Hetzner - DokuWiki

KVM mit libvirt/en

Inhaltsverzeichnis

The Basic Situation for Virtualisation with KVM and libvirt

Virtual machines should use KVM on a host supported by libvirt (such as CentOS 5.x, RHEL 5, Scientific Linux 5, Ubuntu 9.10, etc.). The VMs should be accessed directly from the Internet (without NAT/masquerading and/or port forwarding). Moreover, setup should take place with tools i.e. via libvirt (almost) without own scripts.

Owing to Hetzner network configuration (IPs are only routed on and by the MAC address of the dedicated server) a standard bridged setup is not possible as the VMs have an own MAC address and so are not allowed to communicate with the Hetzner network. Therefore, a so-called 'routed setup' is necessary.

In this configuration no IPs are "lost". The host machine requires one IP (if it is to be reached by IPv4) and each of the VMs needs at least one IP.

If a subnet is to be set up, corresponding IPs for net address, gateway and broadcast are lost.

Summary

  • For the additional IPs, a "routed" bridge is set up using the host IP address with libvirt.
  • Special routes are configured on the host, so that the IP addresses of the VMs are taken care of via the "routed" bridge.

Similarly, a virtual net is set up in routed mode for each subnet.

Preparing the Host System

The host IP address is configured as described in CentOS Network Configuration or Debian Network Configuration (this should happen anyway - regardless of virtualisation!).

Attention: The additional IP addresses are not set up on the host!

Then the bridges are set up as described in Netzkonfiguration für Xen und KVM mit libvirt (currently only in German).

Activating IP Forwarding (optional)

libvirt usually takes over the activation of IP forwarding. To be on the safe side, you can permanently configure this. The following entry is supplemented in file /etc/sysconfig/network on CentOS/Fedora:

FORWARD_IPV4=true

Forwarding is activated in /etc/sysctl.conf on Debian/Ubuntu:

net.ipv4.ip_forward=1

Creating a Storage Pool

To conveniently manage (e.g. via virt-manager) the available storage later (e.g. from an LVM Volume Group) the corresponding pool now needs to be set up.

If a volume group has already been created with the name vm-storage, the following template can be used.

<pool type="logical">
  <name>MyVmStorage/name>
    <target>
      <path>/dev/vm-storage</path>
     </target>
 </pool>

Or a whole drive / partition:

 <pool type="disk">
   <name>sdb</name>
   <source>
     <device path='/dev/sdb'/>
   </source>
   <target>
     <path>/dev</path>
   </target>
 </pool>

or a normal (mounted) directory:

 <pool type="dir">
   <name>virtimages</name>
     <target>
       <path>/var/lib/virt/images</path>
     </target>
   </pool>

Once the XML file (e.g. MyVmStorage.xml) has been created, the pool now needs to be made known to libvirt.

virsh pool-define MyVmStorage

Now "start" the pool and set it to start automatically (the name of the defined user needs to be used here).

virsh pool-start MyVmStorage
virsh pool-autostart MyVmStorage

Installing the VMs

A new route needs to be set up for each VM to be installed (as described in the above paragraph). When the VMs are installed, the "hetzner-netz" network should be selected.

To initially install a Fedora or CentOS VM, you need to deviate from the correct IP Configuration as otherwise the installer will generate wrong routes. Therefore, select manual IP configuration, enter the additional IP received from Hetzner, use as net mask e.g. "255.255.255.248" (the main IP needs to fall outside) and use the host IP as gateway.

After the VM is installed, manually adjust the correct IP configuration in the VM.

Autostarting the VMs

So that the VMs can automatically be started on booting the server, these need to be marked either via the virt-manager or virsh.

virsh autostart <domainname>

libvirt Network Configuration of VMs

Normally, virt-install / virt-manager almost always create the correct XML templates. These are usually in /etc/libvirt/qemu/. These need to be adjusted for the additional IPs, as the Brouter is not managed by libvirt and so the interface needs to be set manually:

<interface type='bridge'>
   <mac address='54:52:00:XX:YY:ZZ'/>
   <source bridge='br0'/>
   <model type='virtio'/>
</interface>

usually nothing needs to be changed for subnets:

  <interface type='network'>
    <mac address='54:52:00:XX:YY:ZZ'/>
    <source network='hetzner-subnetz1'/>
  <model type='virtio'/>
</interface>

If VMs already exist, you may need to adjust the name of the source network so that the virtual network card is connected to the correct "routed" bridge.

For best performance, the virtio model should be used. Other acceptable models of NIC are: ne2k_isa i82551 i82557b i82559er ne2k_pci pcnet rtl8139 e1000

Acknowledgement

Thank you very much for the many contributions in the Hetzner forum, which have been a great help to the initial author of this page (user: Martinj) and others (e.g. User:Felix S).



© 2018. Hetzner Online GmbH. Alle Rechte vorbehalten.