虚拟化技术之kvm管理工具virsh常用基础命令(二)
上一篇博客我们主要聊了下virsh 管理kvm虚拟机的命令相关用法和说明,回顾请参考https://www.cnblogs.com/qiuhom-1874/p/13508231.html;今天我们来继续说virsh 管理kvm虚拟机的话题;
1、virsh 监控kvm虚拟机相关命令
virsh domblklist:列出指定虚拟机上的磁盘信息
[root@node1 ~]# virsh help domblklist NAME domblklist - 列出所有域块 SYNOPSIS domblklist <domain> [--inactive] [--details] DESCRIPTION 获取域块设备小结 OPTIONS [--domain] <string> domain name, id or uuid --inactive 获取不活跃而不是运行的配置 --details type 和 device 值的附加显示 [root@node1 ~]# virsh list --all Id 名称 状态 ---------------------------------------------------- 3 centos7.0 running 4 c2 running 6 generic running [root@node1 ~]# virsh domblklist c2 目标 源 ------------------------------------------------ vda /kvm/images/c2.qcow2 hda - [root@node1 ~]# virsh domblklist generic 目标 源 ------------------------------------------------ hda /kvm/images/cirros-0.5.0-x86_64-disk.img [root@node1 ~]#
virsh domiflist:列出指定虚拟机上的所有网卡
[root@node1 ~]# virsh help domiflist NAME domiflist - 列出所有域虚拟接口 SYNOPSIS domiflist <domain> [--inactive] DESCRIPTION 获取域虚拟接口小结 OPTIONS [--domain] <string> domain name, id or uuid --inactive 获取不活跃而不是运行的配置 [root@node1 ~]# virsh domiflist generic 接口 类型 源 型号 MAC ------------------------------------------------------- vnet2 network default rtl8139 52:54:00:3e:3f:71 [root@node1 ~]# virsh domiflist centos7.0 接口 类型 源 型号 MAC ------------------------------------------------------- vnet0 network default virtio 52:54:00:e3:8d:11 [root@node1 ~]# ifconfig ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.0.41 netmask 255.255.255.0 broadcast 192.168.0.255 inet6 fe80::20c:29ff:fe9a:dbd6 prefixlen 64 scopeid 0x20<link> ether 00:0c:29:9a:db:d6 txqueuelen 1000 (Ethernet) RX packets 113557 bytes 34709850 (33.1 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 111108 bytes 27361452 (26.0 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 132700 bytes 348628216 (332.4 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 132700 bytes 348628216 (332.4 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255 ether 52:54:00:45:06:15 txqueuelen 1000 (Ethernet) RX packets 2042 bytes 130515 (127.4 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1028 bytes 83137 (81.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::fc54:ff:fee3:8d11 prefixlen 64 scopeid 0x20<link> ether fe:54:00:e3:8d:11 txqueuelen 1000 (Ethernet) RX packets 571 bytes 46596 (45.5 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 11055 bytes 593226 (579.3 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 vnet1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::fc54:ff:fee3:8521 prefixlen 64 scopeid 0x20<link> ether fe:54:00:e3:85:21 txqueuelen 1000 (Ethernet) RX packets 314 bytes 24074 (23.5 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6210 bytes 333740 (325.9 KiB) TX errors 0 dropped 4072 overruns 0 carrier 0 collisions 0 vnet2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::fc54:ff:fe3e:3f71 prefixlen 64 scopeid 0x20<link> ether fe:54:00:3e:3f:71 txqueuelen 1000 (Ethernet) RX packets 741 bytes 56211 (54.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 4711 bytes 248155 (242.3 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@node1 ~]#
提示:从上面的信息可以看到kvm虚拟机上的网卡都对应在宿主机上的一个虚拟网卡 ;
virsh domifaddr:获取指定虚拟机上的ip地址
[root@node1 ~]# virsh help domifaddr NAME domifaddr - Get network interfaces' addresses for a running domain SYNOPSIS domifaddr <domain> [--interface <string>] [--full] [--source <string>] DESCRIPTION Get network interfaces' addresses for a running domain OPTIONS [--domain] <string> domain name, id or uuid --interface <string> network interface name --full always display names and MACs of interfaces --source <string> address source: 'lease', 'agent', or 'arp' [root@node1 ~]# virsh domifaddr c2 名称 MAC 地址 Protocol Address ------------------------------------------------------------------------------- vnet1 52:54:00:e3:85:21 ipv4 192.168.122.168/24 [root@node1 ~]# virsh domifaddr centos7.0 名称 MAC 地址 Protocol Address ------------------------------------------------------------------------------- vnet0 52:54:00:e3:8d:11 ipv4 192.168.122.222/24 [root@node1 ~]# virsh domifaddr generic 名称 MAC 地址 Protocol Address ------------------------------------------------------------------------------- vnet2 52:54:00:3e:3f:71 ipv4 192.168.122.4/24 [root@node1 ~]#
virsh domifstat:统计指定虚拟机上的指定网卡状态信息
[root@node1 ~]# virsh help domifstat NAME domifstat - 获得域网络接口状态 SYNOPSIS domifstat <domain> <interface> DESCRIPTION 获得运行域的网络接口状态。 OPTIONS [--domain] <string> domain name, id or uuid [--interface] <string> interface device specified by name or MAC Address [root@node1 ~]# virsh domiflist c2 接口 类型 源 型号 MAC ------------------------------------------------------- vnet1 network default virtio 52:54:00:e3:85:21 [root@node1 ~]# virsh domifstat c2 vnet1 vnet1 rx_bytes 345156 vnet1 rx_packets 6429 vnet1 rx_errs 0 vnet1 rx_drop 4072 vnet1 tx_bytes 24206 vnet1 tx_packets 316 vnet1 tx_errs 0 vnet1 tx_drop 0 [root@node1 ~]#
virsh dominfo:获取指定虚拟机的简要信息
[root@node1 ~]# virsh help dominfo NAME dominfo - 域信息 SYNOPSIS dominfo <domain> DESCRIPTION 返回这个域的基本信息。 OPTIONS [--domain] <string> domain name, id or uuid [root@node1 ~]# virsh dominfo c2 Id: 4 名称: c2 UUID: 10d61aa8-b0fa-4433-a733-00a8721bee01 OS 类型: hvm 状态: running CPU: 2 CPU 时间: 188.1s 最大内存: 2097152 KiB 使用的内存: 2097152 KiB 持久: 是 自动启动: 禁用 管理的保存: 否 安全性模式: none 安全性 DOI: 0 [root@node1 ~]#
virsh dommemstat:获取指定虚拟机内存相关状态信息
[root@node1 ~]# virsh help dommemstat NAME dommemstat - 获取域的内存统计 SYNOPSIS dommemstat <domain> [--period <number>] [--config] [--live] [--current] DESCRIPTION 获取运行域的内存统计 OPTIONS [--domain] <string> domain name, id or uuid --period <number> 以秒为单位设定集合期限 --config 影响下一次引导 --live 影响运行的域 --current 影响当前域 [root@node1 ~]# virsh dommemstat c2 actual 2097152 swap_in 0 swap_out 0 major_fault 201 minor_fault 176924 unused 1761832 available 1883456 last_update 1597490486 rss 455384 [root@node1 ~]# virsh dommemstat centos7.0 actual 2097152 swap_in 0 swap_out 0 major_fault 179 minor_fault 169193 unused 1761272 available 1883456 last_update 1597480749 rss 560324 [root@node1 ~]#
virsh domstate:获取指定虚拟机的状态信息
[root@node1 ~]# virsh help domstate NAME domstate - 域状态 SYNOPSIS domstate <domain> [--reason] DESCRIPTION 返回某个域的状态。 OPTIONS [--domain] <string> domain name, id or uuid --reason 同时输出状态原因 [root@node1 ~]# virsh domstate centos7.0 running [root@node1 ~]# virsh domstate centos7.0 --reason running (已引导) [root@node1 ~]#
virsh domstats:显示指定虚拟机的详细状态信息,如果不指定虚拟机名称表示显示当前宿主机上的所有虚拟机的详细状态信息
[root@node1 ~]# virsh help domstats NAME domstats - get statistics about one or multiple domains SYNOPSIS domstats [--state] [--cpu-total] [--balloon] [--vcpu] [--interface] [--block] [--perf] [--list-active] [--list-inactive] [--list-persistent] [--list-transient] [--list-running] [--list-paused] [--list-shutoff] [--list-other] [--raw] [--enforce] [--backing] [--nowait] [<domain>]... DESCRIPTION Gets statistics about one or more (or all) domains OPTIONS --state report domain state --cpu-total report domain physical cpu usage --balloon report domain balloon statistics --vcpu report domain virtual cpu information --interface report domain network interface information --block report domain block device statistics --perf report domain perf event statistics --list-active list only active domains --list-inactive list only inactive domains --list-persistent list only persistent domains --list-transient list only transient domains --list-running list only running domains --list-paused list only paused domains --list-shutoff list only shutoff domains --list-other list only domains in other states --raw do not pretty-print the fields --enforce enforce requested stats parameters --backing add backing chain information to block stats --nowait report only stats that are accessible instantly <domain> list of domains to get stats for [root@node1 ~]# virsh domstats centos7.0 Domain: 'centos7.0' state.state=1 state.reason=1 cpu.time=108764965089 cpu.user=850000000 cpu.system=14010000000 balloon.current=2097152 balloon.maximum=2097152 balloon.swap_in=0 balloon.swap_out=0 balloon.major_fault=187 balloon.minor_fault=174029 balloon.unused=1758704 balloon.available=1883456 balloon.last-update=1597581679 balloon.rss=561212 vcpu.current=2 vcpu.maximum=2 vcpu.0.state=1 vcpu.0.time=39050000000 vcpu.0.wait=0 vcpu.1.state=1 vcpu.1.time=14570000000 vcpu.1.wait=0 net.count=1 net.0.name=vnet1 net.0.rx.bytes=142006 net.0.rx.pkts=2577 net.0.rx.errs=0 net.0.rx.drop=0 net.0.tx.bytes=17972 net.0.tx.pkts=222 net.0.tx.errs=0 net.0.tx.drop=0 block.count=2 block.0.name=vda block.0.path=/var/lib/libvirt/images/centos7.0.qcow2 block.0.rd.reqs=6517 block.0.rd.bytes=150312448 block.0.rd.times=32776473520 block.0.wr.reqs=647 block.0.wr.bytes=13009920 block.0.wr.times=10069609744 block.0.fl.reqs=238 block.0.fl.times=938612582 block.0.allocation=16855924224 block.0.capacity=21474836480 block.0.physical=21478379520 block.1.name=hda block.1.rd.reqs=3 block.1.rd.bytes=82 block.1.rd.times=227269 block.1.wr.reqs=0 block.1.wr.bytes=0 block.1.wr.times=0 block.1.fl.reqs=0 block.1.fl.times=0 block.1.allocation=0 block.1.physical=0 [root@node1 ~]#
提示:如果想知获取某一对象的的详细信息可以在后面跟对应的选项来做过滤;
[root@node1 ~]# virsh domstats centos7.0 --interface --balloon Domain: 'centos7.0' balloon.current=2097152 balloon.maximum=2097152 balloon.swap_in=0 balloon.swap_out=0 balloon.major_fault=187 balloon.minor_fault=174029 balloon.unused=1758704 balloon.available=1883456 balloon.last-update=1597581679 balloon.rss=561468 net.count=1 net.0.name=vnet1 net.0.rx.bytes=148978 net.0.rx.pkts=2710 net.0.rx.errs=0 net.0.rx.drop=0 net.0.tx.bytes=18326 net.0.tx.pkts=227 net.0.tx.errs=0 net.0.tx.drop=0 [root@node1 ~]#
提示:如果指定多个选项,它们之间是或关系,意思是仅显示指定选项的内容;
virsh domif-getlink:获取指定虚拟机的指定接口状态
[root@node1 ~]# virsh help domif-getlink NAME domif-getlink - 获取虚拟接口链接状态 SYNOPSIS domif-getlink <domain> <interface> [--config] DESCRIPTION 获取域虚拟接口链接状态 OPTIONS [--domain] <string> domain name, id or uuid [--interface] <string> 接口失败 (MAC 地址) --config 获取持续接口状态 [root@node1 ~]# virsh domif-getlink c2 vnet1 vnet1 up [root@node1 ~]#
virsh domblkinfo:获取指定虚拟机的磁盘大小信息
[root@node1 ~]# virsh domblkinfo centos7.0 错误:command 'domblkinfo' requires <device> option [root@node1 ~]# [root@node1 ~]# virsh help domblkinfo NAME domblkinfo - 域块设备大小信息 SYNOPSIS domblkinfo <domain> [--device <string>] [--human] [--all] DESCRIPTION 获取域块设备大小信息 OPTIONS [--domain] <string> domain name, id or uuid --device <string> 阻止设备 --human Human readable output --all display all block devices info [root@node1 ~]# virsh domblklist c2 目标 源 ------------------------------------------------ vda /kvm/images/c2.qcow2 hda - [root@node1 ~]# virsh domblkinfo c2 vda 容量: 21474836480 分配: 21478375424 物理: 21478375424 [root@node1 ~]# virsh domblkinfo c2 vda --human 容量: 20.000 GiB 分配: 20.003 GiB 物理: 20.003 GiB [root@node1 ~]#
virsh domblkerror:列出指定虚拟机上的指定磁盘的错误信息
[root@node1 ~]# virsh help domblkerror NAME domblkerror - 在块设备中显示错误 SYNOPSIS domblkerror <domain> DESCRIPTION 显示块设备错误 OPTIONS [--domain] <string> domain name, id or uuid [root@node1 ~]# virsh domblkerror c2 未找到错误 [root@node1 ~]# virsh domblkerror centos7.0 未找到错误 [root@node1 ~]#
virsh domcontrol:获取指定虚拟机上的控制接口状态信息
[root@node1 ~]# virsh help domcontrol NAME domcontrol - 域控制接口状态 SYNOPSIS domcontrol <domain> DESCRIPTION 向域返回控制接口状态 OPTIONS [--domain] <string> domain name, id or uuid [root@node1 ~]# virsh domcontrol centos7.0 确定 [root@node1 ~]# virsh domcontrol generic 确定 [root@node1 ~]#
提示:我这里显示的是中文,正常情况就是ok状态;
以上命令主要是用于监控虚拟机上的各种状态相关的命令,我们可以基于上面的命令写成脚本,然后实现批量的获取多个虚拟机的状态信息;
2、virsh管理网络相关命令
virsh net-list:列出网络
[root@node1 ~]# virsh help net-list NAME net-list - 列出网络 SYNOPSIS net-list [--inactive] [--all] [--persistent] [--transient] [--autostart] [--no-autostart] [--uuid] [--name] [--table] DESCRIPTION 返回网络列表 OPTIONS --inactive 列出不活跃的网络 --all 列出不活跃和活跃的网络 --persistent 列出持久网络 --transient 列出临时网络 --autostart 列出启用 autostart 的网络 --no-autostart 列出禁用 autostart 的网络 --uuid 只列出 uuid --name list network names only --table 列出表格(默认) [root@node1 ~]# virsh net-list 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 [root@node1 ~]#
提示:默认是以表格的形式列出激活的网络,如果要指定列出某种状态的网络,后面可以跟选项;从上面的信息可以看到当前只有一个默认的网络,处于活跃状态并且是自动启动;
virsh net-dumpxml:显示指定网络的配置文件内容到标准输出;
[root@node1 ~]# virsh help net-dumpxml NAME net-dumpxml - XML 中的网络信息 SYNOPSIS net-dumpxml <network> [--inactive] DESCRIPTION 把网络信息作为一个 XML 输出到 stdout。 OPTIONS [--network] <string> 网络名或 uuid --inactive 显示不活跃定义的 XML [root@node1 ~]# virsh net-dumpxml default <network connections='3'> <name>default</name> <uuid>958c004e-7aa9-483e-a79e-c62884e88a08</uuid> <forward mode='nat'> <nat> <port start='1024' end='65535'/> </nat> </forward> <bridge name='virbr0' stp='on' delay='0'/> <mac address='52:54:00:45:06:15'/> <ip address='192.168.122.1' netmask='255.255.255.0'> <dhcp> <range start='192.168.122.2' end='192.168.122.254'/> </dhcp> </ip> </network> [root@node1 ~]#
提示:通过上述命令我们可以把指定的某个网络导出,然后基于这个网络文件来当做模板文件,此后如果要创建一个网络,我们直接复制这个模板,然后修改私有的信息即可生成一个我们需要创建的网络的配置文件;
virsh net-define:从指定xml配置文件定义一个网络或者基于指定xml来修改现有网络;类似virsh define命令的用法;
示例:导出现有配置,修改ip地址,然后基于这个导出的配置来使用virsh net-define创建一个网络
[root@node1 ~]# virsh net-dumpxml default >default.xml [root@node1 ~]# cp default.xml test.xml [root@node1 ~]# diff default.xml test.xml 2,3c2 < <name>default</name> < <uuid>958c004e-7aa9-483e-a79e-c62884e88a08</uuid> --- > <name>test</name> 9,11c8,10 < <bridge name='virbr0' stp='on' delay='0'/> < <mac address='52:54:00:45:06:15'/> < <ip address='192.168.122.1' netmask='255.255.255.0'> --- > <bridge name='virbr1' stp='on' delay='0'/> > <mac address='52:54:00:45:06:16'/> > <ip address='192.168.12.1' netmask='255.255.255.0'> 13c12 < <range start='192.168.122.2' end='192.168.122.254'/> --- > <range start='192.168.12.2' end='192.168.12.254'/> [root@node1 ~]# cat test.xml <network connections='3'> <name>test</name> <forward mode='nat'> <nat> <port start='1024' end='65535'/> </nat> </forward> <bridge name='virbr1' stp='on' delay='0'/> <mac address='52:54:00:45:06:16'/> <ip address='192.168.12.1' netmask='255.255.255.0'> <dhcp> <range start='192.168.12.2' end='192.168.12.254'/> </dhcp> </ip> </network> [root@node1 ~]#
提示:通常我们需要修改网络的名称,删除uuid,让其创建时自动生成,指定ip地址,修改mac地址以及dhcp地址池,网桥名称以及网络的类型;
[root@node1 ~]# virsh help net-define NAME net-define - define an inactive persistent virtual network or modify an existing persistent one from an XML file SYNOPSIS net-define <file> DESCRIPTION Define or modify a persistent virtual network. OPTIONS [--file] <string> 文件包括一个 XML网络描述 [root@node1 ~]# virsh net-define test.xml 从 test定义网络test.xml [root@node1 ~]# virsh net-list 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 [root@node1 ~]# virsh net-list --all 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 test 不活跃 否 是 [root@node1 ~]#
提示:默认情况用define定义一个网络它并不会激活;
virsh net-start:激活一个指定的非活跃网络
[root@node1 ~]# virsh help net-start NAME net-start - 开始一个(以前定义的)不活跃的网络 SYNOPSIS net-start <network> DESCRIPTION 开始一个网络. OPTIONS [--network] <string> 网络名或 uuid [root@node1 ~]# virsh net-start test 网络 test 已开始 [root@node1 ~]# virsh net-list 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 test 活动 否 是 [root@node1 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:9a:db:d6 brd ff:ff:ff:ff:ff:ff inet 192.168.0.41/24 brd 192.168.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe9a:dbd6/64 scope link valid_lft forever preferred_lft forever 3: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000 link/ether 52:54:00:45:06:15 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000 link/ether 52:54:00:45:06:15 brd ff:ff:ff:ff:ff:ff 5: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UNKNOWN qlen 1000 link/ether fe:54:00:3e:3f:71 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc54:ff:fe3e:3f71/64 scope link valid_lft forever preferred_lft forever 6: vnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UNKNOWN qlen 1000 link/ether fe:54:00:e3:8d:11 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc54:ff:fee3:8d11/64 scope link valid_lft forever preferred_lft forever 7: vnet2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UNKNOWN qlen 1000 link/ether fe:54:00:e3:85:21 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc54:ff:fee3:8521/64 scope link valid_lft forever preferred_lft forever 8: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000 link/ether 52:54:00:45:06:16 brd ff:ff:ff:ff:ff:ff inet 192.168.12.1/24 brd 192.168.12.255 scope global virbr1 valid_lft forever preferred_lft forever 9: virbr1-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr1 state DOWN qlen 1000 link/ether 52:54:00:45:06:16 brd ff:ff:ff:ff:ff:ff [root@node1 ~]#
提示:可以看到指定test网络已经激活并且在宿主机上创建了一个virbr1的网桥和virbr1-nic的网卡,其实virbr1就是我们在配置文件中指定的网桥,在配置文件中指定的网桥必须未使用,如果指定网桥不存在则创建,而virbr1-nic这张网卡就是直接桥接到virbr1上;
测试:创建一个基于test网络的虚拟机,名为c3
[root@node1 ~]# cd /etc/libvirt/qemu/ [root@node1 qemu]# ls autostart c2.xml centos7.0.xml generic.xml networks [root@node1 qemu]# cp c2.xml c3.xml [root@node1 qemu]# cd /kvm/images/ [root@node1 images]# ls c1.qcow2 c2.qcow2 cirros-0.5.0-x86_64-disk.img [root@node1 images]# cp c2.qcow2 c3.qcow2 [root@node1 images]# diff /etc/libvirt/qemu/c2.xml /etc/libvirt/qemu/c3.xml 9c9 < <name>c2</name> --- > <name>c3</name> 40c40 < <source file='/kvm/images/c2.qcow2'/> --- > <source file='/kvm/images/c3.qcow2'/> 73,74c73,74 < <mac address='52:54:00:e3:85:21'/> < <source network='default'/> --- > <mac address='52:54:00:e3:86:e1'/> > <source network='test'/> [root@node1 images]# virsh define /etc/libvirt/qemu/c3.xml 定义域 c3(从 /etc/libvirt/qemu/c3.xml) [root@node1 images]# virsh list --all Id 名称 状态 ---------------------------------------------------- 1 generic running 2 centos7.0 running 3 c2 running - c3 关闭 [root@node1 images]# virsh start c3 域 c3 已开始 [root@node1 images]#
验证:连接至c3控制台,查看其ip地址是否是test网络?是否能够ping通virbr1?网关是否是virbr1?
[root@node1 images]# virsh domifaddr c3 名称 MAC 地址 Protocol Address ------------------------------------------------------------------------------- vnet3 52:54:00:e3:86:e1 ipv4 192.168.12.179/24 [root@node1 images]# ssh 192.168.12.179 The authenticity of host '192.168.12.179 (192.168.12.179)' can't be established. ECDSA key fingerprint is SHA256:heUVB8InZ+56B+vMgUz+B7Uus4EgklEU9DVeywf1Z7s. ECDSA key fingerprint is MD5:0b:b1:75:a4:2b:ba:cf:f1:ac:51:cb:76:2a:74:89:42. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.12.179' (ECDSA) to the list of known hosts. root@192.168.12.179's password: Last login: Sun Aug 16 09:46:30 2020 [root@localhost ~]# ping 192.168.12.1 PING 192.168.12.1 (192.168.12.1) 56(84) bytes of data. 64 bytes from 192.168.12.1: icmp_seq=1 ttl=64 time=0.514 ms 64 bytes from 192.168.12.1: icmp_seq=2 ttl=64 time=0.585 ms ^C --- 192.168.12.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1002ms rtt min/avg/max/mdev = 0.514/0.549/0.585/0.042 ms [root@localhost ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.12.1 0.0.0.0 UG 100 0 0 eth0 192.168.12.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0 [root@localhost ~]# exit 登出 Connection to 192.168.12.179 closed. [root@node1 images]#
提示:从上面的信息可以看到基于test网络创建的虚拟机,其内部获取的地址是我们在test网络配置文件中指定的dhcp地址池,网关地址是virbr1的地址;
[root@node1 ~]# brctl show bridge name bridge id STP enabled interfaces virbr0 8000.525400450615 yes virbr0-nic vnet0 vnet1 vnet2 virbr1 8000.525400450616 yes virbr1-nic vnet3 [root@node1 ~]# iptables -t nat -nvL Chain PREROUTING (policy ACCEPT 239 packets, 21179 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 68 packets, 8639 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 86 packets, 6827 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 86 packets, 6827 bytes) pkts bytes target prot opt in out source destination 2 180 RETURN all -- * * 192.168.12.0/24 224.0.0.0/24 1 328 RETURN all -- * * 192.168.12.0/24 255.255.255.255 29 1740 MASQUERADE tcp -- * * 192.168.12.0/24 !192.168.12.0/24 masq ports: 1024-65535 94 7144 MASQUERADE udp -- * * 192.168.12.0/24 !192.168.12.0/24 masq ports: 1024-65535 1 84 MASQUERADE all -- * * 192.168.12.0/24 !192.168.12.0/24 2 267 RETURN all -- * * 192.168.122.0/24 224.0.0.0/24 0 0 RETURN all -- * * 192.168.122.0/24 255.255.255.255 80 4800 MASQUERADE tcp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535 269 20444 MASQUERADE udp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535 0 0 MASQUERADE all -- * * 192.168.122.0/24 !192.168.122.0/24 [root@node1 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.0.1 0.0.0.0 UG 100 0 0 ens33 192.168.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 192.168.12.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr1 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 [root@node1 ~]# ip a l vnet3 10: vnet3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr1 state UNKNOWN qlen 1000 link/ether fe:54:00:e3:86:e1 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc54:ff:fee3:86e1/64 scope link valid_lft forever preferred_lft forever [root@node1 ~]#
提示:如果我们在基于test网络创建虚拟机,它也会把虚拟机的虚拟网卡桥接到virbr1上,如果我们指定的网络类型是nat类型并开启了dhcp,它默认会把虚拟机的网关指向virbr1;并且在宿主机上的iptables的nat表中会添加SNAT规则,正因为这些iptables规则才使得虚拟机可以上外网;
virsh net-info:查看指定网络的简要信息
[root@node1 ~]# virsh help net-info NAME net-info - 网络信息 SYNOPSIS net-info <network> DESCRIPTION 返回关于这个网络的基本信息。 OPTIONS [--network] <string> 网络名或 uuid [root@node1 ~]# virsh net-info test 名称: test UUID: be2af58a-c8cd-4b73-8ee3-36cb3fe9566b 活跃: 是 持久: 是 自动启动: 否 桥接: virbr1 [root@node1 ~]#
virsh net-autostart:标记指定网络为自动启动
[root@node1 ~]# virsh help net-autostart NAME net-autostart - 自动开始网络 SYNOPSIS net-autostart <network> [--disable] DESCRIPTION 设置一个网络在启动时自动开始. OPTIONS [--network] <string> 网络名或 uuid --disable 禁止自动启动 [root@node1 ~]# virsh net-autostart test 网络test标记为自动启动 [root@node1 ~]# virsh net-info test 名称: test UUID: be2af58a-c8cd-4b73-8ee3-36cb3fe9566b 活跃: 是 持久: 是 自动启动: 是 桥接: virbr1 [root@node1 ~]#
virsh net-name:把指定uuid解析成名称
[root@node1 ~]# virsh net-info test 名称: test UUID: be2af58a-c8cd-4b73-8ee3-36cb3fe9566b 活跃: 是 持久: 是 自动启动: 是 桥接: virbr1 [root@node1 ~]# virsh help net-name NAME net-name - 把一个网络UUID 转换为网络名 SYNOPSIS net-name <network> OPTIONS [--network] <string> 网络uuid [root@node1 ~]# virsh net-name be2af58a-c8cd-4b73-8ee3-36cb3fe9566b test [root@node1 ~]#
virsh net-uuid:把指定网络名称解析成uuid
[root@node1 ~]# virsh help net-uuid NAME net-uuid - 把一个网络名转换为网络UUID SYNOPSIS net-uuid <network> OPTIONS [--network] <string> 网络名 [root@node1 ~]# virsh net-uuid test be2af58a-c8cd-4b73-8ee3-36cb3fe9566b [root@node1 ~]#
virsh net-dhcp-leases:显示指定网络的dhcp的租赁信息;
[root@node1 ~]# virsh help net-dhcp-leases NAME net-dhcp-leases - print lease info for a given network SYNOPSIS net-dhcp-leases <network> [--mac <string>] DESCRIPTION Print lease info for a given network OPTIONS [--network] <string> 网络名或 uuid --mac <string> MAC 地址 [root@node1 ~]# virsh net-dhcp-leases test Expiry Time MAC 地址 Protocol IP address Hostname Client ID or DUID ------------------------------------------------------------------------------------------------------------------- 2020-08-16 23:27:20 52:54:00:e3:86:e1 ipv4 192.168.12.179/24 - - [root@node1 ~]# virsh net-dhcp-leases default Expiry Time MAC 地址 Protocol IP address Hostname Client ID or DUID ------------------------------------------------------------------------------------------------------------------- 2020-08-16 23:32:45 52:54:00:3e:3f:71 ipv4 192.168.122.4/24 cirros 01:52:54:00:3e:3f:71 2020-08-16 23:11:38 52:54:00:e3:85:21 ipv4 192.168.122.168/24 - - 2020-08-16 23:14:35 52:54:00:e3:8d:11 ipv4 192.168.122.222/24 - - [root@node1 ~]#
virsh net-edit:编辑指定虚拟机的配置文件;
提示:使用virsh net-edit,它默认就会去打开指定网络的配置文件,我们可以编辑这个配置文件来创建一个网络,也可以更改对应网络的配置,然后重读配置文件使对应配置生效;
编辑test网络配置文件的dhcp地址池地址和virbr1的地址;
[root@node1 ~]# virsh net-edit test <network> <name>test</name> <uuid>f9452d96-55fa-4dbf-ad9c-b1ba99b7f2ad</uuid> <forward mode='nat'> <nat> <port start='1024' end='65535'/> </nat> </forward> <bridge name='virbr1' stp='on' delay='0'/> <mac address='52:54:00:45:06:16'/> <ip address='192.168.11.1' netmask='255.255.255.0'> <dhcp> <range start='192.168.11.2' end='192.168.11.254'/> </dhcp> </ip> </network> ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "/tmp/virshJaE8MT.xml" 16L, 413C written 已编辑网络 test XML 配置 [root@node1 ~]# cat /etc/libvirt/qemu/networks/test.xml <!-- WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE OVERWRITTEN AND LOST. Changes to this xml configuration should be made using: virsh net-edit test or other application using the libvirt API. --> <network> <name>test</name> <uuid>f9452d96-55fa-4dbf-ad9c-b1ba99b7f2ad</uuid> <forward mode='nat'> <nat> <port start='1024' end='65535'/> </nat> </forward> <bridge name='virbr1' stp='on' delay='0'/> <mac address='52:54:00:45:06:16'/> <ip address='192.168.11.1' netmask='255.255.255.0'> <dhcp> <range start='192.168.11.2' end='192.168.11.254'/> </dhcp> </ip> </network> [root@node1 ~]# virsh net-info test 名称: test UUID: f9452d96-55fa-4dbf-ad9c-b1ba99b7f2ad 活跃: 是 持久: 是 自动启动: 否 桥接: virbr1 [root@node1 ~]# ip a l virbr1 13: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000 link/ether 52:54:00:45:06:16 brd ff:ff:ff:ff:ff:ff inet 192.168.12.1/24 brd 192.168.12.255 scope global virbr1 valid_lft forever preferred_lft forever [root@node1 ~]#
提示:默认修改了指定活跃网络的配置文件后是不会马上生效的;创建持久网络后,默认配置文件存放在/etc/libvirt/qemu/network/目录下和对应网络名称同名的xml格式文件;
让指定网络重读配置文件生效
[root@node1 ~]# virsh net-list 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 test 活动 否 是 [root@node1 ~]# virsh net-destroy test 网络 test 被删除 [root@node1 ~]# virsh net-list 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 [root@node1 ~]# virsh net-list --all 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 test 不活跃 否 是 [root@node1 ~]# virsh net-start test 网络 test 已开始 [root@node1 ~]# ip a l virbr1 15: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000 link/ether 52:54:00:45:06:16 brd ff:ff:ff:ff:ff:ff inet 192.168.11.1/24 brd 192.168.11.255 scope global virbr1 valid_lft forever preferred_lft forever [root@node1 ~]#
提示:让其重读配置文件的方式我们只有重启网络,所以上面的操作上先停止对应网络,然后在启动对应网络;virsh net-destory命令是删除指定活跃状态的网络,就相当于停止操作;
验证:对应网络上的虚拟机地址会发生更新吗?
[root@node1 ~]# virsh domifaddr c3 名称 MAC 地址 Protocol Address ------------------------------------------------------------------------------- [root@node1 ~]# virsh list --all Id 名称 状态 ---------------------------------------------------- 1 generic running 2 centos7.0 running 3 c2 running 4 c3 running [root@node1 ~]# virsh destroy c3 域 c3 被删除 [root@node1 ~]# virsh list --all Id 名称 状态 ---------------------------------------------------- 1 generic running 2 centos7.0 running 3 c2 running - c3 关闭 [root@node1 ~]# virsh start c3 域 c3 已开始 [root@node1 ~]# virsh domifaddr c3 名称 MAC 地址 Protocol Address ------------------------------------------------------------------------------- vnet3 52:54:00:e3:86:e1 ipv4 192.168.11.179/24 [root@node1 ~]#
提示:对应网络上的虚拟机如果不重启,它默认会获取不到地址;其实上述重启可以使用virsh reboot命令;
利用virsh edit来生成一个网络
[root@node1 ~]# virsh net-list --all 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 test 活动 否 是 [root@node1 ~]# virsh net-edit test <uuid>f9452d96-55fa-4dbf-ad9c-b1ba99b7f2ad</uuid> <network> <name>test1</name> <forward mode='nat'> <nat> <port start='1024' end='65535'/> </nat> </forward> <bridge name='virbr2' stp='on' delay='0'/> <mac address='52:54:10:45:06:16'/> <ip address='192.168.10.1' netmask='255.255.255.0'> <dhcp> <range start='192.168.10.2' end='192.168.10.254'/> </dhcp> </ip> </network> ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "/tmp/virshWqhNS8.xml" 15L, 362C written 已编辑网络 test1 XML 配置 [root@node1 ~]# ll /etc/libvirt/qemu/networks/ 总用量 12 drwx------ 2 root root 25 8月 16 22:59 autostart -rw------- 1 root root 576 8月 13 23:31 default.xml -rw------- 1 root root 641 8月 16 23:23 test1.xml -rw------- 1 root root 639 8月 16 23:09 test.xml [root@node1 ~]# diff /etc/libvirt/qemu/networks/test.xml /etc/libvirt/qemu/networks/test1.xml 4c4 < virsh net-edit test --- > virsh net-edit test1 9,10c9,10 < <name>test</name> < <uuid>f9452d96-55fa-4dbf-ad9c-b1ba99b7f2ad</uuid> --- > <name>test1</name> > <uuid>8dbdad99-91c5-435b-95b7-02179597f39e</uuid> 16,18c16,18 < <bridge name='virbr1' stp='on' delay='0'/> < <mac address='52:54:00:45:06:16'/> < <ip address='192.168.11.1' netmask='255.255.255.0'> --- > <bridge name='virbr2' stp='on' delay='0'/> > <mac address='52:54:10:45:06:16'/> > <ip address='192.168.10.1' netmask='255.255.255.0'> 20c20 < <range start='192.168.11.2' end='192.168.11.254'/> --- > <range start='192.168.10.2' end='192.168.10.254'/> [root@node1 ~]# virsh net-list --all 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 test 活动 否 是 test1 不活跃 否 是 [root@node1 ~]#
提示:从上面的演示我们可以看到,当我们修改了网络配置文件中的网络名称,ip地址,网桥名称,mac,dhcp地址池然后保存,它就会在对应目录下生成一个我们之前修改后的网络配置文件,并把我们的配置立刻应用到系统(define操作,不需要我们手动去define,它自动会define一个非活跃的持久网络);
virsh net-create:从指定xml文件创建一个非持久的临时网络,并激活;
[root@node1 ~]# virsh help net-create NAME net-create - 从一个 XML 文件创建一个网络 SYNOPSIS net-create <file> DESCRIPTION 创建一个网络 OPTIONS [--file] <string> 文件包括一个 XML网络描述 [root@node1 ~]# cat test.xml <network connections='3'> <name>test2</name> <forward mode='nat'> <nat> <port start='1024' end='65535'/> </nat> </forward> <bridge name='virbr3' stp='on' delay='0'/> <mac address='52:54:00:45:06:17'/> <ip address='192.168.17.1' netmask='255.255.255.0'> <dhcp> <range start='192.168.17.2' end='192.168.17.254'/> </dhcp> </ip> </network> [root@node1 ~]# ll /etc/libvirt/qemu/networks/ 总用量 12 drwx------ 2 root root 25 8月 16 22:59 autostart -rw------- 1 root root 576 8月 13 23:31 default.xml -rw------- 1 root root 641 8月 16 23:23 test1.xml -rw------- 1 root root 639 8月 16 23:09 test.xml [root@node1 ~]# virsh net-create test.xml 从test2创建网络test.xml [root@node1 ~]# virsh net-list --all 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 test 活动 否 是 test1 不活跃 否 是 test2 活动 否 否 [root@node1 ~]# ll /etc/libvirt/qemu/networks/ 总用量 12 drwx------ 2 root root 25 8月 16 22:59 autostart -rw------- 1 root root 576 8月 13 23:31 default.xml -rw------- 1 root root 641 8月 16 23:23 test1.xml -rw------- 1 root root 639 8月 16 23:09 test.xml [root@node1 ~]#
提示:这里提示下define出来的网络默认是持久的,create出来的网络不是持久的,所谓持久就是是否在/etc/libvirt/qemu/network/目录下生成配置文件,有配置文件的网络我们称它为持久网络,没有配置文件的网络我们称它为临时网络;
virsh net-undefine:将指定持久网络取消定义,所谓取消定义就是转为非持久网络;
[root@node1 ~]# virsh help net-undefine NAME net-undefine - undefine a persistent network SYNOPSIS net-undefine <network> DESCRIPTION Undefine the configuration for a persistent network. OPTIONS [--network] <string> 网络名或 uuid [root@node1 ~]# virsh net-list --all 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 test 活动 否 是 test1 不活跃 否 是 test2 活动 否 否 [root@node1 ~]# ll /etc/libvirt/qemu/networks/ 总用量 12 drwx------ 2 root root 25 8月 16 22:59 autostart -rw------- 1 root root 576 8月 13 23:31 default.xml -rw------- 1 root root 641 8月 16 23:23 test1.xml -rw------- 1 root root 639 8月 16 23:09 test.xml [root@node1 ~]# virsh net-undefine test1 网络 test1 已经被取消定义 [root@node1 ~]# virsh net-list --all 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 test 活动 否 是 test2 活动 否 否 [root@node1 ~]# ll /etc/libvirt/qemu/networks/ 总用量 8 drwx------ 2 root root 25 8月 16 22:59 autostart -rw------- 1 root root 576 8月 13 23:31 default.xml -rw------- 1 root root 639 8月 16 23:09 test.xml [root@node1 ~]# virsh net-undefine test 网络 test 已经被取消定义 [root@node1 ~]# virsh net-list --all 名称 状态 自动开始 持久 ---------------------------------------------------------- default 活动 是 是 test 活动 否 否 test2 活动 否 否 [root@node1 ~]# ll /etc/libvirt/qemu/networks/ 总用量 4 drwx------ 2 root root 25 8月 16 22:59 autostart -rw------- 1 root root 576 8月 13 23:31 default.xml [root@node1 ~]#
提示:net-undefine会把活跃状态的持久网络修改成非持久,它的操作就是把对应配置文件删除,并不会删除活跃的网络实例;将非活跃的持久化网络,它会删除其配置文件和网络实例;