月份: 2018 年 1 月

Xenserver nested

Disclaimer done, lets start to play: To enable nested virtualization, go to the XenServer console (e.g. in XenCenter) and find out the UUID of the VM you want to permit being a virtualization host:

# xe vm-list

Go through the list and remember the first characters of your VM´s UUID. After making sure the VM is powered down, turn on nested hardware virtualization. Enter your VM’s UUID instead of <UUID>. After typing the first characters, you can hit TAB to auto-complete:

# xe vm-param-set uuid=<UUID> platform:exp-nested-hvm=true

Boot the VM and check if the virtual processor reports hardware virtualization (“vmx”) capabilities. In Linux this might look like this:

# cat /proc/cpuinfo 
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 60
model name : Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
[…]
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx rdtscp lm constant_tsc rep_good nopl pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes rdrand hypervisor lahf_lm abm tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust bmi1 smep bmi2 erms invpcid
[…]

kvm 橋接

關閉 SELINUX
#vim /etc/selinux/config

安裝KVM
===========================================================================
CentOS7
#yum install qemu-kvm libvirt virt-install bridge-utils
Ubuntu
#apt-get install kvm qemu libvirt-bin virtinst ubuntu-vm-builder bridge-utils virt-manager virt-viewer

#查看是否加载kvm模块
[root@kvm ~]# lsmod|grep kvm
kvm_intel             138567  0
kvm                   441119  1 kvm_intel

#如果没有这两条,可以用"modprobe kvm"加载;
#相关命令"insmod;rmmod;modinfo"

#启动libvirtd
[root@localhost ~]# systemctl start libvirtd;systemctl enable libvirtd
[root@localhost ~]# systemctl list-unit-files|grep libvirtd
libvirtd.service                            enabled

橋接網卡
==========================================================
# systemctl stop NetworkManager
# systemctl disable NetworkManager
# systemctl enable network
#systemctl stop firewalld
#systemctl disable firewalld

 #vim ifcfg-enp0s3
增加這一行 BRIDGE=br0

#vim ifcfg-br0
DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
IPADDR=192.168.1.63
NETMASK=255.255.255.0
GATEWAY=192.168.1.254
DNS1=168.95.1.1
ONBOOT=yes

#service network restart
#brctl show

客戶端CentOS7 安裝桌面
#virt-manager --no-fork
# yum groupinstall "GNOME Desktop" "Graphical Administration Tools"
# systemctl set-default graphical.target
# reboot

KVM Nested
==========================================================
#cat /sys/module/kvm_intel/parameters/nested
如果有支援會傳回 y
否則執行下列
Intel CPU
#echo "options kvm-intel nested=Y" > /etc/modprobe.d/kvm-intel.conf
AMD CPU
#echo "options kvm-amd nested=1" > /etc/modprobe.d/kvm-amd.conf

==========================================================
安装ssh-askpass-gnome来允许弹出认证框:
#apt-get install ssh-askpass-gnome
#yum install openssh-askpass
==========================================================
查看已安装的kvm版本
# qemu-img --help | grep version