[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
howtos:general_admin:kvm_libvirt [2013/07/10 11:59 (UTC)] – [Resources] fixed link fdonkers | howtos:general_admin:kvm_libvirt [2015/06/27 06:45 (UTC)] (current) – [Guest configuration]Tiny invisible change for syntax rightness. didierspaier | ||
---|---|---|---|
Line 9: | Line 9: | ||
Libvirt can be installed using a slackbuild script from [[http:// | Libvirt can be installed using a slackbuild script from [[http:// | ||
- | The slackware kernel has the KVM module enabled. The libvirt startup script will check the CPU and modprobe the correct driver. User-space tools are supplied | + | The slackware kernel has the KVM module enabled. The libvirt startup script will check the CPU and modprobe the correct driver. User-space tools are supplied |
A graphical desktop management tool, // | A graphical desktop management tool, // | ||
- | |||
===== Configuration ===== | ===== Configuration ===== | ||
- | ==== libvirtd daemon ==== | ||
- | First, configure the libvirt daemon. This is done by editing the ''/ | ||
- | < | ||
- | ca_file = "/ | ||
- | </ | ||
- | If you want to manage virtual machines as a regular user, uncomment the following options: | ||
- | < | ||
- | unix_sock_group = " | ||
- | unix_sock_ro_perms = " | ||
- | unix_sock_rw_perms = " | ||
- | </ | ||
- | This will assume a group '' | ||
- | |||
- | ==== PolicyKit setup ==== | ||
- | Libvirt is built by default with PolicyKit support. If you want to disable this, edit ''/ | ||
- | < | ||
- | auth_unix_ro = " | ||
- | auth_unix_rw = " | ||
- | </ | ||
- | |||
- | To use PolicyKit, a new file containing policy rules needs to be created in the ''/ | ||
- | * Full management access: rule = org.libvirt.unix.manage. | ||
- | * Read-only, or monitoring access: rule = org.libvirt.unix.monitor. | ||
- | |||
- | Example to give management access to all users of a given group: | ||
- | < | ||
- | [libvirt Management Access] | ||
- | Identity=unix-group: | ||
- | Action=org.libvirt.unix.manage | ||
- | ResultAny=yes | ||
- | ResultInactive=yes | ||
- | ResultActive=yes | ||
- | </ | ||
- | This allows all users of the '' | ||
- | |||
- | To allow access on a per-user basis, use the // | ||
- | < | ||
- | [libvirt Management Access] | ||
- | Identity=unix-user: | ||
- | Action=org.libvirt.unix.manage | ||
- | ResultAny=yes | ||
- | ResultInactive=yes | ||
- | ResultActive=yes | ||
- | </ | ||
- | This will grant user //frank// management access to libvirt. | ||
==== Automatic startup ==== | ==== Automatic startup ==== | ||
Line 247: | Line 201: | ||
* Source path = directory on the host which is shared. | * Source path = directory on the host which is shared. | ||
* Target path = mount tag that is made available on the guest system. This doesn' | * Target path = mount tag that is made available on the guest system. This doesn' | ||
- | | + | Option //Export filesystem as readonly mount// does what it suggests. |
==== Mounting the share ==== | ==== Mounting the share ==== | ||
To mount the filesystem with tag '' | To mount the filesystem with tag '' | ||
< | < | ||
- | # mount -t 9p -o trans=virtio hostshare /mnt/share | + | # mount -t 9p -o trans=virtio, |
</ | </ | ||
Now the /mnt/share folder is available and changes are visible on the host and the guest. When permission errors occur, try sharing the host directory with a different mode. | Now the /mnt/share folder is available and changes are visible on the host and the guest. When permission errors occur, try sharing the host directory with a different mode. | ||
- | |||
===== Remote access ===== | ===== Remote access ===== | ||
< | < | ||
+ | ===== Advanced topics ===== | ||
+ | |||
+ | ==== Mount qcow image using nbd ==== | ||
+ | Raw disk images can be mounted outside the virtual machine using a loopback device. To mount other image types like qcow, the '' | ||
+ | |||
+ | Start by loading the kernel module. The only parameter is the maximum partitions to be accessed. If this parameter is omitted, the default value is 0, which means no partitions will be mapped. | ||
+ | < | ||
+ | # modprobe nbd max_part=8 | ||
+ | </ | ||
+ | This will create various new devices ''/ | ||
+ | < | ||
+ | # qemu-nbd -c /dev/ndb0 slackware.img | ||
+ | </ | ||
+ | This will create additional devices ''/ | ||
+ | < | ||
+ | # fdisk /dev/nbd0 | ||
+ | # mount /dev/nbd0p1 /mnt/hd | ||
+ | </ | ||
+ | <note important> | ||
+ | To remove the connection: | ||
+ | < | ||
+ | # qemu-nbd -d /dev/nbd0 | ||
+ | </ | ||
+ | |||
+ | ==== Setup PXE boot in libvirt ==== | ||
+ | To enable PXE booting for the guest machines, a PXE boot server and a TFTP server are needed. Libvirt can be configured to handle both internally. These configuration options are not available in virt-manager, | ||
+ | |||
+ | - Create a directory ''/ | ||
+ | - Stop the default network and edit the network definition: < | ||
+ | # virsh net-destroy default | ||
+ | # virsh net-edit default | ||
+ | </ | ||
+ | - This will open the network configuration in a vi session. Add the //tftp// and //bootp// parameters in the //ip// section and save the file: < | ||
+ | <ip address=' | ||
+ | <tftp root='/ | ||
+ | < | ||
+ | <range start=' | ||
+ | <bootp file=' | ||
+ | </ | ||
+ | </ip> | ||
+ | </ | ||
+ | - Now restart the network: < | ||
+ | # virsh net-start default | ||
+ | </ | ||
+ | |||
+ | Now the libvirt DHCP server will allow guests to PXE boot. | ||
===== Troubleshooting ===== | ===== Troubleshooting ===== | ||
==== Remove password prompt in virt-manager ==== | ==== Remove password prompt in virt-manager ==== | ||
- | When you start virt-manager as a regular user, you may still be asked for the root password, even when you have setup the correct unix socket permissions (notification: | + | When you start virt-manager as a regular user, you may still be asked for the root password, even when you have setup the correct unix socket permissions (notification: |
+ | < | ||
+ | auth_unix_ro = " | ||
+ | auth_unix_rw = " | ||
+ | </ | ||
==== Improve mouse movement ==== | ==== Improve mouse movement ==== | ||
In graphics mode, the mouse movement can be erratic and difficult to change in the settings of your VM. To solve this, add a virtual tablet. | In graphics mode, the mouse movement can be erratic and difficult to change in the settings of your VM. To solve this, add a virtual tablet. |