半虚拟化os上部署 性能低- 半虚拟化(ParaVirtualization)是另一种类似于全虚拟化的技术,它使用Hypervisor分享存取底层的硬件,但是它的Guest操作系统集成了虚拟化方面的代码。该方法无需重新编译或引起陷阱,因为操作系统自身能够与虚拟进程进行很好的协作。半虚拟化需要Guest操作系统做一些修改,使Guest操作系统意识到自己是处于虚拟化环境的,但是半虚拟化提供了与原操作系统相近的性能
全虚拟化:
Hypervisor 直接安装在物理机上,多个虚拟机在 Hypervisor 上运行。Hypervisor 实现方式一般是一个特殊定制的 Linux 系统。Xen 和 VMWare 的 ESXi 都属于这个类型
半虚拟化:
物理机上首先安装常规的操作系统,比如 Redhat、Ubuntu 和 Windows。Hypervisor 作为 OS 上的一个程序模块运行,并对管理虚拟机进行管理。KVM、VirtualBox 和 VMWare Workstation 都属于这个类型
理论上讲:
全虚拟化一般对硬件虚拟化功能进行了特别优化,性能上比半虚拟化要高;
半虚拟化因为基于普通的操作系统,会比较灵活,比如支持虚拟机嵌套。嵌套意味着可以在KVM虚拟机中再运行KVM。
kvm介绍
kVM 全称是 Kernel-Based Virtual Machine。也就是说 KVM 是基于 Linux 内核实现的。KVM有一个内核模块叫 kvm.ko,只用于管理虚拟 CPU 和内存。那 IO 的虚拟化,比如存储和网络设备则是由 Linux 内核与Qemu来实现。作为一个 Hypervisor,KVM 本身只关注虚拟机调度和内存管理这两个方面。IO 外设的任务交给 Linux 内核和 Qemu。大家在网上看 KVM 相关文章的时候肯定经常会看到 Libvirt 这个东西。Libvirt 就是 KVM 的管理工具。其实,Libvirt 除了能管理 KVM 这种 Hypervisor,还能管理 Xen,VirtualBox 等。
Libvirt 包含 3 个东西:后台 daemon 程序 libvirtd、API 库和命令行工具 virsh
- libvirtd是服务程序,接收和处理 API 请求;
- API 库使得其他人可以开发基于 Libvirt 的高级工具,比如 virt-manager,这是个图形化的 KVM 管理工具;
- virsh 是我们经常要用的 KVM 命令行工具
实现虚拟化的方式
- 基于主机的虚拟存储,依赖于代理或管理软件
- 基于存储设备的虚拟化,依赖于提供相关功能的存储模块
- 基于网络的虚拟存储,又可分为基于互联设备的虚拟化和基于路由器的虚拟化。
kvm部署
环境说明
| 系统类型 | IP | 主机名 |
|---|---|---|
| redhat8 | 192.168.129.135 | kvm |
| Centos 7 | 192.168.129.33 | web |
kvm安装
在vmware的kvm主机上打开虚拟机设置开启虚拟化
关闭防火墙与SELINUX
[root@kvm ~]# systemctl disable --now firewalld.service
[root@kvm ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@kvm ~]# setenforce 0
[root@kvm ~]# reboot
安装工具与依赖包,验证CPU是否支持KVM并且安装KVM所需
[root@kvm ~]# yum -y install epel-release vim wget net-tools unzip zip gcc gcc-c++
[root@kvm ~]# egrep -o 'vmx|svm' /proc/cpuinfo
vmx
vmx
//安装依赖包
[root@kvm ~]# yum -y install qemu-kvm qemu-kvm-common qemu-img virt-manager libvirt python3-libvirt libvirt-client virt-install virt-viewer cockpit-bridge libguestfs-tools
//因为虚拟机中网络,我们一般都是和公司的其他服务器是同一个网段,所以我们需要把 \
KVM服务器的网卡配置成桥接模式。这样的话KVM的虚拟机就可以通过该桥接网卡和公司内部 \
其他服务器处于同一网段
//此处我的网卡是ens160,所以用br0来桥接ens160网卡
[root@kvm ~]# cd /etc/sysconfig/network-scripts/
[root@kvm network-scripts]# cp ifcfg-ens160 ifcfg-br0
[root@kvm network-scripts]# vim ifcfg-br0
[root@kvm ~]# cat /etc/sysconfig/network-scripts/ifcfg-br0
TYPE="Bridge"
BOOTPROTO="static"
NAME="br0"
DEVICE="br0"
ONBOOT="yes"
IPADDR=192.168.129.135
NETMASK=255.255.255.0
GATEWAY=192.168.129.2
DNS1=114.114.114.114
[root@kvm ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens160
TYPE="Ethernet"
BOOTPROTO="static"
NAME="ens160"
DEVICE="ens160"
ONBOOT="yes"
BRIDGE=br0
//重启网络
[root@kvm network-scripts]# systemctl restart NetworkManager
[root@kvm network-scripts]# ifdown ens160;ifup ens160
成功停用连接 "ens160"(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/3)
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/4)
[root@kvm ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
link/ether 00:0c:29:aa:87:a6 brd ff:ff:ff:ff:ff:ff
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:aa:87:a6 brd ff:ff:ff:ff:ff:ff
inet 192.168.129.135/24 brd 192.168.129.255 scope global noprefixroute br0
valid_lft forever preferred_lft forever
inet6 fe80::14a5:ff:fe33:1d93/64 scope link
valid_lft forever preferred_lft forever
启动服务
[root@kvm ~]# systemctl enable --now libvirtd
[root@kvm ~]# systemctl status libvirtd
● libvirtd.service - Virtualization daemon
Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2021-10-21 01:04:53 CST; 5s ago
Docs: man:libvirtd(8)
https://libvirt.org
Main PID: 23153 (libvirtd)
Tasks: 19 (limit: 32768)
Memory: 23.8M
CGroup: /system.slice/libvirtd.service
├─23153 /usr/sbin/libvirtd --timeout 120
├─23301 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/u>
└─23302 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/u>
10月 21 01:04:54 192.168.129.132 dnsmasq[23294]: listening on virbr0(#4): 192.168.122.1
10月 21 01:04:54 192.168.129.132 dnsmasq[23301]: started, version 2.79 cachesize 150
10月 21 01:04:54 192.168.129.132 dnsmasq[23301]: compile time options: IPv6 GNU-getopt DBus no-i18n IDN2 DHCP DHCPv6 n>
10月 21 01:04:54 192.168.129.132 dnsmasq-dhcp[23301]: DHCP, IP range 192.168.122.2 -- 192.168.122.254, lease time 1h
10月 21 01:04:54 192.168.129.132 dnsmasq-dhcp[23301]: DHCP, sockets bound exclusively to interface virbr0
10月 21 01:04:54 192.168.129.132 dnsmasq[23301]: reading /etc/resolv.conf
10月 21 01:04:54 192.168.129.132 dnsmasq[23301]: using nameserver 114.114.114.114#53
10月 21 01:04:54 192.168.129.132 dnsmasq[23301]: read /etc/hosts - 2 addresses
测试并验证安装结果
[root@kvm ~]# lsmod| grep kvm
kvm_intel 294912 0
kvm 786432 1 kvm_intel
irqbypass 16384 1 kvm
[root@kvm ~]# virsh -c qemu:///system list
Id 名称 状态
-------------------
[root@kvm ~]# virsh --version
6.0.0
[root@kvm ~]# virt-install --version
2.2.1
[root@kvm ~]# ln -s /usr/libexec/qemu-kvm /usr/bin/qemu-kvm
[root@kvm ~]# ll /usr/bin/qemu-kvm
lrwxrwxrwx 1 root root 21 10月 20 16:35 /usr/bin/qemu-kvm -> /usr/libexec/qemu-kvm
[root@kvm ~]# lsmod |grep kvm
kvm_intel 294912 0
kvm 786432 1 kvm_intel
irqbypass 16384 1 kvm
查看网桥信息
[root@kvm ~]# yum install -y bridge-utils
[root@kvm ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000c29aa87a6 no ens160
virbr0 8000.52540023b910 yes virbr0-nic
kvm web管理界面安装
关闭防火墙与SELINUX
[root@web ~]# systemctl disable --now firewalld.service
[root@web ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@web ~]# setenforce 0
[root@web ~]# reboot
安装依赖包
[root@web ~]# yum -y install epel-release
[root@web ~]# yum -y install git python-pip libvirt-python libxml2-python python-websockify supervisor nginx python-devel
从github上下载webvirtmgr代码,安装webvirtmgr
[root@web ~]# cd /usr/local/src/
[root@web src]# git clone git://github.com/retspen/webvirtmgr.git
正克隆到 'webvirtmgr'...
remote: Enumerating objects: 5614, done.
remote: Total 5614 (delta 0), reused 0 (delta 0), pack-reused 5614
接收对象中: 100% (5614/5614), 2.97 MiB | 1.41 MiB/s, 完成.
处理 delta 中: 100% (3606/3606), 完成.
//安装webvirtmgr
[root@web ~]# cd /usr/local/src/webvirtmgr
[root@web webvirtmgr]# pip install -r requirements.txt
Collecting django==1.5.5 (from -r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/38/49/93511c5d3367b6b21fc2995a0e53399721afc15e4cd6eb57be879ae13ad4/Django-1.5.5.tar.gz (8.1MB)
100% |████████████████████████████████| 8.1MB 65kB/s
Collecting gunicorn==19.5.0 (from -r requirements.txt (line 2))
Downloading https://files.pythonhosted.org/packages/f9/4e/f4076a1a57fc1e75edc0828db365cfa9005f9f6b4a51b489ae39a91eb4be/gunicorn-19.5.0-py2.py3-none-any.whl (113kB)
100% |████████████████████████████████| 122kB 115kB/s
Collecting lockfile>=0.9 (from -r requirements.txt (line 5))
Downloading https://files.pythonhosted.org/packages/c8/22/9460e311f340cb62d26a38c419b1381b8593b0bb6b5d1f056938b086d362/lockfile-0.12.2-py2.py3-none-any.whl
Installing collected packages: django, gunicorn, lockfile
Running setup.py install for django ... done
Successfully installed django-1.5.5 gunicorn-19.5.0 lockfile-0.12.2
检查sqlite3是否安装
[root@web webvirtmgr]# python
Python 2.7.18 (default, Jan 29 2021, 18:19:04)
[GCC 8.4.1 20200928 (Red Hat 8.4.1-1)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import sqlite3
>>> exit()
初始化帐号信息
[root@web webvirtmgr]# python manage.py syncdb
WARNING:root:No local_settings file found.
Creating tables ...
Creating table auth_permission
Creating table auth_group_permissions
Creating table auth_group
Creating table auth_user_groups
Creating table auth_user_user_permissions
Creating table auth_user
Creating table django_content_type
Creating table django_session
Creating table django_site
Creating table servers_compute
Creating table instance_instance
Creating table create_flavor
You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes #问你是否创建超级管理员帐号
Username (leave blank to use 'root'): admin #指定超级管理员帐号用户名,默认留空为root
Email address: 123@qq.com #设置超级管理员邮箱
Password: #设置超级管理员密码
Password (again): #再次输入超级管理员密码
Superuser created successfully.
Installing custom SQL ...
Installing indexes ...
Installed 6 object(s) from 1 fixture(s)
将网站移动到对应的目录,设置属组、属主
[root@web webvirtmgr]# mkdir -p /var/www
[root@web webvirtmgr]# cp -r /usr/local/src/webvirtmgr /var/www/
[root@web webvirtmgr]# chown -R nginx.nginx /var/www/webvirtmgr/
生成密钥
[root@web ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:zPeNexTfobcrXtRjFY02955bJ6FRvfrbHV0iu31wHtA root@kvm.localdomain
The key's randomart image is:
+---[RSA 3072]----+
| +.|
| = =|
| o.o+|
| o ..oE+|
| S . .o=O*|
| . ..B*=@|
| +.+BB|
| =o+*|
| +oo+=|
+----[SHA256]-----+
//由于这里webvirtmgr和kvm服务部署在同一台机器,所以这里本地信任。如果kvm部署在其他机器,那么这个是它的ip
[root@web ~]# ssh-copy-id 192.168.129.135
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.129.135 (192.168.129.135)' can't be established.
ECDSA key fingerprint is SHA256:ifuuL7ERwLYteDwADiJDTDQRFzNz0myTvXGsI2ioyD8.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.129.135's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.129.135'"
and check to make sure that only the key(s) you wanted were added.
配置端口转发
[root@web ~]# ssh 192.168.129.135 -L localhost:8000:localhost:8000 -L localhost:6080:localhost:60
Last login: Wed Oct 20 15:52:07 2021 from 192.168.129.1
[root@web ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 [::]:22 [::]:*
配置nginx
[root@web ~]# cp -r /etc/nginx/nginx.conf /etc/nginx/nginx1.conf
[root@web ~]# vim /etc/nginx/nginx.conf
[root@web ~]# cat /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name localhost;
include /etc/nginx/default.d/*.conf;
location / {
root html;
index index.html index.htm;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
[root@web ~]# vim /etc/nginx/conf.d/webvirtmgr.conf
[root@web ~]# cat /etc/nginx/conf.d/webvirtmgr.conf
server {
listen 80 default_server;
server_name $hostname;
#access_log /var/log/nginx/webvirtmgr_access_log;
location /static/ {
root /var/www/webvirtmgr/webvirtmgr;
expires max;
}
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $remote_addr;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
client_max_body_size 1024M;
}
}
确保bind绑定的是本机的8000端口
[root@web ~]# vim /var/www/webvirtmgr/conf/gunicorn.conf.py
...
bind = '0.0.0.0:8000' //确保此处绑定的是本机的8000端口,这个在nginx配置中定义了,被代理的端口
backlog = 2048
...
开启nginx
[root@web ~]# systemctl enable --now nginx
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
重启nginx
[root@web ~]# systemctl restart nginx
[root@web ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[root@web ~]# cat >> /etc/supervisord.conf <<EOF
[program:webvirtmgr]
command=/usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
logfile=/var/log/supervisor/webvirtmgr.log
log_stderr=true
user=nginx
[program:webvirtmgr-console]
command=/usr/bin/python2 /var/www/webvirtmgr/console/webvirtmgr-console
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
stdout_logfile=/var/log/supervisor/webvirtmgr-console.log
redirect_stderr=true
user=nginx
EOF
启动supervisor并设置开机自启
[root@web ~]# systemctl enable --now supervisord
Created symlink /etc/systemd/system/multi-user.target.wants/supervisord.service → /usr/lib/systemd/system/supervisord.service.
//查看状态
[root@web ~]# systemctl status supervisord
● supervisord.service - Process Monitoring and Control Daemon
Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2021-10-20 19:16:53 CST; 15s ago
Process: 327152 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS)
Main PID: 327155 (supervisord)
Tasks: 2 (limit: 49594)
Memory: 38.9M
CGroup: /system.slice/supervisord.service
├─327155 /usr/bin/python3.6 /usr/bin/supervisord -c /etc/supervisord.conf
└─327568 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.c>
10月 20 19:16:53 localhost.localdomain systemd[1]: Starting Process Monitoring and Control Daemon...
10月 20 19:16:53 localhost.localdomain systemd[1]: Started Process Monitoring and Control Daemon.
[root@web ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
配置nginx账户,做免密登录
[root@web ~]# su - nginx -s /bin/bash
-bash-4.2$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/var/lib/nginx/.ssh/id_rsa):
Created directory '/var/lib/nginx/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/lib/nginx/.ssh/id_rsa.
Your public key has been saved in /var/lib/nginx/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:msg77oQqw2HEWS9oIeg/QofGxRsy7cPJnEw2JGExyHw nginx@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
|=**. |
|=*oE |
|= ^ B |
| % & . |
|= o o S |
| + = . o |
|o + = o |
|oo ... |
|o. o+. |
+----[SHA256]-----+
-bash-4.2$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config
-bash-4.2$ chmod 0600 ~/.ssh/config
-bash-4.2$ ssh-copy-id root@192.168.129.135
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/var/lib/nginx/.ssh/id_rsa.pub"
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Warning: Permanently added '192.168.129.135' (ECDSA) to the list of known hosts.
root@192.168.129.135's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.129.135'"
and check to make sure that only the key(s) you wanted were added.
-bash-4.2$ exit
登出
[root@web ~]# vim /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
[root@web ~]# cat > /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla << EOF
[Remote libvirt SSH access]
Identity=unix-user:root
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes
[root@web ~]# chown -R root.root /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
[root@web ~]# systemctl restart nginx
[root@kvm ~]# systemctl restart libvirtd #kvm上重启
kvm web界面管理
创建SSH连接:
创建存储:
进入存储:
通过远程连接软件上传ISO镜像文件至存储目录/var/lib/libvirt/images/
[root@kvm ~]# cd /var/lib/libvirt/images/
[root@kvm images]# ls
rhel-8.2-x86_64-dvd_2.iso
在 web 界面查看ISO镜像是否存在
添加成功如下图所示
添加桥接网络
实例(虚拟机)创建
虚拟机插入光盘
设置在 web 上访问虚拟机的密码
启动虚拟机
虚拟机安装
报错故障
案例1
在添加镜像时,添加不成功,报错
解决方法:在kvm上安装一个包
[root@kvm ~]# yum update libgcrypt
下载完成后,在添加就课成功
案例2
web界面配置完成后可能会出现以下错误界面
解决方法是安装novnc并通过novnc_server启动一个vnc
[root@kvm images]# ll /etc/rc.local
lrwxrwxrwx 1 root root 13 8月 10 23:31 /etc/rc.local -> rc.d/rc.local
[root@kvm images]# ll /etc/rc.d/rc.local
-rw-r--r--. 1 root root 474 8月 10 23:31 /etc/rc.d/rc.local
[root@kvm images]# chmod +x /etc/rc.d/rc.local
[root@kvm images]# ll /etc/rc.d/rc.local
-rwxr-xr-x. 1 root root 474 8月 10 23:31 /etc/rc.d/rc.local
[root@kvm images]# vim /etc/rc.d/rc.local
......此处省略N行
# that this script will be executed during boot.
touch /var/lock/subsys/local
nohup novnc_server 192.168.129.135:5920 &
[root@kvm images]# . /etc/rc.d/rc.local
案例3
第一次通过web访问kvm时可能会一直访问不了,一直转圈,而命令行界面一直报错(too many open files) 此时需要对nginx进行配置
[root@web ~]# vim /etc/nginx/nginx.conf
....此处省略N行
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
worker_rlimit_nofile 655350; //添加此行配置
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
....此处省略N行
[root@web ~]# systemctl restart nginx
然后对系统参数进行设置
[root@web ~]# vim /etc/security/limits.conf
....此处省略N行
# End of file
* soft nofile 655350
* hard nofile 655350
到此问题即可解决
1245
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
