一、前期准备
1.1、开启虚拟机前,CPU要支持虚拟化
查看服务器是否打开对虚拟化的支持:
cat /proc/cpuinfo | grep vmx(intel)
cat /proc/cpuinfo | grep svm(AMD)
任意一个有输出,代表支持虚拟化
[root@linux-node1 ~]# cat /etc/redhat-release
CentOS release 6.8 (Final)
[root@linux-node1 ~]# uname -r
2.6.32-642.el6.x86_64
[root@linux-node1 ~]# getenforce
Disabled
[root@linux-node1 ~]# service iptables status
iptables: Firewall is not running.
[root@linux-node1 ~]# date
Sat Jun 24 19:40:10 CST 2018
[root@linux-node1 ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0C:29:2B:9F:B1
inet addr:10.0.0.101 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe2b:9fb1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1238 errors:0 dropped:0 overruns:0 frame:0
TX packets:569 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:122277 (119.4 KiB) TX bytes:77114 (75.3 KiB)
[root@linux-node1 ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=linux-node1
[root@linux-node1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.0.0.101 linux-node1
10.0.0.102 linux-node2
[root@linux-node1 ~]# ping linux-node1
PING linux-node1 (10.0.0.101) 56(84) bytes of data.
64 bytes from linux-node1 (10.0.0.101): icmp_seq=1 ttl=64 time=0.045 ms
^C
--- linux-node1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1896ms
rtt min/avg/max/mdev = 0.042/0.043/0.045/0.006 ms
[root@linux-node1 ~]# ping www.baidu.com
PING www.a.shifen.com (61.135.169.125) 56(84) bytes of data.
64 bytes from 61.135.169.125: icmp_seq=1 ttl=128 time=3.58 ms
64 bytes from 61.135.169.125: icmp_seq=2 ttl=128 time=3.80 ms
^C
--- www.a.shifen.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1313ms
rtt min/avg/max/mdev = 3.587/3.697/3.807/0.110 ms
二、安装配置
[root@linux-node1 ~]# yum -y install qemu-kvm qemu-kvm-tools virt-manager libvirt ##qemu工具及管理kvm的工具、虚拟机的创建、用libvirt对虚拟机进行管理
[root@linux-node1 ~]# /etc/init.d/libvirtd start
Starting libvirtd daemon: [ OK ]
[root@linux-node1 ~]# ifconfig virbr0 ##启动后会多出一个virbr0网卡,默认IP为192.168.122.1
virbr0 Link encap:Ethernet HWaddr 52:54:00:EB:DF:39
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
ollisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[root@linux-node1 ~]# brctl show
bridge name bridge id STP enabled interfaces ##STP:二层生成树协议
virbr0 8000.525400ebdf39 yes virbr0-nic
iptables的变化
[root@linux-node1 ~]# iptables -nvL
Chain INPUT (policy ACCEPT 179 packets, 16004 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- *virbr0 0.0.0.0/0 192.168.122.0/24 state RELATED,ESTABLISHED
0 0 ACCEPT all -- virbr0 * 192.168.122.0/24 0.0.0.0/0
0 0 ACCEPT all -- virbr0 virbr0 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * virbr0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT 126 packets, 20568 bytes)
pkts bytes target prot opt in out source destination
[root@linux-node1 ~]# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 345 packets, 26948 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 6 packets, 456 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE tcp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
0 0 MASQUERADE udp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
0 0 MASQUERADE all -- * * 192.168.122.0/24 !192.168.122.0/24
Chain OUTPUT (policy ACCEPT 6 packets, 456 bytes)
pkts bytes target prot opt in out source destination
[root@linux-node1 ~]# iptables -t mangle -nvL
Chain PREROUTING (policy ACCEPT 556 packets, 45504 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 200 packets, 17736 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 139 packets, 24396 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 139 packets, 24396 bytes
pkts bytes target prot opt in out source destination
0 0 CHECKSUM udp -- * virbr0 0.0.0.0/0 0.0.0.0/0 udp dpt:68 CHECKSUM fill
[root@linux-node1 ~]# iptables -t raw -nvL
Chain PREROUTING (policy ACCEPT 107 packets, 8554 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 29 packets, 6892 bytes)
pkts bytes target prot opt in out source destination
[root@linux-node1 ~]# qemu-img create -f raw /opt/Centos-6.8-x86_64.raw 5G
Formatting '/opt/Centos-6.8-x86_64.raw', fmt=raw size=5368709120
[root@linux-node1 ~]# file /opt/Centos-6.8-x86_64.raw
/opt/Centos-6.8-x86_64.raw: data
[root@linux-node1 ~]# qemu-img info /opt/Centos-6.8-x86_64.raw
image: /opt/Centos-6.8-x86_64.raw
file format: raw ##文件格式(硬盘)
virtual size: 5.0G (5368709120 bytes) ##虚拟空间
disk size: 0 ##已用空间
[root@linux-node1 ~]# cd /opt
[root@linux-node1 opt]# rz CentOS-6.8-x86_64-bin-DVD1.iso
[root@linux-node1 opt]# ls
Centos-6.8-x86_64.raw rh CentOS-6.8-x86_64-bin-DVD1.iso
[root@linux-node1 opt]# virt-install --virt-type kvm --name Centos-6.8-x86_64 --ram 512 --cdrom=/opt/CentOS-6.8-x86_64-bin-DVD1.iso --disk path=/opt/Centos-6.8-x86_64.raw --network network=default --graphics vnc,listen=0.0.0.0 --noautoconsole --os-type=linux --os-variant=rhel6
Starting install...
Creatingdomain... | 0 B 00:01
Domain installation still in progress. You can reconnect to
the console to complete the installation process.
2.2、用VNC查看:
最后会reboot
[root@linux-node1 opt]# netstat -lntup|grep 5900 ##查看端口,看kvm是否启动
[root@linux-node1 opt]# virsh list --all ##查看所有的
Id Name State
----------------------------------------------------
- Centos-6.8-x86_64 shut off
[root@linux-node1 opt]# virsh start Centos-6.8-x86_64 ##启动虚拟机
Domain Centos-6.8-x86_64 started
[root@linux-node1 opt]# netstat -lntup|grep 5900
tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 3660/qemu-kvm
在连接VNC时可能会出现“attempting to reconnect to VNC Server Zlibinstream:inflate faild”
解决办法如下:
在VNC中操作KVM:
此时在宿主机上查看(虚拟机默认为NAT模式):
[root@linux-node1 opt]# brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.525400ebdf39 yes virbr0-nic
vnet0 ##虚机的网卡,绑定在virbr0上
改为桥接模式
[root@linux-node1 opt]# brctl addbr br0
[root@linux-node1 opt]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000000000000 no
virbr0 8000.525400ebdf39 yes virbr0-nic
vnet0
[root@linux-node1 opt]# brctl addif br0 eth0
[root@linux-node1 ~]# brctl addbr br0 && brctl addif br0 eth0 && ip addr del dev eth0 10.0.0.101/24 && ifconfig br0 10.0.0.101/24 up ##这种方法可以避免改网卡失联
[root@linux-node1 ~]# virsh edit Centos-6.8-x86_64
<interface type='bridge'>
<mac address='52:54:00:cc:e1:18'/>
<source bridge='br0'/>
[root@linux-node1 ~]# ps -ef|grep kvm
[root@linux-node1 ~]# kill 4261
[root@linux-node1 ~]# virsh start Centos-6.8-x86_64
[root@linux-node1 ~]# virsh destroy Centos-6.8-x86_64 ##这种重启方法好一些,上种粗暴一些
[root@linux-node1 ~]# virsh start Centos-6.8-x86_64
[root@linux-node1 ~]# virsh list --all
[root@linux-node1 ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000c292b9fb1 no eth0
vnet0
virbr0 8000.525400ebdf39 yes virbr0-nic
通过VNC登录KVM虚拟机
注:不管能否解决你遇到的问题,欢迎相互交流,共同提高!