KVM: Difference between revisions
Line 11: | Line 11: | ||
If you prefer bridging a guest over your Ethernet interface, you need to make a [https://wiki.alpinelinux.org/wiki/Bridge#Configuration_file bridge]. | If you prefer bridging a guest over your Ethernet interface, you need to make a [https://wiki.alpinelinux.org/wiki/Bridge#Configuration_file bridge]. | ||
It's quite common to use bridges with KVM environments but when IPv6 is there Alpine will assign itself a link-local address as well as an SLAAC address in case there's a router sending Router Advertisements. You don't want this because you don't want to have the KVM host an IP address in every network it serves to guests. Unfortunately you cannot just disable IPv6 for the bridge via sysctl because it might not be up at boottime when sysctl fires. There's a workaround though which is to put a post-up hook into the /etc/network/interfaces file like this: | |||
auto brlan | |||
iface brlan inet manual | |||
bridge-ports eth1.5 | |||
bridge-stp 0 | |||
post-up ip -6 a flush dev brlan; sysctl -w net.ipv6.conf.brlan.disable_ipv6=1 | |||
== Management == | == Management == |
Revision as of 10:10, 2 March 2020
KVM is an free and open source virtualization solution in a kernel module. Although it is often simply referred to as KVM, the actual hypervisor is QEMU. QEMU runs from user-space, but can integrate with KVM, providing better performance by leveraging the hardware from kernel-space. QEMU can virtualize x86, PowerPC, and S390 guests, amongst others. Libvirt is a management framework that integrates with QEMU/KVM, LXC, Xen and others.
Installation
The following commands provide libvirt as well as QEMU with emulation for x86_64 and qemu-img, a necessary component for using various disk formats such as qcow2. Without qemu-img, only raw disks are available. It can also convert images between several formats like vhdx and vmdk.
# apk add libvirt-daemon qemu-img qemu-system-x86_64 # rc-update add libvirtd
Networking
By default, libvirt uses NAT for VM connectivity. If you want to use the default configuration, you need to load the tun module.
# modprobe tun
If you prefer bridging a guest over your Ethernet interface, you need to make a bridge.
It's quite common to use bridges with KVM environments but when IPv6 is there Alpine will assign itself a link-local address as well as an SLAAC address in case there's a router sending Router Advertisements. You don't want this because you don't want to have the KVM host an IP address in every network it serves to guests. Unfortunately you cannot just disable IPv6 for the bridge via sysctl because it might not be up at boottime when sysctl fires. There's a workaround though which is to put a post-up hook into the /etc/network/interfaces file like this:
auto brlan iface brlan inet manual bridge-ports eth1.5 bridge-stp 0 post-up ip -6 a flush dev brlan; sysctl -w net.ipv6.conf.brlan.disable_ipv6=1
Management
For (non-root) management, you will need to add your user to the libvirt group.
# addgroup user libvirt
You can use libvirt's virsh on the CLI. It can execute commands as well as run as an interactive shell. Read its manual page and/or use the "help" command for more info. Some basic commands are:
virsh help virsh list --all virsh start $domain virsh shutdown $domain
The libvirt project provides a GUI for managing hosts, called virt-manager. It handles local systems as well as remote ones via SSH.
# apk add dbus polkit virt-manager # rc-update add dbus
In order to use libvirtd to remotely control KVM over ssh PolicyKit needs a .pkla informing it that this is allowed. Write the following file to /etc/polkit-1/localauthority/50-local.d/50-libvirt-ssh-remote-access-policy.pkla
[Remote libvirt SSH access] Identity=unix-group:libvirt Action=org.libvirt.unix.manage ResultAny=yes ResultInactive=yes ResultActive=yes