Difference between revisions of "KVM"

From Alpine Linux
Jump to: navigation, search
(few correction, try to make it more clear, toc + bridge for KVM)
Line 1: Line 1:
 
[https://www.linux-kvm.org/page/Main_Page KVM] is an open source virtualization solution in a kernel module. KVM can virtualize x86, PowerPC, and S390 guests.
 
[https://www.linux-kvm.org/page/Main_Page KVM] is an open source virtualization solution in a kernel module. KVM can virtualize x86, PowerPC, and S390 guests.
  
 
+
== Installing KVM ==
= Installing KVM =
 
 
It is possible to install just qemu and libvirt for local management  
 
It is possible to install just qemu and libvirt for local management  
 
{{Cmd|sudo apk add qemu-system-x86_64 libvirt}}
 
{{Cmd|sudo apk add qemu-system-x86_64 libvirt}}
but most users will probably want libvirt-deamon and/or virt-manager for a GUI.
+
but most users will probably want to manage it via a GUI with virt-manager (remotely or not).
 
{{Cmd|sudo apk add libvirt-daemon dbus polkit}}
 
{{Cmd|sudo apk add libvirt-daemon dbus polkit}}
 
If you want to use other disk image formats than raw, you need qemu-img
 
If you want to use other disk image formats than raw, you need qemu-img
Line 14: Line 13:
 
or
 
or
 
{{Cmd|sudo modprobe kvm-amd}}
 
{{Cmd|sudo modprobe kvm-amd}}
 +
 +
=== Service start on boot ===
 +
Set libvirtd and dbus to start on startup
 +
{{Cmd|sudo rc-update add libvirtd
 +
sudo rc-update add dbus}}
 +
 +
== Networking ==
 
by defaults kvm use bridge to nat vm, if you want network with the default configuration, you need to load the tun module
 
by defaults kvm use bridge to nat vm, if you want network with the default configuration, you need to load the tun module
 
{{Cmd|sudo modprobe tun}}
 
{{Cmd|sudo modprobe tun}}
 +
but if you prefer bridging kvm over your ethernet interface, you need to make a [https://wiki.alpinelinux.org/wiki/Bridge#Configuration_file bridge]
  
 +
== Groups and user ==
 
Add your user to the follwing groups so you can mange the vms
 
Add your user to the follwing groups so you can mange the vms
 
{{Cmd|sudo addgroup user kvm
 
{{Cmd|sudo addgroup user kvm
Line 22: Line 30:
 
sudo addgroup user libvirt}}
 
sudo addgroup user libvirt}}
  
Set libvirtd and dbus to start on startup
+
=== PolicyKit for Remote User ===
{{Cmd|sudo rc-update add libvirtd
 
sudo rc-update add dbus}}
 
 
 
== Configure PolicyKit ==
 
 
In order to use libvirtd to remotely control KVM over ssh PolicyKit needs a .pkla informing it that this is allowed.
 
In order to use libvirtd to remotely control KVM over ssh PolicyKit needs a .pkla informing it that this is allowed.
 
Write the following file to /etc/polkit-1/localauthority/50-local.d/50-libvirt-ssh-remote-access-policy.pkla
 
Write the following file to /etc/polkit-1/localauthority/50-local.d/50-libvirt-ssh-remote-access-policy.pkla

Revision as of 19:35, 17 January 2018

KVM is an open source virtualization solution in a kernel module. KVM can virtualize x86, PowerPC, and S390 guests.

Installing KVM

It is possible to install just qemu and libvirt for local management

sudo apk add qemu-system-x86_64 libvirt

but most users will probably want to manage it via a GUI with virt-manager (remotely or not).

sudo apk add libvirt-daemon dbus polkit

If you want to use other disk image formats than raw, you need qemu-img

sudo apk add qemu-img

Enable the KVM kernel module

sudo modprobe kvm-intel

or

sudo modprobe kvm-amd

Service start on boot

Set libvirtd and dbus to start on startup

sudo rc-update add libvirtd sudo rc-update add dbus

Networking

by defaults kvm use bridge to nat vm, if you want network with the default configuration, you need to load the tun module

sudo modprobe tun

but if you prefer bridging kvm over your ethernet interface, you need to make a bridge

Groups and user

Add your user to the follwing groups so you can mange the vms

sudo addgroup user kvm sudo addgroup user qemu sudo addgroup user libvirt

PolicyKit for Remote User

In order to use libvirtd to remotely control KVM over ssh PolicyKit needs a .pkla informing it that this is allowed. Write the following file to /etc/polkit-1/localauthority/50-local.d/50-libvirt-ssh-remote-access-policy.pkla

[Remote libvirt SSH access] Identity=unix-group:libvirt Action=org.libvirt.unix.manage ResultAny=yes ResultInactive=yes ResultActive=yes