![首頁 Logo Keith ]p !!](/themes/mytheme/logo.png){kind=logo}
最後更新: 2022-01-05
目錄
- 介紹
- 安裝
- KVM 支援的 VM image
- qemu-img
- qemu-kvm 應用
- VNC
- Console
- Balloon driver & KSM
- Networking
- Storage
- CPU
- OS 是否 VM
介紹
效能比較:
vbox vs kvm vs xen:
kvm > xen > vbox # 使用 paravirtualization device 時
ie.
kvm: virtio
安裝
aptitude install qemu-kvm libvirt-bin // 基本上 kvm 與 qemu 是密不可分的 !!
kernel module:
- loadable kernel module: kvm.ko
- processor specific module: kvm-intel.ko or kvm-amd.ko.
測試本機是否可用 kvm:
kvm-ok <-- 主要是 check /dev/kvm 是否存在
INFO: Your CPU does not support KVM extensions KVM acceleration can NOT be used
此機可以使用 kvm 技術
INFO: /dev/kvm exists KVM acceleration can be used
注意 permission:
crw-rw---- 1 root kvm 10, 232 Jun 9 07:14 /dev/kvm
P.S.
系統能否用 KVM 技術, 取決於 CPU 上有沒有 HVM 功能(for Hardware Virtual Machine).
HVM 是指 CPU 支持虛擬技術的指令集, Intel 的指令集名叫 vt, AMD 的則是 svm
查看:
lsmod | grep kvm
kvm_intel 137721 0 <-- 每多一個 VM 時, 它會加一 kvm 415549 1 kvm_intel
工具:
- kvm <-- 它是 link 去 qemu-system-x86_64 package 的 (另有 qemu-i386, 它是 emulator)
- kvm_stat <-- qemu-kvm
- kvm-img <-- qemu-img package
- kvm-nbd <-- qemu-nbd package
- kvm-ok <-- cpu-checker package
KVM 支援的 VM image format
- raw <-- default format
-
qcow2 ( Encryption: AES-128bit (16 pw), Compression: zlib )
backing_file, backing_fmt, encryption, cluster_size(512bytes -> 2Mbytes), preallocation(off|metadata) - qed
- vdi (1.1)
- vmdk (3,4)
- cloop (Compressed Loop image)
- cow <-- 無用了
- qcow
- vpc
qemu-system-i386 與 qemu-i386 是有所不同的
qemu-system-i386 指的是 kvm
qemu-i386 則是 qemu 模擬器
qemu-kvm 使用:
建立 image:
qemu-img create -f qcow2 VM1.qcow2 5G
啟動:
qemu-system-i386 VM0.raw <-- 最基本, 它會執行 VM0.raw
qemu-system-i386 -m 512 -vga std -vnc :0 -hda VM1.qcow -boot c
qemu-system-i386 -m 512 -vga std -vnc :0 -hda VM1.qcow -cdrom OS.iso -boot c -daemonize
-m megs <---- Default: 384 MB
-smp <n> <---- n 個 CPU Core
-hda/-hdb/-hdc/-hdd file <-- 以IDE 槽掛 IMG
-boot:
- d: cdrom
- c: hard disk
- n: network
-vga
- std
- xenfb
-nographic: disable graphical output and redirect serial I/Os to console
Other Opts
- -k language # keyboard layout
- -balloon none
- -daemonize # daemonize QEMU after initializing
- -serial dev #r edirect the serial port to char device 'dev'
- -snapshot # write to temporary files instead of disk image files
Linux/Multiboot boot specific
- -kernel bzImage use 'bzImage' as kernel image
- -initrd file use 'file' as initial ram disk
- -append cmdline use 'cmdline' as kernel command line
VNC
入門:
-vnc :0 <-- 亦即是 tcp port 5900
進階:
-vnc 0.0.0.0:1,password -k en-us
-k set the keyboard layout
Console:
Hotkey:
vnc 後, 可用以下 hotkey 進入不同的 console
[Ctrl] + [Alt] + [1] console 1: VM 的 Display
[Ctrl] + [Alt] + [2] console 2: QEMU monitor.
[Ctrl] + [Alt] + [3] console 3: Serial output.
[Ctrl] + [Alt] + [4] console 4: Parallel output.
QEMU monitor.
- info history <-- 鍵入過什麼
- info kvm <-- 是否在用 kvm 加速
- info block <-- 有什麼 block device
- info blockstats
- info cpus
- info network
- info vnc
- info pci
換 CD:
(qemu) change ide1-cd0 /path/to/my.iso
(qemu) change ide1-cd0 /dev/sr0 host_device
eject ide1-cd0
USB:
usb_add disk:/tmp/disk.usb
(qemu)info usb
(qemu)usb_del 0.2
VNC Password:
set-password vnc YOU_PW
stop / cont / system_reset / system_powerdown
Quit
quit or q
snapshots
- qemu-snapshot Platte.img
- commit hda
- commit all
- savevm name
- info snapshots
- loadvm name
- commit device or commit all
詳見:
http://www.linux-kvm.org/page/Main_Page
Balloon driver & KSM
KSM (Kernel Sharedpage Merging) 是一種 memory overcommit 技術來,
原理是 de-duplication page, 一般它會與 ballooning 一起出現
KSM:
If any memory regions or pages are identical,
KSM reduces multiple identical memory pages to a single page. (page is then marked CoW)
Ballooning:
不同於 ksm 技術, 它是指在 VM 內安置特別的 Driver,
Ballooning 令到 VM 可以在執行期間改變 RAM 的容量
Remark:
Kernel >= 2.6.32 開始有
所有共享的 page 都是 write-protected page
查看主機是否支援 KSM:
grep KSM /boot/config-`uname -r`
CONFIG_KSM=y
/sys/kernel/mm/ksm# ls
run <-- "1": 代表 ksmd 已被啟動; "0": stop ksmd from running but keep merged pages; "2": stop & unmerge pages
full_scans <-- full scans 進行了多少次
pages_sharing <-- how many more sites are sharing the (how much saved)
pages_shared <-- Total pages shared. (how many shared pages are being used)
pages_unshared <-- how many pages unique but repeatedly checked for merging
pages_to_scan <-- 每 N % 的 mergeable areas 被 scan 了完後 KSM proccess 才 sleep (sleep_millisecs) [Default: 100]
sleep_millisecs <-- milliseconds
pages_volatile <-- 有幾多 page 時常改變
* A high ratio of pages_sharing to pages_shared indicates good sharing
* A high ratio of pages_unshared to pages_sharing indicates wasted effort.
此外, 在系統上會見到有 [ksmd] 在執行工作
ballooning
(qemu) info balloon
(qemu) balloon 400 <-- vm 現在只可用 400 MB 了
Windows Virtio Drivers: (Redhat 出的)
- ballooning memory <--- PCI standard RAM Controller
- virtioserial
- network
- viostor ( block drivers )
下載:
http://alt.fedoraproject.org/pub/alt/virtio-win/latest/images/bin/
安裝 blnsvr (BalloonService):
- blnsvr -i
- blnsvr -u
Networking
-nic
A shortcut for configuring both the on-board guest NIC hardware and the host network backend in one go.
The host backend options are the same as with the corresponding -netdev options below.
Syntax
-nic # Default NIC with "user" host network backend
-nic none
-nic [tap|bridge|user|l2tpv3|vde|netmap|vhost-user|socket][,...][,mac=macaddr][,model=mn]
user-mode: (Default)
* requires no administrator privilege to run
-nic user,ipv6=off
Default 會以 DHCP 派 IP 比 Guest
IP 在 10.0.2.0/24 內 # net=addr[/mask]
而 hypervisor 端的 IP 是 x.x.x.2 (ip link 是沒有它的) # host=addr
ipv6=off => Disable IPv6
port forward (hostfwd):
hostfwd=[tcp|udp]:[hostaddr]:hostport-[guestaddr]:guestport
hostaddr=0.0.0.0 # default
ie.
-nic user,ipv6=off,hostfwd=tcp:127.0.0.1:22001-:22
基本設定: model & mac
# model=e1000 (Default NIC) # 查看支援的 model: qemu-system-x86_64 -nic model=help
# mac=xx:xx:xx:yy:yy:yy # 非必要
-nic mac=00:00:00:88:88:01
雙 NIC
-nic mac=52:54:00:88:88:01 -nic mac=52:54:00:88:88:02
Generate a random mac address
printf '52:54:00:88:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256))
tap bridged:
-nic tap,ifname=ros,mac=52:54:00:88:88:02
Script
,script=file,downscript=dfile
If name is not provided, the default network configure script is
- /etc/qemu-ifup # to add the tap device to the same bridge as we have default routing to.
- /etc/qemu-ifdown
Use script=no or downscript=no to disable script execution.
My qemu-ifup script:
touch /etc/my-qemu-ifup
chmod 750 /etc/my-qemu-ifup
#!/bin/sh SW=ros_br0 if [ -n "$1" ];then /sbin/ip link set $1 up sleep 1 /sbin/ip link set $1 master $SW exit 0 else echo "Error: no interface specified" exit 1 fi
-nic tap,ifname=ros,mac=52:54:00:88:88:02,script=/etc/my-qemu-ifup
routing
Host:
sysctl -w net.ipv4.ip_forward=1 # allow forwarding of IPv4
route add -host <ip-of-client> dev <tap-device> # add route to the client
VM:
route add -host <ip-of-host> dev <network-interface>
route add default gw <ip-of-host>
virtio:
... -nic model=virtio,mac= ...
Storage
The default storage driver: IDE
查看支援什麼 device
qemu-system-i386 -device ?
Controller/Bridge/Hub devices:
.............
Misc devices:
.............
name "virtio-balloon-device", bus virtio-bus
name "virtio-balloon-pci", bus PCI, alias "virtio-balloon"
name "virtio-rng-device", bus virtio-bus
name "virtio-rng-pci", bus PCI
.............
Uncategorized devices:
.............cache 的方式:
- writethrough (default) safe
- cache=none
virtio:
qemu -drive file=/dev/mapper/ImagesVolumeGroup-Guest1,cache=none,if=virtio
CPU
限制 CPU 可用的指令集:
qemu -cpu qemu64,+ssse3,+sse4.1,+sse4.2,+x2apic
查看 CPU 類型及支援什麼指令集
qemu-system-x86_64 -cpu ?
Guest 可以用 host 上除 vms 外所有指令集:
qemu -cpu host,-vmx* 好易出事, 如非必要, 勿用 !!
Default Config
-no-user-config
The "-no-user-config" option makes QEMU not load any of the user-provided config files on sysconfdir
-nodefaults
Don't create default devices. Normally, QEMU sets the default devices like serial port, parallel port, virtual console, monitor device, VGA adapter, floppy and CD-ROM drive and others.
Other Setting
-no-shutdown
Don't exit QEMU on guest shutdown, but instead only stop the emulation.
This allows for instance switching to monitor to commit changes to the disk image.
-realtime mlock=on|off
Run qemu with realtime features.
mlocking qemu and guest memory can be enabled via mlock=on
(enabled by default)
OS 是否 VM
Windows
msinfo32
"System Manufacturer" and "System Model items"
VNC & Console
VNC
-vnc 192.168.88.150:9 -device cirrus-vga
Serial Console
-serial OPT
telnet:host:port[,server][,nowait][,nodelay]
The telnet protocol is used instead of raw tcp sockets.
If you use the server option QEMU will wait for a client socket application
to connect to the port before continuing, unless the "nowait" option was specified.
ie.
-serial telnet:localhost:23001,server,nowait
Time
-no-hpet
The High Precision Event Timer
-rtc
Specify base as "utc" or "localtime" to let the RTC start
-rtc base=utc
Daemonize
-daemonize # Daemonize the QEMU process after initialization.
-pidfile file # Store the QEMU process PID in file.
用 cmd start routeros
start.sh
#!/bin/bash LIVECD=/mnt/raid/_iso/systemrescuecd/systemrescuecd-x86-4.9.2.iso HDD=/kvm/vm/ros/ros.qcow2 SN=00000000000000000001 Model="VMware Virtual IDE Hard Drive" PID=/kvm/vm/ros/ros.pid /usr/bin/qemu-system-x86_64 -name guest=ROS \ -machine pc-i440fx-3.1,accel=kvm,usb=off,vmport=off,dump-guest-core=off \ -cpu SandyBridge -smp 1,sockets=1,cores=1,threads=1 \ -m 512 -realtime mlock=off \ -uuid 036a8e6e-adba-4887-8179-ce782dd2f2e4 \ -boot order=c \ -no-user-config -nodefaults \ -rtc base=utc -no-hpet \ -drive file=$HDD,format=qcow2,if=none,id=drive-ide0-0-0 \ -device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,serial=$SN,model="$Model" \ -drive file=$LIVECD,format=raw,if=none,id=drive-ide0-1-0,readonly=on \ -device ide-cd,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 \ -nic tap,ifname=ros-wan,model=virtio,mac=52:54:00:88:88:01,vhost=on \ -nic tap,ifname=ros-lan,model=virtio,mac=52:54:00:88:88:02,script=/etc/my-qemu-ifup,vhost=on \ -vnc 192.168.88.150:9 -device cirrus-vga \ -serial telnet:localhost:23001,server,nowait \ -daemonize -pidfile $PID
* "-cpu host" 設定時 Guest 會 start 唔到
