1.虚拟化介绍
虚拟化是指计算机元件在虚拟的基础上而不是真实的基础上运行。虚拟化技术可以扩大硬件的容量,简化软件的重新配置过程。CPU的虚拟化技术可以单CPU模 拟多CPU并行,允许一个平台同时运行多个操作系统,并且应用程序都可以在相互独立的空间内运行而互不影响,从而显著提高计算机的工作效率。
虚拟化的类型:
- 全虚拟化
- 半虚拟化(涉及修改guestos内核,因此仅支持开源kernel的系统)
全虚拟化:
Hypervisor 直接安装在物理机上,多个虚拟机在 Hypervisor 上运行。Hypervisor 实现方式一般是一个特殊定制的 Linux 系统。Xen 和 VMWare 的 ESXi 都属于这个类型
半虚拟化:
物理机上首先安装常规的操作系统,比如 Redhat、Ubuntu 和 Windows。Hypervisor 作为 OS 上的一个程序模块运行,并对管理虚拟机进行管理。KVM、VirtualBox 和 VMWare Workstation 都属于这个类型
理论上讲:
全虚拟化一般对硬件虚拟化功能进行了特别优化,性能上比半虚拟化要高;
半虚拟化因为基于普通的操作系统,会比较灵活,比如支持虚拟机嵌套。嵌套意味着可以在KVM虚拟机中再运行KVM。
2.KVM介绍
KVM 全称是 基于内核的虚拟机(Kernel-based Virtual Machine),它是一个 Linux 的一个内核模块,该内核模块使得 Linux 变成了一个 Hypervisor
KVM 是基于虚拟化扩展(Intel VT 或者 AMD-V)的 X86 硬件的开源的 Linux 原生的全虚拟化解决方案。KVM 中,虚拟机被实现为常规的 Linux 进程,由标准 Linux 调度程序进行调度;虚机的每个虚拟 CPU 被实现为一个常规的 Linux 进程。这使得 KMV 能够使用 Linux 内核的已有功能。
但是,KVM 本身不执行任何硬件模拟,需要客户空间程序通过 /dev/kvm 接口设置一个客户机虚拟服务器的地址空间,向它提供模拟的 I/O,并将它的视频显示映射回宿主的显示屏。目前这个应用程序是 QEMU。
Libvirt是用于管理虚拟化平台的开源的API,后台程序和管理工具。它可以用于管理KVM、Xen、VMware ESX,QEMU和其他虚拟化技术。这些API在云计算的解决方案中广泛使用。
Libvirt 就是 KVM 的管理工具。
其实,Libvirt 除了能管理 KVM 这种 Hypervisor,还能管理 Xen,VirtualBox 等。
Libvirt 包含 3 个东西:后台 daemon 程序 libvirtd、API 库和命令行工具 virsh
- libvirtd是服务程序,接收和处理 API 请求;
- API 库使得其他人可以开发基于 Libvirt 的高级工具,比如 virt-manager,这是个图形化的 KVM 管理工具;
- virsh 是我们经常要用的 KVM 命令行工具
3.kvm部署
环境说明:
| 系统类型 | IP | 主机名 |
|---|---|---|
| CentOS7 | 172.16.12.128 | wyt1 |
3.1kvm安装
部署前请确保你的CPU虚拟化功能已开启。分为两种情况:
- 虚拟机要关机设置CPU虚拟化
- 物理机要在BIOS里开启CPU虚拟化
开启CPU虚拟化
关闭防火墙和selinux
[root@wyt1 ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
[root@wyt1 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@wyt1 ~]# getenforce
Disabled
配置yum源
[root@wyt1 ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
[root@wyt1 ~]# sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS-Base.repo
[root@wyt1 ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@wyt1 ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@wyt1 ~]# yum -y install vim wget net-tools unzip zip gcc gcc-c++
验证CPU是否支持KVM;如果结果中有vmx(Intel)或svm(AMD)字样,就说明CPU的支持的
[root@wyt1 ~]# egrep -o 'vmx|svm' /proc/cpuinfo
vmx
kvm安装
[root@wyt1 ~]# yum -y install qemu-kvm qemu-kvm-tools qemu-img virt-manager libvirt libvirt-python libvirt-client virt-install virt-viewer bridge-utils libguestfs-tools
网卡设置为桥接模式,保证和公司服务器在同一网段
[root@wyt1 ~]# cd /etc/sysconfig/network-scripts/
[root@wyt1 network-scripts]# cp ifcfg-ens33 ifcfg-br0
[root@wyt1 network-scripts]# vim ifcfg-br0
TYPE=Bridge
BOOTPROTO=static
NM_CONTROLLED=no
ONBOOT=yes
DEVICE=br0
NEME=br0
IPADDR=192.168.179.128
NETMASK=255.255.255.0
GATEWAY=192.168.179.2
DNS1=114.114.114.114
[root@wyt1 network-scripts]# vim ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=static
NM_CONTROLLED=no
ONBOOT=yes
DEVICE=ens33
NEME=ens33
BRIDGE=br0
重启网络
[root@wyt1 ~]# systemctl restart network
[root@wyt1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
link/ether 00:0c:29:b3:0c:45 brd ff:ff:ff:ff:ff:ff
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:b3:0c:45 brd ff:ff:ff:ff:ff:ff
inet 192.168.179.128/24 brd 192.168.179.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feb3:c45/64 scope link
valid_lft forever preferred_lft forever
启动服务
[root@wyt1 ~]# systemctl enable --now libvirtd
验证安装结果
[root@wyt1 ~]# lsmod|grep kvm
kvm_intel 188644 0
kvm 621480 1 kvm_intel
irqbypass 13503 1 kvm
测试并验证安装结果
[root@wyt1 ~]# virsh -c qemu:///system list
Id 名称 状态
----------------------------------------------------
[root@wyt1 ~]# virsh --version
4.5.0
[root@wyt1 ~]# virt-install --version
1.5.0
//创建软链接
[root@wyt1 ~]# ln -s /usr/libexec/qemu-kvm /usr/bin/qemu-kvm
[root@wyt1 ~]# ll /usr/bin/qemu-kvm
lrwxrwxrwx 1 root root 21 8月 4 19:48 /usr/bin/qemu-kvm -> /usr/libexec/qemu-kvm
[root@wyt1 ~]# lsmod |grep kvm
kvm_intel 188644 0
kvm 621480 1 kvm_intel
irqbypass 13503 1 kvm
查看网桥信息
[root@wyt1 ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000c29b30c45 no ens33
virbr0 8000.525400bd9f4e yes virbr0-nic
3.2 kvm web管理界面安装
安装依赖包
升级vip
-i 指定清华大学的镜像源
[root@wyt1 ~]# pip install --upgrade pip -i https://mirrors.tuna.tsinghua.edu.cn/pypi/web/simple/
100% |████████████████████████████████| 1.5MB 283kB/s
Installing collected packages: pip
Found existing installation: pip 8.1.2
Uninstalling pip-8.1.2:
Successfully uninstalled pip-8.1.2
Successfully installed pip-20.2.1
从github上下载webvirtmgr代码
[root@wyt1 src]# git clone git://github.com/retspen/webvirtmgr.git
正克隆到 'webvirtmgr'...
remote: Enumerating objects: 5614, done.
remote: Total 5614 (delta 0), reused 0 (delta 0), pack-reused 5614
接收对象中: 100% (5614/5614), 2.98 MiB | 384.00 KiB/s, done.
处理 delta 中: 100% (3602/3602), done.
安装webvirtmgr
[root@wyt1 src]# cd webvirtmgr/
[root@wyt1 webvirtmgr]# ls
conf hostdetail manage.py secrets templates
console images MANIFEST.in serverlog Vagrantfile
create instance networks servers vrtManager
deploy interfaces README.rst setup.py webvirtmgr
dev-requirements.txt locale requirements.txt storages
[root@wyt1 webvirtmgr]#
[root@wyt1 webvirtmgr]# pip install -r requirements.txt -i https://mirrors.tuna.tsinghua.edu.cn/pypi/web/simple/
Running setup.py install for django ... done
Successfully installed django-1.5.5 gunicorn-19.5.0 lockfile-0.12.2
检查sqlite3是否安装
[root@wyt1 webvirtmgr]# python
Python 2.7.5 (default, Apr 2 2020, 13:16:51)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-39)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import sqlite3
>>> exit()
初始化帐号信息
[root@wyt1 webvirtmgr]# python manage.py syncdb
WARNING:root:No local_settings file found.
Creating tables ...
Creating table auth_permission
Creating table auth_group_permissions
Creating table auth_group
Creating table auth_user_groups
Creating table auth_user_user_permissions
Creating table auth_user
Creating table django_content_type
Creating table django_session
Creating table django_site
Creating table servers_compute
Creating table instance_instance
Creating table create_flavor
You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes //问你是否创建超级管理员帐号
Username (leave blank to use 'root'): wyt //指定超级管理员帐号用户名,默认留空为root
Email address: [email protected] //设置超级管理员邮箱
Password: //设置超级管理员密码
Password (again): //再次输入超级管理员密码
Superuser created successfully.
Installing custom SQL ...
Installing indexes ...
Installed 6 object(s) from 1 fixture(s)
拷贝web网页至指定目录
[root@wyt1 ~]# mkdir /var/www
[root@wyt1 ~]# cp -r /usr/local/src/webvirtmgr /var/www/
[root@wyt1 ~]# chown -R nginx.nginx /var/www/webvirtmgr/
生成密钥
[root@wyt1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:gucJIH9PQ5u7oW3nPQkv5bfyjMmaV3VFCCT+0N5f5+U root@wyt1
The key's randomart image is:
+---[RSA 2048]----+
| ..o. o.|
| . o . .|
|. . . o . .|
| o . o o + .. .|
| . + B S o...+|
| . * =. . . ++|
| * = o E|
| o.oo+B+. |
| ..oo++==+. |
+----[SHA256]-----+
//授权给本机使用
[root@wyt1 ~]# ssh-copy-id 192.168.179.128
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.179.128 (192.168.179.128)' can't be established.
ECDSA key fingerprint is SHA256:/N8vLVRgeKWptbVDOtvcnK+rKWHjWHkCDpNBbFxORFE.
ECDSA key fingerprint is MD5:c7:9d:3c:91:81:de:74:5e:d0:94:56:fa:f3:19:d0:c2.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.179.128'"
and check to make sure that only the key(s) you wanted were added.
配置端口转发
[root@wyt1 ~]# ssh 192.168.179.128 -L localhost:8000:localhost:8000 -L localhost:6080:localhost:60
Last login: Tue Aug 4 19:15:05 2020 from 192.168.179.1
[root@wyt1 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 127.0.0.1:6080 *:*
LISTEN 0 128 127.0.0.1:8000 *:*
LISTEN 0 128 *:111 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 128 [::1]:6010 [::]:*
LISTEN 0 128 [::1]:6080 [::]:*
LISTEN 0 128 [::1]:8000 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 [::]:22 [::]:*
配置nginx
[root@wyt1 ~]# vim /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name localhost;
include /etc/nginx/default.d/*.conf;
location / {
root html;
index index.html index.htm;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
[root@wyt1 ~]# vim /etc/nginx/conf.d/webvirtmgr.conf
server {
listen 80 default_server;
server_name $hostname;
#access_log /var/log/nginx/webvirtmgr_access_log;
location /static/ {
root /var/www/webvirtmgr/webvirtmgr;
expires max;
}
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $remote_addr;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
client_max_body_size 1024M;
}
}
//确保bind绑定的是本机的8000端口
[root@wyt1 ~]# vim /var/www/webvirtmgr/conf/gunicorn.conf.py
bind = '0.0.0.0:8000' //确保此处绑定的是本机的8000端口,这个在nginx配置中定义了,被代理的端口
//启动nginx并设置开机自动启动
[root@wyt1 ~]# systemctl enable --now nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@wyt1 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 127.0.0.1:6080 *:*
LISTEN 0 128 127.0.0.1:8000 *:*
LISTEN 0 128 *:111 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 128 [::1]:6010 [::]:*
LISTEN 0 128 [::1]:6080 [::]:*
LISTEN 0 128 [::1]:8000 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 [::]:22 [::]:*
设置supervisor
[root@wyt1 ~]# vim /etc/supervisord.conf
[program:webvirtmgr]
command=/usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
logfile=/var/log/supervisor/webvirtmgr.log
log_stderr=true
user=nginx
[program:webvirtmgr-console]
command=/usr/bin/python2 /var/www/webvirtmgr/console/webvirtmgr-console
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
stdout_logfile=/var/log/supervisor/webvirtmgr-console.log
redirect_stderr=true
user=nginx
启动supervisor并设置开机自启
[root@wyt1 ~]# systemctl enable --now supervisord
Created symlink from /etc/systemd/system/multi-user.target.wants/supervisord.service to /usr/lib/systemd/system/supervisord.service.
[root@wyt1 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 127.0.0.1:6011 *:*
LISTEN 0 128 127.0.0.1:6080 *:*
LISTEN 0 128 127.0.0.1:8000 *:*
LISTEN 0 128 *:111 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 128 [::1]:6010 [::]:*
LISTEN 0 128 [::1]:6011 [::]:*
LISTEN 0 128 [::1]:6080 [::]:*
LISTEN 0 128 [::1]:8000 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 [::]:22 [::]:*
配置nginx用户
[root@wyt1 ~]# su - nginx -s /bin/bash //nginx用户登录
-bash-4.2$ ssh-keygen -t rsa /生成密钥
Generating public/private rsa key pair.
Enter file in which to save the key (/var/lib/nginx/.ssh/id_rsa):
Created directory '/var/lib/nginx/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/lib/nginx/.ssh/id_rsa.
Your public key has been saved in /var/lib/nginx/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:zikIjfdJQ4BaSqXXSWqLktMRQKV3yvxXx99AshvAB5s nginx@wyt1
The key's randomart image is:
+---[RSA 2048]----+
|oo++.. . |
| .=.+.. . + |
|.*.= +. E o . |
|ooB++. + + |
|+.+=o o S. = . |
|.. o.+ =... + o |
| ..+.+ . . . |
| .. |
| |
+----[SHA256]-----+
-bash-4.2$ touch ~/.ssh/config //创建文件
-bash-4.2$ echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config //不检查主机key机制合法性
-bash-4.2$ chmod 0600 ~/.ssh/config //修改文件权限
-bash-4.2$ ssh-copy-id [email protected] //nginx用户与root用户之间互信
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/var/lib/nginx/.ssh/id_rsa.pub"
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Warning: Permanently added '192.168.179.128' (ECDSA) to the list of known hosts.
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
-bash-4.2$ exit
登出
//设置root用户远程登录
[root@wyt1 ~]# vim /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
[Remote libvirt SSH access]
Identity=unix-user:root
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes
//重启服务
[root@wyt1 ~]# systemctl restart nginx libvirtd
[root@wyt1 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 *:8000 *:*
LISTEN 0 100 *:6080 *:*
LISTEN 0 128 *:111 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 128 [::1]:6010 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 [::]:22 [::]:*
3.3 kvm web界面管理
登录web界面
kvm连接管理
创建SSH连接
kvm存储管理
创建储存
在主机添加一块物理硬盘
[root@wyt1 ~]# lsblk //查看硬盘
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 20G 0 disk
├─sda1 8:1 0 1G 0 part /boot
└─sda2 8:2 0 19G 0 part
├─centos-root 253:0 0 17G 0 lvm /
└─centos-swap 253:1 0 2G 0 lvm [SWAP]
sdb 8:16 0 20G 0 disk
sr0 11:0 1 10.3G 0 rom
[root@wyt1 ~]# fdisk /dev/sdb //新建磁盘分期
欢迎使用 fdisk (util-linux 2.23.2)。
更改将停留在内存中,直到您决定将更改写入磁盘。
使用写入命令前请三思。
Device does not contain a recognized partition table
使用磁盘标识符 0x0cf780d6 创建新的 DOS 磁盘标签。
命令(输入 m 获取帮助):n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p):
Using default response p
分区号 (1-4,默认 1):
起始 扇区 (2048-41943039,默认为 2048):
将使用默认值 2048
Last 扇区, +扇区 or +size{K,M,G} (2048-41943039,默认为 41943039):
将使用默认值 41943039
分区 1 已设置为 Linux 类型,大小设为 20 GiB
命令(输入 m 获取帮助):w
The partition table has been altered!
Calling ioctl() to re-read partition table.
正在同步磁盘。
[root@wyt1 ~]# partprobe //刷新
Warning: 无法以读写方式打开 /dev/sr0 (只读文件系统)。/dev/sr0 已按照只读方式打开。
[root@wyt1 ~]# mkfs.xfs /dev/sdb1 //格式化磁盘
meta-data=/dev/sdb1 isize=512 agcount=4, agsize=1310656 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0, sparse=0
data = bsize=4096 blocks=5242624, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@wyt1 ~]# blkid | grep sdb1 //过滤UUID
/dev/sdb1: UUID="410ecf3d-6e8f-4f16-a404-611d3bf0561d" TYPE="xfs"
[root@wyt1 ~]# vim /etc/fstab //添加挂载配置文件
//添加下列一行
UUID="410ecf3d-6e8f-4f16-a404-611d3bf0561d" /storage xfs defaults 0 0
[root@wyt1 ~]# mkdir /storage //创建挂载目录
[root@wyt1 ~]# mount -a //读取挂载文件
[root@wyt1 ~]# df -h //查看挂载
文件系统 容量 已用 可用 已用% 挂载点
devtmpfs 475M 0 475M 0% /dev
tmpfs 487M 0 487M 0% /dev/shm
tmpfs 487M 7.7M 479M 2% /run
tmpfs 487M 0 487M 0% /sys/fs/cgroup
/dev/mapper/centos-root 17G 1.9G 16G 12% /
/dev/sda1 1014M 138M 877M 14% /boot
tmpfs 98M 0 98M 0% /run/user/0
/dev/sdb1 20G 33M 20G 1% /storage
通过远程连接软件上传ISO镜像文件至存储目录/storage
[root@wyt1 ~]# cd /storage/
[root@wyt1 storage]# ls
CentOS-7-x86_64-Everything-1908.iso
创建系统安装镜像
kvm网络管理
添加桥接网络
实例管理
创建虚拟机
插入光盘
设置在 web 上访问虚拟机的密码
启动虚拟机
第二种启动虚拟机方法
虚拟机安装
4. 故障案例
案例一
web界面配置完成后可能会出现以下错误界面
解决方法是安装novnc并通过novnc_server启动一个vnc
[root@wyt ~]# yum -y install novnc
[root@wyt ~]# ll /etc/rc.d/rc.local
-rw-r--r-- 1 root root 513 Mar 11 22:35 /etc/rc.d/rc.local
[root@wyt ~]# chmod +x /etc/rc.d/rc.local
[root@wyt ~]# ll /etc/rc.d/rc.local
-rwxr-xr-x 1 root root 513 Mar 11 22:35 /etc/rc.d/rc.local
[root@wyt ~]# vim /etc/rc.d/rc.local
//添加下列一行
nohup novnc_server 192.168.179.128:5920 &
[root@wyt ~]# source /etc/rc.d/rc.local
案例二
第一次通过web访问kvm时可能会一直访问不了,一直转圈,而命令行界面一直报错(too many open files)
此时需要对nginx进行配置
[root@wyt ~]# vim /etc/nginx/nginx.conf
worker_rlimit_nofile 655350; //添加此行配置
然后对系统参数进行设置
[root@wyt ~]# vim /etc/security/limits.conf
* soft nofile 655350
* hard nofile 655350
[root@wyt ~]# systemctl restart nginx