使用Wok管理kvm虚拟机

【Centos7.4】

!!!测试环境我们首关闭防火墙和selinux

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@localhost ~]# setenforce 0

 

一:首先为KVM环境做准备工作

1、检查cpu是否支持虚拟化

[root@localhost ~]# cat /proc/cpuinfo | grep vmx
flags	: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon nopl xtopology tsc_reliable nonstop_tsc eagerfpu pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave rdrand hypervisor lahf_lm abm 3dnowprefetch tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep invpcid rdseed smap clflushopt xsaveopt xsavec arat
flags	: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon nopl xtopology tsc_reliable nonstop_tsc eagerfpu pni pclmulqdq vmx ssse3 cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave rdrand hypervisor lahf_lm abm 3dnowprefetch tpr_shadow vnmi ept vpid fsgsbase tsc_adjust smep invpcid rdseed smap clflushopt xsaveopt xsavec arat

如果有vmx信息输出,就说明支持虚拟化;如果没有任何的输出,说明你的cpu不支持,将无法使用KVM虚拟机;(如果用的是AMD的处理器,将后面的VMX换成SVM)

由于我是在虚拟机上测试的。只需将虚拟化引擎下面的三个选项打勾就可以了(说白了,就是在虚拟机里面再装虚拟机——简称:虚拟机中的虚拟机)

 

 

 2、确保BIOS里开启虚拟化功能——查看是否加载KVM模块

[root@localhost ~]# lsmod | grep kvm
kvm_intel             170086  0 
kvm                   566340  1 kvm_intel
irqbypass              13503  1 kvm
  • 如果没有加载出来,运行以下命令重试
[root@localhost ~]# modprobe kvm
[root@localhost ~]# modprobe kvm-intel
[root@localhost ~]# lsmod | grep kvm
kvm_intel             170086  0 
kvm                   566340  1 kvm_intel
irqbypass              13503  1 kvm

 

3、部署桥接网络

1️⃣:在KVM里面需要用到桥接网络的管理工具:brctl ; 需要安装:bridge-utils安装包

[root@localhost ~]# yum install -y bridge-utils
[root@localhost ~]# systemctl restart networker

 

2️⃣:配置KVM网桥模式

[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-ens32 ifcfg-br0
[root@localhost network-scripts]# cat ifcfg-ens32 
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none               //改成静态 
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens32
UUID=e916ebc7-5a6c-4711-a86b-0c2fc928c9b1
DEVICE=ens32
ONBOOT=yes
BRIDGE=br0             //添加BRIDGE



[root@localhost network-scripts]# cat ifcfg-br0 TYPE=Bridge //将Ethernet换成Bridge PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none //换成静态 DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=br0 //NAME换成设备名称br0 DEVICE=br0 //DEVICE同样换成设备名称br0 ONBOOT=yes IPADDR=192.168.0.123 //IP、掩码、网关、DNS根据自己的实际情况写 NETMASK=255.255.255.0 GATEWAY=192.168.0.1 DNS1=8.8.8.8 //复制过来的ifcfg-br0里面会有一个UUID这个可以注释,也可以删除;IPV6也可以注释或者删除,我只删除了UUID。

 

3️⃣:重启网络服务后查看网卡的配置信息:

[root@localhost network-scripts]# systemctl restart network
[root@localhost network-scripts]# ifconfig 
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.123  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::b086:e52c:8183:73c5  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:b5:00:34  txqueuelen 1000  (Ethernet)
        RX packets 35  bytes 2290 (2.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 39  bytes 3186 (3.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 00:0c:29:b5:00:34  txqueuelen 1000  (Ethernet)
        RX packets 23308  bytes 30757732 (29.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 11549  bytes 1073445 (1.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 88  bytes 7632 (7.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 88  bytes 7632 (7.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 

4️⃣:测试br0网卡是否可以访问外网:

[root@localhost network-scripts]# ping -c 3 www.baidu.com
PING www.wshifen.com (104.193.88.123) 56(84) bytes of data.
64 bytes from 104.193.88.123 (104.193.88.123): icmp_seq=1 ttl=47 time=255 ms
64 bytes from 104.193.88.123 (104.193.88.123): icmp_seq=2 ttl=47 time=264 ms
64 bytes from 104.193.88.123 (104.193.88.123): icmp_seq=3 ttl=45 time=320 ms

--- www.wshifen.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2005ms
rtt min/avg/max/mdev = 255.984/280.383/320.188/28.384 ms

 

二、安装libvirt及其他的KVM所需要的安装包

[root@localhost ~]# yum install –y libvirt  virt-* qemu-*
[root@localhost ~]# systemctl start libvirtd
[root@localhost ~]# systemctl enable libvirtd
//由于包很多,这样方便,就是安装时间太长
1 libvirt                C语言工具包,提供libvirt服务
2 qemu-kvm         主要的KVM程序包
3 virt-manager      GUI虚拟机管理工具
4 qemu-img          虚拟磁盘创建命令
5 virt-viewer         GUI连接程序,连接到已配置好的虚拟机
6 libvirt-client       虚拟客户机提供的C语言工具包
7 virt-install          基于libvirt服务的虚拟机创建命令
8 bridge-utils        创建和管理桥接设备的工具
注释

 

三、安装Web界面管理工具

  • Kimchi是一个基于HTML5的KVM管理工具,是Wok的一个插件(使用Kimchi前一定要先安装了wok),通过Kimchi可以更方便的管理KVM
[root@localhost ~]# yum install -y wget
[root@localhost ~]# wget https://github.com/kimchi-project/wok/releases/download/2.5.0/wok-2.5.0-0.el7.centos.noarch.rpm
[root@localhost ~]# wget https://github.com/kimchi-project/kimchi/releases/download/2.5.0/kimchi-2.5.0-0.el7.centos.noarch.rpm
[root@localhost ~]# ls
anaconda-ks.cfg  kimchi-2.5.0-0.el7.centos.noarch.rpm  wok-2.5.0-0.el7.centos.noarch.rpm
[root@localhost ~]# yum install -y wok-2.5.0-0.el7.centos.noarch.rpm
[root@localhost ~]# yum install -y kimchi-2.5.0-0.el7.centos.noarch.rpm
[root@localhost ~]# systemctl start wokd
[root@localhost ~]# systemctl enable wokd
[root@localhost ~]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      17591/nginx: master 
tcp        0      0 192.168.122.1:53        0.0.0.0:*               LISTEN      4783/dnsmasq        
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1055/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1155/master         
tcp        0      0 127.0.0.1:64667         0.0.0.0:*               LISTEN      17601/python2       
tcp        0      0 0.0.0.0:8000            0.0.0.0:*               LISTEN      17591/nginx: master 
tcp        0      0 0.0.0.0:8001            0.0.0.0:*               LISTEN      17591/nginx: master 
tcp        0      0 127.0.0.1:8010          0.0.0.0:*               LISTEN      17594/python2       
tcp6       0      0 :::80                   :::*                    LISTEN      17591/nginx: master 
tcp6       0      0 :::22                   :::*                    LISTEN      1055/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      1155/master         
udp        0      0 192.168.122.1:53        0.0.0.0:*                           4783/dnsmasq        
udp        0      0 0.0.0.0:67              0.0.0.0:*                           4783/dnsmasq        
udp        0      0 127.0.0.1:323           0.0.0.0:*                           682/chronyd         
udp6       0      0 ::1:323                 :::*                                682/chronyd

 

四、浏览器上操作

  • 地址栏输入:ip:8000(第一次可能会出现提示不是私密连接,会有安全隐患之类的提示,这个不用管,继续访问就行)

 

 

 

 

 

posted @ 2020-07-30 09:00  廿九九  阅读(797)  评论(0编辑  收藏  举报