KVM+Webvirtmgr 小型虚拟化平台

Kvm环境准备:

Linux Centos6.9
看系统是否已开启虚拟化:
cat /proc/cpuinfo | egrep '(vmx|svm)' | wc -l (返回为1则已开启)
KVM所需安装软件:

核心包:
yum -y kvm libvirt python-virtinst qemu-kvm virt-viewer bridge-utils
完整环境包:

如想用图像界面管理Virt-manager,可以安装完整的KVM环境,(我选这种):

yum -y groupinstall Virtualization 'Virtualization Client' 'Virtualization Platform' 'Virtualization Tools'

设置虚拟机桥接网络

[root@kvm data]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
DEVICE=eth0
BRIDGE=br0
ONBOOT=yes
[root@kvm data]# cat /etc/sysconfig/network-scripts/ifcfg-br0 
BOOTPROTO=static
TYPE=Bridge
DEVICE=br0
NM_CONTROLLED=no
ONBOOT=yes
IPADDR=192.168.31.252
NETMASK=255.255.255.0
GATEWAY=192.168.31.1
DNS1=8.8.8.8
[root@kvm data]# 

注意: 设置完重启网卡后需停掉 NetworkManager 服务,不然重启后网络会出问题
安装启动

yum -y groupinstall Virtualization 'Virtualization Client' 'Virtualization Platform' 'Virtualization Tools'
/etc/init.d/libvirtd start
chkconfig libvirtd on

启动完virtlibd后打开virt-manager管理器可能会报错:unsupported format character ‘��0xffffffef) at index 1可能会出现这个报错

应该是virt-manager版本问题,virt-manager-0.9.0-34版本对中文字符集的支持有问题。(Centos6.8不会出现,Centos6.9会出现)

卸载virt-manager-0.9.0-34版本,重新安装virt-manager-0.9.0-31.el6.x86_64

1、卸载 virt-manager-0.9.0-34

yum remove virt-manager

2、安装 virt-manager-0.9.0-31

 yum localinstall virt-manager-0.9.0-31.el6.x86_64.rpm

解决后正常是这样的

部署可视化的kvm管理平台Webvirtmgr

准备环境

依赖包:
yum -y install http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
依赖环境包:
yum -y install git python-pip libvirt-python libxml2-python python-websockify supervisor nginx
克隆github代码:
cd /usr/local/src/
git clone git://github.com/retspen/webvirtmgr.git

开始安装

cd /usr/local/src/webvirtmgr
pip install -r requirements.txt
./manager.py # 可以看下支持哪些命令
./manager.py syncdb # 执行初始化

[root@kvm webvirtmgr]# ./manage.py syncdb
WARNING:root:No local_settings file found.
Creating tables ...
Creating table auth_permission
Creating table auth_group_permissions
Creating table auth_group
Creating table auth_user_groups
Creating table auth_user_user_permissions
Creating table auth_user
Creating table django_content_type
Creating table django_session
Creating table django_site
Creating table servers_compute
Creating table instance_instance
Creating table create_flavor

You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes
Username (leave blank to use 'root'): admin
Email address: 778123069@qq.com
Password: 
Password (again): 
Superuser created successfully.
Installing custom SQL ...
Installing indexes ...
Installed 6 object(s) from 1 fixture(s)
[root@kvm webvirtmgr]# 

./manage.py collectstatic #生成配置文件
./manage.py createsuperuser #如需再创建管理员账号可执行这个

将相关目录拷贝到web

cd /usr/local/src
mkdir -pv /var/www
cp -Rv webvirtmgr /var/www/webvirtmgr

添加 Nginx 配置文件
[root@kvm webvirtmgr]# mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.bak 

[root@kvm webvirtmgr]# vim /etc/nginx/conf.d/webvirtmgr.conf
server {
listen 80 default_server;

server_name $hostname;

access_log /var/log/nginx/webvirtmgr_access_log;

location /static/ {

root /var/www/webvirtmgr/webvirtmgr; # or /srv instead of /var

expires max;

}

location / {

proxy_pass http://127.0.0.1:8000;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;

proxy_set_header Host $host:$server_port;

proxy_set_header X-Forwarded-Proto $remote_addr;

proxy_connect_timeout 600;

proxy_read_timeout 600;

proxy_send_timeout 600;

client_max_body_size 1024M; # Set higher depending on your needs

}

}
[root@kvm webvirtmgr]# chown -R nginx:nginx /var/www/webvirtmgr
[root@kvm webvirtmgr]# service nginx start    
设置 supervisor
[root@kvm webvirtmgr]# vim /etc/supervisord.conf          #在文件末尾添加
...
[program:webvirtmgr]

command=/usr/bin/python /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
logfile=/var/log/supervisor/webvirtmgr.log
log_stderr=true
user=nginx

[program:webvirtmgr-console]

command=/usr/bin/python /var/www/webvirtmgr/console/webvirtmgr-console
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
stdout_logfile=/var/log/supervisor/webvirtmgr-console.log
redirect_stderr=true
user=nginx
[root@kvm webvirtmgr]# 
修改gunicorn.conf.py
[root@kvm webvirtmgr]# vim /var/www/webvirtmgr/conf/gunicorn.conf.py
...
bind = "0:8000"
...
[root@kvm webvirtmgr]# /etc/init.d/supervisord restart
[root@kvm webvirtmgr]# chkconfig supervisord on  
[root@kvm webvirtmgr]# netstat -ntpl                 # 看下6080和8000是否已经启动
测试访问 Webvirtmgr

iptables放行相关端口后
浏览器访问我们的webvirtmgr
IP:8000


到此,Webvirtmgr客户端搭建好了,接下来我们要配置结合KVM虚拟机所在宿主机

然而你可能会发现 nginx 呢,并没什么卵用?它只是用来做代理功能,其实将/var/www/webvirtmgr/conf/gunicorn.conf.py 里的8000端口改成80就可以了,真 没它什么事了 ... ...

libvirt.conf 和 livirtd.conf
[root@kvm webvirtmgr]# grep -vE '^#|^$' /etc/libvirt/libvirtd.conf 
listen_tls = 0
listen_tcp = 1
listen_addr = "192.168.31.252"
auth_tcp = "sasl"
max_clients = 200
max_workers = 200
log_outputs="3:syslog:libvirtd"
[root@kvm webvirtmgr]# grep -vE '^#|^$' /etc/libvirt/libvirt.conf 
uri_default = "qemu+tcp://192.168.31.252/system"
[root@kvm webvirtmgr]# 
Webvirtmgr 结合 Kvm 宿主机

下载并执行脚本:libvirt-bootstrap.sh,同时iptables放行相应的端口
设置TCP认证Setup TCP authorization , Webvirtmgr新建服务器连接时需要此账号

[root@kvm src]# curl http://retspen.github.io/libvirt-bootstrap.sh | sudo sh
[root@kvm src]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 16509 -j ACCEPT
[root@kvm src]# saslpasswd2 -a libvirt Test                              # 新增用户
Password: 
Again (for verification): 
[root@kvm src]# sasldblistusers2 -f /etc/libvirt/passwd.db               # 查看新增用户
Test@kvm: userPassword
[root@kvm src]# saslpasswd2 -d libvirt Test                              # 删除用户
[root@kvm src]# virsh -c qemu+tcp://192.168.31.252/system nodeinfo       # 验证新加的账号
Please enter your authentication name: Test
Please enter your password: 
CPU 型号:        x86_64
CPU:               1
CPU 频率:        3504 MHz
CPU socket:        1
每个 socket 的内核数: 1
每个内核的线程数: 1
NUMA 单元:       1
内存大小:      3908800 KiB

[root@kvm src]# 

如果是Centos7 则有个地方需要改下

如上创建的 用户和密码正常会保存在 /etc/libvirt/passwd.db

[root@kvm src]# grep -vE '^#|^$' /etc/sasl2/libvirt.conf 
mech_list: digest-md5
sasldb_path: /etc/libvirt/passwd.db         # 不修改 mech_list 创建用户不会生成
[root@kvm src]# grep -a 'mech_list' /etc/sasl2/libvirt.conf 
#mech_list: gssapi                     # Centos7 默认是这个,需修改为 digest-md5
mech_list: digest-md5
#mech_list: scram-sha-1
#mech_list: scram-sha-1 gssapi
[root@kvm src]# vim /etc/sasl2/libvirt.conf 
[root@kvm src]# 

验证


简单优化

1 .修改默认存储路径

[root@kvm ~]# virsh 
欢迎使用 virsh,虚拟化的交互式终端。

输入:'help' 来获得命令的帮助信息
       'quit' 退出
virsh # pool-list
 名称               状态     自动开始
-----------------------------------------
default              活动     yes       

virsh # 

virsh # pool-edit default
Pool default XML configuration edited.

virsh # 
virsh # quit
[root@kvm ~]#

修改后在webvirtmgr重启下状态即可生效:

网络需要先将宿主机设置br0桥接网卡才虚拟机才可以桥接网卡从而可以访问外网
br0

2 .kvm宿主机安装vnc

实现kvm虚拟机可以通过 WebVirMgr 进行管理


[root@kvm ~]# yum -y install tigervnc-server 
[root@kvm ~]# vim /etc/sysconfig/vncservers
[root@kvm ~]# grep -Ev '^#|^$' /etc/sysconfig/vncservers 
VNCSERVERS="1:root"
VNCSERVERARGS[1]="-geometry 1024x768 -alwaysshared -depth 24"
[root@kvm ~]# vncserver                                      #初始化设置vnc连接密码

You will require a password to access your desktops.

Password:
Verify:
xauth:  file /root/.Xauthority does not exist


New 'kvm:1 (root)' desktop is kvm:1

Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/kvm:1.log

[root@kvm ~]# 

[root@kvm ~]# 
3. 添加备注信息

[root@kvm ~]# virsh list
 Id    名称                         状态
----------------------------------------------------
 2     Centos6.5                      running

[root@kvm ~]# virsh list --title
 Id    名称                         状态     Title               
----------------------------------------------------------------------------------
 2     Centos6.5                      running    Test 192.168.122.23 

[root@kvm ~]# 

遇到的问题

修改主机名重启及其后发现 WebVirtMgr 无法连接到 Kvm 宿主了
[root@kvm ~]# virsh -c qemu+tcp://192.168.31.252/system nodeinfo
Please enter your authentication name: Test
Please enter your password: 
错误:验证失败: 验证失败
错误:连接到管理程序失败
[root@kvm ~]# ls

日志有报错

[root@kvm ~]# tail /var/log/libvirt/libvirtd.log 
2018-05-20 06:13:07.311+0000: 4422: error : virNetSocketReadWire:1194 : End of file while reading data: 输入/输出错误
2018-05-20 06:13:15.983+0000: 4427: error : virNetSASLSessionServerStep:616 : 验证失败: 启动 SASL 协商失败:-20(SASL(-13): user not found: no secret in database)
2018-05-20 06:13:15.983+0000: 4427: error : remoteDispatchAuthSaslStep:2786 : 验证失败: 验证失败
2018-05-20 06:13:15.984+0000: 4422: error : virNetSocketReadWire:1194 : End of file while reading data: 输入/输出错误
2018-05-20 06:13:31.640+0000: 4426: error : virNetSASLSessionServerStep:616 : 验证失败: 启动 SASL 协商失败:-20(SASL(-13): user not found: no secret in database)
2018-05-20 06:13:31.640+0000: 4426: error : remoteDispatchAuthSaslStep:2786 : 验证失败: 验证失败
2018-05-20 06:13:31.640+0000: 4422: error : virNetSocketReadWire:1194 : End of file while reading data: 输入/输出错误
2018-05-20 06:19:08.605+0000: 1567: info : libvirt version: 0.10.2, package: 62.el6_9.1 (CentOS BuildSystem <http://bugs.centos.org>, 2018-01-04-19:17:38, c1bl.rdu2.centos.org)
2018-05-20 06:19:08.605+0000: 1567: error : virNetSocketReadWire:1194 : End of file while reading data: Input/output error
2018-05-20 06:21:39.047+0000: 1567: warning : virKeepAliveTimerInternal:156 : No response from client 0x7f2318a3e3f0 after 5 keepalive messages in 30 seconds
[root@kvm ~]# 

网上查了下也查不到啥,于是只能靠自己摸索了,回想自己重启前改过hostname,会不会是这个问题导致,于是就以这个切入点开始

[root@kvm ~]# sasldblistusers2 -f /etc/libvirt/passwd.db
Test@MiWiFi-R3-srv: userPassword
[root@kvm ~]# saslpasswd2 -a libvirt Test
Password: 
Again (for verification): 
[root@kvm ~]# sasldblistusers2 -f /etc/libvirt/passwd.db
Test@kvm: userPassword
Test@MiWiFi-R3-srv: userPassword
[root@kvm ~]# 
[root@kvm ~]# /etc/init.d/libvirtd restart

发现恢复正常了,还真是这个问题导致的

[root@kvm ~]# virsh -c qemu+tcp://192.168.31.252/system nodeinfo
Please enter your authentication name: Test
Please enter your password: 
CPU 型号:        x86_64
CPU:               1
CPU 频率:        3504 MHz
CPU socket:        1
每个 socket 的内核数: 1
每个内核的线程数: 1
NUMA 单元:       1
内存大小:      3908800 KiB
点击操作频繁会出现 Cannot recv data: Connection reset by peer 且日志会一直报连接数过多丢弃的错误
[root@kvm ~]# tail -f /var/log/libvirt/libvirtd.log 
2018-05-09 13:47:41.668+0000: 6815: error : virNetServerAddClient:270 : Too many active clients (20), dropping connection from 192.168.86.250;60014
2018-05-09 13:47:45.669+0000: 6815: error : virNetServerAddClient:270 : Too many active clients (20), dropping connection from 192.168.86.250;60015
2018-05-09 13:47:51.668+0000: 6815: error : virNetServerAddClient:270 : Too many active clients (20), dropping connection from 192.168.86.250;60016
2018-05-09 13:47:53.668+0000: 6815: error : virNetServerAddClient:270 : Too many active clients (20), dropping connection from 192.168.86.250;60017
2018-05-09 13:47:57.668+0000: 6815: error : virNetServerAddClient:270 : Too many active clients (20), dropping connection from 192.168.86.250;60018
2018-05-09 13:48:01.668+0000: 6815: error : virNetServerAddClient:270 : Too many active clients (20), dropping connection from 192.168.86.250;60019
2018-05-09 13:48:03.669+0000: 6815: error : virNetServerAddClient:270 : Too many active clients (20), dropping connection from 192.168.86.250;60020
2018-05-09 13:48:05.668+0000: 6815: error : virNetServerAddClient:270 : Too many active clients (20), dropping connection from 192.168.86.250;60021
2018-05-09 13:48:07.668+0000: 6815: error : virNetServerAddClient:270 : Too many active clients (20), dropping connection from 192.168.86.250;60022
2018-05-09 13:48:09.670+0000: 6815: error : virNetServerAddClient:270 : Too many active clients (20), dropping connection from 192.168.86.250;60023

解决方法:

[root@kvm ~]# grep -vE '^#|^$' /etc/libvirt/libvirtd.conf 
listen_tls = 0
listen_tcp = 1
listen_addr = "192.168.31.252"
auth_tcp = "sasl"
max_clients = 200
max_workers = 200
log_outputs="3:syslog:libvirtd"
[root@kvm ~]# 

参考

如忘记用户名

sasldblistusers2 -f /etc/libvirt/passwd.db

[root@kvm ~]# sasldblistusers2 -f /etc/libvirt/passwd.db
admin@kvm: userPassword
[root@kvm ~]# 

用 virt-install 命令安装虚拟机

[root@kvm ~]# qemu-img create -f qcow2 /data/Vm/tmp/centos7u4-node1.qcow2 10G

[root@kvm ~]# virt-install --name Centos --virt-type kvm --ram 2048 --cdrom=/data/images/CentOS-7-x86_64-Minimal-1810.iso --disk path=/data/Vm/tmp/centos7u4-node1.qcow2 --network=default --graphics vnc,listen=0.0.0.0 --noautoconsole

Please enter your authentication name: admin
Please enter your password: 
WARNING  未检测到操作系统,虚拟机性能可能会受到影响。使用 --os-variant 选项指定操作系统以获得最佳性能。

开始安装......
域安装仍在进行。您可以重新连接
到控制台以便完成安装进程。
[root@kvm ~]#

如误删,可参考该方法尝试还原

误删虚拟机还原

comments powered by Disqus