KVM虚拟化安装部署及管理教程

编辑: admin 分类: centos 发布时间: 2021-11-20 来源:互联网
目录
  • 1.kvm部署
    • 1.1 kvm安装
    • 1.2 kvm web管理界面安装
    • 1.3 kvm web界面管理
      • 1.3.1 kvm连接管理
      • 1.3.2 kvm存储管理
      • 1.3.3 kvm网络管理
      • 1.3.4 实例管理
  • 故障

    1.kvm部署

    1.1 kvm安装

    //关闭防火墙和selinux
    [root@kvm ~]# systemctl disable --now firewalld.service 
    Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
    Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
    [root@kvm ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config 
    [root@kvm ~]# reboot
    
    //下载epel源和工具包
    [root@kvm ~]# yum -y install epel-release vim wget net-tools unzip zip gcc gcc-c++
    
    //验证CPU是否支持KVM;如果结果中有vmx(Intel)或svm(AMD)字样,就说明CPU的支持的
    [root@kvm ~]# egrep -o 'vmx|svm' /proc/cpuinfo
    
    //安装kvm
    [root@kvm ~]# yum -y install qemu-kvm qemu-kvm-tools qemu-img virt-manager libvirt libvirt-python libvirt-client virt-install virt-viewer bridge-utils libguestfs-tools
    
    //桥接网卡,用br0来桥接ens160网卡
    [root@kvm ~]# cd /etc/sysconfig/network-scripts/
    [root@kvm network-scripts]# cp ifcfg-ens33 ifcfg-br0
    [root@kvm network-scripts]# cat ifcfg-br0 
    TYPE=Bridge
    DEVICE=br0
    NM_CONTROLLED=no
    BOOTPROTO=static
    NAME=br0
    ONBOOT=yes
    IPADDR=192.168.237.131
    NETMASK=255.255.255.0
    GATEWAY=192.168.237.2
    DNS1=114.114.114.114
    DNS2=8.8.8.8
    [root@kvm network-scripts]# cat ifcfg-ens33 
    TYPE=Ethernet
    BOOTPROTO=static
    NAME=ens33
    DEVICE=ens33
    ONBOOT=yes
    BRIDGE=br0
    NM_CONTROLLED=no
    
    //重启网络
    [root@kvm ~]# systemctl restart network
    [root@kvm ~]# ip a
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host 
           valid_lft forever preferred_lft forever
    2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
        link/ether 00:0c:29:7b:10:a5 brd ff:ff:ff:ff:ff:ff
        inet6 fe80::20c:29ff:fe7b:10a5/64 scope link 
           valid_lft forever preferred_lft forever
    3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
        link/ether 00:0c:29:7b:10:a5 brd ff:ff:ff:ff:ff:ff
        inet 192.168.237.131/24 brd 192.168.237.255 scope global br0
           valid_lft forever preferred_lft forever
        inet6 fe80::20c:29ff:fe7b:10a5/64 scope link 
           valid_lft forever preferred_lft forever
    4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
        link/ether 52:54:00:1c:33:d6 brd ff:ff:ff:ff:ff:ff
        inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
           valid_lft forever p【本文由:专业的印度服务器 http://www.558idc.com/yd.html 提供,感谢支持】referred_lft forever
    5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
        link/ether 52:54:00:1c:33:d6 brd ff:ff:ff:ff:ff:ff
    
    //启动服务
    [root@kvm ~]# systemctl enable --now libvirtd
    
    //验证安装结果
    [root@kvm ~]# lsmod|grep kvm
    kvm_intel             188740  0 
    kvm                   637289  1 kvm_intel
    irqbypass              13503  1 kvm
    
    //测试
    [root@kvm ~]# virsh -c qemu:///system list
     Id    名称                         状态
    ----------------------------------------------------
    
    [root@kvm ~]# virsh --version
    4.5.0
    [root@kvm ~]# virt-install --version
    1.5.0
    [root@kvm ~]# ln -s /usr/libexec/qemu-kvm /usr/bin/qemu-kvm
    [root@kvm ~]# ll /usr/bin/qemu-kvm
    lrwxrwxrwx 1 root root 21 10月 20 23:14 /usr/bin/qemu-kvm -> /usr/libexec/qemu-kvm
    
    //查看网桥信息
    [root@kvm ~]# brctl show
    bridge name     bridge id               STP enabled     interfaces
    br0             8000.000c297b10a5       no              ens33
    virbr0          8000.5254001c33d6       yes             virbr0-nic
    

    1.2 kvm web管理界面安装

    kvm 的 web 管理界面是由 webvirtmgr 程序提供的。

    //安装依赖包
    [root@kvm ~]# yum -y install git python-pip libvirt-python libxml2-python python-websockify supervisor nginx python-devel
    //从github上下载webvirtmgr代码
    [root@kvm ~]# cd /usr/local/src/
    [root@kvm src]# git clone git://github.com/retspen/webvirtmgr.git
    正克隆到 'webvirtmgr'...
    remote: Enumerating objects: 5614, done.
    remote: Total 5614 (delta 0), reused 0 (delta 0), pack-reused 5614
    接收对象中: 100% (5614/5614), 2.97 MiB | 29.00 KiB/s, done.
    处理 delta 中: 100% (3606/3606), done.
    //安装webvirtmgr
    [root@kvm src]# cd webvirtmgr/
    [root@kvm webvirtmgr]# pip install -r requirements.txt 
    Collecting django==1.5.5 (from -r requirements.txt (line 1))
      Downloading https://files.pythonhosted.org/packages/38/49/93511c5d3367b6b21fc2995a0e53399721afc15e4cd6eb57be879ae13ad4/Django-1.5.5.tar.gz (8.1MB)
        100% |████████████████████████████████| 8.1MB 49kB/s 
    ......
    //检查sqlite3是否安装
    [root@kvm webvirtmgr]# python
    Python 2.7.5 (default, Nov 16 2020, 22:23:17) 
    [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux2
    Type "help", "copyright", "credits" or "license" for more information.
    >>> import sqlite3
    >>> exit()
    //初始化账号信息
    [root@kvm webvirtmgr]# python manage.py syncdb
    WARNING:root:No local_settings file found.
    Creating tables ...
    Creating table auth_permission
    Creating table auth_group_permissions
    Creating table auth_group
    Creating table auth_user_groups
    Creating table auth_user_user_permissions
    Creating table auth_user
    Creating table django_content_type
    Creating table django_session
    Creating table django_site
    Creating table servers_compute
    Creating table instance_instance
    Creating table create_flavor
    You just installed Django's auth system, which means you don't have any superusers defined.
    Would you like to create one now? (yes/no): yes
    Username (leave blank to use 'root'): admin
    Email address: 123@qq.com
    Password: 
    Password (again): 
    Superuser created successfully.
    Installing custom SQL ...
    Installing indexes ...
    Installed 6 object(s) from 1 fixture(s)
    //拷贝web网页至指定目录
    [root@kvm webvirtmgr]# mkdir /var/www
    [root@kvm webvirtmgr]# cp -r /usr/local/src/webvirtmgr /var/www/
    [root@kvm webvirtmgr]# chown -R nginx.nginx /var/www/webvirtmgr/
    //生成密钥
    [root@kvm ~]# ssh-keygen -t rsa
    Generating public/private rsa key pair.
    Enter file in which to save the key (/root/.ssh/id_rsa): 
    Created directory '/root/.ssh'.
    Enter passphrase (empty for no passphrase): 
    Enter same passphrase again: 
    Your identification has been saved in /root/.ssh/id_rsa.
    Your public key has been saved in /root/.ssh/id_rsa.pub.
    The key fingerprint is:
    SHA256:icyLAYmyxABKsogsIHmJqGjSby0ogFwf1p2zeiPwuxY root@kvm
    The key's randomart image is:
    +---[RSA 2048]----+
    |O+ .  . . .      |
    |/ooo o . +       |
    |&*+ o .   o      |
    |X+.. = . o       |
    |=  o..* S        |
    |. . +o.E o       |
    | . .... = .      |
    |       o         |
    |      ...        |
    +----[SHA256]-----+
    [root@kvm ~]# ssh-copy-id 192.168.237.131
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
    The authenticity of host '192.168.237.131 (192.168.237.131)' can't be established.
    ECDSA key fingerprint is SHA256:/AR9dYUN0PN9LOHYWfHeUe5LgyczVMH9mYv9+2GcAbM.
    ECDSA key fingerprint is MD5:30:f6:de:5a:7d:c2:08:b5:b7:31:61:4a:4e:dd:32:73.
    Are you sure you want to continue connecting (yes/no)? yes
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    root@192.168.237.131's password: 
    Number of key(s) added: 1
    Now try logging into the machine, with:   "ssh '192.168.237.131'"
    and check to make sure that only the key(s) you wanted were added.
    //配置端口转发
    [root@kvm ~]# ssh 192.168.237.131 -L localhost:8000:localhost:8000 -L localhost:6080:localhost:60
    Last login: Wed Oct 20 23:12:00 2021 from 192.168.237.1
    [root@kvm ~]# ss -anlt
    State      Recv-Q Send-Q       Local Address:Port                      Peer Address:Port              
    LISTEN     0      128              127.0.0.1:6080                                 *:*                  
    LISTEN     0      128              127.0.0.1:8000                                 *:*                  
    LISTEN     0      128                      *:111                                  *:*                  
    LISTEN     0      5            192.168.122.1:53                                   *:*                  
    LISTEN     0      128                      *:22                                   *:*                  
    LISTEN     0      100              127.0.0.1:25                                   *:*                  
    LISTEN     0      128                  [::1]:6080                              [::]:*                  
    LISTEN     0      128                  [::1]:8000                              [::]:*                  
    LISTEN     0      128                   [::]:111                               [::]:*                  
    LISTEN     0      128                   [::]:22                                [::]:*                  
    LISTEN     0      100                  [::1]:25                                [::]:*                  
    //配置nginx
    [root@kvm ~]# cd /etc/nginx/
    [root@kvm nginx]# ls
    conf.d                fastcgi_params          mime.types          scgi_params           win-utf
    default.d             fastcgi_params.default  mime.types.default  scgi_params.default
    fastcgi.conf          koi-utf                 nginx.conf          uwsgi_params
    fastcgi.conf.default  koi-win                 nginx.conf.default  uwsgi_params.default
    [root@kvm nginx]# cp nginx.conf nginx.conf-bak	//备份
    [root@kvm nginx]# cat nginx.conf
    user nginx;
    worker_processes auto;
    error_log /var/log/nginx/error.log;
    pid /run/nginx.pid;
    include /usr/share/nginx/modules/*.conf;
    events {
        worker_connections 1024;
    }
    http {
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
        access_log  /var/log/nginx/access.log  main;
        sendfile            on;
        tcp_nopush          on;
        tcp_nodelay         on;
        keepalive_timeout   65;
        types_hash_max_size 2048;
        include             /etc/nginx/mime.types;
        default_type        application/octet-stream;
        include /etc/nginx/conf.d/*.conf;
        server {
            listen       80;
            server_name  localhost;
            include /etc/nginx/default.d/*.conf;
            location / {
                root html;
                index index.html index.htm;
            }
            error_page 404 /404.html;
                location = /40x.html {
            }
            error_page 500 502 503 504 /50x.html;
                location = /50x.html {
            }
        }
    }
    [root@kvm conf.d]# pwd
    /etc/nginx/conf.d
    [root@kvm conf.d]# vi webvirtmgr.conf
    [root@kvm conf.d]# cat webvirtmgr.conf 
    server {
        listen 80 default_server;
        server_name $hostname;
        #access_log /var/log/nginx/webvirtmgr_access_log;
        location /static/ {
            root /var/www/webvirtmgr/webvirtmgr;
            expires max;
        }
        location / {
            proxy_pass http://127.0.0.1:8000;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
            proxy_set_header Host $host:$server_port;
            proxy_set_header X-Forwarded-Proto $remote_addr;
            proxy_connect_timeout 600;
            proxy_read_timeout 600;
            proxy_send_timeout 600;
            client_max_body_size 1024M;
        }
    }
    //确保bind绑定的是本机的8000端口
    [root@kvm ~]# vim /var/www/webvirtmgr/conf/gunicorn.conf.py 
    bind = '0.0.0.0:8000'		//修改此行
    backlog = 2048
    //启动nginx
    [root@kvm ~]# systemctl enable --now nginx
    Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
    [root@kvm ~]# ss -anlt
    State      Recv-Q Send-Q       Local Address:Port                      Peer Address:Port              
    LISTEN     0      128              127.0.0.1:6080                                 *:*                  
    LISTEN     0      128              127.0.0.1:8000                                 *:*                  
    LISTEN     0      128                      *:111                                  *:*                  
    LISTEN     0      128                      *:80                                   *:*                  
    LISTEN     0      5            192.168.122.1:53                                   *:*                  
    LISTEN     0      128                      *:22                                   *:*                  
    LISTEN     0      100              127.0.0.1:25                                   *:*                  
    LISTEN     0      128                  [::1]:6080                              [::]:*                  
    LISTEN     0      128                  [::1]:8000                              [::]:*                  
    LISTEN     0      128                   [::]:111                               [::]:*                  
    LISTEN     0      128                   [::]:22                                [::]:*                  
    LISTEN     0      100                  [::1]:25                                [::]:*                  
    //设置supervisor
    [root@kvm ~]# vim /etc/supervisord.conf 
    #在最后添加下面的内容
    [program:webvirtmgr]
    command=/usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
    directory=/var/www/webvirtmgr
    autostart=true
    autorestart=true
    logfile=/var/log/supervisor/webvirtmgr.log
    log_stderr=true
    user=nginx
    [program:webvirtmgr-console]
    command=/usr/bin/python2 /var/www/webvirtmgr/console/webvirtmgr-console
    directory=/var/www/webvirtmgr
    autostart=true
    autorestart=true
    stdout_logfile=/var/log/supervisor/webvirtmgr-console.log
    redirect_stderr=true
    user=nginx
    //启动supervisor
    [root@kvm ~]# systemctl enable --now supervisord
    Created symlink from /etc/systemd/system/multi-user.target.wants/supervisord.service to /usr/lib/systemd/system/supervisord.service.
    [root@kvm ~]# systemctl status supervisord
    ● supervisord.service - Process Monitoring and Control Daemon
       Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)
       Active: active (running) since 三 2021-10-20 23:53:33 CST; 12s ago
      Process: 46734 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS)
     Main PID: 46737 (supervisord)
    //配置nginx用户
    [root@kvm ~]# su - nginx -s /bin/bash
    -bash-4.2$ ssh-keygen -t rsa
    Generating public/private rsa key pair.
    Enter file in which to save the key (/var/lib/nginx/.ssh/id_rsa): 
    Created directory '/var/lib/nginx/.ssh'.
    Enter passphrase (empty for no passphrase): 
    Enter same passphrase again: 
    Your identification has been saved in /var/lib/nginx/.ssh/id_rsa.
    Your public key has been saved in /var/lib/nginx/.ssh/id_rsa.pub.
    The key fingerprint is:
    SHA256:S46h+CYFvCGW+6z68PXZgbKNLLdPdiPD6LmzPOpYBwI nginx@kvm
    The key's randomart image is:
    +---[RSA 2048]----+
    |                 |
    |                 |
    |E..              |
    |oo+              |
    |o.o+  . S        |
    | o.o.+ * .       |
    |. =.* O *        |
    | =oX=X * o       |
    |++**%B= .        |
    +----[SHA256]-----+
    -bash-4.2$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config
    -bash-4.2$ chmod 0600 ~/.ssh/config
    -bash-4.2$ ssh-copy-id root@192.168.237.131
    /bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/var/lib/nginx/.ssh/id_rsa.pub"
    /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    Warning: Permanently added '192.168.237.131' (ECDSA) to the list of known hosts.
    root@192.168.237.131's password: 
    Number of key(s) added: 1
    Now try logging into the machine, with:   "ssh 'root@192.168.237.131'"
    and check to make sure that only the key(s) you wanted were added.
    -bash-4.2$ exit
    登出
    [root@kvm ~]# vim /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
    [Remote libvirt SSH access]
    Identity=unix-user:root
    Action=org.libvirt.unix.manage
    ResultAny=yes
    ResultInactive=yes
    ResultActive=yes
    [root@kvm ~]# chown -R root.root /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
    [root@kvm ~]# systemctl restart nginx
    [root@kvm ~]# systemctl restart libvirtd
    

    1.3 kvm web界面管理

    通过ip地址在浏览器上访问kvm

    在这里插入图片描述

    1.3.1 kvm连接管理

    创建SSH连接:

    在这里插入图片描述

    在这里插入图片描述

    在这里插入图片描述

    1.3.2 kvm存储管理

    创建存储:

    在这里插入图片描述

    在这里插入图片描述

    进入存储:

    在这里插入图片描述

    在这里插入图片描述

    通过远程连接软件上传ISO镜像文件至存储目录/var/lib/libvirt/images/

    [root@kvm ~]# ls /var/lib/libvirt/images/
    CentOS-8.4.2105-x86_64-dvd1.iso
    

    在 web 界面查看ISO镜像是否存在

    在这里插入图片描述

    创建系统安装镜像

    在这里插入图片描述

    在这里插入图片描述

    在这里插入图片描述

    1.3.3 kvm网络管理

    添加桥接网络

    在这里插入图片描述

    在这里插入图片描述

    在这里插入图片描述

    1.3.4 实例管理

    实例(虚拟机)创建

    在这里插入图片描述

    在这里插入图片描述

    在这里插入图片描述

    虚拟机插入光盘

    在这里插入图片描述

    设置在 web 上访问虚拟机的密码

    在这里插入图片描述

    启动虚拟机

    在这里插入图片描述

    打开控制台

    在这里插入图片描述

    安装虚拟机

    在这里插入图片描述

    安装完成

    在这里插入图片描述

    故障

    web界面无法访问,命令行报错(accept: Too many open files)

    对nginx进行配置
    [root@kvm ~]# vim /etc/nginx/nginx.conf
    user nginx;
    worker_processes auto;
    error_log /var/log/nginx/error.log;
    pid /run/nginx.pid;
    worker_rlimit_nofile 655350;		//添加此行
    [root@kvm ~]# systemctl restart nginx.service 
    
    对系统参数进行设置
    [root@kvm ~]# vim /etc/security/limits.conf
    # End of file			//添加下面两行
    * soft nofile 655350		
    * hard nofile 655350
    
    重启虚拟机,就能成功访问
    [root@kvm ~]# reboot
    

    以上就是KVM虚拟化安装部署及管理教程的详细内容,更多关于KVM虚拟化安装部署及管理的资料请关注海外IDC网其它相关文章!