KVM foundation of virtualization technology

Time:2021-2-10

1、 Introduction to KVM

The full name of KVM is kernel base virtual machine (kernel based virtual machine). It is an open source system virtualization module, which has been integrated in various major Linux distributions since Linux 2.6.20. It uses Linux’s own scheduler for management, so compared with Xen, its core source code is very few. KVM has become one of the mainstream VMMS in academia. KVM virtualization needs hardware support (such as inter VT technology or AMD V Technology), which is based on hardware full virtualization. The early Xen is based on software simulation of para virtualization, the new version is based on hardware support of full virtualization. But Xen has its own process scheduler, storage management module and so on, so the code is relatively large. IBM documentation: https://www.ibm.com/developerworks/cn/linux/l-using-kvm/ ;

KVM architecture

Tips: KVM is a module in the Linux kernel, and for users to operate the functions provided by the modules in the Linux kernel, a user space software must be installed in the user space to operate through system call; QEMU is the management function of KVM in the user space, which is a bit similar to iptalbes, which is the management tool of Netfilter; the main function of KVM in the above architecture diagram is to provide Virtual level of CPU and memory, and I / O interception of client, part of the I / O of guest is intercepted by KVM, and sent to QEMU for processing; QEMU runs in user space through modified QEMU code used by KVM virtual machine, provides hardware I / O virtualization, and interacts with KVM through IOCTL / dev / KVM device, but KVM itself does not perform any hardware simulation, and needs user space program to pass / dev / KVM The interface sets the address space of a client virtual server, provides it with analog I / O, and maps its video display back to the host screen.

2、 KVM host environment preparation

When using KVM, the host must support virtualization function in hardware, such as inter VT technology or AMD V technology;

Check whether the host supports virtualization

[[email protected] ~]# grep -E "vmx|svm" /proc/cpuinfo 
[[email protected] ~]# 

Tip: as mentioned above, grep – e “vmx|svm) / proc / cpuinfo is executed on the host computer. If no VMX or SVM related characters are filtered, then the host computer does not support virtualization;

Turn on the virtualization function on the host of VMware Workstation

Tip: the running virtual machine must be shut down first, and then find the corresponding virtual machine. Right click Settings > processor > check virtualization inter VT-x / EPT or AMD-V / RVI (V), and then click OK to start the virtual machine;

Verification: now turn on Virtualization inter VT-x / EPT or AMD-V / RVI (V) to see if VMX or SVM characters can be filtered on the host computer?

Tips: if the hardware is inter processor, VMX is filtered out; if AMD is filtered out, SVM is filtered out;

Check if the kernel is loaded with KVM module

Tip: if the word KVM is not filtered by lsmod, it means that the host computer has not loaded the module. The loading method is modpro KVM. The environment on the host computer is checked. Next, install the KVM user space management tool;

Install the management tool of KVM in user space

[[email protected] ~]# yum install qemu-kvm qemu-kvm-tools libvirt virt-manager virt-install 
Loaded plugins: fastestmirror
base                                                                               | 3.6 kB  00:00:00     
docker-ce-stable                                                                   | 3.5 kB  00:00:00     
epel                                                                               | 4.7 kB  00:00:00     
extras                                                                             | 2.9 kB  00:00:00     
updates                                                                            | 2.9 kB  00:00:00     
(1/2): epel/x86_64/updateinfo                                                      | 1.0 MB  00:00:00     
(2/2): epel/x86_64/primary_db                                                      | 6.9 MB  00:00:01     
Determining fastest mirrors
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package libvirt.x86_64 0:4.5.0-33.el7_8.1 will be installed
--> Processing Dependency: libvirt-libs = 4.5.0-33.el7_8.1 for package: libvirt-4.5.0-33.el7_8.1.x86_64
--> Processing Dependency: libvirt-daemon-driver-storage = 4.5.0-33.el7_8.1 for package: libvirt-4.5.0-33.el7_8.1.x86_64
--> Processing Dependency: libvirt-daemon-driver-secret = 4.5.0-33.el7_8.1 for package: libvirt-4.5.0-33.el7_8.1.x86_64
…… Omit part of
 libxml2                                   x86_64     2.9.1-6.el7.4                     base        668 k
 pciutils-libs                             x86_64     3.5.1-3.el7                       base         46 k
 policycoreutils                           x86_64     2.5-34.el7                        base        917 k
 python-gobject-base                       x86_64     3.22.0-1.el7_4.1                  base        294 k
 selinux-policy-targeted                   noarch     3.13.1-266.el7_8.1                updates     7.0 M

Transaction Summary
==========================================================================================================
Install  5 Packages (+213 Dependent packages)
Upgrade  1 Package  (+ 16 Dependent packages)

Total download size: 95 M
Is this ok [y/d/N]: y
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/235): at-spi2-core-2.28.0-1.el7.x86_64.rpm                                      | 158 kB  00:00:00     
(2/235): at-spi2-atk-2.26.2-1.el7.x86_64.rpm                                       |  81 kB  00:00:00     
(3/235): autogen-libopts-5.18-5.el7.x86_64.rpm                                     |  66 kB  00:00:00     
(4/235): boost-iostreams-1.53.0-28.el7.x86_64.rpm                                  |  61 kB  00:00:00     
(5/235): adwaita-cursor-theme-3.28.0-1.el7.noarch.rpm                              | 641 kB  00:00:00     
(6/235): augeas-libs-1.4.0-9.el7_8.1.x86_64.rpm                                    | 357 kB  00:00:00     
…… Omit part of
  xkeyboard-config.noarch 0:2.24-1.el7                                                                    
  xml-common.noarch 0:0.6.3-39.el7                                                                        
  xorg-x11-server-utils.x86_64 0:7.7-20.el7                                                               
  xorg-x11-xauth.x86_64 1:1.0.9-1.el7                                                                     
  xorg-x11-xinit.x86_64 0:1.3.4-2.el7                                                                     
  yajl.x86_64 0:2.0.4-4.el7                                                                               

Updated:
  selinux-policy.noarch 0:3.13.1-266.el7_8.1                                                              

Dependency Updated:
  cyrus-sasl-lib.x86_64 0:2.1.26-23.el7             device-mapper.x86_64 7:1.02.164-7.el7_8.2             
  device-mapper-libs.x86_64 7:1.02.164-7.el7_8.2    freetype.x86_64 0:2.8-14.el7                          
  glib2.x86_64 0:2.56.1-5.el7                       libdrm.x86_64 0:2.4.97-2.el7                          
  libselinux.x86_64 0:2.5-15.el7                    libselinux-python.x86_64 0:2.5-15.el7                 
  libselinux-utils.x86_64 0:2.5-15.el7              libsemanage.x86_64 0:2.5-14.el7                       
  libsepol.x86_64 0:2.5-10.el7                      libxml2.x86_64 0:2.9.1-6.el7.4                        
  pciutils-libs.x86_64 0:3.5.1-3.el7                policycoreutils.x86_64 0:2.5-34.el7                   
  python-gobject-base.x86_64 0:3.22.0-1.el7_4.1     selinux-policy-targeted.noarch 0:3.13.1-266.el7_8.1   

Complete!
[[email protected] ~]#

Start libvirtd

[[email protected] ~]# ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:9a:db:d6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.41/24 brd 192.168.0.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe9a:dbd6/64 scope link 
       valid_lft forever preferred_lft forever
[[email protected] ~]# systemctl start libvirtd.service 
[[email protected] ~]# ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:9a:db:d6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.41/24 brd 192.168.0.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe9a:dbd6/64 scope link 
       valid_lft forever preferred_lft forever
3: virbr0:  mtu 1500 qdisc noqueue state DOWN qlen 1000
    link/ether 52:54:00:45:06:15 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic:  mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
    link/ether 52:54:00:45:06:15 brd ff:ff:ff:ff:ff:ff
[[email protected] ~]#

Tip: libvitrd is C / S architecture, which is an open source API, background program and management tool for managing virtualization platform. It can be used to manage KVM, Xen, VMware, ESX, QEMU and other virtualization technologies. After starting libvirtd, it will create two network cards, virbr0 NIC and virbr0, on the host computer. Virbr0 is a NAT bridge, and virbr0 NIC is bridged to virbr0. The default address of virbr0 is 192.168.122.1/24, as shown below;

3、 Creating virtual machine based on virtual manager management tool

Using mobaxterm remote software to open vrit Manager

Tip: as mentioned above, you can use mobaxerm to connect the host on windows, and then execute the virt manager command to open virtual Here, to use virt manager, you must use remote tools that support X11 protocol forwarding. You can use professional versions of xshell and mobaxtermsoftware on windows. If it is a Linux system, you need to install the desktop package group, and then use the terminal to execute the virt manager command on the desktop to start virt Manager. If it is a MAC system, you need to install the Install xquartz, then open xquartz, right-click to select terminal, use SSH – y to connect host, and then open virt manager as shown below;

Using xquartz to open virt manager on MAC

Prompt: right click the application terminal;

Tip: download address of xquartz https://dl.bintray.com/xquartz/downloads/XQuartz-2.7.11.dmg Before using virt manager, remember to start libvirtd first;

Upload image to host

Using virt manager to create virtual machine

Tip: this defines the memory and CPU of the virtual machine according to its own needs;

Tip: this step is to select a disk. If the disk is not created on the host in advance, you can directly select to create it here. If the disk is created, you can select it here;

Tip: this step is to confirm the confirmation sheet of our virtual machine and the selection of network. If there are multiple networks, you can select one of them, and then click Find;

Operating system is as like as two peas. After reinstalling, we have completed the creation of the virtual machine. The following steps are described here; the steps to install windows are exactly the same.

Tip: after installing the system, we can manage the virtual machine on this interface. Here, we need to pay attention to that if the host computer does not turn on the core forwarding function, the virtual machine will not be able to access the Internet normally. Here, the installation of virtual machine based on virt manager is completed;