Difference between revisions of "KVM"

From Dogtag
Jump to: navigation, search
m (References)
m (Configuring Port Forwarding)
 
Line 147: Line 147:
  
 
= Configuring Port Forwarding =
 
= Configuring Port Forwarding =
 +
 +
To configure port forwarding:
  
 
<pre>
 
<pre>
Line 156: Line 158:
 
$ iptables -A FORWARD -i virbr0 -o eth0 -j ACCEPT
 
$ iptables -A FORWARD -i virbr0 -o eth0 -j ACCEPT
 
$ iptables -A FORWARD -i virbr0 -o lo -j ACCEPT
 
$ iptables -A FORWARD -i virbr0 -o lo -j ACCEPT
 +
</pre>
 +
 +
To verify port forwarding configuration:
 +
 +
<pre>
 +
$ iptables -n -L FORWARD
 +
$ iptables -t nat -n -L PREROUTING
 +
$ iptables -t nat -n -L POSTROUTING
 +
</pre>
 +
 +
To remove port forwarding:
 +
 +
<pre>
 +
$ iptables -D FORWARD -o virbr0 -d 192.168.124.<n> -j ACCEPT
 +
$ iptables -t nat -D PREROUTING -p tcp --dport 8080 -j DNAT --to 192.168.124.<n>:8080
 +
$ iptables -D FORWARD -o virbr0 -d 192.168.124.<n> -j ACCEPT
 +
$ iptables -t nat -D POSTROUTING -s 192.168.124.0/24 -j MASQUERADE
 +
$ iptables -D FORWARD -o virbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT
 +
$ iptables -D FORWARD -i virbr0 -o eth0 -j ACCEPT
 +
$ iptables -D FORWARD -i virbr0 -o lo -j ACCEPT
 
</pre>
 
</pre>
  

Latest revision as of 06:27, 14 January 2020

Installation

$ dnf install @virtualization

Starting the Service

$ systemctl start libvirtd

Creating a Storage

See Storage Management.

Sparse Raw File

$ rm -f /var/lib/libvirt/images/guest.img
$ truncate --size=10240M /var/lib/libvirt/images/guest.img

QCOW2

$ qemu-img create -f qcow2 /var/lib/libvirt/images/guest.qcow2 10240

Installing a Guest

Installing QCOW2 Image

To create a VM from a QCOW2 image:

$ virt-install --name <name> --memory 1024 --import --disk path=<image> --noautoconsole

Installing Fedora ISO

To create a Fedora 28 VM:

$ virt-install \
    --name fedora \
    --memory 1024 \
    --disk path=/var/lib/libvirt/images/guest.qcow2,size=10 \
    --network bridge=virbr0 \
    --graphics vnc,listen=127.0.0.1,port=5901 \
    --cdrom /var/lib/libvirt/images/Fedora-Workstation-Live-x86_64-28-1.1.iso \
    --noautoconsole

Installing Debian ISO

$ virt-install \
    --name debian \
    --memory 1024 \
    --disk size=10 \
    --cdrom /var/lib/libvirt/images/debian-9.5.0-amd64-netinst.iso

Connecting to VM

Connect with VNC to 127.0.0.1:1.

$ dnf install spice-vdagent
$ systemctl start spice-vdagentd

Running KVM

Start the VM with the following command:

$ virt-manager

Managing Virtual Machines

To list running virtual machines:

$ virsh list

To show virtual machine configuration:

$ virsh dumpxml <machine>

To find the mac address:

$ virsh dumpxml <machine> | grep -i '<mac'

Managing Networks

To display available networks:

$ virsh net-list

To show network configuration:

$ virsh net-dumpxml <network>

To configure port forwarding:

$ virsh net-edit <network>

Add a <host> element as follows:

<network>
    <dhcp>
      <range start='192.168.124.<start>' end='192.168.124.<end>'/>
      <host mac='<mac address>' name='<machine>' ip='192.168.124.<n>'/>
    </dhcp>
  </ip>
</network>

Then restart the network:

$ virsh net-destroy default
$ virsh net-start default

If that doesn't work, restart

$ virsh shutdown <machine>
$ systemctl restart libvirtd
$ virsh start <machine>
$ ping 192.168.124.<n>

Configuring Port Forwarding

To configure port forwarding:

$ iptables -I FORWARD -o virbr0 -d 192.168.124.<n> -j ACCEPT
$ iptables -t nat -I PREROUTING -p tcp --dport 8080 -j DNAT --to 192.168.124.<n>:8080
$ iptables -I FORWARD -o virbr0 -d 192.168.124.<n> -j ACCEPT
$ iptables -t nat -A POSTROUTING -s 192.168.124.0/24 -j MASQUERADE
$ iptables -A FORWARD -o virbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT
$ iptables -A FORWARD -i virbr0 -o eth0 -j ACCEPT
$ iptables -A FORWARD -i virbr0 -o lo -j ACCEPT

To verify port forwarding configuration:

$ iptables -n -L FORWARD
$ iptables -t nat -n -L PREROUTING
$ iptables -t nat -n -L POSTROUTING

To remove port forwarding:

$ iptables -D FORWARD -o virbr0 -d 192.168.124.<n> -j ACCEPT
$ iptables -t nat -D PREROUTING -p tcp --dport 8080 -j DNAT --to 192.168.124.<n>:8080
$ iptables -D FORWARD -o virbr0 -d 192.168.124.<n> -j ACCEPT
$ iptables -t nat -D POSTROUTING -s 192.168.124.0/24 -j MASQUERADE
$ iptables -D FORWARD -o virbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT
$ iptables -D FORWARD -i virbr0 -o eth0 -j ACCEPT
$ iptables -D FORWARD -i virbr0 -o lo -j ACCEPT

References