Sunday, June 12, 2016

Create a customized KVM on laptop

What do I mean by saying I need a customized KVM?

1. A way to get the external DHCP IP address to the KVM
2. A qcow2 image modified maybe?
3. Multiple network nics with specific needs, ie over vlan, host only etc.
4. Use specific nic cards ie for DPDK reasons

 etc etc.

 The above are some of my reasons I moved out from Vagrant etc.
I have a Vagrant file which can pretty much use a yaml file to create a set of KVM's with some option to nics. But as usual more than that is required.

 Here in I will state (for my own good) steps to do what exactly I want -

 Network

I want two nics, one external bridged so that others on the LAN can access my VM directly via an IP (assuming the general LAN has a DHCP server with free IP addresses and is freely giving those IP addresses, if your administrators have mac binded the dhcp ip addresses, then the only way you can get this functionality is the SNAT way)

  • Disable Network Manager. How?




  • Create a manual Bridge via brctl and link with a physical network -
    • 

    
brctl addbr <bridge_name>
    
brctl addif <bridge_name> <phys_net -- connected to the local lan of the DHCP server>
    
ip link set <phys_net> up
    
ip link set <bridge_name> up
    
ifup <bridge_name>  (we will call this brex, for further use)
    
OR via ifcfg-
    

    
#> cat /etc/sysconfig/network-scripts/ifcfg-br0
    DEVICE=br0
    TYPE=Bridge
    DELAY=0
    BOOTPROTO=dhcp
    ONBOOT=yes
    NM_CONTROLLED=no
    PERSISTENT_DHCLIENT=yes
    DHCLIENT_IGNORE_GATEWAY=no
    GATEWAY=10.2.0.254
    DNS1=10.2.0.26
    DNS2=10.3.0.26
    

    

    
#> cat /etc/sysconfig/network-scripts/ifcfg-eno1
    DEVICE="eno1"
    ONBOOT=yes
    UUID="f423eb24-2c1d-49d1-acdf-9a63ea867ff4"
    IPV6INIT=no
    BOOTPROTO=none
    TYPE=Ethernet
    NAME="eno1"
    BRIDGE=br0
    

    

    

    

    

    

    

  • disable firewalls for bridges - These control whether or not packets traversing the bridge are sent to iptables for processing. In the case of using bridges to connect virtual machines to the network, generally such processing is *not* desired, as it results in guest traffic being blocked due to host iptables rules that only account for the host itself, and not for the guests.
    • 

    

    

    

    
net.bridge.bridge-nf-call-arptables = 0
    net.bridge.bridge-nf-call-ip6tables = 0
    net.bridge.bridge-nf-call-iptables = 0
    

    

    

    

  • Define one host only network (this is virtual). DHCP server is required if you want to auto populate IP address. However generally having statically configured openstack nodes help.
    • 

    

    

    

    
(without DHCP)
    

    
cat > /tmp/hostonly.xml <<EOF
    <network>
      <name>hostonly</name>
      <ip address="192.168.17.254" netmask="255.255.255.0"/>
    </network>
    EOF
    

    
(Load and autorestart, remember the bridge name is virbr0 ^^)
    

    
virsh net-define /tmp/hostonly.xml
    virsh net-autostart hostonly
    virsh net-start hostonly
    

    
virt-install pass the bridge for network - Below will set two nics inside your VM, 1st one should be the hostonly nic, can be used for provisioning openstack clusters. 2nd one is the external access nic.
    
virt-install <blah.. blah..> --network network:virbr0 --network network:brex (A complete virt-install is given below)
    

    
VM Setup
    

      

      

    • Check nested virtualization support and please enable it, docs here.
      • 

    • install all the required RPM's for this excercise -
      • 

      

      
yum install libvirt qemu-kvm virt-manager virt-install libguestfs-tools xorg-x11-apps xauth virt-viewer libguestfs-xfs -y
      

      

      

    • Get Image (centos - url to check latest qcow2 - Index of /centos/7/images )
      • 

      

      

      

      

    • Lets create the directories for our use
      • 

      

      
mkdir -p /vmimages/{qcow2-arch,qcow2-kvm}
      cd /vmimages/qcow2-kvm/       (lets stay here and use all the commands from here)
      

      

      

    • Copy to a libvirt images folder ie 'cp CentOS-7-x86_64-GenericCloud.qcow2 /vmimages/qcow2-arch/'
      • 

      

      
wget -c 'http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2'
      mv CentOS-7-x86_64-GenericCloud.qcow2 /vmimages/qcow2-arch/
      

      

      

    • Check the size of your qcow2 image disk (this is the max size of your VM disks, alas! this is not enough)
      • 

      

      
virt-filesystems --long -h --all -a ../qcow2-arch/CentOS-7-x86_64-GenericCloud.qcow2
      Name       Type        VFS  Label  MBR  Size  Parent
      /dev/sda1  filesystem  xfs  -      -    8.0G  -
      /dev/sda1  partition   -    -      83   8.0G  /dev/sda
      /dev/sda   device      -    -      -    8.0G  -
      

      

      

    • Lets increase it!, step 1. create a black qcow2 image of your desired size (remember these files are parse files, so when you create they wouldnt take all the space required)
      • 

      

      
qemu-img create -f qcow2 centos7.2-kvm1.qcow2 40G
      

      

      

    • Step 2. expand centos (downloaded qcow2 image) into the newly created 40G empty qcow2 image
      • 

      

      
virt-resize --expand /dev/sda1 ../qcow2-arch/CentOS-7-x86_64-GenericCloud.qcow2  centos7.2-kvm1.qcow2
      

      

      

    • check via virt-filesystems, of the new qcow2 image
      • 

      

      
virt-filesystems --long -h --all -a centos7.2-kvm1.qcow2
      Name       Type        VFS  Label  MBR  Size  Parent
      /dev/sda1  filesystem  xfs  -      -    40G   -
      /dev/sda1  partition   -    -      83   40G   /dev/sda
      /dev/sda   device      -    -      -    40G   -
      

      

      

    • If you want to use the awesome feature of KVM called 'Copy on Write', then some more steps are required. What it does, is it uses another disk for the VM to write the changes. So all the VM's can have one master disk and write the changes to there own copy disks.
      • 

      

      
qemu-img create -f qcow2 -b centos7.2-kvm1.qcow2 packstack-node1.qcow2 <-- choose a name of the backup file intutively so that it reflects the node you would be running.
      

      

      

    • Do some customization.. This has good docs here and more here!! (Here i start feeling the similarity with docker build)
      • 

      
Here we are removing cloud-init from the qcow2 image (its a nuisance, unless this image is being spawned in the cloud)
      

      

      
virt-customize -a packstack-node1.qcow2 --run-command 'yum remove cloud-init* -y'
      
Here we are setting a very complex password!
      

      
virt-customize -a packstack-node1.qcow2 --root-password password:Cent05
      

      
Finally! Create VM and start
      

        

        

        

        

      • We have come to the stage to start the KVM. ( --cpu SandyBridge,+vmx is to enable nested VM's. It is CPU architecture dependent and to be enabled in bios, more details here)
        • 

        

        
virt-install --ram 8096 --vcpus 4 --os-variant centos7.0 --disk path=/vmimages/qcow2-kvm/packstack-node1.qcow2,device=disk,bus=virtio,format=qcow2 --import --noautoconsole --vnc --network bridge:virbr1,model=e1000 --network bridge:br0,model=e1000 --cpu SandyBridge,+vmx --dry-run --print-xml --name packstacknode1 > packstacknode1.xml
        

        

        

        

      • Load your XML into libvirt
        • 

        

        
virsh define packstacknode1.xml
        virsh start packstacknode1
        virsh console packstacknode1
        

        

        

        

      • Some tyding.. login to console
        • 

        

        

        

        

      • create the ifcfg-eth{0,1} files
        • 

        

        
cat << EOF > /etc/sysconfig/network-scripts/ifcfg-eth0
        DEVICE=eth0
        ONBOOT=yes
        BOOTPROTO=static
        NM_CONTROLLED=no
        IPADDR=192.168.17.101
        NETMASK=255.255.255.0
        EOF
        

        
cat << EOF > /etc/sysconfig/network-scripts/ifcfg-eth1
        DEVICE=eth1
        ONBOOT=yes
        BOOTPROTO=dhcp
        NM_CONTROLLED=no
        DEFROUTE=yes
        EOF               
        

        

        

        

      • put a hostname
        • 

        

        
hostnamectl set-hostname --static packstacknode1.redhat.local
        
Yay! you have a shiny new packstack node with e1000 ethernet nics, which supports ovs-dpdk
        
check 'ip a l' you should be able to connect to VM from your laptop on both the IP addresses.
        
From outside your laptop, you should be able to access the VM over LAN
        

        

        

        

        

        

        



at













        


        

        

        

Labels:
,
,
,
,
,



        

        



        

        

        

        


        No comments:
        

        

        

        

        

        
Post a Comment

        

        

        

        
        
      

        


        

        

        
Subscribe to:
Post Comments (Atom)

        

        

        

        

        VIM issues with powerline
        

        
What to do if you get this annoying issue -   vi requirements.txt                                                                           ...