[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.

Welcome to the Slackware Documentation Project

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
howtos:general_admin:kvm_libvirt [2013/07/09 14:44 (UTC)] – [Creation and maintenance] fdonkershowtos:general_admin:kvm_libvirt [2015/06/27 06:45 (UTC)] (current) – [Guest configuration]Tiny invisible change for syntax rightness. didierspaier
Line 9: Line 9:
 Libvirt can be installed using a slackbuild script from [[http://www.slackbuilds.org|slackbuilds.org]]. It provides a daemon that interacts between applications and virtual machines. It also provides a command-line shell, //virsh//, that can be used to manage virtual machines and to configure the libvirt environment. Virsh can also be used in shell scripts to start and stop virtual machines. Libvirt can be installed using a slackbuild script from [[http://www.slackbuilds.org|slackbuilds.org]]. It provides a daemon that interacts between applications and virtual machines. It also provides a command-line shell, //virsh//, that can be used to manage virtual machines and to configure the libvirt environment. Virsh can also be used in shell scripts to start and stop virtual machines.
  
-The slackware kernel has the KVM module enabled. The libvirt startup script will check the CPU and modprobe the correct driver. User-space tools are supplied in the form of a modified QEMU, //qemu-kvm//. This QEMU version is available from slackbuilds.org and has KVM support built-inOnly the x86 platform is supportedSince the main binary is called //qemu-kvm//, it can be installed next to the original QEMU.+The slackware kernel has the KVM module enabled. The libvirt startup script will check the CPU and modprobe the correct driver. User-space tools are supplied with QEMU, which is available from [[http://www.slackbuilds.org|slackbuilds.org]]Previously, a modified QEMU, //qemu-kvm//, was used. Since version 1.3 however, QEMU incorporates those changes and qemu-kvm is depricated
  
 A graphical desktop management tool, //virt-manager//, is also available on slackbuilds.org. This provides an overview of all virtual machines and has a nice wizard to create new virtual machines in an easy way.  A graphical desktop management tool, //virt-manager//, is also available on slackbuilds.org. This provides an overview of all virtual machines and has a nice wizard to create new virtual machines in an easy way. 
- 
 ===== Configuration ===== ===== Configuration =====
  
-==== libvirtd daemon ==== 
-First, configure the libvirt daemon. This is done by editing the ''/etc/libvirt/libvirtd.conf'' file. Fix the default CA certificate path by editing the ''ca-file'' option:  
-<code> 
-ca_file = "/etc/ssl/certs/cacert.org.pem" 
-</code> 
  
-If you want to manage virtual machines as a regular user, uncomment the following options:  
-<code> 
-unix_sock_group = "libvirt" 
-unix_sock_ro_perms = "0777" 
-unix_sock_rw_perms = "0770" 
-</code> 
-This will assume a group ''libvirt''. Create this new group and add your user to it, or use a different group. 
- 
-==== PolicyKit setup ==== 
-Libvirt is built by default with PolicyKit support. If you want to disable this, edit ''/etc/libvirt/libvirtd.conf''. Uncomment the following options and change them to ''none'' : 
-<code> 
-auth_unix_ro = "none" 
-auth_unix_rw = "none" 
-</code> 
- 
-To use PolicyKit, a new file containing policy rules needs to be created in the ''/etc/polkit-1/localauthority/50-local.d'' directory. The file needs to start with a 2-digit number and have a ''pkla'' extension. For example: ''50-libvirt-authorization.pkla''. The following authorization can be issued:  
-  * Full management access: rule = org.libvirt.unix.manage. 
-  * Read-only, or monitoring access: rule = org.libvirt.unix.monitor. 
- 
-Example to give management access to all users of a given group:  
-<code> 
-[libvirt Management Access] 
-Identity=unix-group:libvirt 
-Action=org.libvirt.unix.manage 
-ResultAny=yes 
-ResultInactive=yes 
-ResultActive=yes 
-</code> 
-This allows all users of the ''libvirt'' group to manage virtual machines. The //libvirt Management Access// name is an arbitrary text you can change to fit your needs.  
- 
-To allow access on a per-user basis, use the //Identity=unix-user// option :  
-<code> 
-[libvirt Management Access] 
-Identity=unix-user:frank 
-Action=org.libvirt.unix.manage 
-ResultAny=yes 
-ResultInactive=yes 
-ResultActive=yes 
-</code> 
-This will grant user //frank// management access to libvirt.  
  
 ==== Automatic startup ==== ==== Automatic startup ====
Line 247: Line 201:
   * Source path = directory on the host which is shared.   * Source path = directory on the host which is shared.
   * Target path = mount tag that is made available on the guest system. This doesn't have to be an existing path.   * Target path = mount tag that is made available on the guest system. This doesn't have to be an existing path.
-  Option //Export filesystem as readonly mount// does what it suggests. +Option //Export filesystem as readonly mount// does what it suggests. 
  
 ==== Mounting the share ==== ==== Mounting the share ====
 To mount the filesystem with tag ''hostshare'' on the guest at ''/mnt/share'', logon to the guest and use:  To mount the filesystem with tag ''hostshare'' on the guest at ''/mnt/share'', logon to the guest and use: 
 <code> <code>
-# mount -t 9p -o trans=virtio hostshare /mnt/share+# mount -t 9p -o trans=virtio,version=9p2000.L hostshare /mnt/share
 </code> </code>
 Now the /mnt/share folder is available and changes are visible on the host and the guest. When permission errors occur, try sharing the host directory with a different mode.  Now the /mnt/share folder is available and changes are visible on the host and the guest. When permission errors occur, try sharing the host directory with a different mode. 
- 
 ===== Remote access ===== ===== Remote access =====
  
 <note>Work in progress</note> <note>Work in progress</note>
  
 +===== Advanced topics ===== 
 +
 +==== Mount qcow image using nbd ====
 +Raw disk images can be mounted outside the virtual machine using a loopback device. To mount other image types like qcow, the ''qemu-nbd'' command can be used, which comes with qemu-kvm. It relies on the nbd (network block device) kernel module. 
 +
 +Start by loading the kernel module. The only parameter is the maximum partitions to be accessed. If this parameter is omitted, the default value is 0, which means no partitions will be mapped. 
 +<code>
 +# modprobe nbd max_part=8
 +</code>
 +This will create various new devices ''/dev/nbdxx''. Now the disk image can be connected to one of them:  
 +<code>
 +# qemu-nbd -c /dev/ndb0 slackware.img
 +</code>
 +This will create additional devices ''/dev/nbd0pxx'' for the partitions on the disk. Partitions are numbered sequentially starting with 1. You can use the nbd0 device to access the whole disk, or the nbd0pxx devices to access the partitions:   
 +<code>
 +# fdisk /dev/nbd0
 +# mount /dev/nbd0p1 /mnt/hd
 +</code>
 +<note important>Make sure the virtual machine is not running when you mount the disk image. Mounting the disk of a running machine will damage it.</note>
 +To remove the connection:  
 +<code>
 +# qemu-nbd -d /dev/nbd0
 +</code>
 +
 +==== Setup PXE boot in libvirt ====
 +To enable PXE booting for the guest machines, a PXE boot server and a TFTP server are needed. Libvirt can be configured to handle both internally. These configuration options are not available in virt-manager, so virsh must be used to set this up. 
 +
 +  - Create a directory ''/tftpboot'' and fill with the required files for the tftp boot service. See the article [[http://alien.slackbook.org/dokuwiki/doku.php?id=slackware:pxe|PXE: Installing Slackware over the network]] by AlienBOB for more details. 
 +  - Stop the default network and edit the network definition: <code>
 +# virsh net-destroy default
 +# virsh net-edit default
 +</code>
 +  - This will open the network configuration in a vi session. Add the //tftp// and //bootp// parameters in the //ip// section and save the file: <code>
 +  <ip address='192.168.122.1' netmask='255.255.255.0'>
 +    <tftp root='/tftpboot' />
 +    <dhcp>
 +      <range start='192.168.122.2' end='192.168.122.254' />
 +      <bootp file='pxelinux.0' />
 +    </dhcp>
 +  </ip>
 +</code> 
 +  - Now restart the network: <code>
 +# virsh net-start default
 +</code>
 +
 +Now the libvirt DHCP server will allow guests to PXE boot.
 ===== Troubleshooting ===== ===== Troubleshooting =====
  
 ==== Remove password prompt in virt-manager ==== ==== Remove password prompt in virt-manager ====
-When you start virt-manager as a regular user, you may still be asked for the root password, even when you have setup the correct unix socket permissions (notification: "system policy prevents management of local virtualized systems"). This is the result of libvirt using PolicyKit. Either disable the use of PolicyKit or create a correct PolicyKit file. See //PolicyKit/section above+When you start virt-manager as a regular user, you may still be asked for the root password, even when you have setup the correct unix socket permissions (notification: "system policy prevents management of local virtualized systems"). This is because older versions of libvirt were using PolicyKit by defaultDisable the use of PolicyKit by editing ''/etc/libvirt/libvirtd.conf''. Uncomment the following options and change them to ''none'' : 
 +<code> 
 +auth_unix_ro = "none" 
 +auth_unix_rw = "none" 
 +</code>
 ==== Improve mouse movement ==== ==== Improve mouse movement ====
 In graphics mode, the mouse movement can be erratic and difficult to change in the settings of your VM. To solve this, add a virtual tablet.  In graphics mode, the mouse movement can be erratic and difficult to change in the settings of your VM. To solve this, add a virtual tablet. 
Line 305: Line 307:
  
   * Official pages for [[http://libvirt.org|libvirt]], [[http://virt-manager.org|virt-manager]], [[http://wiki.qemu.org/Index.html|QEMU]], [[http://www.linux-kvm.org/page/Main_Page|KVM]].   * Official pages for [[http://libvirt.org|libvirt]], [[http://virt-manager.org|virt-manager]], [[http://wiki.qemu.org/Index.html|QEMU]], [[http://www.linux-kvm.org/page/Main_Page|KVM]].
-  * Red Hat [[https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6-Beta/html/Virtualization_Administration_Guide/index.html|Virtualization Administration Guide]].+  * Red Hat [[https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Virtualization_Administration_Guide/index.html|Virtualization Administration Guide]].
  
 ===== Sources ===== ===== Sources =====

Trace:

howtos:general_admin:kvm_libvirt ()