怎么安装部署及管理KVM虚拟化

本篇内容介绍了"怎么安装部署及管理KVM虚拟化"的有关知识，在实际案例的操作过程中，不少人都会遇到这样的困境，接下来就让小编带领大家学习一下如何处理这些情况吧！希望大家仔细阅读，能够学有所成！

1.kvm部署

1.1 kvm安装

//关闭防火墙和selinux[root@kvm ~]# systemctl disable --now firewalld.service Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.[root@kvm ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config [root@kvm ~]# reboot//下载epel源和工具包[root@kvm ~]# yum -y install epel-release vim wget net-tools unzip zip gcc gcc-c++//验证CPU是否支持KVM；如果结果中有vmx（Intel）或svm(AMD)字样，就说明CPU的支持的[root@kvm ~]# egrep -o 'vmx|svm' /proc/cpuinfo//安装kvm[root@kvm ~]# yum -y install qemu-kvm qemu-kvm-tools qemu-img virt-manager libvirt libvirt-python libvirt-client virt-install virt-viewer bridge-utils libguestfs-tools//桥接网卡，用br0来桥接ens160网卡[root@kvm ~]# cd /etc/sysconfig/network-scripts/[root@kvm network-scripts]# cp ifcfg-ens33 ifcfg-br0[root@kvm network-scripts]# cat ifcfg-br0 TYPE=BridgeDEVICE=br0NM_CONTROLLED=noBOOTPROTO=staticNAME=br0ONBOOT=yesIPADDR=192.168.237.131NETMASK=255.255.255.0GATEWAY=192.168.237.2DNS1=114.114.114.114DNS2=8.8.8.8[root@kvm network-scripts]# cat ifcfg-ens33 TYPE=EthernetBOOTPROTO=staticNAME=ens33DEVICE=ens33ONBOOT=yesBRIDGE=br0NM_CONTROLLED=no//重启网络[root@kvm ~]# systemctl restart network[root@kvm ~]# ip a1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo       valid_lft forever preferred_lft forever    inet6 ::1/128 scope host        valid_lft forever preferred_lft forever2: ens33:  mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000    link/ether 00:0c:29:7b:10:a5 brd ff:ff:ff:ff:ff:ff    inet6 fe80::20c:29ff:fe7b:10a5/64 scope link        valid_lft forever preferred_lft forever3: br0:  mtu 1500 qdisc noqueue state UP group default qlen 1000    link/ether 00:0c:29:7b:10:a5 brd ff:ff:ff:ff:ff:ff    inet 192.168.237.131/24 brd 192.168.237.255 scope global br0       valid_lft forever preferred_lft forever    inet6 fe80::20c:29ff:fe7b:10a5/64 scope link        valid_lft forever preferred_lft forever4: virbr0:  mtu 1500 qdisc noqueue state DOWN group default qlen 1000    link/ether 52:54:00:1c:33:d6 brd ff:ff:ff:ff:ff:ff    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0       valid_lft forever preferred_lft forever5: virbr0-nic:  mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000    link/ether 52:54:00:1c:33:d6 brd ff:ff:ff:ff:ff:ff//启动服务[root@kvm ~]# systemctl enable --now libvirtd//验证安装结果[root@kvm ~]# lsmod|grep kvmkvm_intel             188740  0 kvm                   637289  1 kvm_intelirqbypass              13503  1 kvm//测试[root@kvm ~]# virsh -c qemu:///system list Id    名称                         状态----------------------------------------------------[root@kvm ~]# virsh --version4.5.0[root@kvm ~]# virt-install --version1.5.0[root@kvm ~]# ln -s /usr/libexec/qemu-kvm /usr/bin/qemu-kvm[root@kvm ~]# ll /usr/bin/qemu-kvmlrwxrwxrwx 1 root root 21 10月 20 23:14 /usr/bin/qemu-kvm -> /usr/libexec/qemu-kvm//查看网桥信息[root@kvm ~]# brctl showbridge name     bridge id               STP enabled     interfacesbr0             8000.000c297b10a5       no              ens33virbr0          8000.5254001c33d6       yes             virbr0-nic

1.2 kvm web管理界面安装

kvm 的 web 管理界面是由 webvirtmgr 程序提供的。

//安装依赖包[root@kvm ~]# yum -y install git python-pip libvirt-python libxml2-python python-websockify supervisor nginx python-devel//从github上下载webvirtmgr代码[root@kvm ~]# cd /usr/local/src/[root@kvm src]# git clone git://github.com/retspen/webvirtmgr.git正克隆到 'webvirtmgr'...remote: Enumerating objects: 5614, done.remote: Total 5614 (delta 0), reused 0 (delta 0), pack-reused 5614接收对象中: 100% (5614/5614), 2.97 MiB | 29.00 KiB/s, done.处理 delta 中: 100% (3606/3606), done.//安装webvirtmgr[root@kvm src]# cd webvirtmgr/[root@kvm webvirtmgr]# pip install -r requirements.txt Collecting django==1.5.5 (from -r requirements.txt (line 1))  Downloading https://files.pythonhosted.org/packages/38/49/93511c5d3367b6b21fc2995a0e53399721afc15e4cd6eb57be879ae13ad4/Django-1.5.5.tar.gz (8.1MB)    100% |████████████████████████████████| 8.1MB 49kB/s ......//检查sqlite3是否安装[root@kvm webvirtmgr]# pythonPython 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux2Type "help", "copyright", "credits" or "license" for more information.>>> import sqlite3>>> exit()//初始化账号信息[root@kvm webvirtmgr]# python manage.py syncdbWARNING:root:No local_settings file found.Creating tables ...Creating table auth_permissionCreating table auth_group_permissionsCreating table auth_groupCreating table auth_user_groupsCreating table auth_user_user_permissionsCreating table auth_userCreating table django_content_typeCreating table django_sessionCreating table django_siteCreating table servers_computeCreating table instance_instanceCreating table create_flavorYou just installed Django's auth system, which means you don't have any superusers defined.Would you like to create one now? (yes/no): yesUsername (leave blank to use 'root'): adminEmail address: 123@qq.comPassword: Password (again): Superuser created successfully.Installing custom SQL ...Installing indexes ...Installed 6 object(s) from 1 fixture(s)//拷贝web网页至指定目录[root@kvm webvirtmgr]# mkdir /var/www[root@kvm webvirtmgr]# cp -r /usr/local/src/webvirtmgr /var/www/[root@kvm webvirtmgr]# chown -R nginx.nginx /var/www/webvirtmgr///生成密钥[root@kvm ~]# ssh-keygen -t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'.Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:SHA256:icyLAYmyxABKsogsIHmJqGjSby0ogFwf1p2zeiPwuxY root@kvmThe key's randomart image is:+---[RSA 2048]----+|O+ .  . . .      ||/ooo o . +       ||&*+ o .   o      ||X+.. = . o       ||=  o..* S        ||. . +o.E o       || . .... = .      ||       o         ||      ...        |+----[SHA256]-----+[root@kvm ~]# ssh-copy-id 192.168.237.131/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"The authenticity of host '192.168.237.131 (192.168.237.131)' can't be established.ECDSA key fingerprint is SHA256:/AR9dYUN0PN9LOHYWfHeUe5LgyczVMH9mYv9+2GcAbM.ECDSA key fingerprint is MD5:30:f6:de:5a:7d:c2:08:b5:b7:31:61:4a:4e:dd:32:73.Are you sure you want to continue connecting (yes/no)? yes/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysroot@192.168.237.131's password: Number of key(s) added: 1Now try logging into the machine, with:   "ssh '192.168.237.131'"and check to make sure that only the key(s) you wanted were added.//配置端口转发[root@kvm ~]# ssh 192.168.237.131 -L localhost:8000:localhost:8000 -L localhost:6080:localhost:60Last login: Wed Oct 20 23:12:00 2021 from 192.168.237.1[root@kvm ~]# ss -anltState      Recv-Q Send-Q       Local Address:Port                      Peer Address:Port              LISTEN     0      128              127.0.0.1:6080                                 *:*                  LISTEN     0      128              127.0.0.1:8000                                 *:*                  LISTEN     0      128                      *:111                                  *:*                  LISTEN     0      5            192.168.122.1:53                                   *:*                  LISTEN     0      128                      *:22                                   *:*                  LISTEN     0      100              127.0.0.1:25                                   *:*                  LISTEN     0      128                  [::1]:6080                              [::]:*                  LISTEN     0      128                  [::1]:8000                              [::]:*                  LISTEN     0      128                   [::]:111                               [::]:*                  LISTEN     0      128                   [::]:22                                [::]:*                  LISTEN     0      100                  [::1]:25                                [::]:*                  //配置nginx[root@kvm ~]# cd /etc/nginx/[root@kvm nginx]# lsconf.d                fastcgi_params          mime.types          scgi_params           win-utfdefault.d             fastcgi_params.default  mime.types.default  scgi_params.defaultfastcgi.conf          koi-utf                 nginx.conf          uwsgi_paramsfastcgi.conf.default  koi-win                 nginx.conf.default  uwsgi_params.default[root@kvm nginx]# cp nginx.conf nginx.conf-bak      //备份[root@kvm nginx]# cat nginx.confuser nginx;worker_processes auto;error_log /var/log/nginx/error.log;pid /run/nginx.pid;include /usr/share/nginx/modules/*.conf;events {    worker_connections 1024;}http {    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '                      '$status $body_bytes_sent "$http_referer" '                      '"$http_user_agent" "$http_x_forwarded_for"';    access_log  /var/log/nginx/access.log  main;    sendfile            on;    tcp_nopush          on;    tcp_nodelay         on;    keepalive_timeout   65;    types_hash_max_size 2048;    include             /etc/nginx/mime.types;    default_type        application/octet-stream;    include /etc/nginx/conf.d/*.conf;    server {        listen       80;        server_name  localhost;        include /etc/nginx/default.d/*.conf;        location / {            root html;            index index.html index.htm;        }        error_page 404 /404.html;            location = /40x.html {        }        error_page 500 502 503 504 /50x.html;            location = /50x.html {        }    }}[root@kvm conf.d]# pwd/etc/nginx/conf.d[root@kvm conf.d]# vi webvirtmgr.conf[root@kvm conf.d]# cat webvirtmgr.conf server {    listen 80 default_server;    server_name $hostname;    #access_log /var/log/nginx/webvirtmgr_access_log;    location /static/ {        root /var/www/webvirtmgr/webvirtmgr;        expires max;    }    location / {        proxy_pass http://127.0.0.1:8000;        proxy_set_header X-Real-IP $remote_addr;        proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;        proxy_set_header Host $host:$server_port;        proxy_set_header X-Forwarded-Proto $remote_addr;        proxy_connect_timeout 600;        proxy_read_timeout 600;        proxy_send_timeout 600;        client_max_body_size 1024M;    }}//确保bind绑定的是本机的8000端口[root@kvm ~]# vim /var/www/webvirtmgr/conf/gunicorn.conf.py bind = '0.0.0.0:8000'         //修改此行backlog = 2048//启动nginx[root@kvm ~]# systemctl enable --now nginxCreated symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.[root@kvm ~]# ss -anltState      Recv-Q Send-Q       Local Address:Port                      Peer Address:Port              LISTEN     0      128              127.0.0.1:6080                                 *:*                  LISTEN     0      128              127.0.0.1:8000                                 *:*                  LISTEN     0      128                      *:111                                  *:*                  LISTEN     0      128                      *:80                                   *:*                  LISTEN     0      5            192.168.122.1:53                                   *:*                  LISTEN     0      128                      *:22                                   *:*                  LISTEN     0      100              127.0.0.1:25                                   *:*                  LISTEN     0      128                  [::1]:6080                              [::]:*                  LISTEN     0      128                  [::1]:8000                              [::]:*                  LISTEN     0      128                   [::]:111                               [::]:*                  LISTEN     0      128                   [::]:22                                [::]:*                  LISTEN     0      100                  [::1]:25                                [::]:*                  //设置supervisor[root@kvm ~]# vim /etc/supervisord.conf #在最后添加下面的内容[program:webvirtmgr]command=/usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.pydirectory=/var/www/webvirtmgrautostart=trueautorestart=truelogfile=/var/log/supervisor/webvirtmgr.loglog_stderr=trueuser=nginx[program:webvirtmgr-console]command=/usr/bin/python2 /var/www/webvirtmgr/console/webvirtmgr-consoledirectory=/var/www/webvirtmgrautostart=trueautorestart=truestdout_logfile=/var/log/supervisor/webvirtmgr-console.logredirect_stderr=trueuser=nginx//启动supervisor[root@kvm ~]# systemctl enable --now supervisordCreated symlink from /etc/systemd/system/multi-user.target.wants/supervisord.service to /usr/lib/systemd/system/supervisord.service.[root@kvm ~]# systemctl status supervisord● supervisord.service - Process Monitoring and Control Daemon   Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)   Active: active (running) since 三 2021-10-20 23:53:33 CST; 12s ago  Process: 46734 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS) Main PID: 46737 (supervisord)//配置nginx用户[root@kvm ~]# su - nginx -s /bin/bash-bash-4.2$ ssh-keygen -t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/var/lib/nginx/.ssh/id_rsa): Created directory '/var/lib/nginx/.ssh'.Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /var/lib/nginx/.ssh/id_rsa.Your public key has been saved in /var/lib/nginx/.ssh/id_rsa.pub.The key fingerprint is:SHA256:S46h+CYFvCGW+6z68PXZgbKNLLdPdiPD6LmzPOpYBwI nginx@kvmThe key's randomart image is:+---[RSA 2048]----+|                 ||                 ||E..              ||oo+              ||o.o+  . S        || o.o.+ * .       ||. =.* O *        || =oX=X * o       ||++**%B= .        |+----[SHA256]-----+-bash-4.2$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config-bash-4.2$ chmod 0600 ~/.ssh/config-bash-4.2$ ssh-copy-id root@192.168.237.131/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/var/lib/nginx/.ssh/id_rsa.pub"/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysWarning: Permanently added '192.168.237.131' (ECDSA) to the list of known hosts.root@192.168.237.131's password: Number of key(s) added: 1Now try logging into the machine, with:   "ssh 'root@192.168.237.131'"and check to make sure that only the key(s) you wanted were added.-bash-4.2$ exit登出[root@kvm ~]# vim /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla[Remote libvirt SSH access]Identity=unix-user:rootAction=org.libvirt.unix.manageResultAny=yesResultInactive=yesResultActive=yes[root@kvm ~]# chown -R root.root /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla[root@kvm ~]# systemctl restart nginx[root@kvm ~]# systemctl restart libvirtd

1.3 kvm web界面管理

通过ip地址在浏览器上访问kvm

1.3.1 kvm连接管理

创建SSH连接：

1.3.2 kvm存储管理

创建存储：

进入存储：

通过远程连接软件上传ISO镜像文件至存储目录/var/lib/libvirt/images/

[root@kvm ~]# ls /var/lib/libvirt/images/CentOS-8.4.2105-x86_64-dvd1.iso

在 web 界面查看ISO镜像是否存在

创建系统安装镜像

1.3.3 kvm网络管理

添加桥接网络

1.3.4 实例管理

实例(虚拟机)创建

虚拟机插入光盘

设置在 web 上访问虚拟机的密码

启动虚拟机

打开控制台

安装虚拟机

安装完成

故障

web界面无法访问，命令行报错（accept: Too many open files）

对nginx进行配置[root@kvm ~]# vim /etc/nginx/nginx.confuser nginx;worker_processes auto;error_log /var/log/nginx/error.log;pid /run/nginx.pid;worker_rlimit_nofile 655350;               //添加此行[root@kvm ~]# systemctl restart nginx.service 对系统参数进行设置[root@kvm ~]# vim /etc/security/limits.conf# End of file                    //添加下面两行* soft nofile 655350             * hard nofile 655350重启虚拟机，就能成功访问[root@kvm ~]# reboot

"怎么安装部署及管理KVM虚拟化"的内容就介绍到这里了，感谢大家的阅读。如果想了解更多行业相关的知识可以关注网站，小编将为大家输出更多高质量的实用文章！